From 92a2b959d7ec88a6997f22e62c11e87bad8ca085 Mon Sep 17 00:00:00 2001 From: Danilo Reyes Date: Sun, 30 Apr 2023 15:23:40 -0600 Subject: [PATCH] baremetal install, cleaned up code --- README.org | 88 ---- configuration.nix | 882 +++++++++++++++----------------- configuration.org | 514 +++++++------------ dotfiles/Caddyfile | 147 ------ dotfiles/gallery-dl/config.json | 26 +- dotfiles/mpdas/mpdasrc | 4 - hardware-configuration.nix | 153 ++++-- pacman list | 90 ---- pacman list new | 162 ------ 9 files changed, 729 insertions(+), 1337 deletions(-) delete mode 100755 README.org delete mode 100755 dotfiles/Caddyfile delete mode 100755 dotfiles/mpdas/mpdasrc delete mode 100755 pacman list delete mode 100755 pacman list new diff --git a/README.org b/README.org deleted file mode 100755 index 1bd75bd..0000000 --- a/README.org +++ /dev/null @@ -1,88 +0,0 @@ -#+title:CaptainJawZ's system configuration - -This is my personal system configuration, a project powered by the amazing -self-documenting capabilities of Emacs and NixOS. The goal of this project is -to create a declarative repository. Which when cloned into a live CD, will -replicate my ideal system into a fresh NixOS installation, preconfigured to my -every preference out of the box. - -You may be wondering what that system looks like, so here is an overview: -- Modern looking system - - Vanilla Gnome with some quality-of-life extensions. - - A bunch of (preferably GTK/Libadwaita) applications to simplify common - tasks. -- Terminal friendly environment - - Feature-rich terminal applications for automation. - - Fish Shell functions to simplify menial tasks. - - Declaratively setting up paths in a centralize manner to avoid having to - check all of my scripts, functions, dotfiles, if I ever modify the location - of a directory. -- Developer ready environment both for learning and developing. -- Home media center - - Easy deployment of Docker containers for home media center. - - LAN-network settings - - Reverse proxies for accessing my servers outside my home-network -- Minimal gaming -- Windows 10 virtual-machine environment -- Self-organizing database of files - -- Resources - https://gitlab.com/dwt1/dotfiles - - Secrets - https://nixos.wiki/wiki/Comparison_of_secret_managing_schemes - https://www.richdevelops.dev/blog/keeping-secrets-out-of-git - https://github.com/ryantm/agenix - https://github.com/Mic92/sops-nix - https://xeiaso.net/blog/nixos-encrypted-secrets-2021-01-20 <--- best one - https://www.reddit.com/r/NixOS/comments/j6nqbe/declarative_secrets/ - - Babel - https://www.youtube.com/watch?v=kkqVTDbfYp4&t=1032s - https://orgmode.org/worg/org-contrib/babel/intro.html - https://orgmode.org/manual/Environment-of-a-Code-Block.html - https://org-babel.readthedocs.io/en/latest/eval/ - -#+name: square -#+begin_src python :results value :header :var x = 0 :var y = 0 -return x * y -#+end_src - -#+call: square(x=2, y=7) - -#+RESULTS: -: 14 - -#+name: gnome -#+begin_src python :results value -list = [["blender", "gimp", "krita"],["curtail"]] -return list -#+end_src - -#+call: gnome() - -#+RESULTS: -| blender | gimp | krita | -| curtail | | | - -#+name: addthree -#+begin_src python :results value -return <> + 3 -#+end_src - -#+call: addthree() - -#+RESULTS: - -#+name: list -- blender -- krita -- gimp - -#+begin_src python :results output :var list=list -for item in list: - print(item) -#+end_src - -#+RESULTS: -: ['blender'] -: ['krita'] -: ['gimp'] diff --git a/configuration.nix b/configuration.nix index 11a6197..dec487b 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,521 +1,451 @@ -{ config, pkgs, ... }: -{ # Remember to close this bracket at the end of the document +{ config, pkgs, ... +}: { # Remember to close this bracket at the end of the document -imports = [ - ./hardware-configuration.nix - -]; + imports = [ ./hardware-configuration.nix ]; -boot.loader.systemd-boot.enable = true; -boot.loader.efi.canTouchEfiVariables = true; + networking.hostName = "workstation"; -networking.hostName = "workstation"; + # networking.wireless.enable = true; + networking.networkmanager.enable = true; -# networking.wireless.enable = true; -networking.networkmanager.enable = true; + time.timeZone = "America/Mexico_City"; -time.timeZone = "America/Mexico_City"; + i18n = { + defaultLocale = "en_CA.UTF-8"; + extraLocaleSettings = { LC_MONETARY = "es_MX.UTF-8"; }; + }; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + # useXkbConfig = true; # use xkbOptions in tty. + }; -i18n.defaultLocale = "en_CA.UTF-8"; -console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - # useXkbConfig = true; # use xkbOptions in tty. -}; + services = { + xserver = { + enable = true; + videoDrivers = [ "nvidia" ]; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + layout = "us"; + libinput.enable = true; # Wacom required? + }; + }; -services.xserver.enable = true; + environment.gnome.excludePackages = (with pkgs; [ + gnome-photos + gnome-tour + gnome-text-editor + gnome-connections + baobab + ]) ++ (with pkgs.gnome; [ + totem + gedit + gnome-music + epiphany + gnome-characters + yelp + simple-scan + gnome-font-viewer + ]); -services.xserver.layout = "us"; -# services.xserver.xkbOptions = { -# "eurosign:e"; -# "caps:escape" # map caps to escape. -# }; + hardware.pulseaudio.enable = false; + sound.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; -services.xserver.displayManager.gdm.enable = true; -services.xserver.desktopManager.gnome.enable = true; -environment.gnome.excludePackages = (with pkgs; [ - gnome-photos - gnome-tour - gnome-text-editor - gnome-connections - baobab -]) -++ (with pkgs.gnome; [ - totem - gedit - gnome-music - epiphany - gnome-characters - yelp - simple-scan - gnome-font-viewer -]); + security.sudo = { + enable = true; + wheelNeedsPassword = false; + }; -hardware.bluetooth.enable = true; + # security.sudo.enable = false; + # security.doas.enable = true; + # security.doas.extraRules = [{ + # users = [ "jawz" ]; + # keepEnv = true; + # #persist = true; + # noPass = true; + # }]; -hardware.pulseaudio.enable = false; -sound.enable = false; -security.rtkit.enable = true; -services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; -}; + users.users.jawz = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" "docker" ]; + initialPassword = "password"; + shell = pkgs.fish; + packages = with pkgs; [ ]; + }; -security.sudo = { - enable = true; - wheelNeedsPassword = false; -}; + nixpkgs.config = { allowUnfree = true; }; -# security.sudo.enable = false; -# security.doas.enable = true; -# security.doas.extraRules = [{ -# users = [ "jawz" ]; -# keepEnv = true; -# #persist = true; -# noPass = true; -# }]; + fonts.fontconfig.enable = true; -users.users.jawz = { - isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" ]; - initialPassword = "password"; - shell = pkgs.fish; - packages = with pkgs; [ ]; -}; + home-manager.useUserPackages = true; + home-manager.useGlobalPkgs = true; -nixpkgs.config = { allowUnfree = true; }; - -fonts.fontconfig.enable = true; - -# services.xserver.libinput.enable = true; - -home-manager.useUserPackages = true; -home-manager.useGlobalPkgs = true; - -home-manager.users.jawz = { config, pkgs, ... }:{ - imports = [ ./dotfiles/dconf.nix ]; + home-manager.users.jawz = { config, pkgs, ... }: { + # imports = [ ./dotfiles/dconf.nix ]; + home.stateVersion = "22.11"; home.packages = with pkgs; [ -blanket # background noise -blender # cgi animation and sculpting -celluloid # video player -cozy # audiobooks player -czkawka # duplicate finder -discord # chat -dropbox # cloud sync -# foliate # ebook reader -# gnome-podcasts # podcast player -# gnome-recipes # migrate these to mealie and delete -godot # game development -google-chrome # web browser -handbrake # video converter, may be unnecessary -# krita # art to your heart desire! -# libreoffice-fresh # office, but based -# lutris # game/emulator manager -megasync # cloud sync -mpdevil # ugly icon, but pretty mpd client nwn -# pika-backup # backups -pitivi # video editor -tilix # terminal + # Art + blender # cgi animation and sculpting + godot # game development + krita # art to your heart desire! + drawpile # arty party with friends!! + mypaint # not the best art program + mypaint-brushes # but it's got some + mypaint-brushes1 # nice damn brushes -ffmpegthumbnailer # create video thumbnails for nautilus, in absence of totem -mpdas # scrobble mpd songs to last.fm + # Gaming + lutris # game/emulator manager + grapejuice # roblox manager + minecraft # minecraft official launcher + parsec-bin # remote gaming with friends -gdu # disk-space utility, somewhat useful -gocryptfs # encrypted filesystem! shhh!!! -exa # like ls but with colors -trash-cli # oop! didn't meant to delete that -ffmpeg_5 # coolest video converter! + # Productivity + libreoffice-fresh # office, but based + calibre # ugly af eBook library manager + foliate # gtk eBook reader + gnome.simple-scan # document scanner + gnome-feeds # feed reader, maybe will replace with nextcloud + tagger # tag music files -fd # modern find, faster searches -fzf # fuzzy finder! super cool and useful -ripgrep # modern grep + # Misc + sequeler # friendly SQL client + blanket # background noise + czkawka # duplicate finder + # pika-backup # backups + tilix # terminal + gnome-obfuscate # censor private information + metadata-cleaner # remove any metadata and geolocation from files + # gnome-recipes # migrate these to mealie and delete -# SH -bashdb # autocomplete -shellcheck # linting -nodePackages.bash-language-server # LSP support + # Multimedia + celluloid # video player + cozy # audiobooks player + gnome-podcasts # podcast player + handbrake # video converter, may be unnecessary + curtail # image compressor + pitivi # video editor + # identity # compare images or videos + mousai # poor man shazam + # bottles # wine prefix manager + obs-studio # screen recorder & streamer + shortwave # listen to world radio -# NIX -nixfmt # linting + # Web + discord # chat + google-chrome # web browser with spyware included + firefox # web browser that allows to disable spyware + librewolf # no spyware web browser + tor-browser-bundle-bin # dark web, so dark! + # hugo # website engine + nicotine-plus # remember Ares? + warp # never used, but supposedly cool for sharing files -# PYTHON. -python # base language + gdu # disk-space utility, somewhat useful + gocryptfs # encrypted filesystem! shhh!!! + exa # like ls but with colors + trash-cli # oop! didn't meant to delete that + ffmpeg_5 # coolest video converter! + yt-dlp # downloads videos from most video websites + neofetch # use once for brag, never again + rmlint # probably my favourite app, amazing dupe finder that integrates well with BTRFS + tldr # man for retards + ffmpegthumbnailer # create video thumbnails for nautilus, in absence of totem + mediainfo # technical info about videos, needed by some of my scripts + tree-sitter # code parsing, required by Doom emacs + xdg-ninja # help declutter $HOME + torrenttools # create torrent files from the terminal! -# HASKELL -# cabal-install # haskell interface + # required by doom emacs, but still are rather useful. + fd # modern find, faster searches + fzf # fuzzy finder! super cool and useful + ripgrep # modern grep + languagetool # proofreader for English. check if works without the service -# JS -# jq # linting -# Node-js -# nodePackages.pnpm + # development environment + nix-direnv # nix implementation of direnv + exercism # learn to code + # SH + bats # testing system, required by Exercism + bashdb # autocomplete + shellcheck # linting + shfmt # a shell parser and formatter + nodePackages.bash-language-server # LSP support + # NIX + nixfmt # linting -gnomeExtensions.appindicator -gnomeExtensions.gsconnect -gnome.gnome-tweaks + # PYTHON. + python3 # base language + python310Packages.pipx -hunspell -hunspellDicts.it_IT -hunspellDicts.es_MX -hunspellDicts.en_CA + # C# & Rust + omnisharp-roslyn -# Fonts -(nerdfonts.override { - fonts = [ "Agave" "CascadiaCode" "SourceCodePro" "Ubuntu" ]; -}) -# (papirus-icon-theme.override { -# color = "grey"; -# }) -]; + # HASKELL + # cabal-install # haskell interface + + # JS + # jq # linting + # Node-js + # nodePackages.pnpm + + gnome.gnome-tweaks + + gnomeExtensions.appindicator + gnomeExtensions.gsconnect + + hunspell + hunspellDicts.it_IT + hunspellDicts.es_MX + hunspellDicts.en_CA + + # Themes + adwaita-qt + + # Fonts + (nerdfonts.override { + fonts = [ + "Agave" + "CascadiaCode" + "SourceCodePro" + "Ubuntu" + "FiraCode" + "Iosevka" + ]; + }) + + # (papirus-icon-theme.override { + # color = "grey"; + # }) + ]; + + programs.starship.enable = true; + programs.fish = { + enable = true; + # useBabelfish = true; This setting doens't work from inside home-manager + shellAliases = { + ls = + "exa --icons --group-directories-first --no-permissions --no-user --no-time"; + edit = "emacsclient -t"; + comic = "download -u jawz -i (cat $lc | fzf --multi --exact -i)"; + gallery = "download -u jawz -i (cat $lw | fzf --multi --exact -i)"; + open_gallery = + "open (find /mnt/disk2/scrapping/JawZ/gallery-dl -type d | fzf)"; + unique_extensions = + "find . -type f | string match -r '([^./]+)$' | sort -u"; + cp = "cp -i"; + mv = "mv -i"; + mkdir = "mkdir -p"; + rm = "trash"; + ".." = "cd .."; + "..." = "cd ../.."; + ".3" = "cd ../../.."; + ".4" = "cd ../../../.."; + ".5" = "cd ../../../../.."; + }; + shellAbbrs = { + dl = "download -u jawz -i"; + ex = "ls"; + e = "edit"; + c = "cat"; + f = "fzf --multi --exact -i"; + sc = "systemctl --user"; + jc = "journalctl --user -xeu"; + }; + interactiveShellInit = '' + + set fish_greeting "pika pika chu!!!! also remember fisher!" + # Lists + set -l list_root ${config.home.homeDirectory}/.config/jawz/lists/jawz + set lw $list_root/watch.txt + set li $list_root/instant.txt + set lc $list_root/comic.txt + + set GPG_TTY (tty) + + # Set EMACS/VI mode + function fish_user_key_bindings + # fish_default_key_bindings + fish_vi_key_bindings + end + + ''; + + functions = { + nixos-magic = '' + + set -l nix_file "$HOME/Development/NixOS/configuration.nix" + echo $nix_file + nixfmt $nix_file + sudo nixos-rebuild switch -I nixos-config=$nix_file + + ''; + }; + }; + + programs.bat = { + enable = true; + config = { + # map-syntax = [ "*.jenkinsfile:Groovy" "*.props:Java Properties" ]; + pager = "less -FR"; + theme = "base16"; + }; + }; + + programs.git = { + enable = true; + userName = "Danilo Reyes"; + userEmail = "CaptainJawZ@outlook.com"; + }; + + programs.gpg = { + enable = true; + homedir = "${config.xdg.dataHome}/gnupg"; + }; + + programs.htop = { + enable = true; + package = pkgs.htop-vim; + }; + xdg.configFile."htop/htoprc".source = ./dotfiles/htop/htoprc; + + xdg = { enable = true; }; + xdg.userDirs = { + enable = true; + # createDirectories = true; + desktop = "${config.home.homeDirectory}"; + documents = "${config.home.homeDirectory}/Documents"; + download = "${config.home.homeDirectory}/Downloads"; + music = "${config.home.homeDirectory}/Music"; + pictures = "${config.home.homeDirectory}/Pictures"; + # publicShare = "${config.home.homeDirectory}/.local/hd/Public"; + templates = "${config.home.homeDirectory}/.local/share/Templates"; + videos = "${config.home.homeDirectory}/Videos"; + }; + + xdg.configFile = { + "wgetrc".source = ./dotfiles/wget/wgetrc; + "configstore/update-notifier-npm-check.json".source = + ./dotfiles/npm/update-notifier-npm-check.json; + "npm/npmrc".source = ./dotfiles/npm/npmrc; + "gallery-dl/config.json".source = ./dotfiles/gallery-dl/config.json; + }; + + # services.mpd-discord-rpc.enable = true; + # services.mpdris2 = { + # enable = true; + # multimediaKeys = true; + # mpd.host = "localhost"; + # }; -programs.starship.enable = true; -programs.fish = { - enable = true; - # useBabelfish = true; This setting doens't work from inside home-manager - shellAliases = { - ls = "exa --icons --group-directories-first --no-permissions --no-user --no-time"; - edit = "emacsclient -t"; - comic = "download -u jawz -i (cat $lc | fzf --multi --exact -i)"; - gallery = "download -u jawz -i (cat $lw | fzf --multi --exact -i)"; - open_gallery = "open (find ${config.xdg.userDirs.download}/To\ Organize/gdl-organizing/ -type d | fzf)"; - unique_extensions = "find . -type f | string match -r '([^.\/]+)\$' | sort -u"; - cp = "cp -i"; - mv = "mv -i"; - mkdir = "mkdir -p"; - rm = "trash"; - ".." = "cd .."; - "..." = "cd ../.."; - ".3" = "cd ../../.."; - ".4" = "cd ../../../.."; - ".5" = "cd ../../../../.."; }; - shellAbbrs = { - dl = "download -u jawz -i"; - e = "edit"; - c = "cat"; - f = "fzf --multi --exact -i"; - sc = "systemctl --user"; - jc = "journalctl --user -xeu"; + + environment.systemPackages = with pkgs; [ wget docker-compose ]; + + environment.sessionVariables = rec { + # PATH + XDG_CACHE_HOME = "\${HOME}/.cache"; + XDG_CONFIG_HOME = "\${HOME}/.config"; + XDG_BIN_HOME = "\${HOME}/.local/bin"; + XDG_DATA_HOME = "\${HOME}/.local/share"; + XDG_STATE_HOME = "\${HOME}/.local/state"; + + SCRIPTS = "\${HOME}/Development/Scripts"; + + # DEV PATH + CABAL_CONFIG = "\${XDG_CONFIG_HOME}/cabal/config"; + CABAL_DIR = "\${XDG_CACHE_HOME}/cabal"; + CARGO_HOME = "\${XDG_DATA_HOME}/cargo"; + GEM_HOME = "\${XDG_DATA_HOME}/ruby/gems"; + GEM_PATH = "\${XDG_DATA_HOME}/ruby/gems"; + GEM_SPEC_CACHE = "\${XDG_DATA_HOME}/ruby/specs"; + GOPATH = "\${XDG_DATA_HOME}/go"; + NPM_CONFIG_USERCONFIG = "\${XDG_CONFIG_HOME}/npm/npmrc"; + PNPM_HOME = "\${XDG_DATA_HOME}/pnpm"; + # OPTIONS + LESSHISTFILE = "-"; + GHCUP_USE_XDG_DIRS = "true"; + RIPGREP_CONFIG_PATH = "\${XDG_CONFIG_HOME}/ripgrep/ripgreprc"; + ELECTRUMDIR = "\${XDG_DATA_HOME}/electrum"; + VISUAL = "emacsclient -ca emacs"; + WGETRC = "\${XDG_CONFIG_HOME}/wgetrc"; + "_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=\${XDG_CONFIG_HOME}/java"; + # NVIDIA + CUDA_CACHE_PATH = "\${XDG_CACHE_HOME}/nv"; + # GBM_BACKEND = "nvidia-drm"; + # "__GLX_VENDOR_LIBRARY_NAME" = "nvidia"; + # FISH + fisher_path = "\${XDG_CONFIG_HOME}/fish/fisher"; + # Themes + # GTK_THEME = "Adwaita:light"; + # QT_QPA_PLATFORMTHEME = "adwaita-dark"; + # QT_STYLE_OVERRIDE = "adwaita"; + # CALIBRE_USE_SYSTEM_THEME = "1"; + + PATH = [ + "\${XDG_BIN_HOME}" + "\${XDG_CONFIG_HOME}/emacs/bin" + # "\${XDG_DATA_HOME}/npm/bin" + # "\${PNPM_HOME}" + # "\${SCRIPTS}" + ]; }; - interactiveShellInit = '' -set fish_greeting "pika pika chu!!!! also remember fisher!" -# Lists -set -l list_root ${config.home.homeDirectory}/Dropboxxx/jawz -set lw $list_root/watch.txt -set li $list_root/instant.txt -set lc $list_root/comic.txt - -set GPG_TTY (tty) - -# Set EMACS/VI mode -function fish_user_key_bindings - # fish_default_key_bindings - fish_vi_key_bindings -end - -''; - -functions = { - nix_magic = '' - -nixfmt ~/MEGAsync/nixos/configuration.nix -sudo rsync -r ~/MEGAsync/nixos/ /etc/nixos/ -sudo nixos-rebuild switch - - ''; + virtualisation.docker = { + enable = true; + storageDriver = "btrfs"; + enableNvidia = true; }; -}; -programs.bat = { - enable = true; - config = { - # map-syntax = [ "*.jenkinsfile:Groovy" "*.props:Java Properties" ]; - pager = "less -FR"; - theme = "base16"; }; -}; - -programs.beets = { - enable = true; - settings = { - directory = "${config.xdg.userDirs.music}"; - library = "${config.xdg.dataHome}/beets/musiclibrary.db"; - plugins = "embedart fetchart lyrics discogs spotify deezer edit lastgenre mbsync replaygain scrub mpdupdate duplicates info fish ftintitle fuzzy"; - ignore_hidden = true; - threaded = true; - duplicate = { - album = false; - delete = false; + programs = { + mtr.enable = true; + gnupg.agent = { + enable = true; + enableSSHSupport = true; }; - ftintitle = { - auto = true; - drop = true; - format = "feat. {0}"; - }; - fetchart = { - maxwidth = 1000; - quality = 70; - enforce_ratio = true; - lastfm_key = "aeae592346534482202bd94bc14a80c4"; - fanarttv_key = "f12b0931d2f971a5b5215c3f451bafb7"; - sources = "*"; - cover_format = "JPEG"; - }; - embedart = { - auto = true; - maxwidth = 1000; - quality = 70; - remove_art_file = false; - ifempty = true; - }; - lyrics = { - auto = true; - sources = "*"; - }; - replaygain = { - auto = true; - overwrite = true; - peak = "true"; - backend = "ffmpeg"; - }; - lastgenre = { - auto = true; - canonical = true; - force = true; - source = "album"; - count = 1; - title_case = true; - }; - mpd = { - host = "localhost"; - port = 6600; - }; - ui = { - color = true; - }; - "import" = { - move = true; - write = true; - genres = true; - log = "${config.xdg.dataHome}/beets/beetslog.txt"; - }; - replace = { - "[\\\\/]" = ""; # \ / - "^\\." = ""; # dotfiles - "[\\x00-\\x1f]" = ""; # NULL to US - "\\x00" = ""; # NULL - "[<>:\"\\?\\*\\|]" = ""; # <>:"?*| - "\\.$" = ""; # dot at the end - "\\s+$" = ""; # ends with whitespace - "^\\s+" = ""; # starts with whitespace - "^-" = ""; # starts with - - }; - paths = { - default = "$albumartist/$album/$track $title"; - singleton = "Singletons/$artist - $title"; - comp = "$album/$track $title"; - "albumtype:soundtrack" = "Soundtracks/$album/$track $title"; - }; - convert = { - auto = true; - embed = true; - delete_originals = true; - extension = "opus"; - # command = "ffmpeg -i $source -y -vn -acodec libopus -ab 256k $dest"; + geary = { enable = true; }; + steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; }; }; -}; -programs.git = { - enable = true; - userName = "Danilo Reyes"; - userEmail = "CaptainJawZ@outlook.com"; -}; + services = { + printing.enable = true; + emacs = { + enable = true; + defaultEditor = true; + package = pkgs.emacs; + }; + fstrim.enable = true; + btrfs.autoScrub = { + enable = true; + fileSystems = [ "/" "/mnt/disk1" "/mnt/disk2" ]; + }; + openssh = { + enable = true; + ports = [ 25152 ]; + }; + udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + }; -programs.gpg = { - enable = true; - homedir = "${config.xdg.dataHome}/gnupg"; -}; + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + networking.firewall.enable = false; -programs.htop = { - enable = true; - package = pkgs.htop-vim; -}; -xdg.configFile."htop/htoprc".source = ./dotfiles/htop/htoprc; + system.copySystemConfiguration = true; -xdg = { - enable = true; -}; -xdg.userDirs = { - enable = true; - # createDirectories = true; - desktop = "${config.home.homeDirectory}"; - documents = "${config.home.homeDirectory}/Documents"; - download = "${config.home.homeDirectory}/Downloads"; - music = "${config.home.homeDirectory}/Music"; - pictures = "${config.home.homeDirectory}/Pictures"; - publicShare = "${config.home.homeDirectory}/.local/hd/Public"; - templates = "${config.home.homeDirectory}/.local/share/Templates"; - videos = "${config.home.homeDirectory}/Videos"; -}; - -xdg.configFile = { - "wgetrc".source = ./dotfiles/wget/wgetrc; - "configstore/update-notifier-npm-check.json".source = ./dotfiles/npm/update-notifier-npm-check.json; - "npm/npmrc".source = ./dotfiles/npm/npmrc; - "gallery-dl/config.json".source = ./dotfiles/gallery-dl/config.json; - # "gopass/config.yml".source = ./dotfiles/gopass/config.yml; - "mpdasrc".source = ./dotfiles/mpdas/mpdasrc; -}; - -services.mpd = { - enable = true; - musicDirectory = "${config.xdg.userDirs.music}"; - network.listenAddress = "any"; - # network.startWhenNeeded = true; - extraConfig = '' - - restore_paused "yes" - auto_update "yes" - follow_outside_symlinks "yes" - follow_inside_symlinks "yes" - # zeroconf_enabled "yes" - # zeroconf_name "Music Player @ %h" - input { - plugin "curl" - # proxy "proxy.isp.com:8080" - # proxy_user "user" - # proxy_password "password" - } - - audio_output { - type "pipewire" - name "PipeWire Sound Server" - } - audio_output { - type "fifo" - name "my_fifo" - path "/tmp/mpd.fifo" - format "44100:16:2" - } - replaygain "auto" - replaygain_limit "yes" - volume_normalization "yes" - - ''; -}; - -services.mpd-discord-rpc.enable = true; -services.mpdris2 = { - enable = true; - multimediaKeys = true; - mpd.host = "localhost"; -}; - -}; - -environment.systemPackages = with pkgs; [ - wget - git -]; - -environment.sessionVariables = rec { - # PATH - XDG_CACHE_HOME = "\${HOME}/.cache"; - XDG_CONFIG_HOME = "\${HOME}/.config"; - XDG_BIN_HOME = "\${HOME}/.local/bin"; - XDG_DATA_HOME = "\${HOME}/.local/share"; - SCRIPTS = "/home/jawz/Development/Scripts"; - # DEV PATH - CABAL_CONFIG = "\${XDG_CONFIG_HOME}/cabal/config"; - CABAL_DIR = "\${XDG_CACHE_HOME}/cabal"; - CARGO_HOME = "\${XDG_DATA_HOME}/cargo"; - GEM_HOME = "\${XDG_DATA_HOME}/ruby/gems"; - GEM_PATH = "\${XDG_DATA_HOME}/ruby/gems"; - GEM_SPEC_CACHE = "\${XDG_DATA_HOME}/ruby/specs"; - GOPATH = "\${XDG_DATA_HOME}/go"; - NPM_CONFIG_USERCONFIG = "\${XDG_CONFIG_HOME}/npm/npmrc"; - PNPM_HOME = "\${XDG_DATA_HOME}/pnpm"; - # OPTIONS - LESSHISTFILE = "-"; - GHCUP_USE_XDG_DIRS = "true"; - RIPGREP_CONFIG_PATH = "\${XDG_CONFIG_HOME}/ripgrep/ripgreprc"; - ELECTRUMDIR = "\${XDG_DATA_HOME}/electrum"; - VISUAL = "emacsclient -ca emacs"; - WGETRC = "\${XDG_CONFIG_HOME}/wgetrc"; - "_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=/home/jawz/.config/java"; - # NVIDIA - CUDA_CACHE_PATH = "\${XDG_CACHE_HOME}/nv"; - # GBM_BACKEND = "nvidia-drm"; - # "__GLX_VENDOR_LIBRARY_NAME" = "nvidia"; - # FISH - fisher_path = "\${XDG_CONFIG_HOME}/fish/fisher"; - # Themes - # GTK_THEME = "Adwaita:light"; - # QT_QPA_PLATFORMTHEME = "adwaita-dark"; - # QT_STYLE_OVERRIDE = "adwaita"; - # CALIBRE_USE_SYSTEM_THEME = "1"; - PATH = [ - "\${XDG_BIN_HOME}" - "\${XDG_CONFIG_HOME}/emacs/bin" - # "\${XDG_DATA_HOME}/npm/bin" - # "\${XDG_DATA_HOME}/pnpm" - "\${SCRIPTS}" - ]; -}; - -programs.mtr.enable = true; - -programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; -}; - -# services.caddy = { -# enable = true; -# email = "CaptainJawZ@outlook.com"; -# configFile = ./dotfiles/Caddyfile; -# # config = '' -# # torrent.danilo-reyes.com { -# # reverse_proxy localhost:9091 -# # } -# # ''; -# }; - -services.emacs = { - enable = true; - defaultEditor = true; - package = pkgs.emacs28NativeComp; -}; - -services.fstrim.enable = true; -services.btrfs.autoScrub = { - enable = true; - fileSystems = [ - "/" - # "/torrents" - # "/home/jawz/.local/hd" # Maybe change mount point? - ]; -}; - -services.openssh = { - enable = true; - ports = [ 25152 ]; -}; - -services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; - -# networking.firewall.allowedTCPPorts = [ ... ]; -# networking.firewall.allowedUDPPorts = [ ... ]; -# Or disable the firewall altogether. -networking.firewall.enable = false; - -system.copySystemConfiguration = true; - -system.stateVersion = "22.05"; + system.stateVersion = "22.11"; } diff --git a/configuration.org b/configuration.org index ab14101..c87d088 100755 --- a/configuration.org +++ b/configuration.org @@ -3,24 +3,22 @@ #+PROPERTY: header-args :tangle configuration.nix #+auto_tangle: t -* TODO -- [ ] Clean up configuration file -- [ ] Check music [0/5] - - [ ] Last.fm - - [ ] Libre.fm (optional) - - [ ] Beet plugins work - - [ ] Beet web server works - - [ ] Move music around -- [ ] System configurations [0/6] +* TODO [2/10] +- [X] Clean up configuration file +- [X] Merge current config +- [ ] System configurations [0/7] + - [ ] fail2ban - [ ] Bluetooth multiple devices + pass-through - [ ] Automatic updates - [ ] SSH settings - [ ] Automatic garbage collection - [ ] Firewall ports - [ ] Topgrade (perhaps unnecessary) -- [ ] SystemD services [0/3] - - [ ] FStrim - - [ ] BTRFS scrub +- [-] SystemD services [2/5] + - [ ] docker-compose + - [ ] snapraid + - [X] FStrim + - [X] BTRFS scrub - [ ] Personal scripts [0/3] - [ ] download - [ ] Instagram @@ -44,18 +42,13 @@ - [ ] .local/share [0/2] - [ ] beets - [ ] mpd -- [ ] Migrate apps [0/4] - - [ ] paru +- [-] Migrate apps [1/4] + - [X] paru - [ ] pipx - [ ] pip IMPORTANT for beet - [ ] appimages - [ ] Figure out how to get rid of xterm -- [ ] Compile missing apps [0/4] - - [ ] Identity - https://gitlab.gnome.org/YaLTeR/identity - Only challenge may be gstreamer, but probably not an issue. May be the easier one to package. - - [ ] Bats - https://github.com/bats-core/bats-core +- [ ] Compile missing apps [0/3] - [ ] wine-discord-ipc-bridge https://github.com/fufexan/nix-gaming - [ ] make binaries of my own scripts @@ -89,13 +82,6 @@ imports = [ ]; #+end_src -* BOOT -I am comfortable with the defaults which NixOS recommends for UEFI systems. - -#+begin_src nix -boot.loader.systemd-boot.enable = true; -boot.loader.efi.canTouchEfiVariables = true; -#+end_src * SYSTEM CONFIGURATION ** NETWORKING @@ -127,7 +113,12 @@ way it is an unnecessary setting as my keyboards are the default en_US, only locale set to Canadian out because I prefer how it displays the date. #+begin_src nix -i18n.defaultLocale = "en_CA.UTF-8"; +i18n = { + defaultLocale = "en_CA.UTF-8"; + extraLocaleSettings = { + LC_MONETARY = "es_MX.UTF-8"; + }; +}; console = { font = "Lat2-Terminus16"; keyMap = "us"; @@ -135,33 +126,27 @@ console = { }; #+end_src -* DISPLAY MANAGER +* GNOME At the time of writing this file, I require of X11, as the NVIDIA support for Wayland isn't perfect yet. At the time being, the ability to switch through GDM from Wayland to XORG, it's pretty handy, but in the future these settings will require an update. -#+begin_src nix -services.xserver.enable = true; -#+end_src - -As previously mentioned, the settings for useXkbConfig