diff --git a/BOcal/configuration.nix b/BOcal/configuration.nix index 285bfe2..1137efc 100644 --- a/BOcal/configuration.nix +++ b/BOcal/configuration.nix @@ -1,13 +1,18 @@ -{ config, lib, pkgs, users, ... }: +{ + config, + lib, + pkgs, + users, + ... +}: { - imports = - [ - ./hardware-configuration.nix - ./router.nix - ./net_config.nix - (users.root { ssh = true; }) - ]; + imports = [ + ./hardware-configuration.nix + ./router.nix + ./net_config.nix + (users.root { ssh = true; }) + ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; diff --git a/BOcal/hardware-configuration.nix b/BOcal/hardware-configuration.nix index 9c7bdef..17f9a6a 100644 --- a/BOcal/hardware-configuration.nix +++ b/BOcal/hardware-configuration.nix @@ -1,31 +1,40 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ehci_pci" + "ahci" + "usbhid" + "usb_storage" + "sd_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/b56a6a08-60e7-4997-9f7b-05c58006e730"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/b56a6a08-60e7-4997-9f7b-05c58006e730"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/3975-DEB6"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/3975-DEB6"; + fsType = "vfat"; + }; - swapDevices = - [ { device = "/dev/disk/by-uuid/b196b10b-5480-49b9-a6fb-ed2f21850815"; } - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/b196b10b-5480-49b9-a6fb-ed2f21850815"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/BOcal/net-user/configuration.nix b/BOcal/net-user/configuration.nix index 84b4b28..9434637 100644 --- a/BOcal/net-user/configuration.nix +++ b/BOcal/net-user/configuration.nix @@ -1,5 +1,12 @@ distant-users-id: -{ pkgs, lib, users, mods, ... }: { +{ + pkgs, + lib, + users, + mods, + ... +}: +{ imports = [ @@ -17,9 +24,7 @@ distant-users-id: font = "Lat2-Terminus16"; keyMap = "fr"; }; - environment.systemPackages = with pkgs; [ - git - ]; + environment.systemPackages = with pkgs; [ git ]; security.polkit.extraConfig = '' polkit.addRule(function(action, subject) { if ( @@ -73,39 +78,48 @@ distant-users-id: }) ''; - users.groups.bocal.gid = 2000; - users.users = let - template = { name, uid }: { - inherit name; - value = { - isNormalUser = true; - inherit uid; - shell = pkgs.zsh; - group = "bocal"; - homeMode = "750"; - }; + users.users = + let + template = + { name, uid }: + { + inherit name; + value = { + isNormalUser = true; + inherit uid; + shell = pkgs.zsh; + group = "bocal"; + homeMode = "750"; + }; + }; + in + builtins.listToAttrs (map template distant-users-id) + // { + root.hashedPassword = "$y$j9T$GK2ejPfMgk0GlBqZX0aBo/$n3nds9zcBi8X8p9aG5Aywq1A.R6Bt/dIOccvfIdMM/1"; + root.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" + ]; }; - in builtins.listToAttrs (map template distant-users-id) // { - root.hashedPassword = "$y$j9T$GK2ejPfMgk0GlBqZX0aBo/$n3nds9zcBi8X8p9aG5Aywq1A.R6Bt/dIOccvfIdMM/1"; - root.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" - ]; - }; - home-manager.users = let - template = { name, uid }: { - inherit name; - value = { - home.stateVersion = "23.11"; - imports = with mods.home; [ zsh neovim ]; - programs.zsh.profileExtra = "exec ${pkgs.plasma5Packages.plasma-workspace}/bin/startplasma-wayland"; - programs.firefox.enable = true; - home.packages = with pkgs; [ - gedit - ]; - }; - }; - in builtins.listToAttrs (map template distant-users-id); + home-manager.users = + let + template = + { name, uid }: + { + inherit name; + value = { + home.stateVersion = "23.11"; + imports = with mods.home; [ + zsh + neovim + ]; + programs.zsh.profileExtra = "exec ${pkgs.plasma5Packages.plasma-workspace}/bin/startplasma-wayland"; + programs.firefox.enable = true; + home.packages = with pkgs; [ gedit ]; + }; + }; + in + builtins.listToAttrs (map template distant-users-id); services.getty = { loginProgram = pkgs.writeShellScript "autologin" '' @@ -117,7 +131,7 @@ distant-users-id: autologinUser = "bocal"; }; systemd.services.unlock = { - wantedBy = ["multi-user.target"]; + wantedBy = [ "multi-user.target" ]; script = '' ${pkgs.dbus}/bin/dbus-monitor --system "type='signal',interface='org.freedesktop.DBus.Properties',path_namespace='/org/freedesktop/login1/session'" | while read x; do case "$x" in @@ -132,18 +146,23 @@ distant-users-id: desktopManager.plasma5.enable = true; displayManager.lightdm.enable = false; }; - fileSystems = let - template = { name, uid }: { - name = "/home/${name}"; - value = { - device = "192.168.222.1:/home/${name}"; + fileSystems = + let + template = + { name, uid }: + { + name = "/home/${name}"; + value = { + device = "192.168.222.1:/home/${name}"; + fsType = "nfs"; + }; + }; + in + { + "/home/bocal" = { + device = "192.168.222.1:/home/bocal"; fsType = "nfs"; }; - }; - in { - "/home/bocal" = { - device = "192.168.222.1:/home/bocal"; - fsType = "nfs"; - }; - } // builtins.listToAttrs (map template distant-users-id); + } + // builtins.listToAttrs (map template distant-users-id); } diff --git a/BOcal/net_config.nix b/BOcal/net_config.nix index dc21949..0690681 100644 --- a/BOcal/net_config.nix +++ b/BOcal/net_config.nix @@ -1,4 +1,10 @@ -{ lib, users, mods, pkgs, ... }: +{ + lib, + users, + mods, + pkgs, + ... +}: let machines = { "54:bf:64:5d:33:5e" = "arturgo"; @@ -13,57 +19,75 @@ let "54:bf:64:5d:31:fd" = "loony"; }; distant-users = builtins.attrValues machines; - distant-users-id = builtins.genList (i: { name = builtins.elemAt distant-users i; uid = 2001 + i; }) (builtins.length distant-users); - remote_sys = (import (pkgs.path + "/nixos/lib/eval-config.nix") { + distant-users-id = builtins.genList (i: { + name = builtins.elemAt distant-users i; + uid = 2001 + i; + }) (builtins.length distant-users); + remote_sys = ( + import (pkgs.path + "/nixos/lib/eval-config.nix") { system = "x86_64-linux"; - specialArgs = { inherit users mods; }; + specialArgs = { + inherit users mods; + }; modules = [ (import ./net-user/configuration.nix distant-users-id) ]; - }); - remote_build = remote_sys.config.system.build; - json_maker = mac: user: pkgs.writeText "netboot-${mac}.json" '' - { - "kernel": "/kernel", - "initrd": [ "/initrd" ], - "cmdline": "init=${remote_build.toplevel}/init loglevel=4 systemd.setenv=BOCAL=${user}" } - ''; + ); + remote_build = remote_sys.config.system.build; + json_maker = + mac: user: + pkgs.writeText "netboot-${mac}.json" '' + { + "kernel": "/kernel", + "initrd": [ "/initrd" ], + "cmdline": "init=${remote_build.toplevel}/init loglevel=4 systemd.setenv=BOCAL=${user}" + } + ''; json_ln = mac: json: ''ln -s ${json} $out/v1/boot/${mac}''; cmds = [ "mkdir -p $out/v1/boot" "ln -s ${remote_build.kernel}/bzImage $out/kernel" "ln -s ${remote_build.netbootRamdisk}/initrd $out/initrd" ] ++ builtins.attrValues (builtins.mapAttrs json_ln (builtins.mapAttrs json_maker machines)); - webroot = pkgs.runCommand "netboot-apiroot" {} (builtins.concatStringsSep "\n" cmds); -in { + webroot = pkgs.runCommand "netboot-apiroot" { } (builtins.concatStringsSep "\n" cmds); +in +{ users.groups.bocal.gid = 2000; - users.users = let - template = { name, uid }: { - inherit name; - value = { + users.users = + let + template = + { name, uid }: + { + inherit name; + value = { + isNormalUser = true; + inherit uid; + shell = pkgs.zsh; + group = "bocal"; + homeMode = "750"; + }; + }; + in + builtins.listToAttrs (map template distant-users-id) + // { + bocal = { isNormalUser = true; - inherit uid; + uid = 2000; shell = pkgs.zsh; group = "bocal"; homeMode = "750"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvGR9LIJrb9fEIuYn4DMAiyPq0gZ/J8Hv/hIcszu0Tp vincent@vincent-ZB" + ]; }; }; - in builtins.listToAttrs (map template distant-users-id) // { - bocal = { - isNormalUser = true; - uid = 2000; - shell = pkgs.zsh; - group = "bocal"; - homeMode = "750"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvGR9LIJrb9fEIuYn4DMAiyPq0gZ/J8Hv/hIcszu0Tp vincent@vincent-ZB" - ]; - }; - }; home-manager.users.bocal = { home.stateVersion = "23.11"; - imports = with mods.home; [ zsh neovim ]; + imports = with mods.home; [ + zsh + neovim + ]; programs.zsh.shellAliases = { "redac" = "/home/bocal/bin/redac"; "faire" = "redac faire"; @@ -80,11 +104,16 @@ in { }; services.nfs.server = { enable = true; - exports = let - template = { name, uid }: "/home/${name} 192.168.222.0/24(rw,nohide,insecure,no_subtree_check,anonuid=${builtins.toString uid},anongid=2000)"; - in builtins.concatStringsSep "\n" ([ - "/home/bocal 192.168.222.0/24(rw,nohide,insecure,no_subtree_check)" - ] ++ map template distant-users-id); + exports = + let + template = + { name, uid }: + "/home/${name} 192.168.222.0/24(rw,nohide,insecure,no_subtree_check,anonuid=${builtins.toString uid},anongid=2000)"; + in + builtins.concatStringsSep "\n" ( + [ "/home/bocal 192.168.222.0/24(rw,nohide,insecure,no_subtree_check)" ] + ++ map template distant-users-id + ); }; services.dnsmasq = { enable = true; @@ -98,7 +127,12 @@ in { services.nginx = { enable = true; virtualHosts."localhost" = { - listen = [{ addr = "localhost"; port = 8000; }]; + listen = [ + { + addr = "localhost"; + port = 8000; + } + ]; root = webroot; }; }; diff --git a/BOcal/router.nix b/BOcal/router.nix index 8494ebd..f559c09 100644 --- a/BOcal/router.nix +++ b/BOcal/router.nix @@ -1,4 +1,10 @@ -{ config, lib, pkgs, ... }: { +{ + config, + lib, + pkgs, + ... +}: +{ boot.kernel.sysctl."net.ipv4.ip_forward" = true; systemd.network = { @@ -34,11 +40,11 @@ "11-netboot-client" = { name = "netboot-client"; address = [ "192.168.222.1/24" ]; - # dhcpServerConfig = { - # PoolOffset = 100; - # PoolSize = 100; - # BootServerAddress = "192.168.222.1"; - # }; + # dhcpServerConfig = { + # PoolOffset = 100; + # PoolSize = 100; + # BootServerAddress = "192.168.222.1"; + # }; }; }; netdevs."10-client".netdevConfig = { @@ -46,8 +52,7 @@ Kind = "bridge"; }; }; - networking.nameservers = - [ "208.67.222.222" ]; + networking.nameservers = [ "208.67.222.222" ]; networking.nat = { enable = true; diff --git a/hive.nix b/hive.nix index 4171de7..b7fcb96 100644 --- a/hive.nix +++ b/hive.nix @@ -1,72 +1,93 @@ -let +let mods = import ./modules; users = import ./users; -in { +in +{ meta.nixpkgs = ; meta.specialArgs = { inherit mods users; }; - defaults = { name, pkgs, ... }: { - imports = [ ]; - boot.tmp.useTmpfs = true; - networking.hostName = name; - }; - - kat-probook = { name, nodes, users, ... }: { - deployment.allowLocalDeployment = true; - - imports = [ - ./machines/kat-probook/configuration.nix - (users.root { ssh = false; }) - users.catvayor - ]; - nix.settings.trusted-users = [ "root" "@wheel" ]; - }; - - kat-r86s = { name, nodes, ... }: { - deployment.targetHost = "r86s.kat"; - imports = [ - ./machines/kat-r86s/configuration.nix - (users.root { ssh = true; }) - ]; - }; - - kat-test = { name, nodes, ... }: { - deployment = { - allowLocalDeployment = true; - targetHost = "test.kat"; + defaults = + { name, pkgs, ... }: + { + imports = [ ]; + boot.tmp.useTmpfs = true; + networking.hostName = name; }; - imports = [ - ./machines/kat-test/configuration.nix - (users.root { ssh = true; }) - users.catvayor - ]; - home-manager.users.catvayor = { - imports = [ mods.home.mail ]; + kat-probook = + { + name, + nodes, + users, + ... + }: + { + deployment.allowLocalDeployment = true; + + imports = [ + ./machines/kat-probook/configuration.nix + (users.root { ssh = false; }) + users.catvayor + ]; + nix.settings.trusted-users = [ + "root" + "@wheel" + ]; }; - }; - kat-virt = { name, nodes, ... }: { - deployment.targetHost = "virt.kat"; + kat-r86s = + { name, nodes, ... }: + { + deployment.targetHost = "r86s.kat"; + imports = [ + ./machines/kat-r86s/configuration.nix + (users.root { ssh = true; }) + ]; + }; - imports = [ - ./machines/kat-virt/configuration.nix - (users.root { ssh = true; }) - ]; - users.users.root.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" - ]; - }; + kat-test = + { name, nodes, ... }: + { + deployment = { + allowLocalDeployment = true; + targetHost = "test.kat"; + }; - kat-runner = { name, nodes, ... }: { - deployment.targetHost = "runner.kat"; + imports = [ + ./machines/kat-test/configuration.nix + (users.root { ssh = true; }) + users.catvayor + ]; + home-manager.users.catvayor = { + imports = [ mods.home.mail ]; + }; + }; - imports = [ - ./machines/kat-runner/configuration.nix - (users.root { ssh = true; }) - ]; - }; + kat-virt = + { name, nodes, ... }: + { + deployment.targetHost = "virt.kat"; + + imports = [ + ./machines/kat-virt/configuration.nix + (users.root { ssh = true; }) + ]; + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" + ]; + }; + + kat-runner = + { name, nodes, ... }: + { + deployment.targetHost = "runner.kat"; + + imports = [ + ./machines/kat-runner/configuration.nix + (users.root { ssh = true; }) + ]; + }; BOcal = { deployment.targetHost = "bocal.tmp"; @@ -77,59 +98,64 @@ in { ]; }; - kat-iso = { name, pkgs, ... }:{ - deployment = { - allowLocalDeployment = false; - targetHost = null; - }; + kat-iso = + { name, pkgs, ... }: + { + deployment = { + allowLocalDeployment = false; + targetHost = null; + }; - imports = [ - - (users.root { ssh = true; }) - ]; + imports = [ + + (users.root { ssh = true; }) + ]; - networking = { - networkmanager.enable = true; - wireless.enable = false; - }; - console.keyMap = "fr"; + networking = { + networkmanager.enable = true; + wireless.enable = false; + }; + console.keyMap = "fr"; - environment.systemPackages = with pkgs; [ perl git ]; - boot.supportedFilesystems = [ "bcachefs" ]; - programs.zsh.enable = true; - services.openssh.enable = true; - services.qemuGuest.enable = true; - boot.kernelParams = [ "console=ttyS0" ]; + environment.systemPackages = with pkgs; [ + perl + git + ]; + boot.supportedFilesystems = [ "bcachefs" ]; + programs.zsh.enable = true; + services.openssh.enable = true; + services.qemuGuest.enable = true; + boot.kernelParams = [ "console=ttyS0" ]; - environment.etc = { - "config_base.nix" = { - mode = "0444"; - text = '' - { config, lib, pkgs, ... }: { - imports = [ ./hardware-configuration.nix ]; - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.supportedFilesystems = [ "bcachefs" ]; - boot.kernelPackages = pkgs.linuxPackages_latest; - # networking.networkmanager.enable = true; - networking.hostName = "kat-undefined"; + environment.etc = { + "config_base.nix" = { + mode = "0444"; + text = '' + { config, lib, pkgs, ... }: { + imports = [ ./hardware-configuration.nix ]; + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.supportedFilesystems = [ "bcachefs" ]; + boot.kernelPackages = pkgs.linuxPackages_latest; + # networking.networkmanager.enable = true; + networking.hostName = "kat-undefined"; - time.timeZone = "Europe/Paris"; - i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "fr"; - }; - #services.netbird.enable = true; - services.qemuGuest.enable = true; - services.openssh.enable = true; - users.users.