diff --git a/configuration.nix b/configuration.nix index e2e0a3a..23c4c58 100644 --- a/configuration.nix +++ b/configuration.nix @@ -21,8 +21,7 @@ ./roles/network.nix ./roles/nix.nix ./roles/vpn.nix - ./roles/private.nix - ./roles/game.nix + ./roles/work.nix ]; networking.useDHCP = false; @@ -33,9 +32,13 @@ services.openssh.enable = true; networking.firewall.enable = true; - nixpkgs.config.permittedInsecurePackages = [ "openssl-1.0.2u" ]; + nixpkgs.config.permittedInsecurePackages = [ + "openssl-1.0.2u" + "python3.10-kerberos-1.3.1" + ]; - system.autoUpgrade.enable = true; + # removed for mobile working + # system.autoUpgrade.enable = true; system.stateVersion = "20.03"; # We can stay here } diff --git a/dotfiles/alacritty.yml b/dotfiles/alacritty.yml index 4d524b9..6e675f3 100644 --- a/dotfiles/alacritty.yml +++ b/dotfiles/alacritty.yml @@ -1,7 +1,7 @@ font: normal: family: CaskaydiaCove Nerd Font - size: 12 + size: 8 draw_bold_text_with_bright_colors: true diff --git a/dotfiles/sway/config b/dotfiles/sway/config index 1ae619f..41b5865 100644 --- a/dotfiles/sway/config +++ b/dotfiles/sway/config @@ -1,15 +1,33 @@ +# colors +set $black #000000 +set $red #e75544 +set $cyan #3c74f6 +set $white #fafafa +set $yellow #908550 +set $violet #a73ca6 +#set $black2 #323232 +set $white2 #f0f0f0 + # config set $mod Mod1 set $left h set $down j set $up k set $right l -set $term alacritty -set $wallpaper /home/stefan/Downloads/bg.jpg +set $term wezterm +set $wallpaper /home/stefan/wall.png set $lock swaylock -t -i $wallpaper --scaling=fill set $font CaskaydiaCove Nerd Font 10 -set $menucolor --ff=#f8f8f2 --nf=#f8f8f2 --tf=#bd93f9 --hf=#bd93f9 --tb=#282a36 --fb=#282a36 --nb=#282a36 --hb=#282a36 --sb=#282a36 +set $menucolor \ + --tf=$white --tb=$cyan \ + --ff=$black --fb=$white \ + --cf=$cyan --cb=$white \ + --nf=$black --nb=$white \ + --af=$black --ab=$white2 \ + --hf=$white --hb=$cyan \ + --sf=$white --sb=$cyan set $menu bemenu-run -H 23 -b -p run $menucolor +font $font input "1:1:AT_Translated_Set_2_keyboard" xkb_layout de input "0:0:TUXEDO_Keyboard" xkb_layout de @@ -17,6 +35,7 @@ input "0:0:TUXEDO_Keyboard" xkb_layout de output * bg $wallpaper fill output "BenQ Corporation BenQ SW2700 83H03922SL0" res --custom 2560x1440@60Hz output "Dell Inc. Dell U4919DW HZVZWP2" res 5120x1440 +output eDP-1 scale 1.25 # user keybinds bindsym $mod+Return exec $term @@ -31,6 +50,8 @@ bindsym $mod+Up exec light -A 5 bindsym $mod+Down exec light -U 5 bindsym $mod+c exec alacritty --class float -t pyCalc -e python bindsym $mod+i exec alacritty --class float -t insect -e insect +bindsym $mod+m exec swayr switch-to +bindsym $mod+n exec emacsclient -cn bindsym Print exec grim -g "$(slurp)" - | wl-copy -t image/png bindswitch --reload --locked lid:on output eDP-1 disable bindswitch --reload --locked lid:off output eDP-1 enable @@ -42,23 +63,11 @@ for_window [title="Picture-in-Picture"] floating enable for_window [title="pyCalc"] floating enable for_window [title="insect"] floating enable -# font -font $font - -# colors -set $black #282a36 -set $red #ff6188 -set $cyan #78dce8 -set $white #fcfcfa -set $yellow #f1fa8c -set $violet #bd93f9 -set $black2 #323232 - # border backgnd text indicator