Compare commits
2 commits
8b30d66890
...
30603f8071
Author | SHA1 | Date | |
---|---|---|---|
chayleaf | 30603f8071 | ||
chayleaf | 98a2ff925a |
|
@ -1,11 +1,11 @@
|
||||||
{ exec, ... }: {
|
{ exec, ... }: {
|
||||||
secrets = exec [ "cat" "/secrets/nixos/default.nix" ] {
|
secrets = exec [ "cat" "/etc/nixos/private/default.nix" ] {
|
||||||
# compress and base64 the file to make it representable in nix,
|
# compress and base64 the file to make it representable in nix,
|
||||||
# then decompress it back in a derivation (shouldn't there be a better way...)
|
# then decompress it back in a derivation (shouldn't there be a better way...)
|
||||||
copyToStore = pkgs: name: path:
|
copyToStore = pkgs: name: path:
|
||||||
let
|
let
|
||||||
archive = exec [ "${pkgs.bash}/bin/bash" "-c" ''
|
archive = exec [ "${pkgs.bash}/bin/bash" "-c" ''
|
||||||
cd /secrets/nixos
|
cd /etc/nixos/private
|
||||||
echo '"'"$(
|
echo '"'"$(
|
||||||
${pkgs.gnutar}/bin/tar -I ${pkgs.zstd}/bin/zstd --exclude-vcs \
|
${pkgs.gnutar}/bin/tar -I ${pkgs.zstd}/bin/zstd --exclude-vcs \
|
||||||
--transform='s#'${pkgs.lib.escapeShellArg path}'#!#' \
|
--transform='s#'${pkgs.lib.escapeShellArg path}'#!#' \
|
||||||
|
|
174
flake.lock
174
flake.lock
|
@ -16,49 +16,6 @@
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"coop-ofd": {
|
|
||||||
"inputs": {
|
|
||||||
"crane": "crane",
|
|
||||||
"flake-compat": "flake-compat",
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1703252072,
|
|
||||||
"narHash": "sha256-IY/0CeFhaKMBcNUmGXwsPazeKu2rGqCa4IHXSmHy5u0=",
|
|
||||||
"owner": "chayleaf",
|
|
||||||
"repo": "coop-ofd",
|
|
||||||
"rev": "c18e676934884181ad8687e069d28db3c7d1cdfb",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "chayleaf",
|
|
||||||
"repo": "coop-ofd",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"crane": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"coop-ofd",
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1700327093,
|
|
||||||
"narHash": "sha256-OgYvlBABxJYWhZ/HBd0bPVcIEkT+xDhDCpRYqtVhYWY=",
|
|
||||||
"owner": "ipetkov",
|
|
||||||
"repo": "crane",
|
|
||||||
"rev": "ae7cd510e508ee03d792005c2f1c0a3ff25ecb80",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "ipetkov",
|
|
||||||
"repo": "crane",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-compat": {
|
"flake-compat": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -92,22 +49,6 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-compat_3": {
|
"flake-compat_3": {
|
||||||
"flake": false,
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1696426674,
|
|
||||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
|
||||||
"owner": "edolstra",
|
|
||||||
"repo": "flake-compat",
|
|
||||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "edolstra",
|
|
||||||
"repo": "flake-compat",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-compat_4": {
|
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1668681692,
|
"lastModified": 1668681692,
|
||||||
|
@ -128,11 +69,11 @@
|
||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1704982712,
|
"lastModified": 1698882062,
|
||||||
"narHash": "sha256-2Ptt+9h8dczgle2Oo6z5ni5rt/uLMG47UFTR1ry/wgg=",
|
"narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-parts",
|
"repo": "flake-parts",
|
||||||
"rev": "07f6395285469419cf9d078f59b5b49993198c00",
|
"rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -166,11 +107,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706221476,
|
"lastModified": 1700553346,
|
||||||
"narHash": "sha256-T4b8YafVjHXvtDY8ARec1WrXO8uyyNZOpNgv9yoQy2M=",
|
"narHash": "sha256-kW7uWsCv/lxuA824Ng6EYD9hlVYRyjuFn0xBbYltAeQ=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "c7ce343d9bf1a329056a4dd5b32ea8cc43b55e15",
|
"rev": "1aabb0a31b25ad83cfaa37c3fe29053417cd9a0f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -181,11 +122,11 @@
|
||||||
},
|
},
|
||||||
"impermanence": {
|
"impermanence": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1703656108,
|
"lastModified": 1697303681,
|
||||||
"narHash": "sha256-hCSUqdFJKHHbER8Cenf5JRzjMlBjIdwdftGQsO0xoJs=",
|
"narHash": "sha256-caJ0rXeagaih+xTgRduYtYKL1rZ9ylh06CIrt1w5B4g=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "impermanence",
|
"repo": "impermanence",
|
||||||
"rev": "033643a45a4a920660ef91caa391fbffb14da466",
|
"rev": "0f317c2e9e56550ce12323eb39302d251618f5b5",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -196,17 +137,17 @@
|
||||||
},
|
},
|
||||||
"maubot": {
|
"maubot": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat_3",
|
"flake-compat": "flake-compat_2",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1701193205,
|
"lastModified": 1700661503,
|
||||||
"narHash": "sha256-7TK2+YLEvR7z2mj6hT/yay24The4nhpr3KozGSHfKH4=",
|
"narHash": "sha256-2GGbVFmAC8G1FLxIabCBYhfbUeUIZM/3p2VW9Eia60Q=",
|
||||||
"owner": "chayleaf",
|
"owner": "chayleaf",
|
||||||
"repo": "maubot.nix",
|
"repo": "maubot.nix",
|
||||||
"rev": "3a300230955b2e3af1f3472b8704a936b550548a",
|
"rev": "71d397c5897233c592d35be6c4f28c295ce2e79d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -218,16 +159,16 @@
|
||||||
"mobile-nixos": {
|
"mobile-nixos": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1702959560,
|
"lastModified": 1697544701,
|
||||||
"narHash": "sha256-3EmjKFKBypRGluGEY1oUMkQRBRDO5rZdzUXwTlRbUiY=",
|
"narHash": "sha256-u/59b13bwEqxR1x2l9SeSya2ZXABmjpUCdTrXVMLrsA=",
|
||||||
"owner": "chayleaf",
|
"owner": "chayleaf",
|
||||||
"repo": "mobile-nixos",
|
"repo": "mobile-nixos",
|
||||||
"rev": "55ec06035e85fcbda5caa6a73d045a9910fb16a2",
|
"rev": "b3ec466c5abbda7de279dccb010ab10e74dd07ee",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "chayleaf",
|
"owner": "chayleaf",
|
||||||
"ref": "fix-op6-modem",
|
"ref": "cleanup",
|
||||||
"repo": "mobile-nixos",
|
"repo": "mobile-nixos",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -240,11 +181,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706145483,
|
"lastModified": 1700616016,
|
||||||
"narHash": "sha256-omDJXQPBNCFGjSSP4X3mlITdmgfkJ3wrlLN1RhR6ld0=",
|
"narHash": "sha256-GCD2U3jMWmBqJccDDXr8pf2Ia2NnFiIYqnm9wK1DxLk=",
|
||||||
"owner": "fufexan",
|
"owner": "fufexan",
|
||||||
"repo": "nix-gaming",
|
"repo": "nix-gaming",
|
||||||
"rev": "b9f77409aad6976efdae3b05523a07b328920c97",
|
"rev": "7d81bdbf62936d50906609097b1fd6e68e59daa7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -253,33 +194,13 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nix-index-database": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1705806513,
|
|
||||||
"narHash": "sha256-FcOmNjhHFfPz2udZbRpZ1sfyhVMr+C2O8kOxPj+HDDk=",
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "nix-index-database",
|
|
||||||
"rev": "f8e04fbcebcc24cebc91989981bd45f69b963ed7",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "nix-index-database",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706182238,
|
"lastModified": 1700559156,
|
||||||
"narHash": "sha256-Ti7CerGydU7xyrP/ow85lHsOpf+XMx98kQnPoQCSi1g=",
|
"narHash": "sha256-gL4epO/qf+wo30JjC3g+b5Bs8UrpxzkhNBBsUYxpw2g=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "f84eaffc35d1a655e84749228cde19922fcf55f1",
|
"rev": "c3abafb01cd7045dba522af29b625bd1e170c2fb",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -291,24 +212,24 @@
|
||||||
"nixos-mailserver": {
|
"nixos-mailserver": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"blobs": "blobs",
|
"blobs": "blobs",
|
||||||
"flake-compat": "flake-compat_4",
|
"flake-compat": "flake-compat_3",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
|
"nixpkgs-22_11": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
"nixpkgs-23_05": [
|
"nixpkgs-23_05": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
"nixpkgs-23_11": [
|
|
||||||
"nixpkgs"
|
|
||||||
],
|
|
||||||
"utils": "utils"
|
"utils": "utils"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706219574,
|
"lastModified": 1700085753,
|
||||||
"narHash": "sha256-qO+8UErk+bXCq2ybHU4GzXG4Ejk4Tk0rnnTPNyypW4g=",
|
"narHash": "sha256-qtib7f3eRwfaUF+VziJXiBcZFqpHCAXS4HlrFsnzzl4=",
|
||||||
"owner": "simple-nixos-mailserver",
|
"owner": "simple-nixos-mailserver",
|
||||||
"repo": "nixos-mailserver",
|
"repo": "nixos-mailserver",
|
||||||
"rev": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf",
|
"rev": "008d78cc21959e33d0d31f375b88353a7d7121ae",
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -324,11 +245,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1701663968,
|
"lastModified": 1700524221,
|
||||||
"narHash": "sha256-vsBlAzDJlpFpDfoE8RZMiYHe9bWu6SC5KAayh4fxIvg=",
|
"narHash": "sha256-YQGjhwhd68N9fILRwZXlT3z6yXP5kRH8B6bxD2uQq14=",
|
||||||
"owner": "chayleaf",
|
"owner": "chayleaf",
|
||||||
"repo": "nixos-router",
|
"repo": "nixos-router",
|
||||||
"rev": "567dd3fd022874e10ffea7d06901075a3efa3215",
|
"rev": "e9d2ec7ad1f34cb9f1f71c1400430af817431a3b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -339,16 +260,15 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706300291,
|
"lastModified": 1700647334,
|
||||||
"narHash": "sha256-VPDupUs/Pm3hUgDipmobXD82b7hlNIBfVO3RjsQXdf4=",
|
"narHash": "sha256-0F5B7oJAAJ4u4sq97nIhcH/pVFkFjYY5JFxXXHOBJQ4=",
|
||||||
"owner": "chayleaf",
|
"owner": "chayleaf",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "980c983f4f55bd30b653e4512b2eb85aee71964d",
|
"rev": "e70edbbc30bca7d90c4a1e8c653ceb1607cc2858",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "chayleaf",
|
"owner": "chayleaf",
|
||||||
"ref": "ci",
|
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -356,11 +276,11 @@
|
||||||
"nixpkgs-lib": {
|
"nixpkgs-lib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"dir": "lib",
|
"dir": "lib",
|
||||||
"lastModified": 1703961334,
|
"lastModified": 1698611440,
|
||||||
"narHash": "sha256-M1mV/Cq+pgjk0rt6VxoyyD+O8cOUiai8t9Q6Yyq4noY=",
|
"narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "b0d36bd0a420ecee3bc916c91886caca87c894e9",
|
"rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -413,11 +333,11 @@
|
||||||
},
|
},
|
||||||
"nur": {
|
"nur": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706298359,
|
"lastModified": 1700660661,
|
||||||
"narHash": "sha256-Akibmb69MTDTZ+sSbRngKROKPqbAFVwI+GD8git9qLY=",
|
"narHash": "sha256-1+//5oLdqYo8ptS/ZpaGEzgnQ6FWJOjLPyTuiD6mPjY=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "NUR",
|
"repo": "NUR",
|
||||||
"rev": "2fde9f9248e2dea3c2534ade2e4a9c3ea079a025",
|
"rev": "0707dd061f4fb82393f3c96c6ed10c60396d7f9c",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -428,14 +348,12 @@
|
||||||
},
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"coop-ofd": "coop-ofd",
|
"flake-compat": "flake-compat",
|
||||||
"flake-compat": "flake-compat_2",
|
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"impermanence": "impermanence",
|
"impermanence": "impermanence",
|
||||||
"maubot": "maubot",
|
"maubot": "maubot",
|
||||||
"mobile-nixos": "mobile-nixos",
|
"mobile-nixos": "mobile-nixos",
|
||||||
"nix-gaming": "nix-gaming",
|
"nix-gaming": "nix-gaming",
|
||||||
"nix-index-database": "nix-index-database",
|
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixos-mailserver": "nixos-mailserver",
|
"nixos-mailserver": "nixos-mailserver",
|
||||||
"nixos-router": "nixos-router",
|
"nixos-router": "nixos-router",
|
||||||
|
@ -454,11 +372,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706235145,
|
"lastModified": 1700619457,
|
||||||
"narHash": "sha256-3jh5nahTlcsX6QFcMPqxtLn9p9CgT9RSce5GLqjcpi4=",
|
"narHash": "sha256-zjmlh8xo4UsNdw7nMyiHgQg1xXNcJnpdMLvyunnnitQ=",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "rust-overlay",
|
"repo": "rust-overlay",
|
||||||
"rev": "3a57c4e29cb2beb777b2e6ae7309a680585b8b2f",
|
"rev": "7c94410d52d4e8bd72803fc1fe6c51fe179edaf5",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
317
flake.nix
317
flake.nix
|
@ -4,15 +4,11 @@
|
||||||
inputs = {
|
inputs = {
|
||||||
#nixpkgs.url = "github:NixOS/nixpkgs/3dc2b4f8166f744c3b3e9ff8224e7c5d74a5424f";
|
#nixpkgs.url = "github:NixOS/nixpkgs/3dc2b4f8166f744c3b3e9ff8224e7c5d74a5424f";
|
||||||
# nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
# nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||||
nixpkgs.url = "github:chayleaf/nixpkgs/ci";
|
nixpkgs.url = "github:chayleaf/nixpkgs";
|
||||||
nixos-hardware.url = "github:NixOS/nixos-hardware";
|
nixos-hardware.url = "github:NixOS/nixos-hardware";
|
||||||
nix-index-database = {
|
|
||||||
url = "github:nix-community/nix-index-database";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
mobile-nixos = {
|
mobile-nixos = {
|
||||||
# url = "github:NixOS/mobile-nixos";
|
# url = "github:NixOS/mobile-nixos";
|
||||||
url = "github:chayleaf/mobile-nixos/fix-op6-modem";
|
url = "github:chayleaf/mobile-nixos/cleanup";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
impermanence.url = "github:nix-community/impermanence";
|
impermanence.url = "github:nix-community/impermanence";
|
||||||
|
@ -21,10 +17,6 @@
|
||||||
url = "github:oxalica/rust-overlay";
|
url = "github:oxalica/rust-overlay";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
coop-ofd = {
|
|
||||||
url = "github:chayleaf/coop-ofd";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
url = "github:nix-community/home-manager";
|
url = "github:nix-community/home-manager";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
@ -54,8 +46,8 @@
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
# prevent extra input from being in flake.lock
|
# prevent extra input from being in flake.lock
|
||||||
# (this doesn't affect any behavior)
|
# (this doesn't affect any behavior)
|
||||||
|
inputs.nixpkgs-22_11.follows = "nixpkgs";
|
||||||
inputs.nixpkgs-23_05.follows = "nixpkgs";
|
inputs.nixpkgs-23_05.follows = "nixpkgs";
|
||||||
inputs.nixpkgs-23_11.follows = "nixpkgs";
|
|
||||||
};
|
};
|
||||||
flake-compat = {
|
flake-compat = {
|
||||||
url = "github:edolstra/flake-compat";
|
url = "github:edolstra/flake-compat";
|
||||||
|
@ -63,34 +55,36 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = base-inputs@{ self, nixpkgs, ... }:
|
outputs = inputs@
|
||||||
|
{ self
|
||||||
|
, nixpkgs
|
||||||
|
, nixos-hardware
|
||||||
|
, mobile-nixos
|
||||||
|
, impermanence
|
||||||
|
, home-manager
|
||||||
|
, nur
|
||||||
|
, nix-gaming
|
||||||
|
, notlua
|
||||||
|
, notnft
|
||||||
|
, nixos-mailserver
|
||||||
|
, nixos-router
|
||||||
|
, maubot
|
||||||
|
, ... }:
|
||||||
let
|
let
|
||||||
# --impure required for developing
|
# --impure required for developing
|
||||||
# it takes the paths for modules from filesystem as opposed to flake inputs
|
# it takes the paths for modules from filesystem as opposed to flake inputs
|
||||||
dev = {
|
devNft = false;
|
||||||
# coop-ofd = true;
|
devNixRt = false;
|
||||||
# maubot = true;
|
devMaubot = false;
|
||||||
# mobile-nixos = true;
|
|
||||||
# nixos-router = true;
|
|
||||||
# notnft = true;
|
|
||||||
};
|
|
||||||
# IRL-related stuff I'd rather not put into git
|
# IRL-related stuff I'd rather not put into git
|
||||||
priv =
|
priv =
|
||||||
if builtins.pathExists ./private.nix then import ./private.nix { }
|
if builtins.pathExists ./private.nix then (import ./private.nix { })
|
||||||
else if builtins.pathExists ./private/default.nix then import ./private { }
|
else if builtins.pathExists ./private/default.nix then (import ./private { })
|
||||||
# workaround for git flakes not having access to non-checked out files
|
# workaround for git flakes not having access to non-checked out files
|
||||||
else if builtins?extraBuiltins.secrets then builtins.extraBuiltins.secrets
|
else if builtins?extraBuiltins.secrets then builtins.extraBuiltins.secrets
|
||||||
# yes, this is impure, this is a last ditch effort at getting access to secrets
|
# yes, this is impure, this is a last ditch effort at getting access to secrets
|
||||||
else import /secrets/nixos { };
|
else import /etc/nixos/private { };
|
||||||
devPath = priv.devPath or ../.;
|
devPath = priv.devPath or ../.;
|
||||||
inputs = builtins.mapAttrs
|
|
||||||
(name: input:
|
|
||||||
if dev.${name} or false then
|
|
||||||
(if input._type or null == "flake"
|
|
||||||
then (import base-inputs.flake-compat { src = /${devPath}/${name}; }).defaultNix
|
|
||||||
else /${devPath}/${name})
|
|
||||||
else input)
|
|
||||||
base-inputs;
|
|
||||||
# if x has key s, get it. Otherwise return def
|
# if x has key s, get it. Otherwise return def
|
||||||
# All private config for hostname
|
# All private config for hostname
|
||||||
getPriv = hostname: priv.${hostname} or { };
|
getPriv = hostname: priv.${hostname} or { };
|
||||||
|
@ -99,13 +93,20 @@
|
||||||
# Private home-manager config for hostname and username
|
# Private home-manager config for hostname and username
|
||||||
getPrivUser = hostname: user: (getPriv hostname).${user} or { };
|
getPrivUser = hostname: user: (getPriv hostname).${user} or { };
|
||||||
# extended lib
|
# extended lib
|
||||||
lib = nixpkgs.lib // import ./lib.nix { inherit (nixpkgs) lib; };
|
lib = nixpkgs.lib // {
|
||||||
|
quoteListenAddr = addr:
|
||||||
|
if nixpkgs.lib.hasInfix ":" addr then "[${addr}]" else addr;
|
||||||
|
};
|
||||||
# can't use callPackage ./pkgs here, idk why; use import instead
|
# can't use callPackage ./pkgs here, idk why; use import instead
|
||||||
overlay' = args: self: super: import ./pkgs ({
|
overlay' = args: self: super: import ./pkgs ({
|
||||||
pkgs = super;
|
pkgs = super;
|
||||||
pkgs' = self;
|
pkgs' = self;
|
||||||
lib = super.lib;
|
lib = super.lib;
|
||||||
inherit inputs;
|
nur = import nur {
|
||||||
|
pkgs = super;
|
||||||
|
nurpkgs = super;
|
||||||
|
};
|
||||||
|
nix-gaming = nix-gaming.packages.${super.system};
|
||||||
} // args);
|
} // args);
|
||||||
overlay = overlay' { };
|
overlay = overlay' { };
|
||||||
# I override some settings down the line, but overlays always stay the same
|
# I override some settings down the line, but overlays always stay the same
|
||||||
|
@ -122,41 +123,180 @@
|
||||||
system = "aarch64-linux";
|
system = "aarch64-linux";
|
||||||
modules = [
|
modules = [
|
||||||
{
|
{
|
||||||
_module.args.server-config = self.nixosConfigurations.server.config;
|
_module.args.server-config = nixosConfigurations.server.config;
|
||||||
_module.args.notnft = inputs.notnft.lib.${system};
|
_module.args.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
|
||||||
}
|
}
|
||||||
inputs.nixos-router.nixosModules.default
|
(if devNixRt then import /${devPath}/nixos-router else nixos-router.nixosModules.default)
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
in {
|
crossConfig' = from: config: config // {
|
||||||
|
modules = config.modules ++ [
|
||||||
|
{
|
||||||
|
_module.args.fromSourcePkgs = (mkPkgs { system = from; }).pkgsCross.${{
|
||||||
|
aarch64-linux = "aarch64-multiplatform";
|
||||||
|
}.${config.system}};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
crossConfig = config: crossConfig' ({
|
||||||
|
x86_64-linux = "aarch64-linux";
|
||||||
|
aarch64-linux = "x86_64-linux";
|
||||||
|
}.${config.system}) config;
|
||||||
|
in rec {
|
||||||
router-emmc = mkBpiR3 "emmc" routerConfig;
|
router-emmc = mkBpiR3 "emmc" routerConfig;
|
||||||
router-sd = mkBpiR3 "sd" routerConfig;
|
router-sd = mkBpiR3 "sd" routerConfig;
|
||||||
|
router-emmc-cross = crossConfig router-emmc;
|
||||||
|
router-sd-cross = crossConfig router-emmc;
|
||||||
server = {
|
server = {
|
||||||
system = "aarch64-linux";
|
system = "aarch64-linux";
|
||||||
modules = [
|
modules = [
|
||||||
{ _module.args.router-config = self.nixosConfigurations.router-emmc.config; }
|
{ _module.args.router-config = nixosConfigurations.router-emmc.config; }
|
||||||
|
nixos-mailserver.nixosModules.default
|
||||||
./system/devices/radxa-rock5a-server.nix
|
./system/devices/radxa-rock5a-server.nix
|
||||||
|
(if devMaubot then import /${devPath}/maubot.nix/module else maubot.nixosModules.default)
|
||||||
|
./system/modules/scanservjs.nix
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
server-cross = crossConfig server;
|
||||||
nixmsi = rec {
|
nixmsi = rec {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
modules = [ ./system/devices/msi-delta-15-workstation.nix ];
|
modules = [
|
||||||
|
nix-gaming.nixosModules.pipewireLowLatency
|
||||||
|
./system/devices/msi-delta-15-workstation.nix
|
||||||
|
];
|
||||||
|
home.common.enableNixosModule = false;
|
||||||
home.common.extraSpecialArgs = {
|
home.common.extraSpecialArgs = {
|
||||||
notlua = inputs.notlua.lib.${system};
|
notlua = notlua.lib.${system};
|
||||||
};
|
};
|
||||||
home.user = [ ./home/hosts/nixmsi.nix ];
|
home.user = [
|
||||||
|
nur.nixosModules.nur
|
||||||
|
./home/hosts/nixmsi.nix
|
||||||
|
];
|
||||||
};
|
};
|
||||||
phone = rec {
|
nixmsi-cross = crossConfig nixmsi;
|
||||||
|
phone = {
|
||||||
system = "aarch64-linux";
|
system = "aarch64-linux";
|
||||||
modules = [ ./system/devices/oneplus-6-phone.nix ];
|
modules = [
|
||||||
home.common.extraSpecialArgs = {
|
(import "${mobile-nixos}/lib/configuration.nix" {
|
||||||
notlua = inputs.notlua.lib.${system};
|
device = "oneplus-enchilada";
|
||||||
};
|
})
|
||||||
home.user = [ ./home/hosts/phone.nix ];
|
./system/hosts/phone/default.nix
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
phone-cross = crossConfig phone;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# this is the system config processing part
|
||||||
|
nixosConfigurations = builtins.mapAttrs (hostname: args @ { system, modules, specialArgs ? {}, nixpkgs ? {}, home ? {}, ... }:
|
||||||
|
lib.nixosSystem ({
|
||||||
|
inherit system;
|
||||||
|
# allow modules to access nixpkgs directly, use customized lib,
|
||||||
|
# and pass nixos-harware to let hardware modules import parts of nixos-hardware
|
||||||
|
specialArgs = {
|
||||||
|
inherit lib nixpkgs;
|
||||||
|
hardware = nixos-hardware.nixosModules;
|
||||||
|
} // specialArgs;
|
||||||
|
modules = modules ++ [
|
||||||
|
# Third-party NixOS modules
|
||||||
|
impermanence.nixosModule
|
||||||
|
# My custom NixOS modules
|
||||||
|
./system/modules/vfio.nix
|
||||||
|
./system/modules/ccache.nix
|
||||||
|
./system/modules/impermanence.nix
|
||||||
|
./system/modules/common.nix
|
||||||
|
(getPrivSys hostname)
|
||||||
|
# The common configuration that isn't part of common.nix
|
||||||
|
({ config, pkgs, lib, ... }: {
|
||||||
|
networking.hostName = lib.mkDefault hostname;
|
||||||
|
nixpkgs.overlays = [ overlay ];
|
||||||
|
nix.extraOptions = ''
|
||||||
|
plugin-files = ${pkgs.nix-plugins.override { nix = config.nix.package; }}/lib/nix/plugins/libnix-extra-builtins.so
|
||||||
|
'';
|
||||||
|
|
||||||
|
# registry is used for the new flaky nix command
|
||||||
|
nix.registry =
|
||||||
|
builtins.mapAttrs
|
||||||
|
(_: v: { flake = v; })
|
||||||
|
(lib.filterAttrs (_: v: v?outputs) inputs);
|
||||||
|
|
||||||
|
# add import'able flake inputs (like nixpkgs) to nix path
|
||||||
|
# nix path is used for old nix commands (like nix-build, nix-shell)
|
||||||
|
environment.etc = lib.mapAttrs'
|
||||||
|
(name: value: {
|
||||||
|
name = "nix/inputs/${name}";
|
||||||
|
value = { source = value.outPath; };
|
||||||
|
})
|
||||||
|
(lib.filterAttrs (_: v: builtins.pathExists "${v}/default.nix") inputs);
|
||||||
|
nix.nixPath = [ "/etc/nix/inputs" ];
|
||||||
|
})
|
||||||
|
]
|
||||||
|
# the following is NixOS home-manager module configuration. Currently unused, but I might start using it for some hosts later.
|
||||||
|
++ (lib.optionals (home != {} && ((home.common or {}).enableNixosModule or true)) [
|
||||||
|
home-manager.nixosModules.home-manager
|
||||||
|
{
|
||||||
|
home-manager = builtins.removeAttrs (home.common or { }) [ "nixpkgs" "nix" "enableNixosModule" ];
|
||||||
|
}
|
||||||
|
{
|
||||||
|
# set both to false to match behavior with standalone home-manager
|
||||||
|
home-manager.useGlobalPkgs = false;
|
||||||
|
home-manager.useUserPackages = false;
|
||||||
|
home-manager.users = builtins.mapAttrs (username: modules: {
|
||||||
|
imports = modules ++ [
|
||||||
|
{
|
||||||
|
nixpkgs = (home.common or { }).nixpkgs or { };
|
||||||
|
nix = (home.common or { }).nix or { };
|
||||||
|
}
|
||||||
|
({ config, pkgs, lib, ...}: {
|
||||||
|
nixpkgs.overlays = [ overlay ];
|
||||||
|
nix.package = lib.mkDefault pkgs.nixForNixPlugins;
|
||||||
|
# this is only needed if nixos doesnt set plugin-files already
|
||||||
|
/*nix.extraOptions = ''
|
||||||
|
plugin-files = ${pkgs.nix-plugins.override { nix = config.nix.package; }}/lib/nix/plugins/libnix-extra-builtins.so
|
||||||
|
'';*/
|
||||||
|
})
|
||||||
|
(getPrivUser hostname username)
|
||||||
|
];
|
||||||
|
}) (builtins.removeAttrs home [ "common" ]);
|
||||||
|
}
|
||||||
|
]);
|
||||||
|
} // (builtins.removeAttrs args [ "home" "modules" "nixpkgs" ])))
|
||||||
|
config;
|
||||||
|
|
||||||
|
# for each hostname, for each user, generate an attribute "${user}@${hostname}"
|
||||||
|
homeConfigurations =
|
||||||
|
builtins.foldl'
|
||||||
|
(a: b: a // b)
|
||||||
|
{ }
|
||||||
|
(builtins.concatLists
|
||||||
|
(lib.mapAttrsToList
|
||||||
|
(hostname: sysConfig:
|
||||||
|
let
|
||||||
|
inherit (sysConfig) system;
|
||||||
|
common' = builtins.removeAttrs (sysConfig.home.common or { }) [ "nix" "nixpkgs" "enableNixosModule" ];
|
||||||
|
pkgs = mkPkgs ({ inherit system; } // ((sysConfig.home.common or { }).nixpkgs or {}));
|
||||||
|
common = common' // { inherit pkgs; };
|
||||||
|
in
|
||||||
|
lib.mapAttrsToList
|
||||||
|
# this is where actual config takes place
|
||||||
|
(user: homeConfig: {
|
||||||
|
"${user}@${hostname}" = home-manager.lib.homeManagerConfiguration (common // {
|
||||||
|
modules = homeConfig ++ [
|
||||||
|
(getPrivUser hostname user)
|
||||||
|
({ config, pkgs, lib, ... }: {
|
||||||
|
nixpkgs.overlays = [ overlay ];
|
||||||
|
nix.package = lib.mkDefault pkgs.nixForNixPlugins;
|
||||||
|
# this is only needed if nixos doesnt set plugin-files already
|
||||||
|
/*nix.extraOptions = ''
|
||||||
|
plugin-files = ${pkgs.nix-plugins.override { nix = config.nix.package; }}/lib/nix/plugins/libnix-extra-builtins.so
|
||||||
|
'';*/
|
||||||
|
})
|
||||||
|
];
|
||||||
|
});
|
||||||
|
})
|
||||||
|
(builtins.removeAttrs (sysConfig.home or { }) [ "common" ]))
|
||||||
|
config));
|
||||||
in {
|
in {
|
||||||
|
inherit nixosConfigurations homeConfigurations;
|
||||||
overlays.default = overlay;
|
overlays.default = overlay;
|
||||||
packages = lib.genAttrs [
|
packages = lib.genAttrs [
|
||||||
"x86_64-linux"
|
"x86_64-linux"
|
||||||
|
@ -164,89 +304,24 @@
|
||||||
] (system: let self = overlay' { isOverlay = false; } (mkPkgs { inherit system; } // self) (import nixpkgs { inherit system; }); in self);
|
] (system: let self = overlay' { isOverlay = false; } (mkPkgs { inherit system; } // self) (import nixpkgs { inherit system; }); in self);
|
||||||
nixosImages.router = let pkgs = mkPkgs { inherit (config.router-emmc) system; }; in {
|
nixosImages.router = let pkgs = mkPkgs { inherit (config.router-emmc) system; }; in {
|
||||||
emmcImage = pkgs.callPackage ./system/hardware/bpi-r3/image.nix {
|
emmcImage = pkgs.callPackage ./system/hardware/bpi-r3/image.nix {
|
||||||
inherit (self.nixosConfigurations.router-emmc) config;
|
inherit (nixosConfigurations.router-emmc) config;
|
||||||
rootfsImage = self.nixosConfigurations.router-emmc.config.system.build.rootfsImage;
|
rootfsImage = nixosConfigurations.router-emmc.config.system.build.rootfsImage;
|
||||||
bpiR3Stuff = pkgs.bpiR3StuffEmmc;
|
bpiR3Stuff = pkgs.bpiR3StuffEmmc;
|
||||||
};
|
};
|
||||||
sdImage = pkgs.callPackage ./system/hardware/bpi-r3/image.nix {
|
sdImage = pkgs.callPackage ./system/hardware/bpi-r3/image.nix {
|
||||||
inherit (self.nixosConfigurations.router-sd) config;
|
inherit (nixosConfigurations.router-sd) config;
|
||||||
rootfsImage = self.nixosConfigurations.router-sd.config.system.build.rootfsImage;
|
rootfsImage = nixosConfigurations.router-sd.config.system.build.rootfsImage;
|
||||||
bpiR3Stuff = pkgs.bpiR3StuffSd;
|
bpiR3Stuff = pkgs.bpiR3StuffSd;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
nixosImages.phone = nixosConfigurations.phone.config.mobile.outputs.disk-image;
|
||||||
|
nixosImages.phone-fastboot = nixosConfigurations.phone.config.mobile.outputs.android.android-fastboot-image;
|
||||||
|
|
||||||
hydraJobs = {
|
hydraJobs = {
|
||||||
server.${config.server.system} = self.nixosConfigurations.server.config.system.build.toplevel;
|
server.${config.server.system} = nixosConfigurations.server.config.system.build.toplevel;
|
||||||
router.${config.router-emmc.system} = self.nixosConfigurations.router-emmc.config.system.build.toplevel;
|
workstation.${config.nixmsi.system} = nixosConfigurations.nixmsi.config.system.build.toplevel;
|
||||||
phone.${config.phone.system} = self.nixosConfigurations.phone.config.system.build.toplevel;
|
router.${config.router-emmc.system} = nixosConfigurations.router-emmc.config.system.build.toplevel;
|
||||||
phone-home.${config.phone.system} = self.homeConfigurations."user@phone".activation-script;
|
workstation-home.${config.nixmsi.system} = homeConfigurations."user@nixmsi".activation-script;
|
||||||
workstation.${config.nixmsi.system} = self.nixosConfigurations.nixmsi.config.system.build.toplevel;
|
|
||||||
workstation-home.${config.nixmsi.system} = self.homeConfigurations."user@nixmsi".activation-script;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# this is the system config processing part
|
|
||||||
nixosConfigurations = lib.flip builtins.mapAttrs config (hostname: args @ { modules, nixpkgs ? {}, home ? {}, ... }:
|
|
||||||
lib.nixosSystem {
|
|
||||||
inherit (args) system;
|
|
||||||
# allow modules to access nixpkgs directly, use customized lib,
|
|
||||||
# and pass nixos-harware to let hardware modules import parts of nixos-hardware
|
|
||||||
specialArgs = {
|
|
||||||
inherit inputs lib;
|
|
||||||
hardware = inputs.nixos-hardware.nixosModules;
|
|
||||||
} // args.specialArgs or { };
|
|
||||||
modules = args.modules or [ ]
|
|
||||||
++ [
|
|
||||||
(getPrivSys hostname)
|
|
||||||
{ networking.hostName = lib.mkDefault hostname;
|
|
||||||
nixpkgs.overlays = [ overlay ]; }
|
|
||||||
inputs.impermanence.nixosModule
|
|
||||||
]
|
|
||||||
++ map (x: ./system/modules/${x}) (builtins.attrNames (builtins.readDir ./system/modules))
|
|
||||||
# the following is NixOS home-manager module configuration. Currently unused, but I might start using it for some hosts later.
