feat(kubectx): test kubectl

configuration.nix

@@ -21,8 +21,7 @@
     ./roles/network.nix
     ./roles/nix.nix
     ./roles/vpn.nix
-    ./roles/private.nix
-    ./roles/game.nix
+    ./roles/work.nix
   ];
 
   networking.useDHCP = false;
@@ -33,9 +32,13 @@
   services.openssh.enable = true;
   networking.firewall.enable = true;
 
-  nixpkgs.config.permittedInsecurePackages = [ "openssl-1.0.2u" ];
+  nixpkgs.config.permittedInsecurePackages = [
+    "openssl-1.0.2u"
+    "python3.10-kerberos-1.3.1"
+  ];
 
-  system.autoUpgrade.enable = true;
+  # removed for mobile working
+  # system.autoUpgrade.enable = true;
   system.stateVersion = "20.03"; # We can stay here
 }
 

dotfiles/alacritty.yml

@@ -1,7 +1,7 @@
 font:
   normal:
     family: CaskaydiaCove Nerd Font
-  size: 12
+  size: 8
 
 draw_bold_text_with_bright_colors: true
 

dotfiles/sway/config

@@ -1,15 +1,33 @@
+# colors
+set $black #000000
+set $red #e75544
+set $cyan #3c74f6
+set $white #fafafa
+set $yellow #908550
+set $violet #a73ca6
+#set $black2 #323232
+set $white2 #f0f0f0
+
 # config
 set $mod Mod1
 set $left h
 set $down j
 set $up k
 set $right l
-set $term alacritty
-set $wallpaper /home/stefan/Downloads/bg.jpg
+set $term wezterm
+set $wallpaper /home/stefan/wall.png
 set $lock swaylock -t -i $wallpaper --scaling=fill
 set $font CaskaydiaCove Nerd Font 10
-set $menucolor --ff=#f8f8f2 --nf=#f8f8f2 --tf=#bd93f9 --hf=#bd93f9 --tb=#282a36 --fb=#282a36 --nb=#282a36 --hb=#282a36 --sb=#282a36
+set $menucolor \
+    --tf=$white --tb=$cyan  \
+    --ff=$black --fb=$white \
+    --cf=$cyan  --cb=$white \
+    --nf=$black --nb=$white \
+    --af=$black --ab=$white2 \
+    --hf=$white --hb=$cyan  \
+    --sf=$white --sb=$cyan
 set $menu bemenu-run -H 23 -b -p run $menucolor
+font $font
 
 input "1:1:AT_Translated_Set_2_keyboard" xkb_layout de
 input "0:0:TUXEDO_Keyboard" xkb_layout de
@@ -17,6 +35,7 @@ input "0:0:TUXEDO_Keyboard" xkb_layout de
 output * bg $wallpaper fill
 output "BenQ Corporation BenQ SW2700 83H03922SL0" res --custom 2560x1440@60Hz
 output "Dell Inc. Dell U4919DW HZVZWP2" res 5120x1440
+output eDP-1 scale 1.25
 
 # user keybinds
 bindsym $mod+Return exec $term
@@ -31,6 +50,8 @@ bindsym $mod+Up exec light -A 5
 bindsym $mod+Down exec light -U 5
 bindsym $mod+c exec alacritty --class float -t pyCalc -e python
 bindsym $mod+i exec alacritty --class float -t insect -e insect
+bindsym $mod+m exec swayr switch-to
+bindsym $mod+n exec emacsclient -cn
 bindsym Print exec grim -g "$(slurp)" - | wl-copy -t image/png
 bindswitch --reload --locked lid:on output eDP-1 disable
 bindswitch --reload --locked lid:off output eDP-1 enable
@@ -42,23 +63,11 @@ for_window [title="Picture-in-Picture"] floating enable
 for_window [title="pyCalc"] floating enable
 for_window [title="insect"] floating enable
 