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" - ]; - system.stateVersion = "23.11"; - } - ''; + time.timeZone = "Europe/Paris"; + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "fr"; + }; + #services.netbird.enable = true; + services.qemuGuest.enable = true; + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" + ]; + system.stateVersion = "23.11"; + } + ''; + }; }; }; - }; } diff --git a/machines/kat-probook/configuration.nix b/machines/kat-probook/configuration.nix index 3be8e02..591860e 100644 --- a/machines/kat-probook/configuration.nix +++ b/machines/kat-probook/configuration.nix @@ -1,13 +1,18 @@ -{ config, lib, pkgs, mods, ... }: +{ + config, + lib, + pkgs, + mods, + ... +}: { - imports = - [ - ./hardware-configuration.nix - - ./secrets.nix - # ./router.nix - ]; + imports = [ + ./hardware-configuration.nix + + ./secrets.nix + # ./router.nix + ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -36,7 +41,7 @@ }; environment.systemPackages = with pkgs; [ - (pkgs.callPackage {}) + (pkgs.callPackage { }) wget brightnessctl nix-search-cli @@ -70,7 +75,10 @@ folders."essentials" = { path = "~/essentials"; id = "vgpwu-fk3ct"; - devices = [ "katest" "katel" ]; + devices = [ + "katest" + "katel" + ]; }; devices.katest.id = "UPVXT7D-ZQF4E3J-4WKLLRV-2KF7323-7VOMEJJ-4PZVXW4-UQ2YABE-G7ID4AD"; devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ"; diff --git a/machines/kat-probook/hardware-configuration.nix b/machines/kat-probook/hardware-configuration.nix index 2f6245e..6d0257f 100644 --- a/machines/kat-probook/hardware-configuration.nix +++ b/machines/kat-probook/hardware-configuration.nix @@ -1,22 +1,33 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "vmd" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "vmd" + "nvme" + "usb_storage" + "sd_mod" + "rtsx_pci_sdmmc" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/4c1f76c6-5ce6-4987-b15e-9419627b7f19"; - fsType = "bcachefs"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/4c1f76c6-5ce6-4987-b15e-9419627b7f19"; + fsType = "bcachefs"; + }; boot.initrd.luks.devices."dec-lin" = { device = "/dev/disk/by-uuid/bba45bff-2356-4ec7-a20c-9cbf9d992822"; @@ -24,14 +35,12 @@ allowDiscards = true; }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/4F30-BEC7"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/4F30-BEC7"; + fsType = "vfat"; + }; - swapDevices = - [ { device = "/dev/disk/by-uuid/5edcb909-6109-4198-84c7-703cbd471b44"; } - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/5edcb909-6109-4198-84c7-703cbd471b44"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/machines/kat-probook/router.nix b/machines/kat-probook/router.nix index 96a260c..ed97725 100644 --- a/machines/kat-probook/router.nix +++ b/machines/kat-probook/router.nix @@ -1,4 +1,10 @@ -{ config, lib, pkgs, ... }: { +{ + config, + lib, + pkgs, + ... +}: +{ boot.kernel.sysctl."net.ipv4.ip_forward" = true; systemd.network = { @@ -13,11 +19,11 @@ name = "enp2s0"; address = [ "192.168.2.1/24" ]; networkConfig.DHCPServer = "yes"; - # dhcpServerConfig = { - # PoolOffset = 100; - # PoolSize = 100; - # BootServerAddress = "192.168.222.1"; - # }; + # dhcpServerConfig = { + # PoolOffset = 100; + # PoolSize = 100; + # BootServerAddress = "192.168.222.1"; + # }; }; }; }; diff --git a/machines/kat-probook/secrets.nix b/machines/kat-probook/secrets.nix index e1d59df..308ba69 100644 --- a/machines/kat-probook/secrets.nix +++ b/machines/kat-probook/secrets.nix @@ -6,15 +6,25 @@ let }; in { - age.identityPaths = [ - "/root/.ssh/passwd" - ]; + age.identityPaths = [ "/root/.ssh/passwd" ]; age.secrets = { - mails-laposte = cat-owned // { file = ./secrets/mails-laposte.age; }; - mails-dgnum = cat-owned // { file = ./secrets/mails-dgnum.age; }; - mails-kat = cat-owned // { file = ./secrets/mails-kat.age; }; - clipper = cat-owned // { file = ./secrets/clipper.age; }; - "geek.gle" = cat-owned // { file = ./secrets/geek.gle.age; }; - "pro.gle" = cat-owned // { file = ./secrets/pro.gle.age; }; + mails-laposte = cat-owned // { + file = ./secrets/mails-laposte.age; + }; + mails-dgnum = cat-owned // { + file = ./secrets/mails-dgnum.age; + }; + mails-kat = cat-owned // { + file = ./secrets/mails-kat.age; + }; + clipper = cat-owned // { + file = ./secrets/clipper.age; + }; + "geek.gle" = cat-owned // { + file = ./secrets/geek.gle.age; + }; + "pro.gle" = cat-owned // { + file = ./secrets/pro.gle.age; + }; }; } diff --git a/machines/kat-probook/secrets/secrets.nix b/machines/kat-probook/secrets/secrets.nix index 77e20a4..8779733 100644 --- a/machines/kat-probook/secrets/secrets.nix +++ b/machines/kat-probook/secrets/secrets.nix @@ -1,6 +1,7 @@ let pub-key = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBtlIx8XVse0m+Aqf4DuxzYdeF6gh/nObNzfrHJOn3Ik" ]; -in { +in +{ "mails-laposte.age".publicKeys = pub-key; "mails-dgnum.age".publicKeys = pub-key; "mails-kat.age".publicKeys = pub-key; diff --git a/machines/kat-r86s/configuration.nix b/machines/kat-r86s/configuration.nix index 8e79706..4beddba 100644 --- a/machines/kat-r86s/configuration.nix +++ b/machines/kat-r86s/configuration.nix @@ -1,20 +1,24 @@ # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: { - imports = - [ - ./hardware-configuration.nix - ./router.nix - ]; + imports = [ + ./hardware-configuration.nix + ./router.nix + ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.supportedFilesystems = [ "bcachefs" ]; boot.kernelPackages = pkgs.linuxPackages_latest; - networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. time.timeZone = "Europe/Paris"; # Configure network proxy if necessary @@ -51,9 +55,8 @@ programs.zsh.enable = true; users.users.guest = { isNormalUser = true; -# extraGroups = [ "wheel" ]; - packages = with pkgs; [ - ]; + # extraGroups = [ "wheel" ]; + packages = with pkgs; [ ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" @@ -97,7 +100,10 @@ services.openssh.enable = true; services.netbird.enable = true; - boot.kernelModules = [ "kvm-intel" "kvm-amd" ]; + boot.kernelModules = [ + "kvm-intel" + "kvm-amd" + ]; programs.virt-manager.enable = true; virtualisation.libvirtd.enable = true; @@ -118,7 +124,13 @@ }; # Open ports in the firewall. - networking.firewall.allowedTCPPorts = [ 22 53 80 443 22000 ]; + networking.firewall.allowedTCPPorts = [ + 22 + 53 + 80 + 443 + 22000 + ]; networking.firewall.allowedUDPPorts = [ 67 ]; # Or disable the firewall altogether. # networking.firewall.enable = false; @@ -145,6 +157,4 @@ # # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . system.stateVersion = "23.11"; # Did you read the comment? - } - diff --git a/machines/kat-r86s/hardware-configuration.nix b/machines/kat-r86s/hardware-configuration.nix index 9b6970a..4ea7aa8 100644 --- a/machines/kat-r86s/hardware-configuration.nix +++ b/machines/kat-r86s/hardware-configuration.nix @@ -1,27 +1,37 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "usbhid" + "usb_storage" + "sd_mod" + "sdhci_pci" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "UUID=2d6f7d3a-936d-457c-86c7-f49d816ff5b7"; - fsType = "bcachefs"; - }; + fileSystems."