diff --git a/flake.lock b/flake.lock
index e5d0598..ca24d53 100644
--- a/flake.lock
+++ b/flake.lock
@@ -161,6 +161,26 @@
"type": "github"
}
},
+ "community-solid-server": {
+ "inputs": {
+ "flake-parts": "flake-parts_3",
+ "nixpkgs": "nixpkgs_5"
+ },
+ "locked": {
+ "lastModified": 1767157894,
+ "narHash": "sha256-s8NPpc+JEcjFky2ct/2MznokguqM/SkLDT69vZjxo68=",
+ "owner": "tophcodes",
+ "repo": "CommunitySolidServer.nix",
+ "rev": "e98e80c7fee3b29c80197bee3b2732f7991ba832",
+ "type": "github"
+ },
+ "original": {
+ "owner": "tophcodes",
+ "ref": "main",
+ "repo": "CommunitySolidServer.nix",
+ "type": "github"
+ }
+ },
"darwin": {
"inputs": {
"nixpkgs": [
@@ -396,6 +416,24 @@
}
},
"flake-parts_3": {
+ "inputs": {
+ "nixpkgs-lib": "nixpkgs-lib_2"
+ },
+ "locked": {
+ "lastModified": 1765835352,
+ "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=",
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "rev": "a34fae9c08a15ad73f295041fec82323541400a9",
+ "type": "github"
+ },
+ "original": {
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "type": "github"
+ }
+ },
+ "flake-parts_4": {
"inputs": {
"nixpkgs-lib": [
"nur",
@@ -416,7 +454,7 @@
"type": "github"
}
},
- "flake-parts_4": {
+ "flake-parts_5": {
"inputs": {
"nixpkgs-lib": [
"stylix",
@@ -437,6 +475,24 @@
"type": "github"
}
},
+ "flake-parts_6": {
+ "inputs": {
+ "nixpkgs-lib": "nixpkgs-lib_3"
+ },
+ "locked": {
+ "lastModified": 1765835352,
+ "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=",
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "rev": "a34fae9c08a15ad73f295041fec82323541400a9",
+ "type": "github"
+ },
+ "original": {
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "type": "github"
+ }
+ },
"flake-utils": {
"inputs": {
"systems": "systems_2"
@@ -510,6 +566,22 @@
"type": "github"
}
},
+ "flatpak": {
+ "locked": {
+ "lastModified": 1739444422,
+ "narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=",
+ "owner": "gmodena",
+ "repo": "nix-flatpak",
+ "rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177",
+ "type": "github"
+ },
+ "original": {
+ "owner": "gmodena",
+ "ref": "v0.6.0",
+ "repo": "nix-flatpak",
+ "type": "github"
+ }
+ },
"fromYaml": {
"flake": false,
"locked": {
@@ -529,7 +601,7 @@
"git-global-log": {
"inputs": {
"flake-utils": "flake-utils",
- "nixpkgs": "nixpkgs_5"
+ "nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1766486364,
@@ -669,9 +741,25 @@
"type": "github"
}
},
+ "master": {
+ "locked": {
+ "lastModified": 1767143992,
+ "narHash": "sha256-c3jlq36uxltxGLuQ3KPYfxZkue/LLD0Ct3NdhBUsRyo=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "5830d8dfe6ae79365987d78bda3dd4152c271d8b",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "master",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
"musnix": {
"inputs": {
- "nixpkgs": "nixpkgs_6"
+ "nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1756852730,
@@ -691,22 +779,21 @@
"inputs": {
"niri-stable": "niri-stable",
"niri-unstable": "niri-unstable",
- "nixpkgs": "nixpkgs_7",
+ "nixpkgs": "nixpkgs_8",
"nixpkgs-stable": "nixpkgs-stable",
"xwayland-satellite-stable": "xwayland-satellite-stable",
"xwayland-satellite-unstable": "xwayland-satellite-unstable"
},
"locked": {
- "lastModified": 1764969102,
- "narHash": "sha256-b9AEnfuNHbykNw/X4Vqz8uzPg/4S8ZfWE9ggkkz+KR8=",
+ "lastModified": 1767077227,
+ "narHash": "sha256-wdUitn3XbaC99X0ctfHf0q5lGQ/1ogUwzjqTD4bkrDg=",
"owner": "sodiboo",
"repo": "niri-flake",
- "rev": "9e59ee80bf92a02423e7ca7b301f969fe230c8d8",
+ "rev": "9c4cb4a2b1adf7a24064a8cf5c829f464622d520",
"type": "github"
},
"original": {
"owner": "sodiboo",
- "ref": "9e59ee8",
"repo": "niri-flake",
"type": "github"
}
@@ -775,6 +862,36 @@
"type": "github"
}
},
+ "nixpkgs-lib_2": {
+ "locked": {
+ "lastModified": 1765674936,
+ "narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=",
+ "owner": "nix-community",
+ "repo": "nixpkgs.lib",
+ "rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-community",
+ "repo": "nixpkgs.lib",
+ "type": "github"
+ }
+ },
+ "nixpkgs-lib_3": {
+ "locked": {
+ "lastModified": 1765674936,
+ "narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=",
+ "owner": "nix-community",
+ "repo": "nixpkgs.lib",
+ "rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-community",
+ "repo": "nixpkgs.lib",
+ "type": "github"
+ }
+ },
"nixpkgs-stable": {
"locked": {
"lastModified": 1764831616,
@@ -856,6 +973,22 @@
}
},
"nixpkgs_5": {
+ "locked": {
+ "lastModified": 1767051569,
+ "narHash": "sha256-0MnuWoN+n1UYaGBIpqpPs9I9ZHW4kynits4mrnh1Pk4=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "40ee5e1944bebdd128f9fbada44faefddfde29bd",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "nixos-25.05",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "nixpkgs_6": {
"locked": {
"lastModified": 1766309749,
"narHash": "sha256-3xY8CZ4rSnQ0NqGhMKAy5vgC+2IVK0NoVEzDoOh4DA4=",
@@ -871,7 +1004,7 @@
"type": "github"
}
},
- "nixpkgs_6": {
+ "nixpkgs_7": {
"locked": {
"lastModified": 1756542300,
"narHash": "sha256-tlOn88coG5fzdyqz6R93SQL5Gpq+m/DsWpekNFhqPQk=",
@@ -887,7 +1020,7 @@
"type": "github"
}
},
- "nixpkgs_7": {
+ "nixpkgs_8": {
"locked": {
"lastModified": 1764667669,
"narHash": "sha256-7WUCZfmqLAssbDqwg9cUDAXrSoXN79eEEq17qhTNM/Y=",
@@ -903,7 +1036,7 @@
"type": "github"
}
},
- "nixpkgs_8": {
+ "nixpkgs_9": {
"locked": {
"lastModified": 1764983851,
"narHash": "sha256-y7RPKl/jJ/KAP/VKLMghMgXTlvNIJMHKskl8/Uuar7o=",
@@ -919,9 +1052,29 @@
"type": "github"
}
},
+ "noctalia": {
+ "inputs": {
+ "nixpkgs": [
+ "unstable"
+ ]
+ },
+ "locked": {
+ "lastModified": 1767337656,
+ "narHash": "sha256-gIS9ERV3qKx9P6kGhkfcjNVABg1BT6HqW5LLZlUptNo=",
+ "owner": "noctalia-dev",
+ "repo": "noctalia-shell",
+ "rev": "c4f3fc4d1d5f37a51f2843a125af6b292b8f2fdc",
+ "type": "github"
+ },
+ "original": {
+ "owner": "noctalia-dev",
+ "repo": "noctalia-shell",
+ "type": "github"
+ }
+ },
"nur": {
"inputs": {
- "flake-parts": "flake-parts_3",
+ "flake-parts": "flake-parts_4",
"nixpkgs": [
"nixpkgs"
]
@@ -989,17 +1142,16 @@
]
},
"locked": {
- "lastModified": 1766507159,
- "narHash": "sha256-hrIi3T99HKRMzmMJdCD4u8Ttv0iEcfAPEt27Tg5evjU=",
- "ref": "refs/heads/main",
- "rev": "6bc136d983fb0995b19cc63f6304120cf4d33355",
- "revCount": 31,
+ "dirtyRev": "60887a8ec4d6a49e95f3eed9bfe64ca5e47f907b-dirty",
+ "dirtyShortRev": "60887a8-dirty",
+ "lastModified": 1766532301,
+ "narHash": "sha256-U5Yisb+8bYqacQfW1I4JYf6jsquSPsJqZL+sdHcGAN4=",
"type": "git",
- "url": "file:///home/christopher/workspaces/ovos-flake"
+ "url": "file:///home/christopher/workspaces/mine/ovos-flake"
},
"original": {
"type": "git",
- "url": "file:///home/christopher/workspaces/ovos-flake"
+ "url": "file:///home/christopher/workspaces/mine/ovos-flake"
}
},
"plugin-loader": {
@@ -1058,19 +1210,24 @@
"agenix": "agenix",
"agenix-rekey": "agenix-rekey",
"awww": "awww",
+ "community-solid-server": "community-solid-server",
"darwin": "darwin_2",
"disko": "disko",
+ "flatpak": "flatpak",
"git-global-log": "git-global-log",
"home-manager": "home-manager_2",
+ "master": "master",
"musnix": "musnix",
"niri": "niri",
- "nixpkgs": "nixpkgs_8",
+ "nixpkgs": "nixpkgs_9",
+ "noctalia": "noctalia",
"nur": "nur",
"ovos": "ovos",
"quadlet": "quadlet",
"snowfall": "snowfall",
"stylix": "stylix",
- "unstable": "unstable"
+ "unstable": "unstable",
+ "waka-victoriametrics": "waka-victoriametrics"
}
},
"rust-overlay": {
@@ -1123,7 +1280,7 @@
"base16-helix": "base16-helix",
"base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme",
- "flake-parts": "flake-parts_4",
+ "flake-parts": "flake-parts_5",
"gnome-shell": "gnome-shell",
"nixpkgs": [
"nixpkgs"
@@ -1361,6 +1518,27 @@
"type": "github"
}
},
+ "waka-victoriametrics": {
+ "inputs": {
+ "flake-parts": "flake-parts_6",
+ "nixpkgs": [
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1767162295,
+ "narHash": "sha256-gUVVL6Euk7cgLSxT1Ybl3lAdcpA7APbURDg8goz1yxU=",
+ "ref": "refs/heads/main",
+ "rev": "08d5652ba298da6eb18b505fcd8cf905504d958c",
+ "revCount": 7,
+ "type": "git",
+ "url": "file:///home/christopher/workspaces/mine/waka-victoriametrics"
+ },
+ "original": {
+ "type": "git",
+ "url": "file:///home/christopher/workspaces/mine/waka-victoriametrics"
+ }
+ },
"xwayland-satellite-stable": {
"flake": false,
"locked": {
diff --git a/flake.nix b/flake.nix
index 085c8e7..06f9fee 100644
--- a/flake.nix
+++ b/flake.nix
@@ -5,6 +5,7 @@
# Core
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
+ master.url = "github:NixOS/nixpkgs/master";
# Flake framework
# flake-parts.url = "github:hercules-ci/flake-parts";
@@ -49,17 +50,29 @@
affinity-nix.url = "github:mrshmllow/affinity-nix";
quadlet.url = "github:SEIAROTg/quadlet-nix";
musnix.url = "github:musnix/musnix";
- niri.url = "github:sodiboo/niri-flake/9e59ee8";
+ niri.url = "github:sodiboo/niri-flake";
+ flatpak.url = "github:gmodena/nix-flatpak/?ref=v0.6.0";
awww.url = "git+https://codeberg.org/LGFae/awww";
git-global-log.url = "github:tophcodes/git-global-log";
nur = {
url = "github:nix-community/NUR";
inputs.nixpkgs.follows = "nixpkgs";
};
+ community-solid-server = {
+ url = "github:tophcodes/CommunitySolidServer.nix/main";
+ };
+ noctalia = {
+ url = "github:noctalia-dev/noctalia-shell";
+ inputs.nixpkgs.follows = "unstable";
+ };
# Custom
ovos = {
- url = "git+file:///home/christopher/workspaces/ovos-flake";
+ url = "git+file:///home/christopher/workspaces/mine/ovos-flake";
+ inputs.nixpkgs.follows = "nixpkgs";
+ };
+ waka-victoriametrics = {
+ url = "git+file:///home/christopher/workspaces/mine/waka-victoriametrics";
inputs.nixpkgs.follows = "nixpkgs";
};
};
@@ -95,6 +108,7 @@
stylix.nixosModules.stylix
musnix.nixosModules.default
ovos.nixosModules.default
+ waka-victoriametrics.nixosModules.default
];
beryllium.modules = [
quadlet.nixosModules.quadlet
@@ -105,6 +119,10 @@
};
homes.users = {
+ # TODO: For some reason this needs to be toggled for agenix to work?
