diff --git a/flake.lock b/flake.lock index cdab8fa..634034d 100644 --- a/flake.lock +++ b/flake.lock @@ -180,11 +180,11 @@ ] }, "locked": { - "lastModified": 1710164657, - "narHash": "sha256-l64+ZjaQAVkHDVaK0VHwtXBdjcBD6nLBD+p7IfyBp/w=", + "lastModified": 1710336510, + "narHash": "sha256-mT/Z1AseVhhiFooCu2J7wudx+FivkRrlRBW0iBC2V/o=", "owner": "nix-community", "repo": "home-manager", - "rev": "017b12de5b899ef9b64e2c035ce257bfe95b8ae2", + "rev": "383296ffa45b539c28bf79ec2a272f652838ddd1", "type": "github" }, "original": { @@ -296,11 +296,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1709961763, - "narHash": "sha256-6H95HGJHhEZtyYA3rIQpvamMKAGoa8Yh2rFV29QnuGw=", + "lastModified": 1710272261, + "narHash": "sha256-g0bDwXFmTE7uGDOs9HcJsfLFhH7fOsASbAuOzDC+fhQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3030f185ba6a4bf4f18b87f345f104e6a6961f34", + "rev": "0ad13a6833440b8e238947e47bea7f11071dc2b2", "type": "github" }, "original": { @@ -411,6 +411,24 @@ "type": "github" } }, + "river": { + "flake": false, + "locked": { + "lastModified": 1710341821, + "narHash": "sha256-cWFJv5QUmcBqnJGk9twjcndk3/dIAEZ5tOKVhRhQhAg=", + "ref": "refs/heads/master", + "rev": "fecfa89a9a8ba1d9704b4d07fe02c16cd20a1644", + "revCount": 1172, + "submodules": true, + "type": "git", + "url": "https://github.com/riverwm/river" + }, + "original": { + "submodules": true, + "type": "git", + "url": "https://github.com/riverwm/river" + } + }, "root": { "inputs": { "agenix": "agenix", @@ -422,6 +440,7 @@ "nixpkgs": "nixpkgs", "pfersel": "pfersel", "purge": "purge", + "river": "river", "trucksimulatorbot": "trucksimulatorbot" } }, diff --git a/flake.nix b/flake.nix index f2b7da7..45d3cef 100644 --- a/flake.nix +++ b/flake.nix @@ -43,6 +43,13 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + river = { + url = "https://github.com/riverwm/river"; + flake = false; + type = "git"; + submodules = true; + }; + }; outputs = @@ -57,6 +64,7 @@ , purge , trucksimulatorbot , pfersel + , river , ... }@attrs: { packages.x86_64-linux = { diff --git a/hosts/falkenstein/default.nix b/hosts/falkenstein/default.nix index 60cacca..a79bf04 100644 --- a/hosts/falkenstein/default.nix +++ b/hosts/falkenstein/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { imports = [ @@ -29,6 +29,11 @@ kernelPackages = pkgs.linuxPackages_latest; }; + users.users.rouven = { + description = "Rouven Seifert"; + isNormalUser = true; + }; + time.timeZone = "Europe/Berlin"; i18n.defaultLocale = "en_US.UTF-8"; diff --git a/hosts/falkenstein/modules/dns/default.nix b/hosts/falkenstein/modules/dns/default.nix index 8d07f86..d39e6ad 100644 --- a/hosts/falkenstein/modules/dns/default.nix +++ b/hosts/falkenstein/modules/dns/default.nix @@ -88,6 +88,7 @@ in systemd.services.bind.preStart = '' # copy the file manually to its destination since signing requires a writable directory ${pkgs.coreutils}/bin/cp ${zonefile} ${config.services.bind.directory}/rfive.de.zone.txt + ${pkgs.coreutils}/bin/chown named:named ${config.services.bind.directory}/rfive.de.zone.txt ''; networking.firewall.extraInputRules = '' ip saddr ${secondary}/32 tcp dport 53 accept comment "Allow DNS AXFR access from INWX Servers" diff --git a/hosts/falkenstein/modules/mail/default.nix b/hosts/falkenstein/modules/mail/default.nix index 4f5ef3f..d91831e 100644 --- a/hosts/falkenstein/modules/mail/default.nix +++ b/hosts/falkenstein/modules/mail/default.nix @@ -1,237 +1,13 @@ -{ config, pkgs, lib, ... }: - +{ config, ... }: let - domain = config.networking.domain; - hostname = "mail.