Refactor, add librem5
This commit is contained in:
parent
bff853aaba
commit
4bca58e145
29
flake.lock
29
flake.lock
@ -635,11 +635,11 @@
|
|||||||
"nixpkgs-regression": "nixpkgs-regression"
|
"nixpkgs-regression": "nixpkgs-regression"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672935906,
|
"lastModified": 1676450680,
|
||||||
"narHash": "sha256-YYxhjBppTVEsqElmuBxDrBwqYe/nLXdkMzMQI8gRA8E=",
|
"narHash": "sha256-wOd+EPkY6VpxeIf+bCuV2lHleSoK0hI/hTsvJ6Ntf6Q=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nix",
|
"repo": "nix",
|
||||||
"rev": "d02c5a41da68908bd88d7a697abc52a04826894e",
|
"rev": "601849b95afc3d173ea34ff5dba6353f9b71b495",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -701,6 +701,22 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixos-hardware": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1676478725,
|
||||||
|
"narHash": "sha256-tiuxFhkGt0UADAGm4YXuETk9R8TsTZSUSTFJgDMxebo=",
|
||||||
|
"owner": "balsoft",
|
||||||
|
"repo": "nixos-hardware",
|
||||||
|
"rev": "8488234ec45c71456d3eae0329b1cc56caa40799",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "balsoft",
|
||||||
|
"ref": "add-librem-5",
|
||||||
|
"repo": "nixos-hardware",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1671417167,
|
"lastModified": 1671417167,
|
||||||
@ -941,11 +957,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs_9": {
|
"nixpkgs_9": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672791794,
|
"lastModified": 1675942811,
|
||||||
"narHash": "sha256-mqGPpGmwap0Wfsf3o2b6qHJW1w2kk/I6cGCGIU+3t6o=",
|
"narHash": "sha256-/v4Z9mJmADTpXrdIlAjFa1e+gkpIIROR670UVDQFwIw=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "9813adc7f7c0edd738c6bdd8431439688bb0cb3d",
|
"rev": "724bfc0892363087709bd3a5a1666296759154b1",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -1015,6 +1031,7 @@
|
|||||||
"nix-direnv": "nix-direnv",
|
"nix-direnv": "nix-direnv",
|
||||||
"nix-vscode-marketplace": "nix-vscode-marketplace",
|
"nix-vscode-marketplace": "nix-vscode-marketplace",
|
||||||
"nixos-fhs-compat": "nixos-fhs-compat",
|
"nixos-fhs-compat": "nixos-fhs-compat",
|
||||||
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixpkgs": "nixpkgs_9",
|
"nixpkgs": "nixpkgs_9",
|
||||||
"nixpkgs-old": "nixpkgs-old",
|
"nixpkgs-old": "nixpkgs-old",
|
||||||
"nixpkgs-wayland": "nixpkgs-wayland",
|
"nixpkgs-wayland": "nixpkgs-wayland",
|
||||||
|
22
flake.nix
22
flake.nix
@ -105,6 +105,7 @@
|
|||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nixos-hardware.url = "github:balsoft/nixos-hardware/add-librem-5";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { nixpkgs, self, nix, deploy-rs, ... }@inputs:
|
outputs = { nixpkgs, self, nix, deploy-rs, ... }@inputs:
|
||||||
@ -145,6 +146,8 @@
|
|||||||
in nixosSystem {
|
in nixosSystem {
|
||||||
inherit system;
|
inherit system;
|
||||||
modules = __attrValues self.nixosModules ++ [
|
modules = __attrValues self.nixosModules ++ [
|
||||||
|
inputs.home-manager.nixosModules.home-manager
|
||||||
|
|
||||||
(import (./machines + "/${name}"))
|
(import (./machines + "/${name}"))
|
||||||
{ nixpkgs.pkgs = pkgs; }
|
{ nixpkgs.pkgs = pkgs; }
|
||||||
{ device = name; }
|
{ device = name; }
|
||||||
@ -168,6 +171,25 @@
|
|||||||
deploy-rs.defaultPackage.x86_64-linux
|
deploy-rs.defaultPackage.x86_64-linux
|
||||||
nixfmt
|
nixfmt
|
||||||
];
|
];
|
||||||
|
shellHook = ''
|
||||||
|
linkFile() {
|
||||||
|
source="$(nix build --print-out-paths "$1.source" || nix eval --raw "$1.source")"
|
||||||
|
target="$(nix eval --raw "$1.target")"
|
||||||
|
ln -fs "$source" "$HOME/$target"
|
||||||
|
}
|
||||||
|
linkHomeManagerFile() {
|
||||||
|
linkFile ".#nixosConfigurations.$(hostname).config.home-manager.users.$(whoami).$1"
|
||||||
|
}
|
||||||
|
linkConfigFile() {
|
||||||
|
linkHomeManagerFile "xdg.configFile.\"$1\""
|
||||||
|
}
|
||||||
|
linkDataFile() {
|
||||||
|
linkHomeManagerFile "xdg.dataFile.\"$1\""
|
||||||
|
}
|
||||||
|
linkHomeFile() {
|
||||||
|
linkHomeManagerFile "home.file.\"$1\""
|
||||||
|
}
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
deploy = {
|
deploy = {
|
||||||
|
51
machines/Librem5-Phone/default.nix
Normal file
51
machines/Librem5-Phone/default.nix
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
{ inputs, pkgs, lib, ... }: {
|
||||||
|
imports = with inputs.self;
|
||||||
|
with nixosProfiles; [
|
||||||
|
./hardware-configuration.nix
|
||||||
|
|
||||||
|
nixosRoles.base
|
||||||
|
|
||||||
|
inputs.nixos-hardware.nixosModules.purism-librem-5r4
|
||||||
|
|
||||||
|
applications-setup
|
||||||
|
bluetooth
|
||||||
|
power
|
||||||
|
hardware
|
||||||
|
sound
|
||||||
|
plasma-mobile
|
||||||
|
|
||||||
|
nheko
|
||||||
|
okular
|
||||||
|
gwenview
|
||||||
|
aerc
|
||||||
|
helix
|
||||||
|
angelfish
|
||||||
|
nix
|
||||||
|
|
||||||
|
kdeconnect
|
||||||
|
cursor
|
||||||
|
fonts
|
||||||
|
gtk
|
||||||
|
qt
|
||||||
|
|
||||||
|
pass-secret-service
|
||||||
|
];
|
||||||
|
|
||||||
|
programs.ssh.askPassword =
|
||||||
|
"${pkgs.plasma5Packages.ksshaskpass.out}/bin/ksshaskpass";
|
||||||
|
|
||||||
|
users.users.balsoft.password = lib.mkForce "0";
|
||||||
|
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_librem5;
|
||||||
|
|
||||||
|
system.stateVersion = "23.05";
|
||||||
|
home-manager.users.balsoft.home.stateVersion = "22.11";
|
||||||
|
|
||||||
|
themes.fonts = {
|
||||||
|
main.size = 10;
|
||||||
|
serif.size = 10;
|
||||||
|
mono.size = 10;
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = [ pkgs.pure-maps ];
|
||||||
|
}
|
32
machines/Librem5-Phone/hardware-configuration.nix
Normal file
32
machines/Librem5-Phone/hardware-configuration.nix
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
|
||||||
|
fileSystems."/" = {
|
||||||
|
device = "/dev/mmcblk0p2";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" = {
|
||||||
|
device = "/dev/mmcblk0p1";
|
||||||
|
fsType = "ext2";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [ ];
|
||||||
|
|
||||||
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||||
|
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||||
|
|
||||||
