stupidcomputer
/
dot_testing
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

merge (from mlg)

This commit is contained in:
randomuser 2024-01-24 19:06:57 -06:00
parent 93c424af82 a852816503
commit 9fd284de41
259 changed files with 2547 additions and 990 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,3 +1,2 @@
.environment .environment
.firefox_env .firefox_env
hardware-configuration.nix

56
LICENSE
View File

@ -617,59 +617,3 @@ reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee. copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attac 100 35149 100 35149 0 0 145k 0 --:--:-- --:--:-- --:--:-- 145k
h the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>.

45
README.md
View File

@ -1,26 +1,37 @@
randomuser's dotfiles randomuser's dotfiles
===================== =====================
here's some dotfiles! ![an image of the desktop while editing this repo's flake.nix](./demo.png)
some features features
--------
- ``bspwm`` + ``sxhkd`` - `bspwm` + `sxhkd` + `st` + `firefox`
- ``tmenu``: terminal based ``dmenu`` replacement - most everything on the desktop save for the browser, media viewers, and desktop background, is a terminal
- uses ``pash``, the password manager - on the server, runs gitea + simple-nixos-mailserver
- no flakes (can't figure it out, lol) - built with NixOS flakes
some future things to work on are installation
------------
- remove ``polybar`` with a simpler, homegrown solution `sudo nixos-rebuild --flake .#your-flake-name-here switch`
- integrate a dynamic color switching mechanism
- make these more appealing, in general
- without compromising speed and system load
- compatibility with 'traditional' unix systems
license. if you're trying to install `netbox`, then use the `--impure` flag:
- boring legal stuff for most items in this configuration are in the LICENSE file. `sudo nixos-rebuild --flake .#netbox switch --impure`
- under the GPLv3
- everything under ``config/*``, ``builds/*``, and ``modules/*``, in addition to all files that are ``*.nix``. for alternate installations on non-NixOS hosts, a Makefile will be made available
- NOT in ``wallpapers/*``, those are unlicensed and their legal status is unknown
things to do
------------
- integrate `disko` and `sops-nix` into the setup
- switch from gitea to cgit
- establish backup infrastructure for `netbox`
- move gmail-mail-bridge into mail-sync repo
* (perhaps figure out how to produce a flake for it)
license
-------
all materials, except `./home/wallpapers/pape.jpg`, is licensed under the GPLv3. the licensing status of `pape.jpg` is unknown.

10
boxes/iso.nix
View File

@ -1,10 +0,0 @@
{ config, pkgs, ... }:
{
imports = [
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
# Provide an initial copy of the NixOS channel so that the user
# doesn't need to run "nix-channel --update" first.
<nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
];
}

100
boxes/mainsail.nix
View File

@ -1,100 +0,0 @@
{ lib, config, pkgs, ...}:
{
imports = [
../common/steam.nix
../common/desktop.nix
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
networking.hostName = "mainsail";
services.paperless = {
enable = true;
passwordFile = "/etc/paperless-password";
port = 3004;
address = "localhost";
extraConfig = {
PAPERLESS_URL = "https://paperless.beepboop.systems";
};
};
services.calibre-web.enable = true;
services.calibre-web.listen.port = 8080;
programs.adb.enable = true;
users.users.usr.extraGroups = ["adbusers"];
services.openssh = {
enable = true;
ports = [2222];
};
services.radicale = {
enable = true;
config = ''
[auth]
type = htpasswd
htpasswd_filename = radicale-passwd
htpasswd_encryption = plain
'';
};
systemd.targets.sleep.enable = false;
systemd.targets.suspend.enable = false;
systemd.targets.hibernate.enable = false;
systemd.targets.hybrid-sleep.enable = false;
services.getty.greetingLine = "
welcome to mainsail |`-:_
,----....____ | `+.
( ````----....|___ |
\\ _ ````----....____
\\ _) ```---.._
\\ \\
)`.\\ )`. )`. )`. )`. )`. )`. )`. )`. )`. )`.
-' `-' `-' `-' `-' `-' `-' `-' `-' `-' `-' `
";
environment.systemPackages = with pkgs; [
vscodium-fhs
libreoffice
anki-bin
ytfzf
kdenlive
libreoffice
i3
gcc
gnumake
scrcpy
thunderbird
mepo
];
systemd.services.paperless-web-bridge = {
script = ''
${pkgs.openssh}/bin/ssh -v -NR 3004:localhost:3004 -p 55555 useracc@beepboop.systems
'';
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "ankisyncd.service" ];
};
systemd.services.radicale-web-bridge = {
script = ''
${pkgs.openssh}/bin/ssh -v -NR 5232:localhost:5232 -p 55555 useracc@beepboop.systems
'';
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "ankisyncd.service" ];
};
systemd.services.internal-ssh-bridge = {
script = ''
${pkgs.openssh}/bin/ssh -v -NR 2222:localhost:2222 -p 55555 useracc@beepboop.systems
'';
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "ankisyncd.service" ];
};
}

63
boxes/mainsail/default.nix Normal file
View File

@ -0,0 +1,63 @@
{ lib, config, pkgs, ...}:
{
imports = [
./hardware-configuration.nix
../../modules/bootstrap.nix
../../modules/common.nix
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
networking.hostName = "mainsail";
services.getty.greetingLine = "
welcome to mainsail |`-:_
,----....____ | `+.
( ````----....|___ |
\\ _ ````----....____
\\ _) ```---.._
\\ \\
)`.\\ )`. )`. )`. )`. )`. )`. )`. )`. )`. )`.
-' `-' `-' `-' `-' `-' `-' `-' `-' `-' `-' `
";
environment.systemPackages = with pkgs; [
neovim
git
curl
];
services.home-assistant = {
enable = true;
extraComponents = [
# Components required to complete the onboarding
"netgear"
"hue"
"nest"
"esphome"
"met"
"radio_browser"
];
config = {
# Includes dependencies for a basic setup
# https://www.home-assistant.io/integrations/default_config/
default_config = {};
};
openFirewall = true;
};
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
};
};
users.users.usr.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbhM3wj0oqjR3pUaZgpfX4Xo4dlzvBTbQ48zHyg7Pwx usr"
];
system.stateVersion = "23.11";
}

32
boxes/mainsail/hardware-configuration.nix Normal file
View File

@ -0,0 +1,32 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "ums_realtek" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/948aeaf8-cb7e-4f85-ae3e-1bc6a25ec156";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/617cb1ae-a788-429a-b0d4-63d46d8a4e1b";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/d82ae76c-68f4-4e70-9162-5dab5f84375b"; }
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

11
boxes/mlg.nix → boxes/mlg/default.nix
View File

@ -2,10 +2,13 @@
{ {
imports = [ imports = [
../common/desktop.nix ./hardware-configuration.nix
../common/nvidia.nix ./nvidia.nix
../common/gaming.nix ../../modules/bootstrap.nix
../common/steam.nix ../../modules/common.nix
../../modules/x11.nix
../../modules/discord.nix
../../modules/gaming.nix
]; ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [

41
boxes/mlg/hardware-configuration.nix Normal file
View File

@ -0,0 +1,41 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# testing
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/eada30c2-ffc5-4410-b1cf-fcea6a4040ff";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/5318-1A44";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp58s0.useDHCP = lib.mkDefault true;
# networking.interfaces.enp7s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

10
boxes/mlg/home.nix Normal file
View File

@ -0,0 +1,10 @@
{ lib, inputs, config, pkgs, home, ... }:
{
imports = [
../../home/x11.nix
../../home/chromium
];
home.stateVersion = "23.11";
}

