SeanOMik
/
nixos-dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Upload code 

Signed-off-by: SeanOMik <seanomik@gmail>
This commit is contained in:
SeanOMik 2022-09-13 23:53:30 -04:00
commit 1035f4e7fe
56 changed files with 3394 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
sensitives

9
LICENSE Executable file
View File

@ -0,0 +1,9 @@
MIT License
Copyright (c) 2022 Sean Ervin
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

11
common.nix Executable file
View File

@ -0,0 +1,11 @@
{ pkgs, home-manager, unstable, ... }:
{
system.stateVersion = "22.05";
time.timeZone = "America/New_York";
i18n.defaultLocale = "en_US.UTF-8";
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
}

1647
config/zsh/p10k/p10k.zsh Executable file
View File

File diff suppressed because it is too large Load Diff

115
configuration.nix Normal file
View File

@ -0,0 +1,115 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# boot.loader.grub.efiSupport = true;
# boot.loader.grub.efiInstallAsRemovable = true;
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Define on which hard drive you want to install Grub.
# boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
# networking.hostName = "nixos"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Configure keymap in X11
# services.xserver.layout = "us";
# services.xserver.xkbOptions = {
# "eurosign:e";
# "caps:escape" # map caps to escape.
# };
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# users.users.jane = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = with pkgs; [
# firefox
# thunderbird
# ];
# };
# List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment?
}

177
flake.lock Executable file
View File

@ -0,0 +1,177 @@
{
"nodes": {
"agenix": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1652712410,
"narHash": "sha256-hMJ2TqLt0DleEnQFGUHK9sV2aAzJPU8pZeiZoqRozbE=",
"owner": "ryantm",
"repo": "agenix",
"rev": "7e5e58b98c3dcbf497543ff6f22591552ebfe65b",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1659421644,
"narHash": "sha256-b7M9YxF2C1CClvbS5NMjheiyLF8KzX03eiVfYtXbVEw=",
"owner": "nix-community",
"repo": "fenix",
"rev": "862c23b3607d13166ef7493c7dc0995b1771a583",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "fenix",
"type": "github"
}
},
"git-crypt-agessh": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1651509804,
"narHash": "sha256-cHZ+90dcvL7Um7vUROiRD90L+d9I2curZ0tTuw9NIq4=",
"owner": "mtoohey31",
"repo": "git-crypt-agessh",
"rev": "9965d84ea97ad2eb0e3f8afd00001316c53a5603",
"type": "github"
},
"original": {
"owner": "mtoohey31",
"repo": "git-crypt-agessh",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1656169755,
"narHash": "sha256-Nlnm4jeQWEGjYrE6hxi/7HYHjBSZ/E0RtjCYifnNsWk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "4a3d01fb53f52ac83194081272795aa4612c2381",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-22.05",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1638587357,
"narHash": "sha256-2ySMW3QARG8BsRPmwe7clTbdCuaObromOKewykP+UJc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e34c5379866833f41e2a36f309912fa675d687c7",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-21.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1658912196,
"narHash": "sha256-GTP5XCLPU2Hg2bQC5dVqSBF9ef5C/J6pD4qM09Ba4Gk=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d9536b9b1e33377fb520e115bc8588d093ed97be",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"fenix": "fenix",
"git-crypt-agessh": "git-crypt-agessh",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs_2",
"unstable": "unstable"
}
},
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1659363473,
"narHash": "sha256-uamnlKqr5eReaefkoo7/ki05ZvIlJFwdFNM4znNhUqY=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "8e38833c3674c1be7d81c6069c62e6ed52b18b27",
"type": "github"
},
"original": {
"owner": "rust-lang",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"unstable": {
"locked": {
"lastModified": 1659131907,
"narHash": "sha256-8bz4k18M/FuVC+EVcI4aREN2PsEKT7LGmU2orfjnpCg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "8d435fca5c561da8168abb30270788d2da2a7951",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1649676176,
"narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

95
flake.nix Executable file
View File

@ -0,0 +1,95 @@
{
description = "NixOS configuration";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-22.05";
unstable.url = "github:nixos/nixpkgs/nixos-unstable";
home-manager.url = "github:nix-community/home-manager/release-22.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
agenix.url = "github:ryantm/agenix";
fenix.url = "github:nix-community/fenix";
fenix.inputs.nixpkgs.follows = "nixpkgs";
git-crypt-agessh.url = "github:mtoohey31/git-crypt-agessh";
git-crypt-agessh.inputs.nixpkgs.follows = "nixpkgs"; # idk if this is needed
};
outputs = inputs@{ nixpkgs, unstable, home-manager, agenix, git-crypt-agessh, ... }:
let
system = "x86_64-linux";
in
{
# nixpkgs.overlays = [
# (self: super: {
# discord = super.discord.overrideAttrs (_: {
# src = builtins.fetchTarball "https://dl.discordapp.net/apps/linux/0.0.19/discord-0.0.19.tar.gz";
# });
# })
# ];
nixosConfigurations = {
smallinux = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
let
# Inject unstable for inputs for modules
defaults = { pkgs, ... }: {
_module.args.unstable = import inputs.unstable {
inherit (pkgs.stdenv.targetPlatform) system;
config.allowUnfree = true;
};
};
in [
# {
# nixpkgs.overlays =
# let
# discordOpenASAR = self: super: {
# discord = super.discord.override { withOpenASAR = true; };
# };
# in [
# discordOpenASAR
# ];
# }
defaults
home-manager.nixosModules.home-manager
agenix.nixosModule
{
# Install git-crypt-agessh for sensitives (public ips)
# https://github.com/mtoohey31/git-crypt-agessh
environment.systemPackages = [
inputs.git-crypt-agessh.packages.x86_64-linux.default
];
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
networking.hostName = "smallinux";
age.identityPaths = [
#"/etc/ssh/ssh_host_ed25519_key"
#"/root/.ssh/id_rsa"
"/root/.ssh/secrets_sshkey"
];
age.secrets.serverwg-priv.file = ./secrets/serverwg-priv.age;
age.secrets.vpnboxwg-priv.file = ./secrets/vpnboxwg-priv.age;
# packageOverrides = pkgs: with pkgs; rec {
# ftb-app = callPackage modules/pkgs/ftb-app.nix { };
# };
}
./common.nix
./hosts/smallinux.nix
];
};
};
};
}

2
gitattributes Executable file
View File

@ -0,0 +1,2 @@
# age1dcye7cude8gy53ptzd4n20zdqd8kh36v2gkc9grcdmelwnsu3yyqhesnw3
/home/seanomik/homeip.sensitive filter=git-crypt-agessh diff=git-crypt-agessh

38
hardware-configuration.nix Normal file
View File

@ -0,0 +1,38 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "uas" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/87a9b1aa-5d44-4648-b45a-bc9e68ad8f94";
fsType = "btrfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/5B39-E485";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp10s0f3u3.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp7s0.useDHCP = lib.mkDefault true;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

4
home/discord.nix Executable file
View File

@ -0,0 +1,4 @@
{ pkgs, ... }:
pkgs.discord.override {
nss = pkgs.nss_latest; #_3_81;
}

7
home/emulators.nix Executable file
View File

@ -0,0 +1,7 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
rpcs3
citra
];
}

