jordan/nix-config
1
1
Fork 0
Code Issues 10 Pull Requests Actions Projects 3 Wiki Activity

Compare commits

base: jordan:skycam
Branches Tags
jordan:master jordan:hass jordan:immich jordan:zitadel jordan:skycam jordan:24.05 jordan:lunarvim jordan:matrix jordan:docs jordan:vps1 jordan:wallpapers jordan:fix-odyssey-nix-store
..
compare: jordan:a8961d1ddc31b6c3e9d145987adfdc8f08ec44d5
Branches Tags
jordan:master jordan:hass jordan:immich jordan:zitadel jordan:skycam jordan:24.05 jordan:lunarvim jordan:matrix jordan:docs jordan:vps1 jordan:wallpapers jordan:fix-odyssey-nix-store

2 Commits
skycam ... a8961d1ddc

Author SHA1 Message Date
Jordan Holt
a8961d1ddc flake.lock: Update 
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/d57058eb09dd5ec00c746df34fe0a603ea744370' (2024-05-02)
  → 'github:nix-community/disko/e1b3ae2b4ebc3c7b83154b9361e3d154e64e362d' (2024-05-06)
• Updated input 'nixos-hardware':
    'github:NixOS/nixos-hardware/753176b57b3fcddb140c1c012868e62c025120bd' (2024-05-05)
  → 'github:NixOS/nixos-hardware/e148ccbecbd2fe4dc4768fba67f6db828466ad06' (2024-05-06)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/e9be42459999a253a9f92559b1f5b72e1b44c13d' (2024-05-03)
  → 'github:NixOS/nixpkgs/25865a40d14b3f9cf19f19b924e2ab4069b09588' (2024-05-05)
• Updated input 'secrets':
    'git+ssh://git@git.vimium.com/jordan/nix-secrets.git?ref=refs/heads/master&rev=f350d35d7651c415fa4c0d6a7cff378ba5650f93' (2024-04-01)
  → 'git+ssh://git@git.vimium.com/jordan/nix-secrets.git?ref=refs/heads/master&rev=b4a1c8968a1cb3688c12caddecd99432494df95b' (2024-05-06)
 2024-05-06 16:13:54 +01:00
Jordan Holt
23ae4cdad0 Add gitea-runner module 2024-05-06 16:13:54 +01:00
47 changed files with 610 additions and 1963 deletions
Expand all files Collapse all files

15
.gitea/workflows/check.yml
View File

@@ -1,15 +0,0 @@
name: Check flake
on:
push:
branches: ['master']
jobs:
build-amd64-linux:
runs-on: nix
steps:
- uses: actions/checkout@v4
with:
ref: master
- name: Check flake
run: |
echo "Checking flake at ${{ gitea.ref }}"
nix flake check

611
flake.lock generated
View File

@@ -8,11 +8,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1722339003, "lastModified": 1714136352,
"narHash": "sha256-ZeS51uJI30ehNkcZ4uKqT4ZDARPyqrHADSKAwv5vVCU=", "narHash": "sha256-BtWQ2Th/jamO1SlD+2ASSW5Jaf7JhA/JLpQHk0Goqpg=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "3f1dae074a12feb7327b4bf43cbac0d124488bb7", "rev": "24a7ea390564ccd5b39b7884f597cfc8d7f6f44e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -21,6 +21,29 @@
"type": "github" "type": "github"
} }
}, },
"beautysh": {
"inputs": {
"nixpkgs": [
"nixvim",
"nixpkgs"
],
"poetry2nix": "poetry2nix",
"utils": "utils_3"
},
"locked": {
"lastModified": 1680308980,
"narHash": "sha256-aUEHV0jk2qIFP3jlsWYWhBbm+w/N9gzH3e4I5DcdB5s=",
"owner": "lovesegfault",
"repo": "beautysh",
"rev": "9845efc3ea3e86cc0d41465d720a47f521b2799c",
"type": "github"
},
"original": {
"owner": "lovesegfault",
"repo": "beautysh",
"type": "github"
}
},
"blobs": { "blobs": {
"flake": false, "flake": false,
"locked": { "locked": {
@@ -66,11 +89,11 @@
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1718194053, "lastModified": 1711973905,
"narHash": "sha256-FaGrf7qwZ99ehPJCAwgvNY5sLCqQ3GDiE/6uLhxxwSY=", "narHash": "sha256-UFKME/N1pbUtn+2Aqnk+agUt8CekbpuqwzljivfIme8=",
"owner": "serokell", "owner": "serokell",
"repo": "deploy-rs", "repo": "deploy-rs",
"rev": "3867348fa92bc892eba5d9ddb2d7a97b9e127a8a", "rev": "88b3059b020da69cbe16526b8d639bd5e0b51c8b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -79,27 +102,6 @@
"type": "github" "type": "github"
} }
}, },
"devshell": {
"inputs": {
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722113426,
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
"owner": "numtide",
"repo": "devshell",
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -107,11 +109,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1722821805, "lastModified": 1714959124,
"narHash": "sha256-FGrUPUD+LMDwJsYyNSxNIzFMldtCm8wXiQuyL2PHSrM=", "narHash": "sha256-oYmauPDpSgWjY9hvzwd815igGfP8Ds5Bk6bTo5JrBRk=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "0257e44f4ad472b54f19a6dd1615aee7fa48ed49", "rev": "e1b3ae2b4ebc3c7b83154b9361e3d154e64e362d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -123,11 +125,11 @@
"firefox-gnome-theme": { "firefox-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1721276923, "lastModified": 1714702515,
"narHash": "sha256-HJKuwVvi+yGv+8n9Ez4EwaJA0B79JRss9J30vpgy/GI=", "narHash": "sha256-EACja6V2lNh67Xvmhr0eEM/VeqM7OlTTm/81LhRbsBE=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "firefox-gnome-theme", "repo": "firefox-gnome-theme",
"rev": "cc70ec20e2775df7cd2bccdd20dcdecc3e0a733b", "rev": "c4eec329c464f3f89ab78a56a47eee6271ea9d19",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -155,11 +157,11 @@
"flake-compat_2": { "flake-compat_2": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1696426674, "lastModified": 1668681692,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -169,27 +171,13 @@
} }
}, },
"flake-compat_3": { "flake-compat_3": {
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"revCount": 57,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
}
},
"flake-compat_4": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1696426674, "lastModified": 1673956053,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -198,62 +186,50 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts": { "flake-utils": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "systems": "systems_3"
"nixvim",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1722555600, "lastModified": 1701680307,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "hercules-ci", "owner": "numtide",
"repo": "flake-parts", "repo": "flake-utils",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d", "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "hercules-ci", "owner": "numtide",
"repo": "flake-parts", "repo": "flake-utils",
"type": "github" "type": "github"
} }
}, },
"git-hooks": { "flake-utils_2": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_4", "systems": "systems_4"
"gitignore": "gitignore",
"nixpkgs": [
"nixvim",
"nixpkgs"
],
"nixpkgs-stable": [
"nixvim",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1721042469, "lastModified": 1685518550,
"narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=", "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
"owner": "cachix", "owner": "numtide",
"repo": "git-hooks.nix", "repo": "flake-utils",
"rev": "f451c19376071a90d8c58ab1a953c6e9840527fd", "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "cachix", "owner": "numtide",
"repo": "git-hooks.nix", "repo": "flake-utils",
"type": "github" "type": "github"
} }
}, },
"gitea-github-theme": { "gitea-github-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1717248105, "lastModified": 1714774531,
"narHash": "sha256-BwSsIkl7DpN/c8HNXOh2aKjOuPmFsGybv4RegOC7Xq0=", "narHash": "sha256-qbju0jKnOqsO77cMjVPZmJADU3mb/q3a5ULkM7RDCWk=",
"ref": "main", "ref": "main",
"rev": "4f829f88e6f443ff048c4d337bd010315aa4b50a", "rev": "cb120eb24fa69f69984d175832acfc5a011384e5",
"revCount": 101, "revCount": 95,
"type": "git", "type": "git",
"url": "ssh://git@git.vimium.com/jordan/gitea-github-theme.git" "url": "ssh://git@git.vimium.com/jordan/gitea-github-theme.git"
}, },
@@ -267,16 +243,16 @@
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixvim", "nixvim",
"git-hooks", "pre-commit-hooks",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1709087332, "lastModified": 1660459072,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "gitignore.nix", "repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394", "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -313,120 +289,27 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1720042825, "lastModified": 1714043624,
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=", "narHash": "sha256-Xn2r0Jv95TswvPlvamCC46wwNo8ALjRCMBJbGykdhcM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", "rev": "86853e31dc1b62c6eeed11c667e8cdd0285d4411",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-24.05", "ref": "release-23.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
}, },
"home-manager_3": {
"inputs": {
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1720042825,
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.05",
"repo": "home-manager",
"type": "github"
}
},
"kvlibadwaita": {
"flake": false,
"locked": {
"lastModified": 1710621848,
"narHash": "sha256-xBl6zmpqTAH5MIT5iNAdW6kdOcB5MY0Dtrb95hdYpwA=",
"owner": "GabePoel",
"repo": "KvLibadwaita",
"rev": "87c1ef9f44ec48855fd09ddab041007277e30e37",
"type": "github"
},
"original": {
"owner": "GabePoel",
"repo": "KvLibadwaita",
"type": "github"
}
},
"libcamera-src": {
"flake": false,
"locked": {
"lastModified": 1718617480,
"narHash": "sha256-qqEMJzMotybf1nJp1dsz3zc910Qj0TmqCm1CwuSb1VY=",
"owner": "raspberrypi",
"repo": "libcamera",
"rev": "6ddd79b5bdbedc1f61007aed35391f1559f9e29a",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"repo": "libcamera",
"rev": "6ddd79b5bdbedc1f61007aed35391f1559f9e29a",
"type": "github"
}
},
"libpisp-src": {
"flake": false,
"locked": {
"lastModified": 1718613892,
"narHash": "sha256-V/d4RrXoq8HNc8r/Kr1gH3E7YTZzfIdgbaJtq/Xi7uQ=",
"owner": "raspberrypi",
"repo": "libpisp",
"rev": "b567f04556801ca350331ed21a1ae3eef4675c23",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"ref": "v1.0.6",
"repo": "libpisp",
"type": "github"
}
},
"nix-darwin": {
"inputs": {
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722609272,
"narHash": "sha256-Kkb+ULEHVmk07AX+OhwyofFxBDpw+2WvsXguUS2m6e4=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "f7142b8024d6b70c66fd646e1d099d3aa5bfec49",
"type": "github"
},
"original": {
"owner": "lnl7",
"repo": "nix-darwin",
"type": "github"
}
},
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1722332872, "lastModified": 1714984131,
"narHash": "sha256-2xLM4sc5QBfi0U/AANJAW21Bj4ZX479MHPMPkB+eKBU=", "narHash": "sha256-kjIvFbbKb6RGIJyOgcF+BBWHNzhNSNqRTxX/SkrkRno=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "14c333162ba53c02853add87a0000cbd7aa230c2", "rev": "e148ccbecbd2fe4dc4768fba67f6db828466ad06",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -442,20 +325,21 @@
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-24_05": "nixpkgs-24_05", "nixpkgs-23_05": "nixpkgs-23_05",
"nixpkgs-23_11": "nixpkgs-23_11",
"utils": "utils_2" "utils": "utils_2"
}, },
"locked": { "locked": {
"lastModified": 1718084203, "lastModified": 1706219574,
"narHash": "sha256-Cx1xoVfSMv1XDLgKg08CUd1EoTYWB45VmB9XIQzhmzI=", "narHash": "sha256-qO+8UErk+bXCq2ybHU4GzXG4Ejk4Tk0rnnTPNyypW4g=",
"owner": "simple-nixos-mailserver", "owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver", "repo": "nixos-mailserver",
"rev": "29916981e7b3b5782dc5085ad18490113f8ff63b", "rev": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
"owner": "simple-nixos-mailserver", "owner": "simple-nixos-mailserver",
"ref": "nixos-24.05", "ref": "nixos-23.11",
"repo": "nixos-mailserver", "repo": "nixos-mailserver",
"type": "gitlab" "type": "gitlab"
} }
@@ -476,28 +360,59 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-24_05": { "nixpkgs-23_05": {
"locked": { "locked": {
"lastModified": 1717144377, "lastModified": 1704290814,
"narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=", "narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "805a384895c696f802a9bf5bf4720f37385df547", "rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
"type": "github" "type": "github"
}, },
"original": { "original": {
"id": "nixpkgs", "id": "nixpkgs",
"ref": "nixos-24.05", "ref": "nixos-23.05",
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs-23_11": {
"locked": {
"lastModified": 1706098335,
"narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a77ab169a83a4175169d78684ddd2e54486ac651",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.11",
"type": "indirect"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1685801374,
"narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c37ca420157f4abc31e26f436c1145f8951ff373",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1722630782, "lastModified": 1714906307,
"narHash": "sha256-hMyG9/WlUi0Ho9VkRrrez7SeNlDzLxalm9FwY7n/Noo=", "narHash": "sha256-UlRZtrCnhPFSJlDQE7M0eyhgvuuHBTe1eJ9N9AQlJQ0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d04953086551086b44b6f3c6b7eeb26294f207da", "rev": "25865a40d14b3f9cf19f19b924e2ab4069b09588",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -524,110 +439,92 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1722791413, "lastModified": 1714782413,
"narHash": "sha256-rCTrlCWvHzMCNcKxPE3Z/mMK2gDZ+BvvpEVyRM4tKmU=", "narHash": "sha256-tbg0MEuKaPcUrnmGCu4xiY5F+7LW2+ECPKVAJd2HLwM=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "8b5b6723aca5a51edf075936439d9cd3947b7b2c", "rev": "651b4702e27a388f0f18e1b970534162dec09aff",
"type": "github" "type": "github"
}, },
"original": { "original": {
"id": "nixpkgs", "id": "nixpkgs",
"ref": "nixos-24.05", "ref": "nixos-23.11",
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs_4": {
"locked": {
"lastModified": 1722651103,
"narHash": "sha256-IRiJA0NVAoyaZeKZluwfb2DoTpBAj+FLI0KfybBeDU0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a633d89c6dc9a2a8aae11813a62d7c58b2c0cc51",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": { "nixvim": {
"inputs": { "inputs": {
"devshell": "devshell", "beautysh": "beautysh",
"flake-compat": "flake-compat_3", "flake-utils": "flake-utils",
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"home-manager": "home-manager_3",
"nix-darwin": "nix-darwin",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"treefmt-nix": "treefmt-nix" "pre-commit-hooks": "pre-commit-hooks"
}, },
"locked": { "locked": {
"lastModified": 1722688115, "lastModified": 1713951100,
"narHash": "sha256-Ubk5KzAp2Z4Dzmi81aGgabvy41QXjZMwNikDYm7+jS0=", "narHash": "sha256-ObeER1qB/i06lk7jQqVp9DdTKnykNaojOVoX9GcCoRc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixvim", "repo": "nixvim",
"rev": "4e6974c619bd280789ef3697a73fcf7c20f70819", "rev": "7c59615585f691b560d9522c94d8f3195853ca8e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "nixos-24.05", "ref": "nixos-23.11",
"repo": "nixvim", "repo": "nixvim",
"type": "github" "type": "github"
} }
}, },
"plasma-manager": { "poetry2nix": {
"inputs": { "inputs": {
"home-manager": [ "flake-utils": [
"home-manager" "nixvim",
"beautysh",
"utils"
], ],
"nixpkgs": [ "nixpkgs": [
"nixvim",
"beautysh",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1722804745, "lastModified": 1658665240,
"narHash": "sha256-l6N3QaiDqN2QmHDAxjczQPLPCTv+Kp7PsrtJBltmhTo=", "narHash": "sha256-/wkx7D7enyBPRjIkK0w7QxLQhzEkb3UxNQnjyc3FTUI=",
"owner": "nix-community", "owner": "nix-community",
"repo": "plasma-manager", "repo": "poetry2nix",
"rev": "61d9342fb471cd3c45a047406428fba7b6fb49ad", "rev": "8b8edc85d24661d5a6d0d71d6a7011f3e699780f",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"repo": "plasma-manager", "repo": "poetry2nix",
"type": "github" "type": "github"
} }
}, },
"raspberry-pi-nix": { "pre-commit-hooks": {
"inputs": { "inputs": {
"libcamera-src": "libcamera-src", "flake-compat": "flake-compat_3",
"libpisp-src": "libpisp-src", "flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_4", "gitignore": "gitignore",
"rpi-bluez-firmware-src": "rpi-bluez-firmware-src", "nixpkgs": [
"rpi-firmware-nonfree-src": "rpi-firmware-nonfree-src", "nixvim",
"rpi-firmware-src": "rpi-firmware-src", "nixpkgs"
"rpi-linux-6_10_0-rc5-src": "rpi-linux-6_10_0-rc5-src", ],
"rpi-linux-6_6_31-src": "rpi-linux-6_6_31-src", "nixpkgs-stable": "nixpkgs-stable"
"rpicam-apps-src": "rpicam-apps-src",
"u-boot-src": "u-boot-src"
}, },
"locked": { "locked": {
"lastModified": 1722525809, "lastModified": 1703939133,
"narHash": "sha256-LTCbMSKbSHvKubfXolss39UeTKDIoP9wWTyXV/tDPHU=", "narHash": "sha256-Gxe+mfOT6bL7wLC/tuT2F+V+Sb44jNr8YsJ3cyIl4Mo=",
"owner": "nix-community", "owner": "cachix",
"repo": "raspberry-pi-nix", "repo": "pre-commit-hooks.nix",
"rev": "35bb455fdeb495043a94433f67e05fa88980cdad", "rev": "9d3d7e18c6bc4473d7520200d4ddab12f8402d38",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "cachix",
"repo": "raspberry-pi-nix", "repo": "pre-commit-hooks.nix",
"type": "github" "type": "github"
} }
}, },
@@ -639,128 +536,23 @@
"firefox-gnome-theme": "firefox-gnome-theme", "firefox-gnome-theme": "firefox-gnome-theme",
"gitea-github-theme": "gitea-github-theme", "gitea-github-theme": "gitea-github-theme",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"kvlibadwaita": "kvlibadwaita",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixos-mailserver": "nixos-mailserver", "nixos-mailserver": "nixos-mailserver",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"nixvim": "nixvim", "nixvim": "nixvim",
"plasma-manager": "plasma-manager",
"raspberry-pi-nix": "raspberry-pi-nix",
"secrets": "secrets", "secrets": "secrets",
"thunderbird-gnome-theme": "thunderbird-gnome-theme" "thunderbird-gnome-theme": "thunderbird-gnome-theme"
} }
}, },
"rpi-bluez-firmware-src": {
"flake": false,
"locked": {
"lastModified": 1708969706,
"narHash": "sha256-KakKnOBeWxh0exu44beZ7cbr5ni4RA9vkWYb9sGMb8Q=",
"owner": "RPi-Distro",
"repo": "bluez-firmware",
"rev": "78d6a07730e2d20c035899521ab67726dc028e1c",
"type": "github"
},
"original": {
"owner": "RPi-Distro",
"ref": "bookworm",
"repo": "bluez-firmware",
"type": "github"
}
},
"rpi-firmware-nonfree-src": {
"flake": false,
"locked": {
"lastModified": 1708967191,
"narHash": "sha256-BGq0+cr+xBRwQM/LqiQuRWuZpQsKM5jfcrNCqWMuVzM=",
"owner": "RPi-Distro",
"repo": "firmware-nonfree",
"rev": "223ccf3a3ddb11b3ea829749fbbba4d65b380897",
"type": "github"
},
"original": {
"owner": "RPi-Distro",
"ref": "bookworm",
"repo": "firmware-nonfree",
"type": "github"
}
},
"rpi-firmware-src": {
"flake": false,
"locked": {
"lastModified": 1716978780,
"narHash": "sha256-KsCo7ZG6vKstxRyFljZtbQvnDSqiAPdUza32xTY/tlA=",
"owner": "raspberrypi",
"repo": "firmware",
"rev": "3590de0c181d433af368a95f15bc480bdaff8b47",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"ref": "1.20240529",
"repo": "firmware",
"type": "github"
}
},
"rpi-linux-6_10_0-rc5-src": {
"flake": false,
"locked": {
"lastModified": 1719265450,
"narHash": "sha256-xd/Pz/uZFYW9hJIFKryWDE9Aks6f2EIvEDCmfk0C70c=",
"owner": "raspberrypi",
"repo": "linux",
"rev": "f61d3aca8045e70d64b55f7b98f083738f639ad2",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"ref": "rpi-6.10.y",
"repo": "linux",
"type": "github"
}
},
"rpi-linux-6_6_31-src": {
"flake": false,
"locked": {
"lastModified": 1716545726,
"narHash": "sha256-UWUTeCpEN7dlFSQjog6S3HyEWCCnaqiUqV5KxCjYink=",
"owner": "raspberrypi",
"repo": "linux",
"rev": "c1432b4bae5b6582f4d32ba381459f33c34d1424",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"ref": "stable_20240529",
"repo": "linux",
"type": "github"
}
},
"rpicam-apps-src": {
"flake": false,
"locked": {
"lastModified": 1717081637,
"narHash": "sha256-s4zJh6r3VhiquO54KWZ78dVCH1BmlphY9zEB9BidNyo=",
"owner": "raspberrypi",
"repo": "rpicam-apps",
"rev": "49344f2a8d1817558d4e6463032fcf11be618b38",
"type": "github"
},
"original": {
"owner": "raspberrypi",
"ref": "v1.5.0",
"repo": "rpicam-apps",
"type": "github"
}
},
"secrets": { "secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1722712220, "lastModified": 1715007828,
"narHash": "sha256-gEmbk/DROfVZ+v/BAZHDloHzS0KdqIzxtW7z9g2eH4Y=", "narHash": "sha256-3791/+OWOMFAY3OFOsOwaFmpo2iIv9iHUhEb63oUL2M=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "dfe0e95be5ef539bf28602ff47beeea26cc4d1b8", "rev": "b4a1c8968a1cb3688c12caddecd99432494df95b",
"revCount": 22, "revCount": 18,
"type": "git", "type": "git",
"url": "ssh://git@git.vimium.com/jordan/nix-secrets.git" "url": "ssh://git@git.vimium.com/jordan/nix-secrets.git"
}, },
@@ -814,14 +606,29 @@
"type": "github" "type": "github"
} }
}, },
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"thunderbird-gnome-theme": { "thunderbird-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1721874544, "lastModified": 1710774977,
"narHash": "sha256-BHW9jlx92CsHY84FT0ce5Vxl0KFheLhNn2vndcIf7no=", "narHash": "sha256-nQBz2PW3YF3+RTflPzDoAcs6vH1PTozESIYUGAwvSdA=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "thunderbird-gnome-theme", "repo": "thunderbird-gnome-theme",
"rev": "628fcccb7788e3e0ad34f67114f563c87ac8c1dc", "rev": "65d5c03fc9172d549a3ea72fd366d544981a002b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -830,40 +637,6 @@
"type": "github" "type": "github"
} }
}, },
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722330636,
"narHash": "sha256-uru7JzOa33YlSRwf9sfXpJG+UAV+bnBEYMjrzKrQZFw=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "768acdb06968e53aa1ee8de207fd955335c754b7",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"u-boot-src": {
"flake": false,
"locked": {
"lastModified": 1712055538,
"narHash": "sha256-IlaDdjKq/Pq2orzcU959h93WXRZfvKBGDO/MFw9mZMg=",
"type": "tarball",
"url": "https://ftp.denx.de/pub/u-boot/u-boot-2024.04.tar.bz2"
},
"original": {
"type": "tarball",
"url": "https://ftp.denx.de/pub/u-boot/u-boot-2024.04.tar.bz2"
}
},
"utils": { "utils": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_2"
@@ -883,15 +656,27 @@
} }
}, },
"utils_2": { "utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": { "locked": {
"lastModified": 1709126324, "lastModified": 1605370193,
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "d465f4819400de7c8d874d50b982301f28a84605", "rev": "5021eac20303a61fafe17224c087f5519baed54d",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"utils_3": {
"locked": {
"lastModified": 1678901627,
"narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6",
"type": "github" "type": "github"
}, },
"original": { "original": {

