diff --git a/home/fish.nix b/home/fish.nix
deleted file mode 100644
index 3bb9d84..0000000
--- a/home/fish.nix
+++ /dev/null
@@ -1,80 +0,0 @@
-{ ... }:
-{
- programs.fish = {
- enable = true;
- shellAliases = {
- "vi" = "nvim";
- "vim" = "nvim";
- "t" = "tmux";
- "tl" = "tmux list-sessions";
- "ta" = "tmux new-session -A -s";
- "se" = "sudoedit";
- "s" = "sudo";
- "nrs" = "sudo nixos-rebuild switch --flake .";
- "nrt" = "sudo nixos-rebuild test --flake .";
- "hrs" = "home-manager switch --flake .";
- "g" = "git";
- "ga" = "git add";
- "gaa" = "git add --all";
- "gb" = "git branch";
- "gc" = "git commit --verbose";
- "gcmsg" = "git commit --message";
- "gd" = "git diff";
- "gdca" = "git diff --cached";
- "gds" = "git diff --staged";
- "gl" = "git log --stat";
- "glg" = "git log --graph";
- "glga" = "git log --graph --decorate --all";
- "glo" = "git log --oneline --decorate";
- "gp" = "git push";
- "gr" = "git remote";
- "gra" = "git remote add";
- "grv" = "git remote --verbose";
- "gs" = "git status --short";
- "gss" = "git status";
- };
-
- shellInit = ''
- set fish_greeting
- '';
-
- functions = {
- fish_prompt = ''
- set -l last_status $status
- set -l normal (set_color normal)
- set -l status_color (set_color brgreen)
- set -l cwd_color (set_color $fish_color_cwd)
- set -l vcs_color (set_color brpurple)
- set -l prompt_status ""
-
- # Since we display the prompt on a new line allow the directory names to be longer.
- set -q fish_prompt_pwd_dir_length
- or set -lx fish_prompt_pwd_dir_length 0
-
- # Color the prompt differently when we're root
- set -l suffix '❯'
- if functions -q fish_is_root_user; and fish_is_root_user
- if set -q fish_color_cwd_root
- set cwd_color (set_color $fish_color_cwd_root)
- end
- set suffix '#'
- end
-
- # Color the prompt in red on error
- if test $last_status -ne 0
- set status_color (set_color $fish_color_error)
- set prompt_status $status_color "[" $last_status "]" $normal
- end
-
- echo -s (prompt_login) ' ' $cwd_color (prompt_pwd) $vcs_color (fish_vcs_prompt) $normal ' ' $prompt_status
- echo -n -s $status_color $suffix ' ' $normal
- '';
-
- };
- };
-
- programs.fzf.enableFishIntegration = true;
- programs.zoxide.enableFishIntegration = true;
- programs.eza.enableFishIntegration = true;
- programs.nix-index.enableFishIntegration = true;
-}
diff --git a/home/foot.nix b/home/foot.nix
deleted file mode 100644
index ce7cb0c..0000000
--- a/home/foot.nix
+++ /dev/null
@@ -1,55 +0,0 @@
-{ ... }:
-{
- programs.foot = {
- enable = true;
- settings = {
- main = {
- font = "IBM Plex Mono:size=8";
- dpi-aware = "yes";
- };
- bell = {
- urgent = "no";
- notify = "no";
- visual = "no";
- };
- cursor = {
- style = "beam";
- blink = "yes";
- blink-rate = 500;
- beam-thickness = 1.5;
- color = "161821 c6c8d1";
- };
- mouse = {
- hide-when-typing = "yes";
- };
- colors = {
- foreground = "c6c8d1";
- background = "161821";
- regular0 = "1e2132";
- regular1 = "e27878";
- regular2 = "b4be82";
- regular3 = "e2a478";
- regular4 = "84a0c6";
- regular5 = "a093c7";
- regular6 = "89b8c2";
- regular7 = "c6c8d1";
- bright0 = "6b7089";
- bright1 = "e98989";
- bright2 = "c0ca8e";
- bright3 = "e9b189";
- bright4 = "91acd1";
- bright5 = "ada0d3";
- bright6 = "95c4ce";
- bright7 = "d2d4de";
- selection-foreground = "161821";
- selection-background = "c6c8d1";
- };
-
- key-bindings = {
- clipboard-copy = "Control+Shift+c XF86Copy";
- clipboard-paste = "Control+Shift+v XF86Paste";
- quit = "Control+q";
- };
- };
- };
-}
diff --git a/home/ghostty.nix b/home/ghostty.nix
deleted file mode 100644
index 1c592f5..0000000
--- a/home/ghostty.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ ... }:
-{
- programs.ghostty = {
- enable = true;
- enableZshIntegration = true;
- clearDefaultKeybinds = true;
- settings = {
- theme = "iceberg-dark";
- font-family = "IBM Plex Mono";
- font-size = "12";
- window-decoration = false;
- confirm-close-surface = false;
- keybind = [
- "ctrl+q=quit"
- "ctrl+shift+c=copy_to_clipboard"
- "ctrl+shift+v=paste_from_clipboard"
- ];
- };
- };
-}
diff --git a/home/kitty.nix b/home/kitty.nix
index 463b10a..ea7047f 100644
--- a/home/kitty.nix
+++ b/home/kitty.nix
@@ -71,5 +71,5 @@
};
};
- programs.zsh.shellAliases."ssh" = "kitten ssh";
+ # programs.zsh.shellAliases."ssh" = "kitten ssh"; # doesn't seem to work with bitwarden ssh agent :(
}
diff --git a/home/niri/default.nix b/home/niri/default.nix
deleted file mode 100644
index f1c8172..0000000
--- a/home/niri/default.nix
+++ /dev/null
@@ -1,210 +0,0 @@
-{
- config,
- pkgs,
- lib,
- ...
-}:
-let
- wallpaper = "${./nixos-c-book.png}";
- terminal = "kitty";
- menu = [
- "fuzzel"
- "-w"
- "100"
- ];
- browser = "librewolf";
- file-manager = "thunar";
- clipboard = "cliphist list | ${lib.concatStringsSep " " menu} --dmenu | cliphist decode | wl-copy";
-in
-{
- programs.niri.settings = {
- prefer-no-csd = true;
- input.keyboard.xkb.options = "ctrl:nocaps";
- spawn-at-startup = [
- { command = [ "${lib.getExe pkgs.waybar}" ]; }
- {
- command = [
- "${lib.getExe pkgs.swaybg}"
- "-m"
- "fill"
- "-i"
- wallpaper
- ];
- }
- { command = [ "${lib.getExe pkgs.xwayland-satellite}" ]; }
- {
- command = [
- "wl-paste"
- "--watch"
- "cliphist"
- "store"
- ];
- }
- ];
- hotkey-overlay.skip-at-startup = true;
-
- input = {
- touchpad = {
- tap = true;
- dwt = true;
- natural-scroll = true;
- click-method = "clickfinger";
- };
- warp-mouse-to-focus = false;
- focus-follows-mouse.enable = false;
- };
-
- environment = {
- DISPLAY = ":0"; # for xwayland-satellite
- ANKI_WAYLAND = "1";
- };
-
- layout = {
- gaps = 0;
- focus-ring = {
- width = 4;
- active.color = "#4c7899";
- inactive.color = "#333333";
- };
- always-center-single-column = true;
- border.enable = false;
- };
-
- window-rules = [
- {
- matches = [
- { app-id = "mpv"; }
- { app-id = "Bitwarden"; }
- {
- app-id = "ghidra-Ghidra";
- # pop-up windows
- title = "^win(.*)";
- }
- ];
- open-floating = true;
- }
- {
- matches = [
- {
- app-id = "anki";
- title = "Add";
- }
- ];
- default-column-width.proportion = .25;
- }
- {
- matches = [
- { app-id = "foot"; }
- {
- app-id = "anki";
- title = "^Browse";
- }
- { app-id = "com.mitchellh.ghostt"; }
- { app-id = "org.kde.okular"; }
- { app-id = "kitty"; }
- { app-id = "VSCodium"; }
- ];
- default-column-width.proportion = .5;
- }
- {
- matches = [ { app-id = "librewolf"; } ];
- default-column-width.proportion = .75;
- }
