koi.rip / dotfiles
my nixos dotfiles :3 codeberg.org/koibtw/dotfiles
dotfiles neovim nixos catppuccin linux
fork atom

Compare changes

Choose any two refs to compare.

options
unified split
Changed files
+928 -858
.github
CODEOWNERS
workflows
checks.yml
update.yml
.woodpecker
checks.yml
CODEOWNERS
README.md
doc
preview.webp
external
config
fastfetch
config.jsonc
hypr
hyprland.conf
hyprpaper.conf
quickshell
Modules
Bar
Bar.qml
Music.qml
Spacer.qml
Txt.qml
Workspaces.qml
Services
Niri
Niri.qml
niri.mjs
shell.qml
scripts
ff.sh
zsh
functions.zsh
prompt.zsh
flake.lock
flake.nix
formatter.nix
home
adam.nix
koi.nix
modules
packages.nix
programs
chromium.nix
cuteff.nix
default.nix
dunst.nix
foot.nix
fzf.nix
git.nix
iamb.nix
kitty.nix
neovim.nix
niri.nix
quickshell.nix
rofi.nix
vesktop.nix
waybar.nix
zsh.nix
wallpaper.nix
modules
base
boot.nix
networking.nix
nix.nix
nixpkgs.nix
services
openssh.nix
system.nix
users
adam.nix
default.nix
koi.nix
root.nix
desktop
default.nix
home.nix
secrets
secrets.nix
ssl-adamperkowski.cert.pem.age
ssl-adamperkowski.key.pem.age
vaultwarden.env.age
wakatime.cfg.age
systems
miku
default.nix
modules
systemd-boot.nix
seber
default.nix
hardware.nix
services
default.nix
ebil-club.nix
lebel.nix
mimi.nix
vaultwarden.nix
website.nix
-2
.github/CODEOWNERS
··· 1 - * @adamperkowski 2 - external/scripts/nix-shell-generate.sh @Sebaguardian
-32
.github/workflows/checks.yml
··· 1 - name: checks 2 - 3 - on: 4 - push: 5 - branches: 6 - - main 7 - pull_request: 8 - branches: 9 - - main 10 - 11 - jobs: 12 - nix: 13 - runs-on: ubuntu-latest 14 - steps: 15 - - uses: actions/checkout@v6 16 - - uses: wimpysworld/nothing-but-nix@main 17 - - name: install nix 18 - uses: cachix/install-nix-action@v31 19 - - name: formatting 20 - run: | 21 - nix fmt 22 - if [ -n "$(git status --porcelain)" ]; then 23 - git --no-pager diff 24 - exit 1 25 - fi 26 - - name: flake check 27 - run: nix flake check 28 - misc: 29 - runs-on: ubuntu-latest 30 - steps: 31 - - name: commit message 32 - uses: adamperkowski/commits@main
-49
.github/workflows/update.yml
··· 1 - name: update 2 - 3 - on: 4 - schedule: 5 - - cron: '0 0 * * 0' 6 - workflow_dispatch: 7 - 8 - permissions: 9 - contents: write 10 - pull-requests: write 11 - 12 - jobs: 13 - nix: 14 - runs-on: ubuntu-latest 15 - steps: 16 - - uses: actions/checkout@v6 17 - - name: install nix 18 - uses: cachix/install-nix-action@v31 19 - - name: flake inputs 20 - run: nix flake update 21 - - name: create pull request 22 - uses: peter-evans/create-pull-request@v7 23 - with: 24 - commit-message: 'flake: update inputs' 25 - committer: 'github-actions[bot] <github-actions[bot]@users.noreply.github.com>' 26 - author: 'github-actions[bot] <github-actions[bot]@users.noreply.github.com>' 27 - branch: 'flake/update-inputs' 28 - title: 'flake: update inputs' 29 - reviewers: adamperkowski 30 - assignees: adamperkowski 31 - actions: 32 - runs-on: ubuntu-latest 33 - steps: 34 - - uses: actions/checkout@v6 35 - - name: update actions 36 - uses: saadmk11/github-actions-version-updater@v0.9.0 37 - with: 38 - token: 'aaaaaaaaaa' 39 - skip_pull_request: true 40 - - name: create pull request 41 - uses: peter-evans/create-pull-request@v7 42 - with: 43 - commit-message: 'ci: update github actions' 44 - committer: 'github-actions[bot] <github-actions[bot]@users.noreply.github.com>' 45 - author: 'github-actions[bot] <github-actions[bot]@users.noreply.github.com>' 46 - branch: 'ci/update-github-actions' 47 - title: 'ci: update github actions' 48 - reviewers: adamperkowski 49 - assignees: adamperkowski
+15
.woodpecker/checks.yml
··· 1 + when: 2 + - event: [push, pull_request] 3 + branch: main 4 + 5 + steps: 6 + - name: commit message 7 + image: codeberg.org/koibtw/commits:latest 8 + commands: 9 + - check-commit-message "$(git log -1 --pretty=%B)" 10 + - name: formatting 11 + image: nixos/nix 12 + commands: 13 + - echo 'experimental-features = flakes nix-command' >> /etc/nix/nix.conf 14 + - nix fmt --inputs-from . 15 + - nix shell --inputs-from . nixpkgs#git -c git diff --exit-code
+2
CODEOWNERS
··· 1 + * @koibtw 2 + external/scripts/nix-shell-generate.sh @sebaguardian
+3 -3
README.md
··· 1 1 <div> 2 2 3 - <a href="https://adamperkowski.dev" target="_blank"> 3 + <a href="https://koi.rip" target="_blank"> 4 4 <img 5 5 width="88" 6 6 height="31" 7 - src="https://adamperkowski.dev/img/badges/mimi-the-car.gif" 7 + src="https://koi.rip/img/badges/mimi-the-car.gif" 8 8 alt="mimi the car (my website)" 9 9 align="right"> 10 10 </a> ··· 20 20 <img 21 21 width="496" 22 22 height="32" 23 - src="https://adamperkowski.dev/img/mimi-banner.gif" 23 + src="https://koi.rip/img/mimi-banner.gif" 24 24 alt="mimi banner" 25 25 align="center"> 26 26
doc/preview.webp

This is a binary file and will not be displayed.

-84
external/config/fastfetch/config.jsonc
··· 1 - // Copyright (c) 2024-present nnyyxxxx, Adam Perkowski 2 - 3 - { 4 - "$schema": "https://github.com/fastfetch-cli/fastfetch/raw/dev/doc/json_schema.json", 5 - "display": { 6 - "color": "#b4befe", 7 - "separator": " :", 8 - 9 - "key": { 10 - "width": 17, 11 - "paddingLeft": 2, 12 - "type": "both" 13 - } 14 - }, 15 - 16 - "logo": { 17 - "source": "auto", 18 - "color": { 19 - "1": "#b4befe", 20 - "2": "#cba6f7" 21 - }, 22 - "padding": { 23 - "top": 1, 24 - "left": 2, 25 - "right": 2 26 - } 27 - }, 28 - 29 - "modules": [ 30 - "break", 31 - "break", 32 - { 33 - "type": "custom", 34 - "format": "\u001b[0;38;2;180;190;254mแ“šโ‚ ^. .^โ‚Ž ๎ปญ โ‚^. .^ โ‚Žแ“—\u001b[0m" 35 - }, 36 - { 37 - "type": "custom", 38 - "format": "\u001b[0;38;2;203;166;247mโ•ญโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ•ฎ\u001b[0m" 39 - }, 40 - { 41 - "type": "users", 42 - "key": "user ", 43 - "keyIcon": "๏Šฝ ", 44 - "format": "{name}" 45 - }, 46 - { 47 - "type": "command", 48 - "shell": "/bin/sh", 49 - "text": "hostname", 50 - "key": "hostname", 51 - "keyIcon": "๏ˆณ ", 52 - "format": "{result}" 53 - }, 54 - { 55 - "type": "uptime", 56 - "key": "uptime ", 57 - "keyIcon": "๏‡พ ", 58 - "format": "{days}d {hours}h {minutes}m" 59 - }, 60 - { 61 - "type": "os", 62 - "key": "distro ", 63 - "keyIcon": "๎ทฉ ", 64 - "format": "{name} {version-id}" 65 - }, 66 - { 67 - "type": "kernel", 68 - "key": "kernel ", 69 - "keyIcon": "๏€“ " 70 - }, 71 - { 72 - "type": "command", 73 - "shell": "/bin/sh", 74 - "text": "kitget -V | cut -d ' ' -f2", 75 - "key": "kitget ", 76 - "keyIcon": "๓ฐ„› ", 77 - "format": "{result}" 78 - }, 79 - { 80 - "type": "custom", 81 - "format": "\u001b[0;38;2;203;166;247mโ•ฐโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ•ฏ\u001b[0m" 82 - } 83 - ] 84 - }
-184
external/config/hypr/hyprland.conf
··· 1 - monitor = HDMI-A-1, 1920x1080, 0x0, 1 2 - 3 - env = LIBVA_DRIVER_NAME,nvidia 4 - env = __GLX_VENDOR_LIBRARY_NAME,nvidia 5 - 6 - exec-once = hyprctl setcursor 'catppuccin-mocha-dark-cursors' 24 7 - exec-once = hyprpaper & 8 - exec-once = waybar & 9 - exec-once = [workspace 10 silent] vesktop 10 - 11 - env = XCURSOR_THEME,catppuccin-mocha-dark-cursors 12 - env = HYPRCURSOR_THEME,catppuccin-mocha-dark-cursors 13 - env = XCURSOR_SIZE,24 14 - env = HYPRCURSOR_SIZE,24 15 - 16 - ################### 17 - ### PERMISSIONS ### 18 - ################### 19 - 20 - # See https://wiki.hyprland.org/Configuring/Permissions/ 21 - # Please note permission changes here require a Hyprland restart and are not applied on-the-fly 22 - # for security reasons 23 - 24 - # ecosystem { 25 - # enforce_permissions = 1 26 - # } 27 - 28 - # permission = /usr/(bin|local/bin)/grim, screencopy, allow 29 - # permission = /usr/(lib|libexec|lib64)/xdg-desktop-portal-hyprland, screencopy, allow 30 - # permission = /usr/(bin|local/bin)/hyprpm, plugin, allow 31 - 32 - general { 33 - gaps_in = 5 34 - gaps_out = 5 35 - 36 - border_size = 2 37 - 38 - col.active_border = rgb(b4befe) 39 - col.inactive_border = rgb(313244) 40 - 41 - resize_on_border = false 42 - 43 - allow_tearing = false 44 - 45 - layout = master 46 - } 47 - 48 - decoration { 49 - active_opacity = 1.0 50 - inactive_opacity = 1.0 51 - 52 - shadow { 53 - enabled = false 54 - } 55 - 56 - blur { 57 - enabled = false 58 - } 59 - } 60 - 61 - animations { 62 - enabled = yes, please :) 63 - 64 - bezier = easeOutQuint,0.23,1,0.32,1 65 - bezier = easeInOutCubic,0.65,0.05,0.36,1 66 - bezier = linear,0,0,1,1 67 - bezier = almostLinear,0.5,0.5,0.75,1.0 68 - bezier = quick,0.15,0,0.1,1 69 - 70 - animation = global, 1, 10, default 71 - animation = border, 1, 5.39, easeOutQuint 72 - animation = windows, 1, 4.79, easeOutQuint 73 - animation = windowsIn, 1, 4.1, easeOutQuint, popin 87% 74 - animation = windowsOut, 1, 1.49, linear, popin 87% 75 - animation = fadeIn, 1, 1.73, almostLinear 76 - animation = fadeOut, 1, 1.46, almostLinear 77 - animation = fade, 1, 3.03, quick 78 - animation = layers, 1, 3.81, easeOutQuint 79 - animation = layersIn, 1, 4, easeOutQuint, fade 80 - animation = layersOut, 1, 1.5, linear, fade 81 - animation = fadeLayersIn, 1, 1.79, almostLinear 82 - animation = fadeLayersOut, 1, 1.39, almostLinear 83 - animation = workspaces, 1, 1.94, almostLinear, fade 84 - animation = workspacesIn, 1, 1.21, almostLinear, fade 85 - animation = workspacesOut, 1, 1.94, almostLinear, fade 86 - } 87 - 88 - master { 89 - new_status = slave 90 - } 91 - 92 - misc { 93 - disable_hyprland_logo = true 94 - } 95 - 96 - input { 97 - kb_layout = pl 98 - 99 - follow_mouse = 1 100 - 101 - accel_profile = flat 102 - force_no_accel = true 103 - sensitivity = 0 104 - 105 - repeat_delay = 180 106 - repeat_rate = 60 107 - 108 - touchpad { 109 - natural_scroll = false 110 - } 111 - } 112 - 113 - cursor { 114 - no_warps = true 115 - } 116 - 117 - gestures { 118 - workspace_swipe = true 119 - } 120 - 121 - xwayland { 122 - force_zero_scaling = true 123 - } 124 - 125 - opengl { 126 - nvidia_anti_flicker = true 127 - } 128 - 129 - $mainMod = SUPER 130 - 131 - bind = $mainMod, RETURN, exec, kitty 132 - bind = $mainMod SHIFT, C, killactive, 133 - bind = $mainMod SHIFT, Q, exit, 134 - bind = $mainMod, SPACE, togglefloating, 135 - bind = $mainMod SHIFT, RETURN, exec, rofi -show drun 136 - bind = $mainMod, F, fullscreen 137 - 138 - bind = $mainMod, H, movefocus, l 139 - bind = $mainMod, L, movefocus, r 140 - bind = $mainMod, K, movefocus, u 141 - bind = $mainMod, J, movefocus, d 142 - 143 - bind = $mainMod, 1, workspace, 1 144 - bind = $mainMod, 2, workspace, 2 145 - bind = $mainMod, 3, workspace, 3 146 - bind = $mainMod, 4, workspace, 4 147 - bind = $mainMod, 5, workspace, 5 148 - bind = $mainMod, 6, workspace, 6 149 - bind = $mainMod, 7, workspace, 7 150 - bind = $mainMod, 8, workspace, 8 151 - bind = $mainMod, 9, workspace, 9 152 - bind = $mainMod, 0, workspace, 10 153 - 154 - bind = $mainMod SHIFT, 1, movetoworkspacesilent, 1 155 - bind = $mainMod SHIFT, 2, movetoworkspacesilent, 2 156 - bind = $mainMod SHIFT, 3, movetoworkspacesilent, 3 157 - bind = $mainMod SHIFT, 4, movetoworkspacesilent, 4 158 - bind = $mainMod SHIFT, 5, movetoworkspacesilent, 5 159 - bind = $mainMod SHIFT, 6, movetoworkspacesilent, 6 160 - bind = $mainMod SHIFT, 7, movetoworkspacesilent, 7 161 - bind = $mainMod SHIFT, 8, movetoworkspacesilent, 8 162 - bind = $mainMod SHIFT, 9, movetoworkspacesilent, 9 163 - bind = $mainMod SHIFT, 0, movetoworkspacesilent, 10 164 - 165 - bindm = $mainMod, mouse:272, movewindow 166 - bindm = $mainMod, mouse:273, resizewindow 167 - 168 - bind = ,Print, exec, grim -g "$(slurp)" - | wl-copy 169 - 170 - bindl = , XF86AudioNext, exec, playerctl next 171 - bindl = , XF86AudioPause, exec, playerctl play-pause 172 - bindl = , XF86AudioPlay, exec, playerctl play-pause 173 - bindl = , XF86AudioPrev, exec, playerctl previous 174 - 175 - windowrule = workspacesilent 10, class:vesktop 176 - windowrule = workspacesilent 9, class:spotify 177 - 178 - windowrule = suppressevent maximize, class:.* 179 - windowrule = nofocus,class:^$,title:^$,xwayland:1,floating:1,fullscreen:0,pinned:0 180 - 181 - windowrulev2 = size 800 450, title:(Picture-in-Picture|Discord Popout) 182 - windowrulev2 = move 1120 630, title:(Picture-in-Picture|Discord Popout) 183 - windowrulev2 = float, title:(Picture-in-Picture|Discord Popout) 184 - windowrulev2 = pin, title:^(Picture-in-Picture|Discord Popout)
-2
external/config/hypr/hyprpaper.conf
··· 1 - preload = /home/adam/.wallpaper.jpg 2 - wallpaper = , /home/adam/.wallpaper.jpg
+58
external/config/quickshell/Modules/Bar/Bar.qml
··· 1 + import QtQuick 2 + import QtQuick.Layouts 3 + import Quickshell 4 + 5 + PanelWindow { 6 + anchors { 7 + top: true 8 + left: true 9 + right: true 10 + } 11 + 12 + implicitHeight: 30 13 + color: colBase 14 + 15 + Workspaces { 16 + anchors { 17 + verticalCenter: parent.verticalCenter 18 + left: parent.left 19 + leftMargin: 10 20 + } 21 + } 22 + 23 + Music { 24 + anchors.centerIn: parent 25 + } 26 + 27 + RowLayout { 28 + anchors { 29 + verticalCenter: parent.verticalCenter 30 + right: parent.right 31 + rightMargin: 10 32 + } 33 + 34 + Txt { 35 + id: timeTxt 36 + text: Qt.formatDateTime(new Date(), "hh:mm AP") 37 + 38 + Timer { 39 + interval: 10000 40 + running: true 41 + repeat: true 42 + onTriggered: timeTxt.text = Qt.formatDateTime(new Date(), "hh:mm AP") 43 + } 44 + } 45 + Spacer {} 46 + Txt { 47 + id: dateTxt 48 + text: Qt.formatDateTime(new Date(), "yyyy-MM-dd") 49 + 50 + Timer { 51 + interval: 600000 52 + running: true 53 + repeat: true 54 + onTriggered: dateTxt.text = Qt.formatDateTime(new Date(), "yyyy-MM-dd") 55 + } 56 + } 57 + } 58 + }
+45
external/config/quickshell/Modules/Bar/Music.qml
··· 1 + import QtQuick 2 + import QtQuick.Layouts 3 + import Quickshell.Io 4 + 5 + RowLayout { 6 + Txt { 7 + id: musicArtistTxt 8 + } 9 + Txt { 10 + text: if (musicArtistTxt.text !== "" && musicTitleTxt.text !== "") { 11 + " ๓ฐŽ‡ "; 12 + } else { 13 + "๎ปญ"; 14 + } 15 + color: colOverlay 16 + } 17 + Txt { 18 + id: musicTitleTxt 19 + } 20 + 21 + Process { 22 + id: musicProc 23 + running: true 24 + command: ["playerctl", "metadata", "--format", "{{ artist }} || {{ title }}"] 25 + stdout: StdioCollector { 26 + onStreamFinished: { 27 + let parts = this.text.trim().split(" || "); 28 + if (parts.length === 2) { 29 + musicArtistTxt.text = parts[0]; 30 + musicTitleTxt.text = parts[1]; 31 + } else { 32 + musicArtistTxt.text = ""; 33 + musicTitleTxt.text = ""; 34 + } 35 + } 36 + } 37 + } 38 + 39 + Timer { 40 + interval: 5000 41 + running: true 42 + repeat: true 43 + onTriggered: musicProc.running = true 44 + } 45 + }
+9
external/config/quickshell/Modules/Bar/Spacer.qml
··· 1 + import QtQuick 2 + import QtQuick.Layouts 3 + 4 + Rectangle { 5 + Layout.preferredWidth: 2 6 + Layout.preferredHeight: 20 7 + Layout.margins: 4 8 + color: colOverlay 9 + }
+7
external/config/quickshell/Modules/Bar/Txt.qml
··· 1 + import QtQuick 2 + 3 + Text { 4 + color: colText 5 + font.family: fontFamily 6 + font.pixelSize: fontSize 7 + }
+17
external/config/quickshell/Modules/Bar/Workspaces.qml
··· 1 + import QtQuick 2 + import QtQuick.Layouts 3 + 4 + RowLayout { 5 + spacing: 20 6 + Repeater { 7 + model: wmWSC 8 + Txt { 9 + text: "๎ฎด" 10 + color: if (index + 1 === wmWSA) { 11 + colAccent; 12 + } else { 13 + colOverlay; 14 + } 15 + } 16 + } 17 + }
+15
external/config/quickshell/Services/Niri/Niri.qml
··· 1 + import Quickshell 2 + import Quickshell.Io 3 + 4 + import "niri.mjs" as Niri 5 + 6 + Process { 7 + id: niriEventStream 8 + running: true 9 + command: ["niri", "msg", "--json", "event-stream"] 10 + stdout: SplitParser { 11 + onRead: data => { 12 + Niri.handleEvent(data, root); 13 + } 14 + } 15 + }
+7
external/config/quickshell/Services/Niri/niri.mjs
··· 1 + export const handleEvent = (evRaw, ns) => { 2 + const ev = JSON.parse(evRaw); 3 + 4 + if (ev.WorkspaceActivated) ns.wmWSA = ev.WorkspaceActivated.id; 5 + else if (ev.WorkspacesChanged) ns.wmWSC = ev.WorkspacesChanged.workspaces.filter(w => w.name) 6 + .length; 7 + };
+31
external/config/quickshell/shell.qml
