yorick/dotfiles
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: yorick:master
Branches Tags
yorick:master
yorick:auto-flake-update
..
compare: yorick:auto-flake-update
Branches Tags
yorick:master
yorick:auto-flake-update

1 commit
master ... auto-flake

Author SHA1 Message Date
Yorick van Pelt 3169593fc1 Update flake.lock.
Some checks are pending
builder nix build .#
Details 
warning: updating lock file '/home/yorick/dotfiles/.worktrees/flake-update/flake.lock':
• Updated input 'agenix':
    'github:ryantm/agenix/6acb1fe5f8597d5ce63fc82bc7fcac7774b1cdf0' (2022-09-25)
  → 'github:ryantm/agenix/a630400067c6d03c9b3e0455347dc8559db14288' (2022-10-15)
• Updated input 'emacs-overlay':
    'github:nix-community/emacs-overlay/20dc7a0a1ea9c40201c8fe1e29b91a50b5ecba9b' (2022-10-04)
  → 'github:nix-community/emacs-overlay/33ce8dabfd3dc4968bae24126766e60d67b39dbb' (2022-10-16)
• Updated input 'home-manager':
    'github:nix-community/home-manager/e4e639dd4dc3e431aa5b5f95325f9a66ac7e0dd9' (2022-10-03)
  → 'github:nix-community/home-manager/2ecb3ea990cf737cfb42d8cd805fa86347c1afaf' (2022-10-15)
• Updated input 'nixos-hardware':
    'github:NixOS/nixos-hardware/3024c67a2e9a35450558426c42e7419ab37efd95' (2022-10-01)
  → 'github:NixOS/nixos-hardware/674d05f9ae2249d606a0e6fc63e522d2031a27ac' (2022-10-15)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/fd54651f5ffb4a36e8463e0c327a78442b26cbe7' (2022-10-03)
  → 'github:nixos/nixpkgs/4428e23312933a196724da2df7ab78eb5e67a88e' (2022-10-14)
• Updated input 'nixpkgs-wayland':
    'github:nix-community/nixpkgs-wayland/4370a181d2c7cbefa4cd1c8bbae2e4a16b2573ae' (2022-09-27)
  → 'github:nix-community/nixpkgs-wayland/1e4635a232db95976217590c77f5d76a91a87f61' (2022-10-15)
• Updated input 'nixpkgs-wayland/lib-aggregate':
    'github:nix-community/lib-aggregate/d838f91d10773418622421e8580ddb862cde3ff0' (2022-09-25)
  → 'github:nix-community/lib-aggregate/d6f8e6456ec59ff51034d3e434739926470af7aa' (2022-10-09)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
    'github:nix-community/nixpkgs.lib/b627e4dc7430fa35fd4710987077f96c7b5623f5' (2022-09-25)
  → 'github:nix-community/nixpkgs.lib/76ef73e385f96bb438676cf5f21f220694fd3d73' (2022-10-09)
warning: Git tree '/home/yorick/dotfiles/.worktrees/flake-update' is dirty
 2022-10-16 14:06:08 +02:00
133 changed files with 1447 additions and 9321 deletions
Show stats Expand all files Collapse all files

2
.gitignore vendored
View file

@ -2,5 +2,3 @@ result
*~ *~
/mutt/.mutt/hcache-lock /mutt/.mutt/hcache-lock
/emacs/emacs.el /emacs/emacs.el
.direnv
/pkgs/marvin-tracker/node_modules

29
README.md
View file

@ -1,29 +0,0 @@
This repo contains code and specs for my personal infrastructure.
There is a centralized action runner tool 'ydeployer', which is accessible
from `nix develop` or using `direnv` (or using `nix run`).
# Computers
Configuration for all x86/arm systems is stored in [./nixos](). Specs are available in [./nixos/README.md]()
# bin
Assorted scripts in various states of deprecation.
# deployer
Deployment tool, written in typescript.
# emacs
.org files making up my daily editor configuration.
# esphome
Contains yaml configuration for esphome esp32 nodes.
# home-manager
nix configuration for my user profile on my desktop and laptops. Contains list of installed user-space programs.
# pkgs
Collection of nix files for packages that are not in nixpkgs, or patches for them.
# secrets
Secrets encrypted using agenix.

428
alacritty.yml Normal file
View file

@ -0,0 +1,428 @@
# Configuration for Alacritty, the GPU enhanced terminal emulator
# Any items in the `env` entry below will be added as
# environment variables. Some entries may override variables
# set by alacritty it self.
env:
# TERM env customization.
#
# If this property is not set, alacritty will set it to xterm-256color.
#
# Note that some xterm terminfo databases don't declare support for italics.
# You can verify this by checking for the presence of `smso` and `sitm` in
# `infocmp xterm-256color`.
TERM: xterm-256color
cursor:
style:
blinking: Never
scrolling:
multiplier: 10
# Window dimensions in character columns and lines
# Falls back to size specified by window manager if set to 0x0.
# (changes require restart)
window.dimensions:
columns: 80
lines: 24
# Adds this many blank pixels of padding around the window
# Units are physical pixels; this is not DPI aware.
# (change requires restart)
window.padding:
x: 0
y: 0
# When true, bold text is drawn using the bright variant of colors.
draw_bold_text_with_bright_colors: true
# Font configuration (changes require restart)
#
# Important font attributes like antialiasing, subpixel aa, and hinting can be
# controlled through fontconfig. Specifically, the following attributes should
# have an effect:
#
# * hintstyle
# * antialias
# * lcdfilter
# * rgba
#
# For instance, if you wish to disable subpixel antialiasing, you might set the
# rgba property to "none". If you wish to completely disable antialiasing, you
# can set antialias to false.
#
# Please see these resources for more information on how to use fontconfig
#
# * https://wiki.archlinux.org/index.php/font_configuration#Fontconfig_configuration
# * file:///usr/share/doc/fontconfig/fontconfig-user.html
font:
# The normal (roman) font face to use.
normal:
family: monospace # should be "Menlo" or something on macOS.
# Style can be specified to pick a specific face.
# style: Regular
# The bold font face
bold:
family: monospace # should be "Menlo" or something on macOS.
# Style can be specified to pick a specific face.
# style: Bold
# The italic font face
italic:
family: monospace # should be "Menlo" or something on macOS.
# Style can be specified to pick a specific face.
# style: Italic
# Point size of the font
size: 12.0
# Offset is the extra space around each character. offset.y can be thought of
# as modifying the linespacing, and offset.x as modifying the letter spacing.
offset:
x: 0
y: 0
# Glyph offset determines the locations of the glyphs within their cells with
# the default being at the bottom. Increase the x offset to move the glyph to
# the right, increase the y offset to move the glyph upward.
glyph_offset:
x: 0
y: 0
# Should display the render timer
debug:
render_timer: false
# Use custom cursor colors. If true, display the cursor in the cursor.foreground
# and cursor.background colors, otherwise invert the colors of the cursor.
# Colors (Solarized Light)
colors:
# Default colors
primary:
background: '0xfdf6e3'
foreground: '0x586e75'
# Normal colors
normal:
black: '0x073642'
red: '0xdc322f'
green: '0x859900'
yellow: '0xb58900'
blue: '0x268bd2'
magenta: '0xd33682'
cyan: '0x2aa198'
white: '0xeee8d5'
# Bright colors
bright:
black: '0x002b36'
red: '0xcb4b16'
green: '0x586e75'
yellow: '0x657b83'
blue: '0x839496'
magenta: '0x6c71c4'
cyan: '0x93a1a1'
white: '0xfdf6e3'
# Colors (Solarized Dark)
colors-alt:
# Default colors
primary:
background: '0x002b36'
foreground: '0x839496'
# Normal colors
normal:
black: '0x073642'
red: '0xdc322f'
green: '0x859900'
yellow: '0xb58900'
blue: '0x268bd2'
magenta: '0xd33682'
cyan: '0x2aa198'
white: '0xeee8d5'
# Bright colors
bright:
black: '0x002b36'
red: '0xcb4b16'
green: '0x586e75'
yellow: '0x657b83'
blue: '0x839496'
magenta: '0x6c71c4'
cyan: '0x93a1a1'
white: '0xfdf6e3'
# Colors (Tomorrow Night Bright)
colors_default:
# Default colors
primary:
background: '0x000000'
foreground: '0xeaeaea'
# Colors the cursor will use if `custom_cursor_colors` is true
cursor:
text: '0x000000'
cursor: '0xffffff'
# Normal colors
normal:
black: '0x000000'
red: '0xd54e53'
green: '0xb9ca4a'
yellow: '0xe6c547'
blue: '0x7aa6da'
magenta: '0xc397d8'
cyan: '0x70c0ba'
white: '0xffffff'
# Bright colors
bright:
black: '0x666666'
red: '0xff3334'
green: '0x9ec400'
yellow: '0xe7c547'
blue: '0x7aa6da'
magenta: '0xb77ee0'
cyan: '0x54ced6'
white: '0xffffff'
# Dim colors (Optional)
dim:
black: '0x333333'
red: '0xf2777a'
green: '0x99cc99'
yellow: '0xffcc66'
blue: '0x6699cc'
magenta: '0xcc99cc'
cyan: '0x66cccc'
white: '0xdddddd'
# Visual Bell
#
# Any time the BEL code is received, Alacritty "rings" the visual bell. Once
# rung, the terminal background will be set to white and transition back to the
# default background color. You can control the rate of this transition by
# setting the `duration` property (represented in milliseconds). You can also
# configure the transition function by setting the `animation` property.
#
# Possible values for `animation`
# `Ease`
# `EaseOut`
# `EaseOutSine`
# `EaseOutQuad`
# `EaseOutCubic`
# `EaseOutQuart`
# `EaseOutQuint`
# `EaseOutExpo`
# `EaseOutCirc`
# `Linear`
#
# To completely disable the visual bell, set its duration to 0.
#
bell:
animation: EaseOutSine
duration: 0
# Background opacity
background_opacity: 0.9
# Mouse bindings
#
# Currently doesn't support modifiers. Both the `mouse` and `action` fields must
# be specified.
#
# Values for `mouse`:
# - Middle
# - Left
# - Right
# - Numeric identifier such as `5`
#
# Values for `action`:
# - Paste
# - PasteSelection
# - Copy (TODO)
mouse_bindings:
- { mouse: Middle, action: PasteSelection }
mouse:
double_click: { threshold: 300 }
triple_click: { threshold: 300 }
hide_when_typing: false
selection:
semantic_escape_chars: "«,│`|:\"' ()[]{}<>»"
# Live config reload (changes require restart)
live_config_reload: true
# Shell
#
# You can set shell.program to the path of your favorite shell, e.g. /bin/fish.
# Entries in shell.args are passed unmodified as arguments to the shell.
# shell:
# program: /bin/bash
# args:
# - --login
# Key bindings
#
# Each binding is defined as an object with some properties. Most of the
# properties are optional. All of the alphabetical keys should have a letter for
# the `key` value such as `V`. Function keys are probably what you would expect
# as well (F1, F2, ..). The number keys above the main keyboard are encoded as
# `Key1`, `Key2`, etc. Keys on the number pad are encoded `Number1`, `Number2`,
# etc. These all match the glutin::VirtualKeyCode variants.
#
# Possible values for `mods`
# `Command`, `Super` refer to the super/command/windows key
# `Control` for the control key
# `Shift` for the Shift key
# `Alt` and `Option` refer to alt/option
#
# mods may be combined with a `|`. For example, requiring control and shift
# looks like:
#
# mods: Control|Shift
#
# The parser is currently quite sensitive to whitespace and capitalization -
# capitalization must match exactly, and piped items must not have whitespace
# around them.
#
# Either an `action`, `chars`, or `command` field must be present.
# `action` must be one of `Paste`, `PasteSelection`, `Copy`, or `Quit`.
# `chars` writes the specified string every time that binding is activated.
# These should generally be escape sequences, but they can be configured t# SENDuARBITRARYi strings of bytes.
# `command` must be a map containing a `program` string, and `args` array of
# strings. For example:
# - { ... , command: { program: "alacritty", args: ["-e", "vttest"] } }
#
# Want to add a binding (e.g. "PageUp") but are unsure what the X sequence
# (e.g. "\x1b[5~") is? Open another terminal (like xterm) without tmux,
# then run `showkey -a` to get the sequence associated to a key combination.
key_bindings:
- { key: V, mods: Control|Shift, action: Paste }
- { key: C, mods: Control|Shift, action: Copy }
- { key: Q, mods: Command, action: Quit }
- { key: W, mods: Command, action: Quit }
- { key: Insert, mods: Shift, action: PasteSelection }
- { key: Key0, mods: Control, action: ResetFontSize }
- { key: Equals, mods: Control, action: IncreaseFontSize }
- { key: Minus, mods: Control, action: DecreaseFontSize }
- { key: Home, chars: "\x1bOH", mode: AppCursor }
- { key: Home, chars: "\x1b[H", mode: ~AppCursor }
- { key: End, chars: "\x1bOF", mode: AppCursor }
- { key: End, chars: "\x1b[F", mode: ~AppCursor }
- { key: PageUp, mods: Shift, chars: "\x1b[5;2~" }
- { key: PageUp, mods: Control, chars: "\x1b[5;5~" }
- { key: PageUp, chars: "\x1b[5~" }
- { key: PageDown, mods: Shift, chars: "\x1b[6;2~" }
- { key: PageDown, mods: Control, chars: "\x1b[6;5~" }
- { key: PageDown, chars: "\x1b[6~" }
- { key: Tab, mods: Shift, chars: "\x1b[Z" }
- { key: Back, chars: "\x7f" }
- { key: Back, mods: Alt, chars: "\x1b\x7f" }
- { key: Back, mods: Control, chars: "\x1b\x7f" }
- { key: Return, mods: Control, chars: "\x1b[73;5~" }
- { key: Insert, chars: "\x1b[2~" }
- { key: Delete, chars: "\x1b[3~" }
- { key: Left, mods: Shift, chars: "\x1b[1;2D" }
- { key: Left, mods: Control, chars: "\x1b[1;5D" }
- { key: Left, mods: Alt, chars: "\x1b[1;3D" }
- { key: Left, chars: "\x1b[D", mode: ~AppCursor }
- { key: Left, chars: "\x1bOD", mode: AppCursor }
- { key: Right, mods: Shift, chars: "\x1b[1;2C" }
- { key: Right, mods: Control, chars: "\x1b[1;5C" }
- { key: Right, mods: Alt, chars: "\x1b[1;3C" }
- { key: Right, chars: "\x1b[C", mode: ~AppCursor }
- { key: Right, chars: "\x1bOC", mode: AppCursor }
- { key: Up, mods: Shift, chars: "\x1b[1;2A" }
- { key: Up, mods: Control, chars: "\x1b[1;5A" }
- { key: Up, mods: Alt, chars: "\x1b[1;3A" }
- { key: Up, chars: "\x1b[A", mode: ~AppCursor }
- { key: Up, chars: "\x1bOA", mode: AppCursor }
- { key: Down, mods: Shift, chars: "\x1b[1;2B" }
- { key: Down, mods: Control, chars: "\x1b[1;5B" }
- { key: Down, mods: Alt, chars: "\x1b[1;3B" }
- { key: Down, chars: "\x1b[B", mode: ~AppCursor }
- { key: Down, chars: "\x1bOB", mode: AppCursor }
- { key: F1, chars: "\x1bOP" }
- { key: F2, chars: "\x1bOQ" }
- { key: F3, chars: "\x1bOR" }
- { key: F4, chars: "\x1bOS" }
- { key: F5, chars: "\x1b[15~" }
- { key: F6, chars: "\x1b[17~" }
- { key: F7, chars: "\x1b[18~" }
- { key: F8, chars: "\x1b[19~" }
- { key: F9, chars: "\x1b[20~" }
- { key: F10, chars: "\x1b[21~" }
- { key: F11, chars: "\x1b[23~" }
- { key: F12, chars: "\x1b[24~" }
- { key: F1, mods: Shift, chars: "\x1b[1;2P" }
- { key: F2, mods: Shift, chars: "\x1b[1;2Q" }
- { key: F3, mods: Shift, chars: "\x1b[1;2R" }
- { key: F4, mods: Shift, chars: "\x1b[1;2S" }
- { key: F5, mods: Shift, chars: "\x1b[15;2~" }
- { key: F6, mods: Shift, chars: "\x1b[17;2~" }
- { key: F7, mods: Shift, chars: "\x1b[18;2~" }
- { key: F8, mods: Shift, chars: "\x1b[19;2~" }
- { key: F9, mods: Shift, chars: "\x1b[20;2~" }
- { key: F10, mods: Shift, chars: "\x1b[21;2~" }
- { key: F11, mods: Shift, chars: "\x1b[23;2~" }
- { key: F12, mods: Shift, chars: "\x1b[24;2~" }
- { key: F1, mods: Control, chars: "\x1b[1;5P" }
- { key: F2, mods: Control, chars: "\x1b[1;5Q" }
- { key: F3, mods: Control, chars: "\x1b[1;5R" }
- { key: F4, mods: Control, chars: "\x1b[1;5S" }
- { key: F5, mods: Control, chars: "\x1b[15;5~" }
- { key: F6, mods: Control, chars: "\x1b[17;5~" }
- { key: F7, mods: Control, chars: "\x1b[18;5~" }
- { key: F8, mods: Control, chars: "\x1b[19;5~" }
- { key: F9, mods: Control, chars: "\x1b[20;5~" }
- { key: F10, mods: Control, chars: "\x1b[21;5~" }
- { key: F11, mods: Control, chars: "\x1b[23;5~" }
- { key: F12, mods: Control, chars: "\x1b[24;5~" }
- { key: F1, mods: Alt, chars: "\x1b[1;6P" }
- { key: F2, mods: Alt, chars: "\x1b[1;6Q" }
- { key: F3, mods: Alt, chars: "\x1b[1;6R" }
- { key: F4, mods: Alt, chars: "\x1b[1;6S" }
- { key: F5, mods: Alt, chars: "\x1b[15;6~" }
- { key: F6, mods: Alt, chars: "\x1b[17;6~" }
- { key: F7, mods: Alt, chars: "\x1b[18;6~" }
- { key: F8, mods: Alt, chars: "\x1b[19;6~" }
- { key: F9, mods: Alt, chars: "\x1b[20;6~" }
- { key: F10, mods: Alt, chars: "\x1b[21;6~" }
- { key: F11, mods: Alt, chars: "\x1b[23;6~" }
- { key: F12, mods: Alt, chars: "\x1b[24;6~" }
- { key: F1, mods: Super, chars: "\x1b[1;3P" }
- { key: F2, mods: Super, chars: "\x1b[1;3Q" }
- { key: F3, mods: Super, chars: "\x1b[1;3R" }
- { key: F4, mods: Super, chars: "\x1b[1;3S" }
- { key: F5, mods: Super, chars: "\x1b[15;3~" }
- { key: F6, mods: Super, chars: "\x1b[17;3~" }
- { key: F7, mods: Super, chars: "\x1b[18;3~" }
- { key: F8, mods: Super, chars: "\x1b[19;3~" }
- { key: F9, mods: Super, chars: "\x1b[20;3~" }
- { key: F10, mods: Super, chars: "\x1b[21;3~" }
- { key: F11, mods: Super, chars: "\x1b[23;3~" }
- { key: F12, mods: Super, chars: "\x1b[24;3~" }
hints:
alphabet: "arstdhneio"
enabled:
- regex: "/nix/store/[0-9a-df-np-sv-z]{32}-[^/»]+"
action: select
binding:
key: G
mods: Control|Shift
- regex: "(mailto:|gemini:|gopher:|https:|http:|news:|file:|git:|ssh:|ftp:)\
[^\u0000-\u001F\u007F-\u009F<>\" {-}\\^⟨⟩`]+"
command: xdg-open
post_processing: true
mouse:
enabled: true
mods: None
binding:
key: U
mods: Control|Shift

583
alacritty/alacritty.toml
View file

@ -1,583 +0,0 @@
live_config_reload = true
import = [ "~/.config/alacritty/colors.toml" ]
[bell]
animation = "EaseOutSine"
duration = 0
[colors]
draw_bold_text_with_bright_colors = true
[cursor.style]
blinking = "Never"
[env]
TERM = "xterm-256color"
[font]
size = 12.0
[font.normal]
family = "DejaVuSansM Nerd Font"
[hints]
alphabet = "arstdhneio"
[[hints.enabled]]
action = "select"
regex = "/nix/store/[0-9a-df-np-sv-z]{32}-[^/»]+"
[hints.enabled.binding]
key = "G"
mods = "Control|Shift"
[[hints.enabled]]
command = "xdg-open"
post_processing = true
regex = "(mailto:|gemini:|gopher:|https:|http:|news:|file:|git:|ssh:|ftp:)[^\u0000-\u001F\u007F-Ÿ<>\" {-}\\^⟨⟩`]+"
[hints.enabled.binding]
key = "U"
mods = "Control|Shift"
[hints.enabled.mouse]
enabled = true
mods = "None"
[[keyboard.bindings]]
action = "Paste"
key = "V"
mods = "Control|Shift"
[[keyboard.bindings]]
action = "Copy"
key = "C"
mods = "Control|Shift"
[[keyboard.bindings]]
action = "Quit"
key = "Q"
mods = "Command"
[[keyboard.bindings]]
action = "Quit"
key = "W"
mods = "Command"
[[keyboard.bindings]]
action = "PasteSelection"
key = "Insert"
mods = "Shift"
[[keyboard.bindings]]
action = "ResetFontSize"
key = "Key0"
mods = "Control"
[[keyboard.bindings]]
action = "IncreaseFontSize"
key = "Equals"
mods = "Control"
[[keyboard.bindings]]
action = "DecreaseFontSize"
key = "Minus"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001BOH"
key = "Home"
mode = "AppCursor"
[[keyboard.bindings]]
chars = "\u001B[H"
key = "Home"
mode = "~AppCursor"
[[keyboard.bindings]]
chars = "\u001BOF"
key = "End"
mode = "AppCursor"
[[keyboard.bindings]]
chars = "\u001B[F"
key = "End"
mode = "~AppCursor"
[[keyboard.bindings]]
chars = "\u001B[5;2~"
key = "PageUp"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[5;5~"
key = "PageUp"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[5~"
key = "PageUp"
[[keyboard.bindings]]
chars = "\u001B[6;2~"
key = "PageDown"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[6;5~"
key = "PageDown"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[6~"
key = "PageDown"
[[keyboard.bindings]]
chars = "\u001B[Z"
key = "Tab"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u007F"
key = "Back"
[[keyboard.bindings]]
chars = "\u001B\u007F"
key = "Back"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B\u007F"
key = "Back"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[73;5~"
key = "Return"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[2~"
key = "Insert"
[[keyboard.bindings]]
chars = "\u001B[3~"
key = "Delete"
[[keyboard.bindings]]
chars = "\u001B[1;2D"
key = "Left"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[1;5D"
key = "Left"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[1;3D"
key = "Left"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[D"
key = "Left"
mode = "~AppCursor"
[[keyboard.bindings]]
chars = "\u001BOD"
key = "Left"
mode = "AppCursor"
[[keyboard.bindings]]
chars = "\u001B[1;2C"
key = "Right"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[1;5C"
key = "Right"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[1;3C"
key = "Right"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[C"
key = "Right"
mode = "~AppCursor"
[[keyboard.bindings]]
chars = "\u001BOC"
key = "Right"
mode = "AppCursor"
[[keyboard.bindings]]
chars = "\u001B[1;2A"
key = "Up"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[1;5A"
key = "Up"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[1;3A"
key = "Up"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[A"
key = "Up"
mode = "~AppCursor"
[[keyboard.bindings]]
chars = "\u001BOA"
key = "Up"
mode = "AppCursor"
[[keyboard.bindings]]
chars = "\u001B[1;2B"
key = "Down"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[1;5B"
key = "Down"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[1;3B"
key = "Down"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[B"
key = "Down"
mode = "~AppCursor"
[[keyboard.bindings]]
chars = "\u001BOB"
key = "Down"
mode = "AppCursor"
[[keyboard.bindings]]
chars = "\u001BOP"
key = "F1"
[[keyboard.bindings]]
chars = "\u001BOQ"
key = "F2"
[[keyboard.bindings]]
chars = "\u001BOR"
key = "F3"
[[keyboard.bindings]]
chars = "\u001BOS"
key = "F4"
[[keyboard.bindings]]
chars = "\u001B[15~"
key = "F5"
[[keyboard.bindings]]
chars = "\u001B[17~"
key = "F6"
[[keyboard.bindings]]
chars = "\u001B[18~"
key = "F7"
[[keyboard.bindings]]
chars = "\u001B[19~"
key = "F8"
[[keyboard.bindings]]
chars = "\u001B[20~"
key = "F9"
[[keyboard.bindings]]
chars = "\u001B[21~"
key = "F10"
[[keyboard.bindings]]
chars = "\u001B[23~"
key = "F11"
[[keyboard.bindings]]
chars = "\u001B[24~"
key = "F12"
[[keyboard.bindings]]
chars = "\u001B[1;2P"
key = "F1"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[1;2Q"
key = "F2"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[1;2R"
key = "F3"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[1;2S"
key = "F4"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[15;2~"
key = "F5"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[17;2~"
key = "F6"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[18;2~"
key = "F7"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[19;2~"
key = "F8"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[20;2~"
key = "F9"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[21;2~"
key = "F10"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[23;2~"
key = "F11"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[24;2~"
key = "F12"
mods = "Shift"
[[keyboard.bindings]]
chars = "\u001B[1;5P"
key = "F1"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[1;5Q"
key = "F2"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[1;5R"
key = "F3"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[1;5S"
key = "F4"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[15;5~"
key = "F5"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[17;5~"
key = "F6"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[18;5~"
key = "F7"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[19;5~"
key = "F8"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[20;5~"
key = "F9"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[21;5~"
key = "F10"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[23;5~"
key = "F11"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[24;5~"
key = "F12"
mods = "Control"
[[keyboard.bindings]]
chars = "\u001B[1;6P"
key = "F1"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[1;6Q"
key = "F2"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[1;6R"
key = "F3"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[1;6S"
key = "F4"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[15;6~"
key = "F5"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[17;6~"
key = "F6"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[18;6~"
key = "F7"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[19;6~"
key = "F8"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[20;6~"
key = "F9"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[21;6~"
key = "F10"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[23;6~"
key = "F11"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[24;6~"
key = "F12"
mods = "Alt"
[[keyboard.bindings]]
chars = "\u001B[1;3P"
key = "F1"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[1;3Q"
key = "F2"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[1;3R"
key = "F3"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[1;3S"
key = "F4"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[15;3~"
key = "F5"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[17;3~"
key = "F6"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[18;3~"
key = "F7"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[19;3~"
key = "F8"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[20;3~"
key = "F9"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[21;3~"
key = "F10"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[23;3~"
key = "F11"
mods = "Super"
[[keyboard.bindings]]
chars = "\u001B[24;3~"
key = "F12"
mods = "Super"
[mouse]
hide_when_typing = false
[[mouse.bindings]]
action = "PasteSelection"
mouse = "Middle"
# [mouse.double_click]
# threshold = 300
# [mouse.triple_click]
# threshold = 300
[scrolling]
multiplier = 10
[selection]
semantic_escape_chars = "«,│`|:\"' ()[]{}<>»"
[window]
opacity = 0.9
# ["window.dimensions"]
# columns = 80
# lines = 24
# ["window.padding"]
# x = 0
# y = 0

51
alacritty/colors-dark.toml
View file

@ -1,51 +0,0 @@
[[colors.indexed_colors]]
color = "0x5faf5f"
index = 16
[[colors.indexed_colors]]
color = "0x5f8787"
index = 17
[[colors.indexed_colors]]
color = "0xaf005f"
index = 18
[[colors.indexed_colors]]
color = "0x5faf00"
index = 19
[[colors.indexed_colors]]
color = "0x5fafd7"
index = 20
[[colors.indexed_colors]]
color = "0xd7875f"
index = 21
[colors.bright]
black = "0x949494"
blue = "0x4271ae"
cyan = "0x3e999f"
green = "0x718c00"
magenta = "0x8959a8"
red = "0xd7005f"
white = "0xf5f5f5"
yellow = "0xd75f00"
[colors.cursor]
cursor = "0x808080"
text = "0x1c1c1c"
[colors.normal]
black = "0xededed"
blue = "0x4271ae"
cyan = "0x3e999f"
green = "0x718c00"
magenta = "0x8959a8"
red = "0xd7005f"
white = "0x4d4d4c"
yellow = "0xd75f00"
[colors.primary]
background = "0x1c1c1c"
foreground = "0x808080"

27
alacritty/colors-light.toml
View file

@ -1,27 +0,0 @@
[colors.bright]
black = "0x949494"
blue = "0x4271ae"
cyan = "0x3e999f"
green = "0x718c00"
magenta = "0x8959a8"
red = "0xd7005f"
white = "0xf5f5f5"
yellow = "0xd75f00"
[colors.cursor]
cursor = "0x4d4d4c"
text = "0xf3f3f3"
[colors.normal]
black = "0xededed"
blue = "0x4271ae"
cyan = "0x3e999f"
green = "0x718c00"
magenta = "0x8959a8"
red = "0xd7005f"
white = "0x4d4d4c"
yellow = "0xd75f00"
[colors.primary]
background = "0xeeeeee"
foreground = "0x4d4d4c"

10
apply.sh
View file

@ -10,3 +10,13 @@ nix build .#yorick-home --no-link
nix run .#update-home nix run .#update-home
nixos-rebuild switch --flake .# --target-host root@localhost nixos-rebuild switch --flake .# --target-host root@localhost
rm -f result rm -f result
set +x
echo "Updating nix-index cache"
(
filename="index-x86_64-$(uname | tr A-Z a-z)"
mkdir -p ~/.cache/nix-index
cd ~/.cache/nix-index
# -N will only download a new version if there is an update.
wget -q -N https://github.com/Mic92/nix-index-database/releases/latest/download/$filename
ln -f $filename files
)

99
bin/absorb.py
View file

@ -1,99 +0,0 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p python3 python3.pkgs.requests -I nixpkgs=channel:nixos-22.05
import json, os, sys, hashlib
from pathlib import Path
import shutil
import tempfile
import requests
if len(sys.argv) < 3:
print(f"Usage: sudo {sys.argv[0]} [dest] [files..]", file=sys.stderr)
sys.exit(2)
if os.geteuid() != 0:
print("Please run as root", file=sys.stderr)
sys.exit(1)
plexmedia = Path("/data/plexmedia")
dest = plexmedia / sys.argv[1]
sections = {
"movies": 1,
"series": 2,
"anime-movies": 3,
"anime-series": 4,
"talks": 5
}
if not dest.is_dir():
print(f"Error: {dest} is not a directory/does not exist")
sys.exit(1)
sid = sections[sys.argv[1]]
def hashfile(path: Path) -> str:
hash = hashlib.sha256()
buf = bytearray(128 * 1024) # 128kb
mv = memoryview(buf)
with path.open('rb') as f:
while n := f.readinto(mv):
hash.update(mv[:n])
return hash.hexdigest()
def symlink_force(name: Path, target: Path) -> None:
try:
name.symlink_to(target)
except FileExistsError:
tmp = Path(tempfile.mktemp(dir=name.parent))
tmp.symlink_to(target)
tmp.replace(name)
def ca_import(source: Path) -> Path:
if not sourcepath.is_file() or sourcepath.is_symlink():
print(f"{sourcepath} is not a regular file")
if sourcepath.is_symlink():
rsv = sourcepath.resolve()
if rsv.parent == plexmedia / "ca":
return rsv
else:
sys.exit(2)
return
# CA import
print(f"[{source.name}] hash")
hash = hashfile(sourcepath)
print(hash)
ca_dest = (plexmedia / "ca" / hash).with_suffix(sourcepath.suffix)
print(f"[{source.name}] copy")
if ca_dest.exists():
print(f"warning: skipping copy, already in store")
else:
tmp_path = ca_dest.with_suffix(ca_dest.suffix + ".tmp")
tmp_path.unlink(missing_ok=True)
try:
shutil.copyfile(sourcepath, tmp_path)
except shutil.SameFileError:
print(f"warning: skipping copy, already in place")
tmp_path.rename(ca_dest)
#print(f"chown plex:plex {ca_dest}")
shutil.chown(ca_dest, user="plex", group="plex")
return ca_dest
for sourcefile in sys.argv[2:]:
sourcepath = Path(sourcefile)
print("CA", sourcepath)
ca_dest = ca_import(sourcepath)
# plex import
destpath = dest / sourcepath.name
print(f"ln -s {ca_dest} {destpath}")
symlink_force(destpath, ca_dest)
shutil.chown(destpath, user="plex", group="plex")
# torrent link
symlink_force(sourcepath, ca_dest)
with open("/home/yorick/plex_token", 'r') as f:
PLEX_TOKEN = f.read().splitlines()[0]
requests.get(f"https://plex.yori.cc/library/sections/{sid}/refresh", headers={
"X-Plex-Token": PLEX_TOKEN
})