|
|
||||||
++ lib.optionals (home != { } && home.common.enableNixosModule or false) [
|
|
||||||
inputs.home-manager.nixosModules.home-manager
|
|
||||||
{ home-manager = builtins.removeAttrs (home.common or { }) [ "nixpkgs" "nix" "enableNixosModule" ]; }
|
|
||||||
{ # set both to false to match behavior with standalone home-manager
|
|
||||||
home-manager.useGlobalPkgs = false;
|
|
||||||
home-manager.useUserPackages = false;
|
|
||||||
home-manager.users = builtins.mapAttrs (username: modules: {
|
|
||||||
imports = modules ++ [
|
|
||||||
{ nixpkgs = home.common.nixpkgs or { };
|
|
||||||
nix = home.common.nix or { }; }
|
|
||||||
({ config, pkgs, lib, ...}: {
|
|
||||||
nixpkgs.overlays = [ overlay ];
|
|
||||||
nix.package = lib.mkDefault pkgs.nixForNixPlugins; })
|
|
||||||
(getPrivUser hostname username)
|
|
||||||
];
|
|
||||||
}) (builtins.removeAttrs home [ "common" ]); }
|
|
||||||
];
|
|
||||||
});
|
|
||||||
|
|
||||||
# for each hostname, for each user, generate an attribute "${user}@${hostname}"
|
|
||||||
homeConfigurations =
|
|
||||||
builtins.listToAttrs (builtins.concatLists
|
|
||||||
(lib.flip lib.mapAttrsToList config
|
|
||||||
(hostname: { system, home ? {}, ... }:
|
|
||||||
let
|
|
||||||
common' = builtins.removeAttrs (home.common or { }) [ "nix" "nixpkgs" "enableNixosModule" ];
|
|
||||||
pkgs = mkPkgs ({ inherit system; } // home.common.nixpkgs or { });
|
|
||||||
common = common' // { inherit pkgs; };
|
|
||||||
in
|
|
||||||
lib.flip lib.mapAttrsToList (builtins.removeAttrs home [ "common" ])
|
|
||||||
# this is where actual config takes place
|
|
||||||
(user: homeConfig: lib.nameValuePair "${user}@${hostname}"
|
|
||||||
(inputs.home-manager.lib.homeManagerConfiguration (common // {
|
|
||||||
extraSpecialArgs = (common.extraSpecialArgs or { }) // { inherit inputs; };
|
|
||||||
modules =
|
|
||||||
homeConfig
|
|
||||||
++ common.modules or [ ]
|
|
||||||
++ [
|
|
||||||
(getPrivUser hostname user)
|
|
||||||
({ pkgs, lib, ... }: {
|
|
||||||
nixpkgs.overlays = [ overlay ];
|
|
||||||
nix.package = lib.mkDefault pkgs.nixForNixPlugins;
|
|
||||||
})
|
|
||||||
];
|
|
||||||
}))))));
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
43
home/common/firefox.nix
Normal file
43
home/common/firefox.nix
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./gui.nix
|
||||||
|
];
|
||||||
|
programs.firefox = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.wrapFirefox pkgs.librewolf-unwrapped {
|
||||||
|
inherit (pkgs.librewolf-unwrapped) extraPrefsFiles extraPoliciesFiles;
|
||||||
|
wmClass = "LibreWolf";
|
||||||
|
libName = "librewolf";
|
||||||
|
nativeMessagingHosts = with pkgs; [ keepassxc ];
|
||||||
|
};
|
||||||
|
profiles.chayleaf = {
|
||||||
|
extensions = (with config.nur.repos.rycee.firefox-addons; [
|
||||||
|
cookies-txt
|
||||||
|
don-t-fuck-with-paste
|
||||||
|
greasemonkey
|
||||||
|
keepassxc-browser
|
||||||
|
libredirect
|
||||||
|
localcdn
|
||||||
|
noscript
|
||||||
|
privacy-pass
|
||||||
|
protondb-for-steam
|
||||||
|
return-youtube-dislikes
|
||||||
|
rust-search-extension
|
||||||
|
search-by-image
|
||||||
|
sponsorblock
|
||||||
|
steam-database
|
||||||
|
ublock-origin
|
||||||
|
unpaywall
|
||||||
|
vimium-c
|
||||||
|
youtube-shorts-block
|
||||||
|
]) ++ (with pkgs.firefoxAddons; [
|
||||||
|
fastforwardteam
|
||||||
|
middle-mouse-button-scroll
|
||||||
|
rikaitan
|
||||||
|
youtube-nonstop
|
||||||
|
]);
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -102,7 +102,7 @@
|
||||||
set -U _tide_left_items pwd git vi_mode
|
set -U _tide_left_items pwd git vi_mode
|
||||||
set -U _tide_prompt_69105 \x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b34m\x1b\x5b44m\x20\x40PWD\x40\x20\x1b\x5b34m\x1b\x5b40m\ue0b0\x1b\x5b32m\x1b\x5b40m\x20\u276f\x20\x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b30m\ue0b0 \x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b30m\ue0b2\x1b\x5b32m\x1b\x5b40m\x20\uf00c\x20\x1b\x5b33m\x1b\x5b40m\ue0b2\x1b\x5b30m\x1b\x5b43m\x2021m\x2023s\x20\x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b33m
|
set -U _tide_prompt_69105 \x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b34m\x1b\x5b44m\x20\x40PWD\x40\x20\x1b\x5b34m\x1b\x5b40m\ue0b0\x1b\x5b32m\x1b\x5b40m\x20\u276f\x20\x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b30m\ue0b0 \x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b30m\ue0b2\x1b\x5b32m\x1b\x5b40m\x20\uf00c\x20\x1b\x5b33m\x1b\x5b40m\ue0b2\x1b\x5b30m\x1b\x5b43m\x2021m\x2023s\x20\x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b33m
|
||||||
set -U _tide_prompt_79899 \x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b34m\x1b\x5b44m\x20\x40PWD\x40\x20\x1b\x5b34m\x1b\x5b40m\ue0b0\x1b\x5b32m\x1b\x5b40m\x20\u276f\x20\x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b30m\ue0b0 \x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b30m\ue0b2\x1b\x5b32m\x1b\x5b40m\x20\uf00c\x20\x1b\x5b33m\x1b\x5b40m\ue0b2\x1b\x5b30m\x1b\x5b43m\x2015s\x20\x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b33m
|
set -U _tide_prompt_79899 \x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b34m\x1b\x5b44m\x20\x40PWD\x40\x20\x1b\x5b34m\x1b\x5b40m\ue0b0\x1b\x5b32m\x1b\x5b40m\x20\u276f\x20\x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b30m\ue0b0 \x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b30m\ue0b2\x1b\x5b32m\x1b\x5b40m\x20\uf00c\x20\x1b\x5b33m\x1b\x5b40m\ue0b2\x1b\x5b30m\x1b\x5b43m\x2015s\x20\x1b\x28B\x1b\x5bm\x1b\x28B\x1b\x5bm\x1b\x5b33m
|
||||||
set -U _tide_right_items status cmd_duration context jobs rustc nix_shell
|
set -U _tide_right_items status cmd_duration context jobs virtual_env rustc nix_shell
|
||||||
|
|
||||||
# for the following values, -gx works too (-g doesn't)
|
# for the following values, -gx works too (-g doesn't)
|
||||||
# but it pollutes children's env, so do -U
|
# but it pollutes children's env, so do -U
|
||||||
|
@ -116,6 +116,9 @@
|
||||||
set -U tide_character_vi_icon_default \u276e
|
set -U tide_character_vi_icon_default \u276e
|
||||||
set -U tide_character_vi_icon_replace \u25b6
|
set -U tide_character_vi_icon_replace \u25b6
|
||||||
set -U tide_character_vi_icon_visual V
|
set -U tide_character_vi_icon_visual V
|
||||||
|
set -U tide_chruby_bg_color red
|
||||||
|
set -U tide_chruby_color black
|
||||||
|
set -U tide_chruby_icon \ue23e
|
||||||
set -U tide_cmd_duration_bg_color yellow
|
set -U tide_cmd_duration_bg_color yellow
|
||||||
set -U tide_cmd_duration_color black
|
set -U tide_cmd_duration_color black
|
||||||
set -U tide_cmd_duration_decimals 0
|
set -U tide_cmd_duration_decimals 0
|
||||||
|
@ -195,7 +198,7 @@
|
||||||
set -U tide_pwd_icon_unwritable \uf023
|
set -U tide_pwd_icon_unwritable \uf023
|
||||||
set -U tide_pwd_markers \x2ebzr \x2ecitc \x2egit \x2ehg \x2enode\x2dversion \x2epython\x2dversion \x2eruby\x2dversion \x2eshorten_folder_marker \x2esvn \x2eterraform Cargo\x2etoml composer\x2ejson CVS go\x2emod package\x2ejson
|
set -U tide_pwd_markers \x2ebzr \x2ecitc \x2egit \x2ehg \x2enode\x2dversion \x2epython\x2dversion \x2eruby\x2dversion \x2eshorten_folder_marker \x2esvn \x2eterraform Cargo\x2etoml composer\x2ejson CVS go\x2emod package\x2ejson
|
||||||
set -U tide_right_prompt_frame_enabled false
|
set -U tide_right_prompt_frame_enabled false
|
||||||
set -U tide_right_prompt_items status cmd_duration context jobs node rustc java php go kubectl toolbox terraform aws nix_shell crystal
|
set -U tide_right_prompt_items status cmd_duration context jobs node virtual_env rustc java php chruby go kubectl toolbox terraform aws nix_shell crystal
|
||||||
set -U tide_right_prompt_prefix \ue0b2
|
set -U tide_right_prompt_prefix \ue0b2
|
||||||
set -U tide_right_prompt_separator_diff_color \ue0b2
|
set -U tide_right_prompt_separator_diff_color \ue0b2
|
||||||
set -U tide_right_prompt_separator_same_color \ue0b3
|
set -U tide_right_prompt_separator_same_color \ue0b3
|
||||||
|
@ -234,6 +237,9 @@
|
||||||
set -U tide_vi_mode_icon_insert \u276f
|
set -U tide_vi_mode_icon_insert \u276f
|
||||||
set -U tide_vi_mode_icon_replace R
|
set -U tide_vi_mode_icon_replace R
|
||||||
set -U tide_vi_mode_icon_visual V
|
set -U tide_vi_mode_icon_visual V
|
||||||
|
set -U tide_virtual_env_bg_color brblack
|
||||||
|
set -U tide_virtual_env_color cyan
|
||||||
|
set -U tide_virtual_env_icon \ue73c
|
||||||
'';
|
'';
|
||||||
plugins = with pkgs.fishPlugins; [
|
plugins = with pkgs.fishPlugins; [
|
||||||
{ name = "tide"; src = tide.src; }
|
{ name = "tide"; src = tide.src; }
|
|
@ -1,10 +1,4 @@
|
||||||
{ config
|
{ config, pkgs, lib, ... }:
|
||||||
, pkgs
|
|
||||||
, lib
|
|
||||||
, inputs
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./options.nix
|
./options.nix
|
||||||
|
@ -26,9 +20,9 @@
|
||||||
ll = "lsd -l";
|
ll = "lsd -l";
|
||||||
g = "git";
|
g = "git";
|
||||||
gp = "git push";
|
gp = "git push";
|
||||||
|
gpuo = "git push -u origin";
|
||||||
gr = "git rebase";
|
gr = "git rebase";
|
||||||
gri = "git rebase -i";
|
gri = "git rebase -i";
|
||||||
grc = "git rebase --continue";
|
|
||||||
gc = "git commit";
|
gc = "git commit";
|
||||||
gca = "git commit --amend";
|
gca = "git commit --amend";
|
||||||
gm = "git merge";
|
gm = "git merge";
|
||||||
|
@ -44,21 +38,22 @@
|
||||||
};
|
};
|
||||||
nnn = let pluginSrc = "${pkgs.nnn.src}/plugins"; in {
|
nnn = let pluginSrc = "${pkgs.nnn.src}/plugins"; in {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = (pkgs.nnn.override { withNerdIcons = true; }).overrideAttrs (oldAttrs: {
|
package = (pkgs.nnn.override ({ withNerdIcons = true; })).overrideAttrs (oldAttrs: {
|
||||||
# no need to add makeWrapper to nativeBuildInputs as home-manager does it already
|
# no need to add makeWrapper to nativeBuildInputs as home-manager does it already
|
||||||
postInstall =
|
postInstall =
|
||||||
let nnnArchiveRegex = "\\.(${lib.strings.concatStringsSep "|" [
|
let nnnArchiveRegex = "\\.(${lib.strings.concatStringsSep "|" [
|
||||||
"7z" "a" "ace" "alz" "arc" "arj" "bz" "bz2" "cab" "cpio" "deb" "gz" "jar" "lha" "lz" "lzh" "lzma" "lzo" "rar" "rpm" "rz" "t7z" "tar" "tbz" "tbz2" "tgz" "tlz" "txz" "tZ" "tzo" "war" "xpi" "xz" "Z" "zip"
|
"7z" "a" "ace" "alz" "arc" "arj" "bz" "bz2" "cab" "cpio" "deb" "gz" "jar" "lha" "lz" "lzh" "lzma" "lzo" "rar" "rpm" "rz" "t7z" "tar" "tbz" "tbz2" "tgz" "tlz" "txz" "tZ" "tzo" "war" "xpi" "xz" "Z" "zip"
|
||||||
]})$"; in ''
|
]})$"; in with lib; with strings; ''
|
||||||
wrapProgram $out/bin/nnn ${lib.escapeShellArgs [
|
wrapProgram $out/bin/nnn \
|
||||||
"--set" "GUI" "1"
|
--set GUI 1 \
|
||||||
"--set" "NNN_OPENER" "${pluginSrc}/nuke"
|
--set NNN_OPENER ${escapeShellArg "${pluginSrc}/nuke"} \
|
||||||
"--set" "NNN_ARCHIVE" nnnArchiveRegex
|
--set NNN_ARCHIVE ${escapeShellArg nnnArchiveRegex} \
|
||||||
|
--add-flags ${
|
||||||
# -a: auto create fifo file
|
# -a: auto create fifo file
|
||||||
# -c: use NNN_OPENER
|
# -c: use NNN_OPENER
|
||||||
# -x: x server features
|
# -x: x server features
|
||||||
"--add-flags" "-a -c -x"
|
escapeShellArg "-a -c -x"
|
||||||
]}
|
}
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
extraPackages = with pkgs; [
|
extraPackages = with pkgs; [
|
||||||
|
@ -152,7 +147,6 @@
|
||||||
readline = {
|
readline = {
|
||||||
enable = true;
|
enable = true;
|
||||||
variables.editing-mode = "vi";
|
variables.editing-mode = "vi";
|
||||||
variables.show-mode-in-prompt = true;
|
|
||||||
};
|
};
|
||||||
nix-index = {
|
nix-index = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -189,7 +183,27 @@
|
||||||
text/html; ${pkgs.w3m}/bin/w3m -dump -o document_charset=%{charset} -o display_link_number=1 '%s'; nametemplate=%s.html; copiousoutput
|
text/html; ${pkgs.w3m}/bin/w3m -dump -o document_charset=%{charset} -o display_link_number=1 '%s'; nametemplate=%s.html; copiousoutput
|
||||||
'';
|
'';
|
||||||
|
|
||||||
home.file.".cache/nix-index/files".source = assert config.xdg.cacheHome == "${config.home.homeDirectory}/.cache"; inputs.nix-index-database.legacyPackages.${pkgs.system}.database;
|
systemd.user.timers.nix-index = {
|
||||||
|
Install.WantedBy = [ "timers.target" ];
|
||||||
|
Unit = {
|
||||||
|
Description = "Update nix-index";
|
||||||
|
PartOf = [ "nix-index.service" ];
|
||||||
|
};
|
||||||
|
Timer = {
|
||||||
|
OnCalendar = "Mon *-*-* 00:00:00";
|
||||||
|
RandomizedDelaySec = 600;
|
||||||
|
Persistent = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
systemd.user.services.nix-index = {
|
||||||
|
Unit.Description = "Update nix-index";
|
||||||
|
Service = {
|
||||||
|
Type = "oneshot";
|
||||||
|
ExecStart = "${config.programs.nix-index.package}/bin/nix-index";
|
||||||
|
Environment = [ "PATH=/home/${config.home.username}/.nix-profile/bin:/etc/profiles/per-user/${config.home.username}/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin" ];
|
||||||
|
TimeoutStartSec = 1800;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
systemd.user.tmpfiles.rules = builtins.map (file: "r! \"/home/${config.home.username}/${file}\"") [
|
systemd.user.tmpfiles.rules = builtins.map (file: "r! \"/home/${config.home.username}/${file}\"") [
|
||||||
".local/share/clipman.json"
|
".local/share/clipman.json"
|
|
@ -1,13 +1,6 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
imports = [ ./terminal.nix ];
|
imports = [ ./terminal.nix ];
|
||||||
systemd.user.services.fcitx5-daemon = {
|
|
||||||
Unit.After = "graphical-session-pre.target";
|
|
||||||
Service = {
|
|
||||||
Restart = "on-failure";
|
|
||||||
RestartSec = 3;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
i18n.inputMethod = let fcitx5-qt = pkgs.libsForQt5.fcitx5-qt; in {
|
i18n.inputMethod = let fcitx5-qt = pkgs.libsForQt5.fcitx5-qt; in {
|
||||||
enabled = "fcitx5";
|
enabled = "fcitx5";
|
||||||
fcitx5.addons = with pkgs; [ fcitx5-lua fcitx5-gtk fcitx5-mozc fcitx5-configtool fcitx5-qt ];
|
fcitx5.addons = with pkgs; [ fcitx5-lua fcitx5-gtk fcitx5-mozc fcitx5-configtool fcitx5-qt ];
|
||||||
|
@ -31,7 +24,7 @@
|
||||||
# this is for steam games, I set the launch options to:
|
# this is for steam games, I set the launch options to:
|
||||||
# `SDL_DYNAMIC_API=$SDL2_DYNAMIC_API %command%`
|
# `SDL_DYNAMIC_API=$SDL2_DYNAMIC_API %command%`
|
||||||
# Steam itself doesn't work with SDL2_DYNAMIC_API set, so it's
|
# Steam itself doesn't work with SDL2_DYNAMIC_API set, so it's
|
||||||
# a bad idea to set SDL_DYNAMIC_API globally
|
# a bad idea to set SDL2_DYNAMIC_API globally
|
||||||
SDL2_DYNAMIC_API = "${pkgs.SDL2}/lib/libSDL2.so";
|
SDL2_DYNAMIC_API = "${pkgs.SDL2}/lib/libSDL2.so";
|
||||||
};
|
};
|
||||||
programs.nnn.extraPackages = with pkgs; [
|
programs.nnn.extraPackages = with pkgs; [
|
||||||
|
@ -187,7 +180,7 @@
|
||||||
# profiles = { };
|
# profiles = { };
|
||||||
package = pkgs.wrapMpv ((pkgs.mpv-unwrapped.override {
|
package = pkgs.wrapMpv ((pkgs.mpv-unwrapped.override {
|
||||||
# webp support
|
# webp support
|
||||||
ffmpeg = pkgs.ffmpeg-full;
|
ffmpeg = pkgs.ffmpeg-custom;
|
||||||
}).overrideAttrs (old: {
|
}).overrideAttrs (old: {
|
||||||
patches = old.patches or [] ++ [
|
patches = old.patches or [] ++ [
|
||||||
(pkgs.fetchpatch {
|
(pkgs.fetchpatch {
|
||||||
|
@ -223,6 +216,15 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
systemd.user.services = {
|
||||||
|
fcitx5-daemon = {
|
||||||
|
Unit.After = "graphical-session-pre.target";
|
||||||
|
Service = {
|
||||||
|
Restart = "on-failure";
|
||||||
|
RestartSec = 3;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
# i run this manually instead
|
# i run this manually instead
|
||||||
#services.nextcloud-client = {
|
#services.nextcloud-client = {
|
||||||
# enable = true;
|
# enable = true;
|
||||||
|
@ -234,23 +236,6 @@
|
||||||
# settings = {
|
# settings = {
|
||||||
# };
|
# };
|
||||||
#};
|
#};
|
||||||
termShell = {
|
|
||||||
enable = true;
|
|
||||||
path = "${pkgs.fish}/bin/fish";
|
|
||||||
};
|
|
||||||
services.mpd = {
|
|
||||||
enable = true;
|
|
||||||
network.startWhenNeeded = true;
|
|
||||||
};
|
|
||||||
services.mpdris2 = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
systemd.user.services.kdeconnect = lib.mkIf config.services.kdeconnect.enable {
|
|
||||||
Service = {
|
|
||||||
Restart = lib.mkForce "always";
|
|
||||||
RestartSec = "30";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# some packages require a pointer theme
|
# some packages require a pointer theme
|
||||||
home.pointerCursor.gtk.enable = true;
|
home.pointerCursor.gtk.enable = true;
|
||||||
|
@ -264,7 +249,7 @@
|
||||||
qt5ct qgnomeplatform
|
qt5ct qgnomeplatform
|
||||||
# various programs i use
|
# various programs i use
|
||||||
keepassxc nheko qbittorrent mumble
|
keepassxc nheko qbittorrent mumble
|
||||||
nextcloud-client kdeconnect
|
nextcloud-client gnome.zenity kdeconnect
|
||||||
# cli tools
|
# cli tools
|
||||||
imagemagick ffmpeg-full xdg-utils
|
imagemagick ffmpeg-full xdg-utils
|
||||||
# fonts
|
# fonts
|
||||||
|
@ -278,5 +263,7 @@
|
||||||
nix-init
|
nix-init
|
||||||
nvfetcher
|
nvfetcher
|
||||||
config.nur.repos.rycee.mozilla-addons-to-nix
|
config.nur.repos.rycee.mozilla-addons-to-nix
|
||||||
|
|
||||||
|
anki-bin
|
||||||
];
|
];
|
||||||
}
|
}
|
|
@ -1,64 +1,41 @@
|
||||||
{ options, config, pkgs, lib, ... }:
|
{ options, config, pkgs, lib, ... }:
|
||||||
let
|
let
|
||||||
modifier = if config.phone.enable then "Mod1" else "Mod4";
|
modifier = "Mod4";
|
||||||
rofiSway = config.programs.rofi.finalPackage;
|
rofiSway = config.programs.rofi.finalPackage;
|
||||||
rofiI3 = pkgs.rofi.override { plugins = config.programs.rofi.plugins; };
|
rofiI3 = pkgs.rofi.override { plugins = config.programs.rofi.plugins; };
|
||||||
audioNext = pkgs.writeShellScript "playerctl-next" ''
|
audioNext = with pkgs; writeShellScript "playerctl-next" ''
|
||||||
${pkgs.playerctl}/bin/playerctl next
|
${playerctl}/bin/playerctl next
|
||||||
PLAYER=$(${pkgs.playerctl}/bin/playerctl -l | ${pkgs.coreutils}/bin/head -n 1)
|
PLAYER=$(${playerctl}/bin/playerctl -l | head -n 1)
|
||||||
# mpdris2 bug: audio wont play after a seek/skip, you have to pause-unpause
|
# mpdris2 bug: audio wont play after a seek/skip, you have to pause-unpause
|
||||||
if [[ "$PLAYER" == "mpd" ]]; then
|
if [[ "$PLAYER" == "mpd" ]]; then
|
||||||
${pkgs.playerctl}/bin/playerctl pause
|
${playerctl}/bin/playerctl pause
|
||||||
${pkgs.playerctl}/bin/playerctl position 0
|
${playerctl}/bin/playerctl position 0
|
||||||
${pkgs.playerctl}/bin/playerctl play
|
${playerctl}/bin/playerctl play
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
audioPrev = pkgs.writeShellScript "playerctl-prev" ''
|
audioPrev = with pkgs; writeShellScript "playerctl-prev" ''
|
||||||
# just seek if over 5 seconds into the track
|
# just seek if over 5 seconds into the track
|
||||||
POS=$(${pkgs.playerctl}/bin/playerctl position)
|
POS=$(${playerctl}/bin/playerctl position)
|
||||||
PLAYER=$(${pkgs.playerctl}/bin/playerctl -l | ${pkgs.coreutils}/bin/head -n 1)
|
PLAYER=$(${playerctl}/bin/playerctl -l | head -n 1)
|
||||||
if [ -n "$POS" ]; then
|
if [ -n "$POS" ]; then
|
||||||
if (( $(echo "$POS > 5.01" | ${pkgs.bc}/bin/bc -l) )); then
|
if (( $(echo "$POS > 5.01" | ${bc}/bin/bc -l) )); then
|
||||||
SEEK=1
|
SEEK=1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
if [ -z "$SEEK" ]; then
|
if [ -z "$SEEK" ]; then
|
||||||
${pkgs.playerctl}/bin/playerctl previous
|
${playerctl}/bin/playerctl previous
|
||||||
else
|
else
|
||||||
${pkgs.playerctl}/bin/playerctl position 0
|
${playerctl}/bin/playerctl position 0
|
||||||
fi
|
fi
|
||||||
# mpdris2 bug: audio wont play after a seek/skip, you have to pause-unpause
|
# mpdris2 bug: audio wont play after a seek/skip, you have to pause-unpause
|
||||||
if [[ "$PLAYER" == "mpd" ]]; then
|
if [[ "$PLAYER" == "mpd" ]]; then
|
||||||
${pkgs.playerctl}/bin/playerctl pause
|
${playerctl}/bin/playerctl pause
|
||||||
${pkgs.playerctl}/bin/playerctl position 0
|
${playerctl}/bin/playerctl position 0
|
||||||
${pkgs.playerctl}/bin/playerctl play
|
${playerctl}/bin/playerctl play
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
swaylock =
|
|
||||||
if config.phone.enable
|
|
||||||
then "${pkgs.schlock}/bin/schlock -fp /secrets/schlock.pin"
|
|
||||||
else "${pkgs.swaylock}/bin/swaylock -f";
|
|
||||||
swaylock-start = pkgs.writeShellScript "swaylock-start" ''
|
|
||||||
${pkgs.procps}/bin/pgrep -fx "${swaylock}" || ${swaylock}
|
|
||||||
'';
|
|
||||||
dpms-off = pkgs.writeShellScript "sway-dpms-off" ''
|
|
||||||
${config.wayland.windowManager.sway.package}/bin/swaymsg output "*" power off
|
|
||||||
${config.wayland.windowManager.sway.package}/bin/swaymsg input type:touch events disabled
|
|
||||||
'';
|
|
||||||
dpms-on = pkgs.writeShellScript "sway-dpms-on" ''
|
|
||||||
${config.wayland.windowManager.sway.package}/bin/swaymsg output "*" power on
|
|
||||||
${config.wayland.windowManager.sway.package}/bin/swaymsg input type:touch events enabled
|
|
||||||
'';
|
|
||||||
lock-script = pkgs.writeShellScript "lock-start" ''
|
|
||||||
${swaylock-start}
|
|
||||||
${lib.optionalString config.phone.enable
|
|
||||||
# suspend if nothing is playing
|
|
||||||
''
|
|
||||||
${pkgs.playerctl}/bin/playerctl -a status | ${pkgs.gnugrep}/bin/grep Playing >/dev/null || /run/current-system/sw/bin/systemctl suspend
|
|
||||||
''}
|
|
||||||
'';
|
|
||||||
barConfig = {
|
barConfig = {
|
||||||
mode = "overlay";
|
mode = "dock";
|
||||||
hiddenState = "hide";
|
hiddenState = "hide";
|
||||||
position = "bottom";
|
position = "bottom";
|
||||||
workspaceButtons = true;
|
workspaceButtons = true;
|
||||||
|
@ -102,29 +79,13 @@ barConfig = {
|
||||||
commonConfig = {
|
commonConfig = {
|
||||||
inherit modifier;
|
inherit modifier;
|
||||||
startup = [
|
startup = [
|
||||||
{ command = toString (pkgs.writeShellScript "init-wm" ''
|
{ command = builtins.toString (with pkgs; writeShellScript "init-wm" ''
|
||||||
${lib.optionalString config.phone.enable ''
|
${home-daemon}/bin/home-daemon system76-scheduler&
|
||||||
${pkgs.procps}/bin/pkill -x wvkbd-mobintl
|
${gnome.zenity}/bin/zenity --password | (${keepassxc}/bin/keepassxc --pw-stdin ~/Nextcloud/keepass.kdbx&)
|
||||||
${pkgs.wvkbd}/bin/wvkbd-mobintl --hidden -l full,special,cyrillic,emoji&
|
|
||||||
${pkgs.procps}/bin/pkill -x squeekboard
|
|
||||||
${pkgs.squeekboard}/bin/squeekboard&
|
|
||||||
/run/current-system/sw/bin/busctl call --user sm.puri.OSK0 /sm/puri/OSK0 sm.puri.OSK0 SetVisible b true
|
|
||||||
''}
|
|
||||||
${pkgs.procps}/bin/pkill -x home-daemon
|
|
||||||
${pkgs.home-daemon}/bin/home-daemon system76-scheduler&
|
|
||||||
${pkgs.procps}/bin/pkill -x keepassxc
|
|
||||||
${pkgs.gnome.zenity}/bin/zenity --password | (${pkgs.keepassxc}/bin/keepassxc --pw-stdin ~/var/local.kdbx &)
|
|
||||||
# sleep to give keepassxc time to take the input
|
|
||||||
sleep 1
|
|
||||||
# nextcloud and nheko need secret service access
|
# nextcloud and nheko need secret service access
|
||||||
${pkgs.procps}/bin/pkill -x nextcloud
|
${nextcloud-client}/bin/nextcloud --background&
|
||||||
${pkgs.nextcloud-client}/bin/nextcloud --background&
|
${nheko}/bin/nheko&
|
||||||
${pkgs.procps}/bin/pkill -x nheko
|
${tdesktop}/bin/telegram-desktop -startintray&
|
||||||
${pkgs.nheko}/bin/nheko&
|
|
||||||
${pkgs.procps}/bin/pkill -x telegram-desktop
|
|
||||||
${pkgs.tdesktop}/bin/telegram-desktop -startintray&
|
|
||||||
# and final sleep just in case
|
|
||||||
sleep 1
|
|
||||||
''); }
|
''); }
|
||||||
];
|
];
|
||||||
colors = {
|
colors = {
|
||||||
|
@ -188,13 +149,13 @@ genKeybindings = (default_options: kb:
|
||||||
XF86MonBrightnessDown = "exec ${pkgs.brightnessctl}/bin/brightnessctl set 5%-";
|
XF86MonBrightnessDown = "exec ${pkgs.brightnessctl}/bin/brightnessctl set 5%-";
|
||||||
XF86MonBrightnessUp = "exec ${pkgs.brightnessctl}/bin/brightnessctl set 5%+";
|
XF86MonBrightnessUp = "exec ${pkgs.brightnessctl}/bin/brightnessctl set 5%+";
|
||||||
}
|
}
|
||||||
// (lib.filterAttrs
|
// (lib.attrsets.filterAttrs
|
||||||
(k: v:
|
(k: v:
|
||||||
!(builtins.elem
|
!(builtins.elem
|
||||||
k
|
k
|
||||||
[ "${modifier}+space" "${modifier}+Shift+space" ]))
|
["${modifier}+space" "${modifier}+Shift+space"]))
|
||||||
(builtins.head
|
(lib.lists.head
|
||||||
(builtins.head
|
(lib.lists.head
|
||||||
default_options.config.type.getSubModules)
|
default_options.config.type.getSubModules)
|
||||||
.imports)
|
.imports)
|
||||||
.options.keybindings.default)
|
.options.keybindings.default)
|
||||||
|
@ -271,7 +232,7 @@ in
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
title_align center
|
title_align center
|
||||||
'';
|
'';
|
||||||
config = commonConfig // {
|
config = let swayConfig = {
|
||||||
bars = [
|
bars = [
|
||||||
{
|
{
|
||||||
command = "${config.programs.waybar.package}/bin/waybar";
|
command = "${config.programs.waybar.package}/bin/waybar";
|
||||||
|
@ -281,17 +242,8 @@ in
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
terminal = config.terminalBin;
|
terminal = config.terminalBin;
|
||||||
window = commonConfig.window // { commands = lib.optionals config.phone.enable [
|
window = commonConfig.window // { commands = [
|
||||||
{ command = "floating off; fullscreen off";
|
{ command = "floating enable; move workspace current";
|
||||||
criteria = {
|
|
||||||
floating = true;
|
|
||||||
}; }
|
|
||||||
{ command = "fullscreen off";
|
|
||||||
criteria = {
|
|
||||||
tiling = true;
|
|
||||||
}; }
|
|
||||||
] ++ [
|
|
||||||
{ command = "floating on; move workspace current";
|
|
||||||
criteria = {
|
criteria = {
|
||||||
app_id = "^org.keepassxc.KeePassXC$";
|
app_id = "^org.keepassxc.KeePassXC$";
|
||||||
title = "^KeePassXC - (?:Browser |ブラウザーの)?(?:Access Request|アクセス要求)$";
|
title = "^KeePassXC - (?:Browser |ブラウザーの)?(?:Access Request|アクセス要求)$";
|
||||||
|
@ -356,22 +308,15 @@ in
|
||||||
"--inhibited --no-repeat --allow-other --release Scroll_Lock" = "exec ${pkgs.mumble}/bin/mumble rpc stoptalking";
|
"--inhibited --no-repeat --allow-other --release Scroll_Lock" = "exec ${pkgs.mumble}/bin/mumble rpc stoptalking";
|
||||||
"${modifier}+c" = "exec ${rofiSway}/bin/rofi -show calc -no-show-match -no-sort -no-persist-history";
|
"${modifier}+c" = "exec ${rofiSway}/bin/rofi -show calc -no-show-match -no-sort -no-persist-history";
|
||||||
"${modifier}+Print" = "exec ${grimshot}/bin/grimshot copy area";
|
"${modifier}+Print" = "exec ${grimshot}/bin/grimshot copy area";
|
||||||
"${modifier}+${if modifier == "Mod1" then "Mod4" else "Mod1"}+Print" = "exec ${grimshot}/bin/grimshot copy window";
|
"${modifier}+Mod1+Print" = "exec ${grimshot}/bin/grimshot copy window";
|
||||||
"--locked XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer --increase 5";
|
"--locked XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer --increase 5";
|
||||||
"--locked XF86AudioLowerVolume" = "exec ${pkgs.pamixer}/bin/pamixer --decrease 5";
|
"--locked XF86AudioLowerVolume" = "exec ${pkgs.pamixer}/bin/pamixer --decrease 5";
|
||||||
"--locked XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer --toggle-mute";
|
"--locked XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer --toggle-mute";
|
||||||
"--locked --inhibited XF86AudioPlay" = "exec ${pkgs.playerctl}/bin/playerctl play-pause";
|
"--locked --inhibited XF86AudioPlay" = "exec ${pkgs.playerctl}/bin/playerctl play-pause";
|
||||||
"--locked --inhibited XF86AudioNext" = "exec ${audioNext}";
|
"--locked --inhibited XF86AudioNext" = "exec ${audioNext}";
|
||||||
"--locked --inhibited XF86AudioPrev" = "exec ${audioPrev}";
|
"--locked --inhibited XF86AudioPrev" = "exec ${audioPrev}";
|
||||||
"--locked --inhibited --release XF86PowerOff" = lib.mkIf config.phone.enable "exec ${pkgs.writeShellScript "power-key" ''
|
|
||||||
if ${config.wayland.windowManager.sway.package}/bin/swaymsg -rt get_outputs | ${pkgs.jq}/bin/jq ".[].power" | ${pkgs.gnugrep}/bin/grep true; then
|
|
||||||
${dpms-off}
|
|
||||||
else
|
|
||||||
${dpms-on}
|
|
||||||
fi
|
|
||||||
''}";
|
|
||||||
});
|
});
|
||||||
startup = [
|
startup = commonConfig.startup ++ [
|
||||||
{
|
{
|
||||||
always = true;
|
always = true;
|
||||||
command = "systemctl --user import-environment DISPLAY WAYLAND_DISPLAY SWAYSOCK XDG_CURRENT_DESKTOP";
|
command = "systemctl --user import-environment DISPLAY WAYLAND_DISPLAY SWAYSOCK XDG_CURRENT_DESKTOP";
|
||||||
|
@ -379,7 +324,7 @@ in
|
||||||
{
|
{
|
||||||
command = "${pkgs.wl-clipboard}/bin/wl-paste -t text --watch ${pkgs.clipman}/bin/clipman store --no-persist";
|
command = "${pkgs.wl-clipboard}/bin/wl-paste -t text --watch ${pkgs.clipman}/bin/clipman store --no-persist";
|
||||||
}
|
}
|
||||||
] ++ commonConfig.startup;
|
];
|
||||||
output = {
|
output = {
|
||||||
"*" = {
|
"*" = {
|
||||||
bg = "~/var/wallpaper.jpg fill";
|
bg = "~/var/wallpaper.jpg fill";
|
||||||
|
@ -395,12 +340,11 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
menu = "${rofiSway}/bin/rofi -show drun";
|
menu = "${rofiSway}/bin/rofi -show drun";
|
||||||
workspaceLayout = "tabbed";
|
}; in commonConfig // swayConfig;
|
||||||
};
|
|
||||||
# export WLR_RENDERER=vulkan
|
# export WLR_RENDERER=vulkan
|
||||||
extraSessionCommands = lib.optionalString config.wayland.windowManager.sway.vulkan ''
|
extraSessionCommands = (lib.optionalString config.wayland.windowManager.sway.vulkan ''
|
||||||
export WLR_RENDERER=vulkan
|
export WLR_RENDERER=vulkan
|
||||||
'' + ''
|
'') + ''
|
||||||
export SDL_VIDEODRIVER=wayland,x11,kmsdrm,windows,directx
|
export SDL_VIDEODRIVER=wayland,x11,kmsdrm,windows,directx
|
||||||
# SDL3
|
# SDL3
|
||||||
export SDL_VIDEO_DRIVER=wayland,x11,kmsdrm,windows
|
export SDL_VIDEO_DRIVER=wayland,x11,kmsdrm,windows
|
||||||
|
@ -414,18 +358,21 @@ in
|
||||||
export XDG_SESSION_DESKTOP=sway
|
export XDG_SESSION_DESKTOP=sway
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
services.swayidle = {
|
services.swayidle = let swaylock-start = builtins.toString (with pkgs; writeScript "swaylock-start" ''
|
||||||
enable = config.wayland.windowManager.sway.enable && !config.phone.enable;
|
#! ${bash}/bin/bash
|
||||||
|
${procps}/bin/pgrep -fx "${swaylock}/bin/swaylock -f" || ${swaylock}/bin/swaylock -f
|
||||||
|
''); in {
|
||||||
|
enable = config.wayland.windowManager.sway.enable;
|
||||||
events = [
|
events = [
|
||||||
{ event = "before-sleep"; command = toString swaylock-start; }
|
{ event = "before-sleep"; command = swaylock-start; }
|
||||||
# after-resume, lock, unlock
|
# after-resume, lock, unlock
|
||||||
];
|
];
|
||||||
timeouts = [
|
timeouts = [
|
||||||
{ timeout = if config.phone.enable then 30 else 300;
|
{ timeout = 300;
|
||||||
command = toString dpms-off;
|
command = "${config.wayland.windowManager.sway.package}/bin/swaymsg \"output * power off\"";
|
||||||
resumeCommand = toString dpms-on; }
|
resumeCommand = "${config.wayland.windowManager.sway.package}/bin/swaymsg \"output * power on\""; }
|
||||||
{ timeout = if config.phone.enable then 60 else 600;
|
{ timeout = 600;
|
||||||
command = toString lock-script; }
|
command = swaylock-start; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
programs.swaylock.settings = rec {
|
programs.swaylock.settings = rec {
|
||||||
|
@ -468,12 +415,12 @@ in
|
||||||
text-wrong-color = text-color;
|
text-wrong-color = text-color;
|
||||||
ring-wrong-color = "#e64e4e"; # deep-ish red
|
ring-wrong-color = "#e64e4e"; # deep-ish red
|
||||||
};
|
};
|
||||||
home.packages = lib.mkIf config.wayland.windowManager.sway.enable (with pkgs; [
|
home.packages = with pkgs; if config.wayland.windowManager.sway.enable then [
|
||||||
wl-clipboard
|
wl-clipboard
|
||||||
xdg-desktop-portal
|
xdg-desktop-portal
|
||||||
xdg-desktop-portal-wlr
|
xdg-desktop-portal-wlr
|
||||||
xdg-desktop-portal-gtk
|
xdg-desktop-portal-gtk
|
||||||
]);
|
] else [];
|
||||||
programs.rofi = {
|
programs.rofi = {
|
||||||
enable = true;
|
enable = true;
|
||||||
font = "Noto Sans Mono 16";
|
font = "Noto Sans Mono 16";
|
||||||
|
@ -520,13 +467,7 @@ in
|
||||||
};
|
};
|
||||||
terminal = config.terminalBin;
|
terminal = config.terminalBin;
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
modi = lib.optionals (!config.phone.enable) [
|
modi = [ "steam:${pkgs.rofi-steam-game-list}/bin/rofi-steam-game-list" "drun" "run" "ssh" ];
|
||||||
"steam:${pkgs.rofi-steam-game-list}/bin/rofi-steam-game-list"
|
|
||||||
] ++ [
|
|
||||||
"drun"
|
|
||||||
"run"
|
|
||||||
"ssh"
|
|
||||||
];
|
|
||||||
icon-theme = "hicolor";
|
icon-theme = "hicolor";
|
||||||
drun-match-fields = [ "name" "generic" "exec" "keywords" ];
|
drun-match-fields = [ "name" "generic" "exec" "keywords" ];
|
||||||
show-icons = true;
|
show-icons = true;
|
|
@ -1,12 +1,5 @@
|
||||||
{ lib, config, ... }:
|
{ lib, config, ... }:
|
||||||
with lib; {
|
with lib; {
|
||||||
options.phone = {
|
|
||||||
enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = false;
|
|
||||||
description = "whether this is a phone";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
options.rustAnalyzerAndroidSettings = mkOption {
|
options.rustAnalyzerAndroidSettings = mkOption {
|
||||||
type = with types; attrs;
|
type = with types; attrs;
|
||||||
description = "Additional cargo arguments for rust-analyzer's RustAndroid command";
|
description = "Additional cargo arguments for rust-analyzer's RustAndroid command";
|
||||||
|
@ -35,46 +28,50 @@ with lib; {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
description = "Path to terminal binary for X server (output)";
|
description = "Path to terminal binary for X server (output)";
|
||||||
};
|
};
|
||||||
options.colors = {
|
options.colors = mkOption {
|
||||||
base = mkOption {
|
type = types.submodule {
|
||||||
type = with types; listOf str;
|
options = {
|
||||||
description = "16 theme colors";
|
base = mkOption {
|
||||||
|
type = with types; listOf str;
|
||||||
|
description = "16 theme colors";
|
||||||
|
};
|
||||||
|
foreground = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
};
|
||||||
|
background = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
};
|
||||||
