diff --git a/flake.lock b/flake.lock index 634034d..cdab8fa 100644 --- a/flake.lock +++ b/flake.lock @@ -180,11 +180,11 @@ ] }, "locked": { - "lastModified": 1710336510, - "narHash": "sha256-mT/Z1AseVhhiFooCu2J7wudx+FivkRrlRBW0iBC2V/o=", + "lastModified": 1710164657, + "narHash": "sha256-l64+ZjaQAVkHDVaK0VHwtXBdjcBD6nLBD+p7IfyBp/w=", "owner": "nix-community", "repo": "home-manager", - "rev": "383296ffa45b539c28bf79ec2a272f652838ddd1", + "rev": "017b12de5b899ef9b64e2c035ce257bfe95b8ae2", "type": "github" }, "original": { @@ -296,11 +296,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1710272261, - "narHash": "sha256-g0bDwXFmTE7uGDOs9HcJsfLFhH7fOsASbAuOzDC+fhQ=", + "lastModified": 1709961763, + "narHash": "sha256-6H95HGJHhEZtyYA3rIQpvamMKAGoa8Yh2rFV29QnuGw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0ad13a6833440b8e238947e47bea7f11071dc2b2", + "rev": "3030f185ba6a4bf4f18b87f345f104e6a6961f34", "type": "github" }, "original": { @@ -411,24 +411,6 @@ "type": "github" } }, - "river": { - "flake": false, - "locked": { - "lastModified": 1710341821, - "narHash": "sha256-cWFJv5QUmcBqnJGk9twjcndk3/dIAEZ5tOKVhRhQhAg=", - "ref": "refs/heads/master", - "rev": "fecfa89a9a8ba1d9704b4d07fe02c16cd20a1644", - "revCount": 1172, - "submodules": true, - "type": "git", - "url": "https://github.com/riverwm/river" - }, - "original": { - "submodules": true, - "type": "git", - "url": "https://github.com/riverwm/river" - } - }, "root": { "inputs": { "agenix": "agenix", @@ -440,7 +422,6 @@ "nixpkgs": "nixpkgs", "pfersel": "pfersel", "purge": "purge", - "river": "river", "trucksimulatorbot": "trucksimulatorbot" } }, diff --git a/flake.nix b/flake.nix index 45d3cef..f2b7da7 100644 --- a/flake.nix +++ b/flake.nix @@ -43,13 +43,6 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - river = { - url = "https://github.com/riverwm/river"; - flake = false; - type = "git"; - submodules = true; - }; - }; outputs = @@ -64,7 +57,6 @@ , purge , trucksimulatorbot , pfersel - , river , ... }@attrs: { packages.x86_64-linux = { diff --git a/hosts/falkenstein/default.nix b/hosts/falkenstein/default.nix index a79bf04..60cacca 100644 --- a/hosts/falkenstein/default.nix +++ b/hosts/falkenstein/default.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ config, pkgs, ... }: { imports = [ @@ -29,11 +29,6 @@ kernelPackages = pkgs.linuxPackages_latest; }; - users.users.rouven = { - description = "Rouven Seifert"; - isNormalUser = true; - }; - time.timeZone = "Europe/Berlin"; i18n.defaultLocale = "en_US.UTF-8"; diff --git a/hosts/falkenstein/modules/dns/default.nix b/hosts/falkenstein/modules/dns/default.nix index d39e6ad..8d07f86 100644 --- a/hosts/falkenstein/modules/dns/default.nix +++ b/hosts/falkenstein/modules/dns/default.nix @@ -88,7 +88,6 @@ in systemd.services.bind.preStart = '' # copy the file manually to its destination since signing requires a writable directory ${pkgs.coreutils}/bin/cp ${zonefile} ${config.services.bind.directory}/rfive.de.zone.txt - ${pkgs.coreutils}/bin/chown named:named ${config.services.bind.directory}/rfive.de.zone.txt ''; networking.firewall.extraInputRules = '' ip saddr ${secondary}/32 tcp dport 53 accept comment "Allow DNS AXFR access from INWX Servers" diff --git a/hosts/falkenstein/modules/mail/default.nix b/hosts/falkenstein/modules/mail/default.nix index d91831e..4f5ef3f 100644 --- a/hosts/falkenstein/modules/mail/default.nix +++ b/hosts/falkenstein/modules/mail/default.nix @@ -1,13 +1,237 @@ -{ config, ... }: +{ config, pkgs, lib, ... }: + let - domain = "mail.