diff options
author | Azat Bahawi <azat@bahawi.net> | 2024-04-21 02:15:42 +0300 |
---|---|---|
committer | Azat Bahawi <azat@bahawi.net> | 2024-04-21 02:15:42 +0300 |
commit | e6ed60548397627bf10f561f9438201dbba0a36e (patch) | |
tree | f9a84c5957d2cc4fcd148065ee9365a0c851ae1c /modules/common | |
parent | 2024-04-18 (diff) |
2024-04-21
Diffstat (limited to 'modules/common')
62 files changed, 770 insertions, 3610 deletions
diff --git a/modules/common/alacritty.nix b/modules/common/alacritty.nix deleted file mode 100644 index 704ce79..0000000 --- a/modules/common/alacritty.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.nixfiles.modules.alacritty; -in -{ - options.nixfiles.modules.alacritty.enable = mkEnableOption "Alacritty terminal emulator"; - - config = mkIf cfg.enable { - hm.programs.alacritty = { - enable = true; - settings = { - window = { - padding = with config.stylix.fonts.sizes; { - x = terminal; - y = terminal; - }; - dynamic_padding = false; - decorations = "Full"; - startup_mode = "Maximized"; - }; - selection.save_to_clipboard = true; - cursor = { - style = { - shape = "Block"; - blinking = "On"; - }; - vi_mode_style = { - shape = "Block"; - blinking = "Off"; - }; - }; - }; - }; - }; -} diff --git a/modules/common/aria2.nix b/modules/common/aria2.nix deleted file mode 100644 index cdf1c4f..0000000 --- a/modules/common/aria2.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.nixfiles.modules.aria2; -in -{ - options.nixfiles.modules.aria2.enable = mkEnableOption "aria2"; - - config = mkIf cfg.enable { - hm.programs.aria2 = { - enable = true; - - settings = { - bt-max-peers = 128; - bt-save-metadata = true; - continue = true; - enable-dht = true; - enable-peer-exchange = true; - enable-rpc = false; - follow-torrent = true; - log-level = "info"; - max-connection-per-server = 16; - max-overall-upload-limit = "1K"; - max-tries = 5; - max-upload-limit = "1K"; - seed-ratio = 0.1; - seed-time = 0.1; - stream-piece-selector = "default"; - timeout = 60; - }; - }; - }; -} diff --git a/modules/common/ark.nix b/modules/common/ark.nix new file mode 100644 index 0000000..84ff6db --- /dev/null +++ b/modules/common/ark.nix @@ -0,0 +1,64 @@ +{ + config, + inputs, + lib, + ... +}: +with lib; +let + cfg = config.nixfiles.modules.ark; +in +{ + imports = [ + inputs.impermanence.nixosModules.impermanence + (mkAliasOptionModule [ "ark" ] [ + "nixfiles" + "modules" + "ark" + ]) + ]; + + options.nixfiles.modules.ark = + let + mkListOfAnythingOption = mkOption { + type = with types; listOf anything; # Assumed to be matching with the upstream type. + default = [ ]; + }; + in + { + enable = mkEnableOption "persistent storage support via impermanence"; + + path = mkOption { + type = types.str; + default = "/ark"; + }; + + directories = mkListOfAnythingOption; + files = mkListOfAnythingOption; + # hm = { + # directories = mkListOfAnythingOption; + # files = mkListOfAnythingOption; + # }; + }; + + config = mkIf cfg.enable { + environment.persistence.${cfg.path} = { + hideMounts = true; + enableDebugging = false; + inherit (cfg) directories files; + }; + + # NOTE We can't reliably[1] use this, so for the time being, this will stay + # commented out. Probably forever. + # + # [1]: https://github.com/nix-community/impermanence/issues/18 + # + # hm = { + # imports = [inputs.impermanence.nixosModules.home-manager.impermanence]; + # home.persistence."${cfg.path}/${config.my.home}" = { + # allowOther = false; + # inherit (cfg.hm) directories files; + # }; + # }; + }; +} diff --git a/modules/common/bat.nix b/modules/common/bat.nix deleted file mode 100644 index a95d67d..0000000 --- a/modules/common/bat.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.nixfiles.modules.bat; -in -{ - options.nixfiles.modules.bat.enable = mkEnableOption "bat, an alternative to cat"; - - config = mkIf cfg.enable { - nixfiles.modules.common.shell.aliases = { - baj = "bat --language=json --tabs 2"; - bay = "bat --language=yaml --tabs 2"; - bas = "bat --language=syslog"; - less = "bat"; - }; - - hm.programs.bat = { - enable = true; - config = { - style = "plain"; - tabs = "4"; - wrap = "never"; - }; - }; - }; -} diff --git a/modules/common/common/default.nix b/modules/common/common/default.nix deleted file mode 100644 index 62e4a95..0000000 --- a/modules/common/common/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -_: { - imports = [ - ./documentation.nix - ./home-manager.nix - ./locale.nix - ./networking.nix - ./nix.nix - ./secrets.nix - ./shell - ./stylix.nix - ./users.nix - ./xdg.nix - ]; -} diff --git a/modules/common/common/documentation.nix b/modules/common/common/documentation.nix deleted file mode 100644 index 2202e11..0000000 --- a/modules/common/common/documentation.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - config, - lib, - this, - ... -}: -with lib; -{ - config = mkMerge [ - (mkIf this.isHeadful { - hm.manual = { - html.enable = false; - json.enable = false; - manpages.enable = true; - }; - - documentation = { - enable = true; - doc.enable = false; - info.enable = false; - }; - }) - (mkIf this.isHeadless { - hm.manual.manpages.enable = false; - documentation.enable = false; - }) - ]; -} diff --git a/modules/common/common/locale.nix b/modules/common/common/locale.nix deleted file mode 100644 index bcb577a..0000000 --- a/modules/common/common/locale.nix +++ /dev/null @@ -1,6 +0,0 @@ -_: { - hm.home.language = { - collate = "C"; - messages = "C"; - }; -} diff --git a/modules/common/common/networking.nix b/modules/common/common/networking.nix deleted file mode 100644 index 2e19162..0000000 --- a/modules/common/common/networking.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ pkgs, ... }: -{ - environment.systemPackages = with pkgs; [ myip ]; -} diff --git a/modules/common/common/nix.nix b/modules/common/common/nix.nix deleted file mode 100644 index fdb0125..0000000 --- a/modules/common/common/nix.nix +++ /dev/null @@ -1,125 +0,0 @@ -{ - config, - inputs, - lib, - localUsername ? lib.my.username, - pkgs, - this, - ... -}: -with lib; -{ - _module.args = - let - importNixpkgs = - nixpkgs: - import nixpkgs { - inherit (config.nixpkgs) config; - inherit (this) system; - }; - in - rec { - pkgsLocal = importNixpkgs "${config.my.home}/src/nixpkgs"; # Impure! - pkgsMaster = importNixpkgs inputs.nixpkgs-master; - pkgsStable = importNixpkgs inputs.nixpkgs-stable; - pkgsRev = - rev: hash: - importNixpkgs ( - pkgs.fetchFromGitHub { - owner = "NixOS"; - repo = "nixpkgs"; - inherit rev hash; - } - ); - pkgsPr = pr: pkgsRev "refs/pull/${toString pr}/head"; - }; - - nixpkgs.overlays = with inputs; [ - self.overlays.default - (_: _: { }) - ]; - - nix = - let - notSelfInputs = filterAttrs (n: _: n != "self") inputs; - in - { - settings = { - # https://nixos.org/manual/nix/unstable/contributing/experimental-features.html#currently-available-experimental-features - # https://github.com/NixOS/nix/blob/master/src/libutil/experimental-features.cc - experimental-features = concatStringsSep " " [ - "flakes" - "nix-command" - "recursive-nix" - "repl-flake" - ]; - - keep-derivations = if this.isHeadful then "true" else "false"; - keep-outputs = if this.isHeadful then "true" else "false"; - - flake-registry = "${inputs.flake-registry}/flake-registry.json"; - - warn-dirty = false; - - keep-going = true; - - substituters = [ - "https://azahi.cachix.org" - "https://nix-community.cachix.org" - ]; - trusted-public-keys = [ - "azahi.cachix.org-1:2bayb+iWYMAVw3ZdEpVg+NPOHCXncw7WMQ0ElX1GO3s=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; - - trusted-users = [ - "root" - localUsername - ]; - }; - - nixPath = mapAttrsToList (n: v: "${n}=${v}") notSelfInputs ++ [ - "nixfiles=${config.my.home}/src/nixfiles" - ]; - - registry = mapAttrs (_: flake: { inherit flake; }) notSelfInputs // { - nixfiles.flake = inputs.self; - }; - }; - - environment = { - systemPackages = - with pkgs; - optionals this.isHeadful [ - nix-top - nix-tree - nixfiles - ]; - variables.NIXFILES = "${config.my.home}/src/nixfiles"; - }; - - hm = { - # Used primarily in conjunction with the "nixfiles" script. - home.file.".nix-defexpr/default.nix".text = - let - hostname = strings.escapeNixIdentifier this.hostname; - in - optionalString this.isHeadful '' - let - self = builtins.getFlake "nixfiles"; - configurations = self.nixosConfigurations; - local = configurations.${hostname}; - in rec { - inherit self; - inherit (self) inputs lib; - inherit (lib) my; - this = my.configurations.${hostname}; - inherit (local) config; - inherit (local.config.system.build) toplevel vm vmWithBootLoader manual; - pretty = expr: lib.trace (lib.generators.toPretty {} expr) {}; - } // configurations // local._module.args - ''; - - programs.bash.shellAliases.nix = "nix --verbose --print-build-logs"; - }; -} diff --git a/modules/common/common/stylix.nix b/modules/common/common/stylix.nix deleted file mode 100644 index f1b8f81..0000000 --- a/modules/common/common/stylix.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ lib, pkgs, ... }: -with lib; -{ - imports = [ - (mkAliasOptionModule [ "colors" ] [ - "lib" - "stylix" - "colors" - ]) - ]; - - options.nixfiles.modules.common.stylix.fonts.extraPackages = mkOption { - description = "Font packages."; - default = with pkgs; [ - font-awesome - noto-fonts - noto-fonts-emoji - sarasa-gothic - source-han-mono - source-han-sans - source-han-serif - twitter-color-emoji - ]; - readOnly = true; - }; - - # Styling and color binding can be sourced from here[1]. - # - # [1]: https://github.com/tinted-theming/base24/blob/master/styling.md - config.stylix = { - image = pkgs.fetchurl { - url = "https://upload.wikimedia.org/wikipedia/commons/a/a5/Bonaparte_ante_la_Esfinge%2C_por_Jean-Léon_Gérôme.jpg"; - sha256 = "sha256-qWv52oT8cF9K4ZoeawmR3jgoGB2ARfjbKKc12IljUcM="; - }; - - base16Scheme = "${pkgs.base16-schemes}/share/themes/tomorrow.yaml"; - - fonts = { - monospace = { - package = pkgs.iosevka; - name = "Iosevka"; - }; - - serif = { - package = pkgs.iosevka-bin.override { variant = "Etoile"; }; - name = "Iosevka Etoile"; - }; - - sansSerif = { - package = pkgs.iosevka-bin.override { variant = "Aile"; }; - name = "Iosevka Aile"; - }; - - sizes = { - desktop = 10; - applications = 10; - terminal = 12; - }; - }; - }; -} diff --git a/modules/common/common/users.nix b/modules/common/common/users.nix deleted file mode 100644 index dc1b32e..0000000 --- a/modules/common/common/users.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - lib, - localUsername ? lib.my.username, - ... -}: -with lib; -{ - imports = [ - (mkAliasOptionModule [ "my" ] [ - "users" - "users" - localUsername - ]) - ]; -} diff --git a/modules/common/console.nix b/modules/common/console.nix new file mode 100644 index 0000000..330310c --- /dev/null +++ b/modules/common/console.nix @@ -0,0 +1,10 @@ +{ config, pkgs, ... }: +{ + stylix.targets.console.enable = false; + + console = { + earlySetup = true; + font = "${pkgs.terminus_font}/share/consolefonts/ter-v16b.psf.gz"; + useXkbConfig = config.services.xserver.enable; + }; +} diff --git a/modules/common/curl.nix b/modules/common/curl.nix deleted file mode 100644 index 6895262..0000000 --- a/modules/common/curl.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.curl; -in -{ - options.nixfiles.modules.curl.enable = mkEnableOption "cURL"; - - config = mkIf cfg.enable { - hm.xdg.configFile.".curlrc".text = '' - connect-timeout = 60 - progress-bar - remote-time - show-error - ''; - - environment.systemPackages = with pkgs; [ - curl - (writeShellScriptBin "0x0" '' - url="https://0x0.st" - form="file=@" - - if [ -t 0 ] && [ -n "$1" ]; then - form="$form$1" - else - form="$form-" - fi - - ${getExe curl} --form "$form" "$url" - '') - ]; - }; -} diff --git a/modules/common/default.nix b/modules/common/default.nix index 92f719d..ef9fb18 100644 --- a/modules/common/default.nix +++ b/modules/common/default.nix @@ -1,28 +1 @@ -_: { - imports = [ - ./alacritty.nix - ./aria2.nix - ./bat.nix - ./common - ./curl.nix - ./direnv.nix - ./editorconfig.nix - ./emacs - ./eza.nix - ./git.nix - ./gnupg.nix - ./htop.nix - ./mpv.nix - ./nmap.nix - ./openssh.nix - ./password-store.nix - ./profiles - ./qutebrowser.nix - ./subversion.nix - ./tmux.nix - ./vim - ./vscode.nix - ./wget.nix - ./zathura.nix - ]; -} +{ lib, ... }: with lib; { imports = attrValues (modulesIn ./.); } diff --git a/modules/common/direnv.nix b/modules/common/direnv.nix deleted file mode 100644 index ececad8..0000000 --- a/modules/common/direnv.