0
common/nvidia.nix → boxes/mlg/nvidia.nix
View File

207
boxes/netbox.nix
View File

@ -1,207 +0,0 @@
{ lib, config, pkgs, ... }:
{
imports =
[
../modules/mail.nix
../common/main.nix
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/vda";
networking.hostName = "netbox";
services.rss2email = {
enable = true;
to = "ryan@beepboop.systems";
feeds = {
"eff" = {
url = "https://www.eff.org/rss/updates.xml";
};
"nixos" = {
url = "https://nixos.org/blog/announcements-rss.xml";
};
"drewdevault" = {
url = "https://drewdevault.com/blog/index.xml";
};
"nullprogram" = {
url = "https://nullprogram.com/feed/";
};
};
};
services.fail2ban = {
enable = true;
ignoreIP = [
"192.168.1.0/24"
];
extraPackages = [pkgs.ipset];
banaction = "iptables-ipset-proto6-allports";
jails = {
"nginx-bruteforce" = ''
enabled = true
filter = nginx-bruteforce
logpath = /var/log/nginx/access.log
backend = auto
maxretry = 6
findtime = 600
'';
"postfix-bruteforce" = ''
enabled = true
filter = postfix-bruteforce
maxretry = 6
findtime = 600
'';
};
};
environment.etc = {
"fail2ban/filter.d/nginx-bruteforce.conf".text = ''
[Definition]
failregex = ^<HOST>.*GET.*(matrix/server|\.php|admin|wp\-).* HTTP/\d.\d\" 404.*$
'';
"fail2ban/filter.d/postfix-bruteforce.conf".text = ''
[Definition]
failregex = warning: [\w\.\-]+\[<HOST>\]: SASL LOGIN authentication failed.*$
journalmatch = _SYSTEMD_UNIT=postfix.service
'';
};
users.users.useracc = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" ];
};
users.users.ryan = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" ];
packages = [ "browsh" ];
};
users.users.paperlesspassthrough = {
isNormalUser = true;
};
environment.systemPackages = with pkgs; [
neovim
# nothing more needed, at the moment
];
services.openssh = {
enable = true;
ports = [55555];
};
services.endlessh.enable = true;
services.endlessh.port = 22;
services.vaultwarden.enable = true;
services.vaultwarden.config = {
DOMAIN = "https://bitwarden.beepboop.systems";
SIGNUPS_ALLOWED = false;
};
networking.usePredictableInterfaceNames = false;
services.nixosmail.enable = true;
services.gitea = {
enable = true;
appName = "crappy code"; # Give the site a name
database = {
type = "postgres";
passwordFile = "/etc/gittea-pass";
};
settings.server = {
DOMAIN = "git.beepboop.systems";
ROOT_URL = "https://git.beepboop.systems/";
HTTP_PORT = 3001;
};
};
services.postgresql = {
enable = true; # Ensure postgresql is enabled
authentication = ''
local gitea all ident map=gitea-users
'';
identMap = # Map the gitea user to postgresql
''
gitea-users gitea gitea
'';
};
services.nginx.enable = true;
services.nginx.clientMaxBodySize = "100m";
services.nginx.virtualHosts."beepboop.systems" = {
forceSSL = true;
enableACME = true;
root = "/var/www/beepboop.systems";
};
services.nginx.virtualHosts."git.beepboop.systems" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:3001";
};
services.nginx.virtualHosts."paperless.beepboop.systems" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:3004";
};
services.nginx.virtualHosts."bitwarden.beepboop.systems" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8000";
};
};
services.nginx.virtualHosts."radicale.beepboop.systems" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:5232";
extraConfig = ''
proxy_set_header X-Script-Name /;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Authorization;
'';
};
};
services.nginx.virtualHosts."skillissue.agency" = {
forceSSL = true;
enableACME = true;
root = "/var/www/skillissue.agency";
};
security.acme = {
acceptTerms = true;
email = "nickforanick@protonmail.com";
};
services.roundcube = {
enable = true;
# this is the url of the vhost, not necessarily the same as the fqdn of
# the mailserver
hostName = "cube.beepboop.systems";
extraConfig = ''
# starttls needed for authentication, so the fqdn required to match
# the certificate
$config['smtp_server'] = "tls://${config.mailserver.fqdn}";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ 5232 55555 22 80 443 ];
};
}

465
boxes/netbox/default.nix Normal file
View File

@ -0,0 +1,465 @@
{ lib, config, pkgs, ... }:
let
cgitrc = pkgs.writeText "cgitrc" ''
css=/static/cgit.css
logo=/static/logo.png
favicon=/static/favicon.ico
root-title=beepboop.systems
root-desc=quality git hosting
readme=:README
readme=:readme
readme=:readme.txt
readme=:README.txt
readme=:readme.md
readme=:README.md
remove-suffix=1
section-from-path=1
section-sort=0
section=meta
repo.url=about
repo.path=/doesnt/exist
repo.desc=about this site
section=other services at beepboop.systems
repo.url=bitwarden
repo.path=/doesnt/exist
repo.desc=a simple password manager
repo.url=radicale
repo.path=/doesnt/exist
repo.desc=a simple calendar server
repo.url=roundcube
repo.path=/doesnt/exist
repo.desc=mail.beepboop.systems webmail
repo.url=gitea
repo.path=/doesnt/exist
repo.desc=real git hosting services (until this one is fully operational)
section=projects
repo.url=advent
repo.path=/var/lib/git/advent
repo.desc=advent of code solutions
repo.url=desmos-computer
repo.path=/var/lib/git/desmos-computer
repo.desc=a minimal ISA implemented in the Desmos graphing calculator
repo.url=dot_testing
repo.path=/var/lib/git/dot_testing
repo.desc=configuration files for NixOS/GNU+Linux boxes
repo.url=esgd
repo.path=/var/lib/git/esgd
repo.desc=the exceedingly simple gopher daemon
repo.url=mail-sync
repo.path=/var/lib/git/mail-sync
repo.desc=synchronize mail from walled gardens
repo.url=mastosnake
repo.path=/var/lib/git/mastosnake
repo.desc=a low quality clone of Twitter Plays Snake
repo.url=secmsg
repo.path=/var/lib/git/secmsg
repo.desc=a stupid (in)secure messaging client thing
repo.url=ultimate
repo.path=/var/lib/git/ultimate
repo.desc=ultimate tic tac toe solving engine
repo.url=wordlefish
repo.path=/var/lib/git/wordlefish
repo.desc=use information theory to solve wordle puzzles
section=irc robots
repo.url=botanybot
repo.path=/var/lib/git/botanybot
repo.desc=water bots on ~.club
repo.url=coinminer
repo.path=/var/lib/git/coinminer
repo.desc=mine fake coins on irc
repo.url=chaosbot
repo.path=/var/lib/git/chaosbot
repo.desc=robot to protect a user on chaos
repo.url=modbot
repo.path=/var/lib/git/modbot
repo.desc=modular irc robot
repo.url=pychaos
repo.path=/var/lib/git/pychaos
repo.desc=python chaos bot
repo.url=universalducks
repo.path=/var/lib/git/universalducks
repo.desc=cross channel irc ducks
'';
in {
imports =
[
./hardware-configuration.nix
../../modules/bootstrap.nix
../../builds/gmail_mail_bridge.nix
];
networking.networkmanager.enable = true;
time.timeZone = "America/Chicago";
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
environment.systemPackages = with pkgs; [
curl
htop
git
tree
dig
htop
gnumake
neovim
];
services.gmail_mail_bridge.enable = true;
system.copySystemConfiguration = true;
system.stateVersion = "23.05"; # don't change this, lol
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/vda";
services.sslh = {
enable = true;
settings.protocols = [
{
host = "localhost";
name = "ssh";
port = "55555";
service = "ssh";
}
{
host = "localhost";
name = "tls";
port = "442";
}
];
};
# cgit
users = {
groups.git = { };
users.git = {
createHome = true;
home = /var/lib/git;
isSystemUser = true;
shell = "${pkgs.git}/bin/git-shell";
group = "git";
};
};
services.fcgiwrap = { enable = true; user = "git"; group = "git"; };
networking.hostName = "netbox";
services.radicale = {
enable = true;
config = ''
[auth]
type = htpasswd
htpasswd_filename = radicale-passwd
htpasswd_encryption = plain
'';
};
services.rss2email = {
enable = true;
to = "ryan@beepboop.systems";
feeds = {
"eff" = {
url = "https://www.eff.org/rss/updates.xml";
};
"nixos" = {
url = "https://nixos.org/blog/announcements-rss.xml";
};
"drewdevault" = {
url = "https://drewdevault.com/blog/index.xml";
};
"nullprogram" = {
url = "https://nullprogram.com/feed/";
};
};
};
services.fail2ban = {
enable = true;
ignoreIP = [
"192.168.1.0/24"
];
extraPackages = [pkgs.ipset];
banaction = "iptables-ipset-proto6-allports";
jails = {
"nginx-bruteforce" = ''
enabled = true
filter = nginx-bruteforce
logpath = /var/log/nginx/access.log
backend = auto
maxretry = 6
findtime = 600
'';
"postfix-bruteforce" = ''
enabled = true
filter = postfix-bruteforce
maxretry = 6
findtime = 600
'';
};
};
environment.etc = {
"fail2ban/filter.d/nginx-bruteforce.conf".text = ''
[Definition]
failregex = ^<HOST>.*GET.*(matrix/server|\.php|admin|wp\-).* HTTP/\d.\d\" 404.*$
'';
"fail2ban/filter.d/postfix-bruteforce.conf".text = ''
[Definition]
failregex = warning: [\w\.\-]+\[<HOST>\]: SASL LOGIN authentication failed.*$
journalmatch = _SYSTEMD_UNIT=postfix.service
'';
};
users.users.ryan = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbhM3wj0oqjR3pUaZgpfX4Xo4dlzvBTbQ48zHyg7Pwx usr"
];
isNormalUser = true;
extraGroups = [ "wheel" "docker" ];
};
services.openssh = {
enable = true;
ports = [55555];
};
services.endlessh.enable = true;
services.endlessh.port = 22;
services.vaultwarden.enable = true;
services.vaultwarden.config = {
DOMAIN = "https://bitwarden.beepboop.systems";
SIGNUPS_ALLOWED = false;
};
networking.usePredictableInterfaceNames = false;
services.gitea = {
enable = true;
appName = "crappy code"; # Give the site a name
database = {
type = "postgres";
passwordFile = "/etc/gittea-pass";
};
settings.server = {
DOMAIN = "git.beepboop.systems";
ROOT_URL = "https://git.beepboop.systems/";
HTTP_PORT = 3001;
};
};
services.postgresql = {
enable = true; # Ensure postgresql is enabled
authentication = ''
local gitea all ident map=gitea-users
'';
identMap = # Map the gitea user to postgresql
''
gitea-users gitea gitea
'';
};
services.nginx.enable = true;
services.nginx.clientMaxBodySize = "100m";
services.nginx.defaultSSLListenPort = 442;
services.nginx.virtualHosts."beepboop.systems" = {
forceSSL = true;
enableACME = true;
root = "/var/www/beepboop.systems";
locations."~* ^/static/(.+.(ico|css))$" = {
extraConfig = ''
alias ${pkgs.cgit}/cgit/$1;
'';
};
locations."/static/logo.png" = {
extraConfig = ''
try_files /icon.png /icon.png;
'';
};
locations."/about" = {
extraConfig = ''
try_files /about.html /about.html;
'';
};
locations."/bitwarden" = {
extraConfig = ''
return 301 https://bit.beepboop.systems;
'';
};
locations."/gitea" = {
extraConfig = ''
return 301 https://git.beepboop.systems/rndusr;
'';
};
locations."/radicale" = {
extraConfig = ''
return 301 https://cal.beepboop.systems;
'';
};
locations."/roundcube" = {
extraConfig = ''
return 301 https://mail.beepboop.systems;
'';
};
locations."~ \\.git" = {
extraConfig = ''
client_max_body_size 0;
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME ${pkgs.git}/bin/git-http-backend;
fastcgi_param GIT_HTTP_EXPORT_ALL "";
fastcgi_param GIT_PROJECT_ROOT /var/lib/git;
fastcgi_param PATH_INFO $uri;
# Forward REMOTE_USER as we want to know when we are authenticated
fastcgi_param REMOTE_USER $remote_user;
fastcgi_pass unix:${config.services.fcgiwrap.socketAddress};
'';
};
locations."/" = {
extraConfig = ''
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_param CGIT_CONFIG ${cgitrc};
fastcgi_param SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi;
fastcgi_split_path_info ^(/?)(.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $args;
fastcgi_param HTTP_HOST $server_name;
fastcgi_pass unix:${config.services.fcgiwrap.socketAddress};
'';
};
};
services.nginx.virtualHosts."git.beepboop.systems" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:3001";
};
services.nginx.virtualHosts."bit.beepboop.systems" = {
forceSSL = true;
enableACME = true;
globalRedirect = "bitwarden.beepboop.systems";
};
services.nginx.virtualHosts."bitwarden.beepboop.systems" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8000";
};
};
services.nginx.virtualHosts."radicale.beepboop.systems" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:5232";
extraConfig = ''
proxy_set_header X-Script-Name /;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Authorization;
'';
};
};
services.nginx.virtualHosts."calendar.beepboop.systems" = {
forceSSL = true;
enableACME = true;
globalRedirect = "radicale.beepboop.systems";
};
services.nginx.virtualHosts."cal.beepboop.systems" = {
forceSSL = true;
enableACME = true;
globalRedirect = "radicale.beepboop.systems";
};
services.nginx.virtualHosts."skillissue.agency" = {
forceSSL = true;
enableACME = true;
root = "/var/www/skillissue.agency";
};
security.acme = {
acceptTerms = true;
email = "nickforanick@protonmail.com";
};
services.roundcube = {
enable = true;
# this is the url of the vhost, not necessarily the same as the fqdn of
# the mailserver
hostName = "cube.beepboop.systems";
extraConfig = ''
# starttls needed for authentication, so the fqdn required to match
# the certificate
$config['smtp_server'] = "tls://${config.mailserver.fqdn}";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
services.nginx.virtualHosts."roundcube.beepboop.systems" = {
forceSSL = true;
enableACME = true;
globalRedirect = "cube.beepboop.systems";
};
services.nginx.virtualHosts."mail.beepboop.systems" = {
forceSSL = true;
enableACME = true;
locations."/bridge-submit" = {
extraConfig = ''
proxy_pass http://localhost:8041;
'';
};
locations."/" = {
extraConfig = ''
return 301 https://cube.beepboop.systems;
'';
};
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
};
}

