Initial release of my NixOS configuration
This commit is contained in:
commit
5f271a7194
20 changed files with 2341 additions and 0 deletions
20
.sops.yaml
Normal file
20
.sops.yaml
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
keys:
|
||||||
|
- &admin_knazarov DDB4423999505236CF585F9B0560020C9C577C1B
|
||||||
|
- &server_mira age1le98v5v0xnlnc4y0ydgj9kwfftt8g5wduws8zsadgc97pj0fzecs55tjvz
|
||||||
|
- &server_framework age1rkmhgep2jhdnma24x7ufzr686cwq6p3nk7mmedykan0d7c36xaus2y58sw
|
||||||
|
- &server_knazarovcom age1esdg28lplhhvrj6vmqu9x0adyxj5trp2dp7my3k57kjhkstkk9cqkg5qkj
|
||||||
|
creation_rules:
|
||||||
|
- path_regex: secrets\.yaml$
|
||||||
|
key_groups:
|
||||||
|
- pgp:
|
||||||
|
- *admin_knazarov
|
||||||
|
age:
|
||||||
|
- *server_mira
|
||||||
|
- *server_framework
|
||||||
|
|
||||||
|
- path_regex: secrets-knazarovcom\.yaml$
|
||||||
|
key_groups:
|
||||||
|
- pgp:
|
||||||
|
- *admin_knazarov
|
||||||
|
age:
|
||||||
|
- *server_knazarovcom
|
19
README.md
Normal file
19
README.md
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
# My NixOS configuration
|
||||||
|
|
||||||
|
This configuration is used to provision both of my "desktop" machines, and a personal website.
|
||||||
|
|
||||||
|
Most important features this configuration provides:
|
||||||
|
|
||||||
|
- PGP, commit signing, U2F
|
||||||
|
- Secret management with [SOPS](https://github.com/getsops/sops)
|
||||||
|
- Email / mbsync configuration
|
||||||
|
- VPN with [Mullvad](https://mullvad.net)
|
||||||
|
|
||||||
|
# Updating machine configuration
|
||||||
|
|
||||||
|
There are solutions that allow to push configuration to remote hosts, but I find them a bit heavy,
|
||||||
|
so a simple shell script does the trick for me:
|
||||||
|
|
||||||
|
```
|
||||||
|
./switch.sh <machine name>
|
||||||
|
```
|
572
configuration.nix
Normal file
572
configuration.nix
Normal file
|
@ -0,0 +1,572 @@
|
||||||
|
# Edit this configuration file to define what should be installed on
|
||||||
|
# your system. Help is available in the configuration.nix(5) man page
|
||||||
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||||
|
|
||||||
|
{ config, lib, nixpkgs, pkgs, home-manager, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[
|
||||||
|
#./gnupg.nix
|
||||||
|
];
|
||||||
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||||
|
nix.extraOptions = ''
|
||||||
|
!include ${config.sops.secrets.github_token.path}
|
||||||
|
bash-prompt = (nix:$name)\040\[\033[1;32m\][\u@\h:\w]\$\[\033[0m\]\040
|
||||||
|
'';
|
||||||
|
|
||||||
|
sops = {
|
||||||
|
environment.SOPS_GPG_EXEC = "${pkgs.gnupg}/bin/gpg";
|
||||||
|
defaultSopsFile = ./secrets.yaml;
|
||||||
|
secrets = {
|
||||||
|
fastmail_password = {
|
||||||
|
owner = config.users.users.knazarov.name;
|
||||||
|
group = config.users.users.knazarov.group;
|
||||||
|
};
|
||||||
|
github_token = {
|
||||||
|
owner = config.users.users.knazarov.name;
|
||||||
|
group = config.users.users.knazarov.group;
|
||||||
|
};
|
||||||
|
mullvad_account = {};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||||
|
|
||||||
|
# Configure network proxy if necessary
|
||||||
|
# networking.proxy.default = "http://user:password@proxy:port/";
|
||||||
|
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||||
|
|
||||||
|
# Enable networking
|
||||||
|
networking.networkmanager.enable = true;
|
||||||
|
|
||||||
|
# Set your time zone.
|
||||||
|
time.timeZone = "Europe/London";
|
||||||
|
|
||||||
|
# Select internationalisation properties.
|
||||||
|
i18n.defaultLocale = "en_US.UTF-8";
|
||||||
|
|
||||||
|
i18n.extraLocaleSettings = {
|
||||||
|
LC_ADDRESS = "en_US.UTF-8";
|
||||||
|
LC_IDENTIFICATION = "en_US.UTF-8";
|
||||||
|
LC_MEASUREMENT = "en_US.UTF-8";
|
||||||
|
LC_MONETARY = "en_US.UTF-8";
|
||||||
|
LC_NAME = "en_US.UTF-8";
|
||||||
|
LC_NUMERIC = "en_US.UTF-8";
|
||||||
|
LC_PAPER = "en_US.UTF-8";
|
||||||
|
LC_TELEPHONE = "en_US.UTF-8";
|
||||||
|
LC_TIME = "en_US.UTF-8";
|
||||||
|
};
|
||||||
|
|
||||||
|
# Mainly to access SMB shares on local network
|
||||||
|
services.gvfs = {
|
||||||
|
enable = true;
|
||||||
|
package = lib.mkForce pkgs.gnome3.gvfs;
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
# Configure keymap in X11
|
||||||
|
services.xserver = {
|
||||||
|
layout = "us";
|
||||||
|
xkbVariant = "";
|
||||||
|
};
|
||||||
|
|
||||||
|
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||||
|
users.users.knazarov = {
|
||||||
|
isNormalUser = true;
|
||||||
|
description = "Konstantin Nazarov";
|
||||||
|
extraGroups = [
|
||||||
|
"networkmanager"
|
||||||
|
"wheel"
|
||||||
|
config.users.groups.keys.name
|
||||||
|
];
|
||||||
|
packages = with pkgs; [];
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGxebDydOcs7URJjXFHMU++ruaZOJpXbK4ixH19pWTsX7WtxxriZxD4+RQ3oyllGG/8sEFzEe0NoTHUPU6YrBpfwT/ekGDmCJHtvZ+rZs+cRQd6tObfAUip1B1Mcvhuaj0prnrbfohOuHpvQ/L8TogIKuHgczDmud4KGUu0mxCsUHbD5tlKpsgN+dJXkvjxsO7JhhF9JpFTrYAU0gTuBPTt3ynpnZKrE1NgnE0iy+CEr/v41dLqxw3fUjT3nOFUQ1l/VKTw5mLt5Iw7XmBLuFGLRAVrwzXxeBCfYqKGYgY4QV8HCcVpcqC8zWmRskiRetzQ/5HwRagm4yZr0I+LZ305nGB0cSJzLWXXOUF6SDg2cqAXFpF/o2LoFCmaV5h3jmCGOUrowF7oV4mYwBMWfabrbZx21z/R56GkAOOEKc2h+Qh5wIj4yayX081SkqJK3J9+3vGG4VvXnwGnPnWQFqrzeedyV74maffGBGFYm0UOcD+oG6EwM+7MEUBpJm9m4c= knazarov"
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHkDvP2BO1uV0AwEjABYFEiA2BbGo1IsSht4emYMRLgi root@mira"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
# needed to request polkit access (for instance, for SMB shares)
|
||||||
|
lxqt.lxqt-policykit
|
||||||
|
vim
|
||||||
|
waybar
|
||||||
|
foot
|
||||||
|
wayland
|
||||||
|
xdg-utils
|
||||||
|
glib
|
||||||
|
dracula-theme
|
||||||
|
gnome3.adwaita-icon-theme
|
||||||
|
swaylock
|
||||||
|
swayidle
|
||||||
|
wl-clipboard
|
||||||
|
qutebrowser
|
||||||
|
keyd
|
||||||
|
tdesktop
|
||||||
|
git
|
||||||
|
source-code-pro
|
||||||
|
pavucontrol
|
||||||
|
brightnessctl
|
||||||
|
sops
|
||||||
|
age
|
||||||
|
ssh-to-age
|
||||||
|
syncthing
|
||||||
|
pass
|
||||||
|
pkgs.gnupg
|
||||||
|
pciutils
|
||||||
|
slack
|
||||||
|
q-sh
|
||||||
|
transmission-gtk
|
||||||
|
mpv
|
||||||
|
imv
|
||||||
|
okular
|
||||||
|
yt-dlp
|
||||||
|
evince # document viewer
|
||||||
|
firefox
|
||||||
|
gthumb
|
||||||
|
unzip
|
||||||
|
somafm-cli
|
||||||
|
yubikey-manager
|
||||||
|
yubikey-manager-qt
|
||||||
|
gnome.gedit # temporary
|
||||||
|
ripgrep
|
||||||
|
file
|
||||||
|
zoom-us
|
||||||
|
obs-studio
|
||||||
|
gnome.nautilus
|
||||||
|
xfce.thunar
|
||||||
|
zig
|
||||||
|
morph
|
||||||
|
gomuks
|
||||||
|
nheko
|
||||||
|
mullvad-vpn
|
||||||
|
mullvad
|
||||||
|
clang-tools # mainly for clang-format
|
||||||
|
(emacsWithPackagesFromUsePackage {
|
||||||
|
config = ./emacs.el;
|
||||||
|
defaultInitFile = true;
|
||||||
|
package = emacs-unstable-pgtk.overrideAttrs (old: {
|
||||||
|
withTreeSitter = true;
|
||||||
|
});
|
||||||
|
alwaysEnsure = true;
|
||||||
|
extraEmacsPackages = epkgs: [
|
||||||
|
pkgs.mu
|
||||||
|
epkgs.treesit-grammars.with-all-grammars
|
||||||
|
];
|
||||||
|
})
|
||||||
|
# wget
|
||||||
|
];
|
||||||
|
|
||||||
|
services.mullvad-vpn = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
systemd.services."mullvad-daemon".postStart = let
|
||||||
|
mullvad = config.services.mullvad-vpn.package;
|
||||||
|
in ''
|
||||||
|
while ! ${mullvad}/bin/mullvad status >/dev/null; do sleep 1; done
|
||||||
|
${mullvad}/bin/mullvad account login `cat /var/run/secrets/mullvad_account`
|
||||||
|
${mullvad}/bin/mullvad auto-connect set on
|
||||||
|
${mullvad}/bin/mullvad tunnel ipv6 set on
|
||||||
|
'';
|
||||||
|
|
||||||
|
services.gnome.gnome-keyring.enable = true;
|
||||||
|
services.emacs.package = nixpkgs.emacsUnstablePgtk;
|
||||||
|
|
||||||
|
# Enables wayland support in electron apps (e.g. slack)
|
||||||
|
environment.sessionVariables.NIXOS_OZONE_WL = "1";
|
||||||
|
|
||||||
|
# Set default browser to qutebrowser in electron apps
|
||||||
|
environment.sessionVariables.DEFAULT_BROWSER = "${pkgs.qutebrowser}/bin/qutebrowser";
|
||||||
|
|
||||||
|
# Set default browser to qutebrowser everywhere else
|
||||||
|
xdg.mime.defaultApplications = {
|
||||||
|
"text/html" = "org.qutebrowser.qutebrowser.desktop";
|
||||||
|
"x-scheme-handler/http" = "org.qutebrowser.qutebrowser.desktop";
|
||||||
|
"x-scheme-handler/https" = "org.qutebrowser.qutebrowser.desktop";
|
||||||
|
"x-scheme-handler/about" = "org.qutebrowser.qutebrowser.desktop";
|
||||||
|
"x-scheme-handler/unknown" = "org.qutebrowser.qutebrowser.desktop";
|
||||||
|
};
|
||||||
|
|
||||||
|
# Enable screen sharing on Wayland
|
||||||
|
xdg = {
|
||||||
|
portal = {
|
||||||
|
enable = true;
|
||||||
|
extraPortals = with pkgs; [
|
||||||
|
xdg-desktop-portal-wlr
|
||||||
|
xdg-desktop-portal-gtk
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# Some programs need SUID wrappers, can be configured further or are
|
||||||
|
# started in user sessions.
|
||||||
|
# programs.mtr.enable = true;
|
||||||
|
programs.gnupg.package = pkgs.gnupg;
|
||||||
|
programs.gnupg.agent = {
|
||||||
|
enable = true;
|
||||||
|
enableSSHSupport = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.sway = {
|
||||||
|
enable = true;
|
||||||
|
wrapperFeatures.gtk = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# List services that you want to enable:
|
||||||
|
|
||||||
|
services.pipewire = {
|
||||||
|
enable = true;
|
||||||
|
alsa.enable = true;
|
||||||
|
alsa.support32Bit = true;
|
||||||
|
pulse.enable = true;
|
||||||
|
};
|
||||||
|
services.dbus.enable = true;
|
||||||
|
|
||||||
|
services.greetd = {
|
||||||
|
enable = true;
|
||||||
|
settings = rec {
|
||||||
|
initial_session = {
|
||||||
|
command = "${pkgs.sway}/bin/sway";
|
||||||
|
user = "knazarov";
|
||||||
|
};
|
||||||
|
default_session = initial_session;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.keyd = {
|
||||||
|
enable = true;
|
||||||
|
keyboards = {
|
||||||
|
default = {
|
||||||
|
ids = [ "*" ];
|
||||||
|
settings = {
|
||||||
|
main = {
|
||||||
|
capslock = "overload(control, esc)";
|
||||||
|
leftalt = "layer(meta_mac)";
|
||||||
|
leftmeta = "layer(alt)";
|
||||||
|
};
|
||||||
|
"meta_mac:M" = {
|
||||||
|
c = "C-insert";
|
||||||
|
v = "S-insert";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# Enable the OpenSSH daemon.