prompt issues. - -#+begin_src nix -services.xserver.layout = "us"; -# services.xserver.xkbOptions = { -# "eurosign:e"; -# "caps:escape" # map caps to escape. -# }; -#+end_src - -* GNOME Sets up GNOME as the default desktop environment, while excluding some undesirable packages from installing. #+begin_src nix -services.xserver.displayManager.gdm.enable = true; -services.xserver.desktopManager.gnome.enable = true; +services = { + xserver = { + enable = true; + videoDrivers = [ "nvidia" ]; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + layout = "us"; + libinput.enable = true; # Wacom required? + }; +}; + environment.gnome.excludePackages = (with pkgs; [ gnome-photos gnome-tour @@ -181,14 +166,7 @@ environment.gnome.excludePackages = (with pkgs; [ ]); #+end_src -* HARDWARE -** BLUETOOTH - -#+begin_src nix -hardware.bluetooth.enable = true; -#+end_src - -** SOUND +* SOUND In order to avoid issues with PipeWire, the wiki recommends to disable /sound.enable/ This is a basic PipeWire configuration, in the future stuff like Bluetooth or latency will require expanding these settings. @@ -209,7 +187,7 @@ services.pipewire = { Recently, I've gotten frustrated with OpenDoas, as such I've decided to temporarily enable Sudo, but in the future, I plan to revert that decision. ** SUDO - +Disabled password for commodity, but this is obviously not recommended. #+begin_src nix security.sudo = { enable = true; @@ -241,7 +219,7 @@ Being part of the "wheel" group, means that the user has root privileges. #+begin_src nix users.users.jawz = { isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" ]; + extraGroups = [ "wheel" "networkmanager" "docker" ]; initialPassword = "password"; shell = pkgs.fish; packages = with pkgs; [ ]; @@ -267,14 +245,6 @@ setting. fonts.fontconfig.enable = true; #+end_src -** WACOM -This setting could be a requirement for my tablet to properly work. Even -though, my tablet is Huion, the Linux Wacom drivers cover most of the settings. - -#+begin_src nix -# services.xserver.libinput.enable = true; -#+end_src - * HOME-MANAGER ** HOME-MANAGER SETTINGS These make it so packages install to '/etc' rather than the user home directory, @@ -292,41 +262,69 @@ necessary. #+begin_src nix home-manager.users.jawz = { config, pkgs, ... }:{ - imports = [ ./dotfiles/dconf.nix ]; + # imports = [ ./dotfiles/dconf.nix ]; + home.stateVersion = "22.11"; home.packages = with pkgs; [ #+end_src *** GUI PACKAGES #+begin_src nix -blanket # background noise +# Art blender # cgi animation and sculpting +godot # game development +krita # art to your heart desire! +drawpile # arty party with friends!! +mypaint # not the best art program +mypaint-brushes # but it's got some +mypaint-brushes1 # nice damn brushes + +# Gaming +lutris # game/emulator manager +grapejuice # roblox manager +minecraft # minecraft official launcher +parsec-bin # remote gaming with friends + +# Productivity +libreoffice-fresh # office, but based +calibre # ugly af eBook library manager +foliate # gtk eBook reader +gnome.simple-scan # document scanner +gnome-feeds # feed reader, maybe will replace with nextcloud +tagger # tag music files + +# Misc +sequeler # friendly SQL client +blanket # background noise +czkawka # duplicate finder +# pika-backup # backups +tilix # terminal +gnome-obfuscate # censor private information +metadata-cleaner # remove any metadata and geolocation from files +# gnome-recipes # migrate these to mealie and delete + +# Multimedia celluloid # video player cozy # audiobooks player -czkawka # duplicate finder -discord # chat -dropbox # cloud sync -# foliate # ebook reader -# gnome-podcasts # podcast player -# gnome-recipes # migrate these to mealie and delete -godot # game development -google-chrome # web browser +gnome-podcasts # podcast player handbrake # video converter, may be unnecessary -# krita # art to your heart desire! -# libreoffice-fresh # office, but based -# lutris # game/emulator manager -megasync # cloud sync -mpdevil # ugly icon, but pretty mpd client nwn -# pika-backup # backups +curtail # image compressor pitivi # video editor -tilix # terminal -#+end_src +# identity # compare images or videos +mousai # poor man shazam +# bottles # wine prefix manager +obs-studio # screen recorder & streamer +shortwave # listen to world radio -*** MISC PACKAGES - -#+begin_src nix -ffmpegthumbnailer # create video thumbnails for nautilus, in absence of totem -mpdas # scrobble mpd songs to last.fm +# Web +discord # chat +google-chrome # web browser with spyware included +firefox # web browser that allows to disable spyware +librewolf # no spyware web browser +tor-browser-bundle-bin # dark web, so dark! +# hugo # website engine +nicotine-plus # remember Ares? +warp # never used, but supposedly cool for sharing files #+end_src *** COMMAND-LINE PACKAGES @@ -337,26 +335,46 @@ gocryptfs # encrypted filesystem! shhh!!! exa # like ls but with colors trash-cli # oop! didn't meant to delete that ffmpeg_5 # coolest video converter! +yt-dlp # downloads videos from most video websites +neofetch # use once for brag, never again +rmlint # probably my favourite app, amazing dupe finder that integrates well with BTRFS +tldr # man for retards +ffmpegthumbnailer # create video thumbnails for nautilus, in absence of totem +mediainfo # technical info about videos, needed by some of my scripts +tree-sitter # code parsing, required by Doom emacs +xdg-ninja # help declutter $HOME +torrenttools # create torrent files from the terminal! #+end_src *** DEVELOPMENT PACKAGES -**** DOOM EMACS #+begin_src nix +# required by doom emacs, but still are rather useful. fd # modern find, faster searches fzf # fuzzy finder! super cool and useful ripgrep # modern grep +languagetool # proofreader for English. check if works without the service + +# development environment +nix-direnv # nix implementation of direnv +exercism # learn to code # SH +bats # testing system, required by Exercism bashdb # autocomplete shellcheck # linting +shfmt # a shell parser and formatter nodePackages.bash-language-server # LSP support # NIX nixfmt # linting # PYTHON. -python # base language +python3 # base language +python310Packages.pipx + +# C# & Rust +omnisharp-roslyn # HASKELL # cabal-install # haskell interface @@ -367,17 +385,13 @@ python # base language # nodePackages.pnpm #+end_src -**** EXERCISM - -#+begin_src nix -#+end_src - *** GNOME EXTENSIONS #+begin_src nix +gnome.gnome-tweaks + gnomeExtensions.appindicator gnomeExtensions.gsconnect -gnome.gnome-tweaks #+end_src *** HUNSPELL @@ -394,10 +408,14 @@ hunspellDicts.en_CA Also, this finishes the packages array, put new modules above. #+begin_src nix +# Themes +adwaita-qt + # Fonts (nerdfonts.override { - fonts = [ "Agave" "CascadiaCode" "SourceCodePro" "Ubuntu" ]; + fonts = [ "Agave" "CascadiaCode" "SourceCodePro" "Ubuntu" "FiraCode" "Iosevka" ]; }) + # (papirus-icon-theme.override { # color = "grey"; # }) @@ -417,7 +435,7 @@ programs.fish = { edit = "emacsclient -t"; comic = "download -u jawz -i (cat $lc | fzf --multi --exact -i)"; gallery = "download -u jawz -i (cat $lw | fzf --multi --exact -i)"; - open_gallery = "open (find ${config.xdg.userDirs.download}/To\ Organize/gdl-organizing/ -type d | fzf)"; + open_gallery = "open (find /mnt/disk2/scrapping/JawZ/gallery-dl -type d | fzf)"; unique_extensions = "find . -type f | string match -r '([^.