-# font
-font $font
-
-# colors
-set $black  #282a36
-set $red #ff6188
-set $cyan #78dce8
-set $white #fcfcfa
-set $yellow #f1fa8c
-set $violet #bd93f9
-set $black2 #323232
-
 #                        border   backgnd  text    indicator  childborder
-client.focused           $violet  $black   $white  $violet    $violet
-client.focused_inactive  $black   $black   $white  $black2    $black
-client.unfocused         $black   $black   $white  $black2    $black
-client.urgent            $red     $red     $black  $black2    $white
+client.focused           $cyan    $white   $black  $violet    $cyan
+client.focused_inactive  $white2  $white2  $black  $white2    $white
+client.unfocused         $white2  $white2  $black  $white2    $white
+client.urgent            $red     $red     $white  $white2    $black
 
 
 # movement
@@ -132,36 +141,43 @@ bar {
   font $font
   position bottom
   colors {
-    background $black
-    statusline $white
-    separator  $violet
+    background $white
+    statusline $black
+    separator  $cyan
 
     #                   border   back     text
-    focused_workspace   $violet  $violet  $black
-    active_workspace    $violet  $violet  $black
-    urgent_workspace    $red     $red     $white
-    inactive_workspace  $black   $black   $white
+    focused_workspace   $cyan    $cyan    $white
+    active_workspace    $cyan    $cyan    $white
+    urgent_workspace    $red     $red     $black
+    inactive_workspace  $white   $white   $black
   }
+
   status_command i3status-rs /etc/sway/status.toml
 }
 
 set $gnome-schema org.gnome.desktop.interface
 exec_always {
-    gsettings set $gnome-schema gtk-theme 'Dracula'
-    gsettings set $gnome-schema icon-theme 'Dracula'
-    gsettings set $gnome-schema cursor-theme 'Capitaine Cursors - White'
+    gsettings set $gnome-schema cursor-theme Adwaita
+    gsettings set $gnome-schema icon-theme 'capitaine-cursors-white'
+    gsettings set $gnome-schema cursor-theme 'capitaine-cursors-white'
 }
 
 # autostarts
 exec mako --font "$font" \
-  --background-color=$black \
-  --border-color=$violet \
-  --text-color=$white
+  --background-color "$white" \
+  --border-colo "$red" \
+  --text-color "$black" \
+  --default-timeout 1000 \
+  --padding 10
 exec emacs --daemon
 exec swayidle before-sleep "$lock"
 exec /run/current-system/sw/libexec/polkit-gnome-authentication-agent-1
 exec systemctl --user import-environment DBUS_SESSION_BUS_ADDRESS XDG_RUNTIME_DIR
+exec dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK XDG_CURRENT_DESKTOP
 exec bash -c '[ "$HOSTNAME" == sphere ] && cloudstation'
+exec swayrd
+exec xinput set-prop "PIXA3854:00 093A:0274 Touchpad" 365 1
+
 
 # pastebin
 exec wl-paste --primary -t text --watch clipman store

dotfiles/sway/status.toml

@@ -1,20 +1,21 @@
 [theme]
 name = "plain"
 [theme.overrides]
-idle_bg = "#282a36"
-idle_fg = "#f8f8f2"
-info_bg = "#282a36"
-info_fg = "#f8f8f2"
-good_bg = "#282a36"
-good_fg = "#50fa7b"
-warning_bg = "#282a36"
-warning_fg = "#f1fa8c"
-critical_bg = "#282a36"
-critical_fg = "#ff5555"
-separator_bg = "#282a36"
-separator_fg = "#bd93f9"
+idle_bg = "#fafafa"
+idle_fg = "#000000"
+info_bg = "#fafafa"
+info_fg = "#000000"
+good_bg = "#fafafa"
+good_fg = "#000000"
+warning_bg = "#fafafa"
+warning_fg = "#908550"
+critical_bg = "#fafafa"
+critical_fg = "#e75544"
+separator_bg = "#fafafa"
+separator_fg = "#3c74f6"
 separator = "|"
 
+
 [icons]
 name = "none"
 [icons.overrides]
@@ -93,14 +94,6 @@ driver = "pulseaudio"
 [[block]]
 block = "backlight"
 