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
# settings = {
|
||||||
|
# passwordAuthentication = false;
|
||||||
|
# kbdInteractiveAuthentication = false;
|
||||||
|
# };
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
# Syncthing
|
||||||
|
8384 22000
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.firewall.allowedUDPPorts = [
|
||||||
|
# Syncthing
|
||||||
|
22000 21027
|
||||||
|
];
|
||||||
|
|
||||||
|
# This value determines the NixOS release from which the default
|
||||||
|
# settings for stateful data, like file locations and database versions
|
||||||
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
# this value at the release version of the first install of this system.
|
||||||
|
# Before changing this value read the documentation for this option
|
||||||
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
|
system.stateVersion = "23.05"; # Did you read the comment?
|
||||||
|
|
||||||
|
# needed for sway
|
||||||
|
security.polkit.enable = true;
|
||||||
|
# needed for pipewire
|
||||||
|
security.rtkit.enable = true;
|
||||||
|
|
||||||
|
# allow remote rebuilds
|
||||||
|
nix.settings.trusted-users = [ "@wheel" ];
|
||||||
|
|
||||||
|
# needed for YubiKey smartcard support
|
||||||
|
services.pcscd.enable = true;
|
||||||
|
|
||||||
|
fonts.fontDir.enable = true;
|
||||||
|
fonts.packages = with pkgs; [
|
||||||
|
dejavu_fonts
|
||||||
|
source-code-pro
|
||||||
|
font-awesome # for waybar indicators
|
||||||
|
];
|
||||||
|
|
||||||
|
|
||||||
|
home-manager.users.knazarov = {
|
||||||
|
/* The home.stateVersion option does not have a default and must be set */
|
||||||
|
home.stateVersion = "23.05";
|
||||||
|
|
||||||
|
programs.bash = {
|
||||||
|
enable = true;
|
||||||
|
bashrcExtra = ''
|
||||||
|
if [[ "$INSIDE_EMACS" = 'vterm' ]] \
|
||||||
|
&& [[ -n ''${EMACS_VTERM_PATH} ]] \
|
||||||
|
&& [[ -f ''${EMACS_VTERM_PATH}/etc/emacs-vterm-bash.sh ]]; then
|
||||||
|
source ''${EMACS_VTERM_PATH}/etc/emacs-vterm-bash.sh
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.direnv = {
|
||||||
|
enable = true;
|
||||||
|
nix-direnv = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.gpg = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.gnupg;
|
||||||
|
publicKeys = [{source = ./gpg_public_key.asc; trust="ultimate"; }];
|
||||||
|
settings = {
|
||||||
|
default-key = "0x0560020C9C577C1B";
|
||||||
|
};
|
||||||
|
mutableKeys = false;
|
||||||
|
mutableTrust = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.git = {
|
||||||
|
enable = true;
|
||||||
|
userName = "Konstantin Nazarov";
|
||||||
|
userEmail = "mail@knazarov.com";
|
||||||
|
signing = {
|
||||||
|
gpgPath = "${pkgs.gnupg}/bin/gpg2";
|
||||||
|
key = "0x0560020C9C577C1B";
|
||||||
|
signByDefault = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
accounts.email = {
|
||||||
|
maildirBasePath = "${config.users.users.knazarov.home}/Maildir";
|
||||||
|
accounts = {
|
||||||
|
personal = let account = "mail@knazarov.com"; in {
|
||||||
|
primary = true;
|
||||||
|
flavor = "fastmail.com";
|
||||||
|
address = account;
|
||||||
|
userName = account;
|
||||||
|
realName = "Konstantin Nazarov";
|
||||||
|
passwordCommand = "cat /run/secrets/fastmail_password";
|
||||||
|
gpg = {
|
||||||
|
key = "0x0560020C9C577C1B";
|
||||||
|
signByDefault = true;
|
||||||
|
};
|
||||||
|
mu.enable = true;
|
||||||
|
msmtp.enable = true;
|
||||||
|
mbsync = {
|
||||||
|
enable = true;
|
||||||
|
# Folders existing on the server, but not locally, will be created.
|
||||||
|
create = "maildir";
|
||||||
|
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.mu = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
programs.msmtp.enable = true;
|
||||||
|
|
||||||
|
programs.mbsync = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
#services.easyeffects = {
|
||||||
|
# enable = true;
|
||||||
|
#};
|
||||||
|
|
||||||
|
services.swayidle = {
|
||||||
|
enable = true;
|
||||||
|
timeouts = [
|
||||||
|
{ timeout = 300; command = "${pkgs.swaylock}/bin/swaylock -f -c 000000";}
|
||||||
|
{ timeout = 600;
|
||||||
|
command = "${pkgs.sway}/bin/swaymsg \"output * dpms off\"";
|
||||||
|
resumeCommand = "${pkgs.sway}/bin/swaymsg \"output * dpms on\"";}
|
||||||
|
];
|
||||||
|
events = [
|
||||||
|
{ event = "before-sleep"; command = "${pkgs.swaylock}/bin/swaylock -f -c 000000"; }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
wayland.windowManager.sway = {
|
||||||
|
enable = true;
|
||||||
|
xwayland = true;
|
||||||
|
config = rec {
|
||||||
|
modifier = "Mod4";
|
||||||
|
terminal = "foot";
|
||||||
|
bars = [{
|
||||||
|
"command" = "waybar";
|
||||||
|
}];
|
||||||
|
keybindings = pkgs.lib.mkOptionDefault {
|
||||||
|
"XF86AudioRaiseVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+";
|
||||||
|
"XF86AudioLowerVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-";
|
||||||
|
"XF86AudioMute" = "exec wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle";
|
||||||
|
"XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||||
|
"XF86MonBrightnessUp" = "exec brightnessctl s +5%";
|
||||||
|
"XF86MonBrightnessDown" = "exec brightnessctl s 5%-";
|
||||||
|
"Mod4+Return" = "exec emacs --eval '(progn (setq confirm-kill-processes nil) (vterm))'";
|
||||||
|
"Mod4+space" = "exec ${pkgs.foot}/bin/foot -T mylauncher -a mylauncher ${pkgs.q-sh}/bin/q";
|
||||||
|
"Mod4+p" = "exec '${pkgs.grim}/bin/grim -g \"$$(${pkgs.slurp}/bin/slurp)\" - | ${pkgs.wl-clipboard}/bin/wl-copy -t image/png'";
|
||||||
|
};
|
||||||
|
output = {
|
||||||
|
"*" = { bg = "${./wallpaper.jpg} fill";};
|
||||||
|
"Lenovo Group Limited LEN T32p-20 VNA4VRNY" = { scale = "1.5"; };
|
||||||
|
};
|
||||||
|
input = {
|
||||||
|
"type:keyboard" = {
|
||||||
|
xkb_layout = "us,ru";
|
||||||
|
xkb_options = "grp:alt_space_toggle";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
gaps = {
|
||||||
|
inner = 10;
|
||||||
|
outer = 5;
|
||||||
|
};
|
||||||
|
colors.unfocused = {border = "#dddddd";
|
||||||
|
background = "#dddddd";
|
||||||
|
text = "#888888";
|
||||||
|
indicator = "#888888";
|
||||||
|
childBorder = "#888888";};
|
||||||
|
};
|
||||||
|
extraConfig = ''
|
||||||
|
for_window [title="mylauncher"] floating enable
|
||||||
|
default_border pixel 3
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
programs.foot = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
main = {
|
||||||
|
font="monospace:size=10";
|
||||||
|
};
|
||||||
|
|
||||||
|
colors = {
|
||||||
|
background="feffff";
|
||||||
|
foreground="333333";
|
||||||
|
|
||||||
|
regular0="333333";
|
||||||
|
regular1="bd4436";
|
||||||
|
regular2="008700";
|
||||||
|
regular3="cdcc42";
|
||||||
|
regular4="0017f5";
|
||||||
|
regular5="b92cc6";
|
||||||
|
regular6="5bbdf9";
|
||||||
|
regular7="c7c7c7";
|
||||||
|
|
||||||
|
bright0="333333";
|
||||||
|
bright1="bd4436";
|
||||||
|
bright2="008700";
|
||||||
|
bright3="cdcc42";
|
||||||
|
bright4="0017f5";
|
||||||
|
bright5="b92cc6";
|
||||||
|
bright6="5bbdf9";
|
||||||
|
bright7="feffff";
|
||||||
|
};
|
||||||
|
key-bindings = {
|
||||||
|
clipboard-copy="Control+Insert";
|
||||||
|
clipboard-paste="Shift+Insert";
|
||||||
|
primary-paste="Control+Shift+v";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
programs.qutebrowser = {
|
||||||
|
enable = true;
|
||||||
|
searchEngines = {
|
||||||
|
DEFAULT = "https://kagi.com/search?q={}";
|
||||||
|
g = "https://www.google.com/search?hl=en&q={}";
|
||||||
|
};
|
||||||
|
#config.set('content.media.video_capture', True, 'https://www.meet.google.com')
|
||||||
|
settings = {
|
||||||
|
tabs.position = "left";
|
||||||
|
content.cookies.accept = "no-3rdparty";
|
||||||
|
};
|
||||||
|
extraConfig = ''
|
||||||
|
config.set('content.javascript.can_access_clipboard', True, 'amazon.com')
|
||||||
|
config.set('content.javascript.can_access_clipboard', True, 'awsapps.com')
|
||||||
|
config.set('content.media.audio_capture', True, 'https://meet.google.com')
|
||||||
|
config.set('content.media.video_capture', True, 'https://meet.google.com')
|
||||||
|
config.set('content.media.audio_video_capture', True, 'https://meet.google.com')
|
||||||
|
config.set('content.notifications.enabled', False, 'https://meet.google.com')
|
||||||
|
config.set('content.register_protocol_handler', False, 'https://calendar.google.com?cid=%25s')
|
||||||
|
'';
|
||||||
|
keyBindings = {
|
||||||
|
insert = {
|
||||||
|
"<Shift+Ins>" = "insert-text -- {clipboard}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
programs.waybar = {
|
||||||
|
enable = true;
|
||||||
|
settings = [{
|
||||||
|
layer = "top";
|
||||||
|
position = "top";
|
||||||
|
height = 24;
|
||||||
|
modules-left = ["sway/workspaces" "sway/mode"];
|
||||||
|
modules-center = ["sway/window"];
|
||||||
|
modules-right =
|
||||||
|
[ "idle_inhibitor" "battery" "clock" "tray" ];
|
||||||
|
clock.format = "{:%Y-%m-%d %H:%M}";
|
||||||
|
battery = {
|
||||||
|
states = {
|
||||||
|
# good = 95;
|
||||||
|
warning = 30;
|
||||||
|
critical = 15;
|
||||||
|
};
|
||||||
|
format = "{capacity}% {icon}";
|
||||||
|
format-charging = "{capacity}% ";
|
||||||
|
format-plugged = "{capacity}% ";
|
||||||
|
format-alt = "{time} {icon}";
|
||||||
|
format-icons = ["" "" "" "" ""];
|
||||||
|
};
|
||||||
|
idle_inhibitor = {
|
||||||
|
format = "{icon}";
|
||||||
|
format-icons = {
|
||||||
|
activated = "";
|
||||||
|
deactivated = "";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
services.syncthing = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
home.pointerCursor = {
|
||||||
|
name = "Adwaita";
|
||||||
|
package = pkgs.gnome.adwaita-icon-theme;
|
||||||
|
size = 24;
|
||||||
|
x11 = {
|
||||||
|
enable = true;
|
||||||
|
defaultCursor = "Adwaita";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
virtualisation = {
|
||||||
|
podman = {
|
||||||
|
enable = true;
|
||||||
|
dockerCompat = true;
|
||||||
|
defaultNetwork.settings = {
|
||||||
|
dns_enabled = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.udev.packages = [
|
||||||
|
pkgs.android-udev-rules
|
||||||
|
];
|
||||||
|
}
|
929
emacs.el
Executable file
929
emacs.el
Executable file
|
@ -0,0 +1,929 @@
|
||||||
|
;; -------- Speed up load time -------
|
||||||
|
|
||||||
|
;; I don't use emacs-server, so startup times are very important to me.