66
flake.nix
View File

@@ -2,7 +2,7 @@
description = "NixOS system configuration"; description = "NixOS system configuration";
inputs = { inputs = {
nixpkgs.url = "nixpkgs/nixos-24.05"; nixpkgs.url = "nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
# nixpkgs-master.url = "nixpkgs"; # nixpkgs-master.url = "nixpkgs";
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
@@ -12,7 +12,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-24.05"; url = "github:nix-community/home-manager/release-23.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
firefox-gnome-theme = { firefox-gnome-theme = {
@@ -23,27 +23,15 @@
url = "git+ssh://git@git.vimium.com/jordan/gitea-github-theme.git?ref=main"; url = "git+ssh://git@git.vimium.com/jordan/gitea-github-theme.git?ref=main";
flake = false; flake = false;
}; };
kvlibadwaita = {
url = "github:GabePoel/KvLibadwaita";
flake = false;
};
nixos-hardware.url = "github:NixOS/nixos-hardware"; nixos-hardware.url = "github:NixOS/nixos-hardware";
nixos-mailserver = { nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05"; url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixvim = { nixvim = {
url = "github:nix-community/nixvim/nixos-24.05"; url = "github:nix-community/nixvim/nixos-23.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
plasma-manager = {
url = "github:nix-community/plasma-manager";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
raspberry-pi-nix = {
url = "github:nix-community/raspberry-pi-nix";
};
secrets = { secrets = {
url = "git+ssh://git@git.vimium.com/jordan/nix-secrets.git"; url = "git+ssh://git@git.vimium.com/jordan/nix-secrets.git";
flake = false; flake = false;
@@ -54,26 +42,16 @@
}; };
}; };
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, agenix, deploy-rs, disko, home-manager, nixos-hardware, nixos-mailserver, ... }: outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, agenix, deploy-rs, disko, home-manager, nixos-hardware, nixos-mailserver, secrets, ... }:
let let
inherit (nixpkgs) lib;
forEachSystem = lib.genAttrs [
"x86_64-linux"
"aarch64-linux"
];
mkPkgsForSystem = system: inputs.nixpkgs; mkPkgsForSystem = system: inputs.nixpkgs;
customPkgs = forEachSystem (system:
lib.packagesFromDirectoryRecursive {
callPackage = nixpkgs.legacyPackages.${system}.callPackage;
directory = ./pkgs;
});
overlays = [ overlays = [
agenix.overlays.default agenix.overlays.default
(import ./overlays/gnome.nix) (import ./overlays/gnome.nix)
(import ./overlays/libcamera.nix)
( (
final: prev: { final: prev: {
unstable = import inputs.nixpkgs-unstable { system = final.system; }; unstable = import inputs.nixpkgs-unstable { system = final.system; };
custom = self.packages { system = final.system; };
} }
) )
]; ];
@@ -99,7 +77,6 @@
nixpkgs.pkgs = import nixpkgs { nixpkgs.pkgs = import nixpkgs {
inherit overlays system; inherit overlays system;
config.allowUnfree = true; config.allowUnfree = true;
config.nvidia.acceptLicense = true;
}; };
networking.hostName = name; networking.hostName = name;
}) })
@@ -108,12 +85,6 @@
}; };
in in
{ {
legacyPackages = forEachSystem (system:
lib.packagesFromDirectoryRecursive {
callPackage = nixpkgs.legacyPackages.${system}.callPackage;
directory = ./pkgs;
});
nixosConfigurations = { nixosConfigurations = {
atlas = mkNixosSystem { system = "x86_64-linux"; name = "atlas"; }; atlas = mkNixosSystem { system = "x86_64-linux"; name = "atlas"; };
eos = mkNixosSystem { system = "x86_64-linux"; name = "eos"; }; eos = mkNixosSystem { system = "x86_64-linux"; name = "eos"; };
@@ -123,7 +94,6 @@
mail = mkNixosSystem { system = "x86_64-linux"; name = "mail"; }; mail = mkNixosSystem { system = "x86_64-linux"; name = "mail"; };
odyssey = mkNixosSystem { system = "x86_64-linux"; name = "odyssey"; }; odyssey = mkNixosSystem { system = "x86_64-linux"; name = "odyssey"; };
pi = mkNixosSystem { system = "aarch64-linux"; name = "pi"; extraModules = [ nixos-hardware.nixosModules.raspberry-pi-4 ]; }; pi = mkNixosSystem { system = "aarch64-linux"; name = "pi"; extraModules = [ nixos-hardware.nixosModules.raspberry-pi-4 ]; };
skycam = mkNixosSystem { system = "aarch64-linux"; name = "skycam"; extraModules = [ inputs.raspberry-pi-nix.nixosModules.raspberry-pi ]; };
vps1 = mkNixosSystem { system = "x86_64-linux"; name = "vps1"; }; vps1 = mkNixosSystem { system = "x86_64-linux"; name = "vps1"; };
}; };
@@ -154,22 +124,14 @@
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.vps1; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.vps1;
}; };
}; };
pi = { # pi = {
hostname = "10.0.1.191"; # hostname = "10.0.1.191";
#
profiles.system = { # profiles.system = {
user = "root"; # user = "root";
path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.pi; # path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.pi;
}; # };
}; # };
skycam = {
hostname = "10.0.1.146";
profiles.system = {
user = "root";
path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.skycam;
};
};
}; };
}; };