-[[block]]
-block = "battery"
-device = "BAT0"
-interval = 10
-format = "{percentage} ({time})"
-full_format = "{percentage} ({time}) "
-icons_format = " {icon} "
-
 [[block]]
 block = "battery"
 device = "BAT1"

dotfiles/wezterm.lua

@@ -0,0 +1,42 @@
+local wezterm = require 'wezterm';
+
+return {
+  audible_bell = "Disabled",
+  bold_brightens_ansi_colors = true,
+  color_scheme = "One Light (base16)",
+  enable_tab_bar = false,
+  enable_wayland = true,
+  font_size = 12,
+  font = wezterm.font("CaskaydiaCove Nerd Font"),
+  window_background_opacity = 0.97,
+  window_close_confirmation = 'NeverPrompt',
+  default_prog = { '/run/current-system/sw/bin/bash' },
+
+  selection_fg = 'black',
+  selection_bg = '#fafafa',
+
+  keys = {
+    {
+      key = 'Escape',
+      mods = 'CTRL',
+      action = wezterm.action.QuickSelect,
+    },
+  },
+
+  window_padding = {
+    left = 0,
+    right = 0,
+    top = 0,
+    bottom = 0,
+  },
+
+  quick_select_patterns = {
+    '^([^ ]+) +(?:ClusterIP|Bound)',
+    '^([^ ]+) +(?:[0-9]+/[0-9]+)',
+    '^([^ ]+) +(?:[0-9]+ )',
+    '^([^ ]+) +(?:Opaque|kubernetes\\.io|helm\\.sh)',
+    '^([^ ]+) +(?:Active)',
+    '[^ ]+@[^ ]+.service',
+    'git push.*',
+  },
+}

hardware/framework.nix

@@ -0,0 +1,85 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+let
+  #nixkernel = import <nixos-kernel> {};
+in
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "uas" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" "i915" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "workpool/nixos/root";
+      fsType = "zfs";
+    };
+
+  fileSystems."/home" =
+    { device = "workpool/nixos/home";
+      fsType = "zfs";
+    };
+
+  fileSystems."/var/lib/docker" =
+    { device = "workpool/nixos/docker";
+      fsType = "zfs";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/AA17-42AD";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/18ae41eb-e32e-46a3-9e22-3395c37782df"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp166s0.useDHCP = lib.mkDefault true;
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+
+  # custom
+  boot.loader.systemd-boot.enable = true;
+  networking.hostId = "f0000001";
+  networking.hostName = "sphere";
+  services.tlp.enable = true;
+  services.hardware.bolt.enable = true;
+
+  # framework hardware
+  #boot.kernelPackages = nixkernel.linuxPackages_5_19;
+  #boot.kernelPackages = pkgs.linuxPackages_latest;
+  boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
+  boot.kernelParams = [
+    "mem_sleep_default=deep"
+    "nvme.noacpi=1"
+    "i915.enable_psr=1"
+  ];
+  boot.blacklistedKernelModules = [ "hid-sensor-hub" ];
+  hardware.acpilight.enable = true;
+  hardware.video.hidpi.enable = lib.mkDefault true;
+  services.xserver.dpi = 125;
+  environment.variables = {
+    VDPAU_DRIVER = lib.mkIf config.hardware.opengl.enable (lib.mkDefault "va_gl");
+  };
+  hardware.opengl.extraPackages = with pkgs; [
+    vaapiIntel
+    libvdpau-va-gl
+    intel-media-driver
+  ];
+  services.tlp.settings = {
+    CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
+    CPU_ENERGY_PERF_POLICY_ON_BAT = "performance";
+  };
+}

hardware/xps15-sphere.nix

@@ -10,7 +10,7 @@ in {
   boot.extraModulePackages = [ ];
   boot.initrd.availableKernelModules =
     [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
-  boot.initrd.kernelModules = [ ];
+  boot.initrd.kernelModules = [ "i915" ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.kernelParams = [ "intel_pstate=active" ];
   boot.extraModprobeConfig = ''
@@ -29,6 +29,9 @@ in {
       libvdpau-va-gl
     ];
   };
+  environment.variables = {
+    VDPAU_DRIVER = lib.mkIf config.hardware.opengl.enable (lib.mkDefault "va_gl");
+  };
 