1
bin/ala-fzf-pass.sh
View file

@ -1,4 +1,3 @@
set -euo pipefail set -euo pipefail
alacritty msg create-window --class ala-fzf -e "$HOME/dotfiles/bin/fzf-pass-inner.sh" && exit 0
exec alacritty --class ala-fzf -e "$HOME/dotfiles/bin/fzf-pass-inner.sh" exec alacritty --class ala-fzf -e "$HOME/dotfiles/bin/fzf-pass-inner.sh"

2
bin/borgbackup.sh
View file

@ -1,5 +1,5 @@
#!/usr/bin/env bash #!/usr/bin/env bash
export BORG_REPO='zh3213@zh3213.rsync.net:jarvis' export BORG_REPO='14337@ch-s012.rsync.net:jarvis'
export BORG_REMOTE_PATH=borg1 export BORG_REMOTE_PATH=borg1
export BORG_PASSCOMMAND="pass sysadmin/jarvis-borg" export BORG_PASSCOMMAND="pass sysadmin/jarvis-borg"
exec borg "$@" exec borg "$@"

2
bin/btoggle.sh
View file

@ -1,4 +1,4 @@
#!/usr/bin/env bash #!/usr/bin/env bash
MAC=88:C9:E8:AD:73:E8 MAC=94:DB:56:79:7D:86
bluetoothctl info "$MAC" | grep -q 'Connected: yes' && bluetoothctl info "$MAC" | grep -q 'Connected: yes' &&
bluetoothctl disconnect "$MAC" || bluetoothctl connect "$MAC" bluetoothctl disconnect "$MAC" || bluetoothctl connect "$MAC"

47
bin/cal.py
View file

@ -10,7 +10,6 @@ import json
import subprocess import subprocess
import sys import sys
import i3ipc import i3ipc
import html
from pathlib import Path from pathlib import Path
if not Path("~/.gcalcli_oauth").expanduser().exists(): if not Path("~/.gcalcli_oauth").expanduser().exists():
@ -19,10 +18,10 @@ if not Path("~/.gcalcli_oauth").expanduser().exists():
i3 = i3ipc.Connection() i3 = i3ipc.Connection()
accounts = ["yorickvanpelt@gmail.com", "yorick@datakami.nl", "yorick@replicate.com"]
gcal = GoogleCalendarInterface( gcal = GoogleCalendarInterface(
cal_names=parse_cal_names(accounts), cal_names=parse_cal_names(["yorickvanpelt@gmail.com", "yorick.vanpelt@tweag.io"]),
config_folder=None, refresh_cache=False, config_folder=None, refresh_cache=False,
use_cache=True, use_cache=True,
ignore_started=False, ignore_started=False,
@ -39,50 +38,33 @@ events = gcal._search_for_events(start=datetime.now(tzlocal()), end=start_date +
opt = sys.argv[1] opt = sys.argv[1]
def authuser(evt): def authuser(evt):
try: if evt["gcalcli_cal"]["id"] == "yorickvanpelt@gmail.com":
return accounts.index(evt["gcalcli_cal"]["id"]) return 0
except ValueError: else:
return 1 return 1
def tooltip(evt): def tooltip(evt):
# todo: location # todo: location
return f""" return f"""
<b>{html.escape(evt["summary"])}</b> <b>{evt["summary"]}</b>
{evt["s"].strftime("%b %d %H:%M")} - {evt["e"].strftime("%H:%M")} {evt["s"].strftime("%b %d %H:%M")} - {evt["e"].strftime("%H:%M")}
""" """
def openURI(uri):
subprocess.call(["systemd-run", "--user", "chromium", uri])
def getEventURL(evt):
""" Get URL that jumps into video call """
if 'location' in evt and evt['location'].startswith("https://app.gather.town"):
return evt['location']
elif 'hangoutLink' in evt:
# jump into video call
return evt["hangoutLink"] + "?authuser=" + str(authuser(evt))
return None
def click(evt): def click(evt):
# todo: only on certain time before # todo: only on certain time before
url = getEventURL(evt) if 'hangoutLink' in evt:
if url is not None: # jump into video call
url = evt["hangoutLink"] + "?authuser=" + str(authuser(evt))
subprocess.call(["playerctl", "pause"]) subprocess.call(["playerctl", "pause"])
i3.command("focus output 'DVI-D-1', workspace --no-auto-back-and-forth 9") i3.command("focus output 'DVI-D-1', workspace --no-auto-back-and-forth 9")
openURI(url) subprocess.call(["chromium", url])
else: else:
openURI(evt["htmlLink"]) subprocess.call(["xdg-open", evt["htmlLink"]])
def rightclick(evt): def rightclick(evt):
openURI("https://calendar.google.com") subprocess.call(["xdg-open", "https://calendar.google.com"])
def interestedEvent(evt): events = [e for e in events if not gcal._DeclinedEvent(e)]
# ignore started all-day
if "date" in evt['start'] and evt['s'] < gcal.now:
return False
return not gcal._DeclinedEvent(evt) and evt['eventType'] == "default"
events = [e for e in events if interestedEvent(e)]
if opt == "dump": if opt == "dump":
print(json.dumps(events, default=str)) print(json.dumps(events, default=str))
@ -99,9 +81,6 @@ if opt == "list": # todo: rename to first
for evt in events: for evt in events:
icon = "" icon = ""
# todo: tooltip # todo: tooltip
if 'location' in evt and evt['location'].startswith("https://app.gather.town"):
# md-town_hall
icon = '\U000f1875'
if 'hangoutLink' in evt: if 'hangoutLink' in evt:
icon = "" icon = ""
print(json.dumps({ print(json.dumps({

3
bin/default.nix
View file

@ -26,7 +26,4 @@ in lib.mapAttrs (k: f: f k) {
y-cal-widget = makeWrap ./cal.py "${ y-cal-widget = makeWrap ./cal.py "${
python3.withPackages (p: [ (p.toPythonModule gcalcli) p.i3ipc ]) python3.withPackages (p: [ (p.toPythonModule gcalcli) p.i3ipc ])
}/bin/python"; }/bin/python";
absorb = makeWrap ./absorb.py "${
python3.withPackages (p: [ p.requests ])
}/bin/python";
} }

47
bin/dep-drill.sh
View file

@ -1,47 +0,0 @@
#!/usr/bin/env nix-shell
#!nix-shell -I nixpkgs=flake:nixpkgs -p bkt fzf moreutils ncdu -i bash
set -euo pipefail
# todo's:
# - preserve(track) selection when hitting ctrl-s
# https://github.com/junegunn/fzf/issues/3460
# - truncate nix store paths to fit terminal width
# awk?
# - prevent hitting left-arrow on an empty stack
STATE=$(mktemp -d --suffix .nixfzf)
function cleanup {
rm -rf "$STATE"
}
trap cleanup EXIT
if [ $# -ne 1 ]; then
echo "Usage: dep-drill.sh /nix/store/..."
exit 1
fi
# 3: sort -hk3 - sort by closure size, 2: sort -hk2 - own size
echo 3 > "$STATE"/sort
echo "$1" > "$STATE"/path
export SHELL=bash
export BKT_CACHE_DIR="$STATE/cache"
export BKT_TTL=10m
export FZF_DEFAULT_COMMAND='bkt -- nix path-info -rSsh $(tail -1 '"$STATE/path"') | sort -hk$(cat '"$STATE/sort"') | cut -c12-'
fzf --no-sort \
--layout=reverse-list \
--bind=load:last \
--track \
--preview 'bkt -- nix why-depends $(tail -1 '"$STATE/path"') /nix/store/{1} --precise --all' \
--preview-window=down,30%,border-top \
--preview-label=why-depends \
--info=inline \
--nth=1 \
--bind 'ctrl-s:execute-silent(sed -i "s/2/4/g; s/3/2/g; s/4/3/g" '"$STATE/sort"')+track+reload-sync<'"$FZF_DEFAULT_COMMAND"'>+transform-border-label(sed -n "s/2/sorted by own size/p; s/3/sorted by closure size/p" '"$STATE/sort"')' \
--bind 'ctrl-n:execute:ncdu /nix/store/{1}' \
--bind 'right:execute-silent(echo /nix/store/{1} >> '"$STATE/path"')+reload-sync<'"$FZF_DEFAULT_COMMAND"'>+clear-query' \
--bind 'left:execute-silent(uniq '"$STATE/path"' | head -n-1 | sponge '"$STATE/path"')+reload-sync<'"$FZF_DEFAULT_COMMAND"'>+clear-query' \
--border-label="sorted by closure size" \
--border=top \
--header="ctrl-s: toggle sort, ctrl-n: ncdu"

9
bin/fzf-pass-inner.sh
View file

@ -5,11 +5,10 @@ if [ -z "$ENTRY" ]; then
exit 1 exit 1
fi fi
PASSENTRY=$(pass "$ENTRY") PASSENTRY=$(pass "$ENTRY")
(builtin echo "$PASSENTRY" | head -n1 | timeout 30 wl-copy -f -n --sensitive) & # todo: kill after 30s
disown -h builtin echo "$PASSENTRY" | head -n1 | nohup wl-copy -f &
disown
NOTIFICATION=$(builtin echo "$PASSENTRY" | sed 1d) NOTIFICATION=$(builtin echo "$PASSENTRY" | sed 1d)
if [ ! -z "${NOTIFICATION}" ]; then notify-send -t 6000 "$NOTIFICATION"
notify-send -t 6000 "$NOTIFICATION"
fi
builtin echo "$NOTIFICATION" builtin echo "$NOTIFICATION"

10
bin/invert.sh
View file

@ -1,11 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
cs=$(grep -qi 'light' ~/dotfiles/color-scheme && echo "dark" || echo "light") sed -i 's/colors:/colors-alt:/;t;s/colors-alt:/colors:/' ~/.config/alacritty/alacritty.yml
echo $cs | tee ~/dotfiles/color-scheme.tmp (grep -B1 '^colors:$' ~/.config/alacritty/alacritty.yml | head -n1 | grep -qi light && echo "light" || echo dark) | tee ~/dotfiles/color-scheme.tmp
mv ~/dotfiles/color-scheme.tmp ~/dotfiles/color-scheme mv ~/dotfiles/color-scheme.tmp ~/dotfiles/color-scheme
ln -sf ~/dotfiles/alacritty/colors-$cs.toml ~/.config/alacritty/colors.toml #emacsclient -e "(set-solarized-theme nil '$(cat ~/dotfiles/color-scheme))" > /dev/null || true
touch -h ~/.config/alacritty/alacritty.toml if [ "$(cat ~/dotfiles/color-scheme)" = "dark" ]; then
#emacsclient -e "(set-solarized-theme nil '$cs)" > /dev/null || true
if [ "$cs" = "dark" ]; then
dconf write /org/gnome/desktop/interface/gtk-theme "'Adwaita-dark'" dconf write /org/gnome/desktop/interface/gtk-theme "'Adwaita-dark'"
gsettings set org.gnome.desktop.interface gtk-theme 'Adwaita-dark' gsettings set org.gnome.desktop.interface gtk-theme 'Adwaita-dark'
else else

4
bin/marvin-sub.sh
View file

@ -1,4 +0,0 @@
#!/bin/sh
set -euo pipefail
export PATH=$HOME/.nix-profile/bin:$PATH
mosquitto_sub -h frumar.home.yori.cc -u iot -P asdf -t "yorick/marvin/tracking" | jq --unbuffered -r 'if .task then if .started then "▶ \(.task.title)" else "⏸ \(.task.title)" end else "" end'

4
bin/screenshot_public.sh
View file

@ -2,14 +2,14 @@
set -e set -e
# Setup filename for the screenshot # Setup filename for the screenshot
myfile="$(openssl rand -base64 9 | tr / -)_$(date +%y%m%d%H%M%S).webp" myfile="$(openssl rand -base64 9)_$(date +%y%m%d%H%M%S).webp"
webpath="https://pub.yori.cc/s/" webpath="https://pub.yori.cc/s/"
fileurl="$webpath$myfile" fileurl="$webpath$myfile"
# copy-paste # copy-paste
wl-copy <<< "$fileurl" wl-copy <<< "$fileurl"
grimshot save anything "$HOME/screenshot-tmp.ppm" grimshot save window "$HOME/screenshot-tmp.ppm"
cwebp -preset picture -q 100 "$HOME/screenshot-tmp.ppm" -o "$HOME/public/s/$myfile" cwebp -preset picture -q 100 "$HOME/screenshot-tmp.ppm" -o "$HOME/public/s/$myfile"
rm "$HOME/screenshot-tmp.ppm" rm "$HOME/screenshot-tmp.ppm"

1
deployer/.envrc
View file

@ -1 +0,0 @@
use flake ..#deployer

2
deployer/.gitignore vendored
View file

@ -1,2 +0,0 @@
node_modules/
dist/

5
deployer/.yarnignore
View file

@ -1,5 +0,0 @@
yarn-cache
index.ts
nix.ts
ssh.ts

2
deployer/bin/ydeployer.js
View file

@ -1,2 +0,0 @@
#!/usr/bin/env node
import "../dist/index.js"

240
deployer/index.ts
View file

@ -1,240 +0,0 @@
import { ssh, SSH } from './ssh.js'
import { Expression } from './nix.js'
type Dictionary<T> = Record<string, T>
type Command = () => Promise<void>
type Setter = (props: Dictionary<string | boolean | number>) => void
class Cmd {
registry: Dictionary<Command> = {};
settings: Dictionary<Setter> = {};
register(obj: string, action: string, fn: Command) {
this.registry[`${obj}.${action}`] = fn
}
registerAll(obj: string, intf: Object & { _commands?: string[], set?: Setter }) {
if (!intf._commands) return
if (intf.set) this.settings[obj] = intf.set.bind(intf)
const proto = Object.getPrototypeOf(intf)
for (const name of intf._commands) {
if (name != "constructor" && typeof proto[name] === "function") {
this.register(obj, name, proto[name].bind(intf))
}
}
}
async run() {
const opt = argv._[0]
for (const k of Object.keys(argv)) {
if (k === "_") continue
if (this.settings[k]) {
this.settings[k](argv[k])
} else {
throw new Error("unknown object " + k)
}
}
if (opt == "__autocompletes") {
for (const k of Object.keys(this.registry)) {
console.log(k)
}
return
}
if (opt && this.registry[opt]) await this.registry[opt]()
else {
console.log("Possible options: \n")
for (const k of Object.keys(this.registry)) {
console.log("-", k)
}
}
}
}
const action = new Cmd()
async function ping(hostname: string) {
return await $`ping -Anqc3 ${hostname}`.exitCode == 0
}
class Machine {
name: string;
hasHome: boolean = false;
hostname?: string;
constructor({name = "", hasHome = false, hostname}: {name?: string, hasHome?: boolean, hostname?: string}) {
this.name = name
this.hasHome = hasHome
this.hostname = hostname
// name can be set later
}
isLocal() {
return os.hostname() == this.name
}
get attr(): Expression {
return new Expression(`.#nixosConfigurations.${this.name}.toplevel`)
}
private async sshTarget() {
if (this.isLocal()) return "localhost"
if (this.hostname && await ping(this.hostname)) {
return this.hostname
} else {
// todo: directify
return `${this.name}.home.yori.cc`
}
}
async findIP(): Promise<typeof Machine.prototype.ssh> {
const host = await this.sshTarget()
return <R>(user?: string, cb?: () => Promise<R>): Promise<SSH|R> => {
const sshTarget = user ? `${user}@${host}` : host
if (cb !== undefined) return ssh(sshTarget, cb)
return ssh(sshTarget)
}
}
ssh(user?: string): Promise<SSH>
ssh<R>(user?: string, cb?: () => Promise<R>): Promise<R>
async ssh<R>(user?: string, cb?: () => Promise<R>) {
return (await this.findIP())(user, cb)
}
get targets() {
if (this.hasHome) return [this.attr, Home]
else return [this.attr]
}
}
const machines = {
frumar: new Machine({hostname: "frumar.home.yori.cc"}),
pennyworth: new Machine({hostname: "pennyworth.yori.cc"}),
blackadder: new Machine({hasHome: true}),
jarvis: new Machine({hasHome: true}),
smithers: new Machine({hasHome: true}),
}
for (const [name, machine] of Object.entries(machines))
machine.name = name
function cmd(target: { _commands?: string[] }, propertyKey: string, _descriptor: PropertyDescriptor): void {
if (target._commands == undefined) target._commands = []
target._commands.push(propertyKey)
}
class MachineInterface {
_commands?: string[]
constructor(public machine: Machine) {
// hack:
delete this._commands
}
set(props: Dictionary<string | boolean | number>) {
console.log("setting", props)
Object.assign(this.machine, props)
}
@cmd
async ssh() {
(await this.machine.ssh()).interactive()
}
@cmd
gc() {
return this.machine.ssh("root", () => $`nix-collect-garbage -d`)
}
@cmd
eval() {
return Promise.all(this.machine.targets.map(x => x.derive()))
}
@cmd
build() {
return Promise.all(this.machine.targets.map(x => x.build()))
}
@cmd
status() {
return this.machine.ssh(undefined, async () => {
await $`systemctl is-system-running`
await $`zpool status -x`
await $`realpath /run/current-system /nix/var/nix/profiles/system`
})
}
@cmd
async copy() {
const machineSSH = await this.machine.findIP()
const outputs = (await Promise.all(this.machine.targets.map(x => x.build().then(Object.values)))).flat()
if (this.machine.isLocal()) {
console.log("skipping copy, is localhost")
return
}
const conn = await machineSSH()
await Promise.all(Object.values(outputs).map(x => x.copy(conn)))
// machine.toplevel.buildAndCopy(machine.ssh)
// Home.buildAndCopy(machine.ssh)
}
@cmd
async "boot-deploy"() {
const machineSSH = await this.machine.findIP()
const path = (await this.machine.attr.build()).out
if (!this.machine.isLocal()) {
const conn = await machineSSH()
await path.copy(conn)
}
// machine.toplevel.buildAndCopy(machine.ssh)
// machine.ssh.within(machine.toplevel.activate("boot"))
await machineSSH("root", async () => {
await $`nix-env -p /nix/var/nix/profiles/system --set ${path.path}`
await $`${path.path as string}/bin/switch-to-configuration boot`
})
}
@cmd
async "switch"() {
const machineSSH = await this.machine.findIP()
const path = (await this.machine.attr.build()).out
if (!this.machine.isLocal()) {
const conn = await machineSSH()
await path.copy(conn)
}
const new_kernel = (await $`readlink ${path.path}/kernel`).stdout
await machineSSH("root", async () => {
const old_kernel = (await $`readlink /run/booted-system/kernel`).stdout
if (new_kernel !== old_kernel) {
console.error(`[${this.machine.name}] requires reboot because of kernel update`)
process.exit(1)
}
await $`nix-env -p /nix/var/nix/profiles/system --set ${path.path}`
await $`${path.path}/bin/switch-to-configuration switch`
})
}
}
class MachineInterfaceHome extends MachineInterface {
@cmd
async "update-home"() {
const new_path = (await Home.build()).out
if (this.machine.isLocal()) {
await $`${new_path.path}/activate`
} else {
const conn = await this.machine.ssh()
await new_path.copy(conn)
await conn.within(() => $`${new_path.path}/activate`)
}
}
}
for (const machine of Object.values(machines)) {
action.registerAll(machine.name, machine.hasHome ? new MachineInterfaceHome(machine) : new MachineInterface(machine))
}
action.register("all", "build", async () => {
console.log(await (new Expression(".#")).build())
})
const Home = new Expression(".#yorick-home")
action.register("home", "build", async () => {
console.log(await Home.build())
})
action.register("home", "eval", async () => {
console.log(await Home.derive())
})
action.register("local", "boot-deploy", async () => {
await action.registry[`${os.hostname()}.boot-deploy`]()
})
action.register("local", "status", async () => {
await action.registry[`${os.hostname()}.status`]()
})
await action.run()

137
deployer/nix.ts
View file

@ -1,137 +0,0 @@
import 'zx/globals';
import { SSH } from './ssh.js'
type DrvPath = string
type OutPath = string
type NixPath = DrvPath | OutPath
type ShownDerivation = {
args: Array<string>,
builder: string,
env: Record<string, string>,
inputDrvs: Record<DrvPath, string[]>,
inputSrcs: Array<OutPath>,
outputs: Record<string, { path: OutPath }>,
system: "x86-64_linux"
};
type ShowDerivationOutput = Record<DrvPath, ShownDerivation>
type OutputSpec<R> = { out: R } & Record<string, R>
type BuildOutput = {
drvPath: DrvPath,
outputs: OutputSpec<OutPath>,
startTime?: number,
stopTime?: number
}
export class Expression {
expr: string
constructor(expr: string) {
this.expr = expr
}
async derive(): Promise<Derivation> {
const {drvPath} = await nix.derive(this.expr)
const drv = await nix.showDerivation(drvPath)
return new Derivation(drvPath, drv[drvPath])
}
async build(): Promise<OutputSpec<BuiltOutput>> {
const outputs = await nix.build(this.expr)
const drvMetaJson = await nix.showDerivation(outputs.drvPath)
const [drvPath, drvMeta] = Object.entries(drvMetaJson)[0]
const drv = new Derivation(drvPath, drvMeta)
const ret: Record<string, BuiltOutput> = {}
for (const [k, v] of Object.entries(outputs.outputs)) {
ret[k] = new BuiltOutput(v, drv)
}
return Object.assign(ret, { out: ret.out })
}
}
export class Derivation {
path: string
//outputs?: Array<BuiltOutput>
meta: ShownDerivation
constructor(path: string, meta: ShownDerivation) {
this.path = path
this.meta = meta
}
async build(): Promise<{out: BuiltOutput} & Array<BuiltOutput>> {
const outputs: BuildOutput = await nix.build(this.path)
const ret = Object.values(outputs.outputs).map(x => new BuiltOutput(x, this))
return Object.assign(ret, { out: new BuiltOutput(this.meta.outputs.out.path, this) })
}
}
export class BuiltOutput {
path: string
drv: Derivation
constructor(path: string, drv: Derivation) {
this.path = path
this.drv = drv
}
async copy(target: SSH): Promise<void> {
return nix.copy(this.path, target)
}
}
function dedupe<A, B, Rest extends any[]>(fn: (xs: A[], ...rest: Rest) => Promise<B[]>):
{ (x: A, ...rest: Rest): Promise<B>; (x: A[], ...rest: Rest): Promise<B[]>; } {
type QueueEntry = {
x: A,
resolve: (res: B) => void,
reject: (err: any) => void
}
const queues = new Map<string, QueueEntry[]>()
function inner(x: A, ...rest: Rest): Promise<B>
function inner(x: A[], ...rest: Rest): Promise<B[]>
function inner(x: A | A[], ...rest: Rest) {
// todo: also dedupe array results
if (Array.isArray(x)) return fn(x, ...rest)
// map queue by rest
const stringified = JSON.stringify(rest)
const had = queues.has(stringified)
const queue = queues.get(stringified) || []
const ret = new Promise<B>((resolve, reject) => {
queue.push({x, resolve, reject})
})
if (!had) {
queues.set(stringified, queue)
setImmediate(() => {
queues.delete(stringified)
fn(queue.map(({x}) => x), ...rest)
.then(results => {
for (const [i, {resolve}] of queue.entries()) resolve(results[i])
})
.catch(e => {
for (const {reject} of queue) reject(e)
})
})
}
return ret
}
return inner
}
//function nixBuild(attr: string[]): Promise<BuildOutput[]>
//function nixBuild(attr: string): Promise<BuildOutput>
async function nixBuild(attr: string[]): Promise<BuildOutput[]> {
const tmp = (await $`mktemp -d`).stdout.trim()
process.on('exit', () => fs.removeSync(tmp))
const ret = JSON.parse((await $`nom build --json ${attr} -o ${tmp}/result`).stdout)
if (Array.isArray(attr)) return ret
return ret[0]
}
namespace nix {
export const build = dedupe(nixBuild)
export async function showDerivation(path: NixPath): Promise<ShowDerivationOutput> {
return JSON.parse((await $`nix show-derivation ${path}`.quiet()).stdout)
}
export const derive = dedupe(async (attr: string[]): Promise<BuildOutput[]> => {
return JSON.parse((await $`nom build --json --dry-run ${attr}`).stdout)
})
export const copy = dedupe(async (attrs: string[], target: SSH): Promise<void[]> => {
process.env.NIX_SSHOPTS = "-o compression=no";
await $`nix copy ${attrs} -s --to ssh://${target.host}`
return Array(attrs.length)
})
}

32
deployer/package.json
View file

@ -1,32 +0,0 @@
{
"name": "deployer",
"private": true,
"version": "1.0.0",
"description": "",
"main": "index.js",
"directories": {
"test": "test"
},
"type": "module",
"bin": {
"ydeployer": "./bin/ydeployer.js"
},
"scripts": {
"watch": "exec tsc --noEmit -w",
"start": "exec tsx ./index.ts",
"test": "echo \"Error: no test specified\" && exit 1",
"prepare": "exec tsup ./*.ts --dts --format esm"
},
"repository": {
"type": "git",
"url": "https://git.yori.cc/yorick/dotfiles"
},
"author": "",
"license": "ISC",
"dependencies": {
"tsup": "^6.7.0",
"tsx": "^3.12.2",
"typescript": "^4.9.4",
"zx": "^7.1.1"
}
}

13
deployer/package.nix
View file

@ -1,13 +0,0 @@
{ buildYarnPackage }:
buildYarnPackage {
src = ./.;
postBuild = ''
yarn install --production --ignore-scripts --prefer-offline
'';
postInstall = ''
rm $out/bin/yarn
sed -i '/^cd /d' $out/bin/ydeployer
'';
meta.mainProgram = "ydeployer";
passthru.exePath = "/bin/ydeployer";
}

102
deployer/ssh.ts
View file

@ -1,102 +0,0 @@
import 'zx/globals';
import { spawn, ChildProcess } from 'child_process'
import { Socket } from 'node:net'
async function promiseWithTimeout<T>(timeoutMs: number, promise: Promise<T>, failureMessage?: string) {
let timeoutHandle: NodeJS.Timeout | null = null
const timeoutPromise = new Promise<never>((_resolve, reject) => {
timeoutHandle = setTimeout(() => reject(new Error(failureMessage)), timeoutMs)
})
const result = await Promise.race([promise, timeoutPromise])
if (timeoutHandle) clearTimeout(timeoutHandle)
return result
}
const to_kill: ProcessPromise[] = []
// sad that I can't chain these
process.on("uncaughtException", err => {
console.error("uncaught exception", err)
console.log("killing", to_kill.length, "child processes")
for (const k of to_kill) if (k.child?.pid) process.kill(k.child.pid)
to_kill.length = 0
process.exit(1)
})
export function ssh(host: string): Promise<SSH>
export function ssh<R>(host: string, cb: () => Promise<R>): Promise<R>
export async function ssh<R>(host: string, cb?: () => Promise<R>) {
const ret = new SSH(host)
try {
await ($`ssh ${host} -O check`).quiet()
} catch (p) {
if (p instanceof ProcessOutput && p.exitCode == 255) {
console.log("Spawning ssh master")
const x = $`ssh ${host} -M -N -o Compression=no -o PermitLocalCommand=yes -o LocalCommand="echo connected"`
to_kill.push(x)
await promiseWithTimeout(60000, new Promise<void>((resolve, _reject) => {
x.stdout.on('data', (d: Buffer) => {
if (d.toString('utf8').trim() == "connected")
resolve()
})
}))
if (x.child) {
x.child.unref()
if (x.child.stderr instanceof Socket) x.child.stderr.unref()
if (x.child.stdout instanceof Socket) x.child.stdout.unref()
ret.child = x.child
process.on('beforeExit', () => {
ret.stop()
})
} else {
console.warn("Failed to spawn SSH master, but someone else did")
}
} else {
throw p
}
}
if (cb !== undefined) return ret.within(cb)
else return ret
}
export class SSH {
child?: ChildProcess | null;
constructor(public host: string) { }
within<R>(cb: () => Promise<R>): Promise<R> {
return within(async () => {
// todo: the default options.shell is set to local which.sync('bash')
// which doesn't neccesarily work on the remote
$.shell = "bash"
$.spawn = (command: string, options: any): any => {
const stdio = ["pipe", options.stdio[1], options.stdio[2]]
const proc: ChildProcess = spawn("ssh", [this.host, options.shell],
Object.assign({}, options, {shell: false, stdio}))
// todo: type safety
if (!proc.stdin) throw new Error("Failed to spawn input pipe")
proc.stdin.write(command + "; exit $?\n")
if (options.stdio[0] == 'inherit') process.stdin.pipe(proc.stdin)
return proc
}
$.log = (entry) => {
switch(entry.kind) {
case 'cmd':
if (entry.verbose) process.stderr.write(`[${this.host}] `)
break;
}
log(entry)
}
return cb()
})
}
interactive() {
$`ssh ${this.host}`
}
stop() {
if (this.child) {
$`ssh ${this.host} -O stop`
this.child = null
}
}
}

15
deployer/tsconfig.json
View file

@ -1,15 +0,0 @@
{
"compilerOptions": {
"module": "es2022",
"allowSyntheticDefaultImports": true,
"moduleResolution": "nodenext",
"target": "es2022",
"strict": true,
"experimentalDecorators": true
},
"files": [
"ssh.ts",
"nix.ts",
"index.ts",
]
}

1006
deployer/yarn.lock
View file

File diff suppressed because it is too large Load diff

9
emacs/emacs-custom.el
View file

@ -13,14 +13,7 @@
(:name "all mail" :query "*" :key "a") (:name "all mail" :query "*" :key "a")
(:name "inbox" :query "tag:inbox"))) (:name "inbox" :query "tag:inbox")))
'(safe-local-variable-values '(safe-local-variable-values
'((transient-values '((flycheck-gcc-language-standard . "c++11")
(magit-commit "--signoff"))
(magit-status-mode
(transient-values
(magit-commit "--signoff")))
(magit-commit-signoff quote t)
(magit-commit-signoff 't)
(flycheck-gcc-language-standard . "c++11")
(flycheck-clang-language-standard . "c++11") (flycheck-clang-language-standard . "c++11")
(c-block-comment-prefix . " ") (c-block-comment-prefix . " ")
(eval c-set-offset 'inlambda 0) (eval c-set-offset 'inlambda 0)

3
emacs/emacs.org
View file

@ -366,9 +366,6 @@ from https://vickychijwani.me/nuggets-from-my-emacs-part-i/
:config :config
;; use copilot ;; use copilot
(delq 'company-preview-if-just-one-frontend company-frontends)) (delq 'company-preview-if-just-one-frontend company-frontends))
(use-package company-box
;:hook (company-mode . company-box-mode)
)
#+END_SRC #+END_SRC
** Indentation ** Indentation
#+BEGIN_SRC emacs-lisp #+BEGIN_SRC emacs-lisp

10
esphome/.gitignore vendored
View file

@ -1,10 +0,0 @@
# Gitignore settings for ESPHome
# This is an example and may include too much for your use-case.
# You can modify this file to suit your needs.
/.esphome/
**/.pioenvs/
**/.piolibdeps/
**/lib/
**/src/
**/platformio.ini
/secrets.yaml

10
esphome/pvvx.yaml
View file

@ -1,10 +0,0 @@
platform: pvvx_mithermometer
mac_address: ${mac}
temperature:
name: "${name} temperature"
humidity:
name: "${name} humidity"
battery_level:
name: "${name} Battery-Level"
battery_voltage:
name: "${name} Battery-Voltage"

11
esphome/secrets.yaml.age
View file

@ -1,11 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvMXJHdFNZNVpBbHo4c0J6
cnlONGYyMlhLNG9yMTN4azgvWWFIQlJXMTJnCldmTlppNlY1KzVma2tLNS9XRW80
a04zaStaODZhU1JNREtpTWJobC9iRGcKLS0tIGkreVJLOVY5Z01WOXRwc0hKZUFU
V3FFU0pSVE1VU2JBZ3RFcElUemFuS2MK3mAi5/6HU+TfA9vaTWpB5pZPGw+F5Enq
iuCQKK6I5SCjoFfjOglTwte/2CqbNwgECV+TsDiAZDqSVBohW9eyxe8m9g2ioYLw
4wfiGo3j99ITNss6bNeisdhV5qsZW3o7RDxeTv3U03Tj102Q9ciY31Q7hzvQmZ3Z
280GrkxUdrwGe7JlWRDvqlmKZdOmi2GRQJ7KTkNIJSSIvv1rzQ3sWTenvUJAljul
LtzTkxV8SCOfVWeqZMvi1aBrc2r2rkE/a/TRqVBb7wFrvN7Uh1ZTst71tLG7EsyQ
qrncLc63Y8XgHQ3kdNE=
-----END AGE ENCRYPTED FILE-----

