servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: servius:bb68711814a18f73a19acc50094d8eccd88b91e3
Branches Tags
servius:master servius:matrix-rtc
...
compare: servius:matrix-rtc
Branches Tags
servius:master servius:matrix-rtc

25 Commits
bb68711814 ... matrix-rtc

Author SHA1 Message Date
servius
1ac96316ea feat: re-enable affine service
All checks were successful
Flake checker / Build Nix targets (pull_request) Successful in 9m32s
Details
2026-02-23 17:05:03 +05:30
servius
8d636ce194 refactor(matrix): simplify LiveKit configuration to use services.livekit and services.lk-jwt-service 2026-02-23 16:32:14 +05:30
servius
bbeed99f43 refactor(affine): use Docker network option instead of --network flag 2026-02-23 16:05:09 +05:30
servius
7e6ece1b0d feat(matrix): add LiveKit support with firewall and systemd services 2026-02-23 15:49:50 +05:30
servius
60952a0e7f feat(programs): add yq package to home programs 2026-02-23 14:43:49 +05:30
servius
738013df66 refactor: update mbsync settings for Fastmail and Neomutt 2026-02-22 15:32:38 +05:30
servius
34160d0de4 feat: Updated notifications
All checks were successful
Flake checker / Build Nix targets (push) Successful in 9m27s
Details
2026-02-22 15:16:10 +05:30
servius
02b8a16f41 feat(cargo): add pkgs metadata alias
All checks were successful
Flake checker / Build Nix targets (push) Successful in 9m33s
Details
2026-02-20 03:42:46 +05:30
servius
684f6fdea5 fix(apps): make playerctl conditional to ryu device only 2026-02-20 03:42:44 +05:30
servius
7ef1785a0f feat: Added caldav 2026-02-20 03:08:24 +05:30
servius
49c0c607d8 feat: Added stuff 2026-02-20 02:01:24 +05:30
servius
ab52b423ee feat: Move stuff into programs / apps in ryu 2026-02-19 23:03:52 +05:30
servius
f852a73d47 feat: Updated to latest nixpkgs-unstable 2026-02-19 21:16:08 +05:30
servius
998ebc1164 feat(programs): add jujutsu(jj) package
All checks were successful
Flake checker / Build Nix targets (push) Successful in 9m41s
Details
2026-02-19 13:51:12 +05:30
servius
9acb378e5f feat: disable some services and disable root login from ssh altogether 2026-02-19 13:41:40 +05:30
servius
dca434c0ba Enable Audacity and add local Ollama provider configuration 
- Remove comment from audacity.nix to enable Audacity application
- Add Ollama provider configuration for local LLM access
- Configure glm-4.7-flash model with custom base URL
 2026-02-19 00:19:08 +05:30
servius
c22ff38874 feat: Added affine 2026-02-18 18:03:06 +05:30
servius
0591868be3 feat: Added affine server 2026-02-18 17:23:05 +05:30
servius
e249f13313 feat: Vertical to horizontal secondary monitor 3
All checks were successful
Flake checker / Build Nix targets (push) Successful in 9m37s
Details
2026-02-16 03:17:34 +05:30
servius
4ecf045deb feat: Added ip target for ignore ip 2026-02-16 02:48:03 +05:30
servius
05d1890b01 feat: Added steamdeck deploy target
All checks were successful
Flake checker / Build Nix targets (push) Successful in 9m35s
Details
2026-02-16 02:21:06 +05:30
servius
2babff5576 feat: Added cloudflare cli to add / remove dns entries from cli 2026-02-12 19:04:13 +05:30
servius
aa7c26516c feat: Added gitea runner
All checks were successful
Flake checker / Build Nix targets (push) Successful in 9m33s
Details
2026-02-12 16:21:36 +05:30
servius
a1369cbb41 feat(attic): Use env variable for attic login
All checks were successful
Flake checker / Build Nix targets (push) Successful in 29m34s
Details
2026-02-11 19:53:05 +05:30
servius
54c5cf932d feat: Added attic-client 2026-02-11 17:53:27 +05:30
56 changed files with 894 additions and 291 deletions
Expand all files Collapse all files

5
AGENTS.md
View File

@@ -162,6 +162,11 @@ sessionVariables.BROWSER = if device.isDarwin then "open" else "xdg-open";
just add program myprogram # Creates home/programs/myprogram.nix and adds import
```
### Adding a new dns entry
```bash
cfcli add --type A foobar.bazbar.biz 192.168.0.1
```
### Creating a Module
1. Determine location: `modules/nixos/`, `modules/darwin/`, or `modules/home/`

16
deploy.nix
View File

@@ -55,13 +55,13 @@
user = "root";
};
};
# deck = {
# hostname = "steamdeck";
# profiles.system = {
# sshUser = "deck";
# path = deploy-rs.lib.x86_64-linux.activate.home-manager self.homeConfigurations.deck;
# user = "deck";
# };
# };
deck = {
hostname = "sdeck";
profiles.system = {
sshUser = "deck";
path = deploy-rs.lib.x86_64-linux.activate.home-manager self.homeConfigurations.deck;
user = "deck";
};
};
};
}

247
flake.lock generated
View File

@@ -217,11 +217,11 @@
]
},
"locked": {
"lastModified": 1770411700,
"narHash": "sha256-VpeOlyospHF+vxE+xEGEy0utMN0d/FUDvD2dOg9ZiIo=",
"lastModified": 1770895474,
"narHash": "sha256-JBcrq1Y0uw87VZdYsByVbv+GBuT6ECaCNb9txLX9UuU=",
"owner": "hyprwm",
"repo": "aquamarine",
"rev": "b91f570bb7885df9e4a512d6e95a13960a5bdca0",
"rev": "a494d50d32b5567956b558437ceaa58a380712f7",
"type": "github"
},
"original": {
@@ -436,11 +436,11 @@
},
"crane_3": {
"locked": {
"lastModified": 1770419512,
"narHash": "sha256-o8Vcdz6B6bkiGUYkZqFwH3Pv1JwZyXht3dMtS7RchIo=",
"lastModified": 1771121070,
"narHash": "sha256-aIlv7FRXF9q70DNJPI237dEDAznSKaXmL5lfK/Id/bI=",
"owner": "ipetkov",
"repo": "crane",
"rev": "2510f2cbc3ccd237f700bb213756a8f35c32d8d7",
"rev": "a2812c19f1ed2e5ed5ce2ef7109798b575c180e1",
"type": "github"
},
"original": {
@@ -521,10 +521,10 @@
"crates-io-index": {
"flake": false,
"locked": {
"lastModified": 1770742742,
"narHash": "sha256-UbbBZtLHnTEb4uQK6Bq/ISG+awckYSMupZ8xscuFG0E=",
"lastModified": 1771515523,
"narHash": "sha256-5S4n9alO7MVlHawzeX0d7vpWzTIULWic3+1MPNUcqVM=",
"ref": "refs/heads/master",
"rev": "54ba84454081fb1af67158516b80d26ff62ed86c",
"rev": "bba640d9c272da3c4ad7e8050ee072703cf99567",
