itamar/flakes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nix dotfiles

Browse source
This commit is contained in:
itamar 2026-04-10 18:50:25 +03:00
commit 7b8005c867
Signed by: itamar
SSH key fingerprint: SHA256:Dv6UzB9hN8q8FUgMR/7X3DTFpE/vSB2m05+KNnxM4B0
27 changed files with 1728 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
README.md Normal file
View file

@ -0,0 +1 @@
messy server and home machine dotfiles

123
navi/configuration.nix Normal file
View file

@ -0,0 +1,123 @@
{
pkgs,
lib,
...
}: {
imports = [
./hardware-configuration.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelParams = ["transparent_hugepage=never"];
networking.hostName = "navi";
networking.networkmanager.enable = true;
services.mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
services.resolved.enable = true;
virtualisation.vmware.host.enable = true;
time.timeZone = "Asia/Jerusalem";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
programs.bash = {
enable = true;
completion.enable = true;
interactiveShellInit = ''
eval "$(${pkgs.starship}/bin/starship init bash)"
'';
};
services.desktopManager.gnome.enable = true;
programs.hyprland = {
enable = true;
withUWSM = true;
xwayland.enable = true;
};
xdg.portal = {
enable = true;
extraPortals = with pkgs; [
xdg-desktop-portal-hyprland
xdg-desktop-portal-gtk
];
};
programs.regreet.enable = true;
services.greetd = {
enable = true;
settings.default_session = {
command = "${pkgs.greetd.regreet}/bin/regreet";
user = "greeter";
};
};
services.xserver.xkb = {
layout = "us,il";
variant = "";
};
services.pulseaudio.enable = false;
programs.dconf.enable = true;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
users.users.laniakea = {
isNormalUser = true;
description = "laniakea";
extraGroups = ["networkmanager" "wheel" "input" "adbusers" "plugdev"];
};
programs.firefox.enable = true;
nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = ["nix-command" "flakes"];
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = "/etc/nixos";
};
programs.gnupg.agent = {
enable = true;
pinentryPackage = pkgs.pinentry-gnome3;
};
services.udev.extraRules = ''
KERNEL=="hidraw*", ATTRS{idVendor}=="fc32", ATTRS{idProduct}=="0287", MODE="0666", GROUP="input"
SUBSYSTEM=="usb", ATTRS{idVendor}=="fc32", ATTRS{idProduct}=="0287", MODE="0666", GROUP="input"
'';
services.udev.packages = with pkgs; [
vial
via
];
system.stateVersion = "24.11";
}

163
navi/flake.lock generated Normal file
View file

@ -0,0 +1,163 @@
{
"nodes": {
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1751685974,
"narHash": "sha256-NKw96t+BgHIYzHUjkTK95FqYRVKB8DHpVhefWSz/kTw=",
"ref": "refs/heads/main",
"rev": "549f2762aebeff29a2e5ece7a7dc0f955281a1d1",
"revCount": 92,
"type": "git",
"url": "https://git.lix.systems/lix-project/flake-compat.git"
},
"original": {
"type": "git",
"url": "https://git.lix.systems/lix-project/flake-compat.git"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nvf",
"nixpkgs"
]
},
"locked": {
"lastModified": 1769996383,
"narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "57928607ea566b5db3ad13af0e57e921e6b12381",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1775360939,
"narHash": "sha256-XUBlSgUFdvTh6+K5LcI5mJu5F5L8scmJDMRiZM484TM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "2097a5c82bdc099c6135eae4b111b78124604554",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"mnw": {
"locked": {
"lastModified": 1770419553,
"narHash": "sha256-b1XqsH7AtVf2dXmq2iyRr2NC1yG7skY7Z6N2MpWHlK4=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "2aaffa8030d0b262176146adbb6b0e6374ce2957",
"type": "github"
},
"original": {
"owner": "Gerg-L",
"repo": "mnw",
"type": "github"
}
},
"ndg": {
"inputs": {
"nixpkgs": [
"nvf",
"nixpkgs"
]
},
"locked": {
"lastModified": 1768214250,
"narHash": "sha256-hnBZDQWUxJV3KbtvyGW5BKLO/fAwydrxm5WHCWMQTbw=",
"owner": "feel-co",
"repo": "ndg",
"rev": "a6bd3c1ce2668d096e4fdaaa03ad7f03ba1fbca8",
"type": "github"
},
"original": {
"owner": "feel-co",
"ref": "refs/tags/v2.6.0",
"repo": "ndg",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1775036866,
"narHash": "sha256-ZojAnPuCdy657PbTq5V0Y+AHKhZAIwSIT2cb8UgAz/U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6201e203d09599479a3b3450ed24fa81537ebc4e",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nvf": {
"inputs": {
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"mnw": "mnw",
"ndg": "ndg",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems"
},
"locked": {
"lastModified": 1775122065,
"narHash": "sha256-ZlowJNkQOhpsXDuWbHgB1xY6W8kyzYn9coK9nJsqqNg=",
"owner": "NotAShelf",
"repo": "nvf",
"rev": "d3304af3d5771e8d5bac6ee9bbdbce56086d54f7",
"type": "github"
},
"original": {
"owner": "NotAShelf",
"repo": "nvf",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nvf": "nvf"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

