Compare commits

..

2 commits

Author SHA1 Message Date
dba17de73c
fix config 2024-11-29 22:48:01 +01:00
ceda4f1791
add fmt to flake, reduce abstraction layers 2024-11-27 09:47:58 +01:00
14 changed files with 230 additions and 64 deletions

View file

@ -143,8 +143,8 @@ in
); );
sway_conf = concatLines ( sway_conf = concatLines (
(build_conf sway.config) (optional sway.bar.enable bar_config)
++ optional sway.bar.enable bar_config ++ (build_conf sway.config)
++ (mapAttrsToList ( ++ (mapAttrsToList (
name: value: name: value:
"output ${value.id} mode ${value.mode}" "output ${value.id} mode ${value.mode}"

View file

@ -23,7 +23,7 @@ let
sway sway
; ;
inherit (config.boot.kernelPackages) x86_energy_perf_policy cpupower; inherit (config.boot.kernelPackages) x86_energy_perf_policy cpupower;
enable_perf_policy = (elem system x86_energy_perf_policy.meta.platforms); enable_perf_policy = false; # (elem system x86_energy_perf_policy.meta.platforms);
powersave = writeShellScriptBin "powersave-mode" ( powersave = writeShellScriptBin "powersave-mode" (
concatLines ( concatLines (

View file

@ -5,12 +5,10 @@
... ...
}: }:
let let
inherit (config.grimmShared) enable printing graphical; inherit (config.grimmShared) enable graphical;
in in
{ {
config = lib.mkIf (enable && printing) { config = lib.mkIf (enable && config.services.printing.enable) {
# Enable CUPS to print documents.
services.printing.enable = true;
services.printing.drivers = with pkgs; [ services.printing.drivers = with pkgs; [
brgenml1lpr brgenml1lpr
brgenml1cupswrapper brgenml1cupswrapper
@ -20,7 +18,7 @@ in
nssmdns4 = true; nssmdns4 = true;
openFirewall = true; openFirewall = true;
}; };
services.printing.cups-pdf.enable = true; # services.printing.cups-pdf.enable = true;
hardware.sane.brscan4.enable = true; # enables support for SANE scanners hardware.sane.brscan4.enable = true; # enables support for SANE scanners
environment.systemPackages = ( environment.systemPackages = (
@ -30,6 +28,4 @@ in
] ]
); );
}; };
options.grimmShared.printing = lib.mkEnableOption "Enables print and scan related options";
} }

View file

@ -11,11 +11,10 @@ in
{ {
imports = [ ./apparmor-d-module.nix ]; # ./aa-alias-module.nix ]; imports = [ ./apparmor-d-module.nix ]; # ./aa-alias-module.nix ];
config = mkIf (enable && tooling.enable) { config = mkIf (enable && tooling.enable && config.security.apparmor.enable) {
services.dbus.apparmor = "enabled"; services.dbus.apparmor = "enabled";
security.auditd.enable = true; security.auditd.enable = true;
security.apparmor.enable = true;
security.apparmor.enableCache = true; security.apparmor.enableCache = true;
security.apparmor.includes."tunables/alias.d/programs" = '' security.apparmor.includes."tunables/alias.d/programs" = ''
@ -74,6 +73,8 @@ in
"local/pass" = '' "local/pass" = ''
${getExe' pkgs.pass ".pass-wrapped"} rix, ${getExe' pkgs.pass ".pass-wrapped"} rix,
@{nix_store}/wl-copy rUx,
@{nix_store}/wl-paste rUx,
''; '';
"local/pass_gpg" = '' "local/pass_gpg" = ''

View file

@ -1,4 +1,10 @@
{ pkgs, lib, ... }: {
pkgs,
lib,
inputs,
system,
...
}:
{ {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
(writeShellScriptBin "nix-referrers" "nix-store --query --referrers $@") (writeShellScriptBin "nix-referrers" "nix-store --query --referrers $@")
@ -14,6 +20,7 @@
nvd nvd
vulnix vulnix
nix-init nix-init
inputs.nixpkgs-update.packages."${system}".default
]; ];
environment.sessionVariables = environment.sessionVariables =

View file

@ -18,8 +18,6 @@
nix.package = pkgs.lix; nix.package = pkgs.lix;
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
services.flatpak.enable = true;
grimmShared = { grimmShared = {
enable = true; enable = true;
locale = true; locale = true;