5
hosts/atlas/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, ... }: { config, lib, pkgs, ... }:
{ {
imports = [ imports = [
@@ -16,9 +16,6 @@
networkmanager.enable = true; networkmanager.enable = true;
}; };
virtualisation.virtualbox.host.enable = true;
users.extraGroups.vboxusers.members = [ "jordan" ];
modules = { modules = {
desktop = { desktop = {
apps = { apps = {

15
hosts/common.nix
View File

@@ -1,4 +1,4 @@
{ config, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";
@@ -42,32 +42,21 @@
extraOptions = '' extraOptions = ''
experimental-features = nix-command flakes experimental-features = nix-command flakes
''; '';
buildMachines = [
{
hostName = "10.0.1.79";
sshUser = "builder";
system = "aarch64-linux";
maxJobs = 6;
speedFactor = 1;
}
];
distributedBuilds = true;
settings = { settings = {
connect-timeout = 5; connect-timeout = 5;
log-lines = 25; log-lines = 25;
min-free = 128000000; min-free = 128000000;
max-free = 1000000000; max-free = 1000000000;
fallback = true; fallback = true;
allowed-users = [ "@wheel" ];
trusted-users = [ "@wheel" ]; trusted-users = [ "@wheel" ];
auto-optimise-store = true; auto-optimise-store = true;
substituters = [ substituters = [
"http://odyssey.mesh.vimium.net" "http://odyssey.mesh.vimium.net"
"https://nix-community.cachix.org"
"https://cache.nixos.org" "https://cache.nixos.org"
]; ];
trusted-public-keys = [ trusted-public-keys = [
"odyssey.mesh.vimium.net:ZhQhjscPWjoN4rlZwoMELznEiBnZ9O26iyGA27ibilQ=" "odyssey.mesh.vimium.net:ZhQhjscPWjoN4rlZwoMELznEiBnZ9O26iyGA27ibilQ="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
]; ];
}; };
gc = { gc = {

8
hosts/desktop.nix
View File

@@ -24,13 +24,15 @@
options = [ options = [
"nfsvers=4.2" "nfsvers=4.2"
"bg" "bg"
"intr"
"soft" "soft"
"timeo=20" "timeo=5"
"retrans=5"
"actimeo=5"
"retry=5" "retry=5"
"nocto" "nocto"
"ro" "ro"
"x-systemd.automount" "x-systemd.automount"
"x-systemd.requires=tailscaled.service"
"noauto" "noauto"
]; ];
}; };
@@ -59,7 +61,7 @@
fd fd
ffmpeg ffmpeg
iotop iotop
# unstable.nix-du unstable.nix-du
# unstable.nix-melt # unstable.nix-melt
unstable.nix-tree unstable.nix-tree
unstable.nix-visualize unstable.nix-visualize

19
hosts/hypnos/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, ... }: { config, lib, pkgs, ... }:
{ {
imports = [ imports = [
@@ -14,26 +14,13 @@
networking.hostId = "cf791898"; networking.hostId = "cf791898";
# nvidia 470 driver doesn't work with Wayland
services = {
xserver = {
displayManager.gdm.wayland = lib.mkForce false;
videoDrivers = [ "nvidia" ];
};
displayManager = {
defaultSession = if config.modules.desktop.kde.enable then "plasmax11" else "gnome-xorg";
sddm.wayland.enable = lib.mkForce false;
};
};
# Workaround for label rendering bug in GTK4 with nvidia 470 driver
environment.sessionVariables.GSK_RENDERER = "gl";
modules = { modules = {
desktop = { desktop = {
browsers = { browsers = {
firefox.enable = true; firefox.enable = true;
}; };
gnome.enable = lib.mkForce false;
kde.enable = true;
media.recording = { media.recording = {
audio.enable = true; audio.enable = true;
}; };

21
hosts/hypnos/hardware-configuration.nix
View File

@@ -8,10 +8,13 @@
boot = { boot = {
initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
kernelModules = [ "applesmc" "kvm-intel" "wl" ]; kernelModules = [ "applesmc" "kvm-intel" "wl" ];
extraModulePackages = [ kernelPatches = [
config.boot.kernelPackages.broadcom_sta {
config.boot.kernelPackages.nvidiaPackages.legacy_470 name = "spoof-mac-os-x";
patch = ./0001-Add-apple_set_os-EFI-boot-service.patch;
}
]; ];
extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
}; };
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
@@ -20,19 +23,19 @@
hardware = { hardware = {
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
nvidia = {
package = config.boot.kernelPackages.nvidiaPackages.legacy_470;
modesetting.enable = true;
powerManagement.enable = true;
};
opengl = { opengl = {
enable = true; enable = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [
intel-vaapi-driver
intel-media-driver
libvdpau-va-gl libvdpau-va-gl
]; ];
driSupport = true; driSupport = true;
driSupport32Bit = true;
}; };
}; };
environment.variables = {
VDPAU_DRIVER = "va_gl";
};
} }

32
hosts/library/default.nix
View File

@@ -1,5 +1,6 @@
{ config, pkgs, ... }: { config, lib, pkgs, ... }:
with lib.my;
{ {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
@@ -21,6 +22,7 @@
22 # SSH 22 # SSH
]; ];
}; };
networkmanager.enable = true;
}; };
services.zfs = { services.zfs = {
@@ -42,17 +44,6 @@
enable = true; enable = true;
}; };
services.grafana = {
enable = true;
settings = {
server = {
domain = "library.mesh.vimium.net";
http_addr = "0.0.0.0";
http_port = 3000;
};
};
};
services.prometheus = { services.prometheus = {
enable = true; enable = true;
port = 9001; port = 9001;
@@ -69,7 +60,7 @@
}; };
scrapeConfigs = [ scrapeConfigs = [
{ {
job_name = "node"; job_name = "library";
static_configs = [{ static_configs = [{
targets = [ targets = [
"127.0.0.1:${toString config.services.prometheus.exporters.node.port}" "127.0.0.1:${toString config.services.prometheus.exporters.node.port}"
@@ -155,19 +146,7 @@
}; };
}; };
hardware.opengl = { services.jellyfin.enable = true;
enable = true;
extraPackages = with pkgs; [
vaapiVdpau
];
driSupport = true;
};
users.users.jellyfin.extraGroups = [ "video" "render" ];
services.jellyfin = {
enable = true;
cacheDir = "/var/cache/jellyfin";
dataDir = "/var/lib/jellyfin";
};
modules = { modules = {
podman.enable = true; podman.enable = true;
@@ -181,7 +160,6 @@
borgmatic = { borgmatic = {
enable = true; enable = true;
directories = [ directories = [
config.services.jellyfin.dataDir
"/home/jordan" "/home/jordan"
]; ];
repoPath = "ssh://b61758r4@b61758r4.repo.borgbase.com/./repo"; repoPath = "ssh://b61758r4@b61758r4.repo.borgbase.com/./repo";

6
hosts/mail/default.nix
View File

@@ -30,6 +30,12 @@
services.openssh.settings.PermitRootLogin = lib.mkForce "prohibit-password"; services.openssh.settings.PermitRootLogin = lib.mkForce "prohibit-password";
security.acme.defaults = {
email = "hostmaster@vimium.com";
group = "nginx";
webroot = "/var/lib/acme/acme-challenge";
};
modules = { modules = {
services = { services = {
borgmatic = { borgmatic = {

2
hosts/odyssey/default.nix
View File

@@ -67,7 +67,6 @@
audio.enable = true; audio.enable = true;
video.enable = true; video.enable = true;
}; };
office.libreoffice.enable = true;
}; };
dev = { dev = {
node.enable = true; node.enable = true;
@@ -94,7 +93,6 @@
]; ];
repoPath = "ssh://iqwu22oq@iqwu22oq.repo.borgbase.com/./repo"; repoPath = "ssh://iqwu22oq@iqwu22oq.repo.borgbase.com/./repo";
}; };
gitea-runner.enable = true;
}; };
shell = { shell = {
git.enable = true; git.enable = true;

1
hosts/odyssey/hardware-configuration.nix
View File

@@ -19,7 +19,6 @@
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
nvidia = { nvidia = {
modesetting.enable = true; modesetting.enable = true;
package = config.boot.kernelPackages.nvidiaPackages.beta;
powerManagement.enable = true; powerManagement.enable = true;
}; };
}; };

48
hosts/server.nix
View File

@@ -7,51 +7,15 @@
documentation.enable = false; documentation.enable = false;
fonts.fontconfig.enable = false;
security = { security = {
acme = { acme.acceptTerms = true;
acceptTerms = true; auditd.enable = true;
defaults = { audit = {
email = "hostmaster@vimium.com";
group = "nginx";
webroot = "/var/lib/acme/acme-challenge";
};
};
# auditd.enable = true;
# audit = {
# enable = true;
# rules = [
# "-a exit,always -F arch=b64 -S execve"
# ];
# };
};
systemd = {
enableEmergencyMode = false;
sleep.extraConfig = ''
AllowSuspend=no
AllowHibernation=no
'';
watchdog = {
runtimeTime = "20s";
rebootTime = "30s";
};
};
services.fail2ban = {
enable = true;
bantime = "1h";
bantime-increment = {
enable = true; enable = true;
maxtime = "24h"; rules = [
rndtime = "7m"; "-a exit,always -F arch=b64 -S execve"
];
}; };
ignoreIP = [
"100.64.0.0/10"
];
}; };
modules.networking.tailscale = { modules.networking.tailscale = {

22
hosts/skycam/README.md
View File

@@ -1,22 +0,0 @@
# Skycam
## Overview
Raspberry Pi 4-based webcam
## Specs
* SoC - Broadcom BCM2711
* CPU - ARM Cortex-A72 @ 1.8 GHz
* Memory - 8 GB LPDDR4
### Disks
Device | Partitions _(filesystem, usage)_
--- | ---
SD card | `/dev/mmcblk0` (ext4, NixOS Root)
### Networks
- DHCP on `10.0.1.0/24` subnet.
- Tailscale on `100.64.0.0/10` subnet. FQDN: `skycam.mesh.vimium.net`.
## Devices and connections
- Camera Module 3 with wide-angle lens

63
hosts/skycam/default.nix
View File

@@ -1,63 +0,0 @@
{ config, lib, pkgs, ... }:
{
imports = [
./hardware-configuration.nix
../server.nix
];
raspberry-pi-nix = {
board = "bcm2711";
libcamera-overlay.enable = false;
};
networking = {
hostId = "731d1660";
firewall = {
enable = true;
allowedTCPPorts = [ 8080 ];
allowedUDPPorts = [ 8080 ];
};
};
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILVHTjsyMIV4THNw6yz0OxAxGnC+41gX72UrPqTzR+OS jordan@vimium.com"
];
};
services.openssh.settings.PermitRootLogin = lib.mkForce "prohibit-password";
systemd.services.ustreamer = {
enable = true;
description = "uStreamer service";
unitConfig = {
Type = "simple";
ConditionPathExists = "/sys/bus/i2c/drivers/imx708/10-001a/video4linux";
};
serviceConfig = {
ExecStart = ''${pkgs.libcamera}/bin/libcamerify ${pkgs.unstable.ustreamer}/bin/ustreamer \
--host=0.0.0.0 \
--resolution=4608x2592
'';
DynamicUser = "yes";
SupplementaryGroups = [ "video" "i2c" ];
Restart = "always";
RestartSec = 10;
};
wantedBy = [ "network-online.target" ];
confinement.mode = "chroot-only";
};
environment.systemPackages = with pkgs; [
git
neovim
libcamera
libraspberrypi
raspberrypi-eeprom
v4l-utils
unstable.ustreamer
];
system.stateVersion = "24.05";
}