69
esphome/werkkamer.yaml
View file

@ -1,69 +0,0 @@
substitutions:
devicename: werkkamer
esphome:
name: ${devicename}
platform: ESP32
board: nodemcu-32s
wifi:
ssid: !secret wifi_ssid
password: !secret wifi_password
# Enable fallback hotspot (captive portal) in case wifi connection fails
ap:
ssid: "${devicename} Fallback Hotspot"
password: !secret fallback_password
captive_portal:
web_server:
prometheus:
esp32_ble_tracker:
uart:
- rx_pin: GPIO16
tx_pin: GPIO17
baud_rate: 9600
sensor:
- <<: !include
file: pvvx.yaml
vars:
mac: "A4:C1:38:70:C4:53"
name: "werkkamer"
- <<: !include
file: pvvx.yaml
vars:
name: "larswerk"
mac: "A4:C1:38:89:D8:C2"
- <<: !include
file: pvvx.yaml
vars:
name: "zolder"
mac: "A4:C1:38:F6:5C:72"
- platform: ble_rssi
mac_address: "E4:A8:DB:C1:F5:B9"
name: "Yoricks watch"
- platform: mhz19
co2:
name: "MH-Z19 CO2 Value"
temperature:
name: "MH-Z19 Temperature"
update_interval: 60s
automatic_baseline_calibration: false
id: mhz_19
# woonkamer: A4:C1:38:2B:03:1F (not enough power)
api:
services:
- service: mhz19_calibrate_zero
then:
- mhz19.calibrate_zero: mhz_19
# Enable logging
logger:
# Enable Home Assistant API
# api:
mqtt:
broker: 192.168.2.127
username: !secret mqtt_username
password: !secret mqtt_password
ota:

6
esphome/werkkamer/partitions.csv
View file

@ -1,6 +0,0 @@
nvs, data, nvs, 0x009000, 0x005000,
otadata, data, ota, 0x00e000, 0x002000,
app0, app, ota_0, 0x010000, 0x1C0000,
app1, app, ota_1, 0x1D0000, 0x1C0000,
eeprom, data, 0x99, 0x390000, 0x001000,
spiffs, data, spiffs, 0x391000, 0x00F000
1 nvs, data, nvs, 0x009000, 0x005000,
2 otadata, data, ota, 0x00e000, 0x002000,
3 app0, app, ota_0, 0x010000, 0x1C0000,
4 app1, app, ota_1, 0x1D0000, 0x1C0000,
5 eeprom, data, 0x99, 0x390000, 0x001000,
6 spiffs, data, spiffs, 0x391000, 0x00F000

18
fixups.nix
View file

@ -1,11 +1,13 @@
(pkgs: super: { (pkgs: super: {
dhcpcd = super.dhcpcd.overrideAttrs (o: rec { electrum = super.electrum.overrideAttrs (o: {
version = "10.0.8"; # todo: remove (194112)
src = pkgs.fetchFromGitHub { postPatch = ''
owner = "NetworkConfiguration"; # make compatible with protobuf4 by easing dependencies ...
repo = "dhcpcd"; substituteInPlace ./contrib/requirements/requirements.txt \
rev = "v${version}"; --replace "protobuf>=3.12,<4" "protobuf>=3.12"
sha256 = "sha256-kM+mdB7ul9NYHOEAJtp3M57M2MellrCoY/SaPWFLEpQ="; # ... and regenerating the paymentrequest_pb2.py file
}; protoc --python_out=. electrum/paymentrequest.proto
'';
}); });
}) })

914
flake.lock
View file

File diff suppressed because it is too large Load diff

65
flake.nix
View file

@ -1,43 +1,20 @@
{ {
description = "Yoricks dotfiles"; description = "Yoricks dotfiles";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
home-manager.url = "github:nix-community/home-manager/release-24.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
nixpkgs-mozilla.url = "github:mozilla/nixpkgs-mozilla"; nixpkgs-mozilla.url = "github:mozilla/nixpkgs-mozilla";
emacs-overlay.inputs.nixpkgs.follows = "nixpkgs"; emacs-overlay.inputs.nixpkgs.follows = "nixpkgs";
nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland"; nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland";
nixpkgs-wayland.inputs.nixpkgs.follows = "nixpkgs"; nixpkgs-wayland.inputs.nixpkgs.follows = "nixpkgs";
nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/master"; # todo: nixos-24.05 nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-21.05";
nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
nixos-mailserver.inputs.nixpkgs.follows = "nixpkgs"; nixos-mailserver.inputs.nixpkgs.follows = "nixpkgs";
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "nixpkgs"; agenix.inputs.nixpkgs.follows = "nixpkgs";
nix-index-database.url = "github:Mic92/nix-index-database";
nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
nix-npm-buildpackage.url = "github:serokell/nix-npm-buildpackage";
nix-npm-buildpackage.inputs.nixpkgs.follows = "nixpkgs";
yobot.url = "git+https://git.yori.cc/yorick/yobot.git";
attic = {
url = "github:zhaofengli/attic";
inputs = {
nixpkgs-stable.follows = "nixpkgs";
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
};
};
timesync = {
url = "github:datakami/timesync";
inputs.nixpkgs.follows = "nixpkgs";
};
fooocus.url = "path:./pkgs/fooocus";
dream2nix.url = "github:nix-community/dream2nix";
dream2nix.inputs.nixpkgs.follows = "nixpkgs";
}; };
outputs = inputs@{ nixpkgs, home-manager, nixpkgs-mozilla, emacs-overlay outputs = inputs@{ nixpkgs, home-manager, nixpkgs-mozilla, emacs-overlay
, nixpkgs-wayland, nixos-hardware, agenix, flake-utils , nixpkgs-wayland, nixpkgs-stable, nixos-hardware, agenix, flake-utils, self
, nix-index-database, nix-npm-buildpackage, timesync
, attic, dream2nix, yobot
, self
, ... }: , ... }:
(flake-utils.lib.eachSystem [ "x86_64-linux" ] (system: (flake-utils.lib.eachSystem [ "x86_64-linux" ] (system:
let pkgs = self.legacyPackages.${system}; let pkgs = self.legacyPackages.${system};
@ -47,7 +24,6 @@
allowUnfree = true; allowUnfree = true;
# chromium.vaapiSupport = true; # chromium.vaapiSupport = true;
android_sdk.accept_license = true; android_sdk.accept_license = true;
permittedInsecurePackages = [];
}; };
inherit system; inherit system;
overlays = [ self.overlays.default ]; overlays = [ self.overlays.default ];
@ -68,7 +44,6 @@
inherit pkgs; inherit pkgs;
modules = [ modules = [
./home-manager/home.nix ./home-manager/home.nix
nix-index-database.hmModules.nix-index
{ {
home = { home = {
username = "yorick"; username = "yorick";
@ -79,22 +54,6 @@
]; ];
}; };
devShells.default = pkgs.mkShell {
buildInputs = with pkgs; [
y-deployer
pkgs.agenix
];
};
devShells.deployer = pkgs.mkShell {
buildInputs = with pkgs; [
yarn
nodePackages.typescript-language-server
];
};
apps.default = flake-utils.lib.mkApp {
drv = pkgs.y-deployer;
};
# updater script for home profile # updater script for home profile
# works around https://github.com/nix-community/home-manager/issues/2848 # works around https://github.com/nix-community/home-manager/issues/2848
apps.update-home = flake-utils.lib.mkApp { apps.update-home = flake-utils.lib.mkApp {
@ -110,20 +69,20 @@
}; };
})) // { })) // {
overlays.default = nixpkgs.lib.composeManyExtensions [ overlays.default = nixpkgs.lib.composeManyExtensions [
#nixpkgs-wayland.overlay nixpkgs-wayland.overlay
nixpkgs-mozilla.overlay #nixpkgs-mozilla.overlay
emacs-overlay.overlay emacs-overlay.overlay
agenix.overlays.default agenix.overlay
attic.overlays.default
(import ./fixups.nix) (import ./fixups.nix)
(import ./pkgs) (import ./pkgs)
(import ./pkgs/mdr.nix) (import ./pkgs/mdr.nix)
(final: prev: { (final: prev: {
nixpkgs-stable = import nixpkgs-stable {
system = prev.stdenv.system;
config = { };
overlays = [ ];
};
flake-inputs = inputs; flake-inputs = inputs;
nix-npm-buildpackage = nix-npm-buildpackage.legacyPackages."${final.system}";
fooocus = inputs.fooocus.packages.${final.system}.default;
inherit (nixpkgs-wayland.packages.${final.system}) wldash;
}) })
(import ./nixos/overlay.nix) (import ./nixos/overlay.nix)
]; ];

520
home-manager/accounts-email.nix
View file

@ -1,520 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.accounts.email;
gpgModule = types.submodule {
options = {
key = mkOption {
type = types.str;
description = ''
The key to use as listed in <command>gpg --list-keys</command>.
'';
};
signByDefault = mkOption {
type = types.bool;
default = false;
description = "Sign messages by default.";
};
encryptByDefault = mkOption {
type = types.bool;
default = false;
description = "Encrypt outgoing messages by default.";
};
};
};
signatureModule = types.submodule {
options = {
text = mkOption {
type = types.str;
default = "";
example = ''
--
Luke Skywalker
May the force be with you.
'';
description = ''
Signature content.
'';
};
delimiter = mkOption {
type = types.str;
default = ''
--
'';
example = literalExpression ''
~*~*~*~*~*~*~*~*~*~*~*~
'';
description = ''
The delimiter used between the document and the signature.
'';
};
command = mkOption {
type = with types; nullOr path;
default = null;
example = literalExpression ''
pkgs.writeScript "signature" "echo This is my signature"
'';
description = "A command that generates a signature.";
};
showSignature = mkOption {
type = types.enum [ "append" "attach" "none" ];
default = "none";
description = "Method to communicate the signature.";
};
};
};
tlsModule = types.submodule {
options = {
enable = mkOption {
type = types.bool;
default = true;
description = ''
Whether to enable TLS/SSL.
'';
};
useStartTls = mkOption {
type = types.bool;
default = false;
description = ''
Whether to use STARTTLS.
'';
};
certificatesFile = mkOption {
type = types.nullOr types.path;
default = config.accounts.email.certificatesFile;
defaultText = "config.accounts.email.certificatesFile";
description = ''
Path to file containing certificate authorities that should
be used to validate the connection authenticity. If
<literal>null</literal> then the system default is used.
Note, if set then the system default may still be accepted.
'';
};
};
};
imapModule = types.submodule {
options = {
host = mkOption {
type = types.str;
example = "imap.example.org";
description = ''
Hostname of IMAP server.
'';
};
port = mkOption {
type = types.nullOr types.port;
default = null;
example = 993;
description = ''
The port on which the IMAP server listens. If
<literal>null</literal> then the default port is used.
'';
};
tls = mkOption {
type = tlsModule;
default = { };
description = ''
Configuration for secure connections.
'';
};
};
};
jmapModule = types.submodule {
options = {
host = mkOption {
type = types.nullOr types.str;
default = null;
example = "jmap.example.org";
description = ''
Hostname of JMAP server.
</para><para>
If both this option and <xref
linkend="opt-accounts.email.accounts._name_.jmap.sessionUrl"/> are specified,
<code>host</code> is preferred by applications when establishing a
session.
'';
};
sessionUrl = mkOption {
type = types.nullOr types.str;
default = null;
example = "https://jmap.example.org:443/.well-known/jmap";
description = ''
URL for the JMAP Session resource.
</para><para>
If both this option and <xref
linkend="opt-accounts.email.accounts._name_.jmap.host"/> are specified,
<code>host</code> is preferred by applications when establishing a
session.
'';
};
};
};
smtpModule = types.submodule {
options = {
host = mkOption {
type = types.str;
example = "smtp.example.org";
description = ''
Hostname of SMTP server.
'';
};
port = mkOption {
type = types.nullOr types.port;
default = null;
example = 465;
description = ''
The port on which the SMTP server listens. If
<literal>null</literal> then the default port is used.
'';
};
tls = mkOption {
type = tlsModule;
default = { };
description = ''
Configuration for secure connections.
'';
};
};
};
maildirModule = types.submodule ({ config, ... }: {
options = {
path = mkOption {
type = types.str;
description = ''
Path to maildir directory where mail for this account is
stored. This is relative to the base maildir path.
'';
};
absPath = mkOption {
type = types.str;
default = "${cfg.maildirBasePath}/${config.path}";
description = ''
A convenience option whose value is the absolute path of
this maildir.
'';
};
};
});
mailAccountOpts = { name, config, ... }: {
options = {
name = mkOption {
type = types.str;
readOnly = true;
description = ''
Unique identifier of the account. This is set to the
attribute name of the account configuration.
'';
};
primary = mkOption {
type = types.bool;
default = false;
description = ''
Whether this is the primary account. Only one account may be
set as primary.
'';
};
flavor = mkOption {
type = types.enum [
"plain"
"gmail.com"
"runbox.com"
"fastmail.com"
"yandex.com"
"outlook.office365.com"
];
default = "plain";
description = ''
Some email providers have peculiar behavior that require
special treatment. This option is therefore intended to
indicate the nature of the provider.
</para><para>
When this indicates a specific provider then, for example,
the IMAP, SMTP, and JMAP server configuration may be set
automatically.
'';
};
address = mkOption {
type = types.strMatching ".*@.*";
example = "jane.doe@example.org";
description = "The email address of this account.";
};
aliases = mkOption {
type = types.listOf (types.strMatching ".*@.*");
default = [ ];
example = [ "webmaster@example.org" "admin@example.org" ];
description = "Alternative email addresses of this account.";
};
realName = mkOption {
type = types.str;
example = "Jane Doe";
description = "Name displayed when sending mails.";
};
userName = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The server username of this account. This will be used as
the SMTP, IMAP, and JMAP user name.
'';
};
passwordCommand = mkOption {
type = types.nullOr (types.either types.str (types.listOf types.str));
default = null;
apply = p: if isString p then splitString " " p else p;
example = "secret-tool lookup email me@example.org";
description = ''
A command, which when run writes the account password on
standard output.
'';
};
folders = mkOption {
type = types.submodule {
options = {
inbox = mkOption {
type = types.str;
default = "Inbox";
description = ''
Relative path of the inbox mail.
'';
};
sent = mkOption {
type = types.nullOr types.str;
default = "Sent";
description = ''
Relative path of the sent mail folder.
'';
};
drafts = mkOption {
type = types.nullOr types.str;
default = "Drafts";
description = ''
Relative path of the drafts mail folder.
'';
};
trash = mkOption {
type = types.str;
default = "Trash";
description = ''
Relative path of the deleted mail folder.
'';
};
};
};
default = { };
description = ''
Standard email folders.
'';
};
imap = mkOption {
type = types.nullOr imapModule;
default = null;
description = ''
The IMAP configuration to use for this account.
'';
};
jmap = mkOption {
type = types.nullOr jmapModule;
default = null;
description = ''
The JMAP configuration to use for this account.
'';
};
signature = mkOption {
type = signatureModule;
default = { };
description = ''
Signature configuration.
'';
};
gpg = mkOption {
type = types.nullOr gpgModule;
default = null;
description = ''
GPG configuration.
'';
};
smtp = mkOption {
type = types.nullOr smtpModule;
default = null;
description = ''
The SMTP configuration to use for this account.
'';
};
maildir = mkOption {
type = types.nullOr maildirModule;
defaultText = { path = "\${name}"; };
description = ''
Maildir configuration for this account.
'';
};
};
config = mkMerge [
{
name = name;
maildir = mkOptionDefault { path = "${name}"; };
}
(mkIf (config.flavor == "yandex.com") {
userName = mkDefault config.address;
imap = {
host = "imap.yandex.com";
port = 993;
tls.enable = true;
};
smtp = {
host = "smtp.yandex.com";
port = 465;
tls.enable = true;
};
})
(mkIf (config.flavor == "outlook.office365.com") {
userName = mkDefault config.address;
imap = {
host = "outlook.office365.com";
port = 993;
tls.enable = true;
};
smtp = {
host = "smtp.office365.com";
port = 587;
tls = {
enable = true;
useStartTls = true;
};
};
})
(mkIf (config.flavor == "fastmail.com") {
userName = mkDefault config.address;
imap = {
host = "imap.fastmail.com";
port = 993;
};
smtp = {
host = "smtp.fastmail.com";
port = if config.smtp.tls.useStartTls then 587 else 465;
};
jmap = {
host = "fastmail.com";
sessionUrl = "https://jmap.fastmail.com/.well-known/jmap";
};
})
(mkIf (config.flavor == "gmail.com") {
userName = mkDefault config.address;
imap = {
host = "imap.gmail.com";
port = 993;
};
smtp = {
host = "smtp.gmail.com";
port = if config.smtp.tls.useStartTls then 587 else 465;
};
})
(mkIf (config.flavor == "runbox.com") {
imap = { host = "mail.runbox.com"; };
smtp = { host = "mail.runbox.com"; };
})
];
};
in {
options.accounts.email = {
certificatesFile = mkOption {
type = types.nullOr types.path;
default = "/etc/ssl/certs/ca-certificates.crt";
description = ''
Path to default file containing certificate authorities that
should be used to validate the connection authenticity. This
path may be overridden on a per-account basis.
'';
};
maildirBasePath = mkOption {
type = types.str;
default = "${config.home.homeDirectory}/Maildir";
defaultText = "$HOME/Maildir";
apply = p:
if hasPrefix "/" p then p else "${config.home.homeDirectory}/${p}";
description = ''
The base directory for account maildir directories. May be a
relative path, in which case it is relative the home
directory.
'';
};
accounts = mkOption {
type = types.attrsOf (types.submodule mailAccountOpts);
default = { };
description = "List of email accounts.";
};
};
config = mkIf (cfg.accounts != { }) {
assertions = [
(let
primaries =
catAttrs "name" (filter (a: a.primary) (attrValues cfg.accounts));
in {
assertion = length primaries == 1;
message = "Must have exactly one primary mail account but found "
+ toString (length primaries) + optionalString (length primaries > 1)
(", namely " + concatStringsSep ", " primaries);
})
];
};
}

91
home-manager/desktop.nix
View file

@ -1,9 +1,17 @@
{ lib, pkgs, options, ... }: { lib, pkgs, options, ... }:
let let
bin = pkgs.callPackage ../bin { }; bin = pkgs.callPackage ../bin { };
fixed_slack = pkgs.slack.override {
xdg-utils = pkgs.xdg-utils.overrideAttrs (o: {
buildInputs = (o.buildInputs or []) ++ [ pkgs.makeWrapper ];
postInstall = o.postInstall + ''
wrapProgram "$out/bin/xdg-open" --unset GDK_BACKEND
'';
});
};
bg = { bg = {
xps9360 = "/home/yorick/wp/thorns__4k__by_kasperja-daqi5g7.jpg fill"; xps9360 = "/home/yorick/wp/thorns__4k__by_kasperja-daqi5g7.jpg fill";
desktop = "/home/yorick/wp/leonid5-high.webp fill"; desktop = "/home/yorick/wp/beyond-4k-2560×1440.jpg fill";
x11carbon = "/home/yorick/wp/lawn_forest_mountains_144578_3840x2400.jpg fill"; x11carbon = "/home/yorick/wp/lawn_forest_mountains_144578_3840x2400.jpg fill";
}; };
in { in {
@ -14,26 +22,20 @@ in {
onChange = "systemctl --user restart waybar"; onChange = "systemctl --user restart waybar";
}; };
systemd.user.services.waybar.Service.Environment = [ systemd.user.services.waybar.Service.Environment = [
"PATH=${lib.makeBinPath (with pkgs; [ pavucontrol xdg-utils bin.y-cal-widget playerctl bluez gnugrep bash systemd chromium ])}" "PATH=${lib.makeBinPath (with pkgs; [ pavucontrol xdg-utils bin.y-cal-widget playerctl bluez gnugrep bash ])}"
]; ];
programs.waybar = { programs.waybar = {
enable = true; enable = true;
style = ./waybar.css; style = ./waybar.css;
systemd.enable = true; systemd.enable = true;
}; };
services.mako = { programs.mako = {
enable = true; enable = true;
defaultTimeout = 60 * 1000; # ms defaultTimeout = 60 * 1000; # ms
height = 200;
extraConfig = ''
[mode=do-not-disturb]
invisible=1
'';
}; };
services.gpg-agent.pinentryPackage = pkgs.pinentry.gnome3; services.gpg-agent.pinentryFlavor = "gnome3";
wayland.windowManager.sway = { wayland.windowManager.sway = {
enable = true; enable = true;
checkConfig = false; # looks for wallpapers
config = { config = {
bars = [ ]; bars = [ ];
gaps.inner = 5; gaps.inner = 5;
@ -59,8 +61,8 @@ in {
"exec --no-startup-id bash /home/yorick/dotfiles/bin/invert.sh"; "exec --no-startup-id bash /home/yorick/dotfiles/bin/invert.sh";
#"${mod}+ctrl+l" = "exec --no-startup-id loginctl lock-session"; #"${mod}+ctrl+l" = "exec --no-startup-id loginctl lock-session";
"${mod}+ctrl+l" = "${mod}+ctrl+l" =
"exec --no-startup-id \"playerctl -a pause; (bluetoothctl disconnect 88:C9:E8:AD:73:E8 &) && sleep 1s && pkill -USR1 swayidle\""; "exec --no-startup-id \"playerctl -a pause; (bluetoothctl disconnect 94:DB:56:79:7D:86 &) && sleep 1s && pkill -USR1 swayidle\"";
"${mod}+Return" = "exec alacritty msg create-window || alacritty"; "${mod}+Return" = "exec alacritty";
"${mod}+Escape" = "workspace back_and_forth"; "${mod}+Escape" = "workspace back_and_forth";
"${mod}+0" = "workspace 10"; "${mod}+0" = "workspace 10";
"${mod}+Shift+0" = "move container to workspace 10"; "${mod}+Shift+0" = "move container to workspace 10";
@ -82,8 +84,7 @@ in {
"XF86AudioMute" = exec alsa-utils "amixer set Master toggle"; "XF86AudioMute" = exec alsa-utils "amixer set Master toggle";
"XF86AudioPause" = "exec playerctl pause"; "XF86AudioPause" = "exec playerctl pause";
"XF86AudioPlay" = "exec playerctl play"; "XF86AudioPlay" = "exec playerctl play";
"${mod}+Shift+s" = exec bin.screenshot_public "screenshot_public"; "${mod}+Shift+s" = exec bin.screenshot_public "screenshot_public >> ~/screenshot-public.log";
"${mod}+Ctrl+Shift+s" = exec pkgs.sway-contrib.grimshot "grimshot --notify copy anything";
"Print" = exec bin.screenshot_public "screenshot_public"; "Print" = exec bin.screenshot_public "screenshot_public";
"${mod}+Shift+t" = "${mod}+Shift+t" =
"exec --no-startup-id /home/yorick/dotfiles/bin/toggle_solarized.sh"; "exec --no-startup-id /home/yorick/dotfiles/bin/toggle_solarized.sh";
@ -108,21 +109,16 @@ in {
output."Sharp Corporation 0x144A Unknown".bg = bg.xps9360; output."Sharp Corporation 0x144A Unknown".bg = bg.xps9360;
# desk # desk
output."HYC CO., LTD. DUAL-DVI Unknown" = {
position = "0 0";
bg = bg.desktop;
max_render_time = "4";
};
output."HYC CO., LTD. Unknown" = { output."HYC CO., LTD. Unknown" = {
position = "0 0"; position = "0 0";
bg = bg.desktop; bg = bg.desktop;
max_render_time = "4"; max_render_time = "4";
}; };
output."HYC CO., LTD. DUAL-DVI" = { output."HYC CO., LTD. " = {
position = "0 0"; position = "0 0";
bg = bg.desktop; bg = bg.desktop;
}; };
output."BNQ BenQ GW2765 36H03689019" = { output."BenQ Corporation BenQ GW2765 36H03689019" = {
position = "2560 0"; position = "2560 0";
bg = bg.desktop; bg = bg.desktop;
max_render_time = "4"; max_render_time = "4";
@ -130,7 +126,7 @@ in {
# x11 carbon # x11 carbon
input."2:10:TPPS/2_Elan_TrackPoint".accel_profile = "flat"; input."2:10:TPPS/2_Elan_TrackPoint".accel_profile = "flat";
output."California Institute of Technology 0x1403".bg = bg.x11carbon; output."California Institute of Technology 0x1403 Unknown".bg = bg.x11carbon;
input."1739:30383:DLL075B:01_06CB:76AF_Touchpad" = { input."1739:30383:DLL075B:01_06CB:76AF_Touchpad" = {
natural_scroll = "enabled"; natural_scroll = "enabled";
tap = "enabled"; tap = "enabled";
@ -150,10 +146,6 @@ in {
criteria.app_id = "emacs"; criteria.app_id = "emacs";
command = "opacity 0.95"; command = "opacity 0.95";
} }
{
criteria.title = "Firefox Sharing Indicator";
command = "floating enable";
}
]; ];
startup = [ startup = [
{ command = "mako"; } { command = "mako"; }
@ -163,15 +155,20 @@ in {
} }
]; ];
}; };
systemd.enable = true; systemdIntegration = true;
# fix pinentry-gnome3 # fix pinentry-gnome3
extraConfig = '' extraConfig = ''
include /etc/sway/config.d/* include /etc/sway/config.d/*
''; '';
}; };
programs.firefox.enable = true; programs.firefox = {
enable = true;
package = pkgs.wrapFirefox pkgs.firefox-bin.unwrapped {
forceWayland = true;
applicationName = "firefox";
};
};
home.sessionVariables = { home.sessionVariables = {
MOZ_USE_XINPUT2 = "1"; MOZ_USE_XINPUT2 = "1";
MOZ_ENABLE_WAYLAND = "1"; MOZ_ENABLE_WAYLAND = "1";
@ -184,21 +181,6 @@ in {
XCURSOR_THEME = "Adwaita"; XCURSOR_THEME = "Adwaita";
XCURSOR_PATH = "${pkgs.gnome.adwaita-icon-theme}/share/icons"; XCURSOR_PATH = "${pkgs.gnome.adwaita-icon-theme}/share/icons";
XDG_CURRENT_DESKTOP = "sway"; XDG_CURRENT_DESKTOP = "sway";
#NIXOS_OZONE_WL = "1";
};
systemd.user.services.wayland-push-to-talk-fix = let
kbd = "/dev/input/by-id/usb-Kinesis_Advantage2_Keyboard_314159265359-if01-event-kbd";
in {
Unit.ConditionPathExists = kbd;
Install.WantedBy = [ "graphical-session.target" ];
Unit = {
PartOf = [ "graphical-session.target" ];
After = [ "graphical-session.target" ];
};
Service = {
ExecStart = "${pkgs.wayland-push-to-talk-fix}/bin/wayland-push-to-talk-fix ${kbd} -k KEY_LEFTALT -n Alt_L";
Restart = "on-failure";
};
}; };
# todo: use home-manager unit # todo: use home-manager unit
systemd.user.services.gmi = { systemd.user.services.gmi = {
@ -236,15 +218,6 @@ in {
# ''; # '';
# }; # };
# }; # };
services.kdeconnect = {
enable = true;
indicator = true;
};
programs.obs-studio = {
enable = true;
plugins = [ pkgs.obs-studio-plugins.wlrobs ];
};
# systemd.user.services.kdeconnect-indicator.Unit.After = [ "waybar.service" ];
home.packages = with pkgs; [ home.packages = with pkgs; [
gtk-engine-murrine gtk-engine-murrine
hicolor-icon-theme hicolor-icon-theme
@ -258,9 +231,11 @@ in {
libwebp libwebp
gebaar-libinput gebaar-libinput
grim grim
element-desktop element-desktop-wayland
libreoffice libreoffice
slack obs-studio
obs-wlrobs
fixed_slack
slurp slurp
sway-contrib.grimshot sway-contrib.grimshot
swaybg swaybg
@ -272,11 +247,5 @@ in {
wldash wldash
# zoom-us # zoom-us
bin.y-cal-widget bin.y-cal-widget
obsidian
#xwaylandvideobridge
]; ];
xdg.configFile."alacritty/alacritty.toml" = {
source = ../alacritty/alacritty.toml;
};
} }

15
home-manager/emacs.nix
View file

@ -1,24 +1,24 @@
{ lib, config, options, pkgs, ... }: let { lib, config, options, pkgs, ... }: let
epkgs = pkgs.emacsPackagesFor pkgs.emacs-unstable-pgtk; epkgs = pkgs.emacsPackagesFor pkgs.emacsPgtkNativeComp;
in { in {
programs.emacs = { programs.emacs = {
enable = true; enable = true;
package = pkgs.emacs29-pgtk; package = pkgs.emacsPgtkNativeComp;
extraConfig = '' extraConfig = ''
(setq copilot-node-executable "${pkgs.nodejs-slim-18_x}/bin/node") (setq copilot-node-executable "${pkgs.nodejs-slim-16_x}/bin/node")
(setq lsp-nix-server-path "${pkgs.nil}/bin/nil") (setq lsp-nix-server-path "${pkgs.nil}/bin/nil")
''; '';
overrides = final: prev: { overrides = final: prev: {
copilot = final.melpaBuild rec { copilot = final.melpaBuild rec {
pname = "copilot"; pname = "copilot";
version = "20231220"; version = "20220916.1";
commit = "d4fa14cea818e041b4a536c5052cf6d28c7223d7"; commit = "f316299bab75a380ee04e7ca49c79baf0fb296d6";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "zerolfx"; owner = "zerolfx";
repo = "copilot.el"; repo = "copilot.el";
rev = commit; rev = commit;
hash = "sha256-Tzs0Dawqa+OD0RSsf66ORbH6MdBp7BMXX7z+5UuNwq4="; sha256 = "sha256-n4bXnlNfCC00jVeODUlqZNThf7i8rj69zzMMfXBy8tk=";
}; };
packageRequires = with final; [ dash editorconfig s ]; packageRequires = with final; [ dash editorconfig s ];
@ -35,11 +35,9 @@ in {
}; };
extraPackages = p: extraPackages = p:
(with p; [ (with p; [
treesit-grammars.with-all-grammars
all-the-icons all-the-icons
avy avy
company company
company-box
counsel counsel
counsel-projectile counsel-projectile
copilot copilot
@ -64,7 +62,6 @@ in {
lua-mode lua-mode
linum-relative linum-relative
lsp-haskell lsp-haskell
lsp-pyright
lsp-ivy lsp-ivy
lsp-mode lsp-mode
lsp-ui lsp-ui

56
home-manager/email.nix
View file

@ -1,56 +0,0 @@
{ lib, pkgs, options, config, ... }:
{
imports = [./accounts-email.nix];
disabledModules = ["accounts/email.nix"];
config = {
programs.neomutt = {
enable = true;
settings = {
auto_tag = "yes";
crypt_reply_sign = "yes";
delete = "ask-yes";
imap_passive = "no";
mail_check = "60";
sort_aux = "reverse-last-date-received";
sort_browser = "date";
edit_headers = "yes";
implicit_autoview = "no";
};
binds = [
{ map = [ "index" ]; key = "G"; action = "imap-fetch-mail"; }
{ map = [ "pager" ]; key = "<up>"; action = "previous-line"; }
{ map = [ "pager" ]; key = "<down>"; action = "next-line"; }
];
extraConfig = "source ${./mutt-colors}";
};
xdg.configFile."neomutt/neomuttrc".text = lib.mkBefore ''
set imap_user = "yorick@yori.cc"
set imap_pass = "`pass sysadmin/yori.ccMail | head -n1`"
'';
accounts.email.accounts = {
yori-cc = rec {
primary = true;
userName = "yorick@yori.cc";
passwordCommand = "pass sysadmin/yori.ccMail | head -n1";
realName = "Yorick van Pelt";
address = "Yorick van Pelt <yorick@yorickvanpelt.nl>";
imap.host = "pennyworth.yori.cc";
smtp.host = "pennyworth.yori.cc";
gpg.key = "6EFD1053ADB6ABF50DF64792A36E70F9DC014A15";
neomutt.enable = true;
neomutt.extraMailboxes = [ "Archive" "Sent" "Spam" "Trash" ];
neomutt.extraConfig = ''
set pgp_sign_as = "${gpg.key}"
'';
maildir.absPath = "imaps://pennyworth.yori.cc";
folders = {
inbox = "INBOX";
trash = "Archive";
};
};
};
};
}