View file

@ -6,14 +6,15 @@
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"pre-commit-hooks": "pre-commit-hooks" "pre-commit-hooks": "pre-commit-hooks",
"rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1731942996, "lastModified": 1732741943,
"narHash": "sha256-Ohh+GmEenm4Eu1p6+u/4qIw0wbgKm7Vk/yQwRnSmrFE=", "narHash": "sha256-ZPGI3RjfDqajlIlEO6xL9dQhtyXQMhlFMPnYoKNtPRI=",
"owner": "LordGrimmauld", "owner": "LordGrimmauld",
"repo": "aa-alias-manager", "repo": "aa-alias-manager",
"rev": "e394c4882888f9b9306b3a2dfc59df03ab766473", "rev": "cb4dd424befe24976ecbbc09505efa0c5477d9c6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -30,11 +31,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1731956781, "lastModified": 1732848312,
"narHash": "sha256-AAZiAMQ2LBCY375NnbQa8HHFJc3KLyfnlGiFXDdb1pE=", "narHash": "sha256-OSkmgBPSmZJlZmZu16S3zav7vbxU7w4p6cwoi4B28PM=",
"owner": "ezKEa", "owner": "ezKEa",
"repo": "aagl-gtk-on-nix", "repo": "aagl-gtk-on-nix",
"rev": "862c5b3acd097906cd242eedd9ddcc95ac9382cb", "rev": "30492838a20837085045baffc7c796f266a0b6a6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -92,11 +93,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1732150710, "lastModified": 1732715105,
"narHash": "sha256-H6ps/jlPn3kkGtrZeduLtfMnV8htI117/qUgMtUzJBM=", "narHash": "sha256-WGf8bzwNEgbWjM9aTFv9ZCGrBQEfg0fYd4FSoVa2gDs=",
"owner": "chaotic-cx", "owner": "chaotic-cx",
"repo": "nyx", "repo": "nyx",
"rev": "4621aec08aa50869a305e275c2b8a0c766f3b59b", "rev": "8f153d013632e6036e8bec6377cc5ed7d2ad14df",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -241,11 +242,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1732025103, "lastModified": 1732482255,
"narHash": "sha256-qjEI64RKvDxRyEarY0jTzrZMa8ebezh2DEZmJJrpVdo=", "narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "a46e702093a5c46e192243edbd977d5749e7f294", "rev": "a9953635d7f34e7358d5189751110f87e3ac17da",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -263,11 +264,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1732032028, "lastModified": 1732648910,
"narHash": "sha256-NjyfJQQxs/a2a/KwTmXM44K7XjeJwGsf4YFtebueQzo=", "narHash": "sha256-1F83DUfEHnCZpGY4UOlWaamWoDx8eZ9tHaUF51p2hng=",
"owner": "Jovian-Experiments", "owner": "Jovian-Experiments",
"repo": "Jovian-NixOS", "repo": "Jovian-NixOS",
"rev": "65dc04371cf914c9af4f073638821e4787303005", "rev": "e86d2ad72094354326887bd6fe156f327d63d491",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -276,6 +277,28 @@
"type": "github" "type": "github"
} }
}, },
"mmdoc": {
"inputs": {
"nixpkgs": [
"nixpkgs-update",
"nixpkgs"
],
"systems": "systems_2"
},
"locked": {
"lastModified": 1710694589,
"narHash": "sha256-5wa+Jzxr+LygoxSZuZg0YU81jgdnx2IY/CqDIJMOgec=",
"owner": "ryantm",
"repo": "mmdoc",
"rev": "b6ddf748b1d1c01ca582bb1b3dafd6bc3a4c83a6",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "mmdoc",
"type": "github"
}
},
"nix-github-actions": { "nix-github-actions": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -284,11 +307,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1729742964, "lastModified": 1731952509,
"narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", "narHash": "sha256-p4gB3Rhw8R6Ak4eMl8pqjCPOLCZRqaehZxdZ/mbFClM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-github-actions", "repo": "nix-github-actions",
"rev": "e04df33f62cdcf93d73e9a04142464753a16db67", "rev": "7b5f051df789b6b20d259924d349a9ba3319b226",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -366,11 +389,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1732014248, "lastModified": 1732521221,
"narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -397,11 +420,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1720386169, "lastModified": 1730741070,
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=", "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7", "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -411,6 +434,41 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-update": {
"inputs": {
"mmdoc": "mmdoc",
"nixpkgs": "nixpkgs_2",
"runtimeDeps": "runtimeDeps",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1730338630,
"narHash": "sha256-rGp0I9m3/nDV70nRXvdCv2QiAGPOaRm92rISXDxNUJM=",
"owner": "nix-community",
"repo": "nixpkgs-update",
"rev": "525c2e488ad26cd46878fd93337521bf42e598a9",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs-update",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1672428209,
"narHash": "sha256-eejhqkDz2cb2vc5VeaWphJz8UXNuoNoM8/Op8eWv2tQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "293a28df6d7ff3dec1e61e37cc4ee6e6c0fb0847",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"pre-commit-hooks": { "pre-commit-hooks": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
@ -422,11 +480,11 @@
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1730302582, "lastModified": 1732021966,
"narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=", "narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=",
"owner": "cachix", "owner": "cachix",
"repo": "git-hooks.nix", "repo": "git-hooks.nix",
"rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf", "rev": "3308484d1a443fc5bc92012435d79e80458fe43c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -443,7 +501,45 @@
"chaotic": "chaotic", "chaotic": "chaotic",
"nixos-mailserver": "nixos-mailserver", "nixos-mailserver": "nixos-mailserver",
"nixos-matrix-modules": "nixos-matrix-modules", "nixos-matrix-modules": "nixos-matrix-modules",
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs",
"nixpkgs-update": "nixpkgs-update"
}
},
"runtimeDeps": {
"locked": {
"lastModified": 1714247354,
"narHash": "sha256-6dFKqP/aCKIdpOgqgIQUrRT0NOfVc14ftNcdELa4Pu4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c8d7c8a78fb516c0842cc65346506a565c88014d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"aa-alias-manager",
"nixpkgs"
]
},
"locked": {
"lastModified": 1732674798,
"narHash": "sha256-oM1gjCv9R4zxDFO3as9wqQ4FI3+pDA9MKZ72L7tTIII=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "1d569430326b0a7807ccffdb2a188b814091976c",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
} }
}, },
"systems": { "systems": {
@ -460,6 +556,42 @@
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs-update",
"nixpkgs"
]
},
"locked": {
"lastModified": 1711963903,
"narHash": "sha256-N3QDhoaX+paWXHbEXZapqd1r95mdshxToGowtjtYkGI=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "49dc4a92b02b8e68798abd99184f228243b6e3ac",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

