meta: Format tree
This commit is contained in:
parent
1435241e0c
commit
157210cefb
60 changed files with 877 additions and 775 deletions
|
@ -149,7 +149,6 @@
|
|||
};
|
||||
|
||||
hydraJobs = {
|
||||
|
||||
build = {
|
||||
marvin = self.nixosConfigurations.marvin.config.system.build.toplevel;
|
||||
prefect = self.nixosConfigurations.prefect.config.system.build.toplevel;
|
||||
|
|
8
home.nix
8
home.nix
|
@ -143,10 +143,10 @@
|
|||
};
|
||||
|
||||
xdg.configFile = {
|
||||
"btop/themes".source = pkgs.my-pkgs.catppuccin-btop;
|
||||
"btop/themes".recursive = true;
|
||||
"bat/themes".source = pkgs.my-pkgs.catppuccin-bat;
|
||||
"bat/themes".recursive = true;
|
||||
"btop/themes".source = pkgs.my-pkgs.catppuccin-btop;
|
||||
"btop/themes".recursive = true;
|
||||
"bat/themes".source = pkgs.my-pkgs.catppuccin-bat;
|
||||
"bat/themes".recursive = true;
|
||||
};
|
||||
|
||||
# fonts.fontconfig.enable = true;
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
{ xdg.configFile."Yubico/u2f_keys".text = ''
|
||||
thehedgehog:iC1dk7d+DYFX60wpkDlWdwNpkRLXmML7iDjxh4TRXe8OhsAb2pgKiY6tVLHeZIK3WOVA1DuWU8rWlHdma3eqJg==,NdBJTVCvOamU35ad3fJRv6A6YZQIYrojcVk9a8WYMVvTtKO+xyIeBvunlidHv4Zb0rYrOvK6u7Gb4N5x6T6FIQ==,es256,+presence:juWx2IphhNuHZHiv8nG3i2WWTyR5A+CWp5iHz2AmE7aj3b3rgj85Gl1PMpmZlvlwDgbCP+dlcP5PPzTFloB3Ow==,FEXBkP0PzZSURoIbLuGiRRHFIcSiqEz/ieNPRqRY/hqLJ4AsvGwJ1xdIX7F8qAQuMSp8m7usuBLS4u+4FGg3Ng==,es256,+presence
|
||||
'';}
|
||||
{
|
||||
xdg.configFile."Yubico/u2f_keys".text = ''
|
||||
thehedgehog:iC1dk7d+DYFX60wpkDlWdwNpkRLXmML7iDjxh4TRXe8OhsAb2pgKiY6tVLHeZIK3WOVA1DuWU8rWlHdma3eqJg==,NdBJTVCvOamU35ad3fJRv6A6YZQIYrojcVk9a8WYMVvTtKO+xyIeBvunlidHv4Zb0rYrOvK6u7Gb4N5x6T6FIQ==,es256,+presence:juWx2IphhNuHZHiv8nG3i2WWTyR5A+CWp5iHz2AmE7aj3b3rgj85Gl1PMpmZlvlwDgbCP+dlcP5PPzTFloB3Ow==,FEXBkP0PzZSURoIbLuGiRRHFIcSiqEz/ieNPRqRY/hqLJ4AsvGwJ1xdIX7F8qAQuMSp8m7usuBLS4u+4FGg3Ng==,es256,+presence
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -1,209 +1,209 @@
|
|||
{
|
||||
# color=1A1B26
|
||||
xdg.configFile."tridactyl/tridactylrc".text = ''
|
||||
" General Settings
|
||||
set update.lastchecktime 1657980206978
|
||||
set update.nag true
|
||||
set update.nagwait 7
|
||||
set update.lastnaggedversion 1.14.0
|
||||
set update.checkintervalsecs 86400
|
||||
set configversion 2.0
|
||||
set smoothscroll true
|
||||
set k scrollline -5
|
||||
set theme tokyo-night
|
||||
set newtab about:blank
|
||||
set allowautofocus false
|
||||
set allowautofocus false
|
||||
set followpagepatterns.prev Previous
|
||||
" General Settings
|
||||
set update.lastchecktime 1657980206978
|
||||
set update.nag true
|
||||
set update.nagwait 7
|
||||
set update.lastnaggedversion 1.14.0
|
||||
set update.checkintervalsecs 86400
|
||||
set configversion 2.0
|
||||
set smoothscroll true
|
||||
set k scrollline -5
|
||||
set theme tokyo-night
|
||||
set newtab about:blank
|
||||
set allowautofocus false
|
||||
set allowautofocus false
|
||||
set followpagepatterns.prev Previous
|
||||
|
||||
" Binds
|
||||
bind j scrollline 5
|
||||
bind ;x hint -F e => { const pos = tri.dom.getAbsoluteCentre(e); tri.excmds.exclaim_quiet("xdotool mousemove --sync " + window.devicePixelRatio * pos.x + " " + window.devicePixelRatio * pos.y + "; xdotool click 1")}
|
||||
bind ;X hint -F e => { const pos = tri.dom.getAbsoluteCentre(e); tri.excmds.exclaim_quiet("xdotool mousemove --sync " + window.devicePixelRatio * pos.x + " " + window.devicePixelRatio * pos.y + "; xdotool keydown ctrl+shift; xdotool click 1; xdotool keyup ctrl+shift")}
|
||||
bind <A-p> pin
|
||||
bind <A-m> mute toggle
|
||||
bind <F1> help
|
||||
bind o fillcmdline open
|
||||
bind O current_url open
|
||||
bind w fillcmdline winopen
|
||||
bind W current_url winopen
|
||||
bind t fillcmdline tabopen
|
||||
bind ]] followpage next
|
||||
bind [[ followpage prev
|
||||
bind [c urlincrement -1
|
||||
bind ]c urlincrement 1
|
||||
bind <C-x> urlincrement -1
|
||||
bind <C-a> urlincrement 1
|
||||
bind T current_url tabopen
|
||||
bind yy clipboard yank
|
||||
bind ys clipboard yankshort
|
||||
bind yc clipboard yankcanon
|
||||
bind ym clipboard yankmd
|
||||
bind yo clipboard yankorg
|
||||
bind yt clipboard yanktitle
|
||||
bind gh home
|
||||
bind gH home true
|
||||
bind p clipboard open
|
||||
bind P clipboard tabopen
|
||||
bind <C-e> scrollline 10
|
||||
bind k scrollline -5
|
||||
bind <C-y> scrollline -10
|
||||
bind h scrollpx -50
|
||||
bind l scrollpx 50
|
||||
bind G scrollto 100
|
||||
bind gg scrollto 0
|
||||
bind <C-u> scrollpage -0.5
|
||||
bind <C-d> scrollpage 0.5
|
||||
bind <C-f> scrollpage 1
|
||||
bind <C-b> scrollpage -1
|
||||
unbind <C-v>
|
||||
bind $ scrollto 100 x
|
||||
bind ^ scrollto 0 x
|
||||
bind H back
|
||||
bind L forward
|
||||
bind <C-o> jumpprev
|
||||
bind <C-i> jumpnext
|
||||
bind d tabclose
|
||||
bind D composite tabprev; tabclose #
|
||||
bind gx0 tabclosealltoleft
|
||||
bind gx$ tabclosealltoright
|
||||
bind << tabmove -1
|
||||
bind >> tabmove +1
|
||||
bind u undo
|
||||
bind U undo window
|
||||
bind r reload
|
||||
bind R reloadhard
|
||||
bind x tabclose
|
||||
bind gi focusinput -l
|
||||
bind g? rot13
|
||||
bind g! jumble
|
||||
bind g; changelistjump -1
|
||||
bind J tabprev
|
||||
bind K tabnext
|
||||
bind gt tabnext_gt
|
||||
bind gT tabprev
|
||||
bind g^ tabfirst
|
||||
bind g0 tabfirst
|
||||
bind g$ tablast
|
||||
bind ga tabaudio
|
||||
bind gr reader
|
||||
bind gu urlparent
|
||||
bind gU urlroot
|
||||
bind gf viewsource
|
||||
bind : fillcmdline_notrail
|
||||
bind s fillcmdline open search
|
||||
bind S fillcmdline tabopen search
|
||||
bind M gobble 1 quickmark
|
||||
bind B fillcmdline taball
|
||||
bind b fillcmdline tab
|
||||
bind ZZ qall
|
||||
bind f hint
|
||||
bind F hint -b
|
||||
bind gF hint -qb
|
||||
bind ;i hint -i
|
||||
bind ;b hint -b
|
||||
bind ;o hint
|
||||
bind ;I hint -I
|
||||
bind ;k hint -k
|
||||
bind ;K hint -K
|
||||
bind ;y hint -y
|
||||
bind ;Y hint -cF img i => tri.excmds.yankimage(tri.urlutils.getAbsoluteURL(i.src))
|
||||
bind ;p hint -p
|
||||
bind ;h hint -h
|
||||
bind v hint -h
|
||||
bind ;P hint -P
|
||||
bind ;r hint -r
|
||||
bind ;s hint -s
|
||||
bind ;S hint -S
|
||||
bind ;a hint -a
|
||||
bind ;A hint -A
|
||||
bind ;; hint -; *
|
||||
bind ;# hint -#
|
||||
bind ;v hint -W mpvsafe
|
||||
bind ;V hint -V
|
||||
bind ;w hint -w
|
||||
bind ;t hint -W tabopen
|
||||
bind ;O hint -W fillcmdline_notrail open
|
||||
bind ;W hint -W fillcmdline_notrail winopen
|
||||
bind ;T hint -W fillcmdline_notrail tabopen
|
||||
bind ;z hint -z
|
||||
bind ;m composite hint -Jpipe img src | open images.google.com/searchbyimage?image_url=
|
||||
bind ;M composite hint -Jpipe img src | tabopen images.google.com/searchbyimage?image_url=
|
||||
bind ;gi hint -qi
|
||||
bind ;gI hint -qI
|
||||
bind ;gk hint -qk
|
||||
bind ;gy hint -qy
|
||||
bind ;gp hint -qp
|
||||
bind ;gP hint -qP
|
||||
bind ;gr hint -qr
|
||||
bind ;gs hint -qs
|
||||
bind ;gS hint -qS
|
||||
bind ;ga hint -qa
|
||||
bind ;gA hint -qA
|
||||
bind ;g; hint -q;
|
||||
bind ;g# hint -q#
|
||||
bind ;gv hint -qW mpvsafe
|
||||
bind ;gw hint -qw
|
||||
bind ;gb hint -qb
|
||||
bind ;gF hint -qb
|
||||
bind ;gf hint -q
|
||||
bind <S-Insert> mode ignore
|
||||
bind <AC-Escape> mode ignore
|
||||
bind <AC-`> mode ignore
|
||||
bind <S-Escape> mode ignore
|
||||
bind <Escape> composite mode normal ; hidecmdline
|
||||
bind <C-[> composite mode normal ; hidecmdline
|
||||
bind a current_url bmark
|
||||
bind A bmark
|
||||
bind zi zoom 0.1 true
|
||||
bind zo zoom -0.1 true
|
||||
bind zm zoom 0.5 true
|
||||
bind zr zoom -0.5 true
|
||||
bind zM zoom 0.5 true
|
||||
bind zR zoom -0.5 true
|
||||
bind zz zoom 1
|
||||
bind zI zoom 3
|
||||
bind zO zoom 0.3
|
||||
bind . repeat
|
||||
bind <AS-ArrowUp><AS-ArrowUp><AS-ArrowDown><AS-ArrowDown><AS-ArrowLeft><AS-ArrowRight><AS-ArrowLeft><AS-ArrowRight>ba open https://www.youtube.com/watch?v=M3iOROuTuMA
|
||||
bind / fillcmdline find
|
||||
bind ? fillcmdline find -?