"shallow": true,
"type": "git",
"url": "https://github.com/rust-lang/crates.io-index"
@@ -558,11 +558,11 @@
"csshacks": {
"flake": false,
"locked": {
"lastModified": 1770449357,
"narHash": "sha256-GwF3Z3ZE7zEQiZ8qgUZOVY4TVYdz4V9sKj1b3A0vKxc=",
"lastModified": 1770817581,
"narHash": "sha256-rDuTVA5WvHwYsZTk4GOPQ0zvpynVU0TeuVGeg5ihndE=",
"owner": "MrOtherGuy",
"repo": "firefox-csshacks",
"rev": "4d1fbb167913664f8414d0211078ebd271af5762",
"rev": "6fc627e1cb85723fd71dd33004a3e48a13566dd2",
"type": "github"
},
"original": {
@@ -684,11 +684,11 @@
]
},
"locked": {
"lastModified": 1770733463,
"narHash": "sha256-LA2SmNxTEP1MM1K44ADc7P+VtXxCJNHYqpIHjWMv//A=",
"lastModified": 1771421933,
"narHash": "sha256-Svu784sqcgeb8cmDaV9UZh3IqaFrReTab3TdRuRoyrI=",
"owner": "christo-auer",
"repo": "eilmeldung",
"rev": "30b28cbc3795a7f71a137a61cee2c2e76a2b9464",
"rev": "2e4d5a6c29541de57062ee6194edb58e9f570825",
"type": "github"
},
"original": {
@@ -1527,11 +1527,11 @@
"zon2nix": "zon2nix"
},
"locked": {
"lastModified": 1770681729,
"narHash": "sha256-YWvUP9K+K34t8wgEksXfIWjNoAdKaZ2g94chE6ruN1A=",
"lastModified": 1771513100,
"narHash": "sha256-NbejFbBW+h5RbqKY3DUPaEk1Z+jsgVVwZNcc709RuZA=",
"owner": "ghostty-org",
"repo": "ghostty",
"rev": "41924c2d0ec50a4268250b90cf46d7b4e60b61ba",
"rev": "c11db662e6f514350cbd8fcef06f81dc95260d00",
"type": "github"
},
"original": {
@@ -1684,11 +1684,11 @@
]
},
"locked": {
"lastModified": 1770567116,
"narHash": "sha256-jM6Y8cZJRE62YPekbWn92HJaPBW99ddOXsyaXiLEdxI=",
"lastModified": 1771272718,
"narHash": "sha256-3m/58a0IuON0JRupQnyxhEgp2fHVFVNluRuG1iZVTbg=",
"owner": "tale",
"repo": "headplane",
"rev": "931a7f8d142655744087896dca1b0495a1f94379",
"rev": "9183ec294244a5a2c2b0c05f4629d7aac68eb120",
"type": "github"
},
"original": {
@@ -1746,32 +1746,11 @@
]
},
"locked": {
"lastModified": 1770654520,
"narHash": "sha256-mg5WZMIPGsFu9MxSrUcuJUPMbfMsF77el5yb/7rc10k=",
"lastModified": 1771505064,
"narHash": "sha256-lh9rF+C/nKFyWAqbHIa6tK9L/6N0UaQg7zw15aP4jBM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "6c4fdbe1ad198fac36c320fd45c5957324a80b8e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_3": {
"inputs": {
"nixpkgs": [
"zen-browser",
"nixpkgs"
]
},
"locked": {
"lastModified": 1769872935,
"narHash": "sha256-07HMIGQ/WJeAQJooA7Kkg1SDKxhAiV6eodvOwTX6WKI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f4ad5068ee8e89e4a7c2e963e10dd35cd77b37b7",
"rev": "a0a01d8811fd5e99e003078ed64a0e7b531545dd",
"type": "github"
},
"original": {
@@ -1886,11 +1865,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1770736405,
"narHash": "sha256-8PO3KC7WRVQLXLgosKY4pgXkh0qTiQFyBVDkE0KiEGE=",
"lastModified": 1771463568,
"narHash": "sha256-QblR2JnpK8x5oqabLtLTJ7HdmEI7uc57pC3/ZMfd4eA=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "5b6c42ca70c3fbc0986760c2d0be8ab7c8b833b9",
"rev": "a1e62dcb12f5547ccb786b34a46ae60ca78ec5e7",
"type": "github"
},
"original": {
@@ -2261,11 +2240,11 @@
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1770408363,
"narHash": "sha256-ocMI5t0EBxao7dRRnQi7Aa9jpBvtSZmOpPbXx8fbOjw=",
"lastModified": 1771348869,
"narHash": "sha256-v6joie0zC6omgEpb6QQxCrNi3psVg3K0SJSJyRGeOpQ=",
"owner": "JPyke3",
"repo": "hytale-launcher-nix",
"rev": "89db7a709e20525f145ea8ba729f32f8c6b43ac6",
"rev": "0e4dfdccdbb0451ea478a19bb6d4d8e2192db9f2",
"type": "github"
},
"original": {
@@ -2282,11 +2261,11 @@
]
},
"locked": {
"lastModified": 1770650416,
"narHash": "sha256-VlQQjYBxJZs1Xy9MxfCLhsskhmNVhoIvjrnsFFqTnPg=",
"lastModified": 1771485349,
"narHash": "sha256-7bLg+n/O8oOf8M9+C1EAlt6sbWAl+Nk4INAIDRt1yo8=",
"owner": "ikawrakow",
"repo": "ik_llama.cpp",
"rev": "1fdbc0dafed3d3e6fae0adb14e08f262d7f412b8",
"rev": "b855bf92de0e5500c0a93160e41d320ba75e8e6c",
"type": "github"
},
"original": {
@@ -2305,11 +2284,11 @@
]
},
"locked": {
"lastModified": 1770318091,
"narHash": "sha256-t321ttUF5dPezr7FUXDqAOiyjFq/urmYIZjNKm954Cs=",
"lastModified": 1771406976,
"narHash": "sha256-LEOtGcM8Z7MBGjgJZAQ95+TbFtE1fiM4H8JuiIYWMKo=",
"owner": "JakeStanger",
"repo": "ironbar",
"rev": "24369e38ec0bce652d123f8064f99c10ca7b289e",
"rev": "d17ee2ac27a30933fc661f8b44822862566e5a6f",
"type": "github"
},
"original": {
@@ -2328,11 +2307,11 @@
"rust-overlay": "rust-overlay_5"
},
"locked": {
"lastModified": 1770734117,
"narHash": "sha256-PNXSnK507MRj+hYMgnUR7InNJzVCmOfsjHV4YXZgpwQ=",
"lastModified": 1771492583,
"narHash": "sha256-nQzvnU4BGu8dA6BsPPCqmVcab/3ebVmHtX3ZWbW3Hxc=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "2038a9a19adb886eccba775321b055fdbdc5029d",
"rev": "5e9380994665ef66c87ab8e22c913ff837174ce4",
"type": "github"
},
"original": {
@@ -2523,11 +2502,11 @@
]
},
"locked": {
"lastModified": 1770736414,
"narHash": "sha256-x5xdJgUxNflO9j2sJHIHnPujDy6eAWJPCMQml5y9XB4=",
"lastModified": 1771371916,
"narHash": "sha256-G14VTfmzzRYxAhtEBNanQgCNA++Cv0/9iV4h/lkqX9U=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "7c952d9a524ffbbd5b5edca38fe6d943499585cc",
"rev": "aff4c008cec17d6a6760949df641ca0ea9179cac",
"type": "github"
},
"original": {
@@ -2625,11 +2604,11 @@
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1770315571,
"narHash": "sha256-hy0gcAgAcxrnSWKGuNO+Ob0x6jQ2xkR6hoaR0qJBHYs=",
"lastModified": 1771130777,
"narHash": "sha256-UIKOwG0D9XVIJfNWg6+gENAvQP+7LO46eO0Jpe+ItJ0=",
"owner": "Mic92",
"repo": "nix-index-database",
"rev": "2684bb8080a6f2ca5f9d494de5ef875bc1c4ecdb",
"rev": "efec7aaad8d43f8e5194df46a007456093c40f88",
"type": "github"
},
"original": {
@@ -2645,11 +2624,11 @@
"systems": "systems_16"
},
"locked": {
"lastModified": 1770520993,
"narHash": "sha256-ks1ZFBYlBmQ4CAM4WSmCFUtkUJzbmJ0VJH/JkKVMPqY=",
"lastModified": 1771469368,
"narHash": "sha256-yGRHre2BINQJBDAyUwxyzvgAce22J4pNdpLS8roo6fY=",
"owner": "Infinidoge",