62
home-manager/home.nix
View file

@ -5,16 +5,18 @@ let
TF_SHELL = shell; TF_SHELL = shell;
HOME = "/build"; HOME = "/build";
} "${pkgs.thefuck}/bin/thefuck -a > $out"; } "${pkgs.thefuck}/bin/thefuck -a > $out";
headphones = "88:C9:E8:AD:73:E8";
in { in {
imports = [ ./desktop.nix ./emacs.nix ./lumi.nix ./email.nix ]; imports = [ ./desktop.nix ./emacs.nix ./lumi.nix ];
programs = { programs = {
nix-index.enable = true; nix-index.enable = true;
starship = {
enable = true;
settings.nix_shell.disabled = false;
};
# todo: .aws/config default region # todo: .aws/config default region
gh = { gh = {
enable = true; enable = true;
settings.aliases.co = "pr checkout"; settings.aliases.co = "pr checkout";
settings.git_protocol = "ssh";
}; };
direnv.enable = true; direnv.enable = true;
direnv.nix-direnv.enable = true; direnv.nix-direnv.enable = true;
@ -26,16 +28,14 @@ in {
userEmail = "yorick@yorickvanpelt.nl"; userEmail = "yorick@yorickvanpelt.nl";
signing.key = "A36E70F9DC014A15"; signing.key = "A36E70F9DC014A15";
signing.signByDefault = true; signing.signByDefault = true;
includes = [{
condition = "gitdir:~/tweag";
contents.user.email = "yorick.vanpelt@tweag.io";
}];
extraConfig.merge.conflictStyle = "diff3"; extraConfig.merge.conflictStyle = "diff3";
extraConfig.help.autocorrect = 5; extraConfig.help.autocorrect = 5;
extraConfig.push.default = "simple"; extraConfig.push.default = "simple";
extraConfig.pull.ff = "only"; extraConfig.pull.ff = "only";
extraConfig.hub.protocol = "ssh";
ignores = [
"/.envrc"
"/.cache"
"/.direnv"
];
aliases = { aliases = {
lg = lg =
"log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit --date=relative"; "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit --date=relative";
@ -78,7 +78,6 @@ in {
frumar.hostname = "frumar.local"; frumar.hostname = "frumar.local";
pennyworth.hostname = "pennyworth.yori.cc"; pennyworth.hostname = "pennyworth.yori.cc";
smithers.hostname = "10.209.0.8"; smithers.hostname = "10.209.0.8";
replicate.hostname = "216.153.63.208";
# "192.168.178.*" = { # "192.168.178.*" = {
# only if wired # only if wired
# extraOptions.Compression = "no"; # extraOptions.Compression = "no";
@ -93,24 +92,21 @@ in {
enable = true; enable = true;
shellAliases = { shellAliases = {
l = "ls"; l = "ls";
ls = "eza"; ls = "exa";
nr = ''nix repl --file "/home/yorick/dotfiles/repl.nix"''; nr = ''nix repl --file "/home/yorick/dotfiles/repl.nix"'';
"n." = "nix repl --file ."; "n." = "nix repl --file .";
nsd = "nix show-derivation"; nsd = "nix show-derivation";
nb = "nix build"; nb = "nix build";
nl = "nix log"; nl = "nix log";
g = "git"; g = "git";
bc = "bluetoothctl connect ${headphones}"; bc = "bluetoothctl connect 94:DB:56:79:7D:86";
bd = "bluetoothctl disconnect ${headphones}"; bd = "bluetoothctl disconnect 94:DB:56:79:7D:86";
}; };
interactiveShellInit = '' interactiveShellInit = ''
set fish_greeting set fish_greeting
source ${thefuck-alias "fish"} source ${thefuck-alias "fish"}
source ~/dotfiles/nr.fish source ~/dotfiles/nr.fish
''; '';
plugins = [
{ inherit (pkgs.fishPlugins.tide) name src; }
];
}; };
bash = { bash = {
enable = true; enable = true;
@ -163,7 +159,6 @@ in {
notmuch notmuch
watchman watchman
nix-output-monitor nix-output-monitor
appimage-run
## misc ## misc
moreutils moreutils
@ -172,7 +167,6 @@ in {
borgbackup borgbackup
bup bup
# catdoc # catdoc
trurl
expect expect
fzf fzf
fx fx
@ -182,7 +176,6 @@ in {
imagemagick imagemagick
iodine iodine
jo jo
jless
jq jq
lnav lnav
magic-wormhole magic-wormhole
@ -216,12 +209,11 @@ in {
python3 python3
silver-searcher silver-searcher
sqlite sqlite
noulith
## nix ## nix
nix-tree nix-tree
niv niv
nixfmt-rfc-style nixfmt
patchelf patchelf
nix-prefetch-git nix-prefetch-git
nix-du nix-du
@ -243,7 +235,7 @@ in {
## misc ## misc
asciinema asciinema
cargo cargo
eza exa
linuxPackages.perf linuxPackages.perf
ltrace ltrace
lz4json lz4json
@ -252,53 +244,37 @@ in {
unzip unzip
vim vim
xdg-utils xdg-utils
countfftabs
datasette
#wlrctl #wlrctl
## coins ## coins
electrum electrum
ledger-live-desktop
## apps ## apps
alacritty alacritty
calibre calibre
chromium chromium
discord discord
wayland-push-to-talk-fix
fanficfare fanficfare
feh feh
gimp gimp
gopass gopass
hledger hledger
neomutt
spotify spotify
tdesktop tdesktop
signal-desktop
virt-manager virt-manager
wireshark wireshark
notion-desktop yubioath-desktop
#yubioath-flutter
## games ## games
prismlauncher minecraft
steam steam
# minecraft # minecraft
# nottetris2 # nottetris2
# openttd # openttd
# wine # wine
# winetricks # winetricks
kmines
# work
timesync
r8-cog
mutagen
zoom-us
llm
# admin
nsc
natscli
]); ]);
home.file.".gnupg/gpg.conf".text = '' home.file.".gnupg/gpg.conf".text = ''
@ -308,6 +284,10 @@ in {
keyserver hkps://keys.openpgp.org keyserver hkps://keys.openpgp.org
#keyserver-options auto-key-retrieve #keyserver-options auto-key-retrieve
''; '';
home.file.".mutt" = {
source = ../mutt/.mutt;
recursive = true;
};
home.sessionVariables = { home.sessionVariables = {
FLAKE_CONFIG_URI = "/home/yorick/dotfiles#homeConfigurations.${pkgs.stdenv.system}.activationPackage"; FLAKE_CONFIG_URI = "/home/yorick/dotfiles#homeConfigurations.${pkgs.stdenv.system}.activationPackage";
}; };

12
home-manager/waybar.css
View file

@ -29,7 +29,7 @@ window#waybar {
border-bottom: 3px solid white; border-bottom: 3px solid white;
} }
#clock, #battery, #cpu, #memory, #network, #disk, #pulseaudio, #custom-spotify, #tray, #mode, #custom-cal, #custom-marvin { #clock, #battery, #cpu, #memory, #network, #disk, #pulseaudio, #custom-spotify, #tray, #mode, #custom-cal {
padding: 0 10px; padding: 0 10px;
margin: 0 5px; margin: 0 5px;
} }
@ -104,15 +104,7 @@ window#waybar {
background: #4285f4; background: #4285f4;
} }
#custom-cal.user-1 { #custom-cal.user-1 {
background: #33b679; background: #f67755;
}
#custom-cal.user-2 {
background: #9e69af;
}
#custom-marvin {
background: #5ec0bc;
color: white;
} }
#tray { #tray {

8
home-manager/waybar.toml
View file

@ -2,7 +2,7 @@ layer = "top"
height = 26 height = 26
modules-left = [ "sway/workspaces", "sway/mode", "custom/spotify" ] modules-left = [ "sway/workspaces", "sway/mode", "custom/spotify" ]
modules-center = [ "sway/window" ] modules-center = [ "sway/window" ]
modules-right = [ "custom/marvin", "custom/cal", "pulseaudio", "network", "disk", "battery", "clock", "tray" ] modules-right = [ "custom/cal", "pulseaudio", "network", "disk", "battery", "clock", "tray" ]
["sway/workspaces"] ["sway/workspaces"]
all-outputs = false all-outputs = false
@ -82,9 +82,3 @@ escape = true
max-length = 40 max-length = 40
on-click = "playerctl play-pause" on-click = "playerctl play-pause"
exec = "$HOME/dotfiles/bin/spotify_meta.sh 2> /dev/null" exec = "$HOME/dotfiles/bin/spotify_meta.sh 2> /dev/null"
["custom/marvin"]
format = "{}"
escape = true
max-length = 40
exec = "$HOME/dotfiles/bin/marvin-sub.sh"

2
mutt/.mutt/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
msg_cache/
hcache

0
home-manager/mutt-colors → mutt/.mutt/colors
View file

9
mutt/.mutt/creds Normal file
View file

@ -0,0 +1,9 @@
set imap_user=yorick@yori.cc
set imap_pass = "`pass sysadmin/yori.ccMail | head -n1`"
set folder = "imaps://yorick@yori.cc@pennyworth.yori.cc/"
set spoolfile = "=INBOX"
set realname = "Yorick van Pelt"
set from = "Yorick van Pelt <yorick@yorickvanpelt.nl>"
set smtp_url = "smtp://yorick@yori.cc@pennyworth.yori.cc:587/"
set smtp_pass = "$imap_pass"

88
mutt/.mutt/gpg Normal file
View file

@ -0,0 +1,88 @@
# -*-muttrc-*-
#
# Command formats for gpg.
#
# This version uses gpg-2comp from
# http://70t.de/download/gpg-2comp.tar.gz
#
# $Id$
#
# %p The empty string when no passphrase is needed,
# the string "PGPPASSFD=0" if one is needed.
#
# This is mostly used in conditional % sequences.
#
# %f Most PGP commands operate on a single file or a file
# containing a message. %f expands to this file's name.
#
# %s When verifying signatures, there is another temporary file
# containing the detached signature. %s expands to this
# file's name.
#
# %a In "signing" contexts, this expands to the value of the
# configuration variable $pgp_sign_as. You probably need to
# use this within a conditional % sequence.
#
# %r In many contexts, mutt passes key IDs to pgp. %r expands to
# a list of key IDs.
# Note that we explicitly set the comment armor header since GnuPG, when used
# in some localiaztion environments, generates 8bit data in that header, thereby
# breaking PGP/MIME.
# decode application/pgp
set pgp_decode_command="gpg --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f"
# verify a pgp/mime signature
set pgp_verify_command="gpg --status-fd=2 --no-verbose --quiet --batch --output - --verify %s %f"
# decrypt a pgp/mime attachment
set pgp_decrypt_command="gpg --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f"
# create a pgp/mime signed attachment
# set pgp_sign_command="gpg-2comp --comment '' --no-verbose --batch --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_sign_command="gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f"
# create a application/pgp signed (old-style) message
# set pgp_clearsign_command="gpg-2comp --comment '' --no-verbose --batch --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f"
set pgp_clearsign_command="gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f"
# create a pgp/mime encrypted attachment
# set pgp_encrypt_only_command="pgpewrap gpg-2comp -v --batch --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f"
set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f"
# create a pgp/mime encrypted and signed attachment
# set pgp_encrypt_sign_command="pgpewrap gpg-2comp %?p?--passphrase-fd 0? -v --batch --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
set pgp_encrypt_sign_command="pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
# import a key into the public key ring
set pgp_import_command="gpg --no-verbose --import %f"
# export a key from the public key ring
set pgp_export_command="gpg --no-verbose --export --armor %r"
# verify a key
set pgp_verify_key_command="gpg --verbose --batch --fingerprint --check-sigs %r"
# read in the public key ring
set pgp_list_pubring_command="gpg --no-verbose --batch --quiet --with-colons --with-fingerprint --with-fingerprint --list-keys %r"
# read in the secret key ring
set pgp_list_secring_command="gpg --no-verbose --batch --quiet --with-colons --with-fingerprint --with-fingerprint --list-secret-keys %r"
# fetch keys
# set pgp_getkeys_command="pkspxycwrap %r"
# pattern for good signature - may need to be adapted to locale!
# set pgp_good_sign="^gpgv?: Good signature from "
# OK, here's a version which uses gnupg's message catalog:
# set pgp_good_sign="`gettext -d gnupg -s 'Good signature from "' | tr -d '"'`"
# This version uses --status-fd messages
set pgp_good_sign="^\\[GNUPG:\\] GOODSIG"
# pattern to verify a decryption occurred
set pgp_decryption_okay="^\\[GNUPG:\\] DECRYPTION_OKAY"

4
mutt/.mutt/mailboxes Normal file
View file

@ -0,0 +1,4 @@
set record="=Sent"
set postponed="=Drafts"
set trash="=Archive"
mailboxes =INBOX =Archive =Sent =Spam =Trash

4
mutt/.mutt/mailcap Normal file
View file

@ -0,0 +1,4 @@
text/html; w3m -I %{charset} -T text/html; copiousoutput;
application/pdf; pdftotext -layout -l 10 -nopgbrk /dev/stdin -; copiousoutput
content/pdf; pdftotext -layout -l 10 -nopgbrk /dev/stdin -; copiousoutput

38
mutt/.mutt/muttrc Normal file
View file

@ -0,0 +1,38 @@
source ~/.mutt/creds
source ~/.mutt/colors
source ~/.mutt/gpg
source ~/.mutt/mailboxes
set edit_headers
set auto_tag
bind pager <up> previous-line
bind pager <down> next-line
set smart_wrap
set sleep_time = 0 # gotta go faster
set imap_servernoise
unset imap_passive
set mail_check = 60
set header_cache = ~/.mutt/hcache
set message_cachedir = ~/.mutt/msg_cache
set net_inc = 5
set sort = threads
set sort_browser = date
set sort_aux = reverse-last-date-received
set sidebar_width= 10
set pgp_verify_sig
set pgp_replysign
set pgp_sign_as = DC014A15
ifdef ENCRYPT_SELF set pgp_encrypt_self
set pgp_use_gpg_agent
bind index G imap-fetch-mail
auto_view text/html # view html automatically
alternative_order text/plain text/enriched text/html # save html for last
set mailcap_path=~/.mutt/mailcap

46
nixos/README.md
View file

@ -1,42 +1,25 @@
This directory contains Nix code to deploy all of my machines. The main way to use this is via `ydeployer`. My nixos configurations.
Systems Systems
======= =======
[blackadder](https://en.wikipedia.org/wiki/Edmund_Blackadder#Edmund_Blackadder_Esq._(Regency_Britain))
--------
Desktop [workstation](./roles/workstation.nix).
ryzen 9 3950x (RAM: 64GB, storage: 1TB ssd, 16 cores + hyperthreading)
There is a [list of components](https://tweakers.net/gallery/468325/inventaris/?inv_id=2583112) on tweakers.
- Main desktop with two 2560x1440 27" screens.
- It has a camera (sony alpha 6000) mounted on top of the left screen using a [smallrig super clamp](https://www.amazon.nl/-/en/gp/product/B08B63WXWN/).
- It has a Tobii Eye Tracker 4c attached to the left screen.
[frumar](https://en.wikipedia.org/wiki/Frumar) [frumar](https://en.wikipedia.org/wiki/Frumar)
-------- --------
Physical NAS [server](./roles/homeserver.nix). Mostly used for files. (storage: 30 TB hdd + 256GB ssd, RAM: 64GB, 4 cpu cores). As of 2022-04-09, there is 12TB usable storage remaining. Physical [server](./roles/server.nix). Mostly used for files. (storage: 30 TB hdd + 256GB ssd, RAM: 16GB, 2 cores ht)
There is a [list of components](https://tweakers.net/gallery/468325/inventaris/?inv_id=459811) on tweakers.
- prometheus - prometheus
- grafana - grafana
- rabbitmq - rabbitmq
- torrent client - torrents
- plex - plex
- home-assistant
- unifi controller
[pennyworth](https://en.wikipedia.org/wiki/Alfred_Pennyworth) [pennyworth](https://en.wikipedia.org/wiki/Alfred_Pennyworth)
---------- ----------
[Server](./roles/server.nix). [Server](./roles/server.nix).
Hetzner [CX11](https://www.hetzner.com/cloud) cloud VPS (Storage: 20GB, RAM: 2GB, 1 core) Hetzner cloud VPS (Storage: 20GB, RAM: 2GB, 1 core)
- [website](./services/website.nix) - [website](./services/website.nix)
- [email](./services/mail.nix) - [email](./services/mail.nix)
@ -48,14 +31,25 @@ Hetzner [CX11](https://www.hetzner.com/cloud) cloud VPS (Storage: 20GB, RAM: 2GB
-------- --------
[workstation](./roles/workstation.nix). [workstation](./roles/workstation.nix).
dell xps 13 (RAM: 16GB, storage: 512GB ssd, 2 cores + hyperthreading) dell xps 13 (RAM: 16GB, storage: 512GB ssd, 2 cores ht)
smithers
[blackadder](https://en.wikipedia.org/wiki/Edmund_Blackadder#Edmund_Blackadder_Esq._(Regency_Britain))
-------- --------
[workstation](./roles/workstation.nix). [workstation](./roles/workstation.nix).
https://tweakers.net/productcollectie/wijzig/2583112/
ryzen 9 (RAM: 64GB, storage: 1TB ssd, 16 cores ht)
Main laptop. Maintenance
===========
thinkpad x1 carbon (gen 9) (RAM: 24GB, storage: 256GB ssd, 4 cores + hyperthreading) Generating tor keys:
```
$(nix-build packages/shallot.nix --no-out-link)/bin/shallot -f tmp ^PATTERN
head -n3 tmp
tail -n +4 tmp > keys/ssh.HOSTNAME.key
shred tmp && rm tmp
```

9
nixos/machines/blackadder/3950x-hardware-config.nix
View file

@ -28,15 +28,12 @@
}; };
fileSystems."/boot" = { fileSystems."/boot" = {
# device = "/dev/disk/by-uuid/5D0A-7902"; # mp600 device = "/dev/disk/by-uuid/5D0A-7902";
device = "/dev/disk/by-uuid/897D-8245"; # 980pro
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ swapDevices =
# { device = "/dev/disk/by-uuid/61a23e27-2cd4-4456-bcde-aec68be04239"; } # mp600 [{ device = "/dev/disk/by-uuid/61a23e27-2cd4-4456-bcde-aec68be04239"; }];
{ device = "/dev/disk/by-uuid/15057589-6483-4e10-9f87-67ed7e314d26"; } # 980pro
];
nix.settings.max-jobs = lib.mkDefault 32; nix.settings.max-jobs = lib.mkDefault 32;
# High-DPI console # High-DPI console

18
nixos/machines/blackadder/3950x.nix
View file

@ -25,16 +25,10 @@
# matchConfig.OriginalName = "*"; # matchConfig.OriginalName = "*";
# linkConfig.NamePolicy = "mac kernel database onboard slot path"; # linkConfig.NamePolicy = "mac kernel database onboard slot path";
# }; # };
environment.systemPackages = [ pkgs.openrgb pkgs.egl-wayland ]; boot.kernelParams = [
services.xserver.videoDrivers = [ "modesetting" "nvidia" ]; # thunderbolt
hardware.nvidia.powerManagement.finegrained = true; "pcie_ports=native"
hardware.nvidia.prime.offload.enable = true; "pci=assign-busses,hpbussize=0x33,realloc"
hardware.nvidia.prime = { ];
nvidiaBusId = "PCI:5:0:0"; environment.systemPackages = [ pkgs.openrgb ];
amdgpuBusId = "PCI:15:0:0";
};
hardware.cpu.amd = {
ryzen-smu.enable = true;
updateMicrocode = true;
};
} }

49
nixos/machines/blackadder/default.nix
View file

@ -1,6 +1,3 @@
let
sshkeys = import ../../sshkeys.nix;
in
{ config, pkgs, lib, ... }: { { config, pkgs, lib, ... }: {
imports = [ ./3950x.nix ../../roles/workstation.nix ]; imports = [ ./3950x.nix ../../roles/workstation.nix ];
@ -34,41 +31,18 @@ in
# lars user # lars user
nix.settings.trusted-users = [ "lars" ]; nix.settings.trusted-users = [ "lars" ];
users.users = { users.users.lars = {
lars = { isNormalUser = true;
isNormalUser = true; openssh.authorizedKeys.keys = [
openssh.authorizedKeys.keys = sshkeys.lars; "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCbieYUtRGQ4nf4glQvrZDn72doP6W2uw2z9VqFq5sZLROXYa4jW8nwx4h+BiArGs+VPwn6lfsP19PX6yNIk74C/SkO26S1Zvbe7ffNusi6PH2BQIOWeAYKk+eZH+ZOeD8z07uDB7QffwRLwzSaPFg+zfRzsMFoXH/GE9qOQ4lnfk8czTZL7zbZf/yS7mDFztClXFciYsVwgRXNiFpfc+9mOkU0oBWtGo/WGUhB0Hds3a4ylyjjVAcC/l1H2bvc/Q3d6bbn23pUFl2V78Yg1B4b1MT34qbBV6whXAQd7KM9tND2ZhpF2XQ7Spi1QlOac0jup+sE+3bbvcjNqTI05DwJO/dX5F2gSAFkvSY4ZPqSX5ilE/hj4DQuhRgLmQdbVl5IFV9aLYqUvJcCqX9jRFMly4YTFXsFz18rGkxOYGZabcE1usBM2zRVDTtEP6Si5ii76Ocvp8aNFBB2Kf1whg8tziTv3kQEQ9fd2sRtE2J3xveJiwXjUBU2uikSOKe8JP47Tb6PYlv7Ty/6OI51aUQn++R72VNajdBJ1r1osp7leqTJ+sXuLlWLo/a7lDpDmgEI7dbxqmpjLcMce0JzqLKlP1Q2U/nkYy86xkjSTH1rNUI2JAbJx3iTcGy7bq12yfjNfcGAqY4GVXvisK1cpbF0RCjaFExwtmzorljHh6ZHjQ== openpgp:0x60F7D1FD"
}; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOvdQ963wjgWyFMp6djRTqVwZr3/PQ/V+Qm5JTcxRTdY lumi@channelwood"
];
mickey = {
isNormalUser = true;
openssh.authorizedKeys.keys = sshkeys.mickey ++ sshkeys.bram;
packages = with pkgs; [
git cmake gnumake gcc python3 python3.pkgs.pip screen vim r8-cog
];
extraGroups = [ "docker" ];
};
judith = {
isNormalUser = true;
openssh.authorizedKeys.keys = sshkeys.judith;
packages = with pkgs; [ r8-cog ];
# packages = with pkgs; [
# git cmake gnumake gcc python3 python3.pkgs.pip screen vim
# ];
extraGroups = [ "docker" ];
};
}; };
# docker # docker
virtualisation.docker = { virtualisation.docker.enable = true;
enable = true;
storageDriver = "overlay2";
};
hardware.nvidia-container-toolkit.enable = true;
users.users.yorick.extraGroups = [ "docker" ]; users.users.yorick.extraGroups = [ "docker" ];
nix.optimise.automatic = true;
# headphone control # headphone control
systemd.services.mdrd = { systemd.services.mdrd = {
serviceConfig = { serviceConfig = {
@ -79,13 +53,4 @@ in
wantedBy = [ "graphical-session.target" ]; wantedBy = [ "graphical-session.target" ];
}; };
services.dbus.packages = [ pkgs.mdrd ]; services.dbus.packages = [ pkgs.mdrd ];
services.fooocus = {
enable = true;
listen = "0.0.0.0";
};
networking.firewall.allowedTCPPorts = [ config.services.fooocus.port ];
yorick.dk-vpn = {
enable = true;
ip = "10.100.0.4";
};
} }

56
nixos/machines/frumar/cache.nix
View file

@ -1,56 +0,0 @@
{ config, pkgs, lib, inputs, ... }: {
imports = [
inputs.attic.nixosModules.atticd
];
age.secrets.attic.file = ../../../secrets/attic.env.age;
services.nginx.virtualHosts."cache.yori.cc" = {
onlySSL = true;
useACMEHost = "wildcard.yori.cc";
locations."/" = {
proxyPass = "http://[::]:8091";
recommendedProxySettings = true;
};
extraConfig = ''
client_max_body_size 8000M;
proxy_request_buffering off;
proxy_read_timeout 600s;
'';
};
services.atticd = {
enable = true;
credentialsFile = config.age.secrets.attic.path;
settings = {
storage = {
type = "local";
path = "/attic";
};
database.url = "postgresql:///atticd";
listen = "[::]:8091";
chunking = {
nar-size-threshold = 128 * 1024;
min-size = 32 * 1024;
avg-size = 128 * 1024;
max-size = 512 * 1024;
};
};
};
systemd.tmpfiles.rules = with config.services.atticd; [
"d /attic 0770 ${user} ${group}"
];
users.users.${config.services.atticd.user} = {
isSystemUser = true;
createHome = false;
group = config.services.atticd.group;
};
users.groups.${config.services.atticd.group} = {};
services.postgresql = {
enable = true;
package = pkgs.postgresql_15;
ensureDatabases = [ "atticd" ];
ensureUsers = [ {
name = "atticd";
ensureDBOwnership = true;
} ];
};
}

396
nixos/machines/frumar/default.nix
View file

@ -3,10 +3,6 @@
./fractal.nix ./fractal.nix
../../roles/server.nix ../../roles/server.nix
../../roles/homeserver.nix ../../roles/homeserver.nix
./paperless.nix
./media.nix
./home-automation.nix
./cache.nix
]; ];
system.stateVersion = "15.09"; system.stateVersion = "15.09";
@ -17,90 +13,44 @@
}; };
}) ]; }) ];
security.y-selfsigned.enable = true;
services.nginx = let services.nginx = let
sslForward = proxyPass: extra: lib.mkMerge [ { cert = config.services.acme-sh.certs.wildcard-yori-cc;
onlySSL = true; sslCertificate = cert.certPath;
useACMEHost = "wildcard.yori.cc"; sslCertificateKey = cert.keyPath;
locations."/" = {
inherit proxyPass;
proxyWebsockets = true;
};
} extra ];
in { in {
enable = true; enable = true;
virtualHosts = { recommendedOptimisation = true;
"unifi.yori.cc" = sslForward "https://[::1]:8443" { recommendedTlsSettings = true;
locations."/".extraConfig = '' recommendedProxySettings = true;
recommendedGzipSettings = true;
virtualHosts."unifi.yori.cc" = {
onlySSL = true;
inherit sslCertificate sslCertificateKey;
locations."/" = {
proxyPass = "https://[::1]:8443";
proxyWebsockets = true;
extraConfig = ''
proxy_ssl_verify off; proxy_ssl_verify off;
proxy_ssl_session_reuse on; proxy_ssl_session_reuse on;
''; '';
}; };
"grafana.yori.cc" = sslForward "http://127.0.0.1:3000" {}; };
"prometheus.yori.cc" = sslForward "http://127.0.0.1:9090" { virtualHosts."frumar.yori.cc" = {
# only over VPN enableACME = lib.mkForce false;
listen = [ { addr = "10.209.0.3"; port = 443; ssl = true; } ]; forceSSL = lib.mkForce false;
}; default = true;
"plex.yori.cc" = sslForward "http://127.0.0.1:32400" {
extraConfig = ''
gzip on;
gzip_vary on;
gzip_min_length 1000;
gzip_proxied any;
gzip_types text/plain text/css text/xml application/xml text/javascript application/x-javascript image/svg+xml;
proxy_http_version 1.1;
proxy_buffering off;
'';
};
"fooocus.yori.cc" = sslForward "http://192.168.2.135:7860" {};
"priv.yori.cc" = let
oauth2Block = ''
# pass information via X-User and X-Email headers to backend,
# requires running with --set-xauthrequest flag
proxy_set_header X-User $user;
proxy_set_header X-Email $email;
# if you enabled --cookie-refresh, this is needed for it to work with auth_request
add_header Set-Cookie $auth_cookie;
'';
proxyOauth2 = proxyPass: {
inherit proxyPass;
extraConfig = oauth2Block;
};
in {
onlySSL = true;
useACMEHost = "wildcard.yori.cc";
locations."/".root = pkgs.writeTextDir "index.html" ''
<!DOCTYPE HTML>
<ul>
<li><a href="/paperless/">paperless</a>
<li><a href="/sonarr/">sonarr</a>
<li><a href="/radarr/">radarr</a>
<li><a href="/oauth2/sign_out?rd=/">sign out</a>
</ul>
'';
locations."/sonarr" = proxyOauth2 "http://127.0.0.1:8989";
locations."/radarr" = proxyOauth2 "http://127.0.0.1:7878";
locations."/marvin-tracker/" = {
proxyPass = "http://[::1]:${toString config.services.yorick.marvin-tracker.port}/";
extraConfig = "auth_request off;";
# handles auth using arg
};
locations."/oauth2/".extraConfig = "auth_request off;"; # todo upstream?
locations."/paperless/" = proxyOauth2 "http://127.0.0.1:${toString config.services.paperless.port}/";
locations."/media/" = {
root = "/var/mediashare";
};
};
"frumar.yori.cc" = {
enableACME = lib.mkForce false;
inherit (config.security.y-selfsigned) sslCertificate sslCertificateKey;
};
}; };
}; };
systemd.services.nginx.serviceConfig.BindReadOnlyPaths = [ "/data/plexmedia/ca" "/var/mediashare" ];
boot.supportedFilesystems = [ "zfs" ]; boot.supportedFilesystems = [ "zfs" ];
services.yorick.torrent-vpn = {
enable = true;
name = "mullvad-nl4";
namespace = "torrent";
};
services.plex = {
enable = true;
openFirewall = true;
};
services.iperf3 = { services.iperf3 = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
@ -108,7 +58,7 @@
services.unifi = { services.unifi = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
unifiPackage = pkgs.unifi; jrePackage = pkgs.jre8_headless;
}; };
services.victoriametrics = { services.victoriametrics = {
enable = true; enable = true;
@ -119,56 +69,150 @@
extraFlags = [ "--web.enable-admin-api" ]; extraFlags = [ "--web.enable-admin-api" ];
# victoriametrics # victoriametrics
remoteWrite = [{ url = "http://127.0.0.1:8428/api/v1/write"; }]; remoteWrite = [{ url = "http://127.0.0.1:8428/api/v1/write"; }];
scrapeConfigs = [{ scrapeConfigs = [
job_name = "node"; # {
static_configs = [{ targets = [ "localhost:9100" ]; }]; # job_name = "smartmeter";
}]; # # prometheus doesn't support mdns :thinking_face:
# static_configs = [{ targets = [ "192.168.178.30" ]; }];
# scrape_interval = "10s";
# }
{
job_name = "node";
static_configs = [{ targets = [ "localhost:9100" ]; }];
# } {
# job_name = "unifi";
# static_configs = [ { targets = [ "localhost:9130" ]; } ];
}
# {
# job_name = "thermometer";
# static_configs = [{ targets = [ "192.168.178.21:8000" ]; }];
# }
# {
# job_name = "esphome";
# static_configs = [{ targets = [ "192.168.178.77" ]; }];
# }
];
exporters.node.enable = true; exporters.node.enable = true;
}; # exporters.unifi = {
services.yorick.paperless = { # enable = true;
enable = true; # unifiAddress = "https://localhost:8443";
openFirewall = true; # unifiInsecure = true;
scanner_ip = "192.168.2.49"; # unifiUsername = "ReadOnlyUser";
# unifiPassword = "ReadOnlyPassword";
# };
}; };
boot.zfs.requestEncryptionCredentials = false; boot.zfs.requestEncryptionCredentials = false;
networking.firewall = { networking.firewall.interfaces.wg-y.allowedTCPPorts = [ 3000 9090 8443 ];
interfaces.wg-y.allowedTCPPorts = [ 3000 9090 ]; # grafana and prometheus via pennyworth networking.firewall.allowedTCPPorts = [ 1883 5357 443 ];
# mqtt, nats networking.firewall.allowedUDPPorts = [ 1883 3702 ];
allowedTCPPorts = [ 1883 4222 ]; services.rabbitmq = {
# mqtt enable = true;
allowedUDPPorts = [ 1883 ]; plugins = [ "rabbitmq_mqtt" "rabbitmq_management" ];
}; };
services.grafana = { services.grafana = {
enable = true; enable = true;
settings = { addr = "0.0.0.0";
server.http_addr = "0.0.0.0"; domain = "grafana.yori.cc";
server.domain = "grafana.yori.cc"; rootUrl = "https://grafana.yori.cc/";
server.root_url = "https://grafana.yori.cc/"; extraOptions = {
"auth.basic".enabled = false; AUTH_BASIC_ENABLED = "false";
"auth.google" = { AUTH_DISABLE_LOGIN_FORM = "true";
enabled = true; AUTH_GOOGLE_ENABLED = "true";
allow_sign_up = false; AUTH_GOOGLE_ALLOW_SIGN_UP = "false";
};
};
services.zigbee2mqtt = {
enable = true;
settings.availability = true;
settings.device_options = {
retain = true;
legacy = false;
};
settings.serial.port = "/dev/ttyUSB0";
};
services.home-assistant = {
enable = true;
openFirewall = true;
extraComponents = [
"default_config"
"androidtv"
"esphome"
"met"
"unifi" "yeelight" "plex" "frontend"
"automation" "device_automation"
];
config = {
media_player = [
{
platform = "androidtv";
host = "192.168.2.181";
name = "shield";
device_class = "androidtv";
}
];
mobile_app = {};
default_config = {};
system_log = {};
"map" = {};
frontend.themes = "!include_dir_merge_named themes";
automation = "!include automations.yaml";
homeassistant = {
name = "Home";
latitude = "51.84";
longitude = "5.85";
elevation = "0";
unit_system = "metric";
time_zone = "Europe/Amsterdam";
}; };
auth.disable_login_form = true;
}; };
}; };
age.secrets = { age.secrets = {
acme-transip-key = { grafana.file = ../../../secrets/grafana.env.age;
transip-key = {
file = ../../../secrets/transip-key.age; file = ../../../secrets/transip-key.age;
mode = "770"; mode = "770";
group = "acme"; owner = "nginx";
group = "nginx";
}; };
frumar-mail-pass.file = ../../../secrets/frumar-mail-pass.age;
grafana.file = ../../../secrets/grafana.env.age;
oauth2-proxy.file = ../../../secrets/oauth2-proxy.age;
zigbee2mqtt.file = ../../../secrets/zigbee2mqtt.env.age;
marvin-tracker.file = ../../../secrets/marvin-tracker.env.age;
}; };
systemd.services.grafana.serviceConfig.EnvironmentFile = config.age.secrets.grafana.path; systemd.services.grafana.serviceConfig.EnvironmentFile = config.age.secrets.grafana.path;
systemd.services.zigbee2mqtt.serviceConfig.EnvironmentFile = config.age.secrets.zigbee2mqtt.path; services.zfs = {
services.zfs.autoScrub = { trim.enable = false; # no ssd's
autoScrub = {
enable = true;
interval = "*-*-01 02:00:00"; # monthly + 2 hours
};
};
services.samba = {
enable = false;
openFirewall = false;
shares.public = {
path = "/data/plexmedia";
browseable = "yes";
"guest ok" = "yes";
"hosts allow" = "192.168.178.0/255.255.255.0";
"writeable" = "yes";
"force user" = "nobody";
"force directory mode" = "2777";
};
};
services.samba-wsdd = {
enable = true; enable = true;
interval = "*-*-01 02:00:00"; # monthly + 2 hours interface = "eno1";
hostname = "NAS";
};
services.sonarr = {
enable = true;
group = "plex";
user = "plex";
openFirewall = true;
};
services.radarr = {
enable = true;
group = "plex";
user = "plex";
openFirewall = true;
}; };
services.znapzend = { services.znapzend = {
enable = true; enable = true;
@ -178,24 +222,14 @@
sendRaw = true; sendRaw = true;
}; };
zetup = { zetup = {
"frumar-new" = {
plan = "1w=>6h,1m=>1w,1y=>1m,2y=>6m,50y=>1y";
};
"frumar-new/plexmedia" = { "frumar-new/plexmedia" = {
plan = "1w=>6h,1m=>1w,1y=>1m,2y=>6m,50y=>1y"; plan = "1w=>6h,1m=>1w,1y=>1m,2y=>6m,50y=>1y";
}; };
"ssdpool/root" = {
plan = "2d=>1d";
};
"ssdpool/root/var" = {
plan = "1w=>1d";
destinations.frumar-new = {
dataset = "frumar-new/backup/ssdpool-root-var";
plan = "1w=>1d,1m=>1w,1y=>1m,10y=>6m,50y=>1y";
};
};
}; };
}; };
users.users.plex.packages = with pkgs; [
ffmpeg
];
users.users.yorick.packages = with pkgs; [ users.users.yorick.packages = with pkgs; [
borgbackup borgbackup
bup bup
@ -204,105 +238,19 @@
magic-wormhole magic-wormhole
python3 python3
ranger ranger
jq pyroscope
unzip rtorrent
]; ];
security.acme.certs."wildcard.yori.cc" = { services.acme-sh.certs.wildcard-yori-cc = {
domain = "*.yori.cc"; mainDomain = "*.yori.cc";
dnsProvider = "transip"; dns = "dns_transip";
reloadServices = [ "nginx.service" ]; production = true;
postRun = "systemctl reload nginx || true";
inherit (config.services.nginx) user group;
}; };
users.users.nginx.extraGroups = [ "acme" ]; systemd.services.acme-sh-wildcard-yori-cc.environment = {
systemd.services."acme-wildcard.yori.cc".environment = { TRANSIP_Username = "yorickvp";
TRANSIP_ACCOUNT_NAME = "yorickvp"; TRANSIP_Key_File = config.age.secrets.transip-key.path;
TRANSIP_PRIVATE_KEY_PATH = config.age.secrets.acme-transip-key.path;
};
programs.msmtp = {
enable = true;
accounts.default = {
auth = true;
tls = true;
from = "frumar@yori.cc";
host = "pennyworth.yori.cc";
user = "frumar@yori.cc";
passwordeval = "${pkgs.coreutils}/bin/cat ${config.age.secrets.frumar-mail-pass.path}";
};
};
services.smartd = {
enable = true;
notifications.mail = {
enable = true;
sender = "frumar@yori.cc";
recipient = "yorickvanpelt@gmail.com";
};
};
services.zfs.zed = {
enableMail = true;
settings = {
ZED_EMAIL_ADDR = [ "yorickvanpelt@gmail.com" ];
ZED_NOTIFY_INTERVAL_SECS = 3600;
ZED_NOTIFY_VERBOSE = true;
ZED_SCRUB_AFTER_RESILVER = true;
};
};
services.oauth2-proxy = {
enable = true;
email.addresses = "yorickvanpelt@gmail.com";
redirectURL = "https://priv.yori.cc/oauth2/callback";
reverseProxy = true;
keyFile = config.age.secrets.oauth2-proxy.path;
setXauthrequest = true;
nginx.virtualHosts."priv.yori.cc" = {
allowed_emails = ["yorickvanpelt@gmail.com"];
};
nginx.domain = "priv.yori.cc";
extraConfig.whitelist-domain = ["priv.yori.cc"];
};
services.nats = {
enable = true;
jetstream = true;
settings = {
mqtt.port = 1883;
system_account = "SYS";
accounts = {
SYS.users = [ {
user = "admin";
password = "$2y$10$TWoKGC7/VKQRnIK163akm.0JRdhSA00lMMVn8fa1tPyKBgbED0BL2";
} ];
default = {
jetstream = "enabled";
users = [
{
user = "yorick";
password = "$2y$10$EtQh8YX0I91X774PhDxhKOSGSc0IAAvGwZErVKV3z.IfeHTcT1.yy";
}
{
user = "iot";
password = "$2y$10$.JF/0CQ1PYCFPITsSXGj..k5v60rZvDc.LWCIDhZpoc93NyyIa5wS";
allowed_connection_types = [ "MQTT" ];
}
{
user = "zigbee2mqtt";
password = "$2a$11$CC5NVYiTUeoa4A4w94NFMORO/0jhMR60JWgPUgjct8c2vg29wwIGG";
allowed_connection_types = [ "MQTT" ];
}
{
user = "marvin-tracker";
password = "$2a$11$V9G2gT52obCsDOBwibHfMudnibwP/s3NwUjwvtsnlHfkn5kJHOOEe";
allowed_connection_types = [ "MQTT" ];
}
{
user = "govee2mqtt";
password = "$2y$10$7EOQkxOjWdHV.hCb.a92JOAU30Qgok0faew/1xU3SJhaXVuKbZ1bm";
allowed_connection_types = [ "MQTT" ];
}
];
};
};
};
};
services.yorick.marvin-tracker = {
enable = true;
secretFile = config.age.secrets.marvin-tracker.path;
}; };
} }