View file

@ -32,6 +32,10 @@
url = "github:LordGrimmauld/aa-alias-manager"; url = "github:LordGrimmauld/aa-alias-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixpkgs-update = {
url = "github:nix-community/nixpkgs-update";
# inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = outputs =
@ -44,15 +48,12 @@
nixos-mailserver, nixos-mailserver,
nixos-matrix-modules, nixos-matrix-modules,
aa-alias-manager, aa-alias-manager,
nixpkgs-update,
... ...
}: }:
let let
patches = [ patches = [
./aa_mod.patch ./aa_mod.patch
{
url = "https://github.com/NixOS/nixpkgs/pull/357468.patch";
hash = "sha256-t+/zVO/Jyink9biD61AuDOmVt0GF3biKxR5hCAyl4Fc=";
}
]; ];
customNixosSystem = customNixosSystem =
@ -75,8 +76,17 @@
} }
// definitions // definitions
); );
systems = [
"x86_64-linux"
"aarch64-linux"
];
forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system);
in in
{ {
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style);
nixosConfigurations = { nixosConfigurations = {
grimmauld-nixos = customNixosSystem "x86_64-linux" { grimmauld-nixos = customNixosSystem "x86_64-linux" {
modules = [ modules = [

View file

@ -47,7 +47,7 @@ in
enable = true; enable = true;
https = true; https = true;
hostName = vhosts.nextcloud_host.host; hostName = vhosts.nextcloud_host.host;
package = pkgs.nextcloud29; package = pkgs.nextcloud30;
caching.redis = true; caching.redis = true;
extraApps = { extraApps = {

View file

@ -5,7 +5,7 @@ in
{ {
services.harmonia = { services.harmonia = {
enable = true; enable = true;
signKeyPath = "/var/cache-priv-key.pem"; signKeyPaths = [ "/var/cache-priv-key.pem" ];
settings.bind = "[::]:${builtins.toString vhosts.nix_cache_host.port}"; settings.bind = "[::]:${builtins.toString vhosts.nix_cache_host.port}";
}; };
} }

