From c85c98c2c477e2b59e85c96d325ae801e94812fe Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Tue, 9 Apr 2024 23:21:01 +0200 Subject: [PATCH 01/15] Update README.md --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 8fd9750..3fd38c6 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,7 @@ +# This Project moved to Sourcehut +https://git.sr.ht/~rouven/nixos-config + + # Rouven's NixOS configuration files ![image](https://user-images.githubusercontent.com/72568063/213921069-670965f7-ad51-43ad-a211-63bb45a02648.png) From a2d754d2d14270f431a5ff1f2b21c0c57f43290f Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Tue, 9 Apr 2024 23:23:22 +0200 Subject: [PATCH 02/15] readme: remove image --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index 8fd9750..77ff26c 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ # Rouven's NixOS configuration files -![image](https://user-images.githubusercontent.com/72568063/213921069-670965f7-ad51-43ad-a211-63bb45a02648.png) - ## Specs - **Operating System:** [NixOS](https://nixos.org) - **Window Manager:** [River](https://github.com/riverwm/river) From c376a32171f1e3f6aadde53029170c92598be82b Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Wed, 10 Apr 2024 00:18:23 +0200 Subject: [PATCH 03/15] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3fd38c6..86521b5 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ # This Project moved to Sourcehut https://git.sr.ht/~rouven/nixos-config - -# Rouven's NixOS configuration files +------------- +## Rouven's NixOS configuration files ![image](https://user-images.githubusercontent.com/72568063/213921069-670965f7-ad51-43ad-a211-63bb45a02648.png) From 34104a42fb62d26eb079928cd838ce0b8cc837ec Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Wed, 10 Apr 2024 00:30:18 +0200 Subject: [PATCH 04/15] pkgs.ssh3: 0.1.7 -> 0.1.7 --- pkgs/ssh3/client.nix | 13 ++++--------- pkgs/ssh3/server.nix | 13 ++++--------- 2 files changed, 8 insertions(+), 18 deletions(-) diff --git a/pkgs/ssh3/client.nix b/pkgs/ssh3/client.nix index ccd6b32..3e80d6d 100644 --- a/pkgs/ssh3/client.nix +++ b/pkgs/ssh3/client.nix @@ -1,23 +1,18 @@ { lib, buildGoModule, fetchFromGitHub, playerctl }: buildGoModule rec { pname = "ssh3"; - version = "0.1.4"; + version = "0.1.7"; src = fetchFromGitHub { owner = "francoismichel"; repo = "ssh3"; rev = "v${version}"; - hash = "sha256-0bd2hdvgapTGEGM7gdpVwxelN5BRbmdcgANbRHZ/nRw="; + hash = "sha256-ZtQAJwGvNlJWUoDa6bS3AEdM3zbNMPQGdaIhR+yIonw="; }; - subPackages = [ "cli/client" ]; + subPackages = [ "cmd/ssh3" ]; - - - vendorHash = "sha256-ZtKxAKNyMnZ8v96GUUm4EukdIJD+ITDW9kHOez7nYmg="; - postInstall = '' - mv $out/bin/client $out/bin/ssh3 - ''; + vendorHash = "sha256-VUNvb7m1nnH+mXUsnIKyPKJEVSMXBAaS4ihi5DZeFiI="; meta = with lib; { description = "Faster and rich secure shell using HTTP/3"; diff --git a/pkgs/ssh3/server.nix b/pkgs/ssh3/server.nix index 87cf0b2..342beee 100644 --- a/pkgs/ssh3/server.nix +++ b/pkgs/ssh3/server.nix @@ -1,25 +1,20 @@ { lib, buildGoModule, libxcrypt, fetchFromGitHub, playerctl }: buildGoModule rec { pname = "ssh3-server"; - version = "0.1.4"; + version = "0.1.7"; src = fetchFromGitHub { owner = "francoismichel"; repo = "ssh3"; rev = "v${version}"; - hash = "sha256-0bd2hdvgapTGEGM7gdpVwxelN5BRbmdcgANbRHZ/nRw="; + hash = "sha256-ZtQAJwGvNlJWUoDa6bS3AEdM3zbNMPQGdaIhR+yIonw="; }; - subPackages = [ "cli/server" ]; + subPackages = [ "cmd/ssh3-server" ]; buildInputs = [ libxcrypt ]; - - - vendorHash = "sha256-ZtKxAKNyMnZ8v96GUUm4EukdIJD+ITDW9kHOez7nYmg="; - postInstall = '' - mv $out/bin/server $out/bin/ssh3-server - ''; + vendorHash = "sha256-VUNvb7m1nnH+mXUsnIKyPKJEVSMXBAaS4ihi5DZeFiI="; meta = with lib; { description = "Faster and rich secure shell using HTTP/3"; From 358220a12e5216441fc88999e3fb0ae994775ec6 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Wed, 10 Apr 2024 00:30:35 +0200 Subject: [PATCH 05/15] falkenstein: fix dkim record and wireguard dns --- hosts/falkenstein/modules/dns/default.nix | 4 ++-- hosts/falkenstein/modules/networks/default.nix | 18 +++++++++++------- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/hosts/falkenstein/modules/dns/default.nix b/hosts/falkenstein/modules/dns/default.nix index c94ca84..b6ac08f 100644 --- a/hosts/falkenstein/modules/dns/default.nix +++ b/hosts/falkenstein/modules/dns/default.nix @@ -6,7 +6,7 @@ let $ORIGIN rfive.de. rfive.de. 86400 IN SOA ns.rfive.de. hostmaster.rfive.de. ( - 2024040103 ; serial + 2024040800 ; serial 10800 ; refresh 3600 ; retry 604800 ; expire @@ -35,7 +35,7 @@ let mail AAAA 2a01:4f8:c012:49de::1 @ TXT "v=spf1 mx ~all" - rspamd._domainkey TXT "v=DKIM1; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoirUMubro4nlmY6a8JMwK9QB2agAXiJzexDU/7ba6KCggONfoSTfUHlrM/XeM1GG/9oKpngApxDPP97adJuxc8/EELyo4HjTyYD8GBFZhg0AN7V8IPaJ1o5k6dGDk8ZLh41ZCnlAVWkhVSKs5pYtzkrlJIfUSzyuoe8nuFsVe3QIDAQAB" + rspamd._domainkey TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoirUMubro4nlmY6a8JMwK9QB2agAXiJzexDU/7ba6KCggONfoSTfUHlrM/XeM1GG/9oKpngApxDPP97adJuxc8/EELyo4HjTyYD8GBFZhg0AN7V8IPaJ1o5k6dGDk8ZLh41ZCnlAVWkhVSKs5pYtzkrlJIfUSzyuoe8nuFsVe3QIDAQAB" _dmarc TXT "v=DMARC1; p=none; adkim=s; fo=1; rua=mailto:dmarc@rfive.de; ruf=mailto:dmarc@rfive.de" cache CNAME nuc.rfive.de. diff --git a/hosts/falkenstein/modules/networks/default.nix b/hosts/falkenstein/modules/networks/default.nix index 163bf41..2efbd03 100644 --- a/hosts/falkenstein/modules/networks/default.nix +++ b/hosts/falkenstein/modules/networks/default.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, ... }: { age.secrets = { "wireguard/dorm/private" = { @@ -11,6 +11,12 @@ }; }; + environment.systemPackages = with pkgs; [ + mtr + inetutils + dnsutils + wireguard-tools + ]; networking = { hostName = "falkenstein"; nftables.enable = true; @@ -18,6 +24,7 @@ useNetworkd = true; enableIPv6 = true; firewall = { + allowedUDPPorts = [ 51820 ]; extraInputRules = '' ip saddr 192.168.0.0/16 tcp dport 19531 accept comment "Allow journald gateway access from local networks" ''; @@ -31,10 +38,6 @@ "2620:fe::fe" "2620:fe::9" ]; - extraConfig = '' - [Resolve] - DNSStubListener=no - ''; }; systemd.network = { enable = true; @@ -86,8 +89,9 @@ matchConfig.Name = "wg0"; networkConfig = { Address = "192.168.43.4/32"; - DNS = "192.168.42.1"; - DNSSEC = true; + DNS = "192.168.43.1"; + Domains = "~vpn.rfive.de ~43.168.192.in-addr.arpa"; + DNSSEC = false; BindCarrier = [ "ens3" ]; }; }; From 6a78a9039df771b2b7065ddf2fd749242e11e9f6 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Wed, 10 Apr 2024 00:31:05 +0200 Subject: [PATCH 06/15] nuc: fix dns setup for adguard --- hosts/nuc/modules/adguard/default.nix | 5 ++++- hosts/nuc/modules/networks/default.nix | 6 +----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/hosts/nuc/modules/adguard/default.nix b/hosts/nuc/modules/adguard/default.nix index c1c3af7..b368d88 100644 --- a/hosts/nuc/modules/adguard/default.nix +++ b/hosts/nuc/modules/adguard/default.nix @@ -5,6 +5,9 @@ services.adguardhome = { enable = true; openFirewall = true; - settings.bind_port = 3000; + settings = { + dns.bind_hosts = [ "192.168.42.2" ]; + http.address = "0.0.0.0:3000"; + }; }; } diff --git a/hosts/nuc/modules/networks/default.nix b/hosts/nuc/modules/networks/default.nix index 7a1b8ba..01fc538 100644 --- a/hosts/nuc/modules/networks/default.nix +++ b/hosts/nuc/modules/networks/default.nix @@ -14,17 +14,12 @@ }; services.resolved = { enable = true; - # dnssec = "allow-downgrade"; fallbackDns = [ "9.9.9.9" "149.112.112.112" "2620:fe::fe" "2620:fe::9" ]; - extraConfig = '' - [Resolve] - DNSStubListener=no - ''; }; systemd.network = { enable = true; @@ -38,6 +33,7 @@ DHCP = "yes"; LLDP = true; EmitLLDP = "nearest-bridge"; + DNSSEC = false; }; }; }; From 96ea95585e2cc721666170b3833d699d7ff06ce2 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Wed, 10 Apr 2024 00:32:51 +0200 Subject: [PATCH 07/15] nix: flake updates --- flake.lock | 76 +++++++++++++++++++++++++------------------------- shared/zsh.nix | 3 -- 2 files changed, 38 insertions(+), 41 deletions(-) diff --git a/flake.lock b/flake.lock index 3c4b843..d9eb71d 100644 --- a/flake.lock +++ b/flake.lock @@ -180,11 +180,11 @@ ] }, "locked": { - "lastModified": 1712016346, - "narHash": "sha256-O2nO7pD+krq+4HgkLB4VThRtAucIPfXDs/jJqCGlK1w=", + "lastModified": 1712688495, + "narHash": "sha256-NrVLXkpT9ZigiI8md6NIzHS+3lE4QTj30IgXG57O9iM=", "owner": "nix-community", "repo": "home-manager", - "rev": "4be0464472675212654dedf3e021bd5f1d58b92f", + "rev": "b00d0e4fe9cba0047f54e77418ddda5f17e6ef2c", "type": "github" }, "original": { @@ -200,17 +200,17 @@ ] }, "locked": { - "lastModified": 1711658384, - "narHash": "sha256-CbIPdqcX4k7DfnRaicJy6IlaszWyDIxiQMAxB6OGGK4=", - "owner": "rouven0", - "repo": "TruckSimulatorBot-images", - "rev": "7f57bdee9a22d4b2bb46ed1eae5aba11dfe34976", - "type": "github" + "lastModified": 1712701678, + "narHash": "sha256-L/sr5Wi+ePvB2huYOxRUWR2D3BnCSAdl0RdbChRTrqs=", + "owner": "~rouven", + "repo": "trucksimulator-images", + "rev": "f8622b0a9f7541dee806113c005b69cd08e5a0bd", + "type": "sourcehut" }, "original": { - "owner": "rouven0", - "repo": "TruckSimulatorBot-images", - "type": "github" + "owner": "~rouven", + "repo": "trucksimulator-images", + "type": "sourcehut" } }, "impermanence": { @@ -281,11 +281,11 @@ ] }, "locked": { - "lastModified": 1711854532, - "narHash": "sha256-JPStavwlT7TfxxiXHk6Q7sbNxtnXAIjXQJMLO0KB6M0=", + "lastModified": 1712459390, + "narHash": "sha256-e12bNDottaGoBgd0AdH/bQvk854xunlWAdZwr/oHO1c=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "2844b5f3ad3b478468151bd101370b9d8ef8a3a7", + "rev": "4676d72d872459e1e3a248d049609f110c570e9a", "type": "github" }, "original": { @@ -296,11 +296,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1711703276, - "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=", + "lastModified": 1712608508, + "narHash": "sha256-vMZ5603yU0wxgyQeHJryOI+O61yrX2AHwY6LOFyV1gM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089", + "rev": "4cba8b53da471aea2ab2b0c1f30a81e7c451f4b6", "type": "github" }, "original": { @@ -398,27 +398,27 @@ ] }, "locked": { - "lastModified": 1711961571, - "narHash": "sha256-kYcs9KKTbN0ACPYTmeAF+EIj62kGBiimffHmFgOeQJo=", - "owner": "rouven0", + "lastModified": 1712700224, + "narHash": "sha256-yqHbu8C4uUkfqvDMcQ+iYSohOzob4sBAoyZUWxiCt5c=", + "owner": "~rouven", "repo": "purge", - "rev": "6ce3c6cedb0f31885fc3775c96fb8cfca403bc93", - "type": "github" + "rev": "43e86f5836d93c04af7a367dbe90b30f9e1e255a", + "type": "sourcehut" }, "original": { - "owner": "rouven0", + "owner": "~rouven", "repo": "purge", - "type": "github" + "type": "sourcehut" } }, "river": { "flake": false, "locked": { - "lastModified": 1712003303, - "narHash": "sha256-RP8PxNti9MF4dIgfGCogiyyRW2+FfJu551jEGf2sbl0=", + "lastModified": 1712665127, + "narHash": "sha256-uACc9Cb1tSw3I0fMlEMX74NfU+Tg3It74tb+nc51AZ4=", "ref": "refs/heads/master", - "rev": "8b8ac27c4534f3989aa8c789bd282fa7f31597a8", - "revCount": 1226, + "rev": "14e941bae16b1ca478c32198c131c4297157f888", + "revCount": 1238, "submodules": true, "type": "git", "url": "https://github.com/riverwm/river" @@ -507,17 +507,17 @@ ] }, "locked": { - "lastModified": 1711961583, - "narHash": "sha256-ClezUJ0pH/DMU0u3e3t0qAgm+HQ9v6BmH1y5z8W6TZg=", - "owner": "rouven0", - "repo": "TruckSimulatorBot", - "rev": "eeffe63c4948769034a28cf0cd04885c754eba97", - "type": "github" + "lastModified": 1712701713, + "narHash": "sha256-q++FP8VC5TTQrUa+0l2TQKmafZpDy1L3rzUynFaAn/4=", + "owner": "~rouven", + "repo": "trucksimulator", + "rev": "af43589e9a0ae0f868a4eff3c738201ed1041788", + "type": "sourcehut" }, "original": { - "owner": "rouven0", - "repo": "TruckSimulatorBot", - "type": "github" + "owner": "~rouven", + "repo": "trucksimulator", + "type": "sourcehut" } } }, diff --git a/shared/zsh.nix b/shared/zsh.nix index a406cad..c994304 100644 --- a/shared/zsh.nix +++ b/shared/zsh.nix @@ -12,9 +12,6 @@ iperf ]; users.defaultUserShell = pkgs.zsh; - programs.fzf = { - keybindings = true; - }; programs.zsh = { enable = true; shellAliases = { From ea7971a6e587c459b0b28e9995d993bb2e4247a8 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Wed, 10 Apr 2024 00:33:10 +0200 Subject: [PATCH 08/15] switch a lot of stuff to sourcehut --- flake.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 638246f..8dd8317 100644 --- a/flake.nix +++ b/flake.nix @@ -26,11 +26,11 @@ nix-colors.url = "github:Misterio77/nix-colors"; purge = { - url = "github:rouven0/purge"; + url = "sourcehut:~rouven/purge"; inputs.nixpkgs.follows = "nixpkgs"; }; trucksimulatorbot = { - url = "github:rouven0/TruckSimulatorBot"; + url = "sourcehut:~rouven/trucksimulator"; inputs.nixpkgs.follows = "nixpkgs"; }; pfersel = { From 16a9362aba27823b963ab22e3d7a8c928b34bdf2 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Wed, 10 Apr 2024 00:33:33 +0200 Subject: [PATCH 09/15] thinkpad: minor networking fixes --- hosts/thinkpad/modules/networks/default.