${domain}"; - # see https://www.kuketz-blog.de/e-mail-anbieter-ip-stripping-aus-datenschutzgruenden/ - header_cleanup = pkgs.writeText "header_cleanup_outgoing" '' - /^\s*(Received: from)[^\n]*(.*)/ REPLACE $1 127.0.0.1 (localhost [127.0.0.1])$2 - /^\s*User-Agent/ IGNORE - /^\s*X-Enigmail/ IGNORE - /^\s*X-Mailer/ IGNORE - /^\s*X-Originating-IP/ IGNORE - /^\s*Mime-Version/ IGNORE - ''; - login_maps = pkgs.writeText "login_maps.pcre" '' - # basic username => username@rfive.de - /^([^@+]*)(\+[^@]*)?@rfive\.de$/ ''${1} - ''; + domain = "mail.${config.networking.domain}"; in { - networking.firewall.allowedTCPPorts = [ - 25 # SMTP - 465 # SUBMISSONS - 993 # IMAPS - 4190 # sieve + imports = [ + ./postfix.nix + ./dovecot2.nix + ./rspamd.nix ]; - users.users.rouven = { - description = "Rouven Seifert"; - isNormalUser = true; - }; - - services = { - postfix = { - enable = true; - enableSubmission = true; - enableSubmissions = true; - recipientDelimiter = "+"; - hostname = "${hostname}"; - domain = "${domain}"; - origin = "${domain}"; - destination = [ "${hostname}" "${domain}" "localhost" ]; - networks = [ "127.0.0.1" ]; - sslCert = "/var/lib/acme/${hostname}/fullchain.pem"; - sslKey = "/var/lib/acme/${hostname}/key.pem"; - config = { - home_mailbox = "Maildir/"; - smtp_helo_name = config.networking.fqdn; - smtpd_banner = "${config.networking.fqdn} ESMTP $mail_name"; - smtp_use_tls = true; - smtpd_use_tls = true; - smtpd_tls_protocols = [ - "!SSLv2" - "!SSLv3" - "!TLSv1" - "!TLSv1.1" - ]; - smtpd_recipient_restrictions = [ - "permit_sasl_authenticated" - "permit_mynetworks" - "reject_unauth_destination" - "reject_non_fqdn_sender" - "reject_non_fqdn_recipient" - "reject_unknown_sender_domain" - "reject_unknown_recipient_domain" - "reject_unauth_destination" - "reject_unauth_pipelining" - "reject_invalid_hostname" - ]; - smtpd_relay_restrictions = [ - "permit_sasl_authenticated" - "permit_mynetworks" - "reject_unauth_destination" - ]; - smtpd_sender_restrictions = [ - "reject_authenticated_sender_login_mismatch" - ]; - smtpd_sender_login_maps = [ "pcre:${login_maps}" ]; - smtp_header_checks = "pcre:${header_cleanup}"; - - alias_maps = [ "hash:/etc/aliases" ]; - smtpd_sasl_auth_enable = true; - smtpd_sasl_path = "/var/lib/postfix/auth"; - smtpd_sasl_type = "dovecot"; - mailbox_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp"; - }; - }; - - dovecot2 = { - enable = true; - enableImap = true; - enableQuota = false; - enableLmtp = true; - mailLocation = "maildir:~/Maildir"; - sslServerCert = "/var/lib/acme/${hostname}/fullchain.pem"; - sslServerKey = "/var/lib/acme/${hostname}/key.pem"; - protocols = [ "imap" "sieve" ]; - mailPlugins = { - globally.enable = [ "listescape" ]; - perProtocol = { - imap = { - enable = [ "imap_sieve" "imap_filter_sieve" ]; - }; - lmtp = { - enable = [ "sieve" ]; - }; - }; - }; - mailboxes = { - Spam = { - auto = "create"; - specialUse = "Junk"; - }; - Sent = { - auto = "create"; - specialUse = "Sent"; - }; - Drafts = { - auto = "create"; - specialUse = "Drafts"; - }; - Trash = { - auto = "create"; - specialUse = "Trash"; - }; - Archive = { - auto = "no"; - specialUse = "Archive"; - }; - }; - modules = [ - pkgs.dovecot_pigeonhole - ]; - sieve = { - # just pot something in here to prevent empty strings - extensions = [ "notify" ]; - # globalExtensions = [ "+vnd.dovecot.pipe" ]; - pipeBins = map lib.getExe [ - (pkgs.writeShellScriptBin "learn-ham.sh" "exec ${pkgs.rspamd}/bin/rspamc learn_ham") - (pkgs.writeShellScriptBin "learn-spam.sh" "exec ${pkgs.rspamd}/bin/rspamc learn_spam") - ]; - plugins = [ - "sieve_imapsieve" - "sieve_extprograms" - ]; - }; - imapsieve.mailbox = [ - { - # Spam: From elsewhere to Spam folder or flag changed in Spam folder - name = "Spam"; - causes = [ "COPY" "APPEND" "FLAG" ]; - before = ./report-spam.sieve; - - } - { - # From Junk folder to elsewhere - name = "*"; - from = "Spam"; - causes = [ "COPY" ]; - before = ./report-ham.sieve; - } - ]; - - extraConfig = '' - auth_username_format = %Ln - userdb { - driver = passwd - args = blocking=no - } - service auth { - unix_listener /var/lib/postfix/auth { - group = postfix - mode = 0660 - user = postfix - } - } - service managesieve-login { - inet_listener sieve { - port = 4190 - } - - service_count = 1 - } - namespace inbox { - separator = / - inbox = yes - } - service lmtp { - unix_listener dovecot-lmtp { - group = postfix - mode = 0600 - user = postfix - } - client_limit = 1 - } - ''; - }; - - rspamd = { - enable = true; - postfix.enable = true; - locals = { - "worker-controller.inc".text = '' - password = "$2$g1jh7t5cxschj11set5wksd656ixd5ie$cgwrj53hfb87xndqbh5r3ow9qfi1ejii8dxok1ihbnhamccn1rxy"; - ''; - "redis.conf".text = '' - read_servers = "/run/redis-rspamd/redis.sock"; - write_servers = "/run/redis-rspamd/redis.sock"; - ''; - "milter_headers.conf".text = '' - use = ["x-spam-level", "x-spam-status", "x-spamd-result", "authentication-results" ]; - ''; - "dmarc.conf".text = '' - reporting { - enabled = true; - email = 'reports@${config.networking.domain}'; - domain = '${config.networking.domain}'; - org_name = '${config.networking.domain}'; - from_name = 'DMARC Aggregate Report'; - } - ''; - "dkim_signing.conf".text = '' - selector = "rspamd"; - allow_username_mismatch = true; - path = /var/lib/rspamd/dkim/$domain.key; - ''; - }; - }; - redis = { - vmOverCommit = true; - servers.rspamd = { - enable = true; - }; - }; - }; security.acme.certs."${domain}" = { reloadServices = [ "postfix.service" @@ -240,32 +16,9 @@ in }; services.nginx.virtualHosts = { - "${hostname}" = { + "${domain}" = { enableACME = true; forceSSL = true; }; - "rspamd.${config.networking.domain}" = { - enableACME = true; - forceSSL = true; - locations = { - "/" = { - proxyPass = "http://127.0.0.1:11334"; - proxyWebsockets = true; - }; - }; - }; - }; - users.users.rspamd.extraGroups = [ "redis-rspamd" ]; - systemd = { - services.rspamd-dmarc-report = { - description = "rspamd dmarc reporter"; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.rspamd}/bin/rspamadm dmarc_report -v"; - User = "rspamd"; - Group = "rspamd"; - }; - startAt = "daily"; - }; }; } diff --git a/hosts/falkenstein/modules/mail/dovecot2.nix b/hosts/falkenstein/modules/mail/dovecot2.nix new file mode 100644 index 0000000..4a4cd97 --- /dev/null +++ b/hosts/falkenstein/modules/mail/dovecot2.nix @@ -0,0 +1,120 @@ +{ config, pkgs, lib, ... }: +let + hostname = "mail.