|
nix.settings.max-jobs = 4;
|
||||||
|
}
|
1
machines/Librem5-Phone/system
Normal file
1
machines/Librem5-Phone/system
Normal file
@ -0,0 +1 @@
|
|||||||
|
aarch64-linux
|
@ -66,7 +66,7 @@ let
|
|||||||
with cfg; {
|
with cfg; {
|
||||||
"${name}-secrets" = rec {
|
"${name}-secrets" = rec {
|
||||||
|
|
||||||
wantedBy = ["multi-user.target"];
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
|
||||||
requires = [ "user@1000.service" ];
|
requires = [ "user@1000.service" ];
|
||||||
after = requires;
|
after = requires;
|
||||||
@ -115,12 +115,13 @@ let
|
|||||||
++ map (name: "${name}-secrets.service")
|
++ map (name: "${name}-secrets.service")
|
||||||
(builtins.attrNames config.secrets));
|
(builtins.attrNames config.secrets));
|
||||||
in {
|
in {
|
||||||
options.secrets = lib.mkOption {
|
options = {
|
||||||
|
secrets = lib.mkOption {
|
||||||
type = attrsOf (submodule secret);
|
type = attrsOf (submodule secret);
|
||||||
default = { };
|
default = { };
|
||||||
};
|
};
|
||||||
|
|
||||||
options.secretsConfig = {
|
secretsConfig = {
|
||||||
password-store = lib.mkOption {
|
password-store = lib.mkOption {
|
||||||
type = lib.types.path;
|
type = lib.types.path;
|
||||||
default = "/home/balsoft/.local/share/password-store";
|
default = "/home/balsoft/.local/share/password-store";
|
||||||
@ -130,11 +131,14 @@ in {
|
|||||||
default = "ssh://git@github.com/balsoft/pass";
|
default = "ssh://git@github.com/balsoft/pass";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
|
||||||
config.systemd.services =
|
config = {
|
||||||
|
|
||||||
|
systemd.services =
|
||||||
mkMerge (concatLists (mapAttrsToList mkServices config.secrets));
|
mkMerge (concatLists (mapAttrsToList mkServices config.secrets));
|
||||||
|
|
||||||
config.security.sudo.extraRules = [{
|
security.sudo.extraRules = [{
|
||||||
users = [ "balsoft" ];
|
users = [ "balsoft" ];
|
||||||
commands = [{
|
commands = [{
|
||||||
command = "/run/current-system/sw/bin/systemctl restart ${allServices}";
|
command = "/run/current-system/sw/bin/systemctl restart ${allServices}";
|
||||||
@ -142,24 +146,24 @@ in {
|
|||||||
}];
|
}];
|
||||||
}];
|
}];
|
||||||
|
|
||||||
config.persist.derivative.directories = [ "/var/secrets" password-store ];
|
persist.derivative.directories = [ "/var/secrets" password-store ];
|
||||||
|
|
||||||
config.home-manager.users.balsoft = {
|
home-manager.users.balsoft = {
|
||||||
systemd.user.services.activate-secrets = {
|
systemd.user.services.activate-secrets = {
|
||||||
Service = {
|
Service = {
|
||||||
ExecStart = "${activate-secrets}/bin/activate-secrets";
|
ExecStart = "${activate-secrets}/bin/activate-secrets";
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
};
|
};
|
||||||
Unit = {
|
Unit = { PartOf = [ "graphical-session-pre.target" ]; };
|
||||||
PartOf = [ "graphical-session-pre.target" ];
|
|
||||||
};
|
|
||||||
Install.WantedBy = [ "graphical-session-pre.target" ];
|
Install.WantedBy = [ "graphical-session-pre.target" ];
|
||||||
};
|
};
|
||||||
systemd.user.services.pass-store-sync = {
|
systemd.user.services.pass-store-sync = {
|
||||||
Service = {
|
Service = {
|
||||||
Environment = [
|
Environment = [
|
||||||
"PASSWORD_STORE_DIR=${password-store}"
|
"PASSWORD_STORE_DIR=${password-store}"
|
||||||
"PATH=${lib.makeBinPath [ pkgs.pass pkgs.inotify-tools pkgs.gnupg ]}"
|
"PATH=${
|
||||||
|
lib.makeBinPath [ pkgs.pass pkgs.inotify-tools pkgs.gnupg ]
|
||||||
|
}"
|
||||||
];
|
];
|
||||||
ExecStart = toString (pkgs.writeShellScript "pass-store-sync" ''
|
ExecStart = toString (pkgs.writeShellScript "pass-store-sync" ''
|
||||||
export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
|
export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
|
||||||
@ -184,4 +188,5 @@ in {
|
|||||||
settings.PASSWORD_STORE_DIR = password-store;
|
settings.PASSWORD_STORE_DIR = password-store;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
37
overlay.nix
37
overlay.nix
@ -56,8 +56,7 @@ in rec {
|
|||||||
|
|
||||||
nerdfonts = nur.balsoft.pkgs.roboto-mono-nerd;
|
nerdfonts = nur.balsoft.pkgs.roboto-mono-nerd;
|
||||||
|
|
||||||
pass-secret-service =
|
pass-secret-service = prev.pass-secret-service.overrideAttrs (_: {
|
||||||
prev.pass-secret-service.overrideAttrs (_: {
|
|
||||||
installCheckPhase = null;
|
installCheckPhase = null;
|
||||||
postInstall = ''
|
postInstall = ''
|
||||||
mkdir -p $out/share/{dbus-1/services,xdg-desktop-portal/portals}
|
mkdir -p $out/share/{dbus-1/services,xdg-desktop-portal/portals}
|
||||||
@ -76,7 +75,8 @@ in rec {
|
|||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
|
|
||||||
nix-direnv = inputs.nix-direnv.packages.${system}.default.override { pkgs = final; };
|
nix-direnv =
|
||||||
|
inputs.nix-direnv.packages.${system}.default.override { pkgs = final; };
|
||||||
|
|
||||||
# For nix-direnv
|
# For nix-direnv
|
||||||
nixFlakes = final.nix;
|
nixFlakes = final.nix;
|
||||||
@ -92,8 +92,13 @@ in rec {
|
|||||||
mtxclient = prev.mtxclient.overrideAttrs (oa: {
|
mtxclient = prev.mtxclient.overrideAttrs (oa: {
|
||||||
src = inputs.mtxclient;
|
src = inputs.mtxclient;
|
||||||
cmakeFlags = oa.cmakeFlags ++ [ "-DCMAKE_CXX_FLAGS=-DSPDLOG_FMT_EXTERNAL" ];
|
cmakeFlags = oa.cmakeFlags ++ [ "-DCMAKE_CXX_FLAGS=-DSPDLOG_FMT_EXTERNAL" ];
|
||||||
buildInputs = oa.buildInputs
|
buildInputs = oa.buildInputs ++ [
|
||||||
++ [ final.libevent final.curl.all final.coeurl final.spdlog.dev final.re2 ];
|
final.libevent
|
||||||
|
final.curl.all
|
||||||
|
final.coeurl
|
||||||
|
final.spdlog.dev
|
||||||
|
final.re2
|
||||||
|
];
|
||||||
patches = [ ];
|
patches = [ ];
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -116,23 +121,29 @@ in rec {
|
|||||||
cmakeFlags = oa.cmakeFlags ++ [ "-DBUILD_SHARED_LIBS=OFF" ];
|
cmakeFlags = oa.cmakeFlags ++ [ "-DBUILD_SHARED_LIBS=OFF" ];
|
||||||
})).override { mtxclient = final.mtxclient; };
|
})).override { mtxclient = final.mtxclient; };
|
||||||
|
|
||||||
nix = inputs.nix.packages.${system}.default.overrideAttrs (oa: {
|
nix = inputs.nix.packages.${system}.default;
|
||||||
doInstallCheck = false;
|
|
||||||
