diff --git a/.envrc b/.envrc deleted file mode 100644 index 4a4726a..0000000 --- a/.envrc +++ /dev/null @@ -1 +0,0 @@ -use_nix diff --git a/README.md b/README.md index a7ac37e..e1c5faf 100644 --- a/README.md +++ b/README.md @@ -2,19 +2,18 @@ My NixOS configuration files. -The canonical location for this repository is https://git.unspecified.systems/qenya/nixfiles. If you're viewing it elsewhere, it is a mirror and may not be up-to-date. +The canonical location for this repository is https://git.qenya.tel/qenya/nixfiles. If you're viewing it elsewhere, it is a mirror and may not be up-to-date. ## Machines ### Managed -* `kilgharrah`: Custom-built personal desktop; also currently running Jellyfin, Navidrome and Audiobookshelf servers (and an FTP server, for shits and giggles) * `tohru`: Dell Latitude 5300, personal laptop -* `elucredassa`: Acer Aspire A315-53, old laptop with a broken keyboard that now sits in a corner being a backup server * `yevaud`: Oracle Cloud free AMD VM, hosts a Forgejo instance and WireGuard server for the other machines in the network -* `orm`: Oracle Cloud free AMD VM, hosts an instance of Actual Budget and a PostgreSQL server for other services that need one +* `orm`: Oracle Cloud free AMD VM, currently idling * `kalessin`: Oracle Cloud free ARM VM, currently idling ### Referenced only +* `kilgharrah`: Custom-built personal desktop, currently running Arch * `shaw`: [My girlfriend's NAS](https://github.com/randomnetcat/nix-configs/tree/main/hosts/shaw) * `latias`: My Steam Deck @@ -22,7 +21,7 @@ The canonical location for this repository is https://git.unspecified.systems/qe ### Building -To build locally, run `nixos-rebuild switch --flake .#[hostname]` as root. +To build locally, run `colmena apply-local` as root. To build the remote machines, run `colmena apply`. See the [colmena documentation](https://colmena.cli.rs/) for command-line options. Notable options include: * `--on [hostname]`: build a specific machine only @@ -30,4 +29,14 @@ To build the remote machines, run `colmena apply`. See the [colmena documentatio ### Updating -`nix flake update --commit-lock-file` +Run `npins update` to update the dependencies within the currently selected upgrade channels. + +To upgrade to a new major version of a dependency, simply re-add it and the old version will be overwritten, e.g.: + +```sh +npins add --name nixpkgs channel nixos-unstable +``` + +In either case, commit the changes to `npins/sources.json`. + +See the [npins documentation](https://github.com/andir/npins) for more details. \ No newline at end of file diff --git a/common/base-graphical/default.nix b/common/base-graphical/default.nix deleted file mode 100644 index e77e434..0000000 --- a/common/base-graphical/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; -let - cfg = config.qenya.base-graphical; -in -{ - imports = [ - ./gnome.nix - ./sound.nix - ]; - - options.qenya.base-graphical.enable = mkEnableOption "Base configuration for graphical environments"; - - config = mkIf cfg.enable { - services.xserver.enable = true; - services.libinput.enable = true; - services.printing.enable = true; - services.avahi = { - enable = true; - nssmdns4 = true; - openFirewall = true; - }; - - fonts.packages = with pkgs; [ - corefonts - ]; - }; -} diff --git a/common/base-graphical/gnome.nix b/common/base-graphical/gnome.nix deleted file mode 100644 index 1d077de..0000000 --- a/common/base-graphical/gnome.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkMerge mkOption types; - cfg = config.qenya.base-graphical; -in -{ - config = mkIf cfg.enable { - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome.enable = true; - # TODO: agree on this with randomcat as it affects her too, since for some reason this is system-wide - # environment.gnome.excludePackages = with pkgs.gnome; [ - # pkgs.gnome-tour - # epiphany # GNOME Web - # geary - # gnome-calendar - # gnome-contacts - # gnome-music - # ]; - }; -} diff --git a/common/base-graphical/sound.nix b/common/base-graphical/sound.nix deleted file mode 100644 index 140eb93..0000000 --- a/common/base-graphical/sound.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; -let - cfg = config.qenya.base-graphical; -in -{ - config = mkIf cfg.enable { - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - services.pulseaudio.enable = false; # this theoretically defaults to false but something else seems to be flipping it - environment.systemPackages = with pkgs; [ helvum ]; # patchbay - }; -} diff --git a/common/base-server/default.nix b/common/base-server/default.nix deleted file mode 100644 index 9e6125c..0000000 --- a/common/base-server/default.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; -let - cfg = config.qenya.base-server; -in -{ - options.qenya.base-server.enable = mkEnableOption "Base configuration for headless servers"; - - config = mkIf cfg.enable { - time.timeZone = "Etc/UTC"; - - # Allow remote deployment with colmena - deployment.targetUser = null; - security.sudo.wheelNeedsPassword = false; - }; -} diff --git a/common/boot.nix b/common/boot.nix deleted file mode 100644 index 1eb8089..0000000 --- a/common/boot.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf; -in -{ - boot.loader = { - systemd-boot.enable = true; - systemd-boot.editor = false; - systemd-boot.memtest86.enable = mkIf config.nixpkgs.hostPlatform.isx86 true; - efi.canTouchEfiVariables = true; - }; - - services.resolved = { - enable = true; - fallbackDns = [ ]; - dnsovertls = "true"; - extraConfig = '' - DNS=2a07:e340::4#base.dns.mullvad.net 194.242.2.4#base.dns.mullvad.net - ''; - }; -} diff --git a/common/default.nix b/common/default.nix index 6b78942..1f4547d 100644 --- a/common/default.nix +++ b/common/default.nix @@ -1,19 +1,10 @@ { imports = [ - ./base-graphical - ./base-server ./users - ./boot.nix - ./gpg.nix - ./home-manager.nix - ./misc.nix + ./environment.nix ./nginx.nix - ./nix.nix - ./packages.nix - ./sanoid.nix + ./openssh.nix ./security.nix - ./ssh.nix - ./steam.nix - ./tailscale.nix + ./zsh.nix ]; -} +} \ No newline at end of file diff --git a/common/packages.nix b/common/environment.nix similarity index 75% rename from common/packages.nix rename to common/environment.nix index 8b46129..857dce4 100644 --- a/common/packages.nix +++ b/common/environment.nix @@ -2,21 +2,21 @@ { environment.systemPackages = with pkgs; [ - btop git - wget - - # hardware troubleshooting lshw parted - smartmontools + wget # network troubleshooting inetutils lsof tcpdump netcat # <3 - wireguard-tools + + # used for nix config + npins + colmena + agenix ]; environment.wordlist.enable = true; diff --git a/common/gpg.nix b/common/gpg.nix deleted file mode 100644 index 07d1a0f..0000000 --- a/common/gpg.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; -} diff --git a/common/home-manager.nix b/common/home-manager.nix deleted file mode 100644 index cb4e6bd..0000000 --- a/common/home-manager.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, pkgs, inputs, ... }: - -{ - home-manager = { - useUserPackages = true; - useGlobalPkgs = true; - backupFileExtension = "backup"; - extraSpecialArgs = { - inherit inputs; - }; - }; -} diff --git a/common/misc.nix b/common/misc.nix deleted file mode 100644 index 3061e72..0000000 --- a/common/misc.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - nix.gc = { - automatic = true; - dates = "weekly"; - randomizedDelaySec = "45min"; - options = "--delete-older-than 30d"; - }; - nix.optimise.automatic = true; - services.fstrim.enable = true; -} \ No newline at end of file diff --git a/common/nginx.nix b/common/nginx.nix index af2712d..10e498d 100644 --- a/common/nginx.nix +++ b/common/nginx.nix @@ -7,19 +7,23 @@ recommendedProxySettings = true; recommendedTlsSettings = true; + sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; + appendHttpConfig = '' - add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always; - add_header Content-Security-Policy "default-src https: data: blob: ws: 'unsafe-inline' 'wasm-unsafe-eval'; object-src 'none'; base-uri 'self';" always; - add_header Referrer-Policy strict-origin-when-cross-origin; + map $scheme $hsts_header { + https "max-age=31536000; includeSubdomains; preload"; + } + add_header Strict-Transport-Security $hsts_header; + #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; + add_header 'Referrer-Policy' 'strict-origin-when-cross-origin'; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; - add_header X-Clacks-Overhead "GNU Terry Pratchett" always; proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict"; ''; }; security.acme = { acceptTerms = true; - defaults.email = "auto@qenya.tel"; + defaults.email = "accounts@katherina.rocks"; # TODO: replace with more appropriate email }; } \ No newline at end of file diff --git a/common/nix.nix b/common/nix.nix deleted file mode 100644 index c5174d8..0000000 --- a/common/nix.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - nix.settings.experimental-features = "nix-command flakes"; - nixpkgs.flake = { - source = lib.cleanSource pkgs.path; - setNixPath = true; - setFlakeRegistry = true; - }; - nixpkgs.config.allowUnfree = true; - nix.settings.trusted-users = [ "@wheel" ]; -} diff --git a/common/openssh.nix b/common/openssh.nix new file mode 100644 index 0000000..d8dd364 --- /dev/null +++ b/common/openssh.nix @@ -0,0 +1,13 @@ +{ config, lib, pkgs, ... }: + +{ + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + }; + }; + + services.fail2ban.enable = true; +} \ No newline at end of file diff --git a/common/sanoid.nix b/common/sanoid.nix deleted file mode 100644 index 82137e0..0000000 --- a/common/sanoid.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ config, pkgs, inputs, ... }: - -{ - config = { - services.sanoid = { - enable = true; - extraArgs = [ "--verbose" ]; - - # Local snapshots for important datasets - templates."production" = { - yearly = 0; - monthly = 3; - daily = 30; - hourly = 36; - autosnap = true; - autoprune = true; - }; - - # Reduced-retention version for datasets that are backed up to the NAS - templates."safe" = { - yearly = 0; - monthly = 0; - daily = 7; - hourly = 24; - autosnap = true; - autoprune = true; - }; - - # datasets."rpool_sggau1/reese/system" = { - # useTemplate = [ "safe" ]; - # recursive = "zfs"; - # }; - }; - }; -} \ No newline at end of file diff --git a/common/ssh.nix b/common/ssh.nix deleted file mode 100644 index 26b752d..0000000 --- a/common/ssh.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) concatMapAttrs; - keys = import ../keys.nix; -in -{ - services.openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "no"; - }; - }; - - programs.ssh.knownHosts = concatMapAttrs - (host: key: { - "${host}.birdsong.network".publicKey = key; - }) - keys.machines; -} diff --git a/common/steam.nix b/common/steam.nix deleted file mode 100644 index cd27dac..0000000 --- a/common/steam.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - config = lib.mkIf config.programs.steam.enable { - programs.steam = { - package = pkgs.steam.override { - extraArgs = "-pipewire"; # for remote play with PipeWire - }; - - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - localNetworkGameTransfers.openFirewall = true; - }; - - services.joycond.enable = true; - }; -} diff --git a/common/tailscale.nix b/common/tailscale.nix deleted file mode 100644 index 1fa1da8..0000000 --- a/common/tailscale.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - services.tailscale = { - enable = true; - openFirewall = true; - extraUpFlags = [ "--login-server" "https://headscale.unspecified.systems" ]; - extraDaemonFlags = [ "--no-logs-no-support" ]; # disable telemetry - }; - - systemd.services.tailscaled-autoconnect = { - after = [ "tailscaled.service" "network-online.target" ]; - wants = [ "tailscaled.service" "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig.Type = "oneshot"; - script = '' - sleep 2 # wait for tailscaled to settle - ${lib.getExe config.services.tailscale.package} up --reset ${lib.escapeShellArgs config.services.tailscale.extraUpFlags} - ''; - }; - - networking.domain = "birdsong.network"; -} diff --git a/common/users/default.nix b/common/users/default.nix index d063db5..620c824 100644 --- a/common/users/default.nix +++ b/common/users/default.nix @@ -1,32 +1,7 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkOption types genAttrs; - cfg = config.fountain; -in { - # TODO: consider DRY-ing these imports = [ - ./gaelan.nix ./qenya.nix ./randomcat.nix - ./trungle.nix + ./richard.nix ]; - - options.fountain = { - admins = mkOption { - type = types.listOf types.str; - default = [ ]; - description = "List of users who should have root on this system"; - }; - }; - - config = { - users.mutableUsers = false; - - users.users = genAttrs cfg.admins - (name: { - extraGroups = [ "wheel" ]; - }); - }; -} +} \ No newline at end of file diff --git a/common/users/gaelan.nix b/common/users/gaelan.nix deleted file mode 100644 index 0a365c9..0000000 --- a/common/users/gaelan.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkEnableOption; - keys = import ../../keys.nix; - cfg = config.fountain.users.gaelan; -in -{ - options.fountain.users.gaelan = { - enable = mkEnableOption "user gaelan"; - }; - - config = mkIf cfg.enable { - users.users.gaelan = { - uid = 1003; - isNormalUser = true; - group = "gaelan"; - openssh.authorizedKeys.keys = keys.users.gaelan; - }; - - users.groups.gaelan.gid = config.users.users.gaelan.uid; - }; -} \ No newline at end of file diff --git a/common/users/qenya.nix b/common/users/qenya.nix index 6a8e506..00f35af 100644 --- a/common/users/qenya.nix +++ b/common/users/qenya.nix @@ -1,28 +1,25 @@ -{ config, lib, pkgs, self, ... }: +{ config, lib, pkgs, ... }: -let - inherit (lib) mkIf mkEnableOption; - keys = import ../../keys.nix; - cfg = config.fountain.users.qenya; -in -{ - options.fountain.users.qenya = { - enable = mkEnableOption "user qenya"; +let keys = import ../../keys.nix; +in { + users.users.qenya = { + isNormalUser = true; + home = "/home/qenya"; + extraGroups = [ + "wheel" # sudo + "networkmanager" # UI wifi configuration + "dialout" # access to serial ports + ]; + shell = pkgs.zsh; + openssh.authorizedKeys.keys = keys.users.qenya; + uid = 1001; }; - config = mkIf cfg.enable { - users.users.qenya = { - uid = 1001; - isNormalUser = true; - group = "qenya"; - shell = pkgs.zsh; - openssh.authorizedKeys.keys = keys.users.qenya; - }; + home-manager.users.qenya = { config, lib, pkgs, osConfig, ... }: { + home.homeDirectory = osConfig.users.users.qenya.home; - users.groups.qenya.gid = config.users.users.qenya.uid; - - programs.zsh.enable = true; - - home-manager.users."qenya" = self.homeManagerModules."qenya"; + imports = [ + ../../home + ]; }; } diff --git a/common/users/randomcat.nix b/common/users/randomcat.nix index de637fb..f425424 100644 --- a/common/users/randomcat.nix +++ b/common/users/randomcat.nix @@ -1,23 +1,12 @@ { config, lib, pkgs, ... }: -let - inherit (lib) mkIf mkEnableOption; - keys = import ../../keys.nix; - cfg = config.fountain.users.randomcat; +let keys = import ../../keys.nix; in { - options.fountain.users.randomcat = { - enable = mkEnableOption "user randomcat"; + users.users.randomcat = { + isNormalUser = true; + home = "/home/randomcat"; + openssh.authorizedKeys.keys = keys.users.randomcat; + uid = 1003; }; - - config = mkIf cfg.enable { - users.users.randomcat = { - uid = 1000; - isNormalUser = true; - group = "randomcat"; - openssh.authorizedKeys.keys = keys.users.randomcat; - }; - - users.groups.randomcat.gid = config.users.users.randomcat.uid; - }; -} \ No newline at end of file +} diff --git a/common/users/richard.nix b/common/users/richard.nix new file mode 100644 index 0000000..f910d93 --- /dev/null +++ b/common/users/richard.nix @@ -0,0 +1,12 @@ +{ config, lib, pkgs, ... }: + +let keys = import ../../keys.nix; +in +{ + users.users.richard = { + isNormalUser = true; + home = "/home/richard"; + openssh.authorizedKeys.keys = keys.users.richard; + uid = 1002; + }; +} diff --git a/common/users/trungle.nix b/common/users/trungle.nix deleted file mode 100644 index d1736ff..0000000 --- a/common/users/trungle.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkEnableOption; - keys = import ../../keys.nix; - cfg = config.fountain.users.trungle; -in -{ - options.fountain.users.trungle = { - enable = mkEnableOption "user trungle"; - }; - - config = mkIf cfg.enable { - users.users.trungle = { - uid = 1002; - isNormalUser = true; - group = "trungle"; - openssh.authorizedKeys.keys = keys.users.trungle; - }; - - users.groups.trungle.gid = config.users.users.trungle.uid; - }; -} \ No newline at end of file diff --git a/common/zsh.nix b/common/zsh.nix new file mode 100644 index 0000000..228a5cd --- /dev/null +++ b/common/zsh.nix @@ -0,0 +1,5 @@ +{ config, lib, pkgs,... }: + +{ + programs.zsh.enable = true; +} diff --git a/deployment/local.nix b/deployment/local.nix new file mode 100644 index 0000000..752e9ce --- /dev/null +++ b/deployment/local.nix @@ -0,0 +1,9 @@ +{ name, nodes, config, lib, pkgs, ... }: + +{ + deployment = { + allowLocalDeployment = true; + targetHost = null; + tags = [ "local" ]; + }; +} diff --git a/deployment/remote.nix b/deployment/remote.nix new file mode 100644 index 0000000..022ff5e --- /dev/null +++ b/deployment/remote.nix @@ -0,0 +1,12 @@ +{ name, nodes, config, lib, pkgs, ... }: + +{ + deployment = { + targetHost = "${name}.birdsong.network"; + targetUser = "qenya"; + tags = [ "remote" ]; + }; + + security.sudo.wheelNeedsPassword = false; + nix.settings.trusted-users = [ "@wheel" ]; +} diff --git a/flake.lock b/flake.lock index a70d4c4..5f61b87 100644 --- a/flake.lock +++ b/flake.lock @@ -3,18 +3,18 @@ "agenix": { "inputs": { "darwin": [], - "home-manager": [], + "home-manager": "home-manager", "nixpkgs": [ "nixpkgs" ], "systems": "systems" }, "locked": { - "lastModified": 1750173260, - "narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", + "lastModified": 1723293904, + "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", "owner": "ryantm", "repo": "agenix", - "rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", + "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", "type": "github" }, "original": { @@ -23,350 +23,86 @@ "type": "github" } }, - "colmena": { - "inputs": { - "flake-compat": [], - "flake-utils": "flake-utils", - "nix-github-actions": [], - "nixpkgs": [ - "nixpkgs" - ], - "stable": [] - }, + "birdsong": { "locked": { - "lastModified": 1749739748, - "narHash": "sha256-csQQPoCA5iv+Nd9yCOCQNKflP7qUKEe7D27wsz+LPKM=", - "owner": "zhaofengli", - "repo": "colmena", - "rev": "c61641b156dfa3e82fc0671e77fccf7d7ccfaa3b", - "type": "github" + "lastModified": 1722971137, + "narHash": "sha256-1x0vaUy/uFCfoDn0a4K55+MNseAqLQmv1GPP6GQFFIA=", + "ref": "main", + "rev": "2fd6d96a00ef69a2afe72a2fe9d18d759c1cc8f3", + "revCount": 7, + "type": "git", + "url": "https://git.qenya.tel/qenya/birdsong" }, "original": { - "owner": "zhaofengli", - "repo": "colmena", - "type": "github" - } - }, - "firefox-addons": { - "inputs": { - "nixpkgs": [ - "nixpkgs-unstable" - ] - }, - "locked": { - "dir": "pkgs/firefox-addons", - "lastModified": 1750737804, - "narHash": "sha256-wClGd2PhxdjjphR6wIgoiDcR+Gfg4/+FyseSOjIIzVU=", - "owner": "rycee", - "repo": "nur-expressions", - "rev": "aaaf4fec792bad465ea4a35c0be5bc2a54f33095", - "type": "gitlab" - }, - "original": { - "dir": "pkgs/firefox-addons", - "owner": "rycee", - "ref": "master", - "repo": "nur-expressions", - "type": "gitlab" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1749398372, - "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-utils": { - "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flakey-profile": { - "locked": { - "lastModified": 1712898590, - "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", - "owner": "lf-", - "repo": "flakey-profile", - "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", - "type": "github" - }, - "original": { - "owner": "lf-", - "repo": "flakey-profile", - "type": "github" + "ref": "main", + "type": "git", + "url": "https://git.qenya.tel/qenya/birdsong" } }, "home-manager": { "inputs": { "nixpkgs": [ + "agenix", "nixpkgs" ] }, "locked": { - "lastModified": 1750792728, - "narHash": "sha256-Lh3dopA8DdY+ZoaAJPrtkZOZaFEJGSYjOdAYYgOPgE4=", + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", "owner": "nix-community", "repo": "home-manager", - "rev": "366f00797b1efb70f2882d3da485e3c10fd3d557", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-25.05", "repo": "home-manager", "type": "github" } }, - "home-manager-unstable": { + "home-manager_2": { "inputs": { - "nixpkgs": [ - "nixpkgs-unstable" - ] - }, - "locked": { - "lastModified": 1750798083, - "narHash": "sha256-DTCCcp6WCFaYXWKFRA6fiI2zlvOLCf5Vwx8+/0R8Wc4=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "ff31a4677c1a8ae506aa7e003a3dba08cb203f82", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "lix": { - "flake": false, - "locked": { - "lastModified": 1750762203, - "narHash": "sha256-LmQhjQ7c+AOkwhvR9GFgJOy8oHW35MoQRELtrwyVnPw=", - "rev": "38b358ce27203f972faa2973cf44ba80c758f46e", - "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/38b358ce27203f972faa2973cf44ba80c758f46e.tar.gz?rev=38b358ce27203f972faa2973cf44ba80c758f46e" - }, - "original": { - "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/release-2.93.tar.gz" - } - }, - "lix-module": { - "inputs": { - "flake-utils": "flake-utils_2", - "flakey-profile": "flakey-profile", - "lix": "lix", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1750776670, - "narHash": "sha256-EfA5K5EZAnspmraJrXQlziffVpaT+QDBiE6yKmuaNNQ=", - "rev": "c3c78a32273e89d28367d8605a4c880f0b6607e3", - "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/c3c78a32273e89d28367d8605a4c880f0b6607e3.tar.gz?rev=c3c78a32273e89d28367d8605a4c880f0b6607e3" + "lastModified": 1720042825, + "narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", + "type": "github" }, "original": { - "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.1.tar.gz" + "owner": "nix-community", + "ref": "release-24.05", + "repo": "home-manager", + "type": "github" } }, "nixpkgs": { "locked": { - "lastModified": 1750622754, - "narHash": "sha256-kMhs+YzV4vPGfuTpD3mwzibWUE6jotw5Al2wczI0Pv8=", + "lastModified": 1723688146, + "narHash": "sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz+NG82pbdg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c7ab75210cb8cb16ddd8f290755d9558edde7ee1", + "rev": "c3d4ac725177c030b1e289015989da2ad9d56af0", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.05", + "ref": "nixos-24.05", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1748740939, - "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "656a64127e9d791a334452c6b6606d17539476e2", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, - "nixpkgs-small": { - "locked": { - "lastModified": 1750784235, - "narHash": "sha256-IYCCkKerO3lMUcMaDRLfwnfyPopQbGWF8iHRd0XcCBc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "a5e9291e97f5ba0b4ba7d657ddedd5f86d11acfd", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.05-small", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1750506804, - "narHash": "sha256-VLFNc4egNjovYVxDGyBYTrvVCgDYgENp5bVi9fPTDYc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "4206c4cb56751df534751b058295ea61357bbbaa", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-unstable-small": { - "locked": { - "lastModified": 1750776346, - "narHash": "sha256-sWw7gz2B02fHQkmPSutVcoawLuiPT0hpztL0ldCnIy0=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "4396a137499b6cc9f9fe9f3c266577bd52d455a4", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable-small", - "repo": "nixpkgs", - "type": "github" - } - }, - "plasma-manager": { - "inputs": { - "home-manager": [ - "home-manager-unstable" - ], - "nixpkgs": [ - "nixpkgs-unstable" - ] - }, - "locked": { - "lastModified": 1748196248, - "narHash": "sha256-1iHjsH6/5UOerJEoZKE+Gx1BgAoge/YcnUsOA4wQ/BU=", - "owner": "nix-community", - "repo": "plasma-manager", - "rev": "b7697abe89967839b273a863a3805345ea54ab56", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "plasma-manager", - "type": "github" - } - }, - "randomcat": { - "flake": false, - "locked": { - "lastModified": 1750730821, - "narHash": "sha256-U5uW9mRSuA2dRaOyswmz2I0fUVQbGRSZROXIe2WKS+8=", - "owner": "randomnetcat", - "repo": "nix-configs", - "rev": "1a2a536f5550c3b323e19f46d166340ad01745fd", - "type": "github" - }, - "original": { - "owner": "randomnetcat", - "repo": "nix-configs", - "type": "github" - } - }, "root": { "inputs": { "agenix": "agenix", - "colmena": "colmena", - "firefox-addons": "firefox-addons", - "flake-parts": "flake-parts", - "home-manager": "home-manager", - "home-manager-unstable": "home-manager-unstable", - "lix-module": "lix-module", - "nixpkgs": "nixpkgs", - "nixpkgs-small": "nixpkgs-small", - "nixpkgs-unstable": "nixpkgs-unstable", - "nixpkgs-unstable-small": "nixpkgs-unstable-small", - "plasma-manager": "plasma-manager", - "randomcat": "randomcat", - "scoutshonour": "scoutshonour" - } - }, - "scoutshonour": { - "inputs": { - "nixpkgs": [ - "nixpkgs-unstable" - ] - }, - "locked": { - "lastModified": 1735301893, - "narHash": "sha256-d95MCTUYMCcOQv4LpmWxPuVnx7McezXYs2Idw8u8ngI=", - "ref": "main", - "rev": "f447cd380ea1fb81a0ff8f292b6bbdf0be9c9520", - "revCount": 23, - "type": "git", - "url": "https://git.qenya.tel/qenya/nix-scoutshonour" - }, - "original": { - "ref": "main", - "type": "git", - "url": "https://git.qenya.tel/qenya/nix-scoutshonour" + "birdsong": "birdsong", + "home-manager": "home-manager_2", + "nixpkgs": "nixpkgs" } }, "systems": { @@ -383,21 +119,6 @@ "repo": "default", "type": "github" } - }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 73fe576..f079a70 100644 --- a/flake.nix +++ b/flake.nix @@ -1,169 +1,103 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; - nixpkgs-small.url = "github:NixOS/nixpkgs/nixos-25.05-small"; - nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; - nixpkgs-unstable-small.url = "github:NixOS/nixpkgs/nixos-unstable-small"; - - lix-module = { - # lix haven't figured out automatic updates yet: https://git.lix.systems/lix-project/nixos-module/issues/39 - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.1.tar.gz"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; home-manager = { - url = "github:nix-community/home-manager/release-25.05"; + url = "github:nix-community/home-manager/release-24.05"; inputs.nixpkgs.follows = "nixpkgs"; }; - home-manager-unstable = { - url = "github:nix-community/home-manager"; - inputs.nixpkgs.follows = "nixpkgs-unstable"; - }; - - plasma-manager = { - url = "github:nix-community/plasma-manager"; - inputs.nixpkgs.follows = "nixpkgs-unstable"; - inputs.home-manager.follows = "home-manager-unstable"; - }; - - flake-parts.url = "github:hercules-ci/flake-parts"; - agenix = { - url = "github:ryantm/agenix"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.darwin.follows = ""; - inputs.home-manager.follows = ""; + url = "github:ryantm/agenix?tag=0.15.0"; + inputs = { + nixpkgs.follows = "nixpkgs"; + darwin.follows = ""; + }; }; - colmena = { - url = "github:zhaofengli/colmena"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.stable.follows = ""; - inputs.nix-github-actions.follows = ""; - inputs.flake-compat.follows = ""; - }; - - randomcat = { - url = "github:randomnetcat/nix-configs"; - flake = false; - }; - - firefox-addons = { - url = "gitlab:rycee/nur-expressions?ref=master&dir=pkgs/firefox-addons"; - inputs.nixpkgs.follows = "nixpkgs-unstable"; - }; - - scoutshonour = { - url = "git+https://git.qenya.tel/qenya/nix-scoutshonour?ref=main"; - inputs.nixpkgs.follows = "nixpkgs-unstable"; - }; + birdsong.url = "git+https://git.qenya.tel/qenya/birdsong?ref=main"; }; - outputs = inputs@{ self, nixpkgs, nixpkgs-small, nixpkgs-unstable, flake-parts, colmena, ... }: - flake-parts.lib.mkFlake { inherit inputs; } { - imports = [ ./flake ]; + outputs = inputs@{ self, nixpkgs, home-manager, agenix, birdsong, ... }: { + colmena = { + meta.nixpkgs = import nixpkgs { system = "x86_64-linux"; }; + meta.nodeNixpkgs.kalessin = import nixpkgs { system = "aarch64-linux"; }; # TODO: this should be generated from the host config somehow - systems = [ "x86_64-linux" "aarch64-linux" ]; + defaults = { name, nodes, config, lib, pkgs, ... }: { + deployment.replaceUnknownProfiles = lib.mkDefault false; + networking.hostName = name; - perSystem = { pkgs, system, ... }: { - devShells.default = pkgs.mkShell { - packages = [ - inputs.colmena.packages.