|
# 0-1
|
||||||
|
alpha = mkOption {
|
||||||
|
type = types.float;
|
||||||
|
description = "opacity (0.0-1.0)";
|
||||||
|
};
|
||||||
|
hexAlpha = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
description = "hex opacity (read-only)";
|
||||||
|
};
|
||||||
|
percentAlpha = mkOption {
|
||||||
|
type = types.int;
|
||||||
|
description = "opacity percentage (read-only)";
|
||||||
|
};
|
||||||
|
black = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
red = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
green = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
yellow = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
blue = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
magenta = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
cyan = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
white = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
brBlack = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
brRed = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
brGreen = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
brYellow = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
brBlue = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
brMagenta = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
brCyan = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
brWhite = mkOption { type = types.str; description = "read-only"; };
|
||||||
|
};
|
||||||
};
|
};
|
||||||
foreground = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
background = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
# 0-1
|
|
||||||
alpha = mkOption {
|
|
||||||
type = types.float;
|
|
||||||
description = "opacity (0.0-1.0)";
|
|
||||||
};
|
|
||||||
hexAlpha = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
description = "hex opacity (read-only)";
|
|
||||||
};
|
|
||||||
percentAlpha = mkOption {
|
|
||||||
type = types.int;
|
|
||||||
description = "opacity percentage (read-only)";
|
|
||||||
};
|
|
||||||
black = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
red = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
green = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
yellow = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
blue = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
magenta = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
cyan = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
white = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
brBlack = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
brRed = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
brGreen = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
brYellow = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
brBlue = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
brMagenta = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
brCyan = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
brWhite = mkOption { type = types.str; description = "read-only"; };
|
|
||||||
};
|
};
|
||||||
config.colors.hexAlpha =
|
config.colors.hexAlpha =
|
||||||
let hex = lib.trivial.toHexString (lib.trivial.min 255 (builtins.floor (config.colors.alpha * 256.0)));
|
let hex = lib.trivial.toHexString (lib.trivial.min 255 (builtins.floor (config.colors.alpha * 256.0)));
|
||||||
|
@ -96,14 +93,19 @@ with lib; {
|
||||||
config.colors.brMagenta = builtins.elemAt config.colors.base 13;
|
config.colors.brMagenta = builtins.elemAt config.colors.base 13;
|
||||||
config.colors.brCyan = builtins.elemAt config.colors.base 14;
|
config.colors.brCyan = builtins.elemAt config.colors.base 14;
|
||||||
config.colors.brWhite = builtins.elemAt config.colors.base 15;
|
config.colors.brWhite = builtins.elemAt config.colors.base 15;
|
||||||
options.termShell = {
|
options.termShell = mkOption {
|
||||||
enable = mkOption {
|
type = types.submodule {
|
||||||
description = "Use a separate shell for gui terminal";
|
options = {
|
||||||
type = types.bool;
|
enable = mkOption {
|
||||||
default = false;
|
type = types.bool;
|
||||||
};
|
default = false;
|
||||||
path = mkOption {
|
};
|
||||||
type = types.str;
|
path = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
default = {enable=false;};
|
||||||
|
description = "Use a separate shell for gui terminal";
|
||||||
};
|
};
|
||||||
}
|
}
|
|
@ -1,14 +1,14 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
let
|
let
|
||||||
supportTerminal = term: builtins.elem term config.terminals;
|
supportTerminal = (term: builtins.elem term config.terminals);
|
||||||
getTerminalBin = term: {
|
getTerminalBin = (term: ({
|
||||||
alacritty = "${pkgs.alacritty}/bin/alacritty";
|
alacritty = "${pkgs.alacritty}/bin/alacritty";
|
||||||
foot = "${pkgs.foot}/bin/footclient";
|
foot = "${pkgs.foot}/bin/footclient";
|
||||||
kitty = "${pkgs.kitty}/bin/kitty";
|
kitty = "${pkgs.kitty}/bin/kitty";
|
||||||
urxvt = "${pkgs.rxvt-unicode-emoji}/bin/urxvt";
|
urxvt = "${pkgs.rxvt-unicode-emoji}/bin/urxvt";
|
||||||
}.${term};
|
}).${term});
|
||||||
color = builtins.elemAt config.colors.base;
|
color = builtins.elemAt config.colors.base;
|
||||||
hex = x: if builtins.isFunction x then (y: "#" + (x y)) else ("#" + x);
|
hex = (x: if builtins.isFunction x then (y: "#" + (x y)) else ("#" + x));
|
||||||
shell = lib.mkIf config.termShell.enable (lib.mkDefault config.termShell.path);
|
shell = lib.mkIf config.termShell.enable (lib.mkDefault config.termShell.path);
|
||||||
in {
|
in {
|
||||||
imports = [ ./options.nix ];
|
imports = [ ./options.nix ];
|
||||||
|
@ -94,7 +94,7 @@ in {
|
||||||
xresources.properties = lib.mkIf config.programs.urxvt.enable {
|
xresources.properties = lib.mkIf config.programs.urxvt.enable {
|
||||||
# special colors
|
# special colors
|
||||||
"*.foreground" = hex config.colors.foreground;
|
"*.foreground" = hex config.colors.foreground;
|
||||||
"*.background" = "[${toString config.colors.percentAlpha}]#${config.colors.background}";
|
"*.background" = "[${builtins.toString config.colors.percentAlpha}]#${config.colors.background}";
|
||||||
"*.cursorColor" = hex config.colors.foreground;
|
"*.cursorColor" = hex config.colors.foreground;
|
||||||
# black
|
# black
|
||||||
"*.color0" = hex color 0;
|
"*.color0" = hex color 0;
|
||||||
|
@ -123,9 +123,7 @@ in {
|
||||||
"*antialias" = true;
|
"*antialias" = true;
|
||||||
"*autohint" = true;
|
"*autohint" = true;
|
||||||
};
|
};
|
||||||
home.file.".Xdefaults" = lib.mkIf config.programs.urxvt.enable {
|
home.file.".Xdefaults".source = lib.mkIf config.programs.urxvt.enable config.home.file."${config.home.homeDirectory}/.Xresources".source;
|
||||||
source = config.home.file."${config.home.homeDirectory}/.Xresources".source;
|
|
||||||
};
|
|
||||||
programs.foot = {
|
programs.foot = {
|
||||||
enable = supportTerminal "foot";
|
enable = supportTerminal "foot";
|
||||||
server.enable = true;
|
server.enable = true;
|
||||||
|
@ -176,7 +174,7 @@ in {
|
||||||
repaint_delay = 4;
|
repaint_delay = 4;
|
||||||
foreground = hex config.colors.foreground;
|
foreground = hex config.colors.foreground;
|
||||||
background = hex config.colors.background;
|
background = hex config.colors.background;
|
||||||
background_opacity = toString config.colors.alpha;
|
background_opacity = builtins.toString config.colors.alpha;
|
||||||
color0 = hex color 0;
|
color0 = hex color 0;
|
||||||
color1 = hex color 1;
|
color1 = hex color 1;
|
||||||
color2 = hex color 2;
|
color2 = hex color 2;
|
||||||
|
@ -198,21 +196,18 @@ in {
|
||||||
enabled_layouts = "all";
|
enabled_layouts = "all";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
xdg.configFile."fontconfig/conf.d/10-kitty-fonts.conf".text =
|
xdg.configFile."fontconfig/conf.d/10-kitty-fonts.conf".text = lib.mkIf ((supportTerminal "kitty") && (config.programs.kitty.font.name == "Noto Sans Mono")) ''
|
||||||
lib.mkIf
|
<?xml version="1.0"?>
|
||||||
(supportTerminal "kitty" && config.programs.kitty.font.name == "Noto Sans Mono")
|
<!DOCTYPE fontconfig SYSTEM "fonts.dtd">
|
||||||
''
|
<fontconfig>
|
||||||
<?xml version="1.0"?>
|
<match target="scan">
|
||||||
<!DOCTYPE fontconfig SYSTEM "fonts.dtd">
|
<test name="family">
|
||||||
<fontconfig>
|
|
||||||
<match target="scan">
|
|
||||||
<test name="family">
|
|
||||||
<string>Noto Sans Mono</string>
|
<string>Noto Sans Mono</string>
|
||||||
</test>
|
</test>
|
||||||
<edit name="spacing">
|
<edit name="spacing">
|
||||||
<int>90</int>
|
<int>90</int>
|
||||||
</edit>
|
</edit>
|
||||||
</match>
|
</match>
|
||||||
</fontconfig>
|
</fontconfig>
|
||||||
'';
|
'';
|
||||||
}
|
}
|
|
@ -11,18 +11,10 @@
|
||||||
border: none;
|
border: none;
|
||||||
border-radius: 0;
|
border-radius: 0;
|
||||||
font-family: Noto Sans Mono, "Symbols Nerd Font Mono", monospace;
|
font-family: Noto Sans Mono, "Symbols Nerd Font Mono", monospace;
|
||||||
font-size: 19px;
|
font-size: 19;
|
||||||
min-height: 0;
|
min-height: 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#custom-a { font-size: 40px; }
|
|
||||||
#custom-b { font-size: 40px; }
|
|
||||||
#custom-c { font-size: 40px; }
|
|
||||||
#custom-d { font-size: 40px; }
|
|
||||||
#custom-e { font-size: 40px; }
|
|
||||||
#custom-f { font-size: 40px; }
|
|
||||||
#custom-g { font-size: 40px; }
|
|
||||||
|
|
||||||
#mpris {
|
#mpris {
|
||||||
padding-left: 3px;
|
padding-left: 3px;
|
||||||
font-family: "Noto Sans Mono CJK JP", "Noto Sans Mono", "Symbols Nerd Font Mono", monospace;
|
font-family: "Noto Sans Mono CJK JP", "Noto Sans Mono", "Symbols Nerd Font Mono", monospace;
|
130
home/common/waybar.nix
Normal file
130
home/common/waybar.nix
Normal file
|
@ -0,0 +1,130 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
{
|
||||||
|
services.playerctld.enable = config.wayland.windowManager.sway.enable;
|
||||||
|
programs.waybar = {
|
||||||
|
enable = config.wayland.windowManager.sway.enable;
|
||||||
|
package = pkgs.waybar.override {
|
||||||
|
withMediaPlayer = true;
|
||||||
|
};
|
||||||
|
/*).overrideAttrs (old: {
|
||||||
|
src = pkgs.fetchFromGitHub {
|
||||||
|
owner = "chayleaf";
|
||||||
|
repo = "Waybar";
|
||||||
|
rev = "3091cf4a009e92665325c0dd61adf5ab367786a3";
|
||||||
|
sha256 = "sha256-zH4hbQ8+9TYRVW/XYqmAVsi0vsSPn1LPqXxr0gi0j1E=";
|
||||||
|
};
|
||||||
|
});*/
|
||||||
|
settings = [{
|
||||||
|
layer = "bottom";
|
||||||
|
# position = "bottom";
|
||||||
|
ipc = true;
|
||||||
|
height = 40;
|
||||||
|
modules-left = [ "sway/workspaces" "sway/mode" "idle_inhibitor" "mpris" ];
|
||||||
|
idle_inhibitor = {
|
||||||
|
format = "{icon}";
|
||||||
|
format-icons = {
|
||||||
|
activated = "";
|
||||||
|
deactivated = "";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
mpris = {
|
||||||
|
tooltip = true;
|
||||||
|
format = "{player_icon} {dynamic}";
|
||||||
|
format-paused = "{status_icon} {dynamic}";
|
||||||
|
interval = 1;
|
||||||
|
ellipsis = "…";
|
||||||
|
# tooltip-format = "{dynamic}";
|
||||||
|
album-len = 44;
|
||||||
|
artist-len = 44;
|
||||||
|
title-len = 44;
|
||||||
|
dynamic-len = 44;
|
||||||
|
player-icons = {
|
||||||
|
default = "";
|
||||||
|
mpd = "";
|
||||||
|
};
|
||||||
|
status-icons.paused = "";
|
||||||
|
};
|
||||||
|
"sway/workspaces" = {
|
||||||
|
disable-scroll = true;
|
||||||
|
format = "{value}{icon}";
|
||||||
|
format-icons = {
|
||||||
|
default = "";
|
||||||
|
focused = "";
|
||||||
|
urgent = " ";
|
||||||
|
"2" = " ";
|
||||||
|
"3" = " ";
|
||||||
|
"4" = " ";
|
||||||
|
"5" = " ";
|
||||||
|
};
|
||||||
|
persistent-workspaces = {
|
||||||
|
"1" = []; "2" = []; "3" = []; "4" = []; "5" = [];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"sway/mode" = {
|
||||||
|
tooltip = false;
|
||||||
|
};
|
||||||
|
modules-center = [ "sway/window" ];
|
||||||
|
#fixed-center = false;
|
||||||
|
"sway/window" = {
|
||||||
|
format = "{title}";
|
||||||
|
max-length = 50;
|
||||||
|
# tooltip = false;
|
||||||
|
icon = true;
|
||||||
|
rewrite = {
|
||||||
|
kitty = "";
|
||||||
|
zsh = "";
|
||||||
|
nheko = "";
|
||||||
|
Nextcloud = "";
|
||||||
|
"(.*) — LibreWolf" = "$1";
|
||||||
|
"(.*) - KeePassXC" = "$1";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
modules-right = [ "memory" "cpu" "tray" "wireplumber" "clock" "sway/language" ];
|
||||||
|
cpu = {
|
||||||
|
# format = "{usage}% ";
|
||||||
|
format = "{icon0}{icon1}{icon2}{icon3}{icon4}{icon5}{icon6}{icon7}{icon8}{icon9}{icon10}{icon11}{icon12}{icon13}{icon14}{icon15}";
|
||||||
|
format-icons = ["▁" "▂" "▃" "▄" "▅" "▆" "▇" "█"];
|
||||||
|
};
|
||||||
|
memory = {
|
||||||
|
format = "{used}G";
|
||||||
|
};
|
||||||
|
tray = {
|
||||||
|
icon-size = 26;
|
||||||
|
spacing = 5;
|
||||||
|
};
|
||||||
|
wireplumber = {
|
||||||
|
format = "{volume}%";
|
||||||
|
format-muted = "ﱝ";
|
||||||
|
tooltip = false;
|
||||||
|
};
|
||||||
|
clock = {
|
||||||
|
interval = 5;
|
||||||
|
format = "{:%Y-%m-%d %H:%M:%S}";
|
||||||
|
tooltip-format = "<tt><small>{calendar}</small></tt>";
|
||||||
|
calendar = {
|
||||||
|
mode = "year";
|
||||||
|
# TODO: make this work
|
||||||
|
mode-mon-col = 3;
|
||||||
|
on-scroll = 1;
|
||||||
|
on-click-right = "mode";
|
||||||
|
format = {
|
||||||
|
months = "<span color='#ffead3'><b>{}</b></span>";
|
||||||
|
days = "<span color='#ecc6d9'><b>{}</b></span>";
|
||||||
|
weeks = "<span color='#99ffdd'><b>W{}</b></span>";
|
||||||
|
weekdays = "<span color='#ffcc66'><b>{}</b></span>";
|
||||||
|
today = "<span color='#ff6699'><b><u>{}</u></b></span>";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"sway/language" = {
|
||||||
|
tooltip = false;
|
||||||
|
# make sure it isn't pushed away when other modules get too big
|
||||||
|
min-length = 2;
|
||||||
|
};
|
||||||
|
}];
|
||||||
|
style = ./waybar.css;
|
||||||
|
};
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
playerctl
|
||||||
|
];
|
||||||
|
}
|
|
@ -125,16 +125,16 @@
|
||||||
};
|
};
|
||||||
plugins = with pkgs; [
|
plugins = with pkgs; [
|
||||||
{ name = "zsh-vi-mode";
|
{ name = "zsh-vi-mode";
|
||||||
inherit (zsh-vi-mode) src; }
|
src = zsh-vi-mode.src; }
|
||||||
{ name = "fzf-tab";
|
{ name = "fzf-tab";
|
||||||
inherit (zsh-fzf-tab) src; }
|
src = zsh-fzf-tab.src; }
|
||||||
{ name = "nix-shell";
|
{ name = "nix-shell";
|
||||||
inherit (zsh-nix-shell) src; }
|
src = zsh-nix-shell.src; }
|
||||||
{ name = "powerlevel10k";
|
{ name = "powerlevel10k";
|
||||||
inherit (zsh-powerlevel10k) src;
|
src = zsh-powerlevel10k.src;
|
||||||
file = "powerlevel10k.zsh-theme"; }
|
file = "powerlevel10k.zsh-theme"; }
|
||||||
{ name = "you-should-use";
|
{ name = "you-should-use";
|
||||||
inherit (zsh-you-should-use) src; }
|
src = zsh-you-should-use.src; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
|
@ -1,18 +1,12 @@
|
||||||
{ pkgs
|
{ pkgs, lib, ... }:
|
||||||
, lib
|
|
||||||
, inputs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../modules/general.nix
|
../common/general.nix
|
||||||
../modules/firefox.nix
|
../common/firefox.nix
|
||||||
../modules/i3-sway.nix
|
../common/i3-sway.nix
|
||||||
../modules/nvim.nix
|
../common/nvim.nix
|
||||||
../modules/helix.nix
|
../common/helix.nix
|
||||||
../modules/kakoune.nix
|
../common/kakoune.nix
|
||||||
inputs.nur.nixosModules.nur
|
|
||||||
];
|
];
|
||||||
|
|
||||||
nix.settings = {
|
nix.settings = {
|
||||||
|
@ -42,10 +36,28 @@
|
||||||
home.stateVersion = "22.11";
|
home.stateVersion = "22.11";
|
||||||
home.username = "user";
|
home.username = "user";
|
||||||
home.homeDirectory = "/home/user";
|
home.homeDirectory = "/home/user";
|
||||||
terminals = [ "kitty" ];
|
termShell = {
|
||||||
|
enable = true;
|
||||||
|
path = "${pkgs.fish}/bin/fish";
|
||||||
|
};
|
||||||
# xsession.windowManager.i3.enable = true;
|
# xsession.windowManager.i3.enable = true;
|
||||||
wayland.windowManager.sway.enable = true;
|
wayland.windowManager.sway.enable = true;
|
||||||
|
terminals = [ "kitty" "urxvt" ];
|
||||||
|
services.mpd = {
|
||||||
|
enable = true;
|
||||||
|
network.startWhenNeeded = true;
|
||||||
|
};
|
||||||
|
services.mpdris2 = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
programs.ncmpcpp = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
services.kdeconnect.enable = true;
|
services.kdeconnect.enable = true;
|
||||||
|
systemd.user.services.kdeconnect.Service = {
|
||||||
|
Restart = lib.mkForce "always";
|
||||||
|
RestartSec = "30";
|
||||||
|
};
|
||||||
home.sessionVariables = {
|
home.sessionVariables = {
|
||||||
STEAM_EXTRA_COMPAT_TOOLS_PATHS = "${pkgs.proton-ge}";
|
STEAM_EXTRA_COMPAT_TOOLS_PATHS = "${pkgs.proton-ge}";
|
||||||
CARGO_PROFILE_DEV_INCREMENTAL = "true";
|
CARGO_PROFILE_DEV_INCREMENTAL = "true";
|
||||||
|
@ -55,7 +67,6 @@
|
||||||
CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS = "-C link-arg=--ld-path=${pkgs.mold}/bin/mold";
|
CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_RUSTFLAGS = "-C link-arg=--ld-path=${pkgs.mold}/bin/mold";
|
||||||
};
|
};
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
anki-bin
|
|
||||||
(gimp.overrideAttrs (old: { doCheck = false; })) krita blender-hip
|
(gimp.overrideAttrs (old: { doCheck = false; })) krita blender-hip
|
||||||
kdenlive glaxnimate mediainfo
|
kdenlive glaxnimate mediainfo
|
||||||
ghidra (cutter.withPlugins (p: with p; [ sigdb rz-ghidra ]))
|
ghidra (cutter.withPlugins (p: with p; [ sigdb rz-ghidra ]))
|
||||||
|
|
|
@ -1,38 +0,0 @@
|
||||||
{ pkgs
|
|
||||||
, inputs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
../modules/general.nix
|
|
||||||
../modules/firefox.nix
|
|
||||||
../modules/i3-sway.nix
|
|
||||||
../modules/nvim.nix
|
|
||||||
inputs.nur.nixosModules.nur
|
|
||||||
];
|
|
||||||
|
|
||||||
nix.settings = {
|
|
||||||
trusted-public-keys = [
|
|
||||||
"binarycache.pavluk.org:Vk0ms/vSqoOV2JXeNVOroc8EfilgVxCCUtpCShGIKsQ="
|
|
||||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
|
||||||
];
|
|
||||||
trusted-substituters = [
|
|
||||||
"https://binarycache.pavluk.org"
|
|
||||||
"https://cache.nixos.org"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
phone.enable = true;
|
|
||||||
home.stateVersion = "23.11";
|
|
||||||
home.username = "user";
|
|
||||||
home.homeDirectory = "/home/user";
|
|
||||||
terminals = [ "foot" "kitty" ];
|
|
||||||
wayland.windowManager.sway.enable = true;
|
|
||||||
services.kdeconnect.enable = true;
|
|
||||||
home.packages = with pkgs; [
|
|
||||||
squeekboard
|
|
||||||
techmino
|
|
||||||
tdesktop
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,75 +0,0 @@
|
||||||
{ config
|
|
||||||
, pkgs
|
|
||||||
, lib
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./gui.nix
|
|
||||||
];
|
|
||||||
home.file.".mozilla/firefox/profiles.ini".target = ".librewolf/profiles.ini";
|
|
||||||
programs.firefox = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.wrapFirefox pkgs.librewolf-unwrapped {
|
|
||||||
inherit (pkgs.librewolf-unwrapped) extraPrefsFiles extraPoliciesFiles;
|
|
||||||
wmClass = "LibreWolf";
|
|
||||||
libName = "librewolf";
|
|
||||||
nativeMessagingHosts = with pkgs; [ keepassxc ];
|
|
||||||
};
|
|
||||||
profiles.chayleaf = lib.mkMerge [
|
|
||||||
{
|
|
||||||
extensions = (with config.nur.repos.rycee.firefox-addons; [
|
|
||||||
cookies-txt
|
|
||||||
don-t-fuck-with-paste
|
|
||||||
greasemonkey
|
|
||||||
keepassxc-browser
|
|
||||||
libredirect
|
|
||||||
localcdn
|
|
||||||
noscript
|
|
||||||
privacy-pass
|
|
||||||
protondb-for-steam
|
|
||||||
return-youtube-dislikes
|
|
||||||
rust-search-extension
|
|
||||||
search-by-image
|
|
||||||
sponsorblock
|
|
||||||
steam-database
|
|
||||||
ublock-origin
|
|
||||||
unpaywall
|
|
||||||
vimium-c
|
|
||||||
youtube-shorts-block
|
|
||||||
]) ++ (with pkgs.firefoxAddons; [
|
|
||||||
fastforwardteam
|
|
||||||
middle-mouse-button-scroll
|
|
||||||
rikaitan
|
|
||||||
youtube-nonstop
|
|
||||||
]);
|
|
||||||
settings = lib.mkIf config.phone.enable {
|
|
||||||
"dom.w3c.touch_events.enabled" = true;
|
|
||||||
"apz.allow_zooming" = true;
|
|
||||||
"apz.allow_double_tap_zooming" = true;
|
|
||||||
"dom.w3c_touch_events.legacy_apis.enabled" = true;
|
|
||||||
"browser.tabs.inTitlebar" = 1;
|
|
||||||
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
|
|
||||||
"browser.urlbar.clickSelectsAll" = true;
|
|
||||||
"toolkit.cosmeticAnimations.enabled" = false;
|
|
||||||
"browser.download.animateNotifications" = false;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
(let
|
|
||||||
concatFiles = dir:
|
|
||||||
builtins.concatStringsSep ""
|
|
||||||
(map
|
|
||||||
(k: lib.optionalString (!lib.hasInfix ".before-ff" k) (builtins.readFile "${dir}/${k}"))
|
|
||||||
(builtins.attrNames (builtins.readDir dir)));
|
|
||||||
in lib.mkIf config.phone.enable {
|
|
||||||
userChrome =
|
|
||||||
concatFiles "${pkgs.mobile-config-firefox}/etc/mobile-config-firefox/common"
|
|
||||||
+ concatFiles "${pkgs.mobile-config-firefox}/etc/mobile-config-firefox/userChrome";
|
|
||||||
userContent =
|
|
||||||
concatFiles "${pkgs.mobile-config-firefox}/etc/mobile-config-firefox/common"
|
|
||||||
+ concatFiles "${pkgs.mobile-config-firefox}/etc/mobile-config-firefox/userContent";
|
|
||||||
})
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,225 +0,0 @@
|
||||||
{ config
|
|
||||||
, pkgs
|
|
||||||
, lib
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
|
||||||
services.playerctld.enable = config.wayland.windowManager.sway.enable;
|
|
||||||
programs.waybar = {
|
|
||||||
enable = config.wayland.windowManager.sway.enable;
|
|
||||||
package = pkgs.waybar.override {
|
|
||||||
withMediaPlayer = true;
|
|
||||||
};
|
|
||||||
/*).overrideAttrs (old: {
|
|
||||||
src = pkgs.fetchFromGitHub {
|
|
||||||
owner = "chayleaf";
|
|
||||||
repo = "Waybar";
|
|
||||||
rev = "3091cf4a009e92665325c0dd61adf5ab367786a3";
|
|
||||||
sha256 = "sha256-zH4hbQ8+9TYRVW/XYqmAVsi0vsSPn1LPqXxr0gi0j1E=";
|
|
||||||
};
|
|
||||||
});*/
|
|
||||||
settings = lib.toList {
|
|
||||||
layer = "top";
|
|
||||||
position = "top";
|
|
||||||
ipc = true;
|
|
||||||
height = 40;
|
|
||||||
modules-left = [
|
|
||||||
"sway/workspaces"
|
|
||||||
"sway/mode"
|
|
||||||
"idle_inhibitor"
|
|
||||||
]
|
|
||||||
++ lib.optional (!config.phone.enable) "mpris";
|
|
||||||
idle_inhibitor = {
|
|
||||||
format = "{icon}";
|
|
||||||
format-icons = {
|
|
||||||
activated = "";
|
|
||||||
deactivated = "";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
mpris = {
|
|
||||||
tooltip = true;
|
|
||||||
format = "{player_icon} {dynamic}";
|
|
||||||
format-paused = "{status_icon} {dynamic}";
|
|
||||||
interval = 1;
|
|
||||||
ellipsis = "…";
|
|
||||||
# tooltip-format = "{dynamic}";
|
|
||||||
album-len = 44;
|
|
||||||
artist-len = 44;
|
|
||||||
title-len = 44;
|
|
||||||
dynamic-len = 44;
|
|
||||||
player-icons = {
|
|
||||||
default = "";
|
|
||||||
mpd = "";
|
|
||||||
};
|
|
||||||
status-icons.paused = "";
|
|
||||||
};
|
|
||||||
"sway/workspaces" = {
|
|
||||||
disable-scroll = true;
|
|
||||||
format = "{value}{icon}";
|
|
||||||
format-icons = {
|
|
||||||
default = "";
|
|
||||||
urgent = " ";
|
|
||||||
} // lib.optionalAttrs (!config.phone.enable) {
|
|
||||||
"2" = " ";
|
|
||||||
"3" = " ";
|
|
||||||
"4" = " ";
|
|
||||||
"5" = " ";
|
|
||||||
};
|
|
||||||
persistent-workspaces = {
|
|
||||||
"1" = [ ]; "2" = [ ]; "3" = [ ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"sway/mode" = {
|
|
||||||
tooltip = false;
|
|
||||||
};
|
|
||||||
modules-center = [ "sway/window" ];
|
|
||||||
#fixed-center = false;
|
|
||||||
"sway/window" = {
|
|
||||||
format = "{title}";
|
|
||||||
max-length = 50;
|
|
||||||
# tooltip = false;
|
|
||||||
icon = true;
|
|
||||||
rewrite = {
|
|
||||||
kitty = "";
|
|
||||||
zsh = "";
|
|
||||||
nheko = "";
|
|
||||||
Nextcloud = "";
|
|
||||||
"(.*) — LibreWolf" = "$1";
|
|
||||||
"(.*) - KeePassXC" = "$1";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
modules-right = [
|
|
||||||
"memory"
|
|
||||||
]
|
|
||||||
++ lib.optional (!config.phone.enable) "cpu"
|
|
||||||
++ [
|
|
||||||
"tray"
|
|
||||||
(if config.phone.enable then "pulseaudio" else "wireplumber")
|
|
||||||
]
|
|
||||||
++ lib.optional (!config.phone.enable) "clock"
|
|
||||||
++ [ "sway/language" ]
|
|
||||||
++ lib.optional config.phone.enable "battery";
|
|
||||||
battery = {
|
|
||||||
format = "{capacity}%";
|
|
||||||
};
|
|
||||||
cpu = {
|
|
||||||
# format = "{usage}% ";
|
|
||||||
format = "{icon0}{icon1}{icon2}{icon3}{icon4}{icon5}{icon6}{icon7}{icon8}{icon9}{icon10}{icon11}{icon12}{icon13}{icon14}{icon15}";
|
|
||||||
format-icons = ["▁" "▂" "▃" "▄" "▅" "▆" "▇" "█"];
|
|
||||||
};
|
|
||||||
memory = {
|
|
||||||
format = "{used}G";
|
|
||||||
};
|
|
||||||
tray = {
|
|
||||||
icon-size = 26;
|
|
||||||
spacing = 5;
|
|
||||||
};
|
|
||||||
wireplumber = {
|
|
||||||
format = "{volume}%";
|
|
||||||
format-muted = "ﱝ";
|
|
||||||
tooltip = false;
|
|
||||||
};
|
|
||||||
pulseaudio = {
|
|
||||||
format = "{volume}%";
|
|
||||||
format-muted = "ﱝ";
|
|
||||||
tooltip = false;
|
|
||||||
};
|
|
||||||
clock = {
|
|
||||||
interval = 5;
|
|
||||||
format = "{:%Y-%m-%d %H:%M:%S}";
|
|
||||||
tooltip-format = "<tt><small>{calendar}</small></tt>";
|
|
||||||
calendar = {
|
|
||||||
mode = "year";
|
|
||||||
# TODO: make this work
|
|
||||||
mode-mon-col = 3;
|
|
||||||
on-scroll = 1;
|
|
||||||
on-click-right = "mode";
|
|
||||||
format = {
|
|
||||||
months = "<span color='#ffead3'><b>{}</b></span>";
|
|
||||||
days = "<span color='#ecc6d9'><b>{}</b></span>";
|
|
||||||
weeks = "<span color='#99ffdd'><b>W{}</b></span>";
|
|
||||||
weekdays = "<span color='#ffcc66'><b>{}</b></span>";
|
|
||||||
today = "<span color='#ff6699'><b><u>{}</u></b></span>";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"sway/language" = {
|
|
||||||
tooltip = false;
|
|
||||||
# make sure it isn't pushed away when other modules get too big
|
|
||||||
min-length = 2;
|
|
||||||
};
|
|
||||||
} ++ lib.optionals config.phone.enable [
|
|
||||||
{
|
|
||||||
layer = "top";
|
|
||||||
position = "top";
|
|
||||||
ipc = true;
|
|
||||||
height = 40;
|
|
||||||
clock = {
|
|
||||||
interval = 5;
|
|
||||||
format = "{:%Y-%m-%d %H:%M:%S}";
|
|
||||||
};
|
|
||||||
cpu = {
|
|
||||||
# format = "{usage}% ";
|
|
||||||
format = "{icon0}{icon1}{icon2}{icon3}{icon4}{icon5}{icon6}{icon7}{icon8}{icon9}{icon10}{icon11}{icon12}{icon13}{icon14}{icon15}";
|
|
||||||
format-icons = ["▁" "▂" "▃" "▄" "▅" "▆" "▇" "█"];
|
|
||||||
};
|
|
||||||
modules-left = [ "cpu" ];
|
|
||||||
modules-right = [ "clock" ];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
layer = "top";
|
|
||||||
position = "bottom";
|
|
||||||
ipc = true;
|
|
||||||
height = 80;
|
|
||||||
modules-left = [ "custom/a" "custom/b" "custom/c" ];
|
|
||||||
modules-right = [ "custom/d""custom/e" "custom/f" ];
|
|
||||||
# 2 btns: keyboards
|
|
||||||
# 1 btn: close
|
|
||||||
#
|
|
||||||
"custom/a" = {
|
|
||||||
interval = "once"; exec = "${pkgs.coreutils}/bin/echo a"; exec-if = "${pkgs.coreutils}/bin/true";
|
|
||||||
format = " A ";
|
|
||||||
on-click = "${config.home.homeDirectory}/scripts/a.sh";
|
|
||||||
};
|
|
||||||
"custom/b" = {
|
|
||||||
interval = "once"; exec = "${pkgs.coreutils}/bin/echo a"; exec-if = "${pkgs.coreutils}/bin/true";
|
|
||||||
format = " ";
|
|
||||||
on-click = pkgs.writeShellScript "toggle-keyboard.sh" ''
|
|
||||||
${pkgs.procps}/bin/pkill -SIGRTMIN -x wvkbd-mobintl
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
"custom/c" = {
|
|
||||||
interval = "once"; exec = "${pkgs.coreutils}/bin/echo a"; exec-if = "${pkgs.coreutils}/bin/true";
|
|
||||||
format = " C ";
|
|
||||||
on-click = "${config.home.homeDirectory}/scripts/c.sh";
|
|
||||||
};
|
|
||||||
"custom/d" = {
|
|
||||||
interval = "once"; exec = "${pkgs.coreutils}/bin/echo a"; exec-if = "${pkgs.coreutils}/bin/true";
|
|
||||||
format = " D ";
|
|
||||||
on-click = "${config.home.homeDirectory}/scripts/d.sh";
|
|
||||||
};
|
|
||||||
"custom/e" = {
|
|
||||||
interval = "once"; exec = "${pkgs.coreutils}/bin/echo a"; exec-if = "${pkgs.coreutils}/bin/true";
|
|
||||||
format = " ";
|
|
||||||
on-click = pkgs.writeShellScript "toggle-keyboard.sh" ''
|
|
||||||
if /run/current-system/sw/bin/busctl get-property --user sm.puri.OSK0 /sm/puri/OSK0 sm.puri.OSK0 Visible | ${pkgs.gnugrep}/bin/grep true; then
|
|
||||||
/run/current-system/sw/bin/busctl call --user sm.puri.OSK0 /sm/puri/OSK0 sm.puri.OSK0 SetVisible b false
|
|
||||||
else
|
|
||||||
/run/current-system/sw/bin/busctl call --user sm.puri.OSK0 /sm/puri/OSK0 sm.puri.OSK0 SetVisible b true
|
|
||||||
fi
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
"custom/f" = {
|
|
||||||
interval = "once"; exec = "${pkgs.coreutils}/bin/echo a"; exec-if = "${pkgs.coreutils}/bin/true";
|
|
||||||
format = " X ";
|
|
||||||
on-click = "${config.wayland.windowManager.sway.package}/bin/swaymsg kill";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
style = ./waybar.css;
|
|
||||||
};
|
|
||||||
home.packages = with pkgs; [
|
|
||||||
playerctl
|
|
||||||
];
|
|
||||||
}
|
|
6
lib.nix
6
lib.nix
|
@ -1,6 +0,0 @@
|
||||||
{ lib, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
quoteListenAddr = addr:
|
|
||||||
if lib.hasInfix ":" addr then "[${addr}]" else addr;
|
|
||||||
}
|
|
|
@ -1,5 +1,2 @@
|
||||||
[
|
# [ (import (builtins.fetchTarball "https://github.com/oxalica/rust-overlay/archive/master.tar.gz")) ]
|
||||||
(import <self>).overlays.default
|
[ (import <self>).overlays.default (import <rust-overlay>) (import <nix-gaming>).overlays.default ]
|
||||||
(import <rust-overlay>)
|
|
||||||
(import <nix-gaming>).overlays.default
|
|
||||||
]
|
|
||||||
|
|
|
@ -22,24 +22,24 @@
|
||||||
"pinned": false,
|
"pinned": false,
|
||||||
"src": {
|
"src": {
|
||||||
"name": null,
|
"name": null,
|
||||||
"sha256": "sha256-5fEYhazqXcMENjp+37IcF5U81vZ9bPDkS0siUVi9mdg=",
|
"sha256": "sha256-72jxUJdn4j0FV1qFH0r7UEVrAvSwrWgWsxCXyT1N/1A=",
|
||||||
"type": "url",
|
"type": "url",
|
||||||
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-27/GE-Proton8-27.tar.gz"
|
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-24/GE-Proton8-24.tar.gz"
|
||||||
},
|
},
|
||||||
"version": "GE-Proton8-27"
|
"version": "GE-Proton8-24"
|
||||||
},
|
},
|
||||||
"searxng": {
|
"searxng": {
|
||||||
"cargoLocks": null,
|
"cargoLocks": null,
|
||||||
"date": "2024-01-25",
|
"date": "2023-11-14",
|
||||||
"extract": null,
|
"extract": null,
|
||||||
"name": "searxng",
|
"name": "searxng",
|
||||||
"passthru": null,
|
"passthru": null,
|
||||||
"pinned": false,
|
"pinned": false,
|
||||||
"src": {
|
"src": {
|
||||||
"sha256": "sha256-QW1xC6RsHpn5P/QHjyc3O24tSmLvRCVIJwNqPyp1DV0=",
|
"sha256": "sha256-vgDQ7cdWN79TFEbJGq0AdvC8p2YOmogk9iVViDkZDXw=",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/searxng/searxng/archive/8c73aa772b7d4446f77be82d8f9d9eef1e348deb.tar.gz"
|
"url": "https://github.com/searxng/searxng/archive/b3d29cb86db4cc1a4e6320016529d1361451e1f1.tar.gz"
|
||||||
},
|
},
|
||||||
"version": "8c73aa772b7d4446f77be82d8f9d9eef1e348deb"
|
"version": "b3d29cb86db4cc1a4e6320016529d1361451e1f1"
|
||||||
}
|
}
|
||||||
}
|
}
|
|
@ -12,19 +12,19 @@
|
||||||
};
|
};
|
||||||
proton-ge = {
|
proton-ge = {
|
||||||
pname = "proton-ge";
|
pname = "proton-ge";
|
||||||
version = "GE-Proton8-27";
|
version = "GE-Proton8-24";
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-27/GE-Proton8-27.tar.gz";
|
url = "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-24/GE-Proton8-24.tar.gz";
|
||||||
sha256 = "sha256-5fEYhazqXcMENjp+37IcF5U81vZ9bPDkS0siUVi9mdg=";
|
sha256 = "sha256-72jxUJdn4j0FV1qFH0r7UEVrAvSwrWgWsxCXyT1N/1A=";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
searxng = {
|
searxng = {
|
||||||
pname = "searxng";
|
pname = "searxng";
|
||||||
version = "8c73aa772b7d4446f77be82d8f9d9eef1e348deb";
|
version = "b3d29cb86db4cc1a4e6320016529d1361451e1f1";
|
||||||
src = fetchTarball {
|
src = fetchTarball {
|
||||||
url = "https://github.com/searxng/searxng/archive/8c73aa772b7d4446f77be82d8f9d9eef1e348deb.tar.gz";
|
url = "https://github.com/searxng/searxng/archive/b3d29cb86db4cc1a4e6320016529d1361451e1f1.tar.gz";
|
||||||
sha256 = "sha256-QW1xC6RsHpn5P/QHjyc3O24tSmLvRCVIJwNqPyp1DV0=";
|
sha256 = "sha256-vgDQ7cdWN79TFEbJGq0AdvC8p2YOmogk9iVViDkZDXw=";
|
||||||
};
|
};
|
||||||
date = "2024-01-25";
|
date = "2023-11-14";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,51 +0,0 @@
|
||||||
{ lib
|
|
||||||
, stdenv
|
|
||||||
, fetchFromGitLab
|
|
||||||
, meson
|
|
||||||
, ninja
|
|
||||||
, pkg-config
|
|
||||||
, libinput
|
|
||||||
, libxkbcommon
|
|
||||||
, libevdev
|
|
||||||
}:
|
|
||||||
|
|
||||||
stdenv.mkDerivation {
|
|
||||||
pname = "buffyboard";
|
|
||||||
version = "unstable-2023-11-20";
|
|
||||||
|
|
||||||
src = fetchFromGitLab {
|
|
||||||
owner = "postmarketOS";
|
|
||||||
repo = "buffybox";
|
|
||||||
rev = "14b30c60183d98e8d0b4dadf66198e08badf631e";
|
|
||||||
hash = "sha256-9wLuTAqYoFl+IAR1ixp0nHwh6jBWl+1jDPhhxqE+LHQ=";
|
|
||||||
fetchSubmodules = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
# https://gitlab.com/postmarketOS/buffybox/-/issues/1
|
|
||||||
hardeningDisable = [ "fortify3" ];
|
|
||||||
|
|
||||||
postPatch = ''
|
|
||||||
cd buffyboard
|
|
||||||
'';
|
|
||||||
|
|
||||||
nativeBuildInputs = [
|
|
||||||
meson
|
|
||||||
ninja
|
|
||||||
pkg-config
|
|
||||||
];
|
|
||||||
|
|
||||||
buildInputs = [
|
|
||||||
libevdev
|
|
||||||
libinput
|
|
||||||
libxkbcommon
|
|
||||||
];
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
description = "";
|
|
||||||
homepage = "https://gitlab.com/postmarketOS/buffybox/-/tree/master/buffyboard";
|
|
||||||
license = licenses.gpl3Only;
|
|
||||||
maintainers = with maintainers; [ chayleaf ];
|
|
||||||
mainProgram = "buffyboard";
|
|
||||||
platforms = platforms.all;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,25 +1,20 @@
|
||||||
{ pkgs
|
{ pkgs
|
||||||
, lib
|
, lib
|
||||||
, inputs
|
, nur
|
||||||
|
, nix-gaming
|
||||||
, pkgs' ? pkgs
|
, pkgs' ? pkgs
|
||||||
, isOverlay ? true
|
, isOverlay ? true
|
||||||
, ...
