diff --git a/.xinitrc b/.xinitrc index 7ba1585..1e8f15e 100755 --- a/.xinitrc +++ b/.xinitrc @@ -12,7 +12,7 @@ fi xrdb -merge ~/.Xresources setxkbmap -option caps:swapescape -feh --bg-scale ~/nix/wallpapers/inverted.png +feh --bg-scale ~/nix/wallpapers/blue.png dwmblocks & dunst & diff --git a/.xinitrc.laptop b/.xinitrc.laptop index 07d5d98..8d97148 100755 --- a/.xinitrc.laptop +++ b/.xinitrc.laptop @@ -12,7 +12,7 @@ fi xrdb -merge ~/.Xresources setxkbmap -option caps:swapescape -feh --bg-center ~/nix/wallpapers/inverted.png +feh --bg-center ~/nix/wallpapers/blue.png dwmblocks & dunst & diff --git a/config/base.nix b/config/base.nix index 6a28542..6cc2ded 100644 --- a/config/base.nix +++ b/config/base.nix @@ -8,7 +8,7 @@ ... }: { imports = [ - ../shared/vial.nix + # ../shared/vial.nix ]; nixpkgs = { overlays = [ @@ -22,7 +22,6 @@ nix.nixPath = ["/etc/nix/path"]; users.defaultUserShell = pkgs.bash; documentation.man.generateCaches = false; - systemd.services.NetworkManager-wait-online.enable = lib.mkForce false; programs.fish.enable = true; programs.bash = { interactiveShellInit = '' @@ -65,6 +64,12 @@ }; networking.networkmanager.enable = true; + networking.nameservers = [ "8.8.8.8"]; + networking.resolvconf.enable = pkgs.lib.mkForce false; +networking.dhcpcd.extraConfig = "nohook resolv.conf"; +networking.networkmanager.dns = "none"; +services.resolved.enable = false; + environment.sessionVariables = { EDITOR = "nvim"; @@ -76,9 +81,8 @@ fonts.packages = with pkgs; [ (nerdfonts.override { fonts = [ - "ComicShannsMono" + "Hack" "FiraCode" - "Iosevka" ]; }) ]; @@ -97,31 +101,36 @@ LC_TIME = "sv_SE.UTF-8"; }; - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; + boot.loader = { + efi = { + canTouchEfiVariables = false; + }; + grub = { + efiSupport = true; + efiInstallAsRemovable = true; + device = "nodev"; + }; + }; console.keyMap = "sv-latin1"; environment.systemPackages = with pkgs; [ + vim + neovim + git openssh - ( - catppuccin-sddm.override { - flavor = "mocha"; - font = "ComicShannsMono Nerd Font Bold"; - fontSize = "17"; - background = "${../wallpapers/inverted.png}"; - loginBackground = true; - } - ) ]; services = { - udev = { - packages = with pkgs; [ - vial - via - ]; - }; + # udev = { + # extraRules = '' + # KERNEL=="ttyACM0", MODE:="666" + # ''; + # packages = with pkgs; [ + # vial + # via + # ]; + # }; picom.enable = true; openssh = { enable = true; @@ -132,14 +141,10 @@ "ipsec.d/ipsec.nm-l2tp.secrets" ]; }; - displayManager = { - sddm = { - enable = true; - theme = "catppuccin-mocha"; - package = pkgs.kdePackages.sddm; - }; - }; xserver = { + displayManager = { + startx.enable = true; + }; enable = true; xkb = { layout = "se"; diff --git a/config/home.nix b/config/home.nix index 3270522..8af7a0e 100644 --- a/config/home.nix +++ b/config/home.nix @@ -10,11 +10,11 @@ }: { imports = [ ../shared/dwm.nix + ../shared/vscode.nix ../shared/dmenu.nix ../shared/rofi.nix ../shared/kitty.nix ../shared/alacritty.nix - # ../shared/dunst.nix ../shared/tmux.nix ../shared/vim.nix ../shared/fish.nix @@ -23,26 +23,16 @@ ../shared/firefox.nix ../shared/zathura.nix ../shared/lazygit.nix - # ../shared/spotifyd.nix ../shared/ssh.nix ../shared/aerc.nix - ../shared/rbw.nix ../shared/oh-my-posh.nix - ../shared/mpv.nix ]; nixpkgs = { overlays = []; config = { - # allowUnfree = false; - # allowUnfreePredicate = _: false; allowUnfree = true; allowUnfreePredicate = _: true; - permittedInsecurePackages = [ - "electron-25.9.0" - "electron-19.1.9" - "nix-2.16.2" - ]; }; }; @@ -66,42 +56,46 @@ networkmanager fd bat - appimage-run bluez bluez-tools - betterlockscreen + unstable.betterlockscreen tmux - yt-dlp unstable.fzf eza btop + thttpd xcolor openssl + dig + jq # Dev - unstable.cargo - unstable.rustc - cargo-generate + unstable.deno + unstable.hugo + unstable.logstash + ngrok + tailwindcss nodejs_22 - gleam gh-f gh yarn plantuml go - jq + dotnetCorePackages.sdk_8_0_3xx + templ + + #Tools qrencode + air + k9s git lazydocker - air - templ - ranger - tesseract4 - k9s kubectl - ngrok #LSP + roslyn + roslyn-ls + python312Packages.python-lsp-server yaml-language-server nil jdt-language-server @@ -117,9 +111,6 @@ gopls rust-analyzer - # Geography - geos - # UI rofi-bluetooth pastel @@ -138,7 +129,7 @@ brightnessctl dunst - # Documentas + # Documents ripgrep grc texliveFull @@ -146,11 +137,12 @@ poppler_utils #Desktop + unstable.feishin + firefox + libreoffice unstable.signal-desktop - kompare pinta zathura - firefox vial thunderbird alacritty @@ -159,10 +151,10 @@ lazygit byzanz remmina + obsidian # Utils speedcrunch - termusic #Unfree discord diff --git a/config/lill-home.nix b/config/lill-home.nix new file mode 100644 index 0000000..768b1f4 --- /dev/null +++ b/config/lill-home.nix @@ -0,0 +1,152 @@ +# This is your home-manager configuration file +# Use this to configure your home environment (it replaces ~/.config/nixpkgs/home.nix) +{ + inputs, + lib, + config, + pkgs, + myhostname, + ... +}: { + imports = [ + ../shared/dwm.nix + ../shared/dmenu.nix + ../shared/kitty.nix + ../shared/alacritty.nix + ../shared/tmux.nix + ../shared/fish.nix + ../shared/git.nix + ../shared/nixpkgs.nix + ../shared/firefox.nix + ../shared/zathura.nix + ../shared/lazygit.nix + ../shared/ssh.nix + ../shared/oh-my-posh.nix + ]; + + nixpkgs = { + overlays = []; + config = { + allowUnfree = true; + allowUnfreePredicate = _: true; + }; + }; + + + home.packages = with pkgs; [ + # System + xsel + unzip + zip + wget + alsa-utils + acpi + gcc + gnumake + cmake + arion + htop + pavucontrol + procps + openssh + networkmanager + fd + bat + bluez + bluez-tools + unstable.betterlockscreen + tmux + unstable.fzf + eza + btop + xcolor + openssl + dig + jq + rockbox-utility + rhythmbox + libgpod + + # Dev + unstable.hugo + tailwindcss + nodejs_22 + go + + #Tools + qrencode + air + git + lazydocker + kubectl + + #LSP + python312Packages.python-lsp-server + yaml-language-server + nil + texlab + marksman + nodePackages_latest.bash-language-server + typescript + nodePackages_latest.typescript-language-server + nodePackages_latest.vls + nodePackages_latest.volar + lua-language-server + tree-sitter + gopls + rust-analyzer + + # UI + pastel + imagemagick + + #VPN + openvpn + networkmanagerapplet + networkmanager-l2tp + strongswan + + # Display + scrot + xbanish + feh + brightnessctl + dunst + + # Documents + ripgrep + grc + # texliveFull + pandoc + poppler_utils + + #Desktop + unstable.feishin + firefox + unstable.signal-desktop + pinta + zathura + thunderbird + alacritty + unstable.neovim + fastfetch + lazygit + byzanz + + # Utils + speedcrunch + ]; + programs.home-manager.enable = true; + programs.fish.enable = true; + programs.man.generateCaches = false; + + xsession.enable = true; + xsession.windowManager.command = if myhostname == "laptop" then "/home/fw/nix/.xinitrc.laptop" else if myhostname == "jobb" then "/home/fw/nix/.xinitrc.jobb" else "/home/fw/nix/.xinitrc"; + + home.username = "fw"; + home.homeDirectory = "/home/fw"; + + home.stateVersion = "23.11"; # Did you read the comment? + + systemd.user.startServices = "sd-switch"; +} diff --git a/flake.nix b/flake.nix index 2de38ac..6fa0ad9 100644 --- a/flake.nix +++ b/flake.nix @@ -25,7 +25,7 @@ overlay-unstable = final: prev: { unstable = import nixpkgs-unstable { inherit system; - config.allowUnfree = false; + config.allowUnfree = true; }; }; overlay-fw-pkgs = final: prev: { @@ -72,6 +72,13 @@ }; modules = [./maskiner/work-desktop/configuration.nix]; }; + lillen = nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs outputs; + myhostname = "lillen"; + }; + modules = [./maskiner/lillen/configuration.nix]; + }; }; # Standalone home-manager configuration entrypoint @@ -128,6 +135,19 @@ ({nixpkgs, ... }: { nixpkgs.overlays = [ overlay-fw-pkgs ]; }) ]; }; + "fw@lillen" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages.x86_64-linux; + extraSpecialArgs = { + inherit inputs outputs; + myhostname = "lillen"; + }; + # > Our main home-manager configuration file < + modules = [ + ./config/lill-home.nix + ({nixpkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; }) + ({nixpkgs, ... }: { nixpkgs.overlays = [ overlay-fw-pkgs ]; }) + ]; + }; }; }; } diff --git a/jobb/users.nix b/jobb/users.nix new file mode 100644 index 0000000..8ad67c7 --- /dev/null +++ b/jobb/users.nix @@ -0,0 +1,40 @@ +{ config +, pkgs +, ... +}: { + # TODO: Configure your system-wide user settings (groups, etc), add more users as needed. + users = { + defaultUserShell = pkgs.bash; + groups = { + ios = {}; + }; + users = { + fw = { + initialPassword = "password"; + isNormalUser = true; + description = "Fredrik Wastring"; + extraGroups = [ + "networkmanager" + "wheel" + "audio" + "docker" + "input" + ]; + openssh.authorizedKeys = { + keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDALsdpwvC0w/Aj+1fWtzJyyWoUrGkdh8o2thVHeQQBNo0D7cmVberYmi4Cv9gWGX6PaElrnOl0KRdGyro2wxOYokSxgk2VgWW67BFITAQAbKyG2NhXXPbhb4jccDo7WH7TtOG8IofuJTPRu1Duda6k4RN0I0CkyAN6LGX+zy49cq0qKf9ijXYhCDYNih3+Fu/ig0aW/SYmsVoUl2VFTWdI5x5/wLvIjTEZhmAtYIeYADaLnom356cFrUysZa++FUujQAz3Ow236BvP95XZdTsqvfWNZFNIpC9VYF72JeIDCs5wDIr0GFmanF2On1nar+jJpoOE8SdHt357p5g/PqXV5TisN2xQRkqVwO9tWtMl4sF84jA4ULnY2gQWv9jErMxymUQ1IwuPUzDDlbRHCtfexAtkBy7wv6xslKAzG1QahvF/btNs5Caj3LN31rgAuxyooCbKGKTeBP3kHPKcz1iupgidfbO/QqVXBRQJTEdGyAKa8hVmLQZZPC/XUhxESAk= fw@fw-nix" + ]; + }; + }; + max = { + initialPassword = "password"; + isNormalUser = true; + description = "Max Huldin"; + extraGroups = [ + "audio" + "docker" + ]; + }; + }; + }; +} diff --git a/maskiner/laptop/configuration.nix b/maskiner/laptop/configuration.nix index 7a02fbf..539bc8d 100644 --- a/maskiner/laptop/configuration.nix +++ b/maskiner/laptop/configuration.nix @@ -21,6 +21,17 @@ dotnet-sdk_8 ]; + # boot.loader = { + # efi = { + # canTouchEfiVariables = true; + # }; + # grub = { + # enable = true; + # efiSupport = true; + # useOSProber = true; + # }; + # }; + services.xserver.dpi = 140; diff --git a/maskiner/lillen/configuration.nix b/maskiner/lillen/configuration.nix new file mode 100644 index 0000000..dbea6cc --- /dev/null +++ b/maskiner/lillen/configuration.nix @@ -0,0 +1,41 @@ +# This is your system's configuration file. +# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix) +{ + inputs, + lib, + config, + pkgs, + myhostname, + ... +}: { + # You can import other NixOS modules here + imports = [ + ./hardware-configuration.nix + ../../config/base.nix + ../../config/users.nix + ]; + + networking.hostName = myhostname; + + environment.systemPackages = with pkgs; [ + ]; + + services.xserver.dpi = 140; + + services = { + openssh = { + enable = true; + ports = [55504]; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + X11Forwarding = true; + }; + extraConfig = '' + AllowUsers fw + ''; + }; + }; + + system.stateVersion = "23.11"; +} diff --git a/maskiner/lillen/configuration.nix.bak