\/]+)\$' | sort -u"; cp = "cp -i"; mv = "mv -i"; @@ -431,6 +449,7 @@ programs.fish = { }; shellAbbrs = { dl = "download -u jawz -i"; + ex = "ls"; e = "edit"; c = "cat"; f = "fzf --multi --exact -i"; @@ -440,12 +459,11 @@ programs.fish = { interactiveShellInit = '' #+end_src - #+begin_src fish set fish_greeting "pika pika chu!!!! also remember fisher!" # Lists -set -l list_root ${config.home.homeDirectory}/Dropboxxx/jawz +set -l list_root ${config.home.homeDirectory}/.config/jawz/lists/jawz set lw $list_root/watch.txt set li $list_root/instant.txt set lc $list_root/comic.txt @@ -468,17 +486,16 @@ end #+begin_src nix functions = { - nix_magic = '' + nixos-magic = '' #+end_src - #+begin_src fish -nixfmt ~/MEGAsync/nixos/configuration.nix -sudo rsync -r ~/MEGAsync/nixos/ /etc/nixos/ -sudo nixos-rebuild switch +set -l nix_file "$HOME/Development/NixOS/configuration.nix" +echo $nix_file +nixfmt $nix_file +sudo nixos-rebuild switch -I nixos-config=$nix_file #+end_src - #+begin_src nix ''; }; @@ -497,101 +514,6 @@ programs.bat = { }; #+end_src -*** BEETS - -#+begin_src nix -programs.beets = { - enable = true; - settings = { - directory = "${config.xdg.userDirs.music}"; - library = "${config.xdg.dataHome}/beets/musiclibrary.db"; - plugins = "embedart fetchart lyrics discogs spotify deezer edit lastgenre mbsync replaygain scrub mpdupdate duplicates info fish ftintitle fuzzy"; - ignore_hidden = true; - threaded = true; - duplicate = { - album = false; - delete = false; - }; - ftintitle = { - auto = true; - drop = true; - format = "feat. {0}"; - }; - fetchart = { - maxwidth = 1000; - quality = 70; - enforce_ratio = true; - lastfm_key = "aeae592346534482202bd94bc14a80c4"; - fanarttv_key = "f12b0931d2f971a5b5215c3f451bafb7"; - sources = "*"; - cover_format = "JPEG"; - }; - embedart = { - auto = true; - maxwidth = 1000; - quality = 70; - remove_art_file = false; - ifempty = true; - }; - lyrics = { - auto = true; - sources = "*"; - }; - replaygain = { - auto = true; - overwrite = true; - peak = "true"; - backend = "ffmpeg"; - }; - lastgenre = { - auto = true; - canonical = true; - force = true; - source = "album"; - count = 1; - title_case = true; - }; - mpd = { - host = "localhost"; - port = 6600; - }; - ui = { - color = true; - }; - "import" = { - move = true; - write = true; - genres = true; - log = "${config.xdg.dataHome}/beets/beetslog.txt"; - }; - replace = { - "[\\\\/]" = ""; # \ / - "^\\." = ""; # dotfiles - "[\\x00-\\x1f]" = ""; # NULL to US - "\\x00" = ""; # NULL - "[<>:\"\\?\\*\\|]" = ""; # <>:"?*| - "\\.$" = ""; # dot at the end - "\\s+$" = ""; # ends with whitespace - "^\\s+" = ""; # starts with whitespace - "^-" = ""; # starts with - - }; - paths = { - default = "$albumartist/$album/$track $title"; - singleton = "Singletons/$artist - $title"; - comp = "$album/$track $title"; - "albumtype:soundtrack" = "Soundtracks/$album/$track $title"; - }; - convert = { - auto = true; - embed = true; - delete_originals = true; - extension = "opus"; - # command = "ffmpeg -i $source -y -vn -acodec libopus -ab 256k $dest"; - }; - }; -}; -#+end_src - *** GIT #+begin_src nix @@ -635,7 +557,7 @@ xdg.userDirs = { download = "${config.home.homeDirectory}/Downloads"; music = "${config.home.homeDirectory}/Music"; pictures = "${config.home.homeDirectory}/Pictures"; - publicShare = "${config.home.homeDirectory}/.local/hd/Public"; + # publicShare = "${config.home.homeDirectory}/.local/hd/Public"; templates = "${config.home.homeDirectory}/.local/share/Templates"; videos = "${config.home.homeDirectory}/Videos"; }; @@ -649,68 +571,19 @@ xdg.configFile = { "configstore/update-notifier-npm-check.json".source = ./dotfiles/npm/update-notifier-npm-check.json; "npm/npmrc".source = ./dotfiles/npm/npmrc; "gallery-dl/config.json".source = ./dotfiles/gallery-dl/config.json; - # "gopass/config.yml".source = ./dotfiles/gopass/config.yml; - "mpdasrc".source = ./dotfiles/mpdas/mpdasrc; }; #+end_src ** USER-SERVICES -*** MPD - -#+begin_src nix -services.mpd = { - enable = true; - musicDirectory = "${config.xdg.userDirs.music}"; - network.listenAddress = "any"; - # network.startWhenNeeded = true; - extraConfig = '' -#+end_src - - -#+begin_src conf - restore_paused "yes" - auto_update "yes" - follow_outside_symlinks "yes" - follow_inside_symlinks "yes" - # zeroconf_enabled "yes" - # zeroconf_name "Music Player @ %h" - input { - plugin "curl" - # proxy "proxy.isp.com:8080" - # proxy_user "user" - # proxy_password "password" - } - - audio_output { - type "pipewire" - name "PipeWire Sound Server" - } - audio_output { - type "fifo" - name "my_fifo" - path "/tmp/mpd.fifo" - format "44100:16:2" - } - replaygain "auto" - replaygain_limit "yes" - volume_normalization "yes" -#+end_src - - -#+begin_src nix - ''; -}; -#+end_src - *** MPD EXTENSIONS #+begin_src nix -services.mpd-discord-rpc.enable = true; -services.mpdris2 = { - enable = true; - multimediaKeys = true; - mpd.host = "localhost"; -}; +# services.mpd-discord-rpc.enable = true; +# services.mpdris2 = { +# enable = true; +# multimediaKeys = true; +# mpd.host = "localhost"; +# }; #+end_src ** CLOSING HOME-MANAGER @@ -726,7 +599,7 @@ may be challenging. #+begin_src nix environment.systemPackages = with pkgs; [ wget - git + docker-compose ]; #+end_src @@ -739,7 +612,10 @@ environment.sessionVariables = rec { XDG_CONFIG_HOME = "\${HOME}/.config"; XDG_BIN_HOME = "\${HOME}/.local/bin"; XDG_DATA_HOME = "\${HOME}/.local/share"; - SCRIPTS = "/home/jawz/Development/Scripts"; + XDG_STATE_HOME = "\${HOME}/.local/state"; + + SCRIPTS = "\${HOME}/Development/Scripts"; + # DEV PATH CABAL_CONFIG = "\${XDG_CONFIG_HOME}/cabal/config"; CABAL_DIR = "\${XDG_CACHE_HOME}/cabal"; @@ -757,7 +633,7 @@ environment.sessionVariables = rec { ELECTRUMDIR = "\${XDG_DATA_HOME}/electrum"; VISUAL = "emacsclient -ca emacs"; WGETRC = "\${XDG_CONFIG_HOME}/wgetrc"; - "_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=/home/jawz/.config/java"; + "_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=\${XDG_CONFIG_HOME}/java"; # NVIDIA CUDA_CACHE_PATH = "\${XDG_CACHE_HOME}/nv"; # GBM_BACKEND = "nvidia-drm"; @@ -769,89 +645,73 @@ environment.sessionVariables = rec { # QT_QPA_PLATFORMTHEME = "adwaita-dark"; # QT_STYLE_OVERRIDE = "adwaita"; # CALIBRE_USE_SYSTEM_THEME = "1"; + PATH = [ "\${XDG_BIN_HOME}" "\${XDG_CONFIG_HOME}/emacs/bin" # "\${XDG_DATA_HOME}/npm/bin" - # "\${XDG_DATA_HOME}/pnpm" - "\${SCRIPTS}" + # "\${PNPM_HOME}" + # "\${SCRIPTS}" ]; }; #+end_src -* WRAPPERS +* DOCKER +Virtualization settings for Docker. NixOS offers an option to declaratively run +docker-compose images using [[https://nixos.wiki/wiki/Docker][Arion]]. Could be an interesting thing to try out. + +#+begin_src nix +virtualisation.docker = { + enable = true; + storageDriver = "btrfs"; + enableNvidia = true; +}; +#+end_src + +* PROGRAMS & SERVICES Some programs need SUID wrappers. -** NETWORK DIAGNOSTICS TOOL -I don't know what it does, but it's recommended. #+begin_src nix -programs.mtr.enable = true; -#+end_src - -** GNUPG - -#+begin_src nix -programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; +programs = { + mtr.enable = true; + gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + geary = { + enable = true; + }; + steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + }; }; -#+end_src -* SYSTEM-SERVICES -** CADDY - -#+begin_src nix -# services.caddy = { -# enable = true; -# email = "CaptainJawZ@outlook.com"; -# configFile = ./dotfiles/Caddyfile; -# # config = '' -# # torrent.danilo-reyes.com { -# # reverse_proxy localhost:9091 -# # } -# # ''; -# }; -#+end_src - -** EMACS - -#+begin_src nix -services.emacs = { - enable = true; - defaultEditor = true; - package = pkgs.emacs28NativeComp; +services = { + printing.enable = true; + emacs = { + enable = true; + defaultEditor = true; + package = pkgs.emacs; + }; + fstrim.enable = true; + btrfs.autoScrub = { + enable = true; + fileSystems = [ + "/" + "/mnt/disk1" + "/mnt/disk2" + ]; + }; + openssh = { + enable = true; + ports = [ 25152 ]; + }; + udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; }; #+end_src -** HARD-DRIVE MAINTENANCE - -#+begin_src nix -services.fstrim.enable = true; -services.btrfs.autoScrub = { - enable = true; - fileSystems = [ - "/" - # "/torrents" - # "/home/jawz/.local/hd" # Maybe change mount point? - ]; -}; -#+end_src - -** OPENSSH - -#+begin_src nix -services.openssh = { - enable = true; - ports = [ 25152 ]; -}; -#+end_src - -** UDEV - -#+begin_src nix -services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; -#+end_src - * FIREWALL Open ports in the firewall. =TIP= list what app a port belongs to in a table. @@ -881,7 +741,7 @@ of the first install of this system. Before changing this value read the documentation for this option. #+begin_src nix -system.stateVersion = "22.05"; +system.stateVersion = "22.11"; #+end_src ** CLOSING :D diff --git a/dotfiles/Caddyfile b/dotfiles/Caddyfile deleted file mode 100755 index 3c9b043..0000000 --- a/dotfiles/Caddyfile +++ /dev/null @@ -1,147 +0,0 @@ -sonarr.danilo-reyes.com { - reverse_proxy localhost:8989 -} -code.danilo-reyes.com { - reverse_proxy localhost:5538 -} -radarr.danilo-reyes.com { - reverse_proxy localhost:7878 -} -bazarr.danilo-reyes.com { - reverse_proxy localhost:6767 -} -prowlarr.danilo-reyes.com { - reverse_proxy localhost:9696 -} -flix.danilo-reyes.com { - reverse_proxy localhost:8096 -} -library.danilo-reyes.com { - reverse_proxy localhost:5000 -} -shiori.danilo-reyes.com { - reverse_proxy localhost:7680 -} -start.danilo-reyes.com { - reverse_proxy localhost:5005 -} -torrent.danilo-reyes.com { - reverse_proxy localhost:9091 -} -kitchen.danilo-reyes.com { - reverse_proxy localhost:9925 -} -vault.danilo-reyes.com { - log { - level INFO - output file /home/jawz/Development/Docker/vaultwarden/caddy.log { - roll_size 10MB - roll_keep 10 - } - } - tls captainjawz@outlook.com - # comment if giving issues with firefox - encode gzip - @insecureadmin { - not remote_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 - path /admin* - } - redir @insecureadmin / - reverse_proxy /notifications/hub localhost:3012 - reverse_proxy localhost:7780 { - header_up X-Real-IP {remote_host} - } -} -searx.danilo-reyes.com { - log { - output discard - } - - tls captainjawz@outlook.com - - @api { - path /config - path /healthz - path /stats/errors - path /stats/checker - } - - @static { - path /static/* - } - - @notstatic { - not path /static/* - } - - @imageproxy { - path /image_proxy - } - - @notimageproxy { - not path /image_proxy - } - - header { - # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS - Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" - - # Enable cross-site filter (XSS) and tell browser to block detected attacks - X-XSS-Protection "1; mode=block" - - # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type - X-Content-Type-Options "nosniff" - - # Disable some features - Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()" - - # Disable some features (legacy) - Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'" - - # Referer - Referrer-Policy "no-referrer" - - # X-Robots-Tag - X-Robots-Tag "noindex, noarchive, nofollow" - - # Remove Server header - -Server - } - - header @api { - Access-Control-Allow-Methods "GET, OPTIONS" - Access-Control-Allow-Origin "*" - } - - # Cache - header @static { - # Cache - Cache-Control "public, max-age=31536000" - defer - } - - header @notstatic { - # No Cache - Cache-Control "no-cache, no-store" - Pragma "no-cache" - } - - # CSP (see http://content-security-policy.com/ ) - header @imageproxy { - Content-Security-Policy "default-src 'none'; img-src 'self' data:" - } - - header @notimageproxy { - Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data: https://*.tile.openstreetmap.org; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com" - } - - # SearXNG - handle { - encode zstd gzip - - reverse_proxy localhost:8080 { - header_up X-Forwarded-Port {http.request.port} - header_up X-Forwarded-Proto {http.request.scheme} - } - } -} diff --git a/dotfiles/gallery-dl/config.json b/dotfiles/gallery-dl/config.json index 90d9363..b31ee9a 100755 --- a/dotfiles/gallery-dl/config.json +++ b/dotfiles/gallery-dl/config.json @@ -1,6 +1,6 @@ { "extractor": { - "cookies": ["chrome", "Default", "gnomekeyring"], + "cookies": ["firefox", "yw8fhvh4.default-release", "gnomekeyring"], "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36", "retries": 10, "sleep-request": 0, @@ -20,8 +20,13 @@ "access-token": "72157720849409732-e83af94a8ca145aa", "access-token-secret": "0c7e86529694756a" }, + "wikifeet": { + "page-reverse": true, + "directory": ["{category}", "{celebrity}"] + }, "instagram": { - "sleep-request": 5, + "sleep-request": "15-45", + "sleep": "2-10", "directory": ["{username}"], "parent-directory": true, "highlights": { @@ -60,7 +65,7 @@ "deviantart": { "client-id": "20016", "client-secret": "52e1f9b0cb26e673da36f69e2ddd0e9a", - "refresh-token": "4f9817b7c42671003e10dd5a5a48473855779359", + "refresh-token": "760c08e027c422e376c2be5656f0bcaa28438b46", "directory": ["{username}"], "include": "gallery,scraps", "flat": true, @@ -78,10 +83,15 @@ "(Patreon) {creator[vanity]}", "({date:%Y%m%d}) {title} ({id})" ], - "filename": "{filename}.{extension}" + "filename": "{filename}.{num}.{extension}", + "browser": "firefox" }, "blogger": { - "directory": ["{blog[name]}", "{post[author]}"], + "directory": [ + "{blog[name]}", + "{post[author]}", + "{post[title]} - [{post[id]}]" + ], "filename": "{filename} - {num}.