12
hosts/skycam/hardware-configuration.nix
View File

@@ -1,12 +0,0 @@
{ config, lib, modulesPath, ... }:
{
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
options = [ "noatime" ];
};
};
}

29
hosts/vps1/default.nix
View File

@@ -1,7 +1,4 @@
{ { config, lib, pkgs, inputs, ... }:
lib,
...
}:
{ {
imports = [ imports = [
@@ -43,8 +40,13 @@
services.openssh.settings.PermitRootLogin = lib.mkForce "prohibit-password"; services.openssh.settings.PermitRootLogin = lib.mkForce "prohibit-password";
modules = rec { security.acme.defaults = {
databases.postgresql.enable = true; email = "hostmaster@vimium.com";
group = "nginx";
webroot = "/var/lib/acme/acme-challenge";
};
modules = {
services = { services = {
borgmatic = { borgmatic = {
enable = true; enable = true;
@@ -55,21 +57,10 @@
]; ];
repoPath = "ssh://p91y8oh7@p91y8oh7.repo.borgbase.com/./repo"; repoPath = "ssh://p91y8oh7@p91y8oh7.repo.borgbase.com/./repo";
}; };
coturn = { coturn.enable = true;
enable = true;
realm = "turn.vimium.com";
matrixIntegration = true;
};
gitea.enable = true; gitea.enable = true;
headscale.enable = true; headscale.enable = true;
matrix = { matrix-synapse.enable = true;
enable = true;
bridges = {
signal = true;
whatsapp = true;
};
usePostgresql = databases.postgresql.enable;
};
nginx.enable = true; nginx.enable = true;
photoprism.enable = true; photoprism.enable = true;
}; };

40
modules/databases/postgresql.nix
View File

@@ -1,40 +0,0 @@
{
config,
lib,
...
}:
let
cfg = config.modules.databases.postgresql;
in {
options.modules.databases.postgresql = {
enable = lib.mkOption {
default = false;
example = true;
};
};
config = lib.mkIf cfg.enable {
services.postgresql = {
enable = true;
initdbArgs = [
"--allow-group-access"
"--encoding=UTF8"
"--locale=C"
];
settings = {
log_connections = true;
log_disconnections = true;
log_destination = lib.mkForce "syslog";
};
};
services.borgmatic.settings = {
postgresql_databases = [
{
name = "all";
}
];
};
};
}

6
modules/default.nix
View File

@@ -2,9 +2,7 @@
imports = [ imports = [
./options.nix ./options.nix
./podman.nix ./podman.nix
./databases/postgresql.nix
./desktop/gnome.nix ./desktop/gnome.nix
./desktop/forensics.nix
./desktop/hyprland.nix ./desktop/hyprland.nix
./desktop/kde.nix ./desktop/kde.nix
./desktop/mimeapps.nix ./desktop/mimeapps.nix
@@ -12,7 +10,6 @@
./desktop/apps/slack.nix ./desktop/apps/slack.nix
./desktop/apps/thunderbird.nix ./desktop/apps/thunderbird.nix
./desktop/apps/zoom.nix ./desktop/apps/zoom.nix
./desktop/browsers/brave.nix
./desktop/browsers/firefox.nix ./desktop/browsers/firefox.nix
./desktop/gaming/emulators.nix ./desktop/gaming/emulators.nix
./desktop/gaming/lutris.nix ./desktop/gaming/lutris.nix
@@ -37,13 +34,12 @@
./security/gpg.nix ./security/gpg.nix
./security/pass.nix ./security/pass.nix
./services/borgmatic ./services/borgmatic
./services/chrony
./services/coturn ./services/coturn
./services/gitea ./services/gitea
./services/gitea-runner ./services/gitea-runner
./services/headscale ./services/headscale
./services/mail ./services/mail
./services/matrix ./services/matrix-synapse
./services/nginx ./services/nginx
./services/photoprism ./services/photoprism
./shell/git ./shell/git

17
modules/desktop/browsers/brave.nix
View File

@@ -1,17 +0,0 @@
{ config, lib, pkgs, inputs, ... }:
let cfg = config.modules.desktop.browsers.brave;
in {
options.modules.desktop.browsers.brave = {
enable = lib.mkOption {
default = false;
example = true;
};
};
config = lib.mkIf cfg.enable {
user.packages = with pkgs; [
brave
];
};
}

88
modules/desktop/browsers/firefox.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, inputs, ... }: { config, lib, pkgs, inputs, ... }:
let cfg = config.modules.desktop.browsers.firefox; let cfg = config.modules.desktop.browsers.firefox;
in { in {
@@ -35,79 +35,23 @@ in {
## Preferences ## Preferences
"browser.ctrlTab.sortByRecentlyUsed" = true; "browser.ctrlTab.sortByRecentlyUsed" = true;
"browser.discovery.enabled" = false;
"browser.download.open_pdf_attachments_inline" = true;
"browser.menu.showViewImageInfo" = true;
"browser.newtabpage.enabled" = false; "browser.newtabpage.enabled" = false;
"browser.newtabpage.activity-stream.showSponsored" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.newtabpage.activity-stream.default.sites" = "";
"browser.privatebrowsing.forceMediaMemoryCache" = true;
"browser.search.widget.inNavBar" = true; "browser.search.widget.inNavBar" = true;
"browser.startup.page" = 3; "browser.startup.page" = 3;
"browser.startup.homepage" = "https://www.vimium.com"; "browser.startup.homepage" = "https://www.vimium.com";
"browser.toolbars.bookmarks.visibility" = "never"; "browser.toolbars.bookmarks.visibility" = "never";
"browser.uitour.enabled" = false;
"browser.urlbar.suggest.engines" = false;
"browser.urlbar.suggest.calculator" = true;
"browser.urlbar.trending.featureGate" = false;
"browser.urlbar.unitConversion.enabled" = true;
"cookiebanners.service.mode" = 1;
"cookiebanners.service.mode.privateBrowsing" = 1;
"network.IDN_show_punycode" = true;
## Performance
"browser.cache.jsbc_compression_level" = 3;
"content.notify.interval" = 100000;
"dom.enable_web_task_scheduling" = true;
"dom.security.sanitizer.enabled" = true;
"gfx.canvas.accelerated.cache-items" = 4096;
"gfx.canvas.accelerated.cache-size" = 512;
"gfx.content.skia-font-cache-size" = 20;
"gfx.webrender.all" = true;
"gfx.webrender.compositor" = true;
"gfx.webrender.enable" = true;
"image.mem.decode_bytes_at_a_time" = 32768;
"layers.acceleration.force-enabled" = true;
"layout.css.grid-template-masonry-value.enabled" = true;
"media.ffmpeg.vaapi.enabled" = true;
"media.memory_cache_max_size" = 65536;
"media.cache_readahead_limit" = 7200;
"media.cache_resume_threshold" = 3600;
"network.dns.disablePrefetch" = true;
"network.dns.disablePrefetchFromHTTPS" = true;
"network.dnsCacheExpiration" = 3600;
"network.http.max-connections" = 1800;
"network.http.max-persistent-connections-per-server" = 10;
"network.http.max-urgent-start-excessive-connections-per-host" = 5;
"network.http.pacing.requests.enabled" = false;
"network.predictor.enabled" = false;
"network.prefetch-next" = false;
"network.ssl_tokens_cache_capacity" = 10240;
"pdfjs.enableScripting" = false;
"security.mixed_content.block_display_content" = true;
## Experiments ## Experiments
"app.normandy.enabled" = false; "app.normandy.enabled" = false;
"app.normandy.api_url" = ""; "app.normandy.api_url" = "";
"app.normandy.user_id" = ""; "app.normandy.user_id" = "";
"app.shield.optoutstudies.enabled" = false;
"browser.shopping.experience2023.active" = false;
"browser.shopping.experience2023.enabled" = false;
"extensions.screenshots.disabled" = true; "extensions.screenshots.disabled" = true;
"extensions.screenshots.upload-disabled" = true; "extensions.screenshots.upload-disabled" = true;
"experiments.supported" = false; "experiments.supported" = false;
"experiments.enabled" = false; "experiments.enabled" = false;
"experiments.manifest.uri" = ""; "experiments.manifest.uri" = "";
"network.allow-experiments" = false; "network.allow-experiments" = false;
"privacy.trackingprotection.enabled" = false;
## Privacy
"dom.private-attribution.submission.enabled" = false;
# "privacy.resistFingerprinting" = true;
"privacy.resistFingerprinting.autoDeclineNoUserInputCanvasPrompts" = false;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.pbmode.enabled" = true;
"privacy.userContext.enabled" = true;
## Geo ## Geo
"geo.enabled" = false; "geo.enabled" = false;
@@ -154,34 +98,12 @@ in {
"dom.battery.enabled" = false; "dom.battery.enabled" = false;
"dom.vr.enabled" = false; "dom.vr.enabled" = false;
"media.navigator.enabled" = false; "media.navigator.enabled" = false;
# "dom.webaudio.enabled" = false; "dom.webaudio.enabled" = false;
## Isolation ## Isolation
"privacy.firstparty.isolate" = true; "privacy.firstparty.isolate" = true;
"privacy.firstparty.isolate.restrict_opener_access" = true; "privacy.firstparty.isolate.restrict_opener_access" = true;
## Telemetry
"beacon.enabled" = false;
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
"browser.newtabpage.activity-stream.telemetry" = false;
"browser.send_pings" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.healthReport.uploadEnabled" = false;
"toolkit.coverage.opt-out" = true;
"toolkit.coverage.endpoint.base" = "";
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.coverage.opt-out" = true;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.reportingPolicy.firstRun" = false;
"toolkit.telemetry.server" = "data:,";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.updatePing.enabled" = false;
## Pocket/Hello ## Pocket/Hello
"loop.enabled" = false; "loop.enabled" = false;
"loop.feedback.baseUrl" = ""; "loop.feedback.baseUrl" = "";
@@ -203,10 +125,6 @@ in {
"browser.pocket.useLocaleList" = false; "browser.pocket.useLocaleList" = false;
"brwoser.pocket.enabledLocales" = ""; "brwoser.pocket.enabledLocales" = "";
## Plugins
"plugin.state.flash" = 0;
"plugin.state.java" = 0;
## Misc ## Misc
"browser.selfsupport.url" = ""; "browser.selfsupport.url" = "";
}; };

26
modules/desktop/forensics.nix
View File

@@ -1,26 +0,0 @@
{ config, lib, pkgs, ... }:
let cfg = config.modules.desktop.forensics;
in {
options.modules.desktop.forensics = {
enable = lib.mkOption {
default = false;
example = true;
};
};
config = lib.mkIf cfg.enable {
user.packages = with pkgs; [
acquire
afflib
autopsy
fatcat
foremost
hstsparser
networkminer
sleuthkit
testdisk-qt
tracee
];
};
}