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.nixfiles.modules.direnv; -in -{ - options.nixfiles.modules.direnv.enable = mkEnableOption "direnv"; - - config = mkIf cfg.enable { - hm = { - home.sessionVariables.DIRENV_LOG_FORMAT = ""; - - programs.direnv = { - enable = true; - config.global = { - strict_env = true; - warn_timeout = "1h"; - }; - nix-direnv.enable = true; - }; - }; - }; -} diff --git a/modules/common/documentation.nix b/modules/common/documentation.nix new file mode 100644 index 0000000..20856cb --- /dev/null +++ b/modules/common/documentation.nix @@ -0,0 +1,40 @@ +{ + config, + lib, + pkgs, + this, + ... +}: +with lib; +{ + config = { + hm.manual = { + manpages.enable = this.isHeadful; + html.enable = false; + json.enable = false; + }; + + documentation = { + enable = this.isHeadful; + dev.enable = true; + doc.enable = false; + info.enable = false; + nixos.enable = true; + + man.man-db.manualPages = + (pkgs.buildEnv { + name = "man-paths"; + paths = with config; environment.systemPackages ++ hm.home.packages; + pathsToLink = [ "/share/man" ]; + extraOutputsToInstall = [ "man" ]; + ignoreCollisions = true; + }).overrideAttrs + (_: _: { __contentAddressed = true; }); + }; + + environment.sessionVariables = { + MANOPT = "--no-hyphenation"; + MANPAGER = "${getExe pkgs.less} -+F"; + }; + }; +} diff --git a/modules/common/editorconfig.nix b/modules/common/editorconfig.nix deleted file mode 100644 index 5dfe845..0000000 --- a/modules/common/editorconfig.nix +++ /dev/null @@ -1,133 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.nixfiles.modules.editorconfig; -in -{ - options.nixfiles.modules.editorconfig.enable = mkEnableOption "Editorconfig"; - - config = mkIf cfg.enable { - hm.editorconfig = { - enable = true; - settings = { - "*" = { - charset = "utf-8"; - end_of_line = "lf"; - indent_size = 2; - indent_style = "space"; - insert_final_newline = true; - max_line_length = 80; - trim_trailing_whitespace = true; - }; - - # https://google.github.io/styleguide/cppguide.html#Spaces_vs._Tabs - "*.{c,cc,cpp,cxx,h,hh,hpp,hxx}" = { - indent_size = 2; - indent_style = "space"; - }; - - # https://go.dev/doc/effective_go#formatting - "{*.go,go.mod}" = { - indent_size = 2; - indent_style = "tab"; - }; - - # https://google.github.io/styleguide/pyguide.html#s3.4-indentation - # https://peps.python.org/pep-0008/#indentation - "*.py" = { - indent_size = 4; - indent_style = "space"; - }; - - # https://google.github.io/styleguide/shellguide.html#s5-formatting - "*.{sh,bash}" = { - indent_size = 2; - indent_style = "space"; - }; - - # https://www.haskell.org/onlinereport/haskell2010/haskellch10.html#x17-17800010.3 - # https://en.wikibooks.org/wiki/Haskell/Indentation - "*.hs" = { - indent_size = 2; - indent_style = "space"; - }; - - # https://google.github.io/styleguide/lispguide.xml#Formatting - "*.{lisp,cl,rkt,scm,el}" = { - indent_size = 2; - indent_style = "space"; - }; - - # https://github.com/ziglang/zig/wiki/FAQ#why-does-zig-fmt-use-spaces-instead-of-tabs - "*.zig" = { - indent_size = 4; - indent_style = "space"; - }; - - "*.{asm,s,S}" = { - indent_size = 4; - indent_style = "spaces"; - }; - - # https://www.gnu.org/software/make/manual/html_node/Rule-Syntax.html - "{Makefile*,*.mk}" = { - indent_size = 4; - indent_style = "tab"; - }; - - # https://cmake-format.readthedocs.io/en/latest/configopts.html#tab-size - # https://cmake-format.readthedocs.io/en/latest/configopts.html#use-tabchars - "{CMakeLists.txt,*.cmake}" = { - indent_size = 2; - indent_style = "space"; - }; - - # https://github.com/NixOS/rfcs/pull/166 - "*.nix" = { - indent_size = 2; - indent_style = "space"; - }; - - # https://nickel-lang.org/user-manual/syntax - "*.ncl" = { - indent_size = 2; - indent_style = "space"; - }; - - # https://developer.hashicorp.com/terraform/language/syntax/style - "*.{tf,hcl}" = { - indent_size = 2; - indent_style = "space"; - }; - - "*.{json,jsn}" = { - indent_size = 2; - indent_style = "space"; - }; - - # https://yaml.org/spec/1.2.2/#61-indentation-spaces - "*.{yaml,yml}" = { - indent_size = 2; - indent_style = "space"; - }; - - "*.{toml,tml}" = { - indent_size = 2; - indent_style = "space"; - }; - - # https://google.github.io/styleguide/htmlcssguide.html#Indentation - "*.{html,css}" = { - indent_size = 2; - indent_style = "space"; - }; - - # https://latexindentpl.readthedocs.io/en/latest/sec-default-user-local.html - "*.{tex,cls}" = { - indent_size = 4; - indent_style = "tab"; - }; - }; - }; - }; -} diff --git a/modules/common/emacs/default.nix b/modules/common/emacs/default.nix deleted file mode 100644 index 4c43fd5..0000000 --- a/modules/common/emacs/default.nix +++ /dev/null @@ -1,278 +0,0 @@ -{ - config, - inputs, - lib, - localUsername ? lib.my.username, - pkgs, - this, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.emacs; -in -{ - options.nixfiles.modules.emacs.enable = mkEnableOption "GNU Emacs"; - - config = mkIf cfg.enable { - secrets.authinfo = { - file = "${inputs.self}/secrets/authinfo"; - owner = localUsername; - }; - - nixfiles.modules = { - git.client.enable = true; - gnupg.enable = true; - password-store.enable = true; - profiles.dev.enable = true; - profiles.email.enable = true; - }; - - hm = { - stylix.targets.emacs.enable = false; - - xdg.configFile = - mapAttrs - ( - _: value: - value - // { - onChange = with config.hm.programs; '' - export EMACSDIR="''${XDG_CONFIG_HOME:-$HOME/.config}/emacs" - export DOOMDIR="''${XDG_CONFIG_HOME:-$HOME/.config}/doom" - - if [[ ! -d "$EMACSDIR/.git" ]]; then - ${getExe git.package} clone --depth=1 --branch=master \ - "https://github.com/doomemacs/doomemacs" "$EMACSDIR" - fi - - if [[ ! -d "$DOOMDIR/snippets" ]]; then - mkdir -p "$DOOMDIR/snippets" - fi - - if [[ -x "$EMACSDIR/bin/doom" ]]; then - if [[ ! -d "$EMACSDIR/.local" ]]; then - PATH="''${PATH:-/bin:/usr/bin:/usr/local/bin}:${emacs.package}/bin:${git.package}/bin" \ - "$EMACSDIR/bin/doom" install --force --verbose - fi - - PATH="''${PATH:-/bin:/usr/bin:/usr/local/bin}:${emacs.package}/bin:${git.package}/bin" \ - "$EMACSDIR/bin/doom" sync -e --gc --force --verbose - fi - ''; - } - ) - { - "doom/init.el".source = ./doom/init.el; - "doom/packages.el".source = ./doom/packages.el; - "doom/config.el" = { - text = concatLines [ - ( - let - extraBins = - with pkgs; - [ - (aspellWithDicts ( - p: with p; [ - en - ru - ] - )) # :checkers (spell +aspell) - asmfmt # :editor format - cargo # :lang rust - clang-tools # :lang (cc +lsp) :editor format - cmake-format # :lang cc :editor format - cmigemo # :lang japanese - config.hm.programs.emacs.package # !doom - config.nix.package # !doom - delve # :lang go :tools debugger - dockerfile-language-server-nodejs # :tools (docker +lsp) - dockfmt # :tools docker :editor format - editorconfig-core-c # :tools editorconfig - fd # doom! - gcc # :lang cc - ghc # :lang haskell - gnuplot # :lang (org +gnuplot) - gnutar # :tools tree-sitter - gnutls # doom! :app irc - go # :lang go - godef # :lang go - gomodifytags # :lang go - gopls # :lang (go +lsp) - gore # :lang go - gotests # :lang go - gotools # :lang go - graphviz # :lang (org +roam2) :lang plantuml - gzip # :tools tree-sitter - haskellPackages.cabal-fmt # :lang haskell :editor format - haskellPackages.cabal-install # :lang haskell - haskellPackages.haskell-language-server # :lang (haskell +lsp) - haskellPackages.hoogle # :lang haskell - haskellPackages.ormolu # :lang haskell :editor format - html-tidy # :lang web :editor format - jdk # :lang java :lang plantuml :checkers grammar - languagetool # :checkers grammar - libxml2 # :lang data :editor format - markdownlint-cli # :lang markdown - nil # :lang (nix +lsp) - nixfmt # :lang nix :editor format - nls # :lang (nickel +lsp) - nodePackages.bash-language-server # :lang (sh +lsp) - nodePackages.eslint # :lang (json +lsp) - nodePackages.js-beautify # :lang web - nodePackages.prettier # :editor format - nodePackages.stylelint # :lang web - nodePackages.vscode-css-languageserver-bin # lang (web +lsp) - nodePackages.vscode-html-languageserver-bin # lang (web +lsp) - nodePackages.vscode-json-languageserver-bin # lang (json +lsp) - nodejs # :tools debugger - pandoc # :lang org markdown latex - pinentry-emacs # doom! - pipenv # :lang python - poetry # :lang python - pre-commit # :tools magit - python3 # :lang python - python3Packages.black # :lang python :editor format - python3Packages.isort # :lang python :editor format - python3Packages.nose # :lang python - python3Packages.pyflakes # :lang python :editor format - python3Packages.pytest # :lang python - python3Packages.python-lsp-server # :lang python :editor format - ripgrep # doom! - rust-analyzer # :lang (rust +lsp) - rustc # :lang rust - rustfmt # :lang rust - shellcheck # :lang sh - shfmt # :lang sh :editor format - sops - sqlite # :lang (org +roam2) :tools lookup - terraform-ls # :tools (terraform +lsp) - texlab # lang (tex +lsp) - texlive.combined.scheme-full # :lang org tex - unzip # :tools debugger - wordnet # :tools (lookup +dictionary +offline) - yaml-language-server # :lang (yaml +lsp) - zig # :lang zig :editor format - zls # :lang (zig +lsp) - zstd # :emacs undo - ] - ++ ( - # GDB doesn't support[1] Apple Silicon. - # - # [1]: https://inbox.sourceware.org/gdb/6b48224b-9e2e-518d-793b-df4fc5514884@arm.com/ - if (this.system != "aarch64-darwin") then - [ gdb ] # :tools debugger - else - [ lldb ] # :tools debugger - ); - - parinferRustLibrary = - if (hasSuffix "linux" this.system) then - "${pkgs.parinfer-rust}/lib/libparinfer_rust.so" - else - "${pkgs.parinfer-rust}/lib/libparinfer_rust.dylib"; - in - '' - ;; Integrate packages which are required by various modules - ;; without polluting the user's profile. - (setq exec-path (append exec-path '(${concatMapStringsSep " " (x: ''"${x}/bin"'') extraBins}))) - (setenv "PATH" (concat (getenv "PATH") ":${concatMapStringsSep ":" (x: "${x}/bin") extraBins}")) - - ;; HACK Explicitly load specific Emacs packages from Nixpkgs. - ;; For some reason providing them as "extraPackages" doesn't - ;; work. - (add-to-list 'load-path "${pkgs.mu.mu4e}/share/emacs/site-lisp/mu4e") - (add-to-list 'load-path "${pkgs.emacsPackages.vterm}/share/emacs/site-lisp/elpa/vterm-${pkgs.emacsPackages.vterm.version}") - - (appendq! auth-sources '(("${config.secrets.authinfo.path}"))) - - ;; :input japanese - (setq migemo-dictionary "${pkgs.cmigemo}/share/migemo/utf-8/migemo-dict" - migemo-options '("--quiet" "--emacs") - skk-large-jisyo "${pkgs.skk-dicts}/share/SKK-JISYO.L" - skk-show-inline t) - - ;; :editor parinfer - (setq parinfer-rust-auto-download nil - parinfer-rust-library "${parinferRustLibrary}") - - ;; :lang (org +roam2) :email mu4e - (setq emacsql-sqlite-executable "${getExe pkgs.emacsql-sqlite}") - - ;; :lang plantuml - (setq plantuml-jar-path "${pkgs.plantuml}/lib/plantuml.jar" - plantuml-executable-path "${getExe' pkgs.plantuml "plantuml"}" - org-plantuml-jar-path plantuml-jar-path - org-plantuml-executable-path plantuml-executable-path) - - ;; :app irc - (setq circe-default-nick "${my.username}" - circe-default-realname "${my.email}" - circe-default-user circe-default-nick) - '' - ) - (with config.stylix.fonts; '' - (setq doom-font "${monospace.name}-${toString sizes.terminal}" - doom-serif-font "${serif.name}-${toString sizes.terminal}" - doom-variable-pitch-font "${sansSerif.name}-${toString sizes.terminal}") - '') - ( - with config.hm.accounts.email; - let - mu4eAccounts = - let - muAccounts = filter (a: a.mu.enable) (attrValues accounts); - in - concatMapStringsSep "\n" ( - a: - with a; - let - personalAddresses = concatMapStringsSep " " (v: ''"${v}"'') aliases; - in - '' - (set-email-account! "${name}" - '((user-full-name . "${realName}") - (user-mail-address . "${address}") - (mu4e-inbox-folder . "/${name}/${folders.inbox}") - (mu4e-sent-folder . "/${name}/${folders.sent}") - (mu4e-drafts-folder . "/${name}/${folders.drafts}") - (mu4e-trash-folder . "/${name}/${folders.trash}") - (mu4e-refile-folder . "/${name}/Archive") - (+mu4e-personal-addresses . (${personalAddresses}))) - t) - '' - ) muAccounts; - in - '' - (setq mu4e-root-maildir "${maildirBasePath}") - - ${mu4eAccounts} - '' - ) - (builtins.readFile ./doom/config.el) - ]; - }; - }; - - programs = { - emacs = { - enable = true; - package = pkgs.emacs29; - }; - - bash.initExtra = mkAfter '' - export PATH="$PATH:$XDG_CONFIG_HOME/emacs/bin" - - # https://github.com/akermu/emacs-libvterm - if [[ "$INSIDE_EMACS" = vterm ]] && [[ -n "$EMACS_VTERM_PATH" ]] && [[ -f "$EMACS_VTERM_PATH/etc/emacs-vterm-bash.sh" ]]; then - source "$EMACS_VTERM_PATH/etc/emacs-vterm-bash.sh" - fi - - # Not sourced from inside Emacs for some reason. Maybe it's not - # considered an interactive shell? - [[ -f ~/.profile ]] && . ~/.profile - ''; - }; - }; - }; -} diff --git a/modules/common/emacs/doom/config.el b/modules/common/emacs/doom/config.el deleted file mode 100644 index c893e7f..0000000 --- a/modules/common/emacs/doom/config.el +++ /dev/null @@ -1,249 +0,0 @@ -;; -;;; Misc -;; - -(setq frame-title-format '("GNU Emacs")) - -(setq-hook! '(prog-mode-hook yaml-mode-hook) - display-line-numbers-type 'relative - scroll-margin 10 - hscroll-margin 10) - -(when (featurep :system 'linux) - (setq browse-url-generic-program (executable-find "firefox") - browse-url-browser-function 'browse-url-generic)) - -;; -;;; Doom-specific -;; - -(setq doom-theme 'modus-operandi - doom-modeline-icon nil - doom-modeline-indent-info t - doom-modeline-total-line-number t - doom-modeline-height 30) - -;; -;;; Editorconfig -;; - -(setq +editorconfig-mode-alist '((sh-mode . "sh")) - editorconfig-exclude-modes '(lisp-mode - common-lisp-mode - emacs-lisp-mode)) - -;; -;;; LSP -;; - -(setq lsp-enable-suggest-server-download nil - lsp-modeline-code-actions-enable nil) - -;; -;;; Go -;; - -(setq lsp-go-analyses - '((unsedvariable . t) - (unusedparams . t) - (unusedwrite . t))) - -;; -;;; Org -;; - -(setq org-directory "~/doc/org/") - -;; For some reason only using `after!' work here. `setq-hook!' and etc doesn't -;; produce expected results. -(after! org - (setq org-todo-keywords '((sequence - "TODO(t)" - "LOOP(r)" - "STRT(s@)" - "WAIT(w@/!)" - "HOLD(h@/!)" - "IDEA(i)" - "PROJ(p)" - "|" - "DONE(d@/!)" - "KILL(k@/!)")) - org-todo-keyword-faces '(("STRT" . +org-todo-active) - ("WAIT" . +org-todo-onhold) - ("HOLD" . +org-todo-onhold) - ("PROJ" . +org-todo-project) - ("KILL" . +org-todo-cancel)) - org-capture-templates '(("t" "Todo" entry - (file+headline +org-capture-todo-file "Inbox") - "* TODO %?