${config.networking.domain}"; +in +{ + networking.firewall.allowedTCPPorts = [ + 993 + 4190 + ]; + services = { + dovecot2 = { + enable = true; + enableImap = true; + enableQuota = false; + enableLmtp = true; + mailLocation = "maildir:~/Maildir"; + sslServerCert = "/var/lib/acme/${hostname}/fullchain.pem"; + sslServerKey = "/var/lib/acme/${hostname}/key.pem"; + protocols = [ "imap" "sieve" ]; + mailPlugins = { + globally.enable = [ "listescape" ]; + perProtocol = { + imap = { + enable = [ "imap_sieve" "imap_filter_sieve" ]; + }; + lmtp = { + enable = [ "sieve" ]; + }; + }; + }; + mailboxes = { + Spam = { + auto = "create"; + specialUse = "Junk"; + }; + Sent = { + auto = "create"; + specialUse = "Sent"; + }; + Drafts = { + auto = "create"; + specialUse = "Drafts"; + }; + Trash = { + auto = "create"; + specialUse = "Trash"; + }; + Archive = { + auto = "no"; + specialUse = "Archive"; + }; + }; + modules = [ + pkgs.dovecot_pigeonhole + ]; + sieve = { + # just pot something in here to prevent empty strings + extensions = [ "notify" ]; + # globalExtensions = [ "+vnd.dovecot.pipe" ]; + pipeBins = map lib.getExe [ + (pkgs.writeShellScriptBin "learn-ham.sh" "exec ${pkgs.rspamd}/bin/rspamc learn_ham") + (pkgs.writeShellScriptBin "learn-spam.sh" "exec ${pkgs.rspamd}/bin/rspamc learn_spam") + ]; + plugins = [ + "sieve_imapsieve" + "sieve_extprograms" + ]; + }; + imapsieve.mailbox = [ + { + # Spam: From elsewhere to Spam folder or flag changed in Spam folder + name = "Spam"; + causes = [ "COPY" "APPEND" "FLAG" ]; + before = ./report-spam.sieve; + + } + { + # From Junk folder to elsewhere + name = "*"; + from = "Spam"; + causes = [ "COPY" ]; + before = ./report-ham.sieve; + } + ]; + extraConfig = '' + auth_username_format = %Ln + userdb { + driver = passwd + args = blocking=no + } + service auth { + unix_listener /var/lib/postfix/auth { + group = postfix + mode = 0660 + user = postfix + } + } + service managesieve-login { + inet_listener sieve { + port = 4190 + } + + service_count = 1 + } + namespace inbox { + separator = / + inbox = yes + } + service lmtp { + unix_listener dovecot-lmtp { + group = postfix + mode = 0600 + user = postfix + } + client_limit = 1 + } + ''; + }; + }; +} diff --git a/hosts/falkenstein/modules/mail/postfix.nix b/hosts/falkenstein/modules/mail/postfix.nix new file mode 100644 index 0000000..7246361 --- /dev/null +++ b/hosts/falkenstein/modules/mail/postfix.nix @@ -0,0 +1,81 @@ +{ config, pkgs, ... }: + +let + domain = config.networking.domain; + hostname = "mail.${domain}"; + header_cleanup = pkgs.writeText "header_cleanup_outgoing" '' + /^\s*(Received: from)[^\n]*(.*)/ REPLACE $1 127.0.0.1 (localhost [127.0.0.1])$2 + /^\s*User-Agent/ IGNORE + /^\s*X-Enigmail/ IGNORE + /^\s*X-Mailer/ IGNORE + /^\s*X-Originating-IP/ IGNORE + /^\s*Mime-Version/ IGNORE + ''; + login_maps = pkgs.writeText "login_maps.pcre" '' + # basic username => username@rfive.de + /^([^@+]*)(\+[^@]*)?