From e1f019435044c09ff7a681cbcd97383f55fbbd2a Mon Sep 17 00:00:00 2001 From: iofq Date: Sun, 10 Mar 2024 03:13:58 -0500 Subject: [PATCH] add hyprland conf --- flake.lock | 250 ++++++--------- flake.nix | 12 +- home-manager/shared/programs/2fa/default.nix | 25 +- home-manager/shared/programs/default.nix | 1 - home-manager/shared/programs/dev/default.nix | 4 + .../shared/programs/shell/default.nix | 7 - .../shared/programs/warrior/default.nix | 18 -- home-manager/shared/wayland/default.nix | 12 +- .../shared/wayland/hyprland/default.nix | 302 ++++++++++++++++++ home-manager/shared/wayland/sway/default.nix | 7 +- home-manager/shared/wayland/xdg/default.nix | 41 +-- home-manager/t14/home.nix | 9 +- nixos/default.nix | 9 +- nixos/htz/configuration.nix | 28 +- nixos/htz/eth.nix | 21 +- nixos/htz/hardware-configuration.nix | 18 +- nixos/htz/vms/default.nix | 107 ++++++- nixos/htz/vms/k3s.nix | 28 ++ nixos/htz/vms/pool.nix | 34 ++ nixos/racknerd/minecraft.nix | 5 +- nixos/t14/configuration.nix | 37 ++- 21 files changed, 712 insertions(+), 263 deletions(-) delete mode 100755 home-manager/shared/programs/warrior/default.nix create mode 100644 home-manager/shared/wayland/hyprland/default.nix create mode 100644 nixos/htz/vms/k3s.nix create mode 100644 nixos/htz/vms/pool.nix diff --git a/flake.lock b/flake.lock index c416ce4..963b7e1 100755 --- a/flake.lock +++ b/flake.lock @@ -9,11 +9,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1704875591, - "narHash": "sha256-eWRLbqRcrILgztU/m/k7CYLzETKNbv0OsT2GjkaNm8A=", + "lastModified": 1708091384, + "narHash": "sha256-dTGGw2y8wvfjr+J9CjQbfdulOq72hUG17HXVNxpH1yE=", "owner": "serokell", "repo": "deploy-rs", - "rev": "1776009f1f3fb2b5d236b84d9815f2edee463a9b", + "rev": "0a0187794ac7f7a1e62cda3dabf8dc041f868790", "type": "github" }, "original": { @@ -25,11 +25,11 @@ "devour-flake": { "flake": false, "locked": { - "lastModified": 1699722684, - "narHash": "sha256-LapKkHNZ8D3k/uLaJjmGxx7GuYRinGBxEkIAGb/8pCo=", + "lastModified": 1708783000, + "narHash": "sha256-UYva75UjgL2izR5tVzgTBBvtYyCPiKTtn1UjCZyR3Zw=", "owner": "srid", "repo": "devour-flake", - "rev": "c89ad7a611caef31899292bc8f9aae9e7aa251cb", + "rev": "bb0e0443291899a3f3fd85f87d2849f917692b1e", "type": "github" }, "original": { @@ -50,11 +50,11 @@ ] }, "locked": { - "lastModified": 1705332421, - "narHash": "sha256-USpGLPme1IuqG78JNqSaRabilwkCyHmVWY0M9vYyqEA=", + "lastModified": 1708939976, + "narHash": "sha256-O5+nFozxz2Vubpdl1YZtPrilcIXPcRAjqNdNE8oCRoA=", "owner": "numtide", "repo": "devshell", - "rev": "83cb93d6d063ad290beee669f4badf9914cc16ec", + "rev": "5ddecd67edbd568ebe0a55905273e56cc82aabe3", "type": "github" }, "original": { @@ -69,30 +69,27 @@ "devshell": "devshell", "flake-compat": "flake-compat_2", "flake-parts": "flake-parts", - "flake-root": "flake-root", "flake-utils": "flake-utils", "foundry-nix": "foundry-nix", "lib-extras": "lib-extras", - "mynixpkgs": "mynixpkgs", - "nixpkgs": [ - "nixpkgs" - ], + "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", "poetry2nix": "poetry2nix", "systems": "systems_2", "treefmt-nix": "treefmt-nix" }, "locked": { - "dirtyRev": "7da1e0822231f28e531299df54d654fe4a326bae-dirty", - "dirtyShortRev": "7da1e08-dirty", - "lastModified": 1707027839, - "narHash": "sha256-0ErCspT4oXC4neSK//US+DaKOY9Mw0/ZissymeQy0to=", - "type": "git", - "url": "file:///home/e/dev/ethereum.nix/" + "lastModified": 1709710541, + "narHash": "sha256-eu9m/5Le2VPWlySoLAFmPPuHV6xPCNu+N8VfWX412N8=", + "owner": "nix-community", + "repo": "ethereum.nix", + "rev": "c5dcc237b1aa46aa2ebdbb65c912bdc464cf89b5", + "type": "github" }, "original": { - "type": "git", - "url": "file:///home/e/dev/ethereum.nix/" + "owner": "nix-community", + "repo": "ethereum.nix", + "type": "github" } }, "flake-compat": { @@ -150,11 +147,11 @@ ] }, "locked": { - "lastModified": 1704982712, - "narHash": "sha256-2Ptt+9h8dczgle2Oo6z5ni5rt/uLMG47UFTR1ry/wgg=", + "lastModified": 1709336216, + "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "07f6395285469419cf9d078f59b5b49993198c00", + "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", "type": "github" }, "original": { @@ -186,11 +183,11 @@ ] }, "locked": { - "lastModified": 1705309234, - "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "lastModified": 1709126324, + "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "rev": "d465f4819400de7c8d874d50b982301f28a84605", "type": "github" }, "original": { @@ -204,11 +201,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", "owner": "numtide", "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", "type": "github" }, "original": { @@ -265,11 +262,11 @@ ] }, "locked": { - "lastModified": 1705309865, - "narHash": "sha256-HkTSsjmR3DE1xKr1M0bBWKyTl4f616166Przd2mwNxw=", + "lastModified": 1709457044, + "narHash": "sha256-1SktmSjTjC1rhJwQ+kvqUeExKogNzserFGuoGwOerHw=", "owner": "shazow", "repo": "foundry.nix", - "rev": "883243b30a4b8dbb1b515b79b750e2caf7df1a79", + "rev": "592e8ca2e82a2c3a8d0d4dcc7f7c5b8c3842efcd", "type": "github" }, "original": { @@ -300,29 +297,6 @@ "type": "github" } }, - "haumea": { - "inputs": { - "nixpkgs": [ - "ethereum-nix", - "mynixpkgs", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1685133229, - "narHash": "sha256-FePm/Gi9PBSNwiDFq3N+DWdfxFq0UKsVVTJS3cQPn94=", - "owner": "nix-community", - "repo": "haumea", - "rev": "34dd58385092a23018748b50f9b23de6266dffc2", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "v0.2.2", - "repo": "haumea", - "type": "github" - } - }, "home-manager": { "inputs": { "nixpkgs": [ @@ -353,10 +327,7 @@ "ethereum-nix", "flake-parts" ], - "flake-root": [ - "ethereum-nix", - "flake-root" - ], + "flake-root": "flake-root", "nixpkgs": [ "ethereum-nix", "nixpkgs" @@ -390,11 +361,11 @@ "spectrum": "spectrum" }, "locked": { - "lastModified": 1706214321, - "narHash": "sha256-42FZWeJQNYgz0ZkclMzShuvjT9TvJNRN78Iu3SEyD4M=", + "lastModified": 1709297667, + "narHash": "sha256-5JUaHyRFKDPqyeTlbMFS6VixAWRkO5uCRTS8asEjiyo=", "owner": "astro", "repo": "microvm.nix", - "rev": "186b8bf6dbacc1ab55fe8ac8d5a2bbf76a1a70e1", + "rev": "7f93206b22131aac8fa46d787696ea58460aecab", "type": "github" }, "original": { @@ -403,52 +374,6 @@ "type": "github" } }, - "mynixpkgs": { - "inputs": { - "devour-flake": [ - "ethereum-nix", - "devour-flake" - ], - "devshell": [ - "ethereum-nix", - "devshell" - ], - "flake-parts": [ - "ethereum-nix", - "flake-parts" - ], - "flake-root": [ - "ethereum-nix", - "flake-root" - ], - "haumea": "haumea", - "lib-extras": [ - "ethereum-nix", - "lib-extras" - ], - "nixpkgs": [ - "ethereum-nix", - "nixpkgs-unstable" - ], - "treefmt-nix": [ - "ethereum-nix", - "treefmt-nix" - ] - }, - "locked": { - "lastModified": 1706558129, - "narHash": "sha256-ZKGarjd5pNhY2GgLO9e8ia9PYoPCmtvw3EH5tVbcIaA=", - "owner": "aldoborrero", - "repo": "mynixpkgs", - "rev": "e314504ac0eb2b27f7813c63d00a9050c2e31784", - "type": "github" - }, - "original": { - "owner": "aldoborrero", - "repo": "mynixpkgs", - "type": "github" - } - }, "nix-github-actions": { "inputs": { "nixpkgs": [ @@ -458,11 +383,11 @@ ] }, "locked": { - "lastModified": 1698974481, - "narHash": "sha256-yPncV9Ohdz1zPZxYHQf47S8S0VrnhV7nNhCawY46hDA=", + "lastModified": 1703863825, + "narHash": "sha256-rXwqjtwiGKJheXB43ybM8NwWB8rO2dSRrEqes0S7F5Y=", "owner": "nix-community", "repo": "nix-github-actions", - "rev": "4bb5e752616262457bc7ca5882192a564c0472d2", + "rev": "5163432afc817cf8bd1f031418d1869e4c9d5547", "type": "github" }, "original": { @@ -473,11 +398,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1706834982, - "narHash": "sha256-3CfxA7gZ+DVv/N9Pvw61bV5Oe/mWfxYPyVQGqp9TMJA=", + "lastModified": 1709410583, + "narHash": "sha256-esOSUoQ7mblwcsSea0K17McZuwAIjoS6dq/4b83+lvw=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "83e571bb291161682b9c3ccd48318f115143a550", + "rev": "59e37017b9ed31dee303dbbd4531c594df95cfbc", "type": "github" }, "original": { @@ -489,16 +414,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1706732774, - "narHash": "sha256-hqJlyJk4MRpcItGYMF+3uHe8HvxNETWvlGtLuVpqLU0=", + "lastModified": 1701282334, + "narHash": "sha256-MxCVrXY6v4QmfTwIysjjaX0XUhqBbxTWWB4HXtDYsdk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b8b232ae7b8b144397fdb12d20f592e5e7c1a64d", + "rev": "057f9aecfb71c4437d2b27d3323df7f93c010b7e", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "23.11", "repo": "nixpkgs", "type": "github" } @@ -521,11 +446,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1706173671, - "narHash": "sha256-lciR7kQUK2FCAYuszyd7zyRRmTaXVeoZsCyK6QFpGdk=", + "lastModified": 1709386671, + "narHash": "sha256-VPqfBnIJ+cfa78pd4Y5Cr6sOWVW8GYHRVucxJGmRf8Q=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4fddc9be4eaf195d631333908f2a454b03628ee5", + "rev": "fa9a51752f1b5de583ad5213eb621be071806663", "type": "github" }, "original": { @@ -535,6 +460,22 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1709237383, + "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nvim": { "inputs": { "flake-utils": "flake-utils_3", @@ -543,11 +484,11 @@ ] }, "locked": { - "lastModified": 