patches = [ ./profiles/nix/nix.patch ./profiles/nix/expr-context.patch ] ++ oa.patches or [ ];
|
|
||||||
});
|
|
||||||
|
|
||||||
nil = prev.nil.overrideAttrs (_: { doCheck = false; doInstallCheck = false; });
|
nil = prev.nil.overrideAttrs (_: {
|
||||||
|
doCheck = false;
|
||||||
|
doInstallCheck = false;
|
||||||
|
});
|
||||||
|
|
||||||
mako = prev.mako.overrideAttrs (_: {
|
mako = prev.mako.overrideAttrs (_: {
|
||||||
postInstall =
|
postInstall =
|
||||||
"sed 's|Exec=.*|Exec=/run/current-system/sw/bin/systemctl --user start mako|' -i $out/share/dbus-1/services/fr.emersion.mako.service";
|
"sed 's|Exec=.*|Exec=/run/current-system/sw/bin/systemctl --user start mako|' -i $out/share/dbus-1/services/fr.emersion.mako.service";
|
||||||
});
|
});
|
||||||
|
|
||||||
codebraid = prev.codebraid.overrideAttrs (_: {
|
codebraid = prev.codebraid.overrideAttrs (_: { src = inputs.codebraid; });
|
||||||
src = inputs.codebraid;
|
|
||||||
});
|
|
||||||
|
|
||||||
remapper = inputs.remapper.packages.${final.system}.default;
|
remapper = inputs.remapper.packages.${final.system}.default;
|
||||||
|
|
||||||
helix = inputs.helix.packages.${final.system}.default;
|
helix = inputs.helix.packages.${final.system}.default;
|
||||||
|
|
||||||
|
plasma5Packages = prev.plasma5Packages.overrideScope' (final': _: {
|
||||||
|
qmlkonsole = final'.callPackage (final.fetchurl {
|
||||||
|
url =
|
||||||
|
"https://raw.githubusercontent.com/NixOS/nixpkgs/551245d6c4636862f91ba4a0e94b8120b7e8d4d4/pkgs/applications/plasma-mobile/qmlkonsole.nix";
|
||||||
|
sha256 = "04vy12x0wjhr1c77dlhvghmlkb6aaq5dfqg1fwc5p6ma9nxqdwic";
|
||||||
|
}) { };
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
16
profiles/applications/angelfish.nix
Normal file
16
profiles/applications/angelfish.nix
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
{ config, pkgs, ... }: {
|
||||||
|
environment.systemPackages = [ pkgs.plasma5Packages.angelfish ];
|
||||||
|
defaultApplications.browser = {
|
||||||
|
cmd = "${pkgs.plasma5Packages.angelfish}/bin/angelfish";
|
||||||
|
desktop = "org.kde.angelfish";
|
||||||
|
};
|
||||||
|
home-manager.users.balsoft = {
|
||||||
|
xdg.configFile.angelfishrc.text = pkgs.lib.generators.toGitINI {
|
||||||
|
NavigationBar = {
|
||||||
|
navBarBack = true;
|
||||||
|
navBarForward = true;
|
||||||
|
navBarReload = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -3,6 +3,8 @@ let
|
|||||||
thm = pkgs.my-lib.thmHash config.themes.colors;
|
thm = pkgs.my-lib.thmHash config.themes.colors;
|
||||||
fonts = config.themes.fonts;
|
fonts = config.themes.fonts;
|
||||||
in {
|
in {
|
||||||
|
services.dbus.packages = [ pkgs.firefox-wayland ];
|
||||||
|
|
||||||
environment.sessionVariables = {
|
environment.sessionVariables = {
|
||||||
MOZ_USE_XINPUT2 = "1";
|
MOZ_USE_XINPUT2 = "1";
|
||||||
MOZ_DBUS_REMOTE = "1";
|
MOZ_DBUS_REMOTE = "1";
|
||||||
|
@ -35,7 +35,8 @@
|
|||||||
lambda-launcher
|
lambda-launcher
|
||||||
nix-patch
|
nix-patch
|
||||||
gopass
|
gopass
|
||||||
papirus-icon-theme
|
# papirus-icon-theme
|
||||||
|
breeze-icons
|
||||||
shellcheck
|
shellcheck
|
||||||
proselint
|
proselint
|
||||||
ripgrep
|
ripgrep
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
hardware.enableRedistributableFirmware = true; # For some unfree drivers
|
hardware.enableRedistributableFirmware = true; # For some unfree drivers
|
||||||
systemd.services.systemd-udev-settle.enable = false;
|
# systemd.services.systemd-udev-settle.enable = false;
|
||||||
services.fwupd.enable = true;
|
services.fwupd.enable = true;
|
||||||
# sound.enable = true;
|
# sound.enable = true;
|
||||||
services.fstrim.enable = true;
|
services.fstrim.enable = true;
|
||||||
|
@ -17,6 +17,7 @@
|
|||||||
'';
|
'';
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
|
use-xdg-base-directories = true;
|
||||||
trusted-users = [ "root" "balsoft" "@wheel" ];
|
trusted-users = [ "root" "balsoft" "@wheel" ];
|
||||||
trusted-public-keys = [
|
trusted-public-keys = [
|
||||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
||||||
|
@ -1,42 +0,0 @@
|
|||||||
diff --git a/src/libstore/profiles.cc b/src/libstore/profiles.cc
|
|
||||||
index 5d1723886..4f2e4f5db 100644
|
|
||||||
--- a/src/libstore/profiles.cc
|
|
||||||
+++ b/src/libstore/profiles.cc
|
|
||||||
@@ -250,13 +250,6 @@ Path getDefaultProfile()
|
|
||||||
{
|
|
||||||
Path profileLink = getHome() + "/.nix-profile";
|
|
||||||
try {
|
|
||||||
- if (!pathExists(profileLink)) {
|
|
||||||
- replaceSymlink(
|
|
||||||
- getuid() == 0
|
|
||||||
- ? settings.nixStateDir + "/profiles/default"
|
|
||||||
- : fmt("%s/profiles/per-user/%s/profile", settings.nixStateDir, getUserName()),
|
|
||||||
- profileLink);
|
|
||||||
- }
|
|
||||||
return absPath(readLink(profileLink), dirOf(profileLink));
|
|
||||||
} catch (Error &) {
|
|
||||||
return profileLink;
|
|
||||||
diff --git a/src/nix-env/nix-env.cc b/src/nix-env/nix-env.cc
|
|
||||||
index e04954d45..5649bd01a 100644
|
|
||||||
--- a/src/nix-env/nix-env.cc
|
|
||||||
+++ b/src/nix-env/nix-env.cc
|
|
||||||
@@ -1336,19 +1336,6 @@ static int main_nix_env(int argc, char * * argv)
|
|
||||||
globals.instSource.nixExprPath = getHome() + "/.nix-defexpr";
|
|
||||||
globals.instSource.systemFilter = "*";
|
|
||||||
|
|
||||||
- if (!pathExists(globals.instSource.nixExprPath)) {
|
|
||||||
- try {
|
|
||||||
- createDirs(globals.instSource.nixExprPath);
|
|
||||||
- replaceSymlink(
|
|
||||||
- fmt("%s/profiles/per-user/%s/channels", settings.nixStateDir, getUserName()),
|
|
||||||
- globals.instSource.nixExprPath + "/channels");
|
|
||||||
- if (getuid() != 0)
|
|
||||||
- replaceSymlink(
|
|
||||||
- fmt("%s/profiles/per-user/root/channels", settings.nixStateDir),
|
|
||||||
- globals.instSource.nixExprPath + "/channels_root");
|
|
||||||
- } catch (Error &) { }
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
globals.dryRun = false;
|
|
||||||
globals.preserveInstalled = false;
|
|
||||||
globals.removeAll = false;
|
|
@ -1,120 +0,0 @@
|
|||||||
{ config, pkgs, lib, ... }: {
|
|
||||||
security.apparmor.enable = true;
|
|
||||||
