From 78b1e4eb209fc146d1f5e6e9686179f9b4a9e6ff Mon Sep 17 00:00:00 2001 From: delta Date: Sat, 8 Jun 2024 03:10:01 +0300 Subject: [PATCH 1/2] Merge dlaptop and huanan local configs --- hosts/huanan/services.nix | 16 ++++++ hosts/huanan/system.nix | 84 +++++++++++++++++++++++++++++--- pkgs/apps.nix | 3 +- pkgs/hyprland/hypr/hyprland.conf | 2 +- 4 files changed, 94 insertions(+), 11 deletions(-) create mode 100644 hosts/huanan/services.nix diff --git a/hosts/huanan/services.nix b/hosts/huanan/services.nix new file mode 100644 index 0000000..4df657f --- /dev/null +++ b/hosts/huanan/services.nix @@ -0,0 +1,16 @@ +{ pkgs, lib, inputs, ... }: +{ + services.tailscale.enable = true; + services.syncthing.enable = true; + services.blueman.enable = true; + services.tumbler.enable = true; + services.gvfs.enable = true; + services.flatpak.enable = true; + services.printing.enable = true; + services.pcscd.enable = true; + services.udev.packages = [ + pkgs.gnome.gnome-settings-daemon + pkgs.android-udev-rules + pkgs.yubikey-personalization + ]; +} \ No newline at end of file diff --git a/hosts/huanan/system.nix b/hosts/huanan/system.nix index 974f0ce..60172e5 100644 --- a/hosts/huanan/system.nix +++ b/hosts/huanan/system.nix @@ -3,9 +3,13 @@ { imports = [ ./hardware.nix - "${self}/pkgs/gnome.nix" + ./services.nix + ../dlaptop/xorg.nix "${self}/pkgs/apps.nix" + "${self}/pkgs/socks.nix" + "${self}/pkgs/scripts.nix" "${self}/pkgs/work.nix" + inputs.secrets.nixosModules.dlaptop inputs.home-manager.nixosModules.home-manager homeSettings ]; @@ -27,6 +31,29 @@ excludePackages = [ pkgs.xterm ]; }; + networking = { + hostName = "huanan"; + nameservers = [ "192.168.3.53" ]; + networkmanager.dns = "none"; + networkmanager.enable = true; + useDHCP = lib.mkDefault true; + iproute2.enable = true; + firewall = { + enable = false; + }; + }; + + security = { + sudo.wheelNeedsPassword = false; + pam.loginLimits = [{ #needed for swaylock + domain = "@users"; + item = "rtprio"; + type = "-"; + value = 1; + }]; + pam.services.swaylock = { }; + }; + hardware.nvidia = { modesetting.enable = true; powerManagement.enable = false; @@ -34,12 +61,6 @@ nvidiaSettings = true; }; - networking = { - hostName = "huanan"; - networkmanager.enable = true; - firewall.enable = false; - }; - sound.enable = true; hardware.pulseaudio.enable = false; services.pipewire = { @@ -49,6 +70,53 @@ pulse.enable = true; }; + virtualisation = { + podman = { + enable = true; + dockerCompat = true; + }; + spiceUSBRedirection.enable = true; + libvirtd.enable = true; + }; + + environment.systemPackages = with pkgs; [ + multipath-tools #ZFS in LUKS mount + + openvpn + any-nix-shell + comma + + #work scripts + openconnect + oath-toolkit + expect + + # Thunar stuff + ffmpegthumbnailer + webp-pixbuf-loader + freetype + poppler + f3d + nufraw-thumbnailer + + android-tools + tor-browser + #inputs.anyrun.packages.${pkgs.system}.anyrun + sops + yubikey-manager-qt + yubico-piv-tool + yubioath-flutter + yubikey-personalization + yubikey-personalization-gui + age-plugin-yubikey + age + rage + lua5_4 + nodePackages_latest.nodejs + + rocmPackages.rocm-smi #gpu support in btop + ]; + services.openssh.enable = true; - system.stateVersion = "23.11"; # Did you read the comment? + system.stateVersion = "23.11"; } diff --git a/pkgs/apps.nix b/pkgs/apps.nix index 11bf784..8b42af3 100644 --- a/pkgs/apps.nix +++ b/pkgs/apps.nix @@ -67,7 +67,7 @@ in { wlogout nom localsend - trayscale + ktailctl fishPlugins.done monero-gui translate-shell @@ -116,7 +116,6 @@ in { element-desktop qrtool appimage-run - trayscale lf (pkgs.writeScriptBin "reboot" ''read -p "Do you REALLY want to reboot? (y/N) " answer; [[ $answer == [Yy]* ]] && ${pkgs.systemd}/bin/reboot'') ]); diff --git a/pkgs/hyprland/hypr/hyprland.conf