1707004404, - "narHash": "sha256-Zm94jTu9pJO3r8Fol1JyuYShssvwP0JnO8n6pTOgHIE=", + "lastModified": 1708237054, + "narHash": "sha256-9PVT/adNsZ9I2mrDkpt8KIAehMGgLBsq+x/6qYHKO9w=", "owner": "iofq", "repo": "nvim.nix", - "rev": "b6d3c5a7e2f36f0d0ca514154fd52eb18ba2d71a", + "rev": "e6cde16c4a1f458404901b3a7814ec88b800fb6c", "type": "github" }, "original": { @@ -577,11 +518,11 @@ ] }, "locked": { - "lastModified": 1705060653, - "narHash": "sha256-puYyylgrBS4AFAHeyVRTjTUVD8DZdecJfymWJe7H438=", + "lastModified": 1708589824, + "narHash": "sha256-2GOiFTkvs5MtVF65sC78KNVxQSmsxtk0WmV1wJ9V2ck=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "e0b44e9e2d3aa855d1dd77b06f067cd0e0c3860d", + "rev": "3c92540611f42d3fb2d0d084a6c694cd6544b609", "type": "github" }, "original": { @@ -601,11 +542,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1706424699, - "narHash": "sha256-Q3RBuOpZNH2eFA1e+IHgZLAOqDD9SKhJ/sszrL8bQD4=", + "lastModified": 1708018599, + "narHash": "sha256-M+Ng6+SePmA8g06CmUZWi1AjG2tFBX9WCXElBHEKnyM=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "7c54e08a689b53c8a1e5d70169f2ec9e2a68ffaf", + "rev": "5df5a70ad7575f6601d91f0efec95dd9bc619431", "type": "github" }, "original": { @@ -621,22 +562,23 @@ "home-manager": "home-manager", "microvm": "microvm", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "nvim": "nvim", "pre-commit-hooks": "pre-commit-hooks", "systems": "systems_6", "tfa": "tfa", - "treefmt-nix": "treefmt-nix_2" + "treefmt-nix": "treefmt-nix_2", + "virt": "virt" } }, "spectrum": { "flake": false, "locked": { - "lastModified": 1703273931, - "narHash": "sha256-CJ1Crdi5fXHkCiemovsp20/RC4vpDaZl1R6V273FecI=", + "lastModified": 1708358594, + "narHash": "sha256-e71YOotu2FYA67HoC/voJDTFsiPpZNRwmiQb4f94OxQ=", "ref": "refs/heads/main", - "rev": "97e2f3429ee61dc37664b4d096b2fec48a57b691", - "revCount": 597, + "rev": "6d0e73864d28794cdbd26ab7b37259ab0e1e044c", + "revCount": 614, "type": "git", "url": "https://spectrum-os.org/git/spectrum" }, @@ -762,11 +704,11 @@ ] }, "locked": { - "lastModified": 1706285206, - "narHash": "sha256-3WWX6fckgMsFFOmYCuCRJqnLKFB2L3rS2EF6amD+Fp8=", + "lastModified": 1709373438, + "narHash": "sha256-F/Vieen5x2nf05KJ5AitoE/GSB0FU2jMffSM8bHSuBs=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "fbef7c773be115ed33f37e97256a9e8f6312b925", + "rev": "093f82e5707bb6f14ee38a742748f9fb4ab1488e", "type": "github" }, "original": { @@ -782,11 +724,11 @@ ] }, "locked": { - "lastModified": 1706462057, - "narHash": "sha256-7dG1D4iqqt0bEbBqUWk6lZiSqqwwAO0Hd1L5opVyhNM=", + "lastModified": 1709373438, + "narHash": "sha256-F/Vieen5x2nf05KJ5AitoE/GSB0FU2jMffSM8bHSuBs=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "c6153c2a3ff4c38d231e3ae99af29b87f1df5901", + "rev": "093f82e5707bb6f14ee38a742748f9fb4ab1488e", "type": "github" }, "original": { @@ -812,6 +754,26 @@ "repo": "flake-utils", "type": "github" } + }, + "virt": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1707694046, + "narHash": "sha256-WTXt7ko/Bnzb5rX3i9ccSiE5JaKfWUJsF0wJii68kmI=", + "owner": "iofq", + "repo": "virt", + "rev": "5e158ba025f58f342ce013d6e5fe92de9dd4b3eb", + "type": "github" + }, + "original": { + "owner": "iofq", + "repo": "virt", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index ccde191..5c06819 100755 --- a/flake.nix +++ b/flake.nix @@ -24,11 +24,14 @@ url = "github:iofq/2fa"; inputs.nixpkgs.follows = "nixpkgs"; }; - ethereum-nix = { - # url = "github:nix-community/ethereum.nix"; - url = "git+file:///home/e/dev/ethereum.nix/"; + virt = { + url = "github:iofq/virt"; inputs.nixpkgs.follows = "nixpkgs"; }; + ethereum-nix = { + url = "github:nix-community/ethereum.nix"; + # url = "git+file:///home/e/dev/ethereum.nix/"; + }; treefmt-nix = { url = "github:numtide/treefmt-nix"; inputs.nixpkgs.follows = "nixpkgs"; @@ -55,6 +58,7 @@ inherit system; config.allowUnfree = true; overlays = [ + inputs.virt.overlay (final: _prev: { inherit (inputs.nvim.packages.