26
home/omz-zsh.nix Executable file
View File

@ -0,0 +1,26 @@
{ pkgs, ... }:
{
home = {
packages = with pkgs; [
meslo-lgs-nf
];
file.".p10k.zsh".source = ../config/zsh/p10k/p10k.zsh;
file.".oh-my-zsh/custom/themes/powerlevel10k".source = pkgs.fetchFromGitHub {
owner = "romkatv";
repo = "powerlevel10k";
sha256 = "sha256-FbjjOLod4l+FGvOhSAmTuAdsoBrxdfEY/MYP163N1xY="; # I have no clue where to get this from, I just copied it from an error.
rev = "e72264e01cb24431455ed6e398a769bca0da7ffe";
};
};
programs.zsh = {
enable = true;
oh-my-zsh = {
enable = true;
custom = "$HOME/.oh-my-zsh/custom";
theme = "powerlevel10k/powerlevel10k";
};
};
}

15
home/programs/alacritty.nix Executable file
View File

@ -0,0 +1,15 @@
{ pkgs, ... }:
{
programs.alacritty = {
enable = true;
settings = {
window.dimensions = {
lines = 22;
columns = 88;
};
font.normal.family = "MesloLGS NF";
#shell.program = "/bin/zsh";
};
};
}

6
home/programs/default.nix Executable file
View File

@ -0,0 +1,6 @@
{ pkgs, ... }:
{
imports = [
./alacritty.nix
];
}

64
home/seanomik/default.nix Executable file
View File

@ -0,0 +1,64 @@
{ pkgs, home-manager, unstable, ... }:
{
imports = [
./wireguard.nix
];
users.users.seanomik = {
isNormalUser = true;
extraGroups = [ "wheel" "openrazer" "plugdev" "docker" ];
initialPassword = "pw123";
};
environment.systemPackages = with pkgs; [
gcc clang
];
networking.wireguard.enable = true;
services.mullvad-vpn.enable = true;
programs.steam = {
enable = true;
# remotePlay.openFirewall = true;
};
home-manager.users.seanomik = { pkgs, ... }: {
imports = [
./gnome-dconf.nix
../omz-zsh.nix # oh-my-zsh zsh config
../programs
../emulators.nix
];
# Add open-in-vscode button to nemo
home = {
file.".local/share/nemo/actions/vscode.nemo_action".source = pkgs.fetchurl {
url = https://raw.githubusercontent.com/mhsattarian/nemo-open-in-vscode/master/vscode.nemo_action;
sha256 = "db3bd14ae08ae5e1a8774141ea16dae72c4ce50339443266702010c429d7fe36";
};
};
home.packages = with pkgs; [
(callPackage ../../modules/applications/discord.nix { })
vlc
lutris
polymc
zoom-us
mullvad-vpn
flameshot
obs-studio
vscode
okular
libreoffice-fresh-unwrapped
betterdiscordctl
gimp
slack
google-chrome
(callPackage ../../modules/pkgs/upwork.nix { inherit runCommandLocal; })
(callPackage ../../modules/pkgs/jellyfin-media-player.nix { inherit runCommandLocal; })
jetbrains.idea-community
];
};
}

296
home/seanomik/gnome-dconf.nix Executable file
View File

@ -0,0 +1,296 @@
# Generated via dconf2nix: https://github.com/gvolpe/dconf2nix
{ lib, ... }:
with lib.hm.gvariant;
{
dconf.settings = {
"ca/desrt/dconf-editor" = {
saved-pathbar-path = "/org/gtk/settings/";
saved-view = "/org/gtk/settings/";
show-warning = false;
window-height = 500;
window-is-maximized = false;
window-width = 540;
};
"org/gnome/calculator" = {
accuracy = 9;
angle-units = "degrees";
base = 10;
button-mode = "basic";
number-format = "automatic";
show-thousands = false;
show-zeroes = false;
source-currency = "";
source-units = "degree";
target-currency = "";
target-units = "radian";
word-size = 64;
};
"org/gnome/control-center" = {
last-panel = "mouse";
window-state = mkTuple [ 980 640 ];
};
"org/gnome/desktop/app-folders" = {
folder-children = [ "Utilities" "YaST" ];
};
"org/gnome/desktop/app-folders/folders/Utilities" = {
apps = [ "gnome-abrt.desktop" "gnome-system-log.desktop" "nm-connection-editor.desktop" "org.gnome.baobab.desktop" "org.gnome.Connections.desktop" "org.gnome.DejaDup.desktop" "org.gnome.Dictionary.desktop" "org.gnome.DiskUtility.desktop" "org.gnome.eog.desktop" "org.gnome.Evince.desktop" "org.gnome.FileRoller.desktop" "org.gnome.fonts.desktop" "org.gnome.seahorse.Application.desktop" "org.gnome.tweaks.desktop" "org.gnome.Usage.desktop" "vinagre.desktop" ];
categories = [ "X-GNOME-Utilities" ];
name = "X-GNOME-Utilities.directory";
translate = true;
};
"org/gnome/desktop/app-folders/folders/YaST" = {
categories = [ "X-SuSE-YaST" ];
name = "suse-yast.directory";
translate = true;
};
"org/gnome/desktop/input-sources" = {
sources = [ (mkTuple [ "xkb" "us" ]) ];
xkb-options = [ "terminate:ctrl_alt_bksp" ];
};
"org/gnome/desktop/interface" = {
clock-format = "12h";
color-scheme = "prefer-dark";
font-antialiasing = "grayscale";
font-hinting = "slight";
gtk-theme = "Adwaita-dark";
};
"org/gnome/desktop/notifications" = {
application-children = [ "firefox" "discord" "org-gnome-console" "gimp" ];
};
"org/gnome/desktop/notifications/application/discord" = {
application-id = "discord.desktop";
};
"org/gnome/desktop/notifications/application/firefox" = {
application-id = "firefox.desktop";
};
"org/gnome/desktop/notifications/application/gimp" = {
application-id = "gimp.desktop";
};
"org/gnome/desktop/notifications/application/gnome-power-panel" = {
application-id = "gnome-power-panel.desktop";
};
"org/gnome/desktop/notifications/application/nemo" = {
application-id = "nemo.desktop";
};
"org/gnome/desktop/notifications/application/org-gnome-console" = {
application-id = "org.gnome.Console.desktop";
};
"org/gnome/desktop/notifications/application/org-gnome-nautilus" = {
application-id = "org.gnome.Nautilus.desktop";
};
"org/gnome/desktop/notifications/application/xdg-desktop-portal-gnome" = {
application-id = "xdg-desktop-portal-gnome.desktop";
};
"org/gnome/desktop/peripherals/keyboard" = {
numlock-state = true;
};
"org/gnome/desktop/peripherals/mouse" = {
accel-profile = "flat";
speed = 0.121076;
};
"org/gnome/desktop/peripherals/touchpad" = {
two-finger-scrolling-enabled = true;
};
"org/gnome/desktop/session" = {
idle-delay = mkUint32 0;
};
"org/gnome/desktop/wm/keybindings" = {
switch-applications = [];
switch-applications-backward = [];
switch-windows = [ "<Alt>Tab" ];
switch-windows-backward = [ "<Shift><Alt>Tab" ];
};
"org/gnome/desktop/wm/preferences" = {
button-layout = "appmenu:minimize,maximize,close";
};
"org/gnome/eog/view" = {
background-color = "rgb(0,0,0)";
use-background-color = true;
};
"org/gnome/evolution-data-server" = {
migrated = true;
network-monitor-gio-name = "";
};
"org/gnome/file-roller/dialogs/extract" = {
recreate-folders = true;
skip-newer = false;
};
"org/gnome/file-roller/listing" = {
list-mode = "as-folder";
name-column-width = 250;
show-path = false;
sort-method = "name";
sort-type = "ascending";
};
"org/gnome/file-roller/ui" = {
sidebar-width = 200;
window-height = 480;
window-width = 600;
};
"org/gnome/gnome-system-monitor" = {
current-tab = "resources";
maximized = false;
network-total-in-bits = false;
show-dependencies = false;
show-whose-processes = "user";
window-state = mkTuple [ 859 502 ];
};
"org/gnome/gnome-system-monitor/disktreenew" = {
col-6-visible = true;
col-6-width = 0;
};
"org/gnome/mutter" = {
attach-modal-dialogs = true;
dynamic-workspaces = true;
edge-tiling = true;
focus-change-on-pointer-rest = true;
workspaces-only-on-primary = false;
};
"org/gnome/nautilus/preferences" = {
default-folder-viewer = "icon-view";
search-filter-time-type = "last_modified";
};
"org/gnome/nautilus/window-state" = {
initial-size = mkTuple [ 890 550 ];
maximized = false;
};
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = [ "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/" ];
volume-step = 2;
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = {
binding = "<Shift><Super>s";
command = "flameshot gui";
name = "Flameshot - Take Screenshot";
};
"org/gnome/settings-daemon/plugins/power" = {
power-button-action = "suspend";
sleep-inactive-ac-type = "nothing";
};
"org/gnome/shell" = {
command-history = [ "r" ];
disable-user-extensions = false;
enabled-extensions = [ "dash-to-dock@micxgx.gmail.com" "appindicatorsupport@rgcjonas.gmail.com" "trayIconsReloaded@selfmade.pl" ];
favorite-apps = [ "firefox.desktop" "Alacritty.desktop" "nemo.desktop" ];
welcome-dialog-last-shown-version = "42.3.1";
};
"org/gnome/shell/extensions/dash-to-dock" = {
apply-custom-theme = true;
background-opacity = 0.8;
click-action = "previews";
dash-max-icon-size = 24;
dock-fixed = true;
dock-position = "BOTTOM";
extend-height = true;
height-fraction = 0.9;
isolate-workspaces = true;
preferred-monitor = -2;
preferred-monitor-by-connector = "Virtual-1";
show-apps-at-top = true;
show-mounts = false;
show-trash = false;
};
"org/gnome/shell/extensions/trayIconsReloaded" = {
icon-margin-horizontal = 0;
icon-padding-horizontal = 6;
icons-limit = 8;
tray-margin-left = 0;
tray-margin-right = 12;
};
"org/gnome/shell/world-clocks" = {
locations = "@av []";
};
"org/gnome/tweaks" = {
show-extensions-notice = false;
};
"org/gtk/gtk4/settings/file-chooser" = {
date-format = "regular";
location-mode = "path-bar";
show-hidden = false;
show-size-column = true;
show-type-column = true;
sidebar-width = 169;
sort-column = "name";
sort-directories-first = false;
sort-order = "ascending";
type-format = "category";
window-size = mkTuple [ 888 374 ];
};
"org/gtk/settings/file-chooser" = {
clock-format = "12h";
date-format = "regular";
location-mode = "path-bar";
show-hidden = false;
show-size-column = true;
show-type-column = true;
sidebar-width = 157;
sort-column = "name";
sort-directories-first = false;
sort-order = "ascending";
type-format = "category";
window-position = mkTuple [ 345 52 ];
window-size = mkTuple [ 1231 902 ];
};
"org/nemo/preferences" = {
default-folder-viewer = "list-view";
show-location-entry = true;
};
"org/nemo/window-state" = {
geometry = "969x501+670+215";
maximized = false;
sidebar-bookmark-breakpoint = 0;
start-with-sidebar = true;
};
"org/x/apps/favorites" = {
list = [ "file:///mnt/data_drive/Development::inode/directory" ];
};
};
}

