From 5f34d3280708f5e72dc07e645225f8023262a4af Mon Sep 17 00:00:00 2001 From: kiri Date: Sat, 28 Feb 2026 19:41:14 +0100 Subject: [PATCH] Commit --- GEMINI.md | 27 + _ref/den | 1 + _ref/quasigod-nixconfig | 1 + modules/apps/bitwarden.nix | 32 + modules/apps/email.nix | 121 ++++ modules/{ => apps}/helium.nix | 2 +- modules/apps/mpv.nix | 49 ++ modules/apps/pim.nix | 86 +++ modules/{ => apps}/syncthing.nix | 0 modules/bitwarden.nix | 18 - modules/core/defaults.nix | 34 ++ modules/{ => core}/nix.nix | 2 +- modules/{ => core}/region.nix | 3 +- modules/{ => core}/xdg.nix | 0 modules/defaults.nix | 14 - modules/{ => desktop}/niri.nix | 0 modules/desktop/noctalia.nix | 571 ++++++++++++++++++ modules/{ => desktop}/sddm.nix | 0 modules/dev.nix | 21 - modules/dev/dev.nix | 28 + modules/{ => dev}/neovim/default.nix | 0 modules/{ => dev}/neovim/lua-config/init.lua | 0 .../neovim/lua-config/lua/options.lua | 0 .../neovim/lua-config/lua/plugins/coding.lua | 0 .../neovim/lua-config/lua/plugins/editor.lua | 0 .../neovim/lua-config/lua/plugins/lsp.lua | 0 .../neovim/lua-config/lua/plugins/ui.lua | 0 modules/{ => dev}/shell.nix | 0 modules/{ => dev}/terminal.nix | 11 - modules/email.nix | 114 ---- modules/hosts.nix | 29 - modules/hosts/orion/default.nix | 44 ++ .../{ => hosts/orion}/orion-disk-config.nix | 0 modules/{ => hosts/orion}/orion-hardware.nix | 0 .../polaris/default.nix} | 9 +- .../{ => hosts/polaris}/polaris-hardware.nix | 0 modules/keys.nix | 61 +- modules/kiri.nix | 16 - modules/noctalia.nix | 564 ----------------- modules/nvf.nix | 244 -------- modules/orion.nix | 134 ---- modules/pim.nix | 79 --- modules/{ => profiles}/workstation.nix | 77 +-- modules/secrets/sops.nix | 43 +- modules/services/actual.nix | 26 + modules/services/caddy.nix | 19 + modules/services/gitea.nix | 40 ++ modules/services/openssh.nix | 21 + modules/services/radicale.nix | 37 ++ modules/services/vaultwarden.nix | 29 + modules/state.nix | 10 - modules/users.nix | 21 - modules/users/kiri.nix | 51 ++ 53 files changed, 1303 insertions(+), 1386 deletions(-) create mode 100644 GEMINI.md create mode 160000 _ref/den create mode 160000 _ref/quasigod-nixconfig create mode 100644 modules/apps/bitwarden.nix create mode 100644 modules/apps/email.nix rename modules/{ => apps}/helium.nix (68%) create mode 100644 modules/apps/mpv.nix create mode 100644 modules/apps/pim.nix rename modules/{ => apps}/syncthing.nix (100%) delete mode 100644 modules/bitwarden.nix create mode 100644 modules/core/defaults.nix rename modules/{ => core}/nix.nix (96%) rename modules/{ => core}/region.nix (93%) rename modules/{ => core}/xdg.nix (100%) delete mode 100644 modules/defaults.nix rename modules/{ => desktop}/niri.nix (100%) create mode 100644 modules/desktop/noctalia.nix rename modules/{ => desktop}/sddm.nix (100%) delete mode 100644 modules/dev.nix create mode 100644 modules/dev/dev.nix rename modules/{ => dev}/neovim/default.nix (100%) rename modules/{ => dev}/neovim/lua-config/init.lua (100%) rename modules/{ => dev}/neovim/lua-config/lua/options.lua (100%) rename modules/{ => dev}/neovim/lua-config/lua/plugins/coding.lua (100%) rename modules/{ => dev}/neovim/lua-config/lua/plugins/editor.lua (100%) rename modules/{ => dev}/neovim/lua-config/lua/plugins/lsp.lua (100%) rename modules/{ => dev}/neovim/lua-config/lua/plugins/ui.lua (100%) rename modules/{ => dev}/shell.nix (100%) rename modules/{ => dev}/terminal.nix (89%) delete mode 100644 modules/email.nix delete mode 100644 modules/hosts.nix create mode 100644 modules/hosts/orion/default.nix rename modules/{ => hosts/orion}/orion-disk-config.nix (100%) rename modules/{ => hosts/orion}/orion-hardware.nix (100%) rename modules/{polaris.nix => hosts/polaris/default.nix} (62%) rename modules/{ => hosts/polaris}/polaris-hardware.nix (100%) delete mode 100644 modules/kiri.nix delete mode 100644 modules/noctalia.nix delete mode 100644 modules/nvf.nix delete mode 100644 modules/orion.nix delete mode 100644 modules/pim.nix rename modules/{ => profiles}/workstation.nix (71%) create mode 100644 modules/services/actual.nix create mode 100644 modules/services/caddy.nix create mode 100644 modules/services/gitea.nix create mode 100644 modules/services/openssh.nix create mode 100644 modules/services/radicale.nix create mode 100644 modules/services/vaultwarden.nix delete mode 100644 modules/state.nix delete mode 100644 modules/users.nix create mode 100644 modules/users/kiri.nix diff --git a/GEMINI.md b/GEMINI.md new file mode 100644 index 0000000..da5afe5 --- /dev/null +++ b/GEMINI.md @@ -0,0 +1,27 @@ +# Gemini Context & Project Guidelines + +This file serves as persistent contextual memory for the Gemini CLI when working on this NixOS configuration project. + +## Architecture: The `den` Framework +This repository manages NixOS and Home Manager configurations using the `den` framework. The approach here drastically differs from standard NixOS setups. + +### Core Concepts & Rules +1. **Freeform Schemas over Custom Options:** Do not use legacy Nix module options (`lib.mkOption`, `lib.mkIf`) to define simple user/host properties (like email addresses, domains, or names). Instead, attach properties directly to the host or user definition objects in `hosts//default.nix` or `users/.nix`. Den's freeform entity schemas will pass these through the context pipeline automatically. +2. **Parametric Aspects:** When a module requires access to host or user variables (like `user.email` or `host.domain`), the aspect MUST be wrapped in `den.lib.parametric`. + * *Example:* `lux.myapp = den.lib.parametric { includes = [ ({ user, ... }: { ... }) ]; };` +3. **Decentralized Host & User Definitions:** Do not centralize host definitions in a single file. Follow the `quasigod` reference structure: + * **Hosts** declare themselves in `modules/hosts//default.nix` (e.g., `den.hosts.x86_64-linux.orion = { ... }`). + * **Users** bind themselves to hosts in their own user files in `modules/users/.nix` (e.g., `den.hosts.x86_64-linux.orion.users.kiri = userAccount // { ... }`). +4. **App Categories & Naming:** + * `/modules/desktop/`: GUI, Wayland, display managers, WMs. + * `/modules/dev/`: Developer tools, terminal, neovim. + * `/modules/apps/`: User-level software (PIM, Bitwarden, MPV, Email). Note: `pim.nix` stands for Personal Information Management and is an app, not a user definition. + * `/modules/services/`: System-level daemons (Caddy, Gitea, Vaultwarden). + * `/modules/profiles/`: Aggregations (like workstation/server). + +### Common Pitfalls & Lessons Learned +* **`home-manager` vs `homeManager`:** When defining class configurations inside a parametric function, the key for Home Manager is strictly `homeManager` (camelCase). Writing `home-manager.programs...` will cause evaluation errors because `home-manager` is not the class name used by the schema. +* **`user` is an Object:** In context parameters (`{ user, ... }:`), `user` is an attribute set, not a string. Do not interpolate it directly as a string (`"${user}"`); use `${user.name}`. +* **Namespace Inclusion:** The project uses the `lux` namespace. When an aspect needs to pull in other aspects, use `with lux; [ ... ]` rather than writing out `den.ful.lux...` repeatedly. +* **Abstracting Paths:** Never hardcode `/home/`. Inside `homeManager` modules, use `config.home.homeDirectory`. Inside `nixos` modules (like SOPS), use `/home/${user.name}` where `user` is provided by the parametric context. +* **Git Status dependency:** When moving, creating, or renaming files (`mv`, `mkdir`), they must be staged in Git (`git add `) before running `nix flake check`, otherwise the flake evaluator will not see the changes and will throw "undefined variable" or "path does not exist" errors. \ No newline at end of file diff --git a/_ref/den b/_ref/den new file mode 160000 index 0000000..311d77a --- /dev/null +++ b/_ref/den @@ -0,0 +1 @@ +Subproject commit 311d77a3afee7c0f3cd3d4f494b5129b17c12aa2 diff --git a/_ref/quasigod-nixconfig b/_ref/quasigod-nixconfig new file mode 160000 index 0000000..e8204cf --- /dev/null +++ b/_ref/quasigod-nixconfig @@ -0,0 +1 @@ +Subproject commit e8204cf923d7d828f94b3c798f0efc5afaaa8d4d diff --git a/modules/apps/bitwarden.nix b/modules/apps/bitwarden.nix new file mode 100644 index 0000000..596a8e6 --- /dev/null +++ b/modules/apps/bitwarden.nix @@ -0,0 +1,32 @@ +{ den, ... }: +{ + lux.bitwarden = den.lib.parametric { + includes = [ + ( + { user, ... }: + { + homeManager = + { pkgs, ... }: + { + programs.rbw.settings = { + email = user.email; + base_url = "https://vault.