${final.system}) full; @@ -71,7 +75,7 @@ deploy.nodes = { htz = { hostname = "htz"; - sshUser = "root"; + sshUser = "e"; remoteBuild = true; profiles.system = { user = "root"; diff --git a/home-manager/shared/programs/2fa/default.nix b/home-manager/shared/programs/2fa/default.nix index 9892dec..e076179 100755 --- a/home-manager/shared/programs/2fa/default.nix +++ b/home-manager/shared/programs/2fa/default.nix @@ -4,31 +4,14 @@ ]; programs.gpg = { enable = true; - settings = { - personal-cipher-preferences = "AES256 AES192 AES"; - personal-digest-preferences = "SHA512 SHA384 SHA256"; - personal-compress-preferences = "ZLIB BZIP2 ZIP Uncompressed"; - default-preference-list = "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed"; - cert-digest-algo = "SHA512"; - s2k-digest-algo = "SHA512"; - s2k-cipher-algo = "AES256"; - charset = "utf-8"; - fixed-list-mode = true; - no-emit-version = true; - no-greeting = true; - keyid-format = "0xshort"; - list-options = "show-uid-validity show-unusable-subkeys"; - verify-options = "show-uid-validity"; - with-fingerprint = true; - with-key-origin = true; - require-cross-certification = true; - no-symkey-cache = true; - default-recipient-self = true; - }; + settings = {pinentry-mode = "loopback";}; }; services.gpg-agent = { enable = true; enableSshSupport = true; pinentryFlavor = "tty"; + extraConfig = '' + allow-loopback-pinentry + ''; }; } diff --git a/home-manager/shared/programs/default.nix b/home-manager/shared/programs/default.nix index 8e3ce0b..41d4d58 100644 --- a/home-manager/shared/programs/default.nix +++ b/home-manager/shared/programs/default.nix @@ -4,6 +4,5 @@ ./nvim ./shell ./2fa - ./warrior ]; } diff --git a/home-manager/shared/programs/dev/default.nix b/home-manager/shared/programs/dev/default.nix index e1e8958..d3bab08 100644 --- a/home-manager/shared/programs/dev/default.nix +++ b/home-manager/shared/programs/dev/default.nix @@ -1,4 +1,8 @@ {pkgs, ...}: { + programs.taskwarrior = { + enable = true; + colorTheme = "solarized-dark-256"; + }; home.packages = with pkgs; [ ripgrep k9s diff --git a/home-manager/shared/programs/shell/default.nix b/home-manager/shared/programs/shell/default.nix index 2a0cdaf..63f8366 100755 --- a/home-manager/shared/programs/shell/default.nix +++ b/home-manager/shared/programs/shell/default.nix @@ -72,11 +72,4 @@ historyWidgetOptions = ["--height 60% --preview ''"]; fileWidgetCommand = "command find -L . -mindepth 1 -o -fstype 'sysfs' -o -fstype 'devfs' -o -fstype 'devtmpfs' -o -fstype 'proc' -prune"; }; - programs.mcfly = { - enable = true; - fzf.enable = false; - keyScheme = "vim"; - interfaceView = "BOTTOM"; - fuzzySearchFactor = 3; - }; } diff --git a/home-manager/shared/programs/warrior/default.nix b/home-manager/shared/programs/warrior/default.nix deleted file mode 100755 index f7800a8..0000000 --- a/home-manager/shared/programs/warrior/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - pkgs, - config, - ... -}: { - programs.taskwarrior = { - enable = true; - colorTheme = "solarized-dark-256"; - }; - - home.packages = with pkgs; [ - timewarrior - ]; - home.file."${config.xdg.dataHome}/task/hooks/on-modify.timewarrior" = { - source = "${pkgs.timewarrior}/share/doc/timew/ext/on-modify.timewarrior"; - executable = true; - }; -} diff --git a/home-manager/shared/wayland/default.nix b/home-manager/shared/wayland/default.nix index aa4ebf1..9595c8d 100644 --- a/home-manager/shared/wayland/default.nix +++ b/home-manager/shared/wayland/default.nix @@ -2,8 +2,18 @@ imports = [ ./librewolf ./alacritty - (import ./sway) + ./sway + ./hyprland ./xdg ./audio ]; + + programs.bemenu = { + enable = true; + settings = { + ignorecase = true; + fn = "UbuntuMono"; + prompt = "open"; + }; + }; } diff --git a/home-manager/shared/wayland/hyprland/default.nix b/home-manager/shared/wayland/hyprland/default.nix new file mode 100644 index 0000000..214bbb8 --- /dev/null +++ b/home-manager/shared/wayland/hyprland/default.nix @@ -0,0 +1,302 @@ +{pkgs, ...}: { + wayland.windowManager.hyprland = { + enable = true; + package = pkgs.hyprland; + systemd.enable = true; + extraConfig = '' + monitor=,preferred,auto,1" + ''; + settings = { + "$mod" = "SUPER"; + general = { + gaps_in = 0; + gaps_out = 0; + layout = "master"; + }; + misc = { + disable_hyprland_logo = true; + }; + decoration = { + blur = { + enabled = false; + }; + drop_shadow = "no"; + }; + animations = { + enabled = "yes"; + bezier = "ease,0.22,1,0.35,1"; + animation = [ + "windows, 1, 1.5, ease, popin" + "windowsOut, 1, 1.5, ease, popin" + "border, 0, 1, default" + "fade, 1, 1.5, ease" + "workspaces, 1, 3, ease, slidefade" + ]; + }; + master = { + new_is_master = "no"; + no_gaps_when_only = 1; + }; + input = { + kb_options = "caps:super"; + repeat_delay = "300"; + repeat_rate = "60"; + + float_switch_override_focus = 0; + # follow_mouse = 0; + accel_profile = "flat"; + sensitivity = 0.4; + touchpad = { + natural_scroll = true; + tap_button_map = "lrm"; + middle_button_emulation = false; + }; + touchdevice = { + enabled = false; + }; + }; + bindm = [ + "$mod, mouse:272, movewindow" + "$mod, mouse:273, resizewindow" + ]; + binde = [ + "$mod ALT, h, resizeactive, -50 0" + "$mod