··· 1 + import QtQuick 2 + import Quickshell 3 + 4 + import "Modules/Bar" 5 + import "Services/Niri" 6 + 7 + ShellRoot { 8 + id: root 9 + 10 + property color colBase: "#1e1e2e" 11 + property color colText: "#cdd6f4" 12 + property color colOverlay: "#6c7086" 13 + property color colAccent: "#b4befe" 14 + property color colSecond: "#cba6f7" 15 + 16 + property string fontFamily: "Maple Mono NF" 17 + property int fontSize: 14 18 + 19 + property int wmWSC 20 + property int wmWSA 21 + 22 + LazyLoader { 23 + active: true 24 + component: Niri {} 25 + } 26 + 27 + LazyLoader { 28 + active: true 29 + component: Bar {} 30 + } 31 + }
-17
external/scripts/ff.sh
··· 1 - #! /usr/bin/env bash 2 - 3 - set -eo pipefail 4 - 5 - if [[ -n $FF_SKIP ]]; then 6 - FF_SKIP= 7 - exit 0 8 - fi 9 - 10 - kitget_output="$(mktemp --suffix=-kitget.png)" 11 - 12 - if [[ -n $FF_NO_KITGET ]] || ! kitget --square -o "$kitget_output" &>/dev/null; then 13 - fastfetch --logo nixos_small --logo-padding-top 3 "$@" 14 - else 15 - fastfetch --kitty "$kitget_output" "$@" 16 - rm -f "$kitget_output" 17 - fi
+1 -1
external/zsh/functions.zsh
··· 3 3 } 4 4 5 5 function nixpkgs-build() { 6 - nix-build -E "with import <nixpkgs> {}; callPackage ./$1 {}" 6 + nix-build -E "with import <nixpkgs> {}; callPackage ./$1 {}" --log-format internal-json -v |& nom --json 7 7 } 8 8 9 9 function nixpkgs-review-gha() {
+2
external/zsh/prompt.zsh
··· 67 67 else 68 68 PROMPT="${vcs_info_msg_0_} ${nix_shell}${newline}${baseprompt}" 69 69 fi 70 + 71 + printf '\e[5 q' 70 72 }
+105 -64
flake.lock
··· 29 29 }, 30 30 "anvim": { 31 31 "inputs": { 32 + "neovim-nightly": "neovim-nightly", 32 33 "nixpkgs": [ 33 34 "nixpkgs" 34 35 ] 35 36 }, 36 37 "locked": { 37 - "lastModified": 1764513266, 38 - "narHash": "sha256-Ry3v336Fzvmkh+WRb16+nJ1iaImT2N9Z3oJTus4vFjQ=", 39 - "owner": "adamperkowski", 40 - "repo": "anvim", 41 - "rev": "4fe81e137bb94be36708c841d2e764431dd990e5", 42 - "type": "github" 38 + "lastModified": 1767835245, 39 + "narHash": "sha256-U2JarlML426gEC7cjWErNMpeF2+/XkW2HX5D6VOARu8=", 40 + "rev": "0e89ca2859ae7d24b6d8f3311895e995313007b1", 41 + "type": "tarball", 42 + "url": "https://codeberg.org/api/v1/repos/koibtw/anvim/archive/0e89ca2859ae7d24b6d8f3311895e995313007b1.tar.gz?rev=0e89ca2859ae7d24b6d8f3311895e995313007b1" 43 + }, 44 + "original": { 45 + "type": "tarball", 46 + "url": "https://codeberg.org/koibtw/anvim/archive/main.tar.gz" 47 + } 48 + }, 49 + "cuteff": { 50 + "inputs": { 51 + "nixpkgs": [ 52 + "nixpkgs" 53 + ] 54 + }, 55 + "locked": { 56 + "lastModified": 1766788905, 57 + "narHash": "sha256-rOQZos+yJSiHg+G4iB9lXO+u7PPFYgkV/65b6yPS2w0=", 58 + "rev": "71c9288c5d981f981bb6a42e5bc17a14dc2e9eb8", 59 + "type": "tarball", 60 + "url": "https://codeberg.org/api/v1/repos/koibtw/cuteff/archive/71c9288c5d981f981bb6a42e5bc17a14dc2e9eb8.tar.gz?rev=71c9288c5d981f981bb6a42e5bc17a14dc2e9eb8" 43 61 }, 44 62 "original": { 45 - "owner": "adamperkowski", 46 - "repo": "anvim", 47 - "type": "github" 63 + "type": "tarball", 64 + "url": "https://codeberg.org/koibtw/cuteff/archive/main.tar.gz" 48 65 } 49 66 }, 50 67 "darwin": { ··· 69 86 "type": "github" 70 87 } 71 88 }, 89 + "flake-parts": { 90 + "inputs": { 91 + "nixpkgs-lib": [ 92 + "anvim", 93 + "neovim-nightly", 94 + "nixpkgs" 95 + ] 96 + }, 97 + "locked": { 98 + "lastModified": 1765835352, 99 + "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=", 100 + "owner": "hercules-ci", 101 + "repo": "flake-parts", 102 + "rev": "a34fae9c08a15ad73f295041fec82323541400a9", 103 + "type": "github" 104 + }, 105 + "original": { 106 + "owner": "hercules-ci", 107 + "repo": "flake-parts", 108 + "type": "github" 109 + } 110 + }, 72 111 "flake-utils": { 73 112 "inputs": { 74 113 "systems": "systems" ··· 94 133 ] 95 134 }, 96 135 "locked": { 97 - "lastModified": 1764536451, 98 - "narHash": "sha256-BgtcUkBfItu9/yU14IgUaj4rYOanTOUZjUfBP20/ZB4=", 136 + "lastModified": 1767619900, 137 + "narHash": "sha256-KpoCBPvwHz3gAQtIUkohE2InRBFK3r0/FM6z5SPWfvM=", 99 138 "owner": "nix-community", 100 139 "repo": "home-manager", 101 - "rev": "3fdd076e08049a9c7a83149b270440d9787d2df5", 140 + "rev": "6bd04da47cfb48dfd15eabf08364b78ad894f5b2", 102 141 "type": "github" 103 142 }, 104 143 "original": { ··· 131 170 "type": "github" 132 171 } 133 172 }, 173 + "neovim-nightly": { 174 + "inputs": { 175 + "flake-parts": "flake-parts", 176 + "neovim-src": "neovim-src", 177 + "nixpkgs": [ 178 + "anvim", 179 + "nixpkgs" 180 + ] 181 + }, 182 + "locked": { 183 + "lastModified": 1767225850, 184 + "narHash": "sha256-gmoKSWO4DM/VnlskS9UmQnXyZTm0xcl4cDx3e/CJZeY=", 185 + "owner": "nix-community", 186 + "repo": "neovim-nightly-overlay", 187 + "rev": "dfbb35b3cf396ead65028b7023f07f51927f86e3", 188 + "type": "github" 189 + }, 190 + "original": { 191 + "owner": "nix-community", 192 + "repo": "neovim-nightly-overlay", 193 + "type": "github" 194 + } 195 + }, 196 + "neovim-src": { 197 + "flake": false, 198 + "locked": { 199 + "lastModified": 1767222005, 200 + "narHash": "sha256-SewYGH53QWyiHBNCxJuyESu/D7v0tXi2oq3NREI/AeA=", 201 + "owner": "neovim", 202 + "repo": "neovim", 203 + "rev": "170992c8d218f28dcffd967ecc2bae3fb3c46545", 204 + "type": "github" 205 + }, 206 + "original": { 207 + "owner": "neovim", 208 + "repo": "neovim", 209 + "type": "github" 210 + } 211 + }, 134 212 "niri": { 135 213 "inputs": { 136 214 "niri-stable": "niri-stable", 137 215 "niri-unstable": "niri-unstable", 138 216 "nixpkgs": [ 139 - "nixpkgs-unstable" 217 + "nixpkgs" 140 218 ], 141 219 "nixpkgs-stable": [ 142 220 "nixpkgs" ··· 145 223 "xwayland-satellite-unstable": "xwayland-satellite-unstable" 146 224 }, 147 225 "locked": { 148 - "lastModified": 1764488513, 149 - "narHash": "sha256-xBUnv+ndZxRbY9mYSPEP0afaZRUVXDFcJx0WMD4ypfs=", 226 + "lastModified": 1767544157, 227 + "narHash": "sha256-DVTMOUd4uHkDcZXWAqOS+Pa0M9a27G1Ya3B7SFG6BQs=", 150 228 "owner": "sodiboo", 151 229 "repo": "niri-flake", 152 - "rev": "9e3bbd170669d10846bae68d23dabef11832f8f2", 230 + "rev": "d0e2c4bebf9d0b879410736f7abce628976bfb92", 153 231 "type": "github" 154 232 }, 155 233 "original": { ··· 178 256 "niri-unstable": { 179 257 "flake": false, 180 258 "locked": { 181 - "lastModified": 1764485473, 182 - "narHash": "sha256-RlGEcuZFB/IdvYLrYsf0RpgvNtCMyIuBLt3lS+GZvP8=", 259 + "lastModified": 1767530622, 260 + "narHash": "sha256-ywnL1cc0A6fni7m859ImiBYA8DlXXJ+5OXIlcBqJ2B0=", 183 261 "owner": "YaLTeR", 184 262 "repo": "niri", 185 - "rev": "311ca6b5da19f5acd7d3e481620de57240ce8f7c", 263 + "rev": "54c2e2ab476629d17fdba861895f58e7cdac32ab", 186 264 "type": "github" 187 265 }, 188 266 "original": { ··· 207 285 "type": "github" 208 286 } 209 287 }, 210 - "nixpkgs-unstable": { 211 - "locked": { 212 - "lastModified": 1764527385, 213 - "narHash": "sha256-gpwyCnyi2or0InBXe+4I9YeED3Uly3EGH58qvVnchBY=", 214 - "rev": "23258e03aaa49b3a68597e3e50eb0cbce7e42e9d", 215 - "type": "tarball", 216 - "url": "https://releases.nixos.org/nixpkgs/nixpkgs-26.05pre904683.23258e03aaa4/nixexprs.tar.xz?lastModified=1764527385&rev=23258e03aaa49b3a68597e3e50eb0cbce7e42e9d" 217 - }, 218 - "original": { 219 - "type": "tarball", 220 - "url": "https://channels.nixos.org/nixpkgs-unstable/nixexprs.tar.xz" 221 - } 222 - }, 223 288 "nixpkgs_2": { 224 289 "locked": { 225 - "lastModified": 1764494334, 226 - "narHash": "sha256-MtiuWNmHyb23Fuv2ggpZpp+48/pr2C4lEhLejAeO9rE=", 227 - "rev": "d542db745310b6929708d9abea513f3ff19b1341", 290 + "lastModified": 1767480499, 291 + "narHash": "sha256-EFkzO1bnguFRUEeNvdkkGEU/P35obLVp+36NuaIQSr8=", 292 + "rev": "30a3c519afcf3f99e2c6df3b359aec5692054d92", 228 293 "type": "tarball", 229 - "url": "https://releases.nixos.org/nixos/25.11/nixos-25.11.612.d542db745310/nixexprs.tar.xz?lastModified=1764494334&rev=d542db745310b6929708d9abea513f3ff19b1341" 294 + "url": "https://releases.nixos.org/nixos/25.11/nixos-25.11.3202.30a3c519afcf/nixexprs.tar.xz?lastModified=1767480499&rev=30a3c519afcf3f99e2c6df3b359aec5692054d92" 230 295 }, 231 296 "original": { 232 297 "type": "tarball", ··· 237 302 "inputs": { 238 303 "agenix": "agenix", 239 304 "anvim": "anvim", 305 + "cuteff": "cuteff", 240 306 "home-manager": "home-manager", 241 307 "iamb": "iamb", 242 308 "niri": "niri", 243 309 "nixpkgs": "nixpkgs_2", 244 - "nixpkgs-unstable": "nixpkgs-unstable", 245 - "spicetify-nix": "spicetify-nix", 246 310 "systems": "systems_2" 