|
, ... }:
|
||||||
}:
|
|
||||||
|
|
||||||
let
|
let
|
||||||
inherit (pkgs') callPackage;
|
inherit (pkgs') callPackage;
|
||||||
sources = import ./_sources/generated.nix {
|
sources = import ./_sources/generated.nix {
|
||||||
inherit (pkgs) fetchgit fetchurl fetchFromGitHub dockerTools;
|
inherit (pkgs) fetchgit fetchurl fetchFromGitHub dockerTools;
|
||||||
};
|
};
|
||||||
nixForNixPlugins = pkgs.nixVersions.nix_2_18;
|
nixForNixPlugins = pkgs.nixVersions.nix_2_18;
|
||||||
nur = import inputs.nur {
|
|
||||||
inherit pkgs;
|
|
||||||
nurpkgs = pkgs;
|
|
||||||
};
|
|
||||||
in
|
in
|
||||||
|
|
||||||
{
|
{
|
||||||
inherit (inputs.nix-gaming.packages.${pkgs.system}) faf-client osu-lazer-bin;
|
inherit (nix-gaming) faf-client osu-lazer-bin;
|
||||||
inherit nixForNixPlugins;
|
inherit nixForNixPlugins;
|
||||||
nix = nixForNixPlugins;
|
nix = nixForNixPlugins;
|
||||||
nixVersions = pkgs.nixVersions.extend (self: super: {
|
nixVersions = pkgs.nixVersions.extend (self: super: {
|
||||||
|
@ -27,7 +22,7 @@ in
|
||||||
unstable = nixForNixPlugins;
|
unstable = nixForNixPlugins;
|
||||||
});
|
});
|
||||||
# Various patches to change Nix version of existing packages so they don't error out because of nix-plugins in nix.conf
|
# Various patches to change Nix version of existing packages so they don't error out because of nix-plugins in nix.conf
|
||||||
/*nix-plugins = (pkgs.nix-plugins.override { nix = nixForNixPlugins; }).overrideAttrs (old: {
|
nix-plugins = (pkgs.nix-plugins.override { nix = nixForNixPlugins; }).overrideAttrs (old: {
|
||||||
version = "13.0.0";
|
version = "13.0.0";
|
||||||
patches = [
|
patches = [
|
||||||
(pkgs.fetchpatch {
|
(pkgs.fetchpatch {
|
||||||
|
@ -36,15 +31,15 @@ in
|
||||||
hash = "sha256-pOogMtjXYkSDtXW12TmBpGr/plnizJtud2nP3q2UldQ=";
|
hash = "sha256-pOogMtjXYkSDtXW12TmBpGr/plnizJtud2nP3q2UldQ=";
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
});*/
|
|
||||||
harmonia = (pkgs.harmonia.override { nixVersions.nix_2_19 = nixForNixPlugins; }).overrideAttrs (old: rec {
|
|
||||||
version = "0.7.3";
|
|
||||||
src = old.src.override {
|
|
||||||
rev = "refs/tags/${old.pname}-v${version}";
|
|
||||||
hash = "sha256-XtnK54HvZMKZGSCrVD0FO5PQLMo3Vkj8ezUlsfqStq0=";
|
|
||||||
};
|
|
||||||
cargoDeps = pkgs.rustPlatform.importCargoLock { lockFile = "${src}/Cargo.lock"; };
|
|
||||||
});
|
});
|
||||||
|
harmonia = (pkgs.harmonia.override { nix = nixForNixPlugins; }); /*.overrideAttrs {
|
||||||
|
patches = [
|
||||||
|
(pkgs.fetchpatch {
|
||||||
|
url = "https://github.com/nix-community/harmonia/pull/145/commits/394c939a45fa9c590347e149400876c318610b1e.patch";
|
||||||
|
hash = "sha256-DvyE7/0PW3XRtFgIrl4IQa7RIQLQZoKLddxCZvhpu3I=";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
};*/
|
||||||
nix-init = pkgs.nix-init.override { nix = nixForNixPlugins; };
|
nix-init = pkgs.nix-init.override { nix = nixForNixPlugins; };
|
||||||
nix-serve = pkgs.nix-serve.override { nix = nixForNixPlugins; };
|
nix-serve = pkgs.nix-serve.override { nix = nixForNixPlugins; };
|
||||||
nix-serve-ng = pkgs.nix-serve-ng.override { nix = nixForNixPlugins; };
|
nix-serve-ng = pkgs.nix-serve-ng.override { nix = nixForNixPlugins; };
|
||||||
|
@ -54,25 +49,49 @@ in
|
||||||
configureFlags = builtins.filter (x: x != "--enable-lto") (old.configureFlags or []);
|
configureFlags = builtins.filter (x: x != "--enable-lto") (old.configureFlags or []);
|
||||||
});*/
|
});*/
|
||||||
}).overrideAttrs (old: {
|
}).overrideAttrs (old: {
|
||||||
# who cares about tests amirite
|
# who cares about failing tests amirite
|
||||||
version = "2023-12-01";
|
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
src = old.src.override {
|
patches = (old.patches or [ ]) ++ [
|
||||||
rev = "4d1c8505120961f10897b8fe9a070d4e193c9a13";
|
(pkgs.fetchpatch {
|
||||||
hash = "sha256-vXTuE83GL15mgZHegbllVAsVdDFcWWSayPfZxTJN5ys=";
|
url = "https://github.com/chayleaf/hydra/commit/e9da80fff6234fab2458173272ee0bedbe8935c3.patch";
|
||||||
};
|
hash = "sha256-PS8rwe5lIzvaVlh/DogYmW5OccVfpKQ6JehTQibx2XQ=";
|
||||||
|
})
|
||||||
|
];
|
||||||
});
|
});
|
||||||
nurl = pkgs.nurl.override { nix = nixForNixPlugins; };
|
nurl = pkgs.nurl.override { nix = nixForNixPlugins; };
|
||||||
/*nvfetcher = pkgs.nvfetcher.overrideAttrs (old: {
|
/*nvfetcher = pkgs.nvfetcher.overrideAttrs (old: {
|
||||||
meta = builtins.removeAttrs old.meta [ "broken" ];
|
meta = builtins.removeAttrs old.meta [ "broken" ];
|
||||||
});*/
|
});*/
|
||||||
|
|
||||||
buffyboard = pkgs.callPackage ./buffyboard { };
|
|
||||||
clang-tools_latest = pkgs.clang-tools_16;
|
clang-tools_latest = pkgs.clang-tools_16;
|
||||||
clang_latest = pkgs.clang_16;
|
clang_latest = pkgs.clang_16;
|
||||||
/*ghidra = pkgs.ghidra.overrideAttrs (old: {
|
/*ghidra = pkgs.ghidra.overrideAttrs (old: {
|
||||||
patches = old.patches ++ [ ./ghidra-stdcall.patch ];
|
patches = old.patches ++ [ ./ghidra-stdcall.patch ];
|
||||||
});*/
|
});*/
|
||||||
|
ffmpeg-custom = (pkgs.callPackage (import /${pkgs.path}/pkgs/development/libraries/ffmpeg/generic.nix {
|
||||||
|
version = "6.1";
|
||||||
|
sha256 = "sha256-NzhD2D16bCVCyCXo0TRwZYp3Ta5eFSfoQPa+iRkeNZg=";
|
||||||
|
}) {
|
||||||
|
ffmpegVariant = "full";
|
||||||
|
withCuda = false;
|
||||||
|
withCudaLLVM = false;
|
||||||
|
withNvdec = false;
|
||||||
|
withNvenc = false;
|
||||||
|
inherit (pkgs'.darwin.apple_sdk.frameworks)
|
||||||
|
Cocoa CoreServices CoreAudio CoreMedia AVFoundation MediaToolbox
|
||||||
|
VideoDecodeAcceleration VideoToolbox;
|
||||||
|
}).overrideAttrs (old: {
|
||||||
|
postPatch = ''
|
||||||
|
${old.postPatch or ""}
|
||||||
|
substituteInPlace libavutil/hwcontext_vulkan.c \
|
||||||
|
--replace FF_VK_KHR_VIDEO_DECODE_QUEUE FF_VK_EXT_VIDEO_DECODE_QUEUE \
|
||||||
|
--replace FF_VK_KHR_VIDEO_DECODE_H264 FF_VK_EXT_VIDEO_DECODE_H264 \
|
||||||
|
--replace FF_VK_KHR_VIDEO_DECODE_H265 FF_VK_EXT_VIDEO_DECODE_H265 \
|
||||||
|
--replace FF_VK_KHR_VIDEO_DECODE_AV1 FF_VK_EXT_VIDEO_DECODE_AV1
|
||||||
|
'';
|
||||||
|
buildInputs = old.buildInputs ++ [ pkgs.libaribcaption ];
|
||||||
|
configureFlags = old.configureFlags ++ [ "--enable-libaribcaption" ];
|
||||||
|
});
|
||||||
gimp = callPackage ./gimp { inherit (pkgs) gimp; };
|
gimp = callPackage ./gimp { inherit (pkgs) gimp; };
|
||||||
home-daemon = callPackage ./home-daemon { };
|
home-daemon = callPackage ./home-daemon { };
|
||||||
# pin version
|
# pin version
|
||||||
|
@ -89,8 +108,6 @@ in
|
||||||
kvmfrOverlay = kvmfr: kvmfr.overrideAttrs (old: {
|
kvmfrOverlay = kvmfr: kvmfr.overrideAttrs (old: {
|
||||||
inherit (pkgs'.looking-glass-client) version src;
|
inherit (pkgs'.looking-glass-client) version src;
|
||||||
});
|
});
|
||||||
mobile-config-firefox = callPackage ./mobile-config-firefox { };
|
|
||||||
ping-exporter = callPackage ./ping-exporter { };
|
|
||||||
proton-ge = pkgs.stdenvNoCC.mkDerivation {
|
proton-ge = pkgs.stdenvNoCC.mkDerivation {
|
||||||
inherit (sources.proton-ge) pname version src;
|
inherit (sources.proton-ge) pname version src;
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
|
@ -105,7 +122,6 @@ in
|
||||||
version = "unstable-" + sources.searxng.date;
|
version = "unstable-" + sources.searxng.date;
|
||||||
postInstall = builtins.replaceStrings [ "/botdetection" ] [ "" ] old.postInstall;
|
postInstall = builtins.replaceStrings [ "/botdetection" ] [ "" ] old.postInstall;
|
||||||
}));
|
}));
|
||||||
schlock = callPackage ./schlock { };
|
|
||||||
techmino = callPackage ./techmino { };
|
techmino = callPackage ./techmino { };
|
||||||
|
|
||||||
firefoxAddons = lib.recurseIntoAttrs (callPackage ./firefox-addons { inherit nur sources; });
|
firefoxAddons = lib.recurseIntoAttrs (callPackage ./firefox-addons { inherit nur sources; });
|
||||||
|
@ -139,4 +155,3 @@ in
|
||||||
}
|
}
|
||||||
// import ./ccache.nix { inherit pkgs pkgs' lib sources; }
|
// import ./ccache.nix { inherit pkgs pkgs' lib sources; }
|
||||||
// import ../system/hardware/bpi-r3/pkgs.nix { inherit pkgs pkgs' lib sources; }
|
// import ../system/hardware/bpi-r3/pkgs.nix { inherit pkgs pkgs' lib sources; }
|
||||||
// import ../system/hardware/oneplus-enchilada/pkgs.nix { inherit inputs pkgs pkgs' lib sources; }
|
|
||||||
|
|
|
@ -37,21 +37,23 @@
|
||||||
};
|
};
|
||||||
"rikaitan" = buildFirefoxXpiAddon {
|
"rikaitan" = buildFirefoxXpiAddon {
|
||||||
pname = "rikaitan";
|
pname = "rikaitan";
|
||||||
version = "24.1.22.0";
|
version = "23.9.25.1";
|
||||||
addonId = "tatsu@autistici.org";
|
addonId = "tatsu@autistici.org";
|
||||||
url = "https://addons.mozilla.org/firefox/downloads/file/4224979/rikaitan-24.1.22.0.xpi";
|
url = "https://addons.mozilla.org/firefox/downloads/file/4172402/rikaitan-23.9.25.1.xpi";
|
||||||
sha256 = "7df217a68077d45b9f41fe0170193c9224abc2a543c121429ebef4e7e857b0df";
|
sha256 = "d954f90939455dd52ce161729d7175fac63cf10daea386a1eab34529e03c8f29";
|
||||||
meta = with lib;
|
meta = with lib;
|
||||||
{
|
{
|
||||||
homepage = "https://github.com/Ajatt-Tools/rikaitan";
|
homepage = "https://github.com/Ajatt-Tools/rikaitan";
|
||||||
description = "Japanese dictionary with Anki integration and flashcard creation support.";
|
description = "Japanese dictionary with Anki integration. \n\nThis project is a community-driven fork of Yomichan, which is no longer maintained.";
|
||||||
license = licenses.gpl3;
|
license = licenses.lgpl3;
|
||||||
mozPermissions = [
|
mozPermissions = [
|
||||||
|
"<all_urls>"
|
||||||
"storage"
|
"storage"
|
||||||
"clipboardWrite"
|
"clipboardWrite"
|
||||||
"unlimitedStorage"
|
"unlimitedStorage"
|
||||||
"declarativeNetRequest"
|
"webRequest"
|
||||||
"scripting"
|
"webRequestBlocking"
|
||||||
|
"nativeMessaging"
|
||||||
"http://*/*"
|
"http://*/*"
|
||||||
"https://*/*"
|
"https://*/*"
|
||||||
"file://*/*"
|
"file://*/*"
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
{ lib
|
|
||||||
, stdenv
|
|
||||||
, fetchFromGitLab
|
|
||||||
}:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
pname = "mobile-config-firefox";
|
|
||||||
version = "4.2.0";
|
|
||||||
|
|
||||||
src = fetchFromGitLab {
|
|
||||||
owner = "postmarketOS";
|
|
||||||
repo = "mobile-config-firefox";
|
|
||||||
rev = version;
|
|
||||||
hash = "sha256-JEfgB+dqfy97n4FC2N6eHDV0aRFAhmFujYJHYa3kENE=";
|
|
||||||
};
|
|
||||||
|
|
||||||
makeFlags = [ "DESTDIR=$(out)" "FIREFOX_DIR=/lib/firefox" ];
|
|
||||||
|
|
||||||
postInstall = ''
|
|
||||||
rm -rf "$out/usr"
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
description = "Mobile and privacy friendly configuration for Firefox (distro-independent";
|
|
||||||
homepage = "https://gitlab.com/postmarketOS/mobile-config-firefox";
|
|
||||||
license = licenses.mpl20;
|
|
||||||
maintainers = with maintainers; [ chayleaf ];
|
|
||||||
mainProgram = "mobile-config-firefox";
|
|
||||||
platforms = platforms.all;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,24 +0,0 @@
|
||||||
{ lib
|
|
||||||
, fetchFromGitHub
|
|
||||||
, rustPlatform
|
|
||||||
}:
|
|
||||||
|
|
||||||
rustPlatform.buildRustPackage rec {
|
|
||||||
pname = "ping-exporter";
|
|
||||||
version = "0.1";
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "chayleaf";
|
|
||||||
repo = "ping-exporter";
|
|
||||||
rev = "cf5e5f7e96fb477e015d44cd462fb996b944c896";
|
|
||||||
hash = "sha256-eZncfKTegLp+KBnAds8YR7ZMN8i7jDIIN8qt7832+0Y=";
|
|
||||||
};
|
|
||||||
|
|
||||||
cargoLock.lockFile = "${src}/Cargo.lock";
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
description = "A ping exporter for Prometheus";
|
|
||||||
license = with lib.licenses; [ mit asl20 ];
|
|
||||||
maintainers = with lib.maintainers; [ chayleaf ];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,56 +0,0 @@
|
||||||
{ lib
|
|
||||||
, stdenv
|
|
||||||
, fetchFromGitHub
|
|
||||||
, meson
|
|
||||||
, ninja
|
|
||||||
, pkg-config
|
|
||||||
, scdoc
|
|
||||||
, cairo
|
|
||||||
, gdk-pixbuf
|
|
||||||
, libsodium
|
|
||||||
, libxkbcommon
|
|
||||||
, wayland
|
|
||||||
, wayland-protocols
|
|
||||||
}:
|
|
||||||
|
|
||||||
stdenv.mkDerivation {
|
|
||||||
pname = "schlock";
|
|
||||||
version = "unstable-2022-02-02";
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "telent";
|
|
||||||
repo = "schlock";
|
|
||||||
rev = "f3dde16f074fd5b7482a253b9d26b4ead66dea82";
|
|
||||||
hash = "sha256-Ot86vALt1kkzbBocwh9drCycbRIw2jMKJU4ODe9PYQM=";
|
|
||||||
};
|
|
||||||
|
|
||||||
nativeBuildInputs = [
|
|
||||||
meson
|
|
||||||
ninja
|
|
||||||
pkg-config
|
|
||||||
scdoc
|
|
||||||
];
|
|
||||||
|
|
||||||
buildInputs = [
|
|
||||||
cairo
|
|
||||||
gdk-pixbuf
|
|
||||||
libsodium
|
|
||||||
libxkbcommon
|
|
||||||
wayland
|
|
||||||
wayland-protocols
|
|
||||||
];
|
|
||||||
|
|
||||||
mesonFlags = [
|
|
||||||
"-Dgdk-pixbuf=enabled"
|
|
||||||
"-Dman-pages=enabled"
|
|
||||||
];
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
description = "";
|
|
||||||
homepage = "https://github.com/telent/schlock";
|
|
||||||
license = licenses.mit;
|
|
||||||
maintainers = with maintainers; [ chayleaf ];
|
|
||||||
mainProgram = "schlock";
|
|
||||||
platforms = platforms.all;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -14,12 +14,6 @@ in
|
||||||
];
|
];
|
||||||
networking.hostName = "nixos-router";
|
networking.hostName = "nixos-router";
|
||||||
|
|
||||||
systemd.enableEmergencyMode = false;
|
|
||||||
boot.kernel.sysctl = {
|
|
||||||
"net.core.default_qdisc" = "fq";
|
|
||||||
"net.ipv4.tcp_congestion_control" = "bbr";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
# mount root on tmpfs
|
# mount root on tmpfs
|
||||||
"/" = { device = "none"; fsType = "tmpfs"; neededForBoot = true;
|
"/" = { device = "none"; fsType = "tmpfs"; neededForBoot = true;
|
||||||
|
|
|
@ -1,58 +1,91 @@
|
||||||
# device-specific non-portable config
|
# device-specific non-portable config
|
||||||
{ pkgs
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
|
|
||||||
let
|
let
|
||||||
uuids.efi = "D97E-A4D5";
|
efiPart = "/dev/disk/by-uuid/D77D-8CE0";
|
||||||
uuids.encroot = "a2c3c9ea-2c73-4786-bff7-5f0aa7097912";
|
|
||||||
uuids.root = "dc669123-d6d3-447f-9ce3-c22587e5fa6a";
|
|
||||||
uuids.encdata = "f1447692-fa7c-4bd6-9cb5-e44c13fddfe3";
|
|
||||||
uuids.data = "fa754b1e-ac83-4851-bf16-88efcd40b657";
|
|
||||||
uuids.swap = "01c21ed8-0f40-4892-825d-81f5ddb9a0a2";
|
|
||||||
parts = builtins.mapAttrs (k: v: "/dev/disk/by-uuid/${v}") uuids;
|
|
||||||
in
|
|
||||||
|
|
||||||
{
|
encPart = "/dev/disk/by-uuid/ce6ccdf0-7b6a-43ae-bfdf-10009a55041a";
|
||||||
|
cryptrootUuid = "f4edc0df-b50b-42f6-94ed-1c8f88d6cdbb";
|
||||||
|
cryptroot = "/dev/disk/by-uuid/${cryptrootUuid}";
|
||||||
|
|
||||||
|
dataPart = "/dev/disk/by-uuid/f1447692-fa7c-4bd6-9cb5-e44c13fddfe3";
|
||||||
|
datarootUuid = "fa754b1e-ac83-4851-bf16-88efcd40b657";
|
||||||
|
dataroot = "/dev/disk/by-uuid/${datarootUuid}";
|
||||||
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
../hardware/msi-delta-15
|
../hardware/msi-delta-15
|
||||||
../hosts/nixmsi.nix
|
../hosts/nixmsi.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.systemd.enable = false;
|
|
||||||
boot.initrd = {
|
boot.initrd = {
|
||||||
luks.devices.cryptroot = {
|
# insert crypto_keyfile into initrd so that grub can tell the kernel the
|
||||||
device = parts.encroot;
|
# encryption key once I unlock the /boot partition
|
||||||
|
secrets."/crypto_keyfile.bin" = "/boot/initrd/crypto_keyfile.bin";
|
||||||
|
luks.devices."cryptroot" = {
|
||||||
|
device = encPart;
|
||||||
|
# idk whether this is needed but it works
|
||||||
|
preLVM = true;
|
||||||
# see https://asalor.blogspot.de/2011/08/trim-dm-crypt-problems.html before enabling
|
# see https://asalor.blogspot.de/2011/08/trim-dm-crypt-problems.html before enabling
|
||||||
allowDiscards = true;
|
allowDiscards = true;
|
||||||
|
# improve SSD performance
|
||||||
|
bypassWorkqueues = true;
|
||||||
|
keyFile = "/crypto_keyfile.bin";
|
||||||
};
|
};
|
||||||
luks.devices.dataroot = {
|
luks.devices."dataroot" = {
|
||||||
device = parts.encdata;
|
device = dataPart;
|
||||||
|
preLVM = true;
|
||||||
allowDiscards = true;
|
allowDiscards = true;
|
||||||
|
bypassWorkqueues = true;
|
||||||
|
keyFile = "/crypto_keyfile.bin";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
boot.loader = {
|
||||||
boot.loader.systemd-boot.enable = true;
|
grub = {
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
enable = true;
|
||||||
|
enableCryptodisk = true;
|
||||||
boot.kernelPackages = pkgs.linuxPackages_testing;
|
efiSupport = true;
|
||||||
boot.kernelParams = [ "boot.shell_on_fail" ];
|
# nodev = disable bios support
|
||||||
|
device = "nodev";
|
||||||
fileSystems = {
|
};
|
||||||
"/" = { device = "none"; fsType = "tmpfs"; neededForBoot = true;
|
efi.canTouchEfiVariables = true;
|
||||||
|
efi.efiSysMountPoint = "/boot/efi";
|
||||||
|
};
|
||||||
|
boot.resumeDevice = cryptroot;
|
||||||
|
boot.kernelParams = [
|
||||||
|
"resume=/@swap/swapfile"
|
||||||
|
# resume_offset = $(btrfs inspect-internal map-swapfile -r path/to/swapfile)
|
||||||
|
"resume_offset=533760"
|
||||||
|
];
|
||||||
|
fileSystems = let
|
||||||
|
device = cryptroot;
|
||||||
|
fsType = "btrfs";
|
||||||
|
# max compression! my cpu is pretty good anyway
|
||||||
|
compress = "compress=zstd:15";
|
||||||
|
discard = "discard=async";
|
||||||
|
neededForBoot = true;
|
||||||
|
in {
|
||||||
|
# mount root on tmpfs
|
||||||
|
"/" = { device = "none"; fsType = "tmpfs"; inherit neededForBoot;
|
||||||
options = [ "defaults" "size=2G" "mode=755" ]; };
|
options = [ "defaults" "size=2G" "mode=755" ]; };
|
||||||
"/persist" =
|
"/persist" =
|
||||||
{ device = parts.root; fsType = "bcachefs"; neededForBoot = true;
|
{ inherit device fsType neededForBoot;
|
||||||
options = [ "discard=1" ]; };
|
options = [ discard compress "subvol=@" ]; };
|
||||||
"/boot" = { device = parts.efi; fsType = "vfat"; neededForBoot = true; };
|
"/nix" = { inherit device fsType neededForBoot;
|
||||||
"/data" = { device = parts.data; fsType = "btrfs";
|
options = [ discard compress "subvol=@nix" "noatime" ]; };
|
||||||
options = [ "discard=async" "compress=zstd:15" ]; };
|
"/swap" = { inherit device fsType neededForBoot;
|
||||||
|
options = [ discard "subvol=@swap" "noatime" ]; };
|
||||||
|
"/home" = { inherit device fsType;
|
||||||
|
options = [ discard compress "subvol=@home" ]; };
|
||||||
|
# why am I even bothering with creating this subvolume every time if I don't use snapshots anyway?
|
||||||
|
"/.snapshots" =
|
||||||
|
{ inherit device fsType;
|
||||||
|
options = [ discard compress "subvol=@snapshots" ]; };
|
||||||
|
"/boot" = { inherit device fsType neededForBoot;
|
||||||
|
options = [ discard compress "subvol=@boot" ]; };
|
||||||
|
"/boot/efi" =
|
||||||
|
{ device = efiPart; fsType = "vfat"; inherit neededForBoot; };
|
||||||
|
"/data" =
|
||||||
|
{ device = dataroot; fsType = "btrfs";
|
||||||
|
options = [ discard compress ]; };
|
||||||
};
|
};
|
||||||
impermanence.directories = [
|
|
||||||
/root
|
|
||||||
/home
|
|
||||||
/nix
|
|
||||||
];
|
|
||||||
|
|
||||||
impermanence = {
|
impermanence = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -62,13 +95,18 @@ in
|
||||||
# fix for my realtek usb ethernet adapter
|
# fix for my realtek usb ethernet adapter
|
||||||
services.tlp.settings.USB_DENYLIST = "0bda:8156";
|
services.tlp.settings.USB_DENYLIST = "0bda:8156";
|
||||||
|
|
||||||
swapDevices = [ { device = parts.swap; } ];
|
swapDevices = [ { device = "/swap/swapfile"; } ];
|
||||||
boot.resumeDevice = parts.swap;
|
|
||||||
|
|
||||||
# dedupe
|
# dedupe
|
||||||
services.beesd = {
|
services.beesd = {
|
||||||
|
# i have a lot of ram :tonystark:
|
||||||
|
filesystems.cryptroot = {
|
||||||
|
spec = "UUID=${cryptrootUuid}";
|
||||||
|
hashTableSizeMB = 128;
|
||||||
|
extraOptions = [ "--loadavg-target" "8.0" ];
|
||||||
|
};
|
||||||
filesystems.dataroot = {
|
filesystems.dataroot = {
|
||||||
spec = "UUID=${uuids.data}";
|
spec = "UUID=${datarootUuid}";
|
||||||
hashTableSizeMB = 256;
|
hashTableSizeMB = 256;
|
||||||
extraOptions = [ "--loadavg-target" "8.0" ];
|
extraOptions = [ "--loadavg-target" "8.0" ];
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,60 +0,0 @@
|
||||||
{ config
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
|
|
||||||
let
|
|
||||||
uuids.enc = "e2abdea5-71dc-4a9e-aff3-242117342d60";
|
|
||||||
uuids.boot = "9DA3-28AC";
|
|
||||||
uuids.bch = "ac343ffb-407c-4966-87bf-a0ef1075e93d";
|
|
||||||
parts = builtins.mapAttrs (k: v: "/dev/disk/by-uuid/${v}") uuids;
|
|
||||||
in
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
../hardware/oneplus-enchilada
|
|
||||||
../hosts/phone
|
|
||||||
];
|
|
||||||
|
|
||||||
# https://gitlab.com/postmarketOS/pmaports/-/issues/2440
|
|
||||||
# networking.wireless.iwd.enable = true;
|
|
||||||
networking.networkmanager.enable = true;
|
|
||||||
|
|
||||||
boot.loader = {
|
|
||||||
grub.enable = false;
|
|
||||||
systemd-boot.enable = true;
|
|
||||||
efi.canTouchEfiVariables = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
boot.initrd = {
|
|
||||||
luks.devices.cryptroot = {
|
|
||||||
device = parts.enc;
|
|
||||||
allowDiscards = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
boot.supportedFilesystems = [ "bcachefs" ];
|
|
||||||
|
|
||||||
fileSystems = let
|
|
||||||
neededForBoot = true;
|
|
||||||
in {
|
|
||||||
"/" = { device = "none"; fsType = "tmpfs"; inherit neededForBoot;
|
|
||||||
options = [ "defaults" "size=2G" "mode=755" ]; };
|
|
||||||
"/persist" =
|
|
||||||
{ device = "UUID=${uuids.bch}"; fsType = "bcachefs"; inherit neededForBoot;
|
|
||||||
options = [ "errors=ro" ]; };
|
|
||||||
"/boot" = { device = parts.boot; fsType = "vfat"; inherit neededForBoot; };
|
|
||||||
};
|
|
||||||
|
|
||||||
zramSwap.enable = true;
|
|
||||||
|
|
||||||
impermanence = {
|
|
||||||
enable = true;
|
|
||||||
path = /persist;
|
|
||||||
directories = [
|
|
||||||
{ directory = /home/${config.common.mainUsername}; user = config.common.mainUsername; group = "users"; mode = "0700"; }
|
|
||||||
{ directory = /root; mode = "0700"; }
|
|
||||||
{ directory = /nix; }
|
|
||||||
{ directory = /secrets; mode = "0000"; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -6,7 +6,7 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
uuids.enc = "15945050-df48-418b-b736-827749b9262a";
|
uuids.enc = "15945050-df48-418b-b736-827749b9262a";
|
||||||
uuids.swap = "5c7f9e4e-c245-4ccb-98a2-1211ea7008e8";
|
uuids.oldroot = "de454394-8cc1-4267-b62b-1e25062f7cf4";
|
||||||
uuids.boot = "0603-5955";
|
uuids.boot = "0603-5955";
|
||||||
uuids.bch0 = "9f10b9ac-3102-4816-8f2c-e0526c2aa65b";
|
uuids.bch0 = "9f10b9ac-3102-4816-8f2c-e0526c2aa65b";
|
||||||
uuids.bch1 = "4ffed814-057c-4f9f-9a12-9d8ac6331e62";
|
uuids.bch1 = "4ffed814-057c-4f9f-9a12-9d8ac6331e62";
|
||||||
|
@ -29,12 +29,6 @@ in
|
||||||
"dm_mod" "dm_crypt" "encrypted_keys"
|
"dm_mod" "dm_crypt" "encrypted_keys"
|
||||||
];
|
];
|
||||||
|
|
||||||
systemd.enableEmergencyMode = false;
|
|
||||||
boot.kernel.sysctl = {
|
|
||||||
"net.core.default_qdisc" = "fq";
|
|
||||||
"net.ipv4.tcp_congestion_control" = "bbr";
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.useDHCP = true;
|
networking.useDHCP = true;
|
||||||
/*
|
/*
|
||||||
# as expected, systemd initrd and networking didn't work well, and i really cba to debug it
|
# as expected, systemd initrd and networking didn't work well, and i really cba to debug it
|
||||||
|
@ -110,19 +104,26 @@ in
|
||||||
fileSystems = let
|
fileSystems = let
|
||||||
neededForBoot = true;
|
neededForBoot = true;
|
||||||
in {
|
in {
|
||||||
"/" = { device = "none"; fsType = "tmpfs"; inherit neededForBoot;
|
"/" = { device = "none"; fsType = "tmpfs"; inherit neededForBoot;
|
||||||
options = [ "defaults" "size=2G" "mode=755" ]; };
|
options = [ "defaults" "size=2G" "mode=755" ]; };
|
||||||
"/persist" =
|
"/persist" =
|
||||||
{ device = "UUID=${uuids.bch}"; fsType = "bcachefs"; inherit neededForBoot;
|
{ device = "UUID=${uuids.bch}"; fsType = "bcachefs"; inherit neededForBoot;
|
||||||
options = [ "errors=ro" ]; };
|
options = [ "errors=ro" ]; };
|
||||||
|
#"/persist" =
|
||||||
|
# { device = parts.oldroot; fsType = "btrfs"; inherit neededForBoot;
|
||||||
|
# options = [ "discard=async" "compress=zstd" "subvol=@" ]; };
|
||||||
|
"/swap" = { device = parts.oldroot; fsType = "btrfs"; inherit neededForBoot;
|
||||||
|
options = [ "discard=async" "subvol=@swap" "noatime" ]; };
|
||||||
"/boot" = { device = parts.boot; fsType = "vfat"; inherit neededForBoot; };
|
"/boot" = { device = parts.boot; fsType = "vfat"; inherit neededForBoot; };
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ { device = parts.swap; } ];
|
swapDevices = [ { device = "/swap/swapfile"; } ];
|
||||||
|
|
||||||
boot.kernel.sysctl = {
|
boot.kernelParams = [
|
||||||
"vm.swappiness" = 10;
|
"resume=/@swap/swapfile"
|
||||||
};
|
# resume_offset = $(btrfs inspect-internal map-swapfile -r path/to/swapfile)
|
||||||
|
"resume_offset=26001976"
|
||||||
|
];
|
||||||
|
|
||||||
impermanence = {
|
impermanence = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -8,7 +8,8 @@
|
||||||
generic-extlinux-compatible.enable = true;
|
generic-extlinux-compatible.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.buildLinuxWithCcache pkgs.linux_bpiR3);
|
#boot.kernelPackages = config._module.args.fromSourcePkgs.linuxPackages_bpiR3_ccache or pkgs.linuxPackages_bpiR3_ccache;
|
||||||
|
boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.buildLinuxWithCcache (config._module.args.fromSourcePkgs.linux_bpiR3 or pkgs.linux_bpiR3));
|
||||||
|
|
||||||
hardware.deviceTree.enable = true;
|
hardware.deviceTree.enable = true;
|
||||||
hardware.deviceTree.filter = "mt7986a-bananapi-bpi-r3.dtb";
|
hardware.deviceTree.filter = "mt7986a-bananapi-bpi-r3.dtb";
|
||||||
|
|
|
@ -86,7 +86,7 @@ run mkdir -p "$tmp/out/@/var/log"
|
||||||
|
|
||||||
# secrets, we don't want to pass them via the store
|
# secrets, we don't want to pass them via the store
|
||||||
run mkdir -p "$tmp/out/@/secrets"
|
run mkdir -p "$tmp/out/@/secrets"
|
||||||
run cp -v /secrets/nixos/wireguard-key "$tmp/out/@/secrets/"
|
run cp -v /etc/nixos/private/wireguard-key "$tmp/out/@/secrets/"
|
||||||
run chmod -R 000 "$tmp/out/@/secrets"
|
run chmod -R 000 "$tmp/out/@/secrets"
|
||||||
|
|
||||||
cpr "$rootfs/nix" "$tmp/out/@nix"
|
cpr "$rootfs/nix" "$tmp/out/@nix"
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
{ hardware
|
{ hardware
|
||||||
, pkgs
|
, pkgs
|
||||||
, lib
|
|
||||||
, ... }:
|
, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
@ -14,7 +13,7 @@
|
||||||
common.resolution = "1920x1080";
|
common.resolution = "1920x1080";
|
||||||
vfio.pciIDs = [ "1002:73df" "1002:ab28" ];
|
vfio.pciIDs = [ "1002:73df" "1002:ab28" ];
|
||||||
boot = {
|
boot = {
|
||||||
kernelPackages = lib.mkDefault (pkgs.linuxPackagesFor pkgs.linux_latest);
|
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
|
||||||
initrd.availableKernelModules = [ "nvme" "xhci_pci" ];
|
initrd.availableKernelModules = [ "nvme" "xhci_pci" ];
|
||||||
kernelParams = [
|
kernelParams = [
|
||||||
# disable PSR to *hopefully* avoid random hangs
|
# disable PSR to *hopefully* avoid random hangs
|
||||||
|
@ -24,4 +23,45 @@
|
||||||
"amdgpu.noretry=0"