"repo": "nix-minecraft",
"rev": "b32f4325880b4fac47b8736161a8f032dd248b70",
"rev": "a708458be9b9421e377c54d86807d3490db53816",
"type": "github"
},
"original": {
@@ -2808,11 +2787,11 @@
},
"nixpkgs-master": {
"locked": {
"lastModified": 1770742498,
"narHash": "sha256-ree7fFZebEUNtRE17RPBLTKba9Q1tzq+8joNVuty3mc=",
"lastModified": 1771514878,
"narHash": "sha256-LD3tS5k3v0/IaRb4zfXfDLzdvC3MfTAYhobzG65dTmA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "47ceb79aa04d337054647b4b1340b9224cca4e95",
"rev": "4df684f1454215cdd30d33d82eff5762ec302339",
"type": "github"
},
"original": {
@@ -2824,11 +2803,11 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1770617025,
"narHash": "sha256-1jZvgZoAagZZB6NwGRv2T2ezPy+X6EFDsJm+YSlsvEs=",
"lastModified": 1771419570,
"narHash": "sha256-bxAlQgre3pcQcaRUm/8A0v/X8d2nhfraWSFqVmMcBcU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2db38e08fdadcc0ce3232f7279bab59a15b94482",
"rev": "6d41bc27aaf7b6a3ba6b169db3bd5d6159cfaa47",
"type": "github"
},
"original": {
@@ -2850,11 +2829,11 @@
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1770545338,
"narHash": "sha256-cB/ARkxz+dcGgXJGbBardJdiuzXM/nKbXzZMUDtuD60=",
"lastModified": 1771467423,
"narHash": "sha256-W0QZgcU34PioiwoSy84usD7En5HIg3TnOta5wli3w38=",
"owner": "nix-community",
"repo": "nixpkgs-xr",
"rev": "a491d518a767077a88a8c0c0b512704dc6dccf2e",
"rev": "d4e2705e55344cc2c648765eaf63f82731d984d8",
"type": "github"
},
"original": {
@@ -2913,11 +2892,11 @@
},
"nixpkgs_13": {
"locked": {
"lastModified": 1770562336,
"narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=",
"lastModified": 1771369470,
"narHash": "sha256-0NBlEBKkN3lufyvFegY4TYv5mCNHbi5OmBDrzihbBMQ=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d6c71932130818840fc8fe9509cf50be8c64634f",
"rev": "0182a361324364ae3f436a63005877674cf45efb",
"type": "github"
},
"original": {
@@ -2974,11 +2953,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1770197578,
"narHash": "sha256-AYqlWrX09+HvGs8zM6ebZ1pwUqjkfpnv8mewYwAo+iM=",
"lastModified": 1771008912,
"narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "00c21e4c93d963c50d4c0c89bfa84ed6e0694df2",
"rev": "a82ccc39b39b621151d6732718e3e250109076fa",
"type": "github"
},
"original": {
@@ -3006,11 +2985,11 @@
},
"nixpkgs_6": {
"locked": {
"lastModified": 1770197578,
"narHash": "sha256-AYqlWrX09+HvGs8zM6ebZ1pwUqjkfpnv8mewYwAo+iM=",
"lastModified": 1771008912,
"narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "00c21e4c93d963c50d4c0c89bfa84ed6e0694df2",
"rev": "a82ccc39b39b621151d6732718e3e250109076fa",
"type": "github"
},
"original": {
@@ -3054,11 +3033,11 @@
},
"nixpkgs_9": {
"locked": {
"lastModified": 1770562336,
"narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=",
"lastModified": 1771369470,
"narHash": "sha256-0NBlEBKkN3lufyvFegY4TYv5mCNHbi5OmBDrzihbBMQ=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d6c71932130818840fc8fe9509cf50be8c64634f",
"rev": "0182a361324364ae3f436a63005877674cf45efb",
"type": "github"
},
"original": {
@@ -3075,11 +3054,11 @@
"systems": "systems_18"
},
"locked": {
"lastModified": 1770630823,
"narHash": "sha256-5SEmOnJ61vmbap39vzWEsCX5UQ+3Ul8J4mXWKdqSn3w=",
"lastModified": 1771135771,
"narHash": "sha256-wyvBIhDuyCRyjB3yPg77qoyxrlgQtBR1rVW3c9knV3E=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "6acc964664ac916c64fe4e394edd467af4d90790",
"rev": "ed0424f0b08d303a7348f52f7850ad1b2704f9ba",
"type": "github"
},
"original": {
@@ -3100,11 +3079,11 @@
"norg-meta": "norg-meta"
},
"locked": {
"lastModified": 1770575720,
"narHash": "sha256-qOY9yiJe7WjqIDS8dqB5rCuOgPz+lsnQ2UOm0R7Um8U=",
"lastModified": 1771478418,
"narHash": "sha256-95q1h+3dTOwLIZpLgvdq+OWQVCMgjkLeU1g1UB/3+lY=",
"owner": "nvim-neorg",
"repo": "nixpkgs-neorg-overlay",
"rev": "5d00faace5a0c1829cab8965ec374fc793a395c6",
"rev": "7570f673c169701a42cab9fe952ed36188329c58",
"type": "github"
},
"original": {
@@ -3160,11 +3139,11 @@
"nixpkgs": "nixpkgs_13"
},
"locked": {
"lastModified": 1770739601,
"narHash": "sha256-4uVNFZtsvXSHSxA8l6VuoTtOi26R5nociCLwtyGn/b0=",
"lastModified": 1771512979,
"narHash": "sha256-JFfNy+Lu2xpDF0nXmGcTFoKafamxxFu4hs4yf6aijK0=",
"owner": "nix-community",
"repo": "nur",
"rev": "6218df09299ada44145a6a9a0a5574cde2e76a1b",
"rev": "b24dba9151bb8d0681c41a7c48041753eb793d9a",
"type": "github"
},
"original": {
@@ -3316,11 +3295,11 @@
]
},
"locked": {
"lastModified": 1769939035,
"narHash": "sha256-Fok2AmefgVA0+eprw2NDwqKkPGEI5wvR+twiZagBvrg=",
"lastModified": 1770726378,
"narHash": "sha256-kck+vIbGOaM/dHea7aTBxdFYpeUl/jHOy5W3eyRvVx8=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "a8ca480175326551d6c4121498316261cbb5b260",
"rev": "5eaaedde414f6eb1aea8b8525c466dc37bba95ae",
"type": "github"
},
"original": {
@@ -3339,11 +3318,11 @@
]
},
"locked": {
"lastModified": 1769939035,
"narHash": "sha256-Fok2AmefgVA0+eprw2NDwqKkPGEI5wvR+twiZagBvrg=",
"lastModified": 1770726378,
"narHash": "sha256-kck+vIbGOaM/dHea7aTBxdFYpeUl/jHOy5W3eyRvVx8=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "a8ca480175326551d6c4121498316261cbb5b260",
"rev": "5eaaedde414f6eb1aea8b8525c466dc37bba95ae",
"type": "github"
},
"original": {
@@ -3563,11 +3542,11 @@
]
},
"locked": {
"lastModified": 1770520253,
"narHash": "sha256-6rWuHgSENXKnC6HGGAdRolQrnp/8IzscDn7FQEo1uEQ=",
"lastModified": 1771125043,
"narHash": "sha256-ldf/s49n6rOAxl7pYLJGGS1N/assoHkCOWdEdLyNZkc=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "ebb8a141f60bb0ec33836333e0ca7928a072217f",
"rev": "4912f951a26dc8142b176be2c2ad834319dc06e8",
"type": "github"
},
"original": {
@@ -3610,11 +3589,11 @@
]
},
"locked": {
"lastModified": 1770693064,
"narHash": "sha256-Pomhlz+3/6uRJUhKz/kJwmJUux8GTWbXlCX4/RxlXLo=",
"lastModified": 1771470520,