${system}.colmena - inputs.agenix.packages.${system}.default - inputs.plasma-manager.packages.${system}.rc2nix - ]; + nix.settings.experimental-features = "nix-command flakes"; + nixpkgs.flake.source = nixpkgs; + nix.nixPath = [ "nixpkgs=flake:nixpkgs" ]; + + nixpkgs.config = { + allowUnfree = true; + packageOverrides = pkgs: + let sources = import ./npins; + in { + agenix = agenix.packages.${config.nixpkgs.hostPlatform.system}.default; + nur = (import sources.nur { inherit pkgs; }); + }; }; + + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + }; + + imports = [ + home-manager.nixosModules.home-manager + agenix.nixosModules.default + birdsong.nixosModules.default + ./common + ./services + ]; }; - flake.nixosConfigurations = self.outputs.colmenaHive.nodes; - flake.colmenaHive = colmena.lib.makeHive self.outputs.colmena; + tohru = { name, nodes, ... }: { + networking.hostId = "31da19c1"; + time.timeZone = "Europe/London"; - # The name of this output type is not standardised. I have picked - # "homeManagerModules" as the discussion here suggests it's the most common: - # https://github.com/nix-community/home-manager/issues/1783 - # - # However, note CppNix >= 2.22.3, >= 2.24 has blessed "homeModules": - # https://github.com/NixOS/nix/pull/10858 - flake.homeManagerModules = { - "qenya".imports = [ ./home/qenya ]; - "qenya@shaw".imports = [ ./hosts/shaw/home.nix ]; + imports = [ + ./deployment/local.nix + ./hosts/tohru/configuration.nix + ]; }; - fountain.backup = { - keys = { - elucredassa = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFa3hjej6KGmS2aQ4s46Y7U8pN4yyR2FuMofpHRwXNk syncoid@elucredassa" ]; - }; - sync = { - "orm-state" = { - dataset = "state"; - sourceHost = "orm"; - targetHost = "elucredassa"; - source = "rpool_orm"; - target = "rpool_elucredassa/backup/orm"; - }; - "kalessin-state" = { - dataset = "state"; - sourceHost = "kalessin"; - targetHost = "elucredassa"; - source = "rpool_kalessin"; - target = "rpool_elucredassa/backup/kalessin"; - }; - }; + yevaud = { name, nodes, ... }: { + networking.hostId = "09673d65"; + time.timeZone = "Etc/UTC"; + + imports = [ + ./deployment/remote.nix + ./hosts/yevaud/configuration.nix + ]; }; - flake.colmena = - let - home-manager = inputs.home-manager.nixosModules.home-manager; - home-manager-unstable = inputs.home-manager-unstable.nixosModules.home-manager; - in - { - meta = { - nixpkgs = import nixpkgs-unstable { - system = "x86_64-linux"; - overlays = [ - inputs.lix-module.overlays.default - ]; - }; - nodeNixpkgs = { - kilgharrah = import nixpkgs-unstable { system = "x86_64-linux"; }; - tohru = import nixpkgs { system = "x86_64-linux"; }; - elucredassa = import nixpkgs-small { system = "x86_64-linux"; }; - yevaud = import nixpkgs-small { system = "x86_64-linux"; }; - orm = import nixpkgs-small { system = "x86_64-linux"; }; - kalessin = import nixpkgs-small { system = "aarch64-linux"; }; - tehanu = import nixpkgs-small { system = "aarch64-linux"; }; - }; - specialArgs = { - inherit self; - inherit inputs; - }; - }; + orm = { name, nodes, ... }: { + networking.hostId = "00000000"; + time.timeZone = "Etc/UTC"; - defaults = { config, lib, pkgs, ... }: { - deployment.targetHost = lib.mkDefault config.networking.fqdn; - deployment.buildOnTarget = lib.mkDefault true; + imports = [ + ./deployment/remote.nix + ./hosts/orm/configuration.nix + ]; + }; - imports = [ - inputs.lix-module.nixosModules.default - inputs.agenix.nixosModules.default - ./common - ./services - (builtins.toPath "${inputs.randomcat}/services/default.nix") - ]; - }; - - kilgharrah.deployment.targetHost = null; # disable remote deployment - tohru.deployment.targetHost = null; # disable remote deployment - elucredassa.deployment.targetHost = "100.73.34.182"; # TODO: no fqdn yet - - kilgharrah.imports = [ ./hosts/kilgharrah home-manager-unstable ]; - tohru.imports = [ ./hosts/tohru home-manager ]; - elucredassa.imports = [ ./hosts/elucredassa home-manager ]; - yevaud.imports = [ ./hosts/yevaud home-manager ]; - orm.imports = [ ./hosts/orm home-manager ]; - kalessin.imports = [ ./hosts/kalessin home-manager ]; - tehanu.imports = [ ./hosts/tehanu home-manager ]; + kalessin = { name, nodes, ... }: { + networking.hostId = "534b538e"; + time.timeZone = "Etc/UTC"; + deployment = { + buildOnTarget = true; + replaceUnknownProfiles = true; }; + + imports = [ + ./deployment/remote.nix + ./hosts/kalessin/configuration.nix + ]; + }; }; + }; } diff --git a/flake/backup.nix b/flake/backup.nix deleted file mode 100644 index 6a103aa..0000000 --- a/flake/backup.nix +++ /dev/null @@ -1,134 +0,0 @@ -{ config, lib, pkgs, ... }: -let - cfg = config.fountain.backup; - keys = import ../keys.nix; - - syncOptions = { - dataset = lib.mkOption { - type = lib.types.str; - description = '' - The name of the dataset to be synced (not including its parent - datasets, if any). This will be the same on the source and target. - It must already exist on the source, defined with the - {option}`randomcat.services.zfs` module, and not exist on the target. - ''; - }; - sourceHost = lib.mkOption { - type = lib.types.str; - description = '' - The host from which the dataset should be synced. Must be an entry in - {option}`flake.colmena`. - ''; - }; - targetHost = lib.mkOption { - type = lib.types.str; - description = '' - The host to which the dataset should be synced. Must be an entry in - {option}`flake.colmena`. - ''; - }; - source = lib.mkOption { - type = lib.types.str; - description = '' - The path to the synced dataset in the ZFS namespace on the source host, - excluding the component that is the name of the dataset itself. - ''; - }; - target = lib.mkOption { - type = lib.types.str; - description = '' - The path to the synced dataset in the ZFS namespace on the target host, - excluding the component that is the name of the dataset itself. It must - already exist, defined with the {option}`randomcat.services.zfs` - module. - ''; - }; - }; -in -{ - options.fountain.backup = { - keys = lib.mkOption { - type = lib.types.attrsOf (lib.types.listOf lib.types.singleLineStr); - default = { }; - description = '' - Lists of verbatim OpenSSH public keys that may be used to identify the - syncoid user on each target host. The key to each list must be the - host's hostname, as listed in {option}`flake.colmena`. - ''; - example = { - host = [ "ssh-rsa AAAAB3NzaC1yc2etc/etc/etcjwrsh8e596z6J0l7 example@host" ]; - bar = [ "ssh-ed25519 AAAAC3NzaCetcetera/etceteraJZMfk3QPfQ foo@bar" ]; - }; - }; - - sync = lib.mkOption { - type = lib.types.attrsOf (lib.types.submodule { options = syncOptions; }); - default = { }; - description = '' - Details of ZFS datasets whose snapshots should be synced from machine - to machine using syncoid. Syncoid will run hourly at 15 past the hour - and copy all ZFS snapshots from the source dataset to the target - dataset (recursing into child datasets). - - See descriptions for the individual options for more details. The name - of each attribute in this set is arbitrary and used to generate systemd - unit names. - - This module does not actually cause snapshots to be taken; sanoid must - be configured separately to do this. - ''; - example = { - "orm-state" = { - dataset = "state"; - sourceHost = "orm"; - targetHost = "elucredassa"; - source = "rpool_orm"; - target = "rpool_elucredassa/backup/orm"; - }; - }; - }; - }; - - # TODO: add some assertions to verify the options - - config.flake.colmena = lib.mkMerge (lib.mapAttrsToList - (name: sync: - let - inherit (sync) dataset sourceHost targetHost source target; - sourceFqdn = "${sourceHost}.birdsong.network"; - in - { - ${sourceHost} = { pkgs, ... }: { - randomcat.services.zfs.datasets."${source}/${dataset}".zfsPermissions.users.backup = [ "hold" "send" ]; - - users.users.backup = { - group = "backup"; - isSystemUser = true; - useDefaultShell = true; - openssh.authorizedKeys.keys = cfg.keys.${targetHost}; - packages = with pkgs; [ mbuffer lzop ]; # syncoid uses these if available but doesn't pull them in automatically - }; - users.groups.backup = { }; - }; - - ${targetHost} = { - randomcat.services.zfs.datasets.${target}.zfsPermissions.users.syncoid = [ "mount" "create" "receive" "recordsize" ]; - - services.syncoid = { - enable = true; - interval = "*-*-* *:15:00"; - commonArgs = [ "--no-sync-snap" ]; - commands = { - ${name} = { - source = "backup@${sourceFqdn}:${source}/${dataset}"; - target = "${target}/${dataset}"; - recursive = true; - recvOptions = "ux recordsize o compression=lz4"; - }; - }; - }; - }; - }) - cfg.sync - ); -} diff --git a/flake/colmena.nix b/flake/colmena.nix deleted file mode 100644 index 1679e17..0000000 --- a/flake/colmena.nix +++ /dev/null @@ -1,19 +0,0 @@ -# https://git.lix.systems/the-distro/infra/src/commit/fbb23bf517206175764f154ddfd304b9ec501f87/colmena.nix -{ lib, ... }: { - options.flake.colmena = lib.mkOption { - type = lib.types.submodule { - freeformType = lib.types.attrsOf (lib.mkOptionType { - name = "NixOS module"; - description = "module containing NixOS options and/or config"; - descriptionClass = "noun"; - check = value: builtins.isAttrs value || builtins.isFunction value || builtins.isPath value; - merge = loc: defs: { - imports = map (def: def.value) defs; - }; - }); - options.meta = lib.mkOption { - type = lib.types.attrs; - }; - }; - }; -} diff --git a/flake/default.nix b/flake/default.nix deleted file mode 100644 index b567fab..0000000 --- a/flake/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - imports = [ - ./backup.nix - ./colmena.nix - ]; -} diff --git a/home/cli.nix b/home/cli.nix new file mode 100644 index 0000000..689a9b8 --- /dev/null +++ b/home/cli.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: + +{ + home.packages = with pkgs; [ + tree # like `ls -R` but nicer + + # Extremely important + fortune + cowsay + lolcat + ]; + + programs.btop.enable = true; +} diff --git a/home/dconf/appearance.nix b/home/dconf/appearance.nix new file mode 100644 index 0000000..d6f1fab --- /dev/null +++ b/home/dconf/appearance.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: + +let inherit (lib) mkIf; +in { + dconf = { + settings = + let + backgroundOptions = { + color-shading-type = "solid"; + picture-options = "zoom"; + picture-uri = "${config.home.homeDirectory}/.background-image"; + primary-color = "#3a4ba0"; + secondary-color = "#2f302f"; + }; + in + { + "org/gnome/desktop/background" = backgroundOptions // { + picture-uri-dark = backgroundOptions.picture-uri; + }; + "org/gnome/desktop/screensaver" = backgroundOptions; + "org/gnome/desktop/interface".color-scheme = "prefer-dark"; + }; + }; + home.file.".background-image" = mkIf config.dconf.enable { + source = ./background-image.jpg; + }; +} diff --git a/home/qenya/dconf/background-image.jpg b/home/dconf/background-image.jpg similarity index 100% rename from home/qenya/dconf/background-image.jpg rename to home/dconf/background-image.jpg diff --git a/home/dconf/default.nix b/home/dconf/default.nix new file mode 100644 index 0000000..66f82cd --- /dev/null +++ b/home/dconf/default.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: + +# dconf is the configuration manager for GNOME. + +# home-manager, in its infinite wisdom, sets `dconf.enable` to true by default. +# This is a problem because we don't want it to attempt to apply our settings on +# a system that doesn't actually have GNOME installed. So, we override the +# default to false. + +let inherit (lib) mkDefault; +in { + dconf.enable = mkDefault false; + + imports = [ + # TODO: nix-ify other parts of GNOME config + ./appearance.nix + ./keyboard.nix + ]; +} diff --git a/home/dconf/keyboard.nix b/home/dconf/keyboard.nix new file mode 100644 index 0000000..e96a6f2 --- /dev/null +++ b/home/dconf/keyboard.nix @@ -0,0 +1,14 @@ +# { config, lib, pkgs, ... }: + +{ + dconf = { + settings = { + "org/gnome/desktop/wm/keybindings" = { + # These are largely useless on most normal systems + # and conflict with VS Code's default keybinds for "Copy Line Up/Down" + move-to-workspace-up = [ ]; + move-to-workspace-down = [ ]; + }; + }; + }; +} diff --git a/home/qenya/default.nix b/home/default.nix similarity index 57% rename from home/qenya/default.nix rename to home/default.nix index 47c64dd..e3197ef 100644 --- a/home/qenya/default.nix +++ b/home/default.nix @@ -1,14 +1,10 @@ { imports = [ ./dconf - ./feishin.nix - ./firefox.nix - ./fonts.nix + ./cli.nix ./git.nix - ./packages.nix ./tmux.nix ./vscode.nix - ./xdg-mime-apps.nix ./zsh.nix ]; diff --git a/home/qenya/git.nix b/home/git.nix similarity index 61% rename from home/qenya/git.nix rename to home/git.nix index 2101e64..c73f24e 100644 --- a/home/qenya/git.nix +++ b/home/git.nix @@ -6,9 +6,12 @@ userName = "Katherina Walshe-Grey"; userEmail = "git@qenya.tel"; extraConfig = { - init.defaultBranch = "main"; - pull.rebase = true; - push.autoSetupRemote = true; + init = { + defaultBranch = "main"; + }; + push = { + autoSetupRemote = true; + }; }; }; } diff --git a/home/qenya/.p10k.zsh b/home/qenya/.p10k.zsh deleted file mode 100644 index a47b12a..0000000 --- a/home/qenya/.p10k.zsh +++ /dev/null @@ -1,1832 +0,0 @@ -# Generated by Powerlevel10k configuration wizard on 2025-04-28 at 17:26 BST. -# Based on romkatv/powerlevel10k/config/p10k-rainbow.zsh. -# Wizard options: nerdfont-complete + powerline, small icons, rainbow, unicode, -# angled separators, sharp heads, round tails, 2 lines, disconnected, no frame, sparse, -# few icons, concise, transient_prompt, instant_prompt=off. -# Type `p10k configure` to generate another config. -# -# Config for Powerlevel10k with powerline prompt style with colorful background. -# Type `p10k configure` to generate your own config based on it. -# -# Tip: Looking for a nice color? Here's a one-liner to print colormap. -# -# for i in {0..255}; do print -Pn "%K{$i} %k%F{$i}${(l:3::0:)i}%f " ${${(M)$((i%6)):#3}:+$'\n'}; done - -# Temporarily change options. -'builtin' 'local' '-a' 'p10k_config_opts' -[[ ! -o 'aliases' ]] || p10k_config_opts+=('aliases') -[[ ! -o 'sh_glob' ]] || p10k_config_opts+=('sh_glob') -[[ ! -o 'no_brace_expand' ]] || p10k_config_opts+=('no_brace_expand') -'builtin' 'setopt' 'no_aliases' 'no_sh_glob' 'brace_expand' - -() { - emulate -L zsh -o extended_glob - - # Unset all configuration options. This allows you to apply configuration changes without - # restarting zsh. Edit ~/.p10k.zsh and type `source ~/.p10k.zsh`. - unset -m '(POWERLEVEL9K_*|DEFAULT_USER)~POWERLEVEL9K_GITSTATUS_DIR' - - # Zsh >= 5.1 is required. - [[ $ZSH_VERSION == (5.<1->*|<6->.*) ]] || return - - # The list of segments shown on the left. Fill it with the most important segments. - typeset -g POWERLEVEL9K_LEFT_PROMPT_ELEMENTS=( - # =========================[ Line #1 ]========================= - # os_icon # os identifier - dir # current directory - vcs # git status - # =========================[ Line #2 ]========================= - newline # \n - prompt_char # prompt symbol - ) - - # The list of segments shown on the right. Fill it with less important segments. - # Right prompt on the last prompt line (where you are typing your commands) gets - # automatically hidden when the input line reaches it. Right prompt above the - # last prompt line gets hidden if it would overlap with left prompt. - typeset -g POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS=( - # =========================[ Line #1 ]========================= - status # exit code of the last command - command_execution_time # duration of the last command - background_jobs # presence of background jobs - direnv # direnv status (https://direnv.net/) - asdf # asdf version manager (https://github.com/asdf-vm/asdf) - virtualenv # python virtual environment (https://docs.python.org/3/library/venv.html) - anaconda # conda environment (https://conda.io/) - pyenv # python environment (https://github.com/pyenv/pyenv) - goenv # go environment (https://github.com/syndbg/goenv) - nodenv # node.js version from nodenv (https://github.com/nodenv/nodenv) - nvm # node.js version from nvm (https://github.com/nvm-sh/nvm) - nodeenv # node.js environment (https://github.com/ekalinin/nodeenv) - # node_version # node.js version - # go_version # go version (https://golang.org) - # rust_version # rustc version (https://www.rust-lang.org) - # dotnet_version # .NET version (https://dotnet.microsoft.com) - # php_version # php version (https://www.php.net/) - # laravel_version # laravel php framework version (https://laravel.com/) - # java_version # java version (https://www.java.com/) - # package # name@version from package.json (https://docs.npmjs.com/files/package.json) - rbenv # ruby version from rbenv (https://github.com/rbenv/rbenv) - rvm # ruby version from rvm (https://rvm.io) - fvm # flutter version management (https://github.com/leoafarias/fvm) - luaenv # lua version from luaenv (https://github.com/cehoffman/luaenv) - jenv # java version from jenv (https://github.com/jenv/jenv) - plenv # perl version from plenv (https://github.com/tokuhirom/plenv) - perlbrew # perl version from perlbrew (https://github.com/gugod/App-perlbrew) - phpenv # php version from phpenv (https://github.com/phpenv/phpenv) - scalaenv # scala version from scalaenv (https://github.com/scalaenv/scalaenv) - haskell_stack # haskell version from stack (https://haskellstack.org/) - kubecontext # current kubernetes context (https://kubernetes.io/) - terraform # terraform workspace (https://www.terraform.io) - # terraform_version # terraform version (https://www.terraform.io) - aws # aws profile (https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html) - aws_eb_env # aws elastic beanstalk environment (https://aws.amazon.com/elasticbeanstalk/) - azure # azure account name (https://docs.microsoft.com/en-us/cli/azure) - gcloud # google cloud cli account and project (https://cloud.google.com/) - google_app_cred # google application credentials (https://cloud.google.com/docs/authentication/production) - toolbox # toolbox name (https://github.com/containers/toolbox) - context # user@hostname - nordvpn # nordvpn connection status, linux only (https://nordvpn.com/) - ranger # ranger shell (https://github.com/ranger/ranger) - nnn # nnn shell (https://github.com/jarun/nnn) - lf # lf shell (https://github.com/gokcehan/lf) - xplr # xplr shell (https://github.com/sayanarijit/xplr) - vim_shell # vim shell indicator (:sh) - midnight_commander # midnight commander shell (https://midnight-commander.org/) - nix_shell # nix shell (https://nixos.org/nixos/nix-pills/developing-with-nix-shell.html) - chezmoi_shell # chezmoi shell (https://www.chezmoi.io/) - # vi_mode # vi mode (you don't need this if you've enabled prompt_char) - # vpn_ip # virtual private network indicator - # load # CPU load - # disk_usage # disk usage - # ram # free RAM - # swap # used swap - todo # todo items (https://github.com/todotxt/todo.txt-cli) - timewarrior # timewarrior tracking status (https://timewarrior.net/) - taskwarrior # taskwarrior task count (https://taskwarrior.org/) - per_directory_history # Oh My Zsh per-directory-history local/global indicator - # cpu_arch # CPU architecture - # time # current time - # =========================[ Line #2 ]========================= - newline - # ip # ip address and bandwidth usage for a specified network interface - # public_ip # public IP address - # proxy # system-wide http/https/ftp proxy - # battery # internal battery - # wifi # wifi speed - # example # example user-defined segment (see prompt_example function below) - ) - - # Defines character set used by powerlevel10k. It's best to let `p10k configure` set it for you. - typeset -g POWERLEVEL9K_MODE=nerdfont-complete - # When set to `moderate`, some icons will have an extra space after them. This is meant to avoid - # icon overlap when using non-monospace fonts. When set to `none`, spaces are not added. - typeset -g POWERLEVEL9K_ICON_PADDING=none - - # When set to true, icons appear before content on both sides of the prompt. When set - # to false, icons go after content. If empty or not set, icons go before content in the left - # prompt and after content in the right prompt. - # - # You can also override it for a specific segment: - # - # POWERLEVEL9K_STATUS_ICON_BEFORE_CONTENT=false - # - # Or for a specific segment in specific state: - # - # POWERLEVEL9K_DIR_NOT_WRITABLE_ICON_BEFORE_CONTENT=false - typeset -g POWERLEVEL9K_ICON_BEFORE_CONTENT= - - # Add an empty line before each prompt. - typeset -g POWERLEVEL9K_PROMPT_ADD_NEWLINE=true - - # Connect left prompt lines with these symbols. You'll probably want to use the same color - # as POWERLEVEL9K_MULTILINE_FIRST_PROMPT_GAP_FOREGROUND below. - typeset -g POWERLEVEL9K_MULTILINE_FIRST_PROMPT_PREFIX= - typeset -g POWERLEVEL9K_MULTILINE_NEWLINE_PROMPT_PREFIX= - typeset -g POWERLEVEL9K_MULTILINE_LAST_PROMPT_PREFIX= - # Connect right prompt lines with these symbols. - typeset -g POWERLEVEL9K_MULTILINE_FIRST_PROMPT_SUFFIX= - typeset -g POWERLEVEL9K_MULTILINE_NEWLINE_PROMPT_SUFFIX= - typeset -g POWERLEVEL9K_MULTILINE_LAST_PROMPT_SUFFIX= - - # Filler between left and right prompt on the first prompt line. You can set it to ' ', '·' or - # '─'. The last two make it easier to see the alignment between left and right prompt and to - # separate prompt from command output. You might want to set POWERLEVEL9K_PROMPT_ADD_NEWLINE=false - # for more compact prompt if using this option. - typeset -g POWERLEVEL9K_MULTILINE_FIRST_PROMPT_GAP_CHAR=' ' - typeset -g POWERLEVEL9K_MULTILINE_FIRST_PROMPT_GAP_BACKGROUND= - typeset -g POWERLEVEL9K_MULTILINE_NEWLINE_PROMPT_GAP_BACKGROUND= - if [[ $POWERLEVEL9K_MULTILINE_FIRST_PROMPT_GAP_CHAR != ' ' ]]; then - # The color of the filler. You'll probably want to match the color of POWERLEVEL9K_MULTILINE - # ornaments defined above. - typeset -g POWERLEVEL9K_MULTILINE_FIRST_PROMPT_GAP_FOREGROUND=242 - # Start filler from the edge of the screen if there are no left segments on the first line. - typeset -g POWERLEVEL9K_EMPTY_LINE_LEFT_PROMPT_FIRST_SEGMENT_END_SYMBOL='%{%}' - # End filler on the edge of the screen if there are no right segments on the first line. - typeset -g POWERLEVEL9K_EMPTY_LINE_RIGHT_PROMPT_FIRST_SEGMENT_START_SYMBOL='%{%}' - fi - - # Separator between same-color segments on the left. - typeset -g POWERLEVEL9K_LEFT_SUBSEGMENT_SEPARATOR='\uE0B1' - # Separator between same-color segments on the right. - typeset -g POWERLEVEL9K_RIGHT_SUBSEGMENT_SEPARATOR='\uE0B3' - # Separator between different-color segments on the left. - typeset -g POWERLEVEL9K_LEFT_SEGMENT_SEPARATOR='\uE0B0' - # Separator between different-color segments on the right. - typeset -g POWERLEVEL9K_RIGHT_SEGMENT_SEPARATOR='\uE0B2' - # To remove a separator between two segments, add "_joined" to the second segment name. - # For example: POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS=(os_icon context_joined) - - # The right end of left prompt. - typeset -g POWERLEVEL9K_LEFT_PROMPT_LAST_SEGMENT_END_SYMBOL='\uE0B0' - # The left end of right prompt. - typeset -g POWERLEVEL9K_RIGHT_PROMPT_FIRST_SEGMENT_START_SYMBOL='\uE0B2' - # The left end of left prompt. - typeset -g POWERLEVEL9K_LEFT_PROMPT_FIRST_SEGMENT_START_SYMBOL='\uE0B6' - # The right end of right prompt. - typeset -g