39
home/seanomik/wireguard.nix Executable file
View File

@ -0,0 +1,39 @@
{ config, pkgs, ... }:
{
networking.wireguard.interfaces =
let
homeip = builtins.readFile ../../sensitives/homeip;
in {
server = {
ips = [ "10.0.0.2/32" ];
listenPort = 2751;
privateKeyFile = config.age.secrets.serverwg-priv.path;
peers = [
{
publicKey = "L4IDVkAyYdGjaSS6fGImV+F4xPK1YtVTdbVElwhRAHs=";
allowedIPs = [ "10.0.0.1/32" ];
endpoint = homeip + ":2751";
persistentKeepalive = 25;
}
];
};
vpnbox = {
ips = [ "10.0.1.4/32" ];
listenPort = 2752;
privateKeyFile = config.age.secrets.vpnboxwg-priv.path;
peers = [
{
publicKey = "JTHjRp35MUbNSMOQnuE99mg0D0tyiprhH1KgIIQQLmg=";
allowedIPs = [ "10.0.1.1/32" "192.168.87.0/24" ];
endpoint = homeip + ":2752";
persistentKeepalive = 25;
}
];
};
};
}

17
home/yubikey-ssh.nix Executable file
View File

@ -0,0 +1,17 @@
{ pkgs, ... }:
{
services.udev.packages = [ pkgs.yubikey-personalization ];
# Depending on the details of your configuration, this section might be necessary or not;
# feel free to experiment
environment.shellInit = ''
export GPG_TTY="$(tty)"
gpg-connect-agent /bye
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
'';
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
}

6
hosts/default.nix Executable file
View File

@ -0,0 +1,6 @@
{ pkgs, home-manager, ... }:
{
imports = [
./smallinux.nix
];
}

43
hosts/smallinux.nix Executable file
View File

@ -0,0 +1,43 @@
{ pkgs, nixpkgs-unstable, home-manager, ... }:
{
# Mount the data drive
fileSystems."/mnt/data_drive" = {
device = "/dev/disk/by-uuid/93861f2f-b63c-4201-8ae2-a533edd1c064";
fsType = "btrfs";
};
# Other modules
imports = [
../hardware-configuration.nix
../modules/boot/plymouth.nix
../modules/boot/efi-grub.nix
../modules/kernel/lqx.nix
# Hardware stuff
../modules/hardware/nvidia.nix
../modules/hardware/xone.nix
../modules/hardware/razer.nix
../modules/audio/pipewire.nix
# Desktop stuff
../modules/fonts
../modules/desktop/gnome.nix
../modules/desktop_manager/gdm.nix
# Applications
../modules/cli-tools.nix
../modules/applications
# Development
../modules/development
# ssh
../modules/ssh/yubikey.nix
# Per-user stuff
../home/seanomik
];
}

16
modules/applications/default.nix Executable file
View File

@ -0,0 +1,16 @@
{ pkgs, ... }:
{
imports = [
./firefox.nix
./zsh.nix
./git.nix
./yubikey.nix
./java.nix
./docker.nix
];
environment.systemPackages = with pkgs; [
cacert
appimage-run
];
}

9
modules/applications/discord.nix Executable file
View File

@ -0,0 +1,9 @@
{ pkgs, ... }:
((pkgs.discord.overrideAttrs (_: {
src = builtins.fetchTarball {
url = "https://dl.discordapp.net/apps/linux/0.0.19/discord-0.0.19.tar.gz";
sha256 = "1kwqn1xr96kvrlbjd14m304g2finc5f5ljvnklg6fs5k4avrvmn4";
};
})).override {
nss = pkgs.nss_latest;
})

8
modules/applications/docker.nix Executable file
View File

@ -0,0 +1,8 @@
{ pkgs, ... }:
{
virtualisation.docker.enable = true;
environment.systemPackages = with pkgs; [
docker-compose
];
}

