added more stuff

2026-02-18 17:35:47 +01:00 · 2026-02-18 17:35:47 +01:00 · 6eacd76d61
commit 6eacd76d61
parent 369cfc5d52
13 changed files with 237 additions and 60 deletions
--- a/Install-RootCA.ps1
+++ b/Install-RootCA.ps1
@ -0,0 +1,20 @@
+param(
+  [Parameter(Mandatory = $true)]
+  [string]$CertPath
+)
+if (-not (Test-Path -Path $CertPath)) {
+  throw "Cert file not found: $CertPath"
+}
+$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($CertPath)
+$thumbprint = $cert.Thumbprint
+$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("Root","LocalMachine")
+$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)
+$existing = $store.Certificates | Where-Object { $_.Thumbprint -eq $thumbprint }
+if ($existing.Count -eq 0) {
+  $store.Add($cert)
+  Write-Host "Installed root CA: $thumbprint"
+} else {
+  Write-Host "Root CA already installed: $thumbprint"
+}
+$store.Close()
+
--- a/flake.lock
+++ b/flake.lock
@ -858,6 +858,22 @@
      }
    },
    "nixpkgs_7": {
+      "locked": {
+        "lastModified": 1771008912,
+        "narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "a82ccc39b39b621151d6732718e3e250109076fa",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_8": {
      "locked": {
        "lastModified": 1744536153,
        "narHash": "sha256-awS2zRgF4uTwrOKwwiJcByDzDOdo3Q1rPZbiHQg/N38=",
@ -920,6 +936,25 @@
        "type": "github"
      }
    },
+    "powershell-es": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_7"
+      },
+      "locked": {
+        "lastModified": 1771417904,
+        "narHash": "sha256-jkBfryAeEk3GRc57CiWfN7vmFxp1N7cPvnV70ZDUO6o=",
+        "ref": "main",
+        "rev": "7f29c36557a1dffe6d663d1e98e91dd567f8e2d0",
+        "revCount": 4,
+        "type": "git",
+        "url": "https://git.wastring.com/fw/powershell-es"
+      },
+      "original": {
+        "ref": "main",
+        "type": "git",
+        "url": "https://git.wastring.com/fw/powershell-es"
+      }
+    },
    "pre-commit-hooks": {
      "inputs": {
        "flake-compat": "flake-compat",
@ -955,6 +990,7 @@
        "neovim-nightly-overlay": "neovim-nightly-overlay",
        "nixpkgs": "nixpkgs_6",
        "nixvim": "nixvim",
+        "powershell-es": "powershell-es",
        "sops-nix": "sops-nix",
        "stylix": "stylix",
        "typsite": "typsite"
@ -962,7 +998,7 @@
    },
    "rust-overlay": {
      "inputs": {
-        "nixpkgs": "nixpkgs_7"
+        "nixpkgs": "nixpkgs_8"
      },
      "locked": {
        "lastModified": 1749004659,
--- a/flake.nix
+++ b/flake.nix
@ -18,6 +18,7 @@
    };
    catppuccin.url = "github:catppuccin/nix";
    confetti.url = "git+https://git.wastring.com/fw/confetti?ref=main";
+    powershell-es.url = "git+https://git.wastring.com/fw/powershell-es?ref=main";
    bbk.url = "git+https://git.wastring.com/fw/bbk?ref=main";
    neovim-nightly-overlay.url = "github:nix-community/neovim-nightly-overlay";
    home-manager.url = "github:nix-community/home-manager";
@ -44,9 +45,10 @@
      sops-nix,
      catppuccin,
      confetti,
+      powershell-es,
      bbk,
      nixvim,
-	  disko,
+      disko,
      ...
    }@inputs:
    let
@ -85,9 +87,9 @@
            sops-nix.nixosModules.sops
            catppuccin.nixosModules.catppuccin
            confetti.nixosModules.default
-            bbk.nixosModules.default
+            # bbk.nixosModules.default
            nixvim.nixosModules.default
-			disko.nixosModules.disko
+            disko.nixosModules.disko
          ];
        };
        node = nixpkgs.lib.nixosSystem {
@ -99,7 +101,7 @@
            ./maskiner/node/configuration.nix
            home-manager.nixosModules.home-manager
            sops-nix.nixosModules.sops
-            bbk.nixosModules.default
+            # bbk.nixosModules.default
          ];
        };
        core = nixpkgs.lib.nixosSystem {
@ -126,7 +128,7 @@
          };
          modules = [
            ./maskiner/archive/configuration.nix
-            bbk.nixosModules.default
+            # bbk.nixosModules.default
          ];
        };
      };
--- a/maskiner/core/configuration.nix
+++ b/maskiner/core/configuration.nix
@ -32,6 +32,10 @@ in
  kubernetes-tools.enable = true;
  networking.hostName = myhostname;