${config.networking.domain}"; + domain = config.networking.domain; + hostname = "mail.${domain}"; + # see https://www.kuketz-blog.de/e-mail-anbieter-ip-stripping-aus-datenschutzgruenden/ + header_cleanup = pkgs.writeText "header_cleanup_outgoing" '' + /^\s*(Received: from)[^\n]*(.*)/ REPLACE $1 127.0.0.1 (localhost [127.0.0.1])$2 + /^\s*User-Agent/ IGNORE + /^\s*X-Enigmail/ IGNORE + /^\s*X-Mailer/ IGNORE + /^\s*X-Originating-IP/ IGNORE + /^\s*Mime-Version/ IGNORE + ''; + login_maps = pkgs.writeText "login_maps.pcre" '' + # basic username => username@rfive.de + /^([^@+]*)(\+[^@]*)?@rfive\.de$/ ''${1} + ''; in { - imports = [ - ./postfix.nix - ./dovecot2.nix - ./rspamd.nix + networking.firewall.allowedTCPPorts = [ + 25 # SMTP + 465 # SUBMISSONS + 993 # IMAPS + 4190 # sieve ]; + users.users.rouven = { + description = "Rouven Seifert"; + isNormalUser = true; + }; + + services = { + postfix = { + enable = true; + enableSubmission = true; + enableSubmissions = true; + recipientDelimiter = "+"; + hostname = "${hostname}"; + domain = "${domain}"; + origin = "${domain}"; + destination = [ "${hostname}" "${domain}" "localhost" ]; + networks = [ "127.0.0.1" ]; + sslCert = "/var/lib/acme/${hostname}/fullchain.pem"; + sslKey = "/var/lib/acme/${hostname}/key.pem"; + config = { + home_mailbox = "Maildir/"; + smtp_helo_name = config.networking.fqdn; + smtpd_banner = "${config.networking.fqdn} ESMTP $mail_name"; + smtp_use_tls = true; + smtpd_use_tls = true; + smtpd_tls_protocols = [ + "!SSLv2" + "!SSLv3" + "!TLSv1" + "!TLSv1.1" + ]; + smtpd_recipient_restrictions = [ + "permit_sasl_authenticated" + "permit_mynetworks" + "reject_unauth_destination" + "reject_non_fqdn_sender" + "reject_non_fqdn_recipient" + "reject_unknown_sender_domain" + "reject_unknown_recipient_domain" + "reject_unauth_destination" + "reject_unauth_pipelining" + "reject_invalid_hostname" + ]; + smtpd_relay_restrictions = [ + "permit_sasl_authenticated" + "permit_mynetworks" + "reject_unauth_destination" + ]; + smtpd_sender_restrictions = [ + "reject_authenticated_sender_login_mismatch" + ]; + smtpd_sender_login_maps = [ "pcre:${login_maps}" ]; + smtp_header_checks = "pcre:${header_cleanup}"; + + alias_maps = [ "hash:/etc/aliases" ]; + smtpd_sasl_auth_enable = true; + smtpd_sasl_path = "/var/lib/postfix/auth"; + smtpd_sasl_type = "dovecot"; + mailbox_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp"; + }; + }; + + dovecot2 = { + enable = true; + enableImap = true; + enableQuota = false; + enableLmtp = true; + mailLocation = "maildir:~/Maildir"; + sslServerCert = "/var/lib/acme/${hostname}/fullchain.pem"; + sslServerKey = "/var/lib/acme/${hostname}/key.pem"; + protocols = [ "imap" "sieve" ]; + mailPlugins = { + globally.enable = [ "listescape" ]; + perProtocol = { + imap = { + enable = [ "imap_sieve" "imap_filter_sieve" ]; + }; + lmtp = { + enable = [ "sieve" ]; + }; + }; + }; + mailboxes = { + Spam = { + auto = "create"; + specialUse = "Junk"; + }; + Sent = { + auto = "create"; + specialUse = "Sent"; + }; + Drafts = { + auto = "create"; + specialUse = "Drafts"; + }; + Trash = { + auto = "create"; + specialUse = "Trash"; + }; + Archive = { + auto = "no"; + specialUse = "Archive"; + }; + }; + modules = [ + pkgs.dovecot_pigeonhole + ]; + sieve = { + # just pot something in here to prevent empty strings + extensions = [ "notify" ]; + # globalExtensions = [ "+vnd.dovecot.pipe" ]; + pipeBins = map lib.getExe [ + (pkgs.writeShellScriptBin "learn-ham.sh" "exec ${pkgs.rspamd}/bin/rspamc learn_ham") + (pkgs.writeShellScriptBin "learn-spam.sh" "exec ${pkgs.rspamd}/bin/rspamc learn_spam") + ]; + plugins = [ + "sieve_imapsieve" + "sieve_extprograms" + ]; + }; + imapsieve.mailbox = [ + { + # Spam: From elsewhere to Spam folder or flag changed in Spam folder + name = "Spam"; + causes = [ "COPY" "APPEND" "FLAG" ]; + before = ./report-spam.sieve; + + } + { + # From Junk folder to elsewhere + name = "*"; + from = "Spam"; + causes = [ "COPY" ]; + before = ./report-ham.sieve; + } + ]; + + extraConfig = '' + auth_username_format = %Ln + userdb { + driver = passwd + args = blocking=no + } + service auth { + unix_listener /var/lib/postfix/auth { + group = postfix + mode = 0660 + user = postfix + } + } + service managesieve-login { + inet_listener sieve { + port = 4190 + } + + service_count = 1 + } + namespace inbox { + separator = / + inbox = yes + } + service lmtp { + unix_listener dovecot-lmtp { + group = postfix + mode = 0600 + user = postfix + } + client_limit = 1 + } + ''; + }; + + rspamd = { + enable = true; + postfix.enable = true; + locals = { + "worker-controller.inc".text = '' + password = "$2$g1jh7t5cxschj11set5wksd656ixd5ie$cgwrj53hfb87xndqbh5r3ow9qfi1ejii8dxok1ihbnhamccn1rxy"; + ''; + "redis.conf".text = '' + read_servers = "/run/redis-rspamd/redis.sock"; + write_servers = "/run/redis-rspamd/redis.sock"; + ''; + "milter_headers.conf".text = '' + use = ["x-spam-level", "x-spam-status", "x-spamd-result", "authentication-results" ]; + ''; + "dmarc.conf".text = '' + reporting { + enabled = true; + email = 'reports@${config.networking.domain}'; + domain = '${config.networking.domain}'; + org_name = '${config.networking.domain}'; + from_name = 'DMARC Aggregate Report'; + } + ''; + "dkim_signing.conf".text = '' + selector = "rspamd"; + allow_username_mismatch = true; + path = /var/lib/rspamd/dkim/$domain.key; + ''; + }; + }; + redis = { + vmOverCommit = true; + servers.rspamd = { + enable = true; + }; + }; + }; security.acme.certs."${domain}" = { reloadServices = [ "postfix.service" @@ -16,9 +240,32 @@ in }; services.nginx.virtualHosts = { - "${domain}" = { + "${hostname}" = { enableACME = true; forceSSL = true; }; + "rspamd.${config.networking.domain}" = { + enableACME = true; + forceSSL = true; + locations = { + "/" = { + proxyPass = "http://127.0.0.1:11334"; + proxyWebsockets = true; + }; + }; + }; + }; + users.users.rspamd.extraGroups = [ "redis-rspamd" ]; + systemd = { + services.rspamd-dmarc-report = { + description = "rspamd dmarc reporter"; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.rspamd}/bin/rspamadm dmarc_report -v"; + User = "rspamd"; + Group = "rspamd"; + }; + startAt = "daily"; + }; }; } diff --git a/hosts/falkenstein/modules/mail/dovecot2.nix b/hosts/falkenstein/modules/mail/dovecot2.nix deleted file mode 100644 index 4a4cd97..0000000 --- a/hosts/falkenstein/modules/mail/dovecot2.nix +++ /dev/null @@ -1,120 +0,0 @@ -{ config, pkgs, lib, ... }: -let - hostname = "mail.