6
modules/applications/firefox.nix Executable file
View File

@ -0,0 +1,6 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
firefox
];
}

6
modules/applications/git.nix Executable file
View File

@ -0,0 +1,6 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
git
];
}

6
modules/applications/hashicorp.nix Executable file
View File

@ -0,0 +1,6 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
packer vagrant terraform
];
}

10
modules/applications/java.nix Executable file
View File

@ -0,0 +1,10 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
jdk17
jdk11
jdk8
];
programs.java.enable = true;
}

8
modules/applications/yubikey.nix Executable file
View File

@ -0,0 +1,8 @@
{ pkgs, ... }:
{
services.pcscd.enable = true;
environment.systemPackages = with pkgs; [
yubioath-desktop
];
}

5
modules/applications/zsh.nix Executable file
View File

@ -0,0 +1,5 @@
{ pkgs, ... }:
{
programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh;
}

19
modules/audio/pipewire.nix Executable file
View File

@ -0,0 +1,19 @@
{ pkgs, ... }: {
security.rtkit.enable = true;
hardware.pulseaudio.enable = false;
environment.systemPackages = with pkgs; [
pulseaudio # This is instaleld to get access to pactl. It isn't enabled or run as a service.
pavucontrol
wireplumber
];
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
}

14
modules/audio/pulseaudio.nix Executable file
View File

@ -0,0 +1,14 @@
{pkgs, config, lib, ...}:
with lib;
with builtins;
let
cfg = config.sys.audio;
in {
config = mkIf (cfg.server == "pulse") {
sound.enable = true;
hardware.pulseaudio.enable = true;
hardware.pulseaudio.support32Bit = true;
hardware.pulseaudio.package = pkgs.pulseaudioFull;
};
}

10
modules/boot/efi-grub.nix Executable file
View File

@ -0,0 +1,10 @@
{pkgs, ... }:
{
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.efiSupport = true;
boot.loader.grub.efiInstallAsRemovable = true;
boot.loader.grub.useOSProber = true;
boot.loader.efi.efiSysMountPoint = "/boot";
boot.loader.grub.device = "nodev";
}

4
modules/boot/plymouth.nix Executable file
View File

@ -0,0 +1,4 @@
{pkgs, ... }:
{
boot.plymouth.enable = true;
}

18
modules/cli-tools.nix Executable file
View File

@ -0,0 +1,18 @@
{ pkgs, ... }:
{
programs = {
# tmux.enable = true;
# tree.enable = true;
};
environment.systemPackages = with pkgs; [
tree
tmux
vim
nano
wget
curl
pciutils
btop
];
}

7
modules/default.nix Executable file
View File

@ -0,0 +1,7 @@
{pkgs, ... }:
{
imports = [
./audio
./cli-tools.nix
];
}

51
modules/desktop/gnome.nix Executable file
View File

@ -0,0 +1,51 @@
{pkgs, ... }:
{
services.xserver.enable = true;
#services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
environment.gnome.excludePackages = (with pkgs; [
gnome-photos
gnome-tour
]) ++ (with pkgs.gnome; [
cheese # webcam tool
gnome-music
gnome-terminal
gnome-contacts
gnome-weather
gnome-maps
gnome-calendar
simple-scan
gedit # text editor
epiphany # web browser
geary # email reader
evince # document viewer
gnome-characters
totem # video player
tali # poker game
iagno # go game
hitori # sudoku game
atomix # puzzle game
nautilus
]);
environment.systemPackages = with pkgs; [
cinnamon.nemo
# Gnome extensions
gnomeExtensions.appindicator
gnomeExtensions.dash-to-dock
gnomeExtensions.tray-icons-reloaded
gnome.gnome-tweaks
gnome.gnome-settings-daemon
dconf
# qtstyleplugin-kvantum-qt4
libsForQt5.qtstyleplugin-kvantum
gnome.dconf-editor
];
# environment.sessionVariables = rec {
# QT_STYLE_OVERRIDE = "kvantum";
# };
}

8
modules/desktop_manager/gdm.nix Executable file
View File

@ -0,0 +1,8 @@
{ pkgs, ... }:
{
services.xserver.enable = true;
services.xserver.displayManager.gdm = {
enable = true;
wayland = false; # ew, its something new (gaming performance, screensharing, alacritty).
};
}

11
modules/development/c-cpp.nix Executable file
View File

@ -0,0 +1,11 @@
{pkgs, ... }:
{
environment.systemPackages = with pkgs; [
gcc
clang
gnumake
cmake
ninja
meson
];
}

8
modules/development/default.nix Executable file
View File

@ -0,0 +1,8 @@
{pkgs, ... }:
{
imports = [
./c-cpp.nix
./javascript.nix
./rust.nix
];
}

8
modules/development/javascript.nix Executable file
View File

@ -0,0 +1,8 @@
{pkgs, ... }:
{
environment.systemPackages = with pkgs; [
nodejs
yarn
nodePackages.typescript
];
}

6
modules/development/rust.nix Executable file
View File

@ -0,0 +1,6 @@
{pkgs, ... }:
{
environment.systemPackages = with pkgs; [
rustup
];
}

13
modules/fonts/default.nix Executable file
View File

@ -0,0 +1,13 @@
{pkgs, ... }:
{
fonts.fonts = with pkgs; [
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
liberation_ttf
fira-code
fira-code-symbols
dina-font
proggyfonts
];
}

17
modules/hardware/mesa-vulkan-layer-nvidia.patch Executable file
View File

@ -0,0 +1,17 @@
diff b/src/vulkan/device-select-layer/device_select_layer.c a/src/vulkan/device-select-layer/device_select_layer.c
--- b/src/vulkan/device-select-layer/device_select_layer.c
+++ a/src/vulkan/device-select-layer/device_select_layer.c
@@ -454,12 +454,8 @@
exit(0);
} else {
unsigned selected_index = get_default_device(info, selection, physical_device_count, physical_devices);
- selected_physical_device_count = physical_device_count;
+ selected_physical_device_count = 1;
selected_physical_devices[0] = physical_devices[selected_index];
- for (unsigned i = 0; i < physical_device_count - 1; ++i) {
- unsigned this_idx = i < selected_index ? i : i + 1;
- selected_physical_devices[i + 1] = physical_devices[this_idx];
- }
}
if (selected_physical_device_count == 0) {

39
modules/hardware/nvidia.nix Executable file
View File

@ -0,0 +1,39 @@
{ pkgs, config, ... }:
{
nixpkgs.config.allowUnfree = true;
services.xserver.videoDrivers = [ "nvidia" ];
# hardware.opengl.enable = true;
# hardware.
hardware = {
opengl =
let
fn = oa: {
nativeBuildInputs = oa.nativeBuildInputs ++ [ pkgs.glslang ];
mesonFlags = oa.mesonFlags ++ [ "-Dvulkan-layers=device-select,overlay" ];
patches = oa.patches ++ [ ./mesa-vulkan-layer-nvidia.patch ];
postInstall = oa.postInstall + ''
mv $out/lib/libVkLayer* $drivers/lib
#Device Select layer
layer=VkLayer_MESA_device_select
substituteInPlace $drivers/share/vulkan/implicit_layer.d/''${layer}.json \
--replace "lib''${layer}" "$drivers/lib/lib''${layer}"
#Overlay layer
layer=VkLayer_MESA_overlay
substituteInPlace $drivers/share/vulkan/explicit_layer.d/''${layer}.json \
--replace "lib''${layer}" "$drivers/lib/lib''${layer}"
'';
};
in
with pkgs; {
enable = true;
driSupport32Bit = true;
package = (mesa.overrideAttrs fn).drivers;
package32 = (pkgsi686Linux.mesa.overrideAttrs fn).drivers;
};
};
hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable;
}