${user.serverDomain}"; + }; + }; + } + ) + ]; + + homeManager = + { pkgs, ... }: + { + home.packages = [ pkgs.bitwarden-desktop ]; + programs.rbw = { + enable = true; + settings = { + pinentry = pkgs.pinentry-qt; + }; + }; + }; + }; +} diff --git a/modules/apps/email.nix b/modules/apps/email.nix new file mode 100644 index 0000000..687e163 --- /dev/null +++ b/modules/apps/email.nix @@ -0,0 +1,121 @@ +{ den, ... }: +{ + lux.email = den.lib.parametric { + includes = [ + ( + { user, ... }: + { + homeManager = + { ... }: + { + programs.thunderbird = { + enable = true; + profiles.${user.name} = { + isDefault = true; + withExternalGnupg = true; + settings = { + # LAYOUT: Force 3-Pane Vertical View (Folders | List | Message) + "mail.ui.display.message_pane_vertical" = true; + + # APPEARANCE: Enable "Cards View" (modern multi-line list) + # Note: 'cards' is the value for the new view + "mail.ui.display.thread_pane_view_type" = "cards"; + + # DENSITY: "Compact" is usually cleaner for tech-savvy users + "mail.uidensity" = 1; # 0=Default, 1=Compact, 2=Touch + + # PRIVACY & CLEANUP + "privacy.donottrackheader.enabled" = true; + "mail.server.server2.hidden" = true; # Hide "Local Folders" + + # Start page disable for faster boot + "mailnews.start_page.enabled" = false; + + # Disable the "Get a new email address" feature in account manager + "mail.provider.enabled" = false; + + "layout.css.devPixelsPerPx" = 0.85; + }; + }; + }; + + accounts.email.accounts = { + main = { + enable = true; + primary = true; + address = user.email; + imap = { + authentication = "plain"; + host = "taylor.mxrouting.net"; + port = 993; + tls.enable = true; + }; + realName = user.realName; + smtp = { + authentication = "plain"; + host = "taylor.mxrouting.net"; + port = 465; + tls.enable = true; + }; + userName = user.email; + + thunderbird.enable = true; + }; + + old = { + enable = true; + address = user.emails.old; + imap = { + authentication = "plain"; + host = "taylor.mxrouting.net"; + port = 993; + tls.enable = true; + }; + realName = user.realName; + smtp = { + authentication = "plain"; + host = "taylor.mxrouting.net"; + port = 465; + tls.enable = true; + }; + userName = user.emails.old; + + thunderbird.enable = true; + }; + + uni = { + enable = true; + flavor = "outlook.office365.com"; + address = user.emails.uni; + realName = user.realName; + userName = user.emails.uni; + thunderbird = { + enable = true; + settings = id: { + "mail.smtpserver.smtp_${id}.authMethod" = 10; + "mail.server.server_${id}.authMethod" = 10; + }; + }; + }; + + work = { + enable = true; + flavor = "outlook.office365.com"; + address = user.emails.work; + realName = user.realName; + userName = user.emails.work; + thunderbird = { + enable = true; + settings = id: { + "mail.smtpserver.smtp_${id}.authMethod" = 10; + "mail.server.server_${id}.authMethod" = 10; + }; + }; + }; + }; + }; + } + ) + ]; + }; +} diff --git a/modules/helium.nix b/modules/apps/helium.nix similarity index 68% rename from modules/helium.nix rename to modules/apps/helium.nix index f51e5c1..9814380 100644 --- a/modules/helium.nix +++ b/modules/apps/helium.nix @@ -5,7 +5,7 @@ { pkgs, ... }: { home.packages = [ - (pkgs.callPackage ../programs/helium.nix { }) + (pkgs.callPackage ../../programs/helium.nix { }) ]; }; }; diff --git a/modules/apps/mpv.nix b/modules/apps/mpv.nix new file mode 100644 index 0000000..00dc147 --- /dev/null +++ b/modules/apps/mpv.nix @@ -0,0 +1,49 @@ +{ + lux.mpv = { + homeManager = + { pkgs, ... }: + { + programs.mpv = { + enable = true; + bindings = { + D = "cycle deband"; + }; + config = { + profile = "high-quality"; + + osc = "no"; + border = "no"; + + vo = "gpu-next"; + gpu-api = "vulkan"; + hwdec = "vulkan"; + + demuxer-mkv-subtitle-preroll = "yes"; + sub-auto = "fuzzy"; + + sub-gauss = 1.0; + sub-gray = "yes"; + + tone-mapping = "bt.2446a"; + + keep-open = "yes"; + save-position-on-quit = "yes"; + + volume-max = 150; + + deband = "yes"; + deband-iterations = 2; + deband-threshold = 64; + deband-range = 17; + deband-grain = 12; + }; + scripts = with pkgs.mpvScripts; [ + modernz + thumbfast + mpris + autosub + ]; + }; + }; + }; +} diff --git a/modules/apps/pim.nix b/modules/apps/pim.nix new file mode 100644 index 0000000..15226ff --- /dev/null +++ b/modules/apps/pim.nix @@ -0,0 +1,86 @@ +{ den, ... }: +{ + lux.pim = den.lib.parametric { + includes = [ + ( + { user, ... }: + { + homeManager = + { config, ... }: + let + calendarsPath = "${config.xdg.dataHome}/calendars"; + in + { + programs.pimsync.enable = true; + services.pimsync.enable = true; + + programs.khal = { + # FIXME: Temporarily disabled because of bug in nixpkgs-unstable (27-02-26) + enable = false; + locale = { + timeformat = "%H:%M"; + dateformat = "$m-$d"; + }; + }; + + programs.todoman = { + enable = true; + glob = "*/*"; + extraConfig = '' + date_format = "%Y-%m-%d" + time_format = "%H:%M" + default_list = "personal" + default_due = 0 + default_command = "list --sort priority,due" + humanize = True + ''; + }; + + accounts.calendar = { + basePath = calendarsPath; + accounts = { + "radicale" = { + primary = true; + primaryCollection = "personal"; + + local = { + type = "filesystem"; + fileExt = ".ics"; + }; + + remote = { + url = "https://radicale.${user.serverDomain}/"; + type = "caldav"; + userName = user.name; + passwordCommand = [ + "rbw" + "get" + "Radicale" + ]; + }; + + pimsync = { + enable = true; + extraPairDirectives = [ + { + name = "collections"; + params = [ "from b" ]; + } + ]; + }; + + khal = { + enable = true; + type = "discover"; + color = "light blue"; + }; + }; + }; + }; + + }; + } + ) + ]; + }; +} diff --git a/modules/syncthing.nix b/modules/apps/syncthing.nix similarity index 100% rename from modules/syncthing.nix rename to modules/apps/syncthing.nix diff --git a/modules/bitwarden.nix b/modules/bitwarden.nix deleted file mode 100644 index 12c2175..0000000 --- a/modules/bitwarden.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ pkgs, config, ... }: -{ - lux.bitwarden = { - homeManager = - { pkgs, ... }: - { - home.packages = [ pkgs.bitwarden-desktop ]; - programs.rbw = { - enable = true; - settings = { - base_url = "https://vault.jelles.net"; - email = "mail@jelles.net"; - pinentry = pkgs.pinentry-qt; - }; - }; - }; - }; -} diff --git a/modules/core/defaults.nix b/modules/core/defaults.nix new file mode 100644 index 0000000..bc60d7f --- /dev/null +++ b/modules/core/defaults.nix @@ -0,0 +1,34 @@ +{ inputs, den, ... }: +{ + systems = [ "x86_64-linux" ]; + + den.ctx.default = + let + configState = "24.05"; + in + { + nixos.system.stateVersion = configState; + homeManager.home.stateVersion = configState; + }; + + den.ctx.host = { + includes = [ + den._.define-user + # Set all hostnames automatically + ( + { host, ... }: + { + nixos = { + networking.hostName = host.name; + }; + } + ) + ]; + + nixos = { + users.mutableUsers = false; + }; + }; + + den.ctx.hm-host.nixos.home-manager.useGlobalPkgs = true; +} diff --git a/modules/nix.nix b/modules/core/nix.nix similarity index 96% rename from modules/nix.nix rename to modules/core/nix.nix index a2bb744..c0f8464 100644 --- a/modules/nix.nix +++ b/modules/core/nix.nix @@ -1,6 +1,6 @@ { inputs, ... }: { - den.default = { + den.ctx.host = { nixos = { nixpkgs.config.allowUnfree = true; diff --git a/modules/region.nix b/modules/core/region.nix similarity index 93% rename from modules/region.nix rename to modules/core/region.nix index efc4637..beff965 100644 --- a/modules/region.nix +++ b/modules/core/region.nix @@ -1,5 +1,6 @@ +{ ... }: { - den.default.nixos = { + lux.region-nl.nixos = { time.timeZone = "Europe/Amsterdam"; i18n.defaultLocale = "en_US.UTF-8"; diff --git a/modules/xdg.nix b/modules/core/xdg.nix similarity index 100% rename from modules/xdg.nix rename to modules/core/xdg.nix diff --git a/modules/defaults.nix b/modules/defaults.nix deleted file mode 100644 index 1d2246e..0000000 --- a/modules/defaults.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ inputs, den, ... }: -{ - systems = [ "x86_64-linux" ]; - - den.default.includes = [ - den._.define-user - den._.home-manager - ]; - - den.default.nixos = { - users.mutableUsers = false; - home-manager.useGlobalPkgs = true; - }; -} diff --git a/modules/niri.nix b/modules/desktop/niri.nix similarity index 100% rename from modules/niri.nix rename to modules/desktop/niri.nix diff --git a/modules/desktop/noctalia.nix b/modules/desktop/noctalia.nix new file mode 100644 index 0000000..6270545 --- /dev/null +++ b/modules/desktop/noctalia.nix @@ -0,0 +1,571 @@ +{ inputs, den, ... }: +{ + lux.noctalia = den.lib.parametric { + includes = [ + ( + { user, ... }: + { + homeManager = + { pkgs, config, ... }: + { + imports = [ inputs.noctalia.homeModules.default ]; + + programs.noctalia-shell = { + enable = true; + package = inputs.noctalia.packages.