232
modules/desktop/gnome.nix
View File

@@ -1,4 +1,4 @@
{ config, inputs, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let cfg = config.modules.desktop.gnome; let cfg = config.modules.desktop.gnome;
in { in {
@@ -21,90 +21,28 @@ in {
programs.dconf.enable = true; programs.dconf.enable = true;
dconf.settings = { dconf.settings = {
"io/github/celluloid-player/celluloid" = {
draggable-video-area-enable = true;
};
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
cursor-theme = "Adwaita";
enable-hot-corners = false;
font-name = "Cantarell 11";
gtk-theme = "adw-gtk3-dark";
icon-theme = "MoreWaita";
monospace-font-name = "UbuntuMono Nerd Font 11";
toolbar-style = "both-horiz";
};
"org/gnome/desktop/peripherals/touchpad" = {
tap-to-click = true;
};
"org/gnome/desktop/sound" = {
theme-name = "freedesktop";
};
"org/gnome/desktop/search-providers" = {
disabled = [ "org.gnome.Epiphany.desktop" ];
};
"org/gnome/desktop/wm/keybindings" = {
switch-group = [ "<Super>grave" ];
switch-group-backward = [ "<Shift><Super>grave" ];
};
"org/gnome/desktop/wm/preferences" = {
button-layout = "appmenu:close";
};
"org/gnome/gnome-session" = {
auto-save-session = true;
};
"org/gnome/gnome-system-monitor" = {
show-dependencies = true;
};
"org/gnome/mutter" = {
center-new-windows = true;
edge-tiling = true;
experimental-features = [ "scale-monitor-framebuffer" ];
};
"org/gnome/settings-daemon/plugins/media-keys" = {
volume-up = [
"<Shift>F12"
"XF86AudioRaiseVolume"
];
volume-down = [
"<Shift>F11"
"XF86AudioLowerVolume"
];
};
"org/gnome/shell" = { "org/gnome/shell" = {
disable-user-extensions = false; disable-user-extensions = false;
enabled-extensions = [ enabled-extensions = [
"appindicatorsupport@rgcjonas.gmail.com" # "another-window-session-manager@gmail.com"
# "arcmenu@arcmenu.com"
"blur-my-shell@aunetx" "blur-my-shell@aunetx"
# "browser-tabs@com.github.harshadgavali"
"burn-my-windows@schneegans.github.com" "burn-my-windows@schneegans.github.com"
"clipboard-indicator@tudmotu.com"
"CoverflowAltTab@palatis.blogspot.com"
# "dash-to-panel@jderose9.github.com"
# "desktop-cube@schneegans.github.com" # "desktop-cube@schneegans.github.com"
# "EasyScreenCast@iacopodeenosee.gmail.com" # "desktop-zoom@colin.kinlo.ch"
"espresso@coadmunkee.github.com" "espresso@coadmunkee.github.com"
"flypie@schneegans.github.com" # "flypie@schneegans.github.com"
# "forge@jmmaranan.com" # "forge@jmmaranan.com"
"gsconnect@andyholmes.github.io" "hue-lights@chlumskyvaclav@gmail.com"
# "gSnap@micahosborne"
# "hidetopbar@mathieu.bidon.ca"
"just-perfection-desktop@just-perfection" "just-perfection-desktop@just-perfection"
# "mediacontrols@cliffniff.github.com"
# "mousefollowsfocus@matthes.biz"
# "pano@elhan.io" # "pano@elhan.io"
# "paperwm@hedning:matrix.org" # "paperwm@hedning:matrix.org"
"pip-on-top@rafostar.github.com"
# "rounded-window-corners@yilozt"
# "search-light@icedman.github.com" # "search-light@icedman.github.com"
# "smart-auto-move@khimaros.com"
"space-bar@luchrioh" "space-bar@luchrioh"
# "smart-auto-move@khimaros.com"
# "systemd-manager@hardpixel.eu"
# "tailscale-status@maxgallup.github.com"
# "tiling-assistant@leleat-on-github" # "tiling-assistant@leleat-on-github"
"tilingshell@ferrarodomenico.com"
"Vitals@CoreCoding.com" "Vitals@CoreCoding.com"
"windowIsReady_Remover@nunofarruca@gmail.com"
# "worksets@blipk.xyz"
# "wsmatrix@martin.zurowietz.de" # "wsmatrix@martin.zurowietz.de"
]; ];
favorite-apps = [ favorite-apps = [
@@ -112,6 +50,9 @@ in {
"org.gnome.Nautilus.desktop" "org.gnome.Nautilus.desktop"
]; ];
}; };
"org/gnome/shell/extensions/another-window-session-manager" = {
enable-autorestore-sessions = true;
};
"org/gnome/shell/extensions/blur-my-shell/panel" = { "org/gnome/shell/extensions/blur-my-shell/panel" = {
static-blur = true; static-blur = true;
}; };
@@ -123,14 +64,8 @@ in {
glide-open-effect = true; glide-open-effect = true;
glide-close-effect = true; glide-close-effect = true;
}; };
"org/gnome/shell/extensions/dash-to-panel" = { "org/gnome/shell/extensions/desktop-zoom" = {
intellihide = true; mag-factor-delta = 0.07;
panel-positions = ''
{"0":"TOP"}
'';
trans-panel-opacity = 0.3;
trans-use-custom-opacity = true;
trans-use-dynamic-opacity = true;
}; };
"org/gnome/shell/extensions/espresso" = { "org/gnome/shell/extensions/espresso" = {
enable-fullscreen = true; enable-fullscreen = true;
@@ -140,32 +75,18 @@ in {
"com.obsproject.Studio.desktop" "com.obsproject.Studio.desktop"
]; ];
}; };
"org/gnome/shell/extensions/flypie" = { "org/gnome/shell/extensions/paperwm" = {
preview-on-right-side = true; use-default-background = true;
}; };
"org/gnome/shell/extensions/forge" = { "org/gnome/shell/extensions/forge" = {
window-gap-size = 8; window-gap-size = 8;
window-gap-hidden-on-single = false; window-gap-hidden-on-single = false;
}; };
"org/gnome/shell/extensions/hidetopbar" = {
mouse-sensitive = true;
mouse-sensitive-fullscreen-window = true;
enable-active-window = false;
};
"org/gnome/shell/extensions/just-perfection" = { "org/gnome/shell/extensions/just-perfection" = {
activities-button = false; activities-button = false;
window-demands-attention-focus = true; window-demands-attention-focus = true;
workspace-wrap-around = true; workspace-wrap-around = true;
}; };
"org/gnome/shell/extensions/paperwm" = {
use-default-background = true;
};
"org/gnome/shell/extensions/pip-on-top" = {
stick = true;
};
"org/gnome/shell/extensions/search-light" = {
popup-at-cursor-monitor = true;
};
"org/gnome/shell/extensions/space-bar/behavior" = { "org/gnome/shell/extensions/space-bar/behavior" = {
enable-activate-workspace-shortcuts = true; enable-activate-workspace-shortcuts = true;
show-empty-workspaces = true; show-empty-workspaces = true;
@@ -178,15 +99,15 @@ in {
screen-left-gap = 8; screen-left-gap = 8;
window-gap = 8; window-gap = 8;
}; };
"org/gnome/shell/extensions/tilingshell" = { "org/gnome/desktop/background" = {
inner-gaps = 16; picture-uri = "file://${pkgs.gnome.gnome-backgrounds}/share/backgrounds/gnome/adwaita-l.jpg";
outer-gaps = 8; picture-uri-dark = "file://${pkgs.gnome.gnome-backgrounds}/share/backgrounds/gnome/adwaita-d.jpg";
enable-blur-snap-assistant = true;
}; };
"org/gnome/Console" = { "org/gnome/desktop/peripherals/touchpad" = {
font-scale = 1.4; tap-to-click = true;
use-system-font = false; };
custom-font = "ComicShannsMono Nerd Font 10"; "org/gnome/desktop/search-providers" = {
disabled = [ "org.gnome.Epiphany.desktop" ];
}; };
"org/gtk/settings/file-chooser" = { "org/gtk/settings/file-chooser" = {
show-hidden = true; show-hidden = true;
@@ -196,18 +117,44 @@ in {
show-hidden = true; show-hidden = true;
sort-directories-first = true; sort-directories-first = true;
}; };
}; "org/gnome/settings-daemon/plugins/media-keys" = {
volume-up = [
environment.sessionVariables = { "<Shift>F12"
QT_STYLE_OVERRIDE = lib.mkForce "kvantum"; "XF86AudioRaiseVolume"
QT_WAYLAND_DECORATION = lib.mkForce "adwaita"; ];
}; volume-down = [
"<Shift>F11"
home.configFile = { "XF86AudioLowerVolume"
"Kvantum/kvantum.kvconfig".text = lib.generators.toINI {} { ];
General.theme = "KvLibadwaitaDark"; };
"org/gnome/gnome-session" = {
auto-save-session = true;
};
"org/gnome/gnome-system-monitor" = {
show-dependencies = true;
};
"org/gnome/Console" = {
font-scale = 1.4;
use-system-font = false;
custom-font = "ComicShannsMono Nerd Font 10";
};
"org/gnome/mutter" = {
center-new-windows = true;
edge-tiling = true;
experimental-features = [ "scale-monitor-framebuffer" ];
};
"org/gnome/desktop/interface" = {
enable-hot-corners = false;
icon-theme = "MoreWaita";
monospace-font-name = "UbuntuMono Nerd Font 11";
};
"org/gnome/desktop/wm/keybindings" = {
switch-group = [ "<Super>grave" ];
switch-group-backward = [ "<Shift><Super>grave" ];
};
"io/github/celluloid-player/celluloid" = {
draggable-video-area-enable = true;
}; };
"Kvantum/KvLibadwaita".source = "${inputs.kvlibadwaita}/src/KvLibadwaita";
}; };
user.packages = with pkgs; [ user.packages = with pkgs; [
@@ -218,7 +165,6 @@ in {
# d-spy # d-spy
# drawing # drawing
# fragments # fragments
gnome.dconf-editor
gnome.ghex gnome.ghex
# gnome-builder # gnome-builder
gnome-decoder gnome-decoder
@@ -228,60 +174,48 @@ in {
gnome-podcasts gnome-podcasts
identity identity
mission-center mission-center
mousam
newsflash newsflash
# schemes # schemes
shortwave shortwave
sysprof ];
] ++ (if config.virtualisation.podman.enable then [
pods
] else []);
environment.systemPackages = with pkgs.unstable; [ environment.systemPackages = with pkgs; [
adw-gtk3 adw-gtk3
kdePackages.qtstyleplugin-kvantum gnome.gnome-boxes
libsForQt5.qtstyleplugin-kvantum gnomeExtensions.another-window-session-manager
morewaita-icon-theme # gnomeExtensions.bifocals
nautilus-python
qadwaitadecorations
qadwaitadecorations-qt6
## Shell extensions
gnomeExtensions.appindicator
gnomeExtensions.arcmenu
gnomeExtensions.blur-my-shell gnomeExtensions.blur-my-shell
gnomeExtensions.browser-tabs gnomeExtensions.browser-tabs
gnomeExtensions.burn-my-windows gnomeExtensions.burn-my-windows
gnomeExtensions.clipboard-indicator
gnomeExtensions.coverflow-alt-tab
gnomeExtensions.dash-to-panel
gnomeExtensions.desktop-cube gnomeExtensions.desktop-cube
gnomeExtensions.easyScreenCast gnomeExtensions.desktop-zoom
gnomeExtensions.espresso gnomeExtensions.espresso
gnomeExtensions.fly-pie gnome44Extensions."flypie@schneegans.github.com"
gnomeExtensions.forge # gnomeExtensions.forge
gnomeExtensions.gsconnect # gnomeExtensions.gsnap
gnomeExtensions.gsnap gnomeExtensions.hue-lights
gnomeExtensions.hide-top-bar
gnomeExtensions.just-perfection gnomeExtensions.just-perfection
gnomeExtensions.media-controls # gnomeExtensions.mutter-primary-gpu
gnomeExtensions.mouse-follows-focus
gnomeExtensions.pano gnomeExtensions.pano
gnomeExtensions.paperwm gnomeExtensions.paperwm
gnomeExtensions.pip-on-top # gnomeExtensions.pip-on-top
gnomeExtensions.rounded-window-corners gnomeExtensions.rounded-window-corners
gnomeExtensions.search-light gnomeExtensions.search-light
gnomeExtensions.smart-auto-move gnomeExtensions.smart-auto-move
gnomeExtensions.space-bar gnomeExtensions.space-bar
gnomeExtensions.systemd-manager
gnomeExtensions.tailscale-status
gnomeExtensions.tiling-assistant gnomeExtensions.tiling-assistant
gnomeExtensions.tiling-shell # gnomeExtensions.todotxt
gnomeExtensions.todotxt
gnomeExtensions.vitals gnomeExtensions.vitals
gnomeExtensions.window-is-ready-remover # gnomeExtensions.window-is-ready-remover
gnomeExtensions.worksets # gnomeExtensions.worksets
gnomeExtensions.workspace-matrix # gnomeExtensions.workspace-matrix
]; unstable.morewaita-icon-theme
] ++ (if config.virtualisation.podman.enable then [
pods
] else []);
home.services.gpg-agent.pinentryPackage = pkgs.pinentry-gnome3; home.services.gpg-agent.pinentryFlavor = "gnome3";
}; };
} }

2
modules/desktop/hyprland.nix
View File

@@ -22,6 +22,6 @@ in {
adw-gtk3 adw-gtk3
]; ];
home.services.gpg-agent.pinentryPackage = pkgs.pinentry-gnome3; home.services.gpg-agent.pinentryFlavor = "gnome3";
}; };
} }

10
modules/desktop/kde.nix
View File

@@ -10,15 +10,13 @@ in {
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
services = { services.xserver = {
xserver = { enable = true;
enable = true;
};
desktopManager.plasma6.enable = true;
displayManager.sddm = { displayManager.sddm = {
enable = true; enable = true;
wayland.enable = true; wayland.enable = true;
}; };
desktopManager.plasma5.enable = true;
}; };
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
@@ -32,6 +30,6 @@ in {
adw-gtk3 adw-gtk3
]; ];
home.services.gpg-agent.pinentryPackage = pkgs.pinentry-qt; home.services.gpg-agent.pinentryFlavor = "qt";
}; };
} }

20
modules/desktop/office/libreoffice.nix
View File

@@ -1,24 +1,6 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let cfg = config.modules.desktop.office.libreoffice;
cfg = config.modules.desktop.office.libreoffice;
# libreoffice-gtk4 = pkgs.libreoffice.override {
# extraMakeWrapperArgs = [
# "--set SAL_USE_VCLPLUGIN gtk4"
# ];
# unwrapped = pkgs.libreoffice-unwrapped.overrideAttrs (oldAttrs: {
# buildInputs = oldAttrs.buildInputs ++ [
# pkgs.gtk4
# ];
# configureFlags = oldAttrs.configureFlags ++ [
# "--disable-werror"
# "--enable-gtk4"
# ];
# passthru = oldAttrs.passthru // {
# inherit (pkgs) gtk4;
# };
# });
# };
in { in {
options.modules.desktop.office.libreoffice = { options.modules.desktop.office.libreoffice = {
enable = lib.mkOption { enable = lib.mkOption {

25
modules/editors/neovim/default.nix
View File

@@ -42,7 +42,7 @@ in {
providers.wl-copy.enable = true; providers.wl-copy.enable = true;
}; };
plugins.comment.enable = true; plugins.comment-nvim.enable = true;
plugins.hmts.enable = true; plugins.hmts.enable = true;
@@ -73,20 +73,18 @@ in {
plugins.nvim-autopairs.enable = true; plugins.nvim-autopairs.enable = true;
plugins.cmp = { plugins.nvim-cmp = {
enable = true; enable = true;
autoEnableSources = true; autoEnableSources = true;
settings = { sources = [
sources = [ { name = "nvim_lsp"; }
{ name = "nvim_lsp"; } { name = "path"; }
{ name = "path"; } { name = "buffer"; }
{ name = "buffer"; } ];
]; mapping = {
mapping = { "<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})"; "<S-Tab>" = "cmp.mapping(cmp.mapping.select_prev_item(), {'i', 's'})";
"<S-Tab>" = "cmp.mapping(cmp.mapping.select_prev_item(), {'i', 's'})"; "<CR>" = "cmp.mapping.confirm({ select = true })";
"<CR>" = "cmp.mapping.confirm({ select = true })";
};
}; };
}; };
@@ -100,6 +98,7 @@ in {
"<C-p>" = "git_files"; "<C-p>" = "git_files";
"<C-f>" = "live_grep"; "<C-f>" = "live_grep";
}; };
keymapsSilent = true;
}; };
plugins.treesitter = { plugins.treesitter = {