9
modules/hardware/razer.nix Executable file
View File

@ -0,0 +1,9 @@
{ pkgs, unstable, config, ... }:
{
hardware.openrazer.enable = true;
environment.systemPackages = [ #with unstable; [
pkgs.openrazer-daemon
unstable.polychromatic
];
}

4
modules/hardware/xone.nix Executable file
View File

@ -0,0 +1,4 @@
{ pkgs, ... }:
{
hardware.xone.enable = true;
}

5
modules/kernel/lqx.nix Executable file
View File

@ -0,0 +1,5 @@
{ pkgs, ... }:
{
# boot.kernelPackages = pkgs.linuxKernel.kernels.linux_lqx;
boot.kernelPackages = pkgs.linuxPackages_lqx;
}

48
modules/pkgs/ftb-app.nix Executable file
View File

@ -0,0 +1,48 @@
{ lib, stdenv, fetchurl, makeWrapper, jre_headless, gawk }:
stdenv.mkDerivation rec {
pname = "ftb-app";
version = "202208131844";
# src = fetchurl {
# url = "https://apps.modpacks.ch/FTBApp/release/202208131844-e5790011d3-release/FTBA_unix_202208131844-e5790011d3-release.sh";
# sha256 = "afe8a2a81b5f0597ef6a3bc858ff67b8212ebe5f0fd414471ef10d152921b964";
# };
preferLocalBuild = true;
sourceRoot = "${pname}-${version}";
nativeBuildInputs = [ makeWrapper ];
# patches = [ ./nexus-bin.patch ./nexus-vm-opts.patch ];
# postPatch = ''
# substituteInPlace bin/nexus.vmoptions \
# --replace etc/karaf $out/etc/karaf \
# --replace =. =$out
# '';
installPhase = ''
runHook preInstall
mkdir -p $out
wget https://apps.modpacks.ch/FTBApp/release/202208131844-e5790011d3-release/FTBA_unix_202208131844-e5790011d3-release.sh -O $out/ftba.sh
# cp FTBA_unix_*.sh $out/fbta.sh
# cp -rfv * .install4j $out
# rm -fv $out/bin/nexus.bat
wrapProgram $out/ftba.sh \
--set JAVA_HOME ${jre_headless} \
--set ALTERNATIVE_NAME "ftba" \
--prefix PATH "${lib.makeBinPath [ gawk ]}"
runHook postInstall
'';
meta = with lib; {
description = "Minecraft Feed The Beast App for playing modded Minecraft.";
homepage = "https://www.feed-the-beast.com/app";
sourceProvenance = with sourceTypes; [ binaryBytecode ];
# license = licenses.epl10;
platforms = platforms.all;
maintainers = with maintainers; [ seanomik ];
};
}

81
modules/pkgs/jellyfin-media-player.nix Executable file
View File

@ -0,0 +1,81 @@
{ lib, stdenv, fetchurl, dpkg, wrapGAppsHook, autoPatchelfHook
, alsa-lib, atk, at-spi2-atk, at-spi2-core, cairo, cups, dbus, expat, fontconfig, freetype
, gdk-pixbuf, glib, gtk3, libcxx, libdrm, libnotify, libpulseaudio, libuuid, libX11, libxcb
, libXcomposite, libXcursor, libXdamage, libXext, libXfixes, libXi, libXrandr, libXrender
, libXScrnSaver, libXtst, mesa, nspr, nss, openssl, pango, systemd, writeText, runCommandLocal, wget }:
stdenv.mkDerivation rec {
pname = "jellyfin-media-player";
version = "1.7.1";
src = runCommandLocal "${pname}_${version}_amd64-jammy.deb"
rec {
outputHashMode = "recursive";
outputHashAlgo = "sha256";
outputHash = "sha256-g2RldDAvgEpyKz+umxcaAjWfGGH9DZ56UndsIraudFg=";
nativeBuildInputs = [ wget ];
impureEnvVars = lib.fetchers.proxyImpureEnvVars;
} ''
# Figure out certificates
wget --no-check-certificate \
-U "Mozilla/5.0 (X11; Linux x86_64; rv:103.0)" \
https://github.com/jellyfin/jellyfin-media-player/releases/download/v1.7.1/jellyfin-media-player_1.7.1-1_amd64-jammy.deb \
-O $out
'';
nativeBuildInputs = [
dpkg
wrapGAppsHook
autoPatchelfHook
];
buildInputs = [
libcxx systemd libpulseaudio
stdenv.cc.cc alsa-lib atk at-spi2-atk at-spi2-core cairo cups
dbus expat fontconfig freetype gdk-pixbuf glib gtk3 libdrm libnotify
libuuid libX11 libxcb libXcomposite libXcursor libXdamage libXext libXfixes
libXi libXrandr libXrender libXScrnSaver libXtst mesa nspr nss pango systemd
];
libPath = lib.makeLibraryPath buildInputs;
dontWrapGApps = true;
dontBuild = true;
dontConfigure = true;
unpackPhase = ''
# curl -i -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0" -O https://upwork-usw2-desktopapp.upwork.com/binaries/v5_6_10_13_3c485d1dd2af4f61/upwork_5.6.10.13_amd64.deb
echo $out
echo $src
dpkg-deb -x "$src" ./
'';
installPhase = ''
runHook preInstall
mv usr $out
# mv share $out
# Now it requires lib{ssl,crypto}.so.1.0.0. Fix based on Spotify pkg.
# https://github.com/NixOS/nixpkgs/blob/efea022d6fe0da84aa6613d4ddeafb80de713457/pkgs/applications/audio/spotify/default.nix#L129
# mkdir -p $out/lib/upwork
# ln -s ${lib.getLib openssl}/lib/libssl.so $out/lib/upwork/libssl.so.1.0.0
# ln -s ${lib.getLib openssl}/lib/libcrypto.so $out/lib/upwork/libcrypto.so.1.0.0
sed -e "s|/opt/jellyfin-media-player|$out/bin|g" -i $out/share/applications/com.github.iwalton3.jellyfin-media-player.desktop
makeWrapper $out/bin/jellyfinmediaplayer \
$out/bin/jellyfinmediaplayer \
--prefix LD_LIBRARY_PATH : ${libPath}
runHook postInstall
'';
meta = with lib; {
description = "Jellyfin Desktop Client based on Plex Media Player";
homepage = "https://github.com/jellyfin/jellyfin-media-player";
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
license = licenses.gpl2Only;
platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ seanomik ];
};
}