POWERLEVEL9K_RIGHT_PROMPT_LAST_SEGMENT_END_SYMBOL='\uE0B4' - # Left prompt terminator for lines without any segments. - typeset -g POWERLEVEL9K_EMPTY_LINE_LEFT_PROMPT_LAST_SEGMENT_END_SYMBOL= - - #################################[ os_icon: os identifier ]################################## - # OS identifier color. - typeset -g POWERLEVEL9K_OS_ICON_FOREGROUND=232 - typeset -g POWERLEVEL9K_OS_ICON_BACKGROUND=7 - # Custom icon. - # typeset -g POWERLEVEL9K_OS_ICON_CONTENT_EXPANSION='⭐' - - ################################[ prompt_char: prompt symbol ]################################ - # Transparent background. - typeset -g POWERLEVEL9K_PROMPT_CHAR_BACKGROUND= - # Green prompt symbol if the last command succeeded. - typeset -g POWERLEVEL9K_PROMPT_CHAR_OK_{VIINS,VICMD,VIVIS,VIOWR}_FOREGROUND=76 - # Red prompt symbol if the last command failed. - typeset -g POWERLEVEL9K_PROMPT_CHAR_ERROR_{VIINS,VICMD,VIVIS,VIOWR}_FOREGROUND=196 - # Default prompt symbol. - typeset -g POWERLEVEL9K_PROMPT_CHAR_{OK,ERROR}_VIINS_CONTENT_EXPANSION='❯' - # Prompt symbol in command vi mode. - typeset -g POWERLEVEL9K_PROMPT_CHAR_{OK,ERROR}_VICMD_CONTENT_EXPANSION='❮' - # Prompt symbol in visual vi mode. - typeset -g POWERLEVEL9K_PROMPT_CHAR_{OK,ERROR}_VIVIS_CONTENT_EXPANSION='V' - # Prompt symbol in overwrite vi mode. - typeset -g POWERLEVEL9K_PROMPT_CHAR_{OK,ERROR}_VIOWR_CONTENT_EXPANSION='▶' - typeset -g POWERLEVEL9K_PROMPT_CHAR_OVERWRITE_STATE=true - # No line terminator if prompt_char is the last segment. - typeset -g POWERLEVEL9K_PROMPT_CHAR_LEFT_PROMPT_LAST_SEGMENT_END_SYMBOL= - # No line introducer if prompt_char is the first segment. - typeset -g POWERLEVEL9K_PROMPT_CHAR_LEFT_PROMPT_FIRST_SEGMENT_START_SYMBOL= - # No surrounding whitespace. - typeset -g POWERLEVEL9K_PROMPT_CHAR_LEFT_{LEFT,RIGHT}_WHITESPACE= - - ##################################[ dir: current directory ]################################## - # Current directory background color. - typeset -g POWERLEVEL9K_DIR_BACKGROUND=4 - # Default current directory foreground color. - typeset -g POWERLEVEL9K_DIR_FOREGROUND=254 - # If directory is too long, shorten some of its segments to the shortest possible unique - # prefix. The shortened directory can be tab-completed to the original. - typeset -g POWERLEVEL9K_SHORTEN_STRATEGY=truncate_to_unique - # Replace removed segment suffixes with this symbol. - typeset -g POWERLEVEL9K_SHORTEN_DELIMITER= - # Color of the shortened directory segments. - typeset -g POWERLEVEL9K_DIR_SHORTENED_FOREGROUND=250 - # Color of the anchor directory segments. Anchor segments are never shortened. The first - # segment is always an anchor. - typeset -g POWERLEVEL9K_DIR_ANCHOR_FOREGROUND=255 - # Display anchor directory segments in bold. - typeset -g POWERLEVEL9K_DIR_ANCHOR_BOLD=true - # Don't shorten directories that contain any of these files. They are anchors. - local anchor_files=( - .bzr - .citc - .git - .hg - .node-version - .python-version - .go-version - .ruby-version - .lua-version - .java-version - .perl-version - .php-version - .tool-versions - .shorten_folder_marker - .svn - .terraform - CVS - Cargo.toml - composer.json - go.mod - package.json - stack.yaml - ) - typeset -g POWERLEVEL9K_SHORTEN_FOLDER_MARKER="(${(j:|:)anchor_files})" - # If set to "first" ("last"), remove everything before the first (last) subdirectory that contains - # files matching $POWERLEVEL9K_SHORTEN_FOLDER_MARKER. For example, when the current directory is - # /foo/bar/git_repo/nested_git_repo/baz, prompt will display git_repo/nested_git_repo/baz (first) - # or nested_git_repo/baz (last). This assumes that git_repo and nested_git_repo contain markers - # and other directories don't. - # - # Optionally, "first" and "last" can be followed by ":" where is an integer. - # This moves the truncation point to the right (positive offset) or to the left (negative offset) - # relative to the marker. Plain "first" and "last" are equivalent to "first:0" and "last:0" - # respectively. - typeset -g POWERLEVEL9K_DIR_TRUNCATE_BEFORE_MARKER=false - # Don't shorten this many last directory segments. They are anchors. - typeset -g POWERLEVEL9K_SHORTEN_DIR_LENGTH=1 - # Shorten directory if it's longer than this even if there is space for it. The value can - # be either absolute (e.g., '80') or a percentage of terminal width (e.g, '50%'). If empty, - # directory will be shortened only when prompt doesn't fit or when other parameters demand it - # (see POWERLEVEL9K_DIR_MIN_COMMAND_COLUMNS and POWERLEVEL9K_DIR_MIN_COMMAND_COLUMNS_PCT below). - # If set to `0`, directory will always be shortened to its minimum length. - typeset -g POWERLEVEL9K_DIR_MAX_LENGTH=80 - # When `dir` segment is on the last prompt line, try to shorten it enough to leave at least this - # many columns for typing commands. - typeset -g POWERLEVEL9K_DIR_MIN_COMMAND_COLUMNS=40 - # When `dir` segment is on the last prompt line, try to shorten it enough to leave at least - # COLUMNS * POWERLEVEL9K_DIR_MIN_COMMAND_COLUMNS_PCT * 0.01 columns for typing commands. - typeset -g POWERLEVEL9K_DIR_MIN_COMMAND_COLUMNS_PCT=50 - # If set to true, embed a hyperlink into the directory. Useful for quickly - # opening a directory in the file manager simply by clicking the link. - # Can also be handy when the directory is shortened, as it allows you to see - # the full directory that was used in previous commands. - typeset -g POWERLEVEL9K_DIR_HYPERLINK=false - - # Enable special styling for non-writable and non-existent directories. See POWERLEVEL9K_LOCK_ICON - # and POWERLEVEL9K_DIR_CLASSES below. - typeset -g POWERLEVEL9K_DIR_SHOW_WRITABLE=v3 - - # The default icon shown next to non-writable and non-existent directories when - # POWERLEVEL9K_DIR_SHOW_WRITABLE is set to v3. - # typeset -g POWERLEVEL9K_LOCK_ICON='⭐' - - # POWERLEVEL9K_DIR_CLASSES allows you to specify custom icons and colors for different - # directories. It must be an array with 3 * N elements. Each triplet consists of: - # - # 1. A pattern against which the current directory ($PWD) is matched. Matching is done with - # extended_glob option enabled. - # 2. Directory class for the purpose of styling. - # 3. An empty string. - # - # Triplets are tried in order. The first triplet whose pattern matches $PWD wins. - # - # If POWERLEVEL9K_DIR_SHOW_WRITABLE is set to v3, non-writable and non-existent directories - # acquire class suffix _NOT_WRITABLE and NON_EXISTENT respectively. - # - # For example, given these settings: - # - # typeset -g POWERLEVEL9K_DIR_CLASSES=( - # '~/work(|/*)' WORK '' - # '~(|/*)' HOME '' - # '*' DEFAULT '') - # - # Whenever the current directory is ~/work or a subdirectory of ~/work, it gets styled with one - # of the following classes depending on its writability and existence: WORK, WORK_NOT_WRITABLE or - # WORK_NON_EXISTENT. - # - # Simply assigning classes to directories doesn't have any visible effects. It merely gives you an - # option to define custom colors and icons for different directory classes. - # - # # Styling for WORK. - # typeset -g POWERLEVEL9K_DIR_WORK_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_DIR_WORK_BACKGROUND=4 - # typeset -g POWERLEVEL9K_DIR_WORK_FOREGROUND=254 - # typeset -g POWERLEVEL9K_DIR_WORK_SHORTENED_FOREGROUND=250 - # typeset -g POWERLEVEL9K_DIR_WORK_ANCHOR_FOREGROUND=255 - # - # # Styling for WORK_NOT_WRITABLE. - # typeset -g POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_BACKGROUND=4 - # typeset -g POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_FOREGROUND=254 - # typeset -g POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_SHORTENED_FOREGROUND=250 - # typeset -g POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_ANCHOR_FOREGROUND=255 - # - # # Styling for WORK_NON_EXISTENT. - # typeset -g POWERLEVEL9K_DIR_WORK_NON_EXISTENT_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_DIR_WORK_NON_EXISTENT_BACKGROUND=4 - # typeset -g POWERLEVEL9K_DIR_WORK_NON_EXISTENT_FOREGROUND=254 - # typeset -g POWERLEVEL9K_DIR_WORK_NON_EXISTENT_SHORTENED_FOREGROUND=250 - # typeset -g POWERLEVEL9K_DIR_WORK_NON_EXISTENT_ANCHOR_FOREGROUND=255 - # - # If a styling parameter isn't explicitly defined for some class, it falls back to the classless - # parameter. For example, if POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_FOREGROUND is not set, it falls - # back to POWERLEVEL9K_DIR_FOREGROUND. - # - typeset -g POWERLEVEL9K_DIR_CLASSES=() - - # Custom prefix. - # typeset -g POWERLEVEL9K_DIR_PREFIX='in ' - - #####################################[ vcs: git status ]###################################### - # Version control background colors. - typeset -g POWERLEVEL9K_VCS_CLEAN_BACKGROUND=2 - typeset -g POWERLEVEL9K_VCS_MODIFIED_BACKGROUND=3 - typeset -g POWERLEVEL9K_VCS_UNTRACKED_BACKGROUND=2 - typeset -g POWERLEVEL9K_VCS_CONFLICTED_BACKGROUND=3 - typeset -g POWERLEVEL9K_VCS_LOADING_BACKGROUND=8 - - # Branch icon. Set this parameter to '\UE0A0 ' for the popular Powerline branch icon. - typeset -g POWERLEVEL9K_VCS_BRANCH_ICON= - - # Untracked files icon. It's really a question mark, your font isn't broken. - # Change the value of this parameter to show a different icon. - typeset -g POWERLEVEL9K_VCS_UNTRACKED_ICON='?' - - # Formatter for Git status. - # - # Example output: master wip ⇣42⇡42 *42 merge ~42 +42 !42 ?42. - # - # You can edit the function to customize how Git status looks. - # - # VCS_STATUS_* parameters are set by gitstatus plugin. See reference: - # https://github.com/romkatv/gitstatus/blob/master/gitstatus.plugin.zsh. - function my_git_formatter() { - emulate -L zsh - - if [[ -n $P9K_CONTENT ]]; then - # If P9K_CONTENT is not empty, use it. It's either "loading" or from vcs_info (not from - # gitstatus plugin). VCS_STATUS_* parameters are not available in this case. - typeset -g my_git_format=$P9K_CONTENT - return - fi - - # Styling for different parts of Git status. - local meta='%7F' # white foreground - local clean='%0F' # black foreground - local modified='%0F' # black foreground - local untracked='%0F' # black foreground - local conflicted='%1F' # red foreground - - local res - - if [[ -n $VCS_STATUS_LOCAL_BRANCH ]]; then - local branch=${(V)VCS_STATUS_LOCAL_BRANCH} - # If local branch name is at most 32 characters long, show it in full. - # Otherwise show the first 12 … the last 12. - # Tip: To always show local branch name in full without truncation, delete the next line. - (( $#branch > 32 )) && branch[13,-13]="…" # <-- this line - res+="${clean}${(g::)POWERLEVEL9K_VCS_BRANCH_ICON}${branch//\%/%%}" - fi - - if [[ -n $VCS_STATUS_TAG - # Show tag only if not on a branch. - # Tip: To always show tag, delete the next line. - && -z $VCS_STATUS_LOCAL_BRANCH # <-- this line - ]]; then - local tag=${(V)VCS_STATUS_TAG} - # If tag name is at most 32 characters long, show it in full. - # Otherwise show the first 12 … the last 12. - # Tip: To always show tag name in full without truncation, delete the next line. - (( $#tag > 32 )) && tag[13,-13]="…" # <-- this line - res+="${meta}#${clean}${tag//\%/%%}" - fi - - # Display the current Git commit if there is no branch and no tag. - # Tip: To always display the current Git commit, delete the next line. - [[ -z $VCS_STATUS_LOCAL_BRANCH && -z $VCS_STATUS_TAG ]] && # <-- this line - res+="${meta}@${clean}${VCS_STATUS_COMMIT[1,8]}" - - # Show tracking branch name if it differs from local branch. - if [[ -n ${VCS_STATUS_REMOTE_BRANCH:#$VCS_STATUS_LOCAL_BRANCH} ]]; then - res+="${meta}:${clean}${(V)VCS_STATUS_REMOTE_BRANCH//\%/%%}" - fi - - # Display "wip" if the latest commit's summary contains "wip" or "WIP". - if [[ $VCS_STATUS_COMMIT_SUMMARY == (|*[^[:alnum:]])(wip|WIP)(|[^[:alnum:]]*) ]]; then - res+=" ${modified}wip" - fi - - if (( VCS_STATUS_COMMITS_AHEAD || VCS_STATUS_COMMITS_BEHIND )); then - # ⇣42 if behind the remote. - (( VCS_STATUS_COMMITS_BEHIND )) && res+=" ${clean}⇣${VCS_STATUS_COMMITS_BEHIND}" - # ⇡42 if ahead of the remote; no leading space if also behind the remote: ⇣42⇡42. - (( VCS_STATUS_COMMITS_AHEAD && !VCS_STATUS_COMMITS_BEHIND )) && res+=" " - (( VCS_STATUS_COMMITS_AHEAD )) && res+="${clean}⇡${VCS_STATUS_COMMITS_AHEAD}" - elif [[ -n $VCS_STATUS_REMOTE_BRANCH ]]; then - # Tip: Uncomment the next line to display '=' if up to date with the remote. - # res+=" ${clean}=" - fi - - # ⇠42 if behind the push remote. - (( VCS_STATUS_PUSH_COMMITS_BEHIND )) && res+=" ${clean}⇠${VCS_STATUS_PUSH_COMMITS_BEHIND}" - (( VCS_STATUS_PUSH_COMMITS_AHEAD && !VCS_STATUS_PUSH_COMMITS_BEHIND )) && res+=" " - # ⇢42 if ahead of the push remote; no leading space if also behind: ⇠42⇢42. - (( VCS_STATUS_PUSH_COMMITS_AHEAD )) && res+="${clean}⇢${VCS_STATUS_PUSH_COMMITS_AHEAD}" - # *42 if have stashes. - (( VCS_STATUS_STASHES )) && res+=" ${clean}*${VCS_STATUS_STASHES}" - # 'merge' if the repo is in an unusual state. - [[ -n $VCS_STATUS_ACTION ]] && res+=" ${conflicted}${VCS_STATUS_ACTION}" - # ~42 if have merge conflicts. - (( VCS_STATUS_NUM_CONFLICTED )) && res+=" ${conflicted}~${VCS_STATUS_NUM_CONFLICTED}" - # +42 if have staged changes. - (( VCS_STATUS_NUM_STAGED )) && res+=" ${modified}+${VCS_STATUS_NUM_STAGED}" - # !42 if have unstaged changes. - (( VCS_STATUS_NUM_UNSTAGED )) && res+=" ${modified}!${VCS_STATUS_NUM_UNSTAGED}" - # ?42 if have untracked files. It's really a question mark, your font isn't broken. - # See POWERLEVEL9K_VCS_UNTRACKED_ICON above if you want to use a different icon. - # Remove the next line if you don't want to see untracked files at all. - (( VCS_STATUS_NUM_UNTRACKED )) && res+=" ${untracked}${(g::)POWERLEVEL9K_VCS_UNTRACKED_ICON}${VCS_STATUS_NUM_UNTRACKED}" - # "─" if the number of unstaged files is unknown. This can happen due to - # POWERLEVEL9K_VCS_MAX_INDEX_SIZE_DIRTY (see below) being set to a non-negative number lower - # than the number of files in the Git index, or due to bash.showDirtyState being set to false - # in the repository config. The number of staged and untracked files may also be unknown - # in this case. - (( VCS_STATUS_HAS_UNSTAGED == -1 )) && res+=" ${modified}─" - - typeset -g my_git_format=$res - } - functions -M my_git_formatter 2>/dev/null - - # Don't count the number of unstaged, untracked and conflicted files in Git repositories with - # more than this many files in the index. Negative value means infinity. - # - # If you are working in Git repositories with tens of millions of files and seeing performance - # sagging, try setting POWERLEVEL9K_VCS_MAX_INDEX_SIZE_DIRTY to a number lower than the output - # of `git ls-files | wc -l`. Alternatively, add `bash.showDirtyState = false` to the repository's - # config: `git config bash.showDirtyState false`. - typeset -g POWERLEVEL9K_VCS_MAX_INDEX_SIZE_DIRTY=-1 - - # Don't show Git status in prompt for repositories whose workdir matches this pattern. - # For example, if set to '~', the Git repository at $HOME/.git will be ignored. - # Multiple patterns can be combined with '|': '~(|/foo)|/bar/baz/*'. - typeset -g POWERLEVEL9K_VCS_DISABLED_WORKDIR_PATTERN='~' - - # Disable the default Git status formatting. - typeset -g POWERLEVEL9K_VCS_DISABLE_GITSTATUS_FORMATTING=true - # Install our own Git status formatter. - typeset -g POWERLEVEL9K_VCS_CONTENT_EXPANSION='${$((my_git_formatter()))+${my_git_format}}' - # Enable counters for staged, unstaged, etc. - typeset -g POWERLEVEL9K_VCS_{STAGED,UNSTAGED,UNTRACKED,CONFLICTED,COMMITS_AHEAD,COMMITS_BEHIND}_MAX_NUM=-1 - - # Custom icon. - typeset -g POWERLEVEL9K_VCS_VISUAL_IDENTIFIER_EXPANSION= - # Custom prefix. - # typeset -g POWERLEVEL9K_VCS_PREFIX='on ' - - # Show status of repositories of these types. You can add svn and/or hg if you are - # using them. If you do, your prompt may become slow even when your current directory - # isn't in an svn or hg repository. - typeset -g POWERLEVEL9K_VCS_BACKENDS=(git) - - ##########################[ status: exit code of the last command ]########################### - # Enable OK_PIPE, ERROR_PIPE and ERROR_SIGNAL status states to allow us to enable, disable and - # style them independently from the regular OK and ERROR state. - typeset -g POWERLEVEL9K_STATUS_EXTENDED_STATES=true - - # Status on success. No content, just an icon. No need to show it if prompt_char is enabled as - # it will signify success by turning green. - typeset -g POWERLEVEL9K_STATUS_OK=false - typeset -g POWERLEVEL9K_STATUS_OK_VISUAL_IDENTIFIER_EXPANSION='✔' - typeset -g POWERLEVEL9K_STATUS_OK_FOREGROUND=2 - typeset -g POWERLEVEL9K_STATUS_OK_BACKGROUND=0 - - # Status when some part of a pipe command fails but the overall exit status is zero. It may look - # like this: 1|0. - typeset -g POWERLEVEL9K_STATUS_OK_PIPE=true - typeset -g POWERLEVEL9K_STATUS_OK_PIPE_VISUAL_IDENTIFIER_EXPANSION='✔' - typeset -g POWERLEVEL9K_STATUS_OK_PIPE_FOREGROUND=2 - typeset -g POWERLEVEL9K_STATUS_OK_PIPE_BACKGROUND=0 - - # Status when it's just an error code (e.g., '1'). No need to show it if prompt_char is enabled as - # it will signify error by turning red. - typeset -g POWERLEVEL9K_STATUS_ERROR=false - typeset -g POWERLEVEL9K_STATUS_ERROR_VISUAL_IDENTIFIER_EXPANSION='✘' - typeset -g POWERLEVEL9K_STATUS_ERROR_FOREGROUND=3 - typeset -g POWERLEVEL9K_STATUS_ERROR_BACKGROUND=1 - - # Status when the last command was terminated by a signal. - typeset -g POWERLEVEL9K_STATUS_ERROR_SIGNAL=true - # Use terse signal names: "INT" instead of "SIGINT(2)". - typeset -g POWERLEVEL9K_STATUS_VERBOSE_SIGNAME=false - typeset -g POWERLEVEL9K_STATUS_ERROR_SIGNAL_VISUAL_IDENTIFIER_EXPANSION='✘' - typeset -g POWERLEVEL9K_STATUS_ERROR_SIGNAL_FOREGROUND=3 - typeset -g POWERLEVEL9K_STATUS_ERROR_SIGNAL_BACKGROUND=1 - - # Status when some part of a pipe command fails and the overall exit status is also non-zero. - # It may look like this: 1|0. - typeset -g POWERLEVEL9K_STATUS_ERROR_PIPE=true - typeset -g POWERLEVEL9K_STATUS_ERROR_PIPE_VISUAL_IDENTIFIER_EXPANSION='✘' - typeset -g POWERLEVEL9K_STATUS_ERROR_PIPE_FOREGROUND=3 - typeset -g POWERLEVEL9K_STATUS_ERROR_PIPE_BACKGROUND=1 - - ###################[ command_execution_time: duration of the last command ]################### - # Execution time color. - typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_FOREGROUND=0 - typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_BACKGROUND=3 - # Show duration of the last command if takes at least this many seconds. - typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_THRESHOLD=3 - # Show this many fractional digits. Zero means round to seconds. - typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_PRECISION=0 - # Duration format: 1d 2h 3m 4s. - typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_FORMAT='d h m s' - # Custom icon. - typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_VISUAL_IDENTIFIER_EXPANSION= - # Custom prefix. - # typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_PREFIX='took ' - - #######################[ background_jobs: presence of background jobs ]####################### - # Background jobs color. - typeset -g POWERLEVEL9K_BACKGROUND_JOBS_FOREGROUND=6 - typeset -g POWERLEVEL9K_BACKGROUND_JOBS_BACKGROUND=0 - # Don't show the number of background jobs. - typeset -g POWERLEVEL9K_BACKGROUND_JOBS_VERBOSE=false - # Custom icon. - # typeset -g POWERLEVEL9K_BACKGROUND_JOBS_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #######################[ direnv: direnv status (https://direnv.net/) ]######################## - # Direnv color. - typeset -g POWERLEVEL9K_DIRENV_FOREGROUND=3 - typeset -g POWERLEVEL9K_DIRENV_BACKGROUND=0 - # Custom icon. - # typeset -g POWERLEVEL9K_DIRENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###############[ asdf: asdf version manager (https://github.com/asdf-vm/asdf) ]############### - # Default asdf color. Only used to display tools for which there is no color override (see below). - # Tip: Override these parameters for ${TOOL} with POWERLEVEL9K_ASDF_${TOOL}_FOREGROUND and - # POWERLEVEL9K_ASDF_${TOOL}_BACKGROUND. - typeset -g POWERLEVEL9K_ASDF_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_BACKGROUND=7 - - # There are four parameters that can be used to hide asdf tools. Each parameter describes - # conditions under which a tool gets hidden. Parameters can hide tools but not unhide them. If at - # least one parameter decides to hide a tool, that tool gets hidden. If no parameter decides to - # hide a tool, it gets shown. - # - # Special note on the difference between POWERLEVEL9K_ASDF_SOURCES and - # POWERLEVEL9K_ASDF_PROMPT_ALWAYS_SHOW. Consider the effect of the following commands: - # - # asdf local python 3.8.1 - # asdf global python 3.8.1 - # - # After running both commands the current python version is 3.8.1 and its source is "local" as - # it takes precedence over "global". If POWERLEVEL9K_ASDF_PROMPT_ALWAYS_SHOW is set to false, - # it'll hide python version in this case because 3.8.1 is the same as the global version. - # POWERLEVEL9K_ASDF_SOURCES will hide python version only if the value of this parameter doesn't - # contain "local". - - # Hide tool versions that don't come from one of these sources. - # - # Available sources: - # - # - shell `asdf current` says "set by ASDF_${TOOL}_VERSION environment variable" - # - local `asdf current` says "set by /some/not/home/directory/file" - # - global `asdf current` says "set by /home/username/file" - # - # Note: If this parameter is set to (shell local global), it won't hide tools. - # Tip: Override this parameter for ${TOOL} with POWERLEVEL9K_ASDF_${TOOL}_SOURCES. - typeset -g POWERLEVEL9K_ASDF_SOURCES=(shell local global) - - # If set to false, hide tool versions that are the same as global. - # - # Note: The name of this parameter doesn't reflect its meaning at all. - # Note: If this parameter is set to true, it won't hide tools. - # Tip: Override this parameter for ${TOOL} with POWERLEVEL9K_ASDF_${TOOL}_PROMPT_ALWAYS_SHOW. - typeset -g POWERLEVEL9K_ASDF_PROMPT_ALWAYS_SHOW=false - - # If set to false, hide tool versions that are equal to "system". - # - # Note: If this parameter is set to true, it won't hide tools. - # Tip: Override this parameter for ${TOOL} with POWERLEVEL9K_ASDF_${TOOL}_SHOW_SYSTEM. - typeset -g POWERLEVEL9K_ASDF_SHOW_SYSTEM=true - - # If set to non-empty value, hide tools unless there is a file matching the specified file pattern - # in the current directory, or its parent directory, or its grandparent directory, and so on. - # - # Note: If this parameter is set to empty value, it won't hide tools. - # Note: SHOW_ON_UPGLOB isn't specific to asdf. It works with all prompt segments. - # Tip: Override this parameter for ${TOOL} with POWERLEVEL9K_ASDF_${TOOL}_SHOW_ON_UPGLOB. - # - # Example: Hide nodejs version when there is no package.json and no *.js files in the current - # directory, in `..`, in `../..