32
navi/flake.nix Normal file
View file

@ -0,0 +1,32 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nvf = {
url = "github:NotAShelf/nvf";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, home-manager, nvf, ... }: {
nixosConfigurations.navi = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./configuration.nix
./hardware-configuration.nix
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.laniakea = import ./laniakea/home.nix;
home-manager.extraSpecialArgs = { inherit nvf; };
}
];
};
};
}

31
navi/hardware-configuration.nix Normal file
View file

@ -0,0 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/19cf3af9-df0f-46e7-ab26-f29dad2e5a63";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/80BA-5D8C";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

20
navi/laniakea/anyrun.nix Normal file
View file

@ -0,0 +1,20 @@
{pkgs, ...}: {
programs.anyrun = {
enable = true;
config = {
hideIcons = false;
ignoreExclusiveZones = false;
layer = "overlay";
hidePluginInfo = false;
closeOnClick = false;
showResultsImmediately = false;
maxEntries = null;
plugins = [
"${pkgs.anyrun}/lib/libapplications.so"
"${pkgs.anyrun}/lib/libsymbols.so"
"${pkgs.anyrun}/lib/libactions.so"
];
};
};
}

41
navi/laniakea/eww.nix Normal file
View file

@ -0,0 +1,41 @@
{pkgs, ...}: {
programs.eww = {
enable = true;
enableBashIntegration = true;
configDir = ./eww;
};
home.file.".config/eww/get_volume.sh" = {
source = ./eww/get_volume.sh;
executable = true;
};
home.file.".config/eww/volume_scroll.sh" = {
source = ./eww/volume_scroll.sh;
executable = true;
};
home.file.".config/eww/get_wifi.sh" = {
source = ./eww/get_wifi.sh;
executable = true;
};
home.file.".config/eww/get_layout.sh" = {
source = ./eww/get_layout.sh;
executable = true;
};
home.file.".config/eww/toggle_layout.sh" = {
source = ./eww/toggle_layout.sh;
executable = true;
};
services.playerctld = {
enable = true;
};
home.packages = with pkgs; [
pavucontrol
libnotify
];
}

81
navi/laniakea/eww/eww.scss Normal file
View file

@ -0,0 +1,81 @@
* {
all: unset;
font-family: IosevkaTerm Nerd Font;
}
.workspaces button {
border-radius: 5px;
padding: 4px;
padding-left: 8px;
padding-right: 8px;
}
.inactive {
background-color: #181825;
}
.active_workspace {
color: #181926;
background-color: #b7bdf8;
font-weight: 900;
}
.music {
border-radius: 10px;
padding-left: 10px;
padding-right: 10px;
color: #b4befe;
font-weight: bold;
}
.bar {
background-color: #11111b;
border-radius: 16px;
color: #cdd6f4;
margin: 10px;
}
.time {
color: #b4befe;
font-weight: 900;
}
.battery {
color: #cba6f7;
font-weight: 800;
}
.volume {
color: #cba6f7;
font-weight: 800;
}
.wifi {
color: #89dceb;
font-weight: 800;
}
.layout {
color: #a6e3a1;
font-weight: 800;
}
tooltip {
padding: 3px 7px;
border-radius: 10px;
background-color: #11111b;
color: white;
border-color: #b4befe;
border-width: 2px;
border-style: solid;
}
menu {
padding: 3px 7px;
border-radius: 10px;
background-color: #11111b;
color: white;
border-color: #b4befe;
border-width: 2px;
border-style: solid;
}