+ # "christopher@cobalt".modules = with inputs; [
+ # niri.homeModules.niri
+ # ];
"christopher@beryllium".modules = with inputs; [
quadlet.homeManagerModules.quadlet
];
@@ -121,6 +139,9 @@
niri.overlays.niri
nur.overlays.default
ovos.overlays.default
+ (final: prev: {
+ waka-victoriametrics = waka-victoriametrics.packages.${final.system}.default;
+ })
];
outputs-builder = channels: {
diff --git a/homes/x86_64-linux/christopher@cobalt/config/dev.nix b/homes/x86_64-linux/christopher@cobalt/config/dev.nix
index 2d2df1a..144e7a2 100644
--- a/homes/x86_64-linux/christopher@cobalt/config/dev.nix
+++ b/homes/x86_64-linux/christopher@cobalt/config/dev.nix
@@ -1,9 +1,4 @@
-{
- pkgs,
- inputs,
- system,
- ...
-}: {
+{pkgs, ...}: {
home.packages = with pkgs; [
# Editors
jetbrains-toolbox # Installer for JetBrains IDEs
@@ -11,7 +6,10 @@
code-cursor
vscode
- rfc
+ atuin-desktop
+ rfc # TUI-based RFC reader
+ nix-init # Generate Nix packages from URLs
+ install-nothing
# Language Servers
lua-language-server
@@ -21,14 +19,18 @@
nil # nix lsp
# trurl # Parsing and manipulating URLs via CLI
+ pandoc # Document converter
ripgrep # Grep file search
dig # DNS
onefetch # Git information tool
tokei # Like cloc
+ gource
zeal # Offline documentation browser
+ _elements.dedoc # Terminal-based documentation viewer
just # Just a command runner
claude-monitor
devenv
+ gitui
_elements.oryx # TUI for sniffing network traffic using eBPF
# Build tools
diff --git a/homes/x86_64-linux/christopher@cobalt/config/fonts.nix b/homes/x86_64-linux/christopher@cobalt/config/fonts.nix
index 8071e3c..a4802c5 100644
--- a/homes/x86_64-linux/christopher@cobalt/config/fonts.nix
+++ b/homes/x86_64-linux/christopher@cobalt/config/fonts.nix
@@ -1,13 +1,31 @@
{pkgs, ...}: {
home.packages = with pkgs; [
font-manager
- nerd-fonts.monaspace # Patched fonts
- google-fonts # Google fonts
- monaspace
+ google-fonts
+ kdePackages.kcharselect
];
fonts.fontconfig.enable = true;
+ stylix.fonts = {
+ monospace = {
+ name = "Monaspace Neon NF";
+ package = pkgs.nerd-fonts.monaspace;
+ };
+
+ sizes = {
+ applications = 12;
+ terminal = 13;
+ desktop = 10;
+ popups = 10;
+ };
+ };
+
+ programs.kitty.settings = {
+ font_family = "family='MonaspiceNe Nerd Font' style='Light'";
+ bold_font = "family='MonaspiceNe Nerd Font' style='Bold'";
+ };
+
home.file.".local/share/fonts" = {
# This includes FontAwesome and other proprietary fonts which are licensed,
# so I have to download them from a private repository
diff --git a/homes/x86_64-linux/christopher@cobalt/config/git.nix b/homes/x86_64-linux/christopher@cobalt/config/git.nix
index 41011f9..fa8f171 100644
--- a/homes/x86_64-linux/christopher@cobalt/config/git.nix
+++ b/homes/x86_64-linux/christopher@cobalt/config/git.nix
@@ -43,8 +43,8 @@
alias.force-push = "push --force-with-lease"; # Safe force pushes
fetch.writeCommitGraph = true; # Automatically write the commit graph on fetches
init.defaultBranch = "main";
- core.pager = "delta";
- interactive.diffFilter = "delta --color-only";
+ # core.pager = "delta";
+ # interactive.diffFilter = "delta --color-only";
delta = {
navigate = true;
dark = true;
diff --git a/homes/x86_64-linux/christopher@cobalt/config/radicle.nix b/homes/x86_64-linux/christopher@cobalt/config/radicle.nix
new file mode 100644
index 0000000..9f4f8b8
--- /dev/null
+++ b/homes/x86_64-linux/christopher@cobalt/config/radicle.nix
@@ -0,0 +1,14 @@
+{pkgs, ...}: {
+ home.packages = with pkgs; [
+ radicle-tui
+ radicle-desktop
+ ];
+
+ programs.radicle = {
+ enable = true;
+ settings = {
+ connect = ["z6MkjLnQeLFcgE2AQ3BRMYGr3npNnctcGpABZLEHpmvHdrjX@seed.toph.so:8776"];
+ node.alias = "toph";
+ };
+ };
+}
diff --git a/homes/x86_64-linux/christopher@cobalt/default-applications.nix b/homes/x86_64-linux/christopher@cobalt/default-applications.nix
new file mode 100644
index 0000000..668391a
--- /dev/null
+++ b/homes/x86_64-linux/christopher@cobalt/default-applications.nix
@@ -0,0 +1,25 @@
+{pkgs, ...}: {
+ home.packages = with pkgs; [
+ # Simple browsers for HTML
+ qutebrowser
+ pkgs._elements.firefox-with-context # Open URLs in different browser profiles based on context
+ ];
+
+ xdg.mimeApps = {
+ enable = true;
+
+ defaultApplicationPackages = with pkgs; [
+ kdePackages.gwenview # image viewer
+ kdePackages.okular # pdf viewer
+ kdePackages.ark # Archives
+ vlc # Video player
+ ];
+
+ # Only want to use qute for HTML files, not URLs
+ defaultApplications = {
+ "text/html" = "qutebrowser";
+ "x-scheme-handler/http" = "firefox-with-context";
+ "x-scheme/handler/https" = "firefox-with-context";
+ };
+ };
+}
diff --git a/homes/x86_64-linux/christopher@cobalt/default.nix b/homes/x86_64-linux/christopher@cobalt/default.nix
index a8db0b1..d1644fe 100644
--- a/homes/x86_64-linux/christopher@cobalt/default.nix
+++ b/homes/x86_64-linux/christopher@cobalt/default.nix
@@ -1,15 +1,20 @@
{
pkgs,
config,
- # inputs,
+ lib,
+ inputs,
...