\n%i\n%a" :prepend t) - ("n" "Note" entry - (file+headline +org-capture-notes-file "Inbox") - "* %u %?\n%i\n%a" :prepend t) - ("j" "Journal" entry - (file+olp+datetree +org-capture-journal-file) - "* %U %?\n%i\n%a" :prepend t)))) - -(add-hook! 'org-mode-hook 'auto-fill-mode) - -(setq-hook! 'org-mode-hook fill-column 80) - -(setq org-roam-directory "~/doc/roam/" - org-roam-db-location (concat org-roam-directory ".db")) - -(use-package! org-roam-ui - :requires websocket - :after org-roam - :config - (setq org-roam-ui-sync-theme t - org-roam-ui-follow t - org-roam-ui-update-on-save t - org-roam-ui-open-on-start t)) - -;; -;;; LaTeX -;; - -(map! :map cdlatex-mode-map - :i "TAB" #'cdlatex-tab) - -;; -;;; PlantUML -;; - -(setq plantuml-default-exec-mode 'executable - org-plantuml-exec-mode 'plantuml) - -;; -;;; Elisp -;; - -(after! flycheck - (pushnew! flycheck-disabled-checkers 'emacs-lisp-checkdoc)) - -;; Turn this off because it leaves face artifacts when changing indentation. -(add-hook! 'emacs-lisp-mode-hook - (highlight-indent-guides-mode -1)) - -;; -;;; Haskell -;; - -(setq lsp-haskell-formatting-provider "ormolu") - -;; -;;; Nickel -;; - -(use-package! nickel-mode - :config - (after! lsp-mode - (add-to-list 'lsp-language-id-configuration '(nickel-mode . "nickel") - (lsp-register-client (make-lsp-client - :new-connection (lsp-stdio-connection "nls") - :activation-fn (lsp-activate-on "nickel") - :server-id 'nls - :major-modes 'nickel-mode))) - (add-hook 'nickel-mode-hook 'lsp-deferred))) - -;; -;;; YAML -;; - -;; Turn off `flycheck-mode' and `lsp-mode' for Helm templates. -(add-hook! 'yaml-mode-hook - (defun nixfiles/disable-flycheck-for-helm-templates-h () - (when (and buffer-file-name - (string-match-p "/templates/" buffer-file-name) - (or (string-suffix-p ".yaml" buffer-file-name) - (string-suffix-p ".yml" buffer-file-name))) - (remove-hook! 'yaml-mode-local-vars-hook #'lsp!)))) - -(setq-hook! 'yaml-mode-hook +format-with-lsp nil) - -;; -;;; Elfeed -;; - -(setq elfeed-db-directory "~/.elfeed" - elfeed-enclosure-default-dir (concat elfeed-db-directory "/enclosures") - rmh-elfeed-org-files (list (concat elfeed-db-directory "/index.org")) - elfeed-goodies/powerline-default-separator nil - elfeed-goodies/entry-pane-size 0.75 - elfeed-goodies/entry-pane-position 'bottom) - -(add-hook! 'elfeed-new-entry-hook - '((elfeed-make-tagger :before "2 weeks ago" - :remove 'unread) - (elfeed-make-tagger :feed-title "SberMarket Tech" - :entry-title (not ".*(DevOps|Golang).*") - :add 'junk - :remove 'unread) - (elfeed-make-tagger :feed-title "dotconferences" - :entry-title (not ".*dotGo.*") - :add 'junk - :remove 'unread))) - -;; -;;; mu4e -;; - -(setq-hook! 'mu4e-main-mode-hook - mu4e-update-interval 30 - message-send-mail-function #'message-send-mail-with-sendmail - message-sendmail-extra-arguments '("--read-envelope-from") - message-sendmail-f-is-evil t - send-mail-function #'sendmail-send-it - sendmail-program (executable-find "msmtp")) - -;; -;;; Circe -;; - -(setq circe-network-options - (mapcar (lambda (server) - `(,server - :server-buffer-name ,server - :host "azahi.cc" - :port 6697 - :tls t - :logging nil - :user ,(concat circe-default-user "/" server) - :pass ,(lambda (&rest _) - (+pass-get-secret "server/soju.shire.net/azahi")))) - '("libera" "oftc" "hackint" "rizon"))) - -;; -;;; Sops -;; - -(use-package! sops - :config - (global-sops-mode 1)) - -;; -;;; Hledger -;; - -(use-package! hledger-mode - :disabled - :mode ("\\.journal\\'") - :hook ((hledger-view-mode . hl-line-mode) - (hledger-view-mode . center-text-for-reading)) - :init - (setq hledger-jfile "~/doc/accounting/current.journal") - :config - (set-company-backend! 'hledger-mode 'hledger-company) - (add-hook! 'hledger-mode-hook - (lambda (&rest _) - (make-local-variable 'company-backends) - (add-to-list 'company-backends 'hledger-company)))) - -(use-package! hledger-input - :disabled - :hook ((hledger-input-post-commit . hledger-show-new-balances) - (hledger-input-mode . auto-fill-mode) - (hledger-input-mode . (lambda (&rest _) - (make-local-variable 'compay-idle-delay) - (setq-local company-idle-delay 0.1)))) - :init - (setq hledger-input-buffer-height 20)) diff --git a/modules/common/emacs/doom/init.el b/modules/common/emacs/doom/init.el deleted file mode 100644 index 571993b..0000000 --- a/modules/common/emacs/doom/init.el +++ /dev/null @@ -1,99 +0,0 @@ -(doom! :input - japanese - - :completion - company - vertico - - :ui - doom - (emoji +unicode) - hl-todo - indent-guides - ligatures - modeline - nav-flash - ophints - (popup +defaults) - (vc-gutter +diff-hl +pretty) - window-select - workspaces - - :editor - (evil +everywhere) - file-templates - fold - format - parinfer - snippets - word-wrap - - :emacs - dired - electric - ibuffer - undo - vc - - :term - eshell - vterm - - :checkers - syntax - (spell +aspell +everywhere) - grammar - - :tools - ansible - (debugger +lsp) - direnv - (docker +lsp) - editorconfig - (eval +overlay) - (lookup +dictionary +offline) - (lsp +peek) - magit - make - (pass +auth) - pdf - (terraform +lsp) - tree-sitter - upload - - :os - (:if (featurep :system 'macos) macos) - - :lang - (cc +lsp +tree-sitter) - data - dhall - emacs-lisp - (go +lsp +tree-sitter) - (haskell +lsp +tree-sitter) - java - javascript - (json +lsp +tree-sitter) - kotlin - (latex +latexmk +cdlatex +lsp) - markdown - (nix +lsp +tree-sitter) - (org +pandoc +roam2) - plantuml - (python +poetry +lsp +tree-sitter) - (rust +lsp +tree-sitter) - (sh +lsp +tree-sitter) - web - (yaml +lsp +tree-sitter) - (zig +lsp +tree-sitter) - - :email - mu4e - - :app - calendar - irc - (rss +org) - - :config - (default +bindings +smartparens)) diff --git a/modules/common/emacs/doom/packages.el b/modules/common/emacs/doom/packages.el deleted file mode 100644 index 2ed0e4c..0000000 --- a/modules/common/emacs/doom/packages.el +++ /dev/null @@ -1,12 +0,0 @@ -(disable-packages! writegood-mode) - -(package! org-roam-ui) - -(package! nickel-mode) - -(package! hledger-mode) - -(package! sops - :recipe (:type git - :host github - :repo "djgoku/sops")) diff --git a/modules/common/eza.nix b/modules/common/eza.nix deleted file mode 100644 index 96b7d4c..0000000 --- a/modules/common/eza.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.eza; -in -{ - options.nixfiles.modules.eza.enable = mkEnableOption "eza, an alternative to ls"; - - config = mkIf cfg.enable { - nixfiles.modules.common.shell.aliases = rec { - ls = "eza --smart-group --dereference"; - ll = "${ls} --long --grid"; - la = "${ll} --header --all"; - }; - - hm.home.packages = [ pkgs.eza ]; - }; -} diff --git a/modules/common/git.nix b/modules/common/git.nix deleted file mode 100644 index fbe190e..0000000 --- a/modules/common/git.nix +++ /dev/null @@ -1,173 +0,0 @@ -{ - config, - inputs, - lib, - localUsername ? lib.my.username, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.git; -in -{ - options.nixfiles.modules.git.client.enable = mkEnableOption "Git client"; - - config = mkIf cfg.client.enable { - secrets = { - glab-cli-config = { - file = "${inputs.self}/secrets/glab-cli-config"; - path = "${config.dirs.config}/glab-cli/config.yml"; - owner = localUsername; - }; - gh-hosts = { - file = "${inputs.self}/secrets/gh-hosts"; - path = "${config.dirs.config}/gh/hosts.yml"; - owner = localUsername; - }; - hut = { - file = "${inputs.self}/secrets/hut"; - path = "${config.dirs.config}/hut/config"; - owner = localUsername; - }; - }; - - nixfiles.modules.common.shell.aliases = { - gl = "glab"; - ht = "hut"; - }; - - hm = { - home.packages = with pkgs; [ - git-extras - glab - hut - ]; - - programs = { - git = { - enable = true; - - package = pkgs.git.override { - doInstallCheck = false; - pythonSupport = false; - sendEmailSupport = true; - withLibsecret = false; - withSsh = true; - }; - - userName = my.fullname; - userEmail = my.email; - signing = { - inherit (my.pgp) key; - signByDefault = true; - }; - - extraConfig = - { - color.ui = true; - core.whitespace = "trailing-space"; - init.defaultBranch = "master"; - status.submoduleSummary = true; - commit.verbose = true; - push.autoSetupRemote = true; - pull.rebase = true; - rebase = { - autoStash = true; - autoSquash = true; - }; - rerere.enabled = true; - branch.sort = "-committerdate"; - diff = { - mnemonicPrefix = true; - renames = "copies"; - submodule = "log"; - }; - submodule.recurse = true; - sendemail = rec { - smtpServer = my.domain.shire; - smtpUser = "${my.username}@${smtpServer}"; - smtpEncryption = "ssl"; - smtpServerPort = 465; - annotate = true; - confirm = "always"; - }; - column.ui = "auto"; - github.user = my.username; - gitlab.user = my.username; - } - // mapAttrs' (name: value: nameValuePair ''url "git@${value}:"'' { insteadOf = "${name}:"; }) { - "bitbucket" = "bitbucket.com"; - "codeberg" = "codeberg.org"; - "github" = "github.com"; - "gitlab" = "gitlab.com"; - "sourcehut" = "git.sr.ht"; - } - // - mapAttrs' (name: values: nameValuePair ''url "https://${values}/"'' { insteadOf = "${name}:"; }) - { - "alpine" = "gitlab.alpinelinux.org"; - "debian" = "salsa.debian.org"; - "freedesktop" = "gitlab.freedesktop.org"; - "gnome" = "gitlab.gnome.org"; - "haskell" = "gitlab.haskell.org"; - "homotopic" = "gitlab.homotopic.tech"; - "horizon" = "gitlab.horizon-haskell.net"; - "kde" = "invent.kde.org"; - "nixca" = "gitlab.nixca.dev"; - "notabug" = "notabug.org"; - "opencode" = "opencode.net"; - "torproject" = "gitlab.torproject.org"; - "videolan" = "code.videolan.org"; - }; - - aliases = - let - git = getExe config.hm.programs.git.package; - curl = getExe pkgs.curl; - in - { - amend = "commit --amend"; - cat = "cat-file -p"; - fast = "clone --depth=1"; - fixup = "commit --fixup"; - fuck = "!${git} reset --hard && ${git} clean --force -dx"; - get = "pull --all --recurse-submodules --autostash"; - gud = ''commit -m "git gud"''; - refresh = "clean --force -dx"; - tree = "log --graph --date=relative --pretty=tformat:'%Cred%h%Creset -%C(auto)%d%Creset %s %Cgreen(%an %ad)%Creset'"; - uncommit = "reset --soft HEAD~1"; - untrack = "rm --cache --"; - wtc = "!${curl} -sq whatthecommit.com/index.txt | ${git} commit -F -"; - }; - - # All helper tools/editor generated files should go here. This must be - # kept void of any project-specific or residual files. - ignores = [ - "*~" - ".DS_Store" - ".cache/clangd/" - ".ccls-cache/" - ".gdb_history" - ".netrwhist" - ".projectile" - "[._]*.s[a-v][a-z]" - "[._]*.sw[a-p]" - "[._]s[a-rt-v][a-z]" - "[._]ss[a-gi-z]" - "[._]sw[a-p]" - "\#*\#" - "compile_commands*.json" - "cscope.*" - "vgcore.*" - ]; - }; - - gh = { - enable = true; - settings.git_protocol = "ssh"; - }; - }; - }; - }; -} diff --git a/modules/common/gnupg.nix b/modules/common/gnupg.nix deleted file mode 100644 index b32d94c..0000000 --- a/modules/common/gnupg.