{extension}" }, "artstation": { @@ -94,7 +104,7 @@ "reddit": { "user-agent": "Python:gallery-dl:v1.0 (by /u/captainjawz)", "client-id": "T7nZ6WZ3_onJWBhLP8r08g", - "refresh-token": "184157546842-lQ_NOSVjzJ6udAsvple9mftkOcs0rg", + "refresh-token": "184157546842-bkMXgGYWzkwGSgXTeC8mMmaDZouhUQ", "directory": ["{author}"], "parent-directory": true }, @@ -107,6 +117,9 @@ "paheal": { "directory": ["Husbands", "{search_tags}"] }, + "rule34": { + "directory": ["Husbands", "{search_tags}"] + }, "e621": { "directory": ["Husbands", "{search_tags}"] }, @@ -180,6 +193,7 @@ "ytdl": { "logging": true, "format": "bestvideo+bestaudio/best", + "module": "yt_dlp", "forward-cookies": true }, "http": { diff --git a/dotfiles/mpdas/mpdasrc b/dotfiles/mpdas/mpdasrc deleted file mode 100755 index 73c1287..0000000 --- a/dotfiles/mpdas/mpdasrc +++ /dev/null @@ -1,4 +0,0 @@ -username = Dornisaurio -password = PUOghI][pdUx|1W>druS)Alxh]b{!B0QM~,u@SKRi>p?xb)3qEy -host = localhost -port = 6600 diff --git a/hardware-configuration.nix b/hardware-configuration.nix index bc11abf..cd38a30 100755 --- a/hardware-configuration.nix +++ b/hardware-configuration.nix @@ -1,55 +1,134 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, pkgs, modulesPath, ... }: { + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + boot = { + plymouth = { enable = true; }; + loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot/efi"; + }; + grub = { + enable = true; + version = 2; + device = "nodev"; + efiSupport = true; + enableCryptodisk = true; + }; + }; + initrd.luks.devices = { + root = { + device = "/dev/disk/by-uuid/2dc90b31-2a37-46a9-92e5-a648cd74a860"; + preLVM = true; + }; + root2 = { + device = "/dev/disk/by-uuid/b0414af9-bca9-44d0-9fe3-a6e4f0b1c28c"; + preLVM = true; + }; + disk1 = { + device = "/dev/disk/by-uuid/a9b0f346-7e38-40a6-baf6-3ad80cafc842"; + preLVM = true; + }; + disk2 = { + device = "/dev/disk/by-uuid/0ed12b83-4c56-4ba8-b4ea-75a9e927d771"; + preLVM = true; + }; + }; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + initrd = { + availableKernelModules = + [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + kernelModules = [ ]; + }; + }; -{ - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") + fileSystems."/" = { + device = "/dev/mapper/root"; + fsType = "btrfs"; + options = [ + "subvol=nix" + "ssd" + "compress=zstd:3" + "x-systemd.device-timeout=0" + "space_cache=v2" + "commit=120" + "datacow" ]; + }; - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + fileSystems."/home" = { + device = "/dev/mapper/root"; + fsType = "btrfs"; + options = [ + "subvol=home" + "ssd" + "compress=zstd:3" + "x-systemd.device-timeout=0" + "space_cache=v2" + "commit=120" + "datacow" + ]; + }; + fileSystems."/mnt/disk1" = { + device = "/dev/mapper/disk1"; + fsType = "btrfs"; + options = [ "compress=zstd:3" "space_cache=v2" "commit=120" "datacow" ]; + }; - fileSystems."/" = - { device = "/dev/disk/by-uuid/3061620b-35eb-4b5f-b4e8-0e208404a749"; - fsType = "btrfs"; - options = [ "subvol=@" "compress=zstd:3" "ssd" "space_cache=v2" "commit=120" ]; - }; + fileSystems."/mnt/disk2" = { + device = "/dev/mapper/disk2"; + fsType = "btrfs"; + options = [ "compress=zstd:3" "space_cache=v2" "commit=120" "datacow" ]; + }; + fileSystems."/mnt/parity" = { + device = "/dev/disk/by-uuid/643b727a-555d-425c-943c-62f5b93631c9"; + fsType = "xfs"; + options = [ "defaults" ]; + }; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/3061620b-35eb-4b5f-b4e8-0e208404a749"; - fsType = "btrfs"; - options = [ "subvol=@home" "compress=zstd:3" "ssd" "space_cache=v2" "commit=120" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/eb5b3650-f709-46a1-8d63-7f05ffd5e6d4"; + fsType = "ext4"; + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/3061620b-35eb-4b5f-b4e8-0e208404a749"; - fsType = "btrfs"; - options = [ "subvol=@nix" "compress=zstd:3" "ssd" "space_cache=v2" "commit=120" "noatime" ]; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/78B5-4717"; + fsType = "vfat"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/FF77-8AB3"; - fsType = "vfat"; - }; - - fileSystems."/swap" = - { device = "/dev/disk/by-uuid/3061620b-35eb-4b5f-b4e8-0e208404a749"; - fsType = "btrfs"; - options = [ "subvol=@swap" "noatime" ]; - }; - - swapDevices = [ { device = "/swap/swapfile"; } ]; + swapDevices = + [{ device = "/dev/disk/by-uuid/7b9f7369-d24d-4b54-95a6-853626eb45a7"; }]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; + + hardware = { + cpu.intel.updateMicrocode = lib.mkDefault true; + bluetooth.enable = true; + # huion driver + opentabletdriver = { + enable = true; + daemon.enable = true; + }; + # nvidia driver + nvidia.modesetting.enable = true; + opengl = { + enable = true; + driSupport32Bit = true; + }; + }; + # hardware.cpu.intel.updateMicrocode = + # lib.mkDefault config.hardware.enableRedistributableFirmware; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } + diff --git a/pacman list b/pacman list deleted file mode 100755 index aeb90c5..0000000 --- a/pacman list +++ /dev/null @@ -1,90 +0,0 @@ -# adw-gtk3 -# adwaita-qt5 -bash-language-server -caddy -curtail -# dnsmasq -# docker -# docker-compose -fail2ban -firewalld -fontdownloader -furtherance -gallery-dl-git -gnome-kra-ora-thumbnailer-git -graphviz -grilo-plugins -gtkhash-nautilus-git -haskell-language-server -hoogle -hunspell-en_ca -hunspell-es_mx -hunspell-it -identity-git -intel-ucode -languagetool -lazydocker -man-db -man-pages -menulibre -mousai -mpc -mpd -mpdas -mpdevil -mpdris2 -mypaint -nautilus-megasync -ncmpcpp -neofetch -noise-suppression-for-voice -noto-fonts-cjk -npm -nss-mdns -nvidia -nvidia-container-toolkit -opendoas -orca -pacman-contrib -papirus-folders-git -papirus-libreoffice-theme -paru -patch -pika-backup -pipewire-v4l2 -pkgconf -pokemon-colorscripts-git -protonvpn -pureref -python-nautilus -python-pipx -qemu-desktop -reflector -ripgrep -rmlint -rygel -samba -seahorse -seahorse-nautilus -shellcheck -starship -steam -sushi -syncplay -syncthing -texlive-latexextra -texlive-science -tilix -timeshift -topgrade -transmission-gtk -trash-cli -vino -virt-manager -warp -webp-pixbuf-loader -wine -wl-clipboard -xclip -xdg-user-dirs-gtk -zram-generator diff --git a/pacman list new b/pacman list new deleted file mode 100755 index d0adc4a..0000000 --- a/pacman list new +++ /dev/null @@ -1,162 +0,0 @@ -adw-gtk3 -adwaita-qt5 -bash-bats # exercism -bash-language-server -beets # check plugins -bluez-utils-compat -celluloid -curtail # build -discord -discount -dnsmasq -docker -docker-compose -dropbox -easyeffects -emacs -eog -exa -exercism -fail2ban -fd -ffmpegthumbnailer -file-roller -firefox -firewalld -fish -flex -foliate -fontdownloader -furtherance -fzf -gallery-dl-git -gdm -gdu -geary -gifsicle -gnome-backgrounds -gnome-browser-connector -gnome-calculator -gnome-calendar -gnome-clocks -gnome-kra-ora-thumbnailer-git -gnome-logs -gnome-maps -gnome-podcasts -gnome-recipes -gnome-remote-desktop -gnome-shell-extension-gsconnect -gnome-system-monitor -gnome-tweaks -gnome-user-share -gnome-weather -gocryptfs -godot -google-chrome -graphviz -grilo-plugins -gst-plugin-pipewire -gtkhash-nautilus-git -gvfs-afc -gvfs-google -gvfs-gphoto2 -gvfs-mtp -gvfs-nfs -gvfs-smb -handbrake -hoogle -htop -huiontablet -hunspell-en_ca -hunspell-es_mx -hunspell-it -identity -intel-ucode -krita -languagetool -lazydocker -libreoffice-fresh -linux-firmware -linux-headers -lutris -make -malcontent -man-db -man-pages -menulibre -mousai -mpc -mpd -mpdas -mpdevil -mpdris2 -mypaint -nautilus-megasync -ncmpcpp -neofetch -nerd-fonts-cascadia-code -nerd-fonts-source-code-pro -nerd-fonts-ubuntu-mono -nixfmt -noise-suppression-for-voice -noto-fonts-cjk -noto-fonts-emoji -npm -nss-mdns -nvidia -nvidia-container-toolkit -orca -pacman-contrib -papirus-folders-git -papirus-libreoffice-theme -paru -patch -pika-backup -pipewire-v4l2 -pitivi -pkgconf -pokemon-colorscripts-git -pokeshell-git -profile-sync-daemon -protonvpn -pureref -python-discogs-client -python-httpx -python-nautilus -python-pip -python-pipx -python-pylast -qemu-desktop -reflector -ripgrep -rmlint -rygel -samba -seahorse -seahorse-nautilus -shfmt -sshfs -starship -steam -sudo -sushi -syncplay -syncthing -texlive-latexextra -texlive-science -tilix -tldr -topgrade -transmission-gtk -trash-cli -vino -virt-manager -warp -webp-pixbuf-loader -wine -wl-clipboard -xclip -xdg-ninja-git -xdg-user-dirs-gtk -yt-dlp -zram-generator