   fileSystems."/" = {
     device = "tank/work/nixos";

packages/nagstamon.nix

@@ -1,17 +1,17 @@
-{ lib, fetchFromGitHub, python39Packages, wrapQtAppsHook }:
+{ lib, fetchFromGitHub, python310Packages, wrapQtAppsHook, pkgs }:
 
 let
   pname = "nagstamon";
-  version = "v3.8.0";
-in python39Packages.buildPythonApplication rec {
+  version = "v3.10.1";
+in python310Packages.buildPythonApplication rec {
   inherit pname;
   inherit version;
 
   src = fetchFromGitHub {
     owner = "HenriWahl";
     repo = "Nagstamon";
-    rev = "${version}";
-    sha256 = "0a8aqw44z58pabsgxlvndnmzzvc50wrb4g12yp6zgajn40b2l8pw";
+    rev = version;
+    sha256 = "sha256-TdwvHQDDQqZ6uvdCTJCMCdivM/vaZpMrpLRMKN2y76Y=";
   };
 
   doCheck = false;
@@ -21,17 +21,18 @@ in python39Packages.buildPythonApplication rec {
     wrapQtApp $out/bin/nagstamon.py
   '';
 
-  propagatedBuildInputs = with python39Packages; [
-    beautifulsoup4
-    configparser
-    dateutil
-    keyring
-    lxml
-    psutil
-    pyqt5_with_qtmultimedia
-    requests
-    setuptools
-    xlib
+  propagatedBuildInputs = [
+    python310Packages.beautifulsoup4
+    python310Packages.configparser
+    python310Packages.dateutil
+    python310Packages.keyring
+    python310Packages.lxml
+    python310Packages.psutil
+    python310Packages.pyqt5_with_qtmultimedia
+    python310Packages.requests
+    python310Packages.requests-kerberos
+    python310Packages.setuptools
+    python310Packages.xlib
   ];
 
   meta = with lib; {
@@ -42,4 +43,3 @@ in python39Packages.buildPythonApplication rec {
     inherit version;
   };
 }
-

roles/admin.nix

@@ -9,10 +9,13 @@ in {
     k9s
     kind
     kubectl
+    kubectx
     kubeseal
+    nmap
     pwgen
     terraform
     whois
+    ipcalc
 
     unstable.argocd
     unstable.kubernetes-helm
@@ -30,6 +33,11 @@ in {
     (import ../packages/certmanager.nix)
   ];
 
+  programs.bash.shellAliases = {
+    kx = "kubectx";
+    kns = "kubens";
+  };
+
   virtualisation.docker = {
     enable = true;
     storageDriver = "zfs";

roles/base.nix

@@ -175,4 +175,7 @@ in {
     };
   };
 
+  # yubikey support
+  services.udev.packages = [ pkgs.yubikey-personalization ];
+  services.pcscd.enable = true;
 }

roles/desktop.nix

@@ -10,9 +10,10 @@ let
   unstable = import <nixos-unstable> { config.allowUnfree = true; };
 in
 {
-
+  programs.droidcam.enable = true;
   programs.sway = {
     enable = true;
+    wrapperFeatures.gtk = true;
     extraPackages = with pkgs; [
       bemenu
       brightnessctl
@@ -21,20 +22,18 @@ in
       i3status-rust
       kanshi
       mako
+      picom
       slurp
       swayidle
       swaylock
+      swayr
       wf-recorder
-      xwayland
+      wofi
     ];
     extraSessionCommands = "";
   };
+  xdg.portal.enable = true;
 