108
navi/laniakea/eww/eww.yuck Normal file
View file

@ -0,0 +1,108 @@
(defwidget bar []
(centerbox :orientation "h"
(workspaces)
(music)
(status)
)
)
(defwidget workspaces []
(box :class "workspaces"
:orientation "h"
:halign "start"
:spacing 10
(button
:class {active_workspace == 1 ? "active_workspace" : "inactive"}
:onclick "hyprctl dispatch workspace 1" 1
)
(button
:class {active_workspace == 2 ? "active_workspace" : "inactive"}
:onclick "hyprctl dispatch workspace 2" 2)
(button
:class {active_workspace == 3 ? "active_workspace" : "inactive"}
:onclick "hyprctl dispatch workspace 3" 3)
(button
:class {active_workspace == 4 ? "active_workspace" : "inactive"}
:onclick "hyprctl dispatch workspace 4" 4)
(button
:class {active_workspace == 5 ? "active_workspace" : "inactive"}
:onclick "hyprctl dispatch workspace 5" "")
(button
:class {active_workspace == 6 ? "active_workspace" : "inactive"}
:onclick "hyprctl dispatch workspace 6" "󰭹 ")
)
)
(defpoll active_workspace :interval "1s" :initial 1
"hyprctl activeworkspace -j | jq .id"
)
(defwidget music []
(eventbox :class "music"
:orientation "h"
:halign "center"
:onclick "playerctl play-pause"
{music != "" ? " ${music}" : ""}
)
)
(deflisten music :initial ""
"playerctl --follow metadata --format '{{ artist }} - {{ title }}' || true"
)
(defwidget status []
(box :class "status" :orientation "h" :halign "end" :space-evenly false :spacing 20
(systray :orientation "h" :space-evenly false :spacing 10
)
(eventbox :class "layout"
:onclick "./toggle_layout.sh"
"${layout}"
)
(box :class "wifi" :tooltip wifi
"${wifi}"
)
(eventbox
:class "volume"
:timeout "1000ms"
:onclick "pavucontrol"
:onscroll "./volume_scroll.sh {}"
"${volume}%"
)
(box :class "battery" :tooltip {EWW_BATTERY.BAT0.status}
{ "󱐋 ${EWW_BATTERY.BAT0.capacity}%"}
)
(box :class "time"
:tooltip date
{formattime(EWW_TIME, "%H:%M")}
)
)
)
(defpoll volume :interval "100ms"
"./get_volume.sh"
)
(defpoll wifi :interval "5s" :initial "󰤭 ..."
"./get_wifi.sh"
)
(defpoll layout :interval "1s" :initial "󰌌 EN"
"./get_layout.sh"
)
(defpoll date :interval "5m"
"date +'%A, %d %B %Y'"
)
(defwindow bar
:monitor 0
:windowtype "dock"
:geometry (geometry :x "0%"
:y "9px"
:width "98%"
:height "30px"
:anchor "top center"
)
:exclusive true
(bar)
)

6
navi/laniakea/eww/get_layout.sh Executable file
View file

@ -0,0 +1,6 @@
#!/bin/sh
layout=$(hyprctl devices -j | jq -r '.keyboards[] | select(.name == "josefadamcik-sofle") | .active_keymap')
case "$layout" in
*Hebrew*) echo "󰊿 HE" ;;
*) echo "󰌌 EN" ;;
esac

2
navi/laniakea/eww/get_volume.sh Executable file
View file

@ -0,0 +1,2 @@
#! /bin/sh
wpctl get-volume @DEFAULT_AUDIO_SINK@ | sed -r 's/Volume: //g' | xargs -n1 | awk '{print $1*100}' | xargs -n 1 echo "󰎇$1"

14
navi/laniakea/eww/get_wifi.sh Executable file
View file

@ -0,0 +1,14 @@
#!/bin/sh
iface=$(ip link | awk '/state UP/ && !/lo/ {print $2}' | tr -d ':' | grep -v eth | head -1)
ssid=$(iwgetid "$iface" -r 2>/dev/null)
strength=$(awk "/$iface/ {print int(\$3 * 100 / 70)}" /proc/net/wireless 2>/dev/null)
if [ -z "$ssid" ]; then
echo "󰤭 disconnected"
else
if [ "$strength" -ge 75 ]; then icon="󰤨"
elif [ "$strength" -ge 50 ]; then icon="󰤥"
elif [ "$strength" -ge 25 ]; then icon="󰤢"
else icon="󰤟"
fi
echo "$icon $ssid $strength%"
fi

2
navi/laniakea/eww/toggle_layout.sh Executable file
View file

@ -0,0 +1,2 @@
#!/bin/sh
hyprctl switchxkblayout josefadamcik-sofle next

6
navi/laniakea/eww/volume_scroll.sh Executable file
View file

@ -0,0 +1,6 @@
#!/bin/sh
if [ "$1" == "up" ]; then
wpctl set-volume @DEFAULT_SINK@ 5%+ -l 1.0
else
wpctl set-volume @DEFAULT_SINK@ 5%- -l 1.0
fi

23
navi/laniakea/fnott.nix Normal file
View file

@ -0,0 +1,23 @@
{
services.fnott = {
enable = true;
settings = {
main = {
border-radius = 5;
border-size = 2;
dpi-aware = "yes";
title-color = "a6adc8ff";
summary-color = "cdd6f4ff";
body-color = "cdd6f4ff";
background = "1e1e2eff";
border-color = "89b4faff";
progress-bar-color = "6c7086ff";
};
critical = {
border-color = "fab387ff";
};
};
};
}