ALT, l, resizeactive, 50 0" + "$mod ALT, k, resizeactive, 0 50" + "$mod ALT, j, resizeactive, 0 -50" + ]; + bind = + [ + "$mod, Return, exec, alacritty" + "$mod, x, killactive" + "$mod, f, fullscreen" + "$mod SHIFT, Escape, exit" + "$mod SHIFT, f, fakefullscreen" + "$mod, Space, exec, ${pkgs.bemenu}/bin/bemenu-run" + "$mod, t, togglefloating" + "$mod, bracketleft, exec, grimshot --notify save area /tmp/scrot-$(date \"+%Y-%m-%d\"T\"%H:%M:%S\").png" + "$mod, bracketright, exec, grimshot --notify copy area" + "$mod SHIFT, q, exec, loginctl lock-session" + ",XF86MonBrightnessDown, exec, light -U 10" + ",XF86MonBrightnessUp, exec, light -A 10" + ",XF86AudioRaiseVolume, exec, pactl set-sink-volume @DEFAULT_SINK@ +1%" + ",XF86AudioLowerVolume, exec, pactl set-sink-volume @DEFAULT_SINK@ -1%" + ",XF86AudioMute, exec, pactl set-sink-mute @DEFAULT_SINK@ toggle" + + ## Movement + "$mod, p, layoutmsg, swapwithmaster" + "$mod, e, layoutmsg, orientationnext" + "$mod, h, movefocus, l" + "$mod, l, movefocus, r" + "$mod, k, movefocus, u" + "$mod, j, movefocus, d" + "$mod SHIFT, h, movewindow, l" + "$mod SHIFT, l, movewindow, r" + "$mod SHIFT, k, movewindow, u" + "$mod SHIFT, j, movewindow, d" + ] + ++ ( + # workspaces + # binds $mod + [shift +] {1..10} to [move to] workspace {1..10} + builtins.concatLists (builtins.genList ( + x: let + ws = let + c = (x + 1) / 10; + in + builtins.toString (x + 1 - (c * 10)); + in [ + "$mod, ${ws}, workspace, ${toString (x + 1)}" + "$mod SHIFT, ${ws}, movetoworkspacesilent, ${toString (x + 1)}" + ] + ) + 10) + ); + windowrulev2 = [ + "workspace 9, class:^(WebCord|webcord|Webcord)$" + "workspace 9, class:^(Signal|signal)$" + "tile, class:^(Minecraft|minecraft)$" + "opacity 0.0 override 0.0 override,class:^(xwaylandvideobridge)$" + "noanim,class:^(xwaylandvideobridge)$" + "noinitialfocus,class:^(xwaylandvideobridge)$" + "maxsize 1 1,class:^(xwaylandvideobridge)$" + "noblur,class:^(xwaylandvideobridge)$" + ]; + }; + }; + programs.waybar = { + enable = true; + systemd.enable = true; + settings = { + mainBar = { + "height" = 14; + "spacing" = 8; + "layer" = "top"; + modules-left = [ + "hyprland/workspaces" + ]; + modules-center = [ + "hyprland/window" + ]; + modules-right = [ + "cpu" + "memory" + "network" + "temperature" + "pulseaudio" + "battery" + "clock" + "tray" + ]; + "hyprland/workspaces" = { + disable-scroll = true; + }; + "hyprland/window" = { + max-length = 100; + }; + "clock" = { + "format" = "{:%m-%d-%y %H:%M}"; + }; + "cpu" = { + "format" = "{load} \@{avg_frequency}Ghz"; + }; + "memory" = { + "format" = "{used}G"; + }; + "temperature" = { + "thermal-zone" = 2; + "hwmon-path" = "/sys/class/hwmon/hwmon0/temp1_input"; + "critical-threshold" = 80; + "format-critical" = "!{temperatureC}°C"; + "format" = "{temperatureC}°C"; + }; + "battery" = { + "states" = { + "warning" = 30; + "critical" = 15; + }; + "format" = "{capacity}% {time}"; + "format-charging" = "+{capacity}% {time}"; + "format-plugged" = "+{capacity}%"; + }; + "network" = { + "format-wifi" = "{signaldBm}db"; + "format-ethernet" = "{ifname}"; + "format-disconnected" = ""; + "tooltip" = "{ifname} = {ipaddr}/{cidr}"; + on-click = "${pkgs.hyprland}/bin/hyprctl dispatch exec \"[float] alacritty -e nmtui\""; + }; + "pulseaudio" = { + "format" = "{volume}%"; + on-click = "${pkgs.hyprland}/bin/hyprctl dispatch exec \"[float] alacritty -e pulsemixer\""; + }; + }; + }; + style = '' + * { + font-family: "Spleen 32x64", "UbuntuMono Nerd Font"; + font-size: 14px; + min-height: 0; + } + + window#waybar { + background: #090410; + color: #bababd; + } + + window#waybar.hidden { + opacity: 0.2; + } + + #workspaces { + } + + #window { + margin: 2px; + padding-left: 8px; + padding-right: 8px; + background-color: #090410; + } + + button { + border: none; + border-radius: 0; + } + + button:hover { + background: inherit; + border-top: 2px solid #bababd; + } + + #workspaces button { + padding: 0 4px; + background-color: #090410; + color: #666666; + } + + #workspaces button.active { + background-color: #090410; + color:#bababd; + border-top: 2px solid #bababd; + } + + #workspaces button.urgent { + background-color: #eb4d4b; + } + + #clock, + #battery, + #cpu, + #memory, + #temperature, + #network, + #pulseaudio, + #tray + { + padding: 2px; + background-color: #090410; + border-top: 2px solid #666666; + color: #bababd; + } + + /* If workspaces is the leftmost module, omit left margin */ + .modules-left > widget:first-child > #workspaces { + margin-left: 0; + } + + /* If workspaces is the rightmost