84
nixos/machines/frumar/fractal.nix
View file

@ -4,26 +4,23 @@
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" ]; [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" ];
# Use the GRUB 2 boot loader.
boot.loader.grub = { boot.loader.grub = {
enable = true; enable = true;
efiSupport = true; version = 2;
efiInstallAsRemovable = true; # Define on which hard drive you want to install Grub.
mirroredBoots = [ device = "/dev/disk/by-id/ata-Samsung_SSD_850_EVO_250GB_S21PNXAG441016B";
{ path = "/boot1"; devices = [ "nodev" ]; }
{ path = "/boot2"; devices = [ "nodev" ]; }
];
}; };
# fileSystems."/" = { fileSystems."/" = {
# device = "/dev/disk/by-uuid/ba95c638-f243-48ee-ae81-0c70884e7e74"; device = "/dev/disk/by-uuid/ba95c638-f243-48ee-ae81-0c70884e7e74";
# fsType = "ext4"; fsType = "ext4";
# options = [ "defaults" "relatime" "discard" ]; options = [ "defaults" "relatime" "discard" ];
# }; };
swapDevices = [{ device = "/dev/disk/by-label/ssd-swap"; }];
swapDevices = [{ device = "/dev/disk/by-label/nixos-swap"; }];
fileSystems."/data" = { fileSystems."/data" = {
device = "frumar-new"; device = "frumar-new";
fsType = "zfs"; fsType = "zfs";
@ -34,63 +31,6 @@
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/boot1" = {
device = "/dev/disk/by-label/EFI1";
fsType = "vfat";
};
fileSystems."/boot2" = {
device = "/dev/disk/by-label/EFI2";
fsType = "vfat";
};
fileSystems."/" = {
device = "ssdpool/root";
fsType = "zfs";
};
fileSystems."/var" = {
device = "ssdpool/root/var";
fsType = "zfs";
};
fileSystems."/torrent" = {
device = "ssdpool/torrent";
fsType = "zfs";
};
nix.settings.max-jobs = 4; nix.settings.max-jobs = 4;
services.avahi.allowInterfaces = [ "enp2s0" ]; services.avahi.interfaces = [ "enp2s0" ];
hardware.rasdaemon.enable = true;
} }
## disk layout
# 1x SATA Samsung 850 Evo, 250GB (old ssd)
# - 248GB root ext4
# - 1.9GB swap
# - 0.1GB bios_grub
# 3x SATA WDC WD100EMAZ-00WJTA0, 10.0TB
# - 9.1TiB zfs, frumar-new
# - 8MiB empty
# 1x nvme Corsair Force MP510, 960G
# - 2 GiB "EFI1" boot, ESP
# - 858GB "ssdpart1" zfs, ssdpool
# - 100GB "buf1" empty, future use (metadata device?)
# 1x nvme Samsung Evo 980, 1000G
# - 2GiB "EFI2" boot, ESP
# - 858GB "ssdpart2" zfs, ssdpool
# - 100GB "buf2" empty, future use (metadata device?)
# - 8GiB "swap" swap
# - 31.4GB "scratch" empty, future use
## zfs layout
### frumar-new
# frumar-new: 30T, 20T usable, mountpoint=/data, snapshotted
# frumar-new/backup, mount=none
# frumar-new/backup/blackadder, mount=none
# znapzends from blackadder:rpool/home-enc, encrypted and compressed at-rest there
# frumar-new/plexmedia, mountpoint=/data/plexmedia, snapshotted, different blocksize
### ssdpool
# ssdpool: 858G
# ssdpool/root: compressed
# ssdpool/root/var: compressed, snapshotted
# ssdpool/torrent: not compressed, not snapshottend

94
nixos/machines/frumar/home-automation.nix
View file

@ -1,94 +0,0 @@
{ config, pkgs, lib, ... }: {
services.nginx.virtualHosts."home-assistant.yori.cc" = {
onlySSL = true;
useACMEHost = "wildcard.yori.cc";
locations."/" = {
proxyPass = "http://[::1]:8123";
proxyWebsockets = true;
};
};
services.zigbee2mqtt = {
enable = true;
settings = {
availability = true;
device_options.legacy = false;
serial.port = "/dev/ttyUSB0";
};
};
age.secrets.govee2mqtt-env.file = ../../../secrets/govee2mqtt.env.age;
services.govee2mqtt = {
enable = true;
environmentFile = config.age.secrets.govee2mqtt-env.path;
};
networking.firewall.allowedUDPPorts = [ 4002 ]; # govee2mqtt
services.home-assistant = {
enable = true;
openFirewall = true;
extraComponents = [
"default_config"
"androidtv"
"esphome"
"met"
"unifi" "yeelight" "plex" "frontend"
"tado"
"automation" "device_automation"
"homewizard"
"github" "backup"
"mqtt"
"brother"
"spotify"
"yamaha_musiccast" "cast"
"ipp"
"homekit_controller"
"tuya" "ffmpeg"
"govee_light_local"
#"unifiprotect"
];
customComponents = [
(pkgs.buildHomeAssistantComponent rec {
owner = "georgezhao2010";
domain = "midea_ac_lan";
version = "0.3.22";
src = pkgs.fetchFromGitHub {
inherit owner;
repo = domain;
rev = "v${version}";
hash = "sha256-xTnbA4GztHOE61QObEJbzUSdbuSrhbcJ280DUDdM+n4=";
};
})
(pkgs.buildHomeAssistantComponent rec {
owner = "rospogrigio";
domain = "localtuya";
version = "5.2.1";
src = pkgs.fetchFromGitHub {
owner = "rospogrigio";
repo = "localtuya";
rev = "v${version}";
hash = "sha256-hA/1FxH0wfM0jz9VqGCT95rXlrWjxV5oIkSiBf0G0ac=";
};
})
# todo: adaptive-lighting?
];
config = {
mobile_app = {};
default_config = {};
system_log = {};
frontend.themes = "!include_dir_merge_named themes";
automation = "!include automations.yaml";
homeassistant = {
name = "Home";
latitude = "51.84";
longitude = "5.85";
elevation = "0";
unit_system = "metric";
time_zone = "Europe/Amsterdam";
country = "NL";
};
http = {
use_x_forwarded_for = true;
trusted_proxies = [ "::1" ];
};
};
};
}

42
nixos/machines/frumar/media.nix
View file

@ -1,42 +0,0 @@
{ config, pkgs, lib, ... }: {
users.users.torrent = {
isSystemUser = true;
createHome = false;
group = "torrent";
home = "/torrent";
};
users.groups.torrent = {};
systemd.tmpfiles.rules = [
"d /torrent 770 torrent torrent"
];
users.users.yorick.extraGroups = [ "torrent" ];
services.yorick.torrent-vpn = {
enable = true;
name = "mullvad-nl4";
namespace = "torrent";
};
services.plex = {
enable = true;
openFirewall = true;
};
systemd.services.plex.after = [ "data-plexmedia.mount" ];
services.sonarr = {
enable = true;
group = "plex";
user = "plex";
};
services.radarr = {
enable = true;
group = "plex";
user = "plex";
};
users.users.plex.packages = with pkgs; [
ffmpeg
];
users.users.yorick.packages = with pkgs; [
pyrosimple
rtorrent
yscripts.absorb
];
}

56
nixos/machines/frumar/paperless.nix
View file

@ -1,56 +0,0 @@
{ config, lib, pkgs, ... }:
let cfg = config.services.yorick.paperless;
in {
options.services.yorick.paperless = with lib; {
enable = mkEnableOption "yorick paperless";
openFirewall = mkEnableOption "open firewall for scanner";
scanner_ip = mkOption {
type = types.str;
};
};
config = lib.mkIf cfg.enable {
networking.firewall = lib.mkIf cfg.openFirewall {
connectionTrackingModules = [ "ftp" ];
extraCommands = ''
iptables -t raw -A PREROUTING -i eno1 -s ${cfg.scanner_ip}/32 -p tcp --dport 21 -j CT --helper ftp
iptables -A nixos-fw -p tcp -m tcp --dport 21 -s ${cfg.scanner_ip}/32 -j nixos-fw-accept
'';
extraStopCommands = ''
iptables -t raw -D PREROUTING -i eno1 -s ${cfg.scanner_ip}/32 -p tcp --dport 21 -j CT --helper ftp
iptables -D nixos-fw -p tcp -m tcp --dport 21 -s ${cfg.scanner_ip}/32 -j nixos-fw-accept
'';
};
users.users.ads1600w = {
home = "/var/ads1600w";
group = "ads1600w";
initialHashedPassword =
"$6$q7E6hnTHHt9v.$OHZjuWISanANGwfhznWwfDlHAqbXBjqcr/q0lGe9ff2r.X9xCSoLP4giME5J9WoEUNuWssMLGBPMfXowBjXg70";
isSystemUser = true;
shell = "${pkgs.shadow}/bin/nologin";
createHome = true;
};
users.groups.ads1600w = { };
services.vsftpd = {
enable = true;
localUsers = true;
writeEnable = true;
chrootlocalUser = true;
allowWriteableChroot = true;
extraConfig = "local_umask=007";
userlist = [ "ads1600w" ];
};
# todo: back up this dir
services.paperless.enable = true;
services.paperless.settings = {
PAPERLESS_URL = "https://priv.yori.cc";
PAPERLESS_FORCE_SCRIPT_NAME = "/paperless";
PAPERLESS_STATIC_URL = "/paperless/static/";
PAPERLESS_ENABLE_HTTP_REMOTE_USER = "true";
PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME = "HTTP_X_EMAIL";
PAPERLESS_LOGOUT_REDIRECT_URL = "/oauth2/sign_out?rd=/";
};
users.users.paperless.extraGroups = [ "ads1600w" ];
};
}

91
nixos/machines/frumar/rtorrent.rc
View file

@ -1,91 +0,0 @@
#############################################################################
# A minimal rTorrent configuration that provides the basic features
# you want to have in addition to the built-in defaults.
#
# See https://github.com/rakshasa/rtorrent/wiki/CONFIG-Template
# for an up-to-date version.
#############################################################################
# Instance layout (base paths)
method.insert = cfg.basedir, private|const|string, "/torrent/"
method.insert = cfg.download, private|const|string, (cat,(cfg.basedir),"work/")
method.insert = cfg.logs, private|const|string, (cat,(cfg.basedir),"log/")
method.insert = cfg.logfile, private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log")
method.insert = cfg.session, private|const|string, (cat,(cfg.basedir),"session/")
# method.insert = cfg.watch, private|const|string, (cat,(cfg.basedir),"watch/")
# Create instance directories
execute.throw = sh, -c, (cat,\
"mkdir -p \"",(cfg.download),"\" ",\
"\"",(cfg.logs),"\" ",\
"\"",(cfg.session),"\" ")
# Listening port for incoming peer traffic (fixed; you can also randomize it)
network.port_range.set = 58572-58572
network.port_random.set = no
# Tracker-less torrent and UDP tracker support
# (conservative settings for 'private' trackers, change for 'public')
dht.mode.set = auto
protocol.pex.set = yes
trackers.use_udp.set = yes
# Peer settings
throttle.max_uploads.set = 100
throttle.max_uploads.global.set = 250
throttle.min_peers.normal.set = 20
throttle.max_peers.normal.set = 60
throttle.min_peers.seed.set = 30
throttle.max_peers.seed.set = 80
trackers.numwant.set = 80
protocol.encryption.set = allow_incoming,try_outgoing,enable_retry
# Limits for file handle resources, this is optimized for
# an `ulimit` of 1024 (a common default). You MUST leave
# a ceiling of handles reserved for rTorrent's internal needs!
network.http.max_open.set = 50
network.max_open_files.set = 600
network.max_open_sockets.set = 300
# Memory resource usage (increase if you have a large number of items loaded,
# and/or the available resources to spend)
pieces.memory.max.set = 3600M
network.xmlrpc.size_limit.set = 4M
# Basic operational settings (no need to change these)
session.path.set = (cat, (cfg.session))
directory.default.set = (cat, (cfg.download))
log.execute = (cat, (cfg.logs), "execute.log")
##log.xmlrpc = (cat, (cfg.logs), "xmlrpc.log")
execute.nothrow = sh, -c, (cat, "echo >",\
(session.path), "rtorrent.pid", " ", (system.pid))
# Other operational settings (check & adapt)
encoding.add = utf8
system.umask.set = 0007
system.cwd.set = (directory.default)
network.http.dns_cache_timeout.set = 25
schedule2 = monitor_diskspace, 15, 60, ((close_low_diskspace, 1000M))
dht.port.set = 10523
system.file.allocate.set = yes
# Run the rTorrent process as a daemon in the background
# (and control via XMLRPC sockets)
#system.daemon.set = true
network.scgi.open_local = (cat,(session.path),".rtorrent.sock")
execute.nothrow = chmod,770,(cat,(session.path),".rtorrent.sock")
# Logging:
# Levels = critical error warn notice info debug
# Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_*
print = (cat, "Logging to ", (cfg.logfile))
log.open_file = "log", (cfg.logfile)
log.add_output = "info", "log"
method.insert = get_public_ip_address, simple|private, "execute.capture=curl,-f,-4,https://ifconfig.me/ip"
# The IP address reported to the tracker. (ip) This handles dynamic IP's as well.
schedule2 = ip_tick, 0, 1800, "network.local_address.set=(get_public_ip_address)"

6
nixos/machines/jarvis/default.nix
View file

@ -3,8 +3,6 @@
system.stateVersion = "17.09"; system.stateVersion = "17.09";
yorick.lumi-vpn = { yorick.lumi-vpn.name = "yorick";
name = "yorick"; yorick.lumi-vpn.ip = "10.109.0.10";
ip = "10.109.0.10";
};
} }

2
nixos/machines/jarvis/xps9360-hardware-config.nix
View file

@ -27,4 +27,6 @@
nix.settings.max-jobs = lib.mkDefault 4; nix.settings.max-jobs = lib.mkDefault 4;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
# high-resolution display
hardware.video.hidpi.enable = lib.mkDefault true;
} }

3
nixos/machines/jarvis/xps9360.nix
View file

@ -29,7 +29,7 @@
}; };
services.logind.lidSwitch = "ignore"; services.logind.lidSwitch = "ignore";
services.libinput.enable = true; services.xserver.libinput.enable = true;
networking.wireless = { networking.wireless = {
enable = false; enable = false;
@ -38,6 +38,7 @@
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
services.udev.packages = [ pkgs.crda ];
hardware.firmware = [ pkgs.wireless-regdb ]; hardware.firmware = [ pkgs.wireless-regdb ];
# gotta go faster # gotta go faster
networking.dhcpcd.extraConfig = '' networking.dhcpcd.extraConfig = ''

98
nixos/machines/pennyworth/default.nix
View file

@ -2,18 +2,28 @@
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, inputs, ... }: { { config, pkgs, lib, ... }:
let
sslforward = proxyPass: {
forceSSL = true;
enableACME = true;
locations."/" = {
inherit proxyPass;
proxyWebsockets = true;
};
};
vpn = import ../../vpn.nix;
in {
imports = [ imports = [
./hetznercloud.nix ./hetznercloud.nix
../../roles/server.nix ../../roles/server.nix
../../roles/datakami.nix
../../services/backup.nix ../../services/backup.nix
../../services/email.nix ../../services/email.nix
inputs.yobot.nixosModules.default
]; ];
system.stateVersion = "19.03"; system.stateVersion = "19.03";
services.nginx.enable = true;
services.yorick = { services.yorick = {
public = { public = {
enable = true; enable = true;
@ -31,11 +41,6 @@
enable = true; enable = true;
vhost = "muflax.church"; vhost = "muflax.church";
}; };
calibre-web = {
enable = true;
vhost = "calibre.yori.cc";
};
vpn-host.enable = true;
}; };
age.secrets.muflax.file = ../../../secrets/http.muflax.age; age.secrets.muflax.file = ../../../secrets/http.muflax.age;
@ -47,36 +52,57 @@
private_key = config.age.secrets.muflax.path; private_key = config.age.secrets.muflax.path;
}; };
}; };
services.nginx = { services.nginx.commonHttpConfig = ''
enable = true; access_log off;
commonHttpConfig = "access_log off;"; '';
virtualHosts = { services.nginx.virtualHosts = {
"yori.cc" = { "yori.cc" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
globalRedirect = "yorickvanpelt.nl"; globalRedirect = "yorickvanpelt.nl";
}; };
"yorickvanpelt.nl".locations."/p1".return = "yorickvanpelt.nl".locations."/p1".return =
"301 https://git.yori.cc/yorick/meterkast"; "301 https://git.yori.cc/yorick/meterkast";
"pub.yori.cc".locations."/muflax/".extraConfig = '' "grafana.yori.cc" = sslforward "http://${vpn.ips.frumar}:3000";
rewrite ^/muflax/(.*)$ https://alt.muflax.church/$1 permanent; #"ubiquiti.yori.cc" = sslforward "https://${vpn.ips.frumar}:8443";
"prometheus.yori.cc" = {
# only over vpn
listen = [{
addr = "10.209.0.1";
port = 80;
}];
locations."/".proxyPass = "http://10.209.0.3:9090";
};
"pub.yori.cc".locations."/muflax/".extraConfig = ''
rewrite ^/muflax/(.*)$ https://alt.muflax.church/$1 permanent;
'';
"plex.yori.cc" = (sslforward "http://${vpn.ips.frumar}:32400") // {
extraConfig = ''
gzip on;
gzip_vary on;
gzip_min_length 1000;
gzip_proxied any;
gzip_types text/plain text/css text/xml application/xml text/javascript application/x-javascript image/svg+xml;
proxy_http_version 1.1;
proxy_buffering off;
''; '';
}; };
"media.yori.cc" = sslforward "http://${vpn.ips.frumar}:32001";
}; };
networking.firewall.allowedUDPPorts = [ 31790 ]; # wg
networking.wireguard.interfaces.wg-y.peers = lib.mkForce (lib.mapAttrsToList
(machine: publicKey: {
inherit publicKey;
allowedIPs = [ "${vpn.ips.${machine}}/32" ];
}) vpn.keys);
services.prometheus.exporters.wireguard = { enable = true; };
networking.firewall.interfaces.wg-y.allowedTCPPorts = [ 9586 ];
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
environment.noXlibs = true;
users.users.yorick.packages = with pkgs; [
sshfs-fuse
weechat
ripgrep
];
# TODO: reload cert in weechat
security.acme.certs."pennyworth.yori.cc".postRun = ''
cat fullchain.pem key.pem > /home/yorick/.weechat/ssl/relay.pem
chown yorick:users /home/yorick/.weechat/ssl/relay.pem
chmod 0600 $_
'';
users.users.yorick.packages = with pkgs; [ sshfs-fuse weechat ripgrep ];
networking.firewall.allowedTCPPorts = [ 60307 ]; # weechat relay
age.secrets.yobot.file = ../../../secrets/yobot.toml.age;
services.yobot = {
enable = true;
configFile = config.age.secrets.yobot.path;
};
} }

3
nixos/machines/pennyworth/hetznercloud.nix
View file

@ -9,6 +9,7 @@
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
boot.loader.grub = { boot.loader.grub = {
enable = true; enable = true;
version = 2;
device = "/dev/sda"; device = "/dev/sda";
}; };
@ -21,7 +22,7 @@
nix.settings.max-jobs = lib.mkDefault 1; nix.settings.max-jobs = lib.mkDefault 1;
#services.nscd.enable = false; #services.nscd.enable = false;
networking.useDHCP = false; networking.dhcpcd.enable = false;
systemd.network.enable = true; systemd.network.enable = true;
systemd.network.networks."40-hetzner" = { systemd.network.networks."40-hetzner" = {
DHCP = "ipv4"; DHCP = "ipv4";

6
nixos/machines/smithers/default.nix
View file

@ -7,10 +7,4 @@
yorick.lumi-cache.enable = lib.mkForce false; yorick.lumi-cache.enable = lib.mkForce false;
system.stateVersion = "21.05"; system.stateVersion = "21.05";
services.flatpak.enable = true;
yorick.dk-vpn = {
enable = true;
ip = "10.100.0.6";
};
} }

2
nixos/machines/smithers/x11-hardware-config.nix
View file

@ -36,4 +36,6 @@
swapDevices = [ ]; swapDevices = [ ];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
# high-resolution display
hardware.video.hidpi.enable = lib.mkDefault true;
} }

21
nixos/machines/smithers/x11.nix
View file

@ -13,10 +13,7 @@
boot.supportedFilesystems = [ "zfs" ]; boot.supportedFilesystems = [ "zfs" ];
boot.kernelPackages = pkgs.zfs.latestCompatibleLinuxPackages; boot.kernelPackages = pkgs.zfs.latestCompatibleLinuxPackages;
networking.wireless = { networking.wireless.iwd.enable = true;
enable = false;
iwd.enable = true;
};
networking.hostId = "54a8968e"; networking.hostId = "54a8968e";
services.zfs.autoScrub.enable = true; services.zfs.autoScrub.enable = true;
@ -24,16 +21,8 @@
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;
services.fprintd.enable = true; services.fprintd.enable = true;
boot = { boot.initrd.availableKernelModules = [ "i915" ];
initrd.availableKernelModules = [ "i915" ]; boot.loader.timeout = 1;
# flickerfree boot.kernelParams = [ "i915.fastboot=1" ];
initrd.systemd.enable = true; #boot.plymouth.enable = true;
initrd.verbose = false;
plymouth.enable = true;
consoleLogLevel = 0;
kernelParams = [ "quiet" "udev.log_level=3" "i915.fastboot=1" ];
};
boot.loader.timeout = 0;
networking.dhcpcd.extraConfig = "noarp";
} }

166
nixos/modules/acme-sh.nix Normal file
View file

@ -0,0 +1,166 @@
# SPDX-FileCopyrightText: 2020 Serokell <https://serokell.io/>
#
# SPDX-License-Identifier: MPL-2.0
{ config, lib, pkgs, ... }:
let
cfg = config.services.acme-sh;
# todo: upstream into serokell.nix
dnstype = lib.types.enum [ "dns_aws" "dns_dnsimple" "dns_transip" ];
submod = with lib; config: {
domains = mkOption {
type = types.coercedTo
(types.listOf types.str)
(f: lib.genAttrs f (x: config.dns)) (types.attrsOf dnstype);
default = { "${config.mainDomain}" = config.dns; };
};
mainDomain = mkOption {
type = types.str;
description = "domain to use as primary domain for the cert";
};
postRun = mkOption {
type = types.str;
default = "true";
};
keyFile = mkOption {
type = types.str;
default = "/dev/null";
};
user = mkOption {
type = types.str;
default = "root";
description = "User running the ACME client.";
};
group = mkOption {
type = types.str;
default = "root";
description = "Group running the ACME client.";
};
server = mkOption {
type = types.str;
default = "letsencrypt";
description = "Certificate Authority to use";
};
dns = mkOption {
type = dnstype;
};
renewInterval = mkOption {
type = types.str;
default = "weekly";
description = ''
Systemd calendar expression when to check for renewal. See
<citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>.
'';
};
production = mkOption {
type = types.bool;
default = true;
};
statePath = mkOption {
readOnly = true;
type = types.str;
};
keyPath = mkOption {
readOnly = true;
type = types.str;
};
certPath = mkOption {
readOnly = true;
type = types.str;
};
consulLock = mkOption {
type = types.nullOr types.str;
default = null;
example = "vault";
};
};
in
{
options.services.acme-sh = with lib; {
stateDir = lib.mkOption {
type = types.str;
default = "/var/lib/acme.sh";
};
certs = lib.mkOption {
type = types.attrsOf (types.submodule ({config, name, ...}: (with config; {
options = submod config;
config.statePath = "${cfg.stateDir}/${name}";
config.keyPath = "${statePath}/${mainDomain}/${mainDomain}.key";
config.certPath = "${statePath}/${mainDomain}/fullchain.cer";
})));
default = {};
};
};
config = {
systemd.services = lib.mapAttrs' (name: value: lib.nameValuePair "acme-sh-${name}" (with value; {
description = "Renew ACME Certificate for ${name}";
after =
[ "network.target" "network-online.target" ]
# wait for consul if we use it for locking
++ lib.optionals (consulLock != null) [ "consul.service" ];
wants = [ "network-online.target" ];
serviceConfig = {
Type = "oneshot";
PermissionsStartOnly = true;
User = user;
Group = group;
PrivateTmp = true;
EnvironmentFile = keyFile;
SuccessExitStatus = "0 2";
};
path = with pkgs; [ acme-sh systemd util-linuxMinimal procps ];
preStart = ''
mkdir -p ${cfg.stateDir}
chown 'root:root' ${cfg.stateDir}
chmod 755 ${cfg.stateDir}
mkdir -p "${statePath}"
chown -R '${user}:${group}' "${statePath}"
chmod 750 "${statePath}"
rm -f "${statePath}/renewed"
'';
environment.LE_WORKING_DIR = statePath;
environment.SHELL = "${pkgs.bash}/bin/bash";
script = let
mapDomain = name: dns: ''-d "${name}" --dns ${dns}'';
primary = mapDomain mainDomain domains."${mainDomain}";
domainsStr = lib.concatStringsSep " " ([primary] ++ (lib.remove primary (lib.mapAttrsToList mapDomain domains)));
cmd = ''acme.sh --server ${server} --issue ${lib.optionalString (!production) "--test"} ${domainsStr} --reloadcmd "touch ${statePath}/renewed" --syslog 6 > /dev/null'';
in
if consulLock == null then ''
${cmd}
rm -f "$LE_WORKING_DIR/account.conf"
'' else ''
# consul lock does not expose the exit code, because of platform compatiblity or something
# write it to the 'ecode' file, or exit 1 if it fails altogether
if ${config.services.consul.package}/bin/consul lock -verbose "${consulLock}" '${cmd}; echo $? > ${statePath}/ecode'; then
rm -f "$LE_WORKING_DIR/account.conf"
exit $(cat ${statePath}/ecode)
else
rm -f "$LE_WORKING_DIR/account.conf"
exit 1
fi
'';
postStart = ''
if [ -e "${statePath}/renewed" ]; then
${postRun}
rm -f "${statePath}/renewed"
fi
'';
})) cfg.certs;
systemd.timers = lib.mapAttrs' (name: value: lib.nameValuePair "acme-sh-${name}" (with value; {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = renewInterval;
Unit = "acme-sh-${name}.service";
Persistent = "yes";
AccuracySec = "5m";
RandomizedDelaySec = "1h";
};
})) cfg.certs;
};
}