|
||||
bind n findnext 1
|
||||
bind N findnext -1
|
||||
unbindurl https://github.com --mode
|
||||
bindurl ^https://web.whatsapp.com f hint -c [tabindex]:not(.two)>div,a
|
||||
bindurl ^https://web.whatsapp.com F hint -bc [tabindex]:not(.two)>div,a
|
||||
unbindurl % x
|
||||
unbindurl refined-github-html-preview.kidonng.workers.dev x
|
||||
" Binds
|
||||
bind j scrollline 5
|
||||
bind ;x hint -F e => { const pos = tri.dom.getAbsoluteCentre(e); tri.excmds.exclaim_quiet("xdotool mousemove --sync " + window.devicePixelRatio * pos.x + " " + window.devicePixelRatio * pos.y + "; xdotool click 1")}
|
||||
bind ;X hint -F e => { const pos = tri.dom.getAbsoluteCentre(e); tri.excmds.exclaim_quiet("xdotool mousemove --sync " + window.devicePixelRatio * pos.x + " " + window.devicePixelRatio * pos.y + "; xdotool keydown ctrl+shift; xdotool click 1; xdotool keyup ctrl+shift")}
|
||||
bind <A-p> pin
|
||||
bind <A-m> mute toggle
|
||||
bind <F1> help
|
||||
bind o fillcmdline open
|
||||
bind O current_url open
|
||||
bind w fillcmdline winopen
|
||||
bind W current_url winopen
|
||||
bind t fillcmdline tabopen
|
||||
bind ]] followpage next
|
||||
bind [[ followpage prev
|
||||
bind [c urlincrement -1
|
||||
bind ]c urlincrement 1
|
||||
bind <C-x> urlincrement -1
|
||||
bind <C-a> urlincrement 1
|
||||
bind T current_url tabopen
|
||||
bind yy clipboard yank
|
||||
bind ys clipboard yankshort
|
||||
bind yc clipboard yankcanon
|
||||
bind ym clipboard yankmd
|
||||
bind yo clipboard yankorg
|
||||
bind yt clipboard yanktitle
|
||||
bind gh home
|
||||
bind gH home true
|
||||
bind p clipboard open
|
||||
bind P clipboard tabopen
|
||||
bind <C-e> scrollline 10
|
||||
bind k scrollline -5
|
||||
bind <C-y> scrollline -10
|
||||
bind h scrollpx -50
|
||||
bind l scrollpx 50
|
||||
bind G scrollto 100
|
||||
bind gg scrollto 0
|
||||
bind <C-u> scrollpage -0.5
|
||||
bind <C-d> scrollpage 0.5
|
||||
bind <C-f> scrollpage 1
|
||||
bind <C-b> scrollpage -1
|
||||
unbind <C-v>
|
||||
bind $ scrollto 100 x
|
||||
bind ^ scrollto 0 x
|
||||
bind H back
|
||||
bind L forward
|
||||
bind <C-o> jumpprev
|
||||
bind <C-i> jumpnext
|
||||
bind d tabclose
|
||||
bind D composite tabprev; tabclose #
|
||||
bind gx0 tabclosealltoleft
|
||||
bind gx$ tabclosealltoright
|
||||
bind << tabmove -1
|
||||
bind >> tabmove +1
|
||||
bind u undo
|
||||
bind U undo window
|
||||
bind r reload
|
||||
bind R reloadhard
|
||||
bind x tabclose
|
||||
bind gi focusinput -l
|
||||
bind g? rot13
|
||||
bind g! jumble
|
||||
bind g; changelistjump -1
|
||||
bind J tabprev
|
||||
bind K tabnext
|
||||
bind gt tabnext_gt
|
||||
bind gT tabprev
|
||||
bind g^ tabfirst
|
||||
bind g0 tabfirst
|
||||
bind g$ tablast
|
||||
bind ga tabaudio
|
||||
bind gr reader
|
||||
bind gu urlparent
|
||||
bind gU urlroot
|
||||
bind gf viewsource
|
||||
bind : fillcmdline_notrail
|
||||
bind s fillcmdline open search
|
||||
bind S fillcmdline tabopen search
|
||||
bind M gobble 1 quickmark
|
||||
bind B fillcmdline taball
|
||||
bind b fillcmdline tab
|
||||
bind ZZ qall
|
||||
bind f hint
|
||||
bind F hint -b
|
||||
bind gF hint -qb
|
||||
bind ;i hint -i
|
||||
bind ;b hint -b
|
||||
bind ;o hint
|
||||
bind ;I hint -I
|
||||
bind ;k hint -k
|
||||
bind ;K hint -K
|
||||
bind ;y hint -y
|
||||
bind ;Y hint -cF img i => tri.excmds.yankimage(tri.urlutils.getAbsoluteURL(i.src))
|
||||
bind ;p hint -p
|
||||
bind ;h hint -h
|
||||
bind v hint -h
|
||||
bind ;P hint -P
|
||||
bind ;r hint -r
|
||||
bind ;s hint -s
|
||||
bind ;S hint -S
|
||||
bind ;a hint -a
|
||||
bind ;A hint -A
|
||||
bind ;; hint -; *
|
||||
bind ;# hint -#
|
||||
bind ;v hint -W mpvsafe
|
||||
bind ;V hint -V
|
||||
bind ;w hint -w
|
||||
bind ;t hint -W tabopen
|
||||
bind ;O hint -W fillcmdline_notrail open
|
||||
bind ;W hint -W fillcmdline_notrail winopen
|
||||
bind ;T hint -W fillcmdline_notrail tabopen
|
||||
bind ;z hint -z
|
||||
bind ;m composite hint -Jpipe img src | open images.google.com/searchbyimage?image_url=
|
||||
bind ;M composite hint -Jpipe img src | tabopen images.google.com/searchbyimage?image_url=
|
||||
bind ;gi hint -qi
|
||||
bind ;gI hint -qI
|
||||
bind ;gk hint -qk
|
||||
bind ;gy hint -qy
|
||||
bind ;gp hint -qp
|
||||
bind ;gP hint -qP
|
||||
bind ;gr hint -qr
|
||||
bind ;gs hint -qs
|
||||
bind ;gS hint -qS
|
||||
bind ;ga hint -qa
|
||||
bind ;gA hint -qA
|
||||
bind ;g; hint -q;
|
||||
bind ;g# hint -q#
|
||||
bind ;gv hint -qW mpvsafe
|
||||
bind ;gw hint -qw
|
||||
bind ;gb hint -qb
|
||||
bind ;gF hint -qb
|
||||
bind ;gf hint -q
|
||||
bind <S-Insert> mode ignore
|
||||
bind <AC-Escape> mode ignore
|
||||
bind <AC-`> mode ignore
|
||||
bind <S-Escape> mode ignore
|
||||
bind <Escape> composite mode normal ; hidecmdline
|
||||
bind <C-[> composite mode normal ; hidecmdline
|
||||
bind a current_url bmark
|
||||
bind A bmark
|
||||
bind zi zoom 0.1 true
|
||||
bind zo zoom -0.1 true
|
||||
bind zm zoom 0.5 true
|
||||
bind zr zoom -0.5 true
|
||||
bind zM zoom 0.5 true
|
||||
bind zR zoom -0.5 true
|
||||
bind zz zoom 1
|
||||
bind zI zoom 3
|
||||
bind zO zoom 0.3
|
||||
bind . repeat
|
||||
bind <AS-ArrowUp><AS-ArrowUp><AS-ArrowDown><AS-ArrowDown><AS-ArrowLeft><AS-ArrowRight><AS-ArrowLeft><AS-ArrowRight>ba open https://www.youtube.com/watch?v=M3iOROuTuMA
|
||||
bind / fillcmdline find
|
||||
bind ? fillcmdline find -?
|
||||
bind n findnext 1
|
||||
bind N findnext -1
|
||||
unbindurl https://github.com --mode
|
||||
bindurl ^https://web.whatsapp.com f hint -c [tabindex]:not(.two)>div,a
|
||||
bindurl ^https://web.whatsapp.com F hint -bc [tabindex]:not(.two)>div,a
|
||||
unbindurl % x
|
||||
unbindurl refined-github-html-preview.kidonng.workers.dev x
|
||||
|
||||
" Subconfig Settings
|
||||
seturl ^https://docs.google.com/ preventautofocusjackhammer true
|
||||
seturl www.google.com followpagepatterns.next Next
|
||||
seturl https://nixos.org/manual/nixpkgs/stable/#python sourcegraph.com allowautofocus
|
||||
seturl sourcegraph.com allowautofocus true
|
||||
seturl https://docs.google.com allowautofocus true
|
||||
seturl myaccess.apsva.us allowautofocus true
|
||||
seturl webmail.migadu.com allowautofocus true
|
||||
seturl godbolt.org allowautofocus true
|
||||
seturl jsfiddle.net allowautofocus true
|
||||
" Subconfig Settings
|
||||
seturl ^https://docs.google.com/ preventautofocusjackhammer true
|
||||
seturl www.google.com followpagepatterns.next Next
|
||||
seturl https://nixos.org/manual/nixpkgs/stable/#python sourcegraph.com allowautofocus
|
||||
seturl sourcegraph.com allowautofocus true
|
||||
seturl https://docs.google.com allowautofocus true
|
||||
seturl myaccess.apsva.us allowautofocus true
|
||||
seturl webmail.migadu.com allowautofocus true
|
||||
seturl godbolt.org allowautofocus true
|
||||
seturl jsfiddle.net allowautofocus true
|
||||
|
||||
" Autocmds
|
||||
autocmd DocStart https://twitch.tv mode ignore
|
||||
autocmd DocStart twitch.tv mode ignore
|
||||
autocmd DocStart % mode ignore
|
||||
autocmd DocStart qmk.fm mode ignore
|
||||
autocmd DocStart config.qmk.fm mode ignore
|
||||
autocmd DocStart discourse.doomemacs.org mode ignore
|
||||
autocmd DocStart toptal.com mode ignore
|
||||
autocmd DocStart github.com mode ignore
|
||||
autocmd DocStart tpt-plus.glitch.me mode ignore
|
||||
autocmd DocStart ducdat0507.github.io mode ignore
|
||||
autocmd DocStart dontwordle.com mode ignore
|
||||
autocmd DocStart www.nytimes.com/games/wordle mode ignore
|
||||
autocmd DocLoad ^https://github.com/tridactyl/tridactyl/issues/new$ issue
|
||||
autocmd TriStart .* source_quiet
|
||||
" Autocmds
|
||||
autocmd DocStart https://twitch.tv mode ignore
|
||||
autocmd DocStart twitch.tv mode ignore
|
||||
autocmd DocStart % mode ignore
|
||||
autocmd DocStart qmk.fm mode ignore
|
||||
autocmd DocStart config.qmk.fm mode ignore
|
||||
autocmd DocStart discourse.doomemacs.org mode ignore
|
||||
autocmd DocStart toptal.com mode ignore
|
||||
autocmd DocStart github.com mode ignore
|
||||
autocmd DocStart tpt-plus.glitch.me mode ignore
|
||||
autocmd DocStart ducdat0507.github.io mode ignore
|
||||
autocmd DocStart dontwordle.com mode ignore
|
||||
autocmd DocStart www.nytimes.com/games/wordle mode ignore
|
||||
autocmd DocLoad ^https://github.com/tridactyl/tridactyl/issues/new$ issue
|
||||
autocmd TriStart .* source_quiet
|
||||
|
||||
" For syntax highlighting see https://github.com/tridactyl/vim-tridactyl
|
||||
" vim: set filetype=tridactyl
|
||||
" For syntax highlighting see https://github.com/tridactyl/vim-tridactyl
|
||||
" vim: set filetype=tridactyl
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, ... }:
|
||||
{pkgs, ...}:
|
||||
with pkgs; {
|
||||
programs.git = {
|
||||
enable = true;
|
||||
|
@ -62,7 +62,7 @@ with pkgs; {
|
|||
settings = {
|
||||
gui.showIcons = true;
|
||||
gui.showRandomTip = false;
|
||||
gui.theme.selectedLineBgColor = [ "default" ];
|
||||
gui.theme.selectedLineBgColor = ["default"];
|
||||
git.paging = {
|
||||
pager = "delta --dark --paging=never";
|
||||
colorArg = "always";
|
||||
|
|
|
@ -30,12 +30,12 @@
|
|||
pkgs.taplo-lsp
|
||||
pkgs.ueberzug
|
||||
];
|
||||
# extraConfig = ''
|
||||
# luafile ~/.config/nvim/init.generated.lua
|
||||
# colorscheme tokyonight
|
||||
# let g:python3_host_prog='${pkgs.python3Full}/bin/python'
|
||||