|
||||||
|
|
||||||
|
;; Garbage collection is triggered very often during start up, and it
|
||||||
|
;; slows the whole thing down. It is safe to increase threshold
|
||||||
|
;; temporarily to prevent aggressive GC, and then re-enable it at the
|
||||||
|
;; end.
|
||||||
|
|
||||||
|
(setq gc-cons-threshold 402653184
|
||||||
|
gc-cons-percentage 0.6)
|
||||||
|
|
||||||
|
|
||||||
|
;; There are special ways to handle files (via SSH or in archives),
|
||||||
|
;; but this is not necessary during startup, and it also slows down
|
||||||
|
;; the load significantly, as emacs is going through lots of files.
|
||||||
|
(defvar saved--file-name-handler-alist file-name-handler-alist)
|
||||||
|
(setq file-name-handler-alist nil)
|
||||||
|
|
||||||
|
;; Restore defaults after initialization has completed
|
||||||
|
(add-hook 'after-init-hook #'(lambda ()
|
||||||
|
(setq gc-cons-threshold 16777216
|
||||||
|
gc-cons-percentage 0.1)
|
||||||
|
(setq file-name-handler-alist saved--file-name-handler-alist)))
|
||||||
|
|
||||||
|
;; -------- Default directories --------
|
||||||
|
|
||||||
|
(setq default-directory "~/")
|
||||||
|
(setq command-line-default-directory "~/")
|
||||||
|
|
||||||
|
;; -------- State files --------
|
||||||
|
|
||||||
|
;; By default emacs leaves lots of trash around your filesystem while
|
||||||
|
;; you are editing. This section cleans up the basics.
|
||||||
|
|
||||||
|
;; Don't leave =yourfile~= temporary files nearby, and put them to a
|
||||||
|
;; separate directory instead.
|
||||||
|
|
||||||
|
(setq backup-directory-alist '(("." . "~/.emacs.d/backups")))
|
||||||
|
(setq auto-save-file-name-transforms
|
||||||
|
'((".*" "~/.emacs.d/backups" t)))
|
||||||
|
|
||||||
|
;; -------- Command history --------
|
||||||
|
|
||||||
|
;; Save command history so that when emacs is restarted, the history
|
||||||
|
;; is preserved.
|
||||||
|
|
||||||
|
(setq savehist-file "~/.emacs.d/savehist")
|
||||||
|
(savehist-mode +1)
|
||||||
|
(setq savehist-save-minibuffer-history +1)
|
||||||
|
(setq savehist-additional-variables
|
||||||
|
'(kill-ring
|
||||||
|
search-ring
|
||||||
|
regexp-search-ring))
|
||||||
|
|
||||||
|
;; -------- Recent files --------
|
||||||
|
|
||||||
|
;; Recent files are convenient to record because you can use them to
|
||||||
|
;; quickly jump to what you've been editing recently.
|
||||||
|
|
||||||
|
(setq recentf-save-file "~/.emacs.d/recentf"
|
||||||
|
recentf-max-menu-items 0
|
||||||
|
recentf-max-saved-items 300
|
||||||
|
recentf-filename-handlers '(file-truename)
|
||||||
|
recentf-exclude
|
||||||
|
(list "^/tmp/" "^/ssh:" "\\.?ido\\.last$" "\\.revive$" "/TAGS$"
|
||||||
|
"^/var/folders/.+$"
|
||||||
|
))
|
||||||
|
|
||||||
|
(recentf-mode 1)
|
||||||
|
|
||||||
|
;; -------- De-clutter --------
|
||||||
|
|
||||||
|
;; Toolbar and scrollbars are only useful to novices. The same for
|
||||||
|
;; startup screen and menu bar.
|
||||||
|
|
||||||
|
(tool-bar-mode -1)
|
||||||
|
(scroll-bar-mode -1)
|
||||||
|
(setq inhibit-startup-screen t)
|
||||||
|
|
||||||
|
(if (not (eq window-system 'mac))
|
||||||
|
(menu-bar-mode -1))
|
||||||
|
|
||||||
|
;; More reliable inter-window border
|
||||||
|
;; The native border "consumes" a pixel of the fringe on righter-most splits,
|
||||||
|
;; ~window-divider~ does not. Available since Emacs 25.1.
|
||||||
|
|
||||||
|
(setq-default window-divider-default-places t
|
||||||
|
window-divider-default-bottom-width 0
|
||||||
|
window-divider-default-right-width 1)
|
||||||
|
(window-divider-mode +1)
|
||||||
|
|
||||||
|
;; Remove continuation arrow on right fringe
|
||||||
|
|
||||||
|
(setq fringe-indicator-alist (delq (assq 'continuation fringe-indicator-alist)
|
||||||
|
fringe-indicator-alist))
|
||||||
|
|
||||||
|
;; No more typing the whole yes or no. Just y or n will do.
|
||||||
|
(fset 'yes-or-no-p 'y-or-n-p)
|
||||||
|
|
||||||
|
;; Makes *scratch* empty.
|
||||||
|
(setq initial-scratch-message "")
|
||||||
|
|
||||||
|
;; Hide modeline in the vterm mode
|
||||||
|
(use-package hide-mode-line)
|
||||||
|
(add-hook 'vterm-mode-hook #'hide-mode-line-mode)
|
||||||
|
|
||||||
|
;; -------- Cursor and movement --------
|
||||||
|
|
||||||
|
;; On emacs mac port use Alt as meta key
|
||||||
|
|
||||||
|
(if (eq window-system 'mac)
|
||||||
|
(progn
|
||||||
|
(setq mac-option-modifier 'meta)
|
||||||
|
(setq mac-command-modifier nil)
|
||||||
|
(setq mac-pass-command-to-system 't)))
|
||||||
|
|
||||||
|
;; Blinking cursor is inconvenient
|
||||||
|
|
||||||
|
(blink-cursor-mode -1)
|
||||||
|
|
||||||
|
;; Disable bell ring when moving outside of available area
|
||||||
|
|
||||||
|
(setq ring-bell-function 'ignore)
|
||||||
|
|
||||||
|
;; Disable annoying blink-matching-paren
|
||||||
|
|
||||||
|
(setq blink-matching-paren nil)
|
||||||
|
|
||||||
|
;; -------- Window decoration --------
|
||||||
|
|
||||||
|
;; This makes the header transparent on Emacs 26.1+ under OS X
|
||||||
|
|
||||||
|
(add-to-list 'default-frame-alist '(ns-transparent-titlebar . t))
|
||||||
|
(add-to-list 'default-frame-alist '(ns-appearance . dark))
|
||||||
|
(setq ns-use-proxy-icon nil)
|
||||||
|
|
||||||
|
;; -------- Minor modes --------
|
||||||
|
|
||||||
|
;; Hide some miror modes from sight to not clutter the modeline
|
||||||
|
|
||||||
|
(use-package diminish)
|
||||||
|
(require 'diminish)
|
||||||
|
|
||||||
|
(diminish 'company-mode)
|
||||||
|
(diminish 'projectile-mode)
|
||||||
|
(diminish 'editorconfig-mode)
|
||||||
|
(diminish 'eldoc-mode)
|
||||||
|
(diminish 'flycheck-mode)
|
||||||
|
(diminish 'which-key-mode)
|
||||||
|
|
||||||
|
;; -------- Theme --------
|
||||||
|
|
||||||
|
;; - I don't like that fringes are visible, so I set them to regular
|
||||||
|
;; background color
|
||||||
|
;; - Panels look better without outset/inset shadows
|
||||||
|
|
||||||
|
(use-package modus-themes)
|
||||||
|
(load-theme 'modus-operandi t)
|
||||||
|
|
||||||
|
(set-face-attribute 'fringe nil
|
||||||
|
:foreground (face-foreground 'default)
|
||||||
|
:background (face-background 'default))
|
||||||
|
|
||||||
|
;; On many OSs the modeline has an outset border (lighter on top and
|
||||||
|
;; darker on the bottom). This doesn't look pretty on a flat theme.
|
||||||
|
|
||||||
|
(set-face-attribute 'mode-line nil :box nil)
|
||||||
|
(set-face-attribute 'mode-line-inactive nil :box nil)
|
||||||
|
|
||||||
|
;; -------- Font --------
|
||||||
|
|
||||||
|
;; Some time ago I've purchased a great font called Pragmata Pro,
|
||||||
|
;; which is easy on the eyes and tailored for programmers. It may
|
||||||
|
;; not be available everywhere though, hence conditional load.
|
||||||
|
|
||||||
|
(when window-system
|
||||||
|
(if (not (null (x-list-fonts "PragmataPro")))
|
||||||
|
(add-to-list 'default-frame-alist
|
||||||
|
'(font . "PragmataPro-15"))
|
||||||
|
(add-to-list 'default-frame-alist
|
||||||
|
'(font . "Source Code Pro-11"))
|
||||||
|
))
|
||||||
|
|
||||||
|
|
||||||
|
;; -------- Packages --------
|
||||||
|
|
||||||
|
(diminish 'company-mode)
|
||||||
|
(diminish 'projectile-mode)
|
||||||
|
(diminish 'editorconfig-mode)
|
||||||
|
(diminish 'eldoc-mode)
|
||||||
|
(diminish 'flycheck-mode)
|
||||||
|
(diminish 'which-key-mode)
|
||||||
|
|
||||||
|
;; -------- Navigation --------
|
||||||
|
|
||||||
|
;; Quickly find my way around emacs
|
||||||
|
|
||||||
|
;; Default scheme for uniquifying buffer names is not convenient.
|
||||||
|
;; It's better to have a regular path-like structure.
|
||||||
|
|
||||||
|
;;(require 'uniquify)
|
||||||
|
(setq uniquify-buffer-name-style 'forward)
|
||||||
|
(setq uniquify-separator "/")
|
||||||
|
(setq uniquify-after-kill-buffer-p t) ; rename after killing uniquified
|
||||||
|
(setq uniquify-ignore-buffers-re "^\\*") ; don't muck with special buffers
|
||||||
|
|
||||||
|
|
||||||
|
;; If you stop after typing a part of keybinding, shows available
|
||||||
|
;; options in minibuffer.
|
||||||
|
|
||||||
|
|
||||||
|
(use-package which-key)
|
||||||
|
(add-hook 'after-init-hook 'which-key-mode)
|
||||||
|
(with-eval-after-load 'which-key
|
||||||
|
(which-key-setup-side-window-bottom))
|
||||||
|
|
||||||
|
;; persp-mode allows you to have tagged workspaces akin to
|
||||||
|
;; Linux tiled-window managers.