b/maskiner/lillen/configuration.nix.bak new file mode 100644 index 0000000..32e1127 --- /dev/null +++ b/maskiner/lillen/configuration.nix.bak @@ -0,0 +1,100 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "nixos"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "Europe/Stockholm"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "sv_SE.UTF-8"; + LC_IDENTIFICATION = "sv_SE.UTF-8"; + LC_MEASUREMENT = "sv_SE.UTF-8"; + LC_MONETARY = "sv_SE.UTF-8"; + LC_NAME = "sv_SE.UTF-8"; + LC_NUMERIC = "sv_SE.UTF-8"; + LC_PAPER = "sv_SE.UTF-8"; + LC_TELEPHONE = "sv_SE.UTF-8"; + LC_TIME = "sv_SE.UTF-8"; + }; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "se"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "sv-latin1"; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.fw = { + isNormalUser = true; + description = "Fredrik Wastring"; + extraGroups = [ "networkmanager" "wheel" ]; + packages = with pkgs; []; + }; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + wget +git + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.05"; # Did you read the comment? + +} diff --git a/maskiner/lillen/hardware-configuration.nix b/maskiner/lillen/hardware-configuration.nix new file mode 100644 index 0000000..f0687e8 --- /dev/null +++ b/maskiner/lillen/hardware-configuration.nix @@ -0,0 +1,41 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/e6dc4f13-d85c-44a0-89ae-d8bbe111bd5c"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/AF48-6246"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/4eb1a6f5-2c5d-4bf1-82d0-797bf2839c52"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/maskiner/server/configuration.nix b/maskiner/server/configuration.nix index 4b18dcc..b43c6c5 100644 --- a/maskiner/server/configuration.nix +++ b/maskiner/server/configuration.nix @@ -87,11 +87,11 @@ LC_TIME = "sv_SE.UTF-8"; }; - boot.loader.grub = { - enable = true; - device = "/dev/sdc"; - useOSProber = true; - }; + # boot.loader.grub = { + # enable = true; + # device = "/dev/sdc"; + # useOSProber = true; + # }; console.keyMap = "sv-latin1"; programs.zsh.enable = true; @@ -105,7 +105,7 @@ }; openssh = { enable = true; - ports = [55502]; + ports = [22]; settings = { PermitRootLogin = "no"; PasswordAuthentication = false; diff --git a/maskiner/work-desktop/configuration.nix b/maskiner/work-desktop/configuration.nix index c3e3f3c..01744cb 100644 --- a/maskiner/work-desktop/configuration.nix +++ b/maskiner/work-desktop/configuration.nix @@ -15,6 +15,14 @@ ../../config/users.nix ]; + environment.systemPackages = with pkgs; [ + kubectl + azure-cli + ]; + + + + networking.hostName = myhostname; services.xserver.dpi = 140; diff --git a/maskiner/work-desktop/configuration.nix.bak b/maskiner/work-desktop/configuration.nix.bak new file mode 100644 index 0000000..d757cfa --- /dev/null +++ b/maskiner/work-desktop/configuration.nix.bak @@ -0,0 +1,101 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "nixos"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "Europe/Stockholm"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "sv_SE.UTF-8"; + LC_IDENTIFICATION = "sv_SE.UTF-8"; + LC_MEASUREMENT = "sv_SE.UTF-8"; + LC_MONETARY = "sv_SE.UTF-8"; + LC_NAME = "sv_SE.UTF-8"; + LC_NUMERIC = "sv_SE.UTF-8"; + LC_PAPER = "sv_SE.UTF-8"; + LC_TELEPHONE = "sv_SE.UTF-8"; + LC_TIME = "sv_SE.UTF-8"; + }; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "se"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "sv-latin1"; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.fw = { + isNormalUser = true; + description = "Fredrik Wastring"; + extraGroups = [ "networkmanager" "wheel" ]; + packages = with pkgs; []; + }; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + wget + git +ssh + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.11"; # Did you read the comment? + +} diff --git a/maskiner/work-desktop/hardware-configuration.nix b/maskiner/work-desktop/hardware-configuration.nix index 260c281..3a39e3f 100644 --- a/maskiner/work-desktop/hardware-configuration.nix +++ b/maskiner/work-desktop/hardware-configuration.nix @@ -8,23 +8,25 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "nvme" "xhci_pci" "firewire_ohci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/54b2d5d8-d0cf-4aa2-a92a-7128abc98a85"; + { device = "/dev/disk/by-uuid/ab96fcd1-cab1-43e1-aae2-161bd088bb46"; fsType = "ext4"; }; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/C1AA-0689"; + { device = "/dev/disk/by-uuid/3F89-6CDD"; fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; + options = [ "fmask=0077" "dmask=0077" ]; }; - swapDevices = [ ]; + swapDevices = + [ { device = "/dev/disk/by-uuid/5b889d43-0313-4fa2-ac22-5e303a3efb5b"; } + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/shared/dwm.nix b/shared/dwm.nix index 2927e79..8068cb4 100644 --- a/shared/dwm.nix +++ b/shared/dwm.nix @@ -3,7 +3,7 @@ let dwm = pkgs.dwm.overrideAttrs (old: { src = builtins.fetchGit { url = "https://github.com/FredzyW/dwm-conf.git"; - rev = "3b9d96ece2c814a1c50d59de68587b2a4eee4ff8"; + rev = "05276318843d1bfe90a8aae266c9e997bf97e577"; }; nativeBuildInputs = with pkgs; [ xorg.libX11.dev @@ -20,7 +20,7 @@ let }) else pkgs.dwmblocks.overrideAttrs (old: { src = builtins.fetchGit { url = "https://github.com/FredzyW/dwmblocks.git"; - rev = "a334789ec7b9171a3c8e1fcac2ffe8463ee438dc"; + rev = "ec1b1a61a80e0ba92842e5117736ff977bb6cfa5"; }; }); in diff --git a/shared/fish.nix b/shared/fish.nix index 7272d33..036c424 100644 --- a/shared/fish.nix +++ b/shared/fish.nix @@ -39,7 +39,8 @@ ]; shellAbbrs = { homec="nvim ~/nix/config/home.nix"; - ls="exa -l --no-time --no-permissions --no-user"; + n="eza -l --no-time --no-permissions --no-user"; + ls="eza -l --no-time --no-permissions --no-user"; dev="nix develop --command fish"; spot="steam-run ~/program/spotify_player"; sc="sc-im"; @@ -49,6 +50,8 @@ reb="sudo nixos-rebuild switch --flake $SYSTEM_DIR"; cam="jira issue create && jira issue assign && jira issue move"; latest="git log | head -1 | awk '{print $2;}' | xsel -ib"; + vpnup="nmcli con up 'iFacts VPN'"; + vpndown="nmcli con down 'iFacts VPN'"; }; interactiveShellInit = '' fish_vi_key_bindings diff --git a/shared/git.nix b/shared/git.nix index 4470f24..e260d68 100644 --- a/shared/git.nix +++ b/shared/git.nix @@ -2,7 +2,7 @@ { programs.git = { enable = true; - userName = "FredzyW"; + userName = "fwastring"; userEmail = "fredrik@wastring.com"; extraConfig = { url."git@github.com:".insteadOf = "https://github.com/"; diff --git a/shared/kitty.nix b/shared/kitty.nix index f9277de..d201ec8 100644 --- a/shared/kitty.nix +++ b/shared/kitty.nix @@ -4,11 +4,13 @@ enable = true; font = if myhostname == "laptop" then { # name = "Iosevka Nerd Font Bold"; - name = "ComicShannsMono Nerd Font Bold"; - size = 20; + # name = "ComicShannsMono Nerd Font Bold"; + name = "Hack Nerd Font Mono Bold"; + size = 15; } else { # name = "Iosevka Nerd Font Bold"; - name = "ComicShannsMono Nerd Font Bold"; + # name = "ComicShannsMono Nerd Font Bold"; + name = "Hack Nerd Font Mono Bold"; size = 13; }; shellIntegration = { diff --git a/shared/nginx.nix b/shared/nginx.nix index f276e6b..5c7cba0 100644 --- a/shared/nginx.nix +++ b/shared/nginx.nix @@ -1,103 +1,211 @@ { pkgs, lib, ... }: { -networking.firewall = { - allowedTCPPorts = [ 80 443 ]; - }; - services.nginx = { - enable = true; - user = "nginx"; - group = "nginx"; + networking.firewall = { + allowedTCPPorts = [ 80 443 ]; + }; + services.nginx = { + enable = true; + user = "nginx"; + group = "nginx"; - # Use recommended settings - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; + # Use recommended settings + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; - virtualHosts = { - "bilder.wastring.com" = { - sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; - sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; - forceSSL = true; - locations."/" = { - proxyPass = "http://172.17.0.1:2283"; - proxyWebsockets = true; - }; - }; - "git.wastring.com" = { - sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; - sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; - forceSSL = true; - locations."/" = { - proxyPass = "http://192.168.16.1:3000"; - proxyWebsockets = true; - }; - }; - "cal.wastring.com" = { - sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; - sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; - forceSSL = true; - locations."/" = { - proxyPass = "http://172.17.0.1:5232"; - proxyWebsockets = true; - }; - }; - "pass.wastring.com" = { - sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; - sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; - forceSSL = true; - locations."/" = { - proxyPass = "http://172.24.0.1:9445"; - proxyWebsockets = true; - }; - }; - "home.wastring.com" = { - sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; - sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; - forceSSL = true; - locations."/" = { - proxyPass = "http://172.17.0.1:8081"; - proxyWebsockets = true; - }; - }; - "drive.wastring.com" = { - sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; - sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; - forceSSL = true; - locations."/" = { - proxyPass = "http://172.17.0.1:3001"; - proxyWebsockets = true; - }; - }; + virtualHosts = { + "wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:8081"; + proxyWebsockets = true; + }; + }; + "pico.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:6976"; + proxyWebsockets = true; + }; + }; + "budget.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:8098"; + proxyWebsockets = true; + }; + }; + "bilder.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:2283"; + proxyWebsockets = true; + }; + }; + "git.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://192.168.16.1:3000"; + proxyWebsockets = true; + }; + }; + "cal.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:5232"; + proxyWebsockets = true; + }; + }; + "pass.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.24.0.1:9445"; + proxyWebsockets = true; + }; + }; + "home.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:8081"; + proxyWebsockets = true; + }; + }; + "drive.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:3001"; + proxyWebsockets = true; + }; + }; - "sandbox.wastring.com" = { - sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; - sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; - forceSSL = true; - locations."/" = { - proxyPass = "http://172.17.0.1:3001"; - proxyWebsockets = true; - }; - }; - "files.wastring.com" = { - sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; - sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; - forceSSL = true; - locations."/" = { - proxyPass = "http://172.17.0.1:3923"; - proxyWebsockets = true; - }; - }; - "ftp.wastring.com" = { - sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; - sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; - forceSSL = true; - locations."