# let mapleader=' '
|
||||
# '';
|
||||
# extraConfig = ''
|
||||
# luafile ~/.config/nvim/init.generated.lua
|
||||
# colorscheme tokyonight
|
||||
# let g:python3_host_prog='${pkgs.python3Full}/bin/python'
|
||||
# let mapleader=' '
|
||||
# '';
|
||||
};
|
||||
xdg.configFile."nvim" = {
|
||||
source = ./config;
|
||||
|
|
|
@ -62,31 +62,31 @@ in {
|
|||
vim-tmux
|
||||
which-key-nvim
|
||||
nvim-treesitter
|
||||
# (nvim-treesitter.withPlugins (plugins:
|
||||
# with plugins; [
|
||||
# tree-sitter-bash
|
||||
# tree-sitter-comment
|
||||
# tree-sitter-commonlisp
|
||||
# tree-sitter-css
|
||||
# tree-sitter-elisp
|
||||
# tree-sitter-fennel
|
||||
# tree-sitter-fish
|
||||
# tree-sitter-html
|
||||
# tree-sitter-http
|
||||
# tree-sitter-javascript
|
||||
# tree-sitter-jsdoc
|
||||
# tree-sitter-json
|
||||
# tree-sitter-json5
|
||||
# tree-sitter-lua
|
||||
# tree-sitter-markdown
|
||||
# tree-sitter-nix
|
||||
# tree-sitter-norg
|
||||
# tree-sitter-org-nvim
|
||||
# tree-sitter-python
|
||||
# tree-sitter-regex
|
||||
# tree-sitter-rust
|
||||
# tree-sitter-toml
|
||||
# tree-sitter-vim
|
||||
# ]))
|
||||
# (nvim-treesitter.withPlugins (plugins:
|
||||
# with plugins; [
|
||||
# tree-sitter-bash
|
||||
# tree-sitter-comment
|
||||
# tree-sitter-commonlisp
|
||||
# tree-sitter-css
|
||||
# tree-sitter-elisp
|
||||
# tree-sitter-fennel
|
||||
# tree-sitter-fish
|
||||
# tree-sitter-html
|
||||
# tree-sitter-http
|
||||
# tree-sitter-javascript
|
||||
# tree-sitter-jsdoc
|
||||
# tree-sitter-json
|
||||
# tree-sitter-json5
|
||||
# tree-sitter-lua
|
||||
# tree-sitter-markdown
|
||||
# tree-sitter-nix
|
||||
# tree-sitter-norg
|
||||
# tree-sitter-org-nvim
|
||||
# tree-sitter-python
|
||||
# tree-sitter-regex
|
||||
# tree-sitter-rust
|
||||
# tree-sitter-toml
|
||||
# tree-sitter-vim
|
||||
# ]))
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
{ xdg.configFile."wezterm" = {
|
||||
source = ./config;
|
||||
recursive = true;
|
||||
};}
|
||||
{
|
||||
xdg.configFile."wezterm" = {
|
||||
source = ./config;
|
||||
recursive = true;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,39 +1,46 @@
|
|||
{ pkgs, lib, config, ...}: let
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
mod = config.wayland.windowManager.sway.config.modifier;
|
||||
homeDir = config.home.homeDirectory;
|
||||
menu = config.wayland.windowManager.sway.config.menu;
|
||||
term = config.wayland.windowManager.sway.config.terminal;
|
||||
in { wayland.windowManager.sway.config.keybindings = lib.mkOptionDefault {
|
||||
"${mod}+d" = "${menu}";
|
||||
"${mod}+Shift+F" = "exec MOZ_DISABLE_RDD_SANDBOX=1 firefox";
|
||||
"${mod}+Return" = "exec ${term}";
|
||||
"${mod}+x" = "exec wlogout";
|
||||
"XF86MonBrightnessDown" = "exec brightnessctl set 5%-";
|
||||
"XF86MonBrightnessUp" = "exec brightnessctl set +5%";
|
||||
"XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
||||
"XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
|
||||
"XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||
"XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||
"XF86AudioPlay" = "exec playerctl play-pause";
|
||||
"XF86AudioNext" = "exec playerctl next";
|
||||
"XF86AudioPrev" = "exec playerctl previous";
|
||||
"Ctrl+F3" = "exec grimshot save screen";
|
||||
"Ctrl+F4" = "exec grimshot save area";
|
||||
"Ctrl+F5" = "exec grimshot save active";
|
||||
"Ctrl+F6" = "exec grimshot save window";
|
||||
"Shift+F3" = "exec grimshot copy screen";
|
||||
"Shift+F4" = "exec grimshot copy area";
|
||||
"Shift+F5" = "exec grimshot copy active";
|
||||
"Shift+F6" = "exec grimshot copy window";
|
||||
"${mod}+Shift+1" = "move container to workspace number 1";
|
||||
"${mod}+Shift+2" = "move container to workspace number 2";
|
||||
"${mod}+Shift+3" = "move container to workspace number 3";
|
||||
"${mod}+Shift+4" = "move container to workspace number 4";
|
||||
"${mod}+Shift+5" = "move container to workspace number 5";
|
||||
"${mod}+Shift+6" = "move container to workspace number 6";
|
||||
"${mod}+Shift+7" = "move container to workspace number 7";
|
||||
"${mod}+Shift+8" = "move container to workspace number 8";
|
||||
"${mod}+Shift+9" = "move container to workspace number 9";
|
||||
"${mod}+Shift+0" = "move container to workspace number 10";
|
||||
"${mod}+0" = "workspace number 10";
|
||||
};}
|
||||
in {
|
||||
wayland.windowManager.sway.config.keybindings = lib.mkOptionDefault {
|
||||
"${mod}+d" = "${menu}";
|
||||
"${mod}+Shift+F" = "exec MOZ_DISABLE_RDD_SANDBOX=1 firefox";
|
||||
"${mod}+Return" = "exec ${term}";
|
||||
"${mod}+x" = "exec wlogout";
|
||||
"XF86MonBrightnessDown" = "exec brightnessctl set 5%-";
|
||||
"XF86MonBrightnessUp" = "exec brightnessctl set +5%";
|
||||
"XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
||||
"XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
|
||||
"XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||
"XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||
"XF86AudioPlay" = "exec playerctl play-pause";
|
||||
"XF86AudioNext" = "exec playerctl next";
|
||||
"XF86AudioPrev" = "exec playerctl previous";
|
||||
"Ctrl+F3" = "exec grimshot save screen";
|
||||
"Ctrl+F4" = "exec grimshot save area";
|
||||
"Ctrl+F5" = "exec grimshot save active";
|
||||
"Ctrl+F6" = "exec grimshot save window";
|
||||
"Shift+F3" = "exec grimshot copy screen";
|
||||
"Shift+F4" = "exec grimshot copy area";
|
||||
"Shift+F5" = "exec grimshot copy active";
|
||||
"Shift+F6" = "exec grimshot copy window";
|
||||
"${mod}+Shift+1" = "move container to workspace number 1";
|
||||
"${mod}+Shift+2" = "move container to workspace number 2";
|
||||
"${mod}+Shift+3" = "move container to workspace number 3";
|
||||
"${mod}+Shift+4" = "move container to workspace number 4";
|
||||
"${mod}+Shift+5" = "move container to workspace number 5";
|
||||
"${mod}+Shift+6" = "move container to workspace number 6";
|
||||
"${mod}+Shift+7" = "move container to workspace number 7";
|
||||
"${mod}+Shift+8" = "move container to workspace number 8";
|
||||
"${mod}+Shift+9" = "move container to workspace number 9";
|
||||
"${mod}+Shift+0" = "move container to workspace number 10";
|
||||
"${mod}+0" = "workspace number 10";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
term = config.wayland.windowManager.sway.config.terminal;
|
||||
homeDir = config.home.homeDirectory;
|
||||
in {
|
||||
imports = [ ./keybindings.nix ];
|
||||
imports = [./keybindings.nix];
|
||||
wayland.windowManager.sway = {
|
||||
enable = true;
|
||||
systemdIntegration = true;
|
||||
|
|
|
@ -1,19 +1,21 @@
|
|||
{ networking = {
|
||||
nameservers = [
|
||||
"45.11.45.11"
|
||||
"100.64.0.3"
|
||||
"fd42:d42:d42:53::1"
|
||||
"fd42:d42:d42:54::1"
|
||||
"172.23.0.53"
|
||||
"172.20.0.53"
|
||||
];
|
||||
timeServers = [
|
||||
"0.pool.ntp.org"
|
||||
"1.pool.ntp.org"
|
||||
"2.pool.ntp.org"
|
||||
"3.pool.ntp.org"
|
||||
];
|
||||
resolvconf.extraConfig = ''
|
||||
name_servers="100.64.0.3 45.11.45.11 fd42:d42:d42:53::1 fd42:d42:d42:54::1 172.23.0.53 172.20.0.53"
|
||||
'';
|
||||
};}
|
||||
{
|
||||
networking = {
|
||||
nameservers = [
|
||||
"45.11.45.11"
|
||||
"100.64.0.3"
|
||||
"fd42:d42:d42:53::1"
|
||||
"fd42:d42:d42:54::1"
|
||||
"172.23.0.53"
|
||||
"172.20.0.53"
|
||||
];
|
||||
timeServers = [
|
||||
"0.pool.ntp.org"
|
||||
"1.pool.ntp.org"
|
||||
"2.pool.ntp.org"
|
||||
"3.pool.ntp.org"
|
||||
];
|
||||
resolvconf.extraConfig = ''
|
||||
name_servers="100.64.0.3 45.11.45.11 fd42:d42:d42:53::1 fd42:d42:d42:54::1 172.23.0.53 172.20.0.53"
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
{ imports = [
|
||||
./ssh.nix
|
||||
];}
|
||||
{
|
||||
imports = [
|
||||
./ssh.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
{ imports = [
|
||||
./ntp.nix
|
||||
];}
|
||||
{
|
||||
imports = [
|
||||
./ntp.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,11 +1,13 @@
|
|||
{ imports = [
|
||||
./common/networking.nix
|
||||
./common/nixConfig.nix
|
||||
./common/nixpkgsConfig.nix
|
||||
./common/packages.nix
|
||||
./common/programs
|
||||
./common/root.nix
|
||||
./common/services
|
||||
./common/ssh.nix
|
||||
./common/users.nix
|
||||
];}
|
||||
{
|
||||
imports = [
|
||||
./common/networking.nix
|
||||
./common/nixConfig.nix
|
||||
./common/nixpkgsConfig.nix
|
||||
./common/packages.nix
|
||||
./common/programs
|
||||
./common/root.nix
|
||||
./common/services
|
||||
./common/ssh.nix
|
||||
./common/users.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{
|
||||
networking.firewall.allowedTCPPorts = [80 443 6912];
|
||||
networking.firewall.trustedInterfaces = [ "tailscale0" ];
|
||||
networking.firewall.trustedInterfaces = ["tailscale0"];
|
||||
}
|
||||
|
|
|
@ -4,8 +4,8 @@ let
|
|||
yubi-main = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBBsOIMMZVmleClXfqUMrnmyh8PFuyiJqHKEZ51Xy746";
|
||||
backup = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyTiGctsHaTUlRJn2XQ/745dD0UWGWO8W0en8J5rf7BLI8lL/hPUmbNt45vC5754LXcBjnp1t/1FNgiGhvNZIWJpC+elBmhyMhg8z1exRZPD+as7XaH7scnij2vSbSphQFUqH433ggAGe77x5bc7wKFp9n7vj8G1u0JJxMEe1M7kNFY0+ShNtaHna3LxiQOVcW7qVlNKZP8Ol1V7kZLblRADCJMTYOXDIbktA8bbGRfGhbNjJGkL665qz36haYwb2i6A4sC7Y583N8ro8hIDG/ByJqwbl/Sz4rSxkT6G4+OdBvS6sa7TovNXHjmQCculMIltdog7UhgyBsim1sTzxAen3YyFRi1Cz/kLM0oH39m/W4IoMvJcNZCJ3ItLgy+lEVMd87jVOqfuq/hyjHVI0wJtU2Si2HTxv7aKL8gPzqXwbNH+nhkhlQ0ZH8zKVBunOgLDgsmGIky5X/T3bpWZpIoFkOR7AYrId/5dOeGM3pHhHb6woZ3SRubZ43Ah/VdJM=";