} @ all: {
imports =
[
+ # inputs.ovos.homeManagerModules.default
+
./ssh.nix
+ ./email.nix
./gpg
./niri
./stylix.nix
+ ./default-applications.nix
./misc/launcher.nix
./misc/browser.nix
./misc/gaming.nix
@@ -18,7 +23,6 @@
./misc/recording.nix
./misc/everything.nix # TODO: Determine if we really always want all these programs or they should be composable
./global/current-packages.nix
- # inputs.ovos.homeManagerModules.default
]
++ (import ./config.nix all);
@@ -28,6 +32,7 @@
needs = {
repoUpdatePAT = "repo-update-pat.age";
+ emailPassword = "email-password.age";
npmrc = {
rekeyFile = "npmrc.age";
path = "${config.home.homeDirectory}/.npmrc";
@@ -37,18 +42,125 @@
elements.kitty.enable = true;
- # services.ovos = {
- # language = "de-de";
+ services = {
+ activitywatch = {
+ enable = true;
+ watchers = {
+ aw-watcher-afk.settings = {
+ timeout = 300;
+ poll_time = 2;
+ };
- # audio = {
- # enable = true;
- # voice = "de_DE-thorsten-medium";
- # logLevel = "DEBUG";
- # };
+ aw-watcher-window.settings = {
+ poll_time = 1;
+ exclude_title = false;
+ };
+ };
+ };
- # listener.enable = true; # STT input (requires microphone)
- # skills.enable = true; # Intent processing
- # };
+ # ovos = {
+ # language = "de-de";
+ #
+ # audio = {
+ # enable = true;
+ # voice = "de_DE-thorsten-medium";
+ # logLevel = "DEBUG";
+ # };
+ #
+ # listener.enable = true; # STT input (requires microphone)
+ # skills.enable = true; # Intent processing
+ # };
+ };
+
+ programs.fastfetch = let
+ ansiLogo = pkgs.fetchFromGitHub {
+ owner = "4DBug";
+ repo = "nix-ansi";
+ rev = "3be6d1d";
+ sha256 = "sha256-QmoyLTDZu7gmkmU25FX6eNZfqqdYoqPaWGJnsSC+kg4=";
+ };
+ in {
+ enable = true;
+ settings = {
+ logo = {
+ type = "file";
+ source = "${ansiLogo}/nix.txt";
+ };
+
+ display.separator = " → ";
+
+ modules = [
+ {
+ type = "title";
+ key = "";
+ }
+
+ "break"
+ {
+ type = "os";
+ key = "os";
+ format = "{2}";
+ }
+ {
+ type = "kernel";
+ key = "";
+ }
+ {
+ type = "packages";
+ key = "";
+ }
+
+ "break"
+ {
+ type = "wm";
+ key = "";
+ }
+ {
+ type = "terminal";
+ key = "";
+ }
+ {
+ type = "shell";
+ key = "";
+ }
+
+ "break"
+ {
+ type = "cpu";
+ key = "";
+ }
+ {
+ type = "gpu";
+ key = "";
+ }
+ {
+ type = "memory";
+ key = "";
+ }
+
+ "break"
+ {
+ type = "disk";
+ key = "";
+ # format = "{mountpoint}";
+ }
+ {
+ type = "swap";
+ key = "";
+ }
+
+ "break"
+ {
+ type = "monitor";
+ key = "";
+ }
+ {
+ type = "keyboard";
+ key = "";
+ }
+ ];
+ };
+ };
home = {
extraOutputsToInstall = ["doc" "devdoc"];
@@ -56,8 +168,6 @@
packages = with pkgs._elements; [
quick-zeal
spawn-term
- to-s3
- generate-wallpaper
];
};
diff --git a/homes/x86_64-linux/christopher@cobalt/email.nix b/homes/x86_64-linux/christopher@cobalt/email.nix
new file mode 100644
index 0000000..7e12714
--- /dev/null
+++ b/homes/x86_64-linux/christopher@cobalt/email.nix
@@ -0,0 +1,89 @@
+{
+ pkgs,
+ config,
+ ...
+}: let
+ serverConfig = {
+ imap.host = "europium.gutentag.games";
+ smtp.host = "europium.gutentag.games";
+
+ userName = "christopher";
+ passwordCommand = "cat ${config.age.secrets.emailPassword.path}";
+ };
+in {
+ programs = {
+ # TODO: Move this into its own file
+ irssi = {
+ enable = true;
+ networks."w3c" = {
+ server.address = "irc.w3c.org";
+ nick = "tophcodes";
+ channels."crdt4rdf".autoJoin = true;
+ };
+ };
+
+ # Syncs my mailbox for other programs to digest more easily
+ mbsync.enable = true;
+
+ # CLI-based email client
+ aerc = {
+ enable = true;
+
+ # This is necessary because `accounts.email` symlinks the configuration
+ # for aerc to use. Since there are no secrets in it, this is safe to do,
+ # so we need to tell aerc to ignore the "too lax" permissions on that file
+ extraConfig = {
+ general = {
+ unsafe-accounts-conf = true;
+ };
+
+ viewer = {
+ # pager = ''
+
+ # '';
+ };
+
+ filters = ''
+ text/plain=less
+ application/pdf=tdf $AERC_FORMAT
+ message/delivery-status=less
+ message/rfc822=less
+ text/html=reader
+ text/*=bat -fP
+ '';
+ };
+ };
+
+ # Query emails via CLI
+ notmuch = {
+ enable = true;
+ hooks = {
+ preNew = "mbsync --all";
+ };
+ };
+ };
+
+ home.packages = with pkgs; [
+ reader
+ tdf
+ ];
+
+ accounts.email = {
+ accounts = {
+ europium =
+ {
+ primary = true;
+ realName = "Christopher Mühl";
+ address = "christopher@muehl.dev";
+
+ aerc.enable = true;
+ notmuch.enable = true;
+ mbsync = {
+ enable = true;
+ create = "maildir";
+ };
+ }
+ // serverConfig;
+ };
+ };
+}
diff --git a/homes/x86_64-linux/christopher@cobalt/misc/browser.nix b/homes/x86_64-linux/christopher@cobalt/misc/browser.nix
index 796737e..65bdd7c 100644
--- a/homes/x86_64-linux/christopher@cobalt/misc/browser.nix
+++ b/homes/x86_64-linux/christopher@cobalt/misc/browser.nix
@@ -1,22 +1,17 @@
-{pkgs, ...}: {
+{...}: {
programs.firefox = {
enable = true;
- profiles."default".id = 0;
- profiles."work".id = 1;
- profiles."prune".id = 3;
- };
-
- home.packages = [pkgs._elements.open-url];
- xdg.mimeApps.enable = true;
- xdg.mimeApps.defaultApplications = {
- "x-scheme-handler/http" = "open-url.desktop";
- "x-scheme-handler/https" = "open-url.desktop";
+ profiles = {
+ "default".id = 0;
+ "work".id = 1;
+ "prune".id = 3;
+ };
};
+ # profile-sync-daemon
services.psd = {
- # profile-sync-daemon
- enable = false;
+ enable = true;
resyncTimer = "10m";
};
}
diff --git a/homes/x86_64-linux/christopher@cobalt/misc/creativity.nix b/homes/x86_64-linux/christopher@cobalt/misc/creativity.nix
index 9cdb225..9ad5393 100644
--- a/homes/x86_64-linux/christopher@cobalt/misc/creativity.nix
+++ b/homes/x86_64-linux/christopher@cobalt/misc/creativity.nix
@@ -5,15 +5,26 @@
...
}: {
home.packages = with pkgs; [
- # 3D printing and engineering
- orca-slicer
+ inputs.affinity-nix.packages.${system}.v3 # adobe suite replacement
+ gmic # greyc's magic
- # Drawing
krita
- inputs.affinity-nix.packages.${system}.v3
+ krita-plugin-gmic
- # Audio
- vcv-rack
- supercollider
+ gimp
+ gimpPlugins.gmic
+ # gimpPlugins.bimp # batch image manipulation, broken atm
+ # rawtherapee
+
+ vcv-rack # eurorack synth simulator
+ supercollider # audio programming language
];
+
+ # - the nixpkgs version crashes once logged in
+ # - flatpaks somehow can't be installed via HM
+ # - need to manually a desktop entry for the flatpak
+ xdg.desktopEntries.bambustudio = {
+ name = "Bambu Studio";
+ exec = "flatpak run com.bambulab.BambuStudio";
+ };
}
diff --git a/homes/x86_64-linux/christopher@cobalt/misc/everything.nix b/homes/x86_64-linux/christopher@cobalt/misc/everything.nix
index 0f2d84e..3777766 100644
--- a/homes/x86_64-linux/christopher@cobalt/misc/everything.nix
+++ b/homes/x86_64-linux/christopher@cobalt/misc/everything.nix
@@ -24,14 +24,7 @@
speedcrunch # GUI calculator app
calibre # eBook Manager
- # Viewers
cider-2 # Apple music player
- vlc # Video player
- xarchiver # Archive viewer/extractor
- zathura # Document viewer
- evince # Document viewer
-
- # element-desktop
fractal # Matrix client
gomuks # Matrix client TUI
telegram-desktop
diff --git a/homes/x86_64-linux/christopher@cobalt/niri/autostart.nix b/homes/x86_64-linux/christopher@cobalt/niri/autostart.nix
index 00395ab..7eb07d7 100644
--- a/homes/x86_64-linux/christopher@cobalt/niri/autostart.nix
+++ b/homes/x86_64-linux/christopher@cobalt/niri/autostart.nix
@@ -4,9 +4,8 @@
...
}: {
programs.niri.settings.spawn-at-startup = with lib._elements; [
- {argv = ["mako"];}
- {argv = ["awww-daemon"];}
- {argv = ["awww" "img" "${fixture "wallpapers/cat-vibes.webp"}"];}
+ # {argv = ["awww-daemon"];}
+ # {argv = ["awww" "img" "${fixture "wallpapers/cat-vibes.webp"}"];}
{argv = ["kitty"];}
];
diff --git a/homes/x86_64-linux/christopher@cobalt/niri/default.nix b/homes/x86_64-linux/christopher@cobalt/niri/default.nix
index 4dbe2a7..7797f95 100644
--- a/homes/x86_64-linux/christopher@cobalt/niri/default.nix
+++ b/homes/x86_64-linux/christopher@cobalt/niri/default.nix
@@ -9,11 +9,8 @@
./keybinds.nix
./autostart.nix
./shell.nix
- ./notifications.nix
];
- programs.niri.package = pkgs.niri;
-
home.packages = with pkgs; [
fuzzel
inputs.awww.packages.${pkgs.stdenv.hostPlatform.system}.awww
diff --git a/homes/x86_64-linux/christopher@cobalt/niri/keybinds.nix b/homes/x86_64-linux/christopher@cobalt/niri/keybinds.nix
index 1816b20..7c3918b 100644
--- a/homes/x86_64-linux/christopher@cobalt/niri/keybinds.nix
+++ b/homes/x86_64-linux/christopher@cobalt/niri/keybinds.nix
@@ -7,6 +7,7 @@
binds = with config.lib.niri.actions; {
"Mod+space".action = spawn "fuzzel";
"Mod+e".action = spawn "dolphin";
+ "Mod+d".action = spawn "zeal"; # Documentation viewer
"Mod+c".action = spawn "${pkgs._elements.spawn-term}/bin/spawn-term";
"Mod+g".action = spawn "${pkgs._elements.hg-picker}/bin/hg-picker";
diff --git a/homes/x86_64-linux/christopher@cobalt/niri/notifications.nix b/homes/x86_64-linux/christopher@cobalt/niri/notifications.nix
deleted file mode 100644
index 4f4692e..0000000
--- a/homes/x86_64-linux/christopher@cobalt/niri/notifications.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{
- config,
- pkgs,
- ...