26
nixos/modules/dk-vpn.nix
View file

@ -1,26 +0,0 @@
{ config, name, lib, ... }:
let
cfg = config.yorick.dk-vpn;
in {
options.yorick.dk-vpn = with lib; {
enable = mkEnableOption "dk vpn";
ip = mkOption {
type = types.str;
example = "10.100.0.2";
};
};
config = lib.mkIf cfg.enable {
age.secrets.wg-dk.file = ../../secrets/wg.dk.${name}.age;
networking.wireguard.interfaces.wg-dk = {
privateKeyFile = config.age.secrets.wg-dk.path;
ips = [ "${cfg.ip}/32" ];
peers = [{
publicKey = "teCEYc4KWT6rGchNOp6sIFO0jmkhwTjv6reOzGscAm8=";
endpoint = "dk-1.datakami.nl:51820";
allowedIPs = [ "10.100.0.0/24" ];
persistentKeepalive = 25;
}];
};
};
}

8
nixos/modules/lumi-cache.nix
View file

@ -7,10 +7,10 @@ in {
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
age.secrets.nix-netrc.file = ../../secrets/nix-netrc.age; age.secrets.nix-netrc.file = ../../secrets/nix-netrc.age;
nix.settings = { nix = {
substituters = [ "https://cache.lumi.guide/?priority=50" ]; settings.substituters = [ "https://cache.lumi.guide/" ];
netrc-file = lib.mkForce config.age.secrets.nix-netrc.path; settings.netrc-file = config.age.secrets.nix-netrc.path;
trusted-public-keys = [ settings.trusted-public-keys = [
"cache.lumi.guide-1:z813xH+DDlh+wvloqEiihGvZqLXFmN7zmyF8wR47BHE=" "cache.lumi.guide-1:z813xH+DDlh+wvloqEiihGvZqLXFmN7zmyF8wR47BHE="
]; ];
}; };

55
nixos/modules/marvin-tracker.nix
View file

@ -1,55 +0,0 @@
{ config, lib, pkgs, ... }:
let cfg = config.services.yorick.marvin-tracker; in
{
options.services.yorick.marvin-tracker = with lib; {
enable = mkEnableOption "Marvin Tracker server";
host = mkOption {
default = "::1";
type = types.str;
};
port = mkOption {
default = 4008;
type = types.port;
};
package = mkOption {
default = pkgs.marvin-tracker;
type = types.package;
};
mqtt.topic = mkOption {
default = "yorick/marvin/tracking";
type = types.str;
};
mqtt.host = mkOption {
default = "localhost";
type = types.str;
};
secretFile = mkOption {
type = types.path;
default = "/dev/null";
};
api_hash = mkOption {
type = types.str;
default = "z6mzC2TGdVCRuFE+oCrwj1GCHyP6OzYcPKZDiO/yLdqpmChC6S7ijCEUSY5gtqhpXhtYeDRyBjNeVJ/0Se4jQQ==";
description = "public key for the secret header value";
};
};
config = lib.mkIf cfg.enable {
systemd.services.marvin-tracker = {
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
DynamicUser = true;
Restart = "on-failure";
ExecStart = "${cfg.package}/index.js";
EnvironmentFile = cfg.secretFile;
};
environment = {
HOST = cfg.host;
PORT = toString cfg.port;
TOPIC = cfg.mqtt.topic;
API_HASH = cfg.api_hash;
};
};
};
}

10
nixos/modules/nginx.nix
View file

@ -1,6 +1,14 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let
sslcfg = dir: ''
ssl on;
ssl_certificate_key ${dir}/key.pem;
ssl_certificate ${dir}/fullchain.pem;
ssl_trusted_certificate ${dir}/fullchain.pem;
add_header Strict-Transport-Security max-age=15768000;
'';
{ in {
config = lib.mkIf config.services.nginx.enable { config = lib.mkIf config.services.nginx.enable {
services.nginx = { services.nginx = {
recommendedTlsSettings = true; recommendedTlsSettings = true;

65
nixos/modules/selfsigned.nix
View file

@ -1,65 +0,0 @@
{ pkgs, config, lib, ...}: let
cfg = config.security.y-selfsigned;
in {
options.security.y-selfsigned = with lib; {
enable = mkEnableOption "Enable generating a self-signed certificate";
directory = mkOption {
type = types.str;
default = "/var/lib/selfsign";
description = "Directory to store the self-signed certificate";
};
domain = mkOption {
type = types.str;
default = "selfsigned.local";
description = "Domain to generate the self-signed certificate for";
};
sslCertificate = mkOption {
type = types.str;
readOnly = true;
default = "${cfg.directory}/${cfg.domain}/cert.pem";
description = "Path to the self-signed certificate";
};
sslCertificateKey = mkOption {
type = types.str;
readOnly = true;
default = "${cfg.directory}/${cfg.domain}/key.pem";
description = "Path to the self-signed certificate key";
};
user = mkOption {
type = types.str;
default = "nginx";
description = "User to run the self-signed certificate generator as";
};
group = mkOption {
type = types.str;
default = "nginx";
description = "Group to run the self-signed certificate generator as";
};
};
config = lib.mkIf cfg.enable {
systemd.tmpfiles.rules = lib.mkAfter [
"d ${cfg.directory} 0700 ${cfg.user} ${cfg.group}"
];
systemd.services."y-selfsigned-ca" = {
description = "Generate self-signed fallback";
path = with pkgs; [ minica ];
unitConfig = {
ConditionPathExists = "!${cfg.sslCertificateKey}";
StartLimitIntervalSec = 0;
};
serviceConfig = {
User = cfg.user;
Group = cfg.group;
UMask = "0077";
Type = "oneshot";
PrivateTmp = true;
WorkingDirectory = cfg.directory;
};
script = "minica --domains ${cfg.domain}";
};
systemd.services.nginx = {
requires = [ "y-selfsigned-ca.service" ];
after = [ "y-selfsigned-ca.service" ];
};
};
}

1
nixos/overlay.nix
View file

@ -9,7 +9,6 @@ in pkgs: super: {
modules = modules =
[ ({ lib, ... }: { [ ({ lib, ... }: {
config.nixpkgs.pkgs = lib.mkDefault pkgs; config.nixpkgs.pkgs = lib.mkDefault pkgs;
config.nixpkgs.flake.source = pkgs.flake-inputs.nixpkgs;
config._module.args = extraArgs; config._module.args = extraArgs;
}) ] }) ]
++ (if builtins.isList configuration then ++ (if builtins.isList configuration then

7
nixos/roles/datakami.nix
View file

@ -1,7 +0,0 @@
{ lib, ... }: {
services.nginx.virtualHosts."dk-stage.yori.cc" = {
forceSSL = true;
enableACME = true;
globalRedirect = "staging.datakami.nl";
};
}

34
nixos/roles/default.nix
View file

@ -4,25 +4,22 @@ let
vpn = import ../vpn.nix; vpn = import ../vpn.nix;
in { in {
imports = [ imports = [
inputs.agenix.nixosModules.default inputs.agenix.nixosModule
inputs.fooocus.nixosModules.default ../modules/acme-sh.nix
../modules/dk-vpn.nix
../modules/tor-hidden-service.nix ../modules/tor-hidden-service.nix
../modules/nginx.nix ../modules/nginx.nix
../modules/lumi-cache.nix ../modules/lumi-cache.nix
../modules/lumi-vpn.nix ../modules/lumi-vpn.nix
../modules/marvin-tracker.nix
../modules/muflax-blog.nix ../modules/muflax-blog.nix
../modules/selfsigned.nix
../services ../services
]; ];
age.secrets = { age.secrets = {
root-user-pass.file = ../../secrets/root-user-pass.age; root-user-pass.file = ../../secrets/root-user-pass.age;
yorick-user-pass.file = ../../secrets/yorick-user-pass.age; yorick-user-pass.file = ../../secrets/yorick-user-pass.age;
nix-netrc-yorick.file = ../../secrets/nix-netrc-yorick.age;
}; };
nix.package = pkgs.lix; nix.nixPath = [];# "nixpkgs=${pkgs.path}" ];
nix.registry.nixpkgs.flake = inputs.nixpkgs;
networking.domain = "yori.cc"; networking.domain = "yori.cc";
networking.hostName = machine; networking.hostName = machine;
@ -32,7 +29,7 @@ in {
openssh.authorizedKeys.keys = openssh.authorizedKeys.keys =
config.users.users.yorick.openssh.authorizedKeys.keys; config.users.users.yorick.openssh.authorizedKeys.keys;
# root password is useful from console, ssh has password logins disabled # root password is useful from console, ssh has password logins disabled
hashedPasswordFile = config.age.secrets.root-user-pass.path; # TODO: generate own passwordFile = config.age.secrets.root-user-pass.path; # TODO: generate own
}; };
services.timesyncd.enable = true; services.timesyncd.enable = true;
@ -42,12 +39,12 @@ in {
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" ];
group = "users"; group = "users";
openssh.authorizedKeys.keys = with (import ../sshkeys.nix); yorick; openssh.authorizedKeys.keys = with (import ../sshkeys.nix); yorick;
hashedPasswordFile = config.age.secrets.yorick-user-pass.path; passwordFile = config.age.secrets.yorick-user-pass.path;
createHome = true; createHome = true;
}; };
# Nix # Nix
# nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
#nix.buildCores = config.nix.maxJobs; #nix.buildCores = config.nix.maxJobs;
nix.extraOptions = '' nix.extraOptions = ''
@ -59,8 +56,8 @@ in {
services.openssh = { services.openssh = {
enable = true; enable = true;
settings.PasswordAuthentication = false; passwordAuthentication = false;
settings.KbdInteractiveAuthentication = false; kbdInteractiveAuthentication = false;
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -82,7 +79,6 @@ in {
hdparm hdparm
lm_sensors lm_sensors
ncdu ncdu
attic
# utils # utils
file file
@ -130,6 +126,8 @@ in {
}; };
security.acme.defaults.email = "acme@yori.cc"; security.acme.defaults.email = "acme@yori.cc";
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
nix.settings.trusted-public-keys =
[ "yorick:Pmd0gyrTvVdzpQyb/raHJKdoOag8RLaj434qBgMm4I0=" ];
nix.settings.trusted-users = [ "@wheel" ]; nix.settings.trusted-users = [ "@wheel" ];
services.prometheus.exporters.node = { services.prometheus.exporters.node = {
@ -139,14 +137,4 @@ in {
}; };
networking.firewall.interfaces.wg-y.allowedTCPPorts = [ 9100 ]; networking.firewall.interfaces.wg-y.allowedTCPPorts = [ 9100 ];
xdg.autostart.enable = false; xdg.autostart.enable = false;
nix.settings = {
substituters = [ "https://cache.yori.cc/yorick" ];
netrc-file = config.age.secrets.nix-netrc-yorick.path;
trusted-public-keys = [
"yorick:sWqvIllvDhMS9vcWyk4+zSk9L6zq8UgcLPEEQJsAdW4="
];
};
fonts.fontconfig.subpixel.rgba = "rgb";
} }

2
nixos/roles/homeserver.nix
View file

@ -5,7 +5,7 @@
}; };
services.avahi = { services.avahi = {
enable = true; enable = true;
nssmdns4 = true; nssmdns = true;
publish = { publish = {
enable = true; enable = true;
addresses = true; addresses = true;

9
nixos/roles/server.nix
View file

@ -3,21 +3,14 @@
services.sshguard.enable = true; services.sshguard.enable = true;
programs.mosh.enable = true; programs.mosh.enable = true;
# environment.noXlibs = true; environment.noXlibs = true;
networking.firewall.logRefusedConnections = networking.firewall.logRefusedConnections =
false; # Silence logging of scanners and knockers false; # Silence logging of scanners and knockers
nix.settings.allowed-users = [ "@wheel" ];
# TODO: upstream with noXlibs # TODO: upstream with noXlibs
nixpkgs.overlays = [ nixpkgs.overlays = [
(self: super: { (self: super: {
libdecor = null; libdecor = null;
imagemagick = super.imagemagick.override {
libheifSupport = false;
ghostscript = super.ghostscript.override {
cupsSupport = false;
};
};
}) })
]; ];
} }

42
nixos/roles/workstation.nix
View file

@ -1,7 +1,6 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
services.fwupd.enable = true; services.fwupd.enable = true;
programs.fish.enable = true;
users.users.yorick = { users.users.yorick = {
extraGroups = [ "input" "wireshark" "dialout" "video" "libvirtd" ]; extraGroups = [ "input" "wireshark" "dialout" "video" "libvirtd" ];
shell = pkgs.fish; shell = pkgs.fish;
@ -18,7 +17,18 @@
"${gsettings-desktop-schemas}/share/gsettings-schemas/${gsettings-desktop-schemas.name}" "${gsettings-desktop-schemas}/share/gsettings-schemas/${gsettings-desktop-schemas.name}"
# emacs? # emacs?
]; ];
nix.gc.automatic = lib.mkOverride 30 false; nix = {
gc.automatic = pkgs.lib.mkOverride 30 false;
settings.substituters = [
"https://cache.nixos.org"
#"s3://yori-nix?endpoint=s3.eu-central-003.backblazeb2.com&profile=backblaze-read"
#"https://nixpkgs-wayland.cachix.org"
];
settings.trusted-public-keys = [
#"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
"yorick:Pmd0gyrTvVdzpQyb/raHJKdoOag8RLaj434qBgMm4I0="
];
};
virtualisation.libvirtd.enable = true; virtualisation.libvirtd.enable = true;
# fix glasgow, fomu, backlight # fix glasgow, fomu, backlight
services.udev.extraRules = '' services.udev.extraRules = ''
@ -37,29 +47,28 @@
# development # development
services.postgresql = { services.postgresql = {
enable = false; enable = true;
enableTCPIP = true; enableTCPIP = true;
package = pkgs.postgresql_11; package = pkgs.postgresql_10;
}; };
# git # git
boot.kernel.sysctl."fs.inotify.max_user_watches" = 1024000000; boot.kernel.sysctl."fs.inotify.max_user_watches" = 1024000000;
yorick.lumi-vpn.enable = false; yorick.lumi-vpn.enable = true;
yorick.lumi-cache.enable = true; yorick.lumi-cache.enable = true;
security.rtkit.enable = true; security.rtkit.enable = true;
services.pipewire = { services.pipewire = {
enable = true; enable = true;
# TODO (segfaults, 192044)
package = pkgs.pipewire.override { libcameraSupport = false; };
alsa.enable = true; alsa.enable = true;
alsa.support32Bit = true; # todo: support32bit? alsa.support32Bit = true; # todo: support32bit?
pulse.enable = true; pulse.enable = true;
}; };
# bluetooth battery indicator # attempted to get bluetooth battery indicator
hardware.bluetooth = { hardware.bluetooth.package = pkgs.bluez5-experimental;
package = pkgs.bluez5-experimental;
settings.General.Experimental = true;
};
xdg.portal = { xdg.portal = {
enable = true; enable = true;
wlr.enable = true; wlr.enable = true;
@ -73,19 +82,12 @@
fonts = { fonts = {
fontDir.enable = true; fontDir.enable = true;
enableGhostscriptFonts = true; enableGhostscriptFonts = true;
packages = with pkgs; [ fonts = with pkgs; [
corefonts # Micrsoft free fonts corefonts # Micrsoft free fonts
inconsolata # monospaced inconsolata # monospaced
source-code-pro source-code-pro
ubuntu_font_family # Ubuntu fonts ubuntu_font_family # Ubuntu fonts
source-han-sans source-han-sans
(nerdfonts.override {
fonts = [
"DejaVuSansMono"
"Noto"
"NerdFontsSymbolsOnly"
];
})
iosevka iosevka
emojione emojione
font-awesome font-awesome
@ -102,7 +104,6 @@
dconf.enable = true; dconf.enable = true;
noisetorch.enable = true; noisetorch.enable = true;
wireshark.enable = true; wireshark.enable = true;
kdeconnect.enable = true;
sway = { sway = {
enable = true; enable = true;
extraSessionCommands = '' extraSessionCommands = ''
@ -113,7 +114,4 @@
}; };
}; };
services.pcscd.enable = true; services.pcscd.enable = true;
services.xserver.gdk-pixbuf.modulePackages = [ pkgs.webp-pixbuf-loader ];
hardware.ledger.enable = true;
} }

2
nixos/services/backup.nix
View file

@ -20,7 +20,7 @@
# Define schedule # Define schedule
startAt = "hourly"; startAt = "hourly";
repo = "zh3213@zh3213.rsync.net:${name}"; repo = "14337@ch-s012.rsync.net:${name}";
paths = [ "/home" "/root" "/var/lib" ]; paths = [ "/home" "/root" "/var/lib" ];
prune.keep = { prune.keep = {

39
nixos/services/calibre-web.nix
View file

@ -1,39 +0,0 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.yorick.calibre-web;
in {
options.services.yorick.calibre-web = with lib; {
enable = mkEnableOption "calibre-web";
vhost = mkOption { type = types.str; };
};
config = lib.mkIf cfg.enable {
services.calibre-web = {
enable = true;
options = {
enableBookUploading = true;
#enableBookConversion = true;
enableKepubify = true;
};
};
services.nginx.virtualHosts.${cfg.vhost} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://[::1]:8083";
proxyWebsockets = true;
extraConfig = ''
client_max_body_size 64M;
'';
};
locations."/kobo/" = {
proxyPass = "http://[::1]:8083/kobo/";
extraConfig = ''
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
'';
};
};
};
}

11
nixos/services/default.nix
View file

@ -1,11 +1,4 @@
{ {
imports = [ imports =
./calibre-web.nix [ ./git.nix ./muflax-church.nix ./pub.nix ./website.nix ./torrent-wg.nix ];
./git.nix
./muflax-church.nix
./pub.nix
./vpn-host.nix
./website.nix
./torrent-wg.nix
];
} }

7
nixos/services/email.nix
View file

@ -2,7 +2,6 @@
{ {
imports = [ inputs.nixos-mailserver.nixosModule ]; imports = [ inputs.nixos-mailserver.nixosModule ];
age.secrets.yorick-mail-pass.file = ../../secrets/yorick-mail-pass.age; age.secrets.yorick-mail-pass.file = ../../secrets/yorick-mail-pass.age;
age.secrets.frumar-mail-pass-hash.file = ../../secrets/frumar-mail-pass-hash.age;
mailserver = rec { mailserver = rec {
enable = true; enable = true;
@ -14,12 +13,8 @@
catchAll = domains; catchAll = domains;
aliases = [ "@yori.cc" "@yorickvanpelt.nl" ]; aliases = [ "@yori.cc" "@yorickvanpelt.nl" ];
}; };
"frumar@yori.cc" = {
hashedPasswordFile = config.age.secrets.frumar-mail-pass-hash.path;
sendOnly = true;
};
}; };
certificateScheme = "acme-nginx"; certificateScheme = 3;
enableImapSsl = true; enableImapSsl = true;
}; };

49
nixos/services/git.nix
View file

@ -11,38 +11,34 @@ in {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.extraUsers.git = { users.extraUsers.git = {
createHome = true; createHome = true;
home = config.services.forgejo.stateDir; home = config.services.gitea.stateDir;
group = "git"; group = "git";
useDefaultShell = true; useDefaultShell = true;
isSystemUser = true; isSystemUser = true;
}; };
users.groups.git = {}; users.groups.git = {};
services.forgejo = { services.gitea = {
enable = true; enable = true;
user = "git"; user = "git";
database.user = "root"; database.user = "root";
database.name = "gogs"; database.name = "gogs";
database.createDatabase = false; database.createDatabase = false;
#dump.enable = true; TODO: backups #dump.enable = true; TODO: backups
settings = { domain = cfg.vhost;
server = { rootUrl = "https://${cfg.vhost}/";
ROOT_URL = "https://${cfg.vhost}/"; httpAddress = "localhost";
HTTP_ADDR = "localhost"; settings.log.LEVEL = "Warn";
DOMAIN = cfg.vhost; settings.service = {
}; DISABLE_REGISTRATION = true;
log.LEVEL = "Warn"; REGISTER_EMAIL_CONFIRM = false;
service = { COOKIE_SECURE = true;
DISABLE_REGISTRATION = true; ENABLE_NOTIFY_MAIL = false;
REGISTER_EMAIL_CONFIRM = false; REQUIRE_SIGNIN_VIEW = false;
COOKIE_SECURE = true; };
ENABLE_NOTIFY_MAIL = false; settings.picture.DISABLE_GRAVATAR = false;
REQUIRE_SIGNIN_VIEW = false; settings.mailer = {
}; ENABLED = false;
picture.DISABLE_GRAVATAR = false; AVATAR_UPLOAD_PATH = "${config.services.gitea.stateDir}/data/avatars";
mailer = {
ENABLED = false;
AVATAR_UPLOAD_PATH = "${config.services.forgejo.stateDir}/data/avatars";
};
}; };
}; };
services.nginx.virtualHosts.${vhost} = { services.nginx.virtualHosts.${vhost} = {
@ -50,20 +46,11 @@ in {
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
proxyPass = proxyPass =
"http://127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}"; "http://127.0.0.1:${toString config.services.gitea.httpPort}";
extraConfig = '' extraConfig = ''
proxy_buffering off; proxy_buffering off;
''; '';
}; };
}; };
services.borgbackup.jobs.backup.exclude = let
sd = config.services.forgejo.stateDir;
in [
"${sd}/data/tmp"
"${sd}/tmp"
"${sd}/data/repo-archive"
"${sd}/log"
];
}; };
} }

11
nixos/services/torrent-wg.nix
View file

@ -9,12 +9,13 @@ in {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
age.secrets.wg-torrent.file = ../../secrets/wg.${cfg.name}.age; age.secrets.wg-torrent.file = ../../secrets/wg.${cfg.name}.age;
networking.wireguard.interfaces.${cfg.name} = { networking.wireguard.interfaces.${cfg.name} = {
ips = [ "10.0.34.127/32" "2a0e:1c80:1337:1:10:0:34:127/128" ]; # curl -s https://api.mullvad.net/www/relays/all/ | jq '.[] | select(.type == "wireguard" and .country_code == "nl")'
ips = [ "10.66.30.26/32" "fc00:bbbb:bbbb:bb01::3:1e19/128" ];
privateKeyFile = config.age.secrets.wg-torrent.path; privateKeyFile = config.age.secrets.wg-torrent.path;
peers = [{ peers = [{
publicKey = "W+LE+uFRyMRdYFCf7Jw0OPERNd1bcIm0gTKf/traIUk="; publicKey = "hnRyse6QxPPcZOoSwRsHUtK1W+APWXnIoaDTmH6JsHQ=";
allowedIPs = [ "0.0.0.0/0" "::0/0" ]; allowedIPs = [ "0.0.0.0/0" "::0/0" ];
endpoint = "nl-ams.azirevpn.net:51820"; endpoint = "[2a03:1b20:3:f011::a04f]:51820";
}]; }];
interfaceNamespace = cfg.namespace; interfaceNamespace = cfg.namespace;
preSetup = '' preSetup = ''
@ -22,9 +23,7 @@ in {
''; '';
}; };
environment.etc."netns/torrent/resolv.conf".text = '' environment.etc."netns/torrent/resolv.conf".text = ''
nameserver 91.231.153.2 nameserver 193.138.218.74
nameserver 192.211.0.2
nameserver 2a0e:1c80:1337:1:10:0:0:1
''; '';
}; };
} }

25
nixos/services/vpn-host.nix
View file

@ -1,25 +0,0 @@
{ config, lib, pkgs, ... }:
let cfg = config.services.yorick.vpn-host;
in {
options.services.yorick.vpn-host = with lib; {
enable = mkEnableOption "vpn-host";
};
config = lib.mkIf cfg.enable {
services.prometheus.exporters.wireguard.enable = true;
networking = {
firewall = {
allowedUDPPorts = [ 31790 ]; # wg
interfaces.wg-y.allowedTCPPorts = [ 9586 ]; # wireguard exporter
};
wireguard.interfaces.wg-y.peers = let vpn = import ../vpn.nix;
in lib.mkForce (lib.mapAttrsToList (machine: publicKey: {
inherit publicKey;
allowedIPs = [ "${vpn.ips.${machine}}/32" ];
}) vpn.keys);
};
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
};
}

16
nixos/sshkeys.nix
View file

@ -6,20 +6,6 @@
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFQm2OJ8PlnDHfI7FV3hddXP0t2jgKAiCnnuWIc+LK4dnyGmlC/ihIe9KhSENZEnzVAXnYAMOoOvpkVa5p0Itf1n0anCK3k2vDq0Jz9nY3ZXmkSHE09QGCpSG8kU6j+zWJPo2jWYNtxYMRmmHAuzzOdlPY9Q199PEvHVaqzpSVhIdhqhEcmap8oqHW6KbJu+17nLGGQB5XiTB1SlTxbg62copA9KMcvQzNGIooKs5QyrU/B0g05EfbogH7xOLbwYAK676DTUBEcKpEUYFMMv+DBcU4cH2EI6UTLxI5ohrS1pxk20zu5nTRMlQRUETpWN4EbEPfOzF8FW1YOwdttfCas8D6Y6t9gA4o8GpylBG9AElVw7VyOFeBR+AtchormH+wH6nZEvzs6wg2d84I8xo5qYGUJIQS7OYxypjlY01IFCCa/7rjzXGDmdWAP/UEu85ys9FSryn9Ey5DXDQOqhMHguOwQDUyaArWyRCCBzKbx6cPZw2D9bLfDxbnaC2/5dVyxHJXoWmwneX2E/UT5QwtG1nyLShIZhYgO9lfDpO61Mz9Jjap3sj6mJPxHZc5SGye0j47xV6kX4vbSgfoSHHnasaI3fR2ZBS7tnfq1ebxXqFFSPHK6uHjLgDHtkMisvjOVZnybuXB296pjv6K1o2G3qlUnImOqfxZxvuy4Xl/mw== cardno:000607186578" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFQm2OJ8PlnDHfI7FV3hddXP0t2jgKAiCnnuWIc+LK4dnyGmlC/ihIe9KhSENZEnzVAXnYAMOoOvpkVa5p0Itf1n0anCK3k2vDq0Jz9nY3ZXmkSHE09QGCpSG8kU6j+zWJPo2jWYNtxYMRmmHAuzzOdlPY9Q199PEvHVaqzpSVhIdhqhEcmap8oqHW6KbJu+17nLGGQB5XiTB1SlTxbg62copA9KMcvQzNGIooKs5QyrU/B0g05EfbogH7xOLbwYAK676DTUBEcKpEUYFMMv+DBcU4cH2EI6UTLxI5ohrS1pxk20zu5nTRMlQRUETpWN4EbEPfOzF8FW1YOwdttfCas8D6Y6t9gA4o8GpylBG9AElVw7VyOFeBR+AtchormH+wH6nZEvzs6wg2d84I8xo5qYGUJIQS7OYxypjlY01IFCCa/7rjzXGDmdWAP/UEu85ys9FSryn9Ey5DXDQOqhMHguOwQDUyaArWyRCCBzKbx6cPZw2D9bLfDxbnaC2/5dVyxHJXoWmwneX2E/UT5QwtG1nyLShIZhYgO9lfDpO61Mz9Jjap3sj6mJPxHZc5SGye0j47xV6kX4vbSgfoSHHnasaI3fR2ZBS7tnfq1ebxXqFFSPHK6uHjLgDHtkMisvjOVZnybuXB296pjv6K1o2G3qlUnImOqfxZxvuy4Xl/mw== cardno:000607186578"
]; ];
lars = [ lars = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCbieYUtRGQ4nf4glQvrZDn72doP6W2uw2z9VqFq5sZLROXYa4jW8nwx4h+BiArGs+VPwn6lfsP19PX6yNIk74C/SkO26S1Zvbe7ffNusi6PH2BQIOWeAYKk+eZH+ZOeD8z07uDB7QffwRLwzSaPFg+zfRzsMFoXH/GE9qOQ4lnfk8czTZL7zbZf/yS7mDFztClXFciYsVwgRXNiFpfc+9mOkU0oBWtGo/WGUhB0Hds3a4ylyjjVAcC/l1H2bvc/Q3d6bbn23pUFl2V78Yg1B4b1MT34qbBV6whXAQd7KM9tND2ZhpF2XQ7Spi1QlOac0jup+sE+3bbvcjNqTI05DwJO/dX5F2gSAFkvSY4ZPqSX5ilE/hj4DQuhRgLmQdbVl5IFV9aLYqUvJcCqX9jRFMly4YTFXsFz18rGkxOYGZabcE1usBM2zRVDTtEP6Si5ii76Ocvp8aNFBB2Kf1whg8tziTv3kQEQ9fd2sRtE2J3xveJiwXjUBU2uikSOKe8JP47Tb6PYlv7Ty/6OI51aUQn++R72VNajdBJ1r1osp7leqTJ+sXuLlWLo/a7lDpDmgEI7dbxqmpjLcMce0JzqLKlP1Q2U/nkYy86xkjSTH1rNUI2JAbJx3iTcGy7bq12yfjNfcGAqY4GVXvisK1cpbF0RCjaFExwtmzorljHh6ZHjQ== openpgp:0x60F7D1FD" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCbieYUtRGQ4nf4glQvrZDn72doP6W2uw2z9VqFq5sZLROXYa4jW8nwx4h+BiArGs+VPwn6lfsP19PX6yNIk74C/SkO26S1Zvbe7ffNusi6PH2BQIOWeAYKk+eZH+ZOeD8z07uDB7QffwRLwzSaPFg+zfRzsMFoXH/GE9qOQ4lnfk8czTZL7zbZf/yS7mDFztClXFciYsVwgRXNiFpfc+9mOkU0oBWtGo/WGUhB0Hds3a4ylyjjVAcC/l1H2bvc/Q3d6bbn23pUFl2V78Yg1B4b1MT34qbBV6whXAQd7KM9tND2ZhpF2XQ7Spi1QlOac0jup+sE+3bbvcjNqTI05DwJO/dX5F2gSAFkvSY4ZPqSX5ilE/hj4DQuhRgLmQdbVl5IFV9aLYqUvJcCqX9jRFMly4YTFXsFz18rGkxOYGZabcE1usBM2zRVDTtEP6Si5ii76Ocvp8aNFBB2Kf1whg8tziTv3kQEQ9fd2sRtE2J3xveJiwXjUBU2uikSOKe8JP47Tb6PYlv7Ty/6OI51aUQn++R72VNajdBJ1r1osp7leqTJ+sXuLlWLo/a7lDpDmgEI7dbxqmpjLcMce0JzqLKlP1Q2U/nkYy86xkjSTH1rNUI2JAbJx3iTcGy7bq12yfjNfcGAqY4GVXvisK1cpbF0RCjaFExwtmzorljHh6ZHjQ=="
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOvdQ963wjgWyFMp6djRTqVwZr3/PQ/V+Qm5JTcxRTdY lumi@channelwood"
];
judith = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEAsov+RwE8719rmgk+wRnnw7rN6vybOc4fwKXmXZqVHv5hg0Q1Eoz8N4WC+qL4VXqyIm2mkfctUKhF5DKR8IGZs/k/ZmQ09jTZskB2Cm9oVhuGztgWLwXJcgARxaDYqVXYTwOCoMto67uHhGj9ZWyHSoo7FrinSOpBivBXYQl/y7QVVnSmGIS5dp4Ph1+fLrUxl744h+BxmrFEWt3+qaz0T6s7l6HjaoE5Yb6EWmxPunDtKz9HqsBM4Ixsv24//7gCi9AZkM3agODIEKnFVcgg1gxcgX5HwruHT6r/dwHEUlXs2Aka4uZRRaCcIdg/cvYvVDlmstKoVgzWhyZKZRgTHiVO4NHPMTyNMxB0R02myZYE097EC4yhVhvMxSC1JmEB2E40QoxdDPwi7YMQIGsDVsynRRDgp4MOExnuHXqxtb7PcYtG8jh4kRcO8jtW0EsuFOmP5QEui3NWSaF97DlMDQYm7Xmk/VuXg/Hnzz9xBKW/0/bAfLyp5ka9Y5WSGiyrAv0IkuUwGJQYYH2BZ6ua/aL1z+xoHBYF5BmIuahLPMkdWdAiUUAqvvSCJgDVd8n1W9zJ4LF7i3hwr1gg3/dgRjr7HczEiQyfc41SPlhQ93ZVIhE9oV11Xaq3d3VwA7tqTP6VE8IeLNBqqsLT9YnYdhg87d5ctXiq/I4sqxF5gNs="
];
dk-stage-deploy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHevKDi9QRssz0gUWGMg/s6SLU9mAdwvZDTbrD7EXoII";
mickey = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFEWVdhA7qgkHZogaGcCwmt6mqSUOtZoPbK6mCt0jWACj18eLZgjWHCzp+/YUtlmuJdNu9FyJZT2dbhJRwka34k69mFvg/z7mRgXlc9LbgRClDdynnK5SvBwfB7oswDzD7OKKopHENlSd7qB+KYTIx8+YIHmMGZVkpjDJXDXNksFWBlHldGvulj1pzFj29L0CdpFJGxLsfbSuuWWKB1tvKAMPiqKoJIEL/wkX0HsfCYSLF7aAVKtuqAZ2MVK+zZeeyIb7fHl2IOIq+wWJW6uUS2btxd0VDHbUUM6KyYqqYwRgCVDvijF/Q8nI0/3wf7vhjWu3LTr4F5M+UEVyUX8eNXRvFwdVcwJOk7Vz8giAqtU3s+4ypx4o3DmaxjQgqlpwSC0WUPx4UCXYKQDwpvN+T8Q3OMNYDBomUlMCSHsVSP1bUg/lSSdRq9H/behrMynF2/I7ZqH9lEK6SYEw/581qCozB56DIUME3frMq794fIkG+tayn08NsERYVKV9ETGZozvxYUpyLhpb1H6ISKqDJ27RVxSNMTSEeDSz8oMnOPHPajB/oPlTuLM57sYeBEp6unz5DUYXMZF0FaMW1KDyJwLtedz8GIHkaP7UqwDUqyDr5SDGmxeST1BDWAdS1ohg8/t4+aOrCkzCf1IQ9xDi6nWGHbvDXkKgDqbVIbd0XHQ=="
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvR12391V0zxBU6qp9+2R8XUtHL/MzvTjz1622XKuiL"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDP0iSb0fe09IfnggNi0Ybs1KQW2hSfc17TH+aBDN76z"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG5lZzAhmhzXWgx+BJDepeMTYqZdKMpKsbUaoZhWNYo5"
];
bram = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPojRFgeDYvDHOShfw3Rd3nB9RaZ3vxjiFNfejqjDiWM"
]; ];
} }