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/hosts/thinkpad/modules/networks/default.nix b/hosts/thinkpad/modules/networks/default.nix index e1630e5..c00bec5 100644 --- a/hosts/thinkpad/modules/networks/default.nix +++ b/hosts/thinkpad/modules/networks/default.nix @@ -1,4 +1,4 @@ -{ pkgs, config, ... }: +{ pkgs, config, lib, ... }: { imports = [ ./uni.nix ]; @@ -26,6 +26,7 @@ curlFull wireguard-tools ]; + services.timesyncd.servers = lib.mkForce [ ]; services.resolved = { fallbackDns = [ "9.9.9.9" @@ -56,11 +57,13 @@ "@DORM_SSID@" = { psk = "@DORM_PSK@"; authProtocols = [ "SAE" ]; + extraConfig = "disabled=1"; }; "@DORM5_SSID@" = { priority = 5; psk = "@DORM_PSK@"; authProtocols = [ "SAE" ]; + extraConfig = "disabled=1"; }; "@PIXEL_SSID@" = { psk = "@PIXEL_PSK@"; @@ -134,7 +137,6 @@ }; - # some wireguard interfaces netdevs."30-wg0" = { netdevConfig = { Kind = "wireguard"; @@ -159,13 +161,12 @@ }; networks."30-wg0" = { matchConfig.Name = "wg0"; - linkConfig.RequiredForOnline = "carrier"; + linkConfig.RequiredForOnline = false; networkConfig = { Address = "192.168.43.3/32"; DNS = "192.168.43.1"; Domains = "~vpn.rfive.de ~43.168.192.in-addr.arpa"; DNSSEC = false; - BindCarrier = [ "wlp9s0" ]; }; }; }; From 3fddc4e80799dbf8de75a0d90da0a14098d822c6 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Wed, 10 Apr 2024 00:34:03 +0200 Subject: [PATCH 10/15] user: package and ssh fixes --- overlays/default.nix | 7 +++++++ users/rouven/modules/helix/default.nix | 2 +- users/rouven/modules/packages.nix | 2 ++ users/rouven/modules/ssh/default.nix | 4 ++++ 4 files changed, 14 insertions(+), 1 deletion(-) diff --git a/overlays/default.nix b/overlays/default.nix index 10286f4..36444b6 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -7,6 +7,13 @@ let inherit (prev) python3Packages; in { + + pcmanfm = prev.pcmanfm.overrideAttrs (_: { + # remove deskop preferences shortcut + postInstall = '' + rm $out/share/applications/pcmanfm-desktop-pref.desktop + ''; + }); pww = callPackage ../pkgs/pww { }; ianny = callPackage ../pkgs/ianny { }; diff --git a/users/rouven/modules/helix/default.nix b/users/rouven/modules/helix/default.nix index 2c1dafa..0c68222 100644 --- a/users/rouven/modules/helix/default.nix +++ b/users/rouven/modules/helix/default.nix @@ -10,7 +10,7 @@ (python3.withPackages (ps: with ps; [ pyls-isort pylsp-mypy - python-lsp-black + # python-lsp-black python-lsp-server # pylsp optional dependencies diff --git a/users/rouven/modules/packages.nix b/users/rouven/modules/packages.nix index 9ee8804..19307c7 100644 --- a/users/rouven/modules/packages.nix +++ b/users/rouven/modules/packages.nix @@ -45,6 +45,7 @@ mosh typst typst-preview + hut # programming languages cargo @@ -55,6 +56,7 @@ nodejs_20 gnumake go + pre-commit # fancy tools just diff --git a/users/rouven/modules/ssh/default.nix b/users/rouven/modules/ssh/default.nix index 284d555..94c8371 100644 --- a/users/rouven/modules/ssh/default.nix +++ b/users/rouven/modules/ssh/default.nix @@ -21,6 +21,10 @@ in match = "Host github.com User git"; identityFile = git; }; + "git@git.sr.ht" = { + match = "Host git.sr.ht User git"; + identityFile = git; + }; # iFSR "fsr" = { hostname = "ifsr.de"; From 1b1a02caa05dcecd3dc7d53dd2dd77408b601cfe Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Wed, 10 Apr 2024 12:57:15 +0200 Subject: [PATCH 11/15] nix: flake update --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index d9eb71d..7e65e13 100644 --- a/flake.lock +++ b/flake.lock @@ -180,11 +180,11 @@ ] }, "locked": { - "lastModified": 1712688495, - "narHash": "sha256-NrVLXkpT9ZigiI8md6NIzHS+3lE4QTj30IgXG57O9iM=", + "lastModified": 1712730572, + "narHash": "sha256-rAVvdP77rEmgobvSgybqPAcHefv5dCXPH/ge6Ds+JtU=", "owner": "nix-community", "repo": "home-manager", - "rev": "b00d0e4fe9cba0047f54e77418ddda5f17e6ef2c", + "rev": "18f89ef74f0d48635488ccd6a5e30dc9d48a3a87", "type": "github" }, "original": { From 2297f6506db20b82498cc614859f35ae9f3f6000 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 11 Apr 2024 11:52:03 +0200 Subject: [PATCH 12/15] docker: enable rootless --- hosts/thinkpad/modules/virtualisation/default.