83
modules/pkgs/jellyfin-media-player.nix.save Executable file
View File

@ -0,0 +1,83 @@
{ lib, stdenv, fetchurl, dpkg, wrapGAppsHook, autoPatchelfHook
, alsa-lib, atk, at-spi2-atk, at-spi2-core, cairo, cups, dbus, expat, fontconfig, freetype
, gdk-pixbuf, glib, gtk3, libcxx, libdrm, libnotify, libpulseaudio, libuuid, libX11, libxcb
, libXcomposite, libXcursor, libXdamage, libXext, libXfixes, libXi, libXrandr, libXrender
, libXScrnSaver, libXtst, mesa, nspr, nss, openssl, pango, systemd, writeText, runCommandLocal, wget }:
stdenv.mkDerivation rec {
pname = "jellyfin-media-player";
version = "1.7.1";
src = runCommandLocal "${pname}_${version}_amd64-jammy.deb"
rec {
outputHashMode = "recursive";
outputHashAlgo = "sha256";
outputHash = "sha256-g2RldDAvgEpyKz+umxcaAjWfGGH9DZ56UndsIraudFg=";
nativeBuildInputs = [ wget ];
impureEnvVars = lib.fetchers.proxyImpureEnvVars;
} ''
# Figure out certificates
wget --no-check-certificate \
-U "Mozilla/5.0 (X11; Linux x86_64; rv:103.0)" \
https://github.com/jellyfin/jellyfin-media-player/releases/download/v1.7.1/jellyfin-media-player_1.7.1-1_amd64-jammy.deb \
-O $out
'';
nativeBuildInputs = [
dpkg
wrapGAppsHook
autoPatchelfHook
];
buildInputs = [
libcxx systemd libpulseaudio
stdenv.cc.cc alsa-lib atk at-spi2-atk at-spi2-core cairo cups
dbus expat fontconfig freetype gdk-pixbuf glib gtk3 libdrm libnotify
libuuid libX11 libxcb libXcomposite libXcursor libXdamage libXext libXfixes
libXi libXrandr libXrender libXScrnSaver libXtst mesa nspr nss pango systemd
];
libPath = lib.makeLibraryPath buildInputs;
dontWrapGApps = true;
dontBuild = true;
dontConfigure = true;
unpackPhase = ''
# curl -i -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0" -O https://upwork-usw2-desktopapp.upwork.com/binaries/v5_6_10_13_3c485d1dd2af4f61/upwork_5.6.10.13_amd64.deb
echo $out
echo $src
dpkg-deb -x "$src" ./
'';
installPhase = ''
runHook preInstall
mv usr $out
# mv share $out
# Now it requires lib{ssl,crypto}.so.1.0.0. Fix based on Spotify pkg.
# https://github.com/NixOS/nixpkgs/blob/efea022d6fe0da84aa6613d4ddeafb80de713457/pkgs/applications/audio/spotify/default.nix#L129
# mkdir -p $out/lib/upwork
# ln -s ${lib.getLib openssl}/lib/libssl.so $out/lib/upwork/libssl.so.1.0.0
# ln -s ${lib.getLib openssl}/lib/libcrypto.so $out/lib/upwork/libcrypto.so.1.0.0
sed -e "s|/opt/jellyfin-media-player|$out/bin|g" -i $out/share/applications/com.github.iwalton3.jellyfin-media-player.desktop
makeWrapper $out/bin/jellyfinmediaplayer \
$out/bin/jellyfinmediaplayer \
--prefix LD_LIBRARY_PATH : ${libPath}
runHook postInstall
'';
meta = with lib; {
description = "Jellyfin Desktop Client based on Plex Media Player";
homepage = "https://github.com/jellyfin/jellyfin-media-player";
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
license = licenses.gpl2Only;
platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ seanomik ];
};
}

80
modules/pkgs/upwork.nix Executable file
View File

@ -0,0 +1,80 @@
{ lib, stdenv, fetchurl, dpkg, wrapGAppsHook, autoPatchelfHook
, alsa-lib, atk, at-spi2-atk, at-spi2-core, cairo, cups, dbus, expat, fontconfig, freetype
, gdk-pixbuf, glib, gtk3, libcxx, libdrm, libnotify, libpulseaudio, libuuid, libX11, libxcb
, libXcomposite, libXcursor, libXdamage, libXext, libXfixes, libXi, libXrandr, libXrender
, libXScrnSaver, libXtst, mesa, nspr, nss, openssl, pango, systemd, writeText, runCommandLocal, wget }:
stdenv.mkDerivation rec {
pname = "upwork";
version = "5.6.10.13";
src = runCommandLocal "${pname}_${version}_amd64.deb"
rec {
outputHashMode = "recursive";
outputHashAlgo = "sha256";
outputHash = "sha256-citeNB2OA6LGCVGAlXVK7uRgOJIQBg8Xykhxy2zRImI=";
nativeBuildInputs = [ wget ];
impureEnvVars = lib.fetchers.proxyImpureEnvVars;
} ''
# Figure out certificates
wget --no-check-certificate \
-U "Mozilla/5.0 (X11; Linux x86_64; rv:103.0)" \
https://upwork-usw2-desktopapp.upwork.com/binaries/v5_6_10_13_3c485d1dd2af4f61/${pname}_${version}_amd64.deb \
-O $out
'';
nativeBuildInputs = [
dpkg
wrapGAppsHook
autoPatchelfHook
];
buildInputs = [
libcxx systemd libpulseaudio
stdenv.cc.cc alsa-lib atk at-spi2-atk at-spi2-core cairo cups
dbus expat fontconfig freetype gdk-pixbuf glib gtk3 libdrm libnotify
libuuid libX11 libxcb libXcomposite libXcursor libXdamage libXext libXfixes
libXi libXrandr libXrender libXScrnSaver libXtst mesa nspr nss pango systemd
];
libPath = lib.makeLibraryPath buildInputs;
dontWrapGApps = true;
dontBuild = true;
dontConfigure = true;
unpackPhase = ''
# curl -i -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0" -O https://upwork-usw2-desktopapp.upwork.com/binaries/v5_6_10_13_3c485d1dd2af4f61/upwork_5.6.10.13_amd64.deb
echo $out
echo $src
dpkg-deb -x "$src" ./
'';
installPhase = ''
runHook preInstall
mv usr $out
mv opt $out
# Now it requires lib{ssl,crypto}.so.1.0.0. Fix based on Spotify pkg.
# https://github.com/NixOS/nixpkgs/blob/efea022d6fe0da84aa6613d4ddeafb80de713457/pkgs/applications/audio/spotify/default.nix#L129
mkdir -p $out/lib/upwork
ln -s ${lib.getLib openssl}/lib/libssl.so $out/lib/upwork/libssl.so.1.0.0
ln -s ${lib.getLib openssl}/lib/libcrypto.so $out/lib/upwork/libcrypto.so.1.0.0
sed -e "s|/opt/Upwork|$out/bin|g" -i $out/share/applications/upwork.desktop
makeWrapper $out/opt/Upwork/upwork \
$out/bin/upwork \
--prefix XDG_DATA_DIRS : "${gtk3}/share/gsettings-schemas/${gtk3.name}/" \
--prefix LD_LIBRARY_PATH : ${libPath}
runHook postInstall
'';
meta = with lib; {
description = "Online freelancing platform desktop application for time tracking";
homepage = "https://www.upwork.com/ab/downloads/";
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
license = licenses.unfree;
platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ zakkor wolfangaukang ];
};
}

20
modules/ssh/yubikey.nix Executable file
View File

@ -0,0 +1,20 @@
{ pkgs, ... }:
{
services.udev.packages = [ pkgs.yubikey-personalization ];
environment.systemPackages = with pkgs; [ gnupg pinentry pinentry-curses pinentry-gtk2 ]; # paperkey ];
# Depending on the details of your configuration, this section might be necessary or not;
# feel free to experiment
environment.shellInit = ''
export GPG_TTY="$(tty)"
gpg-connect-agent /bye
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
'';
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryFlavor = "gtk2";
};
}