84
modules/hardware/presonus-studio.nix
View File

@@ -7,12 +7,12 @@ let
patched = snd-usb-audio-module.overrideAttrs (prev: { patched = snd-usb-audio-module.overrideAttrs (prev: {
patches = [ ./0001-Update-device-ID-for-PreSonus-1824c.patch ]; patches = [ ./0001-Update-device-ID-for-PreSonus-1824c.patch ];
}); });
upmixConfig = { upmixConfig = ''
"stream.properties" = { stream.properties = {
"channelmix.upmix" = true; channelmix.upmix = true
"channelmix.upmix-method" = "psd"; channelmix.upmix-method = psd
}; }
}; '';
in { in {
options.modules.hardware.presonus-studio = { options.modules.hardware.presonus-studio = {
enable = lib.mkOption { enable = lib.mkOption {
@@ -44,45 +44,43 @@ in {
''; '';
}; };
services.pipewire.extraConfig = { environment.etc = {
pipewire = { "pipewire/pipewire.conf.d/10-network.conf".text = ''
"10-network" = { context.modules = [
"context.modules" = [ {
{ name = libpipewire-module-rtp-session
"name" = "libpipewire-module-rtp-session"; args = {
"args" = { stream.props = {
"stream.props" = { node.name = "rtp-source"
"node.name" = "rtp-source"; }
};
};
} }
]; }
}; ]
"surround" = { '';
"context.modules" = [ "pipewire/pipewire.conf.d/surround.conf".text = ''
{ context.modules = [
"name" = "libpipewire-module-loopback"; {
"args" = { name = libpipewire-module-loopback
"node.description" = "Genelec 4.1 Surround"; args = {
"capture.props" = { node.description = "Genelec 4.1 Surround"
"node.name" = "Genelec_Speakers"; capture.props = {
"media.class" = "Audio/Sink"; node.name = "Genelec_Speakers"
"audio.position" = [ "FL" "FR" "SL" "SR" "LFE" ]; media.class = "Audio/Sink"
}; audio.position = [ FL FR SL SR LFE ]
"playback.props" = { }
"node.name" = "playback.Genelec_Speakers"; playback.props = {
"audio.position" = [ "AUX0" "AUX1" "AUX3" "AUX4" "AUX5" ]; node.name = "playback.Genelec_Speakers"
"target.object" = "alsa_output.usb-PreSonus_Studio_1824c_SC4E21110775-00.multichannel-output"; audio.position = [ AUX0 AUX1 AUX3 AUX4 AUX5 ]
"stream.dont-remix" = true; target.object = "alsa_output.usb-PreSonus_Studio_1824c_SC4E21110775-00.multichannel-output"
"node.passive" = true; stream.dont-remix = true
}; node.passive = true
}; }
} }
]; }
}; ]
}; '';
pipewire-pulse."40-upmix" = upmixConfig; "pipewire/pipewire-pulse.conf.d/40-upmix.conf".text = upmixConfig;
client-rt."40-upmix" = upmixConfig; "pipewire/client-rt.conf.d/40-upmix.conf".text = upmixConfig;
}; };
}; };
} }

25
modules/networking/tailscale.nix
View File

@@ -1,9 +1,6 @@
{ config, inputs, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let cfg = config.modules.networking.tailscale;
cfg = config.modules.networking.tailscale;
headscale = "https://headscale.vimium.net";
hostname = config.networking.hostName;
in { in {
options.modules.networking.tailscale = { options.modules.networking.tailscale = {
enable = lib.mkOption { enable = lib.mkOption {
@@ -17,24 +14,8 @@ in {
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
age.secrets."passwords/services/tailscale/${hostname}-authkey" = { services.tailscale.enable = true;
file = "${inputs.secrets}/passwords/services/tailscale/${hostname}-authkey.age";
};
environment.systemPackages = [ pkgs.tailscale ];
services.tailscale = {
enable = true;
authKeyFile = config.age.secrets."passwords/services/tailscale/${hostname}-authkey".path;
extraUpFlags = [
"--login-server"
headscale
];
};
services.openssh.openFirewall = !cfg.restrictSSH; services.openssh.openFirewall = !cfg.restrictSSH;
networking.firewall = { networking.firewall = {
checkReversePath = "loose"; checkReversePath = "loose";
trustedInterfaces = [ "tailscale0" ]; trustedInterfaces = [ "tailscale0" ];

3
modules/options.nix
View File

@@ -36,7 +36,7 @@ with lib;
in { in {
inherit name; inherit name;
isNormalUser = true; isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" "lxd" "video" ]; extraGroups = [ "networkmanager" "wheel" "lxd" ];
description = "Jordan Holt"; description = "Jordan Holt";
useDefaultShell = true; useDefaultShell = true;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
@@ -69,7 +69,6 @@ with lib;
sharedModules = [ sharedModules = [
inputs.nixvim.homeManagerModules.nixvim inputs.nixvim.homeManagerModules.nixvim
inputs.plasma-manager.homeManagerModules.plasma-manager
]; ];
}; };

30
modules/services/borgmatic/default.nix
View File

@@ -1,31 +1,33 @@
{ config, lib, pkgs, inputs, ... }: { config, lib, pkgs, inputs, ... }:
with lib;
let let
cfg = config.modules.services.borgmatic; cfg = config.modules.services.borgmatic;
hostname = config.networking.hostName; hostname = config.networking.hostName;
in { in {
options.modules.services.borgmatic = { options.modules.services.borgmatic = {
enable = lib.mkOption { enable = mkOption {
default = false; default = false;
example = true; example = true;
description = lib.mdDoc "Enable backups on this host with `borgmatic`"; description = mdDoc "Enable backups on this host with `borgmatic`";
}; };
directories = lib.mkOption { directories = mkOption {
type = lib.types.listOf lib.types.str; type = types.listOf types.str;
default = []; default = [];
example = [ example = [
"/home/jordan/Documents" "/home/jordan/Documents"
]; ];
description = lib.mdDoc "List of directories to backup"; description = mdDoc "List of directories to backup";
}; };
repoPath = lib.mkOption { repoPath = mkOption {
type = lib.types.str; type = types.str;
example = "ssh://example@example.repo.borgbase.com/./repo"; example = "ssh://example@example.repo.borgbase.com/./repo";
description = lib.mdDoc "Destination borg repository for backup"; description = mdDoc "Destination borg repository for backup";
}; };
}; };
config = lib.mkIf cfg.enable { config = mkIf cfg.enable {
age.secrets."passwords/services/borg/${hostname}-passphrase" = { age.secrets."passwords/services/borg/${hostname}-passphrase" = {
file = "${inputs.secrets}/passwords/services/borg/${hostname}-passphrase.age"; file = "${inputs.secrets}/passwords/services/borg/${hostname}-passphrase.age";
}; };
@@ -45,16 +47,6 @@ in {
}; };
}; };
services.postgresql.ensureUsers = [
{
name = "root";
ensureClauses.superuser = true;
}
];
# Add `pg_dumpall` to unit environment
systemd.services.borgmatic.path = [ config.services.postgresql.package ];
# Without this override, `cat` is unavailable for `encryption_passcommand` # Without this override, `cat` is unavailable for `encryption_passcommand`
systemd.services.borgmatic.confinement.fullUnit = true; systemd.services.borgmatic.confinement.fullUnit = true;
}; };

41
modules/services/chrony/default.nix
View File

@@ -1,41 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.modules.services.chrony;
in {
options.modules.services.chrony = {
enable = mkOption {
default = false;
example = true;
description = "Enable chrony NTP deamon";
};
config = mkIf cfg.enable {
services.chrony = {
enable = true;
servers = [
"uk.pool.ntp.org"
"time.cloudflare.com"
];
extraConfig = ''
makestep 1.0 3
bindaddress 0.0.0.0
port 123
allow
'';
};
services.timesyncd.enable = mkForce false;
networking.firewall = {
allowedUDPPorts = [ 123 ];
allowedTCPPorts = [ 123 ];
};
};
};
}

117
modules/services/coturn/default.nix
View File

@@ -1,123 +1,60 @@
{ { config, lib, pkgs, inputs, ... }:
config,
lib, with lib;
inputs,
...
}:
let let
cfg = config.modules.services.coturn; cfg = config.modules.services.coturn;
in { in {
options.modules.services.coturn = { options.modules.services.coturn = {
enable = lib.mkOption { enable = mkOption {
default = false; default = false;
example = true; example = true;
}; };
realm = lib.mkOption {
type = lib.types.str;
description = "The realm to be used by the TURN server.";
example = "turn.vimium.com";
};
matrixIntegration = lib.mkOption {
default = false;
description = "Configure the matrix-synapse module to use this TURN server.";
example = true;
};
}; };
config = lib.mkIf cfg.enable { config = mkIf cfg.enable {
networking.firewall = let networking.firewall = {
range = with config.services.coturn; lib.singleton {
from = min-port;
to = max-port;
};
in {
allowedTCPPorts = [ allowedTCPPorts = [
3478 # TURN listener
5349 # STUN TLS 5349 # STUN TLS
5350 # STUN TLS alt 5350 # STUN TLS alt
]; ];
allowedUDPPorts = [ allowedUDPPortRanges = [
3478 # TURN listener { from = 49152; to = 49999; } # TURN relay
5349 # TLS
5350 # TLS alt
]; ];
allowedUDPPortRanges = range; # TURN peer relays
}; };
security.acme.certs = { security.acme.certs = {
"${config.services.coturn.realm}" = { "turn.vimium.com" = {
group = "turnserver";
reloadServices = [ "coturn" ]; reloadServices = [ "coturn" ];
}; };
}; };
age.secrets = { age.secrets."passwords/services/coturn/shared-secret" = {
"passwords/services/coturn/static-auth-secret" = { file = "${inputs.secrets}/passwords/services/coturn/shared-secret.age";
file = "${inputs.secrets}/passwords/services/coturn/static-auth-secret.age"; owner = "turnserver";
owner = "turnserver"; group = "turnserver";
group = "turnserver"; };
};
} // (if cfg.matrixIntegration then {
"passwords/services/coturn/matrix-turn-config.yml" = {
file = "${inputs.secrets}/passwords/services/coturn/matrix-turn-config.yml.age";
owner = "matrix-synapse";
group = "matrix-synapse";
};
} else {});
services.coturn = rec { services.coturn = {
enable = true; enable = true;
realm = cfg.realm; lt-cred-mech = true;
use-auth-secret = true; use-auth-secret = true;
static-auth-secret-file = config.age.secrets."passwords/services/coturn/static-auth-secret".path; static-auth-secret-file = config.age.secrets."passwords/services/coturn/shared-secret".path;
cert = "${config.security.acme.certs.${realm}.directory}/full.pem"; realm = "turn.vimium.com";
pkey = "${config.security.acme.certs.${realm}.directory}/key.pem"; relay-ips = [
min-port = 49000; "198.244.190.160"
max-port = 50000; ];
no-cli = true;
no-tcp-relay = true; no-tcp-relay = true;
extraConfig = '' extraConfig = ''
cipher-list="HIGH" cipher-list="HIGH"
no-loopback-peers
no-multicast-peers no-multicast-peers
# Ban private CIDR blocks
denied-peer-ip=0.0.0.0-0.255.255.255
denied-peer-ip=10.0.0.0-10.255.255.255
denied-peer-ip=100.64.0.0-100.127.255.255
denied-peer-ip=127.0.0.0-127.255.255.255
denied-peer-ip=169.254.0.0-169.254.255.255
denied-peer-ip=172.16.0.0-172.31.255.255
denied-peer-ip=192.0.0.0-192.0.0.255
denied-peer-ip=192.0.2.0-192.0.2.255
denied-peer-ip=192.88.99.0-192.88.99.255
denied-peer-ip=192.168.0.0-192.168.255.255
denied-peer-ip=198.18.0.0-198.19.255.255
denied-peer-ip=198.51.100.0-198.51.100.255
denied-peer-ip=203.0.113.0-203.0.113.255
denied-peer-ip=240.0.0.0-255.255.255.255
denied-peer-ip=::1
denied-peer-ip=64:ff9b::-64:ff9b::ffff:ffff
denied-peer-ip=::ffff:0.0.0.0-::ffff:255.255.255.255
denied-peer-ip=100::-100::ffff:ffff:ffff:ffff
denied-peer-ip=2001::-2001:1ff:ffff:ffff:ffff:ffff:ffff:ffff
denied-peer-ip=2002::-2002:ffff:ffff:ffff:ffff:ffff:ffff:ffff
denied-peer-ip=fc00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
denied-peer-ip=fe80::-febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
''; '';
}; secure-stun = true;
cert = "/var/lib/acme/turn.vimium.com/fullchain.pem";
services.matrix-synapse = lib.mkIf cfg.matrixIntegration { pkey = "/var/lib/acme/turn.vimium.com/key.pem";
settings = with config.services.coturn; { min-port = 49152;
turn_uris = [ max-port = 49999;
"turn:${realm}:3478?transport=udp"
"turn:${realm}:3478?transport=tcp"
];
turn_user_lifetime = "1h";
};
extraConfigFiles = [
config.age.secrets."passwords/services/coturn/matrix-turn-config.yml".path
];
}; };
}; };
} }