programs.firejail.enable = true;
|
|
||||||
users.mutableUsers = false;
|
|
||||||
users.users.balsoft = {
|
|
||||||
isNormalUser = true;
|
|
||||||
extraGroups = [
|
|
||||||
"sudo"
|
|
||||||
"wheel"
|
|
||||||
"networkmanager"
|
|
||||||
"disk"
|
|
||||||
"dbus"
|
|
||||||
"audio"
|
|
||||||
"docker"
|
|
||||||
"sound"
|
|
||||||
"pulse"
|
|
||||||
"adbusers"
|
|
||||||
"input"
|
|
||||||
"libvirtd"
|
|
||||||
"vboxusers"
|
|
||||||
"wireshark"
|
|
||||||
"lp"
|
|
||||||
"scanner"
|
|
||||||
];
|
|
||||||
description = "Александр Бантьев";
|
|
||||||
uid = 1000;
|
|
||||||
password = "";
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services."user@" = { serviceConfig = { Restart = "always"; }; };
|
|
||||||
|
|
||||||
home-manager.users.balsoft = {
|
|
||||||
systemd.user.services.polkit-agent = {
|
|
||||||
Unit = {
|
|
||||||
Description = "Run polkit authentication agent";
|
|
||||||
X-RestartIfChanged = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
Install.WantedBy = [ "sway-session.target" ];
|
|
||||||
|
|
||||||
Service = { ExecStart = "${pkgs.mate.mate-polkit}/libexec/polkit-mate-authentication-agent-1"; };
|
|
||||||
};
|
|
||||||
home.activation.yubi = {
|
|
||||||
data = ''
|
|
||||||
mkdir -p .config/Yubico
|
|
||||||
[ -f /home/balsoft/.config/Yubico/u2f_keys ] || (pamu2fcfg > /home/balsoft/.config/Yubico/u2f_keys)
|
|
||||||
'';
|
|
||||||
after = [ "linkGeneration" ];
|
|
||||||
before = [ ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
persist.state.directories = [ "/home/balsoft/.config/Yubico" ];
|
|
||||||
|
|
||||||
services.getty.autologinUser = "balsoft";
|
|
||||||
|
|
||||||
environment.loginShellInit = lib.mkBefore ''
|
|
||||||
[[ "$(tty)" == /dev/tty? ]] && sudo /run/current-system/sw/bin/lock this
|
|
||||||
'';
|
|
||||||
|
|
||||||
security.pam.u2f = {
|
|
||||||
control = "sufficient";
|
|
||||||
cue = true;
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.systemPackages = [
|
|
||||||
(pkgs.writeShellScriptBin "lock" ''
|
|
||||||
set -euo pipefail
|
|
||||||
if [[ "$1" == this ]]
|
|
||||||
then args="-s"
|
|
||||||
else args="-san"
|
|
||||||
fi
|
|
||||||
${
|
|
||||||
lib.optionalString (config.deviceSpecific.isLaptop)
|
|
||||||
''USER=balsoft ${pkgs.vlock}/bin/vlock "$args"''
|
|
||||||
}
|
|
||||||
'')
|
|
||||||
];
|
|
||||||
|
|
||||||
security.pam.services = builtins.listToAttrs (builtins.map (name: {
|
|
||||||
inherit name;
|
|
||||||
value = { unixAuth = false; };
|
|
||||||
}) [
|
|
||||||
"chpasswd"
|
|
||||||
"chsh"
|
|
||||||
"groupadd"
|
|
||||||
"groupdel"
|
|
||||||
"groupmems"
|
|
||||||
"groupmod"
|
|
||||||
"i3lock"
|
|
||||||
"i3lock-color"
|
|
||||||
"login"
|
|
||||||
"passwd"
|
|
||||||
"polkit-1"
|
|
||||||
"runuser"
|
|
||||||
"runuser-l"
|
|
||||||
"su"
|
|
||||||
"sudo"
|
|
||||||
"swaylock"
|
|
||||||
"systemd-user"
|
|
||||||
"useradd"
|
|
||||||
"userdel"
|
|
||||||
"usermod"
|
|
||||||
"vlock"
|
|
||||||
"xlock"
|
|
||||||
"xscreensaver"
|
|
||||||
]);
|
|
||||||
|
|
||||||
security.sudo = {
|
|
||||||
enable = true;
|
|
||||||
extraConfig = ''
|
|
||||||
balsoft ALL = (root) NOPASSWD: /run/current-system/sw/bin/lock
|
|
||||||
balsoft ALL = (root) NOPASSWD: /run/current-system/sw/bin/lock this
|
|
||||||
balsoft ALL = (root) NOPASSWD: ${pkgs.light}/bin/light -A 5
|
|
||||||
balsoft ALL = (root) NOPASSWD: ${pkgs.light}/bin/light -U 5
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
home-manager.useUserPackages = true;
|
|
||||||
}
|
|
18
profiles/security/pass-secret-service.nix
Normal file
18
profiles/security/pass-secret-service.nix
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
{ config, pkgs, lib, ... }: {
|
||||||
|
home-manager.users.balsoft = {
|
||||||
|
services.pass-secret-service.enable = true;
|
||||||
|
|
||||||
|
systemd.user.services.pass-secret-service = {
|
||||||
|
Service = {
|
||||||
|
Type = "dbus";
|
||||||
|
Environment = [ "GPG_TTY=/dev/tty1" "DISPLAY=:0" ];
|
||||||
|
BusName = "org.freedesktop.secrets";
|
||||||
|
};
|
||||||
|
Unit = rec {
|
||||||
|
Wants = [ "gpg-agent.service" ];
|
||||||
|
After = Wants;
|
||||||
|
PartOf = [ "graphical-session-pre.target" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
47
profiles/security/user.nix
Normal file
47
profiles/security/user.nix
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
{ config, pkgs, lib, ... }: {
|
||||||
|
users.mutableUsers = false;
|
||||||
|
users.users.balsoft = {
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = [
|
||||||
|
"sudo"
|
||||||
|
"wheel"
|
||||||
|
"networkmanager"
|
||||||
|
"disk"
|
||||||
|
"dbus"
|
||||||
|
"audio"
|
||||||
|
"docker"
|
||||||
|
"sound"
|
||||||
|
"pulse"
|
||||||
|
"adbusers"
|
||||||
|
"input"
|
||||||
|
"libvirtd"
|
||||||
|
"vboxusers"
|
||||||
|
"wireshark"
|
||||||
|
"lp"
|
||||||
|
"scanner"
|
||||||
|
];
|
||||||
|
description = "Александр Бантьев";
|
||||||
|
uid = 1000;
|
||||||
|
password = "";
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services."user@" = { serviceConfig = { Restart = "always"; }; };
|
||||||
|
|
||||||
|
home-manager.users.balsoft = {
|
||||||
|
systemd.user.services.polkit-agent = {
|
||||||
|
Unit = {
|
||||||
|
Description = "Run polkit authentication agent";
|
||||||
|
X-RestartIfChanged = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
Install.WantedBy = [ "sway-session.target" ];
|
||||||
|
|
||||||
|
Service = { ExecStart = "${pkgs.mate.mate-polkit}/libexec/polkit-mate-authentication-agent-1"; };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
services.getty.autologinUser = "balsoft";
|
||||||
|
|
||||||
|
home-manager.useUserPackages = true;
|
||||||
|
}
|
27
profiles/security/vlock.nix
Normal file
27
profiles/security/vlock.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{ config, pkgs, lib, ... }: {
|
||||||
|
environment.loginShellInit = lib.mkBefore ''
|
||||||
|
[[ "$(tty)" == /dev/tty? ]] && sudo /run/current-system/sw/bin/lock this
|
||||||
|
'';
|
||||||
|
|
||||||
|
environment.systemPackages = [
|
||||||
|
(pkgs.writeShellScriptBin "lock" ''
|
||||||
|
set -euo pipefail
|
||||||
|
if [[ "$1" == this ]]