${config.networking.domain}"; -in -{ - networking.firewall.allowedTCPPorts = [ - 993 - 4190 - ]; - services = { - dovecot2 = { - enable = true; - enableImap = true; - enableQuota = false; - enableLmtp = true; - mailLocation = "maildir:~/Maildir"; - sslServerCert = "/var/lib/acme/${hostname}/fullchain.pem"; - sslServerKey = "/var/lib/acme/${hostname}/key.pem"; - protocols = [ "imap" "sieve" ]; - mailPlugins = { - globally.enable = [ "listescape" ]; - perProtocol = { - imap = { - enable = [ "imap_sieve" "imap_filter_sieve" ]; - }; - lmtp = { - enable = [ "sieve" ]; - }; - }; - }; - mailboxes = { - Spam = { - auto = "create"; - specialUse = "Junk"; - }; - Sent = { - auto = "create"; - specialUse = "Sent"; - }; - Drafts = { - auto = "create"; - specialUse = "Drafts"; - }; - Trash = { - auto = "create"; - specialUse = "Trash"; - }; - Archive = { - auto = "no"; - specialUse = "Archive"; - }; - }; - modules = [ - pkgs.dovecot_pigeonhole - ]; - sieve = { - # just pot something in here to prevent empty strings - extensions = [ "notify" ]; - # globalExtensions = [ "+vnd.dovecot.pipe" ]; - pipeBins = map lib.getExe [ - (pkgs.writeShellScriptBin "learn-ham.sh" "exec ${pkgs.rspamd}/bin/rspamc learn_ham") - (pkgs.writeShellScriptBin "learn-spam.sh" "exec ${pkgs.rspamd}/bin/rspamc learn_spam") - ]; - plugins = [ - "sieve_imapsieve" - "sieve_extprograms" - ]; - }; - imapsieve.mailbox = [ - { - # Spam: From elsewhere to Spam folder or flag changed in Spam folder - name = "Spam"; - causes = [ "COPY" "APPEND" "FLAG" ]; - before = ./report-spam.sieve; - - } - { - # From Junk folder to elsewhere - name = "*"; - from = "Spam"; - causes = [ "COPY" ]; - before = ./report-ham.sieve; - } - ]; - extraConfig = '' - auth_username_format = %Ln - userdb { - driver = passwd - args = blocking=no - } - service auth { - unix_listener /var/lib/postfix/auth { - group = postfix - mode = 0660 - user = postfix - } - } - service managesieve-login { - inet_listener sieve { - port = 4190 - } - - service_count = 1 - } - namespace inbox { - separator = / - inbox = yes - } - service lmtp { - unix_listener dovecot-lmtp { - group = postfix - mode = 0600 - user = postfix - } - client_limit = 1 - } - ''; - }; - }; -} diff --git a/hosts/falkenstein/modules/mail/postfix.nix b/hosts/falkenstein/modules/mail/postfix.nix deleted file mode 100644 index 7246361..0000000 --- a/hosts/falkenstein/modules/mail/postfix.nix +++ /dev/null @@ -1,81 +0,0 @@ -{ config, pkgs, ... }: - -let - domain = config.networking.domain; - hostname = "mail.${domain}"; - header_cleanup = pkgs.writeText "header_cleanup_outgoing" '' - /^\s*(Received: from)[^\n]*(.*)/ REPLACE $1 127.0.0.1 (localhost [127.0.0.1])$2 - /^\s*User-Agent/ IGNORE - /^\s*X-Enigmail/ IGNORE - /^\s*X-Mailer/ IGNORE - /^\s*X-Originating-IP/ IGNORE - /^\s*Mime-Version/ IGNORE - ''; - login_maps = pkgs.writeText "login_maps.pcre" '' - # basic username => username@rfive.de - /^([^@+]*)(\+[^@]*)?