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.nixfiles.modules.gnupg; -in -{ - options.nixfiles.modules.gnupg.enable = mkEnableOption "GnuPG"; - - config = mkIf cfg.enable { - hm.programs.gpg = { - enable = true; - - settings = - { - display-charset = "utf-8"; - enable-progress-filter = true; - fixed-list-mode = true; - keyid-format = "0xlong"; - no-comments = true; - no-emit-version = true; - no-greeting = true; - with-fingerprint = true; - throw-keyids = false; - - use-agent = true; - - armor = true; - - no-random-seed-file = true; - - list-options = "show-uid-validity"; - verify-options = "show-uid-validity"; - } - // ( - let - cipherAlgos = [ - "AES256" - "AES192" - "AES" - ]; - digestAlgos = [ - "SHA512" - "SHA384" - "SHA256" - "SHA224" - ]; - compressionAlgos = [ - "ZLIB" - "BZIP2" - "ZIP" - "Uncompressed" - ]; - - cs = concatStringsSep " "; - in - { - default-preference-list = cs (cipherAlgos ++ digestAlgos ++ compressionAlgos); - - personal-cipher-preferences = cs cipherAlgos; - personal-digest-preferences = cs digestAlgos; - personal-compress-preferences = cs compressionAlgos; - - s2k-cipher-algo = head cipherAlgos; - s2k-digest-algo = head digestAlgos; - - digest-algo = head digestAlgos; - cert-digest-algo = head digestAlgos; - } - ); - }; - }; -} diff --git a/modules/common/common/home-manager.nix b/modules/common/home-manager.nix index 3c9fa0e..9c4cbeb 100644 --- a/modules/common/common/home-manager.nix +++ b/modules/common/home-manager.nix @@ -1,24 +1,25 @@ { + config, inputs, lib, - localUsername ? lib.my.username, ... }: with lib; { imports = [ + inputs.home-manager.nixosModule (mkAliasOptionModule [ "hm" ] [ "home-manager" "users" - localUsername + my.username ]) ]; hm = { news.display = "silent"; - # NOTE Inheriting directly from `system.stateVersion` does not work with - # nix-darwin for some reason. - home.stateVersion = with builtins; head (split "\n" (readFile "${inputs.nixpkgs}/.version")); + home = { + inherit (config.system) stateVersion; + }; }; home-manager = { diff --git a/modules/common/htop.nix b/modules/common/htop.nix deleted file mode 100644 index 647abf7..0000000 --- a/modules/common/htop.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.nixfiles.modules.htop; -in -{ - options.nixfiles.modules.htop.enable = mkEnableOption "htop"; - - config = mkIf cfg.enable { - hm.programs.htop = { - enable = true; - - settings = with config.hm.lib.htop; { - fields = with fields; [ - PID - USER - PRIORITY - NICE - M_SIZE - M_RESIDENT - M_SHARE - STATE - PERCENT_CPU - PERCENT_MEM - TIME - COMM - ]; - account_guest_in_cpu_meter = 1; - detailed_cpu_time = 0; - enable_mouse = 0; - find_comm_in_cmdline = 1; - header_margin = 1; - hide_function_bar = 1; - hide_kernel_threads = 1; - hide_userland_threads = 1; - highlight_base_name = 1; - highlight_changes = 0; - highlight_changes_delay_secs = 1; - highlight_deleted_exe = 1; - highlight_megabytes = 1; - highlight_threads = 1; - shadow_other_users = 1; - show_cpu_frequency = 1; - show_cpu_usage = 1; - show_program_path = 0; - show_thread_names = 0; - strip_exe_from_cmdline = 1; - tree_view = 1; - tree_view_always_by_pid = 1; - update_process_names = 1; - }; - }; - }; -} diff --git a/modules/common/kernel.nix b/modules/common/kernel.nix new file mode 100644 index 0000000..5c45b5d --- /dev/null +++ b/modules/common/kernel.nix @@ -0,0 +1,40 @@ +{ lib, ... }: +with lib; +{ + boot = { + # I don't use it even on laptops. It's also /required/ to disable it for + # ZFS[1]. + # [1]: https://github.com/openzfs/zfs/issues/260 + # [1]: https://github.com/openzfs/zfs/issues/12842 + kernelParams = [ "hibernate=no" ]; + + kernel.sysctl = { + "fs.file-max" = pow 2 17; + "fs.inotify.max_user_watches" = pow 2 19; + "fs.suid_dumpable" = 0; + "kernel.core_uses_pid" = 1; + "kernel.exec-shield" = 1; + "kernel.kptr_restrict" = 1; + "kernel.maps_protect" = 1; + "kernel.msgmax" = pow 2 16; + "kernel.msgmnb" = pow 2 16; + "kernel.pid_max" = pow 2 16; + "kernel.randomize_va_space" = 2; + "kernel.shmall" = pow 2 28; + "kernel.shmmax" = pow 2 28; + "kernel.sysrq" = 0; + "vm.dirty_background_bytes" = pow 2 22; + "vm.dirty_background_ratio" = 5; + "vm.dirty_bytes" = pow 2 22; + "vm.dirty_ratio" = 30; + "vm.min_free_kbytes" = pow 2 16; + "vm.mmap_min_addr" = pow 2 12; + "vm.overcommit_memory" = mkDefault 0; + "vm.overcommit_ratio" = mkDefault 50; + "vm.vfs_cache_pressure" = 50; + }; + }; + + # https://docs.kernel.org/admin-guide/mm/ksm.html + hardware.ksm.enable = true; +} diff --git a/modules/common/locale.nix b/modules/common/locale.nix new file mode 100644 index 0000000..7e8eefb --- /dev/null +++ b/modules/common/locale.nix @@ -0,0 +1,46 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; +{ + hm.home.language = { + collate = "C"; + messages = "C"; + }; + + i18n = { + defaultLocale = mkDefault "en_GB.UTF-8"; + supportedLocales = [ + "C.UTF-8/UTF-8" + "en_GB.UTF-8/UTF-8" + "en_US.UTF-8/UTF-8" + "ja_JP.UTF-8/UTF-8" + "ru_RU.UTF-8/UTF-8" + ]; + + inputMethod = { + enabled = null; # FIXME Breaks on Wayland. + fcitx5 = { + addons = with pkgs; [ + fcitx5-configtool + fcitx5-mozc + ]; + waylandFrontend = config.nixfiles.modules.wayland.enable; + }; + }; + }; + + services.xserver.xkb = { + layout = "us,ru"; + variant = ",phonetic"; + options = concatStringsSep "," [ + "caps:escape" + "compose:menu" + "grp:win_space_toggle" + "terminate:ctrl_alt_bksp" + ]; + }; +} diff --git a/modules/common/mpv.nix b/modules/common/mpv.nix deleted file mode 100644 index 9cd1e91..0000000 --- a/modules/common/mpv.nix +++ /dev/null @@ -1,156 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.mpv; -in -{ - options.nixfiles.modules.mpv.enable = mkEnableOption "mpv"; - - config = mkIf cfg.enable { - hm.programs.mpv = { - enable = true; - - package = - with pkgs; - wrapMpv - (mpv-unwrapped.override { - bs2bSupport = false; - cacaSupport = false; - dvbinSupport = false; - dvdnavSupport = false; - swiftSupport = false; - }) - { - scripts = with mpvScripts; [ - autoload - sponsorblock - ]; - }; - - bindings = { - "RIGHT" = "seek 10"; - "LEFT" = "seek -10"; - "UP" = "seek 60"; - "DOWN" = "seek -60"; - - "Shift+RIGHT" = "no-osd seek 1 exact"; - "Shift+LEFT" = "no-osd seek -1 exact"; - "Shift+UP" = "no-osd seek 5 exact"; - "Shift+DOWN" = "no-osd seek -5 exact"; - - "Alt+h" = "add sub-delay +1"; - "Alt+l" = "add sub-delay -1"; - - "Alt+k" = "add sub-scale +0.1"; - "Alt+j" = "add sub-scale -0.1"; - - "B" = ''cycle-values background "#000000" "#ffffff"''; - }; - - profiles = { - "protocol.http".force-window = "immediate"; - "protocol.https".profile = "protocol.http"; - - "extension.gif" = { - cache = false; - loop-file = true; - }; - "extension.png" = { - profile = "extension.gif"; - video-aspect-override = 0; - }; - "extension.jpeg".profile = "extension.png"; - "extension.jpg".profile = "extension.png"; - }; - - config = - let - lang = concatStringsSep "," [ - "Japanese" - "japanese" - "jp" - "jpn" - "jaJP" - "ja-JP" - "English" - "english" - "en" - "eng" - "enUS" - "en-US" - "Russian" - "russian" - "ru" - "rus" - "ruRU" - "ru-RU" - ]; - in - { - autofit-larger = "100%x95%"; - cache = true; - cursor-autohide = 1000; - cursor-autohide-fs-only = true; - demuxer-max-back-bytes = "20M"; - demuxer-max-bytes = "20M"; - force-seekable = true; - fullscreen = true; - msg-color = true; - msg-module = true; - prefetch-playlist = true; - save-position-on-quit = true; - screenshot-format = "png"; - screenshot-template = "%F [%p]"; - stop-screensaver = true; - term-osd-bar = true; - use-filedir-conf = true; - - osd-bar-align-y = 0; - osd-bar-h = 2; - osd-bar-w = 60; - osd-border-color = "#FF262626"; - osd-border-size = 2; - osd-color = "#FFFFFFFF"; - osd-duration = 1000; - osd-font-size = 40; - osd-fractions = true; - osd-level = 1; - osd-shadow-color = "#33000000"; - - # osc = false; - - blend-subtitles = true; - embeddedfonts = false; - sub-ass-force-margins = true; - sub-ass-force-style = "kerning=yes"; - sub-auto = "fuzzy"; - sub-border-color = "#FF262626"; - sub-border-size = 2.5; - sub-color = "#FFFFFFFF"; - sub-file-paths-append = "srt"; - sub-fix-timing = true; - sub-font-size = 40; - sub-scale-with-window = true; - sub-shadow-color = "#33000000"; - sub-shadow-offset = 1; - sub-spacing = 0.5; - sub-use-margins = true; - - audio-file-auto = "fuzzy"; - volume = 100; - volume-max = 200; - - alang = lang; - slang = lang; - - ytdl = true; - ytdl-raw-options = ''sub-lang="${lang}",write-sub=''; - }; - }; - }; -} diff --git a/modules/common/networking.nix b/modules/common/networking.nix new file mode 100644 index 0000000..727def4 --- /dev/null +++ b/modules/common/networking.nix @@ -0,0 +1,131 @@ +{ + config, + lib, + pkgs, + this, + ... +}: +with lib; +let + cfg = config.nixfiles.modules.common.networking; +in +{ + options.nixfiles.modules.common.networking.onlyDefault = mkEnableOption "custom networking settings"; + + config = mkIf (!cfg.onlyDefault) { + ark.directories = + with config.networking; + optional networkmanager.enable "/etc/NetworkManager/system-connections" + ++ optional wireless.iwd.enable "/var/lib/iwd"; + + # TODO Switch to systemd-networkd. + networking = mkMerge [ + { + domain = my.domain.shire; + + hostName = this.hostname; + hostId = substring 0 8 (builtins.hashString "md5" this.hostname); + + # Remove default hostname mappings. This is required at least by the + # current implementation of the monitoring module. + hosts = { + "127.0.0.2" = mkForce [ ]; + "::1" = mkForce [ ]; + }; + + nameservers = mkDefault dns.const.quad9.default; + resolvconf.enable = true; + + useDHCP = false; + + nftables.enable = true; + + firewall = { + enable = true; + + rejectPackets = false; + + allowPing = true; + pingLimit = "1/minute burst 5 packets"; + + logRefusedConnections = false; + logRefusedPackets = false; + logRefusedUnicastsOnly = false; + logReversePathDrops = false; + }; + } + ( + let + interface = "eth0"; # This assumes `usePredictableInterfaceNames` is false. + in + mkIf (hasAttr "ipv4" this && hasAttr "ipv6" this) { + usePredictableInterfaceNames = false; # NOTE This can break something! + interfaces.${interface} = { + ipv4.addresses = + with this.ipv4; + optional (isString address && isInt prefixLength) { inherit address prefixLength; }; + + ipv6.addresses = + with this.ipv6; + optional (isString address && isInt prefixLength) { inherit address prefixLength; }; + }; + defaultGateway = + with this.ipv4; + mkIf (isString gatewayAddress) { + inherit interface; + address = gatewayAddress; + }; + defaultGateway6 = + with this.ipv6; + mkIf (isString gatewayAddress) { + inherit interface; + address = gatewayAddress; + }; + } + ) + (mkIf this.isHeadful { + interfaces = { + eth0.useDHCP = mkDefault true; + wlan0.useDHCP = mkDefault true; + }; + + networkmanager = { + enable = mkDefault true; + wifi.backend = "iwd"; + }; + + wireless = { + enable = false; + iwd.enable = mkDefault true; + userControlled.enable = true; + allowAuxiliaryImperativeNetworks = true; + }; + }) + ]; + + environment = { + shellAliases = listToAttrs ( + map ({ name, value }: nameValuePair name "${pkgs.iproute2}/bin/${value}") [ + { + name = "bridge"; + value = "bridge -color=always"; + } + { + name = "ip"; + value = "ip -color=always"; + } + { + name = "tc"; + value = "tc -color=always"; + } + ] + ); + + systemPackages = with pkgs; [ + ethtool + myip + nethogs + ]; + }; + }; +} diff --git a/modules/common/nix.nix b/modules/common/nix.nix new file mode 100644 index 0000000..db46336 --- /dev/null +++ b/modules/common/nix.nix @@ -0,0 +1,150 @@ +{ + config, + inputs, + lib, + pkgs, + this, + ... +}: +with lib; +let + cfg = config.nixfiles.modules.common.nix; +in +{ + options.nixfiles.modules.common.nix.allowedUnfreePackages = mkOption { + description = "A list of allowed unfree packages."; + type = with types; listOf str; + default = [ ]; + }; + + config = { + _module.args = + let + importNixpkgs = + nixpkgs: + import nixpkgs { + inherit (config.nixpkgs) config; + inherit (this) system; + }; + in + rec { + pkgsLocal = importNixpkgs "${config.my.home}/src/nixpkgs"; # Impure! + pkgsMaster = importNixpkgs inputs.nixpkgs-master; + pkgsStable = importNixpkgs inputs.nixpkgs-stable; + pkgsRev = + rev: hash: + importNixpkgs ( + pkgs.fetchFromGitHub { + owner = "NixOS"; + repo = "nixpkgs"; + inherit rev hash; + } + ); + pkgsPr = pr: pkgsRev "refs/pull/${toString pr}/head"; + }; + + hm = { + # Used primarily in conjunction with the "nixfiles" script. + home.file.".nix-defexpr/default.nix".text = + let + hostname = strings.escapeNixIdentifier this.hostname; + in + optionalString this.isHeadful '' + let + self = builtins.getFlake "nixfiles"; + configurations = self.nixosConfigurations; + local = configurations.