module, omit right margin */ + .modules-right > widget:last-child > #workspaces { + margin-right: 0; + } + + @keyframes blink { + to { + background-color: #ffffff; + color: #000000; + } + } + + #battery.critical:not(.charging) { + background-color: #f53c3c; + color: #ffffff; + animation-name: blink; + animation-duration: 0.5s; + animation-timing-function: linear; + animation-iteration-count: infinite; + animation-direction: alternate; + } + + label:focus { + background-color: #090410; + } + + #temperature.critical { + background-color: #eb4d4b; + } + + #tray > .needs-attention { + -gtk-icon-effect: highlight; + background-color: #eb4d4b; + } + ''; + }; +} diff --git a/home-manager/shared/wayland/sway/default.nix b/home-manager/shared/wayland/sway/default.nix index a186289..eaa2e0f 100644 --- a/home-manager/shared/wayland/sway/default.nix +++ b/home-manager/shared/wayland/sway/default.nix @@ -105,14 +105,15 @@ size = 12.0; }; colors = { + background = "#090410"; statusline = "#666666"; focusedWorkspace = { - background = "#000000"; + background = "#090410"; border = "#666666"; text = "#666666"; }; inactiveWorkspace = { - background = "#000000"; + background = "#090410"; border = "#000000"; text = "#666666"; }; @@ -140,7 +141,7 @@ }; output = { "*" = { - bg = "#000000 solid_color"; + bg = "#090410 solid_color"; }; }; }; diff --git a/home-manager/shared/wayland/xdg/default.nix b/home-manager/shared/wayland/xdg/default.nix index dcd02ed..916bd70 100755 --- a/home-manager/shared/wayland/xdg/default.nix +++ b/home-manager/shared/wayland/xdg/default.nix @@ -2,25 +2,28 @@ home.packages = with pkgs; [ xdg-utils ]; - xdg.configFile."mimeapps.list".force = true; - xdg.mimeApps = { - enable = true; - defaultApplications = { - "x-scheme-handler/http" = "librewolf.desktop"; - "x-scheme-handler/https" = "librewolf.desktop"; - "x-scheme-handler/chrome" = "librewolf.desktop"; - "video/mp4" = "librewolf.desktop"; - "video/mkv" = "librewolf.desktop"; - "image/jpeg" = "librewolf.desktop"; - "image/jpg" = "librewolf.desktop"; - "image/png" = "librewolf.desktop"; - "application/epub" = "librewolf.desktop"; - "application/pdf" = "librewolf.desktop"; - }; - associations.added = { - "x-scheme-handler/http" = "librewolf.desktop"; - "x-scheme-handler/https" = "librewolf.desktop"; - "x-scheme-handler/chrome" = "librewolf.desktop"; + xdg = { + configFile."mimeapps.list".force = true; + mime.enable = true; + mimeApps = { + enable = true; + defaultApplications = { + "x-scheme-handler/http" = "librewolf.desktop"; + "x-scheme-handler/https" = "librewolf.desktop"; + "x-scheme-handler/chrome" = "librewolf.desktop"; + "video/mp4" = "librewolf.desktop"; + "video/mkv" = "librewolf.desktop"; + "image/jpeg" = "librewolf.desktop"; + "image/jpg" = "librewolf.desktop"; + "image/png" = "librewolf.desktop"; + "application/epub" = "librewolf.desktop"; + "application/pdf" = "librewolf.desktop"; + }; + associations.added = { + "x-scheme-handler/http" = "librewolf.desktop"; + "x-scheme-handler/https" = "librewolf.desktop"; + "x-scheme-handler/chrome" = "librewolf.desktop"; + }; }; }; } diff --git a/home-manager/t14/home.nix b/home-manager/t14/home.nix index 21fa0be..544b936 100755 --- a/home-manager/t14/home.nix +++ b/home-manager/t14/home.nix @@ -1,5 +1,6 @@ { pkgs, + lib, attrs, ... }: { @@ -19,7 +20,7 @@ # comms signal-desktop - discord + # discord # using Webcord via flatpak # apps chromium @@ -43,12 +44,8 @@ hostname = "htz.10110110.xyz"; identityFile = "/home/e/.ssh/id_ed25519"; }; - "consensus" = { - hostname = "consensus"; - identityFile = "/home/e/.ssh/id_ed25519"; - }; }; }; - fonts.fontconfig.enable = true; + fonts.fontconfig.enable = lib.mkForce true; systemd.user.startServices = "sd-switch"; } diff --git a/nixos/default.nix b/nixos/default.nix index aab98aa..78973c6 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -36,11 +36,18 @@ specialArgs = { inherit inputs system pkgs; addressList = { - vm-headscale = { + vm-pool = { + name = "vm-pool"; ipv4 = "10.0.0.2"; subnet = "/24"; mac = "02:00:00:00:00:02"; }; + vm-k3s = { + name = "vm-k3s"; + ipv4 = "10.0.0.3"; + subnet = "/24"; + mac = "02:00:00:00:00:03"; + }; }; host = { hostName = "htz"; diff --git a/nixos/htz/configuration.nix b/nixos/htz/configuration.nix index 28fa221..be9dada 100644 --- a/nixos/htz/configuration.nix +++ b/nixos/htz/configuration.nix @@ -1,4 +1,9 @@ -{pkgs, ...