|
||||||
|
|
||||||
|
(use-package persp-mode)
|
||||||
|
;; persp-mode clashes with corfu
|
||||||
|
(setq persp-auto-resume-time 0)
|
||||||
|
(add-hook 'after-init-hook 'persp-mode)
|
||||||
|
(global-set-key (kbd "C-x x s") 'persp-switch)
|
||||||
|
|
||||||
|
;; vertico-mode allows for easy navigation between buffers and files
|
||||||
|
|
||||||
|
(use-package vertico)
|
||||||
|
(add-hook 'after-init-hook 'vertico-mode)
|
||||||
|
(setq completion-ignore-case t)
|
||||||
|
(setq completion-styles '(basic substring partial-completion flex))
|
||||||
|
|
||||||
|
(use-package marginalia)
|
||||||
|
(add-hook 'after-init-hook 'marginalia-mode)
|
||||||
|
|
||||||
|
;; ripgrep search with consult
|
||||||
|
|
||||||
|
(use-package consult)
|
||||||
|
(global-set-key (kbd "M-s r") 'consult-ripgrep)
|
||||||
|
|
||||||
|
;; Navigation when in russian layout
|
||||||
|
|
||||||
|
(cl-loop
|
||||||
|
for from across "йцукенгшщзхъфывапролджэячсмитьбюЙЦУКЕНГШЩЗХЪФЫВАПРОЛДЖ\ЭЯЧСМИТЬБЮ№"
|
||||||
|
for to across "qwertyuiop[]asdfghjkl;'zxcvbnm,.QWERTYUIOP{}ASDFGHJKL:\"ZXCVBNM<>#"
|
||||||
|
do
|
||||||
|
(eval `(define-key key-translation-map (kbd ,(concat "C-" (string from))) (kbd ,(concat "C-" (string to)))))
|
||||||
|
(eval `(define-key key-translation-map (kbd ,(concat "M-" (string from))) (kbd ,(concat "M-" (string to))))))
|
||||||
|
|
||||||
|
|
||||||
|
;; -------- Editor basics --------
|
||||||
|
|
||||||
|
;; Use 4 spaces to indent by default
|
||||||
|
|
||||||
|
(setq-default indent-tabs-mode nil)
|
||||||
|
(setq-default tab-width 4)
|
||||||
|
|
||||||
|
;; Clean up trailing whitespace on file save
|
||||||
|
|
||||||
|
(add-hook 'before-save-hook 'whitespace-cleanup)
|
||||||
|
|
||||||
|
;; But use editorconfig to guess proper project-wide indentation rules
|
||||||
|
|
||||||
|
(use-package editorconfig)
|
||||||
|
(add-hook 'prog-mode-hook #'editorconfig-mode)
|
||||||
|
|
||||||
|
|
||||||
|
;; Speed up comint buffers by disabling bidirectional language support
|
||||||
|
|
||||||
|
(setq-default bidi-display-reordering nil)
|
||||||
|
|
||||||
|
;; -------- Tools and environment --------
|
||||||
|
|
||||||
|
;; By default, Emacs doesn't add system path to its search places
|
||||||
|
|
||||||
|
(use-package exec-path-from-shell)
|
||||||
|
(require 'exec-path-from-shell)
|
||||||
|
(setenv "PATH" (concat "/usr/local/bin:" (getenv "PATH")))
|
||||||
|
|
||||||
|
;; On a mac, this will set up PATH and MANPATH from your environment
|
||||||
|
(when (memq window-system '(mac ns x pgtk))
|
||||||
|
(exec-path-from-shell-initialize))
|
||||||
|
|
||||||
|
;; -------- Org roam --------
|
||||||
|
|
||||||
|
(use-package org)
|
||||||
|
(use-package org-contrib)
|
||||||
|
(use-package org-roam)
|
||||||
|
(use-package consult-org-roam)
|
||||||
|
|
||||||
|
(setq org-roam-completion-everywhere t)
|
||||||
|
(setq org-roam-directory "~/notes")
|
||||||
|
(setq org-roam-node-default-sort 'file-mtime)
|
||||||
|
(setq consult-org-roam-grep-func #'consult-ripgrep)
|
||||||
|
|
||||||
|
(global-set-key (kbd "C-c n l") 'org-roam-buffer-toggle)
|
||||||
|
(global-set-key (kbd "C-c n i") 'org-roam-node-insert)
|
||||||
|
(global-set-key (kbd "C-c n f") 'org-roam-node-find)
|
||||||
|
(global-set-key (kbd "C-c n r") 'consult-org-roam-search)
|
||||||
|
|
||||||
|
(autoload 'org-roam-buffer-toggle "org-roam" "\
|
||||||
|
Enable org-roam
|
||||||
|
" t nil)
|
||||||
|
(autoload 'org-roam-setup "org-roam" "\
|
||||||
|
Enable org-roam
|
||||||
|
" t nil)
|
||||||
|
|
||||||
|
(setq org-roam-capture-templates
|
||||||
|
`(("d" "default" plain "%?"
|
||||||
|
:target (file+head "%<%Y%m%d%H%M%S>-${slug}.org"
|
||||||
|
"#+title: ${title}\n")
|
||||||
|
:unnarrowed t)
|
||||||
|
("i" "interview" plain "%?"
|
||||||
|
:target (file+head "%<%Y%m%d%H%M%S>-${slug}.org"
|
||||||
|
,(concat "#+title: ${title}\n"
|
||||||
|
"#+filetags: Interview\n"
|
||||||
|
"\n"))
|
||||||
|
:unnarrowed t)
|
||||||
|
|
||||||
|
))
|
||||||
|
|
||||||
|
(setq org-roam-node-display-template
|
||||||
|
(concat "${title:80} " (propertize "${tags:20}" 'face 'org-tag))
|
||||||
|
org-roam-node-annotation-function
|
||||||
|
(lambda (node) (marginalia--time (org-roam-node-file-mtime node))))
|
||||||
|
|
||||||
|
(add-hook 'after-init-hook 'org-roam-setup)
|
||||||
|
|
||||||
|
(defun roam-extra:get-filetags ()
|
||||||
|
(split-string (or (org-roam-get-keyword "filetags") "")))
|
||||||
|
|
||||||
|
(defun roam-extra:add-filetag (tag)
|
||||||
|
(let* ((new-tags (cons tag (roam-extra:get-filetags)))
|
||||||
|
(new-tags-str (combine-and-quote-strings new-tags)))
|
||||||
|
(org-roam-set-keyword "filetags" new-tags-str)))
|
||||||
|
|
||||||
|
(defun roam-extra:del-filetag (tag)
|
||||||
|
(let* ((new-tags (seq-difference (roam-extra:get-filetags) `(,tag)))
|
||||||
|
(new-tags-str (combine-and-quote-strings new-tags)))
|
||||||
|
(org-roam-set-keyword "filetags" new-tags-str)))
|
||||||
|
|
||||||
|
(defun roam-extra:todo-p ()
|
||||||
|
"Return non-nil if current buffer has any TODO entry.
|
||||||
|
|
||||||
|
TODO entries marked as done are ignored, meaning the this
|
||||||
|
function returns nil if current buffer contains only completed
|
||||||
|
tasks."
|
||||||
|
(org-element-map
|
||||||
|
(org-element-parse-buffer 'headline)
|
||||||
|
'headline
|
||||||
|
(lambda (h)
|
||||||
|
(eq (org-element-property :todo-type h)
|
||||||
|
'todo))
|
||||||
|
nil 'first-match))
|
||||||
|
|
||||||
|
(defun roam-extra:update-todo-tag ()
|
||||||
|
"Update TODO tag in the current buffer."
|
||||||
|
(when (and (not (active-minibuffer-window))
|
||||||
|
(org-roam-file-p))
|
||||||
|
(org-with-point-at 1
|
||||||
|
(let* ((tags (roam-extra:get-filetags))
|
||||||
|
(is-todo (roam-extra:todo-p)))
|
||||||
|
(cond ((and is-todo (not (seq-contains-p tags "todo")))
|
||||||
|
(roam-extra:add-filetag "todo"))
|
||||||
|
((and (not is-todo) (seq-contains-p tags "todo"))
|
||||||
|
(roam-extra:del-filetag "todo")))))))
|
||||||
|
|
||||||
|
(defun roam-extra:todo-files ()
|
||||||
|
"Return a list of roam files containing todo tag."
|
||||||
|
(org-roam-db-sync)
|
||||||
|
(let ((todo-nodes (seq-filter (lambda (n)
|
||||||
|
(seq-contains-p (org-roam-node-tags n) "todo"))
|
||||||
|
(org-roam-node-list))))
|
||||||
|
(seq-uniq (seq-map #'org-roam-node-file todo-nodes))))
|
||||||
|
|
||||||
|
(defun roam-extra:update-todo-files (&rest _)
|
||||||
|
"Update the value of `org-agenda-files'."
|
||||||
|
(setq org-agenda-files (roam-extra:todo-files)))
|
||||||
|
|
||||||
|
(add-hook 'find-file-hook #'roam-extra:update-todo-tag)
|
||||||
|
(add-hook 'before-save-hook #'roam-extra:update-todo-tag)
|
||||||
|
(advice-add 'org-agenda :before #'roam-extra:update-todo-files)
|
||||||
|
|
||||||
|
|
||||||
|
(defun org-roam-week (&optional other-window)
|
||||||
|
"Opens or creates a weekly note."
|
||||||
|
(interactive)
|
||||||
|
(let* ((title (format-time-string "Week %U %Y"))
|
||||||
|
(nodes (org-roam-node-list))
|
||||||
|
(node (seq-find (lambda (n) (string-equal (org-roam-node-title n) title)) nodes)))
|
||||||
|
(if (and node (org-roam-node-file node))
|
||||||
|
(org-roam-node-visit node other-window)
|
||||||
|
(org-roam-capture-
|
||||||
|
:node (org-roam-node-create :title title)
|
||||||
|
:templates
|
||||||
|
`(("w" "week" plain "* Goals\n\n%?\n\n* Tasks\n\n"
|
||||||
|
:if-new (file+head "%<%Y%m%d%H%M%S>-${slug}.org" "#+title: ${title}\n#+category: ${title}\n#+filetags: Week")
|
||||||
|
:unnarrowed t))
|
||||||
|
:props '(:finalize find-file))
|
||||||
|
)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
(global-set-key (kbd "C-c n w") 'org-roam-week)
|
||||||
|
|
||||||
|
;; -------- Org mode ---------
|
||||||
|
|
||||||
|
(use-package org-modern)
|
||||||
|
(with-eval-after-load 'org (global-org-modern-mode))
|
||||||
|
|
||||||
|
(setq org-modules '(org-w3m org-bbdb org-bibtex org-docview
|
||||||
|
org-gnus org-info org-irc org-mhe
|
||||||
|
org-rmail org-checklist org-mu4e))
|
||||||
|
|
||||||
|
;; Sometimes I sit at night until 4 AM, and I still want org to treat it
|
||||||
|
;; as "today"
|
||||||
|
(setq org-extend-today-until 4)
|
||||||
|
|
||||||
|
;; navigate with (org-goto) by offering the full list of targets in ido-mode
|
||||||
|
(setq org-goto-interface 'outline-path-completion) ;; don't search incrementally
|
||||||
|
(setq org-outline-path-complete-in-steps nil) ;; see whole path at once
|
||||||
|
|
||||||
|
;; avoid inadvertently editing hidden text
|
||||||
|
(setq org-catch-invisible-edits 'show-and-error)
|
||||||
|
|
||||||
|
;; hide empty spaces between folded subtrees
|
||||||
|
(setq org-cycle-separator-lines 0)
|
||||||
|
|
||||||
|
;; use hours in clocktable instead of days and hours
|
||||||
|
(setq org-time-clocksum-format "%d:%02d")
|
||||||
|
|
||||||
|
;; After a recurring task is marked as done, reset it to TODO. This
|
||||||
|
;; is important because I have the "INBOX" state first in the sequence
|
||||||
|
;; of states.
|
||||||
|
(setq org-todo-repeat-to-state "TODO")
|
||||||
|
|
||||||
|
;; Default format for column view
|
||||||
|
(setq org-columns-default-format "%38ITEM(Details) %TAGS(Context) %7TODO(To Do) %5Effort(Time){:} %6CLOCKSUM(Total){:}")
|
||||||
|
|
||||||
|
;; Better source code editing
|
||||||
|
|
||||||
|
(setq org-src-fontify-natively t
|
||||||
|
org-src-window-setup 'current-window
|
||||||
|
org-src-strip-leading-and-trailing-blank-lines t
|
||||||
|
org-src-preserve-indentation t
|
||||||
|
org-src-tab-acts-natively t)
|
||||||
|
|
||||||
|
;; Default tags
|
||||||
|
(setq org-tag-alist '((:startgroup . nil)
|
||||||
|
("WORK" . ?w) ("HOME" . ?h)
|
||||||
|
(:endgroup . nil)
|
||||||
|
("PROJECT" . ?p)
|
||||||
|
("PHONE" . ?n)
|
||||||
|
("MEETING" . ?m)
|
||||||
|
("DOC" . ?d)
|
||||||
|
("GOOGLE" . ?g)
|
||||||
|
("QUICK" . ?q)))
|
||||||
|
|
||||||
|
;; Default todo sequence
|
||||||
|
(setq org-todo-keywords
|
||||||
|
'((sequence "INBOX(i)" "TODO(t)" "ERRAND(k)"
|
||||||
|
"SOMEDAY(s)" "WAITING(w@/!)" "APPT(a)" "|"
|
||||||
|
"DONE(d!)" "CANCELLED(c!)")))