37
boxes/netbox/hardware-configuration.nix Normal file
View File

@ -0,0 +1,37 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ ];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/a57b82ca-7bfd-458e-b3e8-4962511cc0b8";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/DF39-1ECE";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/57fbd850-1ced-4e21-9e52-4f3b529c61b0"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
virtualisation.hypervGuest.enable = true;
}

12
boxes/virtbox.nix
View File

@ -1,12 +0,0 @@
{ lib, config, pkgs, ...}:
{
imports = [
../common/desktop.nix
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/vda";
networking.hostName = "virtbox";
}

18
boxes/virtbox/default.nix Normal file
View File

@ -0,0 +1,18 @@
{ lib, config, pkgs, ...}:
{
imports = [
./hardware-configuration.nix
../../modules/bootstrap.nix
../../modules/common.nix
../../modules/x11.nix
../../modules/discord.nix
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/vda";
networking.hostName = "virtbox";
system.stateVersion = "23.11";
}

31
boxes/virtbox/hardware-configuration.nix Normal file
View File

@ -0,0 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/7b70ab88-296c-4737-90b2-267cb2432dc1";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

9
boxes/virtbox/home.nix Normal file
View File

@ -0,0 +1,9 @@
{ lib, inputs, config, pkgs, home, ... }:
{
imports = [
../../home/x11.nix
];
home.stateVersion = "23.11";
}

48
boxes/x230t/default.nix Normal file
View File

@ -0,0 +1,48 @@
{ lib, config, pkgs, ...}:
{
imports = [
./hardware-configuration.nix
../../modules/bootstrap.nix
../../modules/common.nix
../../modules/x11.nix
../../modules/tlp.nix
../../modules/media.nix
../../modules/anki.nix
../../modules/power-control.nix
../../modules/adb.nix
];
environment.systemPackages = with pkgs; [
xscreensaver
thunderbird
hue-cli
bluetuith
];
hardware.bluetooth = {
enable = true;
};
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="input", KERNEL=="event[0-20]*", ENV{ID_INPUT_TOUCHSCREEN}=="1", MODE:="0666" GROUP="usr", SYMLINK+="input/touchscreen"
'';
users.users.usr.extraGroups = [ "input" ];
services.getty.autologinUser = "usr";
boot.loader = {
grub.timeoutStyle = "hidden";
timeout = 0;
grub.enable = true;
grub.device = "/dev/sda";
};
hardware.pulseaudio.enable = true;
networking.hostName = "x230t";
system.stateVersion = "23.11";
}

33
boxes/x230t/hardware-configuration.nix Normal file
View File

@ -0,0 +1,33 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/772f67d6-9434-42f1-aa3e-153e41affe4c";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s25.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

10
boxes/x230t/home.nix Normal file
View File

@ -0,0 +1,10 @@
{ lib, inputs, config, pkgs, home, ... }:
{
imports = [
../../home/x11.nix
../../home/chromium
];
home.stateVersion = "23.11";
}

49
boxes/xps.nix
View File

@ -1,49 +0,0 @@
{ lib, config, pkgs, ...}:
{
imports = [
../common/desktop.nix
../common/steam.nix
];
environment.systemPackages = with pkgs; [
gnome.cheese
musescore
libsForQt5.kdenlive
xdotool
texlive.combined.scheme-full
zathura
lilypond
virt-manager
# virtualbox
xsane
android-studio
mpc-cli
emacs
nyxt
cmus
];
# users.extraGroups.vboxusers.members = [ "usr" ];
# virtualisation.virtualbox.host.enable = true;
# virtualisation.virtualbox.host.enableExtensionPack = true;
services.tlp.enable = true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
services.printing.enable = true;
services.avahi.enable = true;
services.avahi.nssmdns = true;
# for a WiFi printer
services.avahi.openFirewall = true;
networking.nameservers = [ "1.1.1.1" "9.9.9.9" ];
networking.hostName = "xps";
virtualisation.libvirtd.enable = true;
programs.dconf.enable = true;
users.users.usr.extraGroups = [ "libvirtd" ];
}

27
builds/flake.lock Normal file
View File

@ -0,0 +1,27 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1703467016,
"narHash": "sha256-/5A/dNPhbQx/Oa2d+Get174eNI3LERQ7u6WTWOlR1eQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d02d818f22c777aa4e854efc3242ec451e5d462a",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

28
builds/flake.nix Normal file
View File

@ -0,0 +1,28 @@
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
outputs =
{ nixpkgs, ... }:
let
inherit (nixpkgs) lib;
withSystem =
f:
lib.fold lib.recursiveUpdate { } (
map f [
"x86_64-linux"
]
);
mkPackages = pkgs: {
st = pkgs.callPackage ./st.nix { };
rebuild = pkgs.callPackage ./rebuild.nix { };
utils = pkgs.callPackage ./utils.nix { };
};
in
withSystem (
system: {
overlays.default = final: _: mkPackages final;
packages.${system} = mkPackages nixpkgs.legacyPackages.${system};
}
);
}

19
builds/gmail_mail_bridge.nix Normal file
View File

@ -0,0 +1,19 @@
{ lib, pkgs, config, ... }:
let
cfg = config.services.gmail_mail_bridge;
appEnv = pkgs.python3.withPackages (p: with p; [ waitress (callPackage ./gmail_mail_bridge/default.nix {}) ]);
in {
options.services.gmail_mail_bridge = {
enable = lib.mkEnableOption "Enable the gmail_mail_bridge";
};
config = lib.mkIf cfg.enable {
systemd.services.gmail_mail_bridge = {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${appEnv}/bin/waitress-serve --port=8041 gmail_mail_bridge:app";
StandardOutput = "journal";
};
};
};
}

1
builds/gmail_mail_bridge/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
__pycache_/

10
builds/gmail_mail_bridge/README Normal file
View File

@ -0,0 +1,10 @@
synchronize email from gmail accounts whose OAuth access is heavily restricted
background
----------
my school district disabled external OAuth access to email, which is not cool. this script gets around this and creates a bridge so you can recieve emails from your school email.
do note that this is heavily unpolished and most definately insecure. there are some hardcoded credentials (which you can change, it just takes a little technical know-how)
have fun!