- ];
- };
-
- programs.niri.settings.binds =
- with config.lib.niri.actions;
- let
- sh = spawn "sh" "-c";
- in
- {
- "Mod+Return".action = spawn terminal;
- "Mod+D".action = spawn menu;
-
- "Mod+Shift+E".action = quit;
- "Mod+Equal".action = set-column-width "+10%";
- "Mod+Minus".action = set-column-width "-10%";
- "Mod+Shift+Equal".action = set-window-height "+10%";
- "Mod+Shift+Minus".action = set-window-height "-10%";
- "Super+Alt+L".action = spawn "swaylock";
- "Mod+Ctrl+Q".action = close-window;
- "Mod+H".action = focus-column-left;
- "Mod+L".action = focus-column-right;
- "Mod+K".action = focus-window-up;
- "Mod+J".action = focus-window-down;
- "Mod+Shift+H".action = move-column-left;
- "Mod+Shift+L".action = move-column-right;
- "Mod+Shift+K".action = move-window-up;
- "Mod+Shift+J".action = move-window-down;
- "Mod+U".action = focus-workspace-up;
- "Mod+I".action = focus-workspace-down;
- "Mod+Shift+U".action = move-window-to-workspace-up;
- "Mod+Shift+I".action = move-window-to-workspace-down;
- "Mod+W".action = maximize-column;
- "Mod+E".action = set-column-width "50%";
- "Mod+R".action = set-column-width "75%";
- "Mod+Q".action = set-column-width "25%";
- "Mod+C".action = center-column;
- "Mod+Shift+Space".action = toggle-window-floating;
- "Mod+Space".action = switch-focus-between-floating-and-tiling;
- "Print".action = screenshot;
- "Alt+Print".action = screenshot-window;
- "Ctrl+Print".action = screenshot-screen;
- # "Mod+R".action = switch-preset-column-width;
- "Mod+Shift+R".action = switch-preset-window-height;
- "Mod+Ctrl+R".action = reset-window-height;
- "Mod+F".action = fullscreen-window;
- "Mod+WheelScrollDown" = {
- cooldown-ms = 150;
- action = focus-column-right;
- };
- "Mod+WheelScrollUp" = {
- cooldown-ms = 150;
- action = focus-column-left;
- };
- "Mod+Shift+WheelScrollDown" = {
- cooldown-ms = 150;
- action = focus-workspace-down;
- };
- "Mod+Shift+WheelScrollUp" = {
- cooldown-ms = 150;
- action = focus-workspace-up;
- };
-
- "XF86AudioRaiseVolume".action = sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 1%+";
- "XF86AudioLowerVolume".action = sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 1%-";
- "XF86AudioMute".action = sh "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle";
- "XF86MonBrightnessUp".action = sh "brightnessctl set 1%+";
- "XF86MonBrightnessDown".action = sh "brightnessctl set 1%-";
-
- "Mod+1".action = focus-workspace 1;
- "Mod+2".action = focus-workspace 2;
- "Mod+3".action = focus-workspace 3;
- "Mod+4".action = focus-workspace 4;
- "Mod+5".action = focus-workspace 5;
- "Mod+6".action = focus-workspace 6;
- "Mod+7".action = focus-workspace 7;
- "Mod+8".action = focus-workspace 8;
- "Mod+9".action = focus-workspace 9;
- "Mod+Shift+1".action = move-column-to-workspace 1;
- "Mod+Shift+2".action = move-column-to-workspace 2;
- "Mod+Shift+3".action = move-column-to-workspace 3;
- "Mod+Shift+4".action = move-column-to-workspace 4;
- "Mod+Shift+5".action = move-column-to-workspace 5;
- "Mod+Shift+6".action = move-column-to-workspace 6;
- "Mod+Shift+7".action = move-column-to-workspace 7;
- "Mod+Shift+8".action = move-column-to-workspace 8;
- "Mod+Shift+9".action = move-column-to-workspace 9;
-
- "Mod+Alt+B".action = spawn browser;
- "Mod+Alt+A".action = spawn "anki";
- "Mod+Alt+F".action = spawn file-manager;
- "Mod+Alt+E".action = spawn "evolution";
- "Mod+P".action = spawn "bitwarden";
- "Mod+Comma".action = sh clipboard;
-
- "MouseForward".action = spawn "sh" "${./scripts/remote.sh}" "btn1";
- "MouseBack".action = spawn "sh" "${./scripts/remote.sh}";
- };
-}
diff --git a/home/niri/nixos-c-book.png b/home/niri/nixos-c-book.png
deleted file mode 100644
index 96abf8f..0000000
Binary files a/home/niri/nixos-c-book.png and /dev/null differ
diff --git a/home/niri/scripts/remote.sh b/home/niri/scripts/remote.sh
deleted file mode 100755
index 0ef7c0d..0000000
--- a/home/niri/scripts/remote.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/usr/bin/env bash
-
-active_window=$(niri msg --json focused-window |jq -r .app_id)
-
-if [ "$1" = "btn1" ]; then
- if [ "$active_window" = "anki" ]; then
- wtype " "
- elif [ "$active_window" = "kitty" ]; then
- wtype -M ctrl -M shift -k c -m ctrl -m shift
- elif [ "$active_window" = "chromium-browser" ] || [ "$active_window" = "librewolf" ]; then
- wtype -M alt -P right -p right -m alt
- else
- wtype -M ctrl -k c -m ctrl
- fi
-else
- if [ "$active_window" = "anki" ]; then
- wtype "1"
- elif [ "$active_window" = "kitty" ]; then
- wtype -M ctrl -M shift -k v -m ctrl
- elif [ "$active_window" = "chromium-browser" ] || [ "$active_window" = "librewolf" ]; then
- wtype -M alt -P left -p left -m alt
- else
- wtype -M ctrl -k v -m ctrl
- fi
-fi
diff --git a/home/rofi/config.rasi b/home/rofi/config.rasi
deleted file mode 100644
index ae76aeb..0000000
--- a/home/rofi/config.rasi
+++ /dev/null
@@ -1,156 +0,0 @@
-configuration {
- modes: "drun,run,emoji:rofimoji,clipboard:/home/yt/.config/rofi/scripts/cliphist.sh";
- font: "hack 12";
-/* location: 0;*/
-/* yoffset: 0;*/
-/* xoffset: 0;*/
-/* fixed-num-lines: true;*/
- show-icons: true;
- terminal: "kitty";
-/* ssh-client: "ssh";*/
-/* ssh-command: "{terminal} -e {ssh-client} {host} [-p {port}]";*/
-/* run-command: "{cmd}";*/
-/* run-list-command: "";*/
-/* run-shell-command: "{terminal} -e {cmd}";*/
-/* window-command: "wmctrl -i -R {window}";*/
-/* window-match-fields: "all";*/
- icon-theme: "Papirus";
-/* drun-match-fields: "name,generic,exec,categories,keywords";*/
-/* drun-categories: ;*/
-/* drun-show-actions: false;*/
-/* drun-display-format: "{name} [({generic})]";*/
-/* drun-url-launcher: "xdg-open";*/
-/* disable-history: false;*/
-/* ignored-prefixes: "";*/
-/* sort: false;*/
-/* sorting-method: "normal";*/
-/* case-sensitive: false;*/
-/* cycle: true;*/
-/* sidebar-mode: false;*/
-/* hover-select: false;*/
-/* eh: 1;*/
-/* auto-select: false;*/
-/* parse-hosts: false;*/
-/* parse-known-hosts: true;*/
- combi-modes: "window,run,calc,filebrowser";
-/* matching: "normal";*/
-/* tokenize: true;*/
-/* m: "-5";*/
-/* filter: ;*/
-/* dpi: -1;*/
-/* threads: 0;*/
-/* scroll-method: 0;*/
-/* window-format: "{w} {c} {t}";*/
-/* click-to-exit: true;*/
-/* global-kb: false;*/
-/* max-history-size: 25;*/
-/* combi-hide-mode-prefix: false;*/
-/* combi-display-format: "{mode} {text}";*/
-/* matching-negate-char: '-' /* unsupported */;*/