|
||||
marvin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP60B1IOdfJRrDcCKajMV8YJNC01gSsccZi3DKHlS6YJ";
|
||||
me = [ yubi-main yubi-back backup ssh-new ];
|
||||
default = [ marvin yubi-back ssh-new ];
|
||||
me = [yubi-main yubi-back backup ssh-new];
|
||||
default = [marvin yubi-back ssh-new];
|
||||
in {
|
||||
"authentik-env.age".publicKeys = default;
|
||||
"external-wg-priv-key.age".publicKeys = default;
|
||||
|
|
|
@ -13,11 +13,11 @@
|
|||
POSTGRES_USER = "authentik";
|
||||
POSTGRES_DB = "authentik";
|
||||
};
|
||||
extraOptions = [ "--network=authentik" ];
|
||||
extraOptions = ["--network=authentik"];
|
||||
};
|
||||
authentik-redis = {
|
||||
image = "redis:alpine";
|
||||
extraOptions = [ "--network=authentik" ];
|
||||
extraOptions = ["--network=authentik"];
|
||||
};
|
||||
authentik-server = {
|
||||
image = "ghcr.io/goauthentik/server:${authentikVersion}";
|
||||
|
@ -39,7 +39,7 @@
|
|||
"/var/lib/authentik/media:/media"
|
||||
"/var/lib/authentik/templates:/templates"
|
||||
];
|
||||
extraOptions = [ "--network=authentik" ];
|
||||
extraOptions = ["--network=authentik"];
|
||||
};
|
||||
authentik-worker = {
|
||||
image = "ghcr.io/goauthentik/server:${authentikVersion}";
|
||||
|
@ -58,7 +58,7 @@
|
|||
"/var/lib/authentik/templates:/templates"
|
||||
"/var/lib/authentik/certs:/certs"
|
||||
];
|
||||
extraOptions = [ "--network=authentik" ];
|
||||
extraOptions = ["--network=authentik"];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,15 +1,17 @@
|
|||
{ virtualisation.oci-containers.containers.deemix = {
|
||||
image = "registry.gitlab.com/bockiii/deemix-docker";
|
||||
volumes = [
|
||||
"/var/lib/deemix:/config"
|
||||
"/var/lib/music:/downloads"
|
||||
];
|
||||
ports = [ "6907:6595" ];
|
||||
environment = {
|
||||
PUID = "1000";
|
||||
PGID = "1000";
|
||||
UMASK_SET = "022";
|
||||
DEEMIX_SINGLE_USER = "true";
|
||||
DISABLE_OWNERSHIP_CHECK = "true";
|
||||
{
|
||||
virtualisation.oci-containers.containers.deemix = {
|
||||
image = "registry.gitlab.com/bockiii/deemix-docker";
|
||||
volumes = [
|
||||
"/var/lib/deemix:/config"
|
||||
"/var/lib/music:/downloads"
|
||||
];
|
||||
ports = ["6907:6595"];
|
||||
environment = {
|
||||
PUID = "1000";
|
||||
PGID = "1000";
|
||||
UMASK_SET = "022";
|
||||
DEEMIX_SINGLE_USER = "true";
|
||||
DISABLE_OWNERSHIP_CHECK = "true";
|
||||
};
|
||||
};
|
||||
};}
|
||||
}
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
{lib, pkgs, ...}: {
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
services.dendrite = {
|
||||
enable = true;
|
||||
httpPort = 6921;
|
||||
|
|
|
@ -17,11 +17,10 @@
|
|||
}
|
||||
'';
|
||||
in {
|
||||
|
||||
systemd.services.go-jamming = {
|
||||
after = [ "network.target" ];
|
||||
after = ["network.target"];
|
||||
description = "Go-Jamming Webmentions Server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = ["multi-user.target"];
|
||||
serviceConfig = {
|
||||
User = "go-jamming";
|
||||
Group = "go-jamming";
|
||||
|
|
|
@ -1,35 +1,36 @@
|
|||
{config, ...}: { services.grafana = {
|
||||
enable = true;
|
||||
domain = "stats.thehedgehog.me";
|
||||
port = 6914;
|
||||
addr = "0.0.0.0";
|
||||
rootUrl = "https://stats.thehedgehog.me";
|
||||
auth.google.enable = false;
|
||||
auth.azuread.enable = false;
|
||||
auth.disableLoginForm = true;
|
||||
security = {
|
||||
adminUser = "thehedgeh0g";
|
||||
adminPasswordFile = config.age.secrets.grafana-admin.path;
|
||||
};
|
||||
smtp = {
|
||||
{config, ...}: {
|
||||
services.grafana = {
|
||||
enable = true;
|
||||
user = "grafana@thehedgehog.me";
|
||||
fromAddress = "grafana@thehedgehog.me";
|
||||
host = "smtp.migadu.com:465";
|
||||
passwordFile = config.age.secrets.grafana-smtp-password.path;
|
||||
domain = "stats.thehedgehog.me";
|
||||
port = 6914;
|
||||
addr = "0.0.0.0";
|
||||
rootUrl = "https://stats.thehedgehog.me";
|
||||
auth.google.enable = false;
|
||||
auth.azuread.enable = false;
|
||||
auth.disableLoginForm = true;
|
||||
security = {
|
||||
adminUser = "thehedgeh0g";
|
||||
adminPasswordFile = config.age.secrets.grafana-admin.path;
|
||||
};
|
||||
smtp = {
|
||||
enable = true;
|
||||
user = "grafana@thehedgehog.me";
|
||||
fromAddress = "grafana@thehedgehog.me";
|
||||
host = "smtp.migadu.com:465";
|
||||
passwordFile = config.age.secrets.grafana-smtp-password.path;
|
||||
};
|
||||
analytics.reporting.enable = false;
|
||||
extraOptions = {
|
||||
AUTH_GENERIC_OAUTH_NAME = "auth";
|
||||
AUTH_GENERIC_OAUTH_ICON = "signin";
|
||||
AUTH_GENERIC_OAUTH_ENABLED = "true";
|
||||
AUTH_GENERIC_OAUTH_CLIENT_ID = "89f4607cf446a777a6b25ebde8731cdcb80b04c1";
|
||||
AUTH_GENERIC_OAUTH_CLIENT_SECRET = "89eccaa8a31104c218df5cfe37c87f0ea0bbddcd1571bddb7f7fbf5a09045efd59c61f1caaa79483ad59aac2c19488b254acdaced47e66a6505865a14a63ac4a";
|
||||
AUTH_GENERIC_OAUTH_AUTH_URL = "https://auth.thehedgehog.me/application/o/authorize/";
|
||||
AUTH_GENERIC_OAUTH_TOKEN_URL = "https://auth.thehedgehog.me/application/o/token/";
|
||||
AUTH_GENERIC_OAUTH_API_URL = "https://auth.thehedgehog.me/application/o/userinfo/";
|
||||
AUTH_SIGNOUT_REDIRECT_URL = "https://auth.thehedgehog.me/if/session-end/stathog/";
|
||||
AUTH_GENERIC_OAUTH_SCOPES = "openid profile email";
|
||||
};
|
||||
};
|
||||
analytics.reporting.enable = false;
|
||||
extraOptions = {
|
||||
AUTH_GENERIC_OAUTH_NAME = "auth";
|
||||
AUTH_GENERIC_OAUTH_ICON = "signin";
|
||||
AUTH_GENERIC_OAUTH_ENABLED = "true";
|
||||
AUTH_GENERIC_OAUTH_CLIENT_ID = "89f4607cf446a777a6b25ebde8731cdcb80b04c1";
|
||||
AUTH_GENERIC_OAUTH_CLIENT_SECRET = "89eccaa8a31104c218df5cfe37c87f0ea0bbddcd1571bddb7f7fbf5a09045efd59c61f1caaa79483ad59aac2c19488b254acdaced47e66a6505865a14a63ac4a";
|
||||
AUTH_GENERIC_OAUTH_AUTH_URL = "https://auth.thehedgehog.me/application/o/authorize/";
|
||||
AUTH_GENERIC_OAUTH_TOKEN_URL = "https://auth.thehedgehog.me/application/o/token/";
|
||||
AUTH_GENERIC_OAUTH_API_URL = "https://auth.thehedgehog.me/application/o/userinfo/";
|
||||
AUTH_SIGNOUT_REDIRECT_URL = "https://auth.thehedgehog.me/if/session-end/stathog/";
|
||||
AUTH_GENERIC_OAUTH_SCOPES = "openid profile email";
|
||||
};
|
||||
};}
|
||||
|
||||
}
|
||||
|
|
|
@ -2,5 +2,5 @@
|
|||
services.jellyfin = {
|
||||
enable = true;
|
||||
};
|
||||
networking.firewall.allowedUDPPorts = [ 1900 7359 ];
|
||||
networking.firewall.allowedUDPPorts = [1900 7359];
|
||||
}
|
||||
|
|
|
@ -1,12 +1,14 @@
|
|||
{inputs, ...}: let
|
||||
dns = inputs.dns.lib;
|
||||
in { services.nsd = {
|
||||
enable = false;
|
||||
zones = {
|
||||
"hog" = {
|
||||
# Don't enable DNSSEC with my internal zone. 1 less thing to break
|
||||
dnssec = false;
|
||||
data = dns.toString "hog" (import ./hog.nix { inherit dns; });
|
||||
in {
|
||||
services.nsd = {
|
||||
enable = false;
|
||||
zones = {
|
||||
"hog" = {
|
||||
# Don't enable DNSSEC with my internal zone. 1 less thing to break
|
||||
dnssec = false;
|
||||
data = dns.toString "hog" (import ./hog.nix {inherit dns;});
|
||||
};
|
||||
};
|
||||
};
|
||||
};}
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ dns, ... }: with dns.combinators; {
|
||||
{dns, ...}:
|
||||
with dns.combinators; {
|
||||
SOA = {
|
||||
nameServer = "ns1";
|
||||
adminEmail = "me@thehedgehog.me";
|
||||
|
@ -10,8 +11,8 @@
|
|||
"ns2.hog"
|
||||
];
|
||||
|
||||
A = [ "100.64.0.3" ];
|
||||
AAAA = [ "4349:3909:beef::3" ];
|
||||
A = ["100.64.0.3"];
|
||||
AAAA = ["4349:3909:beef::3"];
|
||||
|
||||
subdomains = rec {
|
||||
# Default settings are for marvin's IPs
|
||||
|
|
|
@ -1,40 +1,42 @@
|
|||
{ virtualisation.oci-containers.containers = {
|
||||
tubearchivist-server = {
|
||||
image = "bbilly1/tubearchivist:latest";
|
||||
ports = [ "6912:8000" ];
|
||||
extraOptions = [ "--network=archivist" ];
|
||||
volumes = [
|
||||
"/var/lib/archivist/media:/youtube"
|
||||
"/var/lib/archivist/cache:/cache"
|
||||
];
|
||||
environment = {
|
||||
ES_URL = "http://tubearchivist-elastic:9200";
|
||||
REDIS_HOST = "tubearchivist-redis";
|
||||
TA_HOST = "tube.thehedgehog.me";
|
||||
TA_USERNAME = "thehedgeh0g";
|
||||
TA_PASSWORD = "insecurepassw0rd";
|
||||
ELASTIC_PASSWORD = "tub3arch1vist";
|
||||
TZ = "America/New_York";
|
||||
{
|
||||
virtualisation.oci-containers.containers = {
|
||||
tubearchivist-server = {
|
||||
image = "bbilly1/tubearchivist:latest";
|
||||
ports = ["6912:8000"];
|
||||
extraOptions = ["--network=archivist"];
|
||||
volumes = [
|
||||
"/var/lib/archivist/media:/youtube"
|
||||
"/var/lib/archivist/cache:/cache"
|
||||
];
|
||||
environment = {
|
||||
ES_URL = "http://tubearchivist-elastic:9200";
|
||||
REDIS_HOST = "tubearchivist-redis";
|
||||
TA_HOST = "tube.thehedgehog.me";
|
||||
TA_USERNAME = "thehedgeh0g";
|
||||
TA_PASSWORD = "insecurepassw0rd";
|
||||
ELASTIC_PASSWORD = "tub3arch1vist";
|
||||
TZ = "America/New_York";
|
||||
};
|
||||
dependsOn = ["tubearchivist-elastic" "tubearchivist-redis"];
|
||||
};
|
||||
dependsOn = [ "tubearchivist-elastic" "tubearchivist-redis" ];
|
||||
};
|
||||
tubearchivist-redis = {
|
||||
image = "redislabs/rejson:latest";
|
||||
dependsOn = [ "tubearchivist-elastic" ];
|
||||
volumes = [ "/var/lib/archivist/redis-data:/data" ];
|
||||
extraOptions = [ "--network=archivist" ];
|
||||
};
|
||||