` and so on. - # - # typeset -g POWERLEVEL9K_ASDF_NODEJS_SHOW_ON_UPGLOB='*.js|package.json' - typeset -g POWERLEVEL9K_ASDF_SHOW_ON_UPGLOB= - - # Ruby version from asdf. - typeset -g POWERLEVEL9K_ASDF_RUBY_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_RUBY_BACKGROUND=1 - # typeset -g POWERLEVEL9K_ASDF_RUBY_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_RUBY_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Python version from asdf. - typeset -g POWERLEVEL9K_ASDF_PYTHON_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_PYTHON_BACKGROUND=4 - # typeset -g POWERLEVEL9K_ASDF_PYTHON_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_PYTHON_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Go version from asdf. - typeset -g POWERLEVEL9K_ASDF_GOLANG_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_GOLANG_BACKGROUND=4 - # typeset -g POWERLEVEL9K_ASDF_GOLANG_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_GOLANG_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Node.js version from asdf. - typeset -g POWERLEVEL9K_ASDF_NODEJS_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_NODEJS_BACKGROUND=2 - # typeset -g POWERLEVEL9K_ASDF_NODEJS_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_NODEJS_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Rust version from asdf. - typeset -g POWERLEVEL9K_ASDF_RUST_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_RUST_BACKGROUND=208 - # typeset -g POWERLEVEL9K_ASDF_RUST_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_RUST_SHOW_ON_UPGLOB='*.foo|*.bar' - - # .NET Core version from asdf. - typeset -g POWERLEVEL9K_ASDF_DOTNET_CORE_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_DOTNET_CORE_BACKGROUND=5 - # typeset -g POWERLEVEL9K_ASDF_DOTNET_CORE_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_DOTNET_CORE_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Flutter version from asdf. - typeset -g POWERLEVEL9K_ASDF_FLUTTER_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_FLUTTER_BACKGROUND=4 - # typeset -g POWERLEVEL9K_ASDF_FLUTTER_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_FLUTTER_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Lua version from asdf. - typeset -g POWERLEVEL9K_ASDF_LUA_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_LUA_BACKGROUND=4 - # typeset -g POWERLEVEL9K_ASDF_LUA_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_LUA_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Java version from asdf. - typeset -g POWERLEVEL9K_ASDF_JAVA_FOREGROUND=1 - typeset -g POWERLEVEL9K_ASDF_JAVA_BACKGROUND=7 - # typeset -g POWERLEVEL9K_ASDF_JAVA_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_JAVA_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Perl version from asdf. - typeset -g POWERLEVEL9K_ASDF_PERL_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_PERL_BACKGROUND=4 - # typeset -g POWERLEVEL9K_ASDF_PERL_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_PERL_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Erlang version from asdf. - typeset -g POWERLEVEL9K_ASDF_ERLANG_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_ERLANG_BACKGROUND=1 - # typeset -g POWERLEVEL9K_ASDF_ERLANG_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_ERLANG_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Elixir version from asdf. - typeset -g POWERLEVEL9K_ASDF_ELIXIR_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_ELIXIR_BACKGROUND=5 - # typeset -g POWERLEVEL9K_ASDF_ELIXIR_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_ELIXIR_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Postgres version from asdf. - typeset -g POWERLEVEL9K_ASDF_POSTGRES_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_POSTGRES_BACKGROUND=6 - # typeset -g POWERLEVEL9K_ASDF_POSTGRES_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_POSTGRES_SHOW_ON_UPGLOB='*.foo|*.bar' - - # PHP version from asdf. - typeset -g POWERLEVEL9K_ASDF_PHP_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_PHP_BACKGROUND=5 - # typeset -g POWERLEVEL9K_ASDF_PHP_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_PHP_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Haskell version from asdf. - typeset -g POWERLEVEL9K_ASDF_HASKELL_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_HASKELL_BACKGROUND=3 - # typeset -g POWERLEVEL9K_ASDF_HASKELL_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_HASKELL_SHOW_ON_UPGLOB='*.foo|*.bar' - - # Julia version from asdf. - typeset -g POWERLEVEL9K_ASDF_JULIA_FOREGROUND=0 - typeset -g POWERLEVEL9K_ASDF_JULIA_BACKGROUND=2 - # typeset -g POWERLEVEL9K_ASDF_JULIA_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_ASDF_JULIA_SHOW_ON_UPGLOB='*.foo|*.bar' - - ##########[ nordvpn: nordvpn connection status, linux only (https://nordvpn.com/) ]########### - # NordVPN connection indicator color. - typeset -g POWERLEVEL9K_NORDVPN_FOREGROUND=7 - typeset -g POWERLEVEL9K_NORDVPN_BACKGROUND=4 - # Hide NordVPN connection indicator when not connected. - typeset -g POWERLEVEL9K_NORDVPN_{DISCONNECTED,CONNECTING,DISCONNECTING}_CONTENT_EXPANSION= - typeset -g POWERLEVEL9K_NORDVPN_{DISCONNECTED,CONNECTING,DISCONNECTING}_VISUAL_IDENTIFIER_EXPANSION= - # Custom icon. - # typeset -g POWERLEVEL9K_NORDVPN_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #################[ ranger: ranger shell (https://github.com/ranger/ranger) ]################## - # Ranger shell color. - typeset -g POWERLEVEL9K_RANGER_FOREGROUND=3 - typeset -g POWERLEVEL9K_RANGER_BACKGROUND=0 - # Custom icon. - # typeset -g POWERLEVEL9K_RANGER_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ######################[ nnn: nnn shell (https://github.com/jarun/nnn) ]####################### - # Nnn shell color. - typeset -g POWERLEVEL9K_NNN_FOREGROUND=0 - typeset -g POWERLEVEL9K_NNN_BACKGROUND=6 - # Custom icon. - # typeset -g POWERLEVEL9K_NNN_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ######################[ lf: lf shell (https://github.com/gokcehan/lf) ]####################### - # lf shell color. - typeset -g POWERLEVEL9K_LF_FOREGROUND=0 - typeset -g POWERLEVEL9K_LF_BACKGROUND=6 - # Custom icon. - # typeset -g POWERLEVEL9K_LF_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##################[ xplr: xplr shell (https://github.com/sayanarijit/xplr) ]################## - # xplr shell color. - typeset -g POWERLEVEL9K_XPLR_FOREGROUND=0 - typeset -g POWERLEVEL9K_XPLR_BACKGROUND=6 - # Custom icon. - # typeset -g POWERLEVEL9K_XPLR_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###########################[ vim_shell: vim shell indicator (:sh) ]########################### - # Vim shell indicator color. - typeset -g POWERLEVEL9K_VIM_SHELL_FOREGROUND=0 - typeset -g POWERLEVEL9K_VIM_SHELL_BACKGROUND=2 - # Custom icon. - # typeset -g POWERLEVEL9K_VIM_SHELL_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ######[ midnight_commander: midnight commander shell (https://midnight-commander.org/) ]###### - # Midnight Commander shell color. - typeset -g POWERLEVEL9K_MIDNIGHT_COMMANDER_FOREGROUND=3 - typeset -g POWERLEVEL9K_MIDNIGHT_COMMANDER_BACKGROUND=0 - # Custom icon. - # typeset -g POWERLEVEL9K_MIDNIGHT_COMMANDER_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #[ nix_shell: nix shell (https://nixos.org/nixos/nix-pills/developing-with-nix-shell.html) ]## - # Nix shell color. - typeset -g POWERLEVEL9K_NIX_SHELL_FOREGROUND=0 - typeset -g POWERLEVEL9K_NIX_SHELL_BACKGROUND=4 - - # Display the icon of nix_shell if PATH contains a subdirectory of /nix/store. - # typeset -g POWERLEVEL9K_NIX_SHELL_INFER_FROM_PATH=false - - # Tip: If you want to see just the icon without "pure" and "impure", uncomment the next line. - # typeset -g POWERLEVEL9K_NIX_SHELL_CONTENT_EXPANSION= - - # Custom icon. - # typeset -g POWERLEVEL9K_NIX_SHELL_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##################[ chezmoi_shell: chezmoi shell (https://www.chezmoi.io/) ]################## - # chezmoi shell color. - typeset -g POWERLEVEL9K_CHEZMOI_SHELL_FOREGROUND=0 - typeset -g POWERLEVEL9K_CHEZMOI_SHELL_BACKGROUND=4 - # Custom icon. - # typeset -g POWERLEVEL9K_CHEZMOI_SHELL_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##################################[ disk_usage: disk usage ]################################## - # Colors for different levels of disk usage. - typeset -g POWERLEVEL9K_DISK_USAGE_NORMAL_FOREGROUND=3 - typeset -g POWERLEVEL9K_DISK_USAGE_NORMAL_BACKGROUND=0 - typeset -g POWERLEVEL9K_DISK_USAGE_WARNING_FOREGROUND=0 - typeset -g POWERLEVEL9K_DISK_USAGE_WARNING_BACKGROUND=3 - typeset -g POWERLEVEL9K_DISK_USAGE_CRITICAL_FOREGROUND=7 - typeset -g POWERLEVEL9K_DISK_USAGE_CRITICAL_BACKGROUND=1 - # Thresholds for different levels of disk usage (percentage points). - typeset -g POWERLEVEL9K_DISK_USAGE_WARNING_LEVEL=90 - typeset -g POWERLEVEL9K_DISK_USAGE_CRITICAL_LEVEL=95 - # If set to true, hide disk usage when below $POWERLEVEL9K_DISK_USAGE_WARNING_LEVEL percent. - typeset -g POWERLEVEL9K_DISK_USAGE_ONLY_WARNING=false - # Custom icon. - # typeset -g POWERLEVEL9K_DISK_USAGE_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###########[ vi_mode: vi mode (you don't need this if you've enabled prompt_char) ]########### - # Foreground color. - typeset -g POWERLEVEL9K_VI_MODE_FOREGROUND=0 - # Text and color for normal (a.k.a. command) vi mode. - typeset -g POWERLEVEL9K_VI_COMMAND_MODE_STRING=NORMAL - typeset -g POWERLEVEL9K_VI_MODE_NORMAL_BACKGROUND=2 - # Text and color for visual vi mode. - typeset -g POWERLEVEL9K_VI_VISUAL_MODE_STRING=VISUAL - typeset -g POWERLEVEL9K_VI_MODE_VISUAL_BACKGROUND=4 - # Text and color for overtype (a.k.a. overwrite and replace) vi mode. - typeset -g POWERLEVEL9K_VI_OVERWRITE_MODE_STRING=OVERTYPE - typeset -g POWERLEVEL9K_VI_MODE_OVERWRITE_BACKGROUND=3 - # Text and color for insert vi mode. - typeset -g POWERLEVEL9K_VI_INSERT_MODE_STRING= - typeset -g POWERLEVEL9K_VI_MODE_INSERT_FOREGROUND=8 - - ######################################[ ram: free RAM ]####################################### - # RAM color. - typeset -g POWERLEVEL9K_RAM_FOREGROUND=0 - typeset -g POWERLEVEL9K_RAM_BACKGROUND=3 - # Custom icon. - # typeset -g POWERLEVEL9K_RAM_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #####################################[ swap: used swap ]###################################### - # Swap color. - typeset -g POWERLEVEL9K_SWAP_FOREGROUND=0 - typeset -g POWERLEVEL9K_SWAP_BACKGROUND=3 - # Custom icon. - # typeset -g POWERLEVEL9K_SWAP_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ######################################[ load: CPU load ]###################################### - # Show average CPU load over this many last minutes. Valid values are 1, 5 and 15. - typeset -g POWERLEVEL9K_LOAD_WHICH=5 - # Load color when load is under 50%. - typeset -g POWERLEVEL9K_LOAD_NORMAL_FOREGROUND=0 - typeset -g POWERLEVEL9K_LOAD_NORMAL_BACKGROUND=2 - # Load color when load is between 50% and 70%. - typeset -g POWERLEVEL9K_LOAD_WARNING_FOREGROUND=0 - typeset -g POWERLEVEL9K_LOAD_WARNING_BACKGROUND=3 - # Load color when load is over 70%. - typeset -g POWERLEVEL9K_LOAD_CRITICAL_FOREGROUND=0 - typeset -g POWERLEVEL9K_LOAD_CRITICAL_BACKGROUND=1 - # Custom icon. - # typeset -g POWERLEVEL9K_LOAD_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ################[ todo: todo items (https://github.com/todotxt/todo.txt-cli) ]################ - # Todo color. - typeset -g POWERLEVEL9K_TODO_FOREGROUND=0 - typeset -g POWERLEVEL9K_TODO_BACKGROUND=8 - # Hide todo when the total number of tasks is zero. - typeset -g POWERLEVEL9K_TODO_HIDE_ZERO_TOTAL=true - # Hide todo when the number of tasks after filtering is zero. - typeset -g POWERLEVEL9K_TODO_HIDE_ZERO_FILTERED=false - - # Todo format. The following parameters are available within the expansion. - # - # - P9K_TODO_TOTAL_TASK_COUNT The total number of tasks. - # - P9K_TODO_FILTERED_TASK_COUNT The number of tasks after filtering. - # - # These variables correspond to the last line of the output of `todo.sh -p ls`: - # - # TODO: 24 of 42 tasks shown - # - # Here 24 is P9K_TODO_FILTERED_TASK_COUNT and 42 is P9K_TODO_TOTAL_TASK_COUNT. - # - # typeset -g POWERLEVEL9K_TODO_CONTENT_EXPANSION='$P9K_TODO_FILTERED_TASK_COUNT' - - # Custom icon. - # typeset -g POWERLEVEL9K_TODO_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###########[ timewarrior: timewarrior tracking status (https://timewarrior.net/) ]############ - # Timewarrior color. - typeset -g POWERLEVEL9K_TIMEWARRIOR_FOREGROUND=255 - typeset -g POWERLEVEL9K_TIMEWARRIOR_BACKGROUND=8 - - # If the tracked task is longer than 24 characters, truncate and append "…". - # Tip: To always display tasks without truncation, delete the following parameter. - # Tip: To hide task names and display just the icon when time tracking is enabled, set the - # value of the following parameter to "". - typeset -g POWERLEVEL9K_TIMEWARRIOR_CONTENT_EXPANSION='${P9K_CONTENT:0:24}${${P9K_CONTENT:24}:+…}' - - # Custom icon. - # typeset -g POWERLEVEL9K_TIMEWARRIOR_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##############[ taskwarrior: taskwarrior task count (https://taskwarrior.org/) ]############## - # Taskwarrior color. - typeset -g POWERLEVEL9K_TASKWARRIOR_FOREGROUND=0 - typeset -g POWERLEVEL9K_TASKWARRIOR_BACKGROUND=6 - - # Taskwarrior segment format. The following parameters are available within the expansion. - # - # - P9K_TASKWARRIOR_PENDING_COUNT The number of pending tasks: `task +PENDING count`. - # - P9K_TASKWARRIOR_OVERDUE_COUNT The number of overdue tasks: `task +OVERDUE count`. - # - # Zero values are represented as empty parameters. - # - # The default format: - # - # '${P9K_TASKWARRIOR_OVERDUE_COUNT:+"!$P9K_TASKWARRIOR_OVERDUE_COUNT/"}$P9K_TASKWARRIOR_PENDING_COUNT' - # - # typeset -g POWERLEVEL9K_TASKWARRIOR_CONTENT_EXPANSION='$P9K_TASKWARRIOR_PENDING_COUNT' - - # Custom icon. - # typeset -g POWERLEVEL9K_TASKWARRIOR_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ######[ per_directory_history: Oh My Zsh per-directory-history local/global indicator ]####### - # Color when using local/global history. - typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_LOCAL_FOREGROUND=0 - typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_LOCAL_BACKGROUND=5 - typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_GLOBAL_FOREGROUND=0 - typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_GLOBAL_BACKGROUND=3 - - # Tip: Uncomment the next two lines to hide "local"/"global" text and leave just the icon. - # typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_LOCAL_CONTENT_EXPANSION='' - # typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_GLOBAL_CONTENT_EXPANSION='' - - # Custom icon. - # typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_LOCAL_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_GLOBAL_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ################################[ cpu_arch: CPU architecture ]################################ - # CPU architecture color. - typeset -g POWERLEVEL9K_CPU_ARCH_FOREGROUND=0 - typeset -g POWERLEVEL9K_CPU_ARCH_BACKGROUND=3 - - # Hide the segment when on a specific CPU architecture. - # typeset -g POWERLEVEL9K_CPU_ARCH_X86_64_CONTENT_EXPANSION= - # typeset -g POWERLEVEL9K_CPU_ARCH_X86_64_VISUAL_IDENTIFIER_EXPANSION= - - # Custom icon. - # typeset -g POWERLEVEL9K_CPU_ARCH_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##################################[ context: user@hostname ]################################## - # Context color when running with privileges. - typeset -g POWERLEVEL9K_CONTEXT_ROOT_FOREGROUND=1 - typeset -g POWERLEVEL9K_CONTEXT_ROOT_BACKGROUND=0 - # Context color in SSH without privileges. - typeset -g POWERLEVEL9K_CONTEXT_{REMOTE,REMOTE_SUDO}_FOREGROUND=3 - typeset -g POWERLEVEL9K_CONTEXT_{REMOTE,REMOTE_SUDO}_BACKGROUND=0 - # Default context color (no privileges, no SSH). - typeset -g POWERLEVEL9K_CONTEXT_FOREGROUND=3 - typeset -g POWERLEVEL9K_CONTEXT_BACKGROUND=0 - - # Context format when running with privileges: user@hostname. - typeset -g POWERLEVEL9K_CONTEXT_ROOT_TEMPLATE='%n@%m' - # Context format when in SSH without privileges: user@hostname. - typeset -g POWERLEVEL9K_CONTEXT_{REMOTE,REMOTE_SUDO}_TEMPLATE='%n@%m' - # Default context format (no privileges, no SSH): user@hostname. - typeset -g POWERLEVEL9K_CONTEXT_TEMPLATE='%n@%m' - - # Don't show context unless running with privileges or in SSH. - # Tip: Remove the next line to always show context. - typeset -g POWERLEVEL9K_CONTEXT_{DEFAULT,SUDO}_{CONTENT,VISUAL_IDENTIFIER}_EXPANSION= - - # Custom icon. - # typeset -g POWERLEVEL9K_CONTEXT_VISUAL_IDENTIFIER_EXPANSION='⭐' - # Custom prefix. - # typeset -g POWERLEVEL9K_CONTEXT_PREFIX='with ' - - ###[ virtualenv: python virtual environment (https://docs.python.org/3/library/venv.html) ]### - # Python virtual environment color. - typeset -g POWERLEVEL9K_VIRTUALENV_FOREGROUND=0 - typeset -g POWERLEVEL9K_VIRTUALENV_BACKGROUND=4 - # Don't show Python version next to the virtual environment name. - typeset -g POWERLEVEL9K_VIRTUALENV_SHOW_PYTHON_VERSION=false - # If set to "false", won't show virtualenv if pyenv is already shown. - # If set to "if-different", won't show virtualenv if it's the same as pyenv. - typeset -g POWERLEVEL9K_VIRTUALENV_SHOW_WITH_PYENV=false - # Separate environment name from Python version only with a space. - typeset -g POWERLEVEL9K_VIRTUALENV_{LEFT,RIGHT}_DELIMITER= - # Custom icon. - # typeset -g POWERLEVEL9K_VIRTUALENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #####################[ anaconda: conda environment (https://conda.io/) ]###################### - # Anaconda environment color. - typeset -g POWERLEVEL9K_ANACONDA_FOREGROUND=0 - typeset -g POWERLEVEL9K_ANACONDA_BACKGROUND=4 - - # Anaconda segment format. The following parameters are available within the expansion. - # - # - CONDA_PREFIX Absolute path to the active Anaconda/Miniconda environment. - # - CONDA_DEFAULT_ENV Name of the active Anaconda/Miniconda environment. - # - CONDA_PROMPT_MODIFIER Configurable prompt modifier (see below). - # - P9K_ANACONDA_PYTHON_VERSION Current python version (python --version). - # - # CONDA_PROMPT_MODIFIER can be configured with the following command: - # - # conda config --set env_prompt '({default_env}) ' - # - # The last argument is a Python format string that can use the following variables: - # - # - prefix The same as CONDA_PREFIX. - # - default_env The same as CONDA_DEFAULT_ENV. - # - name The last segment of CONDA_PREFIX. - # - stacked_env Comma-separated list of names in the environment stack. The first element is - # always the same as default_env. - # - # Note: '({default_env}) ' is the default value of env_prompt. - # - # The default value of POWERLEVEL9K_ANACONDA_CONTENT_EXPANSION expands to $CONDA_PROMPT_MODIFIER - # without the surrounding parentheses, or to the last path component of CONDA_PREFIX if the former - # is empty. - typeset -g POWERLEVEL9K_ANACONDA_CONTENT_EXPANSION='${${${${CONDA_PROMPT_MODIFIER#\(}% }%\)}:-${CONDA_PREFIX:t}}' - - # Custom icon. - # typeset -g POWERLEVEL9K_ANACONDA_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ################[ pyenv: python environment (https://github.com/pyenv/pyenv) ]################ - # Pyenv color. - typeset -g POWERLEVEL9K_PYENV_FOREGROUND=0 - typeset -g POWERLEVEL9K_PYENV_BACKGROUND=4 - # Hide python version if it doesn't come from one of these sources. - typeset -g POWERLEVEL9K_PYENV_SOURCES=(shell local global) - # If set to false, hide python version if it's the same as global: - # $(pyenv version-name) == $(pyenv global). - typeset -g POWERLEVEL9K_PYENV_PROMPT_ALWAYS_SHOW=false - # If set to false, hide python version if it's equal to "system". - typeset -g POWERLEVEL9K_PYENV_SHOW_SYSTEM=true - - # Pyenv segment format. The following parameters are available within the expansion. - # - # - P9K_CONTENT Current pyenv environment (pyenv version-name). - # - P9K_PYENV_PYTHON_VERSION Current python version (python --version). - # - # The default format has the following logic: - # - # 1. Display just "$P9K_CONTENT" if it's equal to "$P9K_PYENV_PYTHON_VERSION" or - # starts with "$P9K_PYENV_PYTHON_VERSION/". - # 2. Otherwise display "$P9K_CONTENT $P9K_PYENV_PYTHON_VERSION". - typeset -g POWERLEVEL9K_PYENV_CONTENT_EXPANSION='${P9K_CONTENT}${${P9K_CONTENT:#$P9K_PYENV_PYTHON_VERSION(|/*)}:+ $P9K_PYENV_PYTHON_VERSION}' - - # Custom icon. - # typeset -g POWERLEVEL9K_PYENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ################[ goenv: go environment (https://github.com/syndbg/goenv) ]################ - # Goenv color. - typeset -g POWERLEVEL9K_GOENV_FOREGROUND=0 - typeset -g POWERLEVEL9K_GOENV_BACKGROUND=4 - # Hide go version if it doesn't come from one of these sources. - typeset -g POWERLEVEL9K_GOENV_SOURCES=(shell local global) - # If set to false, hide go version if it's the same as global: - # $(goenv version-name) == $(goenv global). - typeset -g POWERLEVEL9K_GOENV_PROMPT_ALWAYS_SHOW=false - # If set to false, hide go version if it's equal to "system". - typeset -g POWERLEVEL9K_GOENV_SHOW_SYSTEM=true - # Custom icon. - # typeset -g POWERLEVEL9K_GOENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##########[ nodenv: node.js version from nodenv (https://github.com/nodenv/nodenv) ]########## - # Nodenv color. - typeset -g POWERLEVEL9K_NODENV_FOREGROUND=2 - typeset -g POWERLEVEL9K_NODENV_BACKGROUND=0 - # Hide node version if it doesn't come from one of these sources. - typeset -g POWERLEVEL9K_NODENV_SOURCES=(shell local global) - # If set to false, hide node version if it's the same as global: - # $(nodenv version-name) == $(nodenv global). - typeset -g POWERLEVEL9K_NODENV_PROMPT_ALWAYS_SHOW=false - # If set to false, hide node version if it's equal to "system". - typeset -g POWERLEVEL9K_NODENV_SHOW_SYSTEM=true - # Custom icon. - # typeset -g POWERLEVEL9K_NODENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##############[ nvm: node.js version from nvm (https://github.com/nvm-sh/nvm) ]############### - # Nvm color. - typeset -g POWERLEVEL9K_NVM_FOREGROUND=0 - typeset -g POWERLEVEL9K_NVM_BACKGROUND=5 - # If set to false, hide node version if it's the same as default: - # $(nvm version current) == $(nvm version default). - typeset -g POWERLEVEL9K_NVM_PROMPT_ALWAYS_SHOW=false - # If set to false, hide node version if it's equal to "system". - typeset -g POWERLEVEL9K_NVM_SHOW_SYSTEM=true - # Custom icon. - # typeset -g POWERLEVEL9K_NVM_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ############[ nodeenv: node.js environment (https://github.com/ekalinin/nodeenv) ]############ - # Nodeenv color. - typeset -g POWERLEVEL9K_NODEENV_FOREGROUND=2 - typeset -g POWERLEVEL9K_NODEENV_BACKGROUND=0 - # Don't show Node version next to the environment name. - typeset -g POWERLEVEL9K_NODEENV_SHOW_NODE_VERSION=false - # Separate environment name from Node version only with a space. - typeset -g POWERLEVEL9K_NODEENV_{LEFT,RIGHT}_DELIMITER= - # Custom icon. - # typeset -g POWERLEVEL9K_NODEENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##############################[ node_version: node.js version ]############################### - # Node version color. - typeset -g POWERLEVEL9K_NODE_VERSION_FOREGROUND=7 - typeset -g POWERLEVEL9K_NODE_VERSION_BACKGROUND=2 - # Show node version only when in a directory tree containing package.json. - typeset -g POWERLEVEL9K_NODE_VERSION_PROJECT_ONLY=true - # Custom icon. - # typeset -g POWERLEVEL9K_NODE_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #######################[ go_version: go version (https://golang.org) ]######################## - # Go version color. - typeset -g POWERLEVEL9K_GO_VERSION_FOREGROUND=255 - typeset -g POWERLEVEL9K_GO_VERSION_BACKGROUND=2 - # Show go version only when in a go project subdirectory. - typeset -g POWERLEVEL9K_GO_VERSION_PROJECT_ONLY=true - # Custom icon. - # typeset -g POWERLEVEL9K_GO_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #################[ rust_version: rustc version (https://www.rust-lang.org) ]################## - # Rust version color. - typeset -g POWERLEVEL9K_RUST_VERSION_FOREGROUND=0 - typeset -g POWERLEVEL9K_RUST_VERSION_BACKGROUND=208 - # Show rust version only when in a rust project subdirectory. - typeset -g POWERLEVEL9K_RUST_VERSION_PROJECT_ONLY=true - # Custom icon. - # typeset -g POWERLEVEL9K_RUST_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###############[ dotnet_version: .NET version (https://dotnet.microsoft.com) ]################ - # .NET version color. - typeset -g POWERLEVEL9K_DOTNET_VERSION_FOREGROUND=7 - typeset -g POWERLEVEL9K_DOTNET_VERSION_BACKGROUND=5 - # Show .NET version only when in a .NET project subdirectory. - typeset -g POWERLEVEL9K_DOTNET_VERSION_PROJECT_ONLY=true - # Custom icon. - # typeset -g POWERLEVEL9K_DOTNET_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #####################[ php_version: php version (https://www.php.net/) ]###################### - # PHP version color. - typeset -g POWERLEVEL9K_PHP_VERSION_FOREGROUND=0 - typeset -g POWERLEVEL9K_PHP_VERSION_BACKGROUND=5 - # Show PHP version only when in a PHP project subdirectory. - typeset -g POWERLEVEL9K_PHP_VERSION_PROJECT_ONLY=true - # Custom icon. - # typeset -g POWERLEVEL9K_PHP_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##########[ laravel_version: laravel php framework version (https://laravel.com/) ]########### - # Laravel version color. - typeset -g POWERLEVEL9K_LARAVEL_VERSION_FOREGROUND=1 - typeset -g POWERLEVEL9K_LARAVEL_VERSION_BACKGROUND=7 - # Custom icon. - # typeset -g POWERLEVEL9K_LARAVEL_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #############[ rbenv: ruby version from rbenv (https://github.com/rbenv/rbenv) ]############## - # Rbenv color. - typeset -g POWERLEVEL9K_RBENV_FOREGROUND=0 - typeset -g POWERLEVEL9K_RBENV_BACKGROUND=1 - # Hide ruby version if it doesn't come from one of these sources. - typeset -g POWERLEVEL9K_RBENV_SOURCES=(shell local global) - # If set to false, hide ruby version if it's the same as global: - # $(rbenv version-name) == $(rbenv global). - typeset -g POWERLEVEL9K_RBENV_PROMPT_ALWAYS_SHOW=false - # If set to false, hide ruby version if it's equal to "system". - typeset -g POWERLEVEL9K_RBENV_SHOW_SYSTEM=true - # Custom icon. - # typeset -g POWERLEVEL9K_RBENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ####################[ java_version: java version (https://www.java.com/) ]#################### - # Java version color. - typeset -g POWERLEVEL9K_JAVA_VERSION_FOREGROUND=1 - typeset -g POWERLEVEL9K_JAVA_VERSION_BACKGROUND=7 - # Show java version only when in a java project subdirectory. - typeset -g POWERLEVEL9K_JAVA_VERSION_PROJECT_ONLY=true - # Show brief version. - typeset -g POWERLEVEL9K_JAVA_VERSION_FULL=false - # Custom icon. - # typeset -g POWERLEVEL9K_JAVA_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###[ package: name@version from package.json (https://docs.npmjs.com/files/package.json) ]#### - # Package color. - typeset -g POWERLEVEL9K_PACKAGE_FOREGROUND=0 - typeset -g POWERLEVEL9K_PACKAGE_BACKGROUND=6 - - # Package format. The following parameters are available within the expansion. - # - # - P9K_PACKAGE_NAME The value of `name` field in package.json. - # - P9K_PACKAGE_VERSION The value of `version` field in package.json. - # - # typeset -g POWERLEVEL9K_PACKAGE_CONTENT_EXPANSION='${P9K_PACKAGE_NAME//\%/%%}@${P9K_PACKAGE_VERSION//\%/%%}' - - # Custom icon. - # typeset -g POWERLEVEL9K_PACKAGE_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #######################[ rvm: ruby version from rvm (https://rvm.io) ]######################## - # Rvm color. - typeset -g POWERLEVEL9K_RVM_FOREGROUND=0 - typeset -g POWERLEVEL9K_RVM_BACKGROUND=240 - # Don't show @gemset at the end. - typeset -g POWERLEVEL9K_RVM_SHOW_GEMSET=false - # Don't show ruby- at the front. - typeset -g POWERLEVEL9K_RVM_SHOW_PREFIX=false - # Custom icon. - # typeset -g POWERLEVEL9K_RVM_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###########[ fvm: flutter version management (https://github.com/leoafarias/fvm) ]############ - # Fvm color. - typeset -g POWERLEVEL9K_FVM_FOREGROUND=0 - typeset -g POWERLEVEL9K_FVM_BACKGROUND=4 - # Custom icon. - # typeset -g POWERLEVEL9K_FVM_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##########[ luaenv: lua version from luaenv (https://github.com/cehoffman/luaenv) ]########### - # Lua color. - typeset -g POWERLEVEL9K_LUAENV_FOREGROUND=0 - typeset -g POWERLEVEL9K_LUAENV_BACKGROUND=4 - # Hide lua version if it doesn't come from one of these sources. - typeset -g POWERLEVEL9K_LUAENV_SOURCES=(shell local global) - # If set to false, hide lua version if it's the same as global: - # $(luaenv version-name) == $(luaenv global). - typeset -g POWERLEVEL9K_LUAENV_PROMPT_ALWAYS_SHOW=false - # If set to false, hide lua version if it's equal to "system". - typeset -g POWERLEVEL9K_LUAENV_SHOW_SYSTEM=true - # Custom icon. - # typeset -g