"narHash": "sha256-PvytHcaYN5cPUll7FB70mXv1rRsIBRmu47fFfq3haxA=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "a5f6d8a6a6868db2a3055cfe2b5dd01422780433",
"rev": "a1d4cc1f264c45d3745af0d2ca5e59d460e58777",
"type": "github"
},
"original": {
@@ -3672,11 +3651,11 @@
]
},
"locked": {
"lastModified": 1770683991,
"narHash": "sha256-xVfPvXDf9QN3Eh9dV+Lw6IkWG42KSuQ1u2260HKvpnc=",
"lastModified": 1771166946,
"narHash": "sha256-UFc4lfGBr+wJmwgDGJDn1cVD6DTr0/8TdronNUiyXlU=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "8b89f44c2cc4581e402111d928869fe7ba9f7033",
"rev": "2d0cf89b4404529778bc82de7e42b5754e0fe4fa",
"type": "github"
},
"original": {
@@ -3706,11 +3685,11 @@
"tinted-zed": "tinted-zed"
},
"locked": {
"lastModified": 1770587906,
"narHash": "sha256-N9ZTG3ia7l4iQO+9JlOj+sX4yu6gl7a3aozrlhSIJwQ=",
"lastModified": 1771428844,
"narHash": "sha256-rTzo6bZEsdT7yHUZ0B4BYe32XQZzm8SiWKvWLJnxerE=",
"owner": "nix-community",
"repo": "stylix",
"rev": "72e6483a88d51471a6c55e1d43e7ed2bc47a76a4",
"rev": "801843d10e9e22d7a00f660d069e2de70aa2980a",
"type": "github"
},
"original": {
@@ -3740,11 +3719,11 @@
"tinted-zed": "tinted-zed_2"
},
"locked": {
"lastModified": 1770308890,
"narHash": "sha256-7bx8Bn9B2g/loBaz+uLwdKI2rUW+RhDPyP/MqAgvrxU=",
"lastModified": 1771429540,
"narHash": "sha256-YKytDx8LOPOvE+dip1ja+1nbIpDVdqTaFbP4MaXwveM=",
"owner": "nix-community",
"repo": "stylix",
"rev": "7e7fa955abac04a8e118b1cedf930a8fd41c34a6",
"rev": "1a5c9d8be82127aeccc929f60b952e8a3df6b63c",
"type": "github"
},
"original": {
@@ -4398,11 +4377,11 @@
"tree-sitter-slint": {
"flake": false,
"locked": {
"lastModified": 1770217631,
"narHash": "sha256-FS1a0N2yiRyBqhxxzUgR4mTnQ81Q8CfNZTb2AQrkBPw=",
"lastModified": 1770882723,
"narHash": "sha256-A4m3jG7VjGws7pVzd7ulbhINe783shv4pc3tH8EDji0=",
"owner": "slint-ui",
"repo": "tree-sitter-slint",
"rev": "5dafe6745dd3bb24342acebe478015b642dc7135",
"rev": "a6e4e1c656429e5df52dcfcd92da87b642f6678b",
"type": "github"
},
"original": {
@@ -4490,11 +4469,11 @@
"systems": "systems_24"
},
"locked": {
"lastModified": 1770723197,
"narHash": "sha256-l7NgMCr9paBM8IhvEb7lthpcxfBbyBJUybBmX9shZ4I=",
"lastModified": 1771502217,
"narHash": "sha256-Bx9QKfFsC0bVN6O9P8DFpyzC9SJ6nbarMfWzIH/fzIg=",
"owner": "vicinaehq",
"repo": "vicinae",
"rev": "6fed5fe7c2ec4b9435885b963b8cfc7f9eec5579",
"rev": "54833492742d58428eaad093451fcd3469f0f3e5",
"type": "github"
},
"original": {
@@ -4599,17 +4578,19 @@
},
"zen-browser": {
"inputs": {
"home-manager": "home-manager_3",
"home-manager": [
"home-manager"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1770707140,
"narHash": "sha256-3ZRA2+o5p1+FKWx988WbwB1SQ2Mz5aL95zxhL5iD+O0=",
"lastModified": 1771503632,
"narHash": "sha256-qvI2afshgl062MRRpal5s76PWFev0Vm1xv4hl2+wT/8=",
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"rev": "db14437f8667f7f09784e2a4e73c105bdc1c7023",
"rev": "48e35b2df995cf65603f447d5d2e30c34e63cd3f",
"type": "github"
},
"original": {
@@ -4682,11 +4663,11 @@
"rust-overlay": "rust-overlay_10"
},
"locked": {
"lastModified": 1766016463,
"narHash": "sha256-aWp608krMtk5I+c3GXyuHkb6ugah40cBI0R52fNqMiI=",
"lastModified": 1771148613,
"narHash": "sha256-nLzdw8jskekSRrunxBDCA0NCHr/2aJjcXqZ1Fcqm5eY=",
"owner": "dj95",
"repo": "zjstatus",
"rev": "9a4b88fdceee8eb2b8c28111c53e94254d61c994",
"rev": "7a039f56da80681408454d6e175fde3f54b9e592",
"type": "github"
},
"original": {

4
flake.nix
View File

@@ -155,9 +155,9 @@
};
zen-browser = {
url = "github:0xc000022070/zen-browser-flake";
# IMPORTANT: we're using "libgbm" and is only available in unstable so ensure
# to have it up-to-date or simply don't specify the nixpkgs input
# IMPORTANT: To ensure compatibility with the latest Firefox version, use nixpkgs-unstable.
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
anyrun = {

80
home/accounts/fastmail.nix
View File

@@ -5,43 +5,61 @@
}: {
sops = {
secrets."accounts/mail/fastmail" = {};
secrets."accounts/calendar/fastmail" = {};
};
accounts.email = {
maildirBasePath = "Mail";
accounts = {
fastmail = rec {
maildir = {
path = "fastmail";
accounts = {
email = {
maildirBasePath = "Mail";
accounts = {
fastmail = rec {
maildir = {
path = "fastmail";
};
primary = true;
address = "email@uttarayan.me";
aliases = ["servius@darksailor.dev"];
userName = address;
realName = "Uttarayan Mondal";
imap = {
host = "imap.fastmail.com";
port = 993;
tls.enable = true;
# authentication = "login";
};
smtp = {
host = "smtp.fastmail.com";
port = 465;
tls.enable = true;
};
passwordCommand = ["cat" "${config.sops.secrets."accounts/mail/fastmail".path}"];
mbsync = {
enable = true;
create = "both";
};
};
primary = true;
address = "email@uttarayan.me";
aliases = ["servius@darksailor.dev"];
userName = address;
realName = "Uttarayan Mondal";
imap = {
host = "imap.fastmail.com";
port = 993;
tls.enable = true;
# authentication = "login";
};
smtp = {
host = "smtp.fastmail.com";
port = 465;
tls.enable = true;
};
imapnotify = {
enable = true;
};
passwordCommand = ["cat" "${config.sops.secrets."accounts/mail/fastmail".path}"];
mbsync = {
enable = true;
create = "both";
};
};
calendar = {
basePath = "Calendar";
accounts = {
fastmail = {
remote = {
url = "https://caldav.fastmail.com/dav/calendars/user/email@uttarayan.me";
userName = "email@uttarayan.me";
passwordCommand = ["cat" "${config.sops.secrets."accounts/calendar/fastmail".path}"];
type = "caldav";
};
khal = {
enable = true;
addresses = ["email@uttarayan.me"];
};
vdirsyncer = {
enable = true;
};
};
};
};
};
programs.mbsync.enable = true;
services.mbsync.enable = pkgs.stdenv.isLinux;
# accounts.email.accounts.<name>.mbsync.create
# services.mbsync.enable = true;
}

9
home/apps/affine.nix Normal file
View File

@@ -0,0 +1,9 @@
{
pkgs,
lib,
...