tubearchivist-elastic = {
|
||||
image = "bbilly1/tubearchivist-es:latest";
|
||||
extraOptions = [ "--network=archivist" ];
|
||||
environment = {
|
||||
"xpack.security.enabled" = "true";
|
||||
ELASTIC_PASSWORD = "tub3arch1vist";
|
||||
"discovery.type" = "single-node";
|
||||
ES_JAVA_OPTS = "-Xms512m -Xmx512m";
|
||||
tubearchivist-redis = {
|
||||
image = "redislabs/rejson:latest";
|
||||
dependsOn = ["tubearchivist-elastic"];
|
||||
volumes = ["/var/lib/archivist/redis-data:/data"];
|
||||
extraOptions = ["--network=archivist"];
|
||||
};
|
||||
tubearchivist-elastic = {
|
||||
image = "bbilly1/tubearchivist-es:latest";
|
||||
extraOptions = ["--network=archivist"];
|
||||
environment = {
|
||||
"xpack.security.enabled" = "true";
|
||||
ELASTIC_PASSWORD = "tub3arch1vist";
|
||||
"discovery.type" = "single-node";
|
||||
ES_JAVA_OPTS = "-Xms512m -Xmx512m";
|
||||
};
|
||||
volumes = [
|
||||
"/var/lib/archivist/es-data:/usr/share/elasticsearch/data"
|
||||
];
|
||||
};
|
||||
volumes = [
|
||||
"/var/lib/archivist/es-data:/usr/share/elasticsearch/data"
|
||||
];
|
||||
};
|
||||
};}
|
||||
}
|
||||
|
|
|
@ -1,9 +1,11 @@
|
|||
{ virtualisation.oci-containers.containers.ytdl = {
|
||||
image = "alexta69/metube";
|
||||
ports = [ "6906:8081" ];
|
||||
volumes = [ "/var/lib/music:/downloads" ];
|
||||
environment = {
|
||||
UID = "996";
|
||||
GID = "996";
|
||||
{
|
||||
virtualisation.oci-containers.containers.ytdl = {
|
||||
image = "alexta69/metube";
|
||||
ports = ["6906:8081"];
|
||||
volumes = ["/var/lib/music:/downloads"];
|
||||
environment = {
|
||||
UID = "996";
|
||||
GID = "996";
|
||||
};
|
||||
};
|
||||
};}
|
||||
}
|
||||
|
|
|
@ -50,7 +50,7 @@ in {
|
|||
frontend = {
|
||||
enable = true;
|
||||
whois = "whois.burble.dn42";
|
||||
protocolFilter = [ "bgp" "ospf" "static" ];
|
||||
protocolFilter = ["bgp" "ospf" "static"];
|
||||
servers = ["dn42"];
|
||||
netSpecificMode = "dn42";
|
||||
domain = "thehedgehog.me";
|
||||
|
@ -68,8 +68,16 @@ in {
|
|||
+ lib.concatStrings (builtins.map
|
||||
(x: "
|
||||
protocol bgp ${x.name} from dnpeers {
|
||||
${ if x.multihop then "multihop;" else "" }
|
||||
${ if x.gracefulRestart then "graceful restart on;" else "" }
|
||||
${
|
||||
if x.multihop
|
||||
then "multihop;"
|
||||
else ""
|
||||
}
|
||||
${
|
||||
if x.gracefulRestart
|
||||
then "graceful restart on;"
|
||||
else ""
|
||||
}
|
||||
neighbor ${x.neigh} as ${x.as};
|
||||
${
|
||||
if x.multi || x.v4
|
||||
|
|
|
@ -27,12 +27,16 @@ in {
|
|||
];
|
||||
postSetup =
|
||||
''
|
||||
${ if peerIPv4 != "" then
|
||||
"${pkgs.iproute2}/bin/ip addr add ${localIPv4} peer ${peerIPv4} dev ${name}"
|
||||
else "" }
|
||||
${ if peerIPv6 != "" then
|
||||
"${pkgs.iproute2}/bin/ip -6 addr add ${localIPv6} peer ${peerIPv6} dev ${name}"
|
||||
else "" }
|
||||
${
|
||||
if peerIPv4 != ""
|
||||
then "${pkgs.iproute2}/bin/ip addr add ${localIPv4} peer ${peerIPv4} dev ${name}"
|
||||
else ""
|
||||
}
|
||||
${
|
||||
if peerIPv6 != ""
|
||||
then "${pkgs.iproute2}/bin/ip -6 addr add ${localIPv6} peer ${peerIPv6} dev ${name}"
|
||||
else ""
|
||||
}
|
||||
''
|
||||
+ lib.optionalString isOspf "${pkgs.iproute2}/bin/ip -6 addr add ${defaultLocalIPv6} dev ${name}";
|
||||
};
|
||||
|
|
|
@ -1,43 +1,43 @@
|
|||
{
|
||||
networking.firewall.enable = true;
|
||||
networking.firewall.allowedTCPPorts = [ 8000 ];
|
||||
networking.firewall.allowedTCPPorts = [8000];
|
||||
services.ferm = {
|
||||
enable = true;
|
||||
config = ''
|
||||
domain ip table filter chain INPUT proto icmp ACCEPT;
|
||||
domain ip6 table filter chain INPUT proto (ipv6-icmp icmp) ACCEPT;
|
||||
domain (ip ip6) table filter {
|
||||
chain INPUT {
|
||||
policy DROP;
|
||||
interface lo ACCEPT;
|
||||
interface tailscale0 ACCEPT;
|
||||
interface wg42_+ ACCEPT;
|
||||
interface wg0 ACCEPT;
|
||||
proto tcp dport (22 53 80 443 6900 8000 http https ) ACCEPT;
|
||||
proto udp dport (22 53 480:510 6900 8000 ) ACCEPT;
|
||||
proto tcp dport (179) ACCEPT;
|
||||
# dns
|
||||
proto (udp tcp) dport domain ACCEPT;
|
||||
mod state state (INVALID) DROP;
|
||||
mod state state (ESTABLISHED RELATED) ACCEPT;
|
||||
}
|
||||
chain OUTPUT {
|
||||
policy ACCEPT;
|
||||
}
|
||||
chain FORWARD {
|
||||
policy DROP;
|
||||
# allow intern routing and dn42 forwarding
|
||||
interface wg42_+ outerface wg42_+ ACCEPT;
|
||||
interface tailscale0 outerface tailscale0 ACCEPT;
|
||||
interface tailscale0 outerface wg42_+ ACCEPT;
|
||||
# but dn42 -> intern only with execptions
|
||||
interface wg42_+ outerface tailscale0 {
|
||||
proto (ipv6-icmp icmp) ACCEPT; # Allow SSH Access from dn42 to devices behind tailscale0 Interfaces
|
||||
proto tcp dport (ssh) ACCEPT;
|
||||
mod state state (ESTABLISHED) ACCEPT;
|
||||
}
|
||||
domain ip table filter chain INPUT proto icmp ACCEPT;
|
||||
domain ip6 table filter chain INPUT proto (ipv6-icmp icmp) ACCEPT;
|
||||
domain (ip ip6) table filter {
|
||||
chain INPUT {
|
||||
policy DROP;
|
||||
interface lo ACCEPT;
|
||||
interface tailscale0 ACCEPT;
|
||||
interface wg42_+ ACCEPT;
|
||||
interface wg0 ACCEPT;
|
||||
proto tcp dport (22 53 80 443 6900 8000 http https ) ACCEPT;
|
||||
proto udp dport (22 53 480:510 6900 8000 ) ACCEPT;
|
||||
proto tcp dport (179) ACCEPT;
|
||||
# dns
|
||||
proto (udp tcp) dport domain ACCEPT;
|
||||
mod state state (INVALID) DROP;
|
||||
mod state state (ESTABLISHED RELATED) ACCEPT;
|
||||
}
|
||||
chain OUTPUT {
|
||||
policy ACCEPT;
|
||||
}
|
||||
chain FORWARD {
|
||||
policy DROP;
|
||||
# allow intern routing and dn42 forwarding
|
||||
interface wg42_+ outerface wg42_+ ACCEPT;
|
||||
interface tailscale0 outerface tailscale0 ACCEPT;
|
||||
interface tailscale0 outerface wg42_+ ACCEPT;
|
||||
# but dn42 -> intern only with execptions
|
||||
interface wg42_+ outerface tailscale0 {
|
||||
proto (ipv6-icmp icmp) ACCEPT; # Allow SSH Access from dn42 to devices behind tailscale0 Interfaces
|
||||
proto tcp dport (ssh) ACCEPT;
|
||||
mod state state (ESTABLISHED) ACCEPT;
|
||||
}
|
||||
}
|
||||
}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
{lib, pkgs, ...}: {
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
networking = {
|
||||
hostName = "prefect";
|
||||
nameservers = lib.mkForce [
|
||||
|
|
|
@ -4,6 +4,6 @@ let
|
|||
backup = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyTiGctsHaTUlRJn2XQ/745dD0UWGWO8W0en8J5rf7BLI8lL/hPUmbNt45vC5754LXcBjnp1t/1FNgiGhvNZIWJpC+elBmhyMhg8z1exRZPD+as7XaH7scnij2vSbSphQFUqH433ggAGe77x5bc7wKFp9n7vj8G1u0JJxMEe1M7kNFY0+ShNtaHna3LxiQOVcW7qVlNKZP8Ol1V7kZLblRADCJMTYOXDIbktA8bbGRfGhbNjJGkL665qz36haYwb2i6A4sC7Y583N8ro8hIDG/ByJqwbl/Sz4rSxkT6G4+OdBvS6sa7TovNXHjmQCculMIltdog7UhgyBsim1sTzxAen3YyFRi1Cz/kLM0oH39m/W4IoMvJcNZCJ3ItLgy+lEVMd87jVOqfuq/hyjHVI0wJtU2Si2HTxv7aKL8gPzqXwbNH+nhkhlQ0ZH8zKVBunOgLDgsmGIky5X/T3bpWZpIoFkOR7AYrId/5dOeGM3pHhHb6woZ3SRubZ43Ah/VdJM=";
|
||||
prefect = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP532AB5mkNvE29MkDDY8HEf8ZdktGWiI0PzLrvbmLQe";
|
||||
in {
|
||||
"headscale-oidc-secret.age".publicKeys = [ prefect yubi-main yubi-back ];
|
||||
"dn42-privkey.age".publicKeys = [ prefect yubi-main yubi-back ];
|
||||
"headscale-oidc-secret.age".publicKeys = [prefect yubi-main yubi-back];
|
||||
"dn42-privkey.age".publicKeys = [prefect yubi-main yubi-back];
|
||||
}
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
{pkgs, ...}: {
|
||||
systemd.timers.blog-update = {
|
||||
enable = false;
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = ["network.target"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
description = "Blog Update Timer";
|
||||
timerConfig = {
|
||||
Unit = "blog-update.service";
|
||||
|
@ -12,7 +12,7 @@
|
|||
|
||||
systemd.services.blog-update = {
|
||||
enable = false;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = ["multi-user.target"];
|
||||
description = "Blog Update Service";
|
||||
path = [
|
||||
"${pkgs.hugo}"
|
||||
|
@ -35,4 +35,3 @@
|
|||
};
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -138,10 +138,10 @@
|
|||
|
||||
# Littlelink
|
||||
"link.thehedgehog.me" = {
|
||||
extraConfig = ''
|
||||
root * /var/www/littlelink
|
||||
php_fastcgi ${config.services.phpfpm.pools.littlelink.socket}
|
||||
file_server
|
||||
extraConfig = ''
|
||||
root * /var/www/littlelink
|
||||
php_fastcgi ${config.services.phpfpm.pools.littlelink.socket}
|
||||
file_server
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -214,13 +214,11 @@
|
|||
'';
|
||||
};
|
||||
|
||||
|
||||
# Yourmother.website - The best rick-roll URL, period
|
||||
"yourmother.website" = {
|
||||
extraConfig = ''
|
||||
redir https://www.youtube.com/watch?v=dQw4w9WgXcQ 301
|
||||
'';
|
||||
|
||||
};
|
||||
|
||||
# OpenPGP Key
|
||||
|
|
|
@ -1,70 +1,71 @@
|
|||
# Headscale is a tailscale-compatible control plane that you can use with all of the clients.
|
||||
{services.headscale = {
|
||||
enable = true;
|
||||
port = 6900;
|
||||
# Set so that anything can access this. Default is localhost only, which is useless
|
||||
address = "0.0.0.0";
|
||||
# Server URL is the FQDN of this server
|
||||
serverUrl = "https://vpn.thehedgehog.me:6900";
|
||||
dns = {
|
||||
# All domains are .hog domains internally
|
||||
baseDomain = "hog";
|
||||
# Enable MagicDNS
|
||||
# See https://tailscale.com/kb/1081/magicdns/ for more details
|
||||
magicDns = true;