-  xdg.portal = {
-    enable = true;
-    gtkUsePortal = true;
-    extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ];
-  };
   boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
 
   colors = {
@@ -52,7 +51,6 @@ in
 
   environment = {
     etc = {
-      "i3/config".source = ../dotfiles/i3/config;
       "sway/config".source = ../dotfiles/sway/config;
       "sway/status.toml".source = ../dotfiles/sway/status.toml;
       "xdg/alacritty/alacritty.yml".text = ''
@@ -88,14 +86,14 @@ in
         key_bindings:
           - { key: Escape, mods: Control, action: ToggleViMode }
       '';
+      "wezterm.lua".source = ../dotfiles/wezterm.lua;
     };
   };
 
-  programs.qt5ct.enable = true;
+  qt5.platformTheme = "qt5ct";
 
   hardware.pulseaudio.enable = false;
   security.rtkit.enable = true;
-  security.polkit.enable = true;
   services.pipewire = {
     enable = true;
     alsa.enable = true;
@@ -160,9 +158,9 @@ in
     libsForQt5.qtstyleplugins
     lxappearance
     numix-icon-theme
+    numix-cursor-theme
 
     alacritty
-    ferdi
     imv
     inkscape
     keepassxc
@@ -176,6 +174,8 @@ in
     pcmanfm
     pulseeffects-pw
     qrencode
+    uxplay
+    wezterm
 
     solaar
     gdk-pixbuf
@@ -204,6 +204,7 @@ in
         export QT_QPA_PLATFORM=wayland-egl
         export QT_WAYLAND_FORCE_DPI=96
         export SDL_VIDEODRIVER=wayland
+        export WEZTERM_CONFIG_FILE=/etc/wezterm.lua
         export XDG_CURRENT_DESKTOP=sway
         export XDG_DATA_DIRS=${datadir}:$XDG_DATA_DIRS
         export XDG_SESSION_TYPE=wayland
@@ -226,8 +227,14 @@ in
 
   services.printing.enable = true;
   services.printing.drivers = [ pkgs.gutenprint ];
-  services.avahi.enable = true;
-  services.avahi.nssmdns = true;
-
-  hardware.opengl = { enable = true; };
+  services.avahi = {
+    enable = true;
+    nssmdns = true;
+    publish = {
+      enable = true;
+      addresses = true;
+      workstation = true;
+      userServices = true;
+    };
+  };
 }

roles/dev.nix

@@ -3,9 +3,16 @@
 let unstable = import <nixos-unstable> { };
 in {
 
+  services.emacs.package = pkgs.emacsPgtk;
+  nixpkgs.overlays = [
+    (import (builtins.fetchTarball {
+      url = https://github.com/nix-community/emacs-overlay/archive/master.tar.gz;
+    }))
+  ];
+
   environment.systemPackages = with pkgs; [
     gnumake
-    go_1_17
+    go_1_19
     rustup
     shellcheck
     unstable.golangci-lint
@@ -17,6 +24,7 @@ in {
     (python39.withPackages
       (python-packages: with python-packages; [
         black
+        diagrams
         pymemcache
         pyyaml
         requests
@@ -26,7 +34,7 @@ in {
     musl
 
     dbeaver
-    emacs
+    emacs-gtk
     gitAndTools.delta
     lazygit
     ltrace

roles/network.nix

@@ -9,5 +9,6 @@ in {
   environment.systemPackages = with pkgs; [
     networkmanagerapplet
     networkmanager-vpnc
+    openconnect_openssl
   ];
 }

roles/work.nix

@@ -20,6 +20,9 @@ in {
     172.20.0.2 dashboard.kind
     172.20.0.2 grafana.kind
     172.20.0.2 alert.kind
+
+    #127.0.0.1 auth-dev.thobits.com
+    127.0.0.1 database
   '';
 
   environment.systemPackages = with pkgs; [
@@ -31,11 +34,13 @@ in {
     nagstamon
 
     drone-cli
-    go-jira
     govc
     ttyd
     unstable.discord
-    unstable.google-cloud-sdk
+    unstable.go-jira
+    (unstable.google-cloud-sdk.withExtraComponents [
+      unstable.google-cloud-sdk.components.gke-gcloud-auth-plugin
+    ])
     unstable.slack
     unstable.velero