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/hosts/thinkpad/modules/virtualisation/default.nix b/hosts/thinkpad/modules/virtualisation/default.nix index 39b4dce..d38155e 100644 --- a/hosts/thinkpad/modules/virtualisation/default.nix +++ b/hosts/thinkpad/modules/virtualisation/default.nix @@ -2,8 +2,13 @@ { virtualisation = { docker = { - enable = true; - extraOptions = "--iptables=false"; + rootless = { + enable = true; + setSocketVariable = true; + daemon.settings = { + iptables = false; + }; + }; }; libvirtd = { enable = true; @@ -18,7 +23,7 @@ spiceUSBRedirection.enable = true; }; # allow libvirts internal network stuff - networking.firewall.trustedInterfaces = [ "virbr0" "br0" "docker0" ]; + networking.firewall.trustedInterfaces = [ "virbr0" ]; programs.virt-manager.enable = true; environment.systemPackages = with pkgs; [ virt-viewer From 1474c7974276c0d4066d900f76e9d2ed513fcfe8 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 11 Apr 2024 11:58:00 +0200 Subject: [PATCH 13/15] zsh: attempt to fix fzf-tab --- overlays/default.nix | 11 +++++++++++ shared/zsh.nix | 12 ++++++------ 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/overlays/default.nix b/overlays/default.nix index 36444b6..32a91de 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -47,6 +47,17 @@ in withHiredis = false; }; + zsh-fzf-tab = prev.zsh-fzf-tab.overrideAttrs (_: rec { + version = "1.1.1"; + src = fetchFromGitHub { + owner = "Aloxaf"; + repo = "fzf-tab"; + rev = "v${version}"; + sha256 = "sha256-0/YOL1/G2SWncbLNaclSYUz7VyfWu+OB8TYJYm4NYkM="; + }; + + }); + gnome-break-timer = callPackage ../pkgs/gnome-break-timer { }; jmri = callPackage ../pkgs/jmri { }; adguardian-term = callPackage ../pkgs/adguardian-term { }; diff --git a/shared/zsh.nix b/shared/zsh.nix index c994304..3e6c9e3 100644 --- a/shared/zsh.nix +++ b/shared/zsh.nix @@ -3,7 +3,6 @@ programs.command-not-found.enable = false; programs.nix-index-database.comma.enable = true; environment.systemPackages = with pkgs; [ - # fzf bat eza duf @@ -12,6 +11,7 @@ iperf ]; users.defaultUserShell = pkgs.zsh; + programs.fzf.enable = true; programs.zsh = { enable = true; shellAliases = { @@ -49,7 +49,7 @@ function svpn() { - unit=$(systemctl list-unit-files | grep "openconnect\|wg-quick\|wireguard\|openvpn\|openfortivpn" | cut -d "." -f1 | fzf --preview 'systemctl status {}') + unit=$(systemctl list-unit-files | grep "openconnect\|wg-quick\|wireguard\|openvpn\|openfortivpn" | cut -d "." -f1 | ${pkgs.fzf}/bin/fzf --preview 'systemctl status {}') if [ $(systemctl is-active $unit) = "inactive" ]; then systemctl start $unit else @@ -85,10 +85,10 @@ ''; promptInit = '' - if [[ "$(hostname)" == "thinkpad" ]] - then - cat ${../images/cat.sixel} - fi + # if [[ "$(hostname)" == "thinkpad" ]] + # then + # cat ${../images/cat.sixel} + # fi eval "$(${pkgs.mcfly}/bin/mcfly init zsh)" eval "$(${pkgs.zoxide}/bin/zoxide init