@rfive\.de$/ ''${1} + ''; +in +{ + networking.firewall.allowedTCPPorts = [ + 25 # SMTP + 465 # SUBMISSONS + ]; + + services = { + postfix = { + enable = true; + enableSubmission = true; + enableSubmissions = true; + recipientDelimiter = "+"; + hostname = "${hostname}"; + domain = "${domain}"; + origin = "${domain}"; + destination = [ "${hostname}" "${domain}" "localhost" ]; + networks = [ "127.0.0.1" ]; + sslCert = "/var/lib/acme/${hostname}/fullchain.pem"; + sslKey = "/var/lib/acme/${hostname}/key.pem"; + config = { + home_mailbox = "Maildir/"; + smtp_helo_name = config.networking.fqdn; + smtpd_banner = "${config.networking.fqdn} ESMTP $mail_name"; + smtp_use_tls = true; + smtpd_use_tls = true; + smtpd_tls_protocols = [ + "!SSLv2" + "!SSLv3" + "!TLSv1" + "!TLSv1.1" + ]; + smtpd_recipient_restrictions = [ + "permit_sasl_authenticated" + "permit_mynetworks" + "reject_unauth_destination" + "reject_non_fqdn_sender" + "reject_non_fqdn_recipient" + "reject_unknown_sender_domain" + "reject_unknown_recipient_domain" + "reject_unauth_destination" + "reject_unauth_pipelining" + "reject_invalid_hostname" + ]; + smtpd_relay_restrictions = [ + "permit_sasl_authenticated" + "permit_mynetworks" + "reject_unauth_destination" + ]; + smtpd_sender_restrictions = [ + "reject_authenticated_sender_login_mismatch" + ]; + smtpd_sender_login_maps = [ "pcre:${login_maps}" ]; + smtp_header_checks = "pcre:${header_cleanup}"; + + alias_maps = [ "hash:/etc/aliases" ]; + smtpd_sasl_auth_enable = true; + smtpd_sasl_path = "/var/lib/postfix/auth"; + smtpd_sasl_type = "dovecot"; + mailbox_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp"; + }; + }; + }; +} diff --git a/hosts/falkenstein/modules/mail/rspamd.nix b/hosts/falkenstein/modules/mail/rspamd.nix new file mode 100644 index 0000000..d914cc0 --- /dev/null +++ b/hosts/falkenstein/modules/mail/rspamd.nix @@ -0,0 +1,65 @@ +{ config, pkgs, ... }: +{ + users.users.rspamd.extraGroups = [ "redis-rspamd" ]; + services = { + rspamd = { + enable = true; + postfix.enable = true; + locals = { + "worker-controller.inc".text = '' + password = "$2$g1jh7t5cxschj11set5wksd656ixd5ie$cgwrj53hfb87xndqbh5r3ow9qfi1ejii8dxok1ihbnhamccn1rxy"; + ''; + "redis.conf".text = '' + read_servers = "/run/redis-rspamd/redis.sock"; + write_servers = "/run/redis-rspamd/redis.sock"; + ''; + "milter_headers.conf".text = '' + use = ["x-spam-level", "x-spam-status", "x-spamd-result", "authentication-results" ]; + ''; + "dmarc.conf".text = '' + reporting { + enabled = true; + email = 'reports@${config.networking.domain}'; + domain = '${config.networking.domain}'; + org_name = '${config.networking.domain}'; + from_name = 'DMARC Aggregate Report'; + } + ''; + "dkim_signing.conf".text = '' + selector = "rspamd"; + allow_username_mismatch = true; + path = /var/lib/rspamd/dkim/$domain.key; + ''; + }; + }; + redis = { + vmOverCommit = true; + servers.rspamd = { + enable = true; + }; + }; + nginx.virtualHosts."rspamd.${config.networking.domain}" = { + enableACME = true; + forceSSL = true; + locations = { + "/" = { + proxyPass = "http://127.0.0.1:11334"; + proxyWebsockets = true; + }; + }; + }; + }; + systemd = { + services.rspamd-dmarc-report = { + description = "rspamd dmarc reporter"; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.rspamd}/bin/rspamadm dmarc_report -v"; + User = "rspamd"; + Group = "rspamd"; + }; + startAt = "daily"; + }; + }; +} + diff --git a/hosts/nuc/modules/hydra/default.nix b/hosts/nuc/modules/hydra/default.nix deleted file mode 100644 index f478138..0000000 --- a/hosts/nuc/modules/hydra/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, ... }: -let - domain = "hydra.