-}: {
- services.mako = {
- enable = true;
-
- settings = {
- max-visible = 5;
- #actions = true;
- # icons = true;
- # default-timeout = 10000; # in ms
- # border-radius = 3;
- # markup = true;
- };
- };
-}
diff --git a/homes/x86_64-linux/christopher@cobalt/niri/settings.nix b/homes/x86_64-linux/christopher@cobalt/niri/settings.nix
index ddd9f8a..da78313 100644
--- a/homes/x86_64-linux/christopher@cobalt/niri/settings.nix
+++ b/homes/x86_64-linux/christopher@cobalt/niri/settings.nix
@@ -2,81 +2,55 @@
config,
pkgs,
...
-}: let
- round = tl: tr: bl: br: {
- bottom-left = bl;
- bottom-right = br;
- top-left = tl;
- top-right = tr;
- };
+}: {
+ programs.niri.settings = {
+ prefer-no-csd = true;
- r = 24.0;
- # rounded-corners = round r r r r;
- # rounded-corners-l = round r 0.0 0.0 r;
- rounded-corners-r = round 0.0 r r 0.0;
-in {
- programs.niri = {
- settings = {
- prefer-no-csd = true;
+ debug.honor-xdg-activation-with-invalid-serial = true;
- layout = {
- background-color = "#ac8887";
- focus-ring.enable = true;
+ layout = {
+ always-center-single-column = true;
+ background-color = "transparent";
+ focus-ring.enable = true;
+ gaps = 12; # 24 before
+ shadow.enable = true;
+ };
- gaps = 24;
- shadow = {
- enable = true;
- };
+ overview = {
+ workspace-shadow.enable = false;
+ };
+
+ # workspaces = {
+ # "streaming" = { };
+ # };
+
+ input = {
+ # disable-power-key-handling = true;
+ keyboard.xkb = {
+ layout = "us";
+ variant = "intl";
};
+ };
- window-rules = [
- {
- opacity = 0.95;
- clip-to-geometry = true;
- geometry-corner-radius = rounded-corners-r;
- }
- {
- matches = [{is-focused = true;}];
-
- # opacity = 0.98;
- focus-ring = {
- width = 2;
- };
- }
- ];
-
- input = {
- # disable-power-key-handling = true;
- keyboard.xkb = {
- layout = "us";
- variant = "intl";
- };
+ outputs = {
+ "DP-3" = {
+ position.x = 3840;
+ position.y = -430;
+ transform.rotation = 90;
};
-
- outputs = {
- "DP-3" = {
- position.x = 3840;
- position.y = -430;
- transform = {
- rotation = 90;
- };
- };
- "HDMI-A-1" = {
- position.x = 0;
- position.y = 0;
- focus-at-startup = true;
- };
+ "HDMI-A-1" = {
+ position.x = 0;
+ position.y = 0;
+ focus-at-startup = true;
};
+ };
- environment = {
- # CLUTTER_BACKEND = "wayland";
- MOZ_ENABLE_WAYLAND = "1";
- # QT_QPA_PLATFORM = "wayland";
- QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
- ELECTRON_OZONE_PLATFORM_HINT = "auto";
- XDG_SESSION_TYPE = "wayland";
- XDG_CURRENT_DESKTOP = "niri";
- };
+ environment = {
+ MOZ_ENABLE_WAYLAND = "1";
+ QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
+ ELECTRON_OZONE_PLATFORM_HINT = "auto";
+ XDG_SESSION_TYPE = "wayland";
+ XDG_CURRENT_DESKTOP = "niri";
};
};
}
diff --git a/homes/x86_64-linux/christopher@cobalt/niri/shell.nix b/homes/x86_64-linux/christopher@cobalt/niri/shell.nix
index bb38f06..7797070 100644
--- a/homes/x86_64-linux/christopher@cobalt/niri/shell.nix
+++ b/homes/x86_64-linux/christopher@cobalt/niri/shell.nix
@@ -1,12 +1,64 @@
{
+ inputs,
pkgs,
+ lib,
...
}: {
- programs.quickshell = {
- enable = true;
- systemd = {
+ imports = [
+ inputs.noctalia.homeModules.default
+ ];
+
+ programs = {
+ noctalia-shell = {
enable = true;
- target = "graphical-session.target";
+ systemd.enable = true;
+
+ settings = {
+ general.radiusRatio = 0.5;
+
+ location = {
+ name = "Blankenbach, Germany";
+ showWeekNumberInCalendar = true;
+ };
+
+ bar = {
+ position = "left";
+ density = "comfortable";
+ floating = true;
+ marginHorizontal = 0.73;
+ marginVertical = 0.73;
+
+ widgets = {
+ left = [
+ {id = "ControlCenter";}
+ {id = "SystemMonitor";}
+ ];
+
+ center = [
+ # {id = "MediaMini";}
+ {id = "Workspace";}
+ ];
+
+ right = [
+ {id = "Tray";}
+ {id = "ScreenRecorder";}
+ {id = "Volume";}
+ {id = "NotificationHistory";}
+ {id = "Clock";}
+ ];
+ };
+ };
+
+ wallpaper = {
+ enabled = true;
+ overviewEnabled = false;
+ directory = "/nix/elements/fixtures/wallpapers";
+ recursiveSearch = false;
+ randomEnabled = true;
+ };
+ };
};
+
+ quickshell.enable = true;
};
}
diff --git a/homes/x86_64-linux/christopher@cobalt/niri/window-rules.nix b/homes/x86_64-linux/christopher@cobalt/niri/window-rules.nix
index eb7348a..197a86d 100644
--- a/homes/x86_64-linux/christopher@cobalt/niri/window-rules.nix
+++ b/homes/x86_64-linux/christopher@cobalt/niri/window-rules.nix
@@ -15,26 +15,55 @@
rounded-left = borders radius 0.0 0.0 radius;
rounded-right = borders 0.0 radius radius 0.0;
in {
- programs.niri.settings.window-rules = [
- {
- opacity = 0.95;
- clip-to-geometry = true;
- geometry-corner-radius = rounded-left;
- }
- {
- matches = [
- {is-focused = true;}
- ];
+ programs.niri.settings = {
+ layer-rules = [
+ {
+ matches = [{namespace = "^noctalia-wallpaper*";}];
+ place-within-backdrop = true;
+ }
+ ];
- focus-ring.width = 2;
- }
- {
- matches = [
- {app-id = "1password";}
- {app-id = "thunderbird";}
- ];
+ window-rules = [
+ {
+ clip-to-geometry = true;
+ geometry-corner-radius = rounded-left;
+ }
+ {
+ matches = [{is-focused = true;}];
+ focus-ring.width = 2;
+ }
+ {
+ matches = [
+ {app-id = "1password";}
+ {app-id = "thunderbird";}
+ ];
- block-out-from = "screencast";
- }
- ];
+ block-out-from = "screencast";
+ }
+ {
+ matches = [{app-id = "kitty";}];
+ opacity = 0.97;
+ }
+ {
+ matches = [{title = "ld.toph.so";}];
+ default-column-width = {proportion = 0.75;};
+ open-floating = true;
+ opacity = 1.0;
+
+ min-width = 500;
+ max-width = 1000;
+ min-height = 500;
+ max-height = 800;
+
+ block-out-from = "screencast";
+ }
+ {
+ matches = [
+ {app-id = "org.zealdocs.zeal";}
+ {app-id = "speedcrunch";}
+ ];
+ open-floating = true;
+ }
+ ];
+ };
}
diff --git a/homes/x86_64-linux/christopher@cobalt/stylix.nix b/homes/x86_64-linux/christopher@cobalt/stylix.nix
index f00c84d..1b378cc 100644
--- a/homes/x86_64-linux/christopher@cobalt/stylix.nix
+++ b/homes/x86_64-linux/christopher@cobalt/stylix.nix
@@ -1,14 +1,21 @@
{
- config,
inputs,
pkgs,
...
}: {
imports = [inputs.stylix.homeModules.stylix];
+ home.packages = with pkgs; [
+ # themes firefox with wallpaper theme
+ pywalfox-native
+ ];
+
stylix = {
enable = true;
- base16Scheme = "${pkgs.base16-schemes}/share/themes/rose-pine-dawn.yaml";
+ autoEnable = true;
+
+ # TODO: Figure out a way for automatic dark-/light-mode switching
+ base16Scheme = "${pkgs.base16-schemes}/share/themes/rose-pine-moon.yaml";
targets.firefox.profileNames = ["default" "work" "streaming"];
@@ -18,12 +25,5 @@
name = "BreezeX-RosePineDawn-Linux";
size = 32;
};
-
- fonts.sizes = {
- applications = 12;
- terminal = 13;
- desktop = 10;
- popups = 10;
- };
};
}
diff --git a/modules/common/nix.nix b/modules/common/nix.nix
index 5c4de08..dd48095 100644
--- a/modules/common/nix.nix
+++ b/modules/common/nix.nix
@@ -1,10 +1,11 @@
{
- self,
pkgs,
config,
...
}: {
nix = {
+ package = pkgs.lixPackageSets.stable.lix;
+
# Automatic cleanup
gc.automatic = true;
gc.dates = "weekly";
diff --git a/modules/home/common/helix/default.nix b/modules/home/common/helix/default.nix
index 1e7dfb4..2539a3c 100644
--- a/modules/home/common/helix/default.nix
+++ b/modules/home/common/helix/default.nix
@@ -9,12 +9,17 @@
editor = {
rulers = [80];
shell = ["nu" "-c"];
- line-number = "relative";
+ bufferline = "always";
+ auto-save = true;
auto-format = true;
+
file-picker.hidden = false;
# TODO: Why does the clipboard not work?
+ #
+ #
+ #
# clipboard-provider.custom = {
# yank = {command = "wl-copy";};
# paste = {command = "wl-paste";};
diff --git a/modules/home/common/terminal/shell/fish.nix b/modules/home/common/terminal/shell/fish.nix
index 6ad1482..1507473 100644
--- a/modules/home/common/terminal/shell/fish.nix
+++ b/modules/home/common/terminal/shell/fish.nix
@@ -31,7 +31,27 @@ in {
preferAbbrs = true;
shellAbbrs = {
- elm = "elements";
+ "elm" = "elements";
+
+ # Git related
+ "ga" = "git add";
+ "gb" = "git branch";
+ "gst" = "git status";
+ "gbl" = "git blame";
+ "grs" = "git restore --staged";
+ "gcm" = "git commit -m \"%\"";
+
+ "iso-date" = "date -u +\"%Y-%m-%dT%H:%M:%SZ\"";
+
+ "jf" = "sudo journalctl -f -u";
+ "sys stat" = "systemctl status";
+ "sys up" = "systemctl start";
+ "sys down" = "systemctl stop";
+ "sys re" = "systemctl restart";
+ "-C" = {
+ position = "anywhere";
+ expansion = "--color";
+ };
};
};
}
diff --git a/modules/home/common/terminal/shell/prompt.nix b/modules/home/common/terminal/shell/prompt.nix
index ab07e8a..d7cf828 100644
--- a/modules/home/common/terminal/shell/prompt.nix
+++ b/modules/home/common/terminal/shell/prompt.nix
@@ -6,8 +6,6 @@ in {
enableNushellIntegration = config.programs.nushell.enable;
enableFishIntegration = config.programs.fish.enable;
- # Original settings taken from `catppuccin_frappe`, and adjusted to my
- # likings and usage.