|
||||||
|
then args="-s"
|
||||||
|
else args="-san"
|
||||||
|
fi
|
||||||
|
${lib.optionalString (config.deviceSpecific.isLaptop)
|
||||||
|
''USER=balsoft ${pkgs.vlock}/bin/vlock "$args"''}
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
|
||||||
|
security.sudo = {
|
||||||
|
enable = true;
|
||||||
|
extraConfig = ''
|
||||||
|
balsoft ALL = (root) NOPASSWD: /run/current-system/sw/bin/lock
|
||||||
|
balsoft ALL = (root) NOPASSWD: /run/current-system/sw/bin/lock this
|
||||||
|
balsoft ALL = (root) NOPASSWD: ${pkgs.light}/bin/light -A 5
|
||||||
|
balsoft ALL = (root) NOPASSWD: ${pkgs.light}/bin/light -U 5
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
50
profiles/security/yubikey.nix
Normal file
50
profiles/security/yubikey.nix
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
{ config, pkgs, ... }: {
|
||||||
|
home-manager.users.balsoft = {
|
||||||
|
home.activation.yubi = {
|
||||||
|
data = ''
|
||||||
|
mkdir -p .config/Yubico
|
||||||
|
[ -f /home/balsoft/.config/Yubico/u2f_keys ] || (pamu2fcfg > /home/balsoft/.config/Yubico/u2f_keys)
|
||||||
|
'';
|
||||||
|
after = [ "linkGeneration" ];
|
||||||
|
before = [ ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
persist.state.directories = [ "/home/balsoft/.config/Yubico" ];
|
||||||
|
|
||||||
|
security.pam.services = builtins.listToAttrs (builtins.map (name: {
|
||||||
|
inherit name;
|
||||||
|
value = { unixAuth = false; };
|
||||||
|
}) [
|
||||||
|
"chpasswd"
|
||||||
|
"chsh"
|
||||||
|
"groupadd"
|
||||||
|
"groupdel"
|
||||||
|
"groupmems"
|
||||||
|
"groupmod"
|
||||||
|
"i3lock"
|
||||||
|
"i3lock-color"
|
||||||
|
"login"
|
||||||
|
"passwd"
|
||||||
|
"polkit-1"
|
||||||
|
"runuser"
|
||||||
|
"runuser-l"
|
||||||
|
"su"
|
||||||
|
"sudo"
|
||||||
|
"swaylock"
|
||||||
|
"systemd-user"
|
||||||
|
"useradd"
|
||||||
|
"userdel"
|
||||||
|
"usermod"
|
||||||
|
"vlock"
|
||||||
|
"xlock"
|
||||||
|
"xscreensaver"
|
||||||
|
]);
|
||||||
|
|
||||||
|
security.pam.u2f = {
|
||||||
|
control = "sufficient";
|
||||||
|
cue = true;
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -1,5 +1,5 @@
|
|||||||
{ pkgs, config, lib, ... }: {
|
{ pkgs, config, lib, ... }: {
|
||||||
hardware.pulseaudio.enable = false;
|
hardware.pulseaudio.enable = lib.mkForce false;
|
||||||
|
|
||||||
security.rtkit.enable = true;
|
security.rtkit.enable = true;
|
||||||
|
|
||||||
|
@ -22,15 +22,15 @@
|
|||||||
themes.fonts = {
|
themes.fonts = {
|
||||||
main = {
|
main = {
|
||||||
family = "IBM Plex Sans";
|
family = "IBM Plex Sans";
|
||||||
size = 13;
|
size = lib.mkDefault 13;
|
||||||
};
|
};
|
||||||
serif = {
|
serif = {
|
||||||
family = "IBM Plex Serif";
|
family = "IBM Plex Serif";
|
||||||
size = 13;
|
size = lib.mkDefault 13;
|
||||||
};
|
};
|
||||||
mono = {
|
mono = {
|
||||||
family = "IBM Plex Mono";
|
family = "IBM Plex Mono";
|
||||||
size = 13;
|
size = lib.mkDefault 13;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -38,20 +38,6 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
home-manager.users.balsoft = {
|
home-manager.users.balsoft = {
|
||||||
services.pass-secret-service.enable = true;
|
|
||||||
|
|
||||||
systemd.user.services.pass-secret-service = {
|
|
||||||
Service = {
|
|
||||||
Type = "dbus";
|
|
||||||
Environment = [ "GPG_TTY=/dev/tty1" "DISPLAY=:0" ];
|
|
||||||
BusName = "org.freedesktop.secrets";
|
|
||||||
};
|
|
||||||
Unit = rec {
|
|
||||||
Wants = [ "gpg-agent.service" ];
|
|
||||||
After = Wants;
|
|
||||||
PartOf = [ "graphical-session-pre.target" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
home.activation.gnome = ''
|
home.activation.gnome = ''
|
||||||
$DRY_RUN_CMD mkdir -p "$XDG_CONFIG_HOME/goa-1.0"
|
$DRY_RUN_CMD mkdir -p "$XDG_CONFIG_HOME/goa-1.0"
|
||||||
|
@ -8,7 +8,7 @@
|
|||||||
services.gpg-agent = {
|
services.gpg-agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableSshSupport = true;
|
enableSshSupport = true;
|
||||||
pinentryFlavor = "gtk2";
|
pinentryFlavor = "qt";
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.user.services.gpg-agent = {
|
systemd.user.services.gpg-agent = {
|
||||||
|
@ -25,8 +25,8 @@ in {
|
|||||||
gtk = {
|
gtk = {
|
||||||
enable = true;
|
enable = true;
|
||||||
iconTheme = {
|
iconTheme = {
|
||||||
name = "Papirus-Dark";
|
name = "breeze-dark";
|
||||||
package = pkgs.papirus-icon-theme;
|
package = pkgs.breeze-icons;
|
||||||
};
|
};
|
||||||
theme = {
|
theme = {
|
||||||
name = "Generated";
|
name = "Generated";
|
||||||
|
68
profiles/workspace/kde/plasma-mobile.nix
Normal file
68
profiles/workspace/kde/plasma-mobile.nix
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
|
services.xserver = {
|
||||||
|
enable = true;
|
||||||
|
desktopManager.plasma5 = {
|
||||||
|
mobile.enable = true;
|
||||||
|
runUsingSystemd = false;
|
||||||
|
};
|
||||||
|
displayManager = {
|
||||||
|
autoLogin = {
|
||||||
|
enable = true;
|
||||||
|
user = "balsoft";
|
||||||
|
};
|
||||||
|
defaultSession = "plasma-mobile";
|
||||||
|
lightdm = {
|
||||||
|
enable = true;
|
||||||
|
extraSeatDefaults = ''
|
||||||
|
session-cleanup-script=${pkgs.procps}/bin/pkill -P1 -fx ${pkgs.lightdm}/sbin/lightdm
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
libinput.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
powerManagement.enable = true;
|
||||||
|
|
||||||
|
home-manager.users.balsoft = {
|
||||||
|
xdg.configFile."autostart/org_kde_powerdevil.desktop".text = ''
|
||||||
|
[Desktop Entry]
|
||||||
|
DBusActivatable=true
|
||||||
|
Exec=${pkgs.powerdevil}/libexec/org_kde_powerdevil
|
||||||
|
Name=org_kde_powerdevil
|
||||||
|
Type=Application
|
||||||
|
'';
|
||||||
|
xdg.configFile."plasmarc".text =
|
||||||
|
lib.generators.toGitINI { Theme.name = "generated"; };
|
||||||
|
xdg.configFile."plasmamobilerc".text = lib.generators.toGitINI {
|
||||||
|
General = {
|
||||||
|
actionDrawerTopLeftMode = "1";
|
||||||
|
actionDrawerTopRightMode = "0";
|
||||||
|
vibrationDuration = "100";
|
||||||
|
vibrationIntensity = "0.5";
|
||||||
|
};
|
||||||
|
QuickSettings = {
|
||||||
|
disabledQuickSettings = builtins.concatStringsSep ","