}: { +{ + addressList, + lib, + pkgs, + ... +}: { imports = [ ./hardware-configuration.nix ./vms @@ -10,9 +15,10 @@ bridge-utils comma ]; - virtualisation.podman = { - enable = true; - dockerCompat = true; + virtualisation = { + docker = { + enable = true; + }; }; networking = { hostName = "htz"; @@ -22,7 +28,12 @@ allowedTCPPorts = [22 80 443]; allowedUDPPorts = []; logRefusedConnections = true; + trustedInterfaces = ["microvm"]; }; + # Map addressList to entries in /etc/hosts + extraHosts = + builtins.concatStringsSep "\n" + (lib.attrsets.mapAttrsToList (k: v: "${v.ipv4} ${k}") addressList); }; fileSystems."/var/lib/private/nimbus-beacon-mainnet" = { device = "/eth2"; @@ -35,7 +46,13 @@ services = let domain = "ts.10110110.xyz"; in { - openssh.enable = true; + openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "prohibit-password"; + }; + }; tailscale.enable = true; headscale = { enable = true; @@ -45,7 +62,6 @@ dns = {baseDomain = domain;}; settings = {logtail.enabled = false;}; }; - nginx = { enable = true; virtualHosts.${domain} = { diff --git a/nixos/htz/eth.nix b/nixos/htz/eth.nix index 75c7698..d9d4646 100644 --- a/nixos/htz/eth.nix +++ b/nixos/htz/eth.nix @@ -3,24 +3,39 @@ inputs, ... }: { + networking = { + firewall = { + allowedTCPPorts = [9000 30303]; + allowedUDPPorts = [9000 30303]; + logRefusedConnections = true; + trustedInterfaces = ["microvm"]; + }; + }; services.ethereum.geth.mainnet = { enable = true; package = inputs.ethereum-nix.packages.${system}.geth; - openFirewall = true; + openFirewall = false; args = { + http = { + enable = true; + addr = "10.0.0.1"; + }; authrpc.jwtsecret = "/etc/nixos/eth_jwt"; }; }; services.ethereum.nimbus-beacon.mainnet = { enable = true; package = inputs.ethereum-nix.packages.${system}.nimbus; - openFirewall = true; + openFirewall = false; args = { user = "nimbus"; jwt-secret = "/etc/nixos/eth_jwt"; trusted-node-url = "https://sync.invis.tools"; enr-auto-update = true; - rest.enable = true; + rest = { + enable = true; + address = "10.0.0.1"; + }; light-client-data.max-periods = "3"; }; }; diff --git a/nixos/htz/hardware-configuration.nix b/nixos/htz/hardware-configuration.nix index 8c94df1..0c0dcb9 100755 --- a/nixos/htz/hardware-configuration.nix +++ b/nixos/htz/hardware-configuration.nix @@ -30,21 +30,22 @@ device = "/dev/disk/by-uuid/2d5aa5d0-e6c5-4b5d-b295-d5248da994fc"; fsType = "ext4"; }; - fileSystems."/boot" = { device = "/dev/disk/by-uuid/8480-5FBB"; fsType = "vfat"; }; - fileSystems."/eth1" = { device = "/dev/disk/by-uuid/d674ba1d-dde0-4c8d-bdc7-0cb240d6de62"; fsType = "ext4"; }; - fileSystems."/eth2" = { device = "/dev/disk/by-uuid/c2c7cf35-dc97-4ca3-823f-1e892bcba6f5"; fsType = "ext4"; }; + fileSystems."/var/lib/microvms" = { + device = "/dev/disk/by-uuid/06af31e6-7ac6-4066-a56b-9feaae14508b"; + fsType = "ext4"; + }; swapDevices = [ {device = "/dev/disk/by-uuid/d4b0d80e-d570-4d21-bbe4-0f31bd50cbcc";} ]; @@ -71,7 +72,12 @@ matchConfig.Name = "microvm"; networkConfig = { DHCPServer = true; - IPv6SendRA = true; + IPv6SendRA = false; + }; + dhcpServerConfig = { + PoolOffset = 128; + PoolSize = 64; + EmitDNS = true; }; addresses = [ { @@ -83,6 +89,10 @@ matchConfig.Name = "vm-*"; networkConfig.Bridge = "microvm"; }; + "12-microvm" = { + matchConfig.Name = "vnet*"; + networkConfig.Bridge = "microvm"; + }; }; }; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; diff --git a/nixos/htz/vms/default.nix b/nixos/htz/vms/default.nix index 4d4b64a..f638977 100644 --- a/nixos/htz/vms/default.nix +++ b/nixos/htz/vms/default.nix @@ -1,8 +1,105 @@ -_: { +{ + inputs, + lib, + pkgs, + system, + addressList, + ... +}: let + genVMConfig = { + name, + config ? {}, + ... + }: { + restartIfChanged = true; + inherit pkgs; + # Merge custom config passed with defaults + config = + lib.attrsets.recursiveUpdate + { + microvm = { + shares = [ + { + source = "/nix/store"; + mountPoint = "/nix/.ro-store"; + tag = "ro-store"; + proto = "virtiofs"; + } + ]; + interfaces = [ + { + type = "tap"; + id = name; + inherit (addressList.${name}) mac; + } + ]; + }; + systemd.network = { + enable = true; + networks."20-lan" = { + matchConfig.Type = "ether"; + networkConfig = { + Address = [(addressList.${name}.ipv4 + addressList.${name}.subnet)]; + Gateway = "10.0.0.1"; + DNS = ["1.1.1.1"]; + IPv6AcceptRA = true; + DHCP = "no"; + }; + }; + networks."19-docker" = { + matchConfig.Name = "veth*"; + linkConfig = { + Unmanaged = true; + }; + }; + }; + services.openssh = { + enable = true; + listenAddresses = [ + { + addr = addressList.