|
||||||
|
|
||||||
|
;; Babel and code block embedding
|
||||||
|
(setq org-confirm-babel-evaluate nil)
|
||||||
|
(org-babel-do-load-languages
|
||||||
|
'org-babel-load-languages
|
||||||
|
'((emacs-lisp . t)
|
||||||
|
(python . t)))
|
||||||
|
|
||||||
|
;; Log TODO state changes and clock-ins into the LOGBOOK drawer
|
||||||
|
(setq org-clock-into-drawer t)
|
||||||
|
(setq org-log-into-drawer t)
|
||||||
|
|
||||||
|
;; Quickly creating new tasks
|
||||||
|
(global-set-key (kbd "\C-c r") 'org-capture)
|
||||||
|
(setq org-capture-templates
|
||||||
|
`(("t" "Todo" entry (file+headline "~/org/gtd.org" "Tasks")
|
||||||
|
"* TODO %?\n %U\n %a")
|
||||||
|
("i" "Inbox" entry (file+headline "~/org/gtd.org" "Tasks")
|
||||||
|
"* INBOX %?\n %U")
|
||||||
|
("f" "Follow-up" entry (file+headline "~/org/gtd.org" "Tasks")
|
||||||
|
,(concat "* TODO %? :EMAIL:\n"
|
||||||
|
" %U\n"
|
||||||
|
" %a"))
|
||||||
|
("c" "Contacts" entry (file "~/org/contacts.org")
|
||||||
|
(concat "* %(org-contacts-template-name)\n"
|
||||||
|
":PROPERTIES:\n"
|
||||||
|
":EMAIL: %(org-contacts-template-email)\n"
|
||||||
|
":END:"))
|
||||||
|
|
||||||
|
("q"
|
||||||
|
"Org capture template"
|
||||||
|
entry
|
||||||
|
(file+headline "~/org/capture.org" "Notes")
|
||||||
|
"* %:description\n\n Source: %u, %:link\n\n %i"
|
||||||
|
:empty-lines 1)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
;; org-protocol allows you to capture stuff into your system from web
|
||||||
|
;; browsers
|
||||||
|
(require 'org-protocol)
|
||||||
|
|
||||||
|
;; Refiling allows you to quickly move an element with its children to
|
||||||
|
;; another location.
|
||||||
|
|
||||||
|
;; By default, refile works up to 2-level sections, which is not very
|
||||||
|
;; convenient if you have project-based organization
|
||||||
|
;; (/Projects/ProjectName).
|
||||||
|
(setq org-refile-targets '((org-agenda-files :maxlevel . 3)))
|
||||||
|
|
||||||
|
;; Then, it's nice to have a full path to the target element appear in
|
||||||
|
;; completion
|
||||||
|
(setq org-refile-use-outline-path 'file)
|
||||||
|
|
||||||
|
;; But, when using helm, we also need to tell org mode to present the
|
||||||
|
;; whole list of possible completions right away, and not use
|
||||||
|
;; incremental search:
|
||||||
|
(setq org-outline-path-complete-in-steps nil)
|
||||||
|
|
||||||
|
;; It may also be useful to be able to create elements, if the refile
|
||||||
|
;; target doesn't already exist.
|
||||||
|
(setq org-refile-allow-creating-parent-nodes 'confirm)
|
||||||
|
|
||||||
|
;; Agenda
|
||||||
|
(global-set-key "\C-ca" 'org-agenda)
|
||||||
|
(setq org-agenda-files '("~/org/gtd.org"
|
||||||
|
"~/org/weeklyreview.org"
|
||||||
|
))
|
||||||
|
|
||||||
|
(setq org-agenda-custom-commands nil)
|
||||||
|
(add-to-list 'org-agenda-custom-commands
|
||||||
|
'("h" "Work todos" tags-todo
|
||||||
|
"-personal-doat={.+}-dowith={.+}/!-ERRAND"
|
||||||
|
((org-agenda-todo-ignore-scheduled t))))
|
||||||
|
(add-to-list 'org-agenda-custom-commands
|
||||||
|
'("H" "All work todos" tags-todo "-personal/!-ERRAND-MAYBE"
|
||||||
|
((org-agenda-todo-ignore-scheduled nil))))
|
||||||
|
(add-to-list 'org-agenda-custom-commands
|
||||||
|
'("A" "Work todos with doat or dowith" tags-todo
|
||||||
|
"-personal+doat={.+}|dowith={.+}/!-ERRAND"
|
||||||
|
((org-agenda-todo-ignore-scheduled nil))))
|
||||||
|
(add-to-list 'org-agenda-custom-commands
|
||||||
|
'("P" "Projects"
|
||||||
|
tags "+PROJECT-TODO=\"SOMEDAY\""))
|
||||||
|
|
||||||
|
(add-to-list 'org-agenda-custom-commands
|
||||||
|
'("i" "Inbox"
|
||||||
|
todo "INBOX"))
|
||||||
|
|
||||||
|
(add-to-list 'org-agenda-custom-commands
|
||||||
|
'("o" "Someday"
|
||||||
|
todo "SOMEDAY"))
|
||||||
|
|
||||||
|
(add-to-list 'org-agenda-custom-commands
|
||||||
|
'("c" "Simple agenda view"
|
||||||
|
(
|
||||||
|
(agenda ""
|
||||||
|
)
|
||||||
|
(todo ""
|
||||||
|
(
|
||||||
|
(org-agenda-overriding-header "\nUnscheduled TODO")
|
||||||
|
(org-agenda-skip-function '(org-agenda-skip-entry-if
|
||||||
|
'timestamp 'todo '("SOMEDAY" "ERRAND")))
|
||||||
|
(org-agenda-sorting-strategy
|
||||||
|
(quote ((agenda time-up priority-down tag-up))))
|
||||||
|
))
|
||||||
|
)
|
||||||
|
((org-agenda-overriding-columns-format
|
||||||
|
"%38ITEM(Details) %TAGS(Context) %7TODO(To Do) %5Effort(Time){:} %6CLOCKSUM_T(Total){:}")
|
||||||
|
(org-agenda-view-columns-initially t))
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
(setq org-todo-keyword-faces
|
||||||
|
'(("ERRAND" . (:foreground "light sea green" :weight bold))
|
||||||
|
("INBOX" . (:foreground "DarkGoldenrod" :weight bold))))
|
||||||
|
|
||||||
|
;;(set-face-foreground 'org-scheduled-previously "DarkGoldenrod")
|
||||||
|
|
||||||
|
(setq org-tags-exclude-from-inheritance '("PROJECT")
|
||||||
|
org-stuck-projects '("+PROJECT/-MAYBE-DONE-SOMEDAY"
|
||||||
|
("TODO" "ERRAND" "WAITING") () ()))
|
||||||
|
|
||||||
|
;; -------- Email --------
|
||||||
|
|
||||||
|
;;(use-package mu4e)
|
||||||
|
|
||||||
|
;;(add-to-list 'load-path "/usr/share/emacs/site-lisp/mu4e")
|
||||||
|
|
||||||
|
(setq sendmail-program (executable-find "msmtp"))
|
||||||
|
|
||||||
|
(autoload 'mu4e "mu4e" "\
|
||||||
|
If mu4e is not running yet, start it. Then, show the main
|
||||||
|
window, unless BACKGROUND (prefix-argument) is non-nil.
|
||||||
|
" t nil)
|
||||||
|
|
||||||
|
(setq mu4e-update-interval 600) ;; refresh every X seconds
|
||||||
|
|
||||||
|
(setq message-citation-line-format "On %d %b %Y at %R, %f wrote:\n")
|
||||||
|
(setq message-citation-line-function 'message-insert-formatted-citation-line)
|
||||||
|
|
||||||
|
(setq mu4e-attachment-dir "~/Downloads")
|
||||||
|
|
||||||
|
(setq mu4e-html2text-command 'mu4e-shr2text)
|
||||||
|
|
||||||
|
(setq mu4e-user-mail-address-list '("mail@knazarov.com" "k.nazarov@corp.mail.ru"))
|
||||||
|
|
||||||
|
;; exlude myself from the email replies
|
||||||
|
(setq mu4e-compose-dont-reply-to-self t)
|
||||||
|
|
||||||
|
;; set mu4e as a default mail agent
|
||||||
|
(setq mail-user-agent 'mu4e-user-agent)
|
||||||
|
|
||||||
|
(setq mu4e-maildir "/home/knazarov/Maildir")
|
||||||
|
|
||||||
|
(setq
|
||||||
|
mu4e-view-show-images t
|
||||||
|
mu4e-image-max-width 800
|
||||||
|
mu4e-view-prefer-html t
|
||||||
|
mu4e-change-filenames-when-moving t ;; prevent duplicate UIDs
|
||||||
|
mu4e-get-mail-command "mbsync -a -q"
|
||||||
|
mu4e-headers-include-related nil)
|
||||||
|
|
||||||
|
(setq mu4e-sent-folder "/personal/Sent"
|
||||||
|
mu4e-drafts-folder "/personal/Drafts"
|
||||||
|
mu4e-trash-folder "/personal/Trash"
|
||||||
|
mu4e-refile-folder "/personal/Archive"
|
||||||
|
user-full-name "Konstantin Nazarov"
|
||||||
|
user-mail-address "mail@knazarov.com"
|
||||||
|
smtpmail-default-smtp-server "smtp.fastmail.com"
|
||||||
|
smtpmail-local-domain "knazarov.com"
|
||||||
|
smtpmail-smtp-server "smtp.fastmail.com"
|
||||||
|
smtpmail-stream-type 'starttls
|
||||||
|
smtpmail-smtp-service 587
|
||||||
|
message-send-mail-function 'message-send-mail-with-sendmail
|
||||||
|
;;message-sendmail-extra-arguments '("--read-envelope-from")
|
||||||
|
)
|
||||||
|
|
||||||
|
(setq mu4e-compose-signature
|
||||||
|
"<#part type=text/html><html><body><p>Hello ! I am the html signature which can contains anything in html !</p></body></html><#/part>" )
|
||||||
|
|
||||||
|
(defvar my-mu4e-account-alist
|
||||||
|
`(("personal"
|
||||||
|
(mu4e-sent-folder "/personal/Sent")
|
||||||
|
(mu4e-drafts-folder "/personal/Drafts")
|
||||||
|
(mu4e-trash-folder "/personal/Trash")
|
||||||
|
(mu4e-refile-folder "/personal/Archive")
|
||||||
|
(user-mail-address "mail@knazarov.com")
|
||||||
|
(message-sendmail-envelope-from "mail@knazarov.com")
|
||||||
|
;;(mu4e-compose-signature-auto-include nil)
|
||||||
|
(mu4e-compose-signature ,(if (file-exists-p "~/.mail-sig.txt")
|
||||||
|
(with-temp-buffer
|
||||||
|
(insert-file-contents "~/.mail-sig.txt")
|
||||||
|
(buffer-string))
|
||||||
|
""))
|
||||||
|
(message-signature-file "~/.mail-sig.txt")
|
||||||
|
(message-cite-reply-position above)
|
||||||
|
(message-cite-style message-cite-style-outlook))
|
||||||
|
("work"
|
||||||
|
(mu4e-sent-folder "/work/Sent")
|
||||||
|
(mu4e-drafts-folder "/work/Drafts")
|
||||||
|
(mu4e-trash-folder "/work/Trash")
|
||||||
|
(mu4e-refile-folder "/work/Archive")
|
||||||
|
(user-mail-address "k.nazarov@corp.mail.ru")
|
||||||
|
(message-sendmail-envelope-from "k.nazarov@corp.mail.ru")
|
||||||
|
(mu4e-compose-signature-auto-include nil)
|
||||||
|
(message-signature-file "~/.mail-sig.txt")
|
||||||
|
(mu4e-compose-signature ,(if (file-exists-p "~/.mail-sig.txt")
|
||||||
|
(with-temp-buffer
|
||||||
|
(insert-file-contents "~/.mail-sig.txt")
|
||||||
|
(buffer-string))
|
||||||
|
""))
|
||||||
|
(message-cite-reply-position above)
|
||||||
|
(message-cite-style message-cite-style-outlook))
|
||||||
|
))
|
||||||
|
|
||||||
|
(defun my-mu4e-set-account ()
|
||||||
|
"Set the account for composing a message."