childborder -client.focused $violet $black $white $violet $violet -client.focused_inactive $black $black $white $black2 $black -client.unfocused $black $black $white $black2 $black -client.urgent $red $red $black $black2 $white +client.focused $cyan $white $black $violet $cyan +client.focused_inactive $white2 $white2 $black $white2 $white +client.unfocused $white2 $white2 $black $white2 $white +client.urgent $red $red $white $white2 $black # movement @@ -132,36 +141,43 @@ bar { font $font position bottom colors { - background $black - statusline $white - separator $violet + background $white + statusline $black + separator $cyan # border back text - focused_workspace $violet $violet $black - active_workspace $violet $violet $black - urgent_workspace $red $red $white - inactive_workspace $black $black $white + focused_workspace $cyan $cyan $white + active_workspace $cyan $cyan $white + urgent_workspace $red $red $black + inactive_workspace $white $white $black } + status_command i3status-rs /etc/sway/status.toml } set $gnome-schema org.gnome.desktop.interface exec_always { - gsettings set $gnome-schema gtk-theme 'Dracula' - gsettings set $gnome-schema icon-theme 'Dracula' - gsettings set $gnome-schema cursor-theme 'Capitaine Cursors - White' + gsettings set $gnome-schema cursor-theme Adwaita + gsettings set $gnome-schema icon-theme 'capitaine-cursors-white' + gsettings set $gnome-schema cursor-theme 'capitaine-cursors-white' } # autostarts exec mako --font "$font" \ - --background-color=$black \ - --border-color=$violet \ - --text-color=$white + --background-color "$white" \ + --border-colo "$red" \ + --text-color "$black" \ + --default-timeout 1000 \ + --padding 10 exec emacs --daemon exec swayidle before-sleep "$lock" exec /run/current-system/sw/libexec/polkit-gnome-authentication-agent-1 exec systemctl --user import-environment DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR +exec dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK XDG_CURRENT_DESKTOP exec bash -c '[ "$HOSTNAME" == sphere ] && cloudstation' +exec swayrd +exec xinput set-prop "PIXA3854:00 093A:0274 Touchpad" 365 1 + # pastebin exec wl-paste --primary -t text --watch clipman store diff --git a/dotfiles/sway/status.toml b/dotfiles/sway/status.toml index 90c512f..357d6bb 100644 --- a/dotfiles/sway/status.toml +++ b/dotfiles/sway/status.toml @@ -1,20 +1,21 @@ [theme] name = "plain" [theme.overrides] -idle_bg = "#282a36" -idle_fg = "#f8f8f2" -info_bg = "#282a36" -info_fg = "#f8f8f2" -good_bg = "#282a36" -good_fg = "#50fa7b" -warning_bg = "#282a36" -warning_fg = "#f1fa8c" -critical_bg = "#282a36" -critical_fg = "#ff5555" -separator_bg = "#282a36" -separator_fg = "#bd93f9" +idle_bg = "#fafafa" +idle_fg = "#000000" +info_bg = "#fafafa" +info_fg = "#000000" +good_bg = "#fafafa" +good_fg = "#000000" +warning_bg = "#fafafa" +warning_fg = "#908550" +critical_bg = "#fafafa" +critical_fg = "#e75544" +separator_bg = "#fafafa" +separator_fg = "#3c74f6" separator = "|" + [icons] name = "none" [icons.overrides] @@ -93,14 +94,6 @@ driver = "pulseaudio" [[block]] block = "backlight" -[[block]] -block = "battery" -device = "BAT0" -interval = 10 -format = "{percentage} ({time})" -full_format = "{percentage} ({time}) " -icons_format = " {icon} " - [[block]] block = "battery" device = "BAT1" diff --git a/dotfiles/wezterm.lua b/dotfiles/wezterm.lua new file mode 100644 index 0000000..8c3982e --- /dev/null +++ b/dotfiles/wezterm.lua @@ -0,0 +1,42 @@ +local wezterm = require 'wezterm'; + +return { + audible_bell = "Disabled", + bold_brightens_ansi_colors = true, + color_scheme = "One Light (base16)", + enable_tab_bar = false, + enable_wayland = true, + font_size = 12, + font = wezterm.font("CaskaydiaCove Nerd Font"), + window_background_opacity = 0.97, + window_close_confirmation = 'NeverPrompt', + default_prog = { '/run/current-system/sw/bin/bash' }, + + selection_fg = 'black', + selection_bg = '#fafafa', + + keys = { + { + key = 'Escape', + mods = 'CTRL', + action = wezterm.action.QuickSelect, + }, + }, + + window_padding = { + left = 0, + right = 0, + top = 0, + bottom = 0, + }, + + quick_select_patterns = { + '^([^ ]+) +(?:ClusterIP|Bound)', + '^([^ ]+) +(?:[0-9]+/[0-9]+)', + '^([^ ]+) +(?:[0-9]+ )', + '^([^ ]+) +(?:Opaque|kubernetes\\.io|helm\\.sh)', + '^([^ ]+) +(?:Active)', + '[^ ]+@[^ ]+.service', + 'git push.*', + }, +} diff --git a/hardware/framework.nix b/hardware/framework.nix new file mode 100644 index 0000000..4dbb97c --- /dev/null +++ b/hardware/framework.nix @@ -0,0 +1,85 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +let + #nixkernel = import {}; +in +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "uas" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" "i915" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "workpool/nixos/root"; + fsType = "zfs"; + }; + + fileSystems."/home" = + { device = "workpool/nixos/home"; + fsType = "zfs"; + }; + + fileSystems."/var/lib/docker" = + { device = "workpool/nixos/docker"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/AA17-42AD"; + fsType = "vfat"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/18ae41eb-e32e-46a3-9e22-3395c37782df"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp166s0.useDHCP = lib.mkDefault true; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + # custom + boot.loader.systemd-boot.enable = true; + networking.hostId = "f0000001"; + networking.hostName = "sphere"; + services.tlp.enable = true; + services.hardware.bolt.enable = true; + + # framework hardware + #boot.kernelPackages = nixkernel.linuxPackages_5_19; + #boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; + boot.kernelParams = [ + "mem_sleep_default=deep" + "nvme.noacpi=1" + "i915.enable_psr=1" + ]; + boot.blacklistedKernelModules = [ "hid-sensor-hub" ]; + hardware.acpilight.enable = true; + hardware.video.hidpi.enable = lib.mkDefault true; + services.xserver.dpi = 125; + environment.variables = { + VDPAU_DRIVER = lib.mkIf config.hardware.opengl.enable (lib.mkDefault "va_gl"); + }; + hardware.opengl.extraPackages = with pkgs; [ + vaapiIntel + libvdpau-va-gl + intel-media-driver + ]; + services.tlp.settings = { + CPU_ENERGY_PERF_POLICY_ON_AC = "performance"; + CPU_ENERGY_PERF_POLICY_ON_BAT = "performance"; + }; +} diff --git a/hardware/xps15-sphere.nix b/hardware/xps15-sphere.nix index d2299a1..f16c81c 100644 --- a/hardware/xps15-sphere.nix +++ b/hardware/xps15-sphere.nix @@ -10,7 +10,7 @@ in { boot.extraModulePackages = [ ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; + boot.initrd.kernelModules = [ "i915" ]; boot.kernelModules = [ "kvm-intel" ]; boot.kernelParams = [ "intel_pstate=active" ]; boot.extraModprobeConfig = '' @@ -29,6 +29,9 @@ in { libvdpau-va-gl ]; }; + environment.variables = { + VDPAU_DRIVER = lib.mkIf config.hardware.opengl.enable (lib.mkDefault "va_gl"); + }; fileSystems."