20
builds/gmail_mail_bridge/default.nix Normal file
View File

@ -0,0 +1,20 @@
{ pkgs, pythonPackages ? (import <nixpkgs> {}).python3Packages }:
pythonPackages.buildPythonPackage {
name = "gmail_mail_bridge";
src = ./gmail_mail_bridge;
propagatedBuildInputs = [ pythonPackages.flask pkgs.system-sendmail ];
installPhase = ''
runHook preInstall
mkdir -p $out/${pythonPackages.python.sitePackages}
cp -r . $out/${pythonPackages.python.sitePackages}/gmail_mail_bridge
runHook postInstall
'';
shellHook = "export FLASK_APP=gmail_mail_bridge";
format = "other";
}

37
builds/gmail_mail_bridge/gmail_mail_bridge/__init__.py Normal file
View File

@ -0,0 +1,37 @@
from flask import Flask
from flask import request
from flask import redirect
from flask import abort
import logging
import smtplib
import email
from subprocess import Popen, PIPE, STDOUT
pre_shared_secret = "amongus sussy imposter"
to = "ryan@beepboop.systems"
app = Flask(__name__)
def handle_post(request):
msg = email.message_from_string(request.form["payload"])
del msg["To"]
msg["To"] = to
if not msg["From"]:
msg["From"] = "unknown-sender@mail.beepboop.systems"
s = smtplib.SMTP('localhost')
s.send_message(msg)
s.quit()
@app.route("/bridge-submit", methods = ["GET", "POST"])
def testing():
if request.method == 'POST':
data = request.form
if data['auth'] == pre_shared_secret:
handle_post(request)
else:
return 'you didn\'t use post'
return "default answer"

12
builds/gmail_mail_bridge/shell.nix Normal file
View File

@ -0,0 +1,12 @@
{ pkgs ? import (fetchTarball "https://github.com/NixOS/nixpkgs/tarball/nixos-23.11") {} }:
pkgs.mkShell {
packages = [
(pkgs.python3.withPackages (ps: [
ps.flask
]))
pkgs.curl
pkgs.jq
];
}

23
builds/gmail_mail_bridge/sync.gas Normal file
View File

@ -0,0 +1,23 @@
// google-side synchronization
// add a minute-wise trigger for mail synchronization
// go to the sidebar, select triggers, add a new one, configure it
// to run syncMail every minute
function syncMail() {
var threads = GmailApp.search("label:need_processing");
var label = GmailApp.getUserLabelByName("need_processing");
for (var thread of threads) {
for (var message of GmailApp.getMessagesForThread(thread)) {
var formData = {
auth: 'amongus sussy imposter',
payload: message.getRawContent(),
};
var options = {
'method' : 'POST',
'payload' : formData
};
var resp = UrlFetchApp.fetch('https://mail.beepboop.systems/bridge-submit', options);
}
thread.removeLabel(label);
}
}

27
builds/pash.nix
View File

@ -1,27 +0,0 @@
{ stdenv
, lib
, bash
, gnupg
, makeWrapper
, fetchgit
}:
stdenv.mkDerivation rec {
pname = "pash";
version = "1.00";
src = fetchgit {
url = "https://git.beepboop.systems/rndusr/pash";
sha256 = "sha256-0L3N7F4BwVdu4rR5xpUEIHcX/x64Gni8JTUki5kGH24=";
};
nativeBuildInputs = [ makeWrapper gnupg ];
installPhase = ''
mkdir -p $out/bin
cp $src/pash $out/bin/pash
wrapProgram $out/bin/pash --prefix PATH : ${lib.makeBinPath [ bash ]}
'';
phases = [ "installPhase" ];
}

6
builds/rebuild/rebuild
View File

@ -1,2 +1,6 @@
cd ~/dot_testing cd ~/dot_testing
sudo nixos-rebuild -I nixos-config=./boxes/$(hostname).nix switch $@ if [ -f "flake.nix" ]; then
sudo nixos-rebuild --flake . switch $@
else
sudo nixos-rebuild -I nixos-config=./boxes/$(hostname).nix switch $@
fi

4
builds/st.nix
View File

@ -12,14 +12,14 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "st"; pname = "st";
version = "69.19"; version = "1.02";
src = fetchgit { src = fetchgit {
url = "https://git.beepboop.systems/rndusr/st"; url = "https://git.beepboop.systems/rndusr/st";
sha256 = "sha256-zdID1SUnTO/zl90EG8TguBNYYCnrnqFnSLz32kQZbng="; sha256 = "sha256-zdID1SUnTO/zl90EG8TguBNYYCnrnqFnSLz32kQZbng=";
}; };
nativeBuildInputs = [ pkg-config fontconfig freetype ncurses]; nativeBuildInputs = [ pkg-config fontconfig freetype ncurses ];
buildInputs = [ libX11 libXft ] ++ extraLibs; buildInputs = [ libX11 libXft ] ++ extraLibs;
buildPhase = '' buildPhase = ''

28
builds/utils.nix
View File

@ -1,35 +1,45 @@
{ stdenv { stdenv
, lib , lib
# for statusbar
, pkg-config
, libxcb
# shell scripts stuff
, makeWrapper
, sxhkd , sxhkd
, bash , bash
, feh , feh
, jq , jq
, ffmpeg
, fzy
, figlet , figlet
, curl , curl
, ytfzf
, xrandr , xrandr
, makeWrapper
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "utils"; pname = "utils";
version = "1.00"; version = "1.01";
src = ./utils; src = ./utils;
nativeBuildInputs = [ makeWrapper ]; nativeBuildInputs = [ makeWrapper pkg-config libxcb ];
buildInputs = [ bash feh xrandr jq curl ]; buildInputs = [ libxcb bash feh xrandr jq curl fzy ytfzf ffmpeg ];
buildPhase = ""; buildPhase = ''
ls
make
'';
installPhase = '' installPhase = ''
mkdir -p $out/bin mkdir -p $out/bin
for i in $(ls $src/sh); do for i in $(ls $src/sh); do
cp $src/sh/$i $out/bin cp $src/sh/$i $out/bin
wrapProgram $out/bin/$i --prefix PATH : ${lib.makeBinPath [ sxhkd bash feh xrandr jq figlet curl ]} ln -sf $out/bin/tmenu_run $out/bin/regenerate
wrapProgram $out/bin/$i --prefix PATH : ${lib.makeBinPath [ sxhkd bash feh xrandr jq figlet curl fzy ytfzf ffmpeg ]}
done done
cp c/status/main $out/bin/statusbar
''; '';
phases = [ "buildPhase" "installPhase" ];
} }

3
builds/utils/Makefile Normal file
View File

@ -0,0 +1,3 @@
.PHONY: main
main:
make -C c/status -f Makefile

2
builds/utils/c/status/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
main
*.o

9
builds/utils/c/status/Makefile Normal file
View File

@ -0,0 +1,9 @@
LDFLAGS=`pkg-config --cflags --libs xcb`
CFLAGS=-ggdb -fsanitize=address
main: battery.o bspwm.o time.o battstatus.o
clean:
rm *.o main
run:
./main

4
builds/utils/c/status/README Normal file
View File

@ -0,0 +1,4 @@
status
------
a simple statusbar script thing (tm)

38
builds/utils/c/status/battery.c Normal file
View File

@ -0,0 +1,38 @@
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <string.h>
#include <fcntl.h>
#include "battery.h"
#include "common.h"
/* config contains a path to the battery */
int mod_battery(char *config, char *name, char *pipename) {
struct message msg;
strcpy(msg.name, name);
int fd = open(pipename, O_WRONLY);
int battery;
int recvd;
chdir("/sys/class/power_supply");
chdir(config);
for(;;) {
battery = open("capacity", O_RDONLY);
recvd = read(battery, msg.content, 3);
msg.content[3] = '\0';
if (msg.content[2] == '\n') {
msg.content[2] = '\0';
}
close(battery);
write(fd, &msg, sizeof(msg));
sleep(30);
}
return 0;
}