|
||||
# I inject DNS.sb as my secondary nameserver, and my adblocking server as primary.
|
||||
nameservers = [
|
||||
"45.11.45.11"
|
||||
];
|
||||
# Domains to inject, so I can type "media/" into my search bar and go to "media.main.hog"
|
||||
# You can't tell headscale to not create a namespace, so this is the best that I can do
|
||||
domains = [
|
||||
"main.hog"
|
||||
];
|
||||
};
|
||||
# Automatic TLS
|
||||
tls = {
|
||||
letsencrypt = {
|
||||
# Set up automatic Let's Encrypt cert pulls
|
||||
hostname = "vpn.thehedgehog.me";
|
||||
{
|
||||
services.headscale = {
|
||||
enable = true;
|
||||
port = 6900;
|
||||
# Set so that anything can access this. Default is localhost only, which is useless
|
||||
address = "0.0.0.0";
|
||||
# Server URL is the FQDN of this server
|
||||
serverUrl = "https://vpn.thehedgehog.me:6900";
|
||||
dns = {
|
||||
# All domains are .hog domains internally
|
||||
baseDomain = "hog";
|
||||
# Enable MagicDNS
|
||||
# See https://tailscale.com/kb/1081/magicdns/ for more details
|
||||
magicDns = true;
|
||||
# I inject DNS.sb as my secondary nameserver, and my adblocking server as primary.
|
||||
nameservers = [
|
||||
"45.11.45.11"
|
||||
];
|
||||
# Domains to inject, so I can type "media/" into my search bar and go to "media.main.hog"
|
||||
# You can't tell headscale to not create a namespace, so this is the best that I can do
|
||||
domains = [
|
||||
"main.hog"
|
||||
];
|
||||
};
|
||||
};
|
||||
# Disabled since if this goes down, then it's a pain to reconnect to auth
|
||||
# OIDC configuration, so I can have my beloved SSO.
|
||||
# openIdConnect = {
|
||||
# # Issuer is HedgeCloud auth, my private auth server
|
||||
# issuer = "https://auth.thehedgehog.me/application/o/hedgevpn/";
|
||||
# # All people get assigned to the "main" namespace
|
||||
# domainMap = {
|
||||
# ".*" = "main";
|
||||
# };
|
||||
# # Set client ID for OIDC
|
||||
# clientId = "25066b6b1e72718186f8c0dc20f7892951834b6e";
|
||||
# # Client Secret is in this file
|
||||
# clientSecretFile = "/run/agenix/headscale-oidc-secret";
|
||||
# };
|
||||
# Misc settings that aren't set in the above sections
|
||||
settings = {
|
||||
# Set challenge type, forwarded by Caddy
|
||||
tls_letsencrypt_challenge_type = "HTTP-01";
|
||||
# oidc.strip_email_domain = true;
|
||||
# NixOS handles our updates
|
||||
disable_check_updates = true;
|
||||
ip_prefixes = [
|
||||
"4349:3909:beef::/48"
|
||||
"100.64.0.0/10"
|
||||
];
|
||||
derp = {
|
||||
server = {
|
||||
enabled = true;
|
||||
region_id = 969;
|
||||
region_code = "internal";
|
||||
region_name = "Internal DERP";
|
||||
stun_listen_addr = "0.0.0.0:6869";
|
||||
# Automatic TLS
|
||||
tls = {
|
||||
letsencrypt = {
|
||||
# Set up automatic Let's Encrypt cert pulls
|
||||
hostname = "vpn.thehedgehog.me";
|
||||
};
|
||||
};
|
||||
# Disabled since if this goes down, then it's a pain to reconnect to auth
|
||||
# OIDC configuration, so I can have my beloved SSO.
|
||||
# openIdConnect = {
|
||||
# # Issuer is HedgeCloud auth, my private auth server
|
||||
# issuer = "https://auth.thehedgehog.me/application/o/hedgevpn/";
|
||||
# # All people get assigned to the "main" namespace
|
||||
# domainMap = {
|
||||
# ".*" = "main";
|
||||
# };
|
||||
# # Set client ID for OIDC
|
||||
# clientId = "25066b6b1e72718186f8c0dc20f7892951834b6e";
|
||||
# # Client Secret is in this file
|
||||
# clientSecretFile = "/run/agenix/headscale-oidc-secret";
|
||||
# };
|
||||
# Misc settings that aren't set in the above sections
|
||||
settings = {
|
||||
# Set challenge type, forwarded by Caddy
|
||||
tls_letsencrypt_challenge_type = "HTTP-01";
|
||||
# oidc.strip_email_domain = true;
|
||||
# NixOS handles our updates
|
||||
disable_check_updates = true;
|
||||
ip_prefixes = [
|
||||
"4349:3909:beef::/48"
|
||||
"100.64.0.0/10"
|
||||
];
|
||||
derp = {
|
||||
server = {
|
||||
enabled = true;
|
||||
region_id = 969;
|
||||
region_code = "internal";
|
||||
region_name = "Internal DERP";
|
||||
stun_listen_addr = "0.0.0.0:6869";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
systemd.services.headscale.serviceConfig.CapabilityBoundingSet = [ "CAP_CHOWN" "CAP_NET_BIND_SERVICE" ];
|
||||
systemd.services.headscale.serviceConfig.AmbientCapabilities = [ "CAP_CHOWN" "CAP_NET_BIND_SERVICE" ];
|
||||
systemd.services.headscale.serviceConfig.CapabilityBoundingSet = ["CAP_CHOWN" "CAP_NET_BIND_SERVICE"];
|
||||
systemd.services.headscale.serviceConfig.AmbientCapabilities = ["CAP_CHOWN" "CAP_NET_BIND_SERVICE"];
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ dns, ... }: with dns.combinators; {
|
||||
{dns, ...}:
|
||||
with dns.combinators; {
|
||||
SOA = {
|
||||
nameServer = "ns1.thehedgehog.me.";
|
||||
adminEmail = "me@thehedgehog.me";
|
||||
|
@ -21,7 +22,7 @@
|
|||
];
|
||||
|
||||
TXT = [
|
||||
(with spf; soft [ "include:simplelogin.co" ])
|
||||
(with spf; soft ["include:simplelogin.co"])
|
||||
# Simplelogin verification record
|
||||
"sl-verification=foeneinidqlmctesbdisoatddkijkv"
|
||||
# PGP Key fingerprint for Keyoxide
|
||||
|
@ -37,21 +38,19 @@
|
|||
];
|
||||
|
||||
## Set DMARC Policy
|
||||
DMARC = [{
|
||||
p = "quarantine";
|
||||
pct = 100;
|
||||
adkim = "strict";
|
||||
aspf = "strict";
|
||||
}];
|
||||
DMARC = [
|
||||
{
|
||||
p = "quarantine";
|
||||
pct = 100;
|
||||
adkim = "strict";
|
||||
aspf = "strict";
|
||||
}
|
||||
];
|
||||
|
||||
CAA = letsEncrypt "me@thehedgehog.me";
|
||||
|
||||
|
||||
subdomains = rec {
|
||||
# DKIM
|
||||
"dkim._domainkey".CNAME = [ "dkim._domainkey.simplelogin.co." ];
|
||||
|
||||
|
||||
"dkim._domainkey".CNAME = ["dkim._domainkey.simplelogin.co."];
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ dns, ... }: with dns.combinators; {
|
||||
{dns, ...}:
|
||||
with dns.combinators; {
|
||||
SOA = {
|
||||
nameServer = "ns1.thehedgehog.me.";
|
||||
adminEmail = "me@thehedgehog.me";
|
||||
|
@ -23,7 +24,7 @@
|
|||
TXT = [
|
||||
# Migadu Verification Record
|
||||
"hosted-email-verify=4zojt5x8"
|
||||
(with spf; strict [ "include:spf.migadu.com" ])
|
||||
(with spf; strict ["include:spf.migadu.com"])
|
||||
# PGP Key fingerprint for Keyoxide
|
||||
"https://keyoxide.org/4CA972FBADC814160F103138FE1D8A7D620C611F"
|
||||
];
|
||||
|
@ -79,16 +80,15 @@
|
|||
|
||||
CAA = letsEncrypt "me@thehedgehog.me";
|
||||
|
||||
|
||||
subdomains = rec {
|
||||
# HIBP Verification
|
||||
"have-i-been-pwned-verification".TXT = [ "7828e9a7228ef80bd4b445f0cf235450" ];
|
||||
"have-i-been-pwned-verification".TXT = ["7828e9a7228ef80bd4b445f0cf235450"];
|
||||
|
||||
# CNAME Records for mail
|
||||
"key1._domainkey".CNAME = [ "key1.mrhedgehog.xyz._domainkey.migadu.com." ];
|
||||
"key2._domainkey".CNAME = [ "key2.mrhedgehog.xyz._domainkey.migadu.com." ];
|
||||
"key3._domainkey".CNAME = [ "key3.mrhedgehog.xyz._domainkey.migadu.com." ];
|
||||
"autoconfig".CNAME = [ "autoconfig.migadu.com." ];
|
||||
"key1._domainkey".CNAME = ["key1.mrhedgehog.xyz._domainkey.migadu.com."];
|
||||
"key2._domainkey".CNAME = ["key2.mrhedgehog.xyz._domainkey.migadu.com."];
|
||||
"key3._domainkey".CNAME = ["key3.mrhedgehog.xyz._domainkey.migadu.com."];
|
||||
"autoconfig".CNAME = ["autoconfig.migadu.com."];
|
||||
|
||||
# Wildcard Addressing
|
||||
"*".MX = with mx; [
|
||||
|
@ -97,4 +97,3 @@
|
|||
];
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ dns, ... }: with dns.combinators; {
|
||||
{dns, ...}:
|
||||
with dns.combinators; {
|
||||
SOA = {
|
||||
nameServer = "ns1.thehedgehog.me.";
|
||||
adminEmail = "me@thehedgehog.me";
|
||||
|
@ -12,8 +13,8 @@
|
|||
};
|
||||
|
||||
# Set Primary root records
|
||||
A = [ "5.161.140.5" ];
|
||||
AAAA = [ "2a01:4ff:f0:98bf::1" ];
|
||||
A = ["5.161.140.5"];
|
||||
AAAA = ["2a01:4ff:f0:98bf::1"];
|
||||
|
||||
# Set primary nameserver to my nameserver.
|
||||
NS = [
|
||||
|
@ -27,7 +28,7 @@
|
|||
TXT = [
|
||||
# Migadu Verification Record
|
||||
"hosted-email-verify=w6ot8s3l"
|
||||
(with spf; strict [ "include:spf.migadu.com" ])
|
||||
(with spf; strict ["include:spf.migadu.com"])
|
||||
# PGP Key fingerprint for Keyoxide
|
||||
"https://keyoxide.org/4CA972FBADC814160F103138FE1D8A7D620C611F"
|
||||
];
|
||||
|
@ -83,14 +84,13 @@
|
|||
|
||||
CAA = letsEncrypt "me@thehedgehog.me";
|
||||
|
||||
|
||||
subdomains = rec {
|
||||
prefect = host "5.161.140.5" "2a01:4ff:f0:98bf::1";
|
||||
|
||||
ns1.A = [ "5.161.140.5" ];
|
||||
ns1.AAAA = [ "2a01:4ff:f0:98bf::1" ];
|
||||
ns2.A = [ "5.161.140.5" ];
|
||||
ns2.AAAA = [ "2a01:4ff:f0:98bf::1" ];
|
||||
ns1.A = ["5.161.140.5"];
|
||||
ns1.AAAA = ["2a01:4ff:f0:98bf::1"];
|
||||
ns2.A = ["5.161.140.5"];
|
||||
ns2.AAAA = ["2a01:4ff:f0:98bf::1"];
|
||||
|
||||
adguard = prefect;
|
||||
auth = prefect;
|
||||
|
@ -118,19 +118,19 @@
|
|||
# Externally hosted services
|
||||
|
||||
## Netdata Cloud statuspage
|
||||
netdata.CNAME = [ "app.netdata.cloud" ];
|
||||
netdata.CNAME = ["app.netdata.cloud"];
|
||||
|
||||
## Statuspage, hosted at PikaPods
|
||||
status.CNAME = [ "thankful-junglefowl.pikapod.net." ];
|
||||
status.CNAME = ["thankful-junglefowl.pikapod.net."];
|
||||
|
||||
## Resume site, hosted at SourceHut
|
||||
work.CNAME = [ "pages.sr.ht." ];
|
||||
work.CNAME = ["pages.sr.ht."];
|
||||
|
||||
# CNAME Records for mail
|
||||
"key1._domainkey".CNAME = [ "key1.thehedgehog.me._domainkey.migadu.com." ];
|
||||
"key2._domainkey".CNAME = [ "key2.thehedgehog.me._domainkey.migadu.com." ];
|
||||
"key3._domainkey".CNAME = [ "key3.thehedgehog.me._domainkey.migadu.com." ];
|
||||
"autoconfig".CNAME = [ "autoconfig.migadu.com." ];
|
||||
"key1._domainkey".CNAME = ["key1.thehedgehog.me._domainkey.migadu.com."];
|
||||
"key2._domainkey".CNAME = ["key2.thehedgehog.me._domainkey.migadu.com."];
|
||||
"key3._domainkey".CNAME = ["key3.thehedgehog.me._domainkey.migadu.com."];
|
||||
"autoconfig".CNAME = ["autoconfig.migadu.com."];
|
||||
|
||||
# Wildcard Addressing
|
||||
"*".MX = with mx; [
|
||||
|
@ -139,4 +139,3 @@
|
|||
];
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ dns, ... }: with dns.combinators; {
|
||||
{dns, ...}:
|
||||
with dns.combinators; {
|
||||
SOA = {
|
||||
nameServer = "ns1.thehedgehog.me.";
|
||||
adminEmail = "me@thehedgehog.me";
|
||||
|
@ -15,26 +16,30 @@
|
|||
"ns3.he.net."