247 311 } 248 312 }, ··· 264 328 "type": "github" 265 329 } 266 330 }, 267 - "spicetify-nix": { 268 - "inputs": { 269 - "nixpkgs": [ 270 - "nixpkgs" 271 - ], 272 - "systems": [ 273 - "systems" 274 - ] 275 - }, 276 - "locked": { 277 - "lastModified": 1763985453, 278 - "narHash": "sha256-vUqODgLIjeyHN7DP8dVx7oH9yB/L8qcxpN//4EmMQcM=", 279 - "owner": "Gerg-L", 280 - "repo": "spicetify-nix", 281 - "rev": "89cd40c646ec5b12e5c20c0e18f082e7629d4819", 282 - "type": "github" 283 - }, 284 - "original": { 285 - "owner": "Gerg-L", 286 - "repo": "spicetify-nix", 287 - "type": "github" 288 - } 289 - }, 290 331 "systems": { 291 332 "locked": { 292 333 "lastModified": 1681028828, ··· 337 378 "xwayland-satellite-unstable": { 338 379 "flake": false, 339 380 "locked": { 340 - "lastModified": 1764366786, 341 - "narHash": "sha256-yVCJ4Qe/JkdKDu0DddFdAQgDQVeF12nxH7zv3jtooV4=", 381 + "lastModified": 1766429945, 382 + "narHash": "sha256-9Kv4gWagx/u4RfZJzBMAoagW9ava5waxd+XoTkzqF7E=", 342 383 "owner": "Supreeeme", 343 384 "repo": "xwayland-satellite", 344 - "rev": "b362a3873710a42f7ac2d8ba03772d8290733934", 385 + "rev": "0dde7ca1d3a8e8c5082533d76084e2aa02bef70e", 345 386 "type": "github" 346 387 }, 347 388 "original": {
+9 -10
flake.nix
··· 3 3 4 4 inputs = { 5 5 nixpkgs.url = "https://channels.nixos.org/nixos-25.11/nixexprs.tar.xz"; 6 - nixpkgs-unstable.url = "https://channels.nixos.org/nixpkgs-unstable/nixexprs.tar.xz"; 6 + # nixpkgs-unstable.url = "https://channels.nixos.org/nixpkgs-unstable/nixexprs.tar.xz"; 7 7 systems.url = "github:nix-systems/default"; 8 8 9 9 home-manager = { ··· 12 12 }; 13 13 14 14 anvim = { 15 - url = "github:adamperkowski/anvim"; 15 + url = "https://codeberg.org/koibtw/anvim/archive/main.tar.gz"; 16 + inputs.nixpkgs.follows = "nixpkgs"; 17 + }; 18 + 19 + cuteff = { 20 + url = "https://codeberg.org/koibtw/cuteff/archive/main.tar.gz"; 16 21 inputs.nixpkgs.follows = "nixpkgs"; 17 22 }; 18 23 19 24 niri = { 20 25 url = "github:sodiboo/niri-flake"; 21 - inputs.nixpkgs.follows = "nixpkgs-unstable"; 26 + # inputs.nixpkgs.follows = "nixpkgs-unstable"; 27 + inputs.nixpkgs.follows = "nixpkgs"; 22 28 inputs.nixpkgs-stable.follows = "nixpkgs"; 23 29 }; 24 30 25 31 iamb = { 26 32 url = "github:ulyssa/iamb/v0.0.11-alpha.1"; 27 33 inputs.nixpkgs.follows = "nixpkgs"; 28 - }; 29 - 30 - spicetify-nix = { 31 - url = "github:Gerg-L/spicetify-nix"; 32 - inputs.nixpkgs.follows = "nixpkgs"; 33 - inputs.systems.follows = "systems"; 34 34 }; 35 35 36 36 agenix = { ··· 59 59 }; 60 60 61 61 mkDesktopHost = name: mkHost name [ ./modules/desktop ]; 62 - mkServerHost = name: mkHost name; 63 62 in 64 63 { 65 64 nixosConfigurations = {
+29
formatter.nix
··· 3 3 pkgs.treefmt.withConfig { 4 4 runtimeInputs = with pkgs; [ 5 5 nixfmt-rfc-style 6 + js-beautify 6 7 shfmt 8 + kdePackages.qtdeclarative 7 9 ]; 8 10 9 11 settings = { ··· 16 18 includes = [ "*.nix" ]; 17 19 }; 18 20 21 + js-beautify = { 22 + command = "js-beautify"; 23 + options = [ 24 + "--replace" 25 + "--editorconfig" 26 + "--jslint-happy" 27 + "--max-preserve-newlines" 28 + "2" 29 + ]; 30 + includes = [ 31 + "*.js" 32 + "*.mjs" 33 + "*.css" 34 + ]; 35 + }; 36 + 19 37 shfmt = { 20 38 command = "shfmt"; 21 39 options = [ "-w" ]; ··· 24 42 "*.bash" 25 43 # "*.zsh" # https://github.com/mvdan/sh/issues/120 26 44 ]; 45 + }; 46 + 47 + qmlformat = { 48 + command = "qmlformat"; 49 + options = [ 50 + "--inplace" 51 + "--sort-imports" 52 + "--indent-width" 53 + "2" 54 + ]; 55 + includes = [ "*.qml" ]; 27 56 }; 28 57 }; 29 58 };
-17
home/adam.nix
··· 1 - { 2 - home = { 3 - username = "adam"; 4 - homeDirectory = "/home/adam"; 5 - stateVersion = "25.11"; 6 - }; 7 - 8 - imports = [ 9 - ./modules/external.nix 10 - ./modules/xdg.nix 11 - ./modules/age.nix 12 - ./modules/theme.nix 13 - ./modules/packages.nix 14 - ./modules/wallpaper.nix 15 - ./modules/programs 16 - ]; 17 - }
+17
home/koi.nix
··· 1 + { 2 + home = { 3 + username = "koi"; 4 + homeDirectory = "/home/koi"; 5 + stateVersion = "25.11"; 6 + }; 7 + 8 + imports = [ 9 + ./modules/external.nix 10 + ./modules/xdg.nix 11 + ./modules/age.nix 12 + ./modules/theme.nix 13 + ./modules/packages.nix 14 + ./modules/wallpaper.nix 15 + ./modules/programs 16 + ]; 17 + }
+3 -2
home/modules/packages.nix
··· 3 3 { 4 4 home.packages = with pkgs; [ 5 5 nix-output-monitor 6 + jellyfin-mpv-shim 6 7 jellyfin-tui 7 8 prettyping 8 - fastfetch 9 9 playerctl 10 10 lsd 11 11 jq 12 12 gh 13 + codeberg-cli 13 14 14 15 signal-desktop 15 16 16 17 noto-fonts 17 18 noto-fonts-cjk-sans 18 19 noto-fonts-color-emoji 19 - nerd-fonts.fira-code 20 + maple-mono.NF 20 21 21 22 wl-clipboard 22 23
+3 -1
home/modules/programs/chromium.nix
··· 4 4 programs.chromium = { 5 5 enable = true; 6 6 extensions = [ 7 - "fgmjlmbojbkmdpofahffgcpkhkngfpef" # Startpage 7 + "jegbdohdgebjljoljfeinojeobdabpjo" # Redirector 8 8 "bgnkhhnnamicmpeenaelnjfhikgbkllg" # AdGuard AdBlocker 9 + "nngceckbapebfimnlniiiahkandclblb" # Bitwarden Password Manager 10 + "hkgfoiooedgoejojocmhlaklaeopbecg" # Picture-in-Picture Extension (by Google) 9 11 "bkkmolkhemgaeaeggcmfbghljjjoofoh" # Catppuccin Chrome Theme - Mocha 10 12 "lnjaiaapbakfhlbjenjkhffcdpoompki" # Catppuccin for Web File Explorer Icons 11 13 "kaalofacklcidaampbokdplbklpeldpj" # Wide GitHub
+43
home/modules/programs/cuteff.nix
··· 1 + { inputs, ... }: 2 + 3 + { 4 + imports = [ inputs.cuteff.homeManagerModules.default ]; 5 + programs.cuteff = { 6 + enable = true; 7 + settings = { 8 + padding = 2; 9 + paddingTop = 1; 10 + paddingBottom = 1; 11 + 12 + colors = { 13 + "1" = "180;190;254"; 14 + "2" = "203;166;247"; 15 + }; 16 + 17 + headerCats = true; 18 + 19 + modules = [ 20 + { 21 + name = "๏Šฝ user"; 22 + stat = "username"; 23 + } 24 + { 25 + name = "๏ˆณ host"; 26 + stat = "hostname"; 27 + } 28 + { 29 + name = "๏‡พ uptime"; 30 + stat = "uptime"; 31 + } 32 + { 33 + name = "๎ทฉ distro"; 34 + stat = "distro"; 35 + } 36 + { 37 + name = "๏€“ kernel"; 38 + stat = "kernel"; 39 + } 40 + ]; 41 + }; 42 + }; 43 + }
+4 -2
home/modules/programs/default.nix
··· 1 1 { 2 2 imports = [ 3 3 ./git.nix 4 + ./fzf.nix 4 5 ./zsh.nix 5 6 ./iamb.nix 6 7 ./direnv.nix 7 8 ./zoxide.nix 8 9 ./neovim.nix 10 + ./cuteff.nix 9 11 ./jellyfin-rpc.nix 10 12 11 13 ./niri.nix 12 14 13 15 ./swww.nix 14 16 ./rofi.nix 15 - ./kitty.nix 17 + ./foot.nix 16 18 ./dunst.nix 17 - ./waybar.nix 19 + ./quickshell.nix 18 20 19 21 ./vesktop.nix 20 22 ./chromium.nix
+1 -1
home/modules/programs/dunst.nix
··· 11 11 origin = "top-right"; 12 12 width = "(78, 400)"; 13 13 offset = "(0,0)"; 14 - font = "FiraCode Nerd Font 10"; 14 + font = "Maple Mono NF 10"; 15 15 16 16 frame_color = "#b4befe"; 17 17 separator_color = "frame";
+26
home/modules/programs/foot.nix
··· 1 + { pkgs, ... }: 2 + 3 + let 4 + catppuccin = pkgs.fetchurl { 5 + url = "https://raw.githubusercontent.com/catppuccin/foot/8d263e0e6b58a6b9ea507f71e4dbf6870aaf8507/themes/catppuccin-mocha.ini"; 6 + hash = "sha256-rVWISDKhJfH1mbEkFEQ6JSq3fFmZk86EJgKS694LbOs="; 7 + }; 8 + in 9 + { 10 + programs.foot = { 11 + enable = true; 12 + server.enable = true; 13 + settings = { 14 + main = { 15 + include = builtins.toString catppuccin; 16 + font = "Maple Mono NF:pixelsize=15"; 17 + dpi-aware = "yes"; 18 + }; 19 + cursor = { 20 + style = "beam"; 21 + blink = "yes"; 22 + }; 23 + colors.cursor = "11111b b4befe"; 24 + }; 25 + }; 26 + }
+30
home/modules/programs/fzf.nix
··· 1 + { 2 + programs.fzf = { 3 + enable = true; 4 + enableZshIntegration = true; 5 + 6 + colors = { 7 + bg = "#1e1e2e"; 8 + "bg+" = "#313244"; 9 + selected-bg = "#45475a"; 10 + fg = "#cdd6f4"; 11 + "fg+" = "#cdd6f4"; 12 + label = "#cdd6f4"; 13 + hl = "#cba6f7"; 14 + "hl+" = "#cba6f7"; 15 + header = "#f38ba8"; 16 + info = "#b4befe"; 17 + prompt = "#b4befe"; 18 + border = "#6c7086"; 19 + marker = "#a6adc8"; 20 + pointer = "#a6adc8"; 21 + spinner = "#a6adc8"; 22 + }; 23 + 24 + defaultOptions = [ 25 + "--height=30%" 26 + "--info=inline" 27 + "--layout=reverse" 28 + ]; 29 + }; 30 + }
+10
home/modules/programs/git.nix
