lbailly/config-perso
1
0
Fork 0
Code Pull requests Projects Releases Packages Activity

nixfmt

Browse source
This commit is contained in:
catvayor 2024-05-14 19:21:19 +02:00
parent 053f90f64a
commit 796c11b823
27 changed files with 1130 additions and 796 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
BOcal/configuration.nix
View file

@ -1,13 +1,18 @@
{ config, lib, pkgs, users, ... }: {
config,
lib,
pkgs,
users,
...
}:
{ {
imports = imports = [
[ ./hardware-configuration.nix
./hardware-configuration.nix ./router.nix
./router.nix ./net_config.nix
./net_config.nix (users.root { ssh = true; })
(users.root { ssh = true; }) ];
];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;

41
BOcal/hardware-configuration.nix
View file

@ -1,31 +1,40 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }: {
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules = [
"xhci_pci"
"ehci_pci"
"ahci"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/b56a6a08-60e7-4997-9f7b-05c58006e730"; device = "/dev/disk/by-uuid/b56a6a08-60e7-4997-9f7b-05c58006e730";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/3975-DEB6"; device = "/dev/disk/by-uuid/3975-DEB6";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = swapDevices = [ { device = "/dev/disk/by-uuid/b196b10b-5480-49b9-a6fb-ed2f21850815"; } ];
[ { device = "/dev/disk/by-uuid/b196b10b-5480-49b9-a6fb-ed2f21850815"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

115
BOcal/net-user/configuration.nix
View file

@ -1,5 +1,12 @@
distant-users-id: distant-users-id:
{ pkgs, lib, users, mods, ... }: { {
pkgs,
lib,
users,
mods,
...
}:
{
imports = [ imports = [
<nixos/nixos/modules/installer/netboot/netboot.nix> <nixos/nixos/modules/installer/netboot/netboot.nix>
<nixos/nixos/modules/installer/cd-dvd/channel.nix> <nixos/nixos/modules/installer/cd-dvd/channel.nix>
@ -17,9 +24,7 @@ distant-users-id:
font = "Lat2-Terminus16"; font = "Lat2-Terminus16";
keyMap = "fr"; keyMap = "fr";
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ git ];
git
];
security.polkit.extraConfig = '' security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if ( if (
@ -73,39 +78,48 @@ distant-users-id:
}) })
''; '';
users.groups.bocal.gid = 2000; users.groups.bocal.gid = 2000;
users.users = let users.users =
template = { name, uid }: { let
inherit name; template =
value = { { name, uid }:
isNormalUser = true; {
inherit uid; inherit name;
shell = pkgs.zsh; value = {
group = "bocal"; isNormalUser = true;
homeMode = "750"; inherit uid;
}; shell = pkgs.zsh;
group = "bocal";
homeMode = "750";
};
};
in
builtins.listToAttrs (map template distant-users-id)
// {
root.hashedPassword = "$y$j9T$GK2ejPfMgk0GlBqZX0aBo/$n3nds9zcBi8X8p9aG5Aywq1A.R6Bt/dIOccvfIdMM/1";
root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix"
];
}; };
in builtins.listToAttrs (map template distant-users-id) // { home-manager.users =
root.hashedPassword = "$y$j9T$GK2ejPfMgk0GlBqZX0aBo/$n3nds9zcBi8X8p9aG5Aywq1A.R6Bt/dIOccvfIdMM/1"; let
root.openssh.authorizedKeys.keys = [ template =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" { name, uid }:
]; {
}; inherit name;
home-manager.users = let value = {
template = { name, uid }: { home.stateVersion = "23.11";
inherit name; imports = with mods.home; [
value = { zsh
home.stateVersion = "23.11"; neovim
imports = with mods.home; [ zsh neovim ]; ];
programs.zsh.profileExtra = "exec ${pkgs.plasma5Packages.plasma-workspace}/bin/startplasma-wayland"; programs.zsh.profileExtra = "exec ${pkgs.plasma5Packages.plasma-workspace}/bin/startplasma-wayland";
programs.firefox.enable = true; programs.firefox.enable = true;
home.packages = with pkgs; [ home.packages = with pkgs; [ gedit ];
gedit };
]; };
}; in
}; builtins.listToAttrs (map template distant-users-id);
in builtins.listToAttrs (map template distant-users-id);
services.getty = { services.getty = {
loginProgram = pkgs.writeShellScript "autologin" '' loginProgram = pkgs.writeShellScript "autologin" ''
@ -117,7 +131,7 @@ distant-users-id:
autologinUser = "bocal"; autologinUser = "bocal";
}; };
systemd.services.unlock = { systemd.services.unlock = {
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
script = '' script = ''
${pkgs.dbus}/bin/dbus-monitor --system "type='signal',interface='org.freedesktop.DBus.Properties',path_namespace='/org/freedesktop/login1/session'" | while read x; do ${pkgs.dbus}/bin/dbus-monitor --system "type='signal',interface='org.freedesktop.DBus.Properties',path_namespace='/org/freedesktop/login1/session'" | while read x; do
case "$x" in case "$x" in
@ -132,18 +146,23 @@ distant-users-id:
desktopManager.plasma5.enable = true; desktopManager.plasma5.enable = true;
displayManager.lightdm.enable = false; displayManager.lightdm.enable = false;
}; };
fileSystems = let fileSystems =
template = { name, uid }: { let
name = "/home/${name}"; template =
value = { { name, uid }:
device = "192.168.222.1:/home/${name}"; {
name = "/home/${name}";
value = {
device = "192.168.222.1:/home/${name}";
fsType = "nfs";
};
};
in
{
"/home/bocal" = {
device = "192.168.222.1:/home/bocal";
fsType = "nfs"; fsType = "nfs";
}; };
}; }
in { // builtins.listToAttrs (map template distant-users-id);
"/home/bocal" = {
device = "192.168.222.1:/home/bocal";
fsType = "nfs";
};
} // builtins.listToAttrs (map template distant-users-id);
} }