-/* cache-dir: ;*/
-/* window-thumbnail: false;*/
-/* drun-use-desktop-cache: false;*/
-/* drun-reload-desktop-cache: false;*/
-/* normalize-match: false;*/
-/* steal-focus: false;*/
-/* application-fallback-icon: ;*/
-/* refilter-timeout-limit: 300;*/
-/* xserver-i300-workaround: false;*/
-/* completer-mode: "recursivebrowser";*/
-/* pid: "/run/user/1000/rofi.pid";*/
-/* display-window: ;*/
-/* display-run: ;*/
-/* display-ssh: ;*/
-/* display-drun: ;*/
-/* display-combi: ;*/
-/* display-keys: ;*/
-/* display-filebrowser: ;*/
-/* display-recursivebrowser: ;*/
-/* kb-primary-paste: "Control+V,Shift+Insert";*/
-/* kb-secondary-paste: "Control+v,Insert";*/
-/* kb-secondary-copy: "Control+c";*/
-/* kb-clear-line: "Control+w";*/
-/* kb-move-front: "Control+a";*/
-/* kb-move-end: "Control+e";*/
-/* kb-move-word-back: "Alt+b,Control+Left";*/
-/* kb-move-word-forward: "Alt+f,Control+Right";*/
-/* kb-move-char-back: "Left,Control+b";*/
-/* kb-move-char-forward: "Right,Control+f";*/
-/* kb-remove-word-back: "Control+Alt+h,Control+BackSpace";*/
-/* kb-remove-word-forward: "Control+Alt+d";*/
-/* kb-remove-char-forward: "Delete,Control+d";*/
-/* kb-remove-char-back: "BackSpace,Shift+BackSpace,Control+h";*/
-/* kb-remove-to-eol: "Control+k";*/
-/* kb-remove-to-sol: "Control+u";*/
-/* kb-accept-entry: "Control+j,Control+m,Return,KP_Enter";*/
-/* kb-accept-custom: "Control+Return";*/
-/* kb-accept-custom-alt: "Control+Shift+Return";*/
-/* kb-accept-alt: "Shift+Return";*/
-/* kb-delete-entry: "Shift+Delete";*/
-/* kb-mode-next: "Shift+Right,Control+Tab";*/
-/* kb-mode-previous: "Shift+Left,Control+ISO_Left_Tab";*/
-/* kb-mode-complete: "Control+l";*/
-/* kb-row-left: "Control+Page_Up";*/
-/* kb-row-right: "Control+Page_Down";*/
-/* kb-row-up: "Up,Control+p";*/
-/* kb-row-down: "Down,Control+n";*/
-/* kb-row-tab: "";*/
-/* kb-element-next: "Tab";*/
-/* kb-element-prev: "ISO_Left_Tab";*/
-/* kb-page-prev: "Page_Up";*/
-/* kb-page-next: "Page_Down";*/
-/* kb-row-first: "Home,KP_Home";*/
-/* kb-row-last: "End,KP_End";*/
-/* kb-row-select: "Control+space";*/
-/* kb-screenshot: "Alt+S";*/
-/* kb-ellipsize: "Alt+period";*/
-/* kb-toggle-case-sensitivity: "grave,dead_grave";*/
-/* kb-toggle-sort: "Alt+grave";*/
-/* kb-cancel: "Escape,Control+g,Control+bracketleft";*/
-/* kb-custom-1: "Alt+1";*/
-/* kb-custom-2: "Alt+2";*/
-/* kb-custom-3: "Alt+3";*/
-/* kb-custom-4: "Alt+4";*/
-/* kb-custom-5: "Alt+5";*/
-/* kb-custom-6: "Alt+6";*/
-/* kb-custom-7: "Alt+7";*/
-/* kb-custom-8: "Alt+8";*/
-/* kb-custom-9: "Alt+9";*/
-/* kb-custom-10: "Alt+0";*/
-/* kb-custom-11: "Alt+exclam";*/
-/* kb-custom-12: "Alt+at";*/
-/* kb-custom-13: "Alt+numbersign";*/
-/* kb-custom-14: "Alt+dollar";*/
-/* kb-custom-15: "Alt+percent";*/
-/* kb-custom-16: "Alt+dead_circumflex";*/
-/* kb-custom-17: "Alt+ampersand";*/
-/* kb-custom-18: "Alt+asterisk";*/
-/* kb-custom-19: "Alt+parenleft";*/
-/* kb-select-1: "Super+1";*/
-/* kb-select-2: "Super+2";*/
-/* kb-select-3: "Super+3";*/
-/* kb-select-4: "Super+4";*/
-/* kb-select-5: "Super+5";*/
-/* kb-select-6: "Super+6";*/
-/* kb-select-7: "Super+7";*/
-/* kb-select-8: "Super+8";*/
-/* kb-select-9: "Super+9";*/
-/* kb-select-10: "Super+0";*/
-/* kb-entry-history-up: "Control+Up";*/
-/* kb-entry-history-down: "Control+Down";*/
-/* ml-row-left: "ScrollLeft";*/
-/* ml-row-right: "ScrollRight";*/
-/* ml-row-up: "ScrollUp";*/
-/* ml-row-down: "ScrollDown";*/
-/* me-select-entry: "MousePrimary";*/
-/* me-accept-entry: "MouseDPrimary";*/
-/* me-accept-custom: "Control+MouseDPrimary";*/
- timeout {
- action: "kb-cancel";
- delay: 0;
- }
- filebrowser {
- directories-first: true;
- sorting-method: "name";
- }
-}
diff --git a/home/rofi/scripts/cliphist.sh b/home/rofi/scripts/cliphist.sh
deleted file mode 100755
index d11fadf..0000000
--- a/home/rofi/scripts/cliphist.sh
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/usr/bin/env bash
-
-tmp_dir="/tmp/cliphist"
-rm -rf "$tmp_dir"
-
-if [[ -n "$1" ]]; then
- cliphist decode <<<"$1" | wl-copy
- exit
-fi
-
-mkdir -p "$tmp_dir"
-
-read -r -d '' prog <$tmp_dir/"grp[1]"."grp[3])
- print \$0"\0icon\x1f$tmp_dir/"grp[1]"."grp[3]
- next
-}
-1
-EOF
-cliphist list | gawk "$prog"
diff --git a/home/sway/config b/home/sway/config
deleted file mode 100644
index 1005b61..0000000
--- a/home/sway/config
+++ /dev/null
@@ -1,156 +0,0 @@
-set $mod Mod4
-set $alt Mod1
-set $left h
-set $down j
-set $up k
-set $right l
-
-set $term $HOME/.config/sway/scripts/terminal.sh
-set $menu rofi -show run
-set $screenshot grim -g "$(slurp)" - | wl-copy
-set $browser librewolf
-set $clipboard rofi -show clipboard -show-icons
-set $emoji rofi -show emoji
-
-set $font_family DejaVu Sans Mono
-set $font_size 11
-set $bg #000000
-set $fg #ffffff
-set $fgi #888888
-
-set $wallpaper $HOME/wallpapers/nixos-c-book-large.png
-set $lock swaylock -f -i $wallpaper
-output * bg $wallpaper fill
-
-floating_modifier $mod normal
-default_border pixel
-smart_borders on
-focus_follows_mouse always
-# mouse_warping container
-
-bindsym $mod+Return exec $term
-bindsym $mod+Ctrl+q kill
-bindsym $mod+d exec $menu
-bindsym $mod+Shift+c reload
-bindsym $mod+Shift+e exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -B 'Yes, exit sway' 'swaymsg exit'
-bindsym Print exec $screenshot
-bindsym $mod+comma exec $clipboard
-bindsym $mod+period exec $emoji
-
-bindsym $mod+$alt+b exec $browser
-bindsym $mod+$alt+a exec anki
-bindsym $mod+$alt+f exec thunar
-bindsym $mod+$alt+e exec evolution
-bindsym $mod+p exec bitwarden
-bindsym $mod+$alt+m exec element-desktop
-
-bindsym $mod+$left focus left
-bindsym $mod+$down focus down
-bindsym $mod+$up focus up
-bindsym $mod+$right focus right
-
-bindsym $mod+Shift+$left move left
-bindsym $mod+Shift+$down move down
-bindsym $mod+Shift+$up move up
-bindsym $mod+Shift+$right move right
-
-bindsym $mod+1 workspace number 1
-bindsym $mod+2 workspace number 2
-bindsym $mod+3 workspace number 3
-bindsym $mod+4 workspace number 4
-bindsym $mod+5 workspace number 5
-bindsym $mod+6 workspace number 6
-bindsym $mod+7 workspace number 7
-bindsym $mod+8 workspace number 8
-bindsym $mod+9 workspace number 9
-bindsym $mod+0 workspace number 10
-
-bindsym $mod+Shift+1 move container to workspace number 1
-bindsym $mod+Shift+2 move container to workspace number 2
-bindsym $mod+Shift+3 move container to workspace number 3
-bindsym $mod+Shift+4 move container to workspace number 4