6
builds/utils/c/status/battery.h Normal file
View File

@ -0,0 +1,6 @@
#ifndef STATUS_BATTERY_H
#define STATUS_BATTERY_H
int mod_battery(char *config, char *name, char *pipename);
#endif

48
builds/utils/c/status/battstatus.c Normal file
View File

@ -0,0 +1,48 @@
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <fcntl.h>
#include "battstatus.h"
#include "common.h"
int mod_battstatus(char *config, char *name, char *pipename) {
char status;
int battery;
struct message msg;
strcpy(msg.name, name);
int fd = open(pipename, O_WRONLY);
chdir("/sys/class/power_supply");
chdir(config);
for(;;) {
battery = open("status", O_RDONLY);
read(battery, msg.content, 1);
switch(msg.content[0]) {
case 'N': /* not charging */
msg.content[0] = '-';
break;
case 'C': /* charging */
msg.content[0] = '^';
break;
case 'D': /* discharging */
msg.content[0] = 'U';
break;
case 'U': /* unknown */
msg.content[0] = '?';
break;
default: /* what's going on? */
msg.content[0] = '!';
break;
}
msg.content[1] = '\0';
close(battery);
write(fd, &msg, sizeof(msg));
sleep(30);
}
return 0;
}

6
builds/utils/c/status/battstatus.h Normal file
View File

@ -0,0 +1,6 @@
#ifndef STATUS_BATTSTAT_H
#define STATUS_BATTSTAT_H
int mod_battstatus(char *config, char *name, char *pipename);
#endif

142
builds/utils/c/status/bspwm.c Normal file
View File

@ -0,0 +1,142 @@
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <xcb/xcb.h>
#include <fcntl.h>
#include "bspwm.h"
#include "common.h"
const char subscribe[] = "subscribe";
int get_socket(void) {
struct sockaddr_un sock;
char *host;
int displaynumber, screennumber;
int fd;
xcb_parse_display(NULL, &host, &displaynumber, &screennumber);
sock.sun_family = AF_UNIX;
snprintf(
sock.sun_path,
sizeof(sock.sun_path), "/tmp/bspwm%s_%i_%i-socket",
host, displaynumber, screennumber
);
free(host);
fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (connect(
fd,
(struct sockaddr *) &sock,
sizeof(sock)
) == -1) {
return -1;
} else {
return fd;
}
}
int should_be_shown(char c) {
return c == 'O' || c == 'o' || c == 'F' || c == 'U' || c == 'u';
}
int is_a_desktop(char c) {
return c == 'O' || c == 'o' || c == 'F' || c == 'f' || c == 'U' || c == 'u';
}
/* XXX: this function has the potential to buffer overflow by ONE BYTE.
* probably fix this? */
void print_desktop_status(char *in, char *out, int outlen) {
int written;
int i;
char c;
/* flags */
int read_colon;
int skip_to_next_colon;
int read_until_colon;
int is_first_desktop;
int last_was_desktop;
i = 0;
written = 0;
read_colon = 1;
skip_to_next_colon = 0;
read_until_colon = 0;
is_first_desktop = 1;
last_was_desktop = 0;
for(;;) {
c = in[i];
if(!c) break;
if(written == outlen) break;
if (skip_to_next_colon) {
if (c == ':') {
skip_to_next_colon = 0;
read_until_colon = 0;
read_colon = 1;
} else if (read_until_colon) {
out[written] = c;
written++;
}
} else if (read_colon && should_be_shown(c)) {
if (!is_first_desktop) {
out[written] = ' ';
written++;
}
switch(c) {
case 'O':
case 'F': /* fallthrough */
out[written] = '*';
written++;
break;
}
skip_to_next_colon = 1;
read_until_colon = 1;
read_colon = 0;
is_first_desktop = 0;
last_was_desktop = 1;
} else if (read_colon && is_a_desktop(c)) {
last_was_desktop = 1;
} else {
if(last_was_desktop) {
break;
}
}
i++;
}
out[written] = '\0';
}
int mod_bspwm(char *config, char *name, char *pipename) {
struct message msg;
int fd, bspcfd;
char in[BUFFER_SIZE];
strcpy(msg.name, name);
msg.flags = 0;
fd = open(pipename, O_WRONLY);
bspcfd = get_socket();
send(bspcfd, subscribe, sizeof(subscribe), 0);
for(;;) {
int recvd = recv(bspcfd, in, BUFFER_SIZE, 0);
print_desktop_status(in, msg.content, 512);
write(fd, &msg, sizeof(msg));
memset(msg.content, 0, 512);
}
return 0;
}

6
builds/utils/c/status/bspwm.h Normal file
View File

@ -0,0 +1,6 @@
#ifndef STATUS_BSPWM_H
#define STATUS_BSPWM_H
int mod_bspwm(char *config, char *name, char *pipename);
#endif

21
builds/utils/c/status/common.h Normal file
View File

@ -0,0 +1,21 @@
#ifndef STATUS_COMMON_H
#define STATUS_COMMON_H
#define LENGTH(x) sizeof(x) / sizeof(x[0])
#define BUFFER_SIZE 512
struct module {
int (*fork_callback)(char *config, char *name, char *pipename);
char name[16];
char config[512];
char buffer[512];
int buflen;
};
struct message {
int flags;
char name[16];
char content[512];
};
#endif

91
builds/utils/c/status/main.c Normal file
View File

@ -0,0 +1,91 @@
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/un.h>
#include <time.h>
#include <fcntl.h>
#include <xcb/xcb.h>
#include <string.h>
#include "common.h"
#include "battery.h"
#include "battstatus.h"
#include "bspwm.h"
#include "time.h"
struct module mods[] = {
{mod_battery, "battery", "BAT0", { '\0' }},
{mod_battstatus, "battstatus", "BAT0", { '\0' }},
{mod_time, "time", "", { '\0' }},
/* {mod_bspwm, "bspwm", "", { '\0' }}, not working at the moment */
};
void create_module_proc(int index, char *pipename) {
pid_t pid = fork();
if (pid == 0) { /* we're the child */
mods[index].fork_callback(
mods[index].config,
mods[index].name,
pipename
);
}
}
void create_module_procs(char *pipename) {
for(int i = 0; i < LENGTH(mods); i++) {
create_module_proc(i, pipename);
}
}
void redraw() {
/* get the progress' module's value, convert it to int, and then
* figure out how much of the screen should be shaded in */
printf("\033[H\033[2J");
for(int i = 0; i < LENGTH(mods); i++) {
if (i == 0) printf("%s ", mods[i].buffer);
else printf("| %s ", mods[i].buffer);
}
fflush(stdout);
}
static char NAMED_PIPE[] = "/home/usr/.cache/statusbar_pipe";
int main(void) {
char pipename[BUFFER_SIZE];
srand(time(NULL));
strcpy(pipename, &NAMED_PIPE);
pipename[sizeof(NAMED_PIPE) - 1] = 'A' + (rand() % 26);
pipename[sizeof(NAMED_PIPE)] = 'A' + (rand() % 26);
pipename[sizeof(NAMED_PIPE) + 1] = '\0';
mkfifo(pipename, 0666);
int fd = open(pipename, O_RDWR);
struct message msg;
create_module_procs(pipename);
for (;;) {
int ret = read(fd, &msg, sizeof(msg));
if(ret < 0) {
printf("error while reading message from child\n");
}
for(int i = 0; i < LENGTH(mods); i++) {
if(strcmp(mods[i].name, msg.name) == 0) {
mods[i].buflen = strlen(msg.content);
strcpy(mods[i].buffer, msg.content);
redraw();
break;
}
}
}
return 0;
}

9
builds/utils/c/status/shell.nix Normal file
View File

@ -0,0 +1,9 @@
with import <nixpkgs> {};
pkgs.mkShell {
nativeBuildInputs = [
gdb
gnumake
pkg-config
xorg.libxcb
];
}

27
builds/utils/c/status/time.c Normal file
View File

@ -0,0 +1,27 @@
#include <unistd.h>
#include <fcntl.h>
#include <time.h>
#include <string.h>
#include "common.h"
#include "time.h"
int mod_time(char *config, char *name, char *pipename) {
struct message msg;
time_t now;
struct tm *tm;
int fd;
strcpy(msg.name, name);
msg.flags = 0;
fd = open(pipename, O_WRONLY);
for(;;) {
time(&now);
tm = localtime(&now);
strftime(msg.content, 512, "%H:%M", tm);
write(fd, &msg, sizeof(msg));
sleep(60);
}
}

6
builds/utils/c/status/time.h Normal file
View File

@ -0,0 +1,6 @@
#ifndef STATUS_TIME_H
#define STATUS_TIME_H
int mod_time(char *config, char *name, char *pipename);
#endif