zsh)" ''; From c2f4aad686ddd8500a981a9d21241be31b4d2c06 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 11 Apr 2024 11:58:29 +0200 Subject: [PATCH 14/15] user: remove docker group --- users/rouven/default.nix | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/users/rouven/default.nix b/users/rouven/default.nix index 4a1eeef..5b89c9e 100644 --- a/users/rouven/default.nix +++ b/users/rouven/default.nix @@ -5,7 +5,16 @@ users.users.rouven = { description = "Rouven Seifert"; isNormalUser = true; - extraGroups = [ "wheel" "video" "dialout" "libvirtd" "tss" "input" "wireshark" "etherape" "docker" ]; + extraGroups = [ + "wheel" + "video" + "dialout" + "libvirtd" + "tss" + "input" + "wireshark" + "etherape" + ]; initialHashedPassword = "$6$X3XERQv28Nt1UUT5$MjdMBDuXyEwexkuKqmNFweez69q4enY5cjMXSbBxOc6Bq7Fhhp7OqmCm02k3OGjoZFXzPV9ZHuMSGKZOtwYIk1"; }; home-manager.useUserPackages = true; From 321b85242f00da104517d3eb8ca5a7d6c6443446 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 11 Apr 2024 11:58:50 +0200 Subject: [PATCH 15/15] treewide: cleanups and updates --- flake.lock | 26 +++++++++++++------------- flake.nix | 2 +- hosts/thinkpad/default.nix | 1 - 3 files changed, 14 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 7e65e13..39f29dd 100644 --- a/flake.lock +++ b/flake.lock @@ -180,11 +180,11 @@ ] }, "locked": { - "lastModified": 1712730572, - "narHash": "sha256-rAVvdP77rEmgobvSgybqPAcHefv5dCXPH/ge6Ds+JtU=", + "lastModified": 1712759992, + "narHash": "sha256-2APpO3ZW4idlgtlb8hB04u/rmIcKA8O7pYqxF66xbNY=", "owner": "nix-community", "repo": "home-manager", - "rev": "18f89ef74f0d48635488ccd6a5e30dc9d48a3a87", + "rev": "31357486b0ef6f4e161e002b6893eeb4fafc3ca9", "type": "github" }, "original": { @@ -347,17 +347,17 @@ ] }, "locked": { - "lastModified": 1709373109, - "narHash": "sha256-2f0am1RlTxz8UKNwftzNjJLhgShoW2I5SofA7FwC4Nw=", - "owner": "rouven0", + "lastModified": 1712775079, + "narHash": "sha256-1j3haJ7/J1V3Lt4gyGgoDSxfFmf6x7A1zXl/QxZ+kSI=", + "owner": "~rouven", "repo": "pfersel", - "rev": "b4d086d43545f5d1735f863eb3aa1e81ca6272ba", - "type": "github" + "rev": "4ef4893c290c5f83f1497d6e4c0d162759500ae7", + "type": "sourcehut" }, "original": { - "owner": "rouven0", + "owner": "~rouven", "repo": "pfersel", - "type": "github" + "type": "sourcehut" } }, "pre-commit-hooks-nix": { @@ -398,11 +398,11 @@ ] }, "locked": { - "lastModified": 1712700224, - "narHash": "sha256-yqHbu8C4uUkfqvDMcQ+iYSohOzob4sBAoyZUWxiCt5c=", + "lastModified": 1712775102, + "narHash": "sha256-kQF0HpU4Bis+Q1gE+OUJk1T3UJgDwTZc9rCDHRam9h4=", "owner": "~rouven", "repo": "purge", - "rev": "43e86f5836d93c04af7a367dbe90b30f9e1e255a", + "rev": "2959391aa4a1438b3f27669c6930feec58171eab", "type": "sourcehut" }, "original": { diff --git a/flake.nix b/flake.nix index 8dd8317..f605419 100644 --- a/flake.nix +++ b/flake.nix @@ -34,7 +34,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; pfersel = { - url = "github:rouven0/pfersel"; + url = "sourcehut:~rouven/pfersel"; inputs.nixpkgs.follows = "nixpkgs"; }; diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index 1b76984..d817b51 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -90,7 +90,6 @@ documentation = { dev.enable = true; - man.generateCaches = true; }; environment.systemPackages = [ pkgs.man-pages ]; system.stateVersion = "22.11";