|
"amdgpu.noretry=0"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
# TODO: really, really, please, I want latest firmware to work...
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(final: prev: {
|
||||||
|
amd-ucode = prev.amd-ucode.override { inherit (final) linux-firmware; };
|
||||||
|
linux-firmware = prev.stdenvNoCC.mkDerivation {
|
||||||
|
inherit (prev.linux-firmware) pname version meta src dontFixup installFlags nativeBuildInputs;
|
||||||
|
passthru = { inherit (prev.linux-firmware) version; };
|
||||||
|
|
||||||
|
# revert microcode updates which break boot for me
|
||||||
|
patches = [
|
||||||
|
./revert-amd-ucode-update-fam17h.patch
|
||||||
|
./revert-amd-ucode-update-fam19h.patch
|
||||||
|
];
|
||||||
|
postPatch = ''
|
||||||
|
cp ${final.fetchurl {
|
||||||
|
name = "microcode_amd_fam17h.bin";
|
||||||
|
url = "https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/amd-ucode/microcode_amd_fam17h.bin?id=b250b32ab1d044953af2dc5e790819a7703b7ee6";
|
||||||
|
hash = "sha256-HnKjEb2di7BiKB09JYUjIUuZNCVgXlwRSbjijnuYBcM=";
|
||||||
|
}} amd-ucode/microcode_amd_fam17h.bin
|
||||||
|
cp ${final.fetchurl {
|
||||||
|
name = "microcode_amd_fam19h.bin";
|
||||||
|
url = "https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/amd-ucode/microcode_amd_fam19h.bin?id=0ab353f8d8aa96d68690911cea22ec538f3095c4";
|
||||||
|
hash = "sha256-LlA+E4EVQpfjD3/cg6Y52BsCGW/5ZfY0J2UnCUI/3MQ";
|
||||||
|
}} amd-ucode/microcode_amd_fam19h.bin
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
|
specialisation.no_patches.configuration = {
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(final: prev: {
|
||||||
|
amd-ucode = prev.amd-ucode.override { inherit (final) linux-firmware; };
|
||||||
|
linux-firmware = prev.stdenvNoCC.mkDerivation {
|
||||||
|
inherit (prev.linux-firmware) pname version meta src dontFixup installFlags nativeBuildInputs;
|
||||||
|
passthru = { inherit (prev.linux-firmware) version; };
|
||||||
|
patches = [ ];
|
||||||
|
postPatch = "";
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,52 @@
|
||||||
|
diff --git a/WHENCE b/WHENCE
|
||||||
|
index dbcdced..9ae8ff7 100644
|
||||||
|
--- a/WHENCE
|
||||||
|
+++ b/WHENCE
|
||||||
|
@@ -3919,7 +3919,7 @@ Version: 2018-05-24
|
||||||
|
RawFile: amd-ucode/microcode_amd_fam16h.bin
|
||||||
|
Version: 2014-10-28
|
||||||
|
RawFile: amd-ucode/microcode_amd_fam17h.bin
|
||||||
|
-Version: 2023-07-19
|
||||||
|
+Version: 2023-04-13
|
||||||
|
RawFile: amd-ucode/microcode_amd_fam19h.bin
|
||||||
|
Version: 2023-08-08
|
||||||
|
File: amd-ucode/README
|
||||||
|
diff --git a/amd-ucode/README b/amd-ucode/README
|
||||||
|
index f47743c..5dc5108 100644
|
||||||
|
--- a/amd-ucode/README
|
||||||
|
+++ b/amd-ucode/README
|
||||||
|
@@ -32,9 +32,8 @@ Microcode patches in microcode_amd_fam16h.bin:
|
||||||
|
|
||||||
|
Microcode patches in microcode_amd_fam17h.bin:
|
||||||
|
Family=0x17 Model=0x08 Stepping=0x02: Patch=0x0800820d Length=3200 bytes
|
||||||
|
- Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107a Length=3200 bytes
|
||||||
|
- Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a00008 Length=3200 bytes
|
||||||
|
Family=0x17 Model=0x01 Stepping=0x02: Patch=0x0800126e Length=3200 bytes
|
||||||
|
+ Family=0x17 Model=0x31 Stepping=0x00: Patch=0x08301072 Length=3200 bytes
|
||||||
|
|
||||||
|
Microcode patches in microcode_amd_fam19h.bin:
|
||||||
|
Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a10113e Length=5568 bytes
|
||||||
|
diff --git a/amd-ucode/microcode_amd_fam17h.bin.asc b/amd-ucode/microcode_amd_fam17h.bin.asc
|
||||||
|
index 34a4024..27da52c 100644
|
||||||
|
--- a/amd-ucode/microcode_amd_fam17h.bin.asc
|
||||||
|
+++ b/amd-ucode/microcode_amd_fam17h.bin.asc
|
||||||
|
@@ -1,11 +1,11 @@
|
||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
-iQEzBAABCgAdFiEE/HxsUF2vzBRxg1fK5L5TOfMornMFAmS4Mm4ACgkQ5L5TOfMo
|
||||||
|
-rnN35wgAkllCunxE6J5hQyLMx5o4WTHZkbNvXmu6nV1Y3vjiL1oeaK+pmx8BlkPt
|
||||||
|
-fGZJCe/068kqmp3N4EtOZLxXn55t3jNBYectPr0RmFqpjMsEJEcfXfuXROA4N9Ti
|
||||||
|
-Zd/o6X21eHEsm0kK0q4YfppfgTd5Ze7k1jTkUuuU6/yh6uRk1MiFreEzkPO3Aayh
|
||||||
|
-iEWlYx33vq3HccTPgdY3D64Zr8gmgKG+8mdEvqb1jK4SVZ1/9vy4OKIIpUZB/eqx
|
||||||
|
-46h9Ejwn9pktnYkHi/A/zCREEcIQ10HXFF5bjxJTFQkM5S46/QEO7uuvnpMb+6Yy
|
||||||
|
-4V1/QIWMG6ixqCRx9GqbBK7GHdYODw==
|
||||||
|
-=+IsI
|
||||||
|
+iQEzBAABCgAdFiEE/HxsUF2vzBRxg1fK5L5TOfMornMFAmQeEvgACgkQ5L5TOfMo
|
||||||
|
+rnPOpAf/dYhPqq/ktg1muI/khV4EhDiguX6OXib3fmfSZdvPIAI0cRI77M3Lvf0b
|
||||||
|
+nlV8D67e5HOQ5foJbix5tunz0sZjqr2QU8U9dNk/ut0KC7UiCRc8VH40aSi/OQBG
|
||||||
|
+Y8c7tb6IJ+N+jyJ6Ii6koUuRO2Lk2MckcrWLRuLRV4bB+osyJrGjc/X54Z6UJ/Ma
|
||||||
|
+VDg13Yxy5WvC7sMmlmnY42JLeLBKDVUvg0zDvJ4aOLLxRE2l3eiAKE+TV122LmxN
|
||||||
|
+ca5WA/ESYQ9BjxHYIrpTd9nQaWa/TIZ+rOmJGLMtnQ1gGlW97zQuJR7zh+8vdLzC
|
||||||
|
+iwVlS1cu7kcV7KYDytTkWJ+2gwb3uQ==
|
||||||
|
+=lP2S
|
||||||
|
-----END PGP SIGNATURE-----
|
|
@ -0,0 +1,64 @@
|
||||||
|
diff --git a/WHENCE b/WHENCE
|
||||||
|
index dbcdced..dd7b8d5 100644
|
||||||
|
--- a/WHENCE
|
||||||
|
+++ b/WHENCE
|
||||||
|
@@ -3921,7 +3921,7 @@ Version: 2014-10-28
|
||||||
|
RawFile: amd-ucode/microcode_amd_fam17h.bin
|
||||||
|
Version: 2023-07-19
|
||||||
|
RawFile: amd-ucode/microcode_amd_fam19h.bin
|
||||||
|
-Version: 2023-10-19
|
||||||
|
+Version: 2023-07-18
|
||||||
|
File: amd-ucode/README
|
||||||
|
|
||||||
|
License: Redistributable. See LICENSE.amd-ucode for details
|
||||||
|
diff --git a/amd-ucode/README b/amd-ucode/README
|
||||||
|
index f47743c..6a9ff1e 100644
|
||||||
|
--- a/amd-ucode/README
|
||||||
|
+++ b/amd-ucode/README
|
||||||
|
@@ -37,22 +37,9 @@ Microcode patches in microcode_amd_fam17h.bin:
|
||||||
|
Family=0x17 Model=0x01 Stepping=0x02: Patch=0x0800126e Length=3200 bytes
|
||||||
|
|
||||||
|
Microcode patches in microcode_amd_fam19h.bin:
|
||||||
|
- Family=0x19 Model=0x11 Stepping=0x02: Patch=0x0a101244 Length=5568 bytes
|
||||||
|
Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d1 Length=5568 bytes
|
||||||
|
Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079 Length=5568 bytes
|
||||||
|
- Family=0x19 Model=0xa0 Stepping=0x02: Patch=0x0aa00213 Length=5568 bytes
|
||||||
|
Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001234 Length=5568 bytes
|
||||||
|
- Family=0x19 Model=0xa0 Stepping=0x01: Patch=0x0aa00116 Length=5568 bytes
|
||||||
|
- Family=0x19 Model=0x11 Stepping=0x01: Patch=0x0a101144 Length=5568 bytes
|
||||||
|
-
|
||||||
|
-NOTE: For Genoa (Family=0x19 Model=0x11) and Bergamo (Family=0x19 Model=0xa0),
|
||||||
|
-either AGESA version >= 1.0.0.8 OR a kernel with the following commit is
|
||||||
|
-required:
|
||||||
|
-a32b0f0db3f3 ("x86/microcode/AMD: Load late on both threads too")
|
||||||
|
-
|
||||||
|
-When late loading the patches for Genoa or Bergamo, there may be one spurious
|
||||||
|
-NMI observed per physical core. These NMIs are benign and don't cause any
|
||||||
|
-functional issue but will result in kernel messages being logged.
|
||||||
|
|
||||||
|
NOTE: When running 5.19+ kernels on Genoa or Bergamo systems, some microcode
|
||||||
|
patches are known to trigger warnings in the PMI handler. The following are
|
||||||
|
diff --git a/amd-ucode/microcode_amd_fam19h.bin.asc b/amd-ucode/microcode_amd_fam19h.bin.asc
|
||||||
|
index 8cff901..a32b4d6 100644
|
||||||
|
--- a/amd-ucode/microcode_amd_fam19h.bin.asc
|
||||||
|
+++ b/amd-ucode/microcode_amd_fam19h.bin.asc
|
||||||
|
@@ -1,11 +1,11 @@
|
||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
-iQEzBAABCgAdFiEE/HxsUF2vzBRxg1fK5L5TOfMornMFAmUoW6AACgkQ5L5TOfMo
|
||||||
|
-rnMHAAf/SxaKEu5l7FGXR+QJYc2oSJDpf9ZsHTkVnxqF1I3ReItEGAR3iqSWrsRw
|
||||||
|
-KA4niP9Ihr8EqwhOaOtqkRKKF9D5yg+DksnRWbh2VTUECO4KQxjHNrPp3JWEzBwb
|
||||||
|
-Xn+vRVP02ZRi3u4MCYbnDC4AfUSnKnldY3TTlNi/6HUaGS2pcw8Vjli/C06zwfgh
|
||||||
|
-WwUAoFMQl4SDJhbGfC9cb93MKjBl/0Hv4uhK5W8fJ1iUkMvY8Ijna/oDTZCNPqP0
|
||||||
|
-0AgOwdAdzoyOYWjbUXcwofz2Umpz12xmJW8yXNwdv1pmaCvv9aCJz1L49lGwFH9E
|
||||||
|
-lhhoFQ1SQL3hhPjTXO6DbeeT9+fjOg==
|
||||||
|
-=9Xav
|
||||||
|
+iQEzBAABCgAdFiEE/HxsUF2vzBRxg1fK5L5TOfMornMFAmS3F00ACgkQ5L5TOfMo
|
||||||
|
+rnNEhQgAizSV8IFpvaYNytaJKLA4uevrZneGPV4czjCXnnj1yHpfQmCTyZQnoLnx
|
||||||
|
+7gyzf7K5271zO51FBQ5z2Nm48a3XPUhMbQLNP4BZdekLiA3bRpMtSyHct6zD0ULm
|
||||||
|
+xaFaOQ7MR1tGADhlon1bDvtnOuixUhwrZhEIlR9MzQAzERKDMOAVTbxn9ZhMfYiT
|
||||||
|
+LhA791Blyyi+6Z9uh7BpaA8l8uvoxt+uuvlBTjQMR3ER/TEjgcsoy+XhhK4QKS0V
|
||||||
|
+wJCtcDle/3pF+N6SAFWiXbNZ+P8p19afhcYddDl97xtpzA6/8b20a2eHkrqnu/Ds
|
||||||
|
+jTozF9kmhiifYMYpXtXgSOwI3GRZbQ==
|
||||||
|
+=t+j1
|
||||||
|
-----END PGP SIGNATURE-----
|
|
@ -1,28 +0,0 @@
|
||||||
diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig
|
|
||||||
index b60aa1f8934..0e3191950d5 100644
|
|
||||||
--- a/arch/arm64/configs/defconfig
|
|
||||||
+++ b/arch/arm64/configs/defconfig
|
|
||||||
@@ -1317,8 +1317,9 @@ CONFIG_QCOM_AOSS_QMP=y
|
|
||||||
CONFIG_QCOM_COMMAND_DB=y
|
|
||||||
CONFIG_QCOM_CPR=y
|
|
||||||
CONFIG_QCOM_GENI_SE=y
|
|
||||||
-CONFIG_QCOM_LLCC=m
|
|
||||||
-CONFIG_QCOM_OCMEM=m
|
|
||||||
+CONFIG_QCOM_LLCC=y
|
|
||||||
+CONFIG_QCOM_OCMEM=y
|
|
||||||
+CONFIG_BACKLIGHT_CLASS_DEVICE=y
|
|
||||||
CONFIG_QCOM_PMIC_GLINK=m
|
|
||||||
CONFIG_QCOM_RMTFS_MEM=m
|
|
||||||
CONFIG_QCOM_RPMH=y
|
|
||||||
diff --git a/drivers/remoteproc/Kconfig b/drivers/remoteproc/Kconfig
|
|
||||||
index 48845dc8fa8..5f503f9c99c 100644
|
|
||||||
--- a/drivers/remoteproc/Kconfig
|
|
||||||
+++ b/drivers/remoteproc/Kconfig
|
|
||||||
@@ -166,6 +166,7 @@ config QCOM_PIL_INFO
|
|
||||||
|
|
||||||
config QCOM_RPROC_COMMON
|
|
||||||
tristate
|
|
||||||
+ default y
|
|
||||||
|
|
||||||
config QCOM_Q6V5_COMMON
|
|
||||||
tristate
|
|
|
@ -1,228 +0,0 @@
|
||||||
{ pkgs
|
|
||||||
, lib
|
|
||||||
, config
|
|
||||||
, inputs
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.phone;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
"${inputs.mobile-nixos}/modules/quirks/qualcomm/sdm845-modem.nix"
|
|
||||||
"${inputs.mobile-nixos}/modules/quirks/audio.nix"
|
|
||||||
];
|
|
||||||
|
|
||||||
options.phone = {
|
|
||||||
adb.enable = lib.mkEnableOption "adb";
|
|
||||||
rndis.enable = lib.mkEnableOption "rndis" // {
|
|
||||||
default = true;
|
|
||||||
};
|
|
||||||
buffyboard.enable = lib.mkOption {
|
|
||||||
type = lib.types.bool;
|
|
||||||
default = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkMerge [
|
|
||||||
{
|
|
||||||
hardware.enableRedistributableFirmware = true;
|
|
||||||
mobile.quirks.qualcomm.sdm845-modem.enable = true;
|
|
||||||
mobile.quirks.audio.alsa-ucm-meld = true;
|
|
||||||
environment.systemPackages = [ pkgs.alsa-ucm-conf-enchilada ];
|
|
||||||
systemd.services.q6voiced = {
|
|
||||||
description = "QDSP6 driver daemon";
|
|
||||||
after = [ "ModemManager.service" "dbus.socket" ];
|
|
||||||
wantedBy = [ "ModemManager.service" ];
|
|
||||||
requires = [ "dbus.socket" ];
|
|
||||||
serviceConfig.ExecStart = "${pkgs.q6voiced}/bin/q6voiced hw:0,6";
|
|
||||||
};
|
|
||||||
systemd.user.services.wireplumber.environment.WIREPLUMBER_CONFIG_DIR = pkgs.runCommand "wireplumber-config" {} ''
|
|
||||||
cp -a "${pkgs.wireplumber}/share/wireplumber" "$out"
|
|
||||||
chmod +w "$out" "$out/main.lua.d"
|
|
||||||
ln -s ${pkgs.fetchurl {
|
|
||||||
url = "https://gitlab.com/postmarketOS/pmaports/-/raw/0aa9524204e9c9c002c860b87c972bc2ebf025f3/device/community/soc-qcom-sdm845/51-qcom-sdm845.lua";
|
|
||||||
hash = "sha256-56oNJJyuZZe1Iig1xskDuyazw3PbRZtmU/YRFUTqjwk=";
|
|
||||||
}} "$out/main.lua.d/51-qcom-sdm845.lua"
|
|
||||||
'';
|
|
||||||
systemd.services.wireplumber.environment.WIREPLUMBER_CONFIG_DIR = config.systemd.user.services.wireplumber.environment.WIREPLUMBER_CONFIG_DIR;
|
|
||||||
networking.modemmanager.enable = !config.networking.networkmanager.enable;
|
|
||||||
services.udev.extraRules = ''
|
|
||||||
SUBSYSTEM=="input", KERNEL=="event*", ENV{ID_INPUT}=="1", SUBSYSTEMS=="input", ATTRS{name}=="spmi_haptics", TAG+="uaccess", ENV{FEEDBACKD_TYPE}="vibra"
|
|
||||||
SUBSYSTEM=="misc", KERNEL=="fastrpc-*", ENV{ACCEL_MOUNT_MATRIX}+="-1, 0, 0; 0, -1, 0; 0, 0, -1"
|
|
||||||
'';
|
|
||||||
services.upower = {
|
|
||||||
enable = true;
|
|
||||||
percentageLow = 10;
|
|
||||||
percentageCritical = 5;
|
|
||||||
percentageAction = 3;
|
|
||||||
criticalPowerAction = "PowerOff";
|
|
||||||
};
|
|
||||||
hardware.firmware = lib.mkAfter [ pkgs.firmware-oneplus-sdm845 ];
|
|
||||||
boot.kernelPackages = lib.mkForce (pkgs.linuxPackagesFor pkgs.linux_enchilada_ccache);
|
|
||||||
hardware.deviceTree.enable = true;
|
|
||||||
hardware.deviceTree.name = "qcom/sdm845-oneplus-enchilada.dtb";
|
|
||||||
# loglevel=7 console=ttyMSM0,115200 is a way to delay boot
|
|
||||||
# see https://gitlab.freedesktop.org/drm/msm/-/issues/46
|
|
||||||
boot.consoleLogLevel = 7;
|
|
||||||
boot.kernelParams = [
|
|
||||||
"console=ttyMSM0,115200"
|
|
||||||
"console=tty0"
|
|
||||||
"dtb=/${config.hardware.deviceTree.name}"
|
|
||||||
];
|
|
||||||
boot.loader.systemd-boot.extraFiles.${config.hardware.deviceTree.name} = "${config.hardware.deviceTree.package}/${config.hardware.deviceTree.name}";
|
|
||||||
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
|
||||||
"firmware-oneplus-sdm845"
|
|
||||||
"firmware-oneplus-sdm845-xz"
|
|
||||||
];
|
|
||||||
system.build.uboot = pkgs.ubootImageEnchilada;
|
|
||||||
boot.initrd.includeDefaultModules = false;
|
|
||||||
boot.initrd.availableKernelModules = [
|
|
||||||
"sd_mod"
|
|
||||||
"usbhid"
|
|
||||||
"ehci_hcd" "ohci_hcd" "xhci_hcd" "uhci_hcd"
|
|
||||||
"ehci_pci" "ohci_pci" "xhci_pci"
|
|
||||||
"hid_generic" "hid_lenovo" "hid_apple" "hid_roccat"
|
|
||||||
"hid_logitech_hidpp" "hid_logitech_dj" "hid_microsoft" "hid_cherry"
|
|
||||||
];
|
|
||||||
boot.initrd.kernelModules = [
|
|
||||||
"i2c_qcom_geni"
|
|
||||||
"rmi_core"
|
|
||||||
"rmi_i2c"
|
|
||||||
"qcom_spmi_haptics"
|
|
||||||
"dm_mod"
|
|
||||||
];
|
|
||||||
}
|
|
||||||
(lib.mkIf cfg.buffyboard.enable {
|
|
||||||
boot.initrd.kernelModules = [ "uinput" "evdev" ];
|
|
||||||
boot.initrd.extraUtilsCommands = ''
|
|
||||||
copy_bin_and_libs ${pkgs.buffyboard}/bin/buffyboard
|
|
||||||
cp -a ${pkgs.libinput.out}/share $out/
|
|
||||||
'';
|
|
||||||
boot.initrd.extraUdevRulesCommands = ''
|
|
||||||
cp -v ${config.systemd.package}/lib/udev/rules.d/60-input-id.rules $out/
|
|
||||||
cp -v ${config.systemd.package}/lib/udev/rules.d/60-persistent-input.rules $out/
|
|
||||||
cp -v ${config.systemd.package}/lib/udev/rules.d/70-touchpad.rules $out/
|
|
||||||
'';
|
|
||||||
boot.initrd.preLVMCommands = ''
|
|
||||||
mkdir -p /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.libinput.name}/
|
|
||||||
ln -s "$(dirname "$(dirname "$(which buffyboard)")")"/share /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.libinput.name}/
|
|
||||||
buffyboard 2>/dev/null &
|
|
||||||
'';
|
|
||||||
boot.initrd.postMountCommands = ''
|
|
||||||
pkill -x buffyboard
|
|
||||||
'';
|
|
||||||
common.gettyAutologin = true;
|
|
||||||
systemd.services.buffyboard = {
|
|
||||||
description = "buffyboard";
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = "${pkgs.buffyboard}/bin/buffyboard";
|
|
||||||
Restart = "always";
|
|
||||||
RestartSec = "1";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
security.sudo.extraRules = [
|
|
||||||
{ groups = [ "users" ];
|
|
||||||
commands = [
|
|
||||||
{ command = "/run/current-system/sw/bin/systemctl stop buffyboard"; options = [ "SETENV" "NOPASSWD" ]; }
|
|
||||||
{ command = "/run/current-system/sw/bin/systemctl start buffyboard"; options = [ "SETENV" "NOPASSWD" ]; }
|
|
||||||
]; }
|
|
||||||
];
|
|
||||||
})
|
|
||||||
(lib.mkIf cfg.rndis.enable {
|
|
||||||
boot.initrd.kernelModules = [ "configfs" "libcomposite" ];
|
|
||||||
|
|
||||||
boot.specialFileSystems = {
|
|
||||||
"/sys/kernel/config" = {
|
|
||||||
device = "configfs";
|
|
||||||
fsType = "configfs";
|
|
||||||
options = [ "nosuid" "noexec" "nodev" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
boot.initrd.preLVMCommands = ''
|
|
||||||
mkdir -p /sys/kernel/config/usb_gadget/g1/strings/0x409
|
|
||||||
cd /sys/kernel/config/usb_gadget/g1
|
|
||||||
echo 0x18D1 > idVendor
|
|
||||||
echo 0xD001 > idProduct
|
|
||||||
echo oneplus-enchilada > strings/0x409/product
|
|
||||||
echo NixOS > strings/0x409/manufacturer
|
|
||||||
echo 0123456789 > strings/0x409/serialnumber
|
|
||||||
|
|
||||||
mkdir -p configs/c.1/strings/0x409
|
|
||||||
echo "USB network" > configs/c.1/strings/0x409/configuration
|
|
||||||
|
|
||||||
mkdir -p functions/ncm.usb0 || mkdir -p functions/rndis.usb0
|
|
||||||
ln -s functions/ncm.usb0 configs/c.1/ || ln -s functions/rndis.usb0 configs/c.1/
|
|
||||||
|
|
||||||
ls /sys/class/udc/ | head -n1 > UDC
|
|
||||||
cd /
|
|
||||||
|
|
||||||
ifconfig rndis0 172.16.42.1 || ifconfig usb0 172.16.42.1 || ifconfig eth0 172.16.42.1
|
|
||||||
'';
|
|
||||||
|
|
||||||
boot.initrd.network.enable = true;
|
|
||||||
boot.initrd.network.udhcpc.enable = false;
|
|
||||||
boot.initrd.network.ssh = {
|
|
||||||
enable = true;
|
|
||||||
port = 22;
|
|
||||||
authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
|
|
||||||
hostKeys = [ "/secrets/initrd/ssh_host_ed25519_key" "/secrets/initrd/ssh_host_rsa_key" ];
|
|
||||||
};
|
|
||||||
})
|
|
||||||
(lib.mkIf cfg.adb.enable {
|
|
||||||
boot.initrd.kernelModules = [ "configfs" "libcomposite" "g_ffs" ];
|
|
||||||
|
|
||||||
boot.specialFileSystems = {
|
|
||||||
"/sys/kernel/config" = {
|
|
||||||
device = "configfs";
|
|
||||||
fsType = "configfs";
|
|
||||||
options = [ "nosuid" "noexec" "nodev" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
boot.initrd.extraUtilsCommands = ''
|
|
||||||
copy_bin_and_libs ${pkgs.adbd}/bin/adbd
|
|
||||||
cp -pv ${pkgs.glibc.out}/lib/libnss_files.so.* $out/lib
|
|
||||||
'';
|
|
||||||
|
|
||||||
boot.initrd.preLVMCommands = ''
|
|
||||||
mkdir -p /sys/kernel/config/usb_gadget/g1/strings/0x409
|
|
||||||
cd /sys/kernel/config/usb_gadget/g1
|
|
||||||
echo 0x18D1 > idVendor
|
|
||||||
echo 0xD001 > idProduct
|
|
||||||
echo oneplus-enchilada > strings/0x409/product
|
|
||||||
echo NixOS > strings/0x409/manufacturer
|
|
||||||
echo 0123456789 > strings/0x409/serialnumber
|
|
||||||
|
|
||||||
mkdir -p configs/c.1/strings/0x409
|
|
||||||
echo adb > configs/c.1/strings/0x409/configuration
|
|
||||||
|
|
||||||
mkdir -p functions/ffs.adb
|
|
||||||
ln -s functions/ffs.adb configs/c.1/adb
|
|
||||||
|
|
||||||
mkdir -p /dev/usb-ffs/adb
|
|
||||||
mount -t functionfs adb /dev/usb-ffs/adb
|
|
||||||
adbd &
|
|
||||||
|
|
||||||
ls /sys/class/udc/ | head -n1 > UDC
|
|
||||||
cd /
|
|
||||||
'';
|
|
||||||
|
|
||||||
boot.initrd.postMountCommands = ''
|
|
||||||
pkill -x adbd
|
|
||||||
'';
|
|
||||||
|
|
||||||
systemd.services.adbd = {
|
|
||||||
description = "adb daemon";
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = "${pkgs.adbd}/bin/adbd";
|
|
||||||
Restart = "always";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
})
|
|
||||||
];
|
|
||||||
}
|
|
File diff suppressed because it is too large
Load diff
|
@ -1,631 +0,0 @@
|
||||||
{ pkgs
|
|
||||||
, pkgs'
|
|
||||||
, lib
|
|
||||||
, inputs
|
|
||||||
, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
inherit (inputs) mobile-nixos;
|
|
||||||
mobile-pkgs = import "${mobile-nixos}/overlay/overlay.nix" pkgs' pkgs;
|
|
||||||
in {
|
|
||||||
inherit (mobile-pkgs) mkbootimg qrtr;
|
|
||||||
pd-mapper = pkgs'.callPackage "${mobile-nixos}/overlay/qrtr/pd-mapper.nix" { };
|
|
||||||
tqftpserv = pkgs'.callPackage "${mobile-nixos}/overlay/qrtr/tqftpserv.nix" { };
|
|
||||||
rmtfs = pkgs'.callPackage "${mobile-nixos}/overlay/qrtr/rmtfs.nix" {
|
|
||||||
inherit (mobile-pkgs) qmic;
|
|
||||||
};
|
|
||||||
adbd = pkgs'.callPackage "${mobile-nixos}/overlay/adbd" {
|
|
||||||
libhybris = pkgs'.callPackage "${mobile-nixos}/overlay/libhybris" {
|
|
||||||
inherit (mobile-pkgs) android-headers;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
q6voiced = pkgs.stdenv.mkDerivation {
|
|
||||||
pname = "q6voiced";
|
|
||||||
version = "unstable-2022-07-08";
|
|
||||||
src = pkgs.fetchFromGitLab {
|
|
||||||
owner = "postmarketOS";
|
|
||||||
repo = "q6voiced";
|
|
||||||
rev = "736138bfc9f7b455a96679e2d67fd922a8f16464";
|
|
||||||
hash = "sha256-7k5saedIALHlsFHalStqzKrqAyFKx0ZN9FhLTdxAmf4=";
|
|
||||||
};
|
|
||||||
buildInputs = with pkgs; [ dbus tinyalsa ];
|
|
||||||
nativeBuildInputs = with pkgs; [ pkg-config ];
|
|
||||||
buildPhase = ''cc $(pkg-config --cflags --libs dbus-1) -ltinyalsa -o q6voiced q6voiced.c'';
|
|
||||||
installPhase = ''install -m555 -Dt "$out/bin" q6voiced'';
|
|
||||||
meta.license = lib.licenses.mit;
|
|
||||||
};
|
|
||||||
|
|
||||||
alsa-ucm-conf-enchilada = pkgs.stdenvNoCC.mkDerivation {
|
|
||||||
pname = "alsa-ucm-conf-enchilada";
|
|
||||||
version = "unstable-2022-12-08";
|
|
||||||
src = pkgs.fetchFromGitLab {
|
|
||||||
owner = "sdm845-mainline";
|
|
||||||
repo = "alsa-ucm-conf";
|
|
||||||
rev = "9ed12836b269764c4a853411d38ccb6abb70b383";
|
|
||||||
hash = "sha256-QvGZGLEmqE+sZpd15fHb+9+MmoD5zoGT+pYqyWZLdkM=";
|
|
||||||
};
|
|
||||||
installPhase = ''
|
|
||||||
substituteInPlace ucm2/lib/card-init.conf --replace '"/bin' '"/run/current-system/sw/bin'
|
|
||||||
mkdir -p "$out"/share/alsa/ucm2/{OnePlus,conf.d/sdm845,lib}
|
|
||||||
mv ucm2/lib/card-init.conf "$out/share/alsa/ucm2/lib/"
|
|
||||||
mv ucm2/OnePlus/enchilada "$out/share/alsa/ucm2/OnePlus/"
|
|
||||||
ln -s ../../OnePlus/enchilada/enchilada.conf "$out/share/alsa/ucm2/conf.d/sdm845/oneplus-OnePlus6-Unknown.conf"
|
|
||||||
'';
|
|
||||||
# to overwrite card-init.conf
|
|
||||||
meta.priority = -10;
|
|
||||||
};
|
|
||||||
|
|
||||||
ubootEnchilada = pkgs.buildUBoot {
|
|
||||||
defconfig = "qcom_defconfig";
|
|
||||||
version = "unstable-2023-12-11";
|
|
||||||
src = pkgs.fetchFromGitLab {
|
|
||||||
owner = "sdm845-mainline";
|
|
||||||
repo = "u-boot";
|
|
||||||
rev = "977b9279c610b862f9ef84fb3addbebb7c42166a";
|
|
||||||
hash = "sha256-ksI7qxozIjJ5E8uAJkX8ZuaaOHdv76XOzITaA8Vp/QA=";
|
|
||||||
};
|
|
||||||
makeFlags = [ "DEVICE_TREE=sdm845-oneplus-enchilada" ];
|
|
||||||
extraConfig = ''
|
|
||||||
CONFIG_BOOTDELAY=5
|
|
||||||
'';
|
|
||||||
extraMeta.platforms = [ "aarch64-linux" ];
|
|
||||||
patches = [ ];
|
|
||||||
filesToInstall = [ "u-boot-nodtb.bin" "u-boot-dtb.bin" "u-boot.dtb" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
ubootImageEnchilada = pkgs.stdenvNoCC.mkDerivation {
|
|
||||||
name = "u-boot-enchilada.img";
|
|
||||||
nativeBuildInputs = [
|
|
||||||
# available from mobile-nixos's overlay
|
|
||||||
pkgs'.mkbootimg
|
|
||||||
pkgs'.gzip
|
|
||||||
];
|
|
||||||
src = pkgs'.ubootEnchilada;
|
|
||||||
dontBuild = true;
|
|
||||||
dontFixup = true;
|
|
||||||
installPhase = ''
|
|
||||||
gzip u-boot-nodtb.bin
|
|
||||||
cat u-boot.dtb >> u-boot-nodtb.bin.gz
|
|
||||||
mkbootimg \
|
|
||||||
--base 0x0 \
|
|
||||||
--kernel_offset 0x8000 \
|
|
||||||
--ramdisk_offset 0x01000000 \
|
|
||||||
--tags_offset 0x100 \
|
|
||||||
--pagesize 4096 \
|
|
||||||
--kernel u-boot-nodtb.bin.gz \
|
|
||||||
-o "$out"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
firmware-oneplus-sdm845 = pkgs.stdenvNoCC.mkDerivation {
|
|
||||||
name = "firmware-oneplus-sdm845";
|
|
||||||
src = pkgs.fetchFromGitLab {
|
|
||||||
owner = "sdm845-mainline";
|
|
||||||
repo = "firmware-oneplus-sdm845";
|
|
||||||
rev = "dc9c77f220d104d7224c03fcbfc419a03a58765e";
|
|
||||||
hash = "sha256-jrbWIS4T9HgBPYOV2MqPiRQCxGMDEfQidKw9Jn5pgBI=";
|
|
||||||
};
|
|
||||||
installPhase = ''
|
|
||||||
cp -a . "$out"
|
|
||||||
cd "$out/lib/firmware/postmarketos"
|
|
||||||
find . -type f,l | xargs -i bash -c 'mkdir -p "$(dirname "../$1")" && mv "$1" "../$1"' -- {}
|
|
||||||
cd "$out/usr"
|
|
||||||
find . -type f,l | xargs -i bash -c 'mkdir -p "$(dirname "../$1")" && mv "$1" "../$1"' -- {}
|
|
||||||
cd ..
