set router wlan channel; add home/{tmpfiles,nix-index.service}

This commit is contained in:
chayleaf 2023-07-21 01:51:34 +07:00
parent a6edc08515
commit ae8efef7b0
6 changed files with 195 additions and 39 deletions

View file

@ -164,11 +164,11 @@
]
},
"locked": {
"lastModified": 1688951979,
"narHash": "sha256-5wGEXjNjlrVhP1tQUsBLjfT64uQ+b+jgc57MK/IvsW8=",
"lastModified": 1689556975,
"narHash": "sha256-0rft9zKuYa3dDpMywFHUTUl7+fKu7P9u8lsA1esMndA=",
"owner": "fufexan",
"repo": "nix-gaming",
"rev": "0bf7751f831cd2bd17b54805b96f91fadf00aca2",
"rev": "779075ec32036efc14fbcaa9a328bba860e964c6",
"type": "github"
},
"original": {
@ -202,7 +202,9 @@
"nixpkgs-22_11": [
"nixpkgs"
],
"nixpkgs-23_05": "nixpkgs-23_05",
"nixpkgs-23_05": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
@ -255,21 +257,6 @@
"type": "github"
}
},
"nixpkgs-23_05": {
"locked": {
"lastModified": 1684782344,
"narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8966c43feba2c701ed624302b6a935f97bcbdf88",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.05",
"type": "indirect"
}
},
"nixpkgs-lib": {
"locked": {
"dir": "lib",

View file

@ -38,7 +38,10 @@
nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
inputs.nixpkgs.follows = "nixpkgs";
# prevent extra input from being in flake.lock
# (this doesn't affect any behavior)
inputs.nixpkgs-22_11.follows = "nixpkgs";
inputs.nixpkgs-23_05.follows = "nixpkgs";
};
flake-compat = {
url = "github:edolstra/flake-compat";

