Merge remote-tracking branch 'origin/nixos' into nixos
This commit is contained in:
commit
a66a17984e
10 changed files with 50 additions and 26 deletions
|
@ -10,9 +10,13 @@
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
my.profiles = {
|
my = {
|
||||||
|
virtualisation.libvirtd.enable = true;
|
||||||
|
profiles = {
|
||||||
desktop.enable = true;
|
desktop.enable = true;
|
||||||
personal.enable = true;
|
personal.enable = true;
|
||||||
|
webis.enable = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# BOOT
|
# BOOT
|
||||||
|
@ -33,6 +37,7 @@
|
||||||
xserver.libinput.enable = true;
|
xserver.libinput.enable = true;
|
||||||
xserver.libinput.touchpad.disableWhileTyping = true;
|
xserver.libinput.touchpad.disableWhileTyping = true;
|
||||||
printing.enable = true;
|
printing.enable = true;
|
||||||
|
logind.lidSwitch = "hybrid-sleep";
|
||||||
};
|
};
|
||||||
hardware.bluetooth.enable = true;
|
hardware.bluetooth.enable = true;
|
||||||
|
|
||||||
|
@ -105,16 +110,6 @@
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.ssh.extraConfig = ''
|
|
||||||
Host builder
|
|
||||||
Hostname 192.168.0.14
|
|
||||||
Port 22
|
|
||||||
User moritz
|
|
||||||
|
|
||||||
IdentitiesOnly yes
|
|
||||||
IdentityFile /etc/ssh/ssh_host_ed25519_key
|
|
||||||
'';
|
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
|
|
@ -72,6 +72,7 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
services = {
|
services = {
|
||||||
|
illum.enable = true;
|
||||||
gnome.gnome-keyring.enable = true;
|
gnome.gnome-keyring.enable = true;
|
||||||
pipewire = {
|
pipewire = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -18,7 +18,7 @@ in
|
||||||
synology-drive.enable = true;
|
synology-drive.enable = true;
|
||||||
};
|
};
|
||||||
programs = {
|
programs = {
|
||||||
ssh.includeSecrets = mkDefault [ ../../secrets/ssh-home.age ];
|
ssh.includeSecrets = [ ../../secrets/ssh-home.age ];
|
||||||
git.signing = mkDefault true;
|
git.signing = mkDefault true;
|
||||||
hub.enable = mkDefault true;
|
hub.enable = mkDefault true;
|
||||||
firefox.arkenfox = {
|
firefox.arkenfox = {
|
||||||
|
|
28
modules/profiles/webis.nix
Normal file
28
modules/profiles/webis.nix
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
{ lib
|
||||||
|
, config
|
||||||
|
, ...
|
||||||
|
}:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
cfg = config.my.profiles.webis;
|
||||||
|
in
|
||||||
|
|
||||||
|
{
|
||||||
|
options.my.profiles.webis.enable = mkEnableOption "webis profile";
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
my.programs.ssh.includeSecrets = [ ../../secrets/webis-ssh.age ];
|
||||||
|
age.secrets.webis = {
|
||||||
|
file = ../../secrets/webis.age;
|
||||||
|
name = "webis.ovpn";
|
||||||
|
};
|
||||||
|
services.openvpn.servers = {
|
||||||
|
webis = {
|
||||||
|
config = "config /run/agenix/webis.ovpn";
|
||||||
|
autoStart = false;
|
||||||
|
updateResolvConf = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -171,8 +171,6 @@ in
|
||||||
bind = , XF86AudioNext , exec , playerctl -p "spotifyd,firefox" next
|
bind = , XF86AudioNext , exec , playerctl -p "spotifyd,firefox" next
|
||||||
bind = , XF86AudioPlay , exec , playerctl -p "spotifyd,firefox" play-pause
|
bind = , XF86AudioPlay , exec , playerctl -p "spotifyd,firefox" play-pause
|
||||||
bind = , XF86AudioPrev , exec , playerctl -p "spotifyd,firefox" previous
|
bind = , XF86AudioPrev , exec , playerctl -p "spotifyd,firefox" previous
|
||||||
binde = , XF86MonBrightnessDown , exec , brightnessctl s 10%-
|
|
||||||
binde = , XF86MonBrightnessUp , exec , brightnessctl s 10%+