··· 51 51 remoteBranch = "magenta"; 52 52 }; 53 53 54 + commit.template = "~/.gitmessage"; 54 55 init.defaultBranch = "main"; 55 56 }; 56 57 }; ··· 61 62 }; 62 63 }; 63 64 65 + home.file.".gitmessage".text = '' 66 + 67 + 68 + # remember to set commit author to pr author when merging 69 + # Reviewed-on: 70 + # Reviewed-by: koi <me@koi.rip> 71 + # Signed-off-by: koi <me@koi.rip> 72 + # Co-authored-by: user <user@users.noreply.github.com> 73 + ''; 64 74 }
+11 -2
home/modules/programs/iamb.nix
··· 6 6 package = inputs.iamb.packages.${pkgs.stdenv.system}.default; 7 7 8 8 settings = { 9 - profiles.user.user_id = "@adam:matrix.system72.dev"; 9 + profiles.user.user_id = "@koi:system72.dev"; 10 10 dirs.downloads = "/tmp/downloads"; 11 11 settings = { 12 + user_gutter_width = 20; 12 13 username_display = "displayname"; 14 + typing_notice_send = false; 13 15 notifications.enabled = true; 14 - image_preview.protocol.type = "kitty"; 16 + image_preview.protocol.type = "sixel"; 17 + layout.style = "restore"; 18 + sort.rooms = [ 19 + "favorite" 20 + "recent" 21 + "unread" 22 + "name" 23 + ]; 15 24 }; 16 25 }; 17 26 };
-18
home/modules/programs/kitty.nix
··· 1 - { 2 - programs.kitty = { 3 - enable = true; 4 - themeFile = "Catppuccin-Mocha"; 5 - font.name = "Fira Code Nerd Font"; 6 - shellIntegration.enableZshIntegration = true; 7 - shellIntegration.mode = "no-rc no-cursor"; 8 - settings = { 9 - cursor = "#b4befe"; 10 - cursor_shape = "beam"; 11 - cursor_shape_unfocused = "hollow"; 12 - cursor_trail = 1; 13 - cursor_trail_decay = "0.05 0.2"; 14 - cursor_trail_start_threshold = 2; 15 - enable_audio_bell = false; 16 - }; 17 - }; 18 - }
-6
home/modules/programs/neovim.nix
··· 17 17 bash-language-server 18 18 nixd 19 19 ]; 20 - 21 - age.secrets.wakatime = { 22 - file = ../../../secrets/wakatime.cfg.age; 23 - mode = "0400"; 24 - path = "${config.home.homeDirectory}/.wakatime.cfg"; 25 - }; 26 20 }
+2 -8
home/modules/programs/niri.nix
··· 11 11 programs.niri.settings = { 12 12 spawn-at-startup = [ 13 13 { argv = [ "swww img ~/.wallpaper.jpg" ]; } 14 - { argv = [ "waybar" ]; } 15 - { argv = [ "sleep 2; vesktop" ]; } 16 14 ]; 17 15 18 16 screenshot-path = "~/screenshots/%Y-%m-%d_%H-%M-%S.png"; ··· 128 126 open-maximized = true; 129 127 } 130 128 { 131 - matches = [ { app-id = "^steam"; } ]; 132 - open-on-workspace = "3"; 133 - open-maximized = true; 134 - } 135 - { 136 129 matches = [ { title = "^(Picture in picture|Picture-in-Picture|Discord Popout)"; } ]; 137 130 default-column-width.fixed = 800; 138 131 default-window-height.fixed = 450; 139 132 open-floating = true; 133 + open-focused = false; 140 134 default-floating-position = { 141 135 x = 0; 142 136 y = 0; ··· 164 158 binds = { 165 159 "mod+shift+slash".action.show-hotkey-overlay = [ ]; 166 160 167 - "mod+return".action.spawn = [ "kitty" ]; 161 + "mod+return".action.spawn = [ "footclient" ]; 168 162 "mod+shift+return".action.spawn = [ 169 163 "rofi" 170 164 "-show"
+6
home/modules/programs/quickshell.nix
··· 1 + { 2 + programs.quickshell = { 3 + enable = true; 4 + systemd.enable = true; 5 + }; 6 + }
+3 -3
home/modules/programs/rofi.nix
··· 3 3 let 4 4 catppuccinMocha = pkgs.fetchurl { 5 5 url = "https://raw.githubusercontent.com/catppuccin/rofi/71fb15577ccb091df2f4fc1f65710edbc61b5a53/themes/catppuccin-mocha.rasi"; 6 - sha256 = "0ikn0yc2b9cyzk4xga8mcq1j7xk2idik4wzpsibrphy8qr2pla4b"; 6 + hash = "sha256-iyh6RcbIw5tX1PdzMmOLYvYjA2YVqdfJ/J6lJZgHdkY="; 7 7 }; 8 8 catppuccinConfig = pkgs.fetchurl { 9 9 url = "https://raw.githubusercontent.com/catppuccin/rofi/71fb15577ccb091df2f4fc1f65710edbc61b5a53/catppuccin-default.rasi"; 10 - sha256 = "1f3r6yarrykj8cxvi5hblzlr5n8zbncifnxps9xl5gl32w6ysq5z"; 10 + hash = "sha256-v2DtDReDvkJ70rdbF5ldH9mS6acLlrg7Q3L6nJU3ebg="; 11 11 }; 12 12 in 13 13 { 14 14 programs.rofi = { 15 15 enable = true; 16 - font = "FiraCode Nerd Font 14"; 16 + font = "Maple Mono NF 14"; 17 17 18 18 # cool hack lmao 19 19 theme = ''
+1 -4
home/modules/programs/vesktop.nix
··· 9 9 }; 10 10 vencord.settings = { 11 11 useQuickCss = true; 12 - themeLinks = [ 13 - "https://catppuccin.github.io/discord/dist/catppuccin-mocha-lavender.theme.css" 14 - "https://raw.githubusercontent.com/mwittrien/BetterDiscordAddons/master/Themes/SettingsModal/SettingsModal.theme.css" 15 - ]; 12 + themeLinks = [ "https://catppuccin.github.io/discord/dist/catppuccin-mocha-lavender.theme.css" ]; 16 13 plugins = { 17 14 AlwaysExpandRoles.enabled = true; 18 15 AlwaysTrust = {
-180
home/modules/programs/waybar.nix
··· 1 - { pkgs, ... }: 2 - 3 - let 4 - catppuccin = pkgs.fetchurl { 5 - url = "https://raw.githubusercontent.com/catppuccin/waybar/refs/tags/v1.1/themes/mocha.css"; 6 - sha256 = "puMFl8zIKOiYhE6wzqnffXOHn/VnKmpVDzrMJMk+3Rc="; 7 - }; 8 - in 9 - { 10 - programs.waybar = { 11 - enable = true; 12 - 13 - settings = { 14 - mainBar = { 15 - layer = "top"; 16 - position = "top"; 17 - width = 1920; 18 - 19 - modules-left = [ 20 - "hyprland/workspaces" 21 - "niri/workspaces" 22 - ]; 23 - modules-center = [ "custom/music" ]; 24 - modules-right = [ 25 - "tray" 26 - "battery" 27 - "clock" 28 - ]; 29 - 30 - "hyprland/workspaces" = { 31 - disable-scroll = true; 32 - sort-by-name = true; 33 - format = " {icon} "; 34 - format-icons = { 35 - "default" = "๎ฎด"; 36 - "9" = "๓ฐ“‡"; 37 - "10" = "๏‡ฟ"; 38 - }; 39 - }; 40 - 41 - "niri/workspaces" = { 42 - disable-scroll = true; 43 - sort-by-name = true; 44 - persistent-only = true; 45 - persistent-workspaces = { 46 - "1" = [ ]; 47 - "2" = [ ]; 48 - "3" = [ ]; 49 - "4" = [ ]; 50 - }; 51 - format = "{icon}"; 52 - format-icons = { 53 - "default" = " ๎ฎด "; 54 - "social" = " ๏‡ฟ "; 55 - "5" = ""; 56 - }; 57 - }; 58 - 59 - "custom/music" = { 60 - escape = true; 61 - interval = 10; 62 - tooltop = false; 63 - exec = "playerctl metadata --format '{{ artist }} ๏€ {{ title }}'"; 64 - on-click = "playerctl play-pause"; 65 - max-length = 100; 66 - }; 67 - 68 - tray = { 69 - icon-size = 18; 70 - spacing = 10; 71 - }; 72 - 73 - battery = { 74 - states = { 75 - warning = 30; 76 - critical = 15; 77 - }; 78 - format = "{icon}"; 79 - format-charging = "๓ฐ‚„"; 80 - format-plugged = "๓ฑŸข"; 81 - format-alt = "{icon}"; 82 - format-icons = [ 83 - "๓ฐบ" 84 - "๓ฐป" 85 - "๓ฐผ" 86 - "๓ฐฝ" 87 - "๓ฐพ" 88 - "๓ฐฟ" 89 - "๓ฐ‚€" 90 - "๓ฐ‚" 91 - "๓ฐ‚‚" 92 - "๓ฐน" 93 - ]; 94 - }; 95 - 96 - clock = { 97 - timezone = "Europe/Warsaw"; 98 - format = "{:%H:%M}"; 99 - tooltip-format = "<big>{:%B %d}</big>\n<tt><small>{calendar}</small></tt>"; 100 - }; 101 - }; 102 - }; 103 - 104 - style = '' 105 - @import "${catppuccin}"; 106 - 107 - * { 108 - font-family: 'Fira Code Nerd Font', monospace; 109 - font-size: 14px; 110 - border: none; 111 - border-radius: 0; 112 - min-height: 0; 113 - } 114 - 115 - #waybar { 116 - background: transparent; 117 - color: @lavender; 118 - } 119 - 120 - #workspaces { 121 - background-color: @base; 122 - border: 2px solid @lavender; 123 - } 124 - 125 - #workspaces button { 126 - padding: 5px; 127 - margin: 0; 128 - color: @lavender; 129 - } 130 - 131 - #workspaces button#niri-workspace-5 { 132 - font-size: 0px; 133 - border: none; 134 - padding: 0px; 135 - margin: 0px; 136 - min-width: 0px; 137 - min-height: 0px; 138 - } 139 - 140 - #workspaces button.active { 141 - color: @mauve; 142 - } 143 - 144 - #custom-music, 145 - #tray, 146 - #clock, 147 - #battery { 148 - border: 2px solid @lavender; 149 - background-color: @base; 150 - padding: 0 5px; 151 - } 152 - 153 - #tray { 154 - border-right: none; 155 - } 156 - 157 - #clock { 158 - border-left: none; 159 - } 160 - 161 - #battery { 162 - border-left: none; 163 - border-right: none; 164 - color: @teal; 165 - } 166 - 167 - #battery.charging { 168 - color: @teal; 169 - } 170 - 171 - #battery.warning:not(.charging) { 172 - color: @red; 173 - } 174 - 175 - #custom-music { 176 - color: @mauve; 177 - } 178 - ''; 179 - }; 180 - }
+13 -13
home/modules/programs/zsh.nix