60
pkgs/countfftabs/count.cpp
View file

@ -37,67 +37,19 @@ padded_string read_mozlz4a_file(const std::string& file) {
return out; return out;
} }
std::string get_default_firefox_profile_path() {
std::string path = std::string(std::getenv("HOME")) + "/.mozilla/firefox/profiles.ini";
std::ifstream file(path);
if (file.is_open()) {
std::string line;
bool found = false;
std::string default_profile;
while (std::getline(file, line)) {
if (line.find("[General]") == 0) {
found = true;
} else if (found && line.find("Default=") == 0) {
default_profile = line.substr(8);
break;
}
}
file.close();
if (!default_profile.empty()) {
std::stringstream ss;
ss << std::string(std::getenv("HOME")) << "/.mozilla/firefox/" << default_profile;
return ss.str();
}
}
return "";
}
int main(int ac, char **av) { int main(int ac, char **av) {
ondemand::parser parser; ondemand::parser parser;
std::string path = get_default_firefox_profile_path(); if (ac < 2) {
bool print_json = false; std::cerr << "usage: " << av[0] << " .mozilla/firefox/*.default/sessionstore-backups/recovery.jsonlz4" << std::endl;
std::string json_file; exit(1);
// Check for --json flag
for (int i = 1; i < ac; i++) {
if (std::string(av[i]) == "--json") {
print_json = true;
if (i + 1 < ac) {
json_file = av[i + 1];
}
break;
}
} }
padded_string json = read_mozlz4a_file(av[1]);
if (ac < 2 && path.empty() && !print_json) {
std::cerr << "Could not find default Firefox profile" << std::endl;
std::cerr << "usage: " << av[0] << " .mozilla/firefox/*.default/sessionstore-backups/recovery.jsonlz4" << std::endl;
exit(1);
}
if (print_json) {
padded_string json = read_mozlz4a_file(json_file.empty() ? (ac > 2 ? av[2] : path + "/sessionstore-backups/recovery.jsonlz4") : json_file);
std::cout << json << std::endl;
exit(0);
}
padded_string json = read_mozlz4a_file(ac > 1 ? av[1] : path + "/sessionstore-backups/recovery.jsonlz4");
ondemand::document session = parser.iterate(json); ondemand::document session = parser.iterate(json);
ondemand::array windows = session["windows"]; ondemand::array windows = session["windows"];
size_t n = 0; size_t n = 0;
for (auto i : windows) { for (auto i : windows) {
ondemand::array tabs = i["tabs"]; ondemand::array tabs = i["tabs"];
n += tabs.count_elements(); n += tabs.count_elements();
} }
std::cout << n << std::endl; std::cout << n << std::endl;
} }

62
pkgs/default.nix
View file

@ -3,6 +3,8 @@
yori-cc = super.callPackage ./yori-cc.nix { }; yori-cc = super.callPackage ./yori-cc.nix { };
ftb = super.callPackage ./ftb.nix {}; ftb = super.callPackage ./ftb.nix {};
# todo: python 2 -> 3
pyroscope = self.nixpkgs-stable.callPackage ./pyroscope {};
yscripts = super.callPackage ../bin {}; yscripts = super.callPackage ../bin {};
factorio = super.factorio.override { factorio = super.factorio.override {
@ -31,65 +33,5 @@
runHook postInstall runHook postInstall
''; '';
}); });
wayland-push-to-talk-fix = self.callPackage ./wayland-push-to-talk-fix.nix {};
y-deployer = self.callPackage ../deployer/package.nix {};
inherit (self.nix-npm-buildpackage) buildYarnPackage;
marvin-tracker = self.callPackage ./marvin-tracker {};
grott = self.callPackage ./grott.nix {};
python3 = super.python3.override {
packageOverrides = pyself: pysuper: {
libscrc = pyself.callPackage ./libscrc.nix {};
};
};
xwaylandvideobridge = self.libsForQt5.callPackage ./xwaylandvideobridge.nix {};
timesync = self.flake-inputs.timesync.packages.${self.system}.default;
wl-clipboard = super.wl-clipboard.overrideAttrs (o: {
# todo: upstream
patches = (o.patches or []) ++ [
(self.fetchpatch {
url = "https://puck.moe/up/zapap-suhih.patch";
hash = "sha256-YiFDeBN1k2+lxVnWnU5sMpIJ7/zsVPEm5OZf0nHhzJA=";
})
];
});
notion-desktop = self.callPackage ./notion-desktop {
electron_26 = self.electron_27;
};
r8-cog = self.stdenvNoCC.mkDerivation rec {
pname = "cog";
version = "0.9.5";
src = self.fetchurl {
url = "https://github.com/replicate/cog/releases/download/v${version}/cog_linux_x86_64";
hash = "sha256-xrtK0zx2dOwafRxbL/+NA217uPEACC0QHMKQURUhlms=";
};
dontUnpack = true;
installPhase = ''
install -Dm 755 $src $out/bin/cog
mkdir -p $out/share/{fish/vendor_completions.d,bash-completion/completions,zsh/site-functions}
$out/bin/cog completion bash > $out/share/bash-completion/completions/cog
$out/bin/cog completion fish > $out/share/fish/vendor_completions.d/cog.fish
$out/bin/cog completion zsh > $out/share/zsh/site-functions/_cog
'';
};
noulith = self.rustPlatform.buildRustPackage rec {
pname = "noulith";
version = "20231228";
src = self.fetchFromGitHub {
owner = "betaveros";
rev = "3bce693335d8170895407846c237b6dad10ef7ec";
repo = pname;
hash = "sha256-Ye/Htcp9lrRo80ix4QQ+lDZSmpDSA6t1MCcWL6yTvGg=";
};
buildFeatures = [ "cli" "request" "crypto" ];
cargoHash = "sha256-N/BeeJIkbEccELqZhTFkHiaWJZgNiBazQLRqkqtPfJY=";
nativeBuildInputs = [ self.pkg-config ];
buildInputs = [ self.openssl.dev ];
};
llm = super.callPackage ./llm.nix {
python3 = self.python312;
};
govee2mqtt = super.callPackage ./govee2mqtt.nix { inherit (super) govee2mqtt; };
}) })

41
pkgs/dont-vendor-openssl.patch
View file

@ -1,41 +0,0 @@
diff --git a/Cargo.lock b/Cargo.lock
index 193c40c..50edf55 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1495,15 +1495,6 @@ version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
-[[package]]
-name = "openssl-src"
-version = "300.3.1+3.3.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7259953d42a81bf137fbbd73bd30a8e1914d6dce43c2b90ed575783a22608b91"
-dependencies = [
- "cc",
-]
-
[[package]]
name = "openssl-sys"
version = "0.9.102"
@@ -1512,7 +1503,6 @@ checksum = "c597637d56fbc83893a35eb0dd04b2b8e7a50c91e64e9493e398b5df4fb45fa2"
dependencies = [
"cc",
"libc",
- "openssl-src",
"pkg-config",
"vcpkg",
]
diff --git a/Cargo.toml b/Cargo.toml
index 1e87339..cc822f2 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -44,7 +44,7 @@ parking_lot = "0.12.1"
[dependencies.mosquitto-rs]
version="0.11.1"
-features = ["vendored-openssl"]
+features = ["router"]
#path = "../mosquitto-rs/mosquitto-rs"
[dev-dependencies]

112
pkgs/fooocus/flake.lock
View file

@ -1,112 +0,0 @@
{
"nodes": {
"dream2nix": {
"inputs": {
"nixpkgs": "nixpkgs",
"purescript-overlay": "purescript-overlay",
"pyproject-nix": "pyproject-nix"
},
"locked": {
"lastModified": 1710167744,
"narHash": "sha256-z78iB1ckRQuJluM82iCuQNjN5hqsNpd1om0q75ncza4=",
"owner": "yorickvP",
"repo": "dream2nix",
"rev": "3bfbbbb19471b60cf1bb7f7c476588a36ac3fb04",
"type": "github"
},
"original": {
"owner": "yorickvP",
"repo": "dream2nix",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1709780214,
"narHash": "sha256-p4iDKdveHMhfGAlpxmkCtfQO3WRzmlD11aIcThwPqhk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f945939fd679284d736112d3d5410eb867f3b31c",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"purescript-overlay": {
"inputs": {
"nixpkgs": [
"dream2nix",
"nixpkgs"
],
"slimlock": "slimlock"
},
"locked": {
"lastModified": 1696022621,
"narHash": "sha256-eMjFmsj2G1E0Q5XiibUNgFjTiSz0GxIeSSzzVdoN730=",
"owner": "thomashoneyman",
"repo": "purescript-overlay",
"rev": "047c7933abd6da8aa239904422e22d190ce55ead",
"type": "github"
},
"original": {
"owner": "thomashoneyman",
"repo": "purescript-overlay",
"type": "github"
}
},
"pyproject-nix": {
"flake": false,
"locked": {
"lastModified": 1702448246,
"narHash": "sha256-hFg5s/hoJFv7tDpiGvEvXP0UfFvFEDgTdyHIjDVHu1I=",
"owner": "davhau",
"repo": "pyproject.nix",
"rev": "5a06a2697b228c04dd2f35659b4b659ca74f7aeb",
"type": "github"
},
"original": {
"owner": "davhau",
"ref": "dream2nix",
"repo": "pyproject.nix",
"type": "github"
}
},
"root": {
"inputs": {
"dream2nix": "dream2nix",
"nixpkgs": [
"dream2nix",
"nixpkgs"
]
}
},
"slimlock": {
"inputs": {
"nixpkgs": [
"dream2nix",
"purescript-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1688610262,
"narHash": "sha256-Wg0ViDotFWGWqKIQzyYCgayeH8s4U1OZcTiWTQYdAp4=",
"owner": "thomashoneyman",
"repo": "slimlock",
"rev": "b5c6cdcaf636ebbebd0a1f32520929394493f1a6",
"type": "github"
},
"original": {
"owner": "thomashoneyman",
"repo": "slimlock",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

27
pkgs/fooocus/flake.nix
View file

@ -1,27 +0,0 @@
{
inputs = {
dream2nix.url = "github:yorickvP/dream2nix";
#dream2nix.inputs.nixpkgs.follows = "nixpkgs";
nixpkgs.follows = "dream2nix/nixpkgs";
};
outputs = { self, dream2nix, nixpkgs }:
let
nixpkgs' = import nixpkgs {
config.allowUnfree = true;
system = "x86_64-linux";
};
package = dream2nix.lib.evalModules {
modules = [ {
paths.projectRoot = ./.;
paths.projectRootFile = "flake.nix";
paths.package = ".";
} ./package.nix ];
packageSets.nixpkgs = nixpkgs';
};
in {
packages.x86_64-linux.default = package;
devShells.x86_64-linux.default = package.devShell;
packages.x86_64-linux.lock = package.config.lock.refresh;
nixosModules.default = ./module.nix;
};
}