126
navi/laniakea/home.nix Normal file
View file

@ -0,0 +1,126 @@
{
config,
pkgs,
...
}:
{
imports = [
./hyprland.nix
./neovim.nix
./librewolf.nix
./kitty.nix
./starship.nix
./fnott.nix
./anyrun.nix
./eww.nix
./vesktop.nix
];
home = {
username = "laniakea";
homeDirectory = "/home/laniakea";
packages = with pkgs; [
wl-clipboard
grimblast
maple-mono.NL-NF
jq
qmk
brave
qbittorrent
chromium
htop
obs-studio
gnupg
kdePackages.kleopatra
cava
pfetch
fastfetch
tidal-hifi
nerd-fonts.iosevka-term
wirelesstools
signal-desktop
element-desktop
idris2
sage
python3
vscode
nim
ghc
gcc
gnumake
gdb
zig
rustup
spotify
];
pointerCursor = {
gtk.enable = true;
package = pkgs.rose-pine-cursor;
name = "BreezeX-RosePineDawn";
size = 16;
};
sessionVariables = {
GTK_USE_PORTAL = "1";
};
};
xdg.mimeApps = {
enable = true;
defaultApplications = {
"text/html" = "librewolf.desktop";
"x-scheme-handler/http" = "librewolf.desktop";
"x-scheme-handler/https" = "librewolf.desktop";
"x-scheme-handler/about" = "librewolf.desktop";
"x-scheme-handler/unknown" = "librewolf.desktop";
};
};
programs = {
git = {
enable = true;
userName = "laniakea";
userEmail = "itamar@itamar.site";
# SSH signing configuration
signing = {
key = "${config.home.homeDirectory}/.ssh/id_ed25519.pub";
signByDefault = true;
};
extraConfig = {
gpg.format = "ssh";
gpg.ssh.allowedSignersFile = "${config.home.homeDirectory}/.ssh/allowed_signers";
};
};
ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks."*".addKeysToAgent = "yes";
};
};
home.file.".ssh/allowed_signers".text = "* ${builtins.readFile /home/laniakea/.ssh/id_ed25519.pub}";
dconf = {
enable = true;
settings."org/gnome/desktop/interface".color-scheme = "prefer-dark";
};
gtk = {
enable = true;
colorScheme = "dark";
gtk3.colorScheme = "dark";
gtk4.colorScheme = "dark";
theme = {
package = pkgs.adw-gtk3;
name = "adw-gtk3-dark";
};
};
home.stateVersion = "26.05";
}

142
navi/laniakea/hyprland.nix Normal file
View file

@ -0,0 +1,142 @@
{pkgs, ...}: {
home.packages = with pkgs; [
rose-pine-hyprcursor
wpaperd
];
home.file.".config/wpaperd/config.toml".text = ''
[any]
path = "/home/laniakea/.glitch.png"
'';
wayland.windowManager.hyprland = {
enable = true;
systemd.enable = false;
settings = {
"$mod" = "SUPER";
"$terminal" = "kitty";
"$filemanager" = "nautilus";
"$launcher" = "anyrun";
monitor = [
"eDP-1,1920x1080@60,2560x0,1"
];
exec-once = [
"hyprctl setcursor rose-pine-hyprcursor 24"
"wpaperd -d"
"eww daemon"
"eww open bar"
];
input = {
kb_layout = "us,il";
};
general = {
gaps_in = "5";
gaps_out = "20";
border_size = "2";
"col.active_border" = "rgb(b4befe)";
"col.inactive_border" = "rgb(6c7086)";
layout = "dwindle";
};
dwindle = {
preserve_split = "true";
};
decoration = {
rounding = "5";
rounding_power = "2";
active_opacity = "0.95";
inactive_opacity = "0.80";
blur = {
enabled = "true";
size = "10";
passes = "3";
vibrancy = "0.0";
};
};
animations = {
enabled = "true";
};
layerrule = [
"no_anim on, match:namespace anyrun"
"blur on, ignore_alpha 1, match:namespace gtk-layer-shell"
];
windowrule = [
"float on, center on, match:class .*"
"size 800 500, match:class kitty"
"size 1000 650, match:class firefox"
"size 900 600, match:class org.gnome.Nautilus"
"workspace 5, match:class tidal-hifi"
"workspace 6, match:class vesktop"
];
bind =
[
"$mod, RETURN, exec, $terminal"
"$mod, E, exec, $filemanager"
", Print, exec, grimblast copy area"
"$mod, SPACE, exec, $launcher"
"$mod, M, exec, uwsm stop"
"$mod, Q, killactive"
"$mod, F, togglefloating"
"$mod, S, exec, grimblast copy area"
# Focus with arrows
"$mod, left, movefocus, l"
"$mod, right, movefocus, r"
"$mod, up, movefocus, u"
"$mod, down, movefocus, d"
"$mod, h, movefocus, l"
"$mod, l, movefocus, r"
"$mod, k, movefocus, u"
"$mod, j, movefocus, d"
"$mod SHIFT, h, resizeactive, -30 0"
"$mod SHIFT, l, resizeactive, 30 0"
"$mod SHIFT, k, resizeactive, 0 -30"
"$mod SHIFT, j, resizeactive, 0 30"
"$mod, mouse_down, workspace, e+1"
"$mod, mouse_up, workspace, e-1"
"$mod, escape, exec, hyprctl switchxkblayout josefadamcik-sofle next"
]
++ (
builtins.concatLists (builtins.genList (
i: let
ws = i + 1;
in [
"$mod, code:1${toString i}, workspace, ${toString ws}"
"$mod SHIFT, code:1${toString i}, movetoworkspace, ${toString ws}"
]
)
9)
);
bindm = [
"$mod, mouse:272, movewindow"
"$mod, mouse:273, resizewindow"
];
bindl = [
", XF86AudioNext, exec, playerctl next"
", XF86AudioPrev, exec, playerctl previous"
", XF86AudioPlay, exec, playerctl play-pause"
", XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
];
bindel = [
", XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+"
", XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-"
];
};
};
}