}: {
home.packages = lib.optionals pkgs.stdenv.isLinux [
pkgs.affine
];
}

13
home/apps/default.nix
View File

@@ -13,15 +13,21 @@ lib.optionalAttrs device.hasGui {
# ./ida.nix
# ./jellyflix.nix
# ./kicad.nix
# ./lmstudio.nix
# ./neovide.nix
# ./openscad.nix
# ./orcaslicer.nix
# ./pcsx2.nix
# ./prismlauncher.nix
# ./rpcs3.nix
# ./shadps4.nix
# ./thunderbird.nix
# ./tsukimi.nix
# ./vial.nix
# ./vlc.nix
# ./vscode.nix
./affine.nix
./blueman.nix
./chromium.nix
./discord.nix
@@ -29,17 +35,12 @@ lib.optionalAttrs device.hasGui {
./ghostty.nix
./hyprpicker.nix
./kitty.nix
./lmstudio.nix
./matrix.nix
./mpv.nix
./nextcloud.nix
./matrix.nix
./obs-studio.nix
./orcaslicer.nix
./prismlauncher.nix
./shadps4.nix
./slack.nix
./vicinae.nix
./vlc.nix
./wezterm.nix
./zathura.nix
./zed.nix

28
home/apps/mpv.nix
View File

@@ -8,20 +8,20 @@
loop-playlist = "inf";
};
profiles = {
hdr = {
vo = "gpu-next";
gpu-api = "vulkan";
hdr-compute-peak = "yes";
hdr-peak-detect = "yes";
target-peak = 400;
target-prim = "bt.2020";
target-trc = "pq";
inverse-tone-mapping = "yes";
tone-mapping = "spline";
tone-mapping-mode = "auto";
target-colorspace-hint = "auto";
gamut-mapping = "desaturate";
};
# hdr = {
# vo = "gpu-next";
# gpu-api = "vulkan";
# hdr-compute-peak = "yes";
# hdr-peak-detect = "yes";
# target-peak = 400;
# target-prim = "bt.2020";
# target-trc = "pq";
# inverse-tone-mapping = "yes";
# tone-mapping = "spline";
# tone-mapping-mode = "auto";
# target-colorspace-hint = "auto";
# gamut-mapping = "desaturate";
# };
};
};
}

8
home/apps/vicinae.nix
View File

@@ -12,7 +12,9 @@
autoStart = true;
};
};
home.packages = with pkgs; [
pulseaudio
];
home.packages = with pkgs;
lib.optionals (device.is "ryu") [
# pulseaudio
playerctl
];
}

43
home/apps/zen.nix
View File

@@ -2,6 +2,7 @@
pkgs,
inputs,
device,
config,
...
}: {
imports = [
@@ -10,6 +11,47 @@
programs.zen-browser = {
enable = device.isLinux;
profiles.default = {
containersForce = true;
containers = {
Personal = {
color = "purple";
icon = "fingerprint";
id = 1;
};
Work = {
color = "blue";
icon = "briefcase";
id = 2;
};
Shopping = {
color = "yellow";
icon = "dollar";
id = 3;
};
};
spacesForce = true;
spaces = let
containers = config.programs.zen-browser.profiles."default".containers;
in {
"Personal" = {
id = "";
icon = "👤";
container = containers."Personal".id;
position = 1000;
};
"Work" = {
id = "00bdd434-e31b-4e2b-b8f5-fa7055631a64";
icon = "💼";
container = containers."Work".id;
position = 2000;
};
"Shopping" = {
id = "77452260-56e6-4c9e-8d5f-417958bc4fa4";
icon = "💸";
container = containers."Shopping".id;
position = 3000;
};
};
extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
privacy-badger
violentmonkey
@@ -42,5 +84,6 @@
Fingerprinting = true;
};
};
suppressXdgMigrationWarning = true;
};
}

1
home/default.nix
View File

@@ -27,6 +27,7 @@
home-manager = {
enable = true;
};
man.generateCaches = true;
};
fonts.fontconfig.enable = true;

35
home/programs/attic.nix Normal file
View File

@@ -0,0 +1,35 @@
{
pkgs,
lib,
config,
...
}: let
attic-unwrapped = pkgs.attic-client.overrideAttrs (oldAttrs: {
patches =
(oldAttrs.patches or [])
++ [
# PR #309: Add environment variable support for login
# https://github.com/zhaofengli/attic/pull/309
(pkgs.fetchpatch {
url = "https://github.com/zhaofengli/attic/pull/309.patch";
hash = "sha256-mDoxA+e2bBZDvERp03SyYvkEdtH/bfWtZqKZv0uCS0M=";
})
];
});
in {
sops.secrets."attic/token" = {};
home.packages = [
(pkgs.stdenv.mkDerivation {
pname = "attic-client";
version = "0.1.0";
src = attic-unwrapped;
buildInputs = [];
nativeBuildInputs = [pkgs.makeWrapper];
installPhase = ''
install -Dm755 $src/bin/attic $out/bin/attic
wrapProgram $out/bin/attic \
--run "export ATTIC_LOGIN_TOKEN=\`cat -v ${config.sops.secrets."attic/token".path}\`"
'';
})
];
}

6
home/programs/calendar.nix Normal file
View File

@@ -0,0 +1,6 @@
{pkgs, ...}: {
programs.khal.enable = true;
programs.qcal.enable = true;
programs.vdirsyncer.enable = true;
accounts.calendar.accounts.fastmail.qcal.enable = true;
}

9
home/programs/carapace.nix
View File

@@ -1,13 +1,8 @@
{
pkgs,
lib,
device,
...
}: {
{...}: {
programs.
carapace = {
enable = false;
enableFishIntegration = true;
enableFishIntegration = false;
enableNushellIntegration = true;
};
}

1
home/programs/cargo.nix
View File

@@ -13,6 +13,7 @@ in
[alias]
lldb = ["with", "rust-lldb", "--"]
t = ["nextest", "run"]
pkgs = ["metadata", "--no-deps", "--format-version", "1"]
[net]
git-fetch-with-cli = true

27
home/programs/cfcli.nix Normal file
View File

@@ -0,0 +1,27 @@
{
pkgs,
lib,
config,
...