|
|
||||||
find "$out/lib/firmware/postmarketos" "$out/usr" | tac | xargs rmdir
|
|
||||||
'';
|
|
||||||
dontStrip = true;
|
|
||||||
# not actually redistributable, but who cares
|
|
||||||
meta.license = lib.licenses.unfreeRedistributableFirmware;
|
|
||||||
};
|
|
||||||
|
|
||||||
linux_enchilada = pkgs.linux_latest.override {
|
|
||||||
# TODO: uncomment
|
|
||||||
# ignoreConfigErrors = false;
|
|
||||||
kernelPatches = [
|
|
||||||
{
|
|
||||||
name = "linux_6_7";
|
|
||||||
patch = ./linux_6_7.patch;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
name = "config_fixes";
|
|
||||||
patch = ./config_fixes.patch;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
stdenv = lib.recursiveUpdate pkgs.stdenv {
|
|
||||||
hostPlatform.linux-kernel.extraConfig = "";
|
|
||||||
};
|
|
||||||
|
|
||||||
structuredExtraConfig = with lib.kernel; {
|
|
||||||
# fix build
|
|
||||||
LENOVO_YOGA_C630_EC = no;
|
|
||||||
RPMSG_QCOM_GLINK_SMEM = yes;
|
|
||||||
# useless lines, remove on update
|
|
||||||
DM_MIRROR = no;
|
|
||||||
DM_ZERO = no;
|
|
||||||
# for adb and stuff (doesn't have to be built-in, but it's easier that way)
|
|
||||||
USB_FUNCTIONFS = yes;
|
|
||||||
USB_LIBCOMPOSITE = yes;
|
|
||||||
USB_F_ACM = yes;
|
|
||||||
USB_U_SERIAL = yes;
|
|
||||||
USB_U_ETHER = yes;
|
|
||||||
USB_F_SERIAL = yes;
|
|
||||||
USB_F_OBEX = yes;
|
|
||||||
USB_F_NCM = yes;
|
|
||||||
USB_F_ECM = yes;
|
|
||||||
USB_F_EEM = yes;
|
|
||||||
USB_F_SUBSET = yes;
|
|
||||||
USB_F_RNDIS = yes;
|
|
||||||
USB_F_MASS_STORAGE = yes;
|
|
||||||
USB_F_FS = yes;
|
|
||||||
USB_F_HID = yes;
|
|
||||||
USB_CONFIGFS = yes;
|
|
||||||
USB_CONFIGFS_F_HID = yes;
|
|
||||||
|
|
||||||
# adapted from https://gitlab.com/sdm845-mainline/linux/-/blob/caf9d678d34f70173bf236584dfb819164283833/arch/arm64/configs/sdm845.config
|
|
||||||
# enchilada-specific
|
|
||||||
DRM_PANEL_SAMSUNG_SOFEF00 = yes;
|
|
||||||
BATTERY_BQ27XXX = module;
|
|
||||||
HID_RMI = module;
|
|
||||||
RMI4_CORE = module;
|
|
||||||
RMI4_I2C = module;
|
|
||||||
RMI4_F55 = yes;
|
|
||||||
# common sdm845
|
|
||||||
HIBERNATION = lib.mkForce no;
|
|
||||||
QCOM_RPROC_COMMON = yes;
|
|
||||||
FORCE_NR_CPUS = yes;
|
|
||||||
NR_CPUS = lib.mkForce (freeform "8");
|
|
||||||
SCSI_UFS_QCOM = yes;
|
|
||||||
QCOM_GSBI = yes;
|
|
||||||
QCOM_LLCC = yes;
|
|
||||||
QCOM_OCMEM = yes;
|
|
||||||
QCOM_RMTFS_MEM = yes;
|
|
||||||
QCOM_SOCINFO = yes;
|
|
||||||
QCOM_WCNSS_CTRL = yes;
|
|
||||||
QCOM_APR = yes;
|
|
||||||
POWER_RESET_QCOM_PON = yes;
|
|
||||||
QCOM_SPMI_TEMP_ALARM = yes;
|
|
||||||
QCOM_LMH = yes;
|
|
||||||
SCHED_CLUSTER = yes;
|
|
||||||
SND_SOC_QDSP6_Q6VOICE = module;
|
|
||||||
SCSI_UFS_BSG = yes;
|
|
||||||
PHY_QCOM_QMP_PCIE = yes;
|
|
||||||
BACKLIGHT_CLASS_DEVICE = yes;
|
|
||||||
INTERCONNECT_QCOM_OSM_L3 = yes;
|
|
||||||
LEDS_TRIGGER_PATTERN = yes;
|
|
||||||
LEDS_CLASS_MULTICOLOR = module;
|
|
||||||
LEDS_QCOM_LPG = module;
|
|
||||||
LEDS_QCOM_FLASH = module;
|
|
||||||
SLIMBUS = yes;
|
|
||||||
SLIM_QCOM_CTRL = yes;
|
|
||||||
SLIM_QCOM_NGD_CTRL = yes;
|
|
||||||
REMOTEPROC_CDEV = yes;
|
|
||||||
BATTERY_QCOM_FG = module;
|
|
||||||
CHARGER_QCOM_SMB2 = module;
|
|
||||||
QCOM_SPMI_RRADC = module;
|
|
||||||
DRM = yes;
|
|
||||||
DRM_MSM = yes;
|
|
||||||
REGULATOR_QCOM_LABIBB = yes;
|
|
||||||
BACKLIGHT_QCOM_WLED = yes;
|
|
||||||
INPUT_QCOM_SPMI_HAPTICS = module;
|
|
||||||
PM_AUTOSLEEP = yes;
|
|
||||||
SCSI_SCAN_ASYNC = yes;
|
|
||||||
DMABUF_HEAPS = yes;
|
|
||||||
UDMABUF = yes;
|
|
||||||
DMABUF_HEAPS_CMA = yes;
|
|
||||||
DMABUF_HEAPS_SYSTEM = yes;
|
|
||||||
HZ_1000 = yes;
|
|
||||||
RPMSG_CHAR = yes;
|
|
||||||
QCOM_Q6V5_ADSP = module;
|
|
||||||
BT_RFCOMM = yes;
|
|
||||||
BT_RFCOMM_TTY = yes;
|
|
||||||
BT_BNEP = yes;
|
|
||||||
BT_BNEP_MC_FILTER = yes;
|
|
||||||
BT_BNEP_PROTO_FILTER = yes;
|
|
||||||
BT_HS = yes;
|
|
||||||
BT_LE = yes;
|
|
||||||
QCOM_COINCELL = module;
|
|
||||||
QCOM_FASTRPC = module;
|
|
||||||
QCOM_SPMI_VADC = yes;
|
|
||||||
QCOM_SPMI_ADC5 = yes;
|
|
||||||
PHY_QCOM_QMP = yes;
|
|
||||||
PHY_QCOM_QUSB2 = yes;
|
|
||||||
PHY_QCOM_QMP_UFS = yes;
|
|
||||||
TYPEC = yes;
|
|
||||||
PHY_QCOM_QMP_COMBO = yes;
|
|
||||||
LEDS_CLASS_FLASH = yes;
|
|
||||||
TCP_CONG_WESTWOOD = yes;
|
|
||||||
DEFAULT_WESTWOOD = yes;
|
|
||||||
BLK_DEV_RAM = yes;
|
|
||||||
BLK_DEV_RAM_SIZE = freeform "8192";
|
|
||||||
CPU_FREQ_GOV_POWERSAVE = yes;
|
|
||||||
SYN_COOKIES = yes;
|
|
||||||
INPUT_UINPUT = module;
|
|
||||||
U_SERIAL_CONSOLE = yes;
|
|
||||||
USB_ANNOUNCE_NEW_DEVICES = yes;
|
|
||||||
BLK_INLINE_ENCRYPTION = yes;
|
|
||||||
PHY_QCOM_SNPS_EUSB2 = module;
|
|
||||||
MFD_QCOM_RPM = yes;
|
|
||||||
USB_DWC3_ULPI = yes;
|
|
||||||
SCSI_UFS_CRYPTO = yes;
|
|
||||||
PHY_QCOM_USB_HS = yes;
|
|
||||||
PHY_QCOM_USB_SNPS_FEMTO_V2 = yes;
|
|
||||||
INTERCONNECT_QCOM_SM6115 = yes;
|
|
||||||
SM_DISPCC_6115 = yes;
|
|
||||||
FS_ENCRYPTION_INLINE_CRYPT = yes;
|
|
||||||
CRYPTO_USER_API_AEAD = yes;
|
|
||||||
CRYPTO_DEV_QCE = yes;
|
|
||||||
DMA_CMA = yes;
|
|
||||||
SM_GPUCC_6115 = yes;
|
|
||||||
USB_ONBOARD_HUB = no; # breaks USB on qualcomm rb2... which i don't need, but i guess this won't hurt either way
|
|
||||||
INTERCONNECT_QCOM_QCM2290 = yes;
|
|
||||||
BRIDGE_NETFILTER = module;
|
|
||||||
# CONFIG END (essentially)
|
|
||||||
|
|
||||||
# the rest of the config is just disabling unneeded stuff, feel free to ignore this
|
|
||||||
ARCH_SPARX5 = no;
|
|
||||||
ARCH_MA35 = no;
|
|
||||||
ARCH_REALTEK = no;
|
|
||||||
ARCH_STM32 = no;
|
|
||||||
BLK_DEV_NVME = no;
|
|
||||||
ATA = no;
|
|
||||||
MTD = no;
|
|
||||||
SRAM = no;
|
|
||||||
MEGARAID_SAS = no;
|
|
||||||
EEPROM_AT25 = no;
|
|
||||||
USB_DWC2 = no;
|
|
||||||
USB_CHIPIDEA = no;
|
|
||||||
USB_MUSB_HDRC = no;
|
|
||||||
USB_ISP1760 = no;
|
|
||||||
USB_HSIC_USB3503 = no;
|
|
||||||
USB_NET_PLUSB = no;
|
|
||||||
TYPEC_FUSB302 = no;
|
|
||||||
EXTCON_PTN5150 = no;
|
|
||||||
NET_VENDOR_NI = no;
|
|
||||||
NET_9P = no;
|
|
||||||
CAN = no;
|
|
||||||
BNX2X = no;
|
|
||||||
MACB = no;
|
|
||||||
IGB = no;
|
|
||||||
IGBVF = no;
|
|
||||||
SMC91X = no;
|
|
||||||
MLX4_EN = no;
|
|
||||||
MLX5_CORE = no;
|
|
||||||
STMMAC_ETH = no;
|
|
||||||
ATL1C = no;
|
|
||||||
BRCMFMAC = no;
|
|
||||||
WL18XX = no;
|
|
||||||
ATH10K_PCI = no;
|
|
||||||
NET_SCH_CBS = no;
|
|
||||||
NET_SCH_ETF = no;
|
|
||||||
NET_SCH_TAPRIO = no;
|
|
||||||
NET_SCH_MQPRIO = no;
|
|
||||||
NET_CLS_BASIC = no;
|
|
||||||
NET_CLS_FLOWER = no;
|
|
||||||
NET_CLS_ACT = no;
|
|
||||||
MDIO_BUS_MUX_MMIOREG = no;
|
|
||||||
MDIO_BUS_MUX_MULTIPLEXER = no;
|
|
||||||
SND_SOC_ES7134 = no;
|
|
||||||
SND_SOC_ES7241 = no;
|
|
||||||
SND_SOC_TAS571X = no;
|
|
||||||
SND_SOC_SIMPLE_AMPLIFIER = no;
|
|
||||||
GPIO_DWAPB = no;
|
|
||||||
COMMON_CLK_XGENE = no;
|
|
||||||
SENSORS_ARM_SCPI = no;
|
|
||||||
TCG_TPM = no;
|
|
||||||
BATTERY_SBS = no;
|
|
||||||
REGULATOR_VCTRL = no;
|
|
||||||
CAVIUM_ERRATUM_22375 = no;
|
|
||||||
CAVIUM_ERRATUM_23154 = no;
|
|
||||||
CAVIUM_ERRATUM_27456 = no;
|
|
||||||
CAVIUM_ERRATUM_30115 = no;
|
|
||||||
CAVIUM_TX2_ERRATUM_219 = no;
|
|
||||||
EEPROM_AT24 = no;
|
|
||||||
NET_DSA = no;
|
|
||||||
AQUANTIA_PHY = no;
|
|
||||||
MICROSEMI_PHY = no;
|
|
||||||
VITESSE_PHY = no;
|
|
||||||
I2C_MUX_PCA954x = no;
|
|
||||||
SND_SOC_PCM3168A_I2C = no;
|
|
||||||
SENSORS_LM90 = no;
|
|
||||||
SENSORS_INA2XX = no;
|
|
||||||
RTC_DRV_DS3232 = no;
|
|
||||||
GPIO_MAX732X = no;
|
|
||||||
SENSORS_ISL29018 = no;
|
|
||||||
MPL3115 = no;
|
|
||||||
MFD_ROHM_BD718XX = no;
|
|
||||||
ARM_SBSA_WATCHDOG = no;
|
|
||||||
ARM_SMC_WATCHDOG = no;
|
|
||||||
REGULATOR_PCA9450 = no;
|
|
||||||
REGULATOR_PFUZE100 = no;
|
|
||||||
DRM_PANEL_ABT_Y030XX067A = no;
|
|
||||||
DRM_PANEL_ARM_VERSATILE = no;
|
|
||||||
DRM_PANEL_ASUS_Z00T_TM5P5_NT35596 = no;
|
|
||||||
DRM_PANEL_AUO_A030JTN01 = no;
|
|
||||||
DRM_PANEL_BOE_BF060Y8M_AJ0 = no;
|
|
||||||
DRM_PANEL_BOE_HIMAX8279D = no;
|
|
||||||
DRM_PANEL_ELIDA_KD35T133 = no;
|
|
||||||
DRM_PANEL_FEIXIN_K101_IM2BA02 = no;
|
|
||||||
DRM_PANEL_FEIYANG_FY07024DI26A30D = no;
|
|
||||||
DRM_PANEL_HIMAX_HX8394 = no;
|
|
||||||
DRM_PANEL_ILITEK_IL9322 = no;
|
|
||||||
DRM_PANEL_ILITEK_ILI9341 = no;
|
|
||||||
DRM_PANEL_ILITEK_ILI9881C = no;
|
|
||||||
DRM_PANEL_ILITEK_ILI9882T = no;
|
|
||||||
DRM_PANEL_INNOLUX_EJ030NA = no;
|
|
||||||
DRM_PANEL_INNOLUX_P079ZCA = no;
|
|
||||||
DRM_PANEL_JADARD_JD9365DA_H3 = no;
|
|
||||||
DRM_PANEL_JDI_LPM102A188A = no;
|
|
||||||
DRM_PANEL_JDI_LT070ME05000 = no;
|
|
||||||
DRM_PANEL_JDI_R63452 = no;
|
|
||||||
DRM_PANEL_KHADAS_TS050 = no;
|
|
||||||
DRM_PANEL_KINGDISPLAY_KD097D04 = no;
|
|
||||||
DRM_PANEL_LEADTEK_LTK050H3146W = no;
|
|
||||||
DRM_PANEL_LEADTEK_LTK500HD1829 = no;
|
|
||||||
DRM_PANEL_LG_LB035Q02 = no;
|
|
||||||
DRM_PANEL_LG_LG4573 = no;
|
|
||||||
DRM_PANEL_MAGNACHIP_D53E6EA8966 = no;
|
|
||||||
DRM_PANEL_NEC_NL8048HL11 = no;
|
|
||||||
DRM_PANEL_NEWVISION_NV3051D = no;
|
|
||||||
DRM_PANEL_NEWVISION_NV3052C = no;
|
|
||||||
DRM_PANEL_NOVATEK_NT35510 = no;
|
|
||||||
DRM_PANEL_NOVATEK_NT35560 = no;
|
|
||||||
DRM_PANEL_NOVATEK_NT35950 = no;
|
|
||||||
DRM_PANEL_NOVATEK_NT36523 = no;
|
|
||||||
DRM_PANEL_NOVATEK_NT39016 = no;
|
|
||||||
DRM_PANEL_OLIMEX_LCD_OLINUXINO = no;
|
|
||||||
DRM_PANEL_ORISETECH_OTA5601A = no;
|
|
||||||
DRM_PANEL_ORISETECH_OTM8009A = no;
|
|
||||||
DRM_PANEL_OSD_OSD101T2587_53TS = no;
|
|
||||||
DRM_PANEL_PANASONIC_VVX10F034N00 = no;
|
|
||||||
DRM_PANEL_RASPBERRYPI_TOUCHSCREEN = no;
|
|
||||||
DRM_PANEL_RAYDIUM_RM67191 = no;
|
|
||||||
DRM_PANEL_RAYDIUM_RM68200 = no;
|
|
||||||
DRM_PANEL_RAYDIUM_RM692E5 = no;
|
|
||||||
DRM_PANEL_RONBO_RB070D30 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_ATNA33XC20 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_DB7430 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_LD9040 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_S6D16D0 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_S6D27A1 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_S6D7AA0 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_S6E3HA2 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_S6E63J0X03 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_S6E63M0 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_S6E88A0_AMS452EF01 = no;
|
|
||||||
DRM_PANEL_SAMSUNG_S6E8AA0 = no;
|
|
||||||
DRM_PANEL_SEIKO_43WVF1G = no;
|
|
||||||
DRM_PANEL_SHARP_LQ101R1SX01 = no;
|
|
||||||
DRM_PANEL_SHARP_LS037V7DW01 = no;
|
|
||||||
DRM_PANEL_SHARP_LS043T1LE01 = no;
|
|
||||||
DRM_PANEL_SHARP_LS060T1SX01 = no;
|
|
||||||
DRM_PANEL_SITRONIX_ST7701 = no;
|
|
||||||
DRM_PANEL_SITRONIX_ST7703 = no;
|
|
||||||
DRM_PANEL_SITRONIX_ST7789V = no;
|
|
||||||
DRM_PANEL_SONY_ACX565AKM = no;
|
|
||||||
DRM_PANEL_SONY_TD4353_JDI = no;
|
|
||||||
DRM_PANEL_SONY_TULIP_TRULY_NT35521 = no;
|
|
||||||
DRM_PANEL_STARTEK_KD070FHFID015 = no;
|
|
||||||
DRM_PANEL_TDO_TL070WSH30 = no;
|
|
||||||
DRM_PANEL_TPO_TD028TTEC1 = no;
|
|
||||||
DRM_PANEL_TPO_TD043MTEA1 = no;
|
|
||||||
DRM_PANEL_TPO_TPG110 = no;
|
|
||||||
DRM_PANEL_VISIONOX_R66451 = no;
|
|
||||||
DRM_PANEL_VISIONOX_RM69299 = no;
|
|
||||||
DRM_PANEL_WIDECHIPS_WS2401 = no;
|
|
||||||
DRM_PANEL_XINPENG_XPP055C272 = no;
|
|
||||||
DRM_NWL_MIPI_DSI = no;
|
|
||||||
SND_SOC_FSL_SAI = no;
|
|
||||||
SND_SOC_FSL_ASRC = no;
|
|
||||||
SND_SOC_FSL_MICFIL = no;
|
|
||||||
SND_SOC_FSL_AUDMIX = no;
|
|
||||||
SND_SOC_FSL_SPDIF = no;
|
|
||||||
SND_SOC_WM8904 = no;
|
|
||||||
RTC_DRV_RV8803 = no;
|
|
||||||
RTC_DRV_DS1307 = no;
|
|
||||||
RTC_DRV_PCF85363 = no;
|
|
||||||
RTC_DRV_PCF2127 = no;
|
|
||||||
FUJITSU_ERRATUM_010001 = no;
|
|
||||||
PCI_PASID = no;
|
|
||||||
UACCE = no;
|
|
||||||
SPI_CADENCE_QUADSPI = no;
|
|
||||||
DW_WATCHDOG = no;
|
|
||||||
NOP_USB_XCEIV = no;
|
|
||||||
SURFACE_PLATFORMS = no;
|
|
||||||
GPIO_PCA953X = no;
|
|
||||||
BACKLIGHT_LP855X = no;
|
|
||||||
MFD_MAX77620 = no;
|
|
||||||
SENSORS_PWM_FAN = no;
|
|
||||||
SENSORS_INA3221 = no;
|
|
||||||
REGULATOR_MAX8973 = no;
|
|
||||||
USB_CONN_GPIO = no;
|
|
||||||
MFD_BD9571MWV = no;
|
|
||||||
DRM_PANEL_LVDS = no;
|
|
||||||
COMMON_CLK_VC5 = no;
|
|
||||||
CRYPTO_DEV_CCREE = no;
|
|
||||||
VIDEO_IMX219 = no;
|
|
||||||
VIDEO_OV5645 = no;
|
|
||||||
SND_SOC_AK4613 = no;
|
|
||||||
SND_SIMPLE_CARD = no;
|
|
||||||
SND_AUDIO_GRAPH_CARD = no;
|
|
||||||
TYPEC_HD3SS3220 = no;
|
|
||||||
RTC_DRV_RX8581 = no;
|
|
||||||
COMMON_CLK_CS2000_CP = no;
|
|
||||||
KEYBOARD_ADC = no;
|
|
||||||
REGULATOR_FAN53555 = no;
|
|
||||||
TOUCHSCREEN_ATMEL_MXT = no;
|
|
||||||
RTC_DRV_HYM8563 = no;
|
|
||||||
MFD_SEC_CORE = no;
|
|
||||||
PL330_DMA = no;
|
|
||||||
GPIO_MB86S7X = no;
|
|
||||||
MMC_SDHCI_F_SDH30 = no;
|
|
||||||
MMC_SDHCI_CADENCE = no;
|
|
||||||
SOCIONEXT_SYNQUACER_PREITS = no;
|
|
||||||
NET_VENDOR_SOCIONEXT = no;
|
|
||||||
ARCH_ACTIONS = no;
|
|
||||||
ARCH_SUNXI = no;
|
|
||||||
ARCH_ALPINE = no;
|
|
||||||
ARCH_APPLE = no;
|
|
||||||
ARCH_BERLIN = no;
|
|
||||||
ARCH_EXYNOS = no;
|
|
||||||
ARCH_K3 = no;
|
|
||||||
ARCH_LG1K = no;
|
|
||||||
ARCH_HISI = no;
|
|
||||||
ARCH_KEEMBAY = no;
|
|
||||||
ARCH_MEDIATEK = no;
|
|
||||||
ARCH_MESON = no;
|
|
||||||
ARCH_MVEBU = no;
|
|
||||||
ARCH_RENESAS = no;
|
|
||||||
ARCH_ROCKCHIP = no;
|
|
||||||
ARCH_SEATTLE = no;
|
|
||||||
ARCH_INTEL_SOCFPGA = no;
|
|
||||||
ARCH_SYNQUACER = no;
|
|
||||||
ARCH_TEGRA = no;
|
|
||||||
ARCH_SPRD = no;
|
|
||||||
ARCH_THUNDER = no;
|
|
||||||
ARCH_THUNDER2 = no;
|
|
||||||
ARCH_UNIPHIER = no;
|
|
||||||
ARCH_VEXPRESS = no;
|
|
||||||
ARCH_VISCONTI = no;
|
|
||||||
ARCH_XGENE = no;
|
|
||||||
ARCH_ZYNQMP = no;
|
|
||||||
PCI_XGENE = no;
|
|
||||||
PCIE_ALTERA = no;
|
|
||||||
PCI_HOST_THUNDER_PEM = no;
|
|
||||||
PCI_HOST_THUNDER_ECAM = no;
|
|
||||||
PCI_HISI = no;
|
|
||||||
PCIE_KIRIN = no;
|
|
||||||
SERIAL_XILINX_PS_UART = no;
|
|
||||||
SERIAL_FSL_LPUART = no;
|
|
||||||
SERIAL_FSL_LINFLEXUART = no;
|
|
||||||
I2C_RK3X = no;
|
|
||||||
SPI_PL022 = no;
|
|
||||||
GPIO_ALTERA = no;
|
|
||||||
GPIO_PL061 = no;
|
|
||||||
GPIO_XGENE = no;
|
|
||||||
POWER_RESET_XGENE = no;
|
|
||||||
POWER_RESET_SYSCON = no;
|
|
||||||
GNSS_MTK_SERIAL = no;
|
|
||||||
ARM_SP805_WATCHDOG = no;
|
|
||||||
MFD_AXP20X_I2C = no;
|
|
||||||
MFD_HI6421_PMIC = no;
|
|
||||||
MFD_MT6397 = no;
|
|
||||||
REGULATOR_RK808 = no;
|
|
||||||
REGULATOR_TPS65132 = no;
|
|
||||||
MEDIA_ANALOG_TV_SUPPORT = lib.mkForce no;
|
|
||||||
MEDIA_DIGITAL_TV_SUPPORT = lib.mkForce no;
|
|
||||||
MEDIA_SDR_SUPPORT = no;
|
|
||||||
DRM_AMDGPU = no;
|
|
||||||
DRM_ETNAVIV = no;
|
|
||||||
DRM_HISI_KIRIN = no;
|
|
||||||
DRM_NOUVEAU = no;
|
|
||||||
SND_SOC_GTM601 = no;
|
|
||||||
SND_SOC_RT5659 = no;
|
|
||||||
SND_SOC_WM8960 = no;
|
|
||||||
SND_SOC_WM8962 = no;
|
|
||||||
USB_XHCI_PCI_RENESAS = no;
|
|
||||||
MMC_SDHCI_OF_ARASAN = no;
|
|
||||||
MMC_DW_EXYNOS = no;
|
|
||||||
MMC_DW_HI3798CV200 = no;
|
|
||||||
MMC_DW_K3 = no;
|
|
||||||
MMC_MTK = no;
|
|
||||||
MMC_SDHCI_XENON = no;
|
|
||||||
MMC_SDHCI_AM654 = no;
|
|
||||||
RTC_DRV_MAX77686 = no;
|
|
||||||
RTC_DRV_RK808 = no;
|
|
||||||
RTC_DRV_M41T80 = no;
|
|
||||||
RTC_DRV_RV3028 = no;
|
|
||||||
RTC_DRV_PL031 = no;
|
|
||||||
COMMON_CLK_RK808 = no;
|
|
||||||
FSL_RCPM = no;
|
|
||||||
HISI_PMU = no;
|
|
||||||
INTERCONNECT_QCOM_MSM8996 = no;
|
|
||||||
INTERCONNECT_QCOM_QCS404 = no;
|
|
||||||
INTERCONNECT_QCOM_SC7180 = no;
|
|
||||||
INTERCONNECT_QCOM_SM8150 = no;
|
|
||||||
INTERCONNECT_QCOM_SM8350 = no;
|
|
||||||
INTERCONNECT_QCOM_SM8450 = no;
|
|
||||||
INTERCONNECT_QCOM_SM8550 = no;
|
|
||||||
INTERCONNECT_QCOM_SC8280XP = no;
|
|
||||||
ARCH_NPCM = no;
|
|
||||||
PINCTRL_SC8280XP = no;
|
|
||||||
BCM_SBA_RAID = no;
|
|
||||||
SENSORS_GPIO_FAN = no;
|
|
||||||
ARCH_BCM = no;
|
|
||||||
ARCH_NXP = no;
|
|
||||||
NET_VENDOR_ADI = no;
|
|
||||||
PINCTRL_SC8180X = no;
|
|
||||||
SND_SOC_SC7180 = no;
|
|
||||||
SND_SOC_SC7280 = no;
|
|
||||||
SND_SOC_WCD938X_SDW = no;
|
|
||||||
MMC_SDHCI_OF_DWCMSHC = no;
|
|
||||||
SC_GCC_8180X = no;
|
|
||||||
IOMMU_IO_PGTABLE_DART = no;
|
|
||||||
INTERCONNECT_QCOM_SC8180X = no;
|
|
||||||
MEMORY_HOTPLUG = lib.mkForce no;
|
|
||||||
MELLANOX_PLATFORM = no;
|
|
||||||
CHROME_PLATFORMS = lib.mkForce no;
|
|
||||||
PINCTRL_SM8150 = no;
|
|
||||||
SM_GCC_8150 = no;
|
|
||||||
SM_VIDEOCC_8150 = no;
|
|
||||||
SM_GPUCC_8150 = no;
|
|
||||||
SM_GPUCC_8350 = no;
|
|
||||||
SM_VIDEOCC_8350 = no;
|
|
||||||
PINCTRL_SM8350 = no;
|
|
||||||
SM_GCC_8350 = no;
|
|
||||||
SM_DISPCC_8450 = no;
|
|
||||||
PINCTRL_SM8550 = no;
|
|
||||||
PINCTRL_SM8550_LPASS_LPI = no;
|
|
||||||
SM_DISPCC_8550 = no;
|
|
||||||
SM_TCSRCC_8550 = no;
|
|
||||||
|
|
||||||
# keys that are unused in this case
|
|
||||||
# (builtin aarch64-linux config is unused too, but i cant disable it)
|
|
||||||
ACPI_HOTPLUG_MEMORY.tristate = lib.mkForce null; BCM2835_MBOX.tristate = lib.mkForce null; BCM2835_WDT.tristate = lib.mkForce null;
|
|
||||||
CHROMEOS_TBMC.tristate = lib.mkForce null; CROS_EC.tristate = lib.mkForce null; CROS_EC_I2C.tristate = lib.mkForce null;
|
|
||||||
CROS_EC_SPI.tristate = lib.mkForce null; CROS_KBD_LED_BACKLIGHT.tristate = lib.mkForce null;
|
|
||||||
FSL_MC_UAPI_SUPPORT.tristate = lib.mkForce null; MEDIA_ATTACH.tristate = lib.mkForce null;
|
|
||||||
MEMORY_HOTREMOVE.tristate = lib.mkForce null; MTD_COMPLEX_MAPPINGS.tristate = lib.mkForce null; NET_ACT_BPF.tristate = lib.mkForce null;
|
|
||||||
PCI_TEGRA.tristate = lib.mkForce null; RASPBERRYPI_FIRMWARE.tristate = lib.mkForce null; RASPBERRYPI_POWER.tristate = lib.mkForce null;
|
|
||||||
SCSI_SAS_ATA.tristate = lib.mkForce null; SUN8I_DE2_CCU.tristate = lib.mkForce null;
|
|
||||||
TCG_TIS_SPI_CR50.tristate = lib.mkForce null; USB_XHCI_TEGRA = lib.mkForce no; ZONE_DEVICE.tristate = lib.mkForce null;
|
|
||||||
"9P_FSCACHE".tristate = lib.mkForce null; CROS_EC_ISHTP.tristate = lib.mkForce null; CROS_EC_LPC.tristate = lib.mkForce null;
|
|
||||||
DRM_AMDGPU_CIK.tristate = lib.mkForce null; DRM_AMDGPU_SI.tristate = lib.mkForce null; DRM_AMDGPU_USERPTR.tristate = lib.mkForce null;
|
|
||||||
DRM_AMD_DC_FP.tristate = lib.mkForce null; DRM_AMD_DC_SI.tristate = lib.mkForce null; DRM_DP_AUX_CHARDEV.tristate = lib.mkForce null;
|
|
||||||
DRM_FBDEV_EMULATION.tristate = lib.mkForce null; DRM_GMA500.tristate = lib.mkForce null; DRM_LEGACY.tristate = lib.mkForce null;
|
|
||||||
DRM_LOAD_EDID_FIRMWARE.tristate = lib.mkForce null; DRM_VBOXVIDEO.tristate = lib.mkForce null;
|
|
||||||
DRM_VC4_HDMI_CEC.tristate = lib.mkForce null; FB_3DFX_ACCEL.tristate = lib.mkForce null; FB_ATY_CT.tristate = lib.mkForce null;
|
|
||||||
FB_ATY_GX.tristate = lib.mkForce null; FB_EFI.tristate = lib.mkForce null; FB_NVIDIA_I2C.tristate = lib.mkForce null;
|
|
||||||
FB_RIVA_I2C.tristate = lib.mkForce null; FB_SAVAGE_ACCEL.tristate = lib.mkForce null; FB_SAVAGE_I2C.tristate = lib.mkForce null;
|
|
||||||
FB_SIS_300.tristate = lib.mkForce null; FB_SIS_315.tristate = lib.mkForce null;
|
|
||||||
FB_VESA.tristate = lib.mkForce null; FONTS.tristate = lib.mkForce null; FONT_8x8.tristate = lib.mkForce null;
|
|
||||||
FONT_TER16x32.tristate = lib.mkForce null; FRAMEBUFFER_CONSOLE.tristate = lib.mkForce null;
|
|
||||||
FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER.tristate = lib.mkForce null;
|
|
||||||
FRAMEBUFFER_CONSOLE_DETECT_PRIMARY.tristate = lib.mkForce null; FRAMEBUFFER_CONSOLE_ROTATION.tristate = lib.mkForce null;
|
|
||||||
HMM_MIRROR.tristate = lib.mkForce null; HSA_AMD.tristate = lib.mkForce null; HYPERVISOR_GUEST.tristate = lib.mkForce null;
|
|
||||||
INFINIBAND_IPOIB.tristate = lib.mkForce null; INFINIBAND_IPOIB_CM.tristate = lib.mkForce null;
|
|
||||||
IP_MROUTE_MULTIPLE_TABLES.tristate = lib.mkForce null; JOYSTICK_PSXPAD_SPI_FF.tristate = lib.mkForce null;
|
|
||||||
KERNEL_ZSTD.tristate = lib.mkForce null; KEYBOARD_APPLESPI.tristate = lib.mkForce null; KVM_ASYNC_PF.tristate = lib.mkForce null;
|
|
||||||
KVM_GENERIC_DIRTYLOG_READ_PROTECT.tristate = lib.mkForce null; KVM_GUEST.tristate = lib.mkForce null; KVM_MMIO.tristate = lib.mkForce null;
|
|
||||||
KVM_VFIO.tristate = lib.mkForce null; LOGO.tristate = lib.mkForce null; MICROCODE.tristate = lib.mkForce null;
|
|
||||||
MOUSE_PS2_VMMOUSE.tristate = lib.mkForce null; MTRR_SANITIZER.tristate = lib.mkForce null; NFS_FSCACHE.tristate = lib.mkForce null;
|
|
||||||
PINCTRL_BAYTRAIL.tristate = lib.mkForce null;
|
|
||||||
PINCTRL_CHERRYVIEW.tristate = lib.mkForce null; PM_ADVANCED_DEBUG.tristate = lib.mkForce null; PM_TRACE_RTC.tristate = lib.mkForce null;
|
|
||||||
SND_AC97_POWER_SAVE.tristate = lib.mkForce null; SND_DYNAMIC_MINORS.tristate = lib.mkForce null;
|
|
||||||
SND_HDA_INPUT_BEEP.tristate = lib.mkForce null; SND_HDA_PATCH_LOADER.tristate = lib.mkForce null;
|
|
||||||
SND_HDA_RECONFIG.tristate = lib.mkForce null; SND_OSSEMUL.tristate = lib.mkForce null; SND_USB_CAIAQ_INPUT.tristate = lib.mkForce null;
|
|
||||||
VFIO_PCI_VGA.tristate = lib.mkForce null; VGA_SWITCHEROO.tristate = lib.mkForce null; X86_AMD_PLATFORM_DEVICE.tristate = lib.mkForce null;
|
|
||||||
X86_CHECK_BIOS_CORRUPTION.tristate = lib.mkForce null; X86_MCE.tristate = lib.mkForce null;
|
|
||||||
X86_PLATFORM_DRIVERS_DELL.tristate = lib.mkForce null; X86_PLATFORM_DRIVERS_HP.tristate = lib.mkForce null;
|
|
||||||
JOYSTICK_XPAD_FF.tristate = lib.mkForce null; JOYSTICK_XPAD_LEDS.tristate = lib.mkForce null; KEXEC_JUMP.tristate = lib.mkForce null;
|
|
||||||
PERF_EVENTS_AMD_BRS.tristate = lib.mkForce null; HVC_XEN.tristate = lib.mkForce null; HVC_XEN_FRONTEND.tristate = lib.mkForce null;
|
|
||||||
PARAVIRT_SPINLOCKS.tristate = lib.mkForce null; PCI_XEN.tristate = lib.mkForce null; SWIOTLB_XEN.tristate = lib.mkForce null;
|
|
||||||
VBOXGUEST.tristate = lib.mkForce null; XEN_BACKEND.tristate = lib.mkForce null; XEN_BALLOON.tristate = lib.mkForce null;
|
|
||||||
XEN_BALLOON_MEMORY_HOTPLUG.tristate = lib.mkForce null; XEN_DOM0.tristate = lib.mkForce null; XEN_EFI.tristate = lib.mkForce null;
|
|
||||||
XEN_HAVE_PVMMU.tristate = lib.mkForce null; XEN_MCE_LOG.tristate = lib.mkForce null; XEN_PVH.tristate = lib.mkForce null;
|
|
||||||
XEN_PVHVM.tristate = lib.mkForce null; XEN_SAVE_RESTORE.tristate = lib.mkForce null; XEN_SYS_HYPERVISOR.tristate = lib.mkForce null;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
linux_enchilada_ccache = pkgs'.buildLinuxWithCcache pkgs'.linux_enchilada;
|
|
||||||
}
|
|
|
@ -3,12 +3,16 @@
|
||||||
, ... }:
|
, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
boot.initrd.availableKernelModules = [
|
boot.initrd.availableKernelModules = [ "ahci" "usbhid" "usb_storage" ];
|
||||||
"ahci" "usbhid" "usb_storage"
|
|
||||||
"phy-rockchip-naneng-combphy"
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_testing;
|
# TODO: switch to mainline when PCIe support works
|
||||||
|
boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.buildLinuxWithCcache pkgs.linux_testing);
|
||||||
|
boot.kernelPatches = [
|
||||||
|
{
|
||||||
|
name = "linux_6.7.patch";
|
||||||
|
patch = ./linux_6.7.patch;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
boot.kernelParams = [ "dtb=/${config.hardware.deviceTree.name}" ];
|
boot.kernelParams = [ "dtb=/${config.hardware.deviceTree.name}" ];
|
||||||
hardware.deviceTree.enable = true;
|
hardware.deviceTree.enable = true;
|
||||||
|
|
17516
system/hardware/radxa-rock5a/linux_6.7.patch
Normal file
17516
system/hardware/radxa-rock5a/linux_6.7.patch
Normal file
File diff suppressed because it is too large
Load diff
|
@ -1,12 +1,11 @@
|
||||||
{ lib
|
{ lib
|
||||||
, pkgs
|
, pkgs
|
||||||
, config
|
, config
|
||||||
, inputs
|
|
||||||
, ... }:
|
, ... }:
|
||||||
|
|
||||||
/*
|
/*
|
||||||
# for old kernel versions
|
# for old kernel versions
|
||||||
zenKernels = pkgs.callPackage "${pkgs.path}/pkgs/os-specific/linux/kernel/zen-kernels.nix";
|
zenKernels = pkgs.callPackage "${nixpkgs}/pkgs/os-specific/linux/kernel/zen-kernels.nix";
|
||||||
zenKernel = (version: sha256: (zenKernels {
|
zenKernel = (version: sha256: (zenKernels {
|
||||||
kernelPatches = [
|
kernelPatches = [
|
||||||
pkgs.linuxKernel.kernelPatches.bridge_stp_helper
|
pkgs.linuxKernel.kernelPatches.bridge_stp_helper
|
||||||
|
@ -27,8 +26,6 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [ inputs.nix-gaming.nixosModules.pipewireLowLatency ];
|
|
||||||
|
|
||||||
system.stateVersion = "22.11";
|
system.stateVersion = "22.11";
|
||||||
|
|
||||||
### SECTION 1: HARDWARE/BOOT PARAMETERS ###
|
### SECTION 1: HARDWARE/BOOT PARAMETERS ###
|
||||||
|
@ -125,15 +122,26 @@
|
||||||
# users.groups.wireshark.members = [ config.common.mainUsername ];
|
# users.groups.wireshark.members = [ config.common.mainUsername ];
|
||||||
services.printing.enable = true;
|
services.printing.enable = true;
|
||||||
services.printing.drivers = [ pkgs.hplip ];
|
services.printing.drivers = [ pkgs.hplip ];
|
||||||
# from nix-gaming
|
services.pipewire = {
|
||||||
services.pipewire.lowLatency = {
|
enable = true;
|
||||||
enable = false;
|
alsa.enable = true;
|
||||||
# 96 is mostly fine but has some xruns
|
alsa.support32Bit = true;
|
||||||
# 128 has xruns every now and then too
|
pulse.enable = true;
|
||||||
quantum = 128;
|
jack.enable = true;
|
||||||
rate = 48000;
|
|
||||||
};
|
|
||||||
|
|
||||||
|
# from nix-gaming
|
||||||
|
lowLatency = {
|
||||||
|
enable = true;
|
||||||
|
# 96 is mostly fine but has some xruns
|
||||||
|
# 128 has xruns every now and then too, but is overall fine
|
||||||
|
quantum = 128;
|
||||||
|
rate = 48000;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
security.polkit.enable = true;
|
||||||
|
security.rtkit.enable = true;
|
||||||
|
|
||||||
|
services.dbus.enable = true;
|
||||||
programs.sway.enable = true;
|
programs.sway.enable = true;
|
||||||
xdg.portal = {
|
xdg.portal = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -181,5 +189,6 @@
|
||||||
|
|
||||||
impermanence.directories = [
|
impermanence.directories = [
|
||||||
/secrets
|
/secrets
|
||||||
|
/etc/nixos
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,50 +1,12 @@
|
||||||
|
# WIP (I don't even have the phone yet)
|
||||||
|
|
||||||
{ pkgs
|
{ pkgs
|
||||||
, lib
|
|
||||||
, config
|
, config
|
||||||
, ...