POWERLEVEL9K_LUAENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###############[ jenv: java version from jenv (https://github.com/jenv/jenv) ]################ - # Java color. - typeset -g POWERLEVEL9K_JENV_FOREGROUND=1 - typeset -g POWERLEVEL9K_JENV_BACKGROUND=7 - # Hide java version if it doesn't come from one of these sources. - typeset -g POWERLEVEL9K_JENV_SOURCES=(shell local global) - # If set to false, hide java version if it's the same as global: - # $(jenv version-name) == $(jenv global). - typeset -g POWERLEVEL9K_JENV_PROMPT_ALWAYS_SHOW=false - # If set to false, hide java version if it's equal to "system". - typeset -g POWERLEVEL9K_JENV_SHOW_SYSTEM=true - # Custom icon. - # typeset -g POWERLEVEL9K_JENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###########[ plenv: perl version from plenv (https://github.com/tokuhirom/plenv) ]############ - # Perl color. - typeset -g POWERLEVEL9K_PLENV_FOREGROUND=0 - typeset -g POWERLEVEL9K_PLENV_BACKGROUND=4 - # Hide perl version if it doesn't come from one of these sources. - typeset -g POWERLEVEL9K_PLENV_SOURCES=(shell local global) - # If set to false, hide perl version if it's the same as global: - # $(plenv version-name) == $(plenv global). - typeset -g POWERLEVEL9K_PLENV_PROMPT_ALWAYS_SHOW=false - # If set to false, hide perl version if it's equal to "system". - typeset -g POWERLEVEL9K_PLENV_SHOW_SYSTEM=true - # Custom icon. - # typeset -g POWERLEVEL9K_PLENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###########[ perlbrew: perl version from perlbrew (https://github.com/gugod/App-perlbrew) ]############ - # Perlbrew color. - typeset -g POWERLEVEL9K_PERLBREW_FOREGROUND=67 - # Show perlbrew version only when in a perl project subdirectory. - typeset -g POWERLEVEL9K_PERLBREW_PROJECT_ONLY=true - # Don't show "perl-" at the front. - typeset -g POWERLEVEL9K_PERLBREW_SHOW_PREFIX=false - # Custom icon. - # typeset -g POWERLEVEL9K_PERLBREW_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ############[ phpenv: php version from phpenv (https://github.com/phpenv/phpenv) ]############ - # PHP color. - typeset -g POWERLEVEL9K_PHPENV_FOREGROUND=0 - typeset -g POWERLEVEL9K_PHPENV_BACKGROUND=5 - # Hide php version if it doesn't come from one of these sources. - typeset -g POWERLEVEL9K_PHPENV_SOURCES=(shell local global) - # If set to false, hide php version if it's the same as global: - # $(phpenv version-name) == $(phpenv global). - typeset -g POWERLEVEL9K_PHPENV_PROMPT_ALWAYS_SHOW=false - # If set to false, hide PHP version if it's equal to "system". - typeset -g POWERLEVEL9K_PHPENV_SHOW_SYSTEM=true - # Custom icon. - # typeset -g POWERLEVEL9K_PHPENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #######[ scalaenv: scala version from scalaenv (https://github.com/scalaenv/scalaenv) ]####### - # Scala color. - typeset -g POWERLEVEL9K_SCALAENV_FOREGROUND=0 - typeset -g POWERLEVEL9K_SCALAENV_BACKGROUND=1 - # Hide scala version if it doesn't come from one of these sources. - typeset -g POWERLEVEL9K_SCALAENV_SOURCES=(shell local global) - # If set to false, hide scala version if it's the same as global: - # $(scalaenv version-name) == $(scalaenv global). - typeset -g POWERLEVEL9K_SCALAENV_PROMPT_ALWAYS_SHOW=false - # If set to false, hide scala version if it's equal to "system". - typeset -g POWERLEVEL9K_SCALAENV_SHOW_SYSTEM=true - # Custom icon. - # typeset -g POWERLEVEL9K_SCALAENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##########[ haskell_stack: haskell version from stack (https://haskellstack.org/) ]########### - # Haskell color. - typeset -g POWERLEVEL9K_HASKELL_STACK_FOREGROUND=0 - typeset -g POWERLEVEL9K_HASKELL_STACK_BACKGROUND=3 - - # Hide haskell version if it doesn't come from one of these sources. - # - # shell: version is set by STACK_YAML - # local: version is set by stack.yaml up the directory tree - # global: version is set by the implicit global project (~/.stack/global-project/stack.yaml) - typeset -g POWERLEVEL9K_HASKELL_STACK_SOURCES=(shell local) - # If set to false, hide haskell version if it's the same as in the implicit global project. - typeset -g POWERLEVEL9K_HASKELL_STACK_ALWAYS_SHOW=true - # Custom icon. - # typeset -g POWERLEVEL9K_HASKELL_STACK_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ################[ terraform: terraform workspace (https://www.terraform.io) ]################# - # Don't show terraform workspace if it's literally "default". - typeset -g POWERLEVEL9K_TERRAFORM_SHOW_DEFAULT=false - # POWERLEVEL9K_TERRAFORM_CLASSES is an array with even number of elements. The first element - # in each pair defines a pattern against which the current terraform workspace gets matched. - # More specifically, it's P9K_CONTENT prior to the application of context expansion (see below) - # that gets matched. If you unset all POWERLEVEL9K_TERRAFORM_*CONTENT_EXPANSION parameters, - # you'll see this value in your prompt. The second element of each pair in - # POWERLEVEL9K_TERRAFORM_CLASSES defines the workspace class. Patterns are tried in order. The - # first match wins. - # - # For example, given these settings: - # - # typeset -g POWERLEVEL9K_TERRAFORM_CLASSES=( - # '*prod*' PROD - # '*test*' TEST - # '*' OTHER) - # - # If your current terraform workspace is "project_test", its class is TEST because "project_test" - # doesn't match the pattern '*prod*' but does match '*test*'. - # - # You can define different colors, icons and content expansions for different classes: - # - # typeset -g POWERLEVEL9K_TERRAFORM_TEST_FOREGROUND=2 - # typeset -g POWERLEVEL9K_TERRAFORM_TEST_BACKGROUND=0 - # typeset -g POWERLEVEL9K_TERRAFORM_TEST_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_TERRAFORM_TEST_CONTENT_EXPANSION='> ${P9K_CONTENT} <' - typeset -g POWERLEVEL9K_TERRAFORM_CLASSES=( - # '*prod*' PROD # These values are examples that are unlikely - # '*test*' TEST # to match your needs. Customize them as needed. - '*' OTHER) - typeset -g POWERLEVEL9K_TERRAFORM_OTHER_FOREGROUND=4 - typeset -g POWERLEVEL9K_TERRAFORM_OTHER_BACKGROUND=0 - # typeset -g POWERLEVEL9K_TERRAFORM_OTHER_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #############[ terraform_version: terraform version (https://www.terraform.io) ]############## - # Terraform version color. - typeset -g POWERLEVEL9K_TERRAFORM_VERSION_FOREGROUND=4 - typeset -g POWERLEVEL9K_TERRAFORM_VERSION_BACKGROUND=0 - # Custom icon. - # typeset -g POWERLEVEL9K_TERRAFORM_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ################[ terraform_version: It shows active terraform version (https://www.terraform.io) ]################# - typeset -g POWERLEVEL9K_TERRAFORM_VERSION_SHOW_ON_COMMAND='terraform|tf' - - #############[ kubecontext: current kubernetes context (https://kubernetes.io/) ]############# - # Show kubecontext only when the command you are typing invokes one of these tools. - # Tip: Remove the next line to always show kubecontext. - typeset -g POWERLEVEL9K_KUBECONTEXT_SHOW_ON_COMMAND='kubectl|helm|kubens|kubectx|oc|istioctl|kogito|k9s|helmfile|flux|fluxctl|stern|kubeseal|skaffold|kubent|kubecolor|cmctl|sparkctl' - - # Kubernetes context classes for the purpose of using different colors, icons and expansions with - # different contexts. - # - # POWERLEVEL9K_KUBECONTEXT_CLASSES is an array with even number of elements. The first element - # in each pair defines a pattern against which the current kubernetes context gets matched. - # More specifically, it's P9K_CONTENT prior to the application of context expansion (see below) - # that gets matched. If you unset all POWERLEVEL9K_KUBECONTEXT_*CONTENT_EXPANSION parameters, - # you'll see this value in your prompt. The second element of each pair in - # POWERLEVEL9K_KUBECONTEXT_CLASSES defines the context class. Patterns are tried in order. The - # first match wins. - # - # For example, given these settings: - # - # typeset -g POWERLEVEL9K_KUBECONTEXT_CLASSES=( - # '*prod*' PROD - # '*test*' TEST - # '*' DEFAULT) - # - # If your current kubernetes context is "deathray-testing/default", its class is TEST - # because "deathray-testing/default" doesn't match the pattern '*prod*' but does match '*test*'. - # - # You can define different colors, icons and content expansions for different classes: - # - # typeset -g POWERLEVEL9K_KUBECONTEXT_TEST_FOREGROUND=0 - # typeset -g POWERLEVEL9K_KUBECONTEXT_TEST_BACKGROUND=2 - # typeset -g POWERLEVEL9K_KUBECONTEXT_TEST_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_KUBECONTEXT_TEST_CONTENT_EXPANSION='> ${P9K_CONTENT} <' - typeset -g POWERLEVEL9K_KUBECONTEXT_CLASSES=( - # '*prod*' PROD # These values are examples that are unlikely - # '*test*' TEST # to match your needs. Customize them as needed. - '*' DEFAULT) - typeset -g POWERLEVEL9K_KUBECONTEXT_DEFAULT_FOREGROUND=7 - typeset -g POWERLEVEL9K_KUBECONTEXT_DEFAULT_BACKGROUND=5 - # typeset -g POWERLEVEL9K_KUBECONTEXT_DEFAULT_VISUAL_IDENTIFIER_EXPANSION='⭐' - - # Use POWERLEVEL9K_KUBECONTEXT_CONTENT_EXPANSION to specify the content displayed by kubecontext - # segment. Parameter expansions are very flexible and fast, too. See reference: - # http://zsh.sourceforge.net/Doc/Release/Expansion.html#Parameter-Expansion. - # - # Within the expansion the following parameters are always available: - # - # - P9K_CONTENT The content that would've been displayed if there was no content - # expansion defined. - # - P9K_KUBECONTEXT_NAME The current context's name. Corresponds to column NAME in the - # output of `kubectl config get-contexts`. - # - P9K_KUBECONTEXT_CLUSTER The current context's cluster. Corresponds to column CLUSTER in the - # output of `kubectl config get-contexts`. - # - P9K_KUBECONTEXT_NAMESPACE The current context's namespace. Corresponds to column NAMESPACE - # in the output of `kubectl config get-contexts`. If there is no - # namespace, the parameter is set to "default". - # - P9K_KUBECONTEXT_USER The current context's user. Corresponds to column AUTHINFO in the - # output of `kubectl config get-contexts`. - # - # If the context points to Google Kubernetes Engine (GKE) or Elastic Kubernetes Service (EKS), - # the following extra parameters are available: - # - # - P9K_KUBECONTEXT_CLOUD_NAME Either "gke" or "eks". - # - P9K_KUBECONTEXT_CLOUD_ACCOUNT Account/project ID. - # - P9K_KUBECONTEXT_CLOUD_ZONE Availability zone. - # - P9K_KUBECONTEXT_CLOUD_CLUSTER Cluster. - # - # P9K_KUBECONTEXT_CLOUD_* parameters are derived from P9K_KUBECONTEXT_CLUSTER. For example, - # if P9K_KUBECONTEXT_CLUSTER is "gke_my-account_us-east1-a_my-cluster-01": - # - # - P9K_KUBECONTEXT_CLOUD_NAME=gke - # - P9K_KUBECONTEXT_CLOUD_ACCOUNT=my-account - # - P9K_KUBECONTEXT_CLOUD_ZONE=us-east1-a - # - P9K_KUBECONTEXT_CLOUD_CLUSTER=my-cluster-01 - # - # If P9K_KUBECONTEXT_CLUSTER is "arn:aws:eks:us-east-1:123456789012:cluster/my-cluster-01": - # - # - P9K_KUBECONTEXT_CLOUD_NAME=eks - # - P9K_KUBECONTEXT_CLOUD_ACCOUNT=123456789012 - # - P9K_KUBECONTEXT_CLOUD_ZONE=us-east-1 - # - P9K_KUBECONTEXT_CLOUD_CLUSTER=my-cluster-01 - typeset -g POWERLEVEL9K_KUBECONTEXT_DEFAULT_CONTENT_EXPANSION= - # Show P9K_KUBECONTEXT_CLOUD_CLUSTER if it's not empty and fall back to P9K_KUBECONTEXT_NAME. - POWERLEVEL9K_KUBECONTEXT_DEFAULT_CONTENT_EXPANSION+='${P9K_KUBECONTEXT_CLOUD_CLUSTER:-${P9K_KUBECONTEXT_NAME}}' - # Append the current context's namespace if it's not "default". - POWERLEVEL9K_KUBECONTEXT_DEFAULT_CONTENT_EXPANSION+='${${:-/$P9K_KUBECONTEXT_NAMESPACE}:#/default}' - - # Custom prefix. - # typeset -g POWERLEVEL9K_KUBECONTEXT_PREFIX='at ' - - #[ aws: aws profile (https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html) ]# - # Show aws only when the command you are typing invokes one of these tools. - # Tip: Remove the next line to always show aws. - typeset -g POWERLEVEL9K_AWS_SHOW_ON_COMMAND='aws|awless|cdk|terraform|pulumi|terragrunt' - - # POWERLEVEL9K_AWS_CLASSES is an array with even number of elements. The first element - # in each pair defines a pattern against which the current AWS profile gets matched. - # More specifically, it's P9K_CONTENT prior to the application of context expansion (see below) - # that gets matched. If you unset all POWERLEVEL9K_AWS_*CONTENT_EXPANSION parameters, - # you'll see this value in your prompt. The second element of each pair in - # POWERLEVEL9K_AWS_CLASSES defines the profile class. Patterns are tried in order. The - # first match wins. - # - # For example, given these settings: - # - # typeset -g POWERLEVEL9K_AWS_CLASSES=( - # '*prod*' PROD - # '*test*' TEST - # '*' DEFAULT) - # - # If your current AWS profile is "company_test", its class is TEST - # because "company_test" doesn't match the pattern '*prod*' but does match '*test*'. - # - # You can define different colors, icons and content expansions for different classes: - # - # typeset -g POWERLEVEL9K_AWS_TEST_FOREGROUND=28 - # typeset -g POWERLEVEL9K_AWS_TEST_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_AWS_TEST_CONTENT_EXPANSION='> ${P9K_CONTENT} <' - typeset -g POWERLEVEL9K_AWS_CLASSES=( - # '*prod*' PROD # These values are examples that are unlikely - # '*test*' TEST # to match your needs. Customize them as needed. - '*' DEFAULT) - typeset -g POWERLEVEL9K_AWS_DEFAULT_FOREGROUND=7 - typeset -g POWERLEVEL9K_AWS_DEFAULT_BACKGROUND=1 - # typeset -g POWERLEVEL9K_AWS_DEFAULT_VISUAL_IDENTIFIER_EXPANSION='⭐' - - # AWS segment format. The following parameters are available within the expansion. - # - # - P9K_AWS_PROFILE The name of the current AWS profile. - # - P9K_AWS_REGION The region associated with the current AWS profile. - typeset -g POWERLEVEL9K_AWS_CONTENT_EXPANSION='${P9K_AWS_PROFILE//\%/%%}${P9K_AWS_REGION:+ ${P9K_AWS_REGION//\%/%%}}' - - #[ aws_eb_env: aws elastic beanstalk environment (https://aws.amazon.com/elasticbeanstalk/) ]# - # AWS Elastic Beanstalk environment color. - typeset -g POWERLEVEL9K_AWS_EB_ENV_FOREGROUND=2 - typeset -g POWERLEVEL9K_AWS_EB_ENV_BACKGROUND=0 - # Custom icon. - # typeset -g POWERLEVEL9K_AWS_EB_ENV_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##########[ azure: azure account name (https://docs.microsoft.com/en-us/cli/azure) ]########## - # Show azure only when the command you are typing invokes one of these tools. - # Tip: Remove the next line to always show azure. - typeset -g POWERLEVEL9K_AZURE_SHOW_ON_COMMAND='az|terraform|pulumi|terragrunt' - - # POWERLEVEL9K_AZURE_CLASSES is an array with even number of elements. The first element - # in each pair defines a pattern against which the current azure account name gets matched. - # More specifically, it's P9K_CONTENT prior to the application of context expansion (see below) - # that gets matched. If you unset all POWERLEVEL9K_AZURE_*CONTENT_EXPANSION parameters, - # you'll see this value in your prompt. The second element of each pair in - # POWERLEVEL9K_AZURE_CLASSES defines the account class. Patterns are tried in order. The - # first match wins. - # - # For example, given these settings: - # - # typeset -g POWERLEVEL9K_AZURE_CLASSES=( - # '*prod*' PROD - # '*test*' TEST - # '*' OTHER) - # - # If your current azure account is "company_test", its class is TEST because "company_test" - # doesn't match the pattern '*prod*' but does match '*test*'. - # - # You can define different colors, icons and content expansions for different classes: - # - # typeset -g POWERLEVEL9K_AZURE_TEST_FOREGROUND=2 - # typeset -g POWERLEVEL9K_AZURE_TEST_BACKGROUND=0 - # typeset -g POWERLEVEL9K_AZURE_TEST_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_AZURE_TEST_CONTENT_EXPANSION='> ${P9K_CONTENT} <' - typeset -g POWERLEVEL9K_AZURE_CLASSES=( - # '*prod*' PROD # These values are examples that are unlikely - # '*test*' TEST # to match your needs. Customize them as needed. - '*' OTHER) - - # Azure account name color. - typeset -g POWERLEVEL9K_AZURE_OTHER_FOREGROUND=7 - typeset -g POWERLEVEL9K_AZURE_OTHER_BACKGROUND=4 - # Custom icon. - # typeset -g POWERLEVEL9K_AZURE_OTHER_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ##########[ gcloud: google cloud account and project (https://cloud.google.com/) ]########### - # Show gcloud only when the command you are typing invokes one of these tools. - # Tip: Remove the next line to always show gcloud. - typeset -g POWERLEVEL9K_GCLOUD_SHOW_ON_COMMAND='gcloud|gcs|gsutil' - # Google cloud color. - typeset -g POWERLEVEL9K_GCLOUD_FOREGROUND=7 - typeset -g POWERLEVEL9K_GCLOUD_BACKGROUND=4 - - # Google cloud format. Change the value of POWERLEVEL9K_GCLOUD_PARTIAL_CONTENT_EXPANSION and/or - # POWERLEVEL9K_GCLOUD_COMPLETE_CONTENT_EXPANSION if the default is too verbose or not informative - # enough. You can use the following parameters in the expansions. Each of them corresponds to the - # output of `gcloud` tool. - # - # Parameter | Source - # -------------------------|-------------------------------------------------------------------- - # P9K_GCLOUD_CONFIGURATION | gcloud config configurations list --format='value(name)' - # P9K_GCLOUD_ACCOUNT | gcloud config get-value account - # P9K_GCLOUD_PROJECT_ID | gcloud config get-value project - # P9K_GCLOUD_PROJECT_NAME | gcloud projects describe $P9K_GCLOUD_PROJECT_ID --format='value(name)' - # - # Note: ${VARIABLE//\%/%%} expands to ${VARIABLE} with all occurrences of '%' replaced with '%%'. - # - # Obtaining project name requires sending a request to Google servers. This can take a long time - # and even fail. When project name is unknown, P9K_GCLOUD_PROJECT_NAME is not set and gcloud - # prompt segment is in state PARTIAL. When project name gets known, P9K_GCLOUD_PROJECT_NAME gets - # set and gcloud prompt segment transitions to state COMPLETE. - # - # You can customize the format, icon and colors of gcloud segment separately for states PARTIAL - # and COMPLETE. You can also hide gcloud in state PARTIAL by setting - # POWERLEVEL9K_GCLOUD_PARTIAL_VISUAL_IDENTIFIER_EXPANSION and - # POWERLEVEL9K_GCLOUD_PARTIAL_CONTENT_EXPANSION to empty. - typeset -g POWERLEVEL9K_GCLOUD_PARTIAL_CONTENT_EXPANSION='${P9K_GCLOUD_PROJECT_ID//\%/%%}' - typeset -g POWERLEVEL9K_GCLOUD_COMPLETE_CONTENT_EXPANSION='${P9K_GCLOUD_PROJECT_NAME//\%/%%}' - - # Send a request to Google (by means of `gcloud projects describe ...`) to obtain project name - # this often. Negative value disables periodic polling. In this mode project name is retrieved - # only when the current configuration, account or project id changes. - typeset -g POWERLEVEL9K_GCLOUD_REFRESH_PROJECT_NAME_SECONDS=60 - - # Custom icon. - # typeset -g POWERLEVEL9K_GCLOUD_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #[ google_app_cred: google application credentials (https://cloud.google.com/docs/authentication/production) ]# - # Show google_app_cred only when the command you are typing invokes one of these tools. - # Tip: Remove the next line to always show google_app_cred. - typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_SHOW_ON_COMMAND='terraform|pulumi|terragrunt' - - # Google application credentials classes for the purpose of using different colors, icons and - # expansions with different credentials. - # - # POWERLEVEL9K_GOOGLE_APP_CRED_CLASSES is an array with even number of elements. The first - # element in each pair defines a pattern against which the current kubernetes context gets - # matched. More specifically, it's P9K_CONTENT prior to the application of context expansion - # (see below) that gets matched. If you unset all POWERLEVEL9K_GOOGLE_APP_CRED_*CONTENT_EXPANSION - # parameters, you'll see this value in your prompt. The second element of each pair in - # POWERLEVEL9K_GOOGLE_APP_CRED_CLASSES defines the context class. Patterns are tried in order. - # The first match wins. - # - # For example, given these settings: - # - # typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_CLASSES=( - # '*:*prod*:*' PROD - # '*:*test*:*' TEST - # '*' DEFAULT) - # - # If your current Google application credentials is "service_account deathray-testing x@y.com", - # its class is TEST because it doesn't match the pattern '* *prod* *' but does match '* *test* *'. - # - # You can define different colors, icons and content expansions for different classes: - # - # typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_TEST_FOREGROUND=28 - # typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_TEST_VISUAL_IDENTIFIER_EXPANSION='⭐' - # typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_TEST_CONTENT_EXPANSION='$P9K_GOOGLE_APP_CRED_PROJECT_ID' - typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_CLASSES=( - # '*:*prod*:*' PROD # These values are examples that are unlikely - # '*:*test*:*' TEST # to match your needs. Customize them as needed. - '*' DEFAULT) - typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_DEFAULT_FOREGROUND=7 - typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_DEFAULT_BACKGROUND=4 - # typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_DEFAULT_VISUAL_IDENTIFIER_EXPANSION='⭐' - - # Use POWERLEVEL9K_GOOGLE_APP_CRED_CONTENT_EXPANSION to specify the content displayed by - # google_app_cred segment. Parameter expansions are very flexible and fast, too. See reference: - # http://zsh.sourceforge.net/Doc/Release/Expansion.html#Parameter-Expansion. - # - # You can use the following parameters in the expansion. Each of them corresponds to one of the - # fields in the JSON file pointed to by GOOGLE_APPLICATION_CREDENTIALS. - # - # Parameter | JSON key file field - # ---------------------------------+--------------- - # P9K_GOOGLE_APP_CRED_TYPE | type - # P9K_GOOGLE_APP_CRED_PROJECT_ID | project_id - # P9K_GOOGLE_APP_CRED_CLIENT_EMAIL | client_email - # - # Note: ${VARIABLE//\%/%%} expands to ${VARIABLE} with all occurrences of '%' replaced by '%%'. - typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_DEFAULT_CONTENT_EXPANSION='${P9K_GOOGLE_APP_CRED_PROJECT_ID//\%/%%}' - - ##############[ toolbox: toolbox name (https://github.com/containers/toolbox) ]############### - # Toolbox color. - typeset -g POWERLEVEL9K_TOOLBOX_FOREGROUND=0 - typeset -g POWERLEVEL9K_TOOLBOX_BACKGROUND=3 - # Don't display the name of the toolbox if it matches fedora-toolbox-*. - typeset -g POWERLEVEL9K_TOOLBOX_CONTENT_EXPANSION='${P9K_TOOLBOX_NAME:#fedora-toolbox-*}' - # Custom icon. - # typeset -g POWERLEVEL9K_TOOLBOX_VISUAL_IDENTIFIER_EXPANSION='⭐' - # Custom prefix. - # typeset -g POWERLEVEL9K_TOOLBOX_PREFIX='in ' - - ###############################[ public_ip: public IP address ]############################### - # Public IP color. - typeset -g POWERLEVEL9K_PUBLIC_IP_FOREGROUND=7 - typeset -g POWERLEVEL9K_PUBLIC_IP_BACKGROUND=0 - # Custom icon. - # typeset -g POWERLEVEL9K_PUBLIC_IP_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ########################[ vpn_ip: virtual private network indicator ]######################### - # VPN IP color. - typeset -g POWERLEVEL9K_VPN_IP_FOREGROUND=0 - typeset -g POWERLEVEL9K_VPN_IP_BACKGROUND=6 - # When on VPN, show just an icon without the IP address. - # Tip: To display the private IP address when on VPN, remove the next line. - typeset -g POWERLEVEL9K_VPN_IP_CONTENT_EXPANSION= - # Regular expression for the VPN network interface. Run `ifconfig` or `ip -4 a show` while on VPN - # to see the name of the interface. - typeset -g POWERLEVEL9K_VPN_IP_INTERFACE='(gpd|wg|(.*tun)|tailscale)[0-9]*|(zt.*)' - # If set to true, show one segment per matching network interface. If set to false, show only - # one segment corresponding to the first matching network interface. - # Tip: If you set it to true, you'll probably want to unset POWERLEVEL9K_VPN_IP_CONTENT_EXPANSION. - typeset -g POWERLEVEL9K_VPN_IP_SHOW_ALL=false - # Custom icon. - # typeset -g POWERLEVEL9K_VPN_IP_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ###########[ ip: ip address and bandwidth usage for a specified network interface ]########### - # IP color. - typeset -g POWERLEVEL9K_IP_BACKGROUND=4 - typeset -g POWERLEVEL9K_IP_FOREGROUND=0 - # The following parameters are accessible within the expansion: - # - # Parameter | Meaning - # ----------------------+------------------------------------------- - # P9K_IP_IP | IP address - # P9K_IP_INTERFACE | network interface - # P9K_IP_RX_BYTES | total number of bytes received - # P9K_IP_TX_BYTES | total number of bytes sent - # P9K_IP_RX_BYTES_DELTA | number of bytes received since last prompt - # P9K_IP_TX_BYTES_DELTA | number of bytes sent since last prompt - # P9K_IP_RX_RATE | receive rate (since last prompt) - # P9K_IP_TX_RATE | send rate (since last prompt) - typeset -g POWERLEVEL9K_IP_CONTENT_EXPANSION='${P9K_IP_RX_RATE:+⇣$P9K_IP_RX_RATE }${P9K_IP_TX_RATE:+⇡$P9K_IP_TX_RATE }$P9K_IP_IP' - # Show information for the first network interface whose name matches this regular expression. - # Run `ifconfig` or `ip -4 a show` to see the names of all network interfaces. - typeset -g POWERLEVEL9K_IP_INTERFACE='[ew].