${pkgs.stdenv.hostPlatform.system}.default.override { + calendarSupport = true; + }; + + systemd.enable = true; + settings = { + settingsVersion = 53; + bar = { + barType = "simple"; + position = "top"; + monitors = [ ]; + density = "default"; + showOutline = false; + showCapsule = true; + capsuleOpacity = 1; + capsuleColorKey = "none"; + backgroundOpacity = 0.93; + useSeparateOpacity = false; + floating = false; + marginVertical = 4; + marginHorizontal = 4; + frameThickness = 8; + frameRadius = 12; + outerCorners = true; + hideOnOverview = false; + displayMode = "always_visible"; + autoHideDelay = 500; + autoShowDelay = 150; + widgets = { + left = [ + { + icon = "rocket"; + iconColor = "none"; + id = "Launcher"; + } + { + clockColor = "none"; + customFont = ""; + formatHorizontal = "HH:mm ddd, MMM dd"; + formatVertical = "HH mm - dd MM"; + id = "Clock"; + tooltipFormat = "HH:mm ddd, MMM dd"; + useCustomFont = false; + } + { + characterCount = 2; + colorizeIcons = false; + emptyColor = "secondary"; + enableScrollWheel = true; + focusedColor = "primary"; + followFocusedScreen = false; + groupedBorderOpacity = 1; + hideUnoccupied = false; + iconScale = 0.8; + id = "Workspace"; + labelMode = "index"; + occupiedColor = "secondary"; + pillSize = 0.6; + reverseScroll = false; + showApplications = false; + showBadge = true; + showLabelsOnlyWhenOccupied = true; + unfocusedIconsOpacity = 1; + } + ]; + center = [ + { + colorizeIcons = false; + hideMode = "hidden"; + id = "ActiveWindow"; + maxWidth = 400; + scrollingMode = "hover"; + showIcon = true; + textColor = "none"; + useFixedWidth = false; + } + ]; + right = [ + { + compactMode = false; + compactShowAlbumArt = true; + compactShowVisualizer = false; + hideMode = "hidden"; + hideWhenIdle = false; + id = "MediaMini"; + maxWidth = 145; + panelShowAlbumArt = true; + panelShowVisualizer = true; + scrollingMode = "hover"; + showAlbumArt = true; + showArtistFirst = true; + showProgressRing = true; + showVisualizer = false; + textColor = "none"; + useFixedWidth = false; + visualizerType = "linear"; + } + { + blacklist = [ ]; + chevronColor = "none"; + colorizeIcons = false; + drawerEnabled = true; + hidePassive = false; + id = "Tray"; + pinned = [ ]; + } + { + hideWhenZero = false; + hideWhenZeroUnread = false; + iconColor = "none"; + id = "NotificationHistory"; + showUnreadBadge = true; + unreadBadgeColor = "primary"; + } + { + displayMode = "onhover"; + iconColor = "none"; + id = "Volume"; + middleClickCommand = "pwvucontrol || pavucontrol"; + textColor = "none"; + } + { + colorizeDistroLogo = false; + colorizeSystemIcon = "none"; + customIconPath = ""; + enableColorization = false; + icon = "noctalia"; + id = "ControlCenter"; + useDistroLogo = false; + } + ]; + }; + screenOverrides = [ ]; + }; + general = { + avatarImage = "${config.home.homeDirectory}/.face"; + dimmerOpacity = 0; + showScreenCorners = false; + forceBlackScreenCorners = false; + scaleRatio = 1; + radiusRatio = 1; + iRadiusRatio = 1; + boxRadiusRatio = 1; + screenRadiusRatio = 1; + animationSpeed = 1; + animationDisabled = false; + compactLockScreen = false; + lockScreenAnimations = false; + lockOnSuspend = true; + showSessionButtonsOnLockScreen = true; + showHibernateOnLockScreen = false; + enableShadows = true; + shadowDirection = "bottom_right"; + shadowOffsetX = 2; + shadowOffsetY = 3; + language = ""; + allowPanelsOnScreenWithoutBar = true; + showChangelogOnStartup = true; + telemetryEnabled = false; + enableLockScreenCountdown = true; + lockScreenCountdownDuration = 10000; + autoStartAuth = false; + allowPasswordWithFprintd = false; + clockStyle = "custom"; + clockFormat = "hh\\nmm"; + lockScreenMonitors = [ ]; + lockScreenBlur = 0; + lockScreenTint = 0; + keybinds = { + keyUp = [ + "Up" + ]; + keyDown = [ + "Down" + ]; + keyLeft = [ + "Left" + ]; + keyRight = [ + "Right" + ]; + keyEnter = [ + "Return" + ]; + keyEscape = [ + "Esc" + ]; + keyRemove = [ + "Del" + ]; + }; + }; + ui = { + fontDefault = "Comfortaa Medium"; + fontFixed = "FiraCode Nerd Font"; + fontDefaultScale = 1; + fontFixedScale = 1; + tooltipsEnabled = true; + panelBackgroundOpacity = 1; + panelsAttachedToBar = true; + settingsPanelMode = "attached"; + wifiDetailsViewMode = "grid"; + bluetoothDetailsViewMode = "grid"; + networkPanelView = "wifi"; + bluetoothHideUnnamedDevices = false; + boxBorderEnabled = false; + }; + location = { + name = "Meterik, Limburg"; + weatherEnabled = true; + weatherShowEffects = true; + useFahrenheit = false; + use12hourFormat = false; + showWeekNumberInCalendar = true; + showCalendarEvents = true; + showCalendarWeather = true; + analogClockInCalendar = false; + firstDayOfWeek = -1; + hideWeatherTimezone = false; + hideWeatherCityName = false; + }; + calendar = { + cards = [ + { + enabled = true; + id = "calendar-header-card"; + } + { + enabled = true; + id = "calendar-month-card"; + } + { + enabled = true; + id = "weather-card"; + } + ]; + }; + wallpaper = { + enabled = true; + overviewEnabled = false; + directory = "${config.home.homeDirectory}/media/images/wallpapers"; + monitorDirectories = [ ]; + enableMultiMonitorDirectories = false; + showHiddenFiles = false; + viewMode = "recursive"; + setWallpaperOnAllMonitors = true; + fillMode = "crop"; + fillColor = "#000000"; + useSolidColor = false; + solidColor = "#1a1a2e"; + automationEnabled = false; + wallpaperChangeMode = "random"; + randomIntervalSec = 300; + transitionDuration = 1500; + transitionType = "random"; + skipStartupTransition = false; + transitionEdgeSmoothness = 0.05; + panelPosition = "follow_bar"; + hideWallpaperFilenames = false; + overviewBlur = 0.4; + overviewTint = 0.6; + useWallhaven = false; + wallhavenQuery = ""; + wallhavenSorting = "relevance"; + wallhavenOrder = "desc"; + wallhavenCategories = "111"; + wallhavenPurity = "100"; + wallhavenRatios = ""; + wallhavenApiKey = ""; + wallhavenResolutionMode = "atleast"; + wallhavenResolutionWidth = ""; + wallhavenResolutionHeight = ""; + sortOrder = "name"; + favorites = [ ]; + }; + appLauncher = { + enableClipboardHistory = true; + autoPasteClipboard = false; + enableClipPreview = true; + clipboardWrapText = true; + clipboardWatchTextCommand = "wl-paste --type text --watch cliphist store"; + clipboardWatchImageCommand = "wl-paste --type image --watch cliphist store"; + position = "top_center"; + pinnedApps = [ ]; + useApp2Unit = false; + sortByMostUsed = true; + terminalCommand = "kitty -e"; + customLaunchPrefixEnabled = false; + customLaunchPrefix = ""; + viewMode = "grid"; + showCategories = true; + iconMode = "tabler"; + showIconBackground = false; + enableSettingsSearch = true; + enableWindowsSearch = true; + enableSessionSearch = true; + ignoreMouseInput = false; + screenshotAnnotationTool = ""; + overviewLayer = false; + density = "default"; + }; + controlCenter = { + position = "close_to_bar_button"; + diskPath = "/"; + shortcuts = { + left = [ + { + id = "Network"; + } + { + id = "Bluetooth"; + } + { + id = "WallpaperSelector"; + } + { + id = "NoctaliaPerformance"; + } + ]; + right = [ + { + id = "Notifications"; + } + { + id = "PowerProfile"; + } + { + id = "KeepAwake"; + } + { + id = "NightLight"; + } + ]; + }; + cards = [ + { + enabled = true; + id = "profile-card"; + } + { + enabled = true; + id = "shortcuts-card"; + } + { + enabled = true; + id = "audio-card"; + } + { + enabled = false; + id = "brightness-card"; + } + { + enabled = true; + id = "weather-card"; + } + { + enabled = true; + id = "media-sysmon-card"; + } + ]; + }; + systemMonitor = { + cpuWarningThreshold = 80; + cpuCriticalThreshold = 90; + tempWarningThreshold = 80; + tempCriticalThreshold = 90; + gpuWarningThreshold = 80; + gpuCriticalThreshold = 90; + memWarningThreshold = 80; + memCriticalThreshold = 90; + swapWarningThreshold = 80; + swapCriticalThreshold = 90; + diskWarningThreshold = 80; + diskCriticalThreshold = 90; + diskAvailWarningThreshold = 20; + diskAvailCriticalThreshold = 10; + batteryWarningThreshold = 20; + batteryCriticalThreshold = 5; + enableDgpuMonitoring = false; + useCustomColors = false; + warningColor = ""; + criticalColor = ""; + externalMonitor = "resources || missioncenter || jdsystemmonitor || corestats || system-monitoring-center || gnome-system-monitor || plasma-systemmonitor || mate-system-monitor || ukui-system-monitor || deepin-system-monitor || pantheon-system-monitor"; + }; + dock = { + enabled = false; + position = "bottom"; + displayMode = "auto_hide"; + backgroundOpacity = 1; + floatingRatio = 