@rfive\.de$/ ''${1} - ''; -in -{ - networking.firewall.allowedTCPPorts = [ - 25 # SMTP - 465 # SUBMISSONS - ]; - - services = { - postfix = { - enable = true; - enableSubmission = true; - enableSubmissions = true; - recipientDelimiter = "+"; - hostname = "${hostname}"; - domain = "${domain}"; - origin = "${domain}"; - destination = [ "${hostname}" "${domain}" "localhost" ]; - networks = [ "127.0.0.1" ]; - sslCert = "/var/lib/acme/${hostname}/fullchain.pem"; - sslKey = "/var/lib/acme/${hostname}/key.pem"; - config = { - home_mailbox = "Maildir/"; - smtp_helo_name = config.networking.fqdn; - smtpd_banner = "${config.networking.fqdn} ESMTP $mail_name"; - smtp_use_tls = true; - smtpd_use_tls = true; - smtpd_tls_protocols = [ - "!SSLv2" - "!SSLv3" - "!TLSv1" - "!TLSv1.1" - ]; - smtpd_recipient_restrictions = [ - "permit_sasl_authenticated" - "permit_mynetworks" - "reject_unauth_destination" - "reject_non_fqdn_sender" - "reject_non_fqdn_recipient" - "reject_unknown_sender_domain" - "reject_unknown_recipient_domain" - "reject_unauth_destination" - "reject_unauth_pipelining" - "reject_invalid_hostname" - ]; - smtpd_relay_restrictions = [ - "permit_sasl_authenticated" - "permit_mynetworks" - "reject_unauth_destination" - ]; - smtpd_sender_restrictions = [ - "reject_authenticated_sender_login_mismatch" - ]; - smtpd_sender_login_maps = [ "pcre:${login_maps}" ]; - smtp_header_checks = "pcre:${header_cleanup}"; - - alias_maps = [ "hash:/etc/aliases" ]; - smtpd_sasl_auth_enable = true; - smtpd_sasl_path = "/var/lib/postfix/auth"; - smtpd_sasl_type = "dovecot"; - mailbox_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp"; - }; - }; - }; -} diff --git a/hosts/falkenstein/modules/mail/rspamd.nix b/hosts/falkenstein/modules/mail/rspamd.nix deleted file mode 100644 index d914cc0..0000000 --- a/hosts/falkenstein/modules/mail/rspamd.nix +++ /dev/null @@ -1,65 +0,0 @@ -{ config, pkgs, ... }: -{ - users.users.rspamd.extraGroups = [ "redis-rspamd" ]; - services = { - rspamd = { - enable = true; - postfix.enable = true; - locals = { - "worker-controller.inc".text = '' - password = "$2$g1jh7t5cxschj11set5wksd656ixd5ie$cgwrj53hfb87xndqbh5r3ow9qfi1ejii8dxok1ihbnhamccn1rxy"; - ''; - "redis.conf".text = '' - read_servers = "/run/redis-rspamd/redis.sock"; - write_servers = "/run/redis-rspamd/redis.sock"; - ''; - "milter_headers.conf".text = '' - use = ["x-spam-level", "x-spam-status", "x-spamd-result", "authentication-results" ]; - ''; - "dmarc.conf".text = '' - reporting { - enabled = true; - email = 'reports@${config.networking.domain}'; - domain = '${config.networking.domain}'; - org_name = '${config.networking.domain}'; - from_name = 'DMARC Aggregate Report'; - } - ''; - "dkim_signing.conf".text = '' - selector = "rspamd"; - allow_username_mismatch = true; - path = /var/lib/rspamd/dkim/$domain.key; - ''; - }; - }; - redis = { - vmOverCommit = true; - servers.rspamd = { - enable = true; - }; - }; - nginx.virtualHosts."rspamd.${config.networking.domain}" = { - enableACME = true; - forceSSL = true; - locations = { - "/" = { - proxyPass = "http://127.0.0.1:11334"; - proxyWebsockets = true; - }; - }; - }; - }; - systemd = { - services.rspamd-dmarc-report = { - description = "rspamd dmarc reporter"; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.rspamd}/bin/rspamadm dmarc_report -v"; - User = "rspamd"; - Group = "rspamd"; - }; - startAt = "daily"; - }; - }; -} - diff --git a/hosts/nuc/modules/hydra/default.nix b/hosts/nuc/modules/hydra/default.nix new file mode 100644 index 0000000..f478138 --- /dev/null +++ b/hosts/nuc/modules/hydra/default.nix @@ -0,0 +1,22 @@ +{ config, ... }: +let + domain = "hydra.