mirror of
https://github.com/deltathetawastaken/dotfiles.git
synced 2025-12-06 07:16:37 +03:00
Merge branch 'main' of https://github.com/deltathetawastaken/dotfiles
This commit is contained in:
delta
commit
0b0d8f4aaf
23
hosts/huanan/services.nix
Normal file
23
hosts/huanan/services.nix
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
{ pkgs, lib, inputs, ... }:
|
||||
{
|
||||
services.tailscale.enable = true;
|
||||
services.syncthing.enable = true;
|
||||
services.blueman.enable = true;
|
||||
services.tumbler.enable = true;
|
||||
services.gvfs.enable = true;
|
||||
services.flatpak.enable = true;
|
||||
services.printing.enable = true;
|
||||
services.pcscd.enable = true;
|
||||
|
||||
services.udev.packages = [
|
||||
pkgs.gnome.gnome-settings-daemon
|
||||
pkgs.android-udev-rules
|
||||
pkgs.yubikey-personalization
|
||||
];
|
||||
|
||||
users.groups.cloudflared = { };
|
||||
users.users.cloudflared = {
|
||||
group = "cloudflared";
|
||||
isSystemUser = true;
|
||||
};
|
||||
}
|
||||
|
|
@ -3,9 +3,13 @@
|
|||
{
|
||||
imports = [
|
||||
./hardware.nix
|
||||
"${self}/pkgs/gnome.nix"
|
||||
./services.nix
|
||||
../dlaptop/xorg.nix
|
||||
"${self}/pkgs/apps.nix"
|
||||
"${self}/pkgs/socks.nix"
|
||||
"${self}/pkgs/scripts.nix"
|
||||
"${self}/pkgs/work.nix"
|
||||
inputs.secrets.nixosModules.dlaptop
|
||||
inputs.home-manager.nixosModules.home-manager homeSettings
|
||||
];
|
||||
|
||||
|
|
@ -27,6 +31,30 @@
|
|||
excludePackages = [ pkgs.xterm ];
|
||||
};
|
||||
|
||||
systemd.services.NetworkManager-wait-online.enable = false; #just makes boot time longer
|
||||
networking = {
|
||||
hostName = "huanan";
|
||||
nameservers = [ "192.168.3.53" ];
|
||||
networkmanager.dns = "none";
|
||||
networkmanager.enable = true;
|
||||
useDHCP = lib.mkDefault true;
|
||||
iproute2.enable = true;
|
||||
firewall = {
|
||||
enable = false;
|
||||
};
|
||||
};
|
||||
|
||||
security = {
|
||||
sudo.wheelNeedsPassword = false;
|
||||
pam.loginLimits = [{ #needed for swaylock
|
||||
domain = "@users";
|
||||
item = "rtprio";
|
||||
type = "-";
|
||||
value = 1;
|
||||
}];
|
||||
pam.services.swaylock = { };
|
||||
};
|
||||
|
||||
hardware.nvidia = {
|
||||
modesetting.enable = true;
|
||||
powerManagement.enable = false;
|
||||
|
|
@ -34,12 +62,6 @@
|
|||
nvidiaSettings = true;
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = "huanan";
|
||||
networkmanager.enable = true;
|
||||
firewall.enable = false;
|
||||
};
|
||||
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = false;
|
||||
services.pipewire = {
|
||||
|
|
@ -49,6 +71,53 @@
|
|||
pulse.enable = true;
|
||||
};
|
||||
|
||||
virtualisation = {
|
||||
podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
};
|
||||
spiceUSBRedirection.enable = true;
|
||||
libvirtd.enable = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
multipath-tools #ZFS in LUKS mount
|
||||
|
||||
openvpn
|
||||
any-nix-shell
|
||||
comma
|
||||
|
||||
#work scripts
|
||||
openconnect
|
||||
oath-toolkit
|
||||
expect
|
||||
|
||||
# Thunar stuff
|
||||
ffmpegthumbnailer
|
||||
webp-pixbuf-loader
|
||||
freetype
|
||||
poppler
|
||||
f3d
|
||||
nufraw-thumbnailer
|
||||
|
||||
android-tools
|
||||
tor-browser
|
||||
#inputs.anyrun.packages.${pkgs.system}.anyrun
|
||||
sops
|
||||
yubikey-manager-qt
|
||||
yubico-piv-tool
|
||||
yubioath-flutter
|
||||
yubikey-personalization
|
||||
yubikey-personalization-gui
|
||||
age-plugin-yubikey
|
||||
age
|
||||
rage
|
||||
lua5_4
|
||||
nodePackages_latest.nodejs
|
||||
|
||||
rocmPackages.rocm-smi #gpu support in btop
|
||||
];
|
||||
|
||||
services.openssh.enable = true;
|
||||
system.stateVersion = "23.11"; # Did you read the comment?
