diff --git a/flake.lock b/flake.lock index cab022a..d21cb62 100644 --- a/flake.lock +++ b/flake.lock @@ -1040,7 +1040,8 @@ "simple-nixos-mailserver": "simple-nixos-mailserver", "simple-osd-daemons": "simple-osd-daemons", "sonoff-lan": "sonoff-lan", - "tridactyl-native-messenger": "tridactyl-native-messenger" + "tridactyl-native-messenger": "tridactyl-native-messenger", + "yt-dlp": "yt-dlp" } }, "rust-overlay": { @@ -1213,6 +1214,22 @@ "repo": "flake-utils", "type": "github" } + }, + "yt-dlp": { + "flake": false, + "locked": { + "lastModified": 1676639476, + "narHash": "sha256-+rVcHpSCu2Wa8Noy4uINdx4S5iftYKrh1wQqpb67RQg=", + "owner": "yt-dlp", + "repo": "yt-dlp", + "rev": "18d295c9e0f95adc179eef345b7af64d6372db78", + "type": "github" + }, + "original": { + "owner": "yt-dlp", + "repo": "yt-dlp", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 123bfc9..2d16fea 100644 --- a/flake.nix +++ b/flake.nix @@ -106,6 +106,9 @@ }; nixos-hardware.url = "github:balsoft/nixos-hardware/add-librem-5"; + + yt-dlp.url = "github:yt-dlp/yt-dlp"; + yt-dlp.flake = false; }; outputs = { nixpkgs, self, nix, deploy-rs, ... }@inputs: diff --git a/machines/Librem5-Phone/default.nix b/machines/Librem5-Phone/default.nix index 7e9aba0..678a402 100644 --- a/machines/Librem5-Phone/default.nix +++ b/machines/Librem5-Phone/default.nix @@ -12,7 +12,9 @@ power hardware sound + plasma-mobile + # phosh nheko okular @@ -28,6 +30,7 @@ fonts gtk qt + shadowsocks pass-secret-service ]; diff --git a/modules/devices.nix b/modules/devices.nix index ba35cda..2b2c0f4 100644 --- a/modules/devices.nix +++ b/modules/devices.nix @@ -9,6 +9,10 @@ with types; { default = !isNull (builtins.match ".*Laptop" config.networking.hostName); }; + isPhone = mkOption { + type = bool; + default = !isNull (builtins.match ".*Phone" config.networking.hostName); + }; devInfo = { cpu = { arch = mkOption { type = enum [ "x86_64" "aarch64" ]; }; diff --git a/modules/secrets.nix b/modules/secrets.nix index c554a1e..ac38d1c 100755 --- a/modules/secrets.nix +++ b/modules/secrets.nix @@ -45,23 +45,28 @@ let }; }; - activate-secrets = pkgs.writeShellScriptBin "activate-secrets" '' - set -euo pipefail - # Make sure card is available and unlocked - echo fetch | gpg --card-edit --no-tty --command-fd=0 - ${pkgs.gnupg}/bin/gpg --card-status - export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" - if [ -d "${password-store}/.git" ]; then - cd "${password-store}"; ${pkgs.git}/bin/git pull - else - ${pkgs.git}/bin/git clone ${ - lib.escapeShellArg config.secretsConfig.repo - } "${password-store}" - fi - cat ${password-store}/email/balsoft@balsoft.ru.gpg | ${pkgs.gnupg}/bin/gpg --decrypt > /dev/null - sudo systemctl restart ${allServices} - ''; + activate-secrets = pkgs.writeShellApplication { + name = "activate-secrets"; + text = '' + set -euo pipefail + # Make sure card is available and unlocked + echo fetch | gpg --card-edit --no-tty --command-fd=0 + gpg --card-status + SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" + export SSH_AUTH_SOCK + if [ -d "${password-store}/.git" ]; then + cd "${password-store}"; git pull + else + git clone ${ + lib.escapeShellArg config.secretsConfig.repo + } "${password-store}" + fi + gpg --decrypt < ${password-store}/email/balsoft@balsoft.ru.gpg > /dev/null + /run/wrappers/bin/sudo systemctl restart ${allServices} + ''; + runtimeInputs = [ pkgs.gnupg pkgs.git pkgs.systemd pkgs.openssh ]; + }; decrypt = name: cfg: with cfg; { "${name}-secrets" = rec { diff --git a/overlay.nix b/overlay.nix index 2f358ac..8dc23da 100644 --- a/overlay.nix +++ b/overlay.nix @@ -21,28 +21,9 @@ in rec { propagatedBuildInputs = [ mopidy - (python3Packages.ytmusicapi.overrideAttrs (oa: rec { - name = "python3.9-ytmusicapi-${version}"; - version = "0.19.1"; - src = fetchFromGitHub { - owner = "sigma67"; - repo = "ytmusicapi"; - rev = "fd9f57750de103202106f02be1696bd440f2c05b"; - sha256 = "/NMy2cGe0K/14OZd+/dXKA6Ez1ivrtrZ6Lwl0P8dioA="; - fetchSubmodules = true; - }; - })) - (python3Packages.pytube.overrideAttrs (oa: rec { - name = "python3.9-pytube-${version}"; - version = "11.0.1"; - src = fetchFromGitHub { - owner = "pytube"; - repo = "pytube"; - rev = "f06e0710dcf5089e582487fee94f7bb0afbf7ba9"; - sha256 = "sha256-yQCgrnoPOSdTnTPEsVkgLYpPLiHq7kXRUO72TxD152k="; - fetchSubmodules = true; - }; - })) + python3Packages.ytmusicapi + python3Packages.pytube + ]; doCheck = false; @@ -183,5 +164,23 @@ in rec { maintainers = with maintainers; [ balsoft ]; }; }) { }; + + audiotube = prev'.audiotube.overrideAttrs (_: { + desktopItem = final.makeDesktopItem { + name = "Audiotube"; + exec = "https_proxy=socks5://localhost:5555 audiotube"; + icon = "org.kde.audiotube"; + type = "Application"; + categories = [ "Qt" "KDE" "AudioVideo" "Player" ]; + }; + }); + }); + okularMobile = final.okular.overrideAttrs + (oa: { cmakeFlags = oa.cmakeFlags or [ ] ++ [ "-DOKULAR_UI=mobile" ]; }); + + python3Packages = prev.python3Packages.overrideScope (final': prev': { + yt-dlp = prev'.yt-dlp.overrideAttrs (_: { src = inputs.yt-dlp; }); + }); + } diff --git a/profiles/applications/okular.nix b/profiles/applications/okular.nix index c59f5e0..82e5463 100644 --- a/profiles/applications/okular.nix +++ b/profiles/applications/okular.nix @@ -1,7 +1,12 @@ { pkgs, lib, config, ... }: with (pkgs.my-lib.thmDec config.themes.colors); { home-manager.users.balsoft = { - home.packages = [ pkgs.okular ]; + home.packages = [ + (if config.deviceSpecific.isPhone then + pkgs.okularMobile + else + pkgs.okular) + ]; xdg.configFile."okularpartrc".text = pkgs.my-lib.genIni { "Dlg Accessibility" = { RecolorBackground = base00; diff --git a/profiles/security/user.nix b/profiles/security/user.nix index e9d0fb5..d36e256 100644 --- a/profiles/security/user.nix +++ b/profiles/security/user.nix @@ -19,6 +19,7 @@ "wireshark" "lp" "scanner" + "feedbackd" ]; description = "Александр Бантьев"; uid = 1000; diff --git a/profiles/workspace/kde/plasma-mobile.nix b/profiles/workspace/kde/plasma-mobile.nix index d461f14..890c4af 100644 --- a/profiles/workspace/kde/plasma-mobile.nix +++ b/profiles/workspace/kde/plasma-mobile.nix @@ -1,5 +1,13 @@ { config, pkgs, lib, ... }: { + nixpkgs.overlays = [ + (final: prev: { + kwallet = null; + kwallet-pam = null; + kwalletmanager = null; + }) + ]; + services.xserver = { enable = true; desktopManager.plasma5 = { @@ -22,7 +30,9 @@ libinput.enable = true; }; - powerManagement.enable = true; + programs.feedbackd.enable = true; + + services.upower.enable = true; home-manager.users.balsoft = { home.activation.removeGtkRc = { diff --git a/profiles/workspace/kde/qt.nix b/profiles/workspace/kde/qt.nix index e0e7f74..add55dc 100644 --- a/profiles/workspace/kde/qt.nix +++ b/profiles/workspace/kde/qt.nix @@ -197,6 +197,7 @@ in { QT_SCALE_FACTOR = "1"; QT_AUTO_SCREEN_SCALE_FACTOR = "0"; QT_QPA_PLATFORMTHEME = "kde"; + QT_QUICK_CONTROLS_STYLE = "org.kde.breeze"; KDEDIRS = "/run/current-system/sw:/run/current-system/sw/share/kservices5:/run/current-system/sw/share/kservicetypes5:/run/current-system/sw/share/kxmlgui5"; }; @@ -216,6 +217,6 @@ in { home.packages = [ pkgs.ark pkgs.dolphin ]; xdg.configFile."kdeglobals".text = lib.generators.toGitINI - (builtins.foldl' lib.recursiveUpdate { } [ colorTheme misc ]); + (builtins.foldl' lib.recursiveUpdate { } [ colorTheme effects misc ]); }; } diff --git a/profiles/workspace/mopidy.nix b/profiles/workspace/mopidy.nix index 2320d73..1474bf0 100644 --- a/profiles/workspace/mopidy.nix +++ b/profiles/workspace/mopidy.nix @@ -1,5 +1,4 @@ -{ pkgs, config, lib, ... }: -{ +{ pkgs, config, lib, ... }: { secrets.mopidy_ytmusic_auth = { owner = "mopidy:mopidy"; services = [ "mopidy" ]; @@ -7,7 +6,7 @@ services.mopidy = { enable = true; - extensionPackages = with pkgs; [ mopidy-mpd mopidy-ytmusic ]; + extensionPackages = with pkgs; [ mopidy-mpd /*mopidy-ytmusic*/ ]; configuration = '' [ytmusic] enabled=true @@ -16,12 +15,10 @@ hostname = 0.0.0.0 port = 6600 [audio] - output = pulsesink server=127.0.0.1 + output = autoaudiosink ''; }; - systemd.services.mopidy = { - after = [ "network-online.target" ]; - }; + systemd.services.mopidy = { after = [ "network-online.target" ]; environment.https_proxy = "socks5://localhost:5555"; }; } diff --git a/profiles/workspace/shadowsocks.nix b/profiles/workspace/shadowsocks.nix new file mode 100644 index 0000000..26624ed --- /dev/null +++ b/profiles/workspace/shadowsocks.nix @@ -0,0 +1,24 @@ +{ config, pkgs, ... }: { + + secrets.shadowsocks_options = { + owner = "shadowsocks:shadowsocks"; + services = [ "shadowsocks" ]; + }; + + users.users.shadowsocks = { + isSystemUser = true; + group = "shadowsocks"; + }; + + users.groups.shadowsocks = { }; + + systemd.services.shadowsocks = { + script = "ss-local -l 5555 $(cat ${config.secrets.shadowsocks_options})"; + path = [ pkgs.shadowsocks-libev ]; + serviceConfig = { + User = "shadowsocks"; + Group = "shadowsocks"; + }; + wantedBy = [ "multi-user.target" ]; + }; +} diff --git a/roles/desktop.nix b/roles/desktop.nix index f3b405f..28e0c45 100644 --- a/roles/desktop.nix +++ b/roles/desktop.nix @@ -49,5 +49,6 @@ simple-osd-daemons sway yubikey-touch-detector + shadowsocks ]; }