settings = {
"$schema" = "https://raw.githubusercontent.com/JanDeDobbeleer/oh-my-posh/main/themes/schema.json";
version = 3;
@@ -30,10 +28,10 @@ in {
newline = true;
segments = [
{
- foreground = "p:os";
+ foreground = "p:blue";
style = "plain";
- template = "{{ .Icon }} ";
- type = "os";
+ template = "{{ .UserName }}@{{ .HostName }} ";
+ type = "session";
}
{
foreground = "p:pink";
@@ -51,12 +49,6 @@ in {
};
};
}
- {
- foreground = "p:blue";
- style = "plain";
- template = "{{ .UserName }}@{{ .HostName }} ";
- type = "session";
- }
{
foreground = "p:lavender";
template = "{{ .HEAD }} ";
diff --git a/modules/home/gui/kitty.nix b/modules/home/gui/kitty.nix
index 83bdb62..fb22e6d 100644
--- a/modules/home/gui/kitty.nix
+++ b/modules/home/gui/kitty.nix
@@ -19,8 +19,9 @@ in {
enable = true;
settings = {
- window_padding_width = "5 10";
+ window_padding_width = "3 3";
paste_actions = "no-op";
+ # font_family = "Monaspace Neon NF";
};
actionAliases = {
@@ -29,7 +30,7 @@ in {
extraConfig = ''
shell ${pkgs.fish}/bin/fish
- modify_font cell_height 7px
+ # modify_font cell_height 7px
'';
};
diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix
index ad94807..8edd9c3 100644
--- a/modules/nixos/services/default.nix
+++ b/modules/nixos/services/default.nix
@@ -3,5 +3,6 @@
./lnxlink.nix
./beszel.nix
./ollama.nix
+ ./traefik.nix
];
}
diff --git a/modules/nixos/services/traefik.nix b/modules/nixos/services/traefik.nix
new file mode 100644
index 0000000..b7fbd34
--- /dev/null
+++ b/modules/nixos/services/traefik.nix
@@ -0,0 +1,135 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ cfg = config.services.traefik;
+
+ routeOptions = lib.types.submodule {
+ options = {
+ rule = lib.mkOption {
+ type = lib.types.str;
+ example = "Host(`example.com`)";
+ description = "Traefik routing rule";
+ };
+
+ url = lib.mkOption {
+ type = lib.types.str;
+ example = "http://localhost:8096";
+ description = "Backend service URL";
+ };
+
+ entryPoints = lib.mkOption {
+ type = lib.types.listOf lib.types.str;
+ default = ["websecure"];
+ description = "Entry points for this route";
+ };
+
+ certResolver = lib.mkOption {
+ type = lib.types.str;
+ default = "letsencrypt";
+ description = "Certificate resolver to use";
+ };
+
+ middlewares = lib.mkOption {
+ type = lib.types.listOf lib.types.str;
+ default = [];
+ description = "Middlewares to apply to this route";
+ example = ["auth" "compress"];
+ };
+ };
+ };
+
+ mkRouter = service: routeCfg:
+ {
+ inherit service;
+ rule = routeCfg.rule;
+ entryPoints = routeCfg.entryPoints;
+ tls.certResolver = routeCfg.certResolver;
+ }
+ // lib.optionalAttrs (routeCfg.middlewares != []) {
+ middlewares = routeCfg.middlewares;
+ };
+
+ mkService = name: routeCfg: {
+ loadBalancer.servers = [
+ {url = routeCfg.url;}
+ ];
+ };
+
+ dynamicConfigOptions = {
+ http = {
+ routers = lib.mapAttrs mkRouter cfg.routes;
+ services = lib.mapAttrs mkService cfg.routes;
+ };
+ };
+in {
+ options.services.traefik = {
+ postmasterEmail = lib.mkOption {
+ type = lib.types.str;
+ example = "email@example.com";
+ description = "The email address of the postmaster";
+ };
+
+ routes = lib.mkOption {
+ type = lib.types.attrsOf routeOptions;
+ default = {};
+ description = "Simple route definitions for Traefik";
+ example = lib.literalExpression ''
+ {
+ solid-pod = {
+ rule = "Host(`solid.my.dev`)";
+ url = "http://localhost:8096";
+ };
+ radicle = {
+ rule = "Host(`radicle.my.dev`)";
+ url = "http://localhost:8097";
+ };
+ }
+ '';
+ };
+ };
+
+ config = lib.mkIf (cfg.enable && cfg.routes != {}) {
+ networking.firewall.allowedTCPPorts = [80 443];
+
+ services.traefik = {
+ inherit dynamicConfigOptions;
+ staticConfigOptions = {
+ entryPoints = {
+ web = {
+ address = ":80";
+ asDefault = true;
+ http.redirections.entrypoint = {
+ to = "websecure";
+ scheme = "https";
+ };
+ };
+
+ websecure = {
+ address = ":443";
+ asDefault = true;
+ http.tls.certResolver = "letsencrypt";
+ };
+ };
+
+ log = {
+ level = "DEBUG";
+ filePath = "${config.services.traefik.dataDir}/traefik.log";
+ format = "json";
+ };
+
+ certificatesResolvers.letsencrypt.acme = {
+ email = config.services.traefik.postmasterEmail;
+ storage = "${config.services.traefik.dataDir}/acme.json";
+
+ # dnsChallenge.provider = "cloudflare";
+ # TODO: Declaratively determine whether to use staging or production
+ # based on whether we are in testing.
+ # caServer = "";
+ httpChallenge.entryPoint = "web";
+ };
+ };
+ };
+ };
+}
diff --git a/modules/nixos/wm/default.nix b/modules/nixos/wm/default.nix
index 5dac7fe..c832e54 100644
--- a/modules/nixos/wm/default.nix
+++ b/modules/nixos/wm/default.nix
@@ -16,11 +16,11 @@ in {
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
- kdePackages.discover
- kdePackages.kclock
- kdePackages.kcharselect
- kdePackages.kolourpaint
- kdePackages.ksystemlog
+ # kdePackages.discover
+ # kdePackages.kclock
+ # kdePackages.kcharselect
+ # kdePackages.kolourpaint
+ # kdePackages.ksystemlog
wayland-utils
wl-clipboard
libsForQt5.qtstyleplugin-kvantum
@@ -33,19 +33,16 @@ in {
package = pkgs.niri;
};
+ # niri-flake.cache.enable = false;
+
services.xserver = {
enable = true;
};
+ # TODO: Switch this to Niri!
services.desktopManager.plasma6.enable = true;
services.displayManager = {
- defaultSession = "plasma";
-
- # SDDM is broken
- # gdm = {
- # enable = true;
- # wayland = true;
- # };
+ defaultSession = "niri";
sddm = {
enable = true;
@@ -53,11 +50,12 @@ in {
};
};
- xdg.portal = {
+ xdg.portal = with pkgs; {
enable = true;
xdgOpenUsePortal = true;
- extraPortals = [pkgs.xdg-desktop-portal-gtk];
- configPackages = [pkgs.xdg-desktop-portal-gtk];
+
+ extraPortals = [xdg-desktop-portal-gnome xdg-desktop-portal-gtk];
+ #E configPackages = [pkgs.xdg-desktop-portal-gtk];
config.common.default = "gtk";
};
diff --git a/overlays/lix/default.nix b/overlays/lix/default.nix
new file mode 100644
index 0000000..4239ca6
--- /dev/null
+++ b/overlays/lix/default.nix
@@ -0,0 +1,9 @@
+{channels, ...}: final: prev: {
+ inherit
+ (prev.lixPackageSets.stable)
+ nixpkgs-review
+ nix-eval-jobs
+ nix-fast-build
+ colmena
+ ;
+}
diff --git a/overlays/unstable/default.nix b/overlays/unstable/default.nix
index 3106845..e4fec34 100644
--- a/overlays/unstable/default.nix
+++ b/overlays/unstable/default.nix
@@ -10,46 +10,12 @@
claude-code
lutris
ollama
+ dokieli
+ nix-init
+ atuin-desktop
# currently doesn't build on unstable
# open-webui
;
- bambu-studio = channels.unstable.bambu-studio.overrideAttrs (old: let
- newVersion = "02.03.00.70";
- in {
- version = newVersion;
- src = prev.fetchFromGitHub {
- owner = "bambulab";
- repo = "BambuStudio";
- rev = "v${newVersion}";
- hash = "sha256-2duNeSBi2WvsAUxkzTbKH+SiliNovc7LVICTzgQkrN8=";
- };
-
- nativeBuildInputs = (old.nativeBuildInputs or []) ++ [prev.cmake prev.pkg-config];
-
- postPatch =
- (old.postPatch or "")
- + ''
- # Remove cereal-Links (link does not work, havent seen anything breaking from this change).
- # Disclaimera; This patch is AI generated
- grep -RIl "target_link_libraries" . | while read -r f; do
- sed -i \
- -e 's/\bcereal::cereal\b//g' \
- -e 's/[[:space:]]\bcereal\b//g' \
- "$f"
- done
- '';
-
- postInstall =
- (old.postInstall or "")
- + ''
- wrapProgram $out/bin/bambu-studio --set GBM_BACKEND dri
- '';
-
- cmakeFlags =
- (old.cmakeFlags or [])
- ++ [
- "-DCMAKE_POLICY_VERSION_MINIMUM=3.5"
- ];
- });
+ inherit (channels.master) install-nothing;
}
diff --git a/packages/dedoc/default.nix b/packages/dedoc/default.nix
new file mode 100644
index 0000000..45e35ab
--- /dev/null
+++ b/packages/dedoc/default.nix
@@ -0,0 +1,30 @@
+{
+ lib,
+ pkgs,
+ ...