1; + size = 1; + onlySameOutput = true; + monitors = [ ]; + pinnedApps = [ ]; + colorizeIcons = false; + pinnedStatic = false; + inactiveIndicators = false; + deadOpacity = 0.6; + animationSpeed = 1; + }; + network = { + wifiEnabled = true; + airplaneModeEnabled = false; + bluetoothRssiPollingEnabled = false; + bluetoothRssiPollIntervalMs = 60000; + wifiDetailsViewMode = "grid"; + bluetoothDetailsViewMode = "grid"; + bluetoothHideUnnamedDevices = false; + disableDiscoverability = false; + }; + sessionMenu = { + enableCountdown = true; + countdownDuration = 10000; + position = "center"; + showHeader = true; + showKeybinds = true; + largeButtonsStyle = true; + largeButtonsLayout = "single-row"; + powerOptions = [ + { + action = "lock"; + enabled = true; + keybind = "1"; + } + { + action = "suspend"; + enabled = true; + keybind = "2"; + } + { + action = "hibernate"; + enabled = true; + keybind = "3"; + } + { + action = "reboot"; + enabled = true; + keybind = "4"; + } + { + action = "logout"; + enabled = true; + keybind = "5"; + } + { + action = "shutdown"; + enabled = true; + keybind = "6"; + } + ]; + }; + notifications = { + enabled = true; + density = "default"; + monitors = [ ]; + location = "top_right"; + overlayLayer = true; + backgroundOpacity = 1; + respectExpireTimeout = false; + lowUrgencyDuration = 3; + normalUrgencyDuration = 8; + criticalUrgencyDuration = 15; + saveToHistory = { + low = true; + normal = true; + critical = true; + }; + sounds = { + enabled = false; + volume = 0.5; + separateSounds = false; + criticalSoundFile = ""; + normalSoundFile = ""; + lowSoundFile = ""; + excludedApps = "discord,firefox,chrome,chromium,edge"; + }; + enableMediaToast = false; + enableKeyboardLayoutToast = true; + enableBatteryToast = true; + }; + osd = { + enabled = true; + location = "top_right"; + autoHideMs = 2000; + overlayLayer = true; + backgroundOpacity = 1; + enabledTypes = [ + 0 + 1 + 2 + ]; + monitors = [ ]; + }; + audio = { + volumeStep = 5; + volumeOverdrive = false; + cavaFrameRate = 30; + visualizerType = "linear"; + mprisBlacklist = [ ]; + preferredPlayer = ""; + volumeFeedback = false; + }; + brightness = { + brightnessStep = 5; + enforceMinimum = true; + enableDdcSupport = false; + }; + colorSchemes = { + useWallpaperColors = false; + predefinedScheme = "Kanagawa"; + darkMode = true; + schedulingMode = "off"; + manualSunrise = "06:30"; + manualSunset = "18:30"; + generationMethod = "tonal-spot"; + monitorForColors = ""; + }; + templates = { + activeTemplates = [ ]; + enableUserTheming = false; + }; + nightLight = { + enabled = false; + forced = false; + autoSchedule = true; + nightTemp = "4000"; + dayTemp = "6500"; + manualSunrise = "06:30"; + manualSunset = "18:30"; + }; + hooks = { + enabled = false; + wallpaperChange = ""; + darkModeChange = ""; + screenLock = ""; + screenUnlock = ""; + performanceModeEnabled = ""; + performanceModeDisabled = ""; + startup = ""; + session = ""; + }; + plugins = { + autoUpdate = false; + }; + desktopWidgets = { + enabled = false; + gridSnap = false; + monitorWidgets = [ ]; + }; + }; + }; + }; + } + ) + ]; + }; +} diff --git a/modules/sddm.nix b/modules/desktop/sddm.nix similarity index 100% rename from modules/sddm.nix rename to modules/desktop/sddm.nix diff --git a/modules/dev.nix b/modules/dev.nix deleted file mode 100644 index 6ca2a78..0000000 --- a/modules/dev.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ - lux.dev = { - homeManager = { - programs.git = { - enable = true; - settings = { - # TODO: Don't hardcode name and mail - user.name = "kiri"; - user.email = "mail@jelles.net"; - init.defaultBranch = "main"; - }; - }; - - programs.direnv = { - enable = true; - enableZshIntegration = true; - nix-direnv.enable = true; - }; - }; - }; -} diff --git a/modules/dev/dev.nix b/modules/dev/dev.nix new file mode 100644 index 0000000..e2cc1f6 --- /dev/null +++ b/modules/dev/dev.nix @@ -0,0 +1,28 @@ +{ den, ... }: +{ + lux.dev = den.lib.parametric { + includes = [ + ( + { user, ... }: + { + homeManager.programs.git = { + enable = true; + settings = { + user.name = user.name; + user.email = user.email; + init.defaultBranch = "main"; + }; + }; + } + ) + ]; + + homeManager = { + programs.direnv = { + enable = true; + enableZshIntegration = true; + nix-direnv.enable = true; + }; + }; + }; +} diff --git a/modules/neovim/default.nix b/modules/dev/neovim/default.nix similarity index 100% rename from modules/neovim/default.nix rename to modules/dev/neovim/default.nix diff --git a/modules/neovim/lua-config/init.lua b/modules/dev/neovim/lua-config/init.lua similarity index 100% rename from modules/neovim/lua-config/init.lua rename to modules/dev/neovim/lua-config/init.lua diff --git a/modules/neovim/lua-config/lua/options.lua b/modules/dev/neovim/lua-config/lua/options.lua similarity index 100% rename from modules/neovim/lua-config/lua/options.lua rename to modules/dev/neovim/lua-config/lua/options.lua diff --git a/modules/neovim/lua-config/lua/plugins/coding.lua b/modules/dev/neovim/lua-config/lua/plugins/coding.lua similarity index 100% rename from modules/neovim/lua-config/lua/plugins/coding.lua rename to modules/dev/neovim/lua-config/lua/plugins/coding.lua diff --git a/modules/neovim/lua-config/lua/plugins/editor.lua b/modules/dev/neovim/lua-config/lua/plugins/editor.lua similarity index 100% rename from modules/neovim/lua-config/lua/plugins/editor.lua rename to modules/dev/neovim/lua-config/lua/plugins/editor.lua diff --git a/modules/neovim/lua-config/lua/plugins/lsp.lua b/modules/dev/neovim/lua-config/lua/plugins/lsp.lua similarity index 100% rename from modules/neovim/lua-config/lua/plugins/lsp.lua rename to modules/dev/neovim/lua-config/lua/plugins/lsp.lua diff --git a/modules/neovim/lua-config/lua/plugins/ui.lua b/modules/dev/neovim/lua-config/lua/plugins/ui.lua similarity index 100% rename from modules/neovim/lua-config/lua/plugins/ui.lua rename to modules/dev/neovim/lua-config/lua/plugins/ui.lua diff --git a/modules/shell.nix b/modules/dev/shell.nix similarity index 100% rename from modules/shell.nix rename to modules/dev/shell.nix diff --git a/modules/terminal.nix b/modules/dev/terminal.nix similarity index 89% rename from modules/terminal.nix rename to modules/dev/terminal.nix index ba1bd4f..ea56b80 100644 --- a/modules/terminal.nix +++ b/modules/dev/terminal.nix @@ -4,17 +4,6 @@ homeManager = { pkgs, ... }: { - programs.alacritty = { - enable = true; - theme = "kanagawa_wave"; - settings = { - window.padding = { - x = 5; - y = 5; - }; - }; - }; - programs.kitty = { enable = true; font = { diff --git a/modules/email.nix b/modules/email.nix deleted file mode 100644 index dc1c11d..0000000 --- a/modules/email.nix +++ /dev/null @@ -1,114 +0,0 @@ -{ config, ... }: -{ - lux.email = { - homeManager = - { ... }: - { - programs.thunderbird = { - enable = true; - profiles.kiri = { - isDefault = true; - withExternalGnupg = true; - settings = { - # LAYOUT: Force 3-Pane Vertical View (Folders | List | Message) - "mail.ui.display.message_pane_vertical" = true; - - # APPEARANCE: Enable "Cards View" (modern multi-line list) - # Note: 'cards' is the value for the new view - "mail.ui.display.thread_pane_view_type" = "cards"; - - # DENSITY: "Compact" is usually cleaner for tech-savvy users - "mail.uidensity" = 1; # 0=Default, 1=Compact, 2=Touch - - # PRIVACY & CLEANUP - "privacy.donottrackheader.enabled" = true; - "mail.server.server2.hidden" = true; # Hide "Local Folders" - - # Start page disable for faster boot - "mailnews.start_page.enabled" = false; - - # Disable the "Get a new email address" feature in account manager - "mail.provider.enabled" = false; - - "layout.css.devPixelsPerPx" = 0.85; - }; - }; - }; - - accounts.email.accounts = { - main = { - enable = true; - primary = true; - address = "mail@jelles.net"; - imap = { - authentication = "plain"; - host = "taylor.mxrouting.net"; - port = 993; - tls.enable = true; - }; - realName = "Jelle Spreeuwenberg"; - smtp = { - authentication = "plain"; - host = "taylor.mxrouting.net"; - port = 465; - tls.enable = true; - }; - userName = "mail@jelles.net"; - - thunderbird.enable = true; - }; - - old = { - enable = true; - address = "mail@jellespreeuwenberg.nl"; - imap = { - authentication = "plain"; - host = "taylor.mxrouting.net"; - port = 993; - tls.enable = true; - }; - realName = "Jelle Spreeuwenberg"; - smtp = { - authentication = "plain"; - host = "taylor.mxrouting.net"; - port = 465; - tls.enable = true; - }; - userName = "mail@jellespreeuwenberg.nl"; - - thunderbird.enable = true; - }; - - uni = { - enable = true; - flavor = "outlook.office365.com"; - address = "j.spreeuwenberg@student.tue.nl"; - realName = "Jelle Spreeuwenberg"; - userName = "j.spreeuwenberg@student.tue.nl"; - thunderbird = { - enable = true; - settings = id: { - "mail.smtpserver.smtp_${id}.authMethod" = 10; - "mail.server.server_${id}.authMethod" = 10; - }; - }; - }; - - work = { - enable = true; - flavor = "outlook.office365.com"; - address = "jelle.spreeuwenberg@yookr.org"; - realName = "Jelle Spreeuwenberg"; - userName = "jelle.spreeuwenberg@yookr.org"; - thunderbird = { - enable = true; - settings = id: { - "mail.smtpserver.smtp_${id}.authMethod" = 10; - "mail.server.server_${id}.authMethod" = 10; - }; - }; - }; - }; - }; - }; -} diff --git a/modules/hosts.nix b/modules/hosts.nix deleted file mode 100644 index 977c12e..0000000 --- a/modules/hosts.