4
builds/utils/sh/capture
View File

@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# get screen info and temporary file # get screen info and temporary file
tmp=$(mktemp) tmp=$(mktemp -d)
res=$(xrandr | res=$(xrandr |
grep ' connected' | grep ' connected' |
awk -F' ' '{print $1 " " $4}' | awk -F' ' '{print $1 " " $4}' |
@ -11,7 +11,7 @@ res=$(xrandr |
# still or motion # still or motion
medium=$(printf ".mp4\n.png\n" | fzy) medium=$(printf ".mp4\n.png\n" | fzy)
output="$tmp$medium" output="$tmp/main$medium"
# capture # capture
case "$medium" in case "$medium" in

68
builds/utils/sh/disp
View File

@ -1,24 +1,62 @@
#!/bin/sh #!/bin/sh
find_card_pci() {
[ -z $pci_path ] && pci_path=$(find /sys/devices | \
grep edid | \
cut -d/ -f1-6
)
}
assert_edid() {
find_card_pci
out=$(sha256sum ${pci_path}/card0/card0-$1/edid | \
cut -d' ' -f1)
[ "$out" = "$2" ] && return 0 || return 1
}
exists() { exists() {
xrandr | grep ' connected' | grep -c "${1}" xrandr | grep ' connected' | grep -c "${1}"
} }
if [ ! "$(hostname)" = "mainsail" ]; then case "$(hostname)" in
bspc monitor eDP-1 -d 1 2 3 4 5 6 7 8 9 "mainsail")
fi echo "mainsail"
if [ "$(exists "DP-1")" -gt 1 ]; then
printf "two"
bspc monitor DP-1 -s eDP-1
xrandr --output eDP-1 --off
exit 0
fi
if [ "$(hostname)" = "mainsail" ]; then
# this is a tower, so there's only one configuration
printf "mainsail detected\n"
xrandr --output VGA-1 --left-of HDMI-1 xrandr --output VGA-1 --left-of HDMI-1
bspc monitor VGA-1 -d 1 3 5 7 9 bspc monitor VGA-1 -d 1 3 5 7 9
bspc monitor HDMI-1 -d 2 4 6 8 0 bspc monitor HDMI-1 -d 2 4 6 8 0
fi ;;
"x230t")
echo "x230t"
case "$1" in
"dockedtwo")
# assume we're connected to the two external displays
xrandr --output VGA-1 --primary --mode 1920x1080 --rotate normal \
--output HDMI-1 --mode 1920x1080 --rotate normal --right-of VGA-1 \
--output LVDS-1 --off
bspc monitor VGA-1 -d 1 3 5 7 9
bspc monitor HDMI-1 -d 2 4 6 8
;;
*)
if
assert_edid "VGA-1" "35737dc483d2c3b1b20ea2343ce13c6c42d115febdc9634f8437e1b9f7fd3f5c" &&
assert_edid "HDMI-A-1" "01887cbd23d74201e489a6334656f7db73a7b7f732a738a9f1ee2d53389f7817";
then
echo "docked"
xrandr --output LVDS-1 --primary --mode 1366x768 --pos 1194x1080 --rotate normal \
--output VGA-1 --mode 1920x1080 --pos 0x0 --rotate normal \
--output HDMI-1 --mode 1920x1080 --pos 1920x0 --rotate normal \
--output DP-1 --off \
--output HDMI-2 --off \
--output DP-2 --off
bspc monitor LVDS-1 -d 1 4 7
bspc monitor VGA-1 -d 2 5 8
bspc monitor HDMI-1 -d 3 6 9
else
bspc monitor LVDS-1 -d 1 2 3 4 5 6 7 8 9
fi
;;
esac
;;
esac

13
builds/utils/sh/mode
View File

@ -1,4 +1,13 @@
# mode - change the current effective sxhkd configuration # mode - change the current effective sxhkd configuration
pkill sxhkd if [ -n "$1" ]; then
sxhkd -c ~/.config/sxhkd/$1 & disown pkill sxhkd
sxhkd -c ~/.config/sxhkd/$1 & disown
[ -f "~/.config/sxhkd/$1.sh ] && ~/.config/sxhkd/$1.sh
exit
fi
# we need a menu
choice=$(ls ~/.config/sxhkd | tmenu)
$0 $choice

14
builds/utils/sh/statuswrap Executable file
View File

@ -0,0 +1,14 @@
#!/bin/sh
geos=$(
xrandr | \
grep ' connected' | \
grep -o '[0-9]*x[0-9]*+[0-9]*+[0-9]*' | \
awk -F'[x+]' '{print $1 "x20+" $3 "+" $4}'
)
pkill statusbar
for i in $geos; do
st -c statusbar -p -g "$i" -e statusbar & disown
done

32
builds/utils/sh/wallpaper
View File

@ -1,32 +0,0 @@
#!/bin/sh
WALLDIR="${HOME}/.local/share/wallpapers"
BASECMD="feh --no-fehbg --bg-fill"
generate_wall () {
GENWALL=$( \
ls "$WALLDIR" | \
grep "." | \
shuf -n 1
)
GENWALL="${WALLDIR}/${GENWALL}"
}
wall () {
generate_wall
while [ "${GENWALL}" = "${1}" ]; do
generate_wall
done
}
displays () {
displays=$(xrandr | grep -c ' connected')
}
cmd=""
displays
for i in $(seq 1 "$displays"); do
wall "${tmp}"
tmp="${GENWALL}"
cmd="${cmd} ${GENWALL}"
done
eval "${BASECMD}" "${cmd}"
exit 0

265
common/desktop.nix
View File

@ -1,265 +0,0 @@
{ lib, config, pkgs, ...}:
let
home-manager = builtins.fetchTarball {
url = "https://github.com/nix-community/home-manager/archive/release-23.11.tar.gz";
sha256 = "1caggh7q5674b24ghx5p8l4jmd22afwrqqj2flfvlh3n6p94wfyc";
};
customPolybar = pkgs.polybar.override {
alsaSupport = true;
pulseSupport = true;
};
in {
imports = [
"${builtins.fetchTarball "https://github.com/Mic92/sops-nix/archive/master.tar.gz"}/modules/sops"
(import "${home-manager}/nixos")
./main.nix
];
services.xserver = {
enable = true;
libinput.enable = true;
layout = "us";
displayManager.sx.enable = true;
};
sound.enable = true;
hardware.pulseaudio.enable = true;
nixpkgs.config = {
allowUnfree = true;
permittedInsecurePackages = [
"libxls-1.6.2"
];
};
environment.systemPackages = with pkgs; [
sx
fzy
xclip
xcape
ffmpeg
man-pages
ncmpcpp
pciutils
tor-browser-bundle-bin
xscreensaver
ncpamixer
gpick
calcurse
dunst
libnotify
tig
neomutt
mpv
yt-dlp
zathura
tmux
lynx
feh
elinks
sc-im
ledger
remind
python3
pinentry-curses
magic-wormhole
xbrightness
xdotool
figlet
neomutt
unzip
lua-language-server
rnix-lsp
python311Packages.jedi-language-server
ungoogled-chromium
discord
customPolybar
(pkgs.callPackage ../builds/utils.nix {})
(pkgs.callPackage ../builds/st.nix {})
(pkgs.callPackage ../builds/pash.nix {})
];
fonts.fonts = with pkgs; [
fantasque-sans-mono
];
programs.gnupg.agent = {
enable = true;
pinentryFlavor = "gtk2";
enableSSHSupport = true;
};
programs.firefox = {
enable = true;
policies = {
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = {
Cryptomining = true;
Fingerprinting = true;
EmailTracking = true;
};
DisableFirefoxAccounts = true;
DisableFirefoxScreenshots = true;
DisableSetDesktopBackground = true;
DisplayBookmarksToolbar = "never";
DontCheckDefaultBrowser = true;
Extensions = {
Install = [
"https://addons.mozilla.org/firefox/downloads/file/3812704/umatrix-1.4.4.xpi"
"https://addons.mozilla.org/firefox/downloads/file/3824639/gruvbox_true_dark-2.0.xpi"
"https://addons.mozilla.org/firefox/downloads/file/4128489/darkreader-4.9.64.xpi"
"https://addons.mozilla.org/firefox/downloads/file/4036604/tridactyl_vim-1.23.0.xpi"
"https://addons.mozilla.org/firefox/downloads/file/4098688/user_agent_string_switcher-0.5.0.xpi"
];
};
FirefoxHome = {
Pocket = false;
Snippets = false;
TopSites = false;
SponsoredTopSites = false;
};
UserMessaging = {
ExtensionRecommendations = false;
SkipOnboarding = true;
MoreFromMozilla = false;
UrlbarInterventions = false;
WhatsNew = false;
};
EnableTrackingProtection = true;
OverrideFirstRunPage = "";
OverridePostUpdatePage = "";
PasswordManagerEnabled = false;
SearchSuggestEnabled = false;
};
nativeMessagingHosts.packages = [
pkgs.tridactyl-native
];
};
services.mpd = {
enable = true;
musicDirectory = "/home/usr/music";
user = "usr";
extraConfig = ''
audio_output {
type "pulse"
name "Pulseaudio"
}
audio_output {
type "alsa"
name "mpd alsamixer-output"
}
'';
};
users.users.usr = {
isNormalUser = true;
extraGroups = [ "wheel" ];
initialPassword = "usr";
packages = with pkgs; [
firefox
tree
bspwm
sxhkd
];
};
# honking impure, but who's counting anyway?
system.activationScripts.test-script.text = ''
#!${pkgs.bash}/bin/bash
if [ "$(${pkgs.coreutils}/bin/whoami)" = "usr"]; then
${pkgs.coreutils}/bin/mkdir -p /home/usr/git
${pkgs.git}/bin/git https://git.beepboop.systems/rndusr/dot /home/usr/git/dot
${pkgs.git}/bin/git https://git.beepboop.systems/rndusr/privdata /home/usr/git/privdata
fi
'';
home-manager.users.usr = {
home.stateVersion = "23.05";
programs.neovim = {
enable = true;
extraLuaPackages = luaPkgs: with luaPkgs; [ luaexpat ];
extraPackages = [ pkgs.sqlite ];
};
home.file = {
".config/bash" = {
source = ../config/bash;
recursive = true;
};
".config/bspwm" = {
source = ../config/bspwm;
recursive = true;
};
".config/git" = {
source = ../config/git;
recursive = true;
};
".config/htop" = {
source = ../config/htop;
recursive = true;
};
".config/nvim" = {
source = ../config/nvim;
recursive = true;
};
".config/python" = {
source = ../config/python;
recursive = true;
};
".config/polybar" = {
source = ../config/polybar;
recursive = true;
};
".config/sx" = {
source = ../config/sx;
recursive = true;
};
".config/sxhkd" = {
source = ../config/sxhkd;
recursive = true;
};
".config/tridactyl" = {
source = ../config/tridactyl;
recursive = true;
};
".config/zathura" = {
source = ../config/zathura;
recursive = true;
};
".local/share/wallpapers" = {
source = ../wallpapers;
recursive = true;
};
".local/share/gnupg" = {
source = ../config/gnupg;
recursive = true;
};
".config/emacs" = {
source = ../config/emacs;
recursive = true;
};
};
};
environment.etc = {
"profile.local" = {
text = "source /home/usr/.config/bash/profile";
};
"bashrc.local" = {
text = "source /home/usr/.config/bash/bashrc";
};
};
programs.ssh.askPassword = "";
}