${config.networking.domain}"; -in -{ - services.hydra = { - enable = true; - port = 4000; - hydraURL = domain; - notificationSender = "hydra@localhost"; - buildMachinesFiles = [ ]; - useSubstitutes = true; - - }; - services.nginx.virtualHosts."${domain}" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString config.services.hydra.port}"; - }; - }; -} diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index dfc1a00..2d3316d 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, ... }: { imports = @@ -58,10 +58,6 @@ blueman.enable = true; # bluetooth devmon.enable = true; # automount stuff upower.enable = true; - avahi = { - enable = true; - nssmdns4 = true; - }; fwupd.enable = true; # firmware updates zfs.autoScrub.enable = true; }; @@ -96,5 +92,6 @@ dev.enable = true; man.generateCaches = true; }; + environment.systemPackages = [ pkgs.man-pages ]; system.stateVersion = "22.11"; } diff --git a/hosts/thinkpad/modules/virtualisation/default.nix b/hosts/thinkpad/modules/virtualisation/default.nix index 83aa422..4db693e 100644 --- a/hosts/thinkpad/modules/virtualisation/default.nix +++ b/hosts/thinkpad/modules/virtualisation/default.nix @@ -8,11 +8,7 @@ runAsRoot = false; swtpm.enable = true; ovmf.packages = [ - (pkgs.OVMF.override ({ - tpmSupport = true; - secureBoot = - true; - })).fd + (pkgs.OVMF.override ({ tpmSupport = true; secureBoot = true; })).fd ]; }; }; diff --git a/shared/gpg.nix b/shared/gpg.nix index 53a5a4a..bd31645 100644 --- a/shared/gpg.nix +++ b/shared/gpg.nix @@ -1,11 +1,11 @@ -{ ... }: +{ pkgs, ... }: { programs.gnupg = { dirmngr.enable = true; agent = { enable = true; enableSSHSupport = true; - pinentryFlavor = "gnome3"; + pinentryPackage = pkgs.pinentry-gnome3; }; }; services.pcscd.enable = true; diff --git a/users/rouven/fixes.nix b/users/rouven/fixes.nix index ba07825..0aa9434 100644 --- a/users/rouven/fixes.nix +++ b/users/rouven/fixes.nix @@ -58,7 +58,7 @@ # global wrapper for ausweisapp programs.ausweisapp = { enable = true; - openFirewall = true; + # openFirewall = true; }; # home manager steam is borderline broken programs.steam.enable = true; diff --git a/users/rouven/modules/packages.nix b/users/rouven/modules/packages.nix index ed8bc6c..ac6a6f4 100644 --- a/users/rouven/modules/packages.nix +++ b/users/rouven/modules/packages.nix @@ -8,7 +8,6 @@ zip unzip - man-pages pcmanfm xdg-utils # used for xdg-open appimage-run diff --git a/users/rouven/modules/wayland/default.nix b/users/rouven/modules/wayland/default.nix index 93452e2..d046117 100644 --- a/users/rouven/modules/wayland/default.nix +++ b/users/rouven/modules/wayland/default.nix @@ -2,7 +2,6 @@ { imports = [ - ./sway.nix ./river.nix ./breaktimer.nix ./waybar.nix diff --git a/users/rouven/modules/wayland/river.nix b/users/rouven/modules/wayland/river.nix index 8c1e41f..35c7e33 100644 --- a/users/rouven/modules/wayland/river.nix +++ b/users/rouven/modules/wayland/river.nix @@ -1,8 +1,16 @@ -{ pkgs, lib, ... }: +{ pkgs, lib, river, ... }: { wayland.windowManager.river = { enable = true; - systemd.extraCommands = [ "systemctl --user start river-session.target" ]; + package = with pkgs; pkgs.river.overrideAttrs (old: { + src = river; + buildInputs = lib.lists.remove wlroots_0_16 