|
||||
];
|
||||
|
||||
A = [ "5.161.140.5" ];
|
||||
AAAA = [ "2a01:4ff:f0:98bf::1" ];
|
||||
A = ["5.161.140.5"];
|
||||
AAAA = ["2a01:4ff:f0:98bf::1"];
|
||||
|
||||
# Mail config
|
||||
## Yourmother.website does not send email, so verify this.
|
||||
TXT = [
|
||||
(with spf; strict [ "" ])
|
||||
(with spf; strict [""])
|
||||
# PGP key fingerprint for Keyoxide
|
||||
"https://keyoxide.org/4CA972FBADC814160F103138FE1D8A7D620C611F"
|
||||
];
|
||||
|
||||
DKIM = [{
|
||||
selector = "*";
|
||||
p = "";
|
||||
}];
|
||||
DKIM = [
|
||||
{
|
||||
selector = "*";
|
||||
p = "";
|
||||
}
|
||||
];
|
||||
|
||||
DMARC = [{
|
||||
p = "reject";
|
||||
sp = "reject";
|
||||
adkim = "strict";
|
||||
aspf = "strict";
|
||||
}];
|
||||
DMARC = [
|
||||
{
|
||||
p = "reject";
|
||||
sp = "reject";
|
||||
adkim = "strict";
|
||||
aspf = "strict";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,20 +1,24 @@
|
|||
{lib, pkgs, ...}: {
|
||||
services.phpfpm.pools = {
|
||||
littlelink = {
|
||||
user = "caddy";
|
||||
settings = {
|
||||
"listen.owner" = "caddy";
|
||||
"pm" = "dynamic";
|
||||
"pm.max_children" = 32;
|
||||
"pm.max_requests" = 500;
|
||||
"pm.start_servers" = 2;
|
||||
"pm.min_spare_servers" = 2;
|
||||
"pm.max_spare_servers" = 5;
|
||||
"php_admin_value[error_log]" = "stderr";
|
||||
"php_admin_flag[log_errors]" = true;
|
||||
"catch_workers_output" = true;
|
||||
};
|
||||
phpEnv."PATH" = lib.makeBinPath [ pkgs.php ];
|
||||
};
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
services.phpfpm.pools = {
|
||||
littlelink = {
|
||||
user = "caddy";
|
||||
settings = {
|
||||
"listen.owner" = "caddy";
|
||||
"pm" = "dynamic";
|
||||
"pm.max_children" = 32;
|
||||
"pm.max_requests" = 500;
|
||||
"pm.start_servers" = 2;
|
||||
"pm.min_spare_servers" = 2;
|
||||
"pm.max_spare_servers" = 5;
|
||||
"php_admin_value[error_log]" = "stderr";
|
||||
"php_admin_flag[log_errors]" = true;
|
||||
"catch_workers_output" = true;
|
||||
};
|
||||
phpEnv."PATH" = lib.makeBinPath [pkgs.php];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,13 +1,14 @@
|
|||
{ config.age.secrets = {
|
||||
# headscale-oidc-secret = {
|
||||
# file = ../secrets/headscale-oidc-secret.age;
|
||||
# path = "/run/agenix/headscale-oidc-secret";
|
||||
# owner = "headscale";
|
||||
# group = "headscale";
|
||||
# };
|
||||
dn42-privkey = {
|
||||
file = ../secrets/dn42-privkey.age;
|
||||
path = "/run/agenix/dn42-privkey";
|
||||
{
|
||||
config.age.secrets = {
|
||||
# headscale-oidc-secret = {
|
||||
# file = ../secrets/headscale-oidc-secret.age;
|
||||
# path = "/run/agenix/headscale-oidc-secret";
|
||||
# owner = "headscale";
|
||||
# group = "headscale";
|
||||
# };
|
||||
dn42-privkey = {
|
||||
file = ../secrets/dn42-privkey.age;
|
||||
path = "/run/agenix/dn42-privkey";
|
||||
};
|
||||
};
|
||||
};}
|
||||
|
||||
}
|
||||
|
|
|
@ -6,14 +6,14 @@
|
|||
boot = {
|
||||
cleanTmpDir = true;
|
||||
kernelPackages = pkgs.linuxPackages_latest;
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
extraModulePackages = [ ];
|
||||
kernelModules = ["kvm-intel"];
|
||||
extraModulePackages = [];
|
||||
supportedFilesystems = lib.mkForce ["btrfs" "vfat" "f2fs"];
|
||||
initrd = {
|
||||
enable = true;
|
||||
network.enable = false;
|
||||
availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "usbhid" "sd_mod" ];
|
||||
kernelModules = [ "intel_agp" "i915"];
|
||||
availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "usbhid" "sd_mod"];
|
||||
kernelModules = ["intel_agp" "i915"];
|
||||
};
|
||||
loader = {
|
||||
systemd-boot = {
|
||||
|
|
|
@ -7,10 +7,10 @@
|
|||
fontconfig = {
|
||||
enable = lib.mkForce true;
|
||||
defaultFonts = {
|
||||
serif = [ "IBM Plex Serif" "Input Serif" ];
|
||||
sansSerif = [ "IBM Plex Sans" "Input Sans" ];
|
||||
monospace = [ "IBM Plex Mono" "Input Mono" "FiraCode Nerd Font Mono" ];
|
||||
emoji = [ "JoyPixels" ];
|
||||
serif = ["IBM Plex Serif" "Input Serif"];
|
||||
sansSerif = ["IBM Plex Sans" "Input Sans"];
|
||||
monospace = ["IBM Plex Mono" "Input Mono" "FiraCode Nerd Font Mono"];
|
||||
emoji = ["JoyPixels"];
|
||||
};
|
||||
};
|
||||
fonts = with pkgs; [
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
# Misc settings(documentation etc}
|
||||
{lib, pkgs, ...}: {
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
documentation = {
|
||||
enable = true;
|
||||
dev.enable = true;
|
||||
|
@ -25,17 +29,17 @@
|
|||
services.openssh.permitRootLogin = lib.mkForce "yes";
|
||||
time.timeZone = "America/New_York";
|
||||
|
||||
## THIS IS A HACK
|
||||
## DO NOT DO THIS
|
||||
## Allows mason.nvim to work properly
|
||||
## ONCE AGAIN, DO NOT DO THIS
|
||||
environment = {
|
||||
extraSetup = ''
|
||||
mkdir -p $out/lib64
|
||||
ln -sf ${pkgs.glibc}/lib64/ld-linux-x86-64.so.2 $out/lib64/ld-linux-x86-64.so.2
|
||||
'';
|
||||
};
|
||||
systemd.tmpfiles.rules = [
|
||||
"L+ /lib64 - - - - /run/current-system/sw/lib64"
|
||||
];
|
||||
## THIS IS A HACK
|
||||
## DO NOT DO THIS
|
||||
## Allows mason.nvim to work properly
|
||||
## ONCE AGAIN, DO NOT DO THIS
|
||||
environment = {
|
||||
extraSetup = ''
|
||||
mkdir -p $out/lib64
|
||||
ln -sf ${pkgs.glibc}/lib64/ld-linux-x86-64.so.2 $out/lib64/ld-linux-x86-64.so.2
|
||||
'';
|
||||
};
|
||||
systemd.tmpfiles.rules = [
|
||||
"L+ /lib64 - - - - /run/current-system/sw/lib64"
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
{pkgs, inputs, ...}: {
|
||||
{
|
||||
pkgs,
|
||||
inputs,
|
||||
...
|
||||
}: {
|
||||
environment.systemPackages = with pkgs; [
|
||||
dig
|
||||
inputs.agenix.defaultPackage."${system}"
|
||||
|
|
|
@ -3,5 +3,5 @@ let
|
|||
yubi-main = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBBsOIMMZVmleClXfqUMrnmyh8PFuyiJqHKEZ51Xy746";
|
||||
backup = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyTiGctsHaTUlRJn2XQ/745dD0UWGWO8W0en8J5rf7BLI8lL/hPUmbNt45vC5754LXcBjnp1t/1FNgiGhvNZIWJpC+elBmhyMhg8z1exRZPD+as7XaH7scnij2vSbSphQFUqH433ggAGe77x5bc7wKFp9n7vj8G1u0JJxMEe1M7kNFY0+ShNtaHna3LxiQOVcW7qVlNKZP8Ol1V7kZLblRADCJMTYOXDIbktA8bbGRfGhbNjJGkL665qz36haYwb2i6A4sC7Y583N8ro8hIDG/ByJqwbl/Sz4rSxkT6G4+OdBvS6sa7TovNXHjmQCculMIltdog7UhgyBsim1sTzxAen3YyFRi1Cz/kLM0oH39m/W4IoMvJcNZCJ3ItLgy+lEVMd87jVOqfuq/hyjHVI0wJtU2Si2HTxv7aKL8gPzqXwbNH+nhkhlQ0ZH8zKVBunOgLDgsmGIky5X/T3bpWZpIoFkOR7AYrId/5dOeGM3pHhHb6woZ3SRubZ43Ah/VdJM=";
|
||||
in {
|
||||
"wg-privkey.age".publicKeys = [ yubi-back yubi-main backup ];
|
||||
"wg-privkey.age".publicKeys = [yubi-back yubi-main backup];
|
||||
}
|
||||
|
|
|
@ -5,4 +5,3 @@
|
|||
rootless.setSocketVariable = true;
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
{pkgs, lib, ...}: {
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
# Enable DN42 Certificates
|
||||
security.pki.certificateFiles = [
|
||||
(pkgs.fetchurl {
|
||||
|
@ -42,22 +46,22 @@
|
|||
];
|
||||
};
|
||||
forward-zone = let
|
||||
dn42DNS = [
|
||||
"172.20.0.53"
|
||||
# "172.23.0.53"
|
||||
# "fd42:d42:d42:54::1"
|
||||
# "fd42:d42:d42:53::1"
|
||||
];
|
||||
dn42DNS = [
|
||||
"172.20.0.53"
|
||||
# "172.23.0.53"
|
||||
# "fd42:d42:d42:54::1"
|
||||
# "fd42:d42:d42:53::1"
|
||||
];
|
||||
|
||||
chaosVpnDNS = [
|
||||
"172.31.255.53"
|
||||
"172.31.0.5"
|
||||
];
|
||||
chaosVpnDNS = [
|
||||
"172.31.255.53"
|
||||
"172.31.0.5"
|
||||
];
|
||||
|
||||
neoNetDNS = [
|
||||
"10.127.255.53"
|
||||
"fd10:127:ffff:53::"
|
||||
];
|
||||
neoNetDNS = [
|
||||
"10.127.255.53"
|
||||
"fd10:127:ffff:53::"
|
||||
];
|
||||
in [
|
||||
{
|
||||
name = ".";
|
||||
|
|
|
@ -1 +1 @@
|
|||
{ services.yubikey-agent.enable = true; }
|
||||
{services.yubikey-agent.enable = true;}
|
||||
|
|
|
@ -1,14 +1,16 @@
|
|||
self: super: {
|
||||
vimPlugins = super.vimPlugins // {
|
||||
nvim-treesitter = super.vimUtils.buildVimPlugin {
|
||||
pname = "nvim-treesitter";
|
||||
version = "2022-08-29";
|
||||
src = super.fetchFromGitHub {
|
||||
owner = "nvim-treesitter";
|
||||
repo = "nvim-treesitter";
|
||||
rev = "f3c53d225ada93a99bfd818e1c40012400e2dc55";
|
||||
sha256 = "1qj4rp8ry1qyv6lsdxbmnl9h0bb2jc9hs52q55f4wxw5rxq9zf00";
|
||||
vimPlugins =
|
||||
super.vimPlugins
|
||||
// {
|
||||
nvim-treesitter = super.vimUtils.buildVimPlugin {
|
||||
pname = "nvim-treesitter";
|
||||
version = "2022-08-29";
|
||||
src = super.fetchFromGitHub {
|
||||
owner = "nvim-treesitter";
|
||||
repo = "nvim-treesitter";
|
||||
rev = "f3c53d225ada93a99bfd818e1c40012400e2dc55";
|
||||
sha256 = "1qj4rp8ry1qyv6lsdxbmnl9h0bb2jc9hs52q55f4wxw5rxq9zf00";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
stdenv.mkDerivation {
|
||||
pname = "caddy-bin";
|
||||
version = "2.5.2";
|
||||
phases = [ "unpackPhase" "installPhase" ];
|
||||
phases = ["unpackPhase" "installPhase"];
|