|
||||||
|
(let* ((account
|
||||||
|
(if mu4e-compose-parent-message
|
||||||
|
(let ((maildir (mu4e-message-field mu4e-compose-parent-message :maildir)))
|
||||||
|
(string-match "/\\(.*?\\)/" maildir)
|
||||||
|
(match-string 1 maildir))
|
||||||
|
(completing-read (format "Compose with account: (%s) "
|
||||||
|
(mapconcat #'(lambda (var) (car var))
|
||||||
|
my-mu4e-account-alist "/"))
|
||||||
|
(mapcar #'(lambda (var) (car var)) my-mu4e-account-alist)
|
||||||
|
nil t nil nil (caar my-mu4e-account-alist))))
|
||||||
|
(account-vars (cdr (assoc account my-mu4e-account-alist))))
|
||||||
|
(if account-vars
|
||||||
|
(mapc #'(lambda (var)
|
||||||
|
(set (car var) (cadr var)))
|
||||||
|
account-vars)
|
||||||
|
(error "No email account found"))))
|
||||||
|
|
||||||
|
(defun my-mu4e-refile-folder-function (msg)
|
||||||
|
(let ((mu4e-accounts my-mu4e-account-alist)
|
||||||
|
(current-message msg)
|
||||||
|
(account))
|
||||||
|
(setq account (catch 'found
|
||||||
|
(dolist (candidate mu4e-accounts)
|
||||||
|
(if (string-match (car candidate)
|
||||||
|
(mu4e-message-field current-message :maildir))
|
||||||
|
(throw 'found candidate)
|
||||||
|
))))
|
||||||
|
(if account
|
||||||
|
(cadr (assoc 'mu4e-refile-folder account))
|
||||||
|
(throw 'account_not_found (mu4e-message-field current-message :maildir))
|
||||||
|
)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
(setq mu4e-refile-folder 'my-mu4e-refile-folder-function)
|
||||||
|
|
||||||
|
(add-hook 'mu4e-compose-pre-hook 'my-mu4e-set-account)
|
||||||
|
|
||||||
|
;; Be smart about inserting signature for either cite-reply-position used
|
||||||
|
(defun insert-signature ()
|
||||||
|
"Insert signature where you are replying"
|
||||||
|
;; Do not insert if already done - needed when switching modes back/forth
|
||||||
|
(unless (save-excursion (message-goto-signature))
|
||||||
|
(save-excursion
|
||||||
|
(if (eq message-cite-reply-position 'below)
|
||||||
|
(goto-char (point-max))
|
||||||
|
(message-goto-body))
|
||||||
|
(insert-file-contents message-signature-file)
|
||||||
|
(save-excursion (insert "\n-- \n")))))
|
||||||
|
(add-hook 'mu4e-compose-mode-hook 'insert-signature)
|
||||||
|
|
||||||
|
;;(add-to-list 'mu4e-bookmarks
|
||||||
|
;; '("maildir:/work/INBOX" "work inbox" ?w))
|
||||||
|
|
||||||
|
;;(add-to-list 'mu4e-bookmarks
|
||||||
|
;; '("maildir:/knazarov/INBOX" "personal inbox" ?p))
|
||||||
|
|
||||||
|
(setq mu4e-bookmarks
|
||||||
|
'(("maildir:/personal/INBOX OR maildir:/work/INBOX" "inbox" ?i)))
|
||||||
|
|
||||||
|
;; -------- Programming --------
|
||||||
|
|
||||||
|
;; Enable direnv-mode to automatically load Nix flake dependencies for projects
|
||||||
|
(use-package direnv
|
||||||
|
:config
|
||||||
|
(direnv-mode))
|
||||||
|
|
||||||
|
;; Rainbow delimeters highlight matching pairs of braces in different colors
|
||||||
|
|
||||||
|
(use-package rainbow-delimiters)
|
||||||
|
(add-hook 'prog-mode-hook #'rainbow-delimiters-mode)
|
||||||
|
|
||||||
|
;; Flycheck is an on-the-fly syntax checker for emacs with pluggable backengs.
|
||||||
|
|
||||||
|
(use-package flycheck)
|
||||||
|
;; Not usable for every single mode, so need to be selective
|
||||||
|
;;(add-hook 'prog-mode-hook #'flycheck-mode)
|
||||||
|
|
||||||
|
;; Scroll compilation buffer with the output
|
||||||
|
|
||||||
|
(setq compilation-scroll-output t)
|
||||||
|
|
||||||
|
;; Projectile auto-detects projects and allows to run project-wide commands
|
||||||
|
|
||||||
|
(use-package projectile)
|
||||||
|
(setq projectile-cache-file "~/.emacs.d/projectile.cache")
|
||||||
|
(projectile-mode +1)
|
||||||
|
(define-key projectile-mode-map (kbd "C-c p") 'projectile-command-map)
|
||||||
|
|
||||||
|
;; Corfu mode is a simple auto completion framework with
|
||||||
|
;; pluggable backends
|
||||||
|
|
||||||
|
;;(setq company-backends '(company-capf (company-dabbrev-code) company-dabbrev))
|
||||||
|
;;(add-hook 'prog-mode-hook #'company-mode)
|
||||||
|
;;(add-hook 'mu4e-compose-mode-hook #'company-mode)
|
||||||
|
(use-package corfu)
|
||||||
|
(add-hook 'after-init-hook 'global-corfu-mode)
|
||||||
|
(add-hook 'after-init-hook 'corfu-popupinfo-mode)
|
||||||
|
(setq corfu-auto t)
|
||||||
|
(setq tab-always-indent 'complete)
|
||||||
|
(setq corfu-quit-no-match 'separator)
|
||||||
|
|
||||||
|
(use-package cape)
|
||||||
|
(add-to-list 'completion-at-point-functions #'cape-dabbrev)
|
||||||
|
(add-to-list 'completion-at-point-functions #'cape-file)
|
||||||
|
|
||||||
|
;; Can't live without magit. It makes working with git sooo much easie
|
||||||
|
|
||||||
|
(use-package magit)
|
||||||
|
(global-set-key (kbd "C-x g") 'magit-status)
|
||||||
|
|
||||||
|
;;(setq magit-completing-read-function 'magit-ido-completing-read)
|
||||||
|
|
||||||
|
|
||||||
|
;; LSP
|
||||||
|
|
||||||
|
;; Maybe switch to EGLOT, which is shipped in Emacs 29
|
||||||
|
(add-hook 'lua-mode-hook #'lsp)
|
||||||
|
|
||||||
|
;; Tree-sitter
|
||||||
|
|
||||||
|
(setq major-mode-remap-alist
|
||||||
|
'((yaml-mode . yaml-ts-mode)
|
||||||
|
(bash-mode . bash-ts-mode)
|
||||||
|
(js2-mode . js-ts-mode)
|
||||||
|
(typescript-mode . typescript-ts-mode)
|
||||||
|
(json-mode . json-ts-mode)
|
||||||
|
(css-mode . css-ts-mode)
|
||||||
|
(python-mode . python-ts-mode)
|
||||||
|
(cpp-mode . cpp-ts-mode)
|
||||||
|
(c-mode . c-ts-mode)
|
||||||
|
))
|
||||||
|
|
||||||
|
(setq treesit-font-lock-level 4)
|
||||||
|
|
||||||
|
;; vterm
|
||||||
|
|
||||||
|
;; Vterm is a fully featured terminal emulator, that works inside
|
||||||
|
;; emacs buffers. It is miles ahead of "term" and "eshell" both in
|
||||||
|
;; speed and features.
|
||||||
|
|
||||||
|
(setq vterm-always-compile-module t)
|
||||||
|
(use-package vterm)
|
||||||
|
|
||||||
|
;;(add-to-list 'load-path (expand-file-name "~/dev/emacs-libvterm/"))
|
||||||
|
|
||||||
|
(defun vterm-less (content)
|
||||||
|
(let ((less-buffer (get-buffer-create (make-temp-name "vterm-less-"))))
|
||||||
|
(with-current-buffer less-buffer
|
||||||
|
(switch-to-buffer less-buffer)
|
||||||
|
(special-mode)
|
||||||
|
(insert (base64-decode-string content)))
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
(use-package with-editor)
|
||||||
|
(defun my-vterm-mode-hook ()
|
||||||
|
(add-to-list 'vterm-eval-cmds (list "less" #'vterm-less))
|
||||||
|
(with-editor-export-editor)
|
||||||
|
)
|
||||||
|
|
||||||
|
(add-hook 'vterm-mode-hook #'my-vterm-mode-hook)
|
||||||
|
|
||||||
|
(put 'upcase-region 'disabled nil)
|
||||||
|
|
||||||
|
(autoload 'vterm "vterm" "\
|
||||||
|
If vterm is not running yet, start it. Then, show the main
|
||||||
|
window, unless BACKGROUND (prefix-argument) is non-nil.
|
||||||
|
" t nil)
|
||||||
|
|
||||||
|
|
||||||
|
;; lua
|
||||||
|
|
||||||
|
(use-package lua-mode)
|
||||||
|
(setq lua-indent-level 4)
|
||||||
|
|
||||||
|
;; common lisp
|
||||||
|
|
||||||
|
(use-package sly)
|
||||||
|
(use-package sly-asdf)
|
||||||
|
(use-package aggressive-indent)
|
||||||
|
|
||||||
|
(add-to-list 'sly-contribs 'sly-asdf 'append)
|
||||||
|
(autoload 'sly "sly"
|
||||||
|
"Start an inferior^_superior Lisp and connect to its Swank server."
|
||||||
|
t nil)
|
||||||
|
|
||||||
|
(define-key lisp-mode-map (kbd "C-c v")
|
||||||
|
'sly-asdf-test-system)
|
||||||
|
|
||||||
|
;autoload 'sly-lisp-mode-hook "sly"
|
||||||
|
; "Set up sly for a lisp buffer."