/" = { - proxyPass = "http://172.17.0.1:3921"; - proxyWebsockets = true; - }; - }; - }; -}; + "sandbox.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:3001"; + proxyWebsockets = true; + }; + }; + "files.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:8380"; + proxyWebsockets = true; + }; + }; + "text.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:7000"; + proxyWebsockets = true; + }; + }; + "docs.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:8000"; + proxyWebsockets = true; + }; + }; + "carpool.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:8080"; + proxyWebsockets = true; + }; + }; + "search.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://localhost:40080"; + proxyWebsockets = true; + }; + }; + "latex.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://localhost:3080"; + proxyWebsockets = true; + }; + }; + "yt.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://localhost:40000"; + proxyWebsockets = true; + }; + }; + "talk.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://localhost:9000"; + proxyWebsockets = true; + }; + }; + "soulseek.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://localhost:5030"; + proxyWebsockets = true; + }; + }; + "board.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://localhost:8038"; + proxyWebsockets = true; + }; + }; + "ha.wastring.com" = { + sslCertificateKey = "/certs/.lego/certificates/wastring.com.key"; + sslCertificate = "/certs/.lego/certificates/wastring.com.crt"; + forceSSL = true; + locations."/" = { + proxyPass = "http://172.17.0.1:8123"; + proxyWebsockets = true; + }; + }; + }; + }; } diff --git a/shared/oh-my-posh.nix b/shared/oh-my-posh.nix index 9c812e9..bbac0b9 100644 --- a/shared/oh-my-posh.nix +++ b/shared/oh-my-posh.nix @@ -81,7 +81,13 @@ { "foreground"= "p:mauve"; "style"= "plain"; - "template"= "{{ .UserName }}@{{ .HostName }} "; + "template"= "{{ .UserName }}@"; + "type"= "session"; + } + { + "foreground"= "p:peach"; + "style"= "plain"; + "template"= "{{ .HostName }}"; "type"= "session"; } ]; diff --git a/shared/openssh.nix b/shared/openssh.nix new file mode 100644 index 0000000..3cbe44d --- /dev/null +++ b/shared/openssh.nix @@ -0,0 +1,16 @@ +{ config, pkgs, ...}: +{ + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + settings = { + AuthenticationMethods = "publickey password"; + TrustedUserCAKeys = "/etc/ssh/ssh_ca.pub"; + Banner = "none"; + PasswordAuthentication = true; + # PasswordAuthentication = false; + PubKeyAuthentication = true; + Port = 22; + }; + }; +} diff --git a/shared/ranger.nix b/shared/ranger.nix new file mode 100644 index 0000000..f6703d5 --- /dev/null +++ b/shared/ranger.nix @@ -0,0 +1,9 @@ +{ pkgs, lib, ... }: +{ + programs.firefox = { + enable = true; + extraConfig = '' + set colorscheme dracula + ''; + }; +} diff --git a/shared/ssh.nix b/shared/ssh.nix index 2bf00c9..f76f719 100644 --- a/shared/ssh.nix +++ b/shared/ssh.nix @@ -19,6 +19,7 @@ hostname = "login.student.lth.se"; port = 22; user = "fr7658wa-s"; + identityFile = "/home/fw/.ssh/id_rsa"; }; "dm2" = { hostname = "192.168.0.190"; diff --git a/shared/vscode.nix b/shared/vscode.nix new file mode 100644 index 0000000..81ad387 --- /dev/null +++ b/shared/vscode.nix @@ -0,0 +1,11 @@ +{ pkgs, ... }: +{ + programs.vscode = { + enable = true; + extensions = with pkgs.vscode-extensions; [ + vscodevim.vim + jebbs.plantuml + ]; + }; + +} diff --git a/wallpapers/blue.png b/wallpapers/blue.png new file mode 100644 index 0000000..ce89e46 Binary files /dev/null and b/wallpapers/blue.png differ