||||
|
||||
src = fetchFromGitea rec {
|
||||
domain = "git.thehedgehog.me";
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
stdenv.mkDerivation {
|
||||
pname = "caddy-bin";
|
||||
version = "2.5.2";
|
||||
phases = [ "unpackPhase" "installPhase" ];
|
||||
phases = ["unpackPhase" "installPhase"];
|
||||
|
||||
src = fetchFromGitea rec {
|
||||
domain = "git.exozy.me";
|
||||
|
|
|
@ -1,19 +1,23 @@
|
|||
{pkgs, lib, stdenv, fetchFromGitHub }:
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
stdenv,
|
||||
fetchFromGitHub,
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
phases = ["unpackPhase" "installPhase"];
|
||||
|
||||
phases = [ "unpackPhase" "installPhase" ];
|
||||
name = "catppuccin-btop";
|
||||
src = fetchFromGitHub {
|
||||
owner = "catppuccin";
|
||||
repo = "bat";
|
||||
rev = "f0dedf515c02799b76a2804db9815a479f6c0075";
|
||||
sha256 = "0z1pxk21f770xqhd9gxiwls018rla3qg667i6x3z9cjbgwv6mlbi";
|
||||
};
|
||||
|
||||
name = "catppuccin-btop";
|
||||
src = fetchFromGitHub {
|
||||
owner = "catppuccin";
|
||||
repo = "bat";
|
||||
rev = "f0dedf515c02799b76a2804db9815a479f6c0075";
|
||||
sha256 = "0z1pxk21f770xqhd9gxiwls018rla3qg667i6x3z9cjbgwv6mlbi";
|
||||
};
|
||||
|
||||
installPhase = ''
|
||||
ls -1l
|
||||
install -d $out
|
||||
install *.tmTheme $out
|
||||
'';
|
||||
installPhase = ''
|
||||
ls -1l
|
||||
install -d $out
|
||||
install *.tmTheme $out
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -1,19 +1,23 @@
|
|||
{pkgs, lib, stdenv, fetchFromGitHub }:
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
stdenv,
|
||||
fetchFromGitHub,
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
phases = ["unpackPhase" "installPhase"];
|
||||
|
||||
phases = [ "unpackPhase" "installPhase" ];
|
||||
name = "catppuccin-btop";
|
||||
src = fetchFromGitHub {
|
||||
owner = "catppuccin";
|
||||
repo = "btop";
|
||||
rev = "ecb8562bb6181bb9f2285c360bbafeb383249ec3";
|
||||
sha256 = "0sfyf44lwmf4mkd4gjkw82wn7va56c8xy06cx4q6b3drjfx6vxd2";
|
||||
};
|
||||
|
||||
name = "catppuccin-btop";
|
||||
src = fetchFromGitHub {
|
||||
owner = "catppuccin";
|
||||
repo = "btop";
|
||||
rev = "ecb8562bb6181bb9f2285c360bbafeb383249ec3";
|
||||
sha256 = "0sfyf44lwmf4mkd4gjkw82wn7va56c8xy06cx4q6b3drjfx6vxd2";
|
||||
};
|
||||
|
||||
installPhase = ''
|
||||
ls -1l
|
||||
install -d $out
|
||||
install *.theme $out
|
||||
'';
|
||||
installPhase = ''
|
||||
ls -1l
|
||||
install -d $out
|
||||
install *.theme $out
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -1,14 +1,18 @@
|
|||
{ lib, stdenv, fetchzip }:
|
||||
stdenv.mkDerivation rec {
|
||||
name = "cinny";
|
||||
version = "2.1.2";
|
||||
src = fetchzip {
|
||||
url = "https://github.com/cinnyapp/cinny/releases/download/v${version}/cinny-v${version}.tar.gz";
|
||||
sha256 = "0was1y915p2kg7wj5r7fmhyqiqyr7nff77hdgp3bpfqys703xnz8";
|
||||
};
|
||||
phases = [ "unpackPhase" "installPhase" ];
|
||||
installPhase = ''
|
||||
install -d $out
|
||||
cp -r * $out/
|
||||
'';
|
||||
}
|
||||
{
|
||||
lib,
|
||||
stdenv,
|
||||
fetchzip,
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
name = "cinny";
|
||||
version = "2.1.2";
|
||||
src = fetchzip {
|
||||
url = "https://github.com/cinnyapp/cinny/releases/download/v${version}/cinny-v${version}.tar.gz";
|
||||
sha256 = "0was1y915p2kg7wj5r7fmhyqiqyr7nff77hdgp3bpfqys703xnz8";
|
||||
};
|
||||
phases = ["unpackPhase" "installPhase"];
|
||||
installPhase = ''
|
||||
install -d $out
|
||||
cp -r * $out/
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
{ lib, stdenv, fetchFromGitea, buildGoModule}:
|
||||
|
||||
{
|
||||
lib,
|
||||
stdenv,
|
||||
fetchFromGitea,
|
||||
buildGoModule,
|
||||
}:
|
||||
buildGoModule rec {
|
||||
pname = "go-jamming";
|
||||
version = "2.0.2";
|
||||
|
|
|
@ -1,16 +1,22 @@
|
|||
{ pkgs, lib, fetchFromGitHub, stdenv}: stdenv.mkDerivation {
|
||||
name = "littlelink-custom";
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
fetchFromGitHub,
|
||||
stdenv,
|
||||
}:
|
||||
stdenv.mkDerivation {
|
||||
name = "littlelink-custom";
|
||||
|
||||
phases = [ "unpackPhase" "installPhase" ];
|
||||
src = fetchFromGitHub {
|
||||
owner = "JulianPrieber";
|
||||
repo = "littlelink-custom";
|
||||
rev = "v2.8.2";
|
||||
sha256 = "sha256-5bU7UaEVb8Z46kbmDKQ8mw7tcDDVnfnauJQBZgo9jyk=";
|
||||
};
|
||||
phases = ["unpackPhase" "installPhase"];
|
||||
src = fetchFromGitHub {
|
||||
owner = "JulianPrieber";
|
||||
repo = "littlelink-custom";
|
||||
rev = "v2.8.2";
|
||||
sha256 = "sha256-5bU7UaEVb8Z46kbmDKQ8mw7tcDDVnfnauJQBZgo9jyk=";
|
||||
};
|
||||
|
||||
installPhase = ''
|
||||
install -d $out
|
||||
cp -fr ./* $out/
|
||||
'';
|
||||
installPhase = ''
|
||||
install -d $out
|
||||
cp -fr ./* $out/
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{ pkgs, lib, makeDesktopItem }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
makeDesktopItem,
|
||||
}: let
|
||||
olympus = pkgs.stdenv.mkDerivation rec {
|
||||
pname = "olympus";
|
||||
version = "2788";
|
||||
|
@ -10,7 +13,7 @@ let
|
|||
sha256 = "sha256-PDkxtI0aLw1JdNOB207C50YBmzfKmq2DfMxj16/cYgM=";
|
||||
};
|
||||
|
||||
buildInputs = [ pkgs.unzip ];
|
||||
buildInputs = [pkgs.unzip];
|
||||
installPhase = ''
|
||||
mkdir -p "$out/opt/olympus/"
|
||||
mv dist.zip "$out/opt/olympus/" && cd "$out/opt/olympus/"
|
||||
|
@ -24,22 +27,22 @@ let
|
|||
'';
|
||||
};
|
||||
in
|
||||
pkgs.buildFHSUserEnv {
|
||||
name = "olympus";
|
||||
runScript = "${olympus}/opt/olympus/olympus";
|
||||
targetPkgs = pkgs: [
|
||||
pkgs.freetype
|
||||
pkgs.zlib
|
||||
pkgs.SDL2
|
||||
pkgs.curl
|
||||
pkgs.libpulseaudio
|
||||
pkgs.gtk3
|
||||
pkgs.glib
|
||||
pkgs.libGL
|
||||
pkgs.libdrm
|
||||
];
|
||||
pkgs.buildFHSUserEnv {
|
||||
name = "olympus";
|
||||
runScript = "${olympus}/opt/olympus/olympus";
|
||||
targetPkgs = pkgs: [
|
||||
pkgs.freetype
|
||||
pkgs.zlib
|
||||
pkgs.SDL2
|
||||
pkgs.curl
|
||||
pkgs.libpulseaudio
|
||||
pkgs.gtk3
|
||||
pkgs.glib
|
||||
pkgs.libGL
|
||||
pkgs.libdrm
|
||||
];
|
||||
|
||||
# https://github.com/EverestAPI/Olympus/blob/main/lib-linux/olympus.desktop
|
||||
# https://stackoverflow.com/questions/8822097/how-to-replace-a-whole-line-with-sed
|
||||
extraInstallCommands = ''cp -r "${olympus}/share/" $out'';
|
||||
}
|
||||
# https://github.com/EverestAPI/Olympus/blob/main/lib-linux/olympus.desktop
|
||||
# https://stackoverflow.com/questions/8822097/how-to-replace-a-whole-line-with-sed
|
||||
extraInstallCommands = ''cp -r "${olympus}/share/" $out'';
|
||||
}
|
||||
|
|
|
@ -1,4 +1,10 @@
|
|||
{stdenv, fetchFromGitea, pkgs, lib, ...}:
|
||||
{
|
||||
stdenv,
|
||||
fetchFromGitea,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
name = "pgp-webroot";
|
||||
src = fetchFromGitea {
|
||||
|
@ -8,7 +14,7 @@ stdenv.mkDerivation rec {
|
|||
rev = "c651d3dac938257f087987942c1d14d064cf2895";
|
||||
sha256 = "0lnh921bil626i133sp08a2jgib3ig960iprlvkab4zscm65hhi1";
|
||||
};
|
||||
phases = [ "unpackPhase" "installPhase" ];
|
||||
phases = ["unpackPhase" "installPhase"];
|
||||
|
||||
installPhase = ''
|
||||
cp -fvr ./hosts/prefect/services/webroot/ $out/
|
||||
|
|
|
@ -1,5 +1,11 @@
|
|||
{ lib, pkgs, fetchFromGitHub, buildGoModule, stdenv, ...}:
|
||||
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
fetchFromGitHub,
|
||||
buildGoModule,
|
||||
stdenv,
|
||||
...
|
||||
}:
|
||||
buildGoModule rec {
|
||||
pname = "xcaddy";
|
||||
version = "0.3.0";
|
||||
|
@ -19,6 +25,6 @@ buildGoModule rec {
|
|||
homepage = "https://caddyserver.com";
|
||||
description = "Caddy build tool";
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ thehedgeh0g ];
|
||||
maintainers = with maintainers; [thehedgeh0g];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,12 +2,12 @@
|
|||
users.users.thehedgehog = {
|
||||
description = "The Hedgehog";
|
||||
isNormalUser = true;
|
||||
extraGroups = ["wheel" "networkmanager" "video" "docker" ];
|
||||
extraGroups = ["wheel" "networkmanager" "video" "docker"];
|
||||
hashedPassword = "$6$6EtuZhVOJdfI9DYP$1Qnd7R8qdN.E5yE2kDQCNg2zgJ5cIjNBKsIW/qJgb8wcKlUpIoVg/fEKvBkAgCiLyojVG2kzfu4J9LR8rA8a2/";
|
||||
shell = pkgs.fish;
|
||||
openssh = {
|
||||
authorizedKeys = {
|
||||
keyFiles = [ ../../home/programs/ssh/yubikey-new.pub ../../home/programs/ssh/yubikey-main.pub ../../home/programs/ssh/yubikey-back.pub ../../home/programs/ssh/backup.pub];
|
||||
keyFiles = [../../home/programs/ssh/yubikey-new.pub ../../home/programs/ssh/yubikey-main.pub ../../home/programs/ssh/yubikey-back.pub ../../home/programs/ssh/backup.pub];
|
||||
keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP532AB5mkNvE29MkDDY8HEf8ZdktGWiI0PzLrvbmLQe"
|
||||
];
|
||||
|
|
Loading…
Reference in a new issue