+}:
+pkgs.rustPlatform.buildRustPackage rec {
+ pname = "dedoc";
+ version = "0.2.9";
+
+ src = pkgs.fetchFromGitHub {
+ owner = "toiletbril";
+ repo = "dedoc";
+ rev = version;
+ hash = "sha256-B/lZ1G/C/VnSO8Rk67Lhf+hgh97nVooLAu6TxxT0VGs=";
+ };
+
+ postPatch = ''
+ substituteInPlace Cargo.toml --replace "1.92" "1.91"
+ '';
+
+ cargoHash = "sha256-gW7DXJVAxZTTlUD/7+UL0Hk1xeL+HDByfgnoVQRZaOI=";
+
+ meta = {
+ description = "Terminal based viewer for DevDocs";
+ homepage = "https://github.com/toiletbril/dedoc";
+ license = lib.licenses.gpl3Only;
+ maintainers = with lib.maintainers; [];
+ mainProgram = "dedoc";
+ };
+}
diff --git a/packages/oxigraph/default.nix b/packages/oxigraph/default.nix
new file mode 100644
index 0000000..b0304f3
--- /dev/null
+++ b/packages/oxigraph/default.nix
@@ -0,0 +1,35 @@
+{
+ lib,
+ stdenv,
+ fetchurl,
+}:
+
+stdenv.mkDerivation rec {
+ pname = "oxigraph";
+ version = "0.5.3-post.1";
+
+ src = fetchurl {
+ url = "https://github.com/oxigraph/oxigraph/releases/download/v${version}/oxigraph_v${version}_x86_64_linux_gnu";
+ hash = "sha256-6yLJ8wuhGu2GoCWMji+Lt1WoDZxRmTLXVMwKb3+ByRQ=";
+ };
+
+ dontUnpack = true;
+ dontBuild = true;
+
+ installPhase = ''
+ runHook preInstall
+ mkdir -p $out/bin
+ cp $src $out/bin/oxigraph
+ chmod +x $out/bin/oxigraph
+ runHook postInstall
+ '';
+
+ meta = with lib; {
+ description = "SPARQL graph database";
+ homepage = "https://github.com/oxigraph/oxigraph";
+ license = with licenses; [asl20 mit];
+ maintainers = [];
+ mainProgram = "oxigraph";
+ platforms = ["x86_64-linux"];
+ };
+}
diff --git a/packages/scripts/firefox-with-context/default.nix b/packages/scripts/firefox-with-context/default.nix
new file mode 100644
index 0000000..bf9f489
--- /dev/null
+++ b/packages/scripts/firefox-with-context/default.nix
@@ -0,0 +1,39 @@
+{pkgs, ...}: let
+ name = "firefox-with-context";
+in
+ pkgs.stdenv.mkDerivation (finalAttrs: {
+ inherit name;
+ pname = name;
+
+ src = pkgs.writeShellApplication {
+ inherit name;
+ text = builtins.readFile ./firefox-with-context;
+ };
+
+ nativeBuildInputs = [pkgs.copyDesktopItems];
+
+ installPhase = ''
+ runHook preInstall
+
+ mkdir -p $out/bin
+ cp ${finalAttrs.src}/bin/${name} $out/bin/
+
+ runHook postInstall
+ '';
+
+ desktopItems = [
+ (pkgs.makeDesktopItem
+ {
+ inherit name;
+ desktopName = "Firefox with context";
+ noDisplay = true;
+ exec = "${name} %u";
+ comment = "Open the given URL in a browser-profile based on context";
+
+ mimeTypes = [
+ "x-scheme-handler/http"
+ "x-scheme-handler/https"
+ ];
+ })
+ ];
+ })
diff --git a/packages/scripts/open-url/open-url b/packages/scripts/firefox-with-context/firefox-with-context
similarity index 100%
rename from packages/scripts/open-url/open-url
rename to packages/scripts/firefox-with-context/firefox-with-context
diff --git a/packages/scripts/hg-picker/default.nix b/packages/scripts/hg-picker/default.nix
index 403d52e..7b3b895 100644
--- a/packages/scripts/hg-picker/default.nix
+++ b/packages/scripts/hg-picker/default.nix
@@ -7,7 +7,7 @@ pkgs.writeShellApplication {
REPO=$(cat "$HOME/.gh/hausgold-repos" | fuzzel -d)
if [[ -n $REPO ]]; then
- open-url "$BASE_URI$REPO"
+ xdg-open "$BASE_URI$REPO"
fi
'';
}
diff --git a/packages/scripts/open-url/default.nix b/packages/scripts/open-url/default.nix
deleted file mode 100644
index b669a9c..0000000
--- a/packages/scripts/open-url/default.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-{pkgs, ...}: let
- name = "open-url";
- bin = pkgs.writeShellApplication {
- inherit name;
- text = builtins.readFile ./open-url;
- };
-
- desktopItem = pkgs.makeDesktopItem {
- inherit name;
- desktopName = "Open URL in a Browser";
- comment = "Open the given URL in a browser-profile based on context";
- mimeTypes = ["x-scheme-handler/http" "x-scheme-handler/https"];
- exec = "${bin}/bin/${name} %u";
- };
-in
- pkgs.symlinkJoin {
- inherit name;
- paths = [bin desktopItem];
- }
diff --git a/secrets/email-password.age b/secrets/email-password.age
new file mode 100644
index 0000000..a1b7431
--- /dev/null
+++ b/secrets/email-password.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> X25519 FxzW013H5eWjl5KNyS+pCKEluVp/UU0f8Qt+G3tWmnE
+7XhoRKOcwIF1QyDHQWllmDFYctCa+wyaegJ35NmDnjA
+-> piv-p256 Kmn3OQ AoXBBi1l/34c00/oQfuz6cxCm9ckXiMmr1oCa92yVRah
+8HR8EKHm3SrAxTQHMQtpIi2DRKp4d/mRe4qmZLojghU
+-> `D/LpQ-grease
+z59Tqdo5QJAUeT008VkND/26In5rpwm93mDyoGJi4XJpAsdrknCeflIPlvhEk3oM
+zQDT1wwwCu0a
+--- KrJsfh/1W9balEhA0OHmuYWY5W+TKeD/AzNdlIfo49M
+2�ɘ,q]z0lG�dI3h�j2�Y�0bw~d6
\ No newline at end of file
diff --git a/secrets/radicle.age b/secrets/radicle.age
new file mode 100644
index 0000000..890208c
Binary files /dev/null and b/secrets/radicle.age differ
diff --git a/secrets/radicle.pub.age b/secrets/radicle.pub.age
new file mode 100644
index 0000000..941e555
Binary files /dev/null and b/secrets/radicle.pub.age differ
diff --git a/secrets/rekeyed/alvin/4d69517f795180e7624327785e4dc2e0-radiclePrivateKey.age b/secrets/rekeyed/alvin/4d69517f795180e7624327785e4dc2e0-radiclePrivateKey.age
new file mode 100644
index 0000000..aa703e9
Binary files /dev/null and b/secrets/rekeyed/alvin/4d69517f795180e7624327785e4dc2e0-radiclePrivateKey.age differ
diff --git a/secrets/rekeyed/alvin/7e5c19aa43c8da31e2b8a805c08871d4-victoriametricsPasswordFile.age b/secrets/rekeyed/alvin/7e5c19aa43c8da31e2b8a805c08871d4-victoriametricsPasswordFile.age
new file mode 100644
index 0000000..1c1a4dd
Binary files /dev/null and b/secrets/rekeyed/alvin/7e5c19aa43c8da31e2b8a805c08871d4-victoriametricsPasswordFile.age differ
diff --git a/secrets/rekeyed/alvin/88cd17db4123b6ee80589c9f0b475256-radiclePublicKey.age b/secrets/rekeyed/alvin/88cd17db4123b6ee80589c9f0b475256-radiclePublicKey.age
new file mode 100644
index 0000000..3ff559a
Binary files /dev/null and b/secrets/rekeyed/alvin/88cd17db4123b6ee80589c9f0b475256-radiclePublicKey.age differ
diff --git a/secrets/rekeyed/christopher_cobalt/a3984008ff2b9a3226656619c81e4c47-emailPassword.age b/secrets/rekeyed/christopher_cobalt/a3984008ff2b9a3226656619c81e4c47-emailPassword.age
new file mode 100644
index 0000000..4dd93b0
--- /dev/null
+++ b/secrets/rekeyed/christopher_cobalt/a3984008ff2b9a3226656619c81e4c47-emailPassword.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 Sih9FA 6cECI8dFrJxfryE9CMqvln5gtlLeiaperg5rptHx0GI
+AsCg77lOWyeKsY5Rjd2OwHq8P5K1LBw3pX6rWqcP3oo
+-> P-grease =j@@ @
+QP4YAHktdAGUTj1arv43
+--- rxF03h8ttUmPO2vx1u/Xuxys4kkGpZINwlsdVHJ1ESg
+=0j�Y���\���-7�Q
K(uz�@:p�q#'t+g6
\ No newline at end of file
diff --git a/secrets/rekeyed/christopher_cobalt/dcb82593014313ac12faa7a33834a1aa-config.age b/secrets/rekeyed/christopher_cobalt/dcb82593014313ac12faa7a33834a1aa-config.age
new file mode 100644
index 0000000..5dc9754
Binary files /dev/null and b/secrets/rekeyed/christopher_cobalt/dcb82593014313ac12faa7a33834a1aa-config.age differ
diff --git a/secrets/rekeyed/christopher_cobalt/ed09b6b5d3b63d4794137e3cbdad53c9-config.age b/secrets/rekeyed/christopher_cobalt/ed09b6b5d3b63d4794137e3cbdad53c9-config.age
deleted file mode 100644
index e9ca7c0..0000000
Binary files a/secrets/rekeyed/christopher_cobalt/ed09b6b5d3b63d4794137e3cbdad53c9-config.age and /dev/null differ
diff --git a/secrets/rekeyed/cobalt/744ad1a7e324b40d0805e2ef82d8fc5a-victoriametricsEnvFile.age b/secrets/rekeyed/cobalt/744ad1a7e324b40d0805e2ef82d8fc5a-victoriametricsEnvFile.age
new file mode 100644
index 0000000..250c6de
--- /dev/null
+++ b/secrets/rekeyed/cobalt/744ad1a7e324b40d0805e2ef82d8fc5a-victoriametricsEnvFile.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 /u/eYA uWoNFabVJzmA1L8l124lyvnvAFgsQ9rh/Okags2UrxU
+vGenkj0xh5FbxTnS91XEz2qAoILYZS5skYHaadaNIBo
+-> F"k"3;+O-grease (5t/PH
+zBRuwDmTbpClRyVeC77vgGo4aDE2/KxWdcJK1gXvu60DxzUfyjlF3SjKLGBx4qIp
+
+--- VxGN6ddpUyGJNbtKpOIoo7dZ3Xy1vxX1GA5f3EXef7g
+&`j��Z=s�ޯ8ozҏ�r��%*}�pMu` oK�~
+l��23v�˰
+�9qx�g|c:2.N
b�i�8cdJ*z#�Y[7ƶǑ=}{�g Y`gw��,*\�r/B[ &
\ No newline at end of file
diff --git a/secrets/ssh/config.age b/secrets/ssh/config.age
index 7bafed4..b2aab66 100644
Binary files a/secrets/ssh/config.age and b/secrets/ssh/config.age differ
diff --git a/secrets/victoria-password.age b/secrets/victoria-password.age
new file mode 100644
index 0000000..60d7d55