/" = { device = "tank/work/nixos"; diff --git a/packages/nagstamon.nix b/packages/nagstamon.nix index 86fe18f..1e72611 100644 --- a/packages/nagstamon.nix +++ b/packages/nagstamon.nix @@ -1,17 +1,17 @@ -{ lib, fetchFromGitHub, python39Packages, wrapQtAppsHook }: +{ lib, fetchFromGitHub, python310Packages, wrapQtAppsHook, pkgs }: let pname = "nagstamon"; - version = "v3.8.0"; -in python39Packages.buildPythonApplication rec { + version = "v3.10.1"; +in python310Packages.buildPythonApplication rec { inherit pname; inherit version; src = fetchFromGitHub { owner = "HenriWahl"; repo = "Nagstamon"; - rev = "${version}"; - sha256 = "0a8aqw44z58pabsgxlvndnmzzvc50wrb4g12yp6zgajn40b2l8pw"; + rev = version; + sha256 = "sha256-TdwvHQDDQqZ6uvdCTJCMCdivM/vaZpMrpLRMKN2y76Y="; }; doCheck = false; @@ -21,17 +21,18 @@ in python39Packages.buildPythonApplication rec { wrapQtApp $out/bin/nagstamon.py ''; - propagatedBuildInputs = with python39Packages; [ - beautifulsoup4 - configparser - dateutil - keyring - lxml - psutil - pyqt5_with_qtmultimedia - requests - setuptools - xlib + propagatedBuildInputs = [ + python310Packages.beautifulsoup4 + python310Packages.configparser + python310Packages.dateutil + python310Packages.keyring + python310Packages.lxml + python310Packages.psutil + python310Packages.pyqt5_with_qtmultimedia + python310Packages.requests + python310Packages.requests-kerberos + python310Packages.setuptools + python310Packages.xlib ]; meta = with lib; { @@ -42,4 +43,3 @@ in python39Packages.buildPythonApplication rec { inherit version; }; } - diff --git a/roles/admin.nix b/roles/admin.nix index 7a58cb8..0e76052 100644 --- a/roles/admin.nix +++ b/roles/admin.nix @@ -9,10 +9,13 @@ in { k9s kind kubectl + kubectx kubeseal + nmap pwgen terraform whois + ipcalc unstable.argocd unstable.kubernetes-helm @@ -30,6 +33,11 @@ in { (import ../packages/certmanager.nix) ]; + programs.bash.shellAliases = { + kx = "kubectx"; + kns = "kubens"; + }; + virtualisation.docker = { enable = true; storageDriver = "zfs"; diff --git a/roles/base.nix b/roles/base.nix index 2764f21..f3c625c 100644 --- a/roles/base.nix +++ b/roles/base.nix @@ -175,4 +175,7 @@ in { }; }; + # yubikey support + services.udev.packages = [ pkgs.yubikey-personalization ]; + services.pcscd.enable = true; } diff --git a/roles/desktop.nix b/roles/desktop.nix index ca0b359..d449adc 100644 --- a/roles/desktop.nix +++ b/roles/desktop.nix @@ -10,9 +10,10 @@ let unstable = import { config.allowUnfree = true; }; in { - + programs.droidcam.enable = true; programs.sway = { enable = true; + wrapperFeatures.gtk = true; extraPackages = with pkgs; [ bemenu brightnessctl @@ -21,20 +22,18 @@ in i3status-rust kanshi mako + picom slurp swayidle swaylock + swayr wf-recorder - xwayland + wofi ]; extraSessionCommands = ""; }; + xdg.portal.enable = true; - xdg.portal = { - enable = true; - gtkUsePortal = true; - extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ]; - }; boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; colors = { @@ -52,7 +51,6 @@ in environment = { etc = { - "i3/config".source = ../dotfiles/i3/config; "sway/config".source = ../dotfiles/sway/config; "sway/status.toml".source = ../dotfiles/sway/status.toml; "xdg/alacritty/alacritty.yml".text = '' @@ -88,14 +86,14 @@ in key_bindings: - { key: Escape, mods: Control, action: ToggleViMode } ''; + "wezterm.lua".source = ../dotfiles/wezterm.lua; }; }; - programs.qt5ct.enable = true; + qt5.platformTheme = "qt5ct"; hardware.pulseaudio.enable = false; security.rtkit.enable = true; - security.polkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; @@ -160,9 +158,9 @@ in libsForQt5.qtstyleplugins lxappearance numix-icon-theme + numix-cursor-theme alacritty - ferdi imv inkscape keepassxc @@ -176,6 +174,8 @@ in pcmanfm pulseeffects-pw qrencode + uxplay + wezterm solaar gdk-pixbuf @@ -204,6 +204,7 @@ in export QT_QPA_PLATFORM=wayland-egl export QT_WAYLAND_FORCE_DPI=96 export SDL_VIDEODRIVER=wayland + export WEZTERM_CONFIG_FILE=/etc/wezterm.lua export XDG_CURRENT_DESKTOP=sway export XDG_DATA_DIRS=${datadir}:$XDG_DATA_DIRS export XDG_SESSION_TYPE=wayland @@ -226,8 +227,14 @@ in services.printing.enable = true; services.printing.drivers = [ pkgs.gutenprint ]; - services.avahi.enable = true; - services.avahi.nssmdns = true; - - hardware.opengl = { enable = true; }; + services.avahi = { + enable = true; + nssmdns = true; + publish = { + enable = true; + addresses = true; + workstation = true; + userServices = true; + }; + }; } diff --git a/roles/dev.nix b/roles/dev.nix index 9c5a762..f74fbce 100644 --- a/roles/dev.nix +++ b/roles/dev.nix @@ -3,9 +3,16 @@ let unstable = import { }; in { + services.emacs.package = pkgs.emacsPgtk; + nixpkgs.overlays = [ + (import (builtins.fetchTarball { + url = https://github.com/nix-community/emacs-overlay/archive/master.tar.gz; + })) + ]; + environment.systemPackages = with pkgs; [ gnumake - go_1_17 + go_1_19 rustup shellcheck unstable.golangci-lint @@ -17,6 +24,7 @@ in { (python39.withPackages (python-packages: with python-packages; [ black + diagrams pymemcache pyyaml requests @@ -26,7 +34,7 @@ in { musl dbeaver - emacs + emacs-gtk gitAndTools.delta lazygit ltrace diff --git a/roles/network.nix b/roles/network.nix index 4dce0d4..843b7c8 100644 --- a/roles/network.nix +++ b/roles/network.nix @@ -9,5 +9,6 @@ in { environment.systemPackages = with pkgs; [ networkmanagerapplet networkmanager-vpnc + openconnect_openssl ]; } diff --git a/roles/work.nix b/roles/work.nix index 0de8954..1026c2e 100644 --- a/roles/work.nix +++ b/roles/work.nix @@ -20,6 +20,9 @@ in { 172.20.0.2 dashboard.kind 172.20.0.2 grafana.kind 172.20.0.2 alert.kind + + #127.0.0.1 auth-dev.thobits.com + 127.0.0.1 database ''; environment.systemPackages = with pkgs; [ @@ -31,11 +34,13 @@ in { nagstamon drone-cli - go-jira govc ttyd unstable.discord - unstable.google-cloud-sdk + unstable.go-jira + (unstable.google-cloud-sdk.withExtraComponents [ + unstable.google-cloud-sdk.components.gke-gcloud-auth-plugin + ]) unstable.slack unstable.velero