+  security.pki.certificateFiles = [
+    ../../root_ca.crt
+  ];
+
  stylix = {
    enable = true;
    base16Scheme = "${pkgs.base16-schemes}/share/themes/catppuccin-${theme}.yaml";
@ -53,8 +57,8 @@ in

  environment.systemPackages = [ pkgs.cifs-utils ];

-  fileSystems."/mnt/testweb/inetpub" = {
-    device = "//192.168.0.226/inetpub";
+  fileSystems."/mnt/testweb/C" = {
+    device = "//192.168.0.226/C$";
    fsType = "cifs";
    options =
      let
@ -67,8 +71,22 @@ in
      ];
  };

-  fileSystems."/mnt/testweb/Logs" = {
-    device = "//192.168.0.226/Logs";
+  fileSystems."/mnt/elastic-internal/C" = {
+    device = "//192.168.0.204/C$";
+    fsType = "cifs";
+    options =
+      let
+        automount_opts =
+          "x-systemd.automount,noauto,x-systemd.idle-timeout=60,"
+          + "x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
+      in
+      [
+        "${automount_opts},credentials=${toString config.sops.secrets.build-service.path},vers=3.0"
+      ];
+  };
+
+  fileSystems."/mnt/dev-machine2/C" = {
+    device = "//192.168.0.149/C$";
    fsType = "cifs";
    options =
      let
--- a/maskiner/node/configuration.nix
+++ b/maskiner/node/configuration.nix
@ -35,6 +35,7 @@ in
    (modulesDirectory + /services/kanboard)
    (modulesDirectory + /services/immich)
    (modulesDirectory + /services/paperless)
+    (modulesDirectory + /services/filebrowser)
  ];

  sops.defaultSopsFile = ../../secrets/sops.yaml;
@ -94,6 +95,12 @@ in
    port = 8121;
    domain = "message.wastring.com";
  };
+  filebrowser = {
+    enable = true;
+    host = "127.0.0.1";
+    port = 8126;
+    domain = "files.wastring.com";
+  };
  glance = {
    enable = true;
    host = "127.0.0.1";
--- a/moduler/dunst.nix
+++ b/moduler/dunst.nix
@ -15,11 +15,6 @@
        frame_color = "#eceff1";
        corner_radius = 10;
      };
-      # urgency_normal = {
-      #   background = "#181818";
-      #   foreground = "#dfdfdf";
-      #   timeout = 10;
-      # };
    };
  };
 }
--- a/moduler/fish.nix
+++ b/moduler/fish.nix
@ -71,6 +71,7 @@ in
        lg = "lazygit";
        ka = "kubectl apply -f";
        t = "timew";
+        a = "nix develop; opencode";
        todo = "jira issue list -a 'Fredrik Wastring' -s ~Done -s ~Closed -s ~Released --plain";
        cam = "jira issue create && jira issue assign && jira issue move";
        e = "kubectx";
@ -104,7 +105,7 @@ in
          set -e GOROOT
 		  set -x -U GOPATH $HOME/.go
          gh completion -s fish > ~/.config/fish/completions/gh.fish
-          set -gx PATH $PATH $HOME/.krew/bin
+          set -gx PATH $PATH $HOME/scripts

          set -Ux FZF_DEFAULT_OPTS "${fzfOpts}"
        '';
--- a/moduler/home.nix
+++ b/moduler/home.nix
@ -38,6 +38,46 @@
 		};
 	};
  };
+      xdg.configFile."bongocat/bongocat.conf".text = ''
+# Position & Size
+cat_height=80
+cat_align=center
+cat_x_offset=-500
+cat_y_offset=-15
+
+# Appearance
+enable_antialiasing=1
+overlay_height=80
+overlay_opacity=0
+overlay_position=top
+# mirror_x=0
+# mirror_y=0
+
+# Input device (run bongocat-find-devices to find yours)
+keyboard_device=/dev/input/event10
+
+# Multi-monitor (optional - auto-detects by default)
+# monitor=eDP-1
+
+# Sleep mode (optional)
+# idle_sleep_timeout=300
+# enable_scheduled_sleep=0
+# sleep_begin=22:00
+# sleep_end=06:00
+    '';
+    systemd.user.services.bongocat = {
+      Unit = {
+        Description = "BongoCat watcher";
+        After = [ "graphical-session.target" ];
+        PartOf = [ "graphical-session.target" ];
+      };
+      Service = {
+        ExecStart = "${pkgs.wayland-bongocat}/bin/bongocat --watch-config -c %h/.config/bongocat/bongocat.conf";
+        Restart = "on-failure";
+      };
+      Install = { WantedBy = [ "graphical-session.target" ]; };
+    };
+

