diff --git a/common/home/neovim/default.nix b/common/home/neovim/default.nix index 966cda6..c965f54 100644 --- a/common/home/neovim/default.nix +++ b/common/home/neovim/default.nix @@ -161,11 +161,6 @@ in { type = "viml"; config = fileContents ./plugins/dracula.vim; } - { - plugin = lualine-nvim; - type = "lua"; - config = fileContents ./plugins/lualine.lua; - } { plugin = todo-comments-nvim; type = "lua"; @@ -176,11 +171,6 @@ in { type = "lua"; config = fileContents ./plugins/gitsigns.lua; } - { - plugin = nvim-autopairs; - type = "lua"; - config = fileContents ./plugins/autopairs.lua; - } { plugin = indent-blankline-nvim; type = "lua"; @@ -221,6 +211,16 @@ in { coc-markdownlint coc-tsserver + { + plugin = nvim-autopairs; + type = "lua"; + config = fileContents ./plugins/autopairs.lua; + } + { + plugin = lualine-nvim; + type = "lua"; + config = fileContents ./plugins/lualine.lua; + } { plugin = neo-tree-nvim; type = "viml"; diff --git a/common/nix-on-droid.nix b/common/nix-on-droid.nix index 5a58dc3..1f7313a 100644 --- a/common/nix-on-droid.nix +++ b/common/nix-on-droid.nix @@ -22,10 +22,14 @@ substituters = [ # Neovim and stuff "https://nix-community.cachix.org" + # Personal config cache + "https://cache.nelim.org" ]; trustedPublicKeys = [ # Neovim and stuff "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + # Personal config cache + "cache.nelim.org:JmFqkUdH11EA9EZOFAGVHuRYp7EbsdJDHvTQzG2pPyY=" ]; }; diff --git a/common/pkgs/default.nix b/common/pkgs/default.nix index 79000b5..d4b18c9 100644 --- a/common/pkgs/default.nix +++ b/common/pkgs/default.nix @@ -2,7 +2,8 @@ lib, pkgs, ... -}: let +}: +with lib; let mkPackage = name: v: { ${name} = pkgs.callPackage ./${name} {}; }; @@ -10,19 +11,15 @@ rmNotPackage = name: value: value == "directory" - && builtins.pathExists ./${name}/default.nix; + && pathExists ./${name}/default.nix; - packages = lib.attrsets.filterAttrs rmNotPackage (builtins.readDir ./.); + packages = filterAttrs rmNotPackage (builtins.readDir ./.); - pkgSet = lib.attrsets.concatMapAttrs mkPackage packages; + pkgSet = concatMapAttrs mkPackage packages; in { - imports = [ - { - options.customPkgs = lib.mkOption { - type = lib.types.attrs; - }; - } - ]; + options.customPkgs = mkOption { + type = types.attrs; + }; - customPkgs = pkgSet; + config.customPkgs = pkgSet; } diff --git a/devices/binto/default.nix b/devices/binto/default.nix index bb3bb24..500b23f 100644 --- a/devices/binto/default.nix +++ b/devices/binto/default.nix @@ -8,6 +8,7 @@ ../../modules/kmscon.nix ../../modules/printer.nix ../../modules/proton-bridge.nix + ../../modules/sshd.nix ../../modules/tailscale.nix ./modules/gpu-replay.nix @@ -56,16 +57,6 @@ firewall.enable = false; }; - services = { - openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "no"; - }; - }; - }; - # Set your time zone. time.timeZone = "America/Montreal"; diff --git a/devices/oksys/default.nix b/devices/oksys/default.nix index c3a49fb..fefc12a 100644 --- a/devices/oksys/default.nix +++ b/devices/oksys/default.nix @@ -2,6 +2,7 @@ imports = [ ./hardware-configuration.nix + ../../modules/sshd.nix ../../modules/tailscale.nix ./modules/blocky.nix @@ -47,16 +48,6 @@ firewall.enable = false; }; - services = { - openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "no"; - }; - }; - }; - # Set your time zone. time.timeZone = "America/Montreal"; diff --git a/devices/oksys/modules/blocky.nix b/devices/oksys/modules/blocky.nix index 8ad3b20..be838b1 100644 --- a/devices/oksys/modules/blocky.nix +++ b/devices/oksys/modules/blocky.nix @@ -2,6 +2,7 @@ services = { blocky = { enable = true; + settings = { upstream = { default = [ diff --git a/devices/servivi/default.nix b/devices/servivi/default.nix index 5aed408..db1af11 100644 --- a/devices/servivi/default.nix +++ b/devices/servivi/default.nix @@ -3,6 +3,7 @@ ./hardware-configuration.nix ../../modules/kmscon.nix + ../../modules/sshd.nix ../../modules/tailscale.nix ./modules/binary-cache.nix @@ -41,16 +42,6 @@ firewall.enable = false; }; - services = { - openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "no"; - }; - }; - }; - # Set your time zone. time.timeZone = "America/Montreal"; diff --git a/devices/servivi/modules/binary-cache.nix b/devices/servivi/modules/binary-cache.nix index b13fd4f..60f8f4b 100644 --- a/devices/servivi/modules/binary-cache.nix +++ b/devices/servivi/modules/binary-cache.nix @@ -1,7 +1,6 @@ { config, pkgs, - nixpkgs, ... }: let secrets = config.sops.secrets; @@ -12,6 +11,7 @@ in { secretKeyFile = secrets.binary-cache-key.path; }; + # Populate cache systemd = { services.buildAll = { serviceConfig = { @@ -19,25 +19,28 @@ in { User = vars.user; Group = config.users.users.${vars.user}.group; }; + + path = with pkgs; [ + git + nix + nixci + openssh + ]; + script = '' cd /tmp - ${pkgs.nix}/bin/nix-shell \ - -I "nixpkgs=${nixpkgs}" \ - -p openssh nix git nixci --run \ - "${builtins.concatStringsSep "; " [ - "git clone https://git.nelim.org/matt1432/nixos-configs.git nix-clone" - "cd nix-clone" - "nix flake update" - "nixci ." - "cd .." - "rm -r nix-clone" - ]}" + git clone https://git.nelim.org/matt1432/nixos-configs.git nix-clone + cd nix-clone + nix flake update + nixci . + cd .. + rm -r nix-clone ''; }; timers.buildAll = { wantedBy = ["timers.target"]; partOf = ["buildAll.service"]; - timerConfig.OnCalendar = ["*-*-* 0:00:00"]; + timerConfig.OnCalendar = ["0:00:00"]; }; }; } diff --git a/devices/servivi/modules/borgbackup.nix b/devices/servivi/modules/borgbackup.nix index 881e8f7..9eba1d7 100644 --- a/devices/servivi/modules/borgbackup.nix +++ b/devices/servivi/modules/borgbackup.nix @@ -3,18 +3,27 @@ lib, pkgs, ... -}: { +}: +with lib; let + cfg = config.services.borgbackup; + secrets = config.sops.secrets; +in { # Make this file declare default settings - options.services.borgbackup = with lib; { + options.services.borgbackup = { + # defaults = mkOption { type = types.attrs; }; + configs = mkOption { + type = types.attrs; + }; }; config = { users.groups.borg = {}; users.users.borg = { isSystemUser = true; + # https://mynixos.com/nixpkgs/option/services.borgbackup.jobs.%3Cname%3E.readWritePaths createHome = true; home = "/var/lib/borg"; group = "borg"; @@ -28,17 +37,14 @@ services.borgbackup = { defaults = { user = "borg"; - environment = { - # TODO: use secrets - BORG_RSH = "ssh -i ${config.users.users.borg.home}/.ssh/id_ed25519"; - }; + environment = {BORG_RSH = "ssh -i ${secrets.borg-ssh.path}";}; repo = "ssh://matt@pve/data/backups/borg"; encryption = { mode = "repokey"; passCommand = let cat = "${pkgs.coreutils}/bin/cat"; - key = config.sops.secrets.borg-repo.path; + key = secrets.borg-repo.path; in "${cat} ${key}"; }; @@ -46,6 +52,8 @@ startAt = "00/3:00"; compression = "auto,lzma"; }; + + jobs = mapAttrs (_: v: v // cfg.defaults) cfg.configs; }; }; } diff --git a/devices/servivi/modules/minecraft.nix b/devices/servivi/modules/minecraft.nix index f5b9e0d..0d9e8e0 100644 --- a/devices/servivi/modules/minecraft.nix +++ b/devices/servivi/modules/minecraft.nix @@ -88,12 +88,10 @@ }; }; - borgbackup.jobs.mc = - config.services.borgbackup.defaults - // { - paths = [ - "/var/lib/minecraft" - ]; - }; + borgbackup.configs.mc = { + paths = [ + "/var/lib/minecraft" + ]; + }; }; } diff --git a/flake.lock b/flake.lock index 75ddae8..2c11576 100644 --- a/flake.lock +++ b/flake.lock @@ -898,11 +898,11 @@ }, "nur": { "locked": { - "lastModified": 1703684713, - "narHash": "sha256-fcT+86f6nzP3U0fNaLmU2zjU0OBknHkvuhfKCOmUbYo=", + "lastModified": 1703685203, + "narHash": "sha256-S6O1gyPlMdWwPAdt/fyMbAY2dkN7c2OSdXQ33B0XUNs=", "owner": "nix-community", "repo": "NUR", - "rev": "363ffe2170c5ff1bb78ee7c156cfd26fb587e383", + "rev": "37316d96a2d37c8d399922483dac769ffd5dbf38", "type": "github" }, "original": { @@ -961,11 +961,11 @@ "sops-nix": "sops-nix" }, "locked": { - "lastModified": 1703659676, - "narHash": "sha256-GV7aDQygrPSXwR6auRHpanMzvXvKBbw1F2o78BA/ZeM=", + "lastModified": 1703687968, + "narHash": "sha256-wkdaj8F/uD8Rm3HmNcy7IVRguzWeCd4svuVPILIWbq4=", "ref": "refs/heads/main", - "rev": "792df10f43731b75e4d11ce76e0cde911381869e", - "revCount": 18, + "rev": "77c68ba0cbc6da18531dedfcf864038a6e4aaf9f", + "revCount": 19, "type": "git", "url": "ssh://git@git.nelim.org/matt1432/nixos-secrets" }, diff --git a/home/alacritty.nix b/home/alacritty.nix index b42622f..2398868 100644 --- a/home/alacritty.nix +++ b/home/alacritty.nix @@ -3,8 +3,6 @@ enable = true; settings = { env = { - POKE = "true"; - # fix wrong colors in tmux TERM = "xterm-256color"; }; diff --git a/modules/greetd/default.nix b/modules/greetd/default.nix index 726bdd9..819ee11 100644 --- a/modules/greetd/default.nix +++ b/modules/greetd/default.nix @@ -3,9 +3,8 @@ pkgs, config, ... -}: let +}: with lib; let # Nix stuff - optionals = lib.lists.optionals; isNvidia = config.hardware.nvidia.modesetting.enable; isTouchscreen = config.hardware.sensor.iio.enable; @@ -20,7 +19,7 @@ .finalPackage; # Executables' paths hyprBin = "${hyprland}/bin"; - regreetBin = "${lib.getExe config.programs.regreet.package}"; + regreetBin = "${getExe config.programs.regreet.package}"; # Show Regreet on all monitors dupeMonitors = pkgs.writeShellScriptBin "dupeMonitors" '' @@ -49,7 +48,7 @@ else "${dupeMonitors}/bin/dupeMonitors"; # Get css for regreet - style = pkgs.writeText "style.css" ''${builtins.readFile ./style.css}''; + style = pkgs.writeText "style.css" ''${readFile ./style.css}''; # Setup Hyprland as regreet's compositor hyprConf = @@ -66,7 +65,7 @@ " sleep 1; swww init --no-cache &&" " swww img -t none ${pkgs.dracula-theme}/wallpapers/waves.png\n" - "${builtins.readFile ./hyprland.conf}\n" + "${readFile ./hyprland.conf}\n" "exec-once = ${regreetBin} -s ${style};" " ${hyprBin}/hyprctl dispatch exit" diff --git a/modules/hyprland/default.nix b/modules/hyprland/default.nix index dee378a..4c6a88e 100644 --- a/modules/hyprland/default.nix +++ b/modules/hyprland/default.nix @@ -82,22 +82,22 @@ in { xwayland.force_zero_scaling = true; monitor = [ - (builtins.concatStringsSep "," [ + (concatStringsSep "," [ "desc:Acer Technologies Acer K212HQL T3EAA0014201" "1920x1080@60" "840x1000, 1, transform, 3" ]) - (builtins.concatStringsSep "," [ + (concatStringsSep "," [ "desc:BOE 0x0964" "1920x1200@60" "0x2920, 1" ]) - (builtins.concatStringsSep "," [ + (concatStringsSep "," [ "desc:Samsung Electric Company C27JG5x HTOM100586" "2560x1440@60" "1920x120, 1" ]) - (builtins.concatStringsSep "," [ + (concatStringsSep "," [ "desc:GIGA-BYTE TECHNOLOGY CO. LTD. G27QC 0x00000B1D" "2560x1440@165" "1920x1560, 1" diff --git a/modules/sshd.nix b/modules/sshd.nix new file mode 100644 index 0000000..f4714c5 --- /dev/null +++ b/modules/sshd.nix @@ -0,0 +1,11 @@ +{...}: { + services = { + openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + }; + }; + }; +}