-bindsym $mod+Shift+5 move container to workspace number 5
-bindsym $mod+Shift+6 move container to workspace number 6
-bindsym $mod+Shift+7 move container to workspace number 7
-bindsym $mod+Shift+8 move container to workspace number 8
-bindsym $mod+Shift+9 move container to workspace number 9
-bindsym $mod+Shift+0 move container to workspace number 10
-
-# mouse side buttons
-bindsym --whole-window BTN_EXTRA exec ~/.config/sway/scripts/remote.sh btn1
-bindsym --whole-window BTN_SIDE exec ~/.config/sway/scripts/remote.sh
-
-bindsym $mod+b splith
-bindsym $mod+v splitv
-
-bindsym $mod+s layout stacking
-bindsym $mod+w layout tabbed
-bindsym $mod+e layout toggle split
-
-bindsym $mod+f fullscreen
-
-bindsym $mod+Shift+space floating toggle
-
-bindsym $mod+space focus mode_toggle
-
-bindsym $mod+a focus parent
-bindsym $mod+Shift+a focus child
-
-bindsym $mod+Shift+minus move scratchpad
-bindsym $mod+minus scratchpad show
-
-mode "resize" {
- bindsym $left resize shrink width 10px
- bindsym $down resize grow height 10px
- bindsym $up resize shrink height 10px
- bindsym $right resize grow width 10px
- bindsym Return mode "default"
- bindsym Escape mode "default"
-}
-bindsym $mod+r mode "resize"
-
-# keys to adjust volue and brightness
-bindsym --locked XF86AudioMute exec "amixer -q sset Master,0 toggle"
-bindsym --locked XF86AudioLowerVolume exec "amixer -q set Master 1%-"
-bindsym --locked XF86AudioRaiseVolume exec "amixer -q sset Master 1%+"
-bindsym --locked XF86MonBrightnessDown exec brightnessctl set 1%-
-bindsym --locked XF86MonBrightnessUp exec brightnessctl set 1%+
-
-# lockscreen
-bindsym $mod+Control+l exec $lock
-
-font pango:$font_family $font_size
-
-for_window [app_id=mpv] inhibit_idle visible, floating enable, sticky enable
-for_window [app_id="LibreWolf" title="^Extension"] floating enable
-for_window [floating] border csd
-for_window [app_id="Bitwarden"] floating enable
-for_window [app_id=anki title="Add"] floating enable
-
-bar {
- swaybar_command waybar
-}
-
-input "type:touchpad" {
- dwt enabled
- tap enabled
- natural_scroll enabled
-}
-
-input "type:keyboard" {
- xkb_layout us
- xkb_options ctrl:nocaps
- xkb_numlock enabled
-}
-
-exec wl-paste --watch cliphist store
-exec mako >> $HOME/mako.log 2>&1
-exec dbus-update-activation-environment --all
-
-exec swayidle -w \
- timeout 300 'swaymsg "output * power off"' \
- timeout 305 $lock \
- resume 'swaymsg "output * power on"' \
- before-sleep 'playerctl pause; swaylock -f'
-
-exec system-dnotify --ready
diff --git a/home/sway/scripts/remote.sh b/home/sway/scripts/remote.sh
deleted file mode 100755
index 741c26d..0000000
--- a/home/sway/scripts/remote.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/usr/bin/env bash
-
-active_window=$(swaymsg -t get_tree |jq -r '..|try select(.focused == true) |.app_id')
-
-if [ "$1" = "btn1" ]; then
- if [ "$active_window" = "anki" ]; then
- wtype " "
- elif [ "$active_window" = "foot" ]; then
- wtype -M ctrl -M shift -k c -m ctrl -m shift
- elif [ "$active_window" = "chromium-browser" ] || [ "$active_window" = "librewolf" ]; then
- wtype -M alt -P right -p right -m alt
- else
- wtype -M ctrl -k c -m ctrl
- fi
-else
- if [ "$active_window" = "anki" ]; then
- wtype "1"
- elif [ "$active_window" = "foot" ]; then
- wtype -M ctrl -M shift -k v
- wtype -m ctrl
- elif [ "$active_window" = "chromium-browser" ] || [ "$active_window" = "librewolf" ]; then
- wtype -M alt -P left -p left -m alt
- else
- wtype -M ctrl -k v
- wtype -m ctrl
- fi
-fi
diff --git a/home/sway/scripts/terminal.sh b/home/sway/scripts/terminal.sh
deleted file mode 100755
index 42653c6..0000000
--- a/home/sway/scripts/terminal.sh
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/usr/bin/env bash
-
-focused_workspace=$(swaymsg -t get_workspaces | jq '.[] | select(.focused == true) | .num')
-
-foot_window_count=$(swaymsg -t get_tree | jq --argjson workspace "$focused_workspace" '[recurse(.nodes[]?) | select(.type == "workspace" and .num == $workspace) | recurse(.nodes[]?) | select(.app_id == "foot")] | length')
-
-next_session=$((focused_workspace * 10))
-
-if [ "$foot_window_count" -gt 0 ]
-then
- next_session=$((next_session + foot_window_count))
-fi
-
-foot tmux new-session -A -s ${next_session}
diff --git a/home/waybar/config b/home/waybar/config
deleted file mode 100644
index 6038a44..0000000
--- a/home/waybar/config
+++ /dev/null
@@ -1,81 +0,0 @@
-{
- "layer": "top", // Waybar on highest layer so tooltips go over windows
- "output": "eDP-1", // Set output to primary monitor
- "height": 40, // Set height to avoid jumping due to active workspace indicator
-
- "margin-left": 0,
- "margin-right": 0,
- "margin-top": 0,
- "modules-left": ["niri/workspaces", "clock#time", "clock#date", "battery"], // Sets modules for the left of the bar
- "modules-center": ["niri/window"], // Set modules for the center of the bar
- "modules-right": ["tray", "temperature", "cpu", "memory", "wireplumber"], // Set modules for the right of the bar
- "clock#time": {
- "format": " {:%H:%M:%S}",
- "interval": 1,
- },
- "clock#date": {
- "format": " {:%Y/%m/%d}",
- "tooltip-format": "{calendar}",
- "interval": 360,
- "calendar": {
- "mode": "month",
- "mode-mon-col": 4,
- "weeks-pos": "right",
- "on-scroll": 1,
- "on-click-right": "mode",
- "format": {
- "months": "{}",
- "days": "{}",
- "weeks": "W{}",
- "weekdays": "{}",
- "today": "{}",
- },
- },
- },
- "battery": {
- "interval": 60,
- "states": {
- "warning": 40,
- "critical": 20,
- },
- "format": "{icon} {capacity}%",
- "format-icons": [
- " ",
- " ",
- " ",
- " ",
- " ",
- ],
- "format-charging": " {capacity}%",
- },
- "cpu": {
- "format": " {usage}%",
- "interval": 4,
- },
- "memory": {
- "format": " {used}GiB",
- "interval": 4,
- },
- "temperature": {
- "hwmon-path": "/sys/class/hwmon/hwmon4/temp1_input",
- "critical-threshold": 80,
- "format": " {temperatureC}°C",
- "format-critical": " {temperatureC}°C",
- "interval": 4,
- },
- "wireplumber": {
- "scroll-step": 1, // %, can be a float
- "format": "{icon} {volume}%",
- "format-muted": " Muted",
- "format-icons": ["", "", ""],
- "on-click": "pavucontrol",
- "interval": 4,
- },
- "niri/window": {
- "max-length": 64,
- },
- "tray": {
- "icon-size": 22,
- "spacing": 6,
- }
-}
diff --git a/home/waybar/style.css b/home/waybar/style.css
deleted file mode 100644
index 438d892..0000000
--- a/home/waybar/style.css
+++ /dev/null