*' - # Custom icon. - # typeset -g POWERLEVEL9K_IP_VISUAL_IDENTIFIER_EXPANSION='⭐' - - #########################[ proxy: system-wide http/https/ftp proxy ]########################## - # Proxy color. - typeset -g POWERLEVEL9K_PROXY_FOREGROUND=4 - typeset -g POWERLEVEL9K_PROXY_BACKGROUND=0 - # Custom icon. - # typeset -g POWERLEVEL9K_PROXY_VISUAL_IDENTIFIER_EXPANSION='⭐' - - ################################[ battery: internal battery ]################################# - # Show battery in red when it's below this level and not connected to power supply. - typeset -g POWERLEVEL9K_BATTERY_LOW_THRESHOLD=20 - typeset -g POWERLEVEL9K_BATTERY_LOW_FOREGROUND=1 - # Show battery in green when it's charging or fully charged. - typeset -g POWERLEVEL9K_BATTERY_{CHARGING,CHARGED}_FOREGROUND=2 - # Show battery in yellow when it's discharging. - typeset -g POWERLEVEL9K_BATTERY_DISCONNECTED_FOREGROUND=3 - # Battery pictograms going from low to high level of charge. - typeset -g POWERLEVEL9K_BATTERY_STAGES='\uf58d\uf579\uf57a\uf57b\uf57c\uf57d\uf57e\uf57f\uf580\uf581\uf578' - # Don't show the remaining time to charge/discharge. - typeset -g POWERLEVEL9K_BATTERY_VERBOSE=false - typeset -g POWERLEVEL9K_BATTERY_BACKGROUND=0 - - #####################################[ wifi: wifi speed ]##################################### - # WiFi color. - typeset -g POWERLEVEL9K_WIFI_FOREGROUND=0 - typeset -g POWERLEVEL9K_WIFI_BACKGROUND=4 - # Custom icon. - # typeset -g POWERLEVEL9K_WIFI_VISUAL_IDENTIFIER_EXPANSION='⭐' - - # Use different colors and icons depending on signal strength ($P9K_WIFI_BARS). - # - # # Wifi colors and icons for different signal strength levels (low to high). - # typeset -g my_wifi_fg=(0 0 0 0 0) # <-- change these values - # typeset -g my_wifi_icon=('WiFi' 'WiFi' 'WiFi' 'WiFi' 'WiFi') # <-- change these values - # - # typeset -g POWERLEVEL9K_WIFI_CONTENT_EXPANSION='%F{${my_wifi_fg[P9K_WIFI_BARS+1]}}$P9K_WIFI_LAST_TX_RATE Mbps' - # typeset -g POWERLEVEL9K_WIFI_VISUAL_IDENTIFIER_EXPANSION='%F{${my_wifi_fg[P9K_WIFI_BARS+1]}}${my_wifi_icon[P9K_WIFI_BARS+1]}' - # - # The following parameters are accessible within the expansions: - # - # Parameter | Meaning - # ----------------------+--------------- - # P9K_WIFI_SSID | service set identifier, a.k.a. network name - # P9K_WIFI_LINK_AUTH | authentication protocol such as "wpa2-psk" or "none"; empty if unknown - # P9K_WIFI_LAST_TX_RATE | wireless transmit rate in megabits per second - # P9K_WIFI_RSSI | signal strength in dBm, from -120 to 0 - # P9K_WIFI_NOISE | noise in dBm, from -120 to 0 - # P9K_WIFI_BARS | signal strength in bars, from 0 to 4 (derived from P9K_WIFI_RSSI and P9K_WIFI_NOISE) - - ####################################[ time: current time ]#################################### - # Current time color. - typeset -g POWERLEVEL9K_TIME_FOREGROUND=0 - typeset -g POWERLEVEL9K_TIME_BACKGROUND=7 - # Format for the current time: 09:51:02. See `man 3 strftime`. - typeset -g POWERLEVEL9K_TIME_FORMAT='%D{%H:%M:%S}' - # If set to true, time will update when you hit enter. This way prompts for the past - # commands will contain the start times of their commands as opposed to the default - # behavior where they contain the end times of their preceding commands. - typeset -g POWERLEVEL9K_TIME_UPDATE_ON_COMMAND=false - # Custom icon. - typeset -g POWERLEVEL9K_TIME_VISUAL_IDENTIFIER_EXPANSION= - # Custom prefix. - # typeset -g POWERLEVEL9K_TIME_PREFIX='at ' - - # Example of a user-defined prompt segment. Function prompt_example will be called on every - # prompt if `example` prompt segment is added to POWERLEVEL9K_LEFT_PROMPT_ELEMENTS or - # POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS. It displays an icon and yellow text on red background - # greeting the user. - # - # Type `p10k help segment` for documentation and a more sophisticated example. - function prompt_example() { - p10k segment -b 1 -f 3 -i '⭐' -t 'hello, %n' - } - - # User-defined prompt segments may optionally provide an instant_prompt_* function. Its job - # is to generate the prompt segment for display in instant prompt. See - # https://github.com/romkatv/powerlevel10k/blob/master/README.md#instant-prompt. - # - # Powerlevel10k will call instant_prompt_* at the same time as the regular prompt_* function - # and will record all `p10k segment` calls it makes. When displaying instant prompt, Powerlevel10k - # will replay these calls without actually calling instant_prompt_*. It is imperative that - # instant_prompt_* always makes the same `p10k segment` calls regardless of environment. If this - # rule is not observed, the content of instant prompt will be incorrect. - # - # Usually, you should either not define instant_prompt_* or simply call prompt_* from it. If - # instant_prompt_* is not defined for a segment, the segment won't be shown in instant prompt. - function instant_prompt_example() { - # Since prompt_example always makes the same `p10k segment` calls, we can call it from - # instant_prompt_example. This will give us the same `example` prompt segment in the instant - # and regular prompts. - prompt_example - } - - # User-defined prompt segments can be customized the same way as built-in segments. - typeset -g POWERLEVEL9K_EXAMPLE_FOREGROUND=3 - typeset -g POWERLEVEL9K_EXAMPLE_BACKGROUND=1 - # typeset -g POWERLEVEL9K_EXAMPLE_VISUAL_IDENTIFIER_EXPANSION='⭐' - - # Transient prompt works similarly to the builtin transient_rprompt option. It trims down prompt - # when accepting a command line. Supported values: - # - # - off: Don't change prompt when accepting a command line. - # - always: Trim down prompt when accepting a command line. - # - same-dir: Trim down prompt when accepting a command line unless this is the first command - # typed after changing current working directory. - typeset -g POWERLEVEL9K_TRANSIENT_PROMPT=always - - # Instant prompt mode. - # - # - off: Disable instant prompt. Choose this if you've tried instant prompt and found - # it incompatible with your zsh configuration files. - # - quiet: Enable instant prompt and don't print warnings when detecting console output - # during zsh initialization. Choose this if you've read and understood - # https://github.com/romkatv/powerlevel10k/blob/master/README.md#instant-prompt. - # - verbose: Enable instant prompt and print a warning when detecting console output during - # zsh initialization. Choose this if you've never tried instant prompt, haven't - # seen the warning, or if you are unsure what this all means. - typeset -g POWERLEVEL9K_INSTANT_PROMPT=off - - # Hot reload allows you to change POWERLEVEL9K options after Powerlevel10k has been initialized. - # For example, you can type POWERLEVEL9K_BACKGROUND=red and see your prompt turn red. Hot reload - # can slow down prompt by 1-2 milliseconds, so it's better to keep it turned off unless you - # really need it. - typeset -g POWERLEVEL9K_DISABLE_HOT_RELOAD=true - - # If p10k is already loaded, reload configuration. - # This works even with POWERLEVEL9K_DISABLE_HOT_RELOAD=true. - (( ! $+functions[p10k] )) || p10k reload -} - -# Tell `p10k configure` which file it should overwrite. -typeset -g POWERLEVEL9K_CONFIG_FILE=${${(%):-%x}:a} - -(( ${#p10k_config_opts} )) && setopt ${p10k_config_opts[@]} -'builtin' 'unset' 'p10k_config_opts' diff --git a/home/qenya/dconf/default.nix b/home/qenya/dconf/default.nix deleted file mode 100644 index 0fe64e5..0000000 --- a/home/qenya/dconf/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, lib, pkgs, osConfig, ... }: - -# dconf is the configuration manager for GNOME. - -let - isGnome = osConfig.services.xserver.desktopManager.gnome.enable; -in -{ - dconf.enable = isGnome; - - dconf.settings = { - "org/gnome/settings-daemon/plugins/color".night-light-enabled = true; - "org/gnome/desktop/sound".event-sounds = false; - "org/gnome/desktop/sound".allow-volume-above-100-percent = true; - "org/gnome/settings-daemon/plugins/power".power-saver-profile-on-low-battery = true; - }; - - imports = [ - ./desktop.nix - ./keyboard.nix - ./mouse-touchpad.nix - ./multitasking.nix - ./shell.nix - ./wellbeing.nix - ]; -} diff --git a/home/qenya/dconf/desktop.nix b/home/qenya/dconf/desktop.nix deleted file mode 100644 index 4cfbaa7..0000000 --- a/home/qenya/dconf/desktop.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, ... }: - -let inherit (lib) mkIf; -in { - dconf.settings = { - "org/gnome/desktop/background" = { - picture-options = "zoom"; - picture-uri = "${config.home.homeDirectory}/.background-image"; - picture-uri-dark = "${config.home.homeDirectory}/.background-image"; - }; - "org/gnome/desktop/screensaver" = { - picture-options = "zoom"; - picture-uri = "${config.home.homeDirectory}/.background-image"; - }; - "org/gnome/desktop/interface" = { - color-scheme = "prefer-dark"; - enable-hot-corners = false; - }; - }; - home.file.".background-image" = mkIf config.dconf.enable { - source = ./background-image.jpg; - }; -} diff --git a/home/qenya/dconf/keyboard.nix b/home/qenya/dconf/keyboard.nix deleted file mode 100644 index 5271bae..0000000 --- a/home/qenya/dconf/keyboard.nix +++ /dev/null @@ -1,12 +0,0 @@ -# { config, lib, pkgs, ... }: - -{ - dconf.settings = { - "org/gnome/desktop/wm/keybindings" = { - # These are largely useless on most normal systems - # and conflict with VS Code's default keybinds for "Copy Line Up/Down" - move-to-workspace-up = [ ]; - move-to-workspace-down = [ ]; - }; - }; -} diff --git a/home/qenya/dconf/mouse-touchpad.nix b/home/qenya/dconf/mouse-touchpad.nix deleted file mode 100644 index f3fd932..0000000 --- a/home/qenya/dconf/mouse-touchpad.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - dconf.settings = { - "org/gnome/desktop/peripherals/mouse" = { - natural-scroll = false; - }; - "org/gnome/desktop/peripherals/touchpad" = { - click-method = "fingers"; - disable-while-typing = false; - natural-scroll = true; # the correct option, whatever Janet says - tap-to-click = true; - two-finger-scrolling-enabled = true; - }; - }; -} diff --git a/home/qenya/dconf/multitasking.nix b/home/qenya/dconf/multitasking.nix deleted file mode 100644 index 1d93972..0000000 --- a/home/qenya/dconf/multitasking.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - dconf.settings = { - "org/gnome/mutter" = { - edge-tiling = true; - dynamic-workspaces = true; - workspaces-only-on-primary = true; - }; - }; -} diff --git a/home/qenya/dconf/shell.nix b/home/qenya/dconf/shell.nix deleted file mode 100644 index 73672fd..0000000 --- a/home/qenya/dconf/shell.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - dconf.settings = { - "org/gnome/shell" = { - disable-user-extensions = true; - - # TODO: this is fine for now on tohru (the only GNOME system I use) but shouldn't depend on certain apps being installed - favorite-apps = [ - "discord.desktop" - "org.gnome.Evolution.desktop" - "firefox.desktop" - "torbrowser.desktop" - "steam.desktop" - "codium.desktop" - "org.gnome.Console.desktop" - "org.gnome.Nautilus.desktop" - "org.gnome.SystemMonitor.desktop" - ]; - - # TODO: fill this out (needs preinstalled stuff removing first) - # app-picker-layout = [ - # ... - # ]; - }; - }; -} diff --git a/home/qenya/dconf/wellbeing.nix b/home/qenya/dconf/wellbeing.nix deleted file mode 100644 index b547b0f..0000000 --- a/home/qenya/dconf/wellbeing.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, lib, pkgs, ... }: - -# These features are cool and I would like to keep trying them, but they are -# horribly bugged in GNOME 48.1. Consider re-enabling them when 48.2 is -# released. See, e.g.: -# https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/8289 -# https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/8299 -# https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/8305 -# https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/8376 -# https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/8398 - -{ - dconf.settings = { - # "org/gnome/desktop/screen-time-limits".daily-limit-enabled = true; - # "org/gnome/desktop/break-reminders".selected-breaks = [ "eyesight" "movement" ]; - "org/gnome/desktop/screen-time-limits".daily-limit-enabled = false; - "org/gnome/desktop/break-reminders".selected-breaks = [ ]; - }; -} diff --git a/home/qenya/feishin.nix b/home/qenya/feishin.nix deleted file mode 100644 index e3c7360..0000000 --- a/home/qenya/feishin.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ config, lib, pkgs, osConfig, ... }: - -# Feishin ideally wants to see mpv at runtime, but this isn't catered for by -# the derivation in nixpkgs as it isn't strictly necessary. -# An easier way to do this would be to write mpv's full nix store path to -# Feishin's config. But Feishin has one JSON file for config and state, and -# we'd rather not overwrite the latter. Until and unless home-manager grows -# support for partially patching files, we live with this. - -let - inherit (lib) mkIf; - isGraphical = osConfig.services.xserver.enable; -in -{ - home.packages = mkIf isGraphical [ - (pkgs.feishin.overrideAttrs (originalAttrs: { - buildInputs = originalAttrs.buildInputs ++ [ pkgs.mpv ]; - postFixup = '' - ${originalAttrs.postFixup or ""} - wrapProgram $out/bin/feishin --prefix PATH : ${lib.makeBinPath [ pkgs.mpv ]} - ''; - })) - ]; -} diff --git a/home/qenya/firefox.nix b/home/qenya/firefox.nix deleted file mode 100644 index 603208a..0000000 --- a/home/qenya/firefox.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ config, lib, pkgs, osConfig, inputs, ... }: - -let - inherit (lib) mkIf; - isGraphical = osConfig.services.xserver.enable; -in -{ - programs.firefox = lib.mkIf isGraphical { - enable = true; - languagePacks = [ "en-GB" ]; - - profiles.default = { - extensions.packages = with inputs.firefox-addons.packages.${pkgs.hostPlatform.system}; [ - bitwarden - ublock-origin - ]; - - settings = { - "browser.startup.page" = 3; # resume previous session - "browser.newtabpage.activity-stream.showSponsored" = false; - "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; - - # disable telemetry - "datareporting.healthreport.uploadEnabled" = false; - "app.shield.optoutstudies.enabled" = false; - "browser.crashReports.unsubmittedCheck.autoSubmit2" = false; - - # disable prefetch? - - # DNS over HTTPS - "network.trr.custom_uri" = "https://base.dns.mullvad.net/dns-query"; - "network.trr.excluded-domains" = "detectportal.firefox.com"; - "network.trr.mode" = 3; - "network.trr.uri" = "https://base.dns.mullvad.net/dns-query"; - - "browser.search.suggest.enabled" = false; - "browser.urlbar.suggest.searches" = false; - - "dom.security.https_only_mode" = true; - "browser.contentblocking.category" = "strict"; # Enhanced Tracking Protection - # I think these are implied by the above - # "privacy.donottrackheader.enabled" = true; - # "privacy.trackingprotection.enabled" = true; - # "privacy.trackingprotection.emailtracking.enabled" = true; - # "privacy.trackingprotection.socialtracking.enabled" = true; - - "privacy.sanitize.sanitizeOnShutdown" = true; - "privacy.clearOnShutdown_v2.historyFormDataAndDownloads" = false; - - "dom.private-attribution.submission.enabled" = false; # disable "Privacy-Preserving Attribution for Advertising" - "extensions.autoDisableScopes" = 0; # automatically enable extensions installed through nix - - # external password manager - "signon.rememberSignons" = false; - "extensions.formautofill.creditCards.enabled" = false; - }; - }; - }; -} diff --git a/home/qenya/fonts.nix b/home/qenya/fonts.nix deleted file mode 100644 index e1b418f..0000000 --- a/home/qenya/fonts.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, lib, pkgs, osConfig, ... }: - -let - inherit (lib) mkIf; - isGraphical = osConfig.services.xserver.enable; -in -mkIf isGraphical { - fonts.fontconfig = { - enable = true; - }; - - home.packages = with pkgs; [ - meslo-lgs-nf - ]; - - programs.vscode.profiles.default.userSettings."terminal.integrated.fontFamily" = "MesloLGS NF"; -} diff --git a/home/qenya/packages.nix b/home/qenya/packages.nix deleted file mode 100644 index df281b6..0000000 --- a/home/qenya/packages.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ config, lib, pkgs, osConfig, ... }: - -let - inherit (lib) optionals; - isGraphical = osConfig.services.xserver.enable; - isGnome = osConfig.services.xserver.desktopManager.gnome.enable; - isPlasma = osConfig.services.desktopManager.plasma6.enable || osConfig.services.xserver.desktopManager.plasma5.enable; -in -{ - home.packages = with pkgs; [ - eza # like `ls` but fancier - hexyl # like `xxd` but cooler - ripgrep # like `grep` but faster - tree # like `ls -R` but nicer - units - zip - unzip - - # Extremely important - fortune - cowsay - lolcat - ] ++ optionals isGraphical [ - bitwarden - discord - gimp-with-plugins - jellyfin-media-player - tor-browser-bundle-bin - zoom-us - - # libreoffice - libreoffice - hunspell - hunspellDicts.en_GB-ise - ] ++ optionals isGnome [ - celluloid - ] ++ optionals isPlasma [ - haruna - ]; -} diff --git a/home/qenya/vscode.nix b/home/qenya/vscode.nix deleted file mode 100644 index 568913d..0000000 --- a/home/qenya/vscode.nix +++ /dev/null @@ -1,87 +0,0 @@ -{ config, lib, pkgs, osConfig, ... }: - -let - inherit (lib) mkIf mkDefault; - isGraphical = osConfig.services.xserver.enable; -in -{ - programs.vscode = mkIf isGraphical { - enable = true; - package = pkgs.vscodium; - mutableExtensionsDir = false; - profiles.default = { - enableExtensionUpdateCheck = false; - enableUpdateCheck = false; - extensions = with pkgs.vscode-extensions; [ - charliermarsh.ruff - dbaeumer.vscode-eslint - eamodio.gitlens - golang.go - jdinhlife.gruvbox - jnoortheen.nix-ide - matangover.mypy - mkhl.direnv - ms-python.black-formatter - ms-python.python - rust-lang.rust-analyzer - vadimcn.vscode-lldb - ]; - userSettings = { - "css.format.spaceAroundSelectorSeparator" = true; - "css.format.newlineBetweenSelectors" = false; - "debug.allowBreakpointsEverywhere" = true; - "extensions.autoUpdate" = false; - "files.insertFinalNewline" = true; - "git.autofetch" = true; - "git.confirmSync" = false; - "git.enableSmartCommit" = true; - "git.inputValidation" = true; - "git.inputValidationSubjectLength" = null; - "javascript.updateImportsOnFileMove.enabled" = "always"; - "nix.enableLanguageServer" = true; - "nix.serverPath" = "${pkgs.nil}/bin/nil"; - "nix.serverSettings".nil = { - diagnostics.ignored = [ "unused_binding" "unused_with" ]; - formatting.command = [ "${pkgs.nixpkgs-fmt}/bin/nixpkgs-fmt" ]; - nix.flake.autoArchive = true; - }; - "rust-analyzer.check.command" = "clippy"; - "terminal.integrated.allowChords" = false; - "terminal.integrated.defaultProfile.linux" = "zsh"; - "workbench.colorTheme" = "Gruvbox Dark Medium"; - - "[go]" = { - "editor.defaultFormatter" = "golang.go"; - "editor.formatOnSave" = false; - }; - "go.alternateTools" = { - "go" = "${pkgs.go}/bin/go"; - "golangci-lint" = "${pkgs.golangci-lint}/bin/golangci-lint"; - "gopls" = "${pkgs.gopls}/bin/gopls"; - "dlv" = "${pkgs.delve}/bin/dlv"; - "staticcheck" = "${pkgs.go-tools}/bin/staticcheck"; - }; - "go.lintTool" = "golangci-lint"; - "go.toolsManagement.checkForUpdates" = "off"; - "gopls" = { - "formatting.gofumpt" = true; - "ui.semanticTokens" = true; - }; - - "[python]" = { - "editor.defaultFormatter" = "ms-python.black-formatter"; - "editor.formatOnSave" = true; - "editor.codeActionsOnSave" = { - "source.fixAll" = "explicit"; - "source.organizeImports" = "explicit"; - }; - }; - "python.createEnvironment.contentButton" = "show"; - "python.defaultInterpreterPath" = "${pkgs.python3}/bin/python"; - "ruff.nativeServer" = "on"; - "ruff.path" = [ "${pkgs.ruff}/bin/ruff" ]; - "mypy.dmypyExecutable" = "${pkgs.mypy}/bin/dmypy"; - }; - }; - }; -} diff --git a/home/qenya/xdg-mime-apps.nix b/home/qenya/xdg-mime-apps.nix deleted file mode 100644 index b16f234..0000000 --- a/home/qenya/xdg-mime-apps.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, pkgs, osConfig, ... }: - -let - isGraphical = osConfig.services.xserver.enable; -in -{ - xdg.mimeApps = { - enable = isGraphical; - defaultApplications = { - "application/pdf" = [ "org.gnome.Evince.desktop" "org.kde.okular.desktop" ]; - "application/zip" = [ "org.gnome.FileRoller.desktop" "org.kde.ark.desktop" ]; - "image/gif" = [ "org.gnome.Loupe.desktop" "org.kde.gwenview.desktop" ]; - "image/jpeg" = [ "org.gnome.Loupe.desktop" "org.kde.gwenview.desktop" ]; - "image/png" = [ "org.gnome.Loupe.desktop" "org.kde.gwenview.desktop" ]; - "text/plain" = [ "org.gnome.TextEditor.desktop" "org.kde.kate.desktop" ]; - "x-scheme-handler/http" = "firefox.desktop"; - "x-scheme-handler/https" = "firefox.desktop"; - "x-scheme-handler/mailto" = "org.gnome.Evolution.desktop"; # TODO: email on KDE - is Kontact any good? - }; - }; -} diff --git a/home/qenya/tmux.nix b/home/tmux.nix similarity index 100% rename from home/qenya/tmux.nix rename to home/tmux.nix diff --git a/home/vscode.nix b/home/vscode.nix new file mode 100644 index 0000000..80c4389 --- /dev/null +++ b/home/vscode.nix @@ -0,0 +1,63 @@ +{ config, lib, pkgs, osConfig, ... }: + +let + inherit (lib) mkIf; + inherit (pkgs) fetchFromGitHub; + inherit (osConfig.nixpkgs.hostPlatform) system; + extensions = + (import (fetchFromGitHub { + # On a stable channel, do NOT keep this up-to-date! VS Code extensions + # have breaking changes more frequently than the NixOS release cadence. + owner = "nix-community"; + repo = "nix-vscode-extensions"; + rev = "27ce569a199d2da1a8483fe3d69dd41664da3a63"; + hash = "sha256-yyB4Kh3EFbYP+1JHza/IEeHwABypcYVi6vvWTmad/rY="; + })).extensions.${system}; +in +{ + programs.vscode = { + enableExtensionUpdateCheck = false; + enableUpdateCheck = false; + package = pkgs.vscodium; + extensions = with extensions.open-vsx; [ + golang.go + jdinhlife.gruvbox + jnoortheen.nix-ide + ms-python.python + ]; + mutableExtensionsDir = false; + userSettings = { + "[go]" = { + "editor.defaultFormatter" = "golang.go"; + "editor.formatOnSave" = false; + }; + "extensions.autoUpdate" = false; + "git.autofetch" = true; + "git.confirmSync" = false; + "git.enableSmartCommit" = true; + "git.inputValidation" = true; + "git.inputValidationSubjectLength" = null; + "gopls" = { + "formatting.gofumpt" = true; + "ui.semanticTokens" = true; + }; + "javascript.updateImportsOnFileMove.enabled" = "always"; + "nix.enableLanguageServer" = true; + "nix.serverPath" = "nil"; + "nix.serverSettings".nil = { + diagnostics.ignored = [ "unused_binding" "unused_with" ]; + formatting.command = [ "nixpkgs-fmt" ]; + }; + "terminal.integrated.allowChords" = false; + "terminal.integrated.defaultProfile.linux" = "zsh"; + "workbench.colorTheme" = "Gruvbox Dark Hard"; + }; + }; + + # Language servers etc + home.packages = mkIf config.programs.vscode.enable (with pkgs; [ + gopls + nil + nixpkgs-fmt + ]); +} diff --git a/home/qenya/zsh.nix b/home/zsh.nix similarity index 55% rename from home/qenya/zsh.nix rename to home/zsh.nix index e7e550b..f6ded78 100644 --- a/home/qenya/zsh.nix +++ b/home/zsh.nix @@ -1,7 +1,6 @@ { config, lib, pkgs, ... }: { - home.packages = with pkgs; [ direnv ]; programs.zsh = { enable = true; enableCompletion = true; @@ -11,12 +10,7 @@ shellAliases = { ll = "ls -l"; - - # don't clobber - mv = "mv -i"; - rename = "rename -i"; - - nix-shell = ''nix-shell --command "zsh"''; + nix-shell = ''nix-shell --command "zsh"''; # TODO: tweak theme to display something when inside nix-shell }; history = { @@ -27,15 +21,10 @@ oh-my-zsh = { enable = true; - plugins = [ "git" "sudo" "direnv" ]; - theme = ""; # defer to powerlevel10k + plugins = [ "git" "sudo" ]; + theme = "agnoster"; }; - initContent = '' - source ${pkgs.zsh-powerlevel10k}/share/zsh-powerlevel10k/powerlevel10k.zsh-theme - source ${./.p10k.zsh} - ''; - envExtra = '' DEFAULT_USER=qenya ''; diff --git a/hosts/elucredassa/default.nix b/hosts/elucredassa/default.nix deleted file mode 100644 index 97aba67..0000000 --- a/hosts/elucredassa/default.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ config, lib, pkgs, inputs, ... }: - -let - inherit (lib) mkForce; -in -{ - imports = [ - ./filesystems.nix - ./hardware.nix - ./networking.nix - ]; - - nixpkgs.hostPlatform = "x86_64-linux"; - networking.hostName = "elucredassa"; - networking.hostId = "a8ec6755"; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; - - qenya.base-server.enable = true; - - i18n.defaultLocale = "en_GB.UTF-8"; - console.keyMap = "uk"; - services.xserver.xkb.layout = "gb"; - - # These are populated by fountain.backup - randomcat.services.zfs.datasets = { - "rpool_elucredassa/backup" = { mountpoint = "none"; }; - "rpool_elucredassa/backup/kalessin" = { mountpoint = "none"; }; - "rpool_elucredassa/backup/orm" = { mountpoint = "none"; }; - }; - - qenya.services.distributed-builds = { - enable = true; - keyFile = "/etc/ssh/ssh_host_ed25519_key"; - builders = [ "kilgharrah" ]; - }; - - fountain.users.qenya.enable = true; - fountain.admins = [ "qenya" ]; - - system.stateVersion = "24.11"; -} diff --git a/hosts/elucredassa/filesystems.nix b/hosts/elucredassa/filesystems.nix deleted file mode 100644 index 40de941..0000000 --- a/hosts/elucredassa/filesystems.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - boot.initrd.luks.devices = { - "luks-rpool-elucredassa".device = "/dev/disk/by-uuid/5ece5b58-c57a-41ae-b086-03707c39c9a7"; - }; - - fileSystems = { - "/" = { - device = "rpool_elucredassa/root"; - fsType = "zfs"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/2519-E2D6"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - }; - - swapDevices = [{ device = "/dev/disk/by-uuid/c7c48325-e90d-414d-b579-84cb45616ee9"; }]; - - boot.supportedFilesystems = [ "ntfs" ]; # for USB drives -} diff --git a/hosts/elucredassa/hardware.nix b/hosts/elucredassa/hardware.nix deleted file mode 100644 index aca6ddc..0000000 --- a/hosts/elucredassa/hardware.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - hardware.enableAllFirmware = true; - hardware.cpu.intel.updateMicrocode = true; - services.fwupd.enable = true; - - # this is an old laptop - services.logind.lidSwitch = "ignore"; -} - diff --git a/hosts/elucredassa/networking.nix b/hosts/elucredassa/networking.nix deleted file mode 100644 index 82b4e96..0000000 --- a/hosts/elucredassa/networking.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - systemd.network.enable = true; - networking.useDHCP = false; - - systemd.network.networks."10-wan" = { - matchConfig.Name = "enp1s0f1"; - networkConfig = { - DHCP = "ipv4"; - IPv6AcceptRA = true; - Tunnel = "sit-he-ipv6"; - }; - linkConfig.RequiredForOnline = "routable"; - }; - - systemd.network.netdevs."25-he-ipv6" = { - netdevConfig = { - Name = "sit-he-ipv6"; - Kind = "sit"; - Description = "Hurricane Electric IPv6 Tunnel"; - MTUBytes = 1480; - }; - - tunnelConfig = { - Remote = "216.66.88.98"; - TTL = 255; - }; - }; - - systemd.network.networks."25-he-ipv6" = { - matchConfig.Name = "sit-he-ipv6"; - networkConfig.Address = [ "2001:470:1f1c:3e::2/64" ]; - routes = [{ Destination = [ "::/0" ]; }]; - }; -} diff --git a/hosts/kalessin/configuration.nix b/hosts/kalessin/configuration.nix new file mode 100644 index 0000000..84c9f82 --- /dev/null +++ b/hosts/kalessin/configuration.nix @@ -0,0 +1,12 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + system.stateVersion = "23.11"; +} diff --git a/hosts/kalessin/default.nix b/hosts/kalessin/default.nix deleted file mode 100644 index 2ff3476..0000000 --- a/hosts/kalessin/default.