${hostname}; + in rec { + inherit self; + inherit (self) inputs lib; + inherit (lib) my; + this = my.configurations.${hostname}; + inherit (local) config; + inherit (local.config.system.build) toplevel vm vmWithBootLoader manual; + pretty = expr: lib.trace (lib.generators.toPretty {} expr) {}; + } // configurations // local._module.args + ''; + + programs.bash.shellAliases.nix = "nix --verbose --print-build-logs"; + }; + + nix = + let + notSelfInputs = filterAttrs (n: _: n != "self") inputs; + in + { + daemonCPUSchedPolicy = "idle"; + daemonIOSchedClass = "idle"; + daemonIOSchedPriority = 7; + + settings = { + # https://nixos.org/manual/nix/unstable/contributing/experimental-features.html#currently-available-experimental-features + # https://github.com/NixOS/nix/blob/master/src/libutil/experimental-features.cc + experimental-features = concatStringsSep " " [ + "flakes" + "nix-command" + "recursive-nix" + "repl-flake" + ]; + + keep-derivations = if this.isHeadful then "true" else "false"; + keep-outputs = if this.isHeadful then "true" else "false"; + + flake-registry = "${inputs.flake-registry}/flake-registry.json"; + + warn-dirty = false; + + keep-going = true; + + substituters = [ + "https://azahi.cachix.org" + "https://nix-community.cachix.org" + ]; + trusted-public-keys = [ + "azahi.cachix.org-1:2bayb+iWYMAVw3ZdEpVg+NPOHCXncw7WMQ0ElX1GO3s=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + + trusted-users = [ + "root" + my.username + ]; + }; + + nixPath = mapAttrsToList (n: v: "${n}=${v}") notSelfInputs ++ [ + "nixfiles=${config.my.home}/src/nixfiles" + ]; + + registry = mapAttrs (_: flake: { inherit flake; }) notSelfInputs // { + nixfiles.flake = inputs.self; + }; + }; + + nixpkgs = { + config.allowUnfreePredicate = p: elem (getName p) cfg.allowedUnfreePackages; + + overlays = with inputs; [ + self.overlays.default + (_: _: { }) + ]; + }; + + environment = { + localBinInPath = true; + defaultPackages = mkForce [ ]; + systemPackages = + with pkgs; + optionals this.isHeadful [ + nix-top + nix-tree + nixfiles + ]; + sessionVariables = { + NIXFILES = "${config.my.home}/src/nixfiles"; + NIX_SHELL_PRESERVE_PROMPT = "1"; + }; + }; + + system.stateVersion = with builtins; head (split "\n" (readFile "${inputs.nixpkgs}/.version")); + }; +} diff --git a/modules/common/nmap.nix b/modules/common/nmap.nix deleted file mode 100644 index 71b3d0b..0000000 --- a/modules/common/nmap.nix +++ /dev/null @@ -1,80 +0,0 @@ -{ - config, - lib, - pkgs, - inputs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.nmap; -in -{ - options.nixfiles.modules.nmap.enable = mkEnableOption "Nmap"; - - config = mkIf cfg.enable { - nixfiles.modules.common.shell.aliases = { - nmap-vulners = "nmap -sV --script=vulners/vulners.nse"; - nmap-vulscan = "nmap -sV --script=vulscan/vulscan.nse"; - }; - - hm = { - home = { - file = { - ".nmap/scripts/vulners".source = inputs.nmap-vulners; - ".nmap/scripts/vulscan/vulscan.nse".source = "${inputs.nmap-vulscan}/vulscan.nse"; - }; - - packages = with pkgs; [ - nmap - nmap-formatter - ]; - - activation.regenerateNmapScripts = with pkgs; '' - ${getExe' nmap "nmap"} --script-updatedb - ''; - }; - - systemd.user = { - services.update-nmap-vulscan-lists = { - Service = { - ExecStart = getExe ( - pkgs.writeShellApplication { - name = "update-nmap-vulscan-lists"; - runtimeInputs = [ pkgs.curl ]; - text = '' - declare -a vulscandbs=( - "cve" - "exploitdb" - "openvas" - "osvdb" - "scipvuldb" - "securityfocus" - "securitytracker" - "xforce" - ) - for i in "''${vulscandbs[@]}"; do - curl \ - -o "${config.my.home}/.nmap/scripts/vulscan/$i.csv" \ - "https://www.computec.ch/projekte/vulscan/download/$i.csv" - done - ''; - } - ); - }; - }; - - timers.update-nmap-vulscan-lists = { - # TODO Figure out how to check for network-online.target for user - # timers. - Timer = { - OnCalendar = "daily"; - Persistent = true; - Unit = "update-nmap-vulscan-lists.service"; - }; - Install.WantedBy = [ "timers.target" ]; - }; - }; - }; - }; -} diff --git a/modules/common/openssh.nix b/modules/common/openssh.nix deleted file mode 100644 index f60a1ef..0000000 --- a/modules/common/openssh.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.openssh; -in -{ - options.nixfiles.modules.openssh.client.enable = mkEnableOption "OpenSSH client"; - - config = mkIf cfg.client.enable { - hm = { - home.packages = with pkgs; [ - mosh - sshfs - sshpass - ]; - - programs.ssh = { - enable = true; - - hashKnownHosts = true; - - controlMaster = "auto"; - controlPersist = "24H"; - - serverAliveCountMax = 30; - serverAliveInterval = 60; - - matchBlocks = - let - mkBlock = - name: - { - hostname ? name, - port ? 22022, # NOTE This is not the default OpenSSH port. - user ? my.username, - identityFile ? "${config.my.home}/.ssh/${my.username}_${my.ssh.type}", - extraAttrs ? { }, - }: - nameValuePair name ( - { - inherit - hostname - port - user - identityFile - ; - } - // extraAttrs - ); - - internalServers = mapAttrs' mkBlock ( - mapAttrs (name: _: { hostname = "${name}.${my.domain.shire}"; }) ( - filterAttrs (_: attr: hasAttr "wireguard" attr && attr.isHeadless) my.configurations - ) - ); - in - internalServers - // (mapAttrs' mkBlock { - gitolite = { - user = "git"; - hostname = "git.${my.domain.shire}"; - }; - }); - }; - }; - }; -} diff --git a/modules/common/password-store.nix b/modules/common/password-store.nix deleted file mode 100644 index e5cd756..0000000 --- a/modules/common/password-store.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.password-store; -in -{ - options.nixfiles.modules.password-store.enable = mkEnableOption "the standard UNIX password manager"; - - config = mkIf cfg.enable { - hm.programs = { - password-store = { - enable = true; - - package = pkgs.pass.withExtensions (p: with p; [ pass-otp ]); - - settings.PASSWORD_STORE_DIR = "${config.my.home}/.password-store"; - }; - - # HACK https://github.com/NixOS/nixpkgs/issues/183604 - bash.initExtra = - let - completions = "${config.hm.programs.password-store.package}/share/bash-completion/completions"; - in - mkAfter '' - source ${completions}/pass-otp - source ${completions}/pass - ''; - }; - }; -} diff --git a/modules/common/profiles/default.nix b/modules/common/profiles/default.nix deleted file mode 100644 index 79ce39d..0000000 --- a/modules/common/profiles/default.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ - config, - lib, - pkgs, - this, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.profiles.default; -in -{ - imports = [ - ./dev - ./email.nix - ./headful.nix - ./headless.nix - ]; - - options.nixfiles.modules.profiles.default.enable = - mkEnableOption "The most default profile of them all." - // { - default = true; - }; - - config = mkIf cfg.enable { - assertions = [ - { - assertion = !(with this; isHeadless && isHeadful); - message = '' - The configuration cannot be both "headful" and "headless" at the same - time. - ''; - } - ]; - - nixfiles.modules = { - bat.enable = true; - eza.enable = true; - htop.enable = true; - tmux.enable = true; - vim.enable = true; - }; - - time.timeZone = "Europe/Moscow"; - - environment.systemPackages = with pkgs; [ - file - tree - ]; - }; -} diff --git a/modules/common/profiles/dev/containers.nix b/modules/common/profiles/dev/containers.nix deleted file mode 100644 index 8f3bfc6..0000000 --- a/modules/common/profiles/dev/containers.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.profiles.dev.containers; -in -{ - options.nixfiles.modules.profiles.dev.containers.enable = - mkEnableOption "Tools for working with containers and container orchestration" - // { - default = config.nixfiles.modules.profiles.dev.enable; - }; - - config = mkIf cfg.enable { - nixfiles.modules.common.shell.aliases = { - h = "helm"; - k = "kubectl"; - kns = "kubens"; - ktx = "kubectx"; - }; - - hm.home = { - sessionVariables = { - MINIKUBE_IN_STYLE = "false"; - WERF_DEV = "true"; - WERF_INSECURE_REGISTRY = "true"; - WERF_LOG_DEBUG = "true"; - WERF_LOG_PRETTY = "false"; - WERF_LOG_VERBOSE = "true"; - WERF_SYNCHRONIZATION = ":local"; - WERF_TELEMETRY = "false"; - }; - - packages = with pkgs; [ - k9s - kubectl - kubectl-doctor - kubectl-images - kubectl-tree - kubectx - kubelogin-oidc - kubent - kubernetes-helm - kubespy - minikube - skopeo - stern - telepresence2 - werf - ]; - }; - }; -} diff --git a/modules/common/profiles/dev/default.nix b/modules/common/profiles/dev/default.nix deleted file mode 100644 index 6ac1fe6..0000000 --- a/modules/common/profiles/dev/default.nix +++ /dev/null @@ -1,84 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.profiles.dev; -in -{ - imports = [ - ./containers.nix - ./hidden.nix - ./sql.nix - ]; - - options.nixfiles.modules.profiles.dev.enable = mkEnableOption "Catch-all profile for stuff related to software development and etc."; - - config = mkIf cfg.enable { - nixfiles.modules = { - bat.enable = true; - curl.enable = true; - direnv.enable = true; - editorconfig.enable = true; - git.client.enable = true; - gnupg.enable = true; - nmap.enable = true; - wget.enable = true; - }; - - hm = { - home = { - sessionVariables = rec { - CABAL_DIR = "${config.dirs.data}/cabal"; - CABAL_CONFIG = pkgs.writeText "cabal-config" '' - repository hackage.haskell.org - url: https://hackage.haskell.org/ - secure: True - - jobs: $ncpus - - remote-repo-cache: ${CABAL_DIR}/packages - - world-file: ${CABAL_DIR}/world - - logs-dir: ${CABAL_DIR}/logs - build-summary: ${CABAL_DIR}/logs/build.log - - installdir: ${CABAL_DIR}/bin - extra-prog-path: ${CABAL_DIR}/bin - ''; - STACK_ROOT = "${config.dirs.data}/stack"; - - RUSTUP_HOME = "${config.dirs.data}/rustup"; - CARGO_HOME = "${config.dirs.data}/cargo"; - - GOPATH = "${config.dirs.data}/go"; - GORE_HOME = "${config.dirs.data}/gore"; - - PYTHONSTARTUP = ./pystartup.py; - }; - - packages = with pkgs; [ - age - htmlq - httpie - hydra-check - jq - logcli - nix-update - nixpkgs-review - sops - yq - ]; - }; - - xdg.configFile = { - "gdb/gdbinit".source = ./gdbinit; - "ghc/ghci.conf".source = ./ghci.conf; - }; - }; - }; -} diff --git a/modules/common/profiles/dev/gdbinit b/modules/common/profiles/dev/gdbinit deleted file mode 100644 index e266236..0000000 --- a/modules/common/profiles/dev/gdbinit +++ /dev/null @@ -1,41 +0,0 @@ -set confirm off -set verbose off -set editing off - -set history expansion on - -set height 0 -set width 0 - -handle SIGALRM nostop print nopass -handle SIGBUS stop print nopass -handle SIGPIPE nostop print nopass -handle SIGSEGV stop print nopass - -set print address on -set print elements 0 -set print object on -set print pretty on -set print repeats 0 -set print static-members on -set print vtbl on - -set output-radix 10 - -set demangle-style gnu-v3 - -set disassembly-flavor intel - -alias iv=info variables - -alias da=disassemble - -define fs - finish - step -end - -define btc - backtrace - continue -end diff --git a/modules/common/profiles/dev/ghci.conf b/modules/common/profiles/dev/ghci.conf deleted file mode 100644 index d672167..0000000 --- a/modules/common/profiles/dev/ghci.conf +++ /dev/null @@ -1,35 +0,0 @@ -:set -XBinaryLiterals -:set -XFlexibleContexts -:set -XNoMonomorphismRestriction - -:seti -XConstraintKinds -:seti -XDataKinds -:seti -XDeriveFunctor -:seti -XFlexibleInstances -:seti -XFunctionalDependencies -:seti -XGADTs -:seti -XLambdaCase -:seti -XMagicHash -:seti -XMultiParamTypeClasses -:seti -XMultiWayIf -:seti -XOverloadedLabels -:seti -XPackageImports -:seti -XPolyKinds -:seti -XRankNTypes -:seti -XScopedTypeVariables -:seti -XStandaloneDeriving -:seti -XTupleSections -:seti -XTypeFamilies -:seti -XTypeOperators -:seti -XUndecidableInstances - -:set +c -:set +m -:set +r -:set +s -:set +t - -:set prompt "\ESC[1;34m>\ESC[m\STX " -:set prompt-cont "\ESC[1;94m|\ESC[m\STX " - -:def hoogle \x -> pure (":!hoogle --color --count=10 \"" ++ x ++ "\"") diff --git a/modules/common/profiles/dev/pystartup.py b/modules/common/profiles/dev/pystartup.py deleted file mode 100644 index adde66c..0000000 --- a/modules/common/profiles/dev/pystartup.py +++ /dev/null @@ -1,121 +0,0 @@ -import atexit -import os -import readline -import rlcompleter -import sys -from code import InteractiveConsole -from tempfile import mkstemp - -readline.parse_and_bind("tab: complete") - - -class TermColors(dict): - color_templates = ( - ("Normal", "0"), - ("Black", "0;30"), - ("Red", "0;31"), - ("Green", "0;32"), - ("Brown", "0;33"), - ("Blue", "0;34"), - ("Purple", "0;35"), - ("Cyan", "0;36"), - ("LightGray", "0;37"), - ("DarkGray", "1;30"), - ("LightRed", "1;31"), - ("LightGreen", "1;32"), - ("Yellow", "1;33"), - ("LightBlue", "1;34"), - ("LightPurple", "1;35"), - ("LightCyan", "1;36"), - ("White", "1;37"), - ) - color_base = "\001\033[%sm\002" - - def __init__(self): - self.update(dict([(k, self.color_base % v) for k, v in self.color_templates])) - - -class Completer(object): - def save_history(self): - import readline - - readline.write_history_file(self.python_histfile) - - def __init__(self): - self.python_dir = os.path.expanduser("%s/python" % os.environ["XDG_DATA_HOME"]) - - if not os.path.exists(self.python_dir): - os.mkdir(self.python_dir) - - self.python_histfile = os.path.expanduser("%s/history" % self.python_dir) - - if os.path.exists(self.python_histfile): - readline.read_history_file(self.python_histfile) - - readline.set_history_length(1000) - atexit.register(self.save_history) - - -def DisplayHook(value): - if value is not None: - try: - import __builtin__ - - __builtin__._ = value - except ImportError: - __builtins__._ = value - - import pprint - - pprint.pprint(value) - del pprint - - -class EditableBufferInteractiveConsole(InteractiveConsole): - def __init__(self, *args, **kwargs): - self.last_buffer = [] - InteractiveConsole.