9
common/gaming.nix
View File

@ -1,9 +0,0 @@
{ config, lib, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
steam-run
prismlauncher
xonotic
minetest
];
}

37
common/main.nix
View File

@ -1,37 +0,0 @@
{ lib, config, pkgs, ... }:
let
my_neovim = pkgs.neovim.overrideAttrs (oldAttrs: {
buildInputs = oldAttrs.buildInputs or [] ++ [ pkgs.luajitPackages.luaexpat ];
});
in {
imports =
[
../hardware-configuration.nix # include the results of the hardware scan
];
networking.networkmanager.enable = true;
time.timeZone = "America/Chicago";
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
environment.systemPackages = with pkgs; [
curl
htop
git
tree
dig
htop
gnumake
(pkgs.callPackage ../builds/rebuild.nix {})
];
system.copySystemConfiguration = true;
system.stateVersion = "23.05"; # don't change this, lol
}

BIN
demo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 666 KiB

239
flake.lock Normal file
View File

@ -0,0 +1,239 @@
{
"nodes": {
"blobs": {
"flake": false,
"locked": {
"lastModified": 1604995301,
"narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"type": "gitlab"
}
},
"firefox-addons": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1705709716,
"narHash": "sha256-YJdWSN3ra0FsAQT5PXe7uXxMeAXxTR+SY/wVOO1c6Bs=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "d7ad3362283fced58410547650be31e37f9d0f41",
"type": "gitlab"
},
"original": {
"dir": "pkgs/firefox-addons",
"owner": "rycee",
"repo": "nur-expressions",
"type": "gitlab"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1629284811,
"narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1705659542,
"narHash": "sha256-WA3xVfAk1AYmFdwghT7mt/erYpsU6JPu9mdTEP/e9HQ=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "10cd9c53115061aa6a0a90aad0b0dde6a999cdb9",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.11",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1705641746,
"narHash": "sha256-D6c2aH8HQbWc7ZWSV0BUpFpd94ImFyCP8jFIsKQ4Slg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d2003f2223cbb8cd95134e4a0541beea215c1073",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-22_11": {
"locked": {
"lastModified": 1669558522,
"narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.11",
"type": "indirect"
}
},
"nixpkgs-23_05": {
"locked": {
"lastModified": 1684782344,
"narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8966c43feba2c701ed624302b6a935f97bcbdf88",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.05",
"type": "indirect"
}
},
"nixpkgs-23_11": {
"locked": {
"lastModified": 1701539137,
"narHash": "sha256-nVO/5QYpf1GwjvtpXhyxx5M3U/WN0MwBro4Lsk+9mL0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "933d7dc155096e7575d207be6fb7792bc9f34f6d",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.11",
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1670751203,
"narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"root": {
"inputs": {
"firefox-addons": "firefox-addons",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"simple-nixos-mailserver": "simple-nixos-mailserver",
"utilpkg": "utilpkg"
}
},
"simple-nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs_2",
"nixpkgs-22_11": "nixpkgs-22_11",
"nixpkgs-23_05": "nixpkgs-23_05",
"nixpkgs-23_11": "nixpkgs-23_11",
"utils": "utils"
},
"locked": {
"lastModified": 1703023684,
"narHash": "sha256-XQU4OaacV0F2tf9cNAvIMqlC0HBIrAtvb0MLjIHt+7M=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"rev": "4bfb8eb058f098302c97b909df2d019926e11220",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"ref": "nixos-23.11",
"repo": "nixos-mailserver",
"type": "gitlab"
}
},
"utilpkg": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1,
"narHash": "sha256-iemuV19UU8TriqixcvwdRUTa8lIrxc3Krwt4bHpUUWE=",
"path": "/nix/store/26f187i54ky8clnmd0rbjvv8h3khgc5d-source/builds",
"type": "path"
},
"original": {
"path": "/nix/store/26f187i54ky8clnmd0rbjvv8h3khgc5d-source/builds",
"type": "path"
}
},
"utils": {
"locked": {
"lastModified": 1605370193,
"narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5021eac20303a61fafe17224c087f5519baed54d",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

103
flake.nix Normal file
View File

@ -0,0 +1,103 @@
{
description = "rndusr's nixos flake";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
home-manager = {
url = "github:nix-community/home-manager/release-23.11";
inputs.nixpkgs.follows = "nixpkgs";
};
firefox-addons = {
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
inputs.nixpkgs.follows = "nixpkgs";
};
utilpkg = {
url = "./builds";
inputs.nixpkgs.follows = "nixpkgs";
};
simple-nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.11";
};
};
outputs = { self, nixpkgs, home-manager, firefox-addons, simple-nixos-mailserver, utilpkg, ... }@inputs: {
nixosConfigurations = {
netbox = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [
./boxes/netbox
simple-nixos-mailserver.nixosModule
{
mailserver = {
enable = true;
fqdn = "mail.beepboop.systems";
domains = [ "beepboop.systems" ];
loginAccounts = {
"ryan@beepboop.systems" = {
# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' > /hashed/password/file/location
hashedPasswordFile = "/etc/ryan-beepboop-systemsuser-pass";
aliases = [
"info@beepboop.systems"
"postmaster@beepboop.systems"
];
};
};
certificateScheme = "acme-nginx";
};
}
];
};
mlg = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [
./boxes/mlg
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit inputs; };
home-manager.users.usr = import ./boxes/mlg/home.nix;
}
];
};
virtbox = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [
./boxes/virtbox
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit inputs; };
home-manager.users.usr = import ./boxes/virtbox/home.nix;
}
];
};
x230t = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [
./boxes/x230t
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit inputs; };
home-manager.users.usr = import ./boxes/x230t/home.nix;
}
];
};
mainsail = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [
./boxes/mainsail
];
};
};
};
}

0
config/bash/bashrc → home/bash/bashrc
View File

18
home/bash/default.nix Normal file
View File

@ -0,0 +1,18 @@
{ lib, config, pkgs, home, ... }:
{
# if we use programs.bash.enable, it creates spurious .bashrc and .profile in
# our home directory, which is no good
home.packages = with pkgs; [
bash
];
home.file = {
".config/bash/bashrc" = {
source = ./bashrc;
};
".config/bash/profile" = {
source = ./profile;
};
};
}

3
config/bash/profile → home/bash/profile
View File

@ -54,3 +54,6 @@ export DBUS_SESSION_BUS_ADDRESS="unix:path=$XDG_RUNTIME_DIR/bus"
# source the bashrc(s) # source the bashrc(s)
[ -f $HOME/.config/bash/bashrc ] && . $HOME/.config/bash/bashrc [ -f $HOME/.config/bash/bashrc ] && . $HOME/.config/bash/bashrc
[ -f $HOME/.bashrc ] && . $HOME/.bashrc [ -f $HOME/.bashrc ] && . $HOME/.bashrc
# if we're interactive and the tty is /dev/tty1 then start xorg
[ "$(tty)" = "/dev/tty1" ] && sx