/" = { + device = "UUID=2d6f7d3a-936d-457c-86c7-f49d816ff5b7"; + fsType = "bcachefs"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/DD9A-3823"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/DD9A-3823"; + fsType = "vfat"; + }; swapDevices = [ ]; diff --git a/machines/kat-r86s/router.nix b/machines/kat-r86s/router.nix index 65336b2..e45656c 100644 --- a/machines/kat-r86s/router.nix +++ b/machines/kat-r86s/router.nix @@ -1,21 +1,32 @@ -{config, lib, pkgs, ...}: { +{ + config, + lib, + pkgs, + ... +}: +{ boot.kernel.sysctl."net.ipv4.ip_forward" = true; -# networking.nat = { -# enable = true; -# internalInterfaces = [ "enp2s0" ]; -# externalInterface = "enp1s0"; -# }; + # networking.nat = { + # enable = true; + # internalInterfaces = [ "enp2s0" ]; + # externalInterface = "enp1s0"; + # }; networking.interfaces.enp2s0 = { useDHCP = false; - ipv4.addresses = [{ address = "192.168.42.1"; prefixLength = 24; }]; + ipv4.addresses = [ + { + address = "192.168.42.1"; + prefixLength = 24; + } + ]; }; -# networking.interfaces.enp3s0 = { -# useDHCP = false; -# ipv4.addresses = [{ address = "192.168.222.1"; prefixLength = 24; }]; -# ipv6.addresses = [{ address = "fd26:baf9:d250:8000::ffff"; prefixLength = 64; }]; -# }; + # networking.interfaces.enp3s0 = { + # useDHCP = false; + # ipv4.addresses = [{ address = "192.168.222.1"; prefixLength = 24; }]; + # ipv6.addresses = [{ address = "fd26:baf9:d250:8000::ffff"; prefixLength = 64; }]; + # }; services.dnsmasq = { enable = true; @@ -33,7 +44,10 @@ "10-enp3s0" = { name = "enp3s0"; networkConfig = { - VLAN = [ "vlan-admin" "vlan-user-test" ]; + VLAN = [ + "vlan-admin" + "vlan-user-test" + ]; LinkLocalAddressing = false; LLDP = false; diff --git a/machines/kat-runner/configuration.nix b/machines/kat-runner/configuration.nix index 4f5d3f3..4ef1742 100644 --- a/machines/kat-runner/configuration.nix +++ b/machines/kat-runner/configuration.nix @@ -1,10 +1,12 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: { - imports = - [ - ./hardware-configuration.nix - ]; + imports = [ ./hardware-configuration.nix ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -15,7 +17,10 @@ enable = true; networks."10-enp1s0" = { name = "enp1s0"; - address = [ "192.168.122.3/24" "fe80::3/64" ]; + address = [ + "192.168.122.3/24" + "fe80::3/64" + ]; routes = [ { routeConfig.Gateway = "192.168.122.1"; } { routeConfig.Gateway = "fe80::1"; } @@ -56,7 +61,11 @@ services.parkas = { executor = "shell"; registrationConfigFile = "/root/parkas-runner-secrets.toml"; - tagList = [ "test" "linux" "nix" ]; + tagList = [ + "test" + "linux" + "nix" + ]; }; }; @@ -71,4 +80,3 @@ system.stateVersion = "23.11"; } - diff --git a/machines/kat-runner/hardware-configuration.nix b/machines/kat-runner/hardware-configuration.nix index aa6f2bc..4a21dcc 100644 --- a/machines/kat-runner/hardware-configuration.nix +++ b/machines/kat-runner/hardware-configuration.nix @@ -1,28 +1,41 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.availableKernelModules = [ + "ahci" + "xhci_pci" + "virtio_pci" + "sr_mod" + "virtio_blk" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/33eef82e-c54b-49a8-8f48-4dc28aab0fab"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/33eef82e-c54b-49a8-8f48-4dc28aab0fab"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/6760-3980"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/6760-3980"; + fsType = "vfat"; + options = [ + "fmask=0022" + "dmask=0022" + ]; + }; swapDevices = [ ]; diff --git a/machines/kat-test/configuration.nix b/machines/kat-test/configuration.nix index 98de6c7..5040f36 100644 --- a/machines/kat-test/configuration.nix +++ b/machines/kat-test/configuration.nix @@ -1,19 +1,22 @@ # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). -{ config, lib, pkgs, mods, ... }: +{ + config, + lib, + pkgs, + mods, + ... +}: { - imports = - [ - ./hardware-configuration.nix - ]; + imports = [ ./hardware-configuration.nix ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.supportedFilesystems = [ "bcachefs" ]; boot.kernelPackages = pkgs.linuxPackages_latest; - networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. time.timeZone = "Europe/Paris"; i18n.defaultLocale = "en_US.UTF-8"; @@ -76,23 +79,23 @@ enableSSHSupport = true; }; -# services.syncthing = { -# enable = true; -# systemService = true; -# dataDir = "/home/catvayor"; -# user = "catvayor"; -# group = "users"; -# openDefaultPorts = true; -# settings = { -# folders."essentials" = { -# path = "~/essentials"; -# id = "vgpwu-fk3ct"; -# devices = [ "katest" "katel" ]; -# }; -# devices.katest.id = "UPVXT7D-ZQF4E3J-4WKLLRV-2KF7323-7VOMEJJ-4PZVXW4-UQ2YABE-G7ID4AD"; -# devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ"; -# }; -# }; + # services.syncthing = { + # enable = true; + # systemService = true; + # dataDir = "/home/catvayor"; + # user = "catvayor"; + # group = "users"; + # openDefaultPorts = true; + # settings = { + # folders."essentials" = { + # path = "~/essentials"; + # id = "vgpwu-fk3ct"; + # devices = [ "katest" "katel" ]; + # }; + # devices.katest.id = "UPVXT7D-ZQF4E3J-4WKLLRV-2KF7323-7VOMEJJ-4PZVXW4-UQ2YABE-G7ID4AD"; + # devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ"; + # }; + # }; services.netbird.enable = true; # List services that you want to enable: @@ -128,6 +131,4 @@ # # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . system.stateVersion = "23.11"; # Did you read the comment? - } - diff --git a/machines/kat-test/hardware-configuration.nix b/machines/kat-test/hardware-configuration.nix index b555c7a..aa21245 100644 --- a/machines/kat-test/hardware-configuration.nix +++ b/machines/kat-test/hardware-configuration.nix @@ -1,33 +1,41 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + "usb_storage" + "sd_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "UUID=3d3c874f-7182-4eb1-91a6-ededc6f05fcc"; - fsType = "bcachefs"; - }; + fileSystems."