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ den, ... }: -{ - den.hosts.x86_64-linux = { - polaris.users.kiri = { - syncthingId = "6HBAKXB-DB3B4H2-BODCAXF-KD23H5W-6X5LGLC-ZJHZHLG-7U7YMGO-BB6IXQ3"; - }; - orion.users.kiri = { - syncthingId = "NNRNQKZ-OWPHSVA-B6KKBHE-SDYLSTV-7SVHGPR-NEWLKPL-4MWNJG4-G5FHUAI"; - }; - altair.users.kiri = { - syncthingId = ""; - }; - }; - - # Set hostname for each host - den.default.includes = - let - setHostname = - { host, ... }: - { - nixos = { - networking.hostName = host.hostName; - }; - }; - in - [ - setHostname - ]; -} diff --git a/modules/hosts/orion/default.nix b/modules/hosts/orion/default.nix new file mode 100644 index 0000000..7ed7ad3 --- /dev/null +++ b/modules/hosts/orion/default.nix @@ -0,0 +1,44 @@ +{ lib, lux, ... }: +{ + den.hosts.x86_64-linux.orion = { + domain = "jelles.net"; + }; + + den.aspects.orion = { + includes = with lux.services._; [ + caddy + openssh + vaultwarden + radicale + actual + gitea + + ( + { user, ... }: + { + nixos.users.users."${user.name}".linger = true; + } + ) + ]; + + nixos = + { pkgs, ... }: + { + environment.systemPackages = [ + pkgs.kitty + ]; + + networking = { + firewall.enable = true; + firewall.allowPing = false; + nftables.enable = true; + }; + + # Use ssh authorization for sudo instead of password + security.pam = { + sshAgentAuth.enable = true; + services.sudo.sshAgentAuth = true; + }; + }; + }; +} diff --git a/modules/orion-disk-config.nix b/modules/hosts/orion/orion-disk-config.nix similarity index 100% rename from modules/orion-disk-config.nix rename to modules/hosts/orion/orion-disk-config.nix diff --git a/modules/orion-hardware.nix b/modules/hosts/orion/orion-hardware.nix similarity index 100% rename from modules/orion-hardware.nix rename to modules/hosts/orion/orion-hardware.nix diff --git a/modules/polaris.nix b/modules/hosts/polaris/default.nix similarity index 62% rename from modules/polaris.nix rename to modules/hosts/polaris/default.nix index 7172e04..2ce9f89 100644 --- a/modules/polaris.nix +++ b/modules/hosts/polaris/default.nix @@ -1,7 +1,12 @@ -{ inputs, den, ... }: +{ inputs, lux, ... }: { + den.hosts.x86_64-linux.polaris = { }; + den.aspects.polaris = { - includes = [ den.ful.lux.workstation ]; + includes = [ + lux.workstation + ]; + nixos.imports = with inputs.nixos-hardware.nixosModules; [ common-pc common-pc-ssd diff --git a/modules/polaris-hardware.nix b/modules/hosts/polaris/polaris-hardware.nix similarity index 100% rename from modules/polaris-hardware.nix rename to modules/hosts/polaris/polaris-hardware.nix diff --git a/modules/keys.nix b/modules/keys.nix index 0475de5..22701b6 100644 --- a/modules/keys.nix +++ b/modules/keys.nix @@ -1,32 +1,39 @@ -{ ... }: +{ den, ... }: { - lux.ssh = { - homeManager = - { config, pkgs, ... }: - { - programs.gpg = { - enable = true; - homedir = "${config.xdg.dataHome}/gnupg"; - }; + lux.ssh = den.lib.parametric { + includes = [ + ( + { user, ... }: + { + homeManager = + { config, pkgs, ... }: + { + programs.gpg = { + enable = true; + homedir = "${config.xdg.dataHome}/gnupg"; + }; - services.gpg-agent = { - enable = true; - enableSshSupport = true; - enableZshIntegration = true; - pinentry.package = pkgs.pinentry-qt; - sshKeys = [ - "CD848796822630B280FC6DFA55F24A20040F22B5" - "B8FBDFBD7F42C444C17E086E0EE2E34FB43A7187" - ]; - }; + services.gpg-agent = { + enable = true; + enableSshSupport = true; + enableZshIntegration = true; + pinentry.package = pkgs.pinentry-qt; + sshKeys = [ + "CD848796822630B280FC6DFA55F24A20040F22B5" + "B8FBDFBD7F42C444C17E086E0EE2E34FB43A7187" + ]; + }; - programs.ssh = { - enable = true; - enableDefaultConfig = false; - includes = [ - "/home/kiri/.ssh/ssh-config-orion" - ]; - }; - }; + programs.ssh = { + enable = true; + enableDefaultConfig = false; + includes = [ + "${config.home.homeDirectory}/.ssh/ssh-config-orion" + ]; + }; + }; + } + ) + ]; }; } diff --git a/modules/kiri.nix b/modules/kiri.nix deleted file mode 100644 index ba641ec..0000000 --- a/modules/kiri.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ den, ... }: -{ - den.aspects.kiri = { - includes = [ - den._.primary-user - (den._.user-shell "zsh") - den.ful.lux.syncthing - ]; - - nixos = - { config, ... }: - { - users.users.kiri.hashedPasswordFile = config.sops.secrets.hashed-password-kiri.path; - }; - }; -} diff --git a/modules/noctalia.nix b/modules/noctalia.nix deleted file mode 100644 index 78e2fb4..0000000 --- a/modules/noctalia.nix +++ /dev/null @@ -1,564 +0,0 @@ -{ inputs, ... }: -{ - lux.noctalia = { - homeManager = - { pkgs, ... }: - { - imports = [ inputs.noctalia.homeModules.default ]; - - programs.noctalia-shell = { - enable = true; - package = inputs.noctalia.packages.${pkgs.stdenv.hostPlatform.system}.default.override { - calendarSupport = true; - }; - - systemd.enable = true; - settings = { - settingsVersion = 53; - bar = { - barType = "simple"; - position = "top"; - monitors = [ ]; - density = "default"; - showOutline = false; - showCapsule = true; - capsuleOpacity = 1; - capsuleColorKey = "none"; - backgroundOpacity = 0.93; - useSeparateOpacity = false; - floating = false; - marginVertical = 4; - marginHorizontal = 4; - frameThickness = 8; - frameRadius = 12; - outerCorners = true; - hideOnOverview = false; - displayMode = "always_visible"; - autoHideDelay = 500; - autoShowDelay = 150; - widgets = { - left = [ - { - icon = "rocket"; - iconColor = "none"; - id = "Launcher"; - } - { - clockColor = "none"; - customFont = ""; - formatHorizontal = "HH:mm ddd, MMM dd"; - formatVertical = "HH mm - dd MM"; - id = "Clock"; - tooltipFormat = "HH:mm ddd, MMM dd"; - useCustomFont = false; - } - { - characterCount = 2; - colorizeIcons = false; - emptyColor = "secondary"; - enableScrollWheel = true; - focusedColor = "primary"; - followFocusedScreen = false; - groupedBorderOpacity = 1; - hideUnoccupied = false; - iconScale = 0.8; - id = "Workspace"; - labelMode = "index"; - occupiedColor = "secondary"; - pillSize = 0.6; - reverseScroll = false; - showApplications = false; - showBadge = true; - showLabelsOnlyWhenOccupied = true; - unfocusedIconsOpacity = 1; - } - ]; - center = [ - { - colorizeIcons = false; - hideMode = "hidden"; - id = "ActiveWindow"; - maxWidth = 400; - scrollingMode = "hover"; - showIcon = true; - textColor = "none"; - useFixedWidth = false; - } - ]; - right = [ - { - compactMode = false; - compactShowAlbumArt = true; - compactShowVisualizer = false; - hideMode = "hidden"; - hideWhenIdle = false; - id = "MediaMini"; - maxWidth = 145; - panelShowAlbumArt = true; - panelShowVisualizer = true; - scrollingMode = "hover"; - showAlbumArt = true; - showArtistFirst = true; - showProgressRing = true; - showVisualizer = false; - textColor = "none"; - useFixedWidth = false; - visualizerType = "linear"; - } - { - blacklist = [ ]; - chevronColor = "none"; - colorizeIcons = false; - drawerEnabled = true; - hidePassive = false; - id = "Tray"; - pinned = [ ]; - } - { - hideWhenZero = false; - hideWhenZeroUnread = false; - iconColor = "none"; - id = "NotificationHistory"; - showUnreadBadge = true; - unreadBadgeColor = "primary"; - } - { - displayMode = "onhover"; - iconColor = "none"; - id = "Volume"; - middleClickCommand = "pwvucontrol || pavucontrol"; - textColor = "none"; - } - { - colorizeDistroLogo = false; - colorizeSystemIcon = "none"; - customIconPath = ""; - enableColorization = false; - icon = "noctalia"; - id = "ControlCenter"; - useDistroLogo = false; - } - ]; - }; - screenOverrides = [ ]; - }; - general = { - avatarImage = "/home/kiri/.face"; - dimmerOpacity = 0; - showScreenCorners = false; - forceBlackScreenCorners = false; - scaleRatio = 1; - radiusRatio = 1; - iRadiusRatio = 1; - boxRadiusRatio = 1; - screenRadiusRatio = 1; - animationSpeed = 1; - animationDisabled = false; - compactLockScreen = false; - lockScreenAnimations = false; - lockOnSuspend = true; - showSessionButtonsOnLockScreen = true; - showHibernateOnLockScreen = false; - enableShadows = true; - shadowDirection = "bottom_right"; - shadowOffsetX = 2; - shadowOffsetY = 3; - language = ""; - allowPanelsOnScreenWithoutBar = true; - showChangelogOnStartup = true; - telemetryEnabled = false; - enableLockScreenCountdown = true; - lockScreenCountdownDuration = 10000; - autoStartAuth = false; - allowPasswordWithFprintd = false; - clockStyle = "custom"; - clockFormat = "hh\\nmm"; - lockScreenMonitors = [ ]; - lockScreenBlur = 0; - lockScreenTint = 0; - keybinds = { - keyUp = [ - "Up" - ]; - keyDown = [ - "Down" - ]; - keyLeft = [ - "Left" - ]; - keyRight = [ - "Right" - ]; - keyEnter = [ - "Return" - ]; - keyEscape = [ - "Esc" - ]; - keyRemove = [ - "Del" - ]; - }; - }; - ui = { - fontDefault = "Comfortaa Medium"; - fontFixed = "FiraCode Nerd Font"; - fontDefaultScale = 1; - fontFixedScale = 1; - tooltipsEnabled = true; - panelBackgroundOpacity = 1; - panelsAttachedToBar = true; - settingsPanelMode = "attached"; - wifiDetailsViewMode = "grid"; - bluetoothDetailsViewMode = "grid"; - networkPanelView = "wifi"; - bluetoothHideUnnamedDevices = false; - boxBorderEnabled = false; - }; - location = { - name = "Meterik, Limburg"; - weatherEnabled = true; - weatherShowEffects = true; - useFahrenheit = false; - use12hourFormat = false; - showWeekNumberInCalendar = true; - showCalendarEvents = true; - showCalendarWeather = true; - analogClockInCalendar = false; - firstDayOfWeek = -1; - hideWeatherTimezone = false; - hideWeatherCityName = false; - }; - calendar = { - cards = [ - { - enabled = true; - id = "calendar-header-card"; - } - { - enabled = true; - id = "calendar-month-card"; - } - { - enabled = true; - id = "weather-card"; - } - ]; - }; - wallpaper = { - enabled = true; - overviewEnabled = false; - directory = "/home/kiri/media/images/wallpapers"; - monitorDirectories = [ ]; - enableMultiMonitorDirectories = false; - showHiddenFiles = false; - viewMode = "recursive"; - setWallpaperOnAllMonitors = true; - fillMode = "crop"; - fillColor = "#000000"; - useSolidColor = false; - solidColor = "#1a1a2e"; - automationEnabled = false; - wallpaperChangeMode = "random"; - randomIntervalSec = 300; - transitionDuration = 1500; - transitionType = "random"; - skipStartupTransition = false; - transitionEdgeSmoothness = 0.05; - panelPosition = "follow_bar"; - hideWallpaperFilenames = false; - overviewBlur = 0.4; - overviewTint = 0.6; - useWallhaven = false; - wallhavenQuery = ""; - wallhavenSorting = "relevance"; - wallhavenOrder = "desc"; - wallhavenCategories = "111"; - wallhavenPurity = "100"; - wallhavenRatios = ""; - wallhavenApiKey = ""; - wallhavenResolutionMode = "atleast"; - wallhavenResolutionWidth = ""; - wallhavenResolutionHeight = ""; - sortOrder = "name"; - favorites = [ ]; - }; - appLauncher = { - enableClipboardHistory = true; - autoPasteClipboard = false; - enableClipPreview = true; - clipboardWrapText = true; - clipboardWatchTextCommand = "wl-paste --type text --watch cliphist store"; - clipboardWatchImageCommand = "wl-paste --type image --watch cliphist store"; - position = "top_center"; - pinnedApps = [ ]; - useApp2Unit = false; - sortByMostUsed = true; - terminalCommand = "kitty -e"; - customLaunchPrefixEnabled = false; - customLaunchPrefix = ""; - viewMode = "grid"; - showCategories = true; - iconMode = "tabler"; - showIconBackground = false; - enableSettingsSearch = true; - enableWindowsSearch = true; - enableSessionSearch = true; - ignoreMouseInput = false; - screenshotAnnotationTool = ""; - overviewLayer = false; - density = "default"; - }; - controlCenter = { - position = "close_to_bar_button"; - diskPath = "/"; - shortcuts = { - left = [ - { - id = "Network"; - } - { - id = "Bluetooth"; - } - { - id = "WallpaperSelector"; - } - { - id = "NoctaliaPerformance"; - } - ]; - right = [ - { - id = "Notifications"; - } - { - id = "PowerProfile"; - } - { - id = "KeepAwake"; - } - { - id = "NightLight"; - } - ]; - }; - cards = [ - { - enabled = true; - id = "profile-card"; - } - { - enabled = true; - id = "shortcuts-card"; - } - { - enabled = true; - id = "audio-card"; - } - { - enabled = false; - id = "brightness-card"; - } - { - enabled = true; - id = "weather-card"; - } - { - enabled = true; - id = "media-sysmon-card"; - } - ]; - }; - systemMonitor = { - cpuWarningThreshold = 80; - cpuCriticalThreshold = 90; - tempWarningThreshold = 80; - tempCriticalThreshold = 90; - gpuWarningThreshold = 80; - gpuCriticalThreshold = 90; - memWarningThreshold = 80; - memCriticalThreshold = 90; - swapWarningThreshold = 80; - swapCriticalThreshold = 90; - diskWarningThreshold = 80; - diskCriticalThreshold = 90; - diskAvailWarningThreshold = 20; - diskAvailCriticalThreshold = 10; - batteryWarningThreshold = 20; - batteryCriticalThreshold = 5; - enableDgpuMonitoring = false; - useCustomColors = false; - warningColor = ""; - criticalColor = ""; - externalMonitor = "resources || missioncenter || jdsystemmonitor || corestats || system-monitoring-center || gnome-system-monitor || plasma-systemmonitor || mate-system-monitor || ukui-system-monitor || deepin-system-monitor || pantheon-system-monitor"; - }; - dock = { - enabled = false; - position = "bottom"; - displayMode = "auto_hide"; - backgroundOpacity = 1; - floatingRatio = 1; - size = 1; - onlySameOutput = true; - monitors = [ ]; - pinnedApps = [ ]; - colorizeIcons = false; - pinnedStatic = false; - inactiveIndicators = false; - deadOpacity = 0.6; - animationSpeed = 1; - }; - network = { - wifiEnabled = true; - airplaneModeEnabled = false; - bluetoothRssiPollingEnabled = false; - bluetoothRssiPollIntervalMs = 60000; - wifiDetailsViewMode = "grid"; - bluetoothDetailsViewMode = "grid"; - bluetoothHideUnnamedDevices = false; - disableDiscoverability = false; - }; - sessionMenu = { - enableCountdown = true; - countdownDuration = 10000; - position = "center"; - showHeader = true; - showKeybinds = true; - largeButtonsStyle = true; - largeButtonsLayout = "single-row"; - powerOptions = [ - { - action = "lock"; - enabled = true; - keybind = "1"; - } - { - action = "suspend"; - enabled = true; - keybind = "2"; - } - { - action = "hibernate"; - enabled = true; - keybind = "3"; - } - { - action = "reboot"; - enabled = true; - keybind = "4"; - } - { - action = "logout"; - enabled = true; - keybind = "5"; - } - { - action = "shutdown"; - enabled = true; - keybind = "6"; - } - ]; - }; - notifications = { - enabled = true; - density = "default"; - monitors = [ ]; - location = "top_right"; - overlayLayer = true; - backgroundOpacity = 1; - respectExpireTimeout = false; - lowUrgencyDuration = 3; - normalUrgencyDuration = 8; - criticalUrgencyDuration = 15; - saveToHistory = { - low = true; - normal = true; - critical = true; - }; - sounds = { - enabled = false; - volume = 0.5; - separateSounds = false; - criticalSoundFile = ""; - normalSoundFile = ""; - lowSoundFile = ""; - excludedApps = "discord,firefox,chrome,chromium,edge"; - }; - enableMediaToast = false; - enableKeyboardLayoutToast = true; - enableBatteryToast = true; - }; - osd = { - enabled = true; - location = "top_right"; - autoHideMs = 2000; - overlayLayer = true; - backgroundOpacity = 1; - enabledTypes = [ - 0 - 1 - 2 - ]; - monitors = [ ]; - }; - audio = { - volumeStep = 5; - volumeOverdrive = false; - cavaFrameRate = 30; - visualizerType = "linear"; - mprisBlacklist = [ ]; - preferredPlayer = ""; - volumeFeedback = false; - }; - brightness = { - brightnessStep = 5; - enforceMinimum = true; - enableDdcSupport = false; - }; - colorSchemes = { - useWallpaperColors = false; - predefinedScheme = "Kanagawa"; - darkMode = true; - schedulingMode = "off"; - manualSunrise = "06:30"; - manualSunset = "18:30"; - generationMethod = "tonal-spot"; - monitorForColors = ""; - }; - templates = { - activeTemplates = [ ]; - enableUserTheming = false; - }; - nightLight = { - enabled = false; - forced = false; - autoSchedule = true; - nightTemp = "4000"; - dayTemp = "6500"; - manualSunrise = "06:30"; - manualSunset = "18:30"; - }; - hooks = { - enabled = false; - wallpaperChange = ""; - darkModeChange = ""; - screenLock = ""; - screenUnlock = ""; - performanceModeEnabled = ""; - performanceModeDisabled = ""; - startup = ""; - session = ""; - }; - plugins = { - autoUpdate = false; - }; - desktopWidgets = { - enabled = false; - gridSnap = false; - monitorWidgets = [ ]; - }; - }; - }; - }; - }; -} diff --git a/modules/nvf.nix b/modules/nvf.nix deleted file mode 100644 index cb2b726..0000000 --- a/modules/nvf.nix +++ /dev/null @@ -1,244 +0,0 @@ -{ inputs, ... }: -{ - lux.nvf = { - homeManager = - { pkgs, ... }: - { - imports = [ inputs.nvf.homeManagerModules.default ]; - - programs.nvf = { - enable = true; - settings.vim = { - # extraPlugins.kanagawa = { - # package = pkgs.vimPlugins.kanagawa-nvim; - # setup = ''vim.cmd("colorscheme kanagawa")''; - # }; - - augroups = [ - { - clear = true; - name = "highlight-yank"; - } - ]; - - autocmds = [ - { - desc = "Highlight when yanking text"; - event = [ "TextYankPost" ]; - group = "highlight-yank"; - callback = inputs.nixpkgs.lib.generators.mkLuaInline /* lua */ '' - function() - vim.hl.on_yank() - end - ''; - } - ]; - - diagnostics = { - enable = true; - config = { - signs = true; - underline = true; - virtual_text = true; - }; - }; - - options = { - cursorline = true; - cursorlineopt = "both"; - splitright = true; - splitbelow = true; - scrolloff = 5; - number = true; - relativenumber = false; - - signcolumn = "yes"; - - list = true; - listchars = "tab:» ,trail:·,nbsp:␣"; - updatetime = 250; - timeoutlen = 300; - undofile = true; - confirm = true; - inccommand = "split"; - - ignorecase = true; - smartcase = true; - }; - - startPlugins = [ pkgs.vimPlugins.kanagawa-nvim ]; - luaConfigRC.theme-config = inputs.nvf.lib.nvim.dag.entryBefore [ "pluginConfigs" ] /* lua */ '' - require('kanagawa').setup({ - dimInactive = true, - }) - - vim.cmd("colorscheme kanagawa") - ''; - - extraPlugins.hmts = { - package = pkgs.vimPlugins.hmts-nvim; - }; - - languages = { - nix = { - enable = true; - format.enable = true; - treesitter.enable = true; - extraDiagnostics.enable = true; - - lsp.enable = true; - lsp.servers = [ "nixd" ]; - format.type = [ "nixfmt" ]; - }; - - qml = { - enable = true; - format.enable = true; - lsp.enable = true; - treesitter.enable = true; - }; - - python = { - enable = true; - format.enable = true; - lsp.enable = true; - treesitter.enable = true; - }; - }; - - formatter.conform-nvim.enable = true; - - lsp = { - enable = true; - formatOnSave = true; - inlayHints.enable = true; - lspconfig.enable = true; - lspkind.enable = true; - trouble.enable = true; - - servers.nixd.settings = - let - flake = ''(builtins.getFlake "/home/kiri/.config/nixos")''; - in - { - nixd = { - formatting.command = [ "nixfmt" ]; - nixpkgs.expr = "import ${flake}.inputs.nixpkgs {}"; - options = { - nixos.expr = "${flake}.nixosConfigurations.polaris.options"; - home-manager.expr = "${flake}.nixosConfigurations.polaris.options.home-manager.users.type.getSubOptions []"; - flake-parts.expr = "${flake}.debug.options"; - }; - }; - }; - }; - - projects.project-nvim = { - enable = true; - setupOpts = { - manual_mode = false; - }; - }; - - utility.sleuth.enable = true; - - telescope = { - enable = true; - setupOpts = { - defaults = { - color_devicons = true; - }; - }; - extensions = [ - { - name = "fzf"; - packages = [ pkgs.vimPlugins.telescope-fzf-native-nvim ]; - setup = { - fzf = { - fuzzy = true; - }; - }; - } - ]; - }; - - mini = { - ai.enable = true; - surround.enable = true; - files.enable = true; - hipatterns = { - enable = true; - setupOpts = { - highlighters = { - fixme = { - pattern = "%f[%w]()FIXME()%f[%W]"; - group = "MiniHipatternsFixme"; - }; - hack = { - pattern = "%f[%w]()HACK()%f[%W]"; - group = "MiniHipatternsHack"; - }; - todo = { - pattern = "%f[%w]()TODO()%f[%W]"; - group = "MiniHipatternsTodo"; - }; - note = { - pattern = "%f[%w]()NOTE()%f[%W]"; - group = "MiniHipatternsNote"; - }; - - hex_color = - inputs.nixpkgs.lib.mkLuaInline - /* lua */ "require('mini.hipatterns').gen_highlighter.hex_color()"; - }; - }; - - }; - icons.enable = true; - indentscope.enable = true; - indentscope.setupOpts = { - symbol = "│"; - }; - }; - - autopairs.nvim-autopairs.enable = true; - - ui = { - colorful-menu-nvim.enable = true; - }; - - luaConfigRC.mini-icons-mock = inputs.nvf.lib.nvim.dag.entryAfter [ "pluginConfigs" ] /* lua */ '' - require('mini.icons').mock_nvim_web_devicons() - ''; - - statusline.lualine.enable = true; - - binds.whichKey = { - enable = true; - }; - - autocomplete.blink-cmp = { - enable = true; - mappings = { - confirm = ""; - next = ""; - previous = ""; - }; - setupOpts = { - cmdline.keymap.preset = "inherit"; - cmdline.completion.menu.auto_show = true; - - sources.default = [ - "lsp" - "path" - "snippets" - ]; - - signature.enabled = true; - }; - }; - }; - }; - }; - }; -} diff --git a/modules/orion.nix b/modules/orion.nix deleted file mode 100644 index 78e106c..0000000 --- a/modules/orion.nix +++ /dev/null @@ -1,134 +0,0 @@ -{ den, lib, ... }: -{ - den.aspects.orion = { - includes = [ - ( - { host, ... }: - { - # Start all user services on boot not on login (useful for syncthing) - nixos.users.users = lib.mapAttrs (_: _: { linger = true; }) host.users; - } - ) - ]; - - nixos = - { config, pkgs, ... }: - { - environment.systemPackages = [ - pkgs.kitty - ]; - - networking = { - firewall.enable = true; - firewall.allowPing = false; - nftables.enable = true; - }; - - # Use ssh authorization for sudo instead of password - security.pam = { - sshAgentAuth.enable = true; - services.sudo.sshAgentAuth = true; - }; - - services = { - caddy = { - enable = true; - email = "mail@jelles.net"; - openFirewall = true; - }; - - openssh = { - enable = true; - settings = { - PermitRootLogin = "no"; - PasswordAuthentication = false; - # TODO: Retrieve usernames dynamically - AllowUsers = [ - "kiri" - "git" - ]; - }; - }; - - vaultwarden = { - enable = true; - backupDir = "/var/backup/vaultwarden"; - config = { - DOMAIN = "https://vault.jelles.net"; - SIGNUPS_ALLOWED = false; - ROCKET_PORT = 8100; - ROCKET_LOG = "critical"; - }; - }; - caddy.virtualHosts."vault.jelles.net".extraConfig = - "reverse_proxy :${toString config.services.vaultwarden.config.ROCKET_PORT}"; - - radicale = { - enable = true; - settings = { - server.hosts = [ "127.0.0.1:5232" ]; - - auth = { - type = "htpasswd"; - # TODO: Get password file from SOPS - htpasswd_filename = "/var/lib/radicale/users"; - htpasswd_encryption = "bcrypt"; - }; - - storage.filesystem_folder = "/var/lib/radicale/collections"; - }; - }; - - # TODO: Is this extensive config necessary? - caddy.virtualHosts."radicale.jelles.net".extraConfig = '' - reverse_proxy :5232 { - header_up X-Script-Name / - header_up X-Forwarded-For {remote} - header_up X-Remote-User {http.auth.user.id} - }''; - - actual = { - enable = true; - openFirewall = false; - settings = { - port = 3000; - hostname = "127.0.0.1"; - }; - }; - caddy.virtualHosts."finance.jelles.net".extraConfig = - "reverse_proxy :${toString config.services.actual.settings.port}"; - - gitea = { - enable = true; - - settings = { - server = { - DOMAIN = "git.jelles.net"; - ROOT_URL = "https://git.jelles.net/"; - HTTP_PORT = 3001; - HTTP_ADDR = "127.0.0.1"; - - START_SSH_SERVER = false; - SSH_PORT = 22; - }; - - service = { - DISABLE_REGISTRATION = true; - }; - }; - }; - - caddy.virtualHosts."git.jelles.net".extraConfig = - "reverse_proxy :${toString config.services.gitea.settings.server.HTTP_PORT}"; - - }; - - # TODO: Username dynamically - users.users.kiri = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAU2LydkXRTtNFY7oyX8JQURwXLVhB71DeK8XzrXeFX1 openpgp:0xA490D93A" - ]; - }; - }; - }; -} diff --git a/modules/pim.nix b/modules/pim.nix deleted file mode 100644 index a711cc9..0000000 --- a/modules/pim.nix +++ /dev/null @@ -1,79 +0,0 @@ -{ ... }: -{ - lux.pim = { - homeManager = - { config, ... }: - let - calendarsPath = "${config.xdg.dataHome}/calendars"; - in - { - programs.pimsync.enable = true; - services.pimsync.enable = true; - - programs.khal = { - # FIXME: Temporarily disabled because of bug in nixpkgs-unstable (27-02-26) - enable = false; - locale = { - timeformat = "%H:%M"; - dateformat = "$m-$d"; - }; - }; - - programs.todoman = { - enable = true; - glob = "*/*"; - extraConfig = '' - date_format = "%Y-%m-%d" - time_format = "%H:%M" - default_list = "personal" - default_due = 0 - default_command = "list --sort priority,due" - humanize = True - ''; - }; - - accounts.calendar = { - basePath = calendarsPath; - accounts = { - "radicale" = { - primary = true; - primaryCollection = "personal"; - - local = { - type = "filesystem"; - fileExt = ".ics"; - }; - - remote = { - url = "https://radicale.jelles.net/"; - type = "caldav"; - userName = "kiri"; - passwordCommand = [ - "rbw" - "get" - "Radicale" - ]; - }; - - pimsync = { - enable = true; - extraPairDirectives = [ - { - name = "collections"; - params = [ "from b" ]; - } - ]; - }; - - khal = { - enable = true; - type = "discover"; - color = "light blue"; - }; - }; - }; - }; - - }; - }; -} diff --git a/modules/workstation.nix b/modules/profiles/workstation.nix similarity index 71% rename from