View file

@ -16,6 +16,14 @@
s = "sudo -A";
se = "sudo -AE";
l = "lsd";
g = "git";
gp = "git push";
gpuo = "git push -u origin";
gr = "git rebase";
gri = "git rebase -i";
gc = "git commit";
gca = "git commit --amend";
gm = "git merge";
};
programs = {
@ -90,7 +98,9 @@
package = pkgs.gitAndTools.gitFull;
delta.enable = true;
extraConfig = {
# disable the atrocious gui password prompt
core.askPass = "";
# ...and prefer getting passwords from libsecret (and storing them there)
credential.helper = "${pkgs.gitAndTools.gitFull}/bin/git-credential-libsecret";
init.defaultBranch = "master";
};
@ -130,16 +140,156 @@
mutableKeys = true;
mutableTrust = true;
};
nix-index.enable = true;
readline = {
enable = true;
variables.editing-mode = "vi";
};
nix-index = {
enable = true;
# don't add pkgs.nix to PATH
# use the nix that's already in PATH
# (because I use nix plugins and plugins are nix version-specific)
package = pkgs.nix-index-unwrapped;
};
};
systemd.user.timers.nix-index = {
Install.WantedBy = [ "timers.target" ];
Unit = {
Description = "Update nix-index";
PartOf = [ "nix-index.service" ];
};
Timer = {
OnCalendar = "Mon *-*-* 00:00:00";
RandomizedDelaySec = 600;
Persistent = true;
};
};
systemd.user.services.nix-index = {
Unit.Description = "Update nix-index";
Service = {
Type = "oneshot";
ExecStart = "${config.programs.nix-index.package}/bin/nix-index";
Environment = [ "PATH=/home/${config.home.username}/.nix-profile/bin:/etc/profiles/per-user/${config.home.username}/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin" ];
TimeoutStartSec = 1800;
};
};
systemd.user.tmpfiles.rules = builtins.map (file: "r! \"/home/${config.home.username}/${file}\"") [
".local/share/clipman.json"
".local/state/lesshst" # I don't need less search history to persist across boots...
".Xauthority"
".sqlite_history"
".local/share/krunnerstaterc"
".local/share/user-places.xbel.bak"
".local/share/user-places.xbel.tbcache"
".config/mimeapps.list"
".config/ncmpcpp/error.log"
".config/mozc/.server.lock"
".config/mozc/.session.ipc"
".config/mozc/.registry.db" # usage stats (seemingly disabled on my machine)
".config/looking-glass/imgui.ini"
".config/QtProject.conf"
".steampid"
".steampath"
".config/.xash_id"
".config/proton.conf"
".local/state/nvim/lsp.log" # this is never cleared...
".config/pavucontrol.ini"
] ++ builtins.map (dir: "e! \"/home/${config.home.username}/${dir}/\" - - - 60d") [
".cache"
".local/share/qalculate"
".local/share/nvfetcher"
".gradle"
".openjfx"
".mono"
".local/share/Trash"
".config/wireshark"
".config/qt5ct"
".config/procps"
".config/neofetch"
".config/matplotlib"
".local/share/arti"
# I use this dir as dumping grounds for random stuff
"tmp"
# games stuff
".local/share/vulkan"
".steam"
".paradoxlauncher"
".local/share/StardewValley" # only logs here
".local/share/GOG.com"
".local/share/Paradox Interactive/launcher-v2"
# faf
".com.faforever.client.FafClientApplication"
".org.testfx.toolkit.PrimaryStageApplication"
".faforever/logs"
# whatever this is (has a single file named cookie)
".config/pulse"
# Nextcloud logs
".config/Nextcloud/logs"
".local/share/Nextcloud"
# this might seem useful, but it's only for temporary dbus files actually
".config/fcitx"
".config/ibus"
# fcitx themes (come on would I ever theme something non-declaratively)
".local/share/fcitx5"
# RGB tooling that I barely use
".config/OpenRGB"
".config/ario"
# I don't use Firefox, I use Librewolf
".mozilla"
# dev stuff
".local/share/tvix"
".cargo"
".npm"
# just when I thought ~ pollution couldn't get worse...
"go"
# android studio and related
".local/share/android"
".local/share/Google"
".java"
".local/share/Sentry"
".android/cache"
".m2"
# chromium
".config/chromium"
".config/cef_user_data"
".pki"
# a lib used by glow
".local/share/charm"
# I barely use FreeCAD, don't need its files
".config/FreeCAD"
".local/share/FreeCAD"
# some useless gui config
".config/gtk-2.0"
".config/gtk-3.0"
".config/kde.org"
# QtWebEngine cache
".local/share/Anki"
# kde connect contacts
".local/share/kpeoplevcard"
# repl history
".local/share/nix"
# iwctl history
".local/share/iwctl"
# non-home-manager-managed files
".local/share/applications"
".local/share/icons"
".local/share/mime"
".config/autostart"
# logs
".local/share/xorg"
# if I forgot it, it probably wasn't important
"Downloads"
] ++ builtins.map (dir: "x \"/home/${config.home.username}/${dir}/\"") [
# WHY DOES THIS KEEP PART OF THE CONFIG
".cache/keepassxc"
];
home.packages = with pkgs; [
rclone sshfs fuse
file jq python3Full killall
appimage-run comma nix-output-monitor
unzip p7zip unrar-wrapper
];
}

View file

@ -214,13 +214,13 @@
} _
]; }
{ plugin = ps.nvim-web-devicons;
config = compile "nvim_web_devicons" ((REQ "nvim-web-devicons").setup {}); }
config = compile "nvim_web_devicons" ((REQ "nvim-web-devicons").setup { }); }
{ plugin = ps.nvim-tree-lua;
config = compile "nvim_tree_lua" (LET (REQ "nvim-tree") (REQ "nvim-tree.api") (nvim-tree: nvim-tree-api: L [
SET (vimg "loaded_netrw") 1 _
SET (vimg "loaded_netrwPlugin") 1 _
SET vim.o.termguicolors true _
nvim-tree.setup {} _ # :help nvim-tree-setup
nvim-tree.setup { } _ # :help nvim-tree-setup
kmSetNs {
"<C-N>" = {
rhs = nvim-tree-api.tree.toggle;
@ -246,7 +246,7 @@
# call is required because cmp.setup is a table
cmp.setup {
snippet = {
expand = { body, ... }: luasnip.lsp_expand body {};
expand = { body, ... }: luasnip.lsp_expand body { };
};
view = { };
window = {
@ -265,9 +265,9 @@
];
};
mapping = {
"<C-p>" = cmp.mapping.select_prev_item {};
"<C-n>" = cmp.mapping.select_next_item {};
"<C-space>" = cmp.mapping.complete {};
"<C-p>" = cmp.mapping.select_prev_item { };
"<C-n>" = cmp.mapping.select_next_item { };
"<C-space>" = cmp.mapping.complete { };
"<C-e>" = CALL cmp.mapping.close;
"<cr>" = cmp.mapping.confirm {
behavior = cmp.ConfirmBehavior.Replace;
@ -315,11 +315,11 @@
nvim-autopairs.setup {
disable_filetype = [ "TelescopePrompt" "vim" ];
} _
cmp.event.on cmp.event "confirm_done" (cmp-autopairs.on_confirm_done {}) _
cmp.event.on cmp.event "confirm_done" (cmp-autopairs.on_confirm_done { }) _
])); }
{ plugin = ps.comment-nvim;
config = compile' "comment_nvim" [
(REQ "Comment").setup {} _
(REQ "Comment").setup { } _
kmSetNs {
"<space>/" = {
# metatables......
@ -422,7 +422,7 @@
# LET capabilities
(vim.tbl_extend
"keep"
((REQ "cmp_nvim_lsp").default_capabilities {})
((REQ "cmp_nvim_lsp").default_capabilities { })
(CALL vim.lsp.protocol.make_client_capabilities))
# BEGIN
(on_attach: rust_settings: capabilities:
@ -451,8 +451,8 @@
# vim.lsp.set_log_level "debug" _
# see https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md
lib.mapAttrsToList setupLsp {
bashls = {};
clangd = {};
bashls = { };
clangd = { };
# https://github.com/python-lsp/python-lsp-server/blob/develop/CONFIGURATION.md
pylsp = {
settings = {
@ -479,7 +479,7 @@
config = compile' "which_key_nvim" [
SET vim.o.timeout true _
SET vim.o.timeoutlen 500 _
which-key.setup {} _
which-key.setup { } _
]; }
];
};