  home.username = "fw";
  home.homeDirectory = "/home/fw";
--- a/moduler/programs.nix
+++ b/moduler/programs.nix
@ -57,6 +57,7 @@
  environment.systemPackages = with pkgs; [
    # GUI
    feishin
+	vscode
    signal-desktop
    thunderbird
    discord
@ -68,16 +69,14 @@
    ipcalc
    vial
    via
-	remmina
-	brightnessctl
-	speedcrunch
-	trilium-desktop
-	libreoffice
-
-	gnumake
+    remmina
+    brightnessctl
+    speedcrunch
+    wayland-bongocat
+	opencode

    dbeaver-bin
-(
+    (
      let
        base = pkgs.appimageTools.defaultFhsEnvArgs;
      in
@ -96,7 +95,7 @@
            ++ (with pkgs; [
              pkg-config
              ncurses
-			  icu
+              icu
              # Feel free to add more packages here if needed.
            ]);
          profile = "export FHS=1";
@ -106,12 +105,8 @@
      )
    )

-    # ansible
-    # freecad-wayland
-
    # TUI
    codex
-    gemini-cli

    # Browsers
    librewolf
--- a/moduler/programs/hyprland/default.nix
+++ b/moduler/programs/hyprland/default.nix
@ -244,7 +244,7 @@ with lib;
              "$mod, u, focusurgentorlast"
              "$mod, tab, focuscurrentorlast"
              "$mod, f, fullscreen"
-              "$mod, b, exec, pkill -USR1 waybar"
+              "$mod, b, exec, pkill -USR1 waybar && pkill -USR1 bongocat"

              # Screen resize
              "$mod CTRL, h, resizeactive, -20 0"
@ -306,19 +306,6 @@ with lib;
              "$mod, mouse:273, resizewindow"
            ];

-            windowrulev2 = [
-              "float, class:^(org.pulseaudio.pavucontrol)$"
-              "size 500 400, class:^(org.pulseaudio.pavucontrol)"
-              "move onscreen cursor -250 10, class:^(org.pulseaudio.pavucontrol)"
-              "float, title:^(Bluetooth Devices)$"
-              "size 500 400, title:^(Bluetooth Devices)"
-              "move onscreen cursor -250 10, title:^(Bluetooth Devices)"
-
-              "float, class:^(.playerctl-gtk-wrapped)$"
-              "size 300 50, class:^(.playerctl-gtk-wrapped)"
-              "move onscreen cursor -150 30, class:^(.playerctl-gtk-wrapped)"
-            ];
-
            env = [
              "NIXOS_OZONE_WL,1"
              "_JAVA_AWT_WM_NONREPARENTING,1"
--- a/moduler/programs/nixvim/default.nix
+++ b/moduler/programs/nixvim/default.nix
@ -7,6 +7,7 @@
 }:

 let
+  psesPkg = inputs.powershell-es.packages.${pkgs.stdenv.hostPlatform.system}.default;
 in
 with lib;
 {
@ -331,6 +332,25 @@ with lib;
            jsonls.enable = true;
            ts_ls.enable = true;
            helm_ls.enable = true;
+            ansiblels = {
+              enable = true;
+              package = pkgs.vscode-extensions.redhat.ansible;
+            };
+            jinja_lsp = {
+              enable = true;
+              package = pkgs.jinja-lsp;
+              filetypes = [
+                "j2"
+                "jinja"
+              ];
+            };
+            powershell_es = {
+              enable = true;
+              package = psesPkg;
+              extraOptions = {
+                bundle_path = "${psesPkg}/share/powershell/Modules";
+              };
+            };