|
||||||
|
; t nil)
|
||||||
|
|
||||||
|
(add-hook 'lisp-mode-hook #'aggressive-indent-mode)
|
||||||
|
;(add-hook 'lisp-mode-hook 'sly-lisp-mode-hook)
|
||||||
|
;(setq slime-contribs '(slime-fancy slime-company))
|
||||||
|
(setq inferior-lisp-program "sbcl")
|
||||||
|
|
||||||
|
|
||||||
|
;; Markdown
|
||||||
|
|
||||||
|
(use-package markdown-mode)
|
||||||
|
|
||||||
|
;; Dockerfiles
|
||||||
|
|
||||||
|
(use-package dockerfile-mode)
|
||||||
|
|
||||||
|
;; Yaml
|
||||||
|
|
||||||
|
(use-package yaml-mode)
|
||||||
|
|
||||||
|
;; CMake
|
||||||
|
|
||||||
|
(use-package cmake-mode)
|
||||||
|
|
||||||
|
;; C++
|
||||||
|
|
||||||
|
(with-eval-after-load 'eglot
|
||||||
|
(add-to-list 'eglot-server-programs
|
||||||
|
`(c++-mode . ("clangd"))))
|
||||||
|
|
||||||
|
(add-hook 'c++-mode-hook 'eglot-ensure)
|
||||||
|
|
||||||
|
(use-package clang-format)
|
||||||
|
(use-package clang-format+)
|
||||||
|
(add-hook 'c-mode-hook 'clang-format+-mode)
|
||||||
|
(add-hook 'c++-mode-hook 'clang-format+-mode)
|
||||||
|
|
||||||
|
;; Zig
|
||||||
|
|
||||||
|
(use-package zig-mode)
|
||||||
|
|
||||||
|
;; Terraform
|
||||||
|
|
||||||
|
(use-package terraform-mode)
|
||||||
|
|
||||||
|
|
||||||
|
;; Nix
|
||||||
|
|
||||||
|
(use-package nix-mode)
|
||||||
|
|
||||||
|
(use-package sudo-edit)
|
||||||
|
(global-set-key (kbd "C-c C-r") 'sudo-edit)
|
||||||
|
|
||||||
|
(provide 'init)
|
||||||
|
;;; init.el ends here
|
220
flake.lock
Executable file
220
flake.lock
Executable file
|
@ -0,0 +1,220 @@
|
||||||
|
{
|
||||||
|
"nodes": {
|
||||||
|
"emacs-overlay": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-utils": "flake-utils",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"nixpkgs-stable": "nixpkgs-stable"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1690655028,
|
||||||
|
"narHash": "sha256-6ApYk2XOiyDFKDus5Ysmiw591AgxJpxK4/5rWtRWYfU=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "emacs-overlay",
|
||||||
|
"rev": "2a52d78c85ee0608938670c7db79ffaba6f7b31d",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "emacs-overlay",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-utils": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1689068808,
|
||||||
|
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"home-manager": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1690652600,
|
||||||
|
"narHash": "sha256-Dy09g7mezToVwtFPyY25fAx1hzqNXv73/QmY5/qyR44=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"rev": "f58889c07efa8e1328fdf93dc1796ec2a5c47f38",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"knazarovcom": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1690578969,
|
||||||
|
"narHash": "sha256-aouJyTWiVstw8xRKxasvFdaO4r8H/ZBoMDpeF6Sz86I=",
|
||||||
|
"owner": "~knazarov",
|
||||||
|
"repo": "knazarov.com",
|
||||||
|
"rev": "01ca3704520430ca3b8a36f4ce9dd8581bbd77f6",
|
||||||
|
"type": "sourcehut"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "~knazarov",
|
||||||
|
"repo": "knazarov.com",
|
||||||
|
"type": "sourcehut"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1690659494,
|
||||||
|
"narHash": "sha256-aW5Iupj/GQ3ghbZJHxdLhwOrmMRkaVcpwBR/Qf7/Uwg=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "d63df5a32b6292679c95af0e41272ae0dcbb0186",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs-stable": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1690558459,
|
||||||
|
"narHash": "sha256-5W7y1l2cLYPkpJGNlAja7XW2X2o9rjf0O1mo9nxS9jQ=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "48e82fe1b1c863ee26a33ce9bd39621d2ada0a33",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-23.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs-stable_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1690066826,
|
||||||
|
"narHash": "sha256-6L2qb+Zc0BFkh72OS9uuX637gniOjzU6qCDBpjB2LGY=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "ce45b591975d070044ca24e3003c830d26fea1c8",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "release-23.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"q-sh": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1684711176,
|
||||||
|
"narHash": "sha256-PbMTPJNQMivX2uHthyDy4C1UUKD8moQVWlHPWiP9xI0=",
|
||||||
|
"owner": "~knazarov",
|
||||||
|
"repo": "q.sh",
|
||||||
|
"rev": "ee95b2afb54074fd004652816ffc9ad52fea9fc4",
|
||||||
|
"type": "sourcehut"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "~knazarov",
|
||||||
|
"repo": "q.sh",
|
||||||
|
"type": "sourcehut"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"root": {
|
||||||
|
"inputs": {
|
||||||
|
"emacs-overlay": "emacs-overlay",
|
||||||
|
"home-manager": "home-manager",
|
||||||
|
"knazarovcom": "knazarovcom",
|
||||||
|
"nixpkgs": "nixpkgs",
|
||||||
|
"q-sh": "q-sh",
|
||||||
|
"sops-nix": "sops-nix",
|
||||||
|
"vmatveevacom": "vmatveevacom"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"sops-nix": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1690199016,
|
||||||
|
"narHash": "sha256-yTLL72q6aqGmzHq+C3rDp3rIjno7EJZkFLof6Ika7cE=",
|
||||||
|
"owner": "Mic92",
|
||||||
|
"repo": "sops-nix",
|
||||||
|
"rev": "c36df4fe4bf4bb87759b1891cab21e7a05219500",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "Mic92",
|
||||||
|
"repo": "sops-nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"systems": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"vmatveevacom": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1686509156,
|
||||||
|
"narHash": "sha256-zV1DbAvNlfGznLdpCoqSNNXtAHFjzYaO9vY76BV+CnQ=",
|
||||||
|
"owner": "valeriya-matveeva",
|
||||||
|
"repo": "vmatveeva.com",
|
||||||
|
"rev": "4a5799dfa115f05bd09ced89bd962a35a9018978",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "valeriya-matveeva",
|
||||||
|
"repo": "vmatveeva.com",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"root": "root",
|
||||||
|
"version": 7
|
||||||
|
}
|
67
flake.nix
Executable file
67
flake.nix
Executable file
|
@ -0,0 +1,67 @@
|
||||||
|
# reference: https://github.com/kenranunderscore/dotfiles/blob/main/flake.nix
|
||||||
|
# also good: https://github.com/cab404/home
|
||||||
|
|
||||||
|
{
|
||||||
|
inputs = {
|
||||||
|
nixpkgs.url = github:NixOS/nixpkgs;
|
||||||
|
home-manager.url = github:nix-community/home-manager;
|
||||||
|
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
emacs-overlay.url = github:nix-community/emacs-overlay;
|
||||||
|
emacs-overlay.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
sops-nix.url = github:Mic92/sops-nix;
|
||||||
|
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
q-sh.url = sourcehut:~knazarov/q.sh;
|
||||||
|
q-sh.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
knazarovcom.url = sourcehut:~knazarov/knazarov.com;
|
||||||
|
knazarovcom.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
vmatveevacom.url = github:valeriya-matveeva/vmatveeva.com;
|
||||||
|
vmatveevacom.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
|
outputs = { self, nixpkgs, home-manager, emacs-overlay, sops-nix, q-sh, knazarovcom, vmatveevacom, ... }@attrs:
|
||||||
|
let
|
||||||
|
system = "x86_64-linux";
|
||||||
|
|
||||||
|
specialArgs = {
|
||||||
|
inherit attrs;
|
||||||
|
};
|
||||||
|
buildConfig = modules: system: { inherit modules system specialArgs; };
|
||||||
|
buildSystem = modules: system: nixpkgs.lib.nixosSystem (buildConfig modules system);
|
||||||
|
hostAttrs = dir: {
|
||||||
|
settings = import "${dir}/host-metadata.nix";
|
||||||
|
config = import "${dir}/configuration.nix";
|
||||||
|
hw-config = import "${dir}/hardware-configuration.nix";
|
||||||
|
};
|
||||||
|
|
||||||
|
node = dir: with hostAttrs dir; buildSystem [
|
||||||
|
({ config, pkgs, ... }: { nixpkgs.overlays = [ emacs-overlay.overlay q-sh.overlays.default]; })
|
||||||
|
sops-nix.nixosModules.sops
|
||||||
|
home-manager.nixosModule
|
||||||
|
config
|
||||||
|
hw-config
|
||||||
|
./configuration.nix
|
||||||
|
]
|
||||||
|
settings.system;
|
||||||
|
|
||||||
|
server = dir: with hostAttrs dir; buildSystem [
|
||||||
|
({ config, pkgs, ... }: { nixpkgs.overlays = [
|
||||||
|
emacs-overlay.overlay
|
||||||
|
q-sh.overlays.default
|
||||||
|
knazarovcom.overlays.default
|
||||||
|
vmatveevacom.overlays.default]; })
|
||||||
|
sops-nix.nixosModules.sops
|
||||||
|
home-manager.nixosModule
|
||||||
|
config
|
||||||
|
hw-config
|
||||||
|
#(dir + "/configuration.nix")
|
||||||
|
]
|
||||||
|
settings.system;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
nixosConfigurations = {
|
||||||
|
mira = node ./nodes/mira;
|
||||||
|
framework = node ./nodes/framework;
|
||||||
|
knazarovcom = server ./nodes/knazarovcom;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
109
gpg_public_key.asc
Normal file
109
gpg_public_key.asc
Normal file
|