2
modules/services/gitea-runner/default.nix
View File

@@ -208,7 +208,7 @@ in
container = { container = {
options = "-e NIX_BUILD_SHELL=/bin/bash -e PAGER=cat -e PATH=/bin -e SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt --device /dev/kvm -v /nix:/nix -v ${storeDeps}/bin:/bin -v ${storeDeps}/etc/ssl:/etc/ssl --user nix-ci-user"; options = "-e NIX_BUILD_SHELL=/bin/bash -e PAGER=cat -e PATH=/bin -e SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt --device /dev/kvm -v /nix:/nix -v ${storeDeps}/bin:/bin -v ${storeDeps}/etc/ssl:/etc/ssl --user nix-ci-user";
network = "host"; network = "host";
valid_volumes = [ validVolumes = [
"/nix" "/nix"
"${storeDeps}/bin" "${storeDeps}/bin"
"${storeDeps}/etc/ssl" "${storeDeps}/etc/ssl"

23
modules/services/gitea/default.nix
View File

@@ -1,17 +1,18 @@
{ config, lib, pkgs, inputs, ... }: { config, lib, pkgs, inputs, ... }:
with lib;
let let
cfg = config.modules.services.gitea; cfg = config.modules.services.gitea;
in { in {
options.modules.services.gitea = { options.modules.services.gitea = {
enable = lib.mkEnableOption "gitea"; enable = mkOption {
domain = lib.mkOption { default = false;
type = lib.types.string; example = true;
default = "git.vimium.com";
}; };
}; };
config = lib.mkIf cfg.enable { config = mkIf cfg.enable {
users = { users = {
users.git = { users.git = {
isSystemUser = true; isSystemUser = true;
@@ -30,7 +31,7 @@ in {
}; };
}; };
virtualHosts = { virtualHosts = {
"${cfg.domain}" = { "git.vimium.com" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/".proxyPass = "http://gitea"; locations."/".proxyPass = "http://gitea";
@@ -64,20 +65,18 @@ in {
settings = { settings = {
server = { server = {
DOMAIN = config.networking.domain; DOMAIN = config.networking.domain;
DISABLE_ROUTER_LOG = true;
LANDING_PAGE = "explore"; LANDING_PAGE = "explore";
OFFLINE_MODE = true; OFFLINE_MODE = true;
PROTOCOL = "http+unix"; PROTOCOL = "http+unix";
SSH_USER = "git"; SSH_USER = "git";
SSH_DOMAIN = "${cfg.domain}"; SSH_DOMAIN = "git.vimium.com";
SSH_PORT = lib.head config.services.openssh.ports; SSH_PORT = lib.head config.services.openssh.ports;
ROOT_URL = "https://${cfg.domain}/"; ROOT_URL = "https://git.vimium.com/";
}; };
service.DISABLE_REGISTRATION = true; service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true; session.COOKIE_SECURE = true;
log = { log.ROOT_PATH = "${stateDir}/log";
ROOT_PATH = "${stateDir}/log";
"logger.router.MODE" = "";
};
ui = { ui = {
THEMES = "gitea,arc-green,github,github-auto,github-dark"; THEMES = "gitea,arc-green,github,github-auto,github-dark";
DEFAULT_THEME = "github-dark"; DEFAULT_THEME = "github-dark";

50
modules/services/headscale/default.nix
View File

@@ -4,7 +4,6 @@ with lib;
let let
cfg = config.modules.services.headscale; cfg = config.modules.services.headscale;
fqdn = "headscale.vimium.net";
in { in {
options.modules.services.headscale = { options.modules.services.headscale = {
enable = mkOption { enable = mkOption {
@@ -14,39 +13,8 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.headscale ];
services.headscale = {
enable = true;
port = 8080;
settings = {
ip_prefixes = [
"100.64.0.0/10"
];
server_url = "https://${fqdn}";
dns_config = {
base_domain = "vimium.net";
extra_records = [
{
name = "grafana.mesh.vimium.net";
type = "A";
value = "100.64.0.6";
}
{
name = "home.mesh.vimium.net";
type = "A";
value = "100.64.0.7";
}
];
};
logtail.enabled = false;
};
};
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"${fqdn}" = { "headscale.vimium.net" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
@@ -55,5 +23,21 @@ in {
}; };
}; };
}; };
services.headscale = {
enable = true;
port = 8080;
settings = {
server_url = "https://headscale.vimium.net";
dns_config = {
base_domain = "vimium.net";
};
logtail.enabled = false;
};
};
environment.systemPackages = with pkgs; [
config.services.headscale.package
];
}; };
} }

1
modules/services/mail/default.nix
View File

@@ -31,7 +31,6 @@ in {
$config['smtp_user'] = "%u"; $config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p"; $config['smtp_pass'] = "%p";
''; '';
plugins = [ "contextmenu" ];
}; };
services.nginx.enable = true; services.nginx.enable = true;

127
modules/services/matrix-synapse/default.nix Normal file
View File

@@ -0,0 +1,127 @@
{ config, lib, pkgs, inputs, ... }:
with lib;
let
cfg = config.modules.services.matrix-synapse;
matrixClientConfig = {
"m.homeserver" = {
base_url = "https://matrix.vimium.com";
server_name = "vimium.com";
};
"m.identity_server" = {};
};
matrixServerConfig."m.server" = "matrix.vimium.com:443";
mkWellKnown = data: ''
more_set_headers 'Content-Type: application/json';
return 200 '${builtins.toJSON data}';
'';
in {
options.modules.services.matrix-synapse = {
enable = mkOption {
default = false;
example = true;
};
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [
8448 # Matrix federation
];
security.acme.certs = {
"matrix.vimium.com" = {
reloadServices = [ "matrix-synapse" ];
};
};
services.nginx.virtualHosts = {
"chat.vimium.com" = {
forceSSL = true;
enableACME = true;
root = pkgs.unstable.element-web.override {
conf = {
default_server_config = matrixClientConfig;
brand = "Vimium Chat";
branding = {
auth_header_logo_url = "https://vimium.com/images/logo.svg";
auth_footer_links = [
{ "text" = "Vimium.com"; "url" = "https://vimium.com"; }
];
};
};
};
};
"matrix.vimium.com" = {
forceSSL = true;
enableACME = true;
listen = [
{
addr = "0.0.0.0";
port = 443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 80;
}
{
addr = "0.0.0.0";
port = 8448;
ssl = true;
}
{
addr = "[::1]";
port = 443;
ssl = true;
}
{
addr = "[::1]";
port = 80;
}
{
addr = "[::1]";
port = 8448;
ssl = true;
}
];
locations = {
"/" = {
proxyPass = "http://localhost:8008";
extraConfig = ''
proxy_set_header X-Forwarded-For $remote_addr;
'';
};
"/_matrix" = {
proxyPass = "http://localhost:8008";
extraConfig = ''
proxy_set_header X-Forwarded-For $remote_addr;
client_max_body_size 50M;
'';
};
"/_synapse/client".proxyPass = "http://localhost:8008";
};
};
"vimium.com" = {
locations."= /.well-known/matrix/server".extraConfig = (mkWellKnown matrixServerConfig);
locations."= /.well-known/matrix/client".extraConfig = (mkWellKnown matrixClientConfig);
};
};
services.matrix-synapse = {
enable = true;
settings = {
database.name = "sqlite3";
enable_registration = false;
server_name = "vimium.com";
# turn_shared_secret = "???";
# turn_uris = [
# "turn:turn.vimium.com:5349?transport=udp"
# "turn:turn.vimium.com:5350?transport=udp"
# "turn:turn.vimium.com:5349?transport=tcp"
# "turn:turn.vimium.com:5350?transport=tcp"
# ];
};
};
};
}

254
modules/services/matrix/default.nix
View File

@@ -1,254 +0,0 @@
{
config,
lib,
pkgs,
inputs,
...
}:
let
cfg = config.modules.services.matrix;
in {
options.modules.services.matrix = {
enable = lib.mkEnableOption "matrix";
element = {
enable = lib.mkOption {
type = lib.types.bool;
default = true;
};
};
bridges = {
signal = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable Signal bridge.";
};
whatsapp = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable WhatsApp bridge.";
};
};
serverName = lib.mkOption {
type = lib.types.str;
default = "vimium.com";
example = "vimium.com";
};
slidingSync = {
enable = lib.mkEnableOption "sliding-sync";
};
usePostgresql = lib.mkEnableOption "postgresql";
};
config = let
matrixSubdomain = "matrix.${cfg.serverName}";
elementSubdomain = "chat.${cfg.serverName}";
matrixClientConfig = {
"m.homeserver" = {
base_url = "https://${matrixSubdomain}";
server_name = cfg.serverName;
};
"m.identity_server" = {};
"org.matrix.msc3575.proxy" = if cfg.slidingSync.enable then {
"url" = "https://${matrixSubdomain}";
} else { };
};
matrixServerConfig."m.server" = "${matrixSubdomain}:443";
commonBridgeSettings = bridge: {
appservice = {
database = lib.mkIf cfg.usePostgresql {
type = "postgres";
uri = "postgresql:///${bridge}?host=/run/postgresql";
};
};
bridge = {
encryption = {
allow = true;
default = true;
require = true;
};
permissions = {
"${cfg.serverName}" = "user";
"@jordan:${cfg.serverName}" = "admin";
};
provisioning = {
shared_secret = "disable";
};
};
homeserver = {
address = "https://${matrixSubdomain}";
domain = cfg.serverName;
};
};
in lib.mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [
8448 # Matrix federation
];
security.acme.certs = {
"${matrixSubdomain}" = {
reloadServices = [ "matrix-synapse" ];
};
};
services.nginx.virtualHosts = {
"${matrixSubdomain}" = {
forceSSL = true;
enableACME = true;
listen = [
{
addr = "0.0.0.0";
port = 443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 80;
}
{
addr = "0.0.0.0";
port = 8448;
ssl = true;
}
{
addr = "[::1]";
port = 443;
ssl = true;
}
{
addr = "[::1]";
port = 80;
}
{
addr = "[::1]";
port = 8448;
ssl = true;
}
];
locations = {
"/" = {
proxyPass = "http://localhost:8008";
extraConfig = ''
proxy_set_header X-Forwarded-For $remote_addr;
'';
};
"/_matrix" = {
proxyPass = "http://localhost:8008";
extraConfig = ''
proxy_set_header X-Forwarded-For $remote_addr;
client_max_body_size 50M;
'';
};
"/_synapse/client".proxyPass = "http://localhost:8008";
"~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = lib.mkIf cfg.slidingSync.enable {
priority = 100;
proxyPass = "http://localhost:8009";
extraConfig = ''
proxy_set_header X-Forwarded-For $remote_addr;
'';
};
};
};
"${cfg.serverName}" = let
mkWellKnown = data: ''
more_set_headers 'Content-Type: application/json';
return 200 '${builtins.toJSON data}';
'';
in {
locations."= /.well-known/matrix/server".extraConfig = (mkWellKnown matrixServerConfig);
locations."= /.well-known/matrix/client".extraConfig = (mkWellKnown matrixClientConfig);
};
} // (if cfg.element.enable then {
"${elementSubdomain}" = {
forceSSL = true;
enableACME = true;
root = pkgs.unstable.element-web.override {
conf = {
default_server_config = matrixClientConfig;
brand = "Vimium Chat";
branding = {
auth_header_logo_url = "https://vimium.com/images/logo.svg";
auth_footer_links = [
{ "text" = "Vimium.com"; "url" = "https://vimium.com"; }
];
};
};
};
};
} else {});
services.matrix-synapse = {
enable = true;
enableRegistrationScript = true;
settings = {
database.name = (if cfg.usePostgresql then "psycopg2" else "sqlite3");
enable_metrics = false;
enable_registration = false;
max_upload_size = "100M";
report_stats = false;
server_name = cfg.serverName;
app_service_config_files = (lib.optional cfg.bridges.whatsapp
"/var/lib/mautrix-whatsapp/whatsapp-registration.yaml");
};
};
systemd.services.matrix-synapse.serviceConfig.SupplementaryGroups =
(lib.optional cfg.bridges.whatsapp
config.systemd.services.mautrix-whatsapp.serviceConfig.Group);
age.secrets = if cfg.slidingSync.enable then {
"files/services/matrix/sliding-sync" = {
file = "${inputs.secrets}/files/services/matrix/sliding-sync.age";
};
} else {};
services.matrix-sliding-sync = lib.mkIf cfg.slidingSync.enable {
enable = true;
environmentFile = config.age.secrets."files/services/matrix/sliding-sync".path;
settings = { SYNCV3_SERVER = "https://${matrixSubdomain}"; };
};
services.postgresql = lib.mkIf cfg.usePostgresql {
ensureUsers = [
{
name = "matrix-synapse";
ensureDBOwnership = true;
}
] ++ (lib.optional cfg.bridges.signal
{
name = "mautrix-signal";
ensureDBOwnership = true;
})
++ (lib.optional cfg.bridges.whatsapp
{
name = "mautrix-whatsapp";
ensureDBOwnership = true;
});
ensureDatabases = [
"matrix-synapse"
] ++ (lib.optional cfg.bridges.signal
"mautrix-signal")
++ (lib.optional cfg.bridges.whatsapp
"mautrix-whatsapp");
};
services.mautrix-signal = lib.mkIf cfg.bridges.signal {
enable = true;
settings = commonBridgeSettings "mautrix-signal";
};
services.mautrix-whatsapp = lib.mkIf cfg.bridges.whatsapp {
enable = true;
settings = {
bridge = {
history_sync = {
backfill = true;
max_initial_conversations = -1;
message_count = 50;
request_full_sync = true;
};
mute_bridging = true;
};
} // commonBridgeSettings "mautrix-whatsapp";
};
};
}