View file

@ -23,7 +23,7 @@ in
in in
map (v: "127.0.0.1:${builtins.toString v.port}") ( map (v: "127.0.0.1:${builtins.toString v.port}") (
filter (v: (isAttrs v) && v.enable) ( filter (v: (isAttrs v) && v.enable) (
attrValues (filterAttrs (n: v: n != "minio") config.services.prometheus.exporters) attrValues (filterAttrs (n: v: n != "minio" && n != "tor") config.services.prometheus.exporters)
) )
); );
} }

View file

@ -14,12 +14,14 @@
networking.hostId = "2ea79333"; networking.hostId = "2ea79333";
boot.kernelPackages = lib.mkForce config.boot.zfs.package.latestCompatibleLinuxPackages; boot.kernelPackages = lib.mkForce config.boot.zfs.package.latestCompatibleLinuxPackages;
services.printing.cups-pdf.enable = true; # implies printing enable
# services.printing.enable = true;
grimmShared = { grimmShared = {
tooling = { tooling = {
pass = true; pass = true;
}; };
gaming = true; gaming = true;
printing = true;
portals = true; portals = true;
sound = { sound = {
enable = true; enable = true;

View file

@ -42,6 +42,10 @@
RUN+="${lib.getExe exitSway}" RUN+="${lib.getExe exitSway}"
# ''; # '';
services.printing.cups-pdf.enable = true; # implies printing enable
# services.printing.enable = true;
security.apparmor.enable = true;
# RUN+="${lib.getExe' pkgs.systemd "loginctl"} lock-sessions" # RUN+="${lib.getExe' pkgs.systemd "loginctl"} lock-sessions"
# networking.hostId = "2ea79333"; # networking.hostId = "2ea79333";
@ -52,7 +56,6 @@
pass = true; pass = true;
}; };
gaming = true; gaming = true;
printing = true;
portals = true; portals = true;
sound = { sound = {
enable = true; enable = true;

View file

@ -25,7 +25,7 @@
enable = true; enable = true;
config = config =
let let
inherit (lib) getExe getExe'; inherit (lib) getExe getExe' concatLines;
inherit (pkgs) inherit (pkgs)
rmenu rmenu
xdg-terminal-exec xdg-terminal-exec
@ -172,16 +172,33 @@
}) (lib.range 0 9) }) (lib.range 0 9)
) )
); );
autolaunch = [ autolaunch =
(getExe' pkgs.dbus "dbus-update-activation-environment") let
(getExe' pkgs.xdg-user-dirs "xdg-user-dirs-update") aw-modules = with pkgs; [
''${getExe' pkgs.coreutils-full "sleep"} 3 && ${getExe' pkgs.blueman "blueman-applet"}'' aw-server-rust
(getExe' pkgs.lxqt.lxqt-policykit "lxqt-policykit-agent") aw-watcher-window-wayland
(getExe' config.hardware.opentabletdriver.package "otd-daemon") ];
pkgs.swaynotificationcenter aw-modules-list = lib.concatStringsSep "," (map (p: p.meta.mainProgram) aw-modules);
pkgs.networkmanagerapplet aw-bundle = (
# (pkgs.writeShellScriptBin "rmenu-cache-clear" "rm -r $HOME/.cache/rmenu") # invalidate rmenu cache on sway restart pkgs.writeShellScriptBin "aw-bundle" ''
]; export RUST_BACKTRACE=full
export PATH=$PATH:${lib.makeBinPath (aw-modules ++ [pkgs.coreutils-full])}
${getExe' pkgs.coreutils-full "sleep"} 5
${getExe pkgs.aw-qt} --autostart-modules ${aw-modules-list}
''
);
in
[
(getExe' pkgs.dbus "dbus-update-activation-environment")
(getExe' pkgs.xdg-user-dirs "xdg-user-dirs-update")
''${getExe' pkgs.coreutils-full "sleep"} 3 && ${getExe' pkgs.blueman "blueman-applet"}''
(getExe' pkgs.lxqt.lxqt-policykit "lxqt-policykit-agent")
(getExe' config.hardware.opentabletdriver.package "otd-daemon")
pkgs.swaynotificationcenter
pkgs.networkmanagerapplet
aw-bundle
# (pkgs.writeShellScriptBin "rmenu-cache-clear" "rm -r $HOME/.cache/rmenu") # invalidate rmenu cache on sway restart
];
extraConfig = '' extraConfig = ''
output * bg ${./wallpapers/switzerland.jpg} fill output * bg ${./wallpapers/switzerland.jpg} fill