diff --git a/Install-RootCA.ps1 b/Install-RootCA.ps1 new file mode 100644 index 0000000..9220513 --- /dev/null +++ b/Install-RootCA.ps1 @@ -0,0 +1,20 @@ +param( + [Parameter(Mandatory = $true)] + [string]$CertPath +) +if (-not (Test-Path -Path $CertPath)) { + throw "Cert file not found: $CertPath" +} +$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($CertPath) +$thumbprint = $cert.Thumbprint +$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("Root","LocalMachine") +$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite) +$existing = $store.Certificates | Where-Object { $_.Thumbprint -eq $thumbprint } +if ($existing.Count -eq 0) { + $store.Add($cert) + Write-Host "Installed root CA: $thumbprint" +} else { + Write-Host "Root CA already installed: $thumbprint" +} +$store.Close() + diff --git a/flake.lock b/flake.lock index 2f99e2f..d6d45de 100644 --- a/flake.lock +++ b/flake.lock @@ -858,6 +858,22 @@ } }, "nixpkgs_7": { + "locked": { + "lastModified": 1771008912, + "narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a82ccc39b39b621151d6732718e3e250109076fa", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_8": { "locked": { "lastModified": 1744536153, "narHash": "sha256-awS2zRgF4uTwrOKwwiJcByDzDOdo3Q1rPZbiHQg/N38=", @@ -920,6 +936,25 @@ "type": "github" } }, + "powershell-es": { + "inputs": { + "nixpkgs": "nixpkgs_7" + }, + "locked": { + "lastModified": 1771417904, + "narHash": "sha256-jkBfryAeEk3GRc57CiWfN7vmFxp1N7cPvnV70ZDUO6o=", + "ref": "main", + "rev": "7f29c36557a1dffe6d663d1e98e91dd567f8e2d0", + "revCount": 4, + "type": "git", + "url": "https://git.wastring.com/fw/powershell-es" + }, + "original": { + "ref": "main", + "type": "git", + "url": "https://git.wastring.com/fw/powershell-es" + } + }, "pre-commit-hooks": { "inputs": { "flake-compat": "flake-compat", @@ -955,6 +990,7 @@ "neovim-nightly-overlay": "neovim-nightly-overlay", "nixpkgs": "nixpkgs_6", "nixvim": "nixvim", + "powershell-es": "powershell-es", "sops-nix": "sops-nix", "stylix": "stylix", "typsite": "typsite" @@ -962,7 +998,7 @@ }, "rust-overlay": { "inputs": { - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_8" }, "locked": { "lastModified": 1749004659, diff --git a/flake.nix b/flake.nix index 47959e1..6ca4a8e 100644 --- a/flake.nix +++ b/flake.nix @@ -18,6 +18,7 @@ }; catppuccin.url = "github:catppuccin/nix"; confetti.url = "git+https://git.wastring.com/fw/confetti?ref=main"; + powershell-es.url = "git+https://git.wastring.com/fw/powershell-es?ref=main"; bbk.url = "git+https://git.wastring.com/fw/bbk?ref=main"; neovim-nightly-overlay.url = "github:nix-community/neovim-nightly-overlay"; home-manager.url = "github:nix-community/home-manager"; @@ -44,9 +45,10 @@ sops-nix, catppuccin, confetti, + powershell-es, bbk, nixvim, - disko, + disko, ... }@inputs: let @@ -85,9 +87,9 @@ sops-nix.nixosModules.sops catppuccin.nixosModules.catppuccin confetti.nixosModules.default - bbk.nixosModules.default + # bbk.nixosModules.default nixvim.nixosModules.default - disko.nixosModules.disko + disko.nixosModules.disko ]; }; node = nixpkgs.lib.nixosSystem { @@ -99,7 +101,7 @@ ./maskiner/node/configuration.nix home-manager.nixosModules.home-manager sops-nix.nixosModules.sops - bbk.nixosModules.default + # bbk.nixosModules.default ]; }; core = nixpkgs.lib.nixosSystem { @@ -126,7 +128,7 @@ }; modules = [ ./maskiner/archive/configuration.nix - bbk.nixosModules.default + # bbk.nixosModules.default ]; }; }; diff --git a/maskiner/core/configuration.nix b/maskiner/core/configuration.nix index 13e9a91..b76e029 100644 --- a/maskiner/core/configuration.nix +++ b/maskiner/core/configuration.nix @@ -32,6 +32,10 @@ in kubernetes-tools.enable = true; networking.hostName = myhostname; + security.pki.certificateFiles = [ + ../../root_ca.crt + ]; + stylix = { enable = true; base16Scheme = "${pkgs.base16-schemes}/share/themes/catppuccin-${theme}.yaml"; @@ -53,8 +57,8 @@ in environment.systemPackages = [ pkgs.cifs-utils ]; - fileSystems."/mnt/testweb/inetpub" = { - device = "//192.168.0.226/inetpub"; + fileSystems."/mnt/testweb/C" = { + device = "//192.168.0.226/C$"; fsType = "cifs"; options = let @@ -67,8 +71,22 @@ in ]; }; - fileSystems."/mnt/testweb/Logs" = { - device = "//192.168.0.226/Logs"; + fileSystems."/mnt/elastic-internal/C" = { + device = "//192.168.0.204/C$"; + fsType = "cifs"; + options = + let + automount_opts = + "x-systemd.automount,noauto,x-systemd.idle-timeout=60," + + "x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; + in + [ + "${automount_opts},credentials=${toString config.sops.secrets.build-service.path},vers=3.0" + ]; + }; + + fileSystems."/mnt/dev-machine2/C" = { + device = "//192.168.0.149/C$"; fsType = "cifs"; options = let diff --git a/maskiner/node/configuration.nix b/maskiner/node/configuration.nix index 57df68a..f033a1a 100644 --- a/maskiner/node/configuration.nix +++ b/maskiner/node/configuration.nix @@ -35,6 +35,7 @@ in (modulesDirectory + /services/kanboard) (modulesDirectory + /services/immich) (modulesDirectory + /services/paperless) + (modulesDirectory + /services/filebrowser) ]; sops.defaultSopsFile = ../../secrets/sops.yaml; @@ -94,6 +95,12 @@ in port = 8121; domain = "message.wastring.com"; }; + filebrowser = { + enable = true; + host = "127.0.0.1"; + port = 8126; + domain = "files.wastring.com"; + }; glance = { enable = true; host = "127.0.0.1"; diff --git a/moduler/dunst.nix b/moduler/dunst.nix index 4a9f234..72d08cd 100644 --- a/moduler/dunst.nix +++ b/moduler/dunst.nix @@ -15,11 +15,6 @@ frame_color = "#eceff1"; corner_radius = 10; }; - # urgency_normal = { - # background = "#181818"; - # foreground = "#dfdfdf"; - # timeout = 10; - # }; }; }; } diff --git a/moduler/fish.nix b/moduler/fish.nix index 0515bec..e93c6d0 100644 --- a/moduler/fish.nix +++ b/moduler/fish.nix @@ -71,6 +71,7 @@ in lg = "lazygit"; ka = "kubectl apply -f"; t = "timew"; + a = "nix develop; opencode"; todo = "jira issue list -a 'Fredrik Wastring' -s ~Done -s ~Closed -s ~Released --plain"; cam = "jira issue create && jira issue assign && jira issue move"; e = "kubectx"; @@ -104,7 +105,7 @@ in set -e GOROOT set -x -U GOPATH $HOME/.go gh completion -s fish > ~/.config/fish/completions/gh.fish - set -gx PATH $PATH $HOME/.krew/bin + set -gx PATH $PATH $HOME/scripts set -Ux FZF_DEFAULT_OPTS "${fzfOpts}" ''; diff --git a/moduler/home.nix b/moduler/home.nix index a61dc9b..1827e76 100644 --- a/moduler/home.nix +++ b/moduler/home.nix @@ -38,6 +38,46 @@ }; }; }; + xdg.configFile."bongocat/bongocat.conf".text = '' +# Position & Size +cat_height=80 +cat_align=center +cat_x_offset=-500 +cat_y_offset=-15 + +# Appearance +enable_antialiasing=1 +overlay_height=80 +overlay_opacity=0 +overlay_position=top +# mirror_x=0 +# mirror_y=0 + +# Input device (run bongocat-find-devices to find yours) +keyboard_device=/dev/input/event10 + +# Multi-monitor (optional - auto-detects by default) +# monitor=eDP-1 + +# Sleep mode (optional) +# idle_sleep_timeout=300 +# enable_scheduled_sleep=0 +# sleep_begin=22:00 +# sleep_end=06:00 + ''; + systemd.user.services.bongocat = { + Unit = { + Description = "BongoCat watcher"; + After = [ "graphical-session.target" ]; + PartOf = [ "graphical-session.target" ]; + }; + Service = { + ExecStart = "${pkgs.wayland-bongocat}/bin/bongocat --watch-config -c %h/.config/bongocat/bongocat.conf"; + Restart = "on-failure"; + }; + Install = { WantedBy = [ "graphical-session.target" ]; }; + }; + home.username = "fw"; home.homeDirectory = "/home/fw"; diff --git a/moduler/programs.nix b/moduler/programs.nix index d762dc7..0afc6df 100644 --- a/moduler/programs.nix +++ b/moduler/programs.nix @@ -57,6 +57,7 @@ environment.systemPackages = with pkgs; [ # GUI feishin + vscode signal-desktop thunderbird discord @@ -68,16 +69,14 @@ ipcalc vial via - remmina - brightnessctl - speedcrunch - trilium-desktop - libreoffice - - gnumake + remmina + brightnessctl + speedcrunch + wayland-bongocat + opencode dbeaver-bin -( + ( let base = pkgs.appimageTools.defaultFhsEnvArgs; in @@ -96,7 +95,7 @@ ++ (with pkgs; [ pkg-config ncurses - icu + icu # Feel free to add more packages here if needed. ]); profile = "export FHS=1"; @@ -106,12 +105,8 @@ ) ) - # ansible - # freecad-wayland - # TUI codex - gemini-cli # Browsers librewolf diff --git a/moduler/programs/hyprland/default.nix b/moduler/programs/hyprland/default.nix index 68175ac..ce4405a 100644 --- a/moduler/programs/hyprland/default.nix +++ b/moduler/programs/hyprland/default.nix @@ -244,7 +244,7 @@ with lib; "$mod, u, focusurgentorlast" "$mod, tab, focuscurrentorlast" "$mod, f, fullscreen" - "$mod, b, exec, pkill -USR1 waybar" + "$mod, b, exec, pkill -USR1 waybar && pkill -USR1 bongocat" # Screen resize "$mod CTRL, h, resizeactive, -20 0" @@ -306,19 +306,6 @@ with lib; "$mod, mouse:273, resizewindow" ]; - windowrulev2 = [ - "float, class:^(org.pulseaudio.pavucontrol)$" - "size 500 400, class:^(org.pulseaudio.pavucontrol)" - "move onscreen cursor -250 10, class:^(org.pulseaudio.pavucontrol)" - "float, title:^(Bluetooth Devices)$" - "size 500 400, title:^(Bluetooth Devices)" - "move onscreen cursor -250 10, title:^(Bluetooth Devices)" - - "float, class:^(.playerctl-gtk-wrapped)$" - "size 300 50, class:^(.playerctl-gtk-wrapped)" - "move onscreen cursor -150 30, class:^(.playerctl-gtk-wrapped)" - ]; - env = [ "NIXOS_OZONE_WL,1" "_JAVA_AWT_WM_NONREPARENTING,1" diff --git a/moduler/programs/nixvim/default.nix b/moduler/programs/nixvim/default.nix index a137b0a..5187cad 100644 --- a/moduler/programs/nixvim/default.nix +++ b/moduler/programs/nixvim/default.nix @@ -7,6 +7,7 @@ }: let + psesPkg = inputs.powershell-es.packages.${pkgs.stdenv.hostPlatform.system}.default; in with lib; { @@ -331,6 +332,25 @@ with lib; jsonls.enable = true; ts_ls.enable = true; helm_ls.enable = true; + ansiblels = { + enable = true; + package = pkgs.vscode-extensions.redhat.ansible; + }; + jinja_lsp = { + enable = true; + package = pkgs.jinja-lsp; + filetypes = [ + "j2" + "jinja" + ]; + }; + powershell_es = { + enable = true; + package = psesPkg; + extraOptions = { + bundle_path = "${psesPkg}/share/powershell/Modules"; + }; + }; nginx_language_server.enable = config.nixvim.lsp_jobb; dockerls.enable = config.nixvim.lsp_jobb; diff --git