114
BOcal/net_config.nix
View file

@ -1,4 +1,10 @@
{ lib, users, mods, pkgs, ... }: {
lib,
users,
mods,
pkgs,
...
}:
let let
machines = { machines = {
"54:bf:64:5d:33:5e" = "arturgo"; "54:bf:64:5d:33:5e" = "arturgo";
@ -13,57 +19,75 @@ let
"54:bf:64:5d:31:fd" = "loony"; "54:bf:64:5d:31:fd" = "loony";
}; };
distant-users = builtins.attrValues machines; distant-users = builtins.attrValues machines;
distant-users-id = builtins.genList (i: { name = builtins.elemAt distant-users i; uid = 2001 + i; }) (builtins.length distant-users); distant-users-id = builtins.genList (i: {
remote_sys = (import (pkgs.path + "/nixos/lib/eval-config.nix") { name = builtins.elemAt distant-users i;
uid = 2001 + i;
}) (builtins.length distant-users);
remote_sys = (
import (pkgs.path + "/nixos/lib/eval-config.nix") {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit users mods; }; specialArgs = {
inherit users mods;
};
modules = [ (import ./net-user/configuration.nix distant-users-id) ]; modules = [ (import ./net-user/configuration.nix distant-users-id) ];
});
remote_build = remote_sys.config.system.build;
json_maker = mac: user: pkgs.writeText "netboot-${mac}.json" ''
{
"kernel": "/kernel",
"initrd": [ "/initrd" ],
"cmdline": "init=${remote_build.toplevel}/init loglevel=4 systemd.setenv=BOCAL=${user}"
} }
''; );
remote_build = remote_sys.config.system.build;
json_maker =
mac: user:
pkgs.writeText "netboot-${mac}.json" ''
{
"kernel": "/kernel",
"initrd": [ "/initrd" ],
"cmdline": "init=${remote_build.toplevel}/init loglevel=4 systemd.setenv=BOCAL=${user}"
}
'';
json_ln = mac: json: ''ln -s ${json} $out/v1/boot/${mac}''; json_ln = mac: json: ''ln -s ${json} $out/v1/boot/${mac}'';
cmds = [ cmds = [
"mkdir -p $out/v1/boot" "mkdir -p $out/v1/boot"
"ln -s ${remote_build.kernel}/bzImage $out/kernel" "ln -s ${remote_build.kernel}/bzImage $out/kernel"
"ln -s ${remote_build.netbootRamdisk}/initrd $out/initrd" "ln -s ${remote_build.netbootRamdisk}/initrd $out/initrd"
] ++ builtins.attrValues (builtins.mapAttrs json_ln (builtins.mapAttrs json_maker machines)); ] ++ builtins.attrValues (builtins.mapAttrs json_ln (builtins.mapAttrs json_maker machines));
webroot = pkgs.runCommand "netboot-apiroot" {} (builtins.concatStringsSep "\n" cmds); webroot = pkgs.runCommand "netboot-apiroot" { } (builtins.concatStringsSep "\n" cmds);
in { in
{
users.groups.bocal.gid = 2000; users.groups.bocal.gid = 2000;
users.users = let users.users =
template = { name, uid }: { let
inherit name; template =
value = { { name, uid }:
{
inherit name;
value = {
isNormalUser = true;
inherit uid;
shell = pkgs.zsh;
group = "bocal";
homeMode = "750";
};
};
in
builtins.listToAttrs (map template distant-users-id)
// {
bocal = {
isNormalUser = true; isNormalUser = true;
inherit uid; uid = 2000;
shell = pkgs.zsh; shell = pkgs.zsh;
group = "bocal"; group = "bocal";
homeMode = "750"; homeMode = "750";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvGR9LIJrb9fEIuYn4DMAiyPq0gZ/J8Hv/hIcszu0Tp vincent@vincent-ZB"
];
}; };
}; };
in builtins.listToAttrs (map template distant-users-id) // {
bocal = {
isNormalUser = true;
uid = 2000;
shell = pkgs.zsh;
group = "bocal";
homeMode = "750";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvGR9LIJrb9fEIuYn4DMAiyPq0gZ/J8Hv/hIcszu0Tp vincent@vincent-ZB"
];
};
};
home-manager.users.bocal = { home-manager.users.bocal = {
home.stateVersion = "23.11"; home.stateVersion = "23.11";
imports = with mods.home; [ zsh neovim ]; imports = with mods.home; [
zsh
neovim
];
programs.zsh.shellAliases = { programs.zsh.shellAliases = {
"redac" = "/home/bocal/bin/redac"; "redac" = "/home/bocal/bin/redac";
"faire" = "redac faire"; "faire" = "redac faire";
@ -80,11 +104,16 @@ in {
}; };
services.nfs.server = { services.nfs.server = {
enable = true; enable = true;
exports = let exports =
template = { name, uid }: "/home/${name} 192.168.222.0/24(rw,nohide,insecure,no_subtree_check,anonuid=${builtins.toString uid},anongid=2000)"; let
in builtins.concatStringsSep "\n" ([ template =
"/home/bocal 192.168.222.0/24(rw,nohide,insecure,no_subtree_check)" { name, uid }:
] ++ map template distant-users-id); "/home/${name} 192.168.222.0/24(rw,nohide,insecure,no_subtree_check,anonuid=${builtins.toString uid},anongid=2000)";
in
builtins.concatStringsSep "\n" (
[ "/home/bocal 192.168.222.0/24(rw,nohide,insecure,no_subtree_check)" ]
++ map template distant-users-id
);
}; };
services.dnsmasq = { services.dnsmasq = {
enable = true; enable = true;
@ -98,7 +127,12 @@ in {
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts."localhost" = { virtualHosts."localhost" = {
listen = [{ addr = "localhost"; port = 8000; }]; listen = [
{
addr = "localhost";
port = 8000;
}
];
root = webroot; root = webroot;
}; };
}; };

21
BOcal/router.nix
View file

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
boot.kernel.sysctl."net.ipv4.ip_forward" = true; boot.kernel.sysctl."net.ipv4.ip_forward" = true;
systemd.network = { systemd.network = {
@ -34,11 +40,11 @@
"11-netboot-client" = { "11-netboot-client" = {
name = "netboot-client"; name = "netboot-client";
address = [ "192.168.222.1/24" ]; address = [ "192.168.222.1/24" ];
# dhcpServerConfig = { # dhcpServerConfig = {
# PoolOffset = 100; # PoolOffset = 100;
# PoolSize = 100; # PoolSize = 100;
# BootServerAddress = "192.168.222.1"; # BootServerAddress = "192.168.222.1";
# }; # };
}; };
}; };
netdevs."10-client".netdevConfig = { netdevs."10-client".netdevConfig = {
@ -46,8 +52,7 @@
Kind = "bridge"; Kind = "bridge";
}; };
}; };
networking.nameservers = networking.nameservers = [ "208.67.222.222" ];
[ "208.67.222.222" ];
networking.nat = { networking.nat = {
enable = true; enable = true;

234
hive.nix
View file

@ -1,72 +1,93 @@
let let
mods = import ./modules; mods = import ./modules;
users = import ./users; users = import ./users;
in { in
{
meta.nixpkgs = <nixpkgs>; meta.nixpkgs = <nixpkgs>;
meta.specialArgs = { meta.specialArgs = {
inherit mods users; inherit mods users;
}; };
defaults = { name, pkgs, ... }: { defaults =
imports = [ <home-manager/nixos> ]; { name, pkgs, ... }:
boot.tmp.useTmpfs = true; {
networking.hostName = name; imports = [ <home-manager/nixos> ];
}; boot.tmp.useTmpfs = true;
networking.hostName = name;
kat-probook = { name, nodes, users, ... }: {
deployment.allowLocalDeployment = true;
imports = [
./machines/kat-probook/configuration.nix
(users.root { ssh = false; })
users.catvayor
];
nix.settings.trusted-users = [ "root" "@wheel" ];
};
kat-r86s = { name, nodes, ... }: {
deployment.targetHost = "r86s.kat";
imports = [
./machines/kat-r86s/configuration.nix
(users.root { ssh = true; })
];
};
kat-test = { name, nodes, ... }: {
deployment = {
allowLocalDeployment = true;
targetHost = "test.kat";
}; };
imports = [ kat-probook =
./machines/kat-test/configuration.nix {
(users.root { ssh = true; }) name,
users.catvayor nodes,
]; users,
home-manager.users.catvayor = { ...
imports = [ mods.home.mail ]; }:
{
deployment.allowLocalDeployment = true;
imports = [
./machines/kat-probook/configuration.nix
(users.root { ssh = false; })
users.catvayor
];
nix.settings.trusted-users = [
"root"
"@wheel"
];
}; };
};
kat-virt = { name, nodes, ... }: { kat-r86s =
deployment.targetHost = "virt.kat"; { name, nodes, ... }:
{
deployment.targetHost = "r86s.kat";
imports = [
./machines/kat-r86s/configuration.nix
(users.root { ssh = true; })
];
};
imports = [ kat-test =
./machines/kat-virt/configuration.nix { name, nodes, ... }:
(users.root { ssh = true; }) {
]; deployment = {
users.users.root.openssh.authorizedKeys.keys = [ allowLocalDeployment = true;
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" targetHost = "test.kat";
]; };
};
kat-runner = { name, nodes, ... }: { imports = [
deployment.targetHost = "runner.kat"; ./machines/kat-test/configuration.nix
(users.root { ssh = true; })
users.catvayor
];
home-manager.users.catvayor = {
imports = [ mods.home.mail ];
};
};
imports = [ kat-virt =
./machines/kat-runner/configuration.nix { name, nodes, ... }:
(users.root { ssh = true; }) {
]; deployment.targetHost = "virt.kat";
};
imports = [
./machines/kat-virt/configuration.nix
(users.root { ssh = true; })
];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix"
];
};
kat-runner =
{ name, nodes, ... }:
{
deployment.targetHost = "runner.kat";
imports = [
./machines/kat-runner/configuration.nix
(users.root { ssh = true; })
];
};
BOcal = { BOcal = {
deployment.targetHost = "bocal.tmp"; deployment.targetHost = "bocal.tmp";
@ -77,59 +98,64 @@ in {
]; ];
}; };
kat-iso = { name, pkgs, ... }:{ kat-iso =
deployment = { { name, pkgs, ... }:
allowLocalDeployment = false; {
targetHost = null; deployment = {
}; allowLocalDeployment = false;
targetHost = null;
};
imports = [ imports = [
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix> <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix>
(users.root { ssh = true; }) (users.root { ssh = true; })
]; ];
networking = { networking = {
networkmanager.enable = true; networkmanager.enable = true;
wireless.enable = false; wireless.enable = false;
}; };
console.keyMap = "fr"; console.keyMap = "fr";
environment.systemPackages = with pkgs; [ perl git ]; environment.systemPackages = with pkgs; [
boot.supportedFilesystems = [ "bcachefs" ]; perl
programs.zsh.enable = true; git
services.openssh.enable = true; ];
services.qemuGuest.enable = true; boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelParams = [ "console=ttyS0" ]; programs.zsh.enable = true;
services.openssh.enable = true;
services.qemuGuest.enable = true;
boot.kernelParams = [ "console=ttyS0" ];
environment.etc = { environment.etc = {
"config_base.nix" = { "config_base.nix" = {
mode = "0444"; mode = "0444";
text = '' text = ''
{ config, lib, pkgs, ... }: { { config, lib, pkgs, ... }: {
imports = [ ./hardware-configuration.nix ]; imports = [ ./hardware-configuration.nix ];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "bcachefs" ]; boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
# networking.networkmanager.enable = true; # networking.networkmanager.enable = true;
networking.hostName = "kat-undefined"; networking.hostName = "kat-undefined";
time.timeZone = "Europe/Paris"; time.timeZone = "Europe/Paris";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
console = { console = {
font = "Lat2-Terminus16"; font = "Lat2-Terminus16";
keyMap = "fr"; keyMap = "fr";
}; };
#services.netbird.enable = true; #services.netbird.enable = true;
services.qemuGuest.enable = true; services.qemuGuest.enable = true;
services.openssh.enable = true; services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
]; ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";
} }
''; '';
};
}; };
}; };
};
} }