@@ -1,70 +0,0 @@
-.module,
-#clock.date,
-#clock.time,
-#workspaces button {
- background: transparent;
- padding: 0 10px;
- font-family: RobotoMono Nerd Font;
- font-weight: 900;
- font-size: 13pt;
- color: #c0caf5;
-}
-
-/* main waybar */
-window#waybar {
- background: rgba(26, 27, 38, 1);
- border: 2px solid #414868;
-}
-
-/* when hovering over modules */
-tooltip {
- background: #1e1e2e;
- border-radius: 0;
-}
-
-#workspaces {
- padding-right: 0;
-}
-
-#workspaces button {
- padding: 2px;
-}
-
-#clock {
- padding-right: 100px;
-}
-
-
-/* Sets active workspace to have a solid line on the bottom */
-#workspaces button.focused {
- border-bottom: 2px solid #7aa2f7;
- border-radius: 0;
- margin-top: 0px;
- transition: none;
-}
-
-/* More workspace stuff for highlighting on hover */
-#workspaces button.focused {
- color: #a6adc8;
-}
-
-#workspaces button.urgent {
- color: #f7768e;
-}
-
-#workspaces button:hover {
- background: #11111b;
- color: #cdd6f4;
-}
-
-/* Hide window module when not focused on window or empty workspace */
-window#waybar.empty #window {
- padding: 0;
- margin: 0;
- opacity: 0;
-}
-
-/* Set up rounding to make these modules look like separate pills */
-#tray {
- margin-right: 4px;
-}
diff --git a/home/yt/common.nix b/home/yt/common.nix
index 28f3457..a8c9467 100644
--- a/home/yt/common.nix
+++ b/home/yt/common.nix
@@ -60,7 +60,11 @@
"mergetool \"vimdiff\"".cmd = "nvim -d $LOCAL $REMOTE $MERGED -c '$wincmd w' -c 'wincmd J'";
url = {
"ssh://git@github.com/" = {
- insteadOf = "https://github.com/";
+ insteadOf = [
+ "https://github.com/"
+ "github:"
+ "gh:"
+ ];
};
};
};
diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix
index 9ac7635..9910d78 100644
--- a/home/yt/ytnix.nix
+++ b/home/yt/ytnix.nix
@@ -6,8 +6,6 @@
{
imports = [
./common.nix
- ../foot.nix
- ../niri
../irssi.nix
../kitty.nix
../codium.nix
@@ -27,102 +25,77 @@
x11.enable = true;
};
- home.packages = with pkgs; [
- firefox
- ungoogled-chromium
- librewolf
- bitwarden-desktop
- fastfetch
- nwg-look
- kdePackages.gwenview
- kdePackages.okular
- kdePackages.qtwayland
- mpv
- yt-dlp
- signal-desktop
- pavucontrol
- btop
- jq
- bash-language-server
- sqlite
- usbutils
- clang-tools
- calibre
- tor-browser
- wtype
- bat
- yarn
- rclone
- go
- (rust-bin.selectLatestNightlyWith (
- toolchain:
- toolchain.default.override {
- extensions = [ "rust-src" ];
- }
- ))
- pwgen
- lua-language-server
- gnumake
- minisign
- unzip
- lm_sensors
- sshfs
- gopls
- anki-bin
- trezorctl
- trezor-agent
- q
- opentofu
- terraform-ls
- gdb
- clang
- seahorse
- github-cli
- fuzzel
- nixpkgs-review
- just
- hugo
- ghidra
- sequoia
- sccache
- awscli2
- lldb
- (cutter.withPlugins (
- p: with p; [
- rz-ghidra
- jsdec
- sigdb
- ]
- ))
- ida-free
- patchelf
- radare2
- p7zip
- qbittorrent
- nil
- pkg-config
- gtk2
- gtk2-x11
- android-tools
- frida-tools
- mitmproxy
- openssl
- (python313.withPackages (
- p: with p; [
- python-lsp-server
- pip
- virtualenv
- ]
- ))
- telegram-desktop
- jadx
- gradle
- localsend
- scrcpy
- syncthing
- syncthingtray
- obsidian
- ];
+ home.packages =
+ with pkgs;
+ lib.flatten [
+ ungoogled-chromium
+ librewolf
+ bitwarden-desktop
+ fastfetch
+ (with kdePackages; [
+ gwenview
+ okular
+ ])
+ mpv
+ signal-desktop
+ btop
+ jq
+ sqlite
+ usbutils
+ calibre
+ tor-browser
+ wtype
+ bat
+ rclone
+ go
+ (rust-bin.selectLatestNightlyWith (
+ toolchain:
+ toolchain.default.override {
+ extensions = [ "rust-src" ];
+ }
+ ))
+ pwgen
+ gnumake
+ unzip
+ anki-bin
+ trezorctl
+ trezor-agent
+ q
+ gdb
+ fuzzel
+ hugo
+ ghidra
+ sccache
+ awscli2
+ (cutter.withPlugins (
+ p: with p; [
+ rz-ghidra
+ jsdec
+ sigdb
+ ]
+ ))
+ p7zip
+ qbittorrent
+ nil
+ android-tools
+ frida-tools
+ mitmproxy
+ (python313.withPackages (
+ p: with p; [
+ python-lsp-server
+ pip
+ virtualenv
+ ]
+ ))
+ jadx
+ scrcpy
+ syncthing
+ syncthingtray
+ (with llvmPackages; [
+ clang
+ clang-tools
+ ])
+ ];
programs.feh.enable = true;
@@ -137,11 +110,10 @@
programs.git.extraConfig = {
user = {
- signingKey = "~/.ssh/id.key";
+ signingKey = "~/.ssh/id_ed25519";
};
gpg.format = "ssh";
commit.gpgsign = true;
- core.sshCommand = "ssh -i ~/.ssh/id.key";
};
home.sessionVariables = {
@@ -161,6 +133,9 @@
AWS_ENDPOINT_URL = "https://e3e97aac307d106a7becea43cef8fcbd.r2.cloudflarestorage.com";
AWS_ACCESS_KEY_ID = "$(cat /run/secrets/aws/key_id)";
AWS_SECRET_ACCESS_KEY = "$(cat /run/secrets/aws/key_secret)";
+
+ # bitwarden ssh agent
+ SSH_AUTH_SOCK = "$HOME/.bitwarden-ssh-agent.sock";
};
programs.nix-index-database.comma.enable = true;
diff --git a/hosts/chunk/adguard.nix b/hosts/chunk/adguard.nix
deleted file mode 100644
index 74207fc..0000000
--- a/hosts/chunk/adguard.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ ... }:
-{
- services.adguardhome = {
- enable = true;
- host = "127.0.0.1";
- port = 8082;
- settings = {
- http.port = "8083";
- users = [
- {
- name = "cy";
- password = "$2y$10$BZy2zYJj5z4e8LZCq/GwuuhWUafL/MNFO.YcsAMmpDS.2krPxi7KC";
- }
- ];
- # do not listen eveywhere cause podman runs it's own DNS
- dns.bind_hosts = [
- "127.0.0.1"
- "::1"
- "31.59.129.225"
- "2a0f:85c1:840:2bfb::1"
- ];
- };
- };
-
- services.caddy.virtualHosts."dns.cything.io".extraConfig = ''
- import common
- reverse_proxy localhost:8082
- '';
-}
diff --git a/hosts/chunk/attic.nix b/hosts/chunk/attic.nix
deleted file mode 100644
index 464c8b7..0000000
--- a/hosts/chunk/attic.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{ config, ... }:
-{
- services.atticd = {
- enable = true;
-
- environmentFile = config.sops.secrets."attic/env".path;
-
- settings = {
- listen = "[::]:8090";
- api-endpoint = "https://cache.cy7.sh/";
- allowed-hosts = [ "cache.cy7.sh" ];
- require-proof-of-possession = false;
- compression.type = "zstd";
- database.url = "postgresql:///atticd?host=/run/postgresql";
-
- storage = {
- type = "s3";
- region = "auto";
- bucket = "attic";
- endpoint = "https://e3e97aac307d106a7becea43cef8fcbd.r2.cloudflarestorage.com";
- };
-
- garbage-collection = {
- default-retention-period = "2 weeks";
- };
- };
- };
-
- services.caddy.virtualHosts."cache.cy7.sh".extraConfig = ''
- import common
- reverse_proxy localhost:8090
- '';
-}
diff --git a/hosts/chunk/conduit.nix b/hosts/chunk/conduit.nix
deleted file mode 100644
index 48025e1..0000000
--- a/hosts/chunk/conduit.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-{
- pkgs,
- config,
- ...