View file

@ -265,6 +265,8 @@ in rec {
COMMON_CLK_MEDIATEK_FHCTL = yes;
COMMON_CLK_MT7986 = yes;
COMMON_CLK_MT7986_ETHSYS = yes;
CPU_THERMAL = yes;
THERMAL_OF = yes;
EINT_MTK = yes;
MEDIATEK_GE_PHY = yes;
MEDIATEK_WATCHDOG = yes;

View file

@ -282,8 +282,8 @@ in {
hostapd.settings = {
inherit (cfg) ssid;
hw_mode = "g";
channel = 1;
chanlist = [ 1 ];
channel = 3;
chanlist = [ 3 ];
supported_rates = [ 60 90 120 180 240 360 480 540 ];
basic_rates = [ 60 120 240 ];
ht_capab = "[LDPC][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][MAX-AMSDU-7935]";
@ -297,8 +297,8 @@ in {
ssid = "${cfg.ssid}_5G";
ieee80211h = true;
hw_mode = "a";
channel = 36;
chanlist = [ 36 ];
channel = 60;
chanlist = [ 60 ];
tx_queue_data2_burst = 2;
ht_capab = "[HT40+][LDPC][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][MAX-AMSDU-7935]";
vht_oper_chwidth = 1; # 80mhz ch width
@ -344,7 +344,20 @@ in {
];
systemdLinkLinkConfig.MACAddressPolicy = "none";
systemdLinkLinkConfig.MACAddress = cfg.routerMac;
dhcpcd.enable = true;
dhcpcd = {
enable = true;
# technically this should be assigned to br0 instead of veth-wan-b
# however, br0 is in a different namespace!
# Considering this doesn't work at all because my ISP doesn't offer IPv6,
# I'd say this is "good enough" since it might still work in the wan
# namespace, though I can't test it.
extraConfig = ''
interface wan
ipv6rs
ia_na 0
ia_pd 1 veth-wan-b/0
'';
};
networkNamespace = "wan";
};
# disable default firewall as it uses iptables
@ -465,8 +478,9 @@ in {
allow_iot4 = add set { type = f: f.ipv4_addr; flags = f: with f; [ interval ]; };
allow_iot6 = add set { type = f: f.ipv6_addr; flags = f: with f; [ interval ]; };
# TODO: is type=route hook=output better? it might help get rid of the routing inconsistency
# between router-originated and forwarded traffic
# TODO: is type=route hook=output better? It might help get rid of the routing inconsistency
# between router-originated and forwarded traffic. The problem is type=route is only supported
# for family=inet, so I don't care enough to test it right now.
prerouting = add chain { type = f: f.filter; hook = f: f.prerouting; prio = f: f.filter; policy = f: f.accept; } ([
[(mangle meta.mark ct.mark)]
[(is.ne meta.mark 0) accept]