28
machines/kat-probook/configuration.nix
View file

@ -1,13 +1,18 @@
{ config, lib, pkgs, mods, ... }: {
config,
lib,
pkgs,
mods,
...
}:
{ {
imports = imports = [
[ ./hardware-configuration.nix
./hardware-configuration.nix <agenix/modules/age.nix>
<agenix/modules/age.nix> ./secrets.nix
./secrets.nix # ./router.nix
# ./router.nix ];
];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -36,7 +41,7 @@
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
(pkgs.callPackage <agenix/pkgs/agenix.nix> {}) (pkgs.callPackage <agenix/pkgs/agenix.nix> { })
wget wget
brightnessctl brightnessctl
nix-search-cli nix-search-cli
@ -70,7 +75,10 @@
folders."essentials" = { folders."essentials" = {
path = "~/essentials"; path = "~/essentials";
id = "vgpwu-fk3ct"; id = "vgpwu-fk3ct";
devices = [ "katest" "katel" ]; devices = [
"katest"
"katel"
];
}; };
devices.katest.id = "UPVXT7D-ZQF4E3J-4WKLLRV-2KF7323-7VOMEJJ-4PZVXW4-UQ2YABE-G7ID4AD"; devices.katest.id = "UPVXT7D-ZQF4E3J-4WKLLRV-2KF7323-7VOMEJJ-4PZVXW4-UQ2YABE-G7ID4AD";
devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ"; devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ";

41
machines/kat-probook/hardware-configuration.nix
View file

@ -1,22 +1,33 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }: {
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "vmd" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.initrd.availableKernelModules = [
"xhci_pci"
"vmd"
"nvme"
"usb_storage"
"sd_mod"
"rtsx_pci_sdmmc"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/4c1f76c6-5ce6-4987-b15e-9419627b7f19"; device = "/dev/disk/by-uuid/4c1f76c6-5ce6-4987-b15e-9419627b7f19";
fsType = "bcachefs"; fsType = "bcachefs";
}; };
boot.initrd.luks.devices."dec-lin" = { boot.initrd.luks.devices."dec-lin" = {
device = "/dev/disk/by-uuid/bba45bff-2356-4ec7-a20c-9cbf9d992822"; device = "/dev/disk/by-uuid/bba45bff-2356-4ec7-a20c-9cbf9d992822";
@ -24,14 +35,12 @@
allowDiscards = true; allowDiscards = true;
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/4F30-BEC7"; device = "/dev/disk/by-uuid/4F30-BEC7";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = swapDevices = [ { device = "/dev/disk/by-uuid/5edcb909-6109-4198-84c7-703cbd471b44"; } ];
[ { device = "/dev/disk/by-uuid/5edcb909-6109-4198-84c7-703cbd471b44"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

18
machines/kat-probook/router.nix
View file

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
boot.kernel.sysctl."net.ipv4.ip_forward" = true; boot.kernel.sysctl."net.ipv4.ip_forward" = true;
systemd.network = { systemd.network = {
@ -13,11 +19,11 @@
name = "enp2s0"; name = "enp2s0";
address = [ "192.168.2.1/24" ]; address = [ "192.168.2.1/24" ];
networkConfig.DHCPServer = "yes"; networkConfig.DHCPServer = "yes";
# dhcpServerConfig = { # dhcpServerConfig = {
# PoolOffset = 100; # PoolOffset = 100;
# PoolSize = 100; # PoolSize = 100;
# BootServerAddress = "192.168.222.1"; # BootServerAddress = "192.168.222.1";
# }; # };
}; };
}; };
}; };

28
machines/kat-probook/secrets.nix
View file

@ -6,15 +6,25 @@ let
}; };
in in
{ {
age.identityPaths = [ age.identityPaths = [ "/root/.ssh/passwd" ];
"/root/.ssh/passwd"
];
age.secrets = { age.secrets = {
mails-laposte = cat-owned // { file = ./secrets/mails-laposte.age; }; mails-laposte = cat-owned // {
mails-dgnum = cat-owned // { file = ./secrets/mails-dgnum.age; }; file = ./secrets/mails-laposte.age;
mails-kat = cat-owned // { file = ./secrets/mails-kat.age; }; };
clipper = cat-owned // { file = ./secrets/clipper.age; }; mails-dgnum = cat-owned // {
"geek.gle" = cat-owned // { file = ./secrets/geek.gle.age; }; file = ./secrets/mails-dgnum.age;
"pro.gle" = cat-owned // { file = ./secrets/pro.gle.age; }; };
mails-kat = cat-owned // {
file = ./secrets/mails-kat.age;
};
clipper = cat-owned // {
file = ./secrets/clipper.age;
};
"geek.gle" = cat-owned // {
file = ./secrets/geek.gle.age;
};
"pro.gle" = cat-owned // {
file = ./secrets/pro.gle.age;
};
}; };
} }

3
machines/kat-probook/secrets/secrets.nix
View file

@ -1,6 +1,7 @@
let let
pub-key = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBtlIx8XVse0m+Aqf4DuxzYdeF6gh/nObNzfrHJOn3Ik" ]; pub-key = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBtlIx8XVse0m+Aqf4DuxzYdeF6gh/nObNzfrHJOn3Ik" ];
in { in
{
"mails-laposte.age".publicKeys = pub-key; "mails-laposte.age".publicKeys = pub-key;
"mails-dgnum.age".publicKeys = pub-key; "mails-dgnum.age".publicKeys = pub-key;
"mails-kat.age".publicKeys = pub-key; "mails-kat.age".publicKeys = pub-key;