-}:
-{
- virtualisation.oci-containers.containers.conduit = {
- image = "ghcr.io/girlbossceo/conduwuit:main";
- autoStart = true;
- ports = [ "127.0.0.1:8448:8448" ];
- pull = "newer";
- environment = {
- CONDUWUIT_SERVER_NAME = "cything.io";
- CONDUWUIT_DATABASE_PATH = "/var/lib/conduwuit";
- CONDUWUIT_PORT = "8448";
- CONDUWUIT_MAX_REQUEST_SIZE = "20000000"; # in bytes ~20MB
- CONDUWUIT_ALLOW_REGISTRATION = "false";
- CONDUWUIT_ALLOW_FEDERATION = "true";
- CONDUWUIT_ALLOW_CHECK_FOR_UPDATES = "true";
- CONDUWUIT_TRUSTED_SERVERS = ''["matrix.org"]'';
- CONDUWUIT_ADDRESS = "0.0.0.0";
- # CONDUIT_CONFIG = "";
- };
- volumes = [
- "/opt/conduit/db:/var/lib/conduwuit/"
- ];
- networks = [ "conduit-net" ];
- };
-
- systemd.services.create-conduit-net = {
- serviceConfig.Type = "oneshot";
- wantedBy = with config.virtualisation.oci-containers; [
- "${backend}-conduit.service"
- ];
- script = ''
- ${pkgs.podman}/bin/podman network exists conduit-net || \
- ${pkgs.podman}/bin/podman network create conduit-net
- '';
- };
-}
diff --git a/hosts/chunk/default.nix b/hosts/chunk/default.nix
index ec85850..4a25cce 100644
--- a/hosts/chunk/default.nix
+++ b/hosts/chunk/default.nix
@@ -71,81 +71,74 @@
system.stateVersion = "24.05";
# network stuff
+ networking = {
+ hostName = "chunk";
+ networkmanager.enable = true;
+ firewall = {
+ enable = true;
+ allowedTCPPorts = [
+ 22
+ 80
+ 443
+ ];
+ allowedUDPPorts = [
+ 443
+ 53
+ 853
+ ];
+ extraCommands =
+ let
+ ethtool = lib.getExe pkgs.ethtool;
+ tc = lib.getExe' pkgs.iproute2 "tc";
+ in
+ ''
+ # disable TCP segmentation offload (https://wiki.archlinux.org/title/Advanced_traffic_control#Prerequisites)
+ ${ethtool} -K ens18 tso off
- networking.hostName = "chunk";
- networking.networkmanager.enable = true;
- networking.firewall = {
- enable = true;
- allowedTCPPorts = [
- 22
- 80
- 443
- 53
- 853
- ];
- allowedUDPPorts = [
- 443
- 53
- 853
- ];
- extraCommands =
- let
- ethtool = lib.getExe pkgs.ethtool;
- tc = lib.getExe' pkgs.iproute2 "tc";
- in
- ''
- # disable TCP segmentation offload (https://wiki.archlinux.org/title/Advanced_traffic_control#Prerequisites)
- ${ethtool} -K ens18 tso off
+ # clear existing rules
+ ${tc} qdisc del dev ens18 root || true
- # clear existing rules
- ${tc} qdisc del dev ens18 root || true
+ # create HTB hierarchy
+ ${tc} qdisc add dev ens18 root handle 1: htb default 30
+ ${tc} class add dev ens18 parent 1: classid 1:1 htb rate 100% ceil 100%
+ # tailscale
+ ${tc} class add dev ens18 parent 1:1 classid 1:10 htb rate 30% ceil 100%
+ # caddy
+ ${tc} class add dev ens18 parent 1:1 classid 1:20 htb rate 30% ceil 100%
+ # rest
+ ${tc} class add dev ens18 parent 1:1 classid 1:30 htb rate 40% ceil 100%
- # create HTB hierarchy
- ${tc} qdisc add dev ens18 root handle 1: htb default 30
- ${tc} class add dev ens18 parent 1: classid 1:1 htb rate 100% ceil 100%
- # tailscale
- ${tc} class add dev ens18 parent 1:1 classid 1:10 htb rate 30% ceil 100%
- # caddy
- ${tc} class add dev ens18 parent 1:1 classid 1:20 htb rate 30% ceil 100%
- # rest
- ${tc} class add dev ens18 parent 1:1 classid 1:30 htb rate 40% ceil 100%
+ # mark traffic
+ iptables -t mangle -A OUTPUT -m cgroup --path "system.slice/tailscaled.service" -j MARK --set-mark 1
+ iptables -t mangle -A OUTPUT -m cgroup --path "system.slice/caddy.service" -j MARK --set-mark 2
- # mark traffic
- iptables -t mangle -A OUTPUT -m cgroup --path "system.slice/tailscaled.service" -j MARK --set-mark 1
- iptables -t mangle -A OUTPUT -m cgroup --path "system.slice/caddy.service" -j MARK --set-mark 2
-
- # route marked packets
- ${tc} filter add dev ens18 parent 1: protocol ip prio 1 handle 1 fw flowid 1:10
- ${tc} filter add dev ens18 parent 1: protocol ip prio 1 handle 2 fw flowid 1:20
- '';
- };
- networking.interfaces.ens18 = {
- ipv6.addresses = [
- {
- address = "2a0f:85c1:840:2bfb::1";
- prefixLength = 64;
- }
- ];
- ipv4.addresses = [
- {
- address = "31.59.129.225";
- prefixLength = 24;
- }
- ];
- };
- networking.defaultGateway6 = {
- address = "2a0f:85c1:840::1";
- interface = "ens18";
- };
- networking.defaultGateway = {
- address = "31.59.129.1";
- interface = "ens18";
- };
-
- i18n.defaultLocale = "en_US.UTF-8";
- console = {
- font = "Lat2-Terminus16";
- useXkbConfig = true;
+ # route marked packets
+ ${tc} filter add dev ens18 parent 1: protocol ip prio 1 handle 1 fw flowid 1:10
+ ${tc} filter add dev ens18 parent 1: protocol ip prio 1 handle 2 fw flowid 1:20
+ '';
+ };
+ interfaces.ens18 = {
+ ipv6.addresses = [
+ {
+ address = "2a0f:85c1:840:2bfb::1";
+ prefixLength = 64;
+ }
+ ];
+ ipv4.addresses = [
+ {
+ address = "31.59.129.225";
+ prefixLength = 24;
+ }
+ ];
+ };
+ defaultGateway6 = {
+ address = "2a0f:85c1:840::1";
+ interface = "ens18";
+ };
+ defaultGateway = {
+ address = "31.59.129.1";
+ interface = "ens18";
+ };
};
users.users.yt = {
@@ -179,7 +172,6 @@
tmux
file
sops
- attic-server
];
environment.variables = {
@@ -199,28 +191,9 @@
programs.git.enable = true;
my.caddy.enable = true;
- services.caddy.virtualHosts."cy7.sh" = {
- serverAliases = [ "www.cy7.sh" ];
- extraConfig = ''
- import common
- redir https://cything.io temporary
- '';
- };
# container stuff
- virtualisation.containers.enable = true;
- virtualisation.podman = {
- enable = true;
- # create 'docker' alias for podman, to use as
- # drop-in replacement
- dockerCompat = true;
- defaultNetwork.settings = {
- dns_enabled = true;
- ipv6_enabled = true;
- };
- };
- virtualisation.oci-containers.backend = "podman";
- environment.enableAllTerminfo = true;
+ my.containerization.enable = true;
my.roundcube.enable = true;
my.zipline.enable = true;
diff --git a/hosts/chunk/deluge.nix b/hosts/chunk/deluge.nix
deleted file mode 100644
index 5dd3fd4..0000000
--- a/hosts/chunk/deluge.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ ... }:
-{
- services.deluge = {
- enable = true;
- web = {
- enable = true;
- port = 8112;
- };
- };
-
- services.caddy.virtualHosts."t.cy7.sh".extraConfig = ''
- import common
- reverse_proxy localhost:8112
- '';
-}
diff --git a/hosts/chunk/gitlab.nix b/hosts/chunk/gitlab.nix
deleted file mode 100644
index 753bcbd..0000000
--- a/hosts/chunk/gitlab.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{ config, ... }:
-{
- services.gitlab = {
- enable = true;
- https = true;
- host = "git.cything.io";
- user = "git"; # so that you can ssh with git@git.cything.io
- group = "git";
- port = 443; # this *not* the port gitlab will run on
- puma.workers = 0; # https://docs.gitlab.com/omnibus/settings/memory_constrained_envs.html#optimize-puma
- sidekiq.concurrency = 5;
- databaseUsername = "git"; # needs to be same as user
- initialRootEmail = "hi@cything.io";
- initialRootPasswordFile = config.sops.secrets."gitlab/root".path;
- secrets = {
- secretFile = config.sops.secrets."gitlab/secret".path;