··· 1 - { pkgs, config, ... }: 1 + { pkgs, ... }: 2 2 3 + let 4 + external = ../../../external/zsh; 5 + in 3 6 { 4 7 programs.zsh = { 5 8 enable = true; ··· 31 34 mkdirenv = "echo -e 'if has nix; then\\n use flake\\nfi' >> .envrc && direnv allow"; 32 35 33 36 nixb = "nom build"; 34 - nixs = "nom shell"; 35 - nixdev = "nom develop -c $SHELL"; 37 + nixs = "FF_SKIP=1 nom shell"; 38 + nixdev = "FF_SKIP=1 nom develop -c \"$SHELL\""; 36 39 37 40 diff = "diff --color=auto"; 38 41 grep = "grep --color=auto"; ··· 54 57 gpull = "git pull origin"; 55 58 gmain = "if ! git checkout --track origin/main; then if ! git checkout main; then git checkout master; fi; fi"; 56 59 }; 57 - 58 - envExtra = '' 59 - export DOTFILES="${config.home.homeDirectory}/dotfiles" 60 - ''; 61 60 62 61 initContent = '' 62 + ${builtins.readFile (external + "/keymap.zsh")} 63 + ${builtins.readFile (external + "/prompt.zsh")} 64 + ${builtins.readFile (external + "/functions.zsh")} 65 + 63 66 export GPG_TTY=$(tty) 67 + source <(fzf --zsh) 64 68 65 - . "$DOTFILES/external/zsh/keymap.zsh" 66 - . "$DOTFILES/external/zsh/prompt.zsh" 67 - . "$DOTFILES/external/zsh/functions.zsh" 68 - 69 - ff 69 + cuteff 70 70 ''; 71 71 72 72 profileExtra = '' 73 - . "$DOTFILES/external/zsh/profile.zsh" 73 + ${builtins.readFile (external + "/profile.zsh")} 74 74 ''; 75 75 }; 76 76 }
+2 -2
home/modules/wallpaper.nix
··· 3 3 { 4 4 home.file.".wallpaper.jpg" = { 5 5 source = pkgs.fetchurl { 6 - url = "https://raw.githubusercontent.com/orangci/walls-catppuccin-mocha/master/oversized-cat.jpg"; 7 - sha256 = "0c9fkhixpzh6hvwbqvfrfsi7c5p1lwnaql6ri1kkdjahay1h0spl"; 6 + url = "https://raw.githubusercontent.com/orangci/walls-catppuccin-mocha/7bfdf10d16ad3a689f9f0cf3a0930da3d1a245a8/oversized-cat.jpg"; 7 + hash = "sha256-9GoAg1dQyTZniNlQrCyn4RZ2onbZbbz4hgb+2yOcLjE="; 8 8 }; 9 9 }; 10 10 }
+1
modules/base/boot.nix
··· 1 1 { 2 2 boot = { 3 3 loader.efi.canTouchEfiVariables = true; 4 + tmp.cleanOnBoot = true; 4 5 5 6 kernelParams = [ 6 7 "vt.default_red=30,243,166,249,137,245,148,186,88,243,166,249,137,245,148,166"
+43 -1
modules/base/networking.nix
··· 1 1 { 2 2 networking = { 3 3 networkmanager.enable = true; 4 - firewall.enable = true; 4 + firewall = { 5 + enable = true; 6 + extraCommands = '' 7 + set -euo pipefail 8 + 9 + ensure_rule() { 10 + if ! iptables -C INPUT "$@" 2>/dev/null; then 11 + iptables -I INPUT 1 "$@" 12 + fi 13 + } 14 + ensure_rule6() { 15 + if ! ip6tables -C INPUT "$@" 2>/dev/null; then 16 + ip6tables -I INPUT 1 "$@" 17 + fi 18 + } 19 + 20 + v4blocklist=( 21 + '66.132.159.0/24' 22 + '162.142.125.0/24' 23 + '167.94.138.0/24' 24 + '167.94.145.0/24' 25 + '167.94.146.0/24' 26 + '167.248.133.0/24' 27 + '199.45.154.0/24' 28 + '199.45.155.0/24' 29 + '206.168.34.0/24' 30 + '206.168.35.0/24' 31 + ) 32 + v6blocklist=( 33 + '2602:80d:1000:b0cc:e::/80' 34 + '2620:96:e000:b0cc:e::/80' 35 + '2602:80d:1003::/112' 36 + '2602:80d:1004::/112' 37 + ) 38 + 39 + for ip in "''${v4blocklist[@]}"; do 40 + ensure_rule -s "$ip" -j DROP 41 + done 42 + for ip in "''${v6blocklist[@]}"; do 43 + ensure_rule6 -s "$ip" -j DROP 44 + done 45 + ''; 46 + }; 5 47 }; 6 48 }
+1 -1
modules/base/nix.nix
··· 11 11 ]; 12 12 trusted-users = [ 13 13 "root" 14 - "adam" 14 + "koi" 15 15 ]; 16 16 }; 17 17 };
+9 -9
modules/base/nixpkgs.nix
··· 1 - { inputs, ... }: 1 + # { inputs, ... }: 2 2 3 3 { 4 4 nixpkgs = { 5 5 config.allowUnfree = true; 6 - overlays = [ 7 - (_: prev: { 8 - unstable = import inputs.nixpkgs-unstable { 9 - system = prev.stdenv.hostPlatform.system; 10 - config = prev.config; 11 - }; 12 - }) 13 - ]; 6 + # overlays = [ 7 + # (_: prev: { 8 + # unstable = import inputs.nixpkgs-unstable { 9 + # system = prev.stdenv.hostPlatform.system; 10 + # config = prev.config; 11 + # }; 12 + # }) 13 + # ]; 14 14 }; 15 15 }
+6 -1
modules/base/services/openssh.nix
··· 3 3 enable = true; 4 4 openFirewall = true; 5 5 settings = { 6 + LogLevel = "ERROR"; # haxerz OUT 7 + PubkeyAuthentication = true; 6 8 PasswordAuthentication = false; 9 + KbdInteractiveAuthentication = false; 10 + X11Forwarding = false; 11 + PermitTunnel = "no"; 7 12 PermitRootLogin = "no"; 8 - PubkeyAuthentication = true; 13 + AllowTcpForwarding = "no"; 9 14 }; 10 15 }; 11 16 }
+1 -54
modules/base/system.nix
··· 1 - { pkgs, ... }: 2 - 3 - { 4 - system = { 5 - replaceDependencies.replacements = with pkgs; [ 6 - { 7 - oldDependency = coreutils-full; 8 - newDependency = symlinkJoin { 9 - name = 10 - "coreuutils-full" 11 - + builtins.concatStringsSep "" ( 12 - builtins.genList (_: "_") (builtins.stringLength coreutils-full.version) 13 - ); 14 - paths = [ uutils-coreutils-noprefix ]; 15 - }; 16 - } 17 - { 18 - oldDependency = coreutils; 19 - newDependency = symlinkJoin { 20 - name = 21 - "coreuutils" 22 - + builtins.concatStringsSep "" ( 23 - builtins.genList (_: "_") (builtins.stringLength coreutils.version) 24 - ); 25 - paths = [ uutils-coreutils-noprefix ]; 26 - }; 27 - } 28 - { 29 - oldDependency = findutils; 30 - newDependency = symlinkJoin { 31 - name = 32 - "finduutils" 33 - + builtins.concatStringsSep "" ( 34 - builtins.genList (_: "_") (builtins.stringLength findutils.version) 35 - ); 36 - paths = [ uutils-findutils ]; 37 - }; 38 - } 39 - { 40 - oldDependency = diffutils; 41 - newDependency = symlinkJoin { 42 - name = 43 - "diffuutils" 44 - + builtins.concatStringsSep "" ( 45 - builtins.genList (_: "_") (builtins.stringLength diffutils.version) 46 - ); 47 - paths = [ uutils-diffutils ]; 48 - }; 49 - } 50 - ]; 51 - 52 - stateVersion = "25.11"; 53 - }; 54 - } 1 + { system.stateVersion = "25.11"; }
-14
modules/base/users/adam.nix
··· 1 - { 2 - users.users.adam = { 3 - isNormalUser = true; 4 - hashedPassword = "$y$j9T$kpXvXU/Ftx9qI9LKssnpY/$mGPO35iEUCb8/.bdYA/Zys3MuIaNSlrnUY2S6wCoFD8"; 5 - ignoreShellProgramCheck = true; 6 - extraGroups = [ 7 - "wheel" 8 - "jellyfin" 9 - ]; 10 - openssh.authorizedKeys.keys = [ 11 - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9feAlrIVPuVS28tz54/m7pZkjHHL5aVhV2qwBPPceT adam" 12 - ]; 13 - }; 14 - }
+1 -1
modules/base/users/default.nix
··· 1 1 { 2 2 imports = [ 3 - ./adam.nix 3 + ./koi.nix 4 4 ./root.nix 5 5 ]; 6 6
+16
modules/base/users/koi.nix
··· 1 + { 2 + users.users.koi = { 3 + isNormalUser = true; 4 + hashedPassword = "$y$j9T$kpXvXU/Ftx9qI9LKssnpY/$mGPO35iEUCb8/.bdYA/Zys3MuIaNSlrnUY2S6wCoFD8"; 5 + ignoreShellProgramCheck = true; 6 + extraGroups = [ 7 + "wheel" 8 + "jellyfin" 9 + ]; 10 + openssh.authorizedKeys.keys = [ 11 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9feAlrIVPuVS28tz54/m7pZkjHHL5aVhV2qwBPPceT koi" 12 + ]; 13 + }; 14 + 15 + systemd.tmpfiles.rules = [ "d /tmp/downloads 2700 koi users -" ]; 16 + }
+1 -1
modules/base/users/root.nix
··· 1 1 { config, ... }: 2 2 3 3 { 4 - users.users.root.hashedPassword = config.users.users.adam.hashedPassword; 4 + users.users.root.hashedPassword = config.users.users.koi.hashedPassword; 5 5 }
+1 -1
modules/desktop/default.nix
··· 13 13 ./services 14 14 ]; 15 15 16 - users.users.adam.shell = pkgs.zsh; 16 + users.users.koi.shell = pkgs.zsh; 17 17 }
+1 -1
modules/home.nix
··· 9 9 inputs 10 10 ; 11 11 }; # TODO: optimize maybe 12 - users.adam = import ../home/adam.nix; 12 + users.koi = import ../home/koi.nix; 13 13 }; 14 14 }
+6 -6
secrets/secrets.nix
··· 1 1 let 2 - adam = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9feAlrIVPuVS28tz54/m7pZkjHHL5aVhV2qwBPPceT"; 3 - seber = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIXT/a7M/lYUEkWmRz+aTko8GPi0SVvabNx2NxflVpi3"; 2 + koi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9feAlrIVPuVS28tz54/m7pZkjHHL5aVhV2qwBPPceT"; 3 + seber = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBAp82e57ij5x+Ei1Tjwxuex0fil5vV9wfEfNYgC5dFQ"; 4 4 in 5 5 { 6 - "chromium.sh.age".publicKeys = [ adam ]; 7 - "cloudflared.pem.age".publicKeys = [ adam ]; 8 - "jellyfin-rpc.json.age".publicKeys = [ adam ]; 9 - "wakatime.cfg.age".publicKeys = [ adam ]; 6 + "chromium.sh.age".publicKeys = [ koi ]; 7 + "cloudflared.pem.age".publicKeys = [ koi ]; 8 + "jellyfin-rpc.json.age".publicKeys = [ koi ]; 10 9 10 + "vaultwarden.env.age".publicKeys = [ seber ]; 11 11 "ssl-adamperkowski.cert.pem.age".publicKeys = [ seber ]; 12 12 "ssl-adamperkowski.key.pem.age".publicKeys = [ seber ]; 13 13 }
secrets/ssl-adamperkowski.cert.pem.age

This is a binary file and will not be displayed.