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - keys = import ../../keys.nix; -in -{ - imports = [ - ./hardware-configuration.nix - ./networking.nix - ]; - - nixpkgs.hostPlatform = "aarch64-linux"; - networking.hostName = "kalessin"; - networking.hostId = "534b538e"; - - fountain.users.qenya.enable = true; - fountain.users.randomcat.enable = true; - fountain.users.trungle.enable = true; - fountain.admins = [ "qenya" "randomcat" ]; - - qenya.base-server.enable = true; - - qenya.services.remote-builder = { - enable = true; - authorizedKeys.keys = [ ]; - }; - - randomcat.services.zfs.datasets = { - "rpool_kalessin/state" = { mountpoint = "none"; }; - "rpool_kalessin/state/headscale" = { mountpoint = "/var/lib/headscale"; }; - "rpool_kalessin/state/owncast" = { mountpoint = "/var/lib/owncast"; }; - }; - - services.sanoid.datasets."rpool_kalessin/state" = { - useTemplate = [ "production" ]; - recursive = "zfs"; - }; - - qenya.services.owncast = { - enable = true; - domain = "live.qenya.tel"; - dataDir = "/var/lib/owncast"; - }; - - qenya.services.headscale = { - enable = true; - domain = "headscale.unspecified.systems"; - dataDir = "/var/lib/headscale"; - }; - - system.stateVersion = "23.11"; -} diff --git a/hosts/kalessin/hardware-configuration.nix b/hosts/kalessin/hardware-configuration.nix index 1007f6f..8e0fb17 100644 --- a/hosts/kalessin/hardware-configuration.nix +++ b/hosts/kalessin/hardware-configuration.nix @@ -35,4 +35,13 @@ }; swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s6.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; } diff --git a/hosts/kalessin/networking.nix b/hosts/kalessin/networking.nix deleted file mode 100644 index 3c27781..0000000 --- a/hosts/kalessin/networking.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - networking.useNetworkd = true; - networking.interfaces.enp0s6.useDHCP = true; -} diff --git a/hosts/kilgharrah/backup.nix b/hosts/kilgharrah/backup.nix deleted file mode 100644 index efa72f9..0000000 --- a/hosts/kilgharrah/backup.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - services.sanoid.datasets."rpool_albion/state" = { - useTemplate = [ "production" ]; - recursive = "zfs"; - }; -} \ No newline at end of file diff --git a/hosts/kilgharrah/default.nix b/hosts/kilgharrah/default.nix deleted file mode 100644 index 87505c6..0000000 --- a/hosts/kilgharrah/default.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - keys = import ../../keys.nix; -in -{ - imports = [ - ./backup.nix - ./filesystems.nix - ./hardware.nix - ./networking.nix - ./plasma.nix - - ./ftp.nix - ]; - - nixpkgs.hostPlatform = "x86_64-linux"; - networking.hostName = "kilgharrah"; - networking.hostId = "72885bb5"; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; - boot.kernelModules = [ "kvm-intel" ]; - - qenya.base-graphical.enable = true; - - time.timeZone = "Europe/London"; - i18n.defaultLocale = "en_GB.UTF-8"; - console.keyMap = "uk"; - services.xserver.xkb.layout = "gb"; - - fountain.users.qenya.enable = true; - age.secrets.user-password-kilgharrah-qenya.file = ../../secrets/user-password-kilgharrah-qenya.age; - users.users.qenya.hashedPasswordFile = config.age.secrets.user-password-kilgharrah-qenya.path; - fountain.admins = [ "qenya" ]; - home-manager.users.qenya = { pkgs, ... }: { - home.packages = with pkgs; [ obs-studio ]; - }; - - qenya.services.remote-builder = { - enable = true; - authorizedKeys.keys = [ - keys.machines.yevaud - keys.machines.orm - keys.machines.tohru - keys.machines.elucredassa - ]; - }; - - programs.steam.enable = true; - qenya.services.audiobookshelf = { - enable = true; - domain = "audiobookshelf.qenya.tel"; - }; - qenya.services.jellyfin = { - enable = true; - domain = "jellyfin.qenya.tel"; - }; - qenya.services.navidrome = { - enable = true; - domain = "music.qenya.tel"; - dataDir = "/srv/music"; - }; - - system.stateVersion = "24.05"; - -} diff --git a/hosts/kilgharrah/filesystems.nix b/hosts/kilgharrah/filesystems.nix deleted file mode 100644 index 9ebc758..0000000 --- a/hosts/kilgharrah/filesystems.nix +++ /dev/null @@ -1,93 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - # SSD on board - - boot.initrd.luks.devices = { - "cryptroot".device = "/dev/disk/by-uuid/b414aaba-0a36-4135-a7e1-dc9489286acd"; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/ad4cbc18-8849-40ed-b0bf-097f8f46346b"; - fsType = "btrfs"; - options = [ "subvol=@" "compress=zstd" ]; - }; - "/home" = { - device = "/dev/disk/by-uuid/ad4cbc18-8849-40ed-b0bf-097f8f46346b"; - fsType = "btrfs"; - options = [ "subvol=@home" "compress=zstd" ]; - }; - "/nix" = { - device = "/dev/disk/by-uuid/ad4cbc18-8849-40ed-b0bf-097f8f46346b"; - fsType = "btrfs"; - options = [ "subvol=@nix" "compress=zstd" "noatime" ]; - }; - "/swap" = { - device = "/dev/disk/by-uuid/ad4cbc18-8849-40ed-b0bf-097f8f46346b"; - fsType = "btrfs"; - options = [ "subvol=@swap" "noatime" ]; - }; - "/root" = { - device = "/dev/disk/by-uuid/ad4cbc18-8849-40ed-b0bf-097f8f46346b"; - fsType = "btrfs"; - options = [ "subvol=@root" "compress=zstd" ]; - }; - "/srv" = { - device = "/dev/disk/by-uuid/ad4cbc18-8849-40ed-b0bf-097f8f46346b"; - fsType = "btrfs"; - options = [ "subvol=@srv" "compress=zstd" ]; - }; - "/var/cache" = { - device = "/dev/disk/by-uuid/ad4cbc18-8849-40ed-b0bf-097f8f46346b"; - fsType = "btrfs"; - options = [ "subvol=@cache" "compress=zstd" "noatime" ]; - }; - "/var/tmp" = { - device = "/dev/disk/by-uuid/ad4cbc18-8849-40ed-b0bf-097f8f46346b"; - fsType = "btrfs"; - options = [ "subvol=@tmp" "compress=zstd" "noatime" ]; - }; - "/var/log" = { - device = "/dev/disk/by-uuid/ad4cbc18-8849-40ed-b0bf-097f8f46346b"; - fsType = "btrfs"; - options = [ "subvol=@log" "compress=zstd" "noatime" ]; - }; - "/boot" = { - device = "/dev/disk/by-uuid/9582-E78D"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; - }; - - swapDevices = [{ - device = "/swap/swapfile"; - size = 32 * 1024; - }]; - - - # HDD in bay - - environment.etc.crypttab.text = '' - albion UUID=8a924f24-9b65-4f05-aeda-5b4080cc7aa1 /root/luks-albion.key - ''; - - randomcat.services.zfs.datasets = { - "rpool_albion/data" = { mountpoint = "none"; }; - "rpool_albion/data/steam" = { mountpoint = "/home/qenya/.local/share/Steam"; }; - "rpool_albion/state" = { mountpoint = "none"; }; - "rpool_albion/state/audiobookshelf" = { mountpoint = "/var/lib/audiobookshelf"; }; - "rpool_albion/state/jellyfin" = { mountpoint = "/var/lib/jellyfin"; }; - "rpool_albion/state/navidrome" = { mountpoint = "/var/lib/navidrome"; }; - "rpool_albion/srv" = { mountpoint = "none"; }; - "rpool_albion/srv/audiobookshelf" = { mountpoint = "/srv/audiobookshelf"; }; - "rpool_albion/srv/ftp" = { mountpoint = "/srv/ftp"; }; - "rpool_albion/srv/jellyfin" = { mountpoint = "/srv/jellyfin"; }; - "rpool_albion/srv/music" = { mountpoint = "/srv/music"; }; - }; - - - # Other - - boot.supportedFilesystems = [ "ntfs" "zfs" ]; -} diff --git a/hosts/kilgharrah/ftp.nix b/hosts/kilgharrah/ftp.nix deleted file mode 100644 index 4164679..0000000 --- a/hosts/kilgharrah/ftp.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - age.secrets.ftp-userDb-qenya = { - # To update this, see the nixos docs for services.vsftpd.userDbPath. Note - # that the command it gives to create a userDb, if applied to an *existing* - # userDb, will *add* the entries from the source file, overwriting any - # entries with the same username but leaving other existing entries intact. - # Also note the database format does not salt hashes. - file = ../../secrets/ftp-userDb-qenya.age; - - # we have to specify this manually because pam_userdb strips the extension - path = "/etc/vsftpd/userDb.db"; - }; - - services.vsftpd = { - enable = true; - localUsers = true; - forceLocalLoginsSSL = true; - forceLocalDataSSL = true; - rsaCertFile = "${config.security.acme.certs."ftp.qenya.tel".directory}/fullchain.pem"; - rsaKeyFile = "${config.security.acme.certs."ftp.qenya.tel".directory}/key.pem"; - - enableVirtualUsers = true; - userlistDeny = false; # turn userlist from a denylist into an allowlist - userlist = [ "qenya" ]; # this is just a list of the users in the userDb - userDbPath = "/etc/vsftpd/userDb"; - - localRoot = "/srv/ftp"; - - extraConfig = '' - # nothing in the default cipher suite is enabled in modern ssl clients! - ssl_ciphers=HIGH - - # set this to something firewallable - pasv_min_port=51000 - pasv_max_port=51099 - - # don't bother with upgrading to TLS, just listen on FTPS only - implicit_ssl=YES - listen_port=990 - ''; - }; - - services.nginx = { - enable = true; - virtualHosts = { - "ftp.qenya.tel" = { - forceSSL = true; - useACMEHost = "ftp.qenya.tel"; - locations."/".return = "503"; - }; - }; - }; - - security.acme.certs = { - "ftp.qenya.tel" = { - webroot = "/var/lib/acme/acme-challenge"; - group = "acme_ftp.qenya.tel"; - }; - }; - - users.groups."acme_ftp.qenya.tel".members = [ - "vsftpd" # not configurable in the vsftpd nixos module - config.services.nginx.group - ]; - - networking.firewall.allowedTCPPorts = [ 990 80 443 ]; - networking.firewall.allowedTCPPortRanges = [{ from = 51000; to = 51099; }]; -} diff --git a/hosts/kilgharrah/hardware.nix b/hosts/kilgharrah/hardware.nix deleted file mode 100644 index 0583c64..0000000 --- a/hosts/kilgharrah/hardware.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - hardware.enableAllFirmware = true; - hardware.cpu.intel.updateMicrocode = true; - services.fwupd.enable = true; - - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.nvidia.open = false; - - # # Downgrade to driver version 535 as 550 has problems with Wayland - # hardware.nvidia.package = - # let - # rcu_patch = pkgs.fetchpatch { - # url = "https://github.com/gentoo/gentoo/raw/c64caf53/x11-drivers/nvidia-drivers/files/nvidia-drivers-470.223.02-gpl-pfn_valid.patch"; - # hash = "sha256-eZiQQp2S/asE7MfGvfe6dA/kdCvek9SYa/FFGp24dVg="; - # }; - # in - # config.boot.kernelPackages.nvidiaPackages.mkDriver { - # version = "535.154.05"; - # sha256_64bit = "sha256-fpUGXKprgt6SYRDxSCemGXLrEsIA6GOinp+0eGbqqJg="; - # sha256_aarch64 = "sha256-G0/GiObf/BZMkzzET8HQjdIcvCSqB1uhsinro2HLK9k="; - # openSha256 = "sha256-wvRdHguGLxS0mR06P5Qi++pDJBCF8pJ8hr4T8O6TJIo="; - # settingsSha256 = "sha256-9wqoDEWY4I7weWW05F4igj1Gj9wjHsREFMztfEmqm10="; - # persistencedSha256 = "sha256-d0Q3Lk80JqkS1B54Mahu2yY/WocOqFFbZVBh+ToGhaE="; - # patches = [ rcu_patch ]; - # }; - - services.printing.drivers = [ pkgs.hplip ]; - - # enable playing from bluray drive - boot.kernelModules = [ "sg" ]; - environment.systemPackages = [ - ((pkgs.vlc.override { - libbluray = (pkgs.libbluray.override { - withJava = true; - withAACS = true; - withBDplus = true; - }); - }).overrideAttrs (originalAttrs: { - buildInputs = originalAttrs.buildInputs ++ [ pkgs.libdvdcss ]; - # TODO: nixpkgs bug: libbluray needs patching to look at the nix store path of jdk17 when searching for a jdk - # as a workaround, wrap vlc and set JAVA_HOME, which it uses instead of searching when specified - nativeBuildInputs = originalAttrs.nativeBuildInputs ++ [ pkgs.makeWrapper ]; - postFixup = '' - ${originalAttrs.postFixup or ""} - wrapProgram $out/bin/vlc --set JAVA_HOME ${pkgs.jdk17.home} - ''; - })) - ]; -} diff --git a/hosts/kilgharrah/networking.nix b/hosts/kilgharrah/networking.nix deleted file mode 100644 index 2db377f..0000000 --- a/hosts/kilgharrah/networking.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - systemd.network.enable = true; - networking.useDHCP = false; - - systemd.network.networks."10-wan" = { - matchConfig.Name = "enp2s0"; - networkConfig = { - DHCP = "ipv4"; - IPv6AcceptRA = true; - }; - linkConfig.RequiredForOnline = "routable"; - }; -} diff --git a/hosts/kilgharrah/plasma.nix b/hosts/kilgharrah/plasma.nix deleted file mode 100644 index dba5270..0000000 --- a/hosts/kilgharrah/plasma.nix +++ /dev/null @@ -1,109 +0,0 @@ -{ config, lib, pkgs, inputs, ... }: - -let - inherit (lib) mkForce; -in -{ - services.xserver.displayManager.gdm.enable = mkForce false; - services.xserver.desktopManager.gnome.enable = mkForce false; - services.displayManager.sddm.enable = true; - services.displayManager.sddm.wayland.enable = true; - services.desktopManager.plasma6.enable = true; - - environment.systemPackages = with pkgs; [ - (catppuccin-kde.override { - flavour = [ "mocha" ]; - accents = [ "mauve" ]; - winDecStyles = [ "modern" ]; - }) - ]; - - home-manager.users.qenya = { pkgs, ... }: { - imports = [ - inputs.plasma-manager.homeManagerModules.plasma-manager - ]; - - programs.plasma = { - enable = true; - overrideConfig = true; - - workspace = { - lookAndFeel = "Catppuccin-Mocha-Mauve"; - colorScheme = "CatppuccinMochaMauve"; - splashScreen.engine = "KSplashQML"; - splashScreen.theme = "Catppuccin-Mocha-Mauve"; - windowDecorations.library = "org.kde.kwin.aurorae"; - windowDecorations.theme = "__aurorae__svg__CatppuccinMocha-Modern"; - }; - - # For the moment, this hosts some network-accessible services, so we want it on 24/7 - powerdevil.AC.autoSuspend.action = "nothing"; - - panels = [ - # Dock - { - height = 49; # 41 * 1.2 - lengthMode = "fit"; - location = "bottom"; - alignment = "center"; - hiding = "dodgewindows"; - widgets = [{ - name = "org.kde.plasma.icontasks"; - config.General = { - fill = false; - iconSpacing = 2; - launchers = lib.concatStringsSep "," [ - "applications:firefox.desktop" - "applications:codium.desktop" - "applications:steam.desktop" - "applications:discord.desktop" - "applications:com.obsproject.Studio.desktop" - "applications:org.kde.dolphin.desktop" - "applications:org.kde.konsole.desktop" - "applications:org.kde.plasma-systemmonitor.desktop" - ]; - maxStripes = 1; - showOnlyCurrentDesktop = false; - showOnlyCurrentScreen = false; - }; - }]; - screen = "all"; - } - - # Top bar - { - height = 29; # 24 * 1.2 - location = "top"; - alignment = "left"; - floating = false; - widgets = [ - { - name = "org.kde.plasma.kickoff"; - config.General = { - lengthFirstMargin = 7; - }; - } - { name = "org.kde.plasma.panelspacer"; } - { - name = "org.kde.plasma.digitalclock"; - config.Appearance = { - autoFontAndSize = false; - customDateFormat = "dddd, d MMM"; - dateDisplayFormat = "BesideTime"; - dateFormat = "custom"; - fontFamily = "Inter"; - fontStyleName = "Bold"; - fontWeight = 700; - boldText = true; - showWeekNumbers = true; - }; - } - { name = "org.kde.plasma.panelspacer"; } - { name = "org.kde.plasma.systemtray"; } - ]; - screen = "all"; - } - ]; - }; - }; -} diff --git a/hosts/orm/configuration.nix b/hosts/orm/configuration.nix new file mode 100644 index 0000000..1403b3d --- /dev/null +++ b/hosts/orm/configuration.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + age.secrets.wireguard-peer-orm.file = ../../secrets/wireguard-peer-orm.age; + + birdsong.peering = { + enable = true; + privateKeyFile = config.age.secrets.wireguard-peer-orm.path; + }; + + system.stateVersion = "23.11"; +} diff --git a/hosts/orm/default.nix b/hosts/orm/default.nix deleted file mode 100644 index dc696e9..0000000 --- a/hosts/orm/default.nix +++ /dev/null @@ -1,69 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ./hardware-configuration.nix - ./networking.nix - ]; - - nixpkgs.hostPlatform = "x86_64-linux"; - networking.hostName = "orm"; - networking.hostId = "00000000"; - - fountain.users.qenya.enable = true; - fountain.admins = [ "qenya" ]; - qenya.base-server.enable = true; - - qenya.services.distributed-builds = { - enable = true; - keyFile = "/etc/ssh/ssh_host_ed25519_key"; - builders = [ "kilgharrah" ]; - }; - nix.settings.max-jobs = 0; - - randomcat.services.zfs.datasets = { - "rpool_orm/state" = { mountpoint = "none"; }; - "rpool_orm/state/actual" = { mountpoint = "/var/lib/private/actual"; }; - "rpool_orm/state/postgresql" = { mountpoint = "/var/lib/postgresql"; }; - }; - - services.sanoid.datasets."rpool_orm/state" = { - useTemplate = [ "production" ]; - recursive = "zfs"; - }; - - services.postgresql = { - enable = true; - package = pkgs.postgresql_17; - dataDir = "/var/lib/postgresql/17"; - # managing imperatively instead of using ensureDatabases/ensureUsers - - enableTCPIP = true; - settings = { - port = 5432; - # TODO: fix SSL - # ssl = true; - }; - # only allow remote connections from within Tailscale - authentication = pkgs.lib.mkOverride 10 '' - #type database DBuser auth-method - local all all trust # used by nixos for local monitoring - host sameuser all 100.64.0.0/10 scram-sha-256 - host sameuser all fd7a:115c:a1e0::/48 scram-sha-256 - ''; - }; - networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 5432 ]; - - qenya.services.actual = { - enable = true; - domain = "actual.unspecified.systems"; - }; - fountain.services.web-redirect = { - enable = true; - domains = { - "actual.qenya.tel" = "actual.unspecified.systems"; - }; - }; - - system.stateVersion = "23.11"; -} diff --git a/hosts/orm/hardware-configuration.nix b/hosts/orm/hardware-configuration.nix index 34ef7b3..11459e7 100644 --- a/hosts/orm/hardware-configuration.nix +++ b/hosts/orm/hardware-configuration.nix @@ -37,4 +37,13 @@ swapDevices = [ { device = "/dev/disk/by-uuid/a0ac8f60-25f9-4dec-af70-e3f4cd36c575"; } ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } diff --git a/hosts/orm/networking.nix b/hosts/orm/networking.nix deleted file mode 100644 index 9423165..0000000 --- a/hosts/orm/networking.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - networking.useNetworkd = true; - networking.interfaces.ens3.useDHCP = true; -} diff --git a/hosts/tehanu/default.nix b/hosts/tehanu/default.nix deleted file mode 100644 index fc1ecad..0000000 --- a/hosts/tehanu/default.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ./hardware-configuration.nix - ./networking.nix - ]; - - nixpkgs.hostPlatform = "aarch64-linux"; - networking.hostName = "tehanu"; - networking.hostId = "8e1185ab"; - - fountain.users.qenya.enable = true; - fountain.admins = [ "qenya" ]; - - qenya.base-server.enable = true; - - system.stateVersion = "23.11"; -} diff --git a/hosts/tehanu/hardware-configuration.nix b/hosts/tehanu/hardware-configuration.nix deleted file mode 100644 index 04d514e..0000000 --- a/hosts/tehanu/hardware-configuration.nix +++ /dev/null @@ -1,38 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_scsi" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "rpool_tehanu/root"; - fsType = "zfs"; - }; - - fileSystems."/nix" = - { device = "rpool_tehanu/nix"; - fsType = "zfs"; - }; - - fileSystems."/var" = - { device = "rpool_tehanu/var"; - fsType = "zfs"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/629B-BA09"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - - swapDevices = [ ]; -} diff --git a/hosts/tehanu/networking.nix b/hosts/tehanu/networking.nix deleted file mode 100644 index 3c27781..0000000 --- a/hosts/tehanu/networking.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - networking.useNetworkd = true; - networking.interfaces.enp0s6.useDHCP = true; -} diff --git a/hosts/tohru/configuration.nix b/hosts/tohru/configuration.nix new file mode 100644 index 0000000..bc9f644 --- /dev/null +++ b/hosts/tohru/configuration.nix @@ -0,0 +1,59 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ./syncthing.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.systemd-boot.editor = false; + + age.secrets.wireguard-peer-tohru.file = ../../secrets/wireguard-peer-tohru.age; + + birdsong.peering = { + enable = true; + privateKeyFile = config.age.secrets.wireguard-peer-tohru.path; + persistentKeepalive = 23; + }; + + programs.evolution.enable = true; + qenya.services.fonts.enable = true; + qenya.services.steam.enable = true; + + home-manager.users.qenya = { pkgs, ... }: { + imports = [ + ./home.nix + ]; + }; + + networking.networkmanager.enable = true; + + i18n.defaultLocale = "en_GB.UTF-8"; + console.keyMap = "uk"; + + services.xserver.enable = true; + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + services.xserver.xkb.layout = "gb"; + + services.printing.enable = true; + + sound.enable = true; + hardware.pulseaudio.enable = true; + + # USB drives + boot.supportedFilesystems = [ "ntfs" ]; + + hardware.enableAllFirmware = true; + services.fwupd.enable = true; + services.fstrim.enable = true; + + boot.initrd.luks.devices = { + "rpool".device = "/dev/nvme0n1p2"; + }; + + system.stateVersion = "23.11"; +} + diff --git a/hosts/tohru/default.nix b/hosts/tohru/default.nix deleted file mode 100644 index f9ee12c..0000000 --- a/hosts/tohru/default.nix +++ /dev/null @@ -1,69 +0,0 @@ -{ config, lib, pkgs, inputs, ... }: - -let - inherit (lib) mkForce; -in -{ - imports = [ - ./filesystems.nix - ./hardware.nix - ./networking.nix - - ./syncthing.nix - ]; - - nixpkgs.hostPlatform = "x86_64-linux"; - networking.hostName = "tohru"; - networking.hostId = "31da19c1"; - - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "rtsx_pci_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; - - qenya.base-graphical.enable = true; - - time.timeZone = "Europe/London"; - i18n.defaultLocale = "en_GB.UTF-8"; - console.keyMap = "uk"; - services.xserver.xkb.layout = "gb"; - - # tohru does not have the resources to run this under other load and is generally powered off when not in use. - # instead, just run `nix-store --optimise` every so often. - nix.optimise.automatic = mkForce false; - - fountain.users.qenya.enable = true; - fountain.admins = [ "qenya" ]; - age.secrets.user-password-tohru-qenya.file = ../../secrets/user-password-tohru-qenya.age; - users.users.qenya.hashedPasswordFile = config.age.secrets.user-password-tohru-qenya.path; - users.users.qenya.extraGroups = [ - "networkmanager" # UI wifi configuration - "dialout" # access to serial ports - ]; - - nixpkgs.overlays = [ inputs.scoutshonour.overlays.default ]; - home-manager.users.qenya = { pkgs, ... }: { - home.packages = with pkgs; [ - keepassxc - apostrophe - foliate - nicotine-plus - tuba - - # games - openttd - prismlauncher - scoutshonour.digital-a-love-story - scoutshonour.dont-take-it-personally-babe - ]; - }; - - qenya.services.distributed-builds = { - enable = true; - keyFile = "/etc/ssh/ssh_host_ed25519_key"; - builders = [ "kilgharrah" ]; - }; - - programs.evolution.enable = true; # not in home-manager yet; not declaratively configurable yet - programs.steam.enable = true; - - system.stateVersion = "23.11"; -} diff --git a/hosts/tohru/filesystems.nix b/hosts/tohru/filesystems.nix deleted file mode 100644 index 6975fe6..0000000 --- a/hosts/tohru/filesystems.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - boot.initrd.luks.devices = { - "rpool".device = "/dev/nvme0n1p2"; - }; - - boot.supportedFilesystems = [ "ntfs" ]; # for USB drives - - fileSystems = { - "/" = { - device = "rpool/root"; - fsType = "zfs"; - }; - "/nix" = { - device = "rpool/nix"; - fsType = "zfs"; - }; - "/var" = { - device = "rpool/var"; - fsType = "zfs"; - }; - "/config" = { - device = "rpool/config"; - fsType = "zfs"; - }; - "/home" = { - device = "rpool/home"; - fsType = "zfs"; - }; - "/data" = { - device = "rpool/data"; - fsType = "zfs"; - }; - "/data/syncthing" = { - device = "rpool/data/syncthing"; - fsType = "zfs"; - }; - "/data/steam" = { - device = "rpool/data/steam"; - fsType = "zfs"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/7DD4-487E"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; - }; - - swapDevices = [{ device = "/dev/disk/by-uuid/a066313e-2467-4e07-ad0c-aeb7ff3f8d97"; }]; -} diff --git a/hosts/tohru/hardware-configuration.nix b/hosts/tohru/hardware-configuration.nix new file mode 100644 index 0000000..71a4dee --- /dev/null +++ b/hosts/tohru/hardware-configuration.nix @@ -0,0 +1,76 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "rpool/root"; + fsType = "zfs"; + }; + + fileSystems."/nix" = + { device = "rpool/nix"; + fsType = "zfs"; + }; + + fileSystems."/var" = + { device = "rpool/var"; + fsType = "zfs"; + }; + + fileSystems."/config" = + { device = "rpool/config"; + fsType = "zfs"; + }; + + fileSystems."/home" = + { device = "rpool/home"; + fsType = "zfs"; + }; + + fileSystems."/data" = + { device = "rpool/data"; + fsType = "zfs"; + }; + + fileSystems."/data/syncthing" = + { device = "rpool/data/syncthing"; + fsType = "zfs"; + }; + + fileSystems."/data/steam" = + { device = "rpool/data/steam"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/7DD4-487E"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/a066313e-2467-4e07-ad0c-aeb7ff3f8d97"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno2.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/tohru/hardware.nix b/hosts/tohru/hardware.nix deleted file mode 100644 index a2515bd..0000000 --- a/hosts/tohru/hardware.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - hardware.enableAllFirmware = true; - hardware.cpu.intel.updateMicrocode = true; - services.fwupd.enable = true; - - services.printing.drivers = [ pkgs.hplip ]; -} - diff --git a/hosts/tohru/home.nix b/hosts/tohru/home.nix new file mode 100644 index 0000000..20526df --- /dev/null +++ b/hosts/tohru/home.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +{ + dconf.enable = true; + + programs = { + firefox.enable = true; # TODO: config is not yet nix-ified + vscode.enable = true; + }; + + home.packages = with pkgs; [ + bitwarden + discord + foliate + gimp-with-plugins + jellyfin-media-player + keepassxc + tor-browser-bundle-bin + + # libreoffice + libreoffice + hunspell + hunspellDicts.en_GB-ise + + # games + openttd + prismlauncher + nur.repos.qenya.digital-a-love-story + nur.repos.qenya.dont-take-it-personally-babe + ]; +} diff --git a/hosts/tohru/networking.nix b/hosts/tohru/networking.nix deleted file mode 100644 index be3822f..0000000 --- a/hosts/tohru/networking.