2
modules/shell/zsh/default.nix
View File

@@ -21,7 +21,7 @@ in {
user.packages = with pkgs; [ user.packages = with pkgs; [
fd fd
unstable.fzf fzf
jq jq
nix-zsh-completions nix-zsh-completions
nnn nnn

32
overlays/0001-Always-installed.patch
View File

@@ -1,32 +0,0 @@
From ff76624c4407c6132cd4068e6ce065a7b429351f Mon Sep 17 00:00:00 2001
From: Jordan Holt <jordan@vimium.com>
Date: Sun, 4 Aug 2024 15:46:04 +0100
Subject: [PATCH] Always installed
---
src/libcamera/source_paths.cpp | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/src/libcamera/source_paths.cpp b/src/libcamera/source_paths.cpp
index 1af5386a..3fc7d044 100644
--- a/src/libcamera/source_paths.cpp
+++ b/src/libcamera/source_paths.cpp
@@ -39,15 +39,6 @@ namespace {
*/
bool isLibcameraInstalled()
{
- /*
- * DT_RUNPATH (DT_RPATH when the linker uses old dtags) is removed on
- * install.
- */
- for (const ElfW(Dyn) *dyn = _DYNAMIC; dyn->d_tag != DT_NULL; ++dyn) {
- if (dyn->d_tag == DT_RUNPATH || dyn->d_tag == DT_RPATH)
- return false;
- }
-
return true;
}
--
2.44.1

142
overlays/0001-Remove-relative-config-lookups.patch
View File

@@ -1,142 +0,0 @@
From 57128bb78f56cadf9e2dcca5ba4d710c3bd478a7 Mon Sep 17 00:00:00 2001
From: Jordan Holt <jordan@vimium.com>
Date: Mon, 5 Aug 2024 21:53:09 +0100
Subject: [PATCH] Remove relative config lookups
---
src/libcamera/ipa_manager.cpp | 16 ----------
src/libcamera/ipa_proxy.cpp | 48 ++----------------------------
src/libcamera/pipeline_handler.cpp | 21 ++-----------
3 files changed, 4 insertions(+), 81 deletions(-)
diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp
index f4e0b633..6d5bbd05 100644
--- a/src/libcamera/ipa_manager.cpp
+++ b/src/libcamera/ipa_manager.cpp
@@ -131,22 +131,6 @@ IPAManager::IPAManager()
<< "No IPA found in '" << modulePaths << "'";
}
- /*
- * When libcamera is used before it is installed, load IPAs from the
- * same build directory as the libcamera library itself.
- */
- std::string root = utils::libcameraBuildPath();
- if (!root.empty()) {
- std::string ipaBuildPath = root + "src/ipa";
- constexpr int maxDepth = 2;
-
- LOG(IPAManager, Info)
- << "libcamera is not installed. Adding '"
- << ipaBuildPath << "' to the IPA search path";
-
- ipaCount += addDir(ipaBuildPath.c_str(), maxDepth);
- }
-
/* Finally try to load IPAs from the installed system path. */
ipaCount += addDir(IPA_MODULE_DIR);
diff --git a/src/libcamera/ipa_proxy.cpp b/src/libcamera/ipa_proxy.cpp
index 69975d8f..cd9284a3 100644
--- a/src/libcamera/ipa_proxy.cpp
+++ b/src/libcamera/ipa_proxy.cpp
@@ -122,33 +122,11 @@ std::string IPAProxy::configurationFile(const std::string &name,
}
}
- std::string root = utils::libcameraSourcePath();
- if (!root.empty()) {
- /*
- * When libcamera is used before it is installed, load
- * configuration files from the source directory. The
- * configuration files are then located in the 'data'
- * subdirectory of the corresponding IPA module.
- */
- std::string ipaConfDir = root + "src/ipa/" + ipaName + "/data";
-
- LOG(IPAProxy, Info)
- << "libcamera is not installed. Loading IPA configuration from '"
- << ipaConfDir << "'";
-
- std::string confPath = ipaConfDir + "/" + name;
+ for (const auto &dir : utils::split(IPA_CONFIG_DIR, ":")) {
+ std::string confPath = dir + "/" + ipaName + "/" + name;
ret = stat(confPath.c_str(), &statbuf);
if (ret == 0 && (statbuf.st_mode & S_IFMT) == S_IFREG)
return confPath;
-
- } else {
- /* Else look in the system locations. */
- for (const auto &dir : utils::split(IPA_CONFIG_DIR, ":")) {
- std::string confPath = dir + "/" + ipaName + "/" + name;
- ret = stat(confPath.c_str(), &statbuf);
- if (ret == 0 && (statbuf.st_mode & S_IFMT) == S_IFREG)
- return confPath;
- }
}
if (fallbackName.empty()) {
@@ -197,28 +175,6 @@ std::string IPAProxy::resolvePath(const std::string &file) const
}
}
- /*
- * When libcamera is used before it is installed, load proxy workers
- * from the same build directory as the libcamera directory itself.
- * This requires identifying the path of the libcamera.so, and
- * referencing a relative path for the proxy workers from that point.
- */
- std::string root = utils::libcameraBuildPath();
- if (!root.empty()) {
- std::string ipaProxyDir = root + "src/libcamera/proxy/worker";
-
- LOG(IPAProxy, Info)
- << "libcamera is not installed. Loading proxy workers from '"
- << ipaProxyDir << "'";
-
- std::string proxyPath = ipaProxyDir + proxyFile;
- if (!access(proxyPath.c_str(), X_OK))
- return proxyPath;
-
- return std::string();
- }
-
- /* Else try finding the exec target from the install directory. */
std::string proxyPath = std::string(IPA_PROXY_DIR) + proxyFile;
if (!access(proxyPath.c_str(), X_OK))
return proxyPath;
diff --git a/src/libcamera/pipeline_handler.cpp b/src/libcamera/pipeline_handler.cpp
index 5ea2ca78..fd8555ca 100644
--- a/src/libcamera/pipeline_handler.cpp
+++ b/src/libcamera/pipeline_handler.cpp
@@ -561,25 +561,8 @@ std::string PipelineHandler::configurationFile(const std::string &subdir,
struct stat statbuf;
int ret;
- std::string root = utils::libcameraSourcePath();
- if (!root.empty()) {
- /*
- * When libcamera is used before it is installed, load
- * configuration files from the source directory. The
- * configuration files are then located in the 'data'
- * subdirectory of the corresponding pipeline handler.
- */
- std::string confDir = root + "src/libcamera/pipeline/";
- confPath = confDir + subdir + "/data/" + name;
-
- LOG(Pipeline, Info)
- << "libcamera is not installed. Loading platform configuration file from '"
- << confPath << "'";
- } else {
- /* Else look in the system locations. */
- confPath = std::string(LIBCAMERA_DATA_DIR)
- + "/pipeline/" + subdir + '/' + name;
- }
+ confPath = std::string(LIBCAMERA_DATA_DIR)
+ + "/pipeline/" + subdir + '/' + name;
ret = stat(confPath.c_str(), &statbuf);
if (ret == 0 && (statbuf.st_mode & S_IFMT) == S_IFREG)
--
2.44.1

35
overlays/default.nix
View File

@@ -1,35 +0,0 @@
final: prev:
/*
Generate an overlay from `pkgs` by handling the `callPackage` behaviour
ourselves, making exceptions for namespaced package sets. We cannot reuse
the definitions from `self.legacyPackages.${prev.system}`, as that would
evaluate nixpkgs twice here (prev.system does not exist then).
*/
let
lib = prev.lib;
pkgs = lib.packagesFromDirectoryRecursive {
callPackage = path: overrides: path;
directory = ../pkgs;
};
in
lib.mapAttrs
(name: value:
if lib.isAttrs value then
if lib.hasAttrByPath [ name "overrideScope" ] prev then
# Namespaced package sets created with `lib.makeScope pkgs.newScope`.
prev.${name}.overrideScope (final': prev':
lib.mapAttrs (name': value': final'.callPackage value' { }) value)
else if lib.hasAttrByPath [ name "extend" ] prev then
# Namespaced package sets created with `lib.makeExtensible`.
prev.${name}.extend (final': prev':
lib.mapAttrs (name': value': final.callPackage value' { }) value)
else
# Namespaced package sets in regular attrsets.
prev.${name} // value
else
final.callPackage value { })
pkgs

4
overlays/gnome.nix
View File

@@ -3,8 +3,8 @@ self: super:
gnome = super.gnome.overrideScope' (gself: gsuper: { gnome = super.gnome.overrideScope' (gself: gsuper: {
mutter = gsuper.mutter.overrideAttrs (oldAttrs: { mutter = gsuper.mutter.overrideAttrs (oldAttrs: {
src = super.fetchurl { src = super.fetchurl {
url = "https://gitlab.gnome.org/Community/Ubuntu/mutter/-/archive/triple-buffering-v4-46/mutter-triple-buffering-v4-46.tar.gz"; url = "https://gitlab.gnome.org/Community/Ubuntu/mutter/-/archive/triple-buffering-v4-45/mutter-triple-buffering-v4-45.tar.gz";
sha256 = "mmFABDsRMzYnLO3+Cf3CJ60XyUBl3y9NAUj+vs7nLqE="; sha256 = "tN+zQ5brk+hc+louIipqPV/Bqft42ghKOzjZZMj5Q8A=";
}; };
}); });
}); });

25
overlays/libcamera.nix
View File

@@ -1,25 +0,0 @@
final: prev:
{
libcamera = prev.libcamera.overrideAttrs (old: {
postPatch = ''
patchShebangs utils/ src/py/
'';
patches = [
./0001-Remove-relative-config-lookups.patch
];
mesonFlags = old.mesonFlags ++ [
"--buildtype=release"
"-Dpipelines=rpi/vc4"
"-Dipas=rpi/vc4"
"-Dgstreamer=enabled"
"-Dtest=false"
"-Dcam=enabled"
];
});
camera-streamer = prev.callPackage ../pkgs/camera-streamer/package.nix {
libcamera = final.libcamera;
};
}

75
pkgs/camera-streamer/package.nix
View File

@@ -1,75 +0,0 @@
{ stdenv
, fetchFromGitea
, cmake
, gnumake
, pkg-config
, xxd
, v4l-utils
, nlohmann_json
, ffmpegSupport ? true
, ffmpeg
, libcameraSupport ? true
, libcamera
, rtspSupport ? false
, live555
, webrtcSupport ? false
, openssl
, lib
}:
stdenv.mkDerivation (finalAttrs: {
pname = "camera-streamer";
version = "0.2.8";
src = fetchFromGitea {
domain = "git.vimium.com";
owner = "jordan";
repo = "camera-streamer";
rev = "464f05172c725b4b302464eecdb8b6e85fda6e84";
hash = "sha256-IkLR/oozYU+hfpct+GXej2T3GEhauQtqwWOcrQAErbM=";
fetchSubmodules = true;
};
# Second replacement fixes literal newline in generated version.h.
postPatch = ''
substituteInPlace Makefile \
--replace '/usr/local/bin' '/bin' \
--replace 'echo "#define' 'echo -e "#define'
'';
env.NIX_CFLAGS_COMPILE = builtins.toString [
"-Wno-error=stringop-overflow"
"-Wno-error=format"
"-Wno-format"
"-Wno-format-security"
"-Wno-error=unused-result"
];
nativeBuildInputs = [
cmake
gnumake
pkg-config
xxd
];
dontUseCmakeConfigure = true;
buildInputs = [ nlohmann_json v4l-utils ]
++ (lib.optional ffmpegSupport ffmpeg)
++ (lib.optional libcameraSupport libcamera)
++ (lib.optional rtspSupport live555)
++ (lib.optional webrtcSupport openssl);
installFlags = [ "DESTDIR=${builtins.placeholder "out"}" ];
preInstall = "mkdir -p $out/bin";
meta = with lib; {
description = "High-performance low-latency camera streamer for Raspberry Pi's";
website = "https://github.com/ayufan/camera-streamer";
license = licenses.gpl3Only;
};
})

58
pkgs/rpicam-apps/package.nix
View File

@@ -1,58 +0,0 @@
{ stdenv
, fetchFromGitHub
, meson
, ninja
, pkg-config
, boost
, ffmpeg
, libcamera
, libdrm
, libexif
, libjpeg
, libpng
, libtiff
, lib
}:
stdenv.mkDerivation (finalAttrs: {
pname = "rpicam-apps";
version = "1.4.1";
src = fetchFromGitHub {
owner = "raspberrypi";
repo = "rpicam-apps";
rev = "v" + finalAttrs.version;
hash = "sha256-3NG2ZE/Ub3lTbfne0LCXuDgLGTPaAAADRdElEbZwvls=";
};
nativeBuildInputs = [
meson
ninja
pkg-config
];
buildInputs = [
boost
ffmpeg
libcamera
libdrm
libexif
libjpeg
libpng
libtiff
];
# Meson is no longer able to pick up Boost automatically:
# https://github.com/NixOS/nixpkgs/issues/86131
BOOST_INCLUDEDIR = "${lib.getDev boost}/include";
BOOST_LIBRARYDIR = "${lib.getLib boost}/lib";
meta = with lib; {
description = ''
libcamera-based applications to drive the cameras on a Raspberry Pi platform
'';
homepage = "https://github.com/raspberrypi/rpicam-apps";
license = licenses.bsd2;
};
})