secrets/ssl-adamperkowski.key.pem.age

This is a binary file and will not be displayed.

secrets/vaultwarden.env.age

This is a binary file and will not be displayed.

-5
secrets/wakatime.cfg.age
··· 1 - age-encryption.org/v1 2 - -> ssh-ed25519 IU0gwQ tiPC/5hn2voHevystFJAlzr4Wd5k5pQzBLUQgkGA0DQ 3 - uz/ertXNfuDu9+TA+7RS7YyfeyJu2sPXOHvMLHuKxSg 4 - --- g2buoSZZ7FczgKkr6EnyBUQaqo0gdtXiH5OCZ56JxYM 5 - ืฟ(๏ฟฝ )๏ฟฝ๏ฟฝn9*๏ฟฝ๏ฟฝ๏ฟฝ:V๏ฟฝ ๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝo$๏ฟฝ๏ฟฝE,๏ฟฝ฿Ÿ๏ฟฝ:๏ฟฝ๏ฟฝ2R๏ฟฝv๏ฟฝ\g๏ฟฝ,๏ฟฝ๏ฟฝ๏ฟฝu1๏ฟฝ๏ฟฝ๏ฟฝJ๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ)แœปU๏ฟฝ๏ฟฝ๏ฟฝ-๏ฟฝ๏ฟฝ#๏ฟฝ ๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝk5๏ฟฝ๏ฟฝ^๏ฟฝ%๏ฟฝF๏ฟฝ'u๏ฟฝ๏ฟฝ๏ฟฝ@๏ฟฝU๏ฟฝ๏ฟฝ๏ฟฝY(๏ฟฝ๏ฟฝR/B๏ฟฝyj๏ฟฝ๏ฟฝ^๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝฦฝ4y๏ฟฝ๏ฟฝ๏ฟฝV๏ฟฝl5๏ฟฝ๏ฟฝ๏ฟฝุชC๏ฟฝอ†r๏ฟฝส›G๏ฟฝZ๏ฟฝ~ ๏ฟฝm๏ฟฝ}1vsZ๏ฟฝa๏ฟฝ๏ฟฝ๏ฟฝ+๏ฟฝ๏ฟฝ๏ฟฝ๏ฟฝ/๏ฟฝ๏ฟฝrK๏ฟฝ๏ฟฝA*๏ฟฝ๏ฟฝ[๏ฟฝ๏ฟฝ,๏ฟฝ{๏ฟฝ8๏ฟฝF๏ฟฝ๏ฟฝ
+23 -11
systems/miku/default.nix
··· 1 - { pkgs, inputs, ... }: 1 + { 2 + config, 3 + pkgs, 4 + inputs, 5 + ... 6 + }: 2 7 3 8 { 4 9 imports = [ ··· 12 17 13 18 time.timeZone = "Europe/Warsaw"; 14 19 i18n.defaultLocale = "en_US.UTF-8"; 15 - 16 - hardware.graphics.enable = true; 17 20 18 21 services.xserver = { 19 22 xkb = { ··· 24 27 videoDrivers = [ "nvidia" ]; 25 28 }; 26 29 27 - hardware.nvidia = { 28 - modesetting.enable = true; 29 - powerManagement.enable = true; 30 - open = true; 31 - nvidiaSettings = false; 30 + hardware = { 31 + graphics = { 32 + enable = true; 33 + enable32Bit = true; 34 + }; 35 + 36 + nvidia = { 37 + modesetting.enable = true; 38 + powerManagement.enable = true; 39 + open = true; 40 + nvidiaSettings = false; 41 + }; 32 42 }; 33 43 34 44 programs.steam = { ··· 41 51 42 52 services.jellyfin = { 43 53 enable = true; 44 - package = pkgs.jellyfin; 45 54 openFirewall = true; 46 55 }; 47 56 48 - environment.systemPackages = with pkgs; [ cloudflared ]; 57 + environment.systemPackages = with pkgs; [ 58 + cloudflared 59 + prismlauncher 60 + ]; 49 61 50 62 age = { 51 - identityPaths = [ "/home/adam/.ssh/id_ed25519" ]; 63 + identityPaths = [ "${config.users.users.koi.home}/.ssh/id_ed25519" ]; 52 64 53 65 secrets.cloudflared = { 54 66 file = ../../secrets/cloudflared.pem.age;
-6
systems/modules/systemd-boot.nix
··· 1 - { 2 - boot.loader = { 3 - systemd-boot.enable = true; 4 - efi.canTouchEfiVariables = true; 5 - }; 6 - }
+30 -39
systems/seber/default.nix
··· 4 4 imports = [ 5 5 ./hardware.nix 6 6 inputs.agenix.nixosModules.default 7 + ./services 7 8 ]; 8 9 9 10 boot.loader.grub = { ··· 11 12 device = "/dev/vda"; 12 13 }; 13 14 14 - networking.hostName = "seber"; 15 + networking = { 16 + hostName = "seber"; 17 + firewall.allowedTCPPorts = [ 18 + 80 19 + 443 20 + ]; 21 + }; 15 22 16 23 time.timeZone = "UTC"; 17 24 i18n.defaultLocale = "en_US.UTF-8"; 18 25 19 26 environment.systemPackages = with pkgs; [ 27 + linuxquota 20 28 git 21 29 vim 22 30 htop 23 31 ]; 24 32 25 - networking.firewall.allowedTCPPorts = [ 26 - 80 27 - 443 28 - ]; 33 + services.nginx.enable = true; 34 + 35 + system.activationScripts.quotas = { 36 + deps = [ ]; 37 + text = '' 38 + echo 39 + ${pkgs.linuxquota}/bin/quotacheck -aumv || true 40 + ${pkgs.linuxquota}/bin/quotaon -auv || true 41 + for user in $(getent passwd | grep /var/ebil.club | cut -d: -f1); do 42 + echo "setting quota for $user" 43 + ${pkgs.linuxquota}/bin/setquota -u $user 8M 10M 0 0 / || true 44 + done 45 + echo 46 + ''; 47 + }; 29 48 30 49 age = { 31 - identityPaths = [ "/home/adam/.ssh/id_ed25519" ]; 50 + identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; 32 51 secrets = { 52 + vaultwarden-env = { 53 + file = ../../secrets/vaultwarden.env.age; 54 + mode = "0400"; 55 + owner = "vaultwarden"; 56 + }; 33 57 ssl-adamperkowski-cert = { 34 58 file = ../../secrets/ssl-adamperkowski.cert.pem.age; 35 59 mode = "0440"; ··· 40 64 mode = "0440"; 41 65 group = "nginx"; 42 66 }; 43 - }; 44 - }; 45 - 46 - services.nginx = { 47 - enable = true; 48 - virtualHosts = { 49 - "adam.qpon" = { 50 - locations."/" = { 51 - proxyPass = "http://127.0.0.1:8000"; 52 - extraConfig = '' 53 - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 54 - proxy_set_header X-Forwarded-Proto $scheme; 55 - proxy_set_header Host $host; 56 - ''; 57 - }; 58 - 59 - onlySSL = true; 60 - sslCertificate = "/run/agenix/ssl-adamperkowski-cert"; 61 - sslCertificateKey = "/run/agenix/ssl-adamperkowski-key"; 62 - }; 63 - }; 64 - }; 65 - 66 - systemd.services.website = { 67 - description = "my site :3"; 68 - after = [ "network.target" ]; 69 - wantedBy = [ "multi-user.target" ]; 70 - 71 - serviceConfig = { 72 - ExecStart = "/var/website/website/bin/website"; 73 - WorkingDirectory = "/var/website"; 74 - Restart = "on-failure"; 75 - RestartSec = 10; 76 67 }; 77 68 }; 78 69 }
+4
systems/seber/hardware.nix
··· 25 25 fileSystems."/" = { 26 26 device = "/dev/disk/by-uuid/9bc4dce8-4cbe-49e2-bd9f-12542c3361fe"; 27 27 fsType = "ext4"; 28 + options = [ 29 + "usrquota" 30 + "jqfmt=vfsv0" 31 + ]; 28 32 }; 29 33 30 34 swapDevices = [
+9
systems/seber/services/default.nix
··· 1 + { 2 + imports = [ 3 + ./website.nix 4 + ./lebel.nix 5 + ./mimi.nix 6 + ./vaultwarden.nix 7 + ./ebil-club.nix 8 + ]; 9 + }
+122
systems/seber/services/ebil-club.nix
··· 1 + { lib, pkgs, ... }: 2 + 3 + let 4 + tls = { 5 + forceSSL = true; 6 + sslCertificate = "/run/agenix/ssl-adamperkowski-cert"; 7 + sslCertificateKey = "/run/agenix/ssl-adamperkowski-key"; 8 + }; 9 + 10 + mkSite = 11 + { 12 + name, 13 + sshPubkey, 14 + canonical ? null, 15 + }: 16 + let 17 + defaultHost = "${name}.ebil.club"; 18 + servedHost = if canonical != null then canonical else defaultHost; 19 + 20 + home = "/var/ebil.club/${name}"; 21 + rootDir = "${home}/${defaultHost}"; 22 + in 23 + { 24 + services.nginx.virtualHosts = { 25 + "${servedHost}" = ( 26 + { 27 + locations = { 28 + "/" = { 29 + root = rootDir; 30 + index = "index.html"; 31 + extraConfig = "try_files $uri $uri/ =404;"; 32 + }; 33 + "= /" = { 34 + extraConfig = '' 35 + if ($http_user_agent ~* "curl") { 36 + return 302 /index.txt; 37 + } 38 + ''; 39 + }; 40 + "/index.txt" = { 41 + root = rootDir; 42 + extraConfig = "try_files /index.txt @curl_fallback;"; 43 + }; 44 + "@curl_fallback".return = 45 + "200 'hi! this site is best viewed in a web browser :3 if u still want to curl it, try setting a different user-agent header'"; 46 + }; 47 + extraConfig = "error_page 404 /404.html;"; 48 + } 49 + // tls 50 + ); 51 + } 52 + // lib.optionalAttrs (canonical != null) { 53 + "${defaultHost}" = ( 54 + { 55 + locations."