- otpFile = config.sops.secrets."gitlab/otp".path;
- jwsFile = config.sops.secrets."gitlab/jws".path;
- dbFile = config.sops.secrets."gitlab/db".path;
- };
- backup = {
- startAt = "daily";
- # we already postgresqlbackup.service
- skip = [ "db" ];
- keepTime = 48; # hours
- };
- extraConfig = {
- gitlab = {
- # NOTE: default_syntax_highlighting_theme needs to be set in the application_settings table in the database
- default_color_mode = 2;
- };
- prometheus.enabled = false;
- };
- };
-}
diff --git a/hosts/chunk/jellyfin.nix b/hosts/chunk/jellyfin.nix
deleted file mode 100644
index c6e0dec..0000000
--- a/hosts/chunk/jellyfin.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ ... }:
-{
- services.jellyfin = {
- enable = true;
- dataDir = "/mnt/jellyfin";
- configDir = "/var/lib/jellyfin/config";
- };
-}
diff --git a/hosts/common.nix b/hosts/common.nix
index 96317b8..80707cb 100644
--- a/hosts/common.nix
+++ b/hosts/common.nix
@@ -39,30 +39,46 @@
registry.nixpkgs.flake = inputs.nixpkgs;
};
+ i18n.defaultLocale = "en_US.UTF-8";
time.timeZone = "America/New_York";
networking = {
firewall.logRefusedConnections = false;
nameservers = [
- # quad9
- "2620:fe::fe"
- "2620:fe::9"
- "9.9.9.9"
- "149.112.112.112"
+ # quad9 (unfiltered)
+ "2620:fe::10"
+ "2620:fe::fe:10"
+ "9.9.9.10"
+ "149.112.112.110"
];
timeServers = [
+ # https://github.com/jauderho/nts-servers
+ "ntp3.fau.de"
"ntppool1.time.nl"
- "nts.netnod.se"
- "ptbtime1.ptb.de"
- "ohio.time.system76.com"
- "time.txryan.com"
- "time.dfm.dk"
+ "time.signorini.ch"
+ "stratum1.time.cifelli.xyz"
+ "nts.teambelgium.net"
+ "c.st1.ntp.br"
];
};
services.chrony = {
enable = true;
enableNTS = true;
+ enableMemoryLocking = true;
+ extraConfig = ''
+ # Expedited Forwarding
+ dscp 46
+ # disable command port
+ cmdport 0
+ # only allow NTS
+ authselectmode require
+ # update the clock only when at least 3 sources agree on the correct time
+ minsources 3
+ '';
};
# see journald.conf(5)
services.journald.extraConfig = "MaxRetentionSec=2d";
+
+ services.thermald.enable = true;
+ environment.enableAllTerminfo = true;
}
diff --git a/hosts/titan/Caddyfile b/hosts/titan/Caddyfile
deleted file mode 100644
index c306399..0000000
--- a/hosts/titan/Caddyfile
+++ /dev/null
@@ -1,41 +0,0 @@
-{
- acme_ca https://acme.zerossl.com/v2/DV90
- acme_eab {
- key_id {$EAB_KEY_ID}
- mac_key {$EAB_MAC_KEY}
- }
-}
-
-(common) {
- encode zstd gzip
- header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
-}
-
-cything.io {
- import common
-
- header /.well-known/matrix/* Content-Type application/json
- header /.well-known/matrix/* Access-Control-Allow-Origin *
- header /.well-known/matrix/* Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS,PATCH,HEAD
- header /.well-known/matrix/* Access-Control-Allow-Headers X-Requested-With,Content-Type,Authorization,Origin,Accept
- route {
- respond /.well-known/matrix/server {"m.server":"chat.cything.io:443"}
- respond /.well-known/matrix/client {"m.server":{"base_url":"https://chat.cything.io"},"m.homeserver":{"base_url":"https://chat.cything.io"},"org.matrix.msc3575.proxy":{"url":"https://chat.cything.io"}}
- redir https://cy7.sh/posts{uri} permanent
- }
-}
-
-www.cything.io {
- import common
- redir https://cything.io{uri} permanent
-}
-
-ntfy.cything.io {
- import common
- reverse_proxy localhost:8083
-}
-
-status.cything.io {
- import common
- reverse_proxy localhost:3001
-}
diff --git a/hosts/titan/backup.nix b/hosts/titan/backup.nix
deleted file mode 100644
index ad09978..0000000
--- a/hosts/titan/backup.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{
- config,
- ...
-}:
-{
- my.backup = {
- enable = true;
- jobName = "titanRsync";
- repo = "titan";
- passFile = config.sops.secrets."borg/rsyncnet".path;
- sshKeyFile = config.sops.secrets."rsyncnet/id_ed25519".path;
- };
-}
diff --git a/hosts/titan/default.nix b/hosts/titan/default.nix
deleted file mode 100644
index e8b03f0..0000000
--- a/hosts/titan/default.nix
+++ /dev/null
@@ -1,98 +0,0 @@
-{
- modulesPath,
- config,
- lib,
- pkgs,
- ...
-}:
-{
- imports = [
- (modulesPath + "/installer/scan/not-detected.nix")
- (modulesPath + "/profiles/qemu-guest.nix")
- ../common.nix
- ./disk-config.nix
- ./hardware-configuration.nix
- ./ghost.nix
- ./ntfy.nix
- ./uptime-kuma.nix
- ./backup.nix
- ];
-
- sops.age.keyFile = "/root/.config/sops/age/keys.txt";
- sops.secrets = {
- "caddy/env" = {
- sopsFile = ../../secrets/services/caddy.yaml;
- };
- "services/ntfy" = {
- sopsFile = ../../secrets/services/ntfy.yaml;
- };
- "borg/rsyncnet" = {
- sopsFile = ../../secrets/borg/titan.yaml;
- };
- "rsyncnet/id_ed25519" = {
- sopsFile = ../../secrets/zh5061/titan.yaml;
- };
- };
-
- boot = {
- loader = {
- systemd-boot.enable = true;
- efi.canTouchEfiVariables = true;
- };
- tmp.cleanOnBoot = true;
- kernelPackages = pkgs.linuxPackages_latest;
- };
-
- services.openssh = {
- enable = true;
- settings.PasswordAuthentication = false;
- };
-
- users.users.root.openssh.authorizedKeys.keys = [
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge yt@ytlinux"
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD yt@ytnix"
- ];
-
- system.stateVersion = "24.05";
-
- environment.systemPackages = with pkgs; [
- curl
- git
- ];
-
- # network stuff
- networking.hostName = "titan";
- networking.networkmanager.enable = true;
- networking.firewall = {
- enable = true;
- allowedTCPPorts = [
- 22
- 80
- 443
- ];
- allowedUDPPorts = [
- 443
- ];
- };
-
- # container stuff
- virtualisation.containers.enable = true;
- virtualisation.podman = {
- enable = true;
- # create 'docker' alias for podman, to use as
- # drop-in replacement
- dockerCompat = true;
- defaultNetwork.settings = {
- dns_enabled = true;
- ipv6_enabled = true;
- };
- };
- virtualisation.oci-containers.backend = "podman";
-
- services.caddy = {
- enable = true;
- configFile = ./Caddyfile;
- environmentFile = config.sops.secrets."caddy/env".path;
- logFormat = lib.mkForce "level INFO";
- };
-}
diff --git a/hosts/titan/disk-config.nix b/hosts/titan/disk-config.nix
deleted file mode 100644
index 7c67624..0000000
--- a/hosts/titan/disk-config.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{
- disko.devices = {
- disk = {
- main = {
- device = "/dev/sda";
- type = "disk";
- content = {
- type = "gpt";
- partitions = {
- ESP = {
- type = "EF00";
- size = "500M";
- content = {
- type = "filesystem";
- format = "vfat";
- mountpoint = "/boot";
- mountOptions = [ "umask=0077" ];
- };
- };
- root = {
- size = "100%";
- content = {
- type = "filesystem";
- format = "ext4";
- mountpoint = "/";
- };
- };
- };
- };
- };
- };
- };
-}
diff --git a/hosts/titan/ghost.nix b/hosts/titan/ghost.nix
deleted file mode 100644
index a9f8293..0000000
--- a/hosts/titan/ghost.nix
+++ /dev/null
@@ -1,52 +0,0 @@
-{
- pkgs,
- config,
- ...