b/pkgs/hyprland/hypr/hyprland.conf index be7d1b0..9b33664 100644 --- a/pkgs/hyprland/hypr/hyprland.conf +++ b/pkgs/hyprland/hypr/hyprland.conf @@ -50,7 +50,7 @@ exec-once = foot -s exec-once = thunar --daemon exec-once = hypridle exec-once = hyprctl setcursor Bibata-Modern-Classic 16 -exec-once = trayscale --hide-window +# exec-once = trayscale --hide-window # change tp ktailctl later # exec-once = hyprctl dispatch -- exec [workspace special:hdrop silent] "QT_QPA_PLATFORM=xcb telegram-desktop" exec-once = /home/delta/.config/hypr/hdrop -b -g '30' -h '60' -f 'keepassxc_lite' --class org.keepassxc.KeePassXC exec-once = dropbox From c016a23c7e1180ad9cbf73e6bf030f0a06939f3e Mon Sep 17 00:00:00 2001 From: delta Date: Mon, 10 Jun 2024 18:38:07 +0300 Subject: [PATCH 2/2] small edits on huanan + intelnuc --- hosts/huanan/services.nix | 7 +++++++ hosts/huanan/system.nix | 1 + hosts/intelnuc/nginx-work.nix | 28 ++++++++++++++-------------- pkgs/hyprland/hypr/hyprland.conf | 5 +++-- pkgs/socks.nix | 1 + pkgs/waybar/style.css | 2 +- 6 files changed, 27 insertions(+), 17 deletions(-) diff --git a/hosts/huanan/services.nix b/hosts/huanan/services.nix index 4df657f..7435305 100644 --- a/hosts/huanan/services.nix +++ b/hosts/huanan/services.nix @@ -8,9 +8,16 @@ services.flatpak.enable = true; services.printing.enable = true; services.pcscd.enable = true; + services.udev.packages = [ pkgs.gnome.gnome-settings-daemon pkgs.android-udev-rules pkgs.yubikey-personalization ]; + + users.groups.cloudflared = { }; + users.users.cloudflared = { + group = "cloudflared"; + isSystemUser = true; + }; } \ No newline at end of file diff --git a/hosts/huanan/system.nix b/hosts/huanan/system.nix index 60172e5..e8deab3 100644 --- a/hosts/huanan/system.nix +++ b/hosts/huanan/system.nix @@ -31,6 +31,7 @@ excludePackages = [ pkgs.xterm ]; }; + systemd.services.NetworkManager-wait-online.enable = false; #just makes boot time longer networking = { hostName = "huanan"; nameservers = [ "192.168.3.53" ]; diff --git a/hosts/intelnuc/nginx-work.nix b/hosts/intelnuc/nginx-work.nix index 87b1686..61af09d 100644 --- a/hosts/intelnuc/nginx-work.nix +++ b/hosts/intelnuc/nginx-work.nix @@ -4,8 +4,8 @@ services.nginx.virtualHosts."grafana" = { forceSSL = false; listen = [ - {port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP - {port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS + {port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP + {port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS ]; extraConfig = '' ssl_certificate /run/secrets/cert; @@ -31,8 +31,8 @@ services.nginx.virtualHosts."keycloak" = { forceSSL = false; listen = [ - {port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP - {port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS + {port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP + {port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS ]; extraConfig = '' ssl_certificate /run/secrets/cert; @@ -50,8 +50,8 @@ services.nginx.virtualHosts."kibana" = { forceSSL = false; listen = [ - {port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP - {port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS + {port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP + {port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS ]; extraConfig = '' ssl_certificate /run/secrets/cert; @@ -68,8 +68,8 @@ services.nginx.virtualHosts."zabbix" = { forceSSL = false; listen = [ - {port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP - {port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS + {port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP + {port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS ]; extraConfig = '' ssl_certificate /run/secrets/cert; @@ -87,8 +87,8 @@ services.nginx.virtualHosts."prox-1" = { forceSSL = false; listen = [ - {port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP - {port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS + {port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP + {port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS ]; extraConfig = '' ssl_certificate /run/secrets/cert; @@ -113,8 +113,8 @@ services.nginx.virtualHosts."prox-2" = { forceSSL = false; listen = [ - {port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP - {port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS + {port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP + {port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS ]; extraConfig = '' ssl_certificate /run/secrets/cert; @@ -139,8 +139,8 @@ services.nginx.virtualHosts."prox-3" = { forceSSL = false; listen = [ - {port = 80; addr = "0.0.0.0"; ssl = false;} # Listen on port 80 for HTTP - {port = 443; addr = "0.0.0.0"; ssl = true;} # Listen on port 443 for HTTPS + {port = 80; addr = "100.92.15.128"; ssl = false;} # Listen on port 80 for HTTP + {port = 443; addr = "100.92.15.128"; ssl = true;} # Listen on port 443 for HTTPS ]; extraConfig = '' ssl_certificate /run/secrets/cert; diff --git a/pkgs/hyprland/hypr/hyprland.conf b/pkgs/hyprland/hypr/hyprland.conf index 9b33664..31d2e97 100644 --- a/pkgs/hyprland/hypr/hyprland.conf +++ b/pkgs/hyprland/hypr/hyprland.conf @@ -361,6 +361,7 @@ bind = $mainMod, RETURN, exec, footclient bind = $mainMod, Q, exec, footclient # bind = ALT, RETURN, exec, sh -c "/home/delta/.config/hypr/hdrop -g '30' -h '98' -p t -f kitty --class kitty_drop" bind = ALT, RETURN, exec, hyprdrop kitty -i kitty_hyprdrop +bind = ALT, RETURN, exec, hyprctl dispatch centerwindow 1 bind = ALT, X, exec, sh -c "/home/delta/.config/hypr/hdrop -g '30' -h '60' -f 'keepassxc_lite' --class org.keepassxc.KeePassXC" # bind = ALT, T, exec, sh -c "QT_QPA_PLATFORM=xcb /home/delta/.config/hypr/hdrop -h '60' -g '30' -f 'telegram-desktop' --class TelegramDesktop" #bind = $mainMod SHIFT, RETURN, exec, alacritty #open the terminal @@ -400,8 +401,8 @@ bind = ALT, SPACE, exec, pypr shift_monitors +1 # K R A S I V O bind = $mainMod, P, pseudo, # dwindle #bind = $mainMod, J, togglesplit, # dwindle #bind = $mainMod, S, exec, grim -g "$(slurp)" - | tee >(swappy -f -) | wl-copy # take a screenshot -bind = $mainMod, S, exec, grimblast --freeze copy area # take a screenshot -bind = $mainMod SHIFT, S, exec, grim -g "$(slurp)" - | qrtool decode | tee >(wl-copy) >(notify-send --icon=clipboard "QR Code Content" "$(cat)") +bind = $mainMod, S, exec,XCURSOR_SIZE=16 grimblast --freeze copy area # take a screenshot +bind = $mainMod SHIFT, S, exec,XCURSOR_SIZE=16 sh -c 'grim -g "$(slurp)" - | qrtool decode | tee >(wl-copy) >(notify-send --icon=clipboard "QR Code Content" "$(cat)")' bind = $mainMod, Print, exec, /home/delta/.config/hypr/grimblast.sh # take a screenshot # bind = $mainMod, Print, exec, /home/delta/scripts/screenshoter.sh # take a screenshot bind = ,Print , exec, wl-paste | swappy -f - # take a screenshot diff --git a/pkgs/socks.nix b/pkgs/socks.nix index a19ccc0..ca01172 100644 --- a/pkgs/socks.nix +++ b/pkgs/socks.nix @@ -1,6 +1,7 @@ { pkgs, lib, inputs, ... }: let nixpkgs2305 = import inputs.nixpkgs2305 { system = "${pkgs.system}"; config = { allowUnfree = true; }; }; + socksBuilder = { name, script, autostart ? true, socketConfig ? null }: { inherit name; diff --git a/pkgs/waybar/style.css b/pkgs/waybar/style.css index 12b41a2..baa671c 100644 --- a/pkgs/waybar/style.css +++ b/pkgs/waybar/style.css @@ -1,7 +1,7 @@ * { border: none; border-radius: 0; - font-family: "IosevkaDiosevka"; + font-family: "Iosevka Comfy Wide Duo"; font-weight: bold; font-size: 16px; min-height: 0;