19
navi/laniakea/kitty.nix Normal file
View file

@ -0,0 +1,19 @@
{
programs.kitty = {
enable = true;
settings = {
confirm_os_window_close = 0;
background_opacity = "0.9";
enable_audio_bell = false;
mouse_map = "right press ungrabbed paste_from_clipboard";
cursor_shape = "underline";
};
font = {
name = "IosevkaTerm Nerd Font";
};
themeFile = "Carbonfox";
shellIntegration.enableBashIntegration = true;
};
}

316
navi/laniakea/librewolf.nix Normal file
View file

@ -0,0 +1,316 @@
{ ... }: {
programs.librewolf = {
enable = true;
profiles.default = {
isDefault = true;
settings = {
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.updatePing.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.coverage.opt-out" = true;
"toolkit.coverage.opt-out" = true;
"toolkit.coverage.endpoint.base" = "";
"browser.ping-centre.telemetry" = false;
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
"browser.newtabpage.activity-stream.telemetry" = false;
"breakpad.reportURL" = "";
"browser.tabs.crashReporting.sendReport" = false;
"browser.crashReports.unsubmittedCheck.autoSubmit2" = false;
"app.shield.optoutstudies.enabled" = false;
"app.normandy.enabled" = false;
"app.normandy.api_url" = "";
"browser.safebrowsing.malware.enabled" = false;
"browser.safebrowsing.phishing.enabled" = false;
"browser.safebrowsing.blockedURIs.enabled" = false;
"browser.safebrowsing.provider.google4.gethashURL" = "";
"browser.safebrowsing.provider.google4.updateURL" = "";
"browser.safebrowsing.provider.google.gethashURL" = "";
"browser.safebrowsing.provider.google.updateURL" = "";
"browser.safebrowsing.downloads.remote.enabled" = false;
"geo.enabled" = false;
"geo.provider.network.url" = "";
"captivedetect.canonicalURL" = "";
"network.captive-portal-service.enabled" = false;
"network.connectivity-service.enabled" = false;
"privacy.resistFingerprinting" = true;
"privacy.resistFingerprinting.block_mozAddonManager" = true;
"privacy.window.maxInnerWidth" = 1600;
"privacy.window.maxInnerHeight" = 900;
"webgl.disabled" = true;
"webgl.enable-webgl2" = false;
"media.navigator.enabled" = false;
"media.navigator.video.enabled" = false;
"media.peerconnection.enabled" = false;
"media.peerconnection.ice.no_host" = true;
"media.peerconnection.ice.proxy_only_if_behind_proxy" = true;
"media.peerconnection.ice.default_address_only" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.pbmode.enabled" = true;
"privacy.trackingprotection.emailtracking.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"privacy.trackingprotection.cryptomining.enabled" = true;
"privacy.trackingprotection.fingerprinting.enabled" = true;
"privacy.firstparty.isolate" = true;
"privacy.partition.network_state" = true;
"privacy.partition.serviceWorkers" = true;
"network.cookie.cookieBehavior" = 1;
"network.cookie.lifetimePolicy" = 0;
"browser.privatebrowsing.autostart" = false;
"signon.rememberSignons" = true;
"signon.autofillForms" = true;
"signon.generation.enabled" = true;
"network.trr.mode" = 3;
"network.trr.uri" = "https://dns.quad9.net/dns-query";
"network.trr.bootstrapAddress" = "9.9.9.9";
"network.dns.disableIPv6" = true;
"network.prefetch-next" = false;
"network.dns.disablePrefetch" = true;
"network.predictor.enabled" = false;
"network.http.speculative-parallel-limit" = 0;
"browser.places.speculativeConnect.enabled" = false;
"network.proxy.socks_remote_dns" = true;
"dom.security.https_only_mode" = true;
"dom.security.https_only_mode.upgrade_local" = true;
"security.mixed_content.block_display_content" = true;
"security.mixed_content.block_active_content" = true;
"security.tls.version.min" = 3;
"security.tls.version.max" = 4;
"security.tls.enable_0rtt_data" = false;
"security.OCSP.enabled" = 1;
"security.OCSP.require" = true;
"security.cert_pinning.enforcement_level" = 2;
"security.remote_settings.crlite_filters.enabled" = true;
"security.pki.crlite_mode" = 2;
"dom.battery.enabled" = false;
"dom.vr.enabled" = false;
"dom.vibrator.enabled" = false;
"dom.gamepad.enabled" = false;
"dom.netinfo.enabled" = false;
"dom.telephony.enabled" = false;
"dom.push.enabled" = false;
"dom.push.connection.enabled" = false;
"dom.push.serverURL" = "";
"browser.send_pings" = false;
"browser.sessionstore.privacy_level" = 2;
"browser.urlbar.speculativeConnect.enabled" = false;
"browser.urlbar.suggest.searches" = false;
"browser.search.suggest.enabled" = false;
"browser.formfill.enable" = false;
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
};
userChrome = ''
/* =============================================
Windows 95/98 Theme for LibreWolf
============================================= */
@import url("chrome://userchrome/content/userChrome.css");
* {
font-family: "W95FA", "Pixelated MS Sans Serif", "Arial", sans-serif !important;