|
, ... }:
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [ ./options.nix ];
|
|
||||||
|
|
||||||
system.stateVersion = "23.11";
|
system.stateVersion = "23.11";
|
||||||
|
|
||||||
systemd.network.links."40-wlan0" = {
|
|
||||||
matchConfig.OriginalName = "wlan0";
|
|
||||||
linkConfig.MACAddressPolicy = "none";
|
|
||||||
linkConfig.MACAddress = config.phone.mac;
|
|
||||||
};
|
|
||||||
|
|
||||||
sound.enable = true;
|
|
||||||
services.logind.powerKey = "ignore";
|
|
||||||
services.logind.powerKeyLongPress = "poweroff";
|
|
||||||
hardware.sensor.iio.enable = true;
|
|
||||||
services.pipewire.enable = false;
|
|
||||||
hardware.pulseaudio.enable = lib.mkForce true;
|
|
||||||
users.users.${config.common.mainUsername}.extraGroups = [
|
|
||||||
"dialout"
|
|
||||||
"feedbackd"
|
|
||||||
"video"
|
|
||||||
] ++ lib.optional (config.networking.modemmanager.enable || config.networking.networkmanager.enable) "networkmanager";
|
|
||||||
|
|
||||||
|
|
||||||
security.polkit.extraConfig = ''
|
|
||||||
polkit.addRule(function(action, subject) {
|
|
||||||
if ((action.id.indexOf("org.freedesktop.login1.suspend" == 0)
|
|
||||||
|| action.id.indexOf("org.freedesktop.login1.reboot" == 0)
|
|
||||||
|| action.id.indexOf("org.freedesktop.login1.power-off" == 0)
|
|
||||||
|| action.id.indexOf("org.freedesktop.inhibit") == 0)
|
|
||||||
&& subject.user == "${config.common.mainUsername}")
|
|
||||||
{
|
|
||||||
return polkit.Result.YES;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
'';
|
|
||||||
|
|
||||||
common.minimal = false;
|
|
||||||
services.sshd.enable = true;
|
|
||||||
services.tlp.enable = true;
|
|
||||||
|
|
||||||
# kde connect
|
# kde connect
|
||||||
networking.firewall.allowedTCPPortRanges = [
|
networking.firewall.allowedTCPPortRanges = [
|
||||||
{ from = 1714; to = 1764; }
|
{ from = 1714; to = 1764; }
|
||||||
|
@ -53,20 +15,26 @@
|
||||||
{ from = 1714; to = 1764; }
|
{ from = 1714; to = 1764; }
|
||||||
];
|
];
|
||||||
|
|
||||||
programs.calls.enable = true;
|
networking.wireless.iwd.enable = true;
|
||||||
environment.systemPackages = with pkgs; [
|
common.minimal = false;
|
||||||
# IM and SMS
|
services.pipewire = {
|
||||||
chatty
|
enable = true;
|
||||||
];
|
alsa.enable = true;
|
||||||
|
alsa.support32Bit = true;
|
||||||
programs.sway.enable = true;
|
pulse.enable = true;
|
||||||
|
jack.enable = true;
|
||||||
|
};
|
||||||
|
security.polkit.enable = true;
|
||||||
|
security.rtkit.enable = true;
|
||||||
xdg.portal = {
|
xdg.portal = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ];
|
extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ];
|
||||||
};
|
};
|
||||||
# services.xserver.desktopManager.phosh = {
|
services.sshd.enable = true;
|
||||||
# enable = true;
|
users.users.${config.common.mainUsername}.extraGroups = [ "video" "feedbackd" "dialout" ];
|
||||||
# group = "users";
|
|
||||||
# user = config.common.mainUsername;
|
mobile.generatedFilesystems.rootfs = {
|
||||||
# };
|
filesystem = "btrfs";
|
||||||
|
btrfs.partitionID = "44444444-4444-4444-8888-888888888888";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,12 +0,0 @@
|
||||||
{ lib
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
|
||||||
options.phone = {
|
|
||||||
mac = lib.mkOption {
|
|
||||||
description = "mac address";
|
|
||||||
type = lib.types.str;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -297,8 +297,6 @@ in {
|
||||||
bannedPorts = [
|
bannedPorts = [
|
||||||
631 9100 # printing
|
631 9100 # printing
|
||||||
5353 # avahi
|
5353 # avahi
|
||||||
# pass it through to VPN rather than WAN
|
|
||||||
server-config.services.qbittorrent-nox.torrent.port
|
|
||||||
];
|
];
|
||||||
inherit (server-config.networking.firewall) allowedTCPPorts allowedTCPPortRanges allowedUDPPorts allowedUDPPortRanges;
|
inherit (server-config.networking.firewall) allowedTCPPorts allowedTCPPortRanges allowedUDPPorts allowedUDPPortRanges;
|
||||||
|
|
||||||
|
@ -330,9 +328,6 @@ in {
|
||||||
}) ++ lib.toList {
|
}) ++ lib.toList {
|
||||||
port = 24; tcp = true; udp = true; target4.port = 22; target6.port = 22;
|
port = 24; tcp = true; udp = true; target4.port = 22; target6.port = 22;
|
||||||
target4.address = serverInitrdAddress4; target6.address = serverInitrdAddress6;
|
target4.address = serverInitrdAddress4; target6.address = serverInitrdAddress6;
|
||||||
} ++ lib.toList {
|
|
||||||
inVpn = true; port = server-config.services.qbittorrent-nox.torrent.port; tcp = true; udp = true;
|
|
||||||
target4.address = serverAddress4; target6.address = serverAddress6;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
router.enable = true;
|
router.enable = true;
|
||||||
|
@ -367,14 +362,6 @@ in {
|
||||||
vht_capab = "[RXLDPC][SHORT-GI-80][SHORT-GI-160][TX-STBC-2BY1][SU-BEAMFORMER][SU-BEAMFORMEE][MU-BEAMFORMER][MU-BEAMFORMEE][RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN][RX-STBC-1][SOUNDING-DIMENSION-4][BF-ANTENNA-4][VHT160][MAX-MPDU-11454][MAX-A-MPDU-LEN-EXP7]";
|
vht_capab = "[RXLDPC][SHORT-GI-80][SHORT-GI-160][TX-STBC-2BY1][SU-BEAMFORMER][SU-BEAMFORMEE][MU-BEAMFORMER][MU-BEAMFORMEE][RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN][RX-STBC-1][SOUNDING-DIMENSION-4][BF-ANTENNA-4][VHT160][MAX-MPDU-11454][MAX-A-MPDU-LEN-EXP7]";
|
||||||
} // hapdConfig;
|
} // hapdConfig;
|
||||||
};
|
};
|
||||||
# Unfortunately, this router's networking hardware is highly prone to breakage
|
|
||||||
# Many people have reported their routers' TCP offloading being faulty, with an error
|
|
||||||
# like this being thrown at random (it can be shortly after boot, or in a few days):
|
|
||||||
# NETDEV WATCHDOG: eth0 (mtk_soc_eth): transmit queue 3 timed out 5388 ms
|
|
||||||
# My hardware broke after a few months of use as well, so here's a potential fix
|
|
||||||
router.interfaces.eth0.extraInitCommands = ''
|
|
||||||
${pkgs.ethtool}/bin/ethtool --offload eth0 tso off
|
|
||||||
'';
|
|
||||||
# ethernet lan0-3
|
# ethernet lan0-3
|
||||||
router.interfaces.lan0 = {
|
router.interfaces.lan0 = {
|
||||||
bridge = "br0";
|
bridge = "br0";
|
||||||
|
|
|
@ -31,18 +31,6 @@ in {
|
||||||
];
|
];
|
||||||
listenAddress = netAddresses.lan4;
|
listenAddress = netAddresses.lan4;
|
||||||
};
|
};
|
||||||
ping = {
|
|
||||||
enable = true;
|
|
||||||
listenAddress = netAddresses.lan4;
|
|
||||||
port = 9380;
|
|
||||||
config = {
|
|
||||||
type = "raw";
|
|
||||||
targets = [
|
|
||||||
"8.8.8.8"
|
|
||||||
{ target = "8.8.8.8"; netns = "wan"; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
router.interfaces.br0 = let
|
router.interfaces.br0 = let
|
||||||
# all of this just to avoid logging commands...
|
# all of this just to avoid logging commands...
|
||||||
|
|
|
@ -33,7 +33,7 @@ in {
|
||||||
services.certspotter = {
|
services.certspotter = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraFlags = [ ];
|
extraFlags = [ ];
|
||||||
watchlist = [ ".${cfg.domainName}" ];
|
watchlist = [ ".pavluk.org" ];
|
||||||
hooks = lib.toList (pkgs.writeShellScript "certspotter-hook" ''
|
hooks = lib.toList (pkgs.writeShellScript "certspotter-hook" ''
|
||||||
if [[ "$EVENT" == discovered_cert ]]; then
|
if [[ "$EVENT" == discovered_cert ]]; then
|
||||||
${pkgs.gnugrep}/bin/grep -r "$TBS_SHA256" /var/lib/certspotter/tbs-hashes/ && exit
|
${pkgs.gnugrep}/bin/grep -r "$TBS_SHA256" /var/lib/certspotter/tbs-hashes/ && exit
|
||||||
|
|
|
@ -84,7 +84,7 @@ in {
|
||||||
networking.hosts."::1" = hostedDomains;
|
networking.hosts."::1" = hostedDomains;
|
||||||
|
|
||||||
services.postgresql.enable = true;
|
services.postgresql.enable = true;
|
||||||
services.postgresql.package = pkgs.postgresql_16;
|
services.postgresql.package = pkgs.postgresql_13;
|
||||||
|
|
||||||
# SSH
|
# SSH
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
@ -134,12 +134,13 @@ in {
|
||||||
})}'')}
|
})}'')}
|
||||||
real_ip_header CF-Connecting-IP;
|
real_ip_header CF-Connecting-IP;
|
||||||
'';
|
'';
|
||||||
services.nginx.recommendedBrotliSettings = true;
|
# brotli and zstd requires recompilation so I don't enable it
|
||||||
|
# services.nginx.recommendedBrotliSettings = true;
|
||||||
|
# services.nginx.recommendedZstdSettings = true;
|
||||||
services.nginx.recommendedGzipSettings = true;
|
services.nginx.recommendedGzipSettings = true;
|
||||||
services.nginx.recommendedOptimisation = true;
|
services.nginx.recommendedOptimisation = true;
|
||||||
services.nginx.recommendedProxySettings = true;
|
services.nginx.recommendedProxySettings = true;
|
||||||
services.nginx.recommendedTlsSettings = true;
|
services.nginx.recommendedTlsSettings = true;
|
||||||
services.nginx.recommendedZstdSettings = true;
|
|
||||||
|
|
||||||
# BLOG
|
# BLOG
|
||||||
services.nginx.virtualHosts.${cfg.domainName} = {
|
services.nginx.virtualHosts.${cfg.domainName} = {
|
||||||
|
|
|
@ -11,13 +11,6 @@ in {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
locations."/".proxyPass = "http://${lib.quoteListenAddr settings.server.HTTP_ADDR}:${toString settings.server.HTTP_PORT}";
|
locations."/".proxyPass = "http://${lib.quoteListenAddr settings.server.HTTP_ADDR}:${toString settings.server.HTTP_PORT}";
|
||||||
locations."= /robots.txt".extraConfig = ''
|
|
||||||
return 200 ${builtins.toJSON ''
|
|
||||||
User-agent: *
|
|
||||||
Disallow: /mirrors/nixpkgs
|
|
||||||
Disallow: /chayleaf/nixpkgs
|
|
||||||
''};
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
services.forgejo = {
|
services.forgejo = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -86,28 +79,4 @@ in {
|
||||||
hostName = "cloud.${cfg.domainName}";
|
hostName = "cloud.${cfg.domainName}";
|
||||||
https = true;
|
https = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.qbittorrent-nox.enable = true;
|
|
||||||
services.qbittorrent-nox.ui.port = 19642;
|
|
||||||
services.qbittorrent-nox.torrent.port = 45522;
|
|
||||||
|
|
||||||
services.jellyfin.enable = true;
|
|
||||||
|
|
||||||
services.nginx.virtualHosts."home.${cfg.domainName}".locations = {
|
|
||||||
"/torrent/" = {
|
|
||||||
extraConfig = ''
|
|
||||||
proxy_pass http://127.0.0.1:${toString config.services.qbittorrent-nox.ui.port}/;
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
|
|
||||||
proxy_set_header Host 127.0.0.1:30000;
|
|
||||||
proxy_set_header X-Forwarded-Host $http_host;
|
|
||||||
proxy_set_header X-Forwarded-For $remote_addr;
|
|
||||||
proxy_cookie_path / "/; Secure";
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
"/jelly/" = {
|
|
||||||
proxyPass = "http://127.0.0.1:8096";
|
|
||||||
proxyWebsockets = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{ config
|
{ config
|
||||||
, lib
|
, lib
|
||||||
, pkgs
|
, pkgs
|
||||||
, inputs
|
|
||||||
, ... }:
|
, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
@ -17,8 +16,6 @@ let
|
||||||
withQt5 = false;
|
withQt5 = false;
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
imports = [ inputs.coop-ofd.nixosModules.default ];
|
|
||||||
|
|
||||||
# a bunch of services for personal use not intended for the public
|
# a bunch of services for personal use not intended for the public
|
||||||
# TODO: keycloakify this
|
# TODO: keycloakify this
|
||||||
services.grafana = {
|
services.grafana = {
|
||||||
|
@ -45,11 +42,6 @@ in {
|
||||||
# services.keycloak.plugins = [ pkgs.keycloak.plugins.keycloak-metrics-spi ];
|
# services.keycloak.plugins = [ pkgs.keycloak.plugins.keycloak-metrics-spi ];
|
||||||
services.keycloak.settings.metrics-enabled = true;
|
services.keycloak.settings.metrics-enabled = true;
|
||||||
|
|
||||||
services.coop-ofd = {
|
|
||||||
enable = true;
|
|
||||||
config.listener = "127.0.0.1:25783";
|
|
||||||
};
|
|
||||||
|
|
||||||
services.nginx.virtualHosts."home.${cfg.domainName}" = {
|
services.nginx.virtualHosts."home.${cfg.domainName}" = {
|
||||||
quic = true;
|
quic = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
@ -73,9 +65,6 @@ in {
|
||||||
proxyPass = "http://127.0.0.1:631/";
|
proxyPass = "http://127.0.0.1:631/";
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
};
|
};
|
||||||
locations."/money/" = {
|
|
||||||
proxyPass = "http://${config.services.coop-ofd.config.listener}/";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
services.nginx.virtualHosts."hydra.${cfg.domainName}" = {
|
services.nginx.virtualHosts."hydra.${cfg.domainName}" = {
|
||||||
quic = true;
|
quic = true;
|
||||||
|
@ -106,7 +95,10 @@ in {
|
||||||
nix.settings.allowed-users = [ "nix-serve" "harmonia" ] ++ lib.optionals config.services.hydra.enable [ "hydra" "hydra-www" ];
|
nix.settings.allowed-users = [ "nix-serve" "harmonia" ] ++ lib.optionals config.services.hydra.enable [ "hydra" "hydra-www" ];
|
||||||
# make sure only hydra has access to this file
|
# make sure only hydra has access to this file
|
||||||
# so normal nix evals don't have access to builtins
|
# so normal nix evals don't have access to builtins
|
||||||
nix.settings.extra-builtins-file = "/secrets/nixos/extra-builtins.nix";
|
nix.settings.extra-builtins-file = "/etc/nixos/extra-builtins.nix";
|
||||||
|
impermanence.directories = lib.mkIf config.services.hydra.enable [
|
||||||
|
{ directory = /etc/nixos; user = "hydra"; group = "hydra"; mode = "0700"; }
|
||||||
|
];
|
||||||
nix.settings.allowed-uris = [
|
nix.settings.allowed-uris = [
|
||||||
# required for home-manager
|
# required for home-manager
|
||||||
"https://git.sr.ht/~rycee/nmd/"
|
"https://git.sr.ht/~rycee/nmd/"
|
||||||
|
@ -315,7 +307,6 @@ in {
|
||||||
"retracker.local:9101"
|
"retracker.local:9101"
|
||||||
"retracker.local:9256"
|
"retracker.local:9256"
|
||||||
"retracker.local:9167"
|
"retracker.local:9167"
|
||||||
"retracker.local:9380"
|
|
||||||
];
|
];
|
||||||
labels.machine = "router";
|
labels.machine = "router";
|
||||||
} ];
|
} ];
|
||||||
|
|
|
@ -1,13 +1,10 @@
|
||||||
{ config
|
{ config
|
||||||
, pkgs
|
, pkgs
|
||||||
, inputs
|
|
||||||
, ... }:
|
, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.server;
|
cfg = config.server;
|
||||||
in {
|
in {
|
||||||
imports = [ inputs.nixos-mailserver.nixosModules.default ];
|
|
||||||
|
|
||||||
impermanence.directories = [
|
impermanence.directories = [
|
||||||
{ directory = config.mailserver.dkimKeyDirectory; user = "opendkim"; group = "opendkim"; mode = "0755"; }
|
{ directory = config.mailserver.dkimKeyDirectory; user = "opendkim"; group = "opendkim"; mode = "0755"; }
|
||||||
{ directory = config.mailserver.mailDirectory; user = "virtualMail"; group = "virtualMail"; mode = "0700"; }
|
{ directory = config.mailserver.mailDirectory; user = "virtualMail"; group = "virtualMail"; mode = "0700"; }
|
||||||
|
|
|
@ -8,17 +8,17 @@ let
|
||||||
"m.server" = "matrix.${cfg.domainName}:443";
|
"m.server" = "matrix.${cfg.domainName}:443";
|
||||||
};
|
};
|
||||||
matrixClientJson = {
|
matrixClientJson = {
|
||||||
"m.homeserver".base_url = "https://matrix.${cfg.domainName}";
|
"m.homeserver" = { base_url = "https://matrix.${cfg.domainName}"; };
|
||||||
"m.identity_server".base_url = "https://vector.im";
|
"m.identity_server" = { base_url = "https://vector.im"; };
|
||||||
};
|
};
|
||||||
matrixServerConfigResponse = ''
|
matrixServerConfigResponse = ''
|
||||||
add_header Content-Type application/json;
|
add_header Content-Type application/json;
|
||||||
return 200 ${builtins.toJSON (builtins.toJSON matrixServerJson)};
|
return 200 '${builtins.toJSON matrixServerJson}';
|
||||||
'';
|
'';
|
||||||
matrixClientConfigResponse = ''
|
matrixClientConfigResponse = ''
|
||||||
add_header Content-Type application/json;
|
add_header Content-Type application/json;
|
||||||
add_header Access-Control-Allow-Origin *;
|
add_header Access-Control-Allow-Origin *;
|
||||||
return 200 ${builtins.toJSON (builtins.toJSON matrixClientJson)};
|
return 200 '${builtins.toJSON matrixClientJson}';
|
||||||
'';
|
'';
|
||||||
matrixAddr = "::1";
|
matrixAddr = "::1";
|
||||||
matrixPort = 8008;
|
matrixPort = 8008;
|
||||||
|
|
|
@ -1,22 +1,52 @@
|
||||||
{ config
|
{ config
|
||||||
, lib
|
, lib
|
||||||
, pkgs
|
, pkgs
|
||||||
, inputs
|
|
||||||
, ... }:
|
, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.server;
|
cfg = config.server;
|
||||||
|
# i've yet to create a maubot module so this is hardcoded
|
||||||
|
maubotAddr = "127.0.0.1";
|
||||||
|
maubotPort = 29316;
|
||||||
in {
|
in {
|
||||||
imports = [ inputs.maubot.nixosModules.default ];
|
impermanence.directories = [
|
||||||
|
{ directory = /var/lib/maubot; user = "maubot"; group = "maubot"; mode = "0755"; }
|
||||||
services.nginx.virtualHosts."matrix.${cfg.domainName}".locations = let
|
];
|
||||||
inherit (config.services.maubot) settings;
|
services.nginx.virtualHosts."matrix.${cfg.domainName}".locations = {
|
||||||
in {
|
|
||||||
"/_matrix/maubot/" = {
|
"/_matrix/maubot/" = {
|
||||||
proxyPass = "http://${lib.quoteListenAddr settings.server.hostname}:${toString settings.server.port}";
|
proxyPass = "http://${lib.quoteListenAddr maubotAddr}:${toString maubotPort}";
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
/*users.users.maubot = {
|
||||||
|
home = "/var/lib/maubot";
|
||||||
|
group = "maubot";
|
||||||
|
isSystemUser = true;
|
||||||
|
};
|
||||||
|
users.groups.maubot = { };*/
|
||||||
|
/*systemd.services.maubot = {
|
||||||
|
description = "Maubot";
|
||||||
|
wants = [ "matrix-synapse.service" "nginx.service" ];
|
||||||
|
after = [ "matrix-synapse.service" "nginx.service" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
environment = {
|
||||||
|
LD_LIBRARY_PATH = "${pkgs.stdenv.cc.cc.lib}/lib";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
User = "maubot";
|
||||||
|
Group = "maubot";
|
||||||
|
WorkingDirectory = "/var/lib/maubot/data";
|
||||||
|
};
|
||||||
|
script = "${pkgs.python3.withPackages (pks: with pks; [
|
||||||
|
pkgs.maubot (pkgs.pineapplebot.override {
|
||||||
|
magic = cfg.pizzabotMagic;
|
||||||
|
}) feedparser levenshtein python-dateutil pytz
|
||||||
|
])}/bin/python3 -m maubot";
|
||||||
|
};*/
|
||||||
|
systemd.services.maubot = {
|
||||||
|
after = [ "nginx.service" ];
|
||||||
|
requires = [ "nginx.service" ];
|
||||||
|
};
|
||||||
services.maubot.enable = true;
|
services.maubot.enable = true;
|
||||||
services.maubot.settings = {
|
services.maubot.settings = {
|
||||||
database = "postgresql://maubot@localhost/maubot";
|
database = "postgresql://maubot@localhost/maubot";
|
||||||
|
|
|
@ -1,13 +1,11 @@
|
||||||
{ lib
|
{ lib
|
||||||
, pkgs
|
, pkgs
|
||||||
, config
|
, config
|
||||||
, inputs
|
|
||||||
, ... }:
|
, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
# force some defaults even if they were set with mkDefault already...
|
# force some defaults even if they were set with mkDefault already...
|
||||||
mkForceDefault = lib.mkOverride 999;
|
mkForceDefault = lib.mkOverride 999;
|
||||||
cfg = config.common;
|
|
||||||
in {
|
in {
|
||||||
options.common = with lib; mkOption {
|
options.common = with lib; mkOption {
|
||||||
type = types.submodule {
|
type = types.submodule {
|
||||||
|
@ -36,8 +34,9 @@ in {
|
||||||
};
|
};
|
||||||
default = { };
|
default = { };
|
||||||
};
|
};
|
||||||
config = lib.mkMerge [
|
config = let
|
||||||
{
|
cfg = config.common;
|
||||||
|
in {
|
||||||
nix = {
|
nix = {
|
||||||
# nix.channel.enable is needed for NIX_PATH to work for some reason
|
# nix.channel.enable is needed for NIX_PATH to work for some reason
|
||||||
# channel.enable = false;
|
# channel.enable = false;
|
||||||
|
@ -59,35 +58,15 @@ in {
|
||||||
options = "--delete-older-than 30d";
|
options = "--delete-older-than 30d";
|
||||||
};
|
};
|
||||||
package = pkgs.nixForNixPlugins;
|
package = pkgs.nixForNixPlugins;
|
||||||
extraOptions = ''
|
|
||||||
plugin-files = ${pkgs.nix-plugins.override { nix = config.nix.package; }}/lib/nix/plugins/libnix-extra-builtins.so
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
systemd.services.nix-daemon.serviceConfig.LimitSTACKSoft = "infinity";
|
systemd.services.nix-daemon.serviceConfig.LimitSTACKSoft = "infinity";
|
||||||
nix.daemonCPUSchedPolicy = lib.mkDefault "idle";
|
nix.daemonCPUSchedPolicy = lib.mkDefault "idle";
|
||||||
nix.daemonIOSchedClass = lib.mkDefault "idle";
|
nix.daemonIOSchedClass = lib.mkDefault "idle";
|
||||||
|
|
||||||
# registry is used for the new flaky nix command
|
|
||||||
nix.registry =
|
|
||||||
builtins.mapAttrs
|
|
||||||
(_: v: { flake = v; })
|
|
||||||
(lib.filterAttrs (_: v: v?outputs) inputs);
|
|
||||||
|
|
||||||
# add import'able flake inputs (like nixpkgs) to nix path
|
|
||||||
# nix path is used for old nix commands (like nix-build, nix-shell)
|
|
||||||
environment.etc = lib.mapAttrs'
|
|
||||||
(name: value: {
|
|
||||||
name = "nix/inputs/${name}";
|
|
||||||
value.source = value.outPath or "${value}";
|
|
||||||
})
|
|
||||||
(lib.filterAttrs (_: v: builtins.pathExists "${v}/default.nix") inputs);
|
|
||||||
nix.nixPath = [ "/etc/nix/inputs" ];
|
|
||||||
|
|
||||||
boot.kernelParams = lib.optionals (cfg.resolution != null) [
|
boot.kernelParams = lib.optionals (cfg.resolution != null) [
|
||||||
"consoleblank=60"
|
"consoleblank=60"
|
||||||
] ++ lib.optionals (cfg.resolution == "1920x1080") [
|
] ++ (lib.optionals (cfg.resolution == "1920x1080") [
|
||||||
"fbcon=font:TER16x32"
|
"fbcon=font:TER16x32"
|
||||||
];
|
]);
|
||||||
console.font =
|
console.font =
|
||||||
lib.mkIf (cfg.resolution == "1920x1080" || cfg.resolution == "1366x768") {
|
lib.mkIf (cfg.resolution == "1920x1080" || cfg.resolution == "1366x768") {
|
||||||
"1920x1080" = "${pkgs.terminus_font}/share/consolefonts/ter-v32n.psf.gz";
|
"1920x1080" = "${pkgs.terminus_font}/share/consolefonts/ter-v32n.psf.gz";
|
||||||
|
@ -102,11 +81,9 @@ in {
|
||||||
|
|
||||||
hardware.enableRedistributableFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
services.openssh.settings.PasswordAuthentication = false;
|
services.openssh.settings.PasswordAuthentication = false;
|
||||||
|
|
||||||
services.tlp.settings.USB_EXCLUDE_PHONE = 1;
|
services.tlp.settings.USB_EXCLUDE_PHONE = 1;
|
||||||
services.tlp.settings.START_CHARGE_THRESH_BAT0 = 75;
|
services.tlp.settings.START_CHARGE_THRESH_BAT0 = 75;
|
||||||
services.tlp.settings.STOP_CHARGE_THRESH_BAT0 = 80;
|
services.tlp.settings.STOP_CHARGE_THRESH_BAT0 = 80;
|
||||||
|
|
||||||
i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
|
i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
|
||||||
i18n.supportedLocales = lib.mkDefault [
|
i18n.supportedLocales = lib.mkDefault [
|
||||||
"C.UTF-8/UTF-8"
|
"C.UTF-8/UTF-8"
|
||||||
|
@ -115,44 +92,16 @@ in {
|
||||||
];
|
];
|
||||||
# ISO-8601
|
# ISO-8601
|
||||||
i18n.extraLocaleSettings.LC_TIME = "en_DK.UTF-8";
|
i18n.extraLocaleSettings.LC_TIME = "en_DK.UTF-8";
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; ([
|
||||||
bottom
|
bottom
|
||||||
git
|
|
||||||
rsync
|
|
||||||
tmux
|
|
||||||
wget
|
wget
|
||||||
|
git
|
||||||
|
tmux
|
||||||
|
] ++ lib.optionals cfg.minimal [
|
||||||
kitty.terminfo
|
kitty.terminfo
|
||||||
foot.terminfo
|
|
||||||
# rxvt-unicode-unwrapped.terminfo
|
# rxvt-unicode-unwrapped.terminfo
|
||||||
];
|
]);
|
||||||
programs.fish.enable = true;
|
programs.fish.interactiveShellInit = lib.mkIf cfg.minimal ''
|
||||||
users.users.${cfg.mainUsername} = {
|
|
||||||
uid = 1000;
|
|
||||||
isNormalUser = true;
|
|
||||||
extraGroups = [ "wheel" ];
|
|
||||||
};
|
|
||||||
# nixos-hardware uses mkDefault here, so we use slightly higher priority
|
|
||||||
services.xserver.libinput.enable = mkForceDefault (!cfg.minimal);
|
|
||||||
programs.fuse.userAllowOther = true;
|
|
||||||
# autologin once after boot
|
|
||||||
# --skip-login means directly call login instead of first asking for username
|
|
||||||
# (normally login asks for username too, but getty prefers to do it by itself for whatever reason)
|
|
||||||
services.getty.extraArgs = lib.mkIf cfg.gettyAutologin [ "--skip-login" ];
|
|
||||||
services.getty.loginProgram = lib.mkIf cfg.gettyAutologin (let
|
|
||||||
lockfile = "/tmp/login-once.lock";
|
|
||||||
in with pkgs; writeShellScript "login-once" ''
|
|
||||||
if [ -f '${lockfile}' ]; then
|
|
||||||
exec ${shadow}/bin/login $@
|
|
||||||
else
|
|
||||||
${coreutils}/bin/touch '${lockfile}'
|
|
||||||
exec ${shadow}/bin/login -f user
|
|
||||||
fi
|
|
||||||
'');
|
|
||||||
}
|
|
||||||
|
|
||||||
(lib.mkIf cfg.minimal {
|
|
||||||
programs.fish.interactiveShellInit = ''
|
|
||||||
set -gx SHELL ${pkgs.zsh}/bin/zsh
|
set -gx SHELL ${pkgs.zsh}/bin/zsh
|
||||||
set -g fish_color_autosuggestion 777 brblack
|
set -g fish_color_autosuggestion 777 brblack
|
||||||
set -g fish_color_command green
|
set -g fish_color_command green
|
||||||
|
@ -162,16 +111,7 @@ in {
|
||||||
set -g fish_cursor_insert line
|
set -g fish_cursor_insert line
|
||||||
set -g fish_cursor_replace underscore
|
set -g fish_cursor_replace underscore
|
||||||
'';
|
'';
|
||||||
# this is supposed to default to false, but it doesn't because of nixos fish module
|
programs.vim = lib.mkIf cfg.minimal {
|
||||||
documentation.man.generateCaches = mkForceDefault false;
|
|
||||||
# we don't need stuff like html files (NixOS manual and so on) on minimal machines
|
|
||||||
documentation.doc.enable = lib.mkDefault false;
|
|
||||||
# conflicts with bash module's mkDefault
|
|
||||||
# only override on minimal systems because on non-minimal systems
|
|
||||||
# my fish config doesn't work well in fb/drm console
|
|
||||||
users.defaultUserShell = lib.mkIf cfg.minimal (mkForceDefault pkgs.fish);
|
|
||||||
|
|
||||||
programs.vim = {
|
|
||||||
defaultEditor = lib.mkDefault true;
|
defaultEditor = lib.mkDefault true;
|
||||||
package = pkgs.vim-full.customize {
|
package = pkgs.vim-full.customize {
|
||||||
vimrcConfig.customRC = ''
|
vimrcConfig.customRC = ''
|
||||||
|
@ -187,22 +127,47 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
})
|
# this is supposed to default to false, but it doesn't because of nixos fish module
|
||||||
|
documentation.man.generateCaches = lib.mkIf cfg.minimal (mkForceDefault false);
|
||||||
(lib.mkIf (!cfg.minimal) {
|
# we don't need stuff like html files (NixOS manual and so on) on minimal machines
|
||||||
hardware.pulseaudio.enable = false;
|
documentation.doc.enable = lib.mkIf cfg.minimal (lib.mkDefault false);
|
||||||
services.pipewire = {
|
programs.fish.enable = true;
|
||||||
enable = lib.mkDefault true;
|
# conflicts with bash module's mkDefault
|
||||||
alsa.enable = true;
|
# only override on minimal systems because on non-minimal systems
|
||||||
alsa.support32Bit = true;
|
# because my fish config doesn't work well in fb/drm console
|
||||||
pulse.enable = true;
|
users.defaultUserShell = lib.mkIf cfg.minimal (mkForceDefault pkgs.fish);
|
||||||
jack.enable = true;
|
users.users.${cfg.mainUsername} = {
|
||||||
|
uid = 1000;
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = [ "wheel" ];
|
||||||
};
|
};
|
||||||
security.polkit.enable = true;
|
# nixos-hardware uses mkDefault here, so we use slightly higher priority
|
||||||
security.rtkit.enable = true;
|
services.xserver.libinput.enable = mkForceDefault (!cfg.minimal);
|
||||||
services.dbus.enable = true;
|
/*
|
||||||
programs.dconf.enable = true;
|
services.xserver = {
|
||||||
})
|
enable = true;
|
||||||
|
libinput.enable = true;
|
||||||
];
|
desktopManager.xterm.enable = false;
|
||||||
|
# I couldn't get lightdm to start sway, so let's just do this
|
||||||
|
displayManager.startx.enable = true;
|
||||||
|
windowManager.i3.enable = true;
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
# pipewire:
|
||||||
|
programs.fuse.userAllowOther = true;
|
||||||
|
# autologin once after boot
|
||||||
|
# --skip-login means directly call login instead of first asking for username
|
||||||
|
# (normally login asks for username too, but getty prefers to do it by itself for whatever reason)
|
||||||
|
services.getty.extraArgs = lib.mkIf cfg.gettyAutologin [ "--skip-login" ];
|
||||||
|
services.getty.loginProgram = lib.mkIf cfg.gettyAutologin (let
|
||||||
|
lockfile = "/tmp/login-once.lock";
|
||||||
|
in with pkgs; writeShellScript "login-once" ''
|
||||||
|
if [ -f '${lockfile}' ]; then
|
||||||
|
exec ${shadow}/bin/login $@
|
||||||
|
else
|
||||||
|
${coreutils}/bin/touch '${lockfile}'
|
||||||
|
exec ${shadow}/bin/login -f user
|
||||||
|
fi
|
||||||
|
'');
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -61,94 +61,78 @@ in {
|
||||||
{ directory = /var/spool; user = "root"; group = "root"; mode = "0777"; }
|
{ directory = /var/spool; user = "root"; group = "root"; mode = "0777"; }
|
||||||
] ++ lib.optionals cfg.persistTmp [
|
] ++ lib.optionals cfg.persistTmp [
|
||||||
{ directory = /tmp; user = "root"; group = "root"; mode = "1777"; }
|
{ directory = /tmp; user = "root"; group = "root"; mode = "1777"; }
|
||||||
] ++ lib.optionals config.networking.wireless.iwd.enable [
|
|
||||||
{ directory = /var/lib/iwd; user = "root"; group = "root"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals (builtins.any (x: x.useDHCP != false) (builtins.attrValues config.networking.interfaces) || config.networking.useDHCP) [
|
|
||||||
{ directory = /var/db/dhcpcd; user = "root"; group = "root"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.security.acme.acceptTerms [
|
|
||||||
{ directory = /var/lib/acme; user = "acme"; group = "acme"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.services.akkoma.enable [
|
|
||||||
{ directory = /var/lib/akkoma; user = "akkoma"; group = "akkoma"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals config.services.botamusique.enable [
|
|
||||||
{ directory = /var/lib/private/botamusique; user = "root"; group = "root"; mode = "0750"; }
|
|
||||||
] ++ lib.optionals config.programs.ccache.enable [
|
|
||||||
{ directory = config.programs.ccache.cacheDir; user = "root"; group = "nixbld"; mode = "0770"; }
|
|
||||||
{ directory = /var/cache/sccache; user = "root"; group = "nixbld"; mode = "0770"; }
|
|
||||||
] ++ lib.optionals config.services.certspotter.enable [
|
|
||||||
{ directory = /var/lib/certspotter; user = "certspotter"; group = "certspotter"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals (config.services.coop-ofd.enable or false) [
|
|
||||||
{ directory = /var/lib/private/coop-ofd; mode = "0750"; }
|
|
||||||
] ++ lib.optionals config.services.dovecot2.enable [
|
|
||||||
{ directory = /var/lib/dhparams; user = "root"; group = "root"; mode = "0755"; }
|
|
||||||
{ directory = /var/lib/dovecot; user = "root"; group = "root"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.services.fail2ban.enable [
|
|
||||||
{ directory = /var/lib/fail2ban; user = "root"; group = "root"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals config.services.forgejo.enable [
|
|
||||||
{ directory = /var/lib/forgejo; user = "forgejo"; group = "forgejo"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.services.gitea.enable [
|
|
||||||
{ directory = /var/lib/gitea; user = "gitea"; group = "gitea"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.services.grafana.enable [
|
|
||||||
{ directory = /var/lib/grafana; user = "grafana"; group = "grafana"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.services.heisenbridge.enable [
|
|
||||||
{ directory = /var/lib/heisenbridge; user = "heisenbridge"; group = "heisenbridge"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.services.hydra.enable [
|
|
||||||
{ directory = /var/lib/hydra; user = "hydra"; group = "hydra"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.services.jellyfin.enable [
|
|
||||||
{ directory = /var/lib/jellyfin; user = "jellyfin"; group = "jellyfin"; mode = "0750"; }
|
|
||||||
] ++ lib.optionals config.services.matrix-synapse.enable [
|
|
||||||
{ directory = /var/lib/matrix-synapse; user = "matrix-synapse"; group = "matrix-synapse"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals (config.services.maubot.enable or false) [
|
|
||||||
{ directory = /var/lib/maubot; user = "maubot"; group = "maubot"; mode = "0750"; }
|
|
||||||
] ++ lib.optionals config.services.monero.enable [
|
|
||||||
{ directory = config.services.monero.dataDir; user = "monero"; group = "monero"; mode = "0750"; }
|
|
||||||
] ++ lib.optionals config.services.mullvad-vpn.enable [
|
] ++ lib.optionals config.services.mullvad-vpn.enable [
|
||||||
{ directory = /etc/mullvad-vpn; user = "root"; group = "root"; mode = "0700"; }
|
{ directory = /etc/mullvad-vpn; user = "root"; group = "root"; mode = "0700"; }
|
||||||
{ directory = /var/cache/mullvad-vpn; user = "root"; group = "root"; mode = "0755"; }
|
{ directory = /var/cache/mullvad-vpn; user = "root"; group = "root"; mode = "0755"; }
|
||||||
] ++ lib.optionals config.services.murmur.enable [
|
|
||||||
{ directory = /var/lib/murmur; user = "murmur"; group = "murmur"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals config.services.nextcloud.enable [
|
|
||||||
{ directory = /var/lib/nextcloud; user = "nextcloud"; group = "nextcloud"; mode = "0750"; }
|
|
||||||
] ++ lib.optionals config.networking.networkmanager.enable [
|
|
||||||
{ directory = /etc/NetworkManager/system-connections; mode = "0700"; }
|
|
||||||
{ directory = /var/lib/NetworkManager; mode = "0755"; }
|
|
||||||
{ directory = /var/lib/NetworkManager-fortisslvpn; mode = "0700"; }
|
|
||||||
] ++ lib.optionals config.services.opendkim.enable [
|
|
||||||
{ directory = /var/lib/opendkim; user = "opendkim"; group = "opendkim"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals config.services.openldap.enable [
|
|
||||||
{ directory = /var/lib/openldap; inherit (config.services.openldap) user group; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.services.pleroma.enable [
|
|
||||||
{ directory = /var/lib/pleroma; user = "pleroma"; group = "pleroma"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals config.services.postfix.enable [
|
|
||||||
{ directory = /var/lib/postfix; user = "root"; group = "root"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.services.postgresql.enable [
|
|
||||||
{ directory = /var/lib/postgresql; user = "postgres"; group = "postgres"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.services.printing.enable [
|
|
||||||
{ directory = /var/lib/cups; user = "root"; group = "root"; mode = "0755"; }
|
|
||||||
{ directory = /var/cache/cups; user = "root"; group = "lp"; mode = "0770"; }
|
|
||||||
] ++ lib.optionals config.services.prometheus.enable [
|
|
||||||
{ directory = /var/lib/${config.services.prometheus.stateDir}; user = "prometheus"; group = "prometheus"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals (config.services.qbittorrent-nox.enable or false) [
|
|
||||||
{ directory = /var/lib/qbittorrent-nox; mode = "0755"; }
|
|
||||||
] ++ lib.optionals (config.services.redis.servers.rspamd.enable or false) [
|
|
||||||
{ directory = /var/lib/redis-rspamd; user = "redis-rspamd"; group = "redis-rspamd"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals config.services.roundcube.enable [
|
|
||||||
{ directory = /var/lib/roundcube; user = "roundcube"; group = "roundcube"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals config.services.rspamd.enable [
|
|
||||||
{ directory = /var/lib/rspamd; user = "rspamd"; group = "rspamd"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals (config.services.scanservjs.enable or false) [
|
|
||||||
{ directory = /var/lib/scanservjs; user = "scanservjs"; group = "scanservjs"; mode = "0750"; }
|
|
||||||
] ++ lib.optionals config.services.searx.enable [
|
|
||||||
{ directory = /var/lib/searx; user = "searx"; group = "searx"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals config.security.sudo.enable [
|
|
||||||
{ directory = /var/db/sudo/lectured; user = "root"; group = "root"; mode = "0700"; }
|
|
||||||
] ++ lib.optionals config.services.unbound.enable [
|
|
||||||
{ directory = /var/lib/unbound; user = "unbound"; group = "unbound"; mode = "0755"; }
|
|
||||||
] ++ lib.optionals config.virtualisation.libvirtd.enable ([
|
] ++ lib.optionals config.virtualisation.libvirtd.enable ([
|
||||||
# { directory = /var/cache/libvirt; user = "root"; group = "root"; mode = "0755"; }
|
# { directory = /var/cache/libvirt; user = "root"; group = "root"; mode = "0755"; }
|
||||||
{ directory = /var/lib/libvirt; user = "root"; group = "root"; mode = "0755"; }
|
{ directory = /var/lib/libvirt; user = "root"; group = "root"; mode = "0755"; }
|
||||||
] ++ lib.optionals config.virtualisation.libvirtd.qemu.swtpm.enable [
|
] ++ lib.optionals config.virtualisation.libvirtd.qemu.swtpm.enable [
|
||||||
{ directory = /var/lib/swtpm-localca; user = "root"; group = "root"; mode = "0750"; }
|
{ directory = /var/lib/swtpm-localca; user = "root"; group = "root"; mode = "0750"; }
|
||||||
]) ++ cfg.directories);
|
]) ++ lib.optionals config.networking.wireless.iwd.enable [
|
||||||
|
{ directory = /var/lib/iwd; user = "root"; group = "root"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals (builtins.any (x: x.useDHCP != false) (builtins.attrValues config.networking.interfaces) || config.networking.useDHCP) [
|
||||||
|
{ directory = /var/db/dhcpcd; user = "root"; group = "root"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.gitea.enable [
|
||||||
|
{ directory = /var/lib/gitea; user = "gitea"; group = "gitea"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.forgejo.enable [
|
||||||
|
{ directory = /var/lib/forgejo; user = "forgejo"; group = "forgejo"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.matrix-synapse.enable [
|
||||||
|
{ directory = /var/lib/matrix-synapse; user = "matrix-synapse"; group = "matrix-synapse"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.heisenbridge.enable [
|
||||||
|
{ directory = /var/lib/heisenbridge; user = "heisenbridge"; group = "heisenbridge"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.murmur.enable [
|
||||||
|
{ directory = /var/lib/murmur; user = "murmur"; group = "murmur"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.nextcloud.enable [
|
||||||
|
{ directory = /var/lib/nextcloud; user = "nextcloud"; group = "nextcloud"; mode = "0750"; }
|
||||||
|
] ++ lib.optionals config.services.botamusique.enable [
|
||||||
|
{ directory = /var/lib/private/botamusique; user = "root"; group = "root"; mode = "0750"; }
|
||||||
|
] ++ lib.optionals config.security.acme.acceptTerms [
|
||||||
|
{ directory = /var/lib/acme; user = "acme"; group = "acme"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.printing.enable [
|
||||||
|
{ directory = /var/lib/cups; user = "root"; group = "root"; mode = "0755"; }
|
||||||
|
{ directory = /var/cache/cups; user = "root"; group = "lp"; mode = "0770"; }
|
||||||
|
] ++ lib.optionals config.services.fail2ban.enable [
|
||||||
|
{ directory = /var/lib/fail2ban; user = "root"; group = "root"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.opendkim.enable [
|
||||||
|
{ directory = /var/lib/opendkim; user = "opendkim"; group = "opendkim"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.pleroma.enable [
|
||||||
|
{ directory = /var/lib/pleroma; user = "pleroma"; group = "pleroma"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.akkoma.enable [
|
||||||
|
{ directory = /var/lib/akkoma; user = "akkoma"; group = "akkoma"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.hydra.enable [
|
||||||
|
{ directory = /var/lib/hydra; user = "hydra"; group = "hydra"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.grafana.enable [
|
||||||
|
{ directory = /var/lib/grafana; user = "grafana"; group = "grafana"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.prometheus.enable [
|
||||||
|
{ directory = /var/lib/${config.services.prometheus.stateDir}; user = "prometheus"; group = "prometheus"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.postfix.enable [
|
||||||
|
{ directory = /var/lib/postfix; user = "root"; group = "root"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.postgresql.enable [
|
||||||
|
{ directory = /var/lib/postgresql; user = "postgres"; group = "postgres"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.unbound.enable [
|
||||||
|
{ directory = /var/lib/unbound; user = "unbound"; group = "unbound"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.searx.enable [
|
||||||
|
{ directory = /var/lib/searx; user = "searx"; group = "searx"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.roundcube.enable [
|
||||||
|
{ directory = /var/lib/roundcube; user = "roundcube"; group = "roundcube"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.rspamd.enable [
|
||||||
|
{ directory = /var/lib/rspamd; user = "rspamd"; group = "rspamd"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals (config.services.redis.servers.rspamd.enable or false) [
|
||||||
|
{ directory = /var/lib/redis-rspamd; user = "redis-rspamd"; group = "redis-rspamd"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.dovecot2.enable [
|
||||||
|
{ directory = /var/lib/dhparams; user = "root"; group = "root"; mode = "0755"; }
|
||||||
|
{ directory = /var/lib/dovecot; user = "root"; group = "root"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.security.sudo.enable [
|
||||||
|
{ directory = /var/db/sudo/lectured; user = "root"; group = "root"; mode = "0700"; }
|
||||||
|
] ++ lib.optionals config.services.openldap.enable [
|
||||||
|
{ directory = /var/lib/openldap; inherit (config.services.openldap) user group; mode = "0755"; }
|
||||||
|
] ++ lib.optionals (config.services.scanservjs.enable or false) [
|
||||||
|
{ directory = /var/lib/scanservjs; user = "scanservjs"; group = "scanservjs"; mode = "0750"; }
|
||||||
|
] ++ lib.optionals config.programs.ccache.enable [
|
||||||
|
{ directory = config.programs.ccache.cacheDir; user = "root"; group = "nixbld"; mode = "0770"; }
|
||||||
|
{ directory = /var/cache/sccache; user = "root"; group = "nixbld"; mode = "0770"; }
|
||||||
|
] ++ cfg.directories);
|
||||||
files = map (x:
|
files = map (x:
|
||||||
if builtins.isPath x then toString x
|
if builtins.isPath x then toString x
|
||||||
else if builtins.isPath (x.file or null) then x // { file = toString x.file; }
|
else if builtins.isPath (x.file or null) then x // { file = toString x.file; }
|
||||||
|
|
|
@ -1,41 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.networking.modemmanager;
|
|
||||||
packages = [ pkgs.modemmanager ];
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.networking.modemmanager = {
|
|
||||||
enable = lib.mkEnableOption "ModemManager";
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
|
||||||
assertions = [
|
|
||||||
{
|
|
||||||
assertion = !config.networking.networkmanager.enable;
|
|
||||||
message = "If you use NetworkManager, this module is redundant";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
environment.etc = builtins.listToAttrs
|
|
||||||
(map ({ id, path }: { name = "ModemManager/fcc-unlock.d/${id}"; value.source = path; })
|
|
||||||
config.networking.networkmanager.fccUnlockScripts);
|
|
||||||
|
|
||||||
users.groups.networkmanager.gid = config.ids.gids.networkmanager;
|
|
||||||
|
|
||||||
systemd.services.ModemManager.aliases = [ "dbus-org.freedesktop.ModemManager1.service" ];
|
|
||||||
|
|
||||||
security.polkit.enable = true;
|
|
||||||
security.polkit.extraConfig = ''
|
|
||||||
polkit.addRule(function(action, subject) {
|
|
||||||
if (subject.isInGroup("networkmanager") && (action.id.indexOf("org.freedesktop.ModemManager") == 0)) {
|
|
||||||
return polkit.Result.YES;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
'';
|
|
||||||
|
|
||||||
environment.systemPackages = packages;
|
|
||||||
systemd.packages = packages;
|
|
||||||
services.udev.packages = packages;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,151 +0,0 @@
|
||||||
{ config
|
|
||||||
, lib
|
|
||||||
, pkgs
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.services.prometheus.exporters.ping;
|
|
||||||
inherit (lib) concatStrings literalExpression mkMerge mkDefault mkEnableOption mkIf mkOption types;
|
|
||||||
# copied from nixpkgs/nixos/modules/services/monitoring/prometheus/exporters
|
|
||||||
mkExporterOpts = { name, port }: {
|
|
||||||
enable = mkEnableOption (lib.mdDoc "the prometheus ${name} exporter");
|
|
||||||
port = mkOption {
|
|
||||||
type = types.port;
|
|
||||||
default = port;
|
|
||||||
description = lib.mdDoc ''
|
|
||||||
Port to listen on.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
listenAddress = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "0.0.0.0";
|
|
||||||
description = lib.mdDoc ''
|
|
||||||
Address to listen on.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
extraFlags = mkOption {
|
|
||||||
type = types.listOf types.str;
|
|
||||||
default = [];
|
|
||||||
description = lib.mdDoc ''
|
|
||||||
Extra commandline options to pass to the ${name} exporter.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
openFirewall = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = false;
|
|
||||||
description = lib.mdDoc ''
|
|
||||||
Open port in firewall for incoming connections.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
firewallFilter = mkOption {
|
|
||||||
type = types.nullOr types.str;
|
|
||||||
default = null;
|
|
||||||
example = literalExpression ''
|
|
||||||
"-i eth0 -p tcp -m tcp --dport ${toString port}"
|
|
||||||
'';
|
|
||||||
description = lib.mdDoc ''
|
|
||||||
Specify a filter for iptables to use when
|
|
||||||
{option}`services.prometheus.exporters.${name}.openFirewall`
|
|
||||||
is true. It is used as `ip46tables -I nixos-fw firewallFilter -j nixos-fw-accept`.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
user = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "${name}-exporter";
|
|
||||||
description = lib.mdDoc ''
|
|
||||||
User name under which the ${name} exporter shall be run.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
group = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "${name}-exporter";
|
|
||||||
description = lib.mdDoc ''
|
|
||||||
Group under which the ${name} exporter shall be run.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
mkExporterConf = { name, conf, serviceOpts }:
|
|
||||||
let
|
|
||||||
enableDynamicUser = serviceOpts.serviceConfig.DynamicUser or true;
|
|
||||||
in
|
|
||||||
mkIf conf.enable {
|
|
||||||
warnings = conf.warnings or [];
|
|
||||||
users.users."${name}-exporter" = (mkIf (conf.user == "${name}-exporter" && !enableDynamicUser) {
|
|
||||||
description = "Prometheus ${name} exporter service user";
|
|
||||||
isSystemUser = true;
|
|
||||||
inherit (conf) group;
|
|
||||||
});
|
|
||||||
users.groups = (mkIf (conf.group == "${name}-exporter" && !enableDynamicUser) {
|
|
||||||
"${name}-exporter" = {};
|
|
||||||
});
|
|
||||||
networking.firewall.extraCommands = mkIf conf.openFirewall (concatStrings [
|
|
||||||
"ip46tables -A nixos-fw ${conf.firewallFilter} "
|
|
||||||
"-m comment --comment ${name}-exporter -j nixos-fw-accept"
|
|
||||||
]);
|
|
||||||
systemd.services."prometheus-${name}-exporter" = mkMerge ([{
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
after = [ "network.target" ];
|
|
||||||
serviceConfig.Restart = mkDefault "always";
|
|
||||||
serviceConfig.PrivateTmp = mkDefault true;
|
|
||||||
serviceConfig.WorkingDirectory = mkDefault /tmp;
|
|
||||||
serviceConfig.DynamicUser = mkDefault enableDynamicUser;
|
|
||||||
serviceConfig.User = mkDefault conf.user;
|
|
||||||
serviceConfig.Group = conf.group;
|
|
||||||
# Hardening
|
|
||||||
serviceConfig.CapabilityBoundingSet = mkDefault [ "" ];
|
|
||||||
serviceConfig.DeviceAllow = [ "" ];
|
|
||||||
serviceConfig.LockPersonality = true;
|
|
||||||
serviceConfig.MemoryDenyWriteExecute = true;
|
|
||||||
serviceConfig.NoNewPrivileges = true;
|
|
||||||
serviceConfig.PrivateDevices = mkDefault true;
|
|
||||||
serviceConfig.ProtectClock = mkDefault true;
|
|
||||||
serviceConfig.ProtectControlGroups = true;
|
|
||||||
serviceConfig.ProtectHome = true;
|
|
||||||
serviceConfig.ProtectHostname = true;
|
|
||||||
serviceConfig.ProtectKernelLogs = true;
|
|
||||||
serviceConfig.ProtectKernelModules = true;
|
|
||||||
serviceConfig.ProtectKernelTunables = true;
|
|
||||||
serviceConfig.ProtectSystem = mkDefault "strict";
|
|
||||||
serviceConfig.RemoveIPC = true;
|
|
||||||
serviceConfig.RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
|
|
||||||
serviceConfig.RestrictNamespaces = true;
|
|
||||||
serviceConfig.RestrictRealtime = true;
|
|
||||||
serviceConfig.RestrictSUIDSGID = true;
|
|
||||||
serviceConfig.SystemCallArchitectures = "native";
|
|
||||||
serviceConfig.UMask = "0077";
|
|
||||||
} serviceOpts ]);
|
|
||||||
};
|
|
||||||
format = pkgs.formats.toml { };
|
|
||||||
in {
|
|
||||||
options.services.prometheus.exporters.ping = mkExporterOpts { name = "ping"; port = 9390; } // {
|
|
||||||
config = mkOption {
|
|
||||||
type = format.type;
|
|
||||||
default = { };
|
|
||||||
description = "Exporter config";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
config = mkExporterConf {
|
|
||||||
name = "ping";
|
|
||||||
conf = cfg;
|
|
||||||
serviceOpts = {
|
|
||||||
serviceConfig = rec {
|
|
||||||
# netns switching
|
|
||||||
AmbientCapabilities = [
|
|
||||||
# set network namespace
|
|
||||||
"CAP_SYS_ADMIN"
|
|
||||||
# open icmp socket
|
|
||||||
"CAP_NET_RAW"
|
|
||||||
];
|
|
||||||
CapabilityBoundingSet = AmbientCapabilities;
|
|
||||||
RestrictNamespaces = lib.mkForce false;
|
|
||||||
ExecStart = ''
|
|
||||||
${pkgs.ping-exporter}/bin/ping-exporter \
|
|
||||||
--listen ${cfg.listenAddress}:${toString cfg.port} \
|
|
||||||
--config ${format.generate "ping-exporter-config.toml" cfg.config} \
|
|
||||||
${lib.escapeShellArgs cfg.extraFlags}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,77 +0,0 @@
|
||||||
{ config
|
|
||||||
, lib
|
|
||||||
, pkgs
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.services.qbittorrent-nox;
|
|
||||||
in {
|
|
||||||
options.services.qbittorrent-nox = {
|
|
||||||
enable = lib.mkEnableOption "qbittorrent-nox";
|
|
||||||
|
|
||||||
package = lib.mkPackageOptionMD pkgs "qbittorrent-nox" { };
|
|
||||||
|
|
||||||
ui.addToFirewall = lib.mkOption {
|
|
||||||
description = "Add the web UI port to firewall";
|
|
||||||
type = lib.types.bool;
|
|
||||||
default = false;
|
|
||||||
};
|
|
||||||
ui.port = lib.mkOption {
|
|
||||||
description = "Web UI port";
|
|
||||||
type = lib.types.port;
|
|
||||||
default = 8080;
|
|
||||||
};
|
|
||||||
|
|
||||||
torrent.addToFirewall = lib.mkOption {
|
|
||||||
description = "Add the torrenting port to firewall";
|
|
||||||
type = lib.types.bool;
|
|
||||||
default = true;
|
|
||||||
};
|
|
||||||
torrent.port = lib.mkOption {
|
|
||||||
description = "Torrenting port";
|
|
||||||
type = with lib.types; nullOr port;
|
|
||||||
default = null;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
|
||||||
networking.firewall.allowedTCPPorts =
|
|
||||||
lib.optional (cfg.torrent.addToFirewall && cfg.torrent.port != null) cfg.torrent.port
|
|
||||||
++ lib.optional cfg.ui.addToFirewall cfg.ui.port;
|
|
||||||
networking.firewall.allowedUDPPorts =
|
|
||||||
lib.optional (cfg.torrent.addToFirewall && cfg.torrent.port != null) cfg.torrent.port;
|
|
||||||
|
|
||||||
users.users.qbittorrent-nox = {
|
|
||||||
isSystemUser = true;
|
|
||||||
group = "qbittorrent-nox";
|
|
||||||
home = "/var/lib/qbittorrent-nox";
|
|
||||||
};
|
|
||||||
users.groups.qbittorrent-nox = { };
|
|
||||||
|
|
||||||
systemd.services.qbittorrent-nox = {
|
|
||||||
description = "qBittorrent-nox service";
|
|
||||||
wants = [ "network-online.target" ];
|
|
||||||
after = [ "local-fs.target" "network-online.target" "nss-lookup.target" ];
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
unitConfig.Documentation = "man:qbittorrent-nox(1)";
|
|
||||||
# required for reverse proxying
|
|
||||||
preStart = ''
|
|
||||||
if [[ ! -f /var/lib/qbittorrent-nox/qBittorrent/config/qBittorrent.conf ]]; then
|
|
||||||
mkdir -p /var/lib/qbittorrent-nox/qBittorrent/config
|
|
||||||
echo "Preferences\WebUI\HostHeaderValidation=false" >> /var/lib/qbittorrent-nox/qBittorrent/config/qBittorrent.conf
|
|
||||||
fi
|
|
||||||
'';
|
|
||||||
serviceConfig = {
|
|
||||||
User = "qbittorrent-nox";
|
|
||||||
Group = "qbittorrent-nox";
|
|
||||||
StateDirectory = "qbittorrent-nox";
|
|
||||||
WorkingDirectory = "/var/lib/qbittorrent-nox";
|
|
||||||
ExecStart = ''
|
|
||||||
${cfg.package}/bin/qbittorrent-nox ${lib.optionalString (cfg.torrent.port != null) "--torrenting-port=${toString cfg.torrent.port}"} \
|
|
||||||
--webui-port=${toString cfg.ui.port} --profile=/var/lib/qbittorrent-nox
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,79 +1,86 @@
|
||||||
{ config
|
{ config
|
||||||
, options
|
|
||||||
, lib
|
, lib
|
||||||
, pkgs
|
, pkgs
|
||||||
, ... }:
|
, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.vfio;
|
cfg = config.vfio;
|
||||||
enableIvshmem = cfg.lookingGlass.enable && (builtins.length cfg.lookingGlass.ivshmem) > 0;
|
|
||||||
in {
|
in {
|
||||||
options.vfio = with lib; {
|
options.vfio = with lib; mkOption {
|
||||||
enable = mkOption {
|
type = types.submodule {
|
||||||
type = types.bool;
|
options = {
|
||||||
default = false;
|
enable = mkOption {
|
||||||
description = "Enable GPU passthrough + VM config (probably no intel/nvidia support since I can't test it)";
|
type = types.bool;
|
||||||
};
|
default = false;
|
||||||
libvirtdGroup = mkOption {
|
description = "Enable GPU passthrough + VM config (probably no intel/nvidia support since I can't test it)";
|
||||||
type = with types; listOf str;
|
};
|
||||||
default = [ ];
|
libvirtdGroup = mkOption {
|
||||||
description = "Users to add to libvirtd group";
|
type = with types; listOf str;
|
||||||
};
|
default = [ ];
|
||||||
intelCpu = mkOption {
|
description = "Users to add to libvirtd group";
|
||||||
type = types.bool;
|
};
|
||||||
default = false;
|
intelCpu = mkOption {
|
||||||
description = "Whether the CPU is Intel (untested)";
|
type = types.bool;
|
||||||
};
|
default = false;
|
||||||
nvidiaGpu = mkOption {
|
description = "Whether the CPU is Intel (untested)";
|
||||||
type = types.bool;
|
};
|
||||||
default = false;
|
nvidiaGpu = mkOption {
|
||||||
description = "Whether the GPU is Nvidia (disables AMD-specific workarounds)";
|
type = types.bool;
|
||||||
};
|
default = false;
|
||||||
passGpuAtBoot = mkOption {
|
description = "Whether the GPU is Nvidia (disables AMD-specific workarounds)";
|
||||||
type = types.bool;
|
};
|
||||||
default = false;
|
passGpuAtBoot = mkOption {
|
||||||
description = "Whether to pass the GPU at boot (can be more stable). If false, a bootloader entry to do it will still be available.";
|
type = types.bool;
|
||||||
};
|
default = false;
|
||||||
pciIDs = mkOption {
|
description = "Whether to pass the GPU at boot (can be more stable). If false, a bootloader entry to do it will still be available.";
|
||||||
type = with types; listOf str;
|
};
|
||||||
default = [ ];
|
pciIDs = mkOption {
|
||||||
description = "PCI passthrough IDs";
|
type = with types; listOf str;
|
||||||
};
|
default = [ ];
|
||||||
lookingGlass = mkOption {
|
description = "PCI passthrough IDs";
|
||||||
default = { };
|
};
|
||||||
type = types.submodule {
|
lookingGlass = mkOption {
|
||||||
options = {
|
default = { };
|
||||||
enable = mkOption {
|
type = types.submodule {
|
||||||
type = types.bool;
|
options = {
|
||||||
default = true;
|
enable = mkOption {
|
||||||
description = "Enable Looking Glass integration";
|
type = types.bool;
|
||||||
};
|
default = true;
|
||||||
ivshmem = mkOption {
|
description = "Enable Looking Glass integration";
|
||||||
type = with types; listOf (submodule {
|
|
||||||
options = {
|
|
||||||
size = mkOption {
|
|
||||||
type = types.int;
|
|
||||||
default = 32;
|
|
||||||
description = "IVSHMEM size in MB: https://looking-glass.io/docs/B6/install/#determining-memory";
|
|
||||||
};
|
|
||||||
owner = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
description = "IVSHMEM device owner";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
});
|
ivshmem = mkOption {
|
||||||
default = if builtins.length cfg.libvirtdGroup == 1 then [
|
type = with types; listOf (submodule {
|
||||||
{ owner = builtins.head cfg.libvirtdGroup; }
|
options = {
|
||||||
] else [ ];
|
size = mkOption {
|
||||||
example = [ { size = 32; owner = "user"; } ];
|
type = types.int;
|
||||||
description = "IVSHMEM/kvmfr config (multiple devices can be created: /dev/kvmfr0, /dev/kvmfr1, and so on)";
|
default = 32;
|
||||||
|
description = "IVSHMEM size in MB: https://looking-glass.io/docs/B6/install/#determining-memory";
|
||||||
|
};
|
||||||
|
owner = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
description = "IVSHMEM device owner";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
});
|
||||||
|
default = if builtins.length cfg.libvirtdGroup == 1 then [
|
||||||
|
{ owner = builtins.head cfg.libvirtdGroup; }
|
||||||
|
] else [ ];
|
||||||
|
example = [ { size = 32; owner = "user"; } ];
|
||||||
|
description = "IVSHMEM/kvmfr config (multiple devices can be created: /dev/kvmfr0, /dev/kvmfr1, and so on)";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
description = "Looking glass config";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
description = "Looking glass config";
|
|
||||||
};
|
};
|
||||||
|
description = "VFIO settings";
|
||||||
|
default = { };
|
||||||
};
|
};
|
||||||
config = lib.mkIf cfg.enable {
|
# compatibility so this module loads on non-amd hardware
|
||||||
|
config = let
|
||||||
|
enableIvshmem = cfg.lookingGlass.enable && (builtins.length cfg.lookingGlass.ivshmem) > 0;
|
||||||
|
in lib.mkIf cfg.enable {
|
||||||
# add a custom kernel param for early loading vfio drivers
|
# add a custom kernel param for early loading vfio drivers
|
||||||
# because if we change boot.initrd options in a specialization, two initrds will be built
|
# because if we change boot.initrd options in a specialization, two initrds will be built
|
||||||
# and we don't want to build two initrds
|
# and we don't want to build two initrds
|
||||||
|
@ -113,11 +120,11 @@ in {
|
||||||
'';
|
'';
|
||||||
initrd.kernelModules = [
|
initrd.kernelModules = [
|
||||||
(if cfg.intelCpu then "kvm-intel" else "kvm-amd")
|
(if cfg.intelCpu then "kvm-intel" else "kvm-amd")
|
||||||
] ++ lib.optionals cfg.passGpuAtBoot [
|
] ++ (if cfg.passGpuAtBoot then [
|
||||||
"vfio"
|
"vfio"
|
||||||
"vfio_iommu_type1"
|
"vfio_iommu_type1"
|
||||||
"vfio_pci"
|
"vfio_pci"
|
||||||
];
|
] else []);
|
||||||
initrd.availableKernelModules = lib.mkIf (!cfg.passGpuAtBoot) [
|
initrd.availableKernelModules = lib.mkIf (!cfg.passGpuAtBoot) [
|
||||||
"vfio"
|
"vfio"
|
||||||
"vfio_iommu_type1"
|
"vfio_iommu_type1"
|
||||||
|
@ -130,9 +137,9 @@ in {
|
||||||
extraModprobeConfig = ''
|
extraModprobeConfig = ''
|
||||||
options vfio-pci ids=${builtins.concatStringsSep "," cfg.pciIDs} disable_idle_d3=1
|
options vfio-pci ids=${builtins.concatStringsSep "," cfg.pciIDs} disable_idle_d3=1
|
||||||
options kvm ignore_msrs=1
|
options kvm ignore_msrs=1
|
||||||
${lib.optionalString enableIvshmem ''
|
${if enableIvshmem then ''
|
||||||
options kvmfr static_size_mb=${builtins.concatStringsSep "," (map (x: toString x.size) cfg.lookingGlass.ivshmem)}
|
options kvmfr static_size_mb=${builtins.concatStringsSep "," (map (x: toString x.size) cfg.lookingGlass.ivshmem)}''
|
||||||
''}
|
else ""}
|
||||||
'';
|
'';
|
||||||
kernelParams = [
|
kernelParams = [
|
||||||
(if cfg.intelCpu then "intel_iommu=on" else "amd_iommu=on")
|
(if cfg.intelCpu then "intel_iommu=on" else "amd_iommu=on")
|
||||||
|
@ -140,7 +147,7 @@ in {
|
||||||
];
|
];
|
||||||
kernelModules = [
|
kernelModules = [
|
||||||
"vhost-net"
|
"vhost-net"
|
||||||
] ++ lib.optional enableIvshmem "kvmfr";
|
] ++ (if enableIvshmem then [ "kvmfr" ] else []);
|
||||||
};
|
};
|
||||||
services.udev.extraRules = lib.mkIf enableIvshmem
|
services.udev.extraRules = lib.mkIf enableIvshmem
|
||||||
(builtins.concatStringsSep
|
(builtins.concatStringsSep
|
||||||
|
@ -152,11 +159,11 @@ in {
|
||||||
cfg.lookingGlass.ivshmem));
|
cfg.lookingGlass.ivshmem));
|
||||||
hardware = {
|
hardware = {
|
||||||
opengl.enable = true;
|
opengl.enable = true;
|
||||||
} // lib.optionalAttrs (cfg.enable && !cfg.nvidiaGpu && options?hardware.amdgpu.loadInInitrd) {
|
} // (lib.optionalAttrs (cfg.enable && !(cfg.nvidiaGpu)) {
|
||||||
# disable early KMS so GPU can be properly unbound
|
# disable early KMS so GPU can be properly unbound
|
||||||
# can't use mkif because the option may not even exist
|
# can't use mkif because the option may not even exist
|
||||||
amdgpu.loadInInitrd = false;
|
amdgpu.loadInInitrd = false;
|
||||||
};
|
});
|
||||||
# needed for virt-manager
|
# needed for virt-manager
|
||||||
programs.dconf.enable = true;
|
programs.dconf.enable = true;
|
||||||
virtualisation.libvirtd = {
|
virtualisation.libvirtd = {
|
||||||
|
|
Loading…
Reference in a new issue