${name}.ipv4; + port = 22; + } + ]; + settings.PasswordAuthentication = false; + settings.KbdInteractiveAuthentication = false; + }; + networking.firewall = { + enable = true; + allowedTCPPorts = [22]; + allowedUDPPorts = []; + logRefusedConnections = true; + }; + users.users = { + root = { + openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItTJm2iu/5xacOoh4/JAvMtHE62duDlVVXpvVP+uQMR root@htz'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14'' + ]; + }; + e = { + isNormalUser = true; + extraGroups = ["wheel"]; + openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItTJm2iu/5xacOoh4/JAvMtHE62duDlVVXpvVP+uQMR root@htz'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14'' + ]; + }; + }; + documentation.enable = false; + system.stateVersion = "23.11"; + } + config; + }; +in { microvm.vms = { - # vm-headscale = genVMConfig { - # name = "vm-headscale"; - # config = import ./headscale.nix { inherit config; }; - # }; + vm-pool = genVMConfig { + name = "vm-pool"; + config = import ./pool.nix {inherit pkgs system inputs;}; + }; + vm-k3s = genVMConfig { + name = "vm-k3s"; + config = import ./k3s.nix {inherit pkgs;}; + }; }; } diff --git a/nixos/htz/vms/k3s.nix b/nixos/htz/vms/k3s.nix new file mode 100644 index 0000000..ffae2fd --- /dev/null +++ b/nixos/htz/vms/k3s.nix @@ -0,0 +1,28 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + k3s + ]; + services.k3s = { + enable = true; + role = "server"; + extraFlags = toString [ + "--disable traefik" + ]; + }; + networking.firewall = { + allowedTCPPorts = [6443]; + }; + services.tailscale.enable = true; + microvm = { + vcpu = 2; + mem = 4096; + volumes = [ + { + image = "/var/lib/microvms/vm-k3s/vm-k3s-root.img"; + label = "vm-pool-root"; + mountPoint = "/"; + size = 10000; + } + ]; + }; +} diff --git a/nixos/htz/vms/pool.nix b/nixos/htz/vms/pool.nix new file mode 100644 index 0000000..a4cae4b --- /dev/null +++ b/nixos/htz/vms/pool.nix @@ -0,0 +1,34 @@ +{ + system, + inputs, + pkgs, + ... +}: { + imports = [inputs.ethereum-nix.nixosModules.default]; + + environment.systemPackages = with pkgs; [ + vim + inputs.ethereum-nix.packages.${system}.rocketpool + docker-compose + ]; + environment.interactiveShellInit = '' + alias rp='rocketpool --allow-root' + ''; + virtualisation = { + docker = { + enable = true; + }; + }; + microvm = { + vcpu = 2; + mem = 4096; + volumes = [ + { + image = "/var/lib/microvms/vm-pool/vm-pool-root.img"; + label = "vm-pool-root"; + mountPoint = "/"; + size = 40000; + } + ]; + }; +} diff --git a/nixos/racknerd/minecraft.nix b/nixos/racknerd/minecraft.nix index d1bb6ce..2f8dfe1 100644 --- a/nixos/racknerd/minecraft.nix +++ b/nixos/racknerd/minecraft.nix @@ -9,7 +9,10 @@ white-list = true; server-port = 25565; gamemode = "survival"; - motd = "yooooooooooo"; + enable-command-block = "true"; + motd = "whaa"; + max-players = "10"; + view-distance = 16; }; whitelist = { cjriddz = "cf36e5f7-6e7f-490a-ba76-65016338e7b4"; diff --git a/nixos/t14/configuration.nix b/nixos/t14/configuration.nix index 038e504..cb52b1a 100755 --- a/nixos/t14/configuration.nix +++ b/nixos/t14/configuration.nix @@ -47,9 +47,12 @@ in { services.tailscale.enable = true; # Services - virtualisation.podman = { - enable = true; - dockerCompat = true; + virtualisation = { + libvirtd.enable = true; + podman = { + enable = true; + dockerCompat = true; + }; }; programs.light.enable = true; security.pam.services.swaylock = {}; @@ -63,21 +66,11 @@ in { }; services.flatpak.enable = true; services.dbus.enable = true; + programs.hyprland.enable = true; xdg.portal = { enable = true; - xdgOpenUsePortal = true; - wlr.enable = true; - extraPortals = [ - pkgs.xdg-desktop-portal-gtk - pkgs.xdg-desktop-portal-wlr - ]; - config = { - common = { - default = [ - "*" - ]; - }; - }; + xdgOpenUsePortal = false; + extraPortals = [pkgs.xdg-desktop-portal-gtk]; }; services.tlp = { @@ -87,13 +80,13 @@ in { CPU_BOOST_ON_BAT = "0"; CPU_BOOST_ON_AC = "1"; - PLATFORM_PROFILE_ON_AC = "performance"; + PLATFORM_PROFILE_ON_AC = "low-power"; PLATFORM_PROFILE_ON_BAT = "low-power"; - CPU_SCALING_GOVERNOR_ON_AC = "performance"; + CPU_SCALING_GOVERNOR_ON_AC = "powersave"; CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; CPU_ENERGY_PERF_POLICY_ON_BAT = "power"; - CPU_ENERGY_PERF_POLICY_ON_AC = "performance"; + CPU_ENERGY_PERF_POLICY_ON_AC = "power"; CPU_MIN_PERF_ON_AC = 0; CPU_MAX_PERF_ON_AC = 100; @@ -118,6 +111,12 @@ in { pkgs.libGL ]; }; + # Set a sane system-wide default font + fonts.packages = with pkgs; [ + (nerdfonts.override {fonts = ["UbuntuMono"];}) + spleen + ]; + fonts.fontconfig.defaultFonts.monospace = ["UbuntuMono"]; boot.kernelPackages = pkgs.linuxPackages_latest; system.stateVersion = "22.11"; }