38
machines/kat-r86s/configuration.nix
View file

@ -1,20 +1,24 @@
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
{ {
imports = imports = [
[ ./hardware-configuration.nix
./hardware-configuration.nix ./router.nix
./router.nix ];
];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "bcachefs" ]; boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
time.timeZone = "Europe/Paris"; time.timeZone = "Europe/Paris";
# Configure network proxy if necessary # Configure network proxy if necessary
@ -51,9 +55,8 @@
programs.zsh.enable = true; programs.zsh.enable = true;
users.users.guest = { users.users.guest = {
isNormalUser = true; isNormalUser = true;
# extraGroups = [ "wheel" ]; # extraGroups = [ "wheel" ];
packages = with pkgs; [ packages = with pkgs; [ ];
];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
@ -97,7 +100,10 @@
services.openssh.enable = true; services.openssh.enable = true;
services.netbird.enable = true; services.netbird.enable = true;
boot.kernelModules = [ "kvm-intel" "kvm-amd" ]; boot.kernelModules = [
"kvm-intel"
"kvm-amd"
];
programs.virt-manager.enable = true; programs.virt-manager.enable = true;
virtualisation.libvirtd.enable = true; virtualisation.libvirtd.enable = true;
@ -118,7 +124,13 @@
}; };
# Open ports in the firewall. # Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 22 53 80 443 22000 ]; networking.firewall.allowedTCPPorts = [
22
53
80
443
22000
];
networking.firewall.allowedUDPPorts = [ 67 ]; networking.firewall.allowedUDPPorts = [ 67 ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;
@ -145,6 +157,4 @@
# #
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment? system.stateVersion = "23.11"; # Did you read the comment?
} }

36
machines/kat-r86s/hardware-configuration.nix
View file

@ -1,27 +1,37 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }: {
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.availableKernelModules = [
"xhci_pci"
"usbhid"
"usb_storage"
"sd_mod"
"sdhci_pci"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "UUID=2d6f7d3a-936d-457c-86c7-f49d816ff5b7"; device = "UUID=2d6f7d3a-936d-457c-86c7-f49d816ff5b7";
fsType = "bcachefs"; fsType = "bcachefs";
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/DD9A-3823"; device = "/dev/disk/by-uuid/DD9A-3823";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [ ];

40
machines/kat-r86s/router.nix
View file

@ -1,21 +1,32 @@
{config, lib, pkgs, ...}: { {
config,
lib,
pkgs,
...
}:
{
boot.kernel.sysctl."net.ipv4.ip_forward" = true; boot.kernel.sysctl."net.ipv4.ip_forward" = true;
# networking.nat = { # networking.nat = {
# enable = true; # enable = true;
# internalInterfaces = [ "enp2s0" ]; # internalInterfaces = [ "enp2s0" ];
# externalInterface = "enp1s0"; # externalInterface = "enp1s0";
# }; # };
networking.interfaces.enp2s0 = { networking.interfaces.enp2s0 = {
useDHCP = false; useDHCP = false;
ipv4.addresses = [{ address = "192.168.42.1"; prefixLength = 24; }]; ipv4.addresses = [
{
address = "192.168.42.1";
prefixLength = 24;
}
];
}; };
# networking.interfaces.enp3s0 = { # networking.interfaces.enp3s0 = {
# useDHCP = false; # useDHCP = false;
# ipv4.addresses = [{ address = "192.168.222.1"; prefixLength = 24; }]; # ipv4.addresses = [{ address = "192.168.222.1"; prefixLength = 24; }];
# ipv6.addresses = [{ address = "fd26:baf9:d250:8000::ffff"; prefixLength = 64; }]; # ipv6.addresses = [{ address = "fd26:baf9:d250:8000::ffff"; prefixLength = 64; }];
# }; # };
services.dnsmasq = { services.dnsmasq = {
enable = true; enable = true;
@ -33,7 +44,10 @@
"10-enp3s0" = { "10-enp3s0" = {
name = "enp3s0"; name = "enp3s0";
networkConfig = { networkConfig = {
VLAN = [ "vlan-admin" "vlan-user-test" ]; VLAN = [
"vlan-admin"
"vlan-user-test"
];
LinkLocalAddressing = false; LinkLocalAddressing = false;
LLDP = false; LLDP = false;

24
machines/kat-runner/configuration.nix
View file

@ -1,10 +1,12 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
{ {
imports = imports = [ ./hardware-configuration.nix ];
[
./hardware-configuration.nix
];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -15,7 +17,10 @@
enable = true; enable = true;
networks."10-enp1s0" = { networks."10-enp1s0" = {
name = "enp1s0"; name = "enp1s0";
address = [ "192.168.122.3/24" "fe80::3/64" ]; address = [
"192.168.122.3/24"
"fe80::3/64"
];
routes = [ routes = [
{ routeConfig.Gateway = "192.168.122.1"; } { routeConfig.Gateway = "192.168.122.1"; }
{ routeConfig.Gateway = "fe80::1"; } { routeConfig.Gateway = "fe80::1"; }
@ -56,7 +61,11 @@
services.parkas = { services.parkas = {
executor = "shell"; executor = "shell";
registrationConfigFile = "/root/parkas-runner-secrets.toml"; registrationConfigFile = "/root/parkas-runner-secrets.toml";
tagList = [ "test" "linux" "nix" ]; tagList = [
"test"
"linux"
"nix"
];
}; };
}; };
@ -71,4 +80,3 @@
system.stateVersion = "23.11"; system.stateVersion = "23.11";
} }

41
machines/kat-runner/hardware-configuration.nix
View file

@ -1,28 +1,41 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }: {
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/33eef82e-c54b-49a8-8f48-4dc28aab0fab"; device = "/dev/disk/by-uuid/33eef82e-c54b-49a8-8f48-4dc28aab0fab";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/6760-3980"; device = "/dev/disk/by-uuid/6760-3980";
fsType = "vfat"; fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ]; options = [
}; "fmask=0022"
"dmask=0022"
];
};
swapDevices = [ ]; swapDevices = [ ];

51
machines/kat-test/configuration.nix
View file

@ -1,19 +1,22 @@
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, mods, ... }: {
config,
lib,
pkgs,
mods,
...
}:
{ {
imports = imports = [ ./hardware-configuration.nix ];
[
./hardware-configuration.nix
];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "bcachefs" ]; boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
time.timeZone = "Europe/Paris"; time.timeZone = "Europe/Paris";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
@ -76,23 +79,23 @@
enableSSHSupport = true; enableSSHSupport = true;
}; };
# services.syncthing = { # services.syncthing = {
# enable = true; # enable = true;
# systemService = true; # systemService = true;
# dataDir = "/home/catvayor"; # dataDir = "/home/catvayor";
# user = "catvayor"; # user = "catvayor";
# group = "users"; # group = "users";
# openDefaultPorts = true; # openDefaultPorts = true;
# settings = { # settings = {
# folders."essentials" = { # folders."essentials" = {
# path = "~/essentials"; # path = "~/essentials";
# id = "vgpwu-fk3ct"; # id = "vgpwu-fk3ct";
# devices = [ "katest" "katel" ]; # devices = [ "katest" "katel" ];
# }; # };
# devices.katest.id = "UPVXT7D-ZQF4E3J-4WKLLRV-2KF7323-7VOMEJJ-4PZVXW4-UQ2YABE-G7ID4AD"; # devices.katest.id = "UPVXT7D-ZQF4E3J-4WKLLRV-2KF7323-7VOMEJJ-4PZVXW4-UQ2YABE-G7ID4AD";
# devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ"; # devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ";
# }; # };
# }; # };
services.netbird.enable = true; services.netbird.enable = true;
# List services that you want to enable: # List services that you want to enable:
@ -128,6 +131,4 @@
# #
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment? system.stateVersion = "23.11"; # Did you read the comment?
} }

40
machines/kat-test/hardware-configuration.nix
View file

@ -1,33 +1,41 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }: {
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "UUID=3d3c874f-7182-4eb1-91a6-ededc6f05fcc"; device = "UUID=3d3c874f-7182-4eb1-91a6-ededc6f05fcc";
fsType = "bcachefs"; fsType = "bcachefs";
}; };
boot.initrd.luks.devices."disk".device = "/dev/disk/by-uuid/b1e18836-c657-49b2-81f9-8f0b2e4a4283"; boot.initrd.luks.devices."disk".device = "/dev/disk/by-uuid/b1e18836-c657-49b2-81f9-8f0b2e4a4283";
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/B405-7B40"; device = "/dev/disk/by-uuid/B405-7B40";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = swapDevices = [ { device = "/dev/disk/by-uuid/060c35d7-86b0-4901-b882-02443efbfe07"; } ];
[ { device = "/dev/disk/by-uuid/060c35d7-86b0-4901-b882-02443efbfe07"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