13
secrets/secrets.nix Executable file
View File

@ -0,0 +1,13 @@
let
seanomik = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDSQukK8uHSEaWssaq5L28xRlLChqkJ+gvKOsPHZ2j+6gwf8PgQ0QKdwBiAQdTJfYe1S56gke+U0q3UlYLcVAf/ETRccxWs7IHuboogm3jwP6PKAuzadkB44YSbt+88bbokq4RVEnrs1q3q7McPARC5ks46/wWK3DGcb/QR1trGgPXz9PA6PIujvtsm+9yNQIn9GRxEwiDRVvl+FiDJkvQ7PkTIhXwTFUgDavKBgNgrwfopwbcE/m+wZ7ksxch5GcISkww2fEXDRdkbgUQvEK9cOiDX1b2GnTzCVTlcmp/jz46OLSqcKrea957utnyxnOpn+MYSy1tfIuAeHuWKSxdjKErixh0+eEPbTsECHuir2bJ0PRB8N/UNMaM3HTFgN/jXMfInn9Ny3gbLU6ApMXnYgq/wQo1SsoC9MTMIY14fjTUkyq+e+Xhh9wayeNIP+1e5sW5MaAjIHZEyZYVGwlXnowv3nvRD1NtqzEXC+qyAoZb1HgAqSc1mUstjaq2BHL1+Uj4FuxhiZeGPr+WzFWuL24+6oSMwwZBzxVKVZ4STe0CR27SRWLXzpDGOhhrOf6YeSyCPFi2ghbFjdNEFJN80r0YFyyYrgf1kPq1msTH+t0pbEpGTIFNSg1pq1JpOHGBct7/2U2yKsPGdr5K0fjKUYQKuoS5hG+xd0VOzaJ3zGQ==";
users = [ seanomik ];
smallinux = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKQEbK+BQGpiCL61YK0r9ZOg+b2s1/TnoYCV0uIlLVWA";
systems = [ smallinux ];
secrets_ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJOwZ9Cr7b1UHWOoiEdiFE4MGwkgRDhRUfUlmjVgk5s/y7i5/x8cz2ca35d3BdrcwuZqskEHrdAzTXKY38fuS9Db0BEgcVZR67XiH2gWOP6hHiVRDTyJSMH0KTirHU/jPbpChMsuaHT7svAgopGzSKZIdkj55Mx3xLrMjOSRxfsGxkI6nB+2vrRXd+qxrPXMTlW8D8fOmHRcc3TTVzGGHcamuEnQ6JZSebas6uY5TEBsIwI7X3mzigP5IAYjAVs3xLpoBKJL58vWF6t3Ej9auePldy+ZjnGVTU1PirPm2/M9P3Edl2utyaEXthizVM3r+mB/m4cqJAG8g1PKjlpCoTPYjmTbGes2YAkeUGpkBTe0RKoobqWIoSf+OtUrVHdQU4vZktGJV7ngjJDyBHpEQz/ve7dujnmYZVYwiaVK1JeC+rPIb5DBpfRZBEqnkY3JhWrnSg76ByUigX96309N/7jjSTB3mjZHP21qUxx6fyZfEdfhPyr5ZBFYa3OwY6RcdSDrTCykbegOoPef8MRaLZKjNACXC4webZnujpNMG6tInBcD8imhF+8t156itpzhckhyZigxmzsCTxavbXIgzKBgeZ5AtJbuCbtd5IBcx/B+Nvo50uWNDre7kVt1fSoFeZCFQF+u0+mwK/6wgiJYq8th3ryo5IvB5aW/XNlNH42Q==";
in
{
"serverwg-priv.age".publicKeys = systems ++ users ++ [ secrets_ssh ];
"vpnboxwg-priv.age".publicKeys = systems ++ users ++ [ secrets_ssh ];
}

31
secrets/serverwg-priv.age Executable file
View File

@ -0,0 +1,31 @@
age-encryption.org/v1
-> ssh-ed25519 k9NlkQ dffEkEMr4WI6LxFEVf6calSrEm3HiMrnDtvyE6M51jA
6FdH9/NuHYHF3DQWb5dBqoeFzdS9hG4iLY00+r/TgBM
-> ssh-rsa 2owD0g
WKdttSy4vkLpl2zU+Nu5XIEEpyjhDzvVPs1Qn4okMWNT7O0yrNQEvPfNek5GIxKS
tCsTvlLbfdhph/EINghRk5ggcyR2zOb1Icg1X03sJ2fI1p9Tcuwg8RT93XmsOy0F
w2MUTESsdsQy7GsdEGI1Q1l5VyRbwGDuXAe6WiN6t1hGjO0IqXyga9Mt2UGwwfRP
HiI4bJrE3ckn9ET6EOspLOt4QmKpKVd634pn32QZCkMrzOi3sK+g02aw26B0e7H/
aXm+0I2v7tEOFSkzd/yf3+Uca9sOGNNrPaaZhxBvth0qWquhRpxdopF+iqg+S35B
rwqG0ARe3laB6PLGzz2aeVCvvkLvytNhVhW0g+CvurwgNTdb6bzPE0m4x6BD94Bm
CgP0De8lMxehdCz1C8it2BWrod7dNOh84HFvw9OF+9EeyalpTc+a5VhUR2Zzux8y
3pBh8Ph+Eh/7UuliMm7VuKBi5TEkN5BzsAAertzRQr3MSfXi2cyUleVyyFmZ6ONX
MWBJUtHq/cQWTw5nSVvH4tnj+nqddKT0Q5j313kpKngZStl7ypBfPnNvycHbmCo3
Ld4ElEc0k+T9+1aToRAZcvLW6yEIA3Q9uzsLu7lg0FoKnDNkFn9006qY6A66g2jM
TxkerwL3lMECp2hvU2piVSDmtBOiKvmke6qmahHd8bE
-> ssh-rsa VbrcBQ
NSaBeuMD0Y2La9NiwVrCMi9PSENTqskIe64+qsIoP5zwbT+Si9/fq/RL3K+sP/a5
qo0NhebdX6sbRuUy6v+oXLdVfQdxng3Ks+TrmeiDY5ehJtKzBn/pNgMVOoBo6dbk
idqWFEdcwfX1M/pR6kqm62/n1UAq4np7LzKukjUDN2oERzD1Y6scPB2FAj5DkBd/
Tmp+vO2Uzz5bNIvwrEEugdJfCOaFk+Idb2YWA2AvGQB4Nzk6LVJqXXICvbg1TUWu
7MriiKkVNcDMPz2puxMj3v8Hrop3pWh+YU725vXQ3o1b5oW7jhhRov2czEHzS8aZ
HuhozO+zibCiM3djQRmibNBkm/+IZsSNrnXAHEqRSK2fvWaKfow/5w4up+zXwxf9
q2t/bxzDKG+AszObi2k/lxxWtvwNNt/iTxowp8dP/VucUMgXQ3jVuNJfSN88gdRv
xWI3Ec4HXD/rIEIcIbs7qyPXu4oY/SGLDSHsBzE3KeIjUTxH80Yvn94fs/i1IFcY
FxsabVuD7TrpCUxR2LOYV3Jn+qz2cdLABbObY5CE2b2cc47VLbWi5Lqab7MVWKC0
4CIQqDyxHAqnvvYwXXkNXJmz0BQn7gmTsupJLnx/vxoUyR6cM1/6NBstW3xHx5Ez
jR2yBK+LlsMqPBwmSSIfo1Oiw2I8A0CIsRmAJfRWdnU
-> p*+Yw"-grease
CZ2RWWpoZZ843FSLim3Lw4F2i51l2dJ1Lj0MR0FSuL3J
--- ln9MIgw8KN7/ScbK2buNWJutbUQ2ovut1cVf0blkmYs
c×ÁX¯Þ<.<2E>(’°Ò j‡žhéÈáªA4[×Èâìÿô§ mt¤dV¤»¬9åM%…Qjì=Ò$t0ù3] § j4»<E2809A>ûbGv#y

BIN
secrets/vpnboxwg-priv.age Executable file
View File

Binary file not shown.