font-size: 11px !important;
}
/* ---- Window chrome background ---- */
:root {
--win95-bg: #c0c0c0;
--win95-dark: #808080;
--win95-darker: #404040;
--win95-light: #ffffff;
--win95-highlight: #000080;
--win95-highlight-text: #ffffff;
--win95-border-light: #dfdfdf;
--win95-border-dark: #808080;
--win95-border-darker: #404040;
}
/* ---- Toolbar background ---- */
#navigator-toolbox,
#toolbar-menubar,
#TabsToolbar,
#nav-bar,
#PersonalToolbar {
background-color: var(--win95-bg) !important;
border-bottom: 1px solid var(--win95-dark) !important;
padding: 2px !important;
}
/* ---- Tab bar ---- */
#TabsToolbar {
background-color: var(--win95-bg) !important;
}
/* Active tab raised bevel */
.tab-background:is([selected], [multiselected]) {
background-color: var(--win95-bg) !important;
border-top: 2px solid var(--win95-light) !important;
border-left: 2px solid var(--win95-light) !important;
border-right: 2px solid var(--win95-darker) !important;
border-bottom: none !important;
border-radius: 0 !important;
margin-bottom: -1px !important;
}
/* Inactive tab sunken */
.tab-background:not([selected]) {
background-color: var(--win95-bg) !important;
border-top: 2px solid var(--win95-dark) !important;
border-left: 2px solid var(--win95-dark) !important;
border-right: 2px solid var(--win95-light) !important;
border-bottom: 1px solid var(--win95-dark) !important;
border-radius: 0 !important;
}
.tab-label {
color: #000000 !important;
}
.tab-background:is([selected]) .tab-label {
font-weight: bold !important;
}
/* ---- URL bar sunken inset look ---- */
#urlbar,
#urlbar-background {
background-color: #ffffff !important;
border-top: 2px solid var(--win95-dark) !important;
border-left: 2px solid var(--win95-dark) !important;
border-right: 2px solid var(--win95-light) !important;
border-bottom: 2px solid var(--win95-light) !important;
border-radius: 0 !important;
color: #000000 !important;
}
#urlbar:focus-within #urlbar-background {
border-color: var(--win95-darker) !important;
outline: none !important;
}
/* ---- Buttons raised bevel ---- */
toolbarbutton,
.toolbarbutton-1 {
background-color: var(--win95-bg) !important;
border-top: 2px solid var(--win95-light) !important;
border-left: 2px solid var(--win95-light) !important;
border-right: 2px solid var(--win95-darker) !important;
border-bottom: 2px solid var(--win95-darker) !important;
border-radius: 0 !important;
padding: 3px 5px !important;
color: #000000 !important;
}
toolbarbutton:hover,
.toolbarbutton-1:hover {
background-color: var(--win95-bg) !important;
}
toolbarbutton:active,
toolbarbutton[open="true"],
.toolbarbutton-1:active {
border-top: 2px solid var(--win95-darker) !important;
border-left: 2px solid var(--win95-darker) !important;
border-right: 2px solid var(--win95-light) !important;
border-bottom: 2px solid var(--win95-light) !important;
padding: 4px 4px 2px 6px !important;
}
/* ---- Title bar classic Windows blue gradient ---- */
#titlebar {
background: linear-gradient(to right, #000080, #1084d0) !important;
color: #ffffff !important;
}
/* ---- Menu bar ---- */
#toolbar-menubar {
background-color: var(--win95-bg) !important;
}
menubar > menu {
color: #000000 !important;
border-radius: 0 !important;
padding: 2px 6px !important;
}
menubar > menu:hover,
menubar > menu[_moz-menuactive="true"] {
background-color: var(--win95-highlight) !important;
color: var(--win95-highlight-text) !important;
}
/* ---- Bookmarks toolbar ---- */
#PersonalToolbar toolbarbutton {
border: 1px solid transparent !important;
}
#PersonalToolbar toolbarbutton:hover {
border-top: 2px solid var(--win95-light) !important;
border-left: 2px solid var(--win95-light) !important;
border-right: 2px solid var(--win95-darker) !important;
border-bottom: 2px solid var(--win95-darker) !important;
}
/* ---- Sidebar ---- */
#sidebar-box {
background-color: var(--win95-bg) !important;
border-right: 2px solid var(--win95-dark) !important;
}
/* ---- Find bar ---- */
#FindToolbar {
background-color: var(--win95-bg) !important;
border-top: 2px solid var(--win95-dark) !important;
}
/* ---- Scrollbars ---- */
scrollbar {
background-color: var(--win95-bg) !important;
width: 16px !important;
}
scrollbar thumb {
background-color: var(--win95-bg) !important;
border-top: 2px solid var(--win95-light) !important;
border-left: 2px solid var(--win95-light) !important;
border-right: 2px solid var(--win95-darker) !important;
border-bottom: 2px solid var(--win95-darker) !important;
border-radius: 0 !important;
}
/* ---- Status bar ---- */
#statuspanel-label {
background-color: var(--win95-bg) !important;
border-top: 2px solid var(--win95-dark) !important;
color: #000000 !important;
border-radius: 0 !important;
}
* {
border-radius: 0 !important;
}
'';
};
};
}