29
machines/kat-virt/configuration.nix
View file

@ -1,12 +1,14 @@
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
{ {
imports = imports = [ ./hardware-configuration.nix ];
[
./hardware-configuration.nix
];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -19,14 +21,23 @@
interfaces."enp1s0" = { interfaces."enp1s0" = {
useDHCP = false; useDHCP = false;
ipv4.addresses = [ ipv4.addresses = [
{ address = "192.168.122.2"; prefixLength = 24; } {
address = "192.168.122.2";
prefixLength = 24;
}
]; ];
ipv6.addresses = [ ipv6.addresses = [
{ address = "fe80::2"; prefixLength = 64; } {
address = "fe80::2";
prefixLength = 64;
}
]; ];
}; };
defaultGateway = "192.168.122.1"; defaultGateway = "192.168.122.1";
defaultGateway6 = { address = "fe80::1"; interface = "enp1s0"; }; defaultGateway6 = {
address = "fe80::1";
interface = "enp1s0";
};
nameservers = [ nameservers = [
"192.168.122.1" "192.168.122.1"
"fe80::1%enp1s0" "fe80::1%enp1s0"
@ -124,6 +135,4 @@
# #
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment? system.stateVersion = "23.11"; # Did you read the comment?
} }

36
machines/kat-virt/hardware-configuration.nix
View file

@ -1,27 +1,37 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }: {
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "UUID=301a23cf-1aa3-4c53-a174-1a97592da5fa"; device = "UUID=301a23cf-1aa3-4c53-a174-1a97592da5fa";
fsType = "bcachefs"; fsType = "bcachefs";
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/F594-E8DB"; device = "/dev/disk/by-uuid/F594-E8DB";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [ ];

3
modules/default.nix
View file

@ -1,6 +1,7 @@
let let
sway = import ./desktop/sway.nix; sway = import ./desktop/sway.nix;
in { in
{
home = { home = {
sway = sway.home; sway = sway.home;
neovim = ./neovim; neovim = ./neovim;