${config.networking.domain}"; +in +{ + services.hydra = { + enable = true; + port = 4000; + hydraURL = domain; + notificationSender = "hydra@localhost"; + buildMachinesFiles = [ ]; + useSubstitutes = true; + + }; + services.nginx.virtualHosts."${domain}" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.services.hydra.port}"; + }; + }; +} diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index 2d3316d..dfc1a00 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, ... }: { imports = @@ -58,6 +58,10 @@ blueman.enable = true; # bluetooth devmon.enable = true; # automount stuff upower.enable = true; + avahi = { + enable = true; + nssmdns4 = true; + }; fwupd.enable = true; # firmware updates zfs.autoScrub.enable = true; }; @@ -92,6 +96,5 @@ dev.enable = true; man.generateCaches = true; }; - environment.systemPackages = [ pkgs.man-pages ]; system.stateVersion = "22.11"; } diff --git a/hosts/thinkpad/modules/virtualisation/default.nix b/hosts/thinkpad/modules/virtualisation/default.nix index 4db693e..83aa422 100644 --- a/hosts/thinkpad/modules/virtualisation/default.nix +++ b/hosts/thinkpad/modules/virtualisation/default.nix @@ -8,7 +8,11 @@ runAsRoot = false; swtpm.enable = true; ovmf.packages = [ - (pkgs.OVMF.override ({ tpmSupport = true; secureBoot = true; })).fd + (pkgs.OVMF.override ({ + tpmSupport = true; + secureBoot = + true; + })).fd ]; }; }; diff --git a/shared/gpg.nix b/shared/gpg.nix index bd31645..53a5a4a 100644 --- a/shared/gpg.nix +++ b/shared/gpg.nix @@ -1,11 +1,11 @@ -{ pkgs, ... }: +{ ... }: { programs.gnupg = { dirmngr.enable = true; agent = { enable = true; enableSSHSupport = true; - pinentryPackage = pkgs.pinentry-gnome3; + pinentryFlavor = "gnome3"; }; }; services.pcscd.enable = true; diff --git a/users/rouven/fixes.nix b/users/rouven/fixes.nix index 0aa9434..ba07825 100644 --- a/users/rouven/fixes.nix +++ b/users/rouven/fixes.nix @@ -58,7 +58,7 @@ # global wrapper for ausweisapp programs.ausweisapp = { enable = true; - # openFirewall = true; + openFirewall = true; }; # home manager steam is borderline broken programs.steam.enable = true; diff --git a/users/rouven/modules/packages.nix b/users/rouven/modules/packages.nix index ac6a6f4..ed8bc6c 100644 --- a/users/rouven/modules/packages.nix +++ b/users/rouven/modules/packages.nix @@ -8,6 +8,7 @@ zip unzip + man-pages pcmanfm xdg-utils # used for xdg-open appimage-run diff --git a/users/rouven/modules/wayland/default.nix b/users/rouven/modules/wayland/default.nix index d046117..93452e2 100644 --- a/users/rouven/modules/wayland/default.nix +++ b/users/rouven/modules/wayland/default.nix @@ -2,6 +2,7 @@ { imports = [ + ./sway.nix ./river.nix ./breaktimer.nix ./waybar.nix diff --git a/users/rouven/modules/wayland/river.nix b/users/rouven/modules/wayland/river.nix index 35c7e33..8c1e41f 100644 --- a/users/rouven/modules/wayland/river.nix +++ b/users/rouven/modules/wayland/river.nix @@ -1,16 +1,8 @@ -{ pkgs, lib, river, ... }: +{ pkgs, lib, ... }: { wayland.windowManager.river = { enable = true; - package = with pkgs; pkgs.river.overrideAttrs (old: { - src = river; - buildInputs = lib.lists.remove wlroots_0_16 old.buildInputs ++ [ - (wlroots.overrideAttrs (_: { - version = "0.17.2"; - })) - ]; - }); - systemd. extraCommands = [ "systemctl --user start river-session.target" ]; + systemd.extraCommands = [ "systemctl --user start river-session.target" ]; settings = { focus-follows-cursor = "always"; set-cursor-warp = "on-focus-change"; @@ -31,13 +23,14 @@ "Super" = { Return = "spawn footclient"; Space = "toggle-float"; - A = "spawn ${pkgs.wofi-emoji}/bin/wofi-emoji"; + A = "spawn\"${pkgs.wofi-emoji}/bin/wofi-emoji\""; F = "toggle-fullscreen"; H = "focus-output previous"; J = "focus-view previous"; K = "focus-view next"; L = "focus-output next"; O = "send-to-output next"; + S = "send-to-output next"; }; "Super+Shift" = { Return = "zoom"; @@ -80,9 +73,9 @@ "Super+Shift+Control" = "toggle-view-tags"; }) ]; - map-pointer.normal."Super" = { - "BTN_LEFT" = "move-view"; - "BTN_RIGHT" = "resize-view"; + map-pointer.normal = { + "Super BTN_LEFT" = "move-view"; + "Super BTN_RIGHT" = "resize-view"; }; spawn = [ diff --git a/users/rouven/modules/wayland/sway.nix b/users/rouven/modules/wayland/sway.nix new file mode 100644 index 0000000..10ca9a5 --- /dev/null +++ b/users/rouven/modules/wayland/sway.nix @@ -0,0 +1,61 @@ +{ config, pkgs, lib, ... }: +{ + + + wayland.windowManager.sway = { + enable = true; + config = rec { + startup = [ + { + command = "${pkgs.autotiling-rs}/bin/autotiling-rs"; + } + { + command = ''swaymsg -t subscribe -m "['workspace']" | jq --unbuffered -r 'select(.change == "focus") | .current.output' | xargs -L1 swaymsg input 1386:884:Wacom_Intuos_S_Pen map_to_output''; + } + ]; + modifier = "Mod4"; + menu = lib.getExe pkgs.fuzzel; + terminal = "${pkgs.foot}/bin/footclient"; + bars = [ ]; + gaps = { + outer = 5; + inner = 12; + }; + input = { + "*" = { + xkb_layout = "us"; + xkb_variant = "dvorak-alt-intl"; + }; + "2:7:SynPS/2_Synaptics_TouchPad" = { + tap = "enabled"; + drag = "enabled"; + middle_emulation = "enabled"; + accel_profile = "adaptive"; + }; + }; + keybindings = + lib.mkOptionDefault { + "Mod1+space" = "exec ${menu}"; + "Mod4+a" = "exec ${pkgs.wofi-emoji}/bin/wofi-emoji"; + "Print" = "exec ${pkgs.sway-contrib.grimshot}/bin/grimshot copy area"; + "XF86Launch2" = "exec ${pkgs.sway-contrib.grimshot}/bin/grimshot save area - | ${lib.getExe pkgs.swappy} -f -"; + "XF86MonBrightnessUp" = "exec ${pkgs.light}/bin/light -A 10"; + "XF86MonBrightnessDown" = "exec ${pkgs.light}/bin/light -U 10"; + "XF86AudioMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; + "XF86AudioMicMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle"; + "XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%"; + "XF86AudioLowerVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%"; + "Shift+XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-volume @DEFAULT_SOURCE@ +5%"; + "Shift+XF86AudioLowerVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-volume @DEFAULT_SOURCE@ -5%"; + + "XF86Favorites" = "exec ${pkgs.systemd}/bin/loginctl lock-session"; + "XF86PowerOff" = "exec ${pkgs.wlogout}/bin/wlogout"; + + "XF86Messenger" = "exec ${pkgs.swaynotificationcenter}/bin/swaync-client --toggle-panel"; + "Cancel" = "exec ${pkgs.swaynotificationcenter}/bin/swaync-client --hide-latest"; + "Shift+Cancel" = "exec ${pkgs.swaynotificationcenter}/bin/swaync-client --cloes-all"; + }; + }; + }; +} +