}: {
sops.secrets."cloudflare/darksailor_dev_api_key" = {};
home.packages = [
# (pkgs.stdenv.mkDerivation {
# pname = "cfcli";
# version = "0.1.0";
# buildInputs = [pkgs.cloudflare-cli];
# nativeBuildInputs = [pkgs.makeWrapper];
# installPhase = ''
# $out/bin/cfcli \
# --run "export CF_API_KEY=\`cat -v ${config.sops.secrets."cloudflare/darksailor_dev_api_key".path}\`"
# '';
# })
(pkgs.writeShellScriptBin
"cfcli"
''
#!/bin/sh
export CF_API_KEY="$(cat -v ${config.sops.secrets."cloudflare/darksailor_dev_api_key".path})"
exec ${pkgs.cloudflare-cli}/bin/cfcli "$@"
'')
];
}

5
home/programs/default.nix
View File

@@ -28,6 +28,7 @@
./alejandra.nix
./aria2.nix
./ast-grep.nix
./attic.nix
./atuin.nix
./bat.nix
./binwalk.nix
@@ -35,8 +36,10 @@
./bottom.nix
./btop.nix
./cachix.nix
./calendar.nix
./carapace.nix
./cargo.nix
./cfcli.nix
./ddcbacklight.nix
./deploy-rs.nix
./direnv.nix
@@ -55,6 +58,7 @@
./himalaya.nix
./hyprshade.nix
./jq.nix
./jujutsu.nix
./just.nix
./ncpamixer.nix
./neomutt.nix
@@ -78,5 +82,6 @@
./yazi.nix
./yt-dlp.nix
./zoxide.nix
./yq.nix
];
}

1
home/programs/fish.nix
View File

@@ -43,6 +43,7 @@
''}
'';
};
home.shell.enableFishIntegration = true;
}
// lib.optionalAttrs (!(device.is "tsuba")) {
stylix.targets.fish.enable = false;

1
home/programs/jujutsu.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.jujutsu];}

44
home/programs/neomutt.nix
View File

@@ -1,4 +1,9 @@
{pkgs, ...}: {
{pkgs, ...}: let
theme = builtins.fetchurl {
url = "https://raw.githubusercontent.com/catppuccin/neomutt/refs/heads/main/neomuttrc";
sha256 = "sha256:1q086p5maqwxa4gh6z8g7h3nfavdmkbql025ibdhglpz46hsq0hs";
};
in {
programs.neomutt = {
enable = true;
vimKeys = true;
@@ -6,6 +11,9 @@
sidebar = {
enable = true;
};
extraConfig = ''
source ${theme}
'';
};
programs.notmuch = {
enable = true;
@@ -17,4 +25,38 @@
enable = true;
neomutt.enable = true;
};
services.imapnotify = {
enable = true;
path = [pkgs.coreutils pkgs.isync pkgs.libnotify];
};
accounts.email.accounts.fastmail.imapnotify = {
enable = true;
boxes = ["Inbox"];
onNotify = "${pkgs.writeShellScript "mbsync-notify" ''
${pkgs.isync}/bin/mbsync $1
${pkgs.libnotify}/bin/notify-send "New Mail" "New email in $1"
''} %s";
};
programs.mbsync.enable = true;
services.mbsync.enable = pkgs.stdenv.isLinux;
# launchd.agents.mbsync = {
# enable = true;
# config = {
# # A label for the service
# Label = "dev.darksailor.atuin-daemon";
# # The command to run
# ProgramArguments = [
# "${pkgs.atuin}/bin/atuin"
# "daemon"
# ];
# # Run the service when you log in
# RunAtLoad = true;
# # Keep the process alive, or restart if it dies
# KeepAlive = true;
# # Log files
# StandardOutPath = "${device.home}/Library/Logs/atuin-daemon.log";
# StandardErrorPath = "${device.home}/Library/Logs/atuin-daemon.error.log";
# };
# };
}

1
home/programs/nushell.nix
View File

@@ -26,4 +26,5 @@
}
'';
};
home.shell.enableNushellIntegration = true;
}

15
home/programs/opencode.nix
View File

@@ -6,5 +6,20 @@
lib.optionalAttrs (device.is "ryu" || device.is "kuro") {
programs.opencode = {
enable = true;
settings.provider = {
ollama = {
models = {
"glm-4.7-flash" = {
# "_launch" = true;
name = "glm-4.7-flash";
};
};
name = "Ollama (local)";
npm = "@ai-sdk/openai-compatible";
options = {
baseURL = "https://ollama.darksailor.dev/v1";
};
};
};
};
}

1
home/programs/yazi.nix
View File

@@ -17,5 +17,6 @@
cache_dir = config.home.homeDirectory + "/.cache/yazi/previews";
};
};
shellWrapperName = "yy";
};
}

1
home/programs/yq.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.yq];}

4
home/services/hyprland.nix
View File

@@ -61,9 +61,9 @@
{
output = device.monitors.secondary;
mode = "2560x1440@170";
position = "-1440x-1120";
position = "-2560x0";
scale = 1;
transform = 1;
transform = 0;
}
{
output = device.monitors.tertiary;

162
modules/nixos/affine.nix Normal file
View File

@@ -0,0 +1,162 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.services.affine;
dbName = "affine";
dbUser = "affine";
in {
options.services.affine = {
enable = mkEnableOption "AFFiNE self-hosted workspace";
port = mkOption {
type = types.port;
default = 3010;
description = "Port for the AFFiNE server to listen on";
};
domain = mkOption {
type = types.str;
description = "Public domain for AFFiNE (e.g. notes.darksailor.dev)";
};
imageTag = mkOption {
type = types.str;
default = "stable";
description = "Docker image tag for AFFiNE (stable, beta, canary)";
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/affine";
description = "Base data directory for AFFiNE storage";
};
environmentFiles = mkOption {
type = types.listOf types.path;
default = [];
description = "Environment files containing secrets (DB password, etc.)";
};
};
config = mkIf cfg.enable {
# Create data directories
systemd.tmpfiles.rules = [
"d ${cfg.dataDir} 0755 root root -"
"d ${cfg.dataDir}/storage 0755 root root -"
"d ${cfg.dataDir}/config 0755 root root -"
"d ${cfg.dataDir}/postgres 0700 root root -"
"d ${cfg.dataDir}/redis 0755 root root -"
];
virtualisation.oci-containers = {
backend = "docker";
containers = {
affine-postgres = {
image = "pgvector/pgvector:pg16";
volumes = [
"${cfg.dataDir}/postgres:/var/lib/postgresql/data"
];
environment = {
POSTGRES_USER = dbUser;
POSTGRES_DB = dbName;
POSTGRES_INITDB_ARGS = "--data-checksums";
POSTGRES_HOST_AUTH_METHOD = "trust";
};
environmentFiles = cfg.environmentFiles;
extraOptions = [
"--health-cmd=pg_isready -U ${dbUser} -d ${dbName}"
"--health-interval=10s"
"--health-timeout=5s"
"--health-retries=5"
];
networks = ["affine-net"];
};
affine-redis = {
image = "redis:7";
volumes = [
"${cfg.dataDir}/redis:/data"
];
networks = ["affine-net"];
extraOptions = [
"--health-cmd=redis-cli --raw incr ping"
"--health-interval=10s"
"--health-timeout=5s"
"--health-retries=5"
];
};
affine = {
image = "ghcr.io/toeverything/affine:${cfg.imageTag}";
ports = ["127.0.0.1:${toString cfg.port}:3010"];
dependsOn = [
"affine-postgres"
"affine-redis"
"affine-migration"
];
volumes = [
"${cfg.dataDir}/storage:/root/.affine/storage"
"${cfg.dataDir}/config:/root/.affine/config"
];
environment = {
AFFINE_SERVER_PORT = "3010";
AFFINE_SERVER_HOST = cfg.domain;
AFFINE_SERVER_HTTPS = "true";
AFFINE_SERVER_EXTERNAL_URL = "https://${cfg.domain}";
REDIS_SERVER_HOST = "affine-redis";
DATABASE_URL = "postgresql://${dbUser}:$${AFFINE_DB_PASSWORD:-affine}@affine-postgres:5432/${dbName}";
AFFINE_INDEXER_ENABLED = "false";
};
environmentFiles = cfg.environmentFiles;
networks = ["affine-net"];
};
affine-migration = {
image = "ghcr.io/toeverything/affine:${cfg.imageTag}";
dependsOn = [
"affine-postgres"
"affine-redis"
];
volumes = [
"${cfg.dataDir}/storage:/root/.affine/storage"
"${cfg.dataDir}/config:/root/.affine/config"
];
cmd = ["sh" "-c" "node ./scripts/self-host-predeploy.js"];
environment = {
REDIS_SERVER_HOST = "affine-redis";