465
modules/desktop/sway.nix
View file

@ -1,64 +1,90 @@
{ {
global = { config, pkgs, lib, mods, ... }: global =
{ {
programs.wshowkeys.enable = true; config,
programs.sway.enable = true; pkgs,
services.dbus.packages = with pkgs; [ dconf ]; lib,
xdg.portal = { mods,
enable = true; ...
extraPortals = with pkgs; [ }:
xdg-desktop-portal-wlr {
xdg-desktop-portal-gtk programs.wshowkeys.enable = true;
]; programs.sway.enable = true;
}; services.dbus.packages = with pkgs; [ dconf ];
}; xdg.portal = {
home = { config, pkgs, lib, mods, ... }: enable = true;
{ extraPortals = with pkgs; [
xdg.configFile."sway/config".onChange = lib.mkForce ""; xdg-desktop-portal-wlr
xdg-desktop-portal-gtk
home.sessionVariables = { ];
MOZ_ENABLE_WAYLAND = "1";
MOZ_USE_XINPUT2 = "1";
SDL_VIDEODRIVER = "wayland";
QT_QPA_PLATFORM = "wayland";
QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
_JAVA_AWT_WM_NONREPARETING = "1";
XDG_SESSION_TYPE = "wayland";
XDG_CURRENT_DESKTOP = "sway";
};
programs.waybar.enable = true;
home.file.".config/waybar" = { source = ./waybar; recursive = true; };
services.swayidle =
let lockwall = pkgs.runCommand "lock_wall.jpg" {} ''
${pkgs.ffmpeg}/bin/ffmpeg -i ${./wall.jpg} -filter_complex 'gblur=sigma=3' $out -y
'';
in {
enable = true;
timeouts = [
{
timeout = 300;
command = ''${pkgs.systemd}/bin/loginctl lock-session && ${pkgs.sway}/bin/swaymsg "output * dpms off"'';
resumeCommand = ''${pkgs.sway}/bin/swaymsg "output * dpms on"'';
}
];
events = [
{ event = "before-sleep"; command = "${pkgs.systemd}/bin/loginctl lock-session"; }
{ event = "lock"; command = "${pkgs.swaylock}/bin/swaylock -f -i ${lockwall}"; }
];
};
wayland.windowManager.sway = {
enable = true;
xwayland = true;
wrapperFeatures = {
base = false;
gtk = false;
}; };
extraConfig = ''workspace 1''; };
config = home =
let menuCmd = "${pkgs.wofi}/bin/wofi --show drun -i | xargs swaymsg exec --"; {
config,
pkgs,
lib,
mods,
...
}:
{
xdg.configFile."sway/config".onChange = lib.mkForce "";
home.sessionVariables = {
MOZ_ENABLE_WAYLAND = "1";
MOZ_USE_XINPUT2 = "1";
SDL_VIDEODRIVER = "wayland";
QT_QPA_PLATFORM = "wayland";
QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
_JAVA_AWT_WM_NONREPARETING = "1";
XDG_SESSION_TYPE = "wayland";
XDG_CURRENT_DESKTOP = "sway";
};
programs.waybar.enable = true;
home.file.".config/waybar" = {
source = ./waybar;
recursive = true;
};
services.swayidle =
let
lockwall = pkgs.runCommand "lock_wall.jpg" { } ''
${pkgs.ffmpeg}/bin/ffmpeg -i ${./wall.jpg} -filter_complex 'gblur=sigma=3' $out -y
'';
in
{
enable = true;
timeouts = [
{
timeout = 300;
command = ''${pkgs.systemd}/bin/loginctl lock-session && ${pkgs.sway}/bin/swaymsg "output * dpms off"'';
resumeCommand = ''${pkgs.sway}/bin/swaymsg "output * dpms on"'';
}
];
events = [
{
event = "before-sleep";
command = "${pkgs.systemd}/bin/loginctl lock-session";
}
{
event = "lock";
command = "${pkgs.swaylock}/bin/swaylock -f -i ${lockwall}";
}
];
};
wayland.windowManager.sway = {
enable = true;
xwayland = true;
wrapperFeatures = {
base = false;
gtk = false;
};
extraConfig = ''workspace 1'';
config =
let
menuCmd = "${pkgs.wofi}/bin/wofi --show drun -i | xargs swaymsg exec --";
exitMd = ''Exit Mode:| (l)Log out | (r)Reboot | (p)Poweroff''; exitMd = ''Exit Mode:| (l)Log out | (r)Reboot | (p)Poweroff'';
weechatCmd = pkgs.writeShellScript "weechat.sh" '' weechatCmd = pkgs.writeShellScript "weechat.sh" ''
nix-shell -p python3 python311Packages.dbus-python python311Packages.notify2 --run 'python ${./weenotify.py} -s' > /dev/null & nix-shell -p python3 python311Packages.dbus-python python311Packages.notify2 --run 'python ${./weenotify.py} -s' > /dev/null &
@ -67,155 +93,186 @@
sleep 1 sleep 1
done done
''; '';
in rec { in
window.border = 1; rec {
gaps.smartBorders = "on"; window.border = 1;
modifier = "Mod4"; gaps.smartBorders = "on";
terminal = "alacritty"; modifier = "Mod4";
input."type:keyboard".xkb_layout = "fr"; terminal = "alacritty";
startup = [ input."type:keyboard".xkb_layout = "fr";
{ command = "${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ on"; } startup = [
{ command = "${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ on"; }
{ command = "discord"; } { command = "discord"; }
{ command = "thunderbird"; } { command = "thunderbird"; }
{ command = "mattermost-desktop"; } { command = "mattermost-desktop"; }
{ command = "signal-desktop --"; } { command = "signal-desktop --"; }
{ command = ''sh -c "sleep 2 && exec keepassxc"''; } { command = ''sh -c "sleep 2 && exec keepassxc"''; }
{ command = "alacritty --class weechat --title weechat --command ${pkgs.bash}/bin/bash -c ${weechatCmd}"; } {
]; command = "alacritty --class weechat --title weechat --command ${pkgs.bash}/bin/bash -c ${weechatCmd}";
assigns = { }
"1" = [{ app_id="firefox"; }]; ];
"9" = [{ app_id="thunderbird"; }]; assigns = {
"10" = [ "1" = [ { app_id = "firefox"; } ];
{ class="Mattermost"; } "9" = [ { app_id = "thunderbird"; } ];
{ class="Signal"; } "10" = [
{ class="discord"; } { class = "Mattermost"; }
{ app_id="weechat"; } { class = "Signal"; }
]; { class = "discord"; }
}; { app_id = "weechat"; }
bars = [{ ];
command = "waybar"; };
mode = "hide"; bars = [
}]; {
output."*".bg = "${./wall.jpg} fill"; command = "waybar";
seat."*"."hide_cursor" = "5000"; mode = "hide";
focus.wrapping = "yes"; }
window.titlebar = false; ];
colors = output."*".bg = "${./wall.jpg} fill";
let black = "#000000"; seat."*"."hide_cursor" = "5000";
dark = "#111111"; focus.wrapping = "yes";
adark = "#111111BB"; window.titlebar = false;
aadark = "#11111177"; colors =
highl = "#222222"; let
gray = "#777777"; black = "#000000";
white = "#FFFFFF"; dark = "#111111";
color = "#FFBB00"; adark = "#111111BB";
urgent = "#FF0000"; aadark = "#11111177";
in { highl = "#222222";
focused = {border = adark; background = adark; text = white; indicator = color; childBorder = color; }; gray = "#777777";
unfocused = {border = aadark; background = aadark; text = gray; indicator = dark; childBorder = dark; }; white = "#FFFFFF";
focusedInactive = {border = adark; background = adark; text = gray; indicator = dark; childBorder = dark; }; color = "#FFBB00";
urgent = {border = urgent; background = urgent; text = white; indicator = urgent; childBorder = urgent; }; urgent = "#FF0000";
}; in
modes = { {
"display" = { focused = {
"Left" = "output - transform 90"; border = adark;
"Down" = "output - transform normal"; background = adark;
"Up" = "output - transform 180"; text = white;
"Right" = "output - transform 270"; indicator = color;
childBorder = color;
};
unfocused = {
border = aadark;
background = aadark;
text = gray;
indicator = dark;
childBorder = dark;
};
focusedInactive = {
border = adark;
background = adark;
text = gray;
indicator = dark;
childBorder = dark;
};
urgent = {
border = urgent;
background = urgent;
text = white;
indicator = urgent;
childBorder = urgent;
};
};
modes = {
"display" = {
"Left" = "output - transform 90";
"Down" = "output - transform normal";
"Up" = "output - transform 180";
"Right" = "output - transform 270";
"Shift+Left" = "output - transform flipped-90"; "Shift+Left" = "output - transform flipped-90";
"Shift+Down" = "output - transform flipped"; "Shift+Down" = "output - transform flipped";
"Shift+Up" = "output - transform flipped-180"; "Shift+Up" = "output - transform flipped-180";
"Shift+Right" = "output - transform flipped-270"; "Shift+Right" = "output - transform flipped-270";
"Escape" = ''mode default"''; "Escape" = ''mode default"'';
};
"resize" = {
"Left" = "resize shrink width 10px";
"Down" = "resize grow height 10px";
"Up" = "resize shrink height 10px";
"Right" = "resize grow width 10px";
"Escape" = ''mode default"'';
};
"${exitMd}" = {
"l" = "exec swaymsg exit";
"r" = "exec systemctl reboot";
"p" = "exec systemctl poweroff";
"Escape" = ''mode default"'';
};
};
keybindings = {
"${modifier}+Return" = "exec ${terminal}";
"${modifier}+q" = "kill";
"${modifier}+d" = "exec ${menuCmd}";
"${modifier}+Shift+f" = "exec firefox";
"${modifier}+Shift+c" = "reload";
"${modifier}+p" = ''exec ${pkgs.grim}/bin/grim -g "$(${pkgs.slurp}/bin/slurp -d)" - | ${pkgs.wl-clipboard}/bin/wl-copy -t image/png'';
"Print" = "exec ${pkgs.grim}/bin/grim - | ${pkgs.wl-clipboard}/bin/wl-copy -t image/png";
"${modifier}+x" = ''mode "display"'';
"${modifier}+r" = ''mode "resize"'';
"${modifier}+Shift+e" = ''mode "${exitMd}"'';
"${modifier}+l" = "exec ${pkgs.systemd}/bin/loginctl lock-session";
"Ctrl+Shift+l" = ''exec ${pkgs.grim}/bin/grim /tmp/t_lock.png && ${pkgs.swaylock}/bin/swaylock -f -i /tmp/t_lock.png'';
"${modifier}+Left" = "focus left";
"${modifier}+Down" = "focus down";
"${modifier}+Up" = "focus up";
"${modifier}+Right" = "focus right";
"${modifier}+ampersand" = "workspace 1";
"${modifier}+eacute" = "workspace 2";
"${modifier}+quotedbl" = "workspace 3";
"${modifier}+apostrophe" = "workspace 4";
"${modifier}+parenleft" = "workspace 5";
"${modifier}+minus" = "workspace 6";
"${modifier}+egrave" = "workspace 7";
"${modifier}+underscore" = "workspace 8";
"${modifier}+ccedilla" = "workspace 9";
"${modifier}+agrave" = "workspace 10";
"${modifier}+Shift+Left" = "move left";
"${modifier}+Shift+Down" = "move down";
"${modifier}+Shift+Up" = "move up";
"${modifier}+Shift+Right" = "move right";
"${modifier}+Shift+ampersand" = "move container to workspace 1";
"${modifier}+Shift+eacute" = "move container to workspace 2";
"${modifier}+Shift+quotedbl" = "move container to workspace 3";
"${modifier}+Shift+apostrophe" = "move container to workspace 4";
"${modifier}+Shift+parenleft" = "move container to workspace 5";
"${modifier}+Shift+minus" = "move container to workspace 6";
"${modifier}+Shift+egrave" = "move container to workspace 7";
"${modifier}+Shift+underscore" = "move container to workspace 8";
"${modifier}+Shift+ccedilla" = "move container to workspace 9";
"${modifier}+Shift+agrave" = "move container to workspace 10";
"${modifier}+b" = "splith";
"${modifier}+v" = "splitv";
"${modifier}+Shift+s" = "layout stacking";
"${modifier}+w" = "layout tabbed";
"${modifier}+s" = "layout toggle split";
"${modifier}+f" = "fullscreen";
"${modifier}+Shift+space" = "floating toggle";
"${modifier}+space" = "focus mode toggle";
"${modifier}+z" = "focus parent";
"${modifier}+Shift+z" = "focus child";
"${modifier}+Shift+F1" = "move scratchpad";
"${modifier}+F1" = "scratchpad show";
"XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioMicMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set 5%-";
"XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set +5%";
};
}; };
"resize" = {
"Left" = "resize shrink width 10px";
"Down" = "resize grow height 10px";
"Up" = "resize shrink height 10px";
"Right" = "resize grow width 10px";
"Escape" = ''mode default"'';
};
"${exitMd}" = {
"l" = "exec swaymsg exit";
"r" = "exec systemctl reboot";
"p" = "exec systemctl poweroff";
"Escape" = ''mode default"'';
};
};
keybindings = {
"${modifier}+Return" = "exec ${terminal}";
"${modifier}+q" = "kill";
"${modifier}+d" = "exec ${menuCmd}";
"${modifier}+Shift+f" = "exec firefox";
"${modifier}+Shift+c" = "reload";
"${modifier}+p" = ''exec ${pkgs.grim}/bin/grim -g "$(${pkgs.slurp}/bin/slurp -d)" - | ${pkgs.wl-clipboard}/bin/wl-copy -t image/png'';
"Print" = "exec ${pkgs.grim}/bin/grim - | ${pkgs.wl-clipboard}/bin/wl-copy -t image/png";
"${modifier}+x" = ''mode "display"'';
"${modifier}+r" = ''mode "resize"'';
"${modifier}+Shift+e" = ''mode "${exitMd}"'';
"${modifier}+l" = "exec ${pkgs.systemd}/bin/loginctl lock-session";
"Ctrl+Shift+l" = ''exec ${pkgs.grim}/bin/grim /tmp/t_lock.png && ${pkgs.swaylock}/bin/swaylock -f -i /tmp/t_lock.png'';
"${modifier}+Left" = "focus left";
"${modifier}+Down" = "focus down";
"${modifier}+Up" = "focus up";
"${modifier}+Right" = "focus right";
"${modifier}+ampersand" = "workspace 1";
"${modifier}+eacute" = "workspace 2";
"${modifier}+quotedbl" = "workspace 3";
"${modifier}+apostrophe" = "workspace 4";
"${modifier}+parenleft" = "workspace 5";
"${modifier}+minus" = "workspace 6";
"${modifier}+egrave" = "workspace 7";
"${modifier}+underscore" = "workspace 8";
"${modifier}+ccedilla" = "workspace 9";
"${modifier}+agrave" = "workspace 10";
"${modifier}+Shift+Left" = "move left";
"${modifier}+Shift+Down" = "move down";
"${modifier}+Shift+Up" = "move up";
"${modifier}+Shift+Right" = "move right";
"${modifier}+Shift+ampersand" = "move container to workspace 1";
"${modifier}+Shift+eacute" = "move container to workspace 2";
"${modifier}+Shift+quotedbl" = "move container to workspace 3";
"${modifier}+Shift+apostrophe" = "move container to workspace 4";
"${modifier}+Shift+parenleft" = "move container to workspace 5";
"${modifier}+Shift+minus" = "move container to workspace 6";
"${modifier}+Shift+egrave" = "move container to workspace 7";
"${modifier}+Shift+underscore" = "move container to workspace 8";
"${modifier}+Shift+ccedilla" = "move container to workspace 9";
"${modifier}+Shift+agrave" = "move container to workspace 10";
"${modifier}+b" = "splith";
"${modifier}+v" = "splitv";
"${modifier}+Shift+s" = "layout stacking";
"${modifier}+w" = "layout tabbed";
"${modifier}+s" = "layout toggle split";
"${modifier}+f" = "fullscreen";
"${modifier}+Shift+space" = "floating toggle";
"${modifier}+space" = "focus mode toggle";
"${modifier}+z" = "focus parent";
"${modifier}+Shift+z" = "focus child";
"${modifier}+Shift+F1" = "move scratchpad";
"${modifier}+F1" = "scratchpad show";
"XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioMicMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set 5%-";
"XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set +5%";
};
}; };
}; };
};
} }