33
config/bspwm/bspwmrc → home/bspwm/bspwmrc
View File

@ -1,11 +1,26 @@
#!/bin/sh #!/bin/sh
# rndusr's bspwmrc # rndusr's bspwmrc
bspc rule -a st-gpg-menu state=floating
bspc rule -a statusbar border=off sticky=on state=floating manage=off
bspc rule -a tmenu-prompt border=on sticky=on state=floating
bspc rule -a Xmessage border=on state=floating
bspc rule -a Zathura state=tiled
bspc rule -a generic-st-window state=floating manage=on sticky=on border=on
bspc rule -a floating-feh state=floating
set_walls() {
for i in $(xrandr | grep ' connected' | cut -d' ' -f1); do
xwallpaper --output $i --zoom ~/.local/share/pape.jpg
done
}
# post-wm boilerplate # post-wm boilerplate
wallpaper
disp disp
polybar & statuswrap
dunst & set_walls
pkill xscreensaver
HOME=".config/xscreensaver" xscreensaver --no-splash &
# set up the color scheme # set up the color scheme
bspc config normal_border_color "#161510" bspc config normal_border_color "#161510"
@ -16,13 +31,5 @@ bspc config pointer_follows_focus true
bspc config pointer_follows_monitor true bspc config pointer_follows_monitor true
bspc config focus_follows_pointer true bspc config focus_follows_pointer true
bspc config window_gap 3 bspc config window_gap 0
#bspc config top_padding 20 bspc config top_padding 20
bspc rule -a st-gpg-menu state=floating
bspc rule -a statusbar border=off sticky=on state=floating manage=off
bspc rule -a tmenu-prompt border=on sticky=on state=floating
bspc rule -a Xmessage border=on state=floating
bspc rule -a Zathura state=tiled
bspc rule -a generic-st-window state=floating manage=on sticky=on border=on
bspc rule -a floating-feh state=floating

11
home/bspwm/default.nix Normal file
View File

@ -0,0 +1,11 @@
{ lib, config, pkgs, home, ... }:
{
# program activation is managed by nixos config
home.file = {
".config/bspwm/bspwmrc" = {
source = ./bspwmrc;
};
};
}

15
home/chromium/default.nix Normal file
View File

@ -0,0 +1,15 @@
{ lib, inputs, config, pkgs, home, ... }:
{
home.packages = with pkgs; [
ungoogled-chromium
];
programs.chromium = {
enable = true;
package = pkgs.ungoogled-chromium;
extensions = [
{ id = "ecnphlgnajanjnkcmbpancdjoidceilk"; }
];
};
}

0
config/earth/assets/all-assets.svg → home/earth/src/assets/all-assets.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 154 KiB

After

Width:  |  Height:  |  Size: 154 KiB

0
config/earth/assets/all-assets.txt → home/earth/src/assets/all-assets.txt
View File

0
config/earth/assets/change_dpi.sh → home/earth/src/assets/change_dpi.sh
View File

0
config/earth/assets/checkbox-checked-insensitive.svg → home/earth/src/assets/checkbox-checked-insensitive.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 851 B

After

Width:  |  Height:  |  Size: 851 B

0
config/earth/assets/checkbox-checked.svg → home/earth/src/assets/checkbox-checked.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 849 B

After

Width:  |  Height:  |  Size: 849 B

0
config/earth/assets/checkbox-mixed-insensitive.svg → home/earth/src/assets/checkbox-mixed-insensitive.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 387 B

After

Width:  |  Height:  |  Size: 387 B

0
config/earth/assets/checkbox-mixed.svg → home/earth/src/assets/checkbox-mixed.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 385 B

After

Width:  |  Height:  |  Size: 385 B

0
config/earth/assets/grid-selection-checked.svg → home/earth/src/assets/grid-selection-checked.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.8 KiB

After

Width:  |  Height:  |  Size: 2.8 KiB

0
config/earth/assets/grid-selection-unchecked.svg → home/earth/src/assets/grid-selection-unchecked.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.2 KiB

After

Width:  |  Height:  |  Size: 2.2 KiB

0
config/earth/assets/menuitem-checkbox-checked-hover.svg → home/earth/src/assets/menuitem-checkbox-checked-hover.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.2 KiB

After

Width:  |  Height:  |  Size: 2.2 KiB

0
config/earth/assets/menuitem-checkbox-checked-insensitive.svg → home/earth/src/assets/menuitem-checkbox-checked-insensitive.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.2 KiB

After

Width:  |  Height:  |  Size: 2.2 KiB

0
config/earth/assets/menuitem-checkbox-checked.svg → home/earth/src/assets/menuitem-checkbox-checked.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.2 KiB

After

Width:  |  Height:  |  Size: 2.2 KiB

0
config/earth/assets/menuitem-checkbox-mixed-hover.svg → home/earth/src/assets/menuitem-checkbox-mixed-hover.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.7 KiB

After

Width:  |  Height:  |  Size: 1.7 KiB

0
config/earth/assets/menuitem-checkbox-mixed-insensitive.svg → home/earth/src/assets/menuitem-checkbox-mixed-insensitive.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.7 KiB

After

Width:  |  Height:  |  Size: 1.7 KiB

0
config/earth/assets/menuitem-checkbox-mixed-selected.svg → home/earth/src/assets/menuitem-checkbox-mixed-selected.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.7 KiB

After

Width:  |  Height:  |  Size: 1.7 KiB

0
config/earth/assets/menuitem-checkbox-mixed.svg → home/earth/src/assets/menuitem-checkbox-mixed.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.7 KiB

After

Width:  |  Height:  |  Size: 1.7 KiB

0
config/earth/assets/menuitem-checkbox-unchecked.svg → home/earth/src/assets/menuitem-checkbox-unchecked.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 919 B

After

Width:  |  Height:  |  Size: 919 B

0
config/earth/assets/menuitem-radio-checked-hover.svg → home/earth/src/assets/menuitem-radio-checked-hover.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.7 KiB

After

Width:  |  Height:  |  Size: 1.7 KiB

0
config/earth/assets/menuitem-radio-checked-insensitive.svg → home/earth/src/assets/menuitem-radio-checked-insensitive.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.7 KiB

After

Width:  |  Height:  |  Size: 1.7 KiB

0
config/earth/assets/menuitem-radio-checked.svg → home/earth/src/assets/menuitem-radio-checked.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.7 KiB

After

Width:  |  Height:  |  Size: 1.7 KiB

0
config/earth/assets/menuitem-radio-mixed-hover.svg → home/earth/src/assets/menuitem-radio-mixed-hover.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.5 KiB

After

Width:  |  Height:  |  Size: 1.5 KiB

0
config/earth/assets/menuitem-radio-mixed-insensitive.svg → home/earth/src/assets/menuitem-radio-mixed-insensitive.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.5 KiB

After

Width:  |  Height:  |  Size: 1.5 KiB

0
config/earth/assets/menuitem-radio-mixed-selected.svg → home/earth/src/assets/menuitem-radio-mixed-selected.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.5 KiB

After

Width:  |  Height:  |  Size: 1.5 KiB

0
config/earth/assets/menuitem-radio-mixed.svg → home/earth/src/assets/menuitem-radio-mixed.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.5 KiB

After

Width:  |  Height:  |  Size: 1.5 KiB

0
config/earth/assets/menuitem-radio-unchecked.svg → home/earth/src/assets/menuitem-radio-unchecked.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 777 B

After

Width:  |  Height:  |  Size: 777 B

0
config/earth/assets/pane-handle-vertical.svg → home/earth/src/assets/pane-handle-vertical.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.6 KiB

After

Width:  |  Height:  |  Size: 2.6 KiB

0
config/earth/assets/pane-handle.png → home/earth/src/assets/pane-handle.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 150 B

After

Width:  |  Height:  |  Size: 150 B

0
config/earth/assets/pane-handle.svg → home/earth/src/assets/pane-handle.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.5 KiB

After

Width:  |  Height:  |  Size: 2.5 KiB

0
config/earth/assets/pane-handle@2.png → home/earth/src/assets/pane-handle@2.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 161 B

After

Width:  |  Height:  |  Size: 161 B

0
config/earth/assets/radio-checked-insensitive.svg → home/earth/src/assets/radio-checked-insensitive.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 591 B

After

Width:  |  Height:  |  Size: 591 B

0
config/earth/assets/radio-checked.svg → home/earth/src/assets/radio-checked.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 589 B

After

Width:  |  Height:  |  Size: 589 B

0
config/earth/assets/radio-mixed-insensitive.svg → home/earth/src/assets/radio-mixed-insensitive.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 387 B

After

Width:  |  Height:  |  Size: 387 B

0
config/earth/assets/radio-mixed.svg → home/earth/src/assets/radio-mixed.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 385 B

After

Width:  |  Height:  |  Size: 385 B

Some files were not shown because too many files have changed in this diff Show More