960
pkgs/fooocus/lock.json
View file

@ -1,960 +0,0 @@
{
"fetchPipMetadata": {
"sources": {
"accelerate": {
"sha256": "e2609d37f2c6a56e36a0612feae6ff6d9daac9759f4899432b86b1dc97024ebb",
"type": "url",
"url": "https://files.pythonhosted.org/packages/70/f9/c381bcdd0c3829d723aa14eec8e75c6c377b4ca61ec68b8093d9f35fc7a7/accelerate-0.21.0-py3-none-any.whl",
"version": "0.21.0"
},
"aiofiles": {
"sha256": "19297512c647d4b27a2cf7c34caa7e405c0d60b5560618a29a9fe027b18b0107",
"type": "url",
"url": "https://files.pythonhosted.org/packages/c5/19/5af6804c4cc0fed83f47bff6e413a98a36618e7d40185cd36e69737f3b0e/aiofiles-23.2.1-py3-none-any.whl",
"version": "23.2.1"
},
"aiohttp": {
"sha256": "f22eb3a6c1080d862befa0a89c380b4dafce29dc6cd56083f630073d102eb595",
"type": "url",
"url": "https://files.pythonhosted.org/packages/24/99/e76e65ca811100b445d3c8af9764b27c5180ca11a15af694366424896647/aiohttp-3.9.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "3.9.5"
},
"aiosignal": {
"sha256": "f8376fb07dd1e86a584e4fcdec80b36b7f81aac666ebc724e2c090300dd83b17",
"type": "url",
"url": "https://files.pythonhosted.org/packages/76/ac/a7305707cb852b7e16ff80eaf5692309bde30e2b1100a1fcacdc8f731d97/aiosignal-1.3.1-py3-none-any.whl",
"version": "1.3.1"
},
"altair": {
"sha256": "7084a1dab4d83c5e7e5246b92dc1b4451a6c68fd057f3716ee9d315c8980e59a",
"type": "url",
"url": "https://files.pythonhosted.org/packages/46/30/2118537233fa72c1d91a81f5908a7e843a6601ccc68b76838ebc4951505f/altair-5.3.0-py3-none-any.whl",
"version": "5.3.0"
},
"annotated-types": {
"sha256": "1f02e8b43a8fbbc3f3e0d4f0f4bfc8131bcb4eebe8849b8e5c773f3a1c582a53",
"type": "url",
"url": "https://files.pythonhosted.org/packages/78/b6/6307fbef88d9b5ee7421e68d78a9f162e0da4900bc5f5793f6d3d0e34fb8/annotated_types-0.7.0-py3-none-any.whl",
"version": "0.7.0"
},
"antlr4-python3-runtime": {
"sha256": "f224469b4168294902bb1efa80a8bf7855f24c99aef99cbefc1bcd3cce77881b",
"type": "url",
"url": "https://files.pythonhosted.org/packages/3e/38/7859ff46355f76f8d19459005ca000b6e7012f2f1ca597746cbcd1fbfe5e/antlr4-python3-runtime-4.9.3.tar.gz",
"version": "4.9.3"
},
"anyio": {
"sha256": "c1b2d8f46a8a812513012e1107cb0e68c17159a7a594208005a57dc776e1bdc7",
"type": "url",
"url": "https://files.pythonhosted.org/packages/7b/a2/10639a79341f6c019dedc95bd48a4928eed9f1d1197f4c04f546fc7ae0ff/anyio-4.4.0-py3-none-any.whl",
"version": "4.4.0"
},
"attrs": {
"sha256": "99b87a485a5820b23b879f04c2305b44b951b502fd64be915879d77a7e8fc6f1",
"type": "url",
"url": "https://files.pythonhosted.org/packages/e0/44/827b2a91a5816512fcaf3cc4ebc465ccd5d598c45cefa6703fcf4a79018f/attrs-23.2.0-py3-none-any.whl",
"version": "23.2.0"
},
"boltons": {
"sha256": "9618695a6ec4f50412e7072e5d78910a00b4111d0b9b549e4a3d60bc321e7807",
"type": "url",
"url": "https://files.pythonhosted.org/packages/46/35/e50d4a115f93e2a3fbf52438435bb2efcf14c11d4fcd6bdcd77a6fc399c9/boltons-24.0.0-py3-none-any.whl",
"version": "24.0.0"
},
"certifi": {
"sha256": "ddc6c8ce995e6987e7faf5e3f1b02b302836a0e5d98ece18392cb1a36c72ad56",
"type": "url",
"url": "https://files.pythonhosted.org/packages/5b/11/1e78951465b4a225519b8c3ad29769c49e0d8d157a070f681d5b6d64737f/certifi-2024.6.2-py3-none-any.whl",
"version": "2024.6.2"
},
"cffi": {
"sha256": "7b78010e7b97fef4bee1e896df8a4bbb6712b7f05b7ef630f9d1da00f6444d2e",
"type": "url",
"url": "https://files.pythonhosted.org/packages/9b/89/a31c81e36bbb793581d8bba4406a8aac4ba84b2559301c44eef81f4cf5df/cffi-1.16.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "1.16.0"
},
"charset-normalizer": {
"sha256": "753f10e867343b4511128c6ed8c82f7bec3bd026875576dfd88483c5c73b2fd8",
"type": "url",
"url": "https://files.pythonhosted.org/packages/40/26/f35951c45070edc957ba40a5b1db3cf60a9dbb1b350c2d5bef03e01e61de/charset_normalizer-3.3.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "3.3.2"
},
"click": {
"sha256": "ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28",
"type": "url",
"url": "https://files.pythonhosted.org/packages/00/2e/d53fa4befbf2cfa713304affc7ca780ce4fc1fd8710527771b58311a3229/click-8.1.7-py3-none-any.whl",
"version": "8.1.7"
},
"contourpy": {
"sha256": "d4492d82b3bc7fbb7e3610747b159869468079fe149ec5c4d771fa1f614a14df",
"type": "url",
"url": "https://files.pythonhosted.org/packages/ee/c0/9bd123d676eb61750e116a2cd915b06483fc406143cfc36c7f263f0f5368/contourpy-1.2.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "1.2.1"
},
"cycler": {
"sha256": "85cef7cff222d8644161529808465972e51340599459b8ac3ccbac5a854e0d30",
"type": "url",
"url": "https://files.pythonhosted.org/packages/e7/05/c19819d5e3d95294a6f5947fb9b9629efb316b96de511b418c53d245aae6/cycler-0.12.1-py3-none-any.whl",
"version": "0.12.1"
},
"dnspython": {
"sha256": "5ef3b9680161f6fa89daf8ad451b5f1a33b18ae8a1c6778cdf4b43f08c0a6e50",
"type": "url",
"url": "https://files.pythonhosted.org/packages/87/a1/8c5287991ddb8d3e4662f71356d9656d91ab3a36618c3dd11b280df0d255/dnspython-2.6.1-py3-none-any.whl",
"version": "2.6.1"
},
"einops": {
"sha256": "932b12bb3176caef629cc513fc8a442338fdbfe1e560794a6e7306dcee65a8af",
"type": "url",
"url": "https://files.pythonhosted.org/packages/df/bf/18c6c753fe699c44e3d6013d75074e15f139f9a9adbaeb108f61d73d18d1/einops-0.4.1-py3-none-any.whl",
"version": "0.4.1"
},
"email-validator": {
"sha256": "97d882d174e2a65732fb43bfce81a3a834cbc1bde8bf419e30ef5ea976370a05",
"type": "url",
"url": "https://files.pythonhosted.org/packages/e4/60/b02cb0f5ee0be88bd4fbfdd9cc91e43ec2dfcc47fe064e7c70587ff58a94/email_validator-2.1.1-py3-none-any.whl",
"version": "2.1.1"
},
"fastapi": {
"sha256": "97ecbf994be0bcbdadedf88c3150252bed7b2087075ac99735403b1b76cc8fc0",
"type": "url",
"url": "https://files.pythonhosted.org/packages/e6/33/de41e554e5a187d583906e10d53bfae5fd6c07e98cbf4fe5262bd37e739a/fastapi-0.111.0-py3-none-any.whl",
"version": "0.111.0"
},
"fastapi-cli": {
"sha256": "a2552f3a7ae64058cdbb530be6fa6dbfc975dc165e4fa66d224c3d396e25e809",
"type": "url",
"url": "https://files.pythonhosted.org/packages/a1/03/89bf615052aa5453c04d952225ded0b88aab6487b9c5f0c268939d13b860/fastapi_cli-0.0.4-py3-none-any.whl",
"version": "0.0.4"
},
"ffmpy": {
"sha256": "475ebfff1044661b8d969349dbcd2db9bf56d3ee78c0627e324769b49a27a78f",
"type": "url",
"url": "https://files.pythonhosted.org/packages/1d/70/07914754979f5dd80bda947a0ffd181c08bfcb137b01c3c0cef45254d271/ffmpy-0.3.2.tar.gz",
"version": "0.3.2"
},
"filelock": {
"sha256": "43339835842f110ca7ae60f1e1c160714c5a6afd15a2873419ab185334975c0f",
"type": "url",
"url": "https://files.pythonhosted.org/packages/41/24/0b023b6537dfc9bae2c779353998e3e99ac7dfff4222fc6126650e93c3f3/filelock-3.14.0-py3-none-any.whl",
"version": "3.14.0"
},
"fonttools": {
"sha256": "fa1f3e34373aa16045484b4d9d352d4c6b5f9f77ac77a178252ccbc851e8b2ee",
"type": "url",
"url": "https://files.pythonhosted.org/packages/0a/79/b5be063ea65d048a041ad8438fa1e8c7c4bf9dc3f4ac2794a850fe70c5c5/fonttools-4.53.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "4.53.0"
},
"frozenlist": {
"sha256": "4f9c515e7914626b2a2e1e311794b4c35720a0be87af52b79ff8e1429fc25f19",
"type": "url",
"url": "https://files.pythonhosted.org/packages/b3/c9/0bc5ee7e1f5cc7358ab67da0b7dfe60fbd05c254cea5c6108e7d1ae28c63/frozenlist-1.4.1-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "1.4.1"
},
"fsspec": {
"sha256": "58d7122eb8a1a46f7f13453187bfea4972d66bf01618d37366521b1998034cee",
"type": "url",
"url": "https://files.pythonhosted.org/packages/8f/df/de2c06b316142063b6ccccc97cdc54185e3af771aa4f056d56f0db0e3466/fsspec-2024.6.0-py3-none-any.whl",
"version": "2024.6.0"
},
"gradio": {
"sha256": "ea5c7b2996156d9e1587505e2fd988ed84f5ff29725ebfce663ecee4872edcd3",
"type": "url",
"url": "https://files.pythonhosted.org/packages/df/e7/e0b548208ff5db6323ad974f094e9435adb0a377f35274196fb74adaf58a/gradio-3.41.2-py3-none-any.whl",
"version": "3.41.2"
},
"gradio-client": {
"sha256": "8e07bddd4c21f76fd218897703df8012c7e95dc74e3660edde78ac89fe4cf284",
"type": "url",
"url": "https://files.pythonhosted.org/packages/fe/85/ec0323f39192c4bee04e8e06e64213aff816b9d1b61c3c8367e75b1c7e10/gradio_client-0.5.0-py3-none-any.whl",
"version": "0.5.0"
},
"h11": {
"sha256": "e3fe4ac4b851c468cc8363d500db52c2ead036020723024a109d37346efaa761",
"type": "url",
"url": "https://files.pythonhosted.org/packages/95/04/ff642e65ad6b90db43e668d70ffb6736436c7ce41fcc549f4e9472234127/h11-0.14.0-py3-none-any.whl",
"version": "0.14.0"
},
"httpcore": {
"sha256": "c2789b767ddddfa2a5782e3199b2b7f6894540b17b16ec26b2c4d8e103510b87",
"type": "url",
"url": "https://files.pythonhosted.org/packages/94/2c/2bde7ff8dd2064395555220cbf7cba79991172bf5315a07eb3ac7688d9f1/httpcore-0.17.3-py3-none-any.whl",
"version": "0.17.3"
},
"httptools": {
"sha256": "7d9ceb2c957320def533671fc9c715a80c47025139c8d1f3797477decbc6edd2",
"type": "url",
"url": "https://files.pythonhosted.org/packages/59/23/047a89e66045232fb82c50ae57699e40f70e073ae5ccd53f54e532fbd2a2/httptools-0.6.1-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "0.6.1"
},
"httpx": {
"sha256": "06781eb9ac53cde990577af654bd990a4949de37a28bdb4a230d434f3a30b9bd",
"type": "url",
"url": "https://files.pythonhosted.org/packages/ec/91/e41f64f03d2a13aee7e8c819d82ee3aa7cdc484d18c0ae859742597d5aa0/httpx-0.24.1-py3-none-any.whl",
"version": "0.24.1"
},
"huggingface-hub": {
"sha256": "22222c41223f1b7c209ae5511d2d82907325a0e3cdbce5f66949d43c598ff3bc",
"type": "url",
"url": "https://files.pythonhosted.org/packages/66/e8/bbbad5c7b49c68def42830f96c606e693bfa935a886740a363f04cb84e44/huggingface_hub-0.23.3-py3-none-any.whl",
"version": "0.23.3"
},
"idna": {
"sha256": "82fee1fc78add43492d3a1898bfa6d8a904cc97d8427f683ed8e798d07761aa0",
"type": "url",
"url": "https://files.pythonhosted.org/packages/e5/3e/741d8c82801c347547f8a2a06aa57dbb1992be9e948df2ea0eda2c8b79e8/idna-3.7-py3-none-any.whl",
"version": "3.7"
},
"importlib-resources": {
"sha256": "50d10f043df931902d4194ea07ec57960f66a80449ff867bfe782b4c486ba78c",
"type": "url",
"url": "https://files.pythonhosted.org/packages/75/06/4df55e1b7b112d183f65db9503bff189e97179b256e1ea450a3c365241e0/importlib_resources-6.4.0-py3-none-any.whl",
"version": "6.4.0"
},
"jinja2": {
"sha256": "bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d",
"type": "url",
"url": "https://files.pythonhosted.org/packages/31/80/3a54838c3fb461f6fec263ebf3a3a41771bd05190238de3486aae8540c36/jinja2-3.1.4-py3-none-any.whl",
"version": "3.1.4"
},
"jsonschema": {
"sha256": "ff4cfd6b1367a40e7bc6411caec72effadd3db0bbe5017de188f2d6108335802",
"type": "url",
"url": "https://files.pythonhosted.org/packages/c8/2f/324fab4be6fe37fb7b521546e8a557e6cf08c1c1b3d0b4839a00f589d9ef/jsonschema-4.22.0-py3-none-any.whl",
"version": "4.22.0"
},
"jsonschema-specifications": {
"sha256": "87e4fdf3a94858b8a2ba2778d9ba57d8a9cafca7c7489c46ba0d30a8bc6a9c3c",
"type": "url",
"url": "https://files.pythonhosted.org/packages/ee/07/44bd408781594c4d0a027666ef27fab1e441b109dc3b76b4f836f8fd04fe/jsonschema_specifications-2023.12.1-py3-none-any.whl",
"version": "2023.12.1"
},
"kiwisolver": {
"sha256": "040c1aebeda72197ef477a906782b5ab0d387642e93bda547336b8957c61022e",
"type": "url",
"url": "https://files.pythonhosted.org/packages/17/ba/17a706b232308e65f57deeccae503c268292e6a091313f6ce833a23093ea/kiwisolver-1.4.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "1.4.5"
},
"lightning-utilities": {
"sha256": "541f471ed94e18a28d72879338c8c52e873bb46f4c47644d89228faeb6751159",
"type": "url",
"url": "https://files.pythonhosted.org/packages/5e/9e/e7768a8e363fc6f0c978bb7a0aa7641f10d80be60000e788ef2f01d34a7c/lightning_utilities-0.11.2-py3-none-any.whl",
"version": "0.11.2"
},
"markdown-it-py": {
"sha256": "355216845c60bd96232cd8d8c40e8f9765cc86f46880e43a8fd22dc1a1a8cab1",
"type": "url",
"url": "https://files.pythonhosted.org/packages/42/d7/1ec15b46af6af88f19b8e5ffea08fa375d433c998b8a7639e76935c14f1f/markdown_it_py-3.0.0-py3-none-any.whl",
"version": "3.0.0"
},
"markupsafe": {
"sha256": "b91c037585eba9095565a3556f611e3cbfaa42ca1e865f7b8015fe5c7336d5a5",
"type": "url",
"url": "https://download.pytorch.org/whl/MarkupSafe-2.1.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "2.1.5"
},
"matplotlib": {
"sha256": "76cce0f31b351e3551d1f3779420cf8f6ec0d4a8cf9c0237a3b549fd28eb4abb",
"type": "url",
"url": "https://files.pythonhosted.org/packages/41/f1/115e7c79b4506b4f0533acba742babd9718ff92eeca6d4205843173b6173/matplotlib-3.9.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "3.9.0"
},
"mdurl": {
"sha256": "84008a41e51615a49fc9966191ff91509e3c40b939176e643fd50a5c2196b8f8",
"type": "url",
"url": "https://files.pythonhosted.org/packages/b3/38/89ba8ad64ae25be8de66a6d463314cf1eb366222074cfda9ee839c56a4b4/mdurl-0.1.2-py3-none-any.whl",
"version": "0.1.2"
},
"mpmath": {
"sha256": "a0b2b9fe80bbcd81a6647ff13108738cfb482d481d826cc0e02f5b35e5c88d2c",
"type": "url",
"url": "https://download.pytorch.org/whl/mpmath-1.3.0-py3-none-any.whl",
"version": "1.3.0"
},
"multidict": {
"sha256": "85f67aed7bb647f93e7520633d8f51d3cbc6ab96957c71272b286b2f30dc70ed",
"type": "url",
"url": "https://files.pythonhosted.org/packages/52/ec/be54a3ad110f386d5bd7a9a42a4ff36b3cd723ebe597f41073a73ffa16b8/multidict-6.0.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "6.0.5"
},
"networkx": {
"sha256": "28575580c6ebdaf4505b22c6256a2b9de86b316dc63ba9e93abde3d78dfdbcf2",
"type": "url",
"url": "https://files.pythonhosted.org/packages/38/e9/5f72929373e1a0e8d142a130f3f97e6ff920070f87f91c4e13e40e0fba5a/networkx-3.3-py3-none-any.whl",
"version": "3.3"
},
"numpy": {
"sha256": "58f545efd1108e647604a1b5aa809591ccd2540f468a880bedb97247e72db387",
"type": "url",
"url": "https://files.pythonhosted.org/packages/e8/ad/b935c7421657a032fd2a5332eed098f3b9993a155afceb1daa280ff6611f/numpy-1.23.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "1.23.5"
},
"omegaconf": {
"sha256": "d6f2cbf79a992899eb76c6cb1aedfcf0fe7456a8654382edd5ee0c1b199c0657",
"type": "url",
"url": "https://files.pythonhosted.org/packages/98/c3/f00dcd6935c11555db6ad55bdada58706120974cacf9a861a7b948ea0619/omegaconf-2.2.3-py3-none-any.whl",
"version": "2.2.3"
},
"opencv-contrib-python": {
"sha256": "24be748f935552ed22fa23f001d684fdf48035599b1ad8a225f0f3b592e63659",
"type": "url",
"url": "https://files.pythonhosted.org/packages/d6/ca/f109e0a8f33074f0f74cf2677ee0b9bdc025d7fc07b2280afdf7fad38b47/opencv_contrib_python-4.8.0.74-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "4.8.0.74"
},
"orjson": {
"sha256": "9a7bc9e8bc11bac40f905640acd41cbeaa87209e7e1f57ade386da658092dc16",
"type": "url",
"url": "https://files.pythonhosted.org/packages/0b/ad/6eaf1425afc6d57a8f492264835f22618ae3d635238ccc06be1672cdf18b/orjson-3.10.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "3.10.3"
},
"packaging": {
"sha256": "5b8f2217dbdbd2f7f384c41c628544e6d52f2d0f53c6d0c3ea61aa5d1d7ff124",
"type": "url",
"url": "https://files.pythonhosted.org/packages/08/aa/cc0199a5f0ad350994d660967a8efb233fe0416e4639146c089643407ce6/packaging-24.1-py3-none-any.whl",
"version": "24.1"
},
"pandas": {
"sha256": "6d2123dc9ad6a814bcdea0f099885276b31b24f7edf40f6cdbc0912672e22eee",
"type": "url",
"url": "https://files.pythonhosted.org/packages/fc/a5/4d82be566f069d7a9a702dcdf6f9106df0e0b042e738043c0cc7ddd7e3f6/pandas-2.2.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "2.2.2"
},
"pillow": {
"sha256": "bdd0de2d64688ecae88dd8935012c4a72681e5df632af903a1dca8c5e7aa871a",
"type": "url",
"url": "https://files.pythonhosted.org/packages/f4/2c/aa1eefda3538b661c1fd2310f19e82b7ee09c5362ab1f8f03b6e69ef5bfb/Pillow-9.2.0-cp311-cp311-manylinux_2_28_x86_64.whl",
"version": "9.2.0"
},
"psutil": {
"sha256": "89518112647f1276b03ca97b65cc7f64ca587b1eb0278383017c2a0dcc26cbe4",
"type": "url",
"url": "https://files.pythonhosted.org/packages/af/4d/389441079ecef400e2551a3933224885a7bde6b8a4810091d628cdd75afe/psutil-5.9.5-cp36-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "5.9.5"
},
"pycparser": {
"sha256": "c3702b6d3dd8c7abc1afa565d7e63d53a1d0bd86cdc24edd75470f4de499cfcc",
"type": "url",
"url": "https://files.pythonhosted.org/packages/13/a3/a812df4e2dd5696d1f351d58b8fe16a405b234ad2886a0dab9183fb78109/pycparser-2.22-py3-none-any.whl",
"version": "2.22"
},
"pydantic": {
"sha256": "ea91b002777bf643bb20dd717c028ec43216b24a6001a280f83877fd2655d0b4",
"type": "url",
"url": "https://files.pythonhosted.org/packages/e6/f5/80931903275942770f1112b524f1948f6d6ebd44725425025ca838800de2/pydantic-2.7.3-py3-none-any.whl",
"version": "2.7.3"
},
"pydantic-core": {
"sha256": "0fbbdc827fe5e42e4d196c746b890b3d72876bdbf160b0eafe9f0334525119c8",
"type": "url",
"url": "https://files.pythonhosted.org/packages/d6/4b/51141c5ea1874e7204efac93899eefcb690ff6772a92c9a6521b32e5b71f/pydantic_core-2.18.4-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "2.18.4"
},
"pydub": {
"sha256": "65617e33033874b59d87db603aa1ed450633288aefead953b30bded59cb599a6",
"type": "url",
"url": "https://files.pythonhosted.org/packages/a6/53/d78dc063216e62fc55f6b2eebb447f6a4b0a59f55c8406376f76bf959b08/pydub-0.25.1-py2.py3-none-any.whl",
"version": "0.25.1"
},
"pygit2": {
"sha256": "ec04c27be5d5af1ceecdcc0464e07081222f91f285f156dc53b23751d146569a",
"type": "url",
"url": "https://files.pythonhosted.org/packages/4c/e1/612235c7111452a417b4bb53a55aa6c1a59d18d2b18b51bf9ee26eae32d3/pygit2-1.12.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "1.12.2"
},
"pygments": {
"sha256": "b8e6aca0523f3ab76fee51799c488e38782ac06eafcf95e7ba832985c8e7b13a",
"type": "url",
"url": "https://files.pythonhosted.org/packages/f7/3f/01c8b82017c199075f8f788d0d906b9ffbbc5a47dc9918a945e13d5a2bda/pygments-2.18.0-py3-none-any.whl",
"version": "2.18.0"
},
"pyparsing": {
"sha256": "f9db75911801ed778fe61bb643079ff86601aca99fcae6345aa67292038fb742",
"type": "url",
"url": "https://files.pythonhosted.org/packages/9d/ea/6d76df31432a0e6fdf81681a895f009a4bb47b3c39036db3e1b528191d52/pyparsing-3.1.2-py3-none-any.whl",
"version": "3.1.2"
},
"python-dateutil": {
"sha256": "a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427",
"type": "url",
"url": "https://files.pythonhosted.org/packages/ec/57/56b9bcc3c9c6a792fcbaf139543cee77261f3651ca9da0c93f5c1221264b/python_dateutil-2.9.0.post0-py2.py3-none-any.whl",
"version": "2.9.0.post0"
},
"python-dotenv": {
"sha256": "f7b63ef50f1b690dddf550d03497b66d609393b40b564ed0d674909a68ebf16a",
"type": "url",
"url": "https://files.pythonhosted.org/packages/6a/3e/b68c118422ec867fa7ab88444e1274aa40681c606d59ac27de5a5588f082/python_dotenv-1.0.1-py3-none-any.whl",
"version": "1.0.1"
},
"python-multipart": {
"sha256": "97ca7b8ea7b05f977dc3849c3ba99d51689822fab725c3703af7c866a0c2b215",
"type": "url",
"url": "https://files.pythonhosted.org/packages/3d/47/444768600d9e0ebc82f8e347775d24aef8f6348cf00e9fa0e81910814e6d/python_multipart-0.0.9-py3-none-any.whl",
"version": "0.0.9"
},
"pytorch-lightning": {
"sha256": "a2d2bd7657716087c294b076fe385ed17879764d6daaad0a541394a8f7164f93",
"type": "url",
"url": "https://files.pythonhosted.org/packages/ce/ac/09980114432e759e56e8ff35c16d05dd7c8c0f512c9a88a91c5110272a1f/pytorch_lightning-1.9.4-py3-none-any.whl",
"version": "1.9.4"
},
"pytz": {
"sha256": "328171f4e3623139da4983451950b28e95ac706e13f3f2630a879749e7a8b319",
"type": "url",
"url": "https://files.pythonhosted.org/packages/9c/3d/a121f284241f08268b21359bd425f7d4825cffc5ac5cd0e1b3d82ffd2b10/pytz-2024.1-py2.py3-none-any.whl",
"version": "2024.1"
},
"pyyaml": {
"sha256": "432557aa2c09802be39460360ddffd48156e30721f5e8d917f01d31694216782",
"type": "url",
"url": "https://files.pythonhosted.org/packages/56/8f/e8b49ad21d26111493dc2d5cae4d7efbd0e2e065440665f5023515f87f64/PyYAML-6.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "6.0"
},
"referencing": {
"sha256": "eda6d3234d62814d1c64e305c1331c9a3a6132da475ab6382eaa997b21ee75de",
"type": "url",
"url": "https://files.pythonhosted.org/packages/b7/59/2056f61236782a2c86b33906c025d4f4a0b17be0161b63b70fd9e8775d36/referencing-0.35.1-py3-none-any.whl",
"version": "0.35.1"
},
"regex": {
"sha256": "3e507ff1e74373c4d3038195fdd2af30d297b4f0950eeda6f515ae3d84a1770f",
"type": "url",
"url": "https://files.pythonhosted.org/packages/39/29/8158a6e69e97b9c72fab0b46fe4d57c789d07ef91fe4afde23721e7cac61/regex-2024.5.15-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "2024.5.15"
},
"requests": {
"sha256": "70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6",
"type": "url",
"url": "https://files.pythonhosted.org/packages/f9/9b/335f9764261e915ed497fcdeb11df5dfd6f7bf257d4a6a2a686d80da4d54/requests-2.32.3-py3-none-any.whl",
"version": "2.32.3"
},
"rich": {
"sha256": "4edbae314f59eb482f54e9e30bf00d33350aaa94f4bfcd4e9e3110e64d0d7222",
"type": "url",
"url": "https://files.pythonhosted.org/packages/87/67/a37f6214d0e9fe57f6ae54b2956d550ca8365857f42a1ce0392bb21d9410/rich-13.7.1-py3-none-any.whl",
"version": "13.7.1"
},
"rpds-py": {
"sha256": "3c20f05e8e3d4fc76875fc9cb8cf24b90a63f5a1b4c5b9273f0e8225e169b100",
"type": "url",
"url": "https://files.pythonhosted.org/packages/1b/a0/a3702128743ae5bf14175a7333a4741db167f62d42f70e0edc15d9cd45c5/rpds_py-0.18.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "0.18.1"
},
"safetensors": {
"sha256": "997a2cc14023713f423e6d16536d55cb16a3d72850f142e05f82f0d4c76d383b",
"type": "url",
"url": "https://files.pythonhosted.org/packages/a9/3e/28bd47b8d0f709b680d9e5d5ff715df187adb1f806fde72478049d691873/safetensors-0.3.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "0.3.1"
},
"scipy": {
"sha256": "abaf921531b5aeaafced90157db505e10345e45038c39e5d9b6c7922d68085cb",
"type": "url",
"url": "https://files.pythonhosted.org/packages/92/f9/7ae2c1ae200212bc84b5a8369a10d644aa8b588140fe292d59db3b4a2545/scipy-1.9.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "1.9.3"
},
"semantic-version": {
"sha256": "de78a3b8e0feda74cabc54aab2da702113e33ac9d9eb9d2389bcf1f58b7d9177",
"type": "url",
"url": "https://files.pythonhosted.org/packages/6a/23/8146aad7d88f4fcb3a6218f41a60f6c2d4e3a72de72da1825dc7c8f7877c/semantic_version-2.10.0-py2.py3-none-any.whl",
"version": "2.10.0"
},
"setuptools": {
"sha256": "54faa7f2e8d2d11bcd2c07bed282eef1046b5c080d1c32add737d7b5817b1ad4",
"type": "url",
"url": "https://files.pythonhosted.org/packages/de/88/70c5767a0e43eb4451c2200f07d042a4bcd7639276003a9c54a68cfcc1f8/setuptools-70.0.0-py3-none-any.whl",
"version": "70.0.0"
},
"shellingham": {
"sha256": "7ecfff8f2fd72616f7481040475a65b2bf8af90a56c89140852d1120324e8686",
"type": "url",
"url": "https://files.pythonhosted.org/packages/e0/f9/0595336914c5619e5f28a1fb793285925a8cd4b432c9da0a987836c7f822/shellingham-1.5.4-py2.py3-none-any.whl",
"version": "1.5.4"
},
"six": {
"sha256": "8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254",
"type": "url",
"url": "https://files.pythonhosted.org/packages/d9/5a/e7c31adbe875f2abbb91bd84cf2dc52d792b5a01506781dbcf25c91daf11/six-1.16.0-py2.py3-none-any.whl",
"version": "1.16.0"
},
"sniffio": {
"sha256": "2f6da418d1f1e0fddd844478f41680e794e6051915791a034ff65e5f100525a2",
"type": "url",
"url": "https://files.pythonhosted.org/packages/e9/44/75a9c9421471a6c4805dbf2356f7c181a29c1879239abab1ea2cc8f38b40/sniffio-1.3.1-py3-none-any.whl",
"version": "1.3.1"
},
"starlette": {
"sha256": "6fe59f29268538e5d0d182f2791a479a0c64638e6935d1c6989e63fb2699c6ee",
"type": "url",
"url": "https://files.pythonhosted.org/packages/fd/18/31fa32ed6c68ba66220204ef0be798c349d0a20c1901f9d4a794e08c76d8/starlette-0.37.2-py3-none-any.whl",
"version": "0.37.2"
},
"sympy": {
"sha256": "9b2cbc7f1a640289430e13d2a56f02f867a1da0190f2f99d8968c2f74da0e515",
"type": "url",
"url": "https://files.pythonhosted.org/packages/61/53/e18c8c97d0b2724d85c9830477e3ebea3acf1dcdc6deb344d5d9c93a9946/sympy-1.12.1-py3-none-any.whl",
"version": "1.12.1"
},
"tokenizers": {
"sha256": "9ba2b0bf01777c9b9bc94b53764d6684554ce98551fec496f71bc5be3a03e98b",
"type": "url",
"url": "https://files.pythonhosted.org/packages/e9/d9/660f08ecd88bed54df9f85cab44e01184733c8e42d79b583fb985f1dc412/tokenizers-0.13.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "0.13.3"
},
"toolz": {
"sha256": "d22731364c07d72eea0a0ad45bafb2c2937ab6fd38a3507bf55eae8744aa7d85",
"type": "url",
"url": "https://files.pythonhosted.org/packages/b7/8a/d82202c9f89eab30f9fc05380daae87d617e2ad11571ab23d7c13a29bb54/toolz-0.12.1-py3-none-any.whl",
"version": "0.12.1"
},
"torch": {
"sha256": "83bfe1134dfa8ab86553c15da5dffa190a86d822afafe8ea6de1169c10d971aa",
"type": "url",
"url": "https://download.pytorch.org/whl/cu121/torch-2.1.1%2Bcu121-cp311-cp311-linux_x86_64.whl",
"version": "2.1.1+cu121"
},
"torchmetrics": {
"sha256": "ab234216598e3fbd8d62ee4541a0e74e7e8fc935d099683af5b8da50f745b3c8",
"type": "url",
"url": "https://files.pythonhosted.org/packages/6d/e6/e51997d1818a4c1a1ad2b1c7ca5ff9dd95969596add58b2ed39479026964/torchmetrics-1.4.0.post0-py3-none-any.whl",
"version": "1.4.0.post0"
},
"torchsde": {
"sha256": "4c34373a94a357bdf60bbfee00c850f3563d634491555820b900c9a4f7eff300",
"type": "url",
"url": "https://files.pythonhosted.org/packages/73/8d/efd3e7b31ea854d0bd6886aa3cf44914adce113a6d460850af41ac1dd4dd/torchsde-0.2.5-py3-none-any.whl",
"version": "0.2.5"
},
"torchvision": {
"sha256": "b4eec1d9c04eb036b4e72aea5f43ae33c06414da9d36391bd04ffd31ad82fba9",
"type": "url",
"url": "https://download.pytorch.org/whl/cu121/torchvision-0.16.1%2Bcu121-cp311-cp311-linux_x86_64.whl",
"version": "0.16.1+cu121"
},
"tqdm": {
"sha256": "6fee160d6ffcd1b1c68c65f14c829c22832bc401726335ce92c52d395944a6a1",
"type": "url",
"url": "https://download.pytorch.org/whl/tqdm-4.64.1-py2.py3-none-any.whl",
"version": "4.64.1"
},
"trampoline": {
"sha256": "36cc9a4ff9811843d177fc0e0740efbd7da39eadfe6e50c9e2937cbc06d899d9",
"type": "url",
"url": "https://files.pythonhosted.org/packages/73/54/d2805324fb746d8da86d3844bee4f55c0cfd6c136de61b713772d44c5bea/trampoline-0.1.2-py3-none-any.whl",
"version": "0.1.2"
},
"transformers": {
"sha256": "c332e3a3097f9ed89ce556b403251235931c00237b8bc2d7adaa19d226c13f1d",
"type": "url",
"url": "https://files.pythonhosted.org/packages/5b/0b/e45d26ccd28568013523e04f325432ea88a442b4e3020b757cf4361f0120/transformers-4.30.2-py3-none-any.whl",
"version": "4.30.2"
},
"triton": {
"sha256": "919b06453f0033ea52c13eaf7833de0e57db3178d23d4e04f9fc71c4f2c32bf8",
"type": "url",
"url": "https://download.pytorch.org/whl/triton-2.1.0-0-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.whl",
"version": "2.1.0"
},
"typer": {
"sha256": "070d7ca53f785acbccba8e7d28b08dcd88f79f1fbda035ade0aecec71ca5c914",
"type": "url",
"url": "https://files.pythonhosted.org/packages/20/b5/11cf2e34fbb11b937e006286ab5b8cfd334fde1c8fa4dd7f491226931180/typer-0.12.3-py3-none-any.whl",
"version": "0.12.3"
},
"typing-extensions": {
"sha256": "04e5ca0351e0f3f85c6853954072df659d0d13fac324d0072316b67d7794700d",
"type": "url",
"url": "https://files.pythonhosted.org/packages/26/9f/ad63fc0248c5379346306f8668cda6e2e2e9c95e01216d2b8ffd9ff037d0/typing_extensions-4.12.2-py3-none-any.whl",
"version": "4.12.2"
},
"tzdata": {
"sha256": "9068bc196136463f5245e51efda838afa15aaeca9903f49050dfa2679db4d252",
"type": "url",
"url": "https://files.pythonhosted.org/packages/65/58/f9c9e6be752e9fcb8b6a0ee9fb87e6e7a1f6bcab2cdc73f02bb7ba91ada0/tzdata-2024.1-py2.py3-none-any.whl",
"version": "2024.1"
},
"ujson": {
"sha256": "129e39af3a6d85b9c26d5577169c21d53821d8cf68e079060602e861c6e5da1b",
"type": "url",
"url": "https://files.pythonhosted.org/packages/29/45/f5f5667427c1ec3383478092a414063ddd0dfbebbcc533538fe37068a0a3/ujson-5.10.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "5.10.0"
},
"urllib3": {
"sha256": "450b20ec296a467077128bff42b73080516e71b56ff59a60a02bef2232c4fa9d",
"type": "url",
"url": "https://files.pythonhosted.org/packages/a2/73/a68704750a7679d0b6d3ad7aa8d4da8e14e151ae82e6fee774e6e0d05ec8/urllib3-2.2.1-py3-none-any.whl",
"version": "2.2.1"
},
"uvicorn": {
"sha256": "cd17daa7f3b9d7a24de3617820e634d0933b69eed8e33a516071174427238c81",
"type": "url",
"url": "https://files.pythonhosted.org/packages/b2/f9/e6f30ba6094733e4f9794fd098ca0543a19b07ac1fa3075d595bf0f1fb60/uvicorn-0.30.1-py3-none-any.whl",
"version": "0.30.1"
},
"uvloop": {
"sha256": "5138821e40b0c3e6c9478643b4660bd44372ae1e16a322b8fc07478f92684e24",
"type": "url",
"url": "https://files.pythonhosted.org/packages/86/cc/1829b3f740e4cb1baefff8240a1c6fc8db9e3caac7b93169aec7d4386069/uvloop-0.19.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "0.19.0"
},
"watchfiles": {
"sha256": "94ebe84a035993bb7668f58a0ebf998174fb723a39e4ef9fce95baabb42b787f",
"type": "url",
"url": "https://files.pythonhosted.org/packages/9e/eb/a11634f2ac58e609ac1150c45897ec29361b2bcbfdae388f3f4fc709104b/watchfiles-0.22.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "0.22.0"
},
"websockets": {
"sha256": "def07915168ac8f7853812cc593c71185a16216e9e4fa886358a17ed0fd9fcf6",
"type": "url",
"url": "https://files.pythonhosted.org/packages/a9/5e/b25c60067d700e811dccb4e3c318eeadd3a19d8b3620de9f97434af777a7/websockets-11.0.3-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "11.0.3"
},
"xformers": {
"sha256": "8c3463def8f115239b60114693a54d50a8f78a09f475428ea22d034bf3587985",
"type": "url",
"url": "https://download.pytorch.org/whl/cu121/xformers-0.0.23-cp311-cp311-manylinux2014_x86_64.whl",
"version": "0.0.23"
},
"yarl": {
"sha256": "e23a6d84d9d1738dbc6e38167776107e63307dfc8ad108e580548d1f2c587f42",
"type": "url",
"url": "https://files.pythonhosted.org/packages/9f/ea/94ad7d8299df89844e666e4aa8a0e9b88e02416cd6a7dd97969e9eae5212/yarl-1.9.4-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"version": "1.9.4"
}
},
"targets": {
"default": {
"accelerate": [
"numpy",
"packaging",
"psutil",
"pyyaml",
"torch"
],
"aiofiles": [],
"aiohttp": [
"aiosignal",
"attrs",
"frozenlist",
"multidict",
"yarl"
],
"aiosignal": [
"frozenlist"
],
"altair": [
"jinja2",
"jsonschema",
"numpy",
"packaging",
"pandas",
"toolz"
],
"annotated-types": [],
"antlr4-python3-runtime": [],
"anyio": [
"idna",
"sniffio"
],
"attrs": [],
"boltons": [],
"certifi": [],
"cffi": [
"pycparser"
],
"charset-normalizer": [],
"click": [],
"contourpy": [
"numpy"
],
"cycler": [],
"dnspython": [],
"einops": [],
"email-validator": [
"dnspython",
"idna"
],
"fastapi": [
"email-validator",
"fastapi-cli",
"httpx",
"jinja2",
"orjson",
"pydantic",
"python-multipart",
"starlette",
"typing-extensions",
"ujson",
"uvicorn"
],
"fastapi-cli": [
"typer"
],
"ffmpy": [],
"filelock": [],
"fonttools": [],
"frozenlist": [],
"fsspec": [],
"gradio": [
"aiofiles",
"altair",
"fastapi",
"ffmpy",
"gradio-client",
"httpx",
"huggingface-hub",
"importlib-resources",
"jinja2",
"markupsafe",
"matplotlib",
"numpy",
"orjson",
"packaging",
"pandas",
"pillow",
"pydantic",
"pydub",
"python-multipart",
"pyyaml",
"requests",
"semantic-version",
"typing-extensions",
"uvicorn",
"websockets"
],
"gradio-client": [
"fsspec",
"httpx",
"huggingface-hub",
"packaging",
"requests",
"typing-extensions",
"websockets"
],
"h11": [],
"httpcore": [
"anyio",
"certifi",
"h11",
"sniffio"
],
"httptools": [],
"httpx": [
"certifi",
"httpcore",
"idna",
"sniffio"
],
"huggingface-hub": [
"filelock",
"fsspec",
"packaging",
"pyyaml",
"requests",
"tqdm",
"typing-extensions"
],
"idna": [],
"importlib-resources": [],
"jinja2": [
"markupsafe"
],
"jsonschema": [
"attrs",
"jsonschema-specifications",
"referencing",
"rpds-py"
],
"jsonschema-specifications": [
"referencing"
],
"kiwisolver": [],
"lightning-utilities": [
"packaging",
"setuptools",
"typing-extensions"
],
"markdown-it-py": [
"mdurl"
],
"markupsafe": [],
"matplotlib": [
"contourpy",
"cycler",
"fonttools",
"kiwisolver",
"numpy",
"packaging",
"pillow",
"pyparsing",
"python-dateutil"
],
"mdurl": [],
"mpmath": [],
"multidict": [],
"networkx": [],
"numpy": [],
"omegaconf": [
"antlr4-python3-runtime",
"pyyaml"
],
"opencv-contrib-python": [
"numpy"
],
"orjson": [],
"packaging": [],
"pandas": [
"numpy",
"python-dateutil",
"pytz",
"tzdata"
],
"pillow": [],
"psutil": [],
"pycparser": [],
"pydantic": [
"annotated-types",
"pydantic-core",
"typing-extensions"
],
"pydantic-core": [
"typing-extensions"
],
"pydub": [],
"pygit2": [
"cffi"
],
"pygments": [],
"pyparsing": [],
"python-dateutil": [
"six"
],
"python-dotenv": [],
"python-multipart": [],
"pytorch-lightning": [
"fsspec",
"lightning-utilities",
"numpy",
"packaging",
"pyyaml",
"torch",
"torchmetrics",
"tqdm",
"typing-extensions"
],
"pytz": [],
"pyyaml": [],
"referencing": [
"attrs",
"rpds-py"
],
"regex": [],
"requests": [
"certifi",
"charset-normalizer",
"idna",
"urllib3"
],
"rich": [
"markdown-it-py",
"pygments"
],
"rpds-py": [],
"safetensors": [],
"scipy": [
"numpy"
],
"semantic-version": [],
"setuptools": [],
"shellingham": [],
"six": [],
"sniffio": [],
"starlette": [
"anyio"
],
"sympy": [
"mpmath"
],
"tokenizers": [],
"toolz": [],
"torch": [
"filelock",
"fsspec",
"jinja2",
"networkx",
"sympy",
"triton",
"typing-extensions"
],
"torchmetrics": [
"lightning-utilities",
"numpy",
"packaging",
"torch"
],
"torchsde": [
"boltons",
"numpy",
"scipy",
"torch",
"trampoline"
],
"torchvision": [
"numpy",
"pillow",
"requests",
"torch"
],
"tqdm": [],
"trampoline": [],
"transformers": [
"filelock",
"huggingface-hub",
"numpy",
"packaging",
"pyyaml",
"regex",
"requests",
"safetensors",
"tokenizers",
"tqdm"
],
"triton": [
"filelock"
],
"typer": [
"click",
"rich",
"shellingham",
"typing-extensions"
],
"typing-extensions": [],
"tzdata": [],
"ujson": [],
"urllib3": [],
"uvicorn": [
"click",
"h11",
"httptools",
"python-dotenv",
"pyyaml",
"uvloop",
"watchfiles",
"websockets"
],
"uvloop": [],
"watchfiles": [
"anyio"
],
"websockets": [],
"xformers": [
"numpy",
"torch"
],
"yarl": [
"idna",
"multidict"
]
}
}
},
"invalidationHash": "20fd38ee2783bfd52dc6f65f4282d0831977968e084d0f7bb676f6dffdddc67d"
}

141
pkgs/fooocus/module.nix
View file

@ -1,141 +0,0 @@
{ config, lib, pkgs, ... }:
let cfg = config.services.fooocus; in
{
options.services.fooocus = with lib; {
enable = mkEnableOption "Fooocus";
package = mkOption {
type = types.package;
description = "The package name of the Fooocus server";
default = pkgs.fooocus;
};
port = mkOption {
type = types.int;
description = "The port to run the Fooocus server on";
default = 7860;
};
listen = mkOption {
type = types.str;
description = "The address to listen on";
default = "127.0.0.1";
};
path = {
models = mkOption {
type = types.path;
description = "The path to the models directory";
default = "/var/models/Fooocus/models";
};
outputs = mkOption {
type = types.path;
description = "The path to the outputs directory";
default = "/var/sd/outputs/sdxl";
};
checkpoints = mkOption {
type = types.path;
description = "The path to the checkpoints directory";
default = "${cfg.path.models}/checkpoints";
};
loras = mkOption {
type = types.path;
description = "The path to the loras directory";
default = "${cfg.path.models}/loras";
};
embeddings = mkOption {
type = types.path;
description = "The path to the embeddings directory";
default = "${cfg.path.models}/embeddings";
};
vae_approx = mkOption {
type = types.path;
description = "The path to the vae_approx directory";
default = "${cfg.path.models}/vae_approx";
};
upscale_models = mkOption {
type = types.path;
description = "The path to the upscale_models directory";
default = "${cfg.path.models}/upscale_models";
};
inpaint = mkOption {
type = types.path;
description = "The path to the inpaint directory";
default = "${cfg.path.models}/inpaint";
};
controlnet = mkOption {
type = types.path;
description = "The path to the controlnet directory";
default = "${cfg.path.models}/controlnet";
};
clip_vision = mkOption {
type = types.path;
description = "The path to the clip_vision directory";
default = "${cfg.path.models}/clip_vision";
};
fooocus_expansion = mkOption {
type = types.path;
description = "The path to the fooocus_expansion directory";
default = "${cfg.path.models}/prompt_expansion/fooocus_expansion";
};
};
config = mkOption {
type = types.attrsOf types.str;
description = "The configuration for the Fooocus server";
default = {
"path_checkpoints" = "${cfg.path.checkpoints}";
"path_loras" = "${cfg.path.loras}";
"path_embeddings" = "${cfg.path.embeddings}";
"path_vae_approx" = "${cfg.path.vae_approx}";
"path_upscale_models" = "${cfg.path.upscale_models}";
"path_inpaint" = "${cfg.path.inpaint}";
"path_controlnet" = "${cfg.path.controlnet}";
"path_clip_vision" = "${cfg.path.clip_vision}";
"path_fooocus_expansion" = "${cfg.path.fooocus_expansion}";
"path_outputs" = "${cfg.path.outputs}";
};
};
};
config = let
configFile = pkgs.writeText "config.json" (builtins.toJSON cfg.config);
in lib.mkIf cfg.enable {
systemd.services.fooocus = {
description = "Fooocus server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
environment.config_path = "${configFile}";
environment.config_example_path = "/var/lib/fooocus/config_modification_tutorial.txt";
serviceConfig = {
Type = "simple";
# it wants to write for no good reason
# todo: remove these symlinks
ExecStartPre = pkgs.writeShellScript "pre-start" ''
cp ${configFile} /var/lib/fooocus/config.txt
chmod +w /var/lib/fooocus/config.txt
mkdir /tmp/fooocus
ln -sfn ${cfg.package}/javascript /var/lib/fooocus/javascript
ln -sfn ${cfg.package}/css /var/lib/fooocus/css
'';
ExecStart = "${cfg.package}/bin/fooocus --port ${toString cfg.port} --disable-in-browser --multi-user --listen ${cfg.listen} --always-high-vram";
Restart = "always";
RestartSec = "10";
User = "fooocus";
Group = "fooocus";
PrivateTmp = true;
ProtectSystem = "full";
ProtectHome = true;
NoNewPrivileges = true;
WorkingDirectory = "/var/lib/fooocus";
ReadWritePaths = [
"/var/lib/fooocus"
"/var/models/Fooocus"
"/var/sd/outputs/sdxl"
];
};
};
users.users.fooocus = {
isSystemUser = true;
createHome = true;
group = "fooocus";
home = "/var/lib/fooocus";
};
users.groups.fooocus = {};
};
}

78
pkgs/fooocus/package.nix
View file

@ -1,78 +0,0 @@
{ dream2nix, config, lib, ... }: {
imports = [ dream2nix.modules.dream2nix.pip ];
name = "Fooocus";
version = "2.4.3";
mkDerivation = {
src = config.deps.fetchFromGitHub {
owner = "lllyasviel";
repo = config.name;
rev = "v${config.version}";
hash = "sha256-+vf/uggcO8FeCuGLrgovRSae/Rka1Y2u69qttImtMdY=";
};
nativeBuildInputs = [ config.deps.which ];
buildPhase = "true";
installPhase = ''
mkdir $out
cp -r ./* $out
ln -s /tmp/fooocus $out/input
ln -s /var/lib/fooocus/auth.json $out/auth.json
ln -s /var/lib/fooocus/sorted_styles.json $out/sorted_styles.json
for f in $out/{launch,webui}.py; do
chmod +x $f
sed -i '1s;^;#!/usr/bin/env python\n;' $f
# wrapProgram $f --set PYTHONPATH "$PYTHONPATH:$out/backend/headless"
done
makeWrapper $(which python) $out/bin/fooocus \
--add-flags $out/launch.py \
--set PYTHONPATH "$PYTHONPATH:$out/backend/headless"
'';
};
buildPythonPackage.format = "other";
deps = { nixpkgs, ... }: {
inherit (nixpkgs) fetchFromGitHub which;
inherit (nixpkgs.cudaPackages_12_1) cudatoolkit cudnn;
};
pip = {
drvs = {
torch.env.appendRunpaths = [ "/run/opengl-driver/lib" "$ORIGIN" ];
# libnvToolsExt.so
torch.mkDerivation.buildInputs = [ config.deps.cudatoolkit ];
# libcudart.so.12
torchvision.mkDerivation.buildInputs = [ config.deps.cudatoolkit.lib ];
# libcudart.so.12
xformers.mkDerivation.buildInputs = [ config.deps.cudatoolkit.lib ];
};
pypiSnapshotDate = "2024-06-10";
flattenDependencies = true;
buildDependencies.setuptools = false;
requirementsList = [
"torchsde==0.2.5"
"einops==0.4.1"
"transformers==4.30.2"
"safetensors==0.3.1"
"accelerate==0.21.0"
"pyyaml==6.0"
"Pillow==9.2.0"
"scipy==1.9.3"
"tqdm==4.64.1"
"psutil==5.9.5"
"numpy==1.23.5"
"pytorch_lightning==1.9.4"
"omegaconf==2.2.3"
"gradio==3.41.2"
"pygit2==1.12.2"
"opencv-contrib-python==4.8.0.74"
"torch==2.1.1+cu121"
"torchvision==0.16.1"
"xformers==0.0.23"
"triton"
"setuptools"
"httpx==0.24.1"
"--extra-index-url" "https://download.pytorch.org/whl/cu121"
];
};
}

Some files were not shown because too many files have changed in this diff Show more