a/moduler/services/filebrowser/default.nix b/moduler/services/filebrowser/default.nix new file mode 100644 index 0000000..1173ddc --- /dev/null +++ b/moduler/services/filebrowser/default.nix @@ -0,0 +1,52 @@ +{ + lib, + pkgs, + config, + ... +}: +with lib; +{ + options = { + filebrowser = { + enable = mkEnableOption "enables filebrowser"; + port = lib.mkOption { + type = lib.types.int; + default = 8887; + description = "The port filebrowser listens on."; + }; + host = mkOption { + type = types.str; + defaultText = literalExpression "127.0.0.1"; + description = "The hostname that filebrowser binds to"; + }; + domain = mkOption { + type = types.str; + defaultText = literalExpression "files.wastring.com"; + description = "The hostname that filebrowser binds to"; + }; + }; + }; + config = mkMerge [ + (mkIf config.filebrowser.enable { + + services.filebrowser = { + enable = true; + settings = { + address = config.filebrowser.host; + port = config.filebrowser.port; + }; + + }; + + services.nginx.virtualHosts.${config.filebrowser.domain} = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://${toString config.filebrowser.host}:${toString config.filebrowser.port}"; + proxyWebsockets = true; + }; + }; + }) + ]; + +} diff --git a/moduler/tmux.nix b/moduler/tmux.nix index b96952a..9212fcb 100644 --- a/moduler/tmux.nix +++ b/moduler/tmux.nix @@ -4,35 +4,39 @@ enable = true; mouse = true; prefix = "C-a"; - terminal = "st"; + terminal = "tmux-256color"; keyMode = "vi"; escapeTime = 0; - baseIndex = 1; + baseIndex = 1; plugins = with pkgs; [ tmuxPlugins.sensible tmuxPlugins.pain-control - { plugin = inputs.minimal-tmux.packages.${pkgs.stdenv.hostPlatform.system}.default; } + tmuxPlugins.session-wizard + tmuxPlugins.logging + tmuxPlugins.resurrect + tmuxPlugins.continuum + tmuxPlugins.open + { plugin = inputs.minimal-tmux.packages.${pkgs.stdenv.hostPlatform.system}.default; } ]; extraConfig = '' - set -g set-clipboard on + set -g set-clipboard on - set -g base-index 1 - set-window-option -g pane-base-index 1 + set -g base-index 1 + set-window-option -g pane-base-index 1 - set-window-option -g mode-keys vi + set-window-option -g mode-keys vi - bind-key -T copy-mode-vi v send-keys -X begin-selection - bind -T copy-mode-vi y send-keys -X copy-pipe-and-cancel 'xclip -in -selection clipboard' - bind -T copy-mode-vi MouseDragEnd1Pane send-keys -X copy-pipe-and-cancel "xclip -i -f -selection primary | xclip -i -selection clipboard" + bind-key -T copy-mode-vi v send-keys -X begin-selection + bind -T copy-mode-vi y send-keys -X copy-pipe-and-cancel 'xclip -in -selection clipboard' + bind -T copy-mode-vi MouseDragEnd1Pane send-keys -X copy-pipe-and-cancel "xclip -i -f -selection primary | xclip -i -selection clipboard" - set -g default-terminal "st-256color" - set -g terminal-overrides "st-256color" - # set -g default-terminal "xterm-kitty" - # set -g terminal-overrides "xterm-kitty" + set -g @continuum-restore 'on' + + set -g default-terminal "tmux-256color" + set -ga terminal-overrides ",xterm-256color:Tc" + set -as terminal-overrides ',*:Smulx=\E[4::%p1%dm' + set -as terminal-overrides ',*:Setulc=\E[58::2::%p1%{65536}%/%d::%p1%{256}%/%{255}%&%d::%p1%{255}%&%d%;m' - set -ga terminal-overrides ",xterm-256color:Tc" - set -as terminal-overrides ',*:Smulx=\E[4::%p1%dm' - set -as terminal-overrides ',*:Setulc=\E[58::2::%p1%{65536}%/%d::%p1%{256}%/%{255}%&%d::%p1%{255}%&%d%;m' ''; }; }