/" = { + device = "UUID=3d3c874f-7182-4eb1-91a6-ededc6f05fcc"; + fsType = "bcachefs"; + }; boot.initrd.luks.devices."disk".device = "/dev/disk/by-uuid/b1e18836-c657-49b2-81f9-8f0b2e4a4283"; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/B405-7B40"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/B405-7B40"; + fsType = "vfat"; + }; - swapDevices = - [ { device = "/dev/disk/by-uuid/060c35d7-86b0-4901-b882-02443efbfe07"; } - ]; + swapDevices = [ { device = "/dev/disk/by-uuid/060c35d7-86b0-4901-b882-02443efbfe07"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/machines/kat-virt/configuration.nix b/machines/kat-virt/configuration.nix index 129341f..ba45a68 100644 --- a/machines/kat-virt/configuration.nix +++ b/machines/kat-virt/configuration.nix @@ -1,12 +1,14 @@ # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: { - imports = - [ - ./hardware-configuration.nix - ]; + imports = [ ./hardware-configuration.nix ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -19,14 +21,23 @@ interfaces."enp1s0" = { useDHCP = false; ipv4.addresses = [ - { address = "192.168.122.2"; prefixLength = 24; } + { + address = "192.168.122.2"; + prefixLength = 24; + } ]; ipv6.addresses = [ - { address = "fe80::2"; prefixLength = 64; } + { + address = "fe80::2"; + prefixLength = 64; + } ]; }; defaultGateway = "192.168.122.1"; - defaultGateway6 = { address = "fe80::1"; interface = "enp1s0"; }; + defaultGateway6 = { + address = "fe80::1"; + interface = "enp1s0"; + }; nameservers = [ "192.168.122.1" "fe80::1%enp1s0" @@ -124,6 +135,4 @@ # # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . system.stateVersion = "23.11"; # Did you read the comment? - } - diff --git a/machines/kat-virt/hardware-configuration.nix b/machines/kat-virt/hardware-configuration.nix index f9547ab..a2f4b2b 100644 --- a/machines/kat-virt/hardware-configuration.nix +++ b/machines/kat-virt/hardware-configuration.nix @@ -1,27 +1,37 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.availableKernelModules = [ + "ahci" + "xhci_pci" + "virtio_pci" + "sr_mod" + "virtio_blk" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "UUID=301a23cf-1aa3-4c53-a174-1a97592da5fa"; - fsType = "bcachefs"; - }; + fileSystems."/" = { + device = "UUID=301a23cf-1aa3-4c53-a174-1a97592da5fa"; + fsType = "bcachefs"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/F594-E8DB"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/F594-E8DB"; + fsType = "vfat"; + }; swapDevices = [ ]; diff --git a/modules/default.nix b/modules/default.nix index 96984cf..6182268 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,6 +1,7 @@ let sway = import ./desktop/sway.nix; -in { +in +{ home = { sway = sway.home; neovim = ./neovim; diff --git a/modules/desktop/sway.nix b/modules/desktop/sway.nix index dd5cf9b..b454aba 100644 --- a/modules/desktop/sway.nix +++ b/modules/desktop/sway.nix @@ -1,64 +1,90 @@ { - global = { config, pkgs, lib, mods, ... }: - { - programs.wshowkeys.enable = true; - programs.sway.enable = true; - services.dbus.packages = with pkgs; [ dconf ]; - xdg.portal = { - enable = true; - extraPortals = with pkgs; [ - xdg-desktop-portal-wlr - xdg-desktop-portal-gtk - ]; - }; - }; - home = { config, pkgs, lib, mods, ... }: - { - xdg.configFile."sway/config".onChange = lib.mkForce ""; - - home.sessionVariables = { - MOZ_ENABLE_WAYLAND = "1"; - MOZ_USE_XINPUT2 = "1"; - SDL_VIDEODRIVER = "wayland"; - QT_QPA_PLATFORM = "wayland"; - QT_WAYLAND_DISABLE_WINDOWDECORATION = "1"; - _JAVA_AWT_WM_NONREPARETING = "1"; - XDG_SESSION_TYPE = "wayland"; - XDG_CURRENT_DESKTOP = "sway"; - }; - - programs.waybar.enable = true; - home.file.".config/waybar" = { source = ./waybar; recursive = true; }; - - services.swayidle = - let lockwall = pkgs.runCommand "lock_wall.jpg" {} '' - ${pkgs.ffmpeg}/bin/ffmpeg -i ${./wall.jpg} -filter_complex 'gblur=sigma=3' $out -y - ''; - in { - enable = true; - timeouts = [ - { - timeout = 300; - command = ''${pkgs.systemd}/bin/loginctl lock-session && ${pkgs.sway}/bin/swaymsg "output * dpms off"''; - resumeCommand = ''${pkgs.sway}/bin/swaymsg "output * dpms on"''; - } - ]; - events = [ - { event = "before-sleep"; command = "${pkgs.systemd}/bin/loginctl lock-session"; } - { event = "lock"; command = "${pkgs.swaylock}/bin/swaylock -f -i ${lockwall}"; } - ]; - }; - - wayland.windowManager.sway = { - enable = true; - xwayland = true; - wrapperFeatures = { - base = false; - gtk = false; + global = + { + config, + pkgs, + lib, + mods, + ... + }: + { + programs.wshowkeys.enable = true; + programs.sway.enable = true; + services.dbus.packages = with pkgs; [ dconf ]; + xdg.portal = { + enable = true; + extraPortals = with pkgs; [ + xdg-desktop-portal-wlr + xdg-desktop-portal-gtk + ]; }; - extraConfig = ''workspace 1''; - config = - let menuCmd = "${pkgs.wofi}/bin/wofi --show drun -i | xargs swaymsg exec --"; + }; + home = + { + config, + pkgs, + lib, + mods, + ... + }: + { + xdg.configFile."sway/config".onChange = lib.mkForce ""; + + home.sessionVariables = { + MOZ_ENABLE_WAYLAND = "1"; + MOZ_USE_XINPUT2 = "1"; + SDL_VIDEODRIVER = "wayland"; + QT_QPA_PLATFORM = "wayland"; + QT_WAYLAND_DISABLE_WINDOWDECORATION = "1"; + _JAVA_AWT_WM_NONREPARETING = "1"; + XDG_SESSION_TYPE = "wayland"; + XDG_CURRENT_DESKTOP = "sway"; + }; + + programs.waybar.enable = true; + home.file.".config/waybar" = { + source = ./waybar; + recursive = true; + }; + + services.swayidle = + let + lockwall = pkgs.runCommand "lock_wall.jpg" { } '' + ${pkgs.ffmpeg}/bin/ffmpeg -i ${./wall.jpg} -filter_complex 'gblur=sigma=3' $out -y + ''; + in + { + enable = true; + timeouts = [ + { + timeout = 300; + command = ''${pkgs.systemd}/bin/loginctl lock-session && ${pkgs.sway}/bin/swaymsg "output * dpms off"''; + resumeCommand = ''${pkgs.sway}/bin/swaymsg "output * dpms on"''; + } + ]; + events = [ + { + event = "before-sleep"; + command = "${pkgs.systemd}/bin/loginctl lock-session"; + } + { + event = "lock"; + command = "${pkgs.swaylock}/bin/swaylock -f -i ${lockwall}"; + } + ]; + }; + + wayland.windowManager.sway = { + enable = true; + xwayland = true; + wrapperFeatures = { + base = false; + gtk = false; + }; + extraConfig = ''workspace 1''; + config = + let + menuCmd = "${pkgs.wofi}/bin/wofi --show drun -i | xargs swaymsg exec --"; exitMd = ''Exit Mode:| (l)Log out | (r)Reboot | (p)Poweroff''; weechatCmd = pkgs.writeShellScript "weechat.sh" '' nix-shell -p python3 python311Packages.dbus-python python311Packages.notify2 --run 'python ${./weenotify.py} -s' > /dev/null & @@ -67,155 +93,186 @@ sleep 1 done ''; - in rec { - window.border = 1; - gaps.smartBorders = "on"; - modifier = "Mod4"; - terminal = "alacritty"; - input."type:keyboard".xkb_layout = "fr"; - startup = [ - { command = "${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ on"; } + in + rec { + window.border = 1; + gaps.smartBorders = "on"; + modifier = "Mod4"; + terminal = "alacritty"; + input."type:keyboard".xkb_layout = "fr"; + startup = [ + { command = "${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ on"; } - { command = "discord"; } - { command = "thunderbird"; } - { command = "mattermost-desktop"; } - { command = "signal-desktop --"; } - { command = ''sh -c "sleep 2 && exec keepassxc"''; } - { command = "alacritty --class weechat --title weechat --command ${pkgs.bash}/bin/bash -c ${weechatCmd}"; } - ]; - assigns = { - "1" = [{ app_id="firefox"; }]; - "9" = [{ app_id="thunderbird"; }]; - "10" = [ - { class="Mattermost"; } - { class="Signal"; } - { class="discord"; } - { app_id="weechat"; } - ]; - }; - bars = [{ - command = "waybar"; - mode = "hide"; - }]; - output."