|
|
||||||
|
|
||||||
# Move focus with mainMod + hjkl
|
# Move focus with mainMod + hjkl
|
||||||
binde = $mainMod, H, movefocus, l
|
binde = $mainMod, H, movefocus, l
|
||||||
|
|
|
@ -91,11 +91,11 @@ in
|
||||||
events = [
|
events = [
|
||||||
{
|
{
|
||||||
event = "before-sleep";
|
event = "before-sleep";
|
||||||
command = "${pkgs.swaylock}/bin/swaylock -fF";
|
command = "${getExe pkgs.swaylock} -fF";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
event = "lock";
|
event = "lock";
|
||||||
command = "${pkgs.swaylock}/bin/swaylock -fF";
|
command = "${getExe pkgs.swaylock} -fF";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
timeouts =
|
timeouts =
|
||||||
|
@ -118,12 +118,10 @@ in
|
||||||
}
|
}
|
||||||
] ++ optional
|
] ++ optional
|
||||||
(!cfg.nvidiaSupport) # TODO https://github.com/hyprwm/Hyprland/issues/1728
|
(!cfg.nvidiaSupport) # TODO https://github.com/hyprwm/Hyprland/issues/1728
|
||||||
[
|
|
||||||
{
|
{
|
||||||
timeout = 30 * 60;
|
timeout = 30 * 60;
|
||||||
command = "${pkgs.systemd}/bin/systemctl suspend-then-hibernate";
|
command = "${pkgs.systemd}/bin/systemctl suspend-and-hibernate";
|
||||||
}
|
};
|
||||||
];
|
|
||||||
systemdTarget = "hyprland-session.target";
|
systemdTarget = "hyprland-session.target";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -148,7 +146,7 @@ in
|
||||||
wantedBy = [ "graphical-session.target" ];
|
wantedBy = [ "graphical-session.target" ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStartPre = "${pkgs.coreutils}/bin/sleep 0.5";
|
ExecStartPre = "${pkgs.coreutils}/bin/sleep 0.5";
|
||||||
ExecStart = "${pkgs.hyprpaper}/bin/hyprpaper -c ${config}";
|
ExecStart = "${getExe pkgs.hyprpaper} -c ${config}";
|
||||||
RestartSec = "500ms";
|
RestartSec = "500ms";
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
};
|
};
|
||||||
|
|
|
@ -94,3 +94,4 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,8 @@ let
|
||||||
nixos-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhtwHDGAZshiQWKkCcPWV9tC83b+bKBgjDcjP/N2CKO";
|
nixos-laptop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhtwHDGAZshiQWKkCcPWV9tC83b+bKBgjDcjP/N2CKO";
|
||||||
nixos-desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl8gMhwSf1NsP5gp14xbbyjqQLZzcHLb/XKRMoHdXgI";
|
nixos-desktop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKl8gMhwSf1NsP5gp14xbbyjqQLZzcHLb/XKRMoHdXgI";
|
||||||
nixos-work = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQdruRBgcS3JbX+8DP4GE+28M/ZnxqxhoaMM5EVUkrD";
|
nixos-work = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQdruRBgcS3JbX+8DP4GE+28M/ZnxqxhoaMM5EVUkrD";
|
||||||
hosts = [ nixos-laptop nixos-desktop nixos-work ];
|
hosts-personal = [ nixos-laptop nixos-desktop ];
|
||||||
|
hosts = hosts-personal ++ [ nixos-work ];
|
||||||
|
|
||||||
all = users ++ hosts;
|
all = users ++ hosts;
|
||||||
in
|
in
|
||||||
|
@ -18,4 +19,6 @@ in
|
||||||
"uni-vpn.age".publicKeys = all;
|
"uni-vpn.age".publicKeys = all;
|
||||||
"wireguard-preshared-key.age".publicKeys = all;
|
"wireguard-preshared-key.age".publicKeys = all;
|
||||||
"wireguard-private-key.age".publicKeys = all;
|
"wireguard-private-key.age".publicKeys = all;
|
||||||
|
"webis.age".publicKeys = hosts-personal ++ [ moritz ];
|
||||||
|
"webis-ssh.age".publicKeys = hosts-personal ++ [ moritz ];
|
||||||
}
|
}
|
||||||
|
|
BIN
secrets/webis-ssh.age
Normal file
BIN
secrets/webis-ssh.age
Normal file
Binary file not shown.
BIN
secrets/webis.age
Normal file
BIN
secrets/webis.age
Normal file
Binary file not shown.
Loading…
Reference in a new issue