DATABASE_URL = "postgresql://${dbUser}:$${AFFINE_DB_PASSWORD:-affine}@affine-postgres:5432/${dbName}";
AFFINE_INDEXER_ENABLED = "false";
};
environmentFiles = cfg.environmentFiles;
networks = ["affine-net"];
};
};
};
# Create the Docker network
# systemd.services.affine-network = {
# description = "Create AFFiNE Docker network";
# after = ["docker.service"];
# wantedBy = ["multi-user.target"];
# serviceConfig = {
# Type = "oneshot";
# RemainAfterExit = true;
# # ExecStart = "${config.virtualisation.docker.package}/bin/docker network create affine-net";
# # ExecStop = "${config.virtualisation.docker.package}/bin/docker network remove affine-net";
# };
# };
#
# Ensure containers start after the network is created
# systemd.services.docker-affine.after = ["affine-network.service"];
# systemd.services.docker-affine.requires = ["affine-network.service"];
# systemd.services.docker-affine-postgres.after = ["affine-network.service"];
# systemd.services.docker-affine-postgres.requires = ["affine-network.service"];
# systemd.services.docker-affine-redis.after = ["affine-network.service"];
# systemd.services.docker-affine-redis.requires = ["affine-network.service"];
# systemd.services.docker-affine-migration.after = ["affine-network.service"];
# systemd.services.docker-affine-migration.requires = ["affine-network.service"];
};
}

30
neovim/default.nix
View File

@@ -620,6 +620,21 @@ in {
};
sources = {
cmdline = [];
# default =
# rawLua
# /*
# lua
# */
# ''
# function(ctx)
# local success, node = pcall(vim.treesitter.get_node)
# if success and node and vim.tbl_contains({ 'comment', 'line_comment', 'block_comment' }, node:type()) then
# return { 'buffer' }
# else
# return { 'git', 'lsp', 'path', 'snippets', 'buffer', 'dictionary', 'ripgrep', 'tmux' }
# end
# end
# '';
default = [
"git"
"lsp"
@@ -628,6 +643,7 @@ in {
"path"
"buffer"
"ripgrep"
# "tmux"
];
providers = {
buffer = {
@@ -639,23 +655,30 @@ in {
path = {};
dictionary = {
module = "blink-cmp-dictionary";
name = "Dict";
name = "dict";
min_keyword_length = 3;
opts = {
};
};
git = {
module = "blink-cmp-git";
name = "Git";
name = "git";
opts = {
# -- options for the blink-cmp-git
};
};
ripgrep = {
module = "blink-ripgrep";
name = "Ripgrep";
name = "ripgrep";
opts = {};
};
# tmux = {
# module = "blink-cmp-tmux";
# name = "tmux";
# opts = {
# triggered_only = false;
# };
# };
};
};
};
@@ -665,6 +688,7 @@ in {
blink-cmp-dictionary.enable = true;
blink-cmp-copilot.enable = true;
blink-cmp-spell.enable = true;
blink-cmp-tmux.enable = true;
blink-compat = {
enable = true;
settings.impersonate_nvim_cmp = true;

1
nixos/documentation.nix
View File

@@ -4,4 +4,5 @@
documentation.dev.enable = true;
documentation.doc.enable = true;
documentation.nixos.enable = true;
documentation.man.generateCaches = true;
}

5
nixos/ryu/apps/default.nix
View File

@@ -8,5 +8,10 @@
./easyeffects.nix
./vr.nix
./helvum.nix
# ./wine.nix
# ./virt.nix
./gparted.nix
./nvtop.nix
# ./qpwgraph.nix
];
}

3
nixos/ryu/apps/gparted.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [gparted];
}

3
nixos/ryu/apps/nvtop.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [nvtopPackages.nvidia];
}

3
nixos/ryu/apps/qpwgraph.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [qpwgraph];
}

6
nixos/ryu/apps/virt.nix Normal file
View File

@@ -0,0 +1,6 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
virt-manager
quickemu
];
}

7
nixos/ryu/apps/wine.nix Normal file
View File

@@ -0,0 +1,7 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
wine-wayland
winetricks
wineWowPackages.waylandFull
];
}

38
nixos/ryu/configuration.nix
View File

@@ -2,6 +2,7 @@
pkgs,
lib,
device,
config,
...
}: {
imports = [
@@ -47,6 +48,7 @@
auto-optimise-store = true;
extra-experimental-features = "nix-command flakes auto-allocate-uids";
trusted-users = [device.user];
extra-sandbox-paths = [config.programs.ccache.cacheDir];
};
extraOptions = ''
build-users-group = nixbld
@@ -291,42 +293,6 @@
fonts.fontconfig.enable = true;
fonts.fontDir.enable = true;
environment = {
# List packages installed in system profile. To search, run:
# $ nix search wget
systemPackages = with pkgs; [
v4l-utils
polychromatic
openrazer-daemon
cudatoolkit
# Wine
wine-wayland
winetricks
wineWowPackages.waylandFull
virt-manager
gparted
nvtopPackages.nvidia
quickemu
# (nixvim.makeNixvim (import ../../neovim))
qpwgraph
hyprland
xorg.xhost
foot
git
fish
nushell
# (pkgs.wrapFirefox
# (pkgs.firefox-unwrapped.override {pipewireSupport = true;})
# {})
gnumake
python3
nerd-fonts.fira-code
nerd-fonts.hasklug
nerd-fonts.symbols-only
monaspace
ddcutil
libnotify
];
sessionVariables = {
WLR_NO_HARDWARE_CURSORS = "1";
NIXOS_OZONE_WL = "1";

2
nixos/ryu/games/default.nix
View File

@@ -1,5 +1,5 @@
{...}: {
imports = [
./hytale.nix
# ./hytale.nix
];
}

6
nixos/ryu/programs/ccache.nix Normal file
View File

@@ -0,0 +1,6 @@
{...}: {
programs.ccache = {
enable = true;
packageNames = ["ollama" "orca-slicer" "opencv" "onnxruntime" "obs-studio" "llama-cpp"];
};
}

3
nixos/ryu/programs/cuda.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [cudatoolkit];
}

3
nixos/ryu/programs/ddcutil.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [ddcutil];
}

12
nixos/ryu/programs/default.nix
View File

@@ -4,7 +4,7 @@
./steam.nix
./1password.nix
./localsend.nix
./appimage.nix
# ./appimage.nix
./obs-studio.nix
./gnome-disks.nix
./nix-ld.nix
@@ -12,5 +12,15 @@
./droidcam.nix
./wireshark.nix
./flatpak.nix
./v4l-utils.nix
./razer.nix
./cuda.nix
./fonts.nix
./dev.nix
./shells.nix
./hyprland.nix
./foot.nix
./ddcutil.nix
./libnotify.nix
];
}

7
nixos/ryu/programs/dev.nix Normal file
View File

@@ -0,0 +1,7 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
git
gnumake
python3
];
}

8
nixos/ryu/programs/fonts.nix Normal file
View File

@@ -0,0 +1,8 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
nerd-fonts.fira-code
nerd-fonts.hasklug
nerd-fonts.symbols-only
monaspace
];
}

3
nixos/ryu/programs/foot.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [foot];
}

6
nixos/ryu/programs/hyprland.nix Normal file
View File

@@ -0,0 +1,6 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
hyprland
xorg.xhost
];
}

3
nixos/ryu/programs/libnotify.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [libnotify];
}

6
nixos/ryu/programs/razer.nix Normal file
View File

@@ -0,0 +1,6 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
polychromatic
openrazer-daemon
];
}

6
nixos/ryu/programs/shells.nix Normal file
View File

@@ -0,0 +1,6 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
fish
nushell
];
}

3
nixos/ryu/programs/v4l-utils.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [v4l-utils];
}

89
nixos/tako/services/affine.nix Normal file
View File

@@ -0,0 +1,89 @@
{config, ...}: let
domain = "notes.darksailor.dev";
in {
imports = [
../../../modules/nixos/affine.nix
];
# SOPS secrets
sops = {
secrets = {
"affine/db_password" = {};