*".bg = "${./wall.jpg} fill"; - seat."*"."hide_cursor" = "5000"; - focus.wrapping = "yes"; - window.titlebar = false; - colors = - let black = "#000000"; - dark = "#111111"; - adark = "#111111BB"; - aadark = "#11111177"; - highl = "#222222"; - gray = "#777777"; - white = "#FFFFFF"; - color = "#FFBB00"; - urgent = "#FF0000"; - in { - focused = {border = adark; background = adark; text = white; indicator = color; childBorder = color; }; - unfocused = {border = aadark; background = aadark; text = gray; indicator = dark; childBorder = dark; }; - focusedInactive = {border = adark; background = adark; text = gray; indicator = dark; childBorder = dark; }; - urgent = {border = urgent; background = urgent; text = white; indicator = urgent; childBorder = urgent; }; - }; - modes = { - "display" = { - "Left" = "output - transform 90"; - "Down" = "output - transform normal"; - "Up" = "output - transform 180"; - "Right" = "output - transform 270"; + { command = "discord"; } + { command = "thunderbird"; } + { command = "mattermost-desktop"; } + { command = "signal-desktop --"; } + { command = ''sh -c "sleep 2 && exec keepassxc"''; } + { + command = "alacritty --class weechat --title weechat --command ${pkgs.bash}/bin/bash -c ${weechatCmd}"; + } + ]; + assigns = { + "1" = [ { app_id = "firefox"; } ]; + "9" = [ { app_id = "thunderbird"; } ]; + "10" = [ + { class = "Mattermost"; } + { class = "Signal"; } + { class = "discord"; } + { app_id = "weechat"; } + ]; + }; + bars = [ + { + command = "waybar"; + mode = "hide"; + } + ]; + output."*".bg = "${./wall.jpg} fill"; + seat."*"."hide_cursor" = "5000"; + focus.wrapping = "yes"; + window.titlebar = false; + colors = + let + black = "#000000"; + dark = "#111111"; + adark = "#111111BB"; + aadark = "#11111177"; + highl = "#222222"; + gray = "#777777"; + white = "#FFFFFF"; + color = "#FFBB00"; + urgent = "#FF0000"; + in + { + focused = { + border = adark; + background = adark; + text = white; + indicator = color; + childBorder = color; + }; + unfocused = { + border = aadark; + background = aadark; + text = gray; + indicator = dark; + childBorder = dark; + }; + focusedInactive = { + border = adark; + background = adark; + text = gray; + indicator = dark; + childBorder = dark; + }; + urgent = { + border = urgent; + background = urgent; + text = white; + indicator = urgent; + childBorder = urgent; + }; + }; + modes = { + "display" = { + "Left" = "output - transform 90"; + "Down" = "output - transform normal"; + "Up" = "output - transform 180"; + "Right" = "output - transform 270"; - "Shift+Left" = "output - transform flipped-90"; - "Shift+Down" = "output - transform flipped"; - "Shift+Up" = "output - transform flipped-180"; - "Shift+Right" = "output - transform flipped-270"; + "Shift+Left" = "output - transform flipped-90"; + "Shift+Down" = "output - transform flipped"; + "Shift+Up" = "output - transform flipped-180"; + "Shift+Right" = "output - transform flipped-270"; - "Escape" = ''mode default"''; + "Escape" = ''mode default"''; + }; + + "resize" = { + "Left" = "resize shrink width 10px"; + "Down" = "resize grow height 10px"; + "Up" = "resize shrink height 10px"; + "Right" = "resize grow width 10px"; + + "Escape" = ''mode default"''; + }; + + "${exitMd}" = { + "l" = "exec swaymsg exit"; + "r" = "exec systemctl reboot"; + "p" = "exec systemctl poweroff"; + "Escape" = ''mode default"''; + }; + }; + keybindings = { + "${modifier}+Return" = "exec ${terminal}"; + "${modifier}+q" = "kill"; + "${modifier}+d" = "exec ${menuCmd}"; + "${modifier}+Shift+f" = "exec firefox"; + "${modifier}+Shift+c" = "reload"; + "${modifier}+p" = ''exec ${pkgs.grim}/bin/grim -g "$(${pkgs.slurp}/bin/slurp -d)" - | ${pkgs.wl-clipboard}/bin/wl-copy -t image/png''; + "Print" = "exec ${pkgs.grim}/bin/grim - | ${pkgs.wl-clipboard}/bin/wl-copy -t image/png"; + + "${modifier}+x" = ''mode "display"''; + "${modifier}+r" = ''mode "resize"''; + + "${modifier}+Shift+e" = ''mode "${exitMd}"''; + "${modifier}+l" = "exec ${pkgs.systemd}/bin/loginctl lock-session"; + "Ctrl+Shift+l" = ''exec ${pkgs.grim}/bin/grim /tmp/t_lock.png && ${pkgs.swaylock}/bin/swaylock -f -i /tmp/t_lock.png''; + + "${modifier}+Left" = "focus left"; + "${modifier}+Down" = "focus down"; + "${modifier}+Up" = "focus up"; + "${modifier}+Right" = "focus right"; + "${modifier}+ampersand" = "workspace 1"; + "${modifier}+eacute" = "workspace 2"; + "${modifier}+quotedbl" = "workspace 3"; + "${modifier}+apostrophe" = "workspace 4"; + "${modifier}+parenleft" = "workspace 5"; + "${modifier}+minus" = "workspace 6"; + "${modifier}+egrave" = "workspace 7"; + "${modifier}+underscore" = "workspace 8"; + "${modifier}+ccedilla" = "workspace 9"; + "${modifier}+agrave" = "workspace 10"; + + "${modifier}+Shift+Left" = "move left"; + "${modifier}+Shift+Down" = "move down"; + "${modifier}+Shift+Up" = "move up"; + "${modifier}+Shift+Right" = "move right"; + "${modifier}+Shift+ampersand" = "move container to workspace 1"; + "${modifier}+Shift+eacute" = "move container to workspace 2"; + "${modifier}+Shift+quotedbl" = "move container to workspace 3"; + "${modifier}+Shift+apostrophe" = "move container to workspace 4"; + "${modifier}+Shift+parenleft" = "move container to workspace 5"; + "${modifier}+Shift+minus" = "move container to workspace 6"; + "${modifier}+Shift+egrave" = "move container to workspace 7"; + "${modifier}+Shift+underscore" = "move container to workspace 8"; + "${modifier}+Shift+ccedilla" = "move container to workspace 9"; + "${modifier}+Shift+agrave" = "move container to workspace 10"; + + "${modifier}+b" = "splith"; + "${modifier}+v" = "splitv"; + "${modifier}+Shift+s" = "layout stacking"; + "${modifier}+w" = "layout tabbed"; + "${modifier}+s" = "layout toggle split"; + + "${modifier}+f" = "fullscreen"; + "${modifier}+Shift+space" = "floating toggle"; + "${modifier}+space" = "focus mode toggle"; + "${modifier}+z" = "focus parent"; + "${modifier}+Shift+z" = "focus child"; + "${modifier}+Shift+F1" = "move scratchpad"; + "${modifier}+F1" = "scratchpad show"; + + "XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%"; + "XF86AudioLowerVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%"; + "XF86AudioMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; + "XF86AudioMicMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle"; + "XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set 5%-"; + "XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set +5%"; + }; }; - - "resize" = { - "Left" = "resize shrink width 10px"; - "Down" = "resize grow height 10px"; - "Up" = "resize shrink height 10px"; - "Right" = "resize grow width 10px"; - - "Escape" = ''mode default"''; - }; - - "${exitMd}" = { - "l" = "exec swaymsg exit"; - "r" = "exec systemctl reboot"; - "p" = "exec systemctl