Binary files /dev/null and b/secrets/victoria-password.age differ
diff --git a/secrets/victoria.env.age b/secrets/victoria.env.age
new file mode 100644
index 0000000..c963a05
Binary files /dev/null and b/secrets/victoria.env.age differ
diff --git a/systems/x86_64-linux/alvin/default.nix b/systems/x86_64-linux/alvin/default.nix
new file mode 100644
index 0000000..e38760c
--- /dev/null
+++ b/systems/x86_64-linux/alvin/default.nix
@@ -0,0 +1,52 @@
+{...}: {
+ imports = [
+ ./hardware.nix
+ ./traefik.nix
+ ./radicle.nix
+ ./static.nix
+ ./victoria.nix
+ ./solid.nix
+ ./oxigraph.nix
+ ./matrix.nix
+ ];
+
+ elements = {
+ hostname = "alvin";
+
+ secrets = {
+ key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBzji6twM8/QdDgFGSUKNmvCm/kEfFMYWZdmgRBbs5Nc";
+ needs.radiclePrivateKey.rekeyFile = "radicle.age";
+ needs.radiclePublicKey.rekeyFile = "radicle.pub.age";
+ needs.victoriametricsPasswordFile.rekeyFile = "victoria-password.age";
+ };
+ };
+
+ boot.tmp.cleanOnBoot = true;
+ zramSwap.enable = true;
+
+ networking = {
+ enableIPv6 = true;
+ firewall = {
+ enable = true;
+ allowedTCPPorts = [22 80 443];
+ };
+ domain = "contaboserver.net";
+
+ defaultGateway = "62.169.24.1";
+ nameservers = ["8.8.8.8" "8.8.4.4"];
+ interfaces.ens18 = {
+ useDHCP = false;
+ ipv4.addresses = [
+ {
+ address = "62.169.31.37";
+ prefixLength = 21;
+ }
+ ];
+ };
+ };
+
+ services.openssh.enable = true;
+ users.users.root.openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO+XpUv6qTqJ7NmYDz9hjvobDBJY9NN3S0TjXD0q2kt2 christopher@cobalt"];
+
+ system.stateVersion = "23.11";
+}
diff --git a/systems/x86_64-linux/alvin/hardware.nix b/systems/x86_64-linux/alvin/hardware.nix
new file mode 100644
index 0000000..329ed8a
--- /dev/null
+++ b/systems/x86_64-linux/alvin/hardware.nix
@@ -0,0 +1,10 @@
+{modulesPath, ...}: {
+ imports = [(modulesPath + "/profiles/qemu-guest.nix")];
+ boot.loader.grub.device = "/dev/sda";
+ boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"];
+ boot.initrd.kernelModules = ["nvme"];
+ fileSystems."/" = {
+ device = "/dev/sda1";
+ fsType = "ext4";
+ };
+}
diff --git a/systems/x86_64-linux/alvin/matrix.nix b/systems/x86_64-linux/alvin/matrix.nix
new file mode 100644
index 0000000..136a212
--- /dev/null
+++ b/systems/x86_64-linux/alvin/matrix.nix
@@ -0,0 +1,36 @@
+{
+ inputs,
+ pkgs,
+ ...
+}: {
+ services = {
+ matrix-synapse = {
+ enable = true;
+
+ settings = {
+ server_name = "aleph.garden";
+ public_baseurl = "https://matrix.aleph.garden";
+
+ listeners = [
+ {
+ port = 8008;
+ type = "http";
+ x_forwarded = true;
+ tls = false;
+ resources = [{names = ["client" "federation"];}];
+ }
+ ];
+ };
+ };
+
+ # mautrix-whatsapp.enable = true;
+ # mautrix-telegram.registerToSynapse = {};
+ # mautrix-signal.registerToSynapse = {};
+ # mautrix-discord.enable = true;
+
+ traefik.routes.matrix = {
+ rule = "Host(`matrix.aleph.garden`)";
+ url = "http://localhost:8008";
+ };
+ };
+}
diff --git a/systems/x86_64-linux/alvin/oxigraph.nix b/systems/x86_64-linux/alvin/oxigraph.nix
new file mode 100644
index 0000000..92c3d15
--- /dev/null
+++ b/systems/x86_64-linux/alvin/oxigraph.nix
@@ -0,0 +1,38 @@
+{pkgs, ...}: {
+ # Create dedicated user and group
+ users.users.oxigraph = {
+ isSystemUser = true;
+ group = "oxigraph";
+ description = "Oxigraph SPARQL database service user";
+ };
+
+ users.groups.oxigraph = {};
+
+ # Configure systemd service
+ systemd.services.oxigraph = {
+ description = "Oxigraph SPARQL database server";
+ after = ["network.target"];
+ wantedBy = ["multi-user.target"];
+
+ serviceConfig = {
+ ExecStart = "${pkgs._elements.oxigraph}/bin/oxigraph serve --location /var/lib/oxigraph --bind 127.0.0.1:7878";
+ Restart = "on-failure";
+ User = "oxigraph";
+ Group = "oxigraph";
+ StateDirectory = "oxigraph";
+
+ # Security hardening
+ NoNewPrivileges = true;
+ PrivateTmp = true;
+ ProtectSystem = "strict";
+ ProtectHome = true;
+ ReadWritePaths = "/var/lib/oxigraph";
+ };
+ };
+
+ # Configure Traefik route for public access
+ services.traefik.routes.sparql = {
+ rule = "Host(`sparql.toph.so`)";
+ url = "http://localhost:7878";
+ };
+}
diff --git a/systems/x86_64-linux/alvin/radicle.nix b/systems/x86_64-linux/alvin/radicle.nix
new file mode 100644
index 0000000..c083d57
--- /dev/null
+++ b/systems/x86_64-linux/alvin/radicle.nix
@@ -0,0 +1,68 @@
+{config, ...}: let
+ nodeAddress = "seed.toph.so";
+ radConfig = config.services.radicle;
+
+ followed = [
+ "z6Mkm1WGVW5Zr6Ubn2aJU7S26Knjum3Y3iSC39zJ8EojRkt9" # toph
+ ];
+ seedRepositories = [
+ "rad:zBNXLtTqUu9LBZHCPFShAeXnp5Gz" # radicle-ci
+ "rad:z254T5p17bdFPmzfDojsdjo4HjpoZ" # radicle-infra
+ ];
+in {
+ services = {
+ radicle = {
+ enable = true;
+
+ publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEihs1RjZ52Vcy+NJuFhiRbEp5SfwND3b3oSjD2V0HTG";
+ privateKeyFile = config.age.secrets.radiclePrivateKey.path;
+
+ httpd = {
+ enable = true;
+ nginx.serverName = nodeAddress;
+ };
+
+ # Seeding node
+ node = {
+ listenAddress = "[::0]";
+ openFirewall = true;
+ };
+
+ settings = {
+ preferredSeeds = [
+ ];
+ node = {
+ alias = nodeAddress;
+ # externalAddresses = ["${nodeAddress}:${builtins.toString radConfig.node.listenPort}"];
+
+ follow = followed;
+ seeds = seedRepositories;
+
+ seedingPolicy = {
+ default = "allow";
+ scope = "all";
+ };
+ };
+ web = {
+ description = ''
+ Hi there! I'm toph, a passionate federated and semantic web developer.
+ This is my main Radicle seed node that I also use to showcase my projects.
+
+ I'll try to seed every repo that I actively use for my code that's also
+ hosted on Radicle.
+
+ Be sure to also check out my GitHub at https://github.com/tophcodes.
+ '';
+ pinned.repositories = [
+ "rad:z4VmSKKMbAqbwqsMXWvyvrxTSAZFS"
+ ];
+ };
+ };
+ };
+
+ traefik.routes.radicle-seed = {
+ rule = "Host(`${nodeAddress}`)";
+ url = "http://localhost:${builtins.toString radConfig.httpd.listenPort}";
+ };
+ };
+}
diff --git a/systems/x86_64-linux/alvin/solid.nix b/systems/x86_64-linux/alvin/solid.nix
new file mode 100644
index 0000000..0af4ae4
--- /dev/null
+++ b/systems/x86_64-linux/alvin/solid.nix
@@ -0,0 +1,83 @@
+{
+ inputs,
+ pkgs,
+ ...
+}: {
+ imports = [
+ inputs.community-solid-server.nixosModules.default
+ ];
+
+ services = {
+ solid-server = {
+ enable = true;
+ rootFilePath = "/var/lib/solid";
+ baseUrl = "https://pod.toph.so";
+
+ configFile = pkgs.writeTextFile {
+ name = "solid.config.json";
+ text = ''
+ {
+ "@context": "https://linkedsoftwaredependencies.org/bundles/npm/@solid/community-server/^7.0.0/components/context.jsonld",
+ "import": [
+ "css:config/app/init/initialize-root-pod.json",
+ "css:config/app/main/default.json",
+ "css:config/app/variables/default.json",
+ "css:config/http/handler/default.json",
+ "css:config/http/middleware/default.json",
+ "css:config/http/notifications/all.json",
+ "css:config/http/server-factory/http.json",
+ "css:config/http/static/default.json",
+ "css:config/identity/access/public.json",
+ "css:config/identity/email/default.json",
+ "css:config/identity/handler/no-accounts-pods.json",
+ "css:config/identity/oidc/default.json",
+ "css:config/identity/ownership/token.json",
+ "css:config/identity/pod/static.json",
+ "css:config/ldp/authentication/dpop-bearer.json",
+ "css:config/ldp/authorization/webacl.json",
+ "css:config/ldp/handler/default.json",
+ "css:config/ldp/metadata-parser/default.json",
+ "css:config/ldp/metadata-writer/default.json",
+ "css:config/ldp/modes/default.json",
+ "css:config/storage/backend/file.json",
+ "css:config/storage/key-value/resource-store.json",
+ "css:config/storage/location/root.json",
+ "css:config/storage/middleware/default.json",
+ "css:config/util/auxiliary/acl.json",
+ "css:config/util/identifiers/suffix.json",
+ "css:config/util/index/default.json",
+ "css:config/util/logging/winston.json",
+ "css:config/util/representation-conversion/default.json",
+ "css:config/util/resource-locker/file.json",
+ "css:config/util/variables/default.json"
+ ],
+ "@graph": [
+ {
+ "comment": [
+ "A Solid server that stores its resources on disk and uses WAC for authorization.",
+ "A pod will be created in the root with the email/password login defined here.",
+ "It is advised to immediately change this password after starting the server."