274
modules/mail.nix
View file

@ -1,145 +1,149 @@
{ pkgs, config, ... }: { { pkgs, config, ... }:
{
programs.aerc = { programs.aerc = {
extraConfig.general.unsafe-accounts-conf = true; extraConfig.general.unsafe-accounts-conf = true;
enable = true; enable = true;
}; };
accounts.email.accounts = accounts.email.accounts =
let let
aerc = { enable = true; }; aerc = {
in { enable = true;
"ens" = {
primary = true;
inherit aerc;
address = "lubin.bailly@ens.psl.eu";
realName = "Lubin Bailly";
userName = "lbailly";
signature = {
delimiter = "--";
showSignature = "append";
text = "Lubin Bailly";
}; };
passwordCommand = "cat /run/agenix/clipper"; in
imap = { {
host = "clipper.ens.psl.eu"; "ens" = {
port = 993; primary = true;
tls.enable = true; inherit aerc;
address = "lubin.bailly@ens.psl.eu";
realName = "Lubin Bailly";
userName = "lbailly";
signature = {
delimiter = "--";
showSignature = "append";
text = "Lubin Bailly";
};
passwordCommand = "cat /run/agenix/clipper";
imap = {
host = "clipper.ens.psl.eu";
port = 993;
tls.enable = true;
};
smtp = {
host = "clipper.ens.psl.eu";
port = 465;
tls.enable = true;
};
}; };
smtp = { "katmail" = {
host = "clipper.ens.psl.eu"; inherit aerc;
port = 465; address = "catvayor@katvayor.net";
tls.enable = true; realName = "catvayor";
userName = "catvayor@katvayor.net";
signature = {
delimiter = "--";
showSignature = "append";
text = "catvayor";
};
passwordCommand = "cat /run/agenix/mails-kat";
imap = {
host = "ssl0.ovh.net";
port = 993;
tls.enable = true;
};
smtp = {
host = "ssl0.ovh.net";
port = 465;
tls.enable = true;
};
};
"dgnum" = {
inherit aerc;
address = "catvayor@dgnum.eu";
realName = "catvayor";
userName = "catvayor@dgnum.eu";
signature = {
delimiter = "--";
showSignature = "append";
text = "catvayor";
};
passwordCommand = "cat /run/agenix/mails-dgnum";
imap = {
host = "kurisu.lahfa.xyz";
port = 993;
tls.enable = true;
};
smtp = {
host = "kurisu.lahfa.xyz";
port = 587;
tls.enable = true;
tls.useStartTls = true;
};
};
"gmail.geek" = {
inherit aerc;
address = "lubin.geek@gmail.com";
realName = "Lubin Bailly";
userName = "lubin.geek@gmail.com";
signature = {
delimiter = "--";
showSignature = "append";
text = "Lubin Bailly";
};
passwordCommand = "cat /run/agenix/geek.gle";
imap = {
host = "imap.gmail.com";
port = 993;
tls.enable = true;
};
smtp = {
host = "smtp.gmail.com";
port = 465;
tls.enable = true;
};
};
"gmail.pro" = {
inherit aerc;
address = "lubin.bailly@gmail.com";
realName = "Lubin Bailly";
userName = "lubin.bailly@gmail.com";
signature = {
delimiter = "--";
showSignature = "append";
text = "Lubin Bailly";
};
passwordCommand = "cat /run/agenix/pro.gle";
imap = {
host = "imap.gmail.com";
port = 993;
tls.enable = true;
};
smtp = {
host = "smtp.gmail.com";
port = 465;
tls.enable = true;
};
};
"laposte" = {
inherit aerc;
address = "lubin-bailly@laposte.net";
realName = "Lubin Bailly";
userName = "lubin-bailly";
signature = {
delimiter = "--";
showSignature = "append";
text = "Lubin Bailly";
};
passwordCommand = "cat /run/agenix/mails-laposte";
imap = {
host = "imap.laposte.net";
port = 993;
tls.enable = true;
};
smtp = {
host = "smtp.laposte.net";
port = 465;
tls.enable = true;
};
}; };
}; };
"katmail" = {
inherit aerc;
address = "catvayor@katvayor.net";
realName = "catvayor";
userName = "catvayor@katvayor.net";
signature = {
delimiter = "--";
showSignature = "append";
text = "catvayor";
};
passwordCommand = "cat /run/agenix/mails-kat";
imap = {
host = "ssl0.ovh.net";
port = 993;
tls.enable = true;
};
smtp = {
host = "ssl0.ovh.net";
port = 465;
tls.enable = true;
};
};
"dgnum" = {
inherit aerc;
address = "catvayor@dgnum.eu";
realName = "catvayor";
userName = "catvayor@dgnum.eu";
signature = {
delimiter = "--";
showSignature = "append";
text = "catvayor";
};
passwordCommand = "cat /run/agenix/mails-dgnum";
imap = {
host = "kurisu.lahfa.xyz";
port = 993;
tls.enable = true;
};
smtp = {
host = "kurisu.lahfa.xyz";
port = 587;
tls.enable = true;
tls.useStartTls = true;
};
};
"gmail.geek" = {
inherit aerc;
address = "lubin.geek@gmail.com";
realName = "Lubin Bailly";
userName = "lubin.geek@gmail.com";
signature = {
delimiter = "--";
showSignature = "append";
text = "Lubin Bailly";
};
passwordCommand = "cat /run/agenix/geek.gle";
imap = {
host = "imap.gmail.com";
port = 993;
tls.enable = true;
};
smtp = {
host = "smtp.gmail.com";
port = 465;
tls.enable = true;
};
};
"gmail.pro" = {
inherit aerc;
address = "lubin.bailly@gmail.com";
realName = "Lubin Bailly";
userName = "lubin.bailly@gmail.com";
signature = {
delimiter = "--";
showSignature = "append";
text = "Lubin Bailly";
};
passwordCommand = "cat /run/agenix/pro.gle";
imap = {
host = "imap.gmail.com";
port = 993;
tls.enable = true;
};
smtp = {
host = "smtp.gmail.com";
port = 465;
tls.enable = true;
};
};
"laposte" = {
inherit aerc;
address = "lubin-bailly@laposte.net";
realName = "Lubin Bailly";
userName = "lubin-bailly";
signature = {
delimiter = "--";
showSignature = "append";
text = "Lubin Bailly";
};
passwordCommand = "cat /run/agenix/mails-laposte";
imap = {
host = "imap.laposte.net";
port = 993;
tls.enable = true;
};
smtp = {
host = "smtp.laposte.net";
port = 465;
tls.enable = true;
};
};
};
} }