__init__(self, *args, **kwargs) - - def runsource(self, source, *args): - self.last_buffer = [source.encode("utf-8")] - return InteractiveConsole.runsource(self, source, *args) - - def raw_input(self, *args): - line = InteractiveConsole.raw_input(self, *args) - - if line == EDIT_CMD: - tmp_fd, tmp_file = mkstemp(".py") - - os.write(tmp_fd, b"\n".join(self.last_buffer)) - os.close(tmp_fd) - - os.system("%s %s" % (EDITOR, tmp_file)) - - line = open(tmp_file).read() - - os.unlink(tmp_file) - tmp_file = "" - - lines = line.split("\n") - - for i in range(len(lines) - 1): - self.push(lines[i]) - - line = lines[-1] - return line - - -TC = TermColors() -ps1 = "%sλ%s %s>%s " -sys.ps1 = ps1 % (TC["Blue"], TC["Normal"], TC["White"], TC["Normal"]) -ps2 = " %s…%s %s>%s " -sys.ps2 = ps2 % (TC["Blue"], TC["Normal"], TC["White"], TC["Normal"]) -sys.displayhook = DisplayHook - -C = Completer() -EDITOR = os.environ.get("EDITOR", "vim") -EDIT_CMD = ":e" -C = EditableBufferInteractiveConsole(locals=locals()) -C.interact(banner="") - -sys.exit() diff --git a/modules/common/profiles/dev/sql.nix b/modules/common/profiles/dev/sql.nix deleted file mode 100644 index c2d4894..0000000 --- a/modules/common/profiles/dev/sql.nix +++ /dev/null @@ -1,105 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.profiles.dev.sql; -in -{ - options.nixfiles.modules.profiles.dev.sql.enable = - mkEnableOption "SQL stuff and database management tools" - // { - default = config.nixfiles.modules.profiles.dev.enable; - }; - - config = mkIf cfg.enable { - hm = { - home.packages = with pkgs; [ - pgcli - litecli - ]; - - xdg = - let - mainSection = { - destructive_warning = "True"; - enable_pager = "True"; - keyword_casing = "auto"; - less_chatty = "True"; - log_file = "/dev/null"; - log_level = "CRITICAL"; - multi_line = "False"; - syntax_style = "default"; - table_format = "fancy_grid"; - }; - - colorsSection = with config.colors.withHashtag; { - "arg-toolbar" = "noinherit bold"; - "arg-toolbar.text" = "nobold"; - "bottom-toolbar" = "bg:${base01} ${base06}"; - "bottom-toolbar.off" = "bg:${base01} ${base02}"; - "bottom-toolbar.on" = "bg:${base01} ${base07}"; - "bottom-toolbar.transaction.failed" = "bg:${base01} ${base08} bold"; - "bottom-toolbar.transaction.valid" = "bg:${base01} ${base0B} bold"; - "completion-menu.completion" = "bg:${base01} ${base06}"; - "completion-menu.completion.current" = "bg:${base06} ${base01}"; - "completion-menu.meta.completion" = "bg:${base01} ${base13}"; - "completion-menu.meta.completion.current" = "bg:${base09} ${base01}"; - "completion-menu.multi-column-meta" = "bg:${base09} ${base01}"; - "scrollbar" = "bg:${base01}"; - "scrollbar.arrow" = "bg:${base01}"; - "search" = "bg:${base17} ${base07}"; - "search-toolbar" = "noinherit bold"; - "search-toolbar.text" = "nobold"; - "search.current" = "bg:${base14} ${base07}"; - "selected" = "bg:${base0D} ${base07}"; - "system-toolbar" = "noinherit bold"; - }; - - mkCliConfig = - { name, custom }: - { - "${name}/config" = { - text = generators.toINI { } { - main = mainSection // custom; - colors = mapAttrs (_: v: "'${v}'") colorsSection; - }; - }; - }; - in - { - configFile = mkMerge ( - map mkCliConfig [ - { - name = "pgcli"; - custom = { - prompt = "'\\u@\\h:\\d> '"; - multi_line_mode = "psql"; - on_error = "STOP"; - auto_expand = "True"; - expand = "True"; - keyring = "False"; - vi = "True"; - casing_file = "/dev/null"; - history_file = "/dev/null"; - }; - } - { - name = "litecli"; - custom = { - prompt = "'\\d> '"; - prompt_continuation = "'-> '"; - auto_vertical_output = "True"; - key_bindings = "vi"; - audit_log = "/dev/null"; - }; - } - ] - ); - }; - }; - }; -} diff --git a/modules/common/profiles/email.nix b/modules/common/profiles/email.nix deleted file mode 100644 index cf4169c..0000000 --- a/modules/common/profiles/email.nix +++ /dev/null @@ -1,123 +0,0 @@ -{ - config, - lib, - pkgs, - this, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.profiles.email; -in -{ - options.nixfiles.modules.profiles.email.enable = mkEnableOption "Local Email management" // { - default = this.isHeadful; - }; - - config = mkIf cfg.enable { - hm = { - accounts.email = { - maildirBasePath = "${config.my.home}/doc/mail"; - - accounts = - let - mkAccount = - attrs: - mkMerge [ - { - mbsync = { - enable = true; - create = "both"; - expunge = "both"; - patterns = [ "*" ]; - }; - msmtp.enable = true; - mu.enable = true; - thunderbird = { - enable = hasSuffix "linux" this.system; - settings = id: { - "mail.identity.id_${id}.compose_html" = false; - "mail.identity.id_${id}.reply_on_top" = 0; - }; - }; - } - attrs - ]; - - getPassword = - { - path, - line ? 0, - }: - assert (builtins.isInt line); - concatStringsSep " " ( - [ - (getExe config.hm.programs.password-store.package) - "show" - path - ] - ++ optionals (line > 0) [ - "|" - (getExe pkgs.gnused) - "-e" - "'${toString line}!d'" - ] - ); - in - { - shire = mkAccount rec { - address = my.email; - aliases = [ - address - "frodo@rohan.net" - "azahi@shire.net" - ]; - realName = my.fullname; - gpg = { - inherit (my.pgp) key; - signByDefault = false; - encryptByDefault = false; - }; - - primary = true; - - imap = { - host = "shire.net"; - port = 993; - tls.enable = true; - }; - smtp = { - host = "shire.net"; - port = 465; - tls.enable = true; - }; - userName = "azahi@shire.net"; - passwordCommand = getPassword { path = "email/shire.net/azahi"; }; - }; - - yahoo = mkAccount rec { - address = "admin@yahoo.com"; - aliases = [ - address - "admin@yahoo.com" - ]; - realName = "Firstname Lastname"; - - flavor = "yahoo.com"; - userName = "admin@yahoo.com"; - passwordCommand = getPassword { - path = "email/yahoo.com/admin"; - line = 2; - }; - }; - }; - }; - - programs = { - mbsync.enable = true; - msmtp.enable = true; - mu.enable = true; - }; - }; - }; -} diff --git a/modules/common/profiles/headful.nix b/modules/common/profiles/headful.nix deleted file mode 100644 index cd29225..0000000 --- a/modules/common/profiles/headful.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ - config, - lib, - pkgs, - this, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.profiles.headful; -in -{ - options.nixfiles.modules.profiles.headful.enable = mkEnableOption "headful profile" // { - default = this.isHeadful; - }; - - config = mkIf cfg.enable { - nixfiles.modules = { - profiles.dev.enable = true; - - alacritty.enable = true; - aria2.enable = true; - emacs.enable = true; - mpv.enable = true; - openssh.client.enable = true; - password-store.enable = true; - vscode.enable = true; - zathura.enable = true; - }; - - hm = { - home = { - file.".digrc".text = '' - +answer - +multiline - +recurse - ''; - - packages = with pkgs; [ - fd - ripgrep - sd - tldr - ]; - }; - }; - - environment.systemPackages = with pkgs; [ - arping - dnsutils - inetutils - ldns - socat - tcpdump - ]; - }; -} diff --git a/modules/common/profiles/headless.nix b/modules/common/profiles/headless.nix deleted file mode 100644 index 1f8096c..0000000 --- a/modules/common/profiles/headless.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - config, - lib, - pkgs, - this, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.profiles.headless; -in -{ - options.nixfiles.modules.profiles.headless.enable = mkEnableOption "headless profile" // { - default = this.isHeadless; - }; - - config = mkIf cfg.enable { - hm.home.file = { - ".hushlogin".text = ""; - ".bash_history".source = config.hm.lib.file.mkOutOfStoreSymlink "/dev/null"; - }; - - environment.systemPackages = with pkgs; [ alacritty.terminfo ]; - }; -} diff --git a/modules/common/qutebrowser.nix b/modules/common/qutebrowser.nix deleted file mode 100644 index 8fdcf48..0000000 --- a/modules/common/qutebrowser.nix +++ /dev/null @@ -1,342 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.qutebrowser; -in -{ - options.nixfiles.modules.qutebrowser.enable = mkEnableOption "Qutebrowser"; - - config = mkIf cfg.enable { - nixfiles.modules = { - mpv.enable = true; - vim.enable = true; - }; - - hm = { - programs.qutebrowser = with config.nixfiles.modules; { - enable = true; - - keyBindings.normal = mkIf mpv.enable { - "z" = - let - mpv = getExe config.hm.programs.mpv.package; - in - "hint links spawn --detach ${mpv} {hint-url}"; - }; - - searchEngines = rec { - aliexpress = "https://www.aliexpress.com/wholesale?SearchText={}"; - ansible = "https://galaxy.ansible.com/search?keywords={}"; - arch = "https://wiki.archlinux.org/?search={}"; - crates = "https://crates.io/search?q={}"; - discogs = "https://www.discogs.com/search/?q={}"; - dockerhub = "https://hub.docker.com/search?q={}"; - doublegis = "https://2gis.ru/search/{}"; - duckduckgo = "https://duckduckgo.com/?q={}'"; - ecosia = "https://www.ecosia.org/search?q={}"; - factorio = "https://wiki.factorio.com/index.php?search={}"; - genius = "https://genius.com/search?q={}"; - github = "https://github.com/search?q={}"; - godocs = "https://godocs.io/?q={}"; - gogdb = "https://www.gogdb.org/products?search={}"; - google = "https://www.google.com/search?q={}"; - google-images = "https://www.google.com/search?q={}&tbm=isch"; - gopkgs = "https://pkg.go.dev/search?q={}"; - habr = "https://habr.com/ru/search/?q={}"; - hackage = "https://hackage.haskell.org/packages/search?terms={}"; - hackernews = "https://hn.algolia.com/?q={}"; - headhunter = "https://hh.ru/search/vacancy?st=searchVacancy&text={}"; - hoogle = "https://hoogle.haskell.org/?hoogle={}"; - jisho = "https://jisho.org/search/{}"; - kotobank = "https://kotobank.jp/gs/?q={}"; - kubernetes = "https://kubernetes.io/search/?q={}"; - lastfm = "https://www.last.fm/search?q={}"; - lobsters = "https://lobste.rs/search?q=test{}"; - mdn = "https://developer.mozilla.org/en-US/search?q={}"; - melpa = "https://melpa.org/#/?q={}"; - moddb = "https://www.moddb.com/search?q={}"; - musicbrainz = "https://musicbrainz.org/search?query={}"; - nix-issues = "https://github.com/NixOS/nix/issues?q={}"; - nix-prs = "https://github.com/NixOS/nix/pulls?q={}"; - nixos-flakes = "https://search.nixos.org/flakes?query={}"; - nixos-options = "https://search.nixos.org/options?query={}"; - nixos-packages = "https://search.nixos.org/packages?query={}"; - nixos-wiki = "https://nixos.wiki/index.php?search={}"; - nixpkgs-issues = "https://github.com/NixOS/nixpkgs/issues?q={}"; - nixpkgs-prs = "https://github.com/NixOS/nixpkgs/pulls?q={}"; - openstreetmap = "https://www.openstreetmap.org/search?query={}"; - ozon = "https://www.ozon.ru/search/?text={}"; - protondb = "https://www.protondb.com/search?q={}"; - pypi = "https://pypi.org/search/?q={}"; - pythondocs = "https://docs.python.org/3/search.html?q={}"; - rateyourmusic = "https://rateyourmusic.com/search?searchterm={}"; - riichi = "https://riichi.wiki/index.php?search={}"; - rustdoc = "https://doc.rust-lang.org/std/?search={}"; - searx = "https://searx.tiekoetter.com/search?q={}"; - slashdot = "https://slashdot.org/index2.pl?fhfilter={}"; - sourcehut = "https://sr.ht/projects?search={}"; - steam = "https://store.steampowered.com/search/?term={}"; - steamdb = "https://steamdb.info/search/?a=app&q={}"; - ubuntu = "https://wiki.ubuntu.com/Home?action=fullsearch&value={}"; - wikipedia-en = "https://en.wikipedia.org/w/index.php?search={}"; - wikipedia-ru = "https://ru.wikipedia.org/w/index.php?search={}"; - wikipedia-ja = "https://ja.wikipedia.org/w/index.php?search={}"; - wolphramalpha = "https://www.wolframalpha.com/input/?i={}"; - yahoo = "https://yahoo.com/search/?text={}"; - yahoo-images = "https://yahoo.com/images/search?text={}"; - yahoo-market = "https://market.yahoo.com/search?text={}"; - youtube = "https://yewtu.be/search?q={}"; - - aw = arch; - d = duckduckgo; - do = dockerhub; - docker = dockerhub; - g = google; - gh = github; - h = hoogle; - k = kubernetes; - mb = musicbrainz; - n = nixos-options; - nw = nixos-wiki; - py = pypi; - pyd = pythondocs; - rym = rateyourmusic; - s = searx; - sh = sourcehut; - sr = sourcehut; - w = wikipedia-en; - wen = wikipedia-en; - wja = wikipedia-ja; - wru = wikipedia-ru; - y = yahoo; - yt = youtube; - }; - - settings = { - changelog_after_upgrade = "never"; - - content = { - autoplay = false; - cookies.accept = "all"; - default_encoding = "utf-8"; - desktop_capture = "ask"; - dns_prefetch = false; - geolocation = false; - headers.do_not_track = true; - javascript.enabled = true; - prefers_reduced_motion = true; - webgl = true; - - blocking = { - enabled = true; - method = "adblock"; - adblock.lists = [ - "https://easylist.to/easylist/easylist.txt" - "https://easylist.to/easylist/easyprivacy.txt" - "https://easylist.to/easylist/fanboy-social.txt" - "https://secure.fanboy.co.nz/fanboy-annoyance.txt" - "https://secure.fanboy.co.nz/fanboy-cookiemonster.txt" - ]; - }; - }; - - completion = { - height = "50%"; - show = "auto"; - shrink = true; - timestamp_format = "%y-%m-%d"; - min_chars = 3; - open_categories = [ - "bookmarks" - "quickmarks" - "history" - ]; - - scrollbar = { - width = 0; - padding = 0; - }; - }; - - downloads = { - location = { - directory = config.userDirs.download; - prompt = true; - }; - remove_finished = 0; - }; - - editor.command = [ - (if alacritty.enable then getExe pkgs.alacritty else getExe pkgs.xterm) - "-e" - (getExe' config.programs.vim.package "vim") - "-f" - "{}" - ]; - - hints = { - auto_follow = "unique-match"; - auto_follow_timeout = 0; - min_chars = 1; - scatter = false; - uppercase = false; - }; - - hints.radius = 0; - keyhint.radius = 0; - prompt.radius = 0; - - scrolling = { - bar = "never"; - smooth = false; - }; - - spellcheck.languages = [ - "en-US" - "en-GB" - "ru-RU" - ]; - - statusbar.position = "bottom"; - - tabs = { - position = "top"; - - title = { - alignment = "left"; - format = "{audio}{index} : {current_title}"; - format_pinned = "{audio}{index}"; - }; - - min_width = -1; - max_width = -1; - - indicator.width = 0; - - pinned = { - shrink = true; - frozen = false; - }; - - close_mouse_button = "middle"; - mousewheel_switching = false; - - background = true; - select_on_remove = "next"; - new_position = { - related = "next"; - unrelated = "last"; - }; - - favicons = { - show = "pinned"; - scale = 0.75; - }; - }; - - url = rec { - default_page = "about:blank"; - start_pages = [ default_page ]; - }; - - window = { - hide_decoration = false; - title_format = "{perc}{current_title}{title_sep}qutebrowser"; - }; - - qt = mkIf kde.enable { - force_platform = null; - force_platformtheme = "KDE"; - }; - }; - - extraConfig = - ( - let - mkPaddingDictionary = - { - name, - bottom, - left, - right, - top, - }: - let - n = "c.${name}.padding"; - b = "'bottom': ${toString bottom}"; - l = "'left': ${toString left}"; - r = "'right': ${toString right}"; - t = "'top': ${toString top}"; - in - "${n} = {${b}, ${l}, ${r}, ${t}}"; - - final = map mkPaddingDictionary [ - { - name = "hints"; - bottom = 3; - left = 3; - right = 3; - top = 3; - } - { - name = "statusbar"; - bottom = 1; - left = 0; - right = 3; - top = 1; - } - { - name = "tabs"; - bottom = 1; - left = 6; - right = 6; - top = 1; - } - ]; - in - concatLines final + "\n" - ) - + ( - let - allowSetting = setting: url: "config.set('content.${setting}', True, '${url}')"; - - allowMediaCaptureSetting = url: [ - (allowSetting "desktop_capture" url) - (allowSetting "media.audio_video_capture" url) - ]; - allowedMediaCapture = flatten ( - map allowMediaCaptureSetting [ - "https://discord.com" - "https://web.telegram.org" - ] - ); - - allowNotificationsSetting = allowSetting "notifications.enabled"; - allowedNotifications = map allowNotificationsSetting [ - "https://discord.com" - "https://web.telegram.org" - ]; - - final = allowedMediaCapture ++ allowedNotifications; - in - concatLines final + "\n" - ); - }; - - home.activation.installQutebrowserDictionaries = - let - dictcli = "${pkgs.qutebrowser}/share/qutebrowser/scripts/dictcli.py"; - in - '' - if [[ ! -d "''${XDG_DATA_HOME:-$HOME/.local/share}/qutebrowser/qtwebengine_dictionaries" ]]; then - ${dictcli} install en-US en-GB ru-RU - fi - ''; - }; - }; -} diff --git a/modules/common/common/secrets.nix b/modules/common/secrets.nix index 3c05c09..03a2eeb 100644 --- a/modules/common/common/secrets.nix +++ b/modules/common/secrets.nix @@ -9,6 +9,7 @@ with lib; { imports = [ + inputs.agenix.nixosModules.default (mkAliasOptionModule [ "secrets" ] [ "age" "secrets" diff --git a/modules/common/security.nix b/modules/common/security.nix new file mode 100644 index 0000000..c635cdc --- /dev/null +++ b/modules/common/security.nix @@ -0,0 +1,31 @@ +_: { + security = { + sudo = { + enable = true; + execWheelOnly = true; + wheelNeedsPassword = false; + extraConfig = '' + Defaults lecture=never + ''; + }; + + polkit = { + enable = true; + extraConfig = '' + /* + * Allow members of the wheel group to execute any actions + * without password authentication, similar to "sudo NOPASSWD:". + * + * https://wiki.archlinux.org/title/Polkit#Bypass_password_prompt + */ + polkit.addRule(function(action, subject) { + if (subject.isInGroup('wheel')) + return polkit.Result.YES; + }); + ''; + }; + + # Pretty much used only for PipeWire. + rtkit.enable = true; + }; +} diff --git a/modules/common/services.nix b/modules/common/services.nix new file mode 100644 index 0000000..12e4bf7 --- /dev/null +++ b/modules/common/services.nix @@ -0,0 +1,10 @@ +_: { + services = { + # https://github.com/Irqbalance/irqbalance/issues/54#issuecomment-319245584 + # https://unix.stackexchange.com/questions/710603/should-the-irqbalance-daemon-be-used-on-a-modern-desktop-x86-system + irqbalance.enable = true; + + # This is upposed to be better? + dbus.implementation = "broker"; + }; +} diff --git a/modules/common/common/shell/default.nix b/modules/common/shell/default.nix index 883bfae..437ce57 100644 --- a/modules/common/common/shell/default.nix +++ b/modules/common/shell/default.nix @@ -191,6 +191,8 @@ in home.packages = with pkgs; [ grc ]; }; + programs.command-not-found.enable = false; + environment = { etc."grc.conf".source = "${pkgs.grc}/etc/grc.conf"; diff --git a/modules/common/common/shell/functions.bash b/modules/common/shell/functions.bash index f354adb..f354adb 100644 --- a/modules/common/common/shell/functions.bash +++ b/modules/common/shell/functions.bash diff --git a/modules/common/stylix.nix b/modules/common/stylix.nix new file mode 100644 index 0000000..953685e --- /dev/null +++ b/modules/common/stylix.nix @@ -0,0 +1,105 @@ +{ + config, + inputs, + lib, + pkgs, + ... +}: +with lib; +{ + imports = [ + inputs.stylix.nixosModules.stylix + (mkAliasOptionModule [ "colors" ] [ + "lib" + "stylix" + "colors" + ]) + ]; + + options.nixfiles.modules.common.stylix.fonts.extraPackages = mkOption { + description = "Font packages."; + default = with pkgs; [ + font-awesome + noto-fonts + noto-fonts-emoji + sarasa-gothic + source-han-mono + source-han-sans + source-han-serif + twitter-color-emoji + ]; + readOnly = true; + }; + + # Styling and color binding can be sourced from here[1]. + # + # [1]: https://github.com/tinted-theming/base24/blob/master/styling.md + config = { + stylix = { + image = pkgs.fetchurl { + url = "https://upload.wikimedia.org/wikipedia/commons/a/a5/Bonaparte_ante_la_Esfinge%2C_por_Jean-Léon_Gérôme.jpg"; + sha256 = "sha256-qWv52oT8cF9K4ZoeawmR3jgoGB2ARfjbKKc12IljUcM="; + }; + + base16Scheme = "${pkgs.base16-schemes}/share/themes/tomorrow.yaml"; + + fonts = { + monospace = { + package = pkgs.iosevka; + name = "Iosevka"; + }; + + serif = { + package = pkgs.iosevka-bin.override { variant = "Etoile"; }; + name = "Iosevka Etoile"; + }; + + sansSerif = { + package = pkgs.iosevka-bin.override { variant = "Aile"; }; + name = "Iosevka Aile"; + }; + + sizes = { + desktop = 10; + applications = 10; + terminal = 12; + }; + }; + + cursor = { + name = "phinger-cursors-light"; + package = pkgs.phinger-cursors; + size = 32; + }; + }; + + fonts = { + packages = mkAfter config.nixfiles.modules.common.stylix.fonts.extraPackages; + + fontconfig.defaultFonts = with config.stylix.fonts; { + serif = mkForce [ + serif.name + "Sarasa Gothic" + "Source Han Serif" + "Noto Serif" + ]; + sansSerif = mkForce [ + sansSerif.name + "Sarasa Gothic" + "Source Han Sans" + "Noto Sans" + ]; + monospace = mkForce [ + monospace.name + "Sarasa Mono" + "Source Han Mono" + "Noto Sans Mono" + ]; + emoji = mkForce [ + "Twitter Color Emoji" + "Noto Color Emoji" + ]; + }; + }; + }; +} diff --git a/modules/common/subversion.nix b/modules/common/subversion.nix deleted file mode 100644 index 9398592..0000000 --- a/modules/common/subversion.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.subversion; -in -{ - options.nixfiles.modules.subversion.enable = mkEnableOption "Subversion"; - - config = mkIf cfg.enable { - nixfiles.modules.gnupg.enable = true; - - hm.home = { - file = { - ".subversion/config".text = generators.toINI { } { - auth = { - password-stores = "gpg-agent"; - ssl-client-cert-file-prompt = "no"; - store-passwords = "yes"; - store-auth-creds = "yes"; - }; - helpers = { - editor-cmd = getExe config.programs.vim.package; - diff-cmd = getExe pkgs.colordiff; - }; - miscellany = { - global-ignores = - with config.hm.programs.git; - optionalString (ignores != [ ]) (concatStringsSep " " ignores); - diff-ignore-content-type = "no"; - }; - working-copy = { - exclusive-locking-clients = "svn"; - exclusive-locking = true; - busy-timeout = 10000; - }; - }; - - ".subversion/servers".text = generators.toINI { } { - global = { - store-auth-creds = "yes"; - store-passwords = "yes"; - store-plaintext-passwords = "yes"; - }; - }; - }; - - packages = [ (pkgs.subversionClient.override { saslSupport = true; }) ]; - }; - }; -} diff --git a/modules/common/systemd.nix b/modules/common/systemd.nix new file mode 100644 index 0000000..b393d9f --- /dev/null +++ b/modules/common/systemd.nix @@ -0,0 +1,43 @@ +{ config, pkgs, ... }: +{ + ark = { + files = [ "/etc/machine-id" ]; + directories = [ "/var/lib/systemd/coredump" ]; + }; + + my.extraGroups = [ "systemd-journal" ]; + + hm.systemd.user.startServices = "sd-switch"; + + boot.initrd.systemd = { + enable = true; + network = { + inherit (config.systemd.network) enable; + wait-online.enable = false; + }; + }; + + services.journald.extraConfig = '' + SystemMaxUse=5G + ''; + + systemd = + let + extraConfig = '' + DefaultTimeoutStartSec=30s + DefaultTimeoutStopSec=15s + ''; + in + { + inherit extraConfig; + user = { + inherit extraConfig; + }; + }; + + environment.sessionVariables = { + SYSTEMD_PAGERSECURE = "1"; + SYSTEMD_PAGER = "${pkgs.less}/bin/less"; + SYSTEMD_LESS = "FRSXMK"; + }; +} diff --git a/modules/common/tmp.nix b/modules/common/tmp.nix new file mode 100644 index 0000000..d56e2b6 --- /dev/null +++ b/modules/common/tmp.nix @@ -0,0 +1,18 @@ +_: { + systemd.mounts = [ + { + type = "tmpfs"; + what = "tmpfs"; + where = "/tmp"; + mountConfig.Options = [ + "huge=within_size" + "mode=1777" + "noatime" + "nodev" + "nosuid" + "rw" + "size=25%" + ]; + } + ]; +} diff --git a/modules/common/tmux.nix b/modules/common/tmux.nix deleted file mode 100644 index a754222..0000000 --- a/modules/common/tmux.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.nixfiles.modules.tmux; -in -{ - options.nixfiles.modules.tmux.enable = mkEnableOption "tmux"; - - config = mkIf cfg.enable { - hm.programs.tmux = { - enable = true; - - aggressiveResize = true; - baseIndex = 1; - clock24 = true; - disableConfirmationPrompt = true; - escapeTime = 0; - historyLimit = 50000; - newSession = true; - resizeAmount = 10; - terminal = "screen-256color"; - - extraConfig = '' - set -g set-titles on - - set -g status-left "" - set -g status-right "" - - set -g detach-on-destroy off - - set -g status-keys emacs - set -g mode-keys vi - - bind h select-pane -L - bind j select-pane -D - bind k select-pane -U - bind l select-pane -R - - bind -r H resize-pane -L 10 - bind -r J resize-pane -D 10 - bind -r K resize-pane -U 10 - bind -r L resize-pane -R 10 - - bind < swap-pane -D - bind > swap-pane -U - - bind , swap-window -t -1 - bind . swap-window -t +1 - - bind Tab last-window - - bind _ split-window -v - bind | split-window -h - ''; - }; - }; -} diff --git a/modules/common/users.nix b/modules/common/users.nix new file mode 100644 index 0000000..ba1a89b --- /dev/null +++ b/modules/common/users.nix @@ -0,0 +1,34 @@ +{ lib, ... }: +with lib; +let + home = "/home/${my.username}"; +in +{ + imports = [ + (mkAliasOptionModule [ "my" ] [ + "users" + "users" + my.username + ]) + ]; + + ark.directories = [ home ]; + + users = { + mutableUsers = false; + + users = { + root.hashedPassword = "@HASHED_PASSWORD@"; + + ${my.username} = { + isNormalUser = true; + uid = 1000; + description = my.fullname; + inherit home; + inherit (my) hashedPassword; + openssh.authorizedKeys.keys = [ my.ssh.key ]; + extraGroups = [ "wheel" ]; + }; + }; + }; +} diff --git a/modules/common/vim/default.nix b/modules/common/vim/default.nix deleted file mode 100644 index 93729bc..0000000 --- a/modules/common/vim/default.