            nginx_language_server.enable = config.nixvim.lsp_jobb;
            dockerls.enable = config.nixvim.lsp_jobb;
--- a/moduler/services/filebrowser/default.nix
+++ b/moduler/services/filebrowser/default.nix
@ -0,0 +1,52 @@
+{
+  lib,
+  pkgs,
+  config,
+  ...
+}:
+with lib;
+{
+  options = {
+    filebrowser = {
+      enable = mkEnableOption "enables filebrowser";
+      port = lib.mkOption {
+        type = lib.types.int;
+        default = 8887;
+        description = "The port filebrowser listens on.";
+      };
+      host = mkOption {
+        type = types.str;
+        defaultText = literalExpression "127.0.0.1";
+        description = "The hostname that filebrowser binds to";
+      };
+      domain = mkOption {
+        type = types.str;
+        defaultText = literalExpression "files.wastring.com";
+        description = "The hostname that filebrowser binds to";
+      };
+    };
+  };
+  config = mkMerge [
+    (mkIf config.filebrowser.enable {
+
+      services.filebrowser = {
+        enable = true;
+		settings = {
+			address = config.filebrowser.host;
+			port = config.filebrowser.port;
+		};
+
+      };
+
+      services.nginx.virtualHosts.${config.filebrowser.domain} = {
+        forceSSL = true;
+        enableACME = true;
+        locations."/" = {
+          proxyPass = "http://${toString config.filebrowser.host}:${toString config.filebrowser.port}";
+          proxyWebsockets = true;
+        };
+      };
+    })
+  ];
+
+}
--- a/moduler/tmux.nix
+++ b/moduler/tmux.nix
@ -4,35 +4,39 @@
    enable = true;
    mouse = true;
    prefix = "C-a";
-    terminal = "st";
+    terminal = "tmux-256color";
    keyMode = "vi";
    escapeTime = 0;
-	baseIndex = 1;
+    baseIndex = 1;
    plugins = with pkgs; [
      tmuxPlugins.sensible
      tmuxPlugins.pain-control
-	  { plugin = inputs.minimal-tmux.packages.${pkgs.stdenv.hostPlatform.system}.default; }
+      tmuxPlugins.session-wizard
+      tmuxPlugins.logging
+      tmuxPlugins.resurrect
+      tmuxPlugins.continuum
+      tmuxPlugins.open
+      { plugin = inputs.minimal-tmux.packages.${pkgs.stdenv.hostPlatform.system}.default; }
    ];
    extraConfig = ''
-			set -g set-clipboard on
+            			set -g set-clipboard on

-			set -g base-index 1
-			set-window-option -g pane-base-index 1
+            			set -g base-index 1
+            			set-window-option -g pane-base-index 1

-			set-window-option -g mode-keys vi
+            			set-window-option -g mode-keys vi

-			bind-key -T copy-mode-vi v send-keys -X begin-selection
-			bind -T copy-mode-vi y send-keys -X copy-pipe-and-cancel 'xclip -in -selection clipboard'
-			bind -T copy-mode-vi MouseDragEnd1Pane send-keys -X copy-pipe-and-cancel "xclip -i -f -selection primary | xclip -i -selection clipboard"
+            			bind-key -T copy-mode-vi v send-keys -X begin-selection
+            			bind -T copy-mode-vi y send-keys -X copy-pipe-and-cancel 'xclip -in -selection clipboard'
+            			bind -T copy-mode-vi MouseDragEnd1Pane send-keys -X copy-pipe-and-cancel "xclip -i -f -selection primary | xclip -i -selection clipboard"

-      		set -g default-terminal "st-256color"                                                                    
-      		set -g terminal-overrides "st-256color"                                                                                             
-			# set -g default-terminal "xterm-kitty"                                                                    
-      		# set -g terminal-overrides "xterm-kitty"
+      			set -g @continuum-restore 'on'
+
+      			set -g default-terminal "tmux-256color"
+      			set -ga terminal-overrides ",xterm-256color:Tc"                                                                         
+      			set -as terminal-overrides ',*:Smulx=\E[4::%p1%dm'                                                   
+      			set -as terminal-overrides ',*:Setulc=\E[58::2::%p1%{65536}%/%d::%p1%{256}%/%{255}%&%d::%p1%{255}%&%d%;m'

-      		set -ga terminal-overrides ",xterm-256color:Tc"                                                                         
-      		set -as terminal-overrides ',*:Smulx=\E[4::%p1%dm'                                                   
-      		set -as terminal-overrides ',*:Setulc=\E[58::2::%p1%{65536}%/%d::%p1%{256}%/%{255}%&%d::%p1%{255}%&%d%;m'
    '';
  };
 }