|
||||||
|
[ "org.kde.plasma.quicksetting.record" ];
|
||||||
|
enabledQuickSettings = builtins.concatStringsSep "," [
|
||||||
|
"org.kde.plasma.quicksetting.wifi"
|
||||||
|
"org.kde.plasma.quicksetting.mobiledata"
|
||||||
|
"org.kde.plasma.quicksetting.bluetooth"
|
||||||
|
"org.kde.plasma.quicksetting.flashlight"
|
||||||
|
"org.kde.plasma.quicksetting.screenrotation"
|
||||||
|
"org.kde.plasma.quicksetting.settingsapp"
|
||||||
|
"org.kde.plasma.quicksetting.airplanemode"
|
||||||
|
"org.kde.plasma.quicksetting.audio"
|
||||||
|
"org.kde.plasma.quicksetting.battery"
|
||||||
|
"org.kde.plasma.quicksetting.location"
|
||||||
|
"org.kde.plasma.quicksetting.nightcolor"
|
||||||
|
"org.kde.plasma.quicksetting.screenshot"
|
||||||
|
"org.kde.plasma.quicksetting.powermenu"
|
||||||
|
"org.kde.plasma.quicksetting.donotdisturb"
|
||||||
|
"org.kde.plasma.quicksetting.caffeine"
|
||||||
|
"org.kde.plasma.quicksetting.keyboardtoggle"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -1,47 +1,13 @@
|
|||||||
{ pkgs, lib, config, ... }:
|
{ pkgs, lib, config, ... }:
|
||||||
with pkgs.my-lib; {
|
with pkgs.my-lib;
|
||||||
xdg.portal.enable = true;
|
let
|
||||||
|
colorTheme = with (thmDec config.themes.colors); {
|
||||||
services.dbus.packages =
|
|
||||||
[ pkgs.firefox pkgs.systemd pkgs.papirus-icon-theme ];
|
|
||||||
services.udev.packages = [ pkgs.libmtp pkgs.media-player-info ];
|
|
||||||
|
|
||||||
qt5.enable = false;
|
|
||||||
|
|
||||||
environment.sessionVariables = {
|
|
||||||
QT_XFT = "true";
|
|
||||||
QT_SELECT = "5";
|
|
||||||
KDE_SESSION_VERSION = "5";
|
|
||||||
QT_SCALE_FACTOR = "1";
|
|
||||||
QT_AUTO_SCREEN_SCALE_FACTOR = "0";
|
|
||||||
QT_QPA_PLATFORMTHEME = "kde";
|
|
||||||
KDEDIRS =
|
|
||||||
"/run/current-system/sw:/run/current-system/sw/share/kservices5:/run/current-system/sw/share/kservicetypes5:/run/current-system/sw/share/kxmlgui5";
|
|
||||||
};
|
|
||||||
|
|
||||||
defaultApplications = {
|
|
||||||
fm = {
|
|
||||||
cmd = "${pkgs.dolphin}/bin/dolphin";
|
|
||||||
desktop = "org.kde.dolphin";
|
|
||||||
};
|
|
||||||
archive = {
|
|
||||||
cmd = "${pkgs.ark}/bin/ark";
|
|
||||||
desktop = "org.kde.ark";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
home-manager.users.balsoft = let fonts = config.themes.fonts;
|
|
||||||
in {
|
|
||||||
home.packages = [ pkgs.ark pkgs.dolphin ];
|
|
||||||
|
|
||||||
xdg.configFile."kdeglobals".text = with (thmDec config.themes.colors);
|
|
||||||
lib.generators.toGitINI {
|
|
||||||
"Colors:Button" = {
|
"Colors:Button" = {
|
||||||
BackgroundAlternate = base01;
|
BackgroundAlternate = base01;
|
||||||
BackgroundNormal = base01;
|
BackgroundNormal = base01;
|
||||||
DecorationFocus = base02;
|
DecorationFocus = base0D;
|
||||||
DecorationHover = base02;
|
DecorationHover = base0D;
|
||||||
ForegroundActive = base05;
|
ForegroundActive = base0D;
|
||||||
ForegroundInactive = base01;
|
ForegroundInactive = base01;
|
||||||
ForegroundLink = base0D;
|
ForegroundLink = base0D;
|
||||||
ForegroundNegative = base08;
|
ForegroundNegative = base08;
|
||||||
@ -53,9 +19,9 @@ with pkgs.my-lib; {
|
|||||||
"Colors:Complementary" = {
|
"Colors:Complementary" = {
|
||||||
BackgroundAlternate = base01;
|
BackgroundAlternate = base01;
|
||||||
BackgroundNormal = base03;
|
BackgroundNormal = base03;
|
||||||
DecorationFocus = base02;
|
DecorationFocus = base0D;
|
||||||
DecorationHover = base02;
|
DecorationHover = base0D;
|
||||||
ForegroundActive = base09;
|
ForegroundActive = base0D;
|
||||||
ForegroundInactive = base01;
|
ForegroundInactive = base01;
|
||||||
ForegroundLink = base0D;
|
ForegroundLink = base0D;
|
||||||
ForegroundNegative = base08;
|
ForegroundNegative = base08;
|
||||||
@ -81,9 +47,9 @@ with pkgs.my-lib; {
|
|||||||
"Colors:Tooltip" = {
|
"Colors:Tooltip" = {
|
||||||
BackgroundAlternate = base01;
|
BackgroundAlternate = base01;
|
||||||
BackgroundNormal = base00;
|
BackgroundNormal = base00;
|
||||||
DecorationFocus = base02;
|
DecorationFocus = base0D;
|
||||||
DecorationHover = base02;
|
DecorationHover = base0D;
|
||||||
ForegroundActive = base02;
|
ForegroundActive = base0D;
|
||||||
ForegroundInactive = base01;
|
ForegroundInactive = base01;
|
||||||
ForegroundLink = base0D;
|
ForegroundLink = base0D;
|
||||||
ForegroundNegative = base08;
|
ForegroundNegative = base08;
|
||||||
@ -95,9 +61,9 @@ with pkgs.my-lib; {
|
|||||||
"Colors:View" = {
|
"Colors:View" = {
|
||||||
BackgroundAlternate = base01;
|
BackgroundAlternate = base01;
|
||||||
BackgroundNormal = base00;
|
BackgroundNormal = base00;
|
||||||
DecorationFocus = base02;
|
DecorationFocus = base0D;
|
||||||
DecorationHover = base02;
|
DecorationHover = base0D;
|
||||||
ForegroundActive = base02;
|
ForegroundActive = base0D;
|
||||||
ForegroundInactive = base01;
|
ForegroundInactive = base01;
|
||||||
ForegroundLink = base0D;
|
ForegroundLink = base0D;
|
||||||
ForegroundNegative = base08;
|
ForegroundNegative = base08;
|
||||||
@ -109,9 +75,9 @@ with pkgs.my-lib; {
|
|||||||
"Colors:Window" = {
|
"Colors:Window" = {
|
||||||
BackgroundAlternate = base01;
|
BackgroundAlternate = base01;
|
||||||
BackgroundNormal = base00;
|
BackgroundNormal = base00;
|
||||||
DecorationFocus = base02;
|
DecorationFocus = base0D;
|
||||||
DecorationHover = base02;
|
DecorationHover = base0D;
|
||||||
ForegroundActive = base02;
|
ForegroundActive = base0D;
|
||||||
ForegroundInactive = base01;
|
ForegroundInactive = base01;
|
||||||
ForegroundLink = base0D;
|
ForegroundLink = base0D;
|
||||||
ForegroundNegative = base08;
|
ForegroundNegative = base08;
|
||||||
@ -123,24 +89,21 @@ with pkgs.my-lib; {
|
|||||||
General = {
|
General = {
|
||||||
ColorScheme = "Generated";
|
ColorScheme = "Generated";
|
||||||
Name = "Generated";
|
Name = "Generated";
|
||||||
fixed = "${fonts.mono.family},${
|
|
||||||
toString fonts.mono.size
|
|
||||||
},-1,5,50,0,0,0,0,0";
|
|
||||||
font = "${fonts.main.family},${
|
|
||||||
toString fonts.main.size
|
|
||||||
},-1,5,50,0,0,0,0,0";
|
|
||||||
menuFont = "${fonts.main.family},${
|
|
||||||
toString fonts.main.size
|
|
||||||
},-1,5,50,0,0,0,0,0";