69
navi/laniakea/neovim.nix Normal file
View file

@ -0,0 +1,69 @@
{ pkgs, nvf, ... }:
{
imports = [ nvf.homeManagerModules.default ];
home.packages = with pkgs; [
alejandra
nil
statix
deadnix
];
programs.nvf = {
enable = true;
settings = {
vim = {
opts = {
tabstop = 2;
shiftwidth = 0;
};
clipboard = {
enable = true;
providers.wl-copy.enable = true;
};
lsp = {
enable = true;
formatOnSave = true;
inlayHints.enable = true;
trouble.enable = true;
};
treesitter = {
enable = true;
context.enable = true;
indent.enable = true;
grammars = with pkgs.vimPlugins.nvim-treesitter-parsers; [
yuck
];
};
diagnostics = {
enable = true;
config.virtual_text = true;
};
languages = {
nix = {
enable = true;
extraDiagnostics.enable = true;
lsp = {
enable = true;
servers = [ "nil" ];
};
treesitter.enable = true;
format = {
enable = true;
type = [ "alejandra" ];
};
};
};
theme = {
enable = true;
name = "catppuccin";
style = "mocha";
transparent = true;
};
statusline.lualine.enable = true;
autocomplete.blink-cmp.enable = true;
visuals.fidget-nvim.enable = true;
};
};
};
}

14
navi/laniakea/starship.nix Normal file
View file

@ -0,0 +1,14 @@
{lib, ...}: {
programs.starship = {
enable = true;
enableBashIntegration = true;
settings = {
add_newline = false;
format = lib.concatStrings [
"$directory"
"$nix_shell"
"[](fg:purple) "
];
};
};
}

17
navi/laniakea/vesktop.nix Normal file
View file

@ -0,0 +1,17 @@
{
programs.vesktop = {
enable = true;
settings = {
checkUpdates = false;
hardwareAcceleration = true;
discordBranch = "stable";
};
vencord.settings = {
autoUpdate = true;
autoUpdateNotification = true;
notifyAboutUpdates = true;
};
};
}

49
server/configuration.nix Normal file
View file

@ -0,0 +1,49 @@
{
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
./matrix.nix
./element.nix
./forgejo.nix
];
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
networking.hostName = "navi";
networking.dhcpcd.IPv6rs = true;
networking.dhcpcd.persistent = true;
networking.tempAddresses = "disabled";
networking.interfaces.ens3.tempAddress = "disabled";
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "prohibit-password";
PasswordAuthentication = false;
PubkeyAuthentication = true;
};
};
users.users.root = {
isNormalUser = false;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHioVSkG7cILl5SQiGm3TaL641BGU00FLSgexBx6xtYy"
];
password = null;
};
services.cron.enable = true;
services.cron.systemCronJobs = [
"@reboot root sleep 30 && curl -L -XPOST -q https://portal.servinga.cloud/api/service/v1/cloud-init/callback > /dev/null 2>&1"
];
system.stateVersion = "26.05";
}

35
server/element.nix Normal file
View file

@ -0,0 +1,35 @@
{
config,
pkgs,
...
}: let
domain = "itamar.site";
matrixDomain = "matrix.${domain}";
elementDomain = "element.${domain}";
in {
security.acme.certs."${elementDomain}" = {};
services.nginx.virtualHosts."${elementDomain}" = {
enableACME = true;
forceSSL = true;
root = pkgs.element-web.override {
conf = {
default_server_config = {
"m.homeserver" = {
base_url = "https://${matrixDomain}";
server_name = domain;
};
"m.identity_server" = {
base_url = "https://vector.im";
};
};
# Optional: Set default theme and other settings
default_theme = "dark";
show_labs_settings = true;
disable_guests = false;
disable_3pid_login = false;
};
};
};
}

66
server/forgejo.nix Normal file
View file

@ -0,0 +1,66 @@
{
config,
lib,
...
}: let
cfg = config.services.forgejo;
srv = cfg.settings.server;
in {
services.forgejo = {
enable = true;
appName = "git.itamar.site";
database.type = "sqlite3";
lfs.enable = true;
settings = {
server = {
DOMAIN = "git.itamar.site";
HTTP_ADDR = "127.0.0.1";
HTTP_PORT = 3000;
ROOT_URL = "https://git.itamar.site/";
PROTOCOL = "http";
DISABLE_SSH = false;
START_SSH_SERVER = false;
SSH_DOMAIN = "git.itamar.site";
SSH_PORT = lib.head config.services.openssh.ports;
DISABLE_HTTP_GIT = true;
};
security = {
COOKIE_SECURE = true;
};
service = {
DISABLE_REGISTRATION = true;
};
log.LEVEL = "Info";
};
};
services.nginx = {
enable = true;
virtualHosts."git.itamar.site" = {
enableACME = true;
forceSSL = true;
extraConfig = ''
client_max_body_size 512M;
'';
locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}";
};
};
security.acme = {
acceptTerms = true;
defaults.email = "itamar@itamar.site";
};
services.openssh = {
enable = true;
ports = [22];
};
networking.firewall.allowedTCPPorts = [22 80 443];
}