old.buildInputs ++ [ + (wlroots.overrideAttrs (_: { + version = "0.17.2"; + })) + ]; + }); + systemd. extraCommands = [ "systemctl --user start river-session.target" ]; settings = { focus-follows-cursor = "always"; set-cursor-warp = "on-focus-change"; @@ -23,14 +31,13 @@ "Super" = { Return = "spawn footclient"; Space = "toggle-float"; - A = "spawn\"${pkgs.wofi-emoji}/bin/wofi-emoji\""; + A = "spawn ${pkgs.wofi-emoji}/bin/wofi-emoji"; F = "toggle-fullscreen"; H = "focus-output previous"; J = "focus-view previous"; K = "focus-view next"; L = "focus-output next"; O = "send-to-output next"; - S = "send-to-output next"; }; "Super+Shift" = { Return = "zoom"; @@ -73,9 +80,9 @@ "Super+Shift+Control" = "toggle-view-tags"; }) ]; - map-pointer.normal = { - "Super BTN_LEFT" = "move-view"; - "Super BTN_RIGHT" = "resize-view"; + map-pointer.normal."Super" = { + "BTN_LEFT" = "move-view"; + "BTN_RIGHT" = "resize-view"; }; spawn = [ diff --git a/users/rouven/modules/wayland/sway.nix b/users/rouven/modules/wayland/sway.nix deleted file mode 100644 index 10ca9a5..0000000 --- a/users/rouven/modules/wayland/sway.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ config, pkgs, lib, ... }: -{ - - - wayland.windowManager.sway = { - enable = true; - config = rec { - startup = [ - { - command = "${pkgs.autotiling-rs}/bin/autotiling-rs"; - } - { - command = ''swaymsg -t subscribe -m "['workspace']" | jq --unbuffered -r 'select(.change == "focus") | .current.output' | xargs -L1 swaymsg input 1386:884:Wacom_Intuos_S_Pen map_to_output''; - } - ]; - modifier = "Mod4"; - menu = lib.getExe pkgs.fuzzel; - terminal = "${pkgs.foot}/bin/footclient"; - bars = [ ]; - gaps = { - outer = 5; - inner = 12; - }; - input = { - "*" = { - xkb_layout = "us"; - xkb_variant = "dvorak-alt-intl"; - }; - "2:7:SynPS/2_Synaptics_TouchPad" = { - tap = "enabled"; - drag = "enabled"; - middle_emulation = "enabled"; - accel_profile = "adaptive"; - }; - }; - keybindings = - lib.mkOptionDefault { - "Mod1+space" = "exec ${menu}"; - "Mod4+a" = "exec ${pkgs.wofi-emoji}/bin/wofi-emoji"; - "Print" = "exec ${pkgs.sway-contrib.grimshot}/bin/grimshot copy area"; - "XF86Launch2" = "exec ${pkgs.sway-contrib.grimshot}/bin/grimshot save area - | ${lib.getExe pkgs.swappy} -f -"; - "XF86MonBrightnessUp" = "exec ${pkgs.light}/bin/light -A 10"; - "XF86MonBrightnessDown" = "exec ${pkgs.light}/bin/light -U 10"; - "XF86AudioMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; - "XF86AudioMicMute" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle"; - "XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%"; - "XF86AudioLowerVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%"; - "Shift+XF86AudioRaiseVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-volume @DEFAULT_SOURCE@ +5%"; - "Shift+XF86AudioLowerVolume" = "exec ${pkgs.pulseaudio}/bin/pactl set-source-volume @DEFAULT_SOURCE@ -5%"; - - "XF86Favorites" = "exec ${pkgs.systemd}/bin/loginctl lock-session"; - "XF86PowerOff" = "exec ${pkgs.wlogout}/bin/wlogout"; - - "XF86Messenger" = "exec ${pkgs.swaynotificationcenter}/bin/swaync-client --toggle-panel"; - "Cancel" = "exec ${pkgs.swaynotificationcenter}/bin/swaync-client --hide-latest"; - "Shift+Cancel" = "exec ${pkgs.swaynotificationcenter}/bin/swaync-client --cloes-all"; - }; - }; - }; -} -