poweroff"; - "Escape" = ''mode default"''; - }; - }; - keybindings = { - "${modifier}+Return" = "exec ${terminal}"; - "${modifier}+q" = "kill"; - "${modifier}+d" = "exec ${menuCmd}"; - "${modifier}+Shift+f" = "exec firefox"; - "${modifier}+Shift+c" = "reload"; - "${modifier}+p" = ''exec ${pkgs.grim}/bin/grim -g "$(${pkgs.slurp}/bin/slurp -d)" - | ${pkgs.wl-clipboard}/bin/wl-copy -t image/png''; - "Print" = "exec ${pkgs.grim}/bin/grim - | ${pkgs.wl-clipboard}/bin/wl-copy -t image/png"; - - "${modifier}+x" = ''mode "display"''; - "${modifier}+r" = ''mode "resize"''; - - "${modifier}+Shift+e" = ''mode "${exitMd}"''; - "${modifier}+l" = "exec ${pkgs.systemd}/bin/loginctl lock-session"; - "Ctrl+Shift+l" = ''exec ${pkgs.grim}/bin/grim /tmp/t_lock.png && ${pkgs.swaylock}/bin/swaylock -f -i /tmp/t_lock.png''; - - "${modifier}+Left" = "focus left"; - "${modifier}+Down" = "focus down"; - "${modifier}+Up" = "focus up"; - "${modifier}+Right" = "focus right"; - "${modifier}+ampersand" = "workspace 1"; - "${modifier}+eacute" = "workspace 2"; - "${modifier}+quotedbl" = "workspace 3"; - "${modifier}+apostrophe" = "workspace 4"; - "${modifier}+parenleft" = "workspace 5"; - "${modifier}+minus" = "workspace 6"; - "${modifier}+egrave" = "workspace 7"; - "${modifier}+underscore" = "workspace 8"; - "${modifier}+ccedilla" = "workspace 9"; - "${modifier}+agrave" = "workspace 10"; - - "${modifier}+Shift+Left" = "move left"; - "${modifier}+Shift+Down" = "move down"; - "${modifier}+Shift+Up" = "move up"; - "${modifier}+Shift+Right" = "move right"; - "${modifier}+Shift+ampersand" = "move container to workspace 1"; - "${modifier}+Shift+eacute" = "move container to workspace 2"; - "${modifier}+Shift+quotedbl" = "move container to workspace 3"; - "${modifier}+Shift+apostrophe" = "move container to workspace 4"; - "${modifier}+Shift+parenleft" = "move container to workspace 5"; - "${modifier}+Shift+minus" = "move container to workspace 6"; - "${modifier}+Shift+egrave" = "move container to workspace 7"; - "${modifier}+Shift+underscore" = "move container to workspace 8"; - "${modifier}+Shift+ccedilla" = "move container to workspace 9"; - "${modifier}+Shift+agrave" = "move container to workspace 10"; - - "${modifier}+b" = "splith"; - "${modifier}+v" = "splitv"; - "${modifier}+Shift+s" = "layout stacking"; - "${modifier}+w" = "layout tabbed"; - "${modifier}+s" = "layout toggle split"; - - "${modifier}+f" = "fullscreen"; - "${modifier}+Shift+space" = "floating toggle"; - "${modifier}+space" = "focus mode toggle"; - "${modifier}+z" = "focus parent"; - "${modifier}+Shift+z" = "focus child"; - "${modifier}+Shift+F1" = "move scratchpad"; - "${modifier}+F1" = "scratchpad show"; - - "XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%"; - "XF86AudioLowerVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%"; - "XF86AudioMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; - "XF86AudioMicMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle"; - "XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set 5%-"; - "XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set +5%"; - }; }; }; - }; } diff --git a/modules/mail.nix b/modules/mail.nix index a14145d..bd221c6 100644 --- a/modules/mail.nix +++ b/modules/mail.nix @@ -1,145 +1,149 @@ -{ pkgs, config, ... }: { +{ pkgs, config, ... }: +{ programs.aerc = { extraConfig.general.unsafe-accounts-conf = true; enable = true; }; accounts.email.accounts = - let - aerc = { enable = true; }; - in { - "ens" = { - primary = true; - inherit aerc; - address = "lubin.bailly@ens.psl.eu"; - realName = "Lubin Bailly"; - userName = "lbailly"; - signature = { - delimiter = "--"; - showSignature = "append"; - text = "Lubin Bailly"; + let + aerc = { + enable = true; }; - passwordCommand = "cat /run/agenix/clipper"; - imap = { - host = "clipper.ens.psl.eu"; - port = 993; - tls.enable = true; + in + { + "ens" = { + primary = true; + inherit aerc; + address = "lubin.bailly@ens.psl.eu"; + realName = "Lubin Bailly"; + userName = "lbailly"; + signature = { + delimiter = "--"; + showSignature = "append"; + text = "Lubin Bailly"; + }; + passwordCommand = "cat /run/agenix/clipper"; + imap = { + host = "clipper.ens.psl.eu"; + port = 993; + tls.enable = true; + }; + smtp = { + host = "clipper.ens.psl.eu"; + port = 465; + tls.enable = true; + }; }; - smtp = { - host = "clipper.ens.psl.eu"; - port = 465; - tls.enable = true; + "katmail" = { + inherit aerc; + address = "catvayor@katvayor.net"; + realName = "catvayor"; + userName = "catvayor@katvayor.net"; + signature = { + delimiter = "--"; + showSignature = "append"; + text = "catvayor"; + }; + passwordCommand = "cat /run/agenix/mails-kat"; + imap = { + host = "ssl0.ovh.net"; + port = 993; + tls.enable = true; + }; + smtp = { + host = "ssl0.ovh.net"; + port = 465; + tls.enable = true; + }; + }; + "dgnum" = { + inherit aerc; + address = "catvayor@dgnum.eu"; + realName = "catvayor"; + userName = "catvayor@dgnum.eu"; + signature = { + delimiter = "--"; + showSignature = "append"; + text = "catvayor"; + }; + passwordCommand = "cat /run/agenix/mails-dgnum"; + imap = { + host = "kurisu.lahfa.xyz"; + port = 993; + tls.enable = true; + }; + smtp = { + host = "kurisu.lahfa.xyz"; + port = 587; + tls.enable = true; + tls.useStartTls = true; + }; + }; + "gmail.geek" = { + inherit aerc; + address = "lubin.geek@gmail.com"; + realName = "Lubin Bailly"; + userName = "lubin.geek@gmail.com"; + signature = { + delimiter = "--"; + showSignature = "append"; + text = "Lubin Bailly"; + }; + passwordCommand = "cat /run/agenix/geek.gle"; + imap = { + host = "imap.gmail.com"; + port = 993; + tls.enable = true; + }; + smtp = { + host = "smtp.gmail.com"; + port = 465; + tls.enable = true; + }; + }; + "gmail.pro" = { + inherit aerc; + address = "lubin.bailly@gmail.com"; + realName = "Lubin Bailly"; + userName = "lubin.bailly@gmail.com"; + signature = { + delimiter = "--"; + showSignature = "append"; + text = "Lubin Bailly"; + }; + passwordCommand = "cat /run/agenix/pro.gle"; + imap = { + host = "imap.gmail.com"; + port = 993; + tls.enable = true; + }; + smtp = { + host = "smtp.gmail.com"; + port = 465; + tls.enable = true; + }; + }; + "laposte" = { + inherit aerc; + address = "lubin-bailly@laposte.net"; + realName = "Lubin Bailly"; + userName = "lubin-bailly"; + signature = { + delimiter = "--"; + showSignature = "append"; + text = "Lubin Bailly"; + }; + passwordCommand = "cat /run/agenix/mails-laposte"; + imap = { + host = "imap.laposte.net"; + port = 993; + tls.enable = true; + }; + smtp = { + host = "smtp.laposte.net"; + port = 465; + tls.enable = true; + }; }; }; - "katmail" = { - inherit aerc; - address = "catvayor@katvayor.net"; - realName = "catvayor"; - userName = "catvayor@katvayor.net"; - signature = { - delimiter = "--"; - showSignature = "append"; - text = "catvayor"; - }; - passwordCommand = "cat /run/agenix/mails-kat"; - imap = { - host = "ssl0.ovh.net"; - port = 993; - tls.enable = true; - }; - smtp = { - host = "ssl0.ovh.net"; - port = 465; - tls.enable = true; - }; - }; - "dgnum" = { - inherit aerc; - address = "catvayor@dgnum.eu"; - realName = "catvayor"; - userName = "catvayor@dgnum.eu"; - signature = { - delimiter = "--"; - showSignature = "append"; - text = "catvayor"; - }; - passwordCommand = "cat /run/agenix/mails-dgnum"; - imap = { - host = "kurisu.lahfa.xyz"; - port = 993; - tls.enable = true; - }; - smtp = { - host = "kurisu.lahfa.xyz"; - port = 587; - tls.enable = true; - tls.useStartTls = true; - }; - }; - "gmail.geek" = { - inherit aerc; - address = "lubin.geek@gmail.com"; - realName = "Lubin Bailly"; - userName = "lubin.geek@gmail.com"; - signature = { - delimiter = "--"; - showSignature = "append"; - text = "Lubin Bailly"; - }; - passwordCommand = "cat /run/agenix/geek.gle"; - imap = { - host = "imap.gmail.com"; - port = 993; - tls.enable = true; - }; - smtp = { - host = "smtp.gmail.com"; - port = 465; - tls.enable = true; - }; - }; - "gmail.pro" = { - inherit aerc; - address = "lubin.bailly@gmail.com"; - realName = "Lubin Bailly"; - userName = "lubin.bailly@gmail.com"; - signature = { - delimiter = "--"; - showSignature = "append"; - text = "Lubin Bailly"; - }; - passwordCommand = "cat /run/agenix/pro.gle"; - imap = { - host = "imap.gmail.com"; - port = 993; - tls.enable = true; - }; - smtp = { - host = "smtp.gmail.com"; - port = 465; - tls.enable = true; - }; - }; - "laposte" = { - inherit aerc; - address = "lubin-bailly@laposte.net"; - realName = "Lubin Bailly"; - userName = "lubin-bailly"; - signature = { - delimiter = "--"; - showSignature = "append"; - text = "Lubin Bailly"; - }; - passwordCommand = "cat /run/agenix/mails-laposte"; - imap = { - host = "imap.laposte.net"; - port = 993; - tls.enable = true; - }; - smtp = { - host = "smtp.laposte.net"; - port = 465; - tls.enable = true; - }; - }; - }; } diff --git a/modules/neovim/default.nix b/modules/neovim/default.nix index f0c965c..d76e1d9 100644 --- a/modules/neovim/default.nix +++ b/modules/neovim/default.nix @@ -1,5 +1,10 @@ -{ pkgs, config, lib, ... }: -{ +{ + pkgs, + config, + lib, + ... +}: +{ programs.neovim = { enable = true; defaultEditor = true; diff --git a/modules/zsh.nix b/modules/zsh.nix index 73bf015..fc2d5e6 100644 --- a/modules/zsh.nix +++ b/modules/zsh.nix @@ -1,48 +1,55 @@ -{ config, pkgs, lib, ... }: { - programs.zsh = { - enable = true; - oh-my-zsh = { + config, + pkgs, + lib, + ... +}: +{ + programs = { + zsh = { enable = true; - plugins = [ "git" ]; + oh-my-zsh = { + enable = true; + plugins = [ "git" ]; + }; + plugins = [ + { + name = "zsh-nix-shell"; + file = "nix-shell.plugin.zsh"; + src = pkgs.fetchFromGitHub { + owner = "chisui"; + repo = "zsh-nix-shell"; + rev = "v0.8.0"; + sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7"; + }; + } + { + name = "zsh-autosuggestion"; + file = "zsh-autosuggestions.zsh"; + src = pkgs.fetchFromGitHub { + owner = "zsh-users"; + repo = "zsh-autosuggestions"; + rev = "v0.7.0"; + sha256 = "1g3pij5qn2j7v7jjac2a63lxd97mcsgw6xq6k5p7835q9fjiid98"; + }; + } + { + name = "zsh-syntax-highlighting"; + file = "zsh-syntax-highlighting.zsh"; + src = pkgs.fetchFromGitHub { + owner = "zsh-users"; + repo = "zsh-syntax-highlighting"; + rev = "0.8.0"; + sha256 = "1yl8zdip1z9inp280sfa5byjbf2vqh2iazsycar987khjsi5d5w8"; + }; + } + ]; }; - plugins = [ - { - name = "zsh-nix-shell"; - file = "nix-shell.plugin.zsh"; - src = pkgs.fetchFromGitHub { - owner = "chisui"; - repo = "zsh-nix-shell"; - rev = "v0.8.0"; - sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7"; - }; - } - { - name = "zsh-autosuggestion"; - file = "zsh-autosuggestions.zsh"; - src = pkgs.fetchFromGitHub { - owner = "zsh-users"; - repo = "zsh-autosuggestions"; - rev = "v0.7.0"; - sha256 = "1g3pij5qn2j7v7jjac2a63lxd97mcsgw6xq6k5p7835q9fjiid98"; - }; - } - { - name = "zsh-syntax-highlighting"; - file = "zsh-syntax-highlighting.zsh"; - src = pkgs.fetchFromGitHub { - owner = "zsh-users"; - repo = "zsh-syntax-highlighting"; - rev = "0.8.0"; - sha256 = "1yl8zdip1z9inp280sfa5byjbf2vqh2iazsycar987khjsi5d5w8"; - }; - } - ]; - }; - programs.starship = { - enable = true; - enableZshIntegration = true; - settings.battery.disabled = true; + starship = { + enable = true; + enableZshIntegration = true; + settings.battery.disabled = true; + }; }; } diff --git a/users/catvayor.nix b/users/catvayor.nix index c5b55bd..ede4b9c 100644 --- a/users/catvayor.nix +++ b/users/catvayor.nix @@ -1,4 +1,10 @@ -{ config, pkgs, lib, mods, ... }: +{ + config, + pkgs, + lib, + mods, + ... +}: { imports = with mods.global; [ sway ]; @@ -6,9 +12,17 @@ users.users.catvayor = { shell = pkgs.zsh; isNormalUser = true; - extraGroups = [ "wheel" "usb" "networkmanager" "video" "audio" "libvirtd" ]; + extraGroups = [ + "wheel" + "usb" + "networkmanager" + "video" + "audio" + "libvirtd" + ]; packages = with pkgs; [ tree + nixfmt-rfc-style ]; }; @@ -24,7 +38,13 @@ home-manager.users.catvayor = { home.stateVersion = "23.11"; - imports = with mods.home; [ neovim zsh sway ssh mail ]; + imports = with mods.home; [ + neovim + zsh + sway + ssh + mail + ]; home.packages = with pkgs; [ wl-clipboard @@ -39,9 +59,12 @@ keepassxc ]; - programs.alacritty = { enable = true; settings = lib.importTOML ./cat-alacritty.toml; }; + programs.alacritty = { + enable = true; + settings = lib.importTOML ./cat-alacritty.toml; + }; programs.thunderbird.enable = true; - programs.thunderbird.profiles = {}; + programs.thunderbird.profiles = { }; services.mako = { enable = true; width = 400; @@ -55,11 +78,23 @@ gtk = { enable = true; - theme = { package = pkgs.arc-theme; name = "Arc-Dark"; }; - iconTheme = { package = pkgs.arc-icon-theme; name = "Arc"; }; - cursorTheme = { package = pkgs.breeze-hacked-cursor-theme; name = "Breeze_Hacked"; }; + theme = { + package = pkgs.arc-theme; + name = "Arc-Dark"; + }; + iconTheme = { + package = pkgs.arc-icon-theme; + name = "Arc"; + }; + cursorTheme = { + package = pkgs.breeze-hacked-cursor-theme; + name = "Breeze_Hacked"; + }; + }; + home.pointerCursor = { + package = pkgs.breeze-hacked-cursor-theme; + name = "Breeze_Hacked"; }; - home.pointerCursor = { package = pkgs.breeze-hacked-cursor-theme; name = "Breeze_Hacked"; }; xdg.enable = true; }; } diff --git a/users/root.nix b/users/root.nix index 7908440..e4129e4 100644 --- a/users/root.nix +++ b/users/root.nix @@ -1,18 +1,28 @@ { ssh }: -{ config, lib, pkgs, mods, ... }: +{ + config, + lib, + pkgs, + mods, + ... +}: { programs.zsh.enable = true; - users.users.root = { - shell = pkgs.zsh; - } // lib.attrsets.optionalAttrs ssh { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" - ]; - }; + users.users.root = + { + shell = pkgs.zsh; + } + // lib.attrsets.optionalAttrs ssh { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" + ]; + }; home-manager.users.root = { home.stateVersion = "23.11"; - imports = with mods.home; [ neovim zsh ]; + imports = with mods.home; [ + neovim + zsh + ]; }; -} // lib.attrsets.optionalAttrs ssh { - services.openssh.enable = true; } +// lib.attrsets.optionalAttrs ssh { services.openssh.enable = true; }