95
upwork.nix Executable file
View File

@ -0,0 +1,95 @@
{ lib, stdenv, fetchurl, dpkg, wrapGAppsHook, autoPatchelfHook
, alsa-lib, atk, at-spi2-atk, at-spi2-core, cairo, cups, dbus, expat, fontconfig, freetype
, gdk-pixbuf, glib, gtk3, libcxx, libdrm, libnotify, libpulseaudio, libuuid, libX11, libxcb
, libXcomposite, libXcursor, libXdamage, libXext, libXfixes, libXi, libXrandr, libXrender
, libXScrnSaver, libXtst, mesa, nspr, nss, openssl, pango, systemd, writeText, runCommandLocal, wget, cacert }:
stdenv.mkDerivation rec {
pname = "upwork";
version = "5.6.10.13";
# src = unstable.fetchurl {
# url = "https://upwork-usw2-desktopapp.upwork.com/binaries/v5_6_10_13_3c485d1dd2af4f61/upwork_5.6.10.13_amd64.deb";
# sha256 = "c3e1ecf14c99596f434edf93a2e08f031fbaa167025d1280cf19f68b829d6b79";
# curlOpts = "-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0'";
# curlOptsList = [ "-A" "Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0" "-b" "__cf_bm=sANcdpTto.J0mvbyR.an5GsLDsQCJSXBGYfyjgunudo-1662562397-0-ASEouhG8q62/uasIIliDbQ7FlrOwbWzjRBA4OMbJWiqT4tGLltuGF6Ie+LTxbRSAgz0IN8zEPFwhRvafgX74FBo=; __cfruid=815f8a0964f6a5c305ed144e5e7e2d80cc9f0741-1662562397; visitor_id=206.72.224.198.1662562397138000; restriction_verified=1; device_view=full; _vwo_uuid_v2=DDA36742368E9CD6C22F53461B8FEEABA|50367cf62836a04346162fc4c1163283; _gcl_au=1.1.2059070430.1662562398; _vis_opt_s=1|; _vis_opt_test_cookie=1; _gid=GA1.2.553657708.1662562398; _dc_gtm_UA-62227314-1=1; _dc_gtm_UA-62227314-13=1; _vwo_uuid=DDA36742368E9CD6C22F53461B8FEEABA; _vwo_ds=3$1662562396:53.20652988::; visitor_gql_token=oauth2v2_ab94de76be789a51cba51004ca21879b; _rdt_uuid=1662562398232.17176ea2-719b-40cc-af58-08ead2ba4072; _dpm_ses.5831=*; _fbp=fb.1.1662562398279.1023669369; IR_gbd=upwork.com; _gat_UA-64221313-1=1; __zlcmid=1BqlD286zdYpwIv; _gat_UA-62227314-2=1; OptanonConsent=isGpcEnabled=0&datestamp=Wed+Sep+07+2022+09:53:41+GMT-0500+(Central+Daylight+Time)&version=6.39.0&isIABGlobal=false&hosts=&consentId=3b1a413f-0977-4640-8197-e1a4a70c1aea&interactionCount=1&landingPath=NotLandingPage&groups=C0001:1,C0002:1,C0003:1,C0004:1&AwaitingReconsent=false; _ga_KSM221PNDX=GS1.1.1662562397.1.1.1662562421.0.0.0; _ga=GA1.2.322812467.1662562398; _vwo_sn=0:2; XSRF-TOKEN=d329e97c639af9152d630ae40cfb003b; IR_13634=1662562421585|0|1662562421585||; _dpm_id.5831=af23981a-f6c8-4232-9e05-9b0a33aacac2.1662562398.1.1662562422.1662562398.b8c5ca2e-c751-4c02-a565-8658fa25c9c4; spt=9b1c86d6-d343-47e2-8303-94a9d251d4fb" ];
# curlOpts = "-A Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0";
# };
src = runCommandLocal "upwork_5.6.10.13_amd64.deb"
rec {
# outputHashMode = "recursive";
# outputHashAlgo = "sha256";
# outputHash = "sha256-VEncDEvmNu/nLTG2mQAkvH88HbveO2u3EKUUoGZYrJE";
# downloadUrl = "https://upwork-usw2-desktopapp.upwork.com/binaries/v5_6_10_13_3c485d1dd2af4f61/${pname}_${version}_amd64.deb";
SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
nativeBuildInputs = [ wget ];
} ''
# mkdir -p $out
wget -U "Mozilla/5.0 (X11; Linux x86_64; rv:103.0)" "https://upwork-usw2-desktopapp.upwork.com/binaries/v5_6_10_13_3c485d1dd2af4f61/upwork_5.6.10.13_amd64.deb"
# curl -i \
# -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8" \
# -H "Accept-Encoding: gzip, deflate, br" \
# -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0" \
# -O https://upwork-usw2-desktopapp.upwork.com/binaries/v5_6_10_13_3c485d1dd2af4f61/upwork_5.6.10.13_amd64.deb
'';
nativeBuildInputs = [
dpkg
wrapGAppsHook
autoPatchelfHook
];
buildInputs = [
libcxx systemd libpulseaudio
stdenv.cc.cc alsa-lib atk at-spi2-atk at-spi2-core cairo cups
dbus expat fontconfig freetype gdk-pixbuf glib gtk3 libdrm libnotify
libuuid libX11 libxcb libXcomposite libXcursor libXdamage libXext libXfixes
libXi libXrandr libXrender libXScrnSaver libXtst mesa nspr nss pango systemd
];
libPath = lib.makeLibraryPath buildInputs;
dontWrapGApps = true;
dontBuild = true;
dontConfigure = true;
unpackPhase = ''
# curl -i -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:103.0) Gecko/20100101 Firefox/103.0" -O https://upwork-usw2-desktopapp.upwork.com/binaries/v5_6_10_13_3c485d1dd2af4f61/upwork_5.6.10.13_amd64.deb
echo $out
echo $src
dpkg-deb -x "$src" ./
'';
installPhase = ''
runHook preInstall
mv usr $out
mv opt $out
# Now it requires lib{ssl,crypto}.so.1.0.0. Fix based on Spotify pkg.
# https://github.com/NixOS/nixpkgs/blob/efea022d6fe0da84aa6613d4ddeafb80de713457/pkgs/applications/audio/spotify/default.nix#L129
mkdir -p $out/lib/upwork
ln -s ${lib.getLib openssl}/lib/libssl.so $out/lib/upwork/libssl.so.1.0.0
ln -s ${lib.getLib openssl}/lib/libcrypto.so $out/lib/upwork/libcrypto.so.1.0.0
sed -e "s|/opt/Upwork|$out/bin|g" -i $out/share/applications/upwork.desktop
makeWrapper $out/opt/Upwork/upwork \
$out/bin/upwork \
--prefix XDG_DATA_DIRS : "${gtk3}/share/gsettings-schemas/${gtk3.name}/" \
--prefix LD_LIBRARY_PATH : ${libPath}
runHook postInstall
'';
meta = with lib; {
description = "Online freelancing platform desktop application for time tracking";
homepage = "https://www.upwork.com/ab/downloads/";
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
license = licenses.unfree;
platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ zakkor wolfangaukang ];
};
}