/".return = "307 https://${canonical}$request_uri"; 56 + } 57 + // tls 58 + ); 59 + }; 60 + 61 + users = { 62 + groups."${name}" = { }; 63 + users."${name}" = { 64 + inherit home; 65 + createHome = false; 66 + isNormalUser = true; 67 + hashedPassword = "!"; 68 + group = name; 69 + openssh.authorizedKeys.keys = [ 70 + ''command="${pkgs.rrsync}/bin/rrsync ~/${defaultHost}",restrict,no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ${sshPubkey}'' 71 + ]; 72 + }; 73 + }; 74 + 75 + systemd.tmpfiles.rules = [ 76 + "d ${home} 0750 ${name} nginx -" 77 + "d ${home}/${defaultHost} 2750 ${name} nginx -" 78 + ]; 79 + }; 80 + in 81 + { 82 + imports = [ 83 + (mkSite { 84 + name = "seba"; 85 + sshPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN7xlBanf8BNQXosqGT5QroBntpFUsy3g12fO/fPE414"; 86 + }) 87 + (mkSite { 88 + name = "kolpix"; 89 + sshPubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDY0nHqaw1FriPBnK/hsdVGO69RGu6k/FAYNtUmYCEUS3MN0+loQWRwV2zk0KlWwIP/sMtWH/QjX5oNGpSt9Oj9jmfjgdPkQcl+4B/u93V6wK6Xl+5FufkXbtzENakPQVLX4INyZ9gViuRE4eguPFeRYSckcboxfeqlM24OUT7gvtn4r3z6c0Yx8qit/GVn1F7/ozi0lrSGknEVFUr3ewoQZWm7rpd9SjbTutqLtX6quEQzn6GG/wNxUodnIPwflGgBlfzej2SekuzLvnE1VfaaBvzOZei4VdvY7JrbKN+zlkmuKtEaZB7fkwOxegHsFRxLjSzLasI84wbWt38KTlDxPLjWPq62rJZOnI1XILCUamt9fSTraDfYeHeTCjrlKKctX0l4fvMLG4ZE1wHsELShisZuN4dPb1BqTgEL3s7n60kXG4TTUbo/frXocVf7PX1QINfnWkUPXT4fWkhYV0XALqBpnXs9XJXbk7dCWoWIuwm8+R2svcGvdiIrVGMy9cCP4bIqNzZ7NlOAvIysgmnLcv5GsTv7YfBXrJFnBXScsacqJaH3BLVg+zVYXKvokjZJ0mEa260aMqJDS7lK+xbnBhwH3B+tOAaR7ZoB0c1j2JyFOjTLL9K1uw0dRyQB4b0ZWQ08ByNi1rYT/FHBHU/Jl1rocEUgwmUDFNFufIMwZQ=="; 90 + }) 91 + (mkSite { 92 + name = "robin"; 93 + sshPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDeSHaoF0Qs1G8JO/enOo2vxzkvvOqAMZPG2DX7TgG8u"; 94 + canonical = "robinwobin.dev"; 95 + }) 96 + ]; 97 + 98 + services.nginx.virtualHosts = { 99 + "_" = { 100 + locations."/".return = "307 https://ebil.club"; 101 + default = true; 102 + } 103 + // tls; 104 + 105 + "ebil.club" = { 106 + locations = { 107 + "/" = { 108 + root = "/var/ebil.club/ebil.club"; 109 + index = "index.html"; 110 + extraConfig = "try_files $uri $uri/ =404;"; 111 + }; 112 + }; 113 + extraConfig = "error_page 404 /404.html;"; 114 + } 115 + // tls; 116 + }; 117 + 118 + systemd.tmpfiles.rules = [ 119 + "d /var/ebil.club 0755 root root -" 120 + "d /var/ebil.club/ebil.club 2750 koi nginx -" 121 + ]; 122 + }
+44
systems/seber/services/lebel.nix
··· 1 + { pkgs, ... }: 2 + 3 + { 4 + environment.systemPackages = [ pkgs.nodejs ]; 5 + 6 + systemd.services.lebel = { 7 + description = "lebel"; 8 + after = [ "network.target" ]; 9 + wantedBy = [ "multi-user.target" ]; 10 + 11 + serviceConfig = { 12 + User = "koi"; 13 + Group = "users"; 14 + ExecStart = "${pkgs.nodejs}/bin/node --env-file /var/lebel/.env /var/lebel/build/main.js"; 15 + WorkingDirectory = "/var/lebel"; 16 + Restart = "on-failure"; 17 + RestartSec = 10; 18 + }; 19 + }; 20 + 21 + services.nginx.virtualHosts."lebel.ebil.club" = { 22 + locations = { 23 + "= /".return = "301 https://ebil.club"; 24 + "/" = { 25 + proxyPass = "http://127.0.0.1:14831"; 26 + extraConfig = '' 27 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 28 + proxy_set_header X-Forwarded-Proto $scheme; 29 + proxy_set_header X-Real-IP $remote_addr; 30 + proxy_set_header Host $host; 31 + 32 + proxy_http_version 1.1; 33 + proxy_set_header Upgrade $http_upgrade; 34 + proxy_set_header Connection "upgrade"; 35 + ''; 36 + }; 37 + }; 38 + forceSSL = true; 39 + sslCertificate = "/run/agenix/ssl-adamperkowski-cert"; 40 + sslCertificateKey = "/run/agenix/ssl-adamperkowski-key"; 41 + }; 42 + 43 + systemd.tmpfiles.rules = [ "d /var/lebel 2750 koi users -" ]; 44 + }
+20
systems/seber/services/mimi.nix
··· 1 + { 2 + systemd.services.mimi = { 3 + description = "mimi tne discord bot"; 4 + after = [ "network.target" ]; 5 + wantedBy = [ "multi-user.target" ]; 6 + 7 + script = '' 8 + export $(cat .env | xargs) 9 + ./mimi/bin/mimi 10 + ''; 11 + 12 + serviceConfig = { 13 + WorkingDirectory = "/var/mimi"; 14 + Restart = "on-failure"; 15 + RestartSec = 60; 16 + }; 17 + }; 18 + 19 + systemd.tmpfiles.rules = [ "d /var/mimi 2750 koi users -" ]; 20 + }
+29
systems/seber/services/vaultwarden.nix
··· 1 + { 2 + services.vaultwarden = { 3 + enable = true; 4 + environmentFile = "/run/agenix/vaultwarden-env"; 5 + config = { 6 + DOMAIN = "https://vault.adamperkowski.dev"; 7 + SIGNUPS_ALLOWED = false; 8 + ROCKET_ADDRESS = "127.0.0.1"; 9 + ROCKET_PORT = 8222; 10 + ROCKET_LOG = "critical"; 11 + LOG_LEVEL = "warn"; 12 + }; 13 + }; 14 + 15 + services.nginx.virtualHosts."vault.adamperkowski.dev" = { 16 + locations."/" = { 17 + proxyPass = "http://127.0.0.1:8222"; 18 + extraConfig = '' 19 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 20 + proxy_set_header X-Forwarded-Proto $scheme; 21 + proxy_set_header Host $host; 22 + ''; 23 + }; 24 + forceSSL = true; 25 + sslCertificate = "/run/agenix/ssl-adamperkowski-cert"; 26 + sslCertificateKey = "/run/agenix/ssl-adamperkowski-key"; 27 + }; 28 + 29 + }
+30
systems/seber/services/website.nix
··· 1 + { 2 + systemd.services.website = { 3 + description = "my site :3"; 4 + after = [ "network.target" ]; 5 + wantedBy = [ "multi-user.target" ]; 6 + 7 + serviceConfig = { 8 + ExecStart = "/var/website/website/bin/website"; 9 + WorkingDirectory = "/var/website"; 10 + Restart = "on-failure"; 11 + RestartSec = 10; 12 + }; 13 + }; 14 + 15 + services.nginx.virtualHosts."koi.rip" = { 16 + locations."/" = { 17 + proxyPass = "http://127.0.0.1:8000"; 18 + extraConfig = '' 19 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 20 + proxy_set_header X-Forwarded-Proto $scheme; 21 + proxy_set_header Host $host; 22 + ''; 23 + }; 24 + forceSSL = true; 25 + sslCertificate = "/run/agenix/ssl-adamperkowski-cert"; 26 + sslCertificateKey = "/run/agenix/ssl-adamperkowski-key"; 27 + }; 28 + 29 + systemd.tmpfiles.rules = [ "d /var/website 2750 koi users -" ]; 30 + }