9
modules/neovim/default.nix
View file

@ -1,5 +1,10 @@
{ pkgs, config, lib, ... }: {
{ pkgs,
config,
lib,
...
}:
{
programs.neovim = { programs.neovim = {
enable = true; enable = true;
defaultEditor = true; defaultEditor = true;

91
modules/zsh.nix
View file

@ -1,48 +1,55 @@
{ config, pkgs, lib, ... }:
{ {
programs.zsh = { config,
enable = true; pkgs,
oh-my-zsh = { lib,
...
}:
{
programs = {
zsh = {
enable = true; enable = true;
plugins = [ "git" ]; oh-my-zsh = {
enable = true;
plugins = [ "git" ];
};
plugins = [
{
name = "zsh-nix-shell";
file = "nix-shell.plugin.zsh";
src = pkgs.fetchFromGitHub {
owner = "chisui";
repo = "zsh-nix-shell";
rev = "v0.8.0";
sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7";
};
}
{
name = "zsh-autosuggestion";
file = "zsh-autosuggestions.zsh";
src = pkgs.fetchFromGitHub {
owner = "zsh-users";
repo = "zsh-autosuggestions";
rev = "v0.7.0";
sha256 = "1g3pij5qn2j7v7jjac2a63lxd97mcsgw6xq6k5p7835q9fjiid98";
};
}
{
name = "zsh-syntax-highlighting";
file = "zsh-syntax-highlighting.zsh";
src = pkgs.fetchFromGitHub {
owner = "zsh-users";
repo = "zsh-syntax-highlighting";
rev = "0.8.0";
sha256 = "1yl8zdip1z9inp280sfa5byjbf2vqh2iazsycar987khjsi5d5w8";
};
}
];
}; };
plugins = [
{
name = "zsh-nix-shell";
file = "nix-shell.plugin.zsh";
src = pkgs.fetchFromGitHub {
owner = "chisui";
repo = "zsh-nix-shell";
rev = "v0.8.0";
sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7";
};
}
{
name = "zsh-autosuggestion";
file = "zsh-autosuggestions.zsh";
src = pkgs.fetchFromGitHub {
owner = "zsh-users";
repo = "zsh-autosuggestions";
rev = "v0.7.0";
sha256 = "1g3pij5qn2j7v7jjac2a63lxd97mcsgw6xq6k5p7835q9fjiid98";
};
}
{
name = "zsh-syntax-highlighting";
file = "zsh-syntax-highlighting.zsh";
src = pkgs.fetchFromGitHub {
owner = "zsh-users";
repo = "zsh-syntax-highlighting";
rev = "0.8.0";
sha256 = "1yl8zdip1z9inp280sfa5byjbf2vqh2iazsycar987khjsi5d5w8";
};
}
];
};
programs.starship = { starship = {
enable = true; enable = true;
enableZshIntegration = true; enableZshIntegration = true;
settings.battery.disabled = true; settings.battery.disabled = true;
};
}; };
} }

53
users/catvayor.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, lib, mods, ... }: {
config,
pkgs,
lib,
mods,
...
}:
{ {
imports = with mods.global; [ sway ]; imports = with mods.global; [ sway ];
@ -6,9 +12,17 @@
users.users.catvayor = { users.users.catvayor = {
shell = pkgs.zsh; shell = pkgs.zsh;
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "usb" "networkmanager" "video" "audio" "libvirtd" ]; extraGroups = [
"wheel"
"usb"
"networkmanager"
"video"
"audio"
"libvirtd"
];
packages = with pkgs; [ packages = with pkgs; [
tree tree
nixfmt-rfc-style
]; ];
}; };
@ -24,7 +38,13 @@
home-manager.users.catvayor = { home-manager.users.catvayor = {
home.stateVersion = "23.11"; home.stateVersion = "23.11";
imports = with mods.home; [ neovim zsh sway ssh mail ]; imports = with mods.home; [
neovim
zsh
sway
ssh
mail
];
home.packages = with pkgs; [ home.packages = with pkgs; [
wl-clipboard wl-clipboard
@ -39,9 +59,12 @@
keepassxc keepassxc
]; ];
programs.alacritty = { enable = true; settings = lib.importTOML ./cat-alacritty.toml; }; programs.alacritty = {
enable = true;
settings = lib.importTOML ./cat-alacritty.toml;
};
programs.thunderbird.enable = true; programs.thunderbird.enable = true;
programs.thunderbird.profiles = {}; programs.thunderbird.profiles = { };
services.mako = { services.mako = {
enable = true; enable = true;
width = 400; width = 400;
@ -55,11 +78,23 @@
gtk = { gtk = {
enable = true; enable = true;
theme = { package = pkgs.arc-theme; name = "Arc-Dark"; }; theme = {
iconTheme = { package = pkgs.arc-icon-theme; name = "Arc"; }; package = pkgs.arc-theme;
cursorTheme = { package = pkgs.breeze-hacked-cursor-theme; name = "Breeze_Hacked"; }; name = "Arc-Dark";
};
iconTheme = {
package = pkgs.arc-icon-theme;
name = "Arc";
};
cursorTheme = {
package = pkgs.breeze-hacked-cursor-theme;
name = "Breeze_Hacked";
};
};
home.pointerCursor = {
package = pkgs.breeze-hacked-cursor-theme;
name = "Breeze_Hacked";
}; };
home.pointerCursor = { package = pkgs.breeze-hacked-cursor-theme; name = "Breeze_Hacked"; };
xdg.enable = true; xdg.enable = true;
}; };
} }

32
users/root.nix
View file

@ -1,18 +1,28 @@
{ ssh }: { ssh }:
{ config, lib, pkgs, mods, ... }: {
config,
lib,
pkgs,
mods,
...
}:
{ {
programs.zsh.enable = true; programs.zsh.enable = true;
users.users.root = { users.users.root =
shell = pkgs.zsh; {
} // lib.attrsets.optionalAttrs ssh { shell = pkgs.zsh;
openssh.authorizedKeys.keys = [ }
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" // lib.attrsets.optionalAttrs ssh {
]; openssh.authorizedKeys.keys = [
}; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
];
};
home-manager.users.root = { home-manager.users.root = {
home.stateVersion = "23.11"; home.stateVersion = "23.11";
imports = with mods.home; [ neovim zsh ]; imports = with mods.home; [
neovim
zsh
];
}; };
} // lib.attrsets.optionalAttrs ssh {
services.openssh.enable = true;
} }
// lib.attrsets.optionalAttrs ssh { services.openssh.enable = true; }