"authelia/oidc/affine/client_id" = {
owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
mode = "0440";
restartUnits = ["authelia-darksailor.service"];
};
"authelia/oidc/affine/client_secret" = {
owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
mode = "0440";
restartUnits = ["authelia-darksailor.service"];
};
};
templates."affine.env".content = ''
AFFINE_DB_PASSWORD=${config.sops.placeholder."affine/db_password"}
POSTGRES_PASSWORD=${config.sops.placeholder."affine/db_password"}
AFFINE_SERVER_EXTERNAL_URL=https://${domain}
'';
};
# Enable AFFiNE service
services.affine = {
enable = true;
inherit domain;
environmentFiles = [
config.sops.templates."affine.env".path
];
};
# Caddy reverse proxy with SSO forward auth
services.caddy.virtualHosts."${domain}".extraConfig = ''
reverse_proxy localhost:${toString config.services.affine.port}
'';
# Authelia access control rules
services.authelia.instances.darksailor.settings = {
access_control.rules = [
{
inherit domain;
policy = "bypass";
resources = [
"^/api/(sync|awareness)([/?].*)?$"
"^/socket\\.io([/?].*)?$"
];
}
{
inherit domain;
policy = "one_factor";
}
];
# OIDC client for AFFiNE
identity_providers.oidc.clients = [
{
client_name = "AFFiNE: Darksailor";
client_id = ''{{ secret "${config.sops.secrets."authelia/oidc/affine/client_id".path}" }}'';
client_secret = ''{{ secret "${config.sops.secrets."authelia/oidc/affine/client_secret".path}" }}'';
public = false;
authorization_policy = "one_factor";
require_pkce = false;
redirect_uris = [
"https://${domain}/oauth/callback"
];
scopes = [
"openid"
"email"
"profile"
];
response_types = ["code"];
grant_types = ["authorization_code"];
userinfo_signed_response_alg = "none";
token_endpoint_auth_method = "client_secret_post";
}
];
};
# Ensure containers start after secrets are available
systemd.services.docker-affine.after = ["sops-install-secrets.service"];
systemd.services.docker-affine-migration.after = ["sops-install-secrets.service"];
systemd.services.docker-affine-postgres.after = ["sops-install-secrets.service"];
}

28
nixos/tako/services/default.nix
View File

@@ -1,31 +1,33 @@
{...}: {
imports = [
./attic.nix
./atuin.nix
./authelia.nix
./caddy.nix
./excalidraw.nix
./fail2ban.nix
./flaresolverr.nix
./games
./gitea.nix
./homepage.nix
./immich.nix
./kellnr.nix
./lldap.nix
./llms.nix
./matrix
./monitoring.nix
./navidrome.nix
./nextcloud.nix
./openssh.nix
./prowlarr.nix
./resolved.nix
./searxng.nix
./shitpost.nix
./tailscale.nix
./gitea.nix
./affine.nix
./attic.nix
./excalidraw.nix
./flaresolverr.nix
# ./games
# ./headscale.nix
./immich.nix
./kellnr.nix
# ./llms.nix
./matrix
# ./monitoring.nix
# ./paperless.nix
./prowlarr.nix
# ./searxng.nix
# ./shitpost.nix
];
services = {
nix-serve = {

1
nixos/tako/services/fail2ban.nix
View File

@@ -16,6 +16,7 @@
ignoreIP = [
"106.219.121.52"
"106.219.122.125"
"106.219.122.221"
];
};
};

32
nixos/tako/services/gitea.nix
View File

@@ -79,22 +79,22 @@
};
};
};
# gitea-actions-runner = {
# instances = {
# tako = {
# enable = true;
# name = "tako";
# url = "https://git.darksailor.dev";
# labels = [
# "ubuntu-latest:docker://catthehacker/ubuntu:full-latest"
# "ubuntu-22.04:docker://catthehacker/ubuntu:full-22.04"
# "ubuntu-20.04:docker://catthehacker/ubuntu:full-20.04"
# "native:host"
# ];
# tokenFile = "${config.sops.templates."GITEA_REGISTRATION_TOKEN.env".path}";
# };
# };
# };
gitea-actions-runner = {
instances = {
tako = {
enable = true;
name = "tako";
url = "https://git.darksailor.dev";
labels = [
"ubuntu-latest:docker://catthehacker/ubuntu:full-latest"
"ubuntu-22.04:docker://catthehacker/ubuntu:full-22.04"
"ubuntu-20.04:docker://catthehacker/ubuntu:full-20.04"
"native:host"
];
tokenFile = "${config.sops.templates."GITEA_REGISTRATION_TOKEN.env".path}";
};
};
};
caddy = {
virtualHosts."git.darksailor.dev".extraConfig = ''
reverse_proxy localhost:3000

12
nixos/tako/services/headscale.nix
View File

@@ -34,12 +34,12 @@
};
};
};
# headplane = {
# enable = true;
# settings = {
# server.port = 42562;
# };
# };
headplane = {
enable = true;
settings = {
server.port = 42562;
};
};
caddy = {
virtualHosts."headscale.darksailor.dev".extraConfig = ''
reverse_proxy localhost:${toString config.services.headplane.settings.server.port}

70
nixos/tako/services/matrix/tuwunel.nix
View File

@@ -6,6 +6,8 @@
port = 6167;
base_domain = "darksailor.dev";
client_id = "tuwunel";
rtc_domain = "matrix-rtc.${base_domain}";
jwt_port = 8081;
elementConfig = builtins.toJSON {
default_server_config = {
"m.homeserver" = {
@@ -32,6 +34,11 @@ in {
mode = "0440";
};
secrets."tuwunel/registration_token".owner = config.services.matrix-tuwunel.user;
secrets."livekit/key_name" = {};
secrets."livekit/key_secret" = {};
templates."livekit-keys".content = ''
${config.sops.placeholder."livekit/key_name"}: ${config.sops.placeholder."livekit/key_secret"}
'';
};
services.matrix-tuwunel = {
enable = true;
@@ -56,6 +63,12 @@ in {
well_known = {
client = "https://matrix.${base_domain}";
server = "matrix.${base_domain}:443";
rtc_transports = [
{
type = "livekit";
livekit_service_url = "https://${rtc_domain}";
}
];
};
};
package = pkgs.matrix-tuwunel;
@@ -73,14 +86,63 @@ in {
"${base_domain}".extraConfig = ''
reverse_proxy /.well-known/* localhost:${toString port}
'';
# "matrix.${base_domain}:8448".extraConfig = ''
# reverse_proxy /_matrix/* localhost:${toString port}
# '';
"${rtc_domain}".extraConfig = ''
@jwt_service {
path /sfu/get* /healthz*
}
handle @jwt_service {
reverse_proxy localhost:${toString jwt_port}
}
handle {
reverse_proxy localhost:${toString config.services.livekit.settings.port} {
header_up Connection "upgrade"
header_up Upgrade {http.request.header.Upgrade}
}
}
'';
};
networking.firewall = {
allowedTCPPorts = [8448 7881];
allowedUDPPorts = [3478];
allowedUDPPortRanges = [
{
from = 50300;
to = 65535;
}
];
};
networking.firewall.allowedTCPPorts = [8448];
users.users.${config.services.caddy.user}.extraGroups = [config.services.matrix-tuwunel.group];
services.livekit = {
enable = true;
keyFile = config.sops.templates."livekit-keys".path;
openFirewall = true;
settings = {
rtc = {
tcp_port = 7881;
port_range_start = 50100;
port_range_end = 50200;
use_external_ip = true;
enable_loopback_candidate = false;
};
turn = {
enabled = true;
udp_port = 3478;
relay_range_start = 50300;
relay_range_end = 65535;
domain = rtc_domain;
};
};
};
services.lk-jwt-service = {
enable = true;
port = jwt_port;
livekitUrl = "wss://${rtc_domain}";
keyFile = config.sops.templates."livekit-keys".path;
};
services = {
authelia = {
instances.darksailor = {

2
nixos/tako/services/openssh.nix
View File

@@ -2,6 +2,6 @@
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
settings.PermitRootLogin = "prohibit-password";
settings.PermitRootLogin = "no";
};
}

20
secrets/secrets.yaml
View File

File diff suppressed because one or more lines are too long