|
|
||||||
shadeSortColumn = true;
|
shadeSortColumn = true;
|
||||||
smallestReadableFont = "${fonts.main.family},${
|
|
||||||
toString fonts.main.size
|
|
||||||
},-1,5,57,0,0,0,0,0,Medium";
|
|
||||||
toolBarFont = "${fonts.main.family},${
|
|
||||||
toString fonts.main.size
|
|
||||||
},-1,5,50,0,0,0,0,0";
|
|
||||||
TerminalApplication = "alacritty";
|
|
||||||
};
|
};
|
||||||
|
KDE.contrast = 4;
|
||||||
|
WM = {
|
||||||
|
activeBackground = base00;
|
||||||
|
activeBlend = base06;
|
||||||
|
activeForeground = base05;
|
||||||
|
inactiveBackground = base01;
|
||||||
|
inactiveBlend = base02;
|
||||||
|
inactiveForeground = base04;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
misc = with config.themes; {
|
||||||
|
Icons.Theme = "breeze-dark";
|
||||||
|
|
||||||
KDE = {
|
KDE = {
|
||||||
DoubleClickInterval = 400;
|
DoubleClickInterval = 400;
|
||||||
ShowDeleteCommand = true;
|
ShowDeleteCommand = true;
|
||||||
@ -148,10 +111,111 @@ with pkgs.my-lib; {
|
|||||||
StartDragDist = 4;
|
StartDragDist = 4;
|
||||||
StartDragTime = 500;
|
StartDragTime = 500;
|
||||||
WheelScrollLines = 3;
|
WheelScrollLines = 3;
|
||||||
contrast = 4;
|
|
||||||
widgetStyle = "Breeze";
|
widgetStyle = "Breeze";
|
||||||
};
|
};
|
||||||
Icons = { Theme = "Papirus-Dark"; };
|
General = {
|
||||||
|
TerminalApplication = "alacritty";
|
||||||
|
fixed =
|
||||||
|
"${fonts.mono.family},${toString fonts.mono.size},-1,5,50,0,0,0,0,0";
|
||||||
|
font =
|
||||||
|
"${fonts.main.family},${toString fonts.main.size},-1,5,50,0,0,0,0,0";
|
||||||
|
menuFont =
|
||||||
|
"${fonts.main.family},${toString fonts.main.size},-1,5,50,0,0,0,0,0";
|
||||||
|
smallestReadableFont = "${fonts.main.family},${
|
||||||
|
toString fonts.main.size
|
||||||
|
},-1,5,57,0,0,0,0,0,Medium";
|
||||||
|
toolBarFont =
|
||||||
|
"${fonts.main.family},${toString fonts.main.size},-1,5,50,0,0,0,0,0";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
effects = with (thmDec config.themes.colors); {
|
||||||
|
"ColorEffects:Disabled" = {
|
||||||
|
Color = base02;
|
||||||
|
ColorAmount = "0";
|
||||||
|
ColorEffect = "0";
|
||||||
|
ContrastAmount = "0.65";
|
||||||
|
ContrastEffect = "1";
|
||||||
|
IntensityAmount = "0.1";
|
||||||
|
IntensityEffect = "2";
|
||||||
|
};
|
||||||
|
|
||||||
|
"ColorEffects:Inactive" = {
|
||||||
|
ChangeSelectionColor = "true";
|
||||||
|
Color = base03;
|
||||||
|
ColorAmount = "0.025";
|
||||||
|
ColorEffect = "2";
|
||||||
|
ContrastAmount = "0.1";
|
||||||
|
ContrastEffect = "2";
|
||||||
|
Enable = "false";
|
||||||
|
IntensityAmount = "0";
|
||||||
|
IntensityEffect = "0";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
desktopThemeColors = pkgs.writeText "generated-plasma-theme-colors"
|
||||||
|
(lib.generators.toGitINI
|
||||||
|
(builtins.foldl' lib.recursiveUpdate { } [ colorTheme effects ]));
|
||||||
|
desktopThemeRc = pkgs.writeText "generated-plasma-theme-rc"
|
||||||
|
(lib.generators.toGitINI {
|
||||||
|
Wallpaper = {
|
||||||
|
defaultWallpaperTheme = "Next";
|
||||||
|
defaultFileSuffix = ".png";
|
||||||
|
defaultWidth = "1920";
|
||||||
|
defaultHeight = "1080";
|
||||||
|
};
|
||||||
|
ContrastEffect = {
|
||||||
|
enabled = "true";
|
||||||
|
contrast = "0.17";
|
||||||
|
intensity = "1.25";
|
||||||
|
saturation = "9";
|
||||||
|
};
|
||||||
|
AdaptiveTransparency.enabled = "true";
|
||||||
|
});
|
||||||
|
desktopTheme = pkgs.linkFarm "generated-plasma-theme" [
|
||||||
|
{
|
||||||
|
name = "share/plasma/desktoptheme/generated/plasmarc";
|
||||||
|
path = desktopThemeRc;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "share/plasma/desktoptheme/generated/colors";
|
||||||
|
path = desktopThemeColors;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
in {
|
||||||
|
environment.systemPackages = [ desktopTheme ];
|
||||||
|
|
||||||
|
xdg.portal.enable = true;
|
||||||
|
|
||||||
|
services.dbus.packages = [ pkgs.systemd pkgs.breeze-icons ];
|
||||||
|
services.udev.packages = [ pkgs.libmtp pkgs.media-player-info ];
|
||||||
|
|
||||||
|
qt.enable = false;
|
||||||
|
|
||||||
|
environment.sessionVariables = {
|
||||||
|
QT_XFT = "true";
|
||||||
|
QT_SELECT = "5";
|
||||||
|
KDE_SESSION_VERSION = "5";
|
||||||
|
QT_SCALE_FACTOR = "1";
|
||||||
|
QT_AUTO_SCREEN_SCALE_FACTOR = "0";
|
||||||
|
QT_QPA_PLATFORMTHEME = "kde";
|
||||||
|
KDEDIRS =
|
||||||
|
"/run/current-system/sw:/run/current-system/sw/share/kservices5:/run/current-system/sw/share/kservicetypes5:/run/current-system/sw/share/kxmlgui5";
|
||||||
|
};
|
||||||
|
|
||||||
|
defaultApplications = {
|
||||||
|
fm = {
|
||||||
|
cmd = "${pkgs.dolphin}/bin/dolphin";
|
||||||
|
desktop = "org.kde.dolphin";
|
||||||
|
};
|
||||||
|
archive = {
|
||||||
|
cmd = "${pkgs.ark}/bin/ark";
|
||||||
|
desktop = "org.kde.ark";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
home-manager.users.balsoft = {
|
||||||
|
home.packages = [ pkgs.ark pkgs.dolphin ];
|
||||||
|
|
||||||
|
xdg.configFile."kdeglobals".text = lib.generators.toGitINI
|
||||||
|
(builtins.foldl' lib.recursiveUpdate { } [ colorTheme misc ]);
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,7 +1,4 @@
|
|||||||
{ pkgs, config, lib, ... }: {
|
{ pkgs, config, lib, ... }: {
|
||||||
console.font = "cyr-sun16";
|
|
||||||
console.keyMap = "ruwin_cplk-UTF-8";
|
|
||||||
|
|
||||||
environment.sessionVariables = {
|
environment.sessionVariables = {
|
||||||
XKB_DEFAULT_LAYOUT = "us,ru";
|
XKB_DEFAULT_LAYOUT = "us,ru";
|
||||||
XKB_DEFAULT_OPTIONS =
|
XKB_DEFAULT_OPTIONS =
|
||||||
|
@ -23,7 +23,7 @@
|
|||||||
textColor = base05;
|
textColor = base05;
|
||||||
borderColor = "${base0D}AA";
|
borderColor = "${base0D}AA";
|
||||||
progressColor = "over ${base0B}";
|
progressColor = "over ${base0B}";
|
||||||
iconPath = "${pkgs.papirus-icon-theme}/share/icons/Papirus-Dark";
|
iconPath = "${pkgs.breeze-icons}/share/icons/breeze-dark";
|
||||||
maxIconSize = 24;
|
maxIconSize = 24;
|
||||||
extraConfig = let
|
extraConfig = let
|
||||||
play = sound:
|
play = sound:
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
|
|
||||||
systemd.user.startServices = true;