-}:
-{
- virtualisation.oci-containers.containers.ghost = {
- image = "ghost:5-alpine";
- autoStart = true;
- ports = [ "127.0.0.1:8084:2368" ];
- pull = "newer";
- environment = {
- database__client = "mysql";
- database__connection__host = "ghost-db";
- database__connection__user = "root";
- database__connection__password = "example";
- database__connection__database = "ghost";
- url = "https://cything.io";
- NODE_ENV = "production";
- };
- volumes = [
- "/opt/ghost/data:/var/lib/ghost/content"
- ];
- networks = [ "ghost-net" ];
- dependsOn = [ "ghost-db" ];
- };
-
- virtualisation.oci-containers.containers.ghost-db = {
- image = "mysql:8.0";
- autoStart = true;
- pull = "newer";
- environment = {
- MYSQL_ROOT_PASSWORD = "example";
- };
- volumes = [
- "/opt/ghost/db:/var/lib/mysql"
- ];
- networks = [ "ghost-net" ];
- };
-
- systemd.services.create-ghost-net = {
- serviceConfig.Type = "oneshot";
- wantedBy = with config.virtualisation.oci-containers; [
- "${backend}-ghost.service"
- "${backend}-ghost-db.service"
- ];
- script = ''
- ${pkgs.podman}/bin/podman network exists ghost-net || \
- ${pkgs.podman}/bin/podman network create ghost-net
- '';
- };
-}
diff --git a/hosts/titan/hardware-configuration.nix b/hosts/titan/hardware-configuration.nix
deleted file mode 100644
index 2730f0c..0000000
--- a/hosts/titan/hardware-configuration.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{
- lib,
- ...
-}:
-
-{
- imports = [ ];
-
- boot.initrd.availableKernelModules = [ "sd_mod" ];
- boot.initrd.kernelModules = [ ];
- boot.kernelModules = [ ];
- boot.extraModulePackages = [ ];
-
- # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
- # (the default) this is the recommended approach. When using systemd-networkd it's
- # still possible to use this option, but it's recommended to use it in conjunction
- # with explicit per-interface declarations with `networking.interfaces..useDHCP`.
- networking.useDHCP = lib.mkDefault true;
- # networking.interfaces.eth0.useDHCP = lib.mkDefault true;
-
- nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- virtualisation.hypervGuest.enable = true;
-}
diff --git a/hosts/titan/ntfy.nix b/hosts/titan/ntfy.nix
deleted file mode 100644
index cc2cb47..0000000
--- a/hosts/titan/ntfy.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ ... }:
-{
- services.ntfy-sh = {
- enable = true;
- settings = {
- listen-http = "127.0.0.1:8083";
- base-url = "https://ntfy.cything.io";
- upstream-base-url = "https://ntfy.sh";
- auth-default-access = "deny-all";
- behind-proxy = true;
- };
- };
-}
diff --git a/hosts/titan/uptime-kuma.nix b/hosts/titan/uptime-kuma.nix
deleted file mode 100644
index 8bc0251..0000000
--- a/hosts/titan/uptime-kuma.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ ... }:
-{
- # data stored at /var/lib/uptime-kuma/ but does not expose
- # an option to change it
- services.uptime-kuma = {
- enable = true;
- settings.PORT = "3001";
- };
-}
diff --git a/hosts/ytnix/default.nix b/hosts/ytnix/default.nix
index cd321c4..a187fa1 100644
--- a/hosts/ytnix/default.nix
+++ b/hosts/ytnix/default.nix
@@ -37,10 +37,9 @@
loader = {
# lanzaboote replaces systemd-boot
systemd-boot.enable = lib.mkForce false;
- efi.canTouchEfiVariables = false; # toggle when installing
+ efi.canTouchEfiVariables = true;
};
tmp.cleanOnBoot = true;
- # upgrade after https://github.com/tomaspinho/rtl8821ce/issues/356 is fixed
kernelPackages = pkgs.linuxKernel.packages.linux_zen;
extraModulePackages = with config.boot.kernelPackages; [
rtl8821ce
@@ -145,36 +144,25 @@
tmux
vim
wget
- neovim
- git
- python3
- wl-clipboard
- # mako # sway config uses this
tree
kitty
borgbackup
- brightnessctl
- alsa-utils
- nixd
- bluetuith
- libimobiledevice
- pass-wayland
htop
file
dnsutils
+ q
age
compsize
wireguard-tools
traceroute
sops
- restic
- haskell-language-server
- ghc
sbctl # secure boot
wine-wayland
wine64
- solaar
- gtk3
+ lm_sensors
+ sshfs
+ openssl
+ just
];
environment.sessionVariables = {
@@ -196,11 +184,13 @@
};
};
- fonts.packages = with pkgs; [
- nerd-fonts.roboto-mono
- ibm-plex
- ];
- fonts.enableDefaultPackages = true;
+ fonts = {
+ packages = with pkgs; [
+ nerd-fonts.roboto-mono
+ ibm-plex
+ ];
+ enableDefaultPackages = true;
+ };
hardware.enableAllFirmware = true;
hardware.bluetooth = {
@@ -253,8 +243,9 @@
hardware.steam-hardware.enable = true;
services.logind = {
- lidSwitch = "hibernate";
- powerKey = "hibernate";
+ lidSwitch = "suspend";
+ powerKey = "poweroff";
+ suspendKey = "hibernate";
};
xdg.mime.defaultApplications = {
@@ -263,31 +254,18 @@
"*/html" = "chromium-browser.desktop";
};
- programs.thunar = {
- enable = true;
- plugins = with pkgs.xfce; [
- thunar-archive-plugin
- thunar-volman
- ];
- };
- # preference changes don't work in thunar without this
- programs.xfconf.enable = true;
- # mount, trash and stuff in thunar
- services.gvfs.enable = true;
- # thumbnails in thunar
- services.tumbler.enable = true;
-
virtualisation = {
libvirtd.enable = true;
- docker.enable = true;
};
programs.virt-manager.enable = true;
+ my.containerization.enable = true;
services.usbmuxd.enable = true;
programs.nix-ld.dev = {
enable = true;
# nix run github:thiagokokada/nix-alien#nix-alien-find-libs ./
libraries = with pkgs; [
+ # TODO: revisit what we actually need
mesa
extest
stdenv.cc.cc
@@ -359,6 +337,7 @@
enable = true;
plugins = with pkgs.obs-studio-plugins; [
wlrobs
+ obs-pipewire-audio-capture
];
};
@@ -382,12 +361,6 @@
SUBSYSTEM=="usb", SYSFS{idVendor}=="090c", SYSFS{idProduct}=="1000", ACTION=="add", GROUP="users", MODE="0664"
'';
- programs.ssh = {
- askPassword = "${pkgs.seahorse}/libexec/seahorse/ssh-askpass";
- startAgent = true;
- enableAskPassword = true;
- };
-
services.desktopManager.plasma6 = {
enable = true;
enableQt5Integration = true;
@@ -403,11 +376,6 @@
programs.kdeconnect.enable = true;
programs.dconf.enable = true;
- programs.java = {
- enable = true;
- binfmt = true;
- };
-
programs.ccache.enable = true;
nix.settings.extra-sandbox-paths = [ config.programs.ccache.cacheDir ];
}
diff --git a/modules/containerization.nix b/modules/containerization.nix
new file mode 100644
index 0000000..416d2bf
--- /dev/null
+++ b/modules/containerization.nix
@@ -0,0 +1,35 @@
+{
+ config,
+ lib,
+ ...
+}:
+let
+ cfg = config.my.containerization;
+in
+{
+ options.my.containerization = {
+ enable = lib.mkEnableOption "containerization";
+ usePodman = lib.mkOption {
+ type = lib.types.bool;
+ default = true;
+ description = "whether to use podman instead of docker";
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ virtualisation = {
+ containers.enable = true;
+ podman = lib.mkIf cfg.usePodman {
+ enable = true;
+ # create 'docker' alias for podman, to use as
+ # drop-in replacement
+ dockerCompat = true;
+ defaultNetwork.settings = {
+ dns_enabled = true;
+ ipv6_enabled = true;
+ };
+ };
+ oci-containers.backend = lib.mkIf cfg.usePodman "podman";
+ };
+ };
+}
diff --git a/modules/default.nix b/modules/default.nix
index 96ea519..0fec850 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -5,5 +5,6 @@
./caddy.nix
./roundcube.nix
./zipline.nix
+ ./containerization.nix
];
}