|
||||
system.stateVersion = "23.11";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@
|
|||
services.nginx.virtualHosts."grafana" = {
|
||||
forceSSL = false;
|
||||
listen = [
|
||||
{port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
{port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
];
|
||||
extraConfig = ''
|
||||
ssl_certificate /run/secrets/cert;
|
||||
|
|
@ -31,8 +31,8 @@
|
|||
services.nginx.virtualHosts."keycloak" = {
|
||||
forceSSL = false;
|
||||
listen = [
|
||||
{port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
{port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
];
|
||||
extraConfig = ''
|
||||
ssl_certificate /run/secrets/cert;
|
||||
|
|
@ -50,8 +50,8 @@
|
|||
services.nginx.virtualHosts."kibana" = {
|
||||
forceSSL = false;
|
||||
listen = [
|
||||
{port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
{port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
];
|
||||
extraConfig = ''
|
||||
ssl_certificate /run/secrets/cert;
|
||||
|
|
@ -68,8 +68,8 @@
|
|||
services.nginx.virtualHosts."zabbix" = {
|
||||
forceSSL = false;
|
||||
listen = [
|
||||
{port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
{port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
];
|
||||
extraConfig = ''
|
||||
ssl_certificate /run/secrets/cert;
|
||||
|
|
@ -87,8 +87,8 @@
|
|||
services.nginx.virtualHosts."prox-1" = {
|
||||
forceSSL = false;
|
||||
listen = [
|
||||
{port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
{port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
];
|
||||
extraConfig = ''
|
||||
ssl_certificate /run/secrets/cert;
|
||||
|
|
@ -113,8 +113,8 @@
|
|||
services.nginx.virtualHosts."prox-2" = {
|
||||
forceSSL = false;
|
||||
listen = [
|
||||
{port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
{port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
];
|
||||
extraConfig = ''
|
||||
ssl_certificate /run/secrets/cert;
|
||||
|
|
@ -139,8 +139,8 @@
|
|||
services.nginx.virtualHosts."prox-3" = {
|
||||
forceSSL = false;
|
||||
listen = [
|
||||
{port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
{port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP
|
||||
{port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS
|
||||
];
|
||||
extraConfig = ''
|
||||
ssl_certificate /run/secrets/cert;
|
||||
|
|
|
|||
|
|
@ -67,7 +67,7 @@ in {
|
|||
wlogout
|
||||
nom
|
||||
localsend
|
||||
trayscale
|
||||
ktailctl
|
||||
fishPlugins.done
|
||||
monero-gui
|
||||
translate-shell
|
||||
|
|
@ -116,7 +116,6 @@ in {
|
|||
element-desktop
|
||||
qrtool
|
||||
appimage-run
|
||||
trayscale
|
||||
lf
|
||||
(pkgs.writeScriptBin "reboot" ''read -p "Do you REALLY want to reboot? (y/N) " answer; [[ $answer == [Yy]* ]] && ${pkgs.systemd}/bin/reboot'')
|
||||
]);
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ exec-once = foot -s
|
|||
exec-once = thunar --daemon
|
||||
exec-once = hypridle
|
||||
exec-once = hyprctl setcursor Bibata-Modern-Classic 16
|
||||
exec-once = trayscale --hide-window
|
||||
# exec-once = trayscale --hide-window # change tp ktailctl later
|
||||
# exec-once = hyprctl dispatch -- exec [workspace special:hdrop silent] "QT_QPA_PLATFORM=xcb telegram-desktop"
|
||||
exec-once = /home/delta/.config/hypr/hdrop -b -g '30' -h '60' -f 'keepassxc_lite' --class org.keepassxc.KeePassXC
|
||||
exec-once = dropbox
|
||||
|
|
@ -401,7 +401,7 @@ bind = ALT, SPACE, exec, pypr shift_monitors +1 # K R A S I V O
|
|||
bind = $mainMod, P, pseudo, # dwindle
|
||||
#bind = $mainMod, J, togglesplit, # dwindle
|
||||
#bind = $mainMod, S, exec, grim -g "$(slurp)" - | tee >(swappy -f -) | wl-copy # take a screenshot
|
||||
bind = $mainMod, S, exec,XCURSOR_SIZE=16 grimblast --freeze copy area # take a screenshot
|
||||
bind = $mainMod, S, exec, grimblast --freeze copy area # take a screenshot
|
||||
bind = $mainMod SHIFT, S, exec, grim -g "$(slurp)" - | qrtool decode | tee >(wl-copy) >(notify-send --icon=clipboard "QR Code Content" "$(cat)")
|
||||
bind = $mainMod, Print, exec, /home/delta/.config/hypr/grimblast.sh # take a screenshot
|
||||
# bind = $mainMod, Print, exec, /home/delta/scripts/screenshoter.sh # take a screenshot
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
{ pkgs, lib, inputs, ... }:
|
||||
let
|
||||
nixpkgs2305 = import inputs.nixpkgs2305 { system = "${pkgs.system}"; config = { allowUnfree = true; }; };
|
||||
|
||||
socksBuilder = { name, script, autostart ? true, socketConfig ? null }:
|
||||
{
|
||||
inherit name;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
* {
|
||||
border: none;
|
||||
border-radius: 0;
|
||||
font-family: "IosevkaDiosevka";
|
||||
font-family: "Iosevka Comfy Wide Duo";
|
||||
font-weight: bold;
|
||||
font-size: 16px;
|
||||
min-height: 0;
|
||||
|
|
|
|||
Loading…
Reference in a new issue