|
systemd.user.startServices = true;
|
||||||
|
|
||||||
home.stateVersion = "20.09";
|
home.stateVersion = lib.mkDefault "20.09";
|
||||||
};
|
};
|
||||||
|
|
||||||
home-manager.useGlobalPkgs = true;
|
home-manager.useGlobalPkgs = true;
|
||||||
|
@ -1,9 +1,11 @@
|
|||||||
{ pkgs, config, lib, ... }: {
|
{ pkgs, config, lib, ... }: {
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
passwordAuthentication = false;
|
settings = {
|
||||||
permitRootLogin = "no";
|
PasswordAuthentication = false;
|
||||||
forwardX11 = true;
|
PermitRootLogin = "no";
|
||||||
|
X11Forwarding = true;
|
||||||
|
};
|
||||||
extraConfig = "StreamLocalBindUnlink yes";
|
extraConfig = "StreamLocalBindUnlink yes";
|
||||||
ports = [ 22 ];
|
ports = [ 22 ];
|
||||||
};
|
};
|
||||||
@ -17,20 +19,17 @@
|
|||||||
|
|
||||||
persist.state.directories = [ "/home/balsoft/.ssh" ];
|
persist.state.directories = [ "/home/balsoft/.ssh" ];
|
||||||
|
|
||||||
users.users.balsoft.openssh.authorizedKeys.keys =
|
users.users.balsoft.openssh.authorizedKeys.keys = [
|
||||||
["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDd2OdcSHUsgezuV+cpFqk9+Svtup6PxIolv1zokVZdqvS8qxLsA/rwYmQgTnuq4/zK/GIxcUCH4OxYlW6Or4M4G7qrDKcLAUrRPWkectqEooWRflZXkfHduMJhzeOAsBdMfYZQ9024GwKr/4yriw2BGa8GbbAnQxiSeTipzvXHoXuRME+/2GsMFAfHFvxzXRG7dNOiLtLaXEjUPUTcw/fffKy55kHtWxMkEvvcdyR53/24fmO3kLVpEuoI+Mp1XFtX3DvRM9ulgfwZUn8/CLhwSLwWX4Xf9iuzVi5vJOJtMOktQj/MwGk4tY/NPe+sIk+nAUKSdVf0y9k9JrJT98S/ comment"];
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDd2OdcSHUsgezuV+cpFqk9+Svtup6PxIolv1zokVZdqvS8qxLsA/rwYmQgTnuq4/zK/GIxcUCH4OxYlW6Or4M4G7qrDKcLAUrRPWkectqEooWRflZXkfHduMJhzeOAsBdMfYZQ9024GwKr/4yriw2BGa8GbbAnQxiSeTipzvXHoXuRME+/2GsMFAfHFvxzXRG7dNOiLtLaXEjUPUTcw/fffKy55kHtWxMkEvvcdyR53/24fmO3kLVpEuoI+Mp1XFtX3DvRM9ulgfwZUn8/CLhwSLwWX4Xf9iuzVi5vJOJtMOktQj/MwGk4tY/NPe+sIk+nAUKSdVf0y9k9JrJT98S/ comment"
|
||||||
|
];
|
||||||
|
|
||||||
secrets.ssh_key = {
|
# secrets.ssh_key = {
|
||||||
services = [];
|
# services = [ ];
|
||||||
decrypted = "/root/.ssh/id_ed25519";
|
# decrypted = "/root/.ssh/id_ed25519";
|
||||||
};
|
# };
|
||||||
|
|
||||||
home-manager.users.balsoft.programs.ssh = {
|
home-manager.users.balsoft.programs.ssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
matchBlocks = {
|
matchBlocks = { "*" = { compression = false; }; };
|
||||||
"*" = {
|
|
||||||
compression = false;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -159,7 +159,7 @@ in {
|
|||||||
"F1" = ''
|
"F1" = ''
|
||||||
exec ${pkgs.pavucontrol}/bin/pavucontrol; [app_id="pavucontrol"] focus'';
|
exec ${pkgs.pavucontrol}/bin/pavucontrol; [app_id="pavucontrol"] focus'';
|
||||||
"Shift+F1" = ''
|
"Shift+F1" = ''
|
||||||
exec ${pkgs.helvum}/bin/helvum; [app_id="org.freedesktop.ryuukyu.Helvum"] focus'';
|
exec ${pkgs.qpwgraph}/bin/qpwgraph; [app_id="org.freedesktop.ryuukyu.Helvum"] focus'';
|
||||||
"F3" = "exec ${pkgs.alsa-utils}/bin/amixer set Capture cap";
|
"F3" = "exec ${pkgs.alsa-utils}/bin/amixer set Capture cap";
|
||||||
"Shift+F3" = "exec ${pkgs.alsa-utils}/bin/amixer set Capture nocap";
|
"Shift+F3" = "exec ${pkgs.alsa-utils}/bin/amixer set Capture nocap";
|
||||||
"F5" = "reload";
|
"F5" = "reload";
|
||||||
@ -211,7 +211,6 @@ in {
|
|||||||
"XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer -i 2";
|
"XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer -i 2";
|
||||||
"XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer -t";
|
"XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer -t";
|
||||||
"button2" = "kill";
|
"button2" = "kill";
|
||||||
"--whole-window button2" = "kill";
|
|
||||||
} // builtins.listToAttrs (builtins.map (x: {
|
} // builtins.listToAttrs (builtins.map (x: {
|
||||||
name = "${builtins.elemAt x 0}";
|
name = "${builtins.elemAt x 0}";
|
||||||
value = "workspace ${builtins.elemAt x 1}";
|
value = "workspace ${builtins.elemAt x 1}";
|
||||||
@ -251,7 +250,7 @@ in {
|
|||||||
"XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer -i 2";
|
"XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer -i 2";
|
||||||
"XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer -t";
|
"XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer -t";
|
||||||
"button2" = "kill";
|
"button2" = "kill";
|
||||||
"--whole-window button2" = "kill";
|
"--whole-window ${modifier}+button2" = "kill";
|
||||||
};
|
};
|
||||||
|
|
||||||
keycodebindings = { };
|
keycodebindings = { };
|
||||||
|
@ -1,19 +1,16 @@
|
|||||||
{ inputs, ... }: {
|
{ inputs, ... }: {
|
||||||
imports = with inputs.self.nixosProfiles; [
|
imports = with inputs.self.nixosProfiles; [
|
||||||
inputs.home-manager.nixosModules.home-manager
|
|
||||||
|
|
||||||
# PROFILES
|
# PROFILES
|
||||||
autoRun
|
autoRun
|
||||||
xdg
|
xdg
|
||||||
|
|
||||||
boot
|
|
||||||
git
|
git
|
||||||
gpg
|
gpg
|
||||||
locale
|
locale
|
||||||
misc
|
misc
|
||||||
network
|
network
|
||||||
nix
|
nix
|
||||||
security
|
user
|
||||||
ssh
|
ssh
|
||||||
zsh
|
zsh
|
||||||
];
|
];
|
||||||
|
@ -2,6 +2,8 @@
|
|||||||
imports = with inputs.self.nixosProfiles; [
|
imports = with inputs.self.nixosProfiles; [
|
||||||
./base.nix
|
./base.nix
|
||||||
|
|
||||||
|
boot
|
||||||
|
|
||||||
# PROFILES
|
# PROFILES
|
||||||
applications-setup
|
applications-setup
|
||||||
bluetooth
|
bluetooth
|
||||||
@ -11,6 +13,9 @@
|
|||||||
sound
|
sound
|
||||||
virtualisation
|
virtualisation
|
||||||
|
|
||||||
|
yubikey
|
||||||
|
vlock
|
||||||
|
|
||||||
alacritty
|
alacritty
|
||||||
aerc
|
aerc
|
||||||
# cantata
|
# cantata
|
||||||
@ -26,6 +31,7 @@
|
|||||||
packages
|
packages
|
||||||
okular
|
okular
|
||||||
|
|
||||||
|
pass-secret-service
|
||||||
copyq
|
copyq
|
||||||
cursor
|
cursor
|
||||||
direnv
|
direnv
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
{ inputs, ... }: {
|
{ inputs, ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
./base.nix
|
./base.nix
|
||||||
|
|
||||||
|
inputs.self.nixosProfiles.boot
|
||||||
];
|
];
|
||||||
|
|
||||||
security.sudo.wheelNeedsPassword = false;
|
security.sudo.wheelNeedsPassword = false;
|
||||||
|
Loading…
Reference in New Issue
Block a user