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - networking.useNetworkd = true; - systemd.network.wait-online.enable = false; - - networking.networkmanager.enable = true; -} diff --git a/hosts/yevaud/configuration.nix b/hosts/yevaud/configuration.nix new file mode 100644 index 0000000..0c21462 --- /dev/null +++ b/hosts/yevaud/configuration.nix @@ -0,0 +1,41 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + age.secrets.wireguard-peer-yevaud.file = ../../secrets/wireguard-peer-yevaud.age; + + birdsong.peering = { + enable = true; + privateKeyFile = config.age.secrets.wireguard-peer-yevaud.path; + }; + + qenya.services.forgejo = { + enable = true; + domain = "git.qenya.tel"; + stateDir = "/data/forgejo"; + }; + + services.nginx = { + enable = true; + virtualHosts = { + "git.katherina.rocks" = { + forceSSL = true; + enableACME = true; + locations."/".return = "301 https://git.qenya.tel$request_uri"; + }; + "birdsong.network" = { + forceSSL = true; + enableACME = true; + locations."/".return = "301 https://git.qenya.tel/qenya/birdsong/"; + }; + }; + }; + + system.stateVersion = "23.11"; +} diff --git a/hosts/yevaud/default.nix b/hosts/yevaud/default.nix deleted file mode 100644 index 6834203..0000000 --- a/hosts/yevaud/default.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ./hardware-configuration.nix - ./networking.nix - - ./experiments/pennykettle.nix - ]; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - networking.hostName = "yevaud"; - networking.hostId = "09673d65"; - - fountain.users.qenya.enable = true; - fountain.admins = [ "qenya" ]; - qenya.base-server.enable = true; - - qenya.services.distributed-builds = { - enable = true; - keyFile = "/etc/ssh/ssh_host_ed25519_key"; - builders = [ "kilgharrah" ]; - }; - nix.settings.max-jobs = 0; - - randomcat.services.zfs.datasets = { - "rpool/state" = { mountpoint = "none"; }; - "rpool/state/forgejo" = { mountpoint = "/var/lib/forgejo"; }; - }; - - services.sanoid.datasets."rpool/state" = { - useTemplate = [ "production" ]; - recursive = "zfs"; - }; - - qenya.services.forgejo = { - enable = true; - domain = "git.unspecified.systems"; - }; - fountain.services.web-redirect = { - enable = true; - domains = { - "git.katherina.rocks" = "git.unspecified.systems"; - "git.qenya.tel" = "git.unspecified.systems"; - }; - }; - - system.stateVersion = "23.11"; -} diff --git a/hosts/yevaud/experiments/pennykettle.nix b/hosts/yevaud/experiments/pennykettle.nix deleted file mode 100644 index 7453219..0000000 --- a/hosts/yevaud/experiments/pennykettle.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - networking.firewall.allowedUDPPorts = [ 51820 ]; - networking.firewall.interfaces."tailscale0".allowedTCPPorts = config.networking.firewall.allowedTCPPorts ++ [ 1080 ]; - - environment.systemPackages = [ pkgs.wireguard-tools ]; - networking.wireguard.interfaces."wg-protonvpn" = { - ips = [ "10.2.0.2/32" ]; - peers = [{ - allowedIPs = [ "0.0.0.0/0" "::/0" ]; - endpoint = "217.138.216.162:51820"; - publicKey = "C+u+eQw5yWI2APCfVJwW6Ovj3g4IrTOfe+tMZnNz43s="; - }]; - privateKeyFile = config.age.secrets.protonvpn-pennykettle1.path; - listenPort = 51820; - table = "957851094"; # randomly generated - }; - - networking.localCommands = '' - ip rule add from 10.2.0.2/32 table 957851094 - ''; - networking.firewall.checkReversePath = "loose"; - - age.secrets.protonvpn-pennykettle1 = { - file = ../../../secrets/protonvpn-pennykettle1.age; - owner = "root"; - group = "systemd-network"; - mode = "640"; - }; - - services.dante = { - enable = true; - config = '' - debug: 2 - internal: tailscale0 - external: wg-protonvpn - - # auth/tls handled by tailscale - clientmethod: none - socksmethod: none - - # allow connections from tailscale - # "0/0" matches any v4 or v6 address - client pass { - from: 100.64.0.0/10 to: 0/0 - log: error connect disconnect - } - client pass { - from: fd7a:115c:a1e0::/48 to: 0/0 - log: error connect disconnect - } - - socks pass { - from: 0/0 to: 0/0 - protocol: tcp udp - log: error connect disconnect iooperation - } - ''; - }; - - systemd.services.dante = { - wants = [ "tailscaled-autoconnect.service" ]; - after = [ "tailscaled-autoconnect.service" ]; - }; -} diff --git a/hosts/yevaud/hardware-configuration.nix b/hosts/yevaud/hardware-configuration.nix index 72da1b4..aa624a3 100644 --- a/hosts/yevaud/hardware-configuration.nix +++ b/hosts/yevaud/hardware-configuration.nix @@ -28,6 +28,11 @@ fsType = "zfs"; }; + fileSystems."/data/forgejo" = + { device = "rpool/forgejo"; + fsType = "zfs"; + }; + fileSystems."/boot" = { device = "/dev/disk/by-uuid/107D-5AB3"; fsType = "vfat"; @@ -37,4 +42,13 @@ swapDevices = [ { device = "/dev/disk/by-uuid/f8b6eb35-33ad-4e19-bf3d-cac5ec38a8dc"; } ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } diff --git a/hosts/yevaud/networking.nix b/hosts/yevaud/networking.nix deleted file mode 100644 index d54ca7f..0000000 --- a/hosts/yevaud/networking.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - networking.interfaces.ens3.useDHCP = true; -} diff --git a/keys.nix b/keys.nix index cba8c49..de1a65d 100644 --- a/keys.nix +++ b/keys.nix @@ -1,34 +1,19 @@ { machines = { - reese = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPd0qGxvcMLDwX1bqYpwOUL5c/CIgBllMFr+bGkwiwAn root@reese"; - bear = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZ9Kn1CIcDHaleKHf7zO6O30Rbxs/FwL0/Ie+mEjZJr root@bear"; - shaw = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMC0AomCZZiUV/BCpImiV4p/vGvFaz5QNc+fJLXmS5p root@shaw"; - groves = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQNZ/Q+x7mDYfYXftpZpWkfPByyMBbYmVFobM4vSDW2 root@groves"; tohru = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOk8wuGzF0Y7SaH9aimo3SmCz99MTQwL+rEVhx0jsueU root@tohru"; yevaud = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICHUAgyQhl390yUObLUI+jEbuNrZ2U6+8px628DolD+T root@yevaud"; orm = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGc9rkcdOVWozBFj3kLVnSyUQQbyyH+UG+bLawanQkRQ root@orm"; - kalessin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOPt3iSSmgnlsv1/jafgZgI7o8UuXzcAL45hID2ThfS8 root@kalessin"; - tehanu = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ1fNylfLo7Z8m/DroRlj7cHMLhYL7boP3r/upVrtMJQ root@tehanu"; - kilgharrah = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOgGF3gzzlMbxxk3UAAgHJ7sDdjqtrw7UW16M1XhXtz2 root@kilgharrah"; - elucredassa = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA+Y/vqGNc1wXUAg4XMAAcLupkggywj2LpYDwA16ONbH root@elucredassa"; - carter = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEHHHYG6A995Po05+JXQsvB79ZoIiSOJnW6AiJgVYPic root@carter"; }; users = { qenya = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjBuuxo+w3yED0aPnsNb8S90p/GgBqFEG9K4ETZ5Wkq qenya@kilgharrah" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEmkV9arotms79lJPsLHkdzAac4eu3pYS08ym0sB/on qenya@tohru" ]; randomcat = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDHagOaeTR+/7FL9sErciMw30cmV/VW8HU7J3ZFU5nj9 janet@randomcat.org" ]; - trungle = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA57legzdIcYTVVri4Wc0CvgWefbRhmUqhu0F/5f8FB reuben@glenda-artix" + richard = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHAuYWPfYVKdjBY/gBMt2n11Seb+hMqjui1PQ6C4ph8i richard@tress" ]; - gaelan = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFbDvPKnPXe+58QgdgK8yZ3Ac9dkJdtHJ3pQwWhszM7McwCzCEO/b940K0orLjfeUruC+hGJZO8heIh0J6JwSK907aS2wpHofU9q7bMT0PYeuHrSb2iFrOFIkTIWpO8hnWad8TGKOlOdNTKEdB9zwxXEKTFb9QW1Z27Zql79W44jUvaOTb7gKUps37O77lHEJDModaRsXS2523pSbrTZKDwZ73+S0ECeNUwwzLUyOOUHfENEXnM18hWm8mV0iU7kxFcmS33z9rWlWPNiCXnBnSi5LPgBarYOAqQf56f9OisafKqvc3uX+yn0kGCDWglVGUkbhfSIP9+w+yv/h/NJWIJlJC92ndbktAqAQW4gb7lXYxpbdoWcmqEy97q0e2vyBdhcVXwZ+0q+U8I74m8trq36ieHDtLKYkiFBX6zvrLP4I5OZU+EecdV2HcMoU8HNa5u1mvG+oHaEgkR70a5cQtrPzWLS/OMLqvWL39vO7RNskzwWCSuWScxDGitr+BunRRbL4aKNkkPjdDlIqb/SfSrFikOo75f5Ku4I32nbM7SNpIjA4cHe50rx1UB8lT+RwHdxL99OdoxIPCe6OLA5uT8VGPXkvqd/ZIFOL2HaM+uPLaYbjwLrHlwSOLgGbehmsSD369EXv6NAc5wbzsSLJQhJ66d5unnzGjn4dRt9sbDw== gbs@canishe.com" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHId+2dJYiZK++p8lu9Bax0J29JjeuU4qcIBdLwEz3lm gbs@canishe.com" - ]; }; } diff --git a/npins/default.nix b/npins/default.nix new file mode 100644 index 0000000..5e7d086 --- /dev/null +++ b/npins/default.nix @@ -0,0 +1,80 @@ +# Generated by npins. Do not modify; will be overwritten regularly +let + data = builtins.fromJSON (builtins.readFile ./sources.json); + version = data.version; + + mkSource = + spec: + assert spec ? type; + let + path = + if spec.type == "Git" then + mkGitSource spec + else if spec.type == "GitRelease" then + mkGitSource spec + else if spec.type == "PyPi" then + mkPyPiSource spec + else if spec.type == "Channel" then + mkChannelSource spec + else + builtins.throw "Unknown source type ${spec.type}"; + in + spec // { outPath = path; }; + + mkGitSource = + { + repository, + revision, + url ? null, + hash, + branch ? null, + ... + }: + assert repository ? type; + # At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository + # In the latter case, there we will always be an url to the tarball + if url != null then + (builtins.fetchTarball { + inherit url; + sha256 = hash; # FIXME: check nix version & use SRI hashes + }) + else + assert repository.type == "Git"; + let + urlToName = + url: rev: + let + matched = builtins.match "^.*/([^/]*)(\\.git)?$" repository.url; + + short = builtins.substring 0 7 rev; + + appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else ""; + in + "${if matched == null then "source" else builtins.head matched}${appendShort}"; + name = urlToName repository.url revision; + in + builtins.fetchGit { + url = repository.url; + rev = revision; + inherit name; + # hash = hash; + }; + + mkPyPiSource = + { url, hash, ... }: + builtins.fetchurl { + inherit url; + sha256 = hash; + }; + + mkChannelSource = + { url, hash, ... }: + builtins.fetchTarball { + inherit url; + sha256 = hash; + }; +in +if version == 3 then + builtins.mapAttrs (_: mkSource) data.pins +else + throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`" diff --git a/npins/sources.json b/npins/sources.json new file mode 100644 index 0000000..7110f10 --- /dev/null +++ b/npins/sources.json @@ -0,0 +1,17 @@ +{ + "pins": { + "nur": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "nix-community", + "repo": "NUR" + }, + "branch": "master", + "revision": "6cbb9fb9c5d55fa2af9a5b0d3185d56c90ad62aa", + "url": "https://github.com/nix-community/NUR/archive/6cbb9fb9c5d55fa2af9a5b0d3185d56c90ad62aa.tar.gz", + "hash": "1w1n56p4hbq1zlz8hiw3169kxsw4cn5maahlk8vdzprs498f69kg" + } + }, + "version": 3 +} \ No newline at end of file diff --git a/secrets.nix b/secrets.nix index 25ba859..e6dd703 100644 --- a/secrets.nix +++ b/secrets.nix @@ -1,18 +1,19 @@ let keys = import ./keys.nix; + commonKeys = keys.users.qenya; + secrets = with keys; { - ftp-userDb-qenya = [ machines.kilgharrah ] ++ keys.users.qenya; - user-password-kilgharrah-qenya = [ machines.kilgharrah ] ++ keys.users.qenya; - user-password-tohru-qenya = [ machines.tohru ] ++ keys.users.qenya; - protonvpn-pennykettle1 = [ machines.yevaud ] ++ keys.users.qenya; + wireguard-peer-orm = [ machines.orm ]; + wireguard-peer-tohru = [ machines.tohru ]; + wireguard-peer-yevaud = [ machines.yevaud ]; }; in builtins.listToAttrs ( map (secretName: { name = "secrets/${secretName}.age"; - value.publicKeys = secrets."${secretName}"; + value.publicKeys = secrets."${secretName}" ++ commonKeys; }) (builtins.attrNames secrets) ) diff --git a/secrets/ftp-userDb-qenya.age b/secrets/ftp-userDb-qenya.age deleted file mode 100644 index 53f83c0..0000000 Binary files a/secrets/ftp-userDb-qenya.age and /dev/null differ diff --git a/secrets/protonvpn-pennykettle1.age b/secrets/protonvpn-pennykettle1.age deleted file mode 100644 index e58dc56..0000000 --- a/secrets/protonvpn-pennykettle1.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 uJfgGw +h4WiWyMlQZ5iaMFTl/whUD0vJnIN0GYeqRbZ0MIH0o -eKio4DsSJlrvSAjmR0naDO/lmB78o7cy7QC9WZjHUa0 --> ssh-ed25519 seJ9Iw xov8WY0TxEj5/wkWg1T0kmrbpXsNhDLnZwqyIg0eExA -wu5QApQk6K8Fu5XMTrWY2veoYbJVuQmn3DJXewVB860 --> ssh-ed25519 900ILw N6RbpHr4Vwgm0BUCuMXzVo3VEgrl29NF8ZJU5Far7yk -KdA1dZXmcSF3cH9bVdmIbj7iZO3uuSY+isjswDzSu+Y ---- YtnS9FqXVat2hi9BLvX+71HEZDw3zcxIQ7Dp5+iao4c -a'|N7NT5]O0Sm<-1:dg^/u7N?XM~s.9cC \ No newline at end of file diff --git a/secrets/user-password-kilgharrah-qenya.age b/secrets/user-password-kilgharrah-qenya.age deleted file mode 100644 index 58fae24..0000000 Binary files a/secrets/user-password-kilgharrah-qenya.age and /dev/null differ diff --git a/secrets/user-password-tohru-qenya.age b/secrets/user-password-tohru-qenya.age deleted file mode 100644 index cfe5260..0000000 Binary files a/secrets/user-password-tohru-qenya.age and /dev/null differ diff --git a/secrets/wireguard-peer-orm.age b/secrets/wireguard-peer-orm.age new file mode 100644 index 0000000..6cd9c12 --- /dev/null +++ b/secrets/wireguard-peer-orm.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 l/RSAw +h2Jz8m9ZEklGxWK8HcixO3+D4AVATPI3m3wE1ITviM +US+J+FDPJ/nmLT1ylRGfXyfjiJRgLpdgCg1L3IPrmrc +-> ssh-ed25519 900ILw bX/KdX53EFQCmWI0MU/wKfzqKmAw+/fMs4/955iYOlw +7epwHu5g+p6BHe/ksaA9MAvpneZBwHeqnMtSc1m3FFY +-> !V-grease &x6T2i d0B}! +tkT/G8gEKyx280vDO1QgG5ERBCkR9XCgk8IIE1AeBONi9eo+Z0sGfNHv2DXFx14B +TcKX31wDmUbtv8j+4d7722YeZ4jvKiSuQA38zLREOGJyhA +--- TR/GFMXQ4N6AMuScg8LSednd6jAJugxgCJLegPtFmgI +4>?(Y|R5V  ×4'[K_ѝ,ϧ Tk5TC~c*D[N䃼< \ No newline at end of file diff --git a/secrets/wireguard-peer-orm.pub b/secrets/wireguard-peer-orm.pub new file mode 100644 index 0000000..c6f541c --- /dev/null +++ b/secrets/wireguard-peer-orm.pub @@ -0,0 +1 @@ +birdLVh8roeZpcVo308Ums4l/aibhAxbi7MBsglkJyA= diff --git a/secrets/wireguard-peer-tohru.age b/secrets/wireguard-peer-tohru.age new file mode 100644 index 0000000..f99168e --- /dev/null +++ b/secrets/wireguard-peer-tohru.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 yZzWlg HKjvqxwrKVDSKuKcog2RTryVc+0vWII6DdFuouffNWs +fPlYoR4wSrGPlX3t11J1YSP3yToM2RjJVfLKM4oATxA +-> ssh-ed25519 900ILw f76/jY251hkNMd3fBVZPuoWleh4ZdSdu95p7WDlmZi4 +iSULkGxw9aokMgv59fhW3LzJR/Dpx+LVCc6jbbPwCgU +-> vdo-grease +8NUae81gLW0x8UoCVKqQUZaqkG8FTXwnysjEgXaEGBgDxjpuTp+C5qWczNYAXOFN +ha3mtF6IYHFHBZKsH0t1366nfYDAQXHOuu0hN4GBBz8gqnUt +--- uB1k+yMkL5ZUHXGSDv8ZPHDn0UfHOv1x3tRa2eIdbP8 +EY3Due/e4G[lQ=CovͿz/nbLa_h{A{ \ No newline at end of file diff --git a/secrets/wireguard-peer-tohru.pub b/secrets/wireguard-peer-tohru.pub new file mode 100644 index 0000000..6930ed6 --- /dev/null +++ b/secrets/wireguard-peer-tohru.pub @@ -0,0 +1 @@ +lk3PCQM1jmZoI8sM/rWSyKNuZOUnjox3n9L9geJD+18= diff --git a/secrets/wireguard-peer-yevaud.age b/secrets/wireguard-peer-yevaud.age new file mode 100644 index 0000000..d331bda Binary files /dev/null and b/secrets/wireguard-peer-yevaud.age differ diff --git a/secrets/wireguard-peer-yevaud.pub b/secrets/wireguard-peer-yevaud.pub new file mode 100644 index 0000000..871b993 --- /dev/null +++ b/secrets/wireguard-peer-yevaud.pub @@ -0,0 +1 @@ +YPJsIs9x4wuWdFi/QRWSJbWvKE0GQAfVL4MNMqHygDw= diff --git a/services/actual.nix b/services/actual.nix deleted file mode 100644 index 3a006ea..0000000 --- a/services/actual.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkOption mkEnableOption types; - cfg = config.qenya.services.actual; -in -{ - options.qenya.services.actual = { - enable = mkEnableOption "Actual Budget"; - domain = mkOption { - type = types.str; - }; - }; - - config = mkIf cfg.enable { - services.nginx = { - enable = true; - virtualHosts = { - ${cfg.domain} = { - forceSSL = true; - enableACME = true; - locations."/".proxyPass = "http://127.0.0.1:5006/"; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - - services.actual = { - enable = true; - settings.port = 5006; - }; - }; -} diff --git a/services/audiobookshelf.nix b/services/audiobookshelf.nix deleted file mode 100644 index 6019108..0000000 --- a/services/audiobookshelf.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; -let - cfg = config.qenya.services.audiobookshelf; -in -{ - options.qenya.services.audiobookshelf = { - enable = mkEnableOption "Audiobookshelf"; - domain = mkOption { - type = types.str; - }; - }; - - config = mkIf cfg.enable { - services.nginx = { - enable = true; - virtualHosts = { - ${cfg.domain} = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://127.0.0.1:8234/"; - proxyWebsockets = true; - }; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - - services.audiobookshelf.enable = true; - services.audiobookshelf.port = 8234; - }; -} diff --git a/services/default.nix b/services/default.nix index 194eb43..7c73723 100644 --- a/services/default.nix +++ b/services/default.nix @@ -1,14 +1,7 @@ { imports = [ - ./actual.nix - ./audiobookshelf.nix - ./distributed-builds.nix + ./fonts.nix ./forgejo.nix - ./headscale.nix - ./jellyfin.nix - ./navidrome.nix - ./owncast.nix - ./remote-builder.nix - ./web-redirect.nix + ./steam.nix ]; -} +} \ No newline at end of file diff --git a/services/distributed-builds.nix b/services/distributed-builds.nix deleted file mode 100644 index 025a0f0..0000000 --- a/services/distributed-builds.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (builtins) elem; - inherit (lib) mkIf mkEnableOption mkOption types optional; - cfg = config.qenya.services.distributed-builds; -in -{ - options.qenya.services.distributed-builds = { - enable = mkEnableOption "distributed builds"; - keyFile = mkOption { - type = types.path; - description = '' - Path to the OpenSSH private key to be used for distributed builds. - ''; - }; - builders = mkOption { - type = types.listOf types.str; - default = [ ]; - description = '' - List of builders to attempt to use for distributed builds. - ''; - example = [ "kalessin" ]; - }; - }; - - config = mkIf cfg.enable { - assertions = [{ - assertion = cfg ? keyFile; - message = "must specify a private key to be used for distributed builds"; - }]; - - nix.distributedBuilds = true; - nix.settings.builders-use-substitutes = true; - - nix.buildMachines = - (optional (elem "kalessin" cfg.builders) { - hostName = "kalessin.birdsong.network"; - sshUser = "remotebuild"; - sshKey = cfg.keyFile; - systems = [ "aarch64-linux" ]; - maxJobs = 2; - supportedFeatures = [ "big-parallel" ]; - }) - ++ (optional (elem "kilgharrah" cfg.builders) { - hostName = "kilgharrah.birdsong.network"; - sshUser = "remotebuild"; - sshKey = cfg.keyFile; - systems = [ "x86_64-linux" ]; - maxJobs = 12; - supportedFeatures = [ "big-parallel" ]; - }); - }; -} diff --git a/services/fonts.nix b/services/fonts.nix new file mode 100644 index 0000000..dcd9d1b --- /dev/null +++ b/services/fonts.nix @@ -0,0 +1,17 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + cfg = config.qenya.services.fonts; +in +{ + options.qenya.services.fonts = { + enable = mkEnableOption "Fonts"; + }; + + config = mkIf cfg.enable { + fonts.packages = with pkgs; [ + corefonts + ]; + }; +} diff --git a/services/forgejo.nix b/services/forgejo.nix index cf18e8f..9f3f6f1 100644 --- a/services/forgejo.nix +++ b/services/forgejo.nix @@ -10,6 +10,9 @@ in domain = mkOption { type = types.str; }; + stateDir = mkOption { + type = types.str; + }; }; config = mkIf cfg.enable { @@ -30,6 +33,7 @@ in forgejo = { enable = true; + stateDir = cfg.stateDir; settings = { DEFAULT.APP_NAME = cfg.domain; cache = { diff --git a/services/headscale.nix b/services/headscale.nix deleted file mode 100644 index d5f2fe9..0000000 --- a/services/headscale.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkOption mkEnableOption types; - cfg = config.qenya.services.headscale; -in -{ - options.qenya.services.headscale = { - enable = mkEnableOption "Headscale"; - domain = mkOption { - type = types.str; - }; - dataDir = mkOption { - type = types.str; - }; - }; - - config = mkIf cfg.enable { - services.nginx = { - enable = true; - virtualHosts = { - ${cfg.domain} = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://127.0.0.1:32770/"; - proxyWebsockets = true; - }; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - - services.headscale = { - enable = true; - address = "0.0.0.0"; # required to disable built-in ACME client for some reason - port = 32770; - settings = { - server_url = "https://${cfg.domain}:443"; - prefixes.allocation = "random"; - dns = { - magic_dns = true; - base_domain = "birdsong.network"; - }; - - # disable built-in ACME client - tls_cert_path = null; - tls_key_path = null; - }; - }; - }; -} diff --git a/services/jellyfin.nix b/services/jellyfin.nix deleted file mode 100644 index 154007d..0000000 --- a/services/jellyfin.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; -let - cfg = config.qenya.services.jellyfin; -in -{ - options.qenya.services.jellyfin = { - enable = mkEnableOption "Jellyfin"; - domain = mkOption { - type = types.str; - }; - }; - - config = mkIf cfg.enable { - services.nginx = { - enable = true; - virtualHosts = { - ${cfg.domain} = { - forceSSL = true; - enableACME = true; - locations."/".proxyPass = "http://127.0.0.1:8096/"; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - - services.jellyfin.enable = true; - }; -} diff --git a/services/navidrome.nix b/services/navidrome.nix deleted file mode 100644 index d678005..0000000 --- a/services/navidrome.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkOption mkEnableOption types; - cfg = config.qenya.services.navidrome; -in -{ - options.qenya.services.navidrome = { - enable = mkEnableOption "Navidrome"; - domain = mkOption { - type = types.str; - }; - dataDir = mkOption { - type = types.str; - }; - }; - - config = mkIf cfg.enable { - services.nginx = { - enable = true; - virtualHosts = { - ${cfg.domain} = { - forceSSL = true; - enableACME = true; - locations."/".proxyPass = "http://127.0.0.1:4533/"; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - - services.navidrome.enable = true; - services.navidrome.settings = { - MusicFolder = cfg.dataDir; - BaseUrl = "https://${cfg.domain}"; - }; - }; -} diff --git a/services/owncast.nix b/services/owncast.nix deleted file mode 100644 index 47173d0..0000000 --- a/services/owncast.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkOption mkEnableOption types; - cfg = config.qenya.services.owncast; -in -{ - options.qenya.services.owncast = { - enable = mkEnableOption "Owncast"; - domain = mkOption { - type = types.str; - }; - dataDir = mkOption { - type = types.str; - }; - }; - - config = mkIf cfg.enable { - services.nginx = { - enable = true; - virtualHosts = { - ${cfg.domain} = { - forceSSL = true; - enableACME = true; - locations."/".proxyPass = "http://127.0.0.1:32769/"; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 1935 ]; # 1935 for rtmp - - services.owncast.enable = true; - services.owncast.port = 32769; - services.owncast.dataDir = cfg.dataDir; - }; -} diff --git a/services/remote-builder.nix b/services/remote-builder.nix deleted file mode 100644 index 265241a..0000000 --- a/services/remote-builder.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkOption mkEnableOption types; - cfg = config.qenya.services.remote-builder; -in -{ - options.qenya.services.remote-builder = { - enable = mkEnableOption "remote builder"; - authorizedKeys = { - keys = mkOption { - type = types.listOf types.singleLineStr; - default = [ ]; - description = '' - A list of verbatim OpenSSH public keys that should be authorized to - use this remote builder. See - `users.users..openssh.authorizedKeys.keys`. - ''; - }; - keyFiles = mkOption { - type = types.listOf types.path; - default = [ ]; - description = '' - A list of files each containing one OpenSSH public key that should be - authorized to use this remote builder. See - `users.users..openssh.authorizedKeys.keyFiles`. - ''; - }; - }; - }; - - config = mkIf cfg.enable { - users.users.remotebuild = { - isSystemUser = true; - group = "nogroup"; - shell = "/bin/sh"; - openssh.authorizedKeys.keys = cfg.authorizedKeys.keys; - openssh.authorizedKeys.keyFiles = cfg.authorizedKeys.keyFiles; - }; - - nix.nrBuildUsers = 64; - nix.settings.trusted-users = [ "remotebuild" ]; - }; -} diff --git a/services/steam.nix b/services/steam.nix new file mode 100644 index 0000000..d7ef010 --- /dev/null +++ b/services/steam.nix @@ -0,0 +1,21 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + cfg = config.qenya.services.steam; +in +{ + options.qenya.services.steam = { + enable = mkEnableOption "Steam"; + }; + + config = mkIf cfg.enable { + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + }; + + services.joycond.enable = true; + }; +} diff --git a/services/web-redirect.nix b/services/web-redirect.nix deleted file mode 100644 index 92b9c5a..0000000 --- a/services/web-redirect.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkOption mkEnableOption types; - cfg = config.fountain.services.web-redirect; -in -{ - options.fountain.services.web-redirect = { - enable = mkEnableOption "Module to do simple 301 redirects from one domain to another"; - domains = mkOption { - type = types.attrsOf types.str; - description = "Mapping from source domain to destination domain"; - }; - }; - - config = mkIf cfg.enable { - services.nginx = { - enable = true; - virtualHosts = builtins.mapAttrs - (name: value: { - forceSSL = true; - enableACME = true; - locations."/".return = "301 https://${value}$request_uri"; - }) - cfg.domains; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - }; -} diff --git a/shell.nix b/shell.nix deleted file mode 100644 index a2d1b10..0000000 --- a/shell.nix +++ /dev/null @@ -1,9 +0,0 @@ -let - shell = (import - (fetchTarball { - url = "https://github.com/edolstra/flake-compat/archive/refs/tags/v1.0.1.tar.gz"; - sha256 = "0m9grvfsbwmvgwaxvdzv6cmyvjnlww004gfxjvcl806ndqaxzy4j"; - }) - { src = ./.; }).shellNix; -in -shell.devShells.${builtins.currentSystem}