27
server/hardware-configuration.nix Normal file
View file

@ -0,0 +1,27 @@
[root@navi:/etc/nixos]# cat hardware-configuration.nix
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/3afb8070-14f2-4f56-bce2-301eccea108d";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/2744bc0a-2684-4952-8ea8-371bd0c09f78"; }
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

195
server/matrix.nix Normal file
View file

@ -0,0 +1,195 @@
{
config,
pkgs,
...
}: let
domain = "itamar.site";
matrixDomain = "matrix.${domain}";
in {
networking.firewall = {
allowedTCPPorts = [80 443 8448];
allowedUDPPorts = [3478 5349];
allowedUDPPortRanges = [
{
from = 49152;
to = 65535;
}
];
};
security.acme = {
acceptTerms = true;
defaults.email = "admin@${domain}";
certs = {
"${domain}" = {};
"${matrixDomain}" = {};
};
};
services.postgresql = {
enable = true;
ensureDatabases = ["matrix-synapse" "mautrix-whatsapp"];
ensureUsers = [
{
name = "matrix-synapse";
ensureDBOwnership = true;
}
{
name = "mautrix-whatsapp";
ensureDBOwnership = true;
}
];
};
services.matrix-synapse = {
enable = true;
settings = {
server_name = domain;
suppress_key_server_warning = true;
database = {
name = "psycopg2";
allow_unsafe_locale = true;
args = {
database = "matrix-synapse";
user = "matrix-synapse";
host = "/run/postgresql";
};
};
enable_registration = false;
registration_shared_secret_path = "/var/lib/matrix-synapse/registration_secret";
turn_uris = [
"turns:${domain}:5349?transport=udp"
"turns:${domain}:5349?transport=tcp"
"turn:${domain}:3478?transport=udp"
"turn:${domain}:3478?transport=tcp"
];
turn_shared_secret_path = "/var/lib/matrix-synapse/turn_secret";
turn_user_lifetime = "1d";
listeners = [
{
port = 8008;
bind_addresses = ["127.0.0.1" "::1"];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = ["client" "federation"];
compress = false;
}
];
}
];
};
};
services.mautrix-whatsapp = {
enable = true;
registerToSynapse = true;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = domain;
};
appservice = {
id = "whatsapp";
bot = {
username = "whatsappbot";
displayname = "WhatsApp Bridge Bot";
};
};
database = {
type = "postgres";
uri = "postgres://mautrix-whatsapp@/mautrix-whatsapp?host=/run/postgresql";
};
bridge = {
permissions = {
"*" = "relay";
"*@${domain}" = "user";
"@itamar:${domain}" = "admin";
};
encryption.allow = true;
private_chat_portal_meta = true;
};
encryption = {
pickle_key = "$ENCRYPTION_PICKLE_KEY";
};
provisioning.shared_secret = "disable";
};
environmentFile = "/var/lib/mautrix-whatsapp/secrets.env";
};
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts = {
"${domain}" = {
enableACME = true;
forceSSL = true;
root = "/var/www/${domain}";
locations."= /.well-known/matrix/server".extraConfig = ''
add_header Content-Type application/json;
return 200 '{"m.server": "${matrixDomain}:443"}';
'';
locations."= /.well-known/matrix/client".extraConfig = ''
add_header Content-Type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '{"m.homeserver":{"base_url":"https://${matrixDomain}"},"m.identity_server":{"base_url":"https://vector.im"}}';
'';
};
"${matrixDomain}" = {
enableACME = true;
forceSSL = true;
listen = [
{
addr = "0.0.0.0";
port = 443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 8448;
ssl = true;
}
];
locations."/_matrix" = {
proxyPass = "http://[::1]:8008";
proxyWebsockets = true;
};
locations."/_synapse/client" = {
proxyPass = "http://[::1]:8008";
proxyWebsockets = true;
};
locations."/".extraConfig = "return 404;";
};
};
};
services.coturn = {
enable = true;
realm = domain;
listening-ips = ["0.0.0.0"];
listening-port = 3478;
tls-listening-port = 5349;
min-port = 49152;
max-port = 65535;
lt-cred-mech = true;
use-auth-secret = true;
static-auth-secret-file = "/var/lib/coturn/static-auth-secret";
cert = "/var/lib/acme/${domain}/fullchain.pem";
pkey = "/var/lib/acme/${domain}/key.pem";
no-cli = true;
no-tcp-relay = true;
secure-stun = true;
};
systemd.tmpfiles.rules = [
"d /var/lib/matrix-synapse 0750 matrix-synapse matrix-synapse -"
"d /var/lib/coturn 0750 turnserver turnserver -"
];
}