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.vim; -in -{ - options.nixfiles.modules.vim = { - enable = mkEnableOption "Vim"; - - rc = mkOption { - type = types.str; - default = readFile ./rc.vim; - description = "Configuration file."; - }; - - plugins = mkOption { - type = with types; listOf package; - default = with pkgs.vimPlugins; [ - editorconfig-vim - vim-eunuch - vim-nix - vim-sensible - vim-sleuth - vim-surround - vim-unimpaired - ]; - description = "Plugins."; - }; - }; - - config = mkIf cfg.enable { - hm.stylix.targets.vim.enable = false; - - environment = with config.programs.vim; { - systemPackages = [ package ]; - variables = rec { - EDITOR = mkOverride 15 (getExe' package "vim"); - VISUAL = EDITOR; - }; - }; - }; -} diff --git a/modules/common/vim/rc.vim b/modules/common/vim/rc.vim deleted file mode 100644 index 3bd9eb7..0000000 --- a/modules/common/vim/rc.vim +++ /dev/null @@ -1,169 +0,0 @@ -let $VIMFILES = expand('<sfile>:p:h') - -let g:skip_defaults_vim = 1 - -let g:netrw_dirhistmax = 0 - -if has('unnamedplus') - set clipboard^=unnamedplus -else - set clipboard^=unnamed -endif - -set backspace=indent,eol,start -set diffopt+=iwhite -set hidden -set lazyredraw -set mouse= -set path+=** -set viminfo= - -set cmdheight=1 -set fillchars=vert:\ " -set modeline -set noshowmode -set shortmess+=I -set textwidth=0 -set title - -set noerrorbells -set novisualbell - -set splitbelow -set splitright - -set complete= -set complete+=. -set complete+=b -set complete+=t -set completeopt= -set completeopt+=menu -set completeopt+=longest - -set gdefault -set hlsearch -set iskeyword+=- -set magic - -set foldmethod=marker -set nofoldenable - -set shortmess= -set shortmess+=I -set shortmess+=T -set shortmess+=a -set shortmess+=c -set shortmess+=t - -set nolist -set nowrap - -set scrolloff=10 -set sidescrolloff=10 - -set number -if v:version >= 700 - set numberwidth=3 -endif - -set wildignorecase -set wildignore= - -set nobackup -set noswapfile -set noundofile -set nowritebackup - -set smartcase -set ignorecase - -set autoindent -set breakindent -set smartindent - -set expandtab -set shiftround -set shiftwidth=4 -set smarttab -set softtabstop=4 -set tabstop=4 - -set colorcolumn= -let g:EditorConfig_max_line_indicator = "none" - -nnoremap <Space> <Nop> -let mapleader=" " - -nnoremap :W :w -nnoremap :W! :w! -nnoremap :Q :q -nnoremap :Q! :q! - -nnoremap <expr> j v:count ? 'j' : 'gj' -nnoremap <expr> k v:count ? 'k' : 'gk' - -nnoremap J gt -nnoremap K gT - -nnoremap <C-A> ^h -vnoremap <C-A> ^h -nnoremap H ^h -vnoremap H ^h - -nnoremap <C-E> $ -vnoremap <C-E> $ -nnoremap L $ -vnoremap L $ - -nnoremap N Nzzzv -nnoremap n nzzzv - -inoremap <C-U> <C-g>u<C-u> -inoremap <C-W> <C-g>u<C-w> - -vnoremap < <gv -vnoremap > >gv -vnoremap <Tab> >gv -vnoremap <S-Tab> <gv -nnoremap <Tab> >>_ -nnoremap <S-Tab> <<_ - -nnoremap ]b :bnext<CR> -nnoremap [b :bprevious<CR> - -nnoremap <C-H> <C-w>h -nnoremap <C-J> <C-w>j -nnoremap <C-K> <C-w>k -nnoremap <C-R> <C-w>l - -nnoremap * /\<<C-r>=expand('<cword>')<CR>\><CR> -nnoremap # ?\<<C-r>=expand('<cword>')<CR>\><CR> - -cnoremap ;/ <C-r>=expand('%:p:h').'/'<CR> -cnoremap ;; <C-r>=expand('%:t')<CR> -cnoremap ;. <C-r>=expand('%:p:r')<CR> - -nnoremap <Leader>. :lcd %:p:h<CR> - -nnoremap Q @q - -nnoremap <Leader>c ^v$h -nnoremap <Leader>v ggVG - -nnoremap <Leader>y "+y -nnoremap <Leader>Y "+Y - -nnoremap <Leader>p "+p -nnoremap <Leader>P "+P - -inoremap <C-v> <C-c>"+pi -cnoremap <C-v> <C-r>+ - -nmap <Leader>w :w!<CR> -nmap <Leader>wq :wq!<CR> - -nnoremap ZX :qa!<CR> - -nnoremap <Leader>q :q<CR> - -command WS w !sudo tee "%" >/dev/null diff --git a/modules/common/vscode.nix b/modules/common/vscode.nix deleted file mode 100644 index bd840d8..0000000 --- a/modules/common/vscode.nix +++ /dev/null @@ -1,244 +0,0 @@ -{ - config, - inputs, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.vscode; -in -{ - options.nixfiles.modules.vscode = { - enable = mkEnableOption "VSCode"; - - package = - with pkgs; - mkOption { - type = types.enum [ - vscodium - vscode - vscode-fhs - ]; - default = vscodium; - description = "Which package to use as a VSCode implementation."; - }; - - vim.enable = mkOption { - type = types.bool; - default = true; - description = "Whether to enable Vim emulation."; - }; - }; - - config = mkIf cfg.enable { - hm = { - stylix.targets.vscode.enable = false; - - programs.vscode = - with config.nixfiles; - with modules; - with profiles; - { - enable = true; - - inherit (cfg) package; - - extensions = - with pkgs.open-vsx; - [ - editorconfig.editorconfig - efoerster.texlab - github.vscode-pull-request-github - gitlab.gitlab-workflow - golang.go - graphql.vscode-graphql - graphql.vscode-graphql-execution - graphql.vscode-graphql-syntax - hashicorp.hcl - hashicorp.terraform - haskell.haskell - jnoortheen.nix-ide - kahole.magit - mads-hartmann.bash-ide-vscode - mkhl.direnv - ms-kubernetes-tools.vscode-kubernetes-tools - ms-python.python - redhat.ansible - redhat.vscode-xml - redhat.vscode-yaml - rust-lang.rust - signageos.signageos-vscode-sops - skellock.just - streetsidesoftware.code-spell-checker - streetsidesoftware.code-spell-checker-british-english - streetsidesoftware.code-spell-checker-russian - streetsidesoftware.code-spell-checker-scientific-terms - tamasfe.even-better-toml - task.vscode-task - vscode-org-mode.org-mode - ziglang.vscode-zig - ] - ++ optional cfg.vim.enable vscodevim.vim; - - userSettings = { - editor = { - codeLens = false; - cursorStyle = "block"; - detectIndentation = true; - minimap.enabled = false; - renderWhitespace = "trailing"; - rulers = [ - 80 - 120 - ]; - smoothScrolling = false; - tabCompletion = "on"; - cursorSurroundingLines = 10; - scrollBeyondLastColumn = 10; - }; - - keyboard.dispatch = "keyCode"; - - diffEditor.codeLens = false; - - files = { - autoSave = "off"; - enableTrash = false; - }; - - workbench = { - activityBar.location = "hidden"; - colorTheme = "Default Light Modern"; - editor.highlightModifiedTabs = true; - enableExperiments = false; - settings.enableNaturalLanguageSearch = false; - startupEditor = "none"; - tips.enabled = false; - tree.indent = 4; - welcomePage = { - walkthroughs.openOnInstall = false; - preferReducedMotion = true; - }; - }; - - extensions = { - autoCheckUpdates = false; - autoUpdate = false; - ignoreRecommendations = true; - }; - - terminal.integrated = { - enableBell = true; - }; - - update = { - mode = "none"; - showReleaseNotes = false; - }; - - telemetry = { - enableCrashReporter = false; - enableTelemetry = false; - }; - - security.workspace.trust.enabled = false; - - # Extensions. - - ansible = { - ansible = { - useFullyQualifiedCollectionNames = true; - reuseTerminal = true; - }; - validation.lint.path = getExe' pkgs.ansible-lint "ansible-lint"; - }; - - bashIde.shellcheckPath = getExe' pkgs.shellcheck "shellcheck"; - - cSpell.language = "en-GB,en,ru"; - - direnv = { - restart.automatic = true; - }; - - magit = { - forge-enabled = true; - git-path = getExe config.hm.programs.git.package; - }; - - git.openRepositoryInParentFolders = "always"; - - github = { - branchProtection = true; - gitProtocol = "ssh"; - }; - - terraform = { - languageServer.path = getExe' pkgs.terraform-ls "terraform-ls"; - languageServer.terraform.path = getExe pkgs.opentofu; - }; - - haskell = { - formattingProvider = "ormolu"; - serverExecutablePath = getExe' pkgs.haskell-language-server "haskell-language-server"; - }; - - nix = { - enableLanguageServer = true; - serverPath = getExe pkgs.nil; - }; - - python = with pkgs.python311Packages; { - experiments.optOutFrom = [ "All" ]; - pipenvPath = getExe' pkgs.pipenv "pipenv"; - poetryPath = getExe' pkgs.poetry "poetry"; - formatting = { - provider = "black"; - autopep8Path = getExe' autopep8 "autopep8"; - blackPath = getExe' black "black"; - yapfPath = getExe' yapf "yapf"; - }; - linting = { - enabled = true; - banditPath = getExe' bandit "bandit"; - flake8Path = getExe' flake8 "flake8"; - mypyPath = getExe' mypy "mypy"; - pycodestylePath = getExe' pycodestyle "pycodestyle"; - pydocstylePath = getExe' pydocstyle "pydocstyle"; - pylamaPath = getExe' pylama "pylama"; - pylintPath = getExe' pylint "pylint"; - }; - testing = { - pytestPath = getExe' pytest "pytest"; - }; - }; - - rust-client = { - disableRustup = true; - rustupPath = getExe' pkgs.rustup "rustup"; - rustfmt_path = getExe pkgs.rustfmt; - }; - - vim = mkIf cfg.vim.enable { - easymotion = true; - - leader = " "; - - useSystemClipboard = true; - }; - - zig.zls = { - checkForUpdate = false; - path = getExe' pkgs.zls "zls"; - }; - - redhat.telemetry.enabled = false; - }; - }; - }; - - nixpkgs.overlays = [ inputs.vscode-extensions.overlays.default ]; - }; -} diff --git a/modules/common/wget.nix b/modules/common/wget.nix deleted file mode 100644 index 0e8ee64..0000000 --- a/modules/common/wget.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.nixfiles.modules.wget; -in -{ - options.nixfiles.modules.wget.enable = mkEnableOption "wget"; - - config = mkIf cfg.enable { - hm = { - programs.bash.shellAliases.wget = "wget --hsts-file=/tmp/wget-hsts"; - - home.sessionVariables.WGETRC = pkgs.writeText "wgetrc" '' - adjust_extension = on - dirstruct = off - follow_ftp = on - passive_ftp = off - progress = bar - quota = inf - reclevel = 5 - recursive = off - robots = off - timestamping = off - tries = 5 - wait = 0 - waitretry = 10 - ''; - }; - - environment.systemPackages = with pkgs; [ wget ]; - }; -} diff --git a/modules/common/common/xdg.nix b/modules/common/xdg.nix index 4463c15..c581369 100644 --- a/modules/common/common/xdg.nix +++ b/modules/common/xdg.nix @@ -1,5 +1,13 @@ -{ config, lib, ... }: +{ + config, + lib, + this, + ... +}: with lib; +let + cfg = config.nixfiles.modules.common.xdg; +in { imports = let @@ -68,5 +76,34 @@ with lib; videos = tmp; }; }; + defaultApplications = mkOption { + description = "Default applications."; + type = with types; attrsOf (listOf str); + default = { }; + }; + }; + + config = { + xdg.portal = mkIf this.isHeadful { enable = true; }; + + hm.xdg = mkMerge [ + (with cfg; { + enable = true; + + inherit cacheHome; + inherit configHome; + inherit dataHome; + inherit stateHome; + inherit userDirs; + }) + (mkIf this.isHeadful { + mimeApps = { + enable = true; + defaultApplications = mkMerge ( + mapAttrsToList (n: v: genAttrs v (_: [ "${n}.desktop" ])) cfg.defaultApplications + ); + }; + }) + ]; }; } diff --git a/modules/common/zathura.nix b/modules/common/zathura.nix deleted file mode 100644 index bc92258..0000000 --- a/modules/common/zathura.nix +++ /dev/null @@ -1,80 +0,0 @@ -{ config, lib, ... }: -with lib; -let - cfg = config.nixfiles.modules.zathura; -in -{ - options.nixfiles.modules.zathura.enable = mkEnableOption "Zathura PDF reader"; - - config = mkIf cfg.enable { - hm.programs.zathura = { - enable = true; - - options = { - recolor = true; - recolor-keephue = false; - recolor-reverse-video = false; - - highlight-transparency = "0.3"; - - n-completion-items = 10; - - guioptions = ""; - - statusbar-basename = true; - statusbar-home-tilde = true; - - statusbar-h-padding = 0; - statusbar-v-padding = 0; - - window-height = 800; - window-width = 600; - - window-icon = ""; - - abort-clear-search = true; - - incremental-search = true; - - adjust-open = "best-fit"; - - advance-pages-per-row = false; - - database = "sqlite"; - - dbus-service = false; - - page-padding = 0; - - pages-per-row = 1; - - render-loading = false; - - show-directories = true; - show-hidden = true; - show-recent = 10; - - link-zoom = true; - link-hadjust = true; - - window-title-basename = true; - window-title-home-tilde = true; - window-title-page = true; - - zoom-center = false; - zoom-max = 1000; - zoom-min = 10; - zoom-step = 10; - - scroll-hstep = -1; - scroll-step = 40; - scroll-full-overlap = 0; - scroll-wrap = true; - scroll-page-aware = false; - - selection-clipboard = "clipboard"; - selection-notification = false; - }; - }; - }; -} |