modules/workstation.nix rename to modules/profiles/workstation.nix index 1ee396c..9f50934 100644 --- a/modules/workstation.nix +++ b/modules/profiles/workstation.nix @@ -1,21 +1,21 @@ -{ den, ... }: +{ lux, den, ... }: { - lux.workstation = { - includes = [ - den.ful.lux.greeter - den.ful.lux.niri - den.ful.lux.xdg - den.ful.lux.dev - den.ful.lux.terminal - den.ful.lux.shell - den.ful.lux.noctalia - den.ful.lux.pim - # den.ful.lux.nvf - den.ful.lux.neovim - den.ful.lux.email - den.ful.lux.bitwarden - den.ful.lux.ssh - den.ful.lux.helium + lux.workstation = den.lib.parametric { + includes = with lux; [ + region-nl + + greeter + niri + xdg + + # GUI Applications & Dev Tools + bitwarden + email + dev + noctalia + pim + mpv + helium ]; homeManager = @@ -32,48 +32,6 @@ planify ]; - programs.mpv = { - enable = true; - bindings = { - D = "cycle deband"; - }; - config = { - profile = "high-quality"; - - osc = "no"; - border = "no"; - - vo = "gpu-next"; - gpu-api = "vulkan"; - hwdec = "vulkan"; - - demuxer-mkv-subtitle-preroll = "yes"; - sub-auto = "fuzzy"; - - sub-gauss = 1.0; - sub-gray = "yes"; - - tone-mapping = "bt.2446a"; - - keep-open = "yes"; - save-position-on-quit = "yes"; - - volume-max = 150; - - deband = "yes"; - deband-iterations = 2; - deband-threshold = 64; - deband-range = 17; - deband-grain = 12; - }; - scripts = with pkgs.mpvScripts; [ - modernz - thumbfast - mpris - autosub - ]; - }; - programs.ripgrep.enable = true; programs.uv.enable = true; @@ -107,7 +65,6 @@ { config, pkgs, - lib, ... }: { diff --git a/modules/secrets/sops.nix b/modules/secrets/sops.nix index e1642ef..3d9d74e 100644 --- a/modules/secrets/sops.nix +++ b/modules/secrets/sops.nix @@ -1,24 +1,29 @@ -{ inputs, ... }: +{ inputs, den, ... }: { - den.default = { - nixos = - { pkgs, ... }: + den.default.includes = [ + ( + { host, ... }: { - imports = [ inputs.sops-nix.nixosModules.sops ]; + nixos = + { pkgs, ... }: + { + imports = [ inputs.sops-nix.nixosModules.sops ]; + + sops = { + age.keyFile = "/home/${(builtins.head (builtins.attrValues host.users)).name}/.config/sops/age/keys.txt"; + defaultSopsFile = ./secrets.yaml; + secrets = { + hashed-password-kiri.neededForUsers = true; + }; + }; + + environment.systemPackages = with pkgs; [ + sops + age + ]; - sops = { - age.keyFile = "/home/kiri/.config/sops/age/keys.txt"; - defaultSopsFile = ./secrets.yaml; - secrets = { - hashed-password-kiri.neededForUsers = true; }; - }; - - environment.systemPackages = with pkgs; [ - sops - age - ]; - - }; - }; + } + ) + ]; } diff --git a/modules/services/actual.nix b/modules/services/actual.nix new file mode 100644 index 0000000..bb8ebaa --- /dev/null +++ b/modules/services/actual.nix @@ -0,0 +1,26 @@ +{ den, ... }: +{ + lux.services._.actual = den.lib.exactly { + includes = [ + ( + { host, ... }: + { + nixos = + { config, ... }: + { + services.actual = { + enable = true; + openFirewall = false; + settings = { + port = 3000; + hostname = "127.0.0.1"; + }; + }; + services.caddy.virtualHosts."finance.${host.domain}".extraConfig = + "reverse_proxy :${toString config.services.actual.settings.port}"; + }; + } + ) + ]; + }; +} diff --git a/modules/services/caddy.nix b/modules/services/caddy.nix new file mode 100644 index 0000000..7eb494b --- /dev/null +++ b/modules/services/caddy.nix @@ -0,0 +1,19 @@ +{ den, lib, ... }: +{ + lux.services._.caddy = den.lib.parametric { + includes = [ + ( + { host, ... }: + { + nixos = { + services.caddy = { + enable = true; + email = "mail@jelles.net"; + openFirewall = true; + }; + }; + } + ) + ]; + }; +} diff --git a/modules/services/gitea.nix b/modules/services/gitea.nix new file mode 100644 index 0000000..d44058d --- /dev/null +++ b/modules/services/gitea.nix @@ -0,0 +1,40 @@ +{ den, ... }: +{ + lux.services._.gitea = den.lib.parametric { + includes = [ + ( + den.lib.take.exactly({ host }: + { + nixos = + { config, ... }: + { + services.gitea = { + enable = true; + + settings = { + server = { + DOMAIN = "git.${host.domain}"; + ROOT_URL = "https://git.${host.domain}/"; + HTTP_PORT = 3001; + HTTP_ADDR = "127.0.0.1"; + + START_SSH_SERVER = false; + SSH_PORT = 22; + }; + + service = { + DISABLE_REGISTRATION = true; + }; + }; + }; + + services.openssh.settings.AllowUsers = [ "git" ]; + + services.caddy.virtualHosts."git.${host.domain}".extraConfig = + "reverse_proxy :${toString config.services.gitea.settings.server.HTTP_PORT}"; + }; + } + )) + ]; + }; +} diff --git a/modules/services/openssh.nix b/modules/services/openssh.nix new file mode 100644 index 0000000..04e8373 --- /dev/null +++ b/modules/services/openssh.nix @@ -0,0 +1,21 @@ +{ den, lib, ... }: +{ + lux.services._.openssh = den.lib.parametric.exactly { + includes = [ + ( + { host }: + { + nixos.services.openssh.settings.nixos.services.openssh = { + enable = true; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + AllowUsers = lib.attrNames host.users; + }; + }; + } + ) + ]; + }; + +} diff --git a/modules/services/radicale.nix b/modules/services/radicale.nix new file mode 100644 index 0000000..2b40185 --- /dev/null +++ b/modules/services/radicale.nix @@ -0,0 +1,37 @@ +{ den, ... }: +{ + lux.services._.radicale = den.lib.exactly { + includes = [ + ( + { host, ... }: + { + nixos = + { config, ... }: + { + services.radicale = { + enable = true; + settings = { + server.hosts = [ "127.0.0.1:5232" ]; + + auth = { + type = "htpasswd"; + htpasswd_filename = config.sops.secrets.radicale-users.path; + htpasswd_encryption = "bcrypt"; + }; + + storage.filesystem_folder = "/var/lib/radicale/collections"; + }; + }; + + services.caddy.virtualHosts."radicale.${host.domain}".extraConfig = '' + reverse_proxy :5232 { + header_up X-Script-Name / + header_up X-Forwarded-For {remote} + header_up X-Remote-User {http.auth.user.id} + }''; + }; + } + ) + ]; + }; +} diff --git a/modules/services/vaultwarden.nix b/modules/services/vaultwarden.nix new file mode 100644 index 0000000..c311d95 --- /dev/null +++ b/modules/services/vaultwarden.nix @@ -0,0 +1,29 @@ +{ den, ... }: +{ + lux.services._.vaultwarden = den.lib.parametric.exactly { + includes = [ + ( + { host }: + { + nixos = + { config, ... }: + { + services.vaultwarden = { + enable = true; + backupDir = "/var/backup/vaultwarden"; + config = { + DOMAIN = "https://vault.${host.domain}"; + SIGNUPS_ALLOWED = false; + ROCKET_PORT = 8100; + ROCKET_LOG = "critical"; + }; + }; + + services.caddy.virtualHosts."vault.${host.domain}".extraConfig = + "reverse_proxy :${toString config.services.vaultwarden.config.ROCKET_PORT}"; + }; + } + ) + ]; + }; +} diff --git a/modules/state.nix b/modules/state.nix deleted file mode 100644 index 7a8368e..0000000 --- a/modules/state.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - den.default = - let - configState = "24.05"; - in - { - nixos.system.stateVersion = configState; - homeManager.home.stateVersion = configState; - }; -} diff --git a/modules/users.nix b/modules/users.nix deleted file mode 100644 index e4c0747..0000000 --- a/modules/users.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ inputs, ... }: -let - den-lib = inputs.den.lib; -in -{ - # Functions exist in den already but good practice to write it myself - lux.utils.provides = { - define-user = - { - user, - ... - }: - { - nixos = { - users.users."${user}" = { - isNormalUser = true; - }; - }; - }; - }; -} diff --git a/modules/users/kiri.nix b/modules/users/kiri.nix new file mode 100644 index 0000000..bc8988c --- /dev/null +++ b/modules/users/kiri.nix @@ -0,0 +1,51 @@ +{ den, lux, ... }: +let + userAccount = { + email = "mail@jelles.net"; + realName = "Jelle Spreeuwenberg"; + serverDomain = "jelles.net"; + emails = { + old = "mail@jellespreeuwenberg.nl"; + uni = "j.spreeuwenberg@student.tue.nl"; + work = "jelle.spreeuwenberg@yookr.org"; + }; + }; +in +{ + den.hosts.x86_64-linux.polaris.users.kiri = userAccount // { + syncthingId = "6HBAKXB-DB3B4H2-BODCAXF-KD23H5W-6X5LGLC-ZJHZHLG-7U7YMGO-BB6IXQ3"; + }; + + den.hosts.x86_64-linux.orion.users.kiri = userAccount // { + syncthingId = "NNRNQKZ-OWPHSVA-B6KKBHE-SDYLSTV-7SVHGPR-NEWLKPL-4MWNJG4-G5FHUAI"; + }; + + den.aspects.kiri = { + includes = with lux; [ + den._.primary-user + (den._.user-shell "zsh") + ( + { user, ... }: + { + nixos.users.users.${user.name}.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAU2LydkXRTtNFY7oyX8JQURwXLVhB71DeK8XzrXeFX1 openpgp:0xA490D93A" + ]; + } + ) + + # Core User Tools & Environment (Available on Desktop and Server) + syncthing + terminal + shell + neovim + ssh + dev + ]; + + nixos = + { config, ... }: + { + users.users.kiri.hashedPasswordFile = config.sops.secrets.hashed-password-kiri.path; + }; + }; +}