+ ]
+ },
+ {
+ "@id": "urn:solid-server:default:RootPodInitializer",
+ "@type": "AccountInitializer",
+ "email": "toki@toph.so",
+ "password": "ssecretohno!"
+ }
+ ]
+ }
+ '';
+ };
+ };
+
+ traefik.routes.solid-pod = {
+ rule = "Host(`pod.toph.so`)";
+ url = "http://localhost:3000";
+ };
+ };
+
+ systemd.tmpfiles.rules = [
+ "d /var/lib/solid - - - - -"
+ ];
+}
diff --git a/systems/x86_64-linux/alvin/static.nix b/systems/x86_64-linux/alvin/static.nix
new file mode 100644
index 0000000..ace3ce3
--- /dev/null
+++ b/systems/x86_64-linux/alvin/static.nix
@@ -0,0 +1,21 @@
+{...}: let
+ root = "/var/lib/sws";
+in {
+ imports = [
+ ./static/tophso.nix
+ ./static/radicle-explorer.nix
+ ];
+
+ services = {
+ static-web-server = {
+ enable = true;
+ listen = "[::]:89";
+ inherit root;
+ configuration = {};
+ };
+ };
+
+ systemd.tmpfiles.rules = [
+ "d ${root} - - - - -"
+ ];
+}
diff --git a/systems/x86_64-linux/alvin/static/radicle-explorer.nix b/systems/x86_64-linux/alvin/static/radicle-explorer.nix
new file mode 100644
index 0000000..992d485
--- /dev/null
+++ b/systems/x86_64-linux/alvin/static/radicle-explorer.nix
@@ -0,0 +1,35 @@
+{pkgs, ...}: let
+ name = "radicle.toph.so";
+
+ explorer = pkgs.radicle-explorer.withConfig {
+ preferredSeeds = [
+ {
+ hostname = "seed.toph.so";
+ port = 443;
+ scheme = "https";
+ }
+ ];
+ };
+in {
+ services = {
+ static-web-server.configuration.advanced = {
+ rewrites = [
+ {
+ source = "{**}";
+ destination = "https://${name}/";
+ }
+ ];
+ virtual-hosts = [
+ {
+ host = name;
+ root = explorer;
+ }
+ ];
+ };
+
+ traefik.routes.radicle = {
+ rule = "Host(`${name}`)";
+ url = "http://localhost:89";
+ };
+ };
+}
diff --git a/systems/x86_64-linux/alvin/static/tophso.nix b/systems/x86_64-linux/alvin/static/tophso.nix
new file mode 100644
index 0000000..0b48119
--- /dev/null
+++ b/systems/x86_64-linux/alvin/static/tophso.nix
@@ -0,0 +1,34 @@
+{pkgs, ...}: let
+ name = "toph.so";
+
+ tophso = pkgs.writeTextFile {
+ inherit name;
+ destination = "/index.html";
+ text = ''
+
+
+
+ toph.so
+
+
+
+ Mastodon
+
+
+ '';
+ };
+in {
+ services = {
+ static-web-server.configuration.advanced.virtual-hosts = [
+ {
+ host = name;
+ root = tophso;
+ }
+ ];
+
+ traefik.routes.toph = {
+ rule = "Host(`${name}`)";
+ url = "http://localhost:89";
+ };
+ };
+}
diff --git a/systems/x86_64-linux/alvin/traefik.nix b/systems/x86_64-linux/alvin/traefik.nix
new file mode 100644
index 0000000..4e0312c
--- /dev/null
+++ b/systems/x86_64-linux/alvin/traefik.nix
@@ -0,0 +1,32 @@
+{
+ config,
+ lib,
+ ...
+}: {
+ services.traefik = {
+ enable = true;
+ postmasterEmail = "hosting@muehl.dev";
+
+ # routes = {
+ # staticsite = {
+ # rule = "Host(`toph.so`)";
+ # url = "http://localhost:8080";
+ # };
+
+ # solid-pod = {
+ # rule = "Host(`solid.toph.so`)";
+ # url = "http://localhost:8096";
+ # };
+
+ # radicle = {
+ # rule = "Host(`radicle.toph.so`)";
+ # url = "http://localhost:8097";
+ # };
+
+ # forgejo = {
+ # rule = "Host(`git.toph.so`)";
+ # url = "http://localhost:3000";
+ # };
+ # };
+ };
+}
diff --git a/systems/x86_64-linux/alvin/victoria.nix b/systems/x86_64-linux/alvin/victoria.nix
new file mode 100644
index 0000000..cd9c780
--- /dev/null
+++ b/systems/x86_64-linux/alvin/victoria.nix
@@ -0,0 +1,16 @@
+{config, ...}: {
+ services = {
+ victoriametrics = {
+ enable = true;
+ retentionPeriod = "5y";
+
+ basicAuthUsername = "victoria-with-the-secrets";
+ basicAuthPasswordFile = config.age.secrets.victoriametricsPasswordFile.path;
+ };
+
+ traefik.routes.victoriametrics = {
+ rule = "Host(`vm.toph.so`)";
+ url = "http://localhost:8428";
+ };
+ };
+}
diff --git a/systems/x86_64-linux/beryllium/default.nix b/systems/x86_64-linux/beryllium/default.nix
index da3d383..85c5257 100644
--- a/systems/x86_64-linux/beryllium/default.nix
+++ b/systems/x86_64-linux/beryllium/default.nix
@@ -47,7 +47,7 @@
};
# Enable privileged ports for rootless pods
- boot.kernel.sysctl."net.ipv4.ip_unprivileged_port_start" = "0";
+ boot.kernel.sysctl."net.ipv4.ip_unprivileged_port_start" = "53";
environment.systemPackages = with pkgs; [
helix
diff --git a/systems/x86_64-linux/cobalt/default.nix b/systems/x86_64-linux/cobalt/default.nix
index 5ee4587..9b7faca 100644
--- a/systems/x86_64-linux/cobalt/default.nix
+++ b/systems/x86_64-linux/cobalt/default.nix
@@ -5,12 +5,15 @@
pkgs,
lib,
config,
+ inputs,
...
}:
with lib._elements; {
imports = [
+ inputs.flatpak.nixosModules.nix-flatpak
./hardware.nix
./disko.nix
+ ./metrics.nix
];
elements = {
@@ -21,6 +24,8 @@ with lib._elements; {
secrets = {
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPjqieS4GkYAa1WRYZpxjgYsj7VGZ9U+rTFCkX8M0umD";
+
+ needs.victoriametricsEnvFile.rekeyFile = "victoria.env.age";
};
};
@@ -84,6 +89,13 @@ with lib._elements; {
services = {
# ovos.enable = true; # message-bus only. remainder in hm
+ flatpak = {
+ enable = true;
+ packages = [
+ "com.bambulab.BambuStudio"
+ "im.riot.Riot"
+ ];
+ };
openssh.enable = true;
openssh.settings.PasswordAuthentication = false;
@@ -106,6 +118,20 @@ with lib._elements; {
beszel-agent.key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMkUPOw28Cu2LMuzfmvjT/L2ToNHcADwGyGvSpJ4wH2T";
elements.ollama.enable = true;
+ # waka-victoriametrics = {
+ # enable = true;
+ # listenAddress = "127.0.0.1:8080";
+ # victoriametrics.url = "http://localhost:8428/api/v1/write";
+ # metrics.labels = [
+ # "project"
+ # "language"
+ # "editor"
+ # "branch"
+ # "category"
+ # "operating_system"
+ # ];
+ # };
+
pipewire = {
enable = lib.mkForce true;
alsa.enable = true;
@@ -179,6 +205,9 @@ with lib._elements; {
xdg-desktop-portal
xdg-desktop-portal-gtk
];
+
+ # Quirky workaround for this not being set in portals for some reason
+ sessionVariables.MOZ_ENABLE_WAYLAND = "1";
};
users.groups.pico = {};
diff --git a/systems/x86_64-linux/cobalt/metrics.nix b/systems/x86_64-linux/cobalt/metrics.nix
new file mode 100644
index 0000000..95bfa87
--- /dev/null
+++ b/systems/x86_64-linux/cobalt/metrics.nix
@@ -0,0 +1,50 @@
+{
+ inputs,
+ config,
+ pkgs,
+ ...
+}: {
+ services = {
+ telegraf = {
+ enable = true;
+ environmentFiles = [
+ # This defines the VICTORIAMETRICS_PASSWORD environment variable
+ config.age.secrets.victoriametricsEnvFile.path
+ ];
+ extraConfig = {
+ inputs = {
+ http_response = [
+ {
+ urls = ["https://toph.so" "https://aleph.garden" "https://aph.gdn" "https://radicle.toph.so"];
+ }
+ ];
+ internet_speed = [
+ {
+ interval = "60m";
+ }
+ ];
+ };
+ outputs.influxdb = [
+ {
+ urls = ["https://vm.toph.so"];
+ database = "toph";
+ username = "victoria-with-the-secrets";
+ password = "\${VICTORIAMETRICS_PASSWORD}";
+ skip_database_creation = false;
+ exclude_retention_policy_tag = true;
+ content_encoding = "gzip";
+ }
+ ];
+ };
+ };
+
+ # traefik.routes.solid-pod = {
+ # rule = "Host(`pod.toph.so`)";
+ # url = "http://localhost:3000";
+ # };
+ };
+
+ # systemd.tmpfiles.rules = [
+ # "d /var/lib/solid - - - - -"
+ # ];
+}