@ -0,0 +1,109 @@
|
||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
|
||||||
|
mQINBGRqBOQBEADRhedy8VjKTZuSumg3LcidyZ5tUWAoYwJsCW8Xm80BflsRAjbi
|
||||||
|
Bxl/hcDjJcVzptX8WYp8+LC3TGR3COhw8DQbbZaQBNg9XziRYzzx973b+p/C35St
|
||||||
|
nB2xoaEbv6ofUZaprU51W1JWX0/ulpb4uJqQ5hzyewidcJ5Q9Jg5OmoMfSBv50b7
|
||||||
|
sZxtVA9Fy8z1GL76h+rjACxEaV6lMZZmf5X6eg2pLkUUPkltxDczgsVKBy1ETbnb
|
||||||
|
LFHi7FUKuPDwnMwxa2b7y7XXjmg27P6LXb5whlBv4XV8HP9ngZpKJPMhI96Nsa7W
|
||||||
|
up5k+UoenPwphplTJzdbJH+m1cUH4MFL69UCWnwz58/CTnyOXE0OnEVd3eLPcm81
|
||||||
|
IZ6xedLu/wTM20BxWi4uDgg433M1p4wPC4f8pIf64hVs0DN1YTBDYvpS1PR0X9gW
|
||||||
|
2gaCovi3v/oPTo3WViUAR6kGx/UL38mxW3Qnm5j8E5nIuWdTY2NvMVdEA852XzCb
|
||||||
|
XTNJ9aix8i3y6VMcDLptYNBcqBiabhlxRr76f0ZfUsu3KjFkxPOx3Jo6ne1BYnVX
|
||||||
|
LA2icRlo1cxXrc/9mP6YobNnWozIJ/YE6ZckYUi+y6zjCnH59QUz/P1XKZxormdt
|
||||||
|
puKaBQl8ns/iuO+NtdXDYmfU6WX3DwNd6vC8XMe+qJkX2npfDXfsmw9c+QARAQAB
|
||||||
|
tCZLb25zdGFudGluIE5hemFyb3YgPG1haWxAa25hemFyb3YuY29tPokCTAQTAQoA
|
||||||
|
NhYhBN20QjmZUFI2z1hfmwVgAgycV3wbBQJkagTkAhsBBAsJCAcEFQoJCAUWAgMB
|
||||||
|
AAIeBQIXgAAKCRAFYAIMnFd8G3VjEAC42yOkEG0RSpGX299aQk5kI50zv6HtRv0f
|
||||||
|
byPtqYskNIpPqW2C+ktccRu0auVf5PiAWHWiTiCl0tTk5MT+YuYwBHtfm/8S1pTT
|
||||||
|
ZZLNUHwI/gUYrQ+szwiSC+rYQEZ75WNrSjH9gtjthO9XldMAqMkvZlnfeaLu1ejI
|
||||||
|
PovPvJhijbWGkJqHgIALTxkYmu/AXcAqEfTb1cTjERqf4mxgYmufdofCwzlTlquV
|
||||||
|
rax74nhSNS0alfyrXY1EHe/ESg0/vdC79XJ+rMrZT9/8hOOl6HOWzIgRMCLEC7v/
|
||||||
|
vKpBDzXXEpoLF1c5fakHbcnHO5Mar+y9lh+x9xyEQzxUUqZcI+5cvJIOGbH7x+dt
|
||||||
|
JPGVhDjulmqa+cy3kWPRpWNIjEcdmC1oTGWYO1/odsdVD+Pao29VbN0YQ/p+i0zc
|
||||||
|
UzErJzIQ6X796rqmIF4hRSPc0wykSLFm2zc6HxNBfULXZypqzqn/dcz/851bvFmz
|
||||||
|
UYt9PDAgeeloA5iR/9LRkl8K5CX50OWDkktZ7rW7m1LtqaioyTdUVzP90my7+3r5
|
||||||
|
HMMHUj3mAuZBVBTzIAgG85qYforTZ2f4cD2caTES2HBRQSrGR5B+Hm1KURUPc5Gm
|
||||||
|
gasHzKSRegb/rPWXzSSmT1X4yZUAWTyoYy7uxAW0zcMlqxMgLXjEqNjY08tKOT0/
|
||||||
|
wq+vOmLNI7kCDQRkagV0ARAA5kC8AZl4mdmmYWo59WyONZEN1LtCL1GksFCWUx1R
|
||||||
|
qgNl4RR9hHv/A3DnJlnfGLmEH3Og7dfDB8uVDmf2kungtN5ACGAOPNeACAFY49qd
|
||||||
|
gl94eNGWsh3lIjuhwtsqhTsr7dUD1KoVWAQqT+kiEKewZCB8HrgEC0xjAtwMnGdQ
|
||||||
|
ZqlVKv+vFPvNKM9d9XBJblP4pjuJ/2e1Qee0IC+sp4ffuuCHv5SRZ87FBUb3jkDh
|
||||||
|
ndOktu8pls+I8rOpj5nTQ2fMjj6e5tLXnK3+fOxD96fmNMqa5chj/YOjT9oSGgop
|
||||||
|
TMOqpYckKPWQ9AY4sUEG7maUnMvNxYj4rnRtJDtnhg58wKJIxD9UZxb1jLIN4i//
|
||||||
|
ZCQymOp/gKB0PkhMyy5WkV2ebZGKp+0kjsnQKDV4a/dufel82OQlJaHbfKwebPuN
|
||||||
|
4Ety/fBHUDUI+YCoEJQ8WVvAT+Tt8laMv+7OQEwJnNZLgMOTQ3tpnABGO9yGmuEe
|
||||||
|
SSq51GWdQIjCiuwtLOYPJVf3mRJs45XwbJt98zVrAB3L3xyTwju7AYVuhcDiuQzE
|
||||||
|
46yGhb6imVJ5zf/p65I39n1CQUyC88NDAayF0waU0CIiFmaSqZrpTm51xedL96AX
|
||||||
|
BZgM2HECJvHkirjQI+ew/dj7jzzThvO+4NGRoEoWIquT2KK/pPFVl99gJoIMktj5
|
||||||
|
eFUAEQEAAYkEcgQYAQoAJhYhBN20QjmZUFI2z1hfmwVgAgycV3wbBQJkagV0AhsC
|
||||||
|
BQkB4TOAAkAJEAVgAgycV3wbwXQgBBkBCgAdFiEEuhvGDxMMfoZhHfe7TP4KQvpA
|
||||||
|
nCIFAmRqBXQACgkQTP4KQvpAnCKokQ//ewf8KUDrTKHMYR2lQxTlKH+Cywe7nX1P
|
||||||
|
UqBMKgRZK0AbHJCy+US+lgGFbjt3foPpwFWGp4HZcAbsfoiTKbCbcytD+CxBLIPy
|
||||||
|
8WmCGZljWiuD49LQ4EezMdpx8VbfDWbwFt0qVmwv78Dd7zPZ6UBC4fg1QpfQfNwf
|
||||||
|
Zx1ECIFGhHrPUYzVWMm/20FeVvIgWlAVZGf3k+ydC4n8pLoG5YMTNSIQ34oeAP+J
|
||||||
|
Jz7J1+Tt1Stb6mxWf/uLr/CKZD/V6aOXb+cKId/lhiNemLfTrU40kxeQj0sPPimc
|
||||||
|
9VhShwx+AtxSd1FSLLE0Z6XHr98DPzkrDb0ltGfq61VvdBR1yOK92AHtvkupcHtz
|
||||||
|
cB412lwrTeR6RkKDRj4hKmgcVKTHAQDF3VbGNwbPDamRpAKXvJGYculSg3S5wgCD
|
||||||
|
LcLmnFHWvwfIWPWGfk3FNNZEh/AaoGMQnYht//dhYgpUCVuIn2XJJwgjPIIIvprj
|
||||||
|
o/24pARyYGp2jj9CTKstW+ZDbbNm1J1kYCdyTEug5SucYVDxZi3QRTmbu2d4TAGb
|
||||||
|
nCiXGZoNDd1BfMB0+uvX16Yo80k+8itRWlc7szuIQfGvyM1A2RR3vJtIwH18Lf4i
|
||||||
|
s5GweHfswSWlTJotHhGnmkzhdZ6csVwUz6ECE7VP8uw2HAEEO0WJmwTOstFEuGzq
|
||||||
|
zu2t9KFPzmt6CxAAjttEr66/1NIYZQMJZmEyRMMc5gfSxHBH/h4+CblL2izR9AvI
|
||||||
|
RMDmklkLRS0ydifOWjGaphf5aAEEApVN9Rf9s6hi06F48g9HVkLQgUz1BcixUtbd
|
||||||
|
Ba3RK66I9k8gyYuCxQy8Eo6gLH/YFW8zeWil2W9czLNi5M85JZS2qK2PDrFq/jfy
|
||||||
|
visFU8IAlMJwarQdjqiyk/z+acSc3rCvlY4mm34kDl4Dey9Eug4TXJ94AXb68SOw
|
||||||
|
DCtRw7OIH62eYuMfYWB7atYGiRnm6O6a/BwYm0t3ejah7kWcJNcVz9qFiGWmAeBa
|
||||||
|
M8EF6rg+l6UuynPjLaoHBZROuRZ9JSmO7CJiZg6S2nGCncGpLI/AE74vKktoTrB5
|
||||||
|
Ogyis4r7jhi/tFOANMXGsXHwFukI3aFYwF9vhzyT/nuZ99+BvvEHxCLLvD/lIQs2
|
||||||
|
FBwMxW7rCFY/qxYwn0bJjlTNqmv7MlOsG1qHED6D6bc7qELBLNmlYSSMT5c4wa9m
|
||||||
|
xCPru1tpwSjoTd2YLR2cAgio1vxuFB9SpwmldYLtlzfWnbvTf2Ow1OIbM8+Ov2f3
|
||||||
|
XMPAkz6rgwYUK+mdskaY/RQd7XjvvlAqTf6ewYzgpmZozNt5aLbm5R8MF5dBwLr9
|
||||||
|
28qYQ/xiEDRkuFdY6+3W8iH6LP9jIC+3XU4cfomszyaEesVskv1Pj0bZg/C5Ag0E
|
||||||
|
ZGoF9AEQAL7TYMmTZSLcyoS5bJ5W8PN9gtq2LTEOaKuALoQMC7lWhL1cRfY3Fo1O
|
||||||
|
rD6MaUUkrqIb6Vne2cAfwp/YK5MzbPaGuFvtbm6UxhC1BSr+qLbzocpN0PuPQTd/
|
||||||
|
0N2KIWGkZt4v6I3hEvM3WH+prjlDDyJIdN9U15MesTEq7/t3C1bK+kjPfoDW+EkL
|
||||||
|
eU5FpfFgZ3GA5CpmATb5gP6IWBgSj1sptyU/4l7/ZltII8i9ZVOUfqWnu3YQomTj
|
||||||
|
jLR4RYJLlraUk2i2LVvOjjDoSjMjY6f6aRVXmMmBiyiWcsTF9nlfELIZg2SgGOUr
|
||||||
|
fGXMSXP8s0lDjqeeZLFqFTHqT6M1GuksY/svT7pB+ccj2e6WLiyyT+cUaYU6Wigt
|
||||||
|
cvuXYSLMvBJ3gBtA782m44zQF6Cyc0M5WPnxSD5hiSngHd9eooecuwf9Gs4ojyh3
|
||||||
|
NNx3+MYvLiFiE4nnswcwkE7jwU7uX8dPs+VQDfT7s/DARJyefRB6QIrxLJHWjnsy
|
||||||
|
4hq6M2tu8hS5MtcVUBG/mNNzTkyYr7JY3IYw3y6CEgvQmM+eroG2CnuUCIJj9gSu
|
||||||
|
7ei9ZGDXrgWfDRqaXPDkj9fo1RgsPPsV67UNNC0OF+kuDsd0OUdvv/QsE1qakILJ
|
||||||
|
nipnIOdALI2wlPfzvY/+M/gc+oszimoOqCdtTslwgBFPk+KCzu4LABEBAAGJAjwE
|
||||||
|
GAEKACYWIQTdtEI5mVBSNs9YX5sFYAIMnFd8GwUCZGoF9AIbDAUJAeEzgAAKCRAF
|
||||||
|
YAIMnFd8G9tUD/wN0gXEf2NB3m5OVcxw6NAc420r+Q3n/Em+VbULhiMFPSFybzL9
|
||||||
|
sq52QWJ8t44J/B3dVT0HjV5ClF+2j2h5KqigYJW2qhnMtVphr3UocfUyZTmtQSa4
|
||||||
|
hJ95aWTVe6Nq0X0PEnorC1fNVrTv+QN11OplG6Bqh/9og3JYBdAWe78TPVJHwPta
|
||||||
|
5fvl4yRq/iJAP8NwigDTySn7nEyoCHj/xaru9EyDvQVLJZF3PzvwhgNbu0ElRduZ
|
||||||
|
SqpAhEFo7B+UlOM/jrbz3cYWYVqo3leDh4XdRIX6J3zqfJkby7AfRnZcIk5+LIjM
|
||||||
|
nbvcoKdDaELX6gGMiblDRJnDcgw7Bt+Mkex3XaIiYoD1Y36TyV+EOTrpOHz9+jij
|
||||||
|
Oo7gtm9Zm5v6QakB+PVFT1dSMc1DJAOlSrqui60tLEv99/xcZ4KZu3cW/wzCGBf0
|
||||||
|
bh8GWfLmkHPZNtE30E6TmUfrAus9OSst7kQr2HCPWhiuOgteh33w2UGHPmLYUx1x
|
||||||
|
9C8KsfR13fwFL7qrqA2EaKMj5DN6+18EM0oFb39KSD3frvO1DZSc6hIt2VVCG14j
|
||||||
|
V724J88cjJJ8N+7EWz6zujntmY0ybxabzl28KC53ga3A+e1/+HcNxv4u5DQRCHkV
|
||||||
|
iRw+Ye6ol35ju8iKHqA8BPRa4HT/qNGf4fXEsXeqfjWLJwQcmFFuyUdf3rkCDQRk
|
||||||
|
agZZARAAr7G+8P0WRvZh74noIEoDP3dGg0B7LuwKE2VQfItIzePMLJv2mihl8QaJ
|
||||||
|
KPDjBLsLxvtuzv1tY1mcLzdXtxEn+ZkY4nU3s39fLI5ir9zbqdeyCiUdHq9dzGjz
|
||||||
|
I3lSitHfuh+5x1oL/Ro06eDx3weDBC0AJ5sbsE12zTBpF3IS26Ok2UIOSfSdhvGI
|
||||||
|
oZsRKrdxIyQAgrQJHgNgq3m65fwLOv0n8TZNjrDe6dEUYW2RwecKLhADHwUvZWTn
|
||||||
|
55zPfyUMTFWVp2dnoasc+RFSF+xH7/rnkKlfNW8sRYbkU91dxM1h7uONxZI6l3rf
|
||||||
|
8gmlF8bL2iYDxTK6wsxoxgxTKHFsp9UE6HF9yZFYzrdxu+5wV4nasBP/bSNo3QPo
|
||||||
|
R338XqbhnYC/xo7+phTEy4ImZLsLh3IkkvCF46Fg0pF9vQVMyZOOJ2ml4GBTl0rT
|
||||||
|
OwlGKyqgs/Ket5hBy2ZKCxRPDlKbFk4wsQaoGRk3HDH5M3l2ESDiezadujllmXwO
|
||||||
|
b88cWtij9rK91BKHtnST0svqVPLsNCAVQOSN0v+AV6rr2LXLxkMoKNywMhU2hCTZ
|
||||||
|
Mkn/Ext6HTtXz5e0UcpUzLCbd4QV/S1sRgRvvGyF01mvmV4397SeqExN/fQSHTgk
|
||||||
|
VcjknxNwhsog4fBFDJCMGeOL+w/+phLZVgbq9LIxCDMQas34SQEAEQEAAYkCPAQY
|
||||||
|
AQoAJhYhBN20QjmZUFI2z1hfmwVgAgycV3wbBQJkagZZAhsgBQkB4TOAAAoJEAVg
|
||||||
|
AgycV3wbJdAQAIZgZH7Zuhs1Icv8J/Oufs6Gv9yvGA39eNW+CMA8lejV9l0sSryI
|
||||||
|
X+jqa3KCtyaCvIppJq6SyfDQjM6CsVxMsXPdCosIY11xDbacSLoZJZJlXjTCxPKd
|
||||||
|
KQdMgu6gp8D1p3/J0cOE0P2L4khUq5y5/W2h6R8D13qPsjgeHixMwof4UNAqzcWA
|
||||||
|
gOIkUR9nguvpXsLbGD2EiZ/zDnv9LhTYWt171/w4AiithZk7FyO1fBcd+1RaVmZx
|
||||||
|
odFZi/0U2rm8aKcBLzL7PD0bPAaPxgVxaaOCtBisZ+l9Q5etDGTz1dLslF8P/ISD
|
||||||
|
vMRgMmg2pNewR3DSNUa3GGUWgxZYd4ndarwZGEec+/zSMLqNh2wd3fw5Hi0SRR4/
|
||||||
|
zUbeXPW1DPvMDZHxfVoS5hlwmo+BdZ1M5u5thgMsXI9nyuF7jIGrl4a+aDECNa9f
|
||||||
|
Vzutbm9DGPZ+9j21nbljGPOV7q+hDmYGD+KC1+nOzXiB9SYad+gF2yPo8xZNyRWL
|
||||||
|
CM9zT0dxamzgW8W0I3AxXKoTP1p6UstmuAdIczu9kd4N7T/dgA6oMDchNqEBLZ+G
|
||||||
|
2XvMe6dH8kYKZBLYi59hXUb5vX1YWPJRlNjHASsBSWl8yVRwILPawNnoOUS5ehxA
|
||||||
|
YXNBqvlCHex34MNWDC9nXPHYwhJ/7RT4/oSkDdITh22uBfw7W2ntZkaF
|
||||||
|
=Wr86
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
22
nodes/framework/configuration.nix
Normal file
22
nodes/framework/configuration.nix
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
{ self, config, lib, nixpkgs, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# Bootloader.
|
||||||
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||||
|
|
||||||
|
# Setup keyfile
|
||||||
|
boot.initrd.secrets = {
|
||||||
|
"/crypto_keyfile.bin" = null;
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.hostName = "framework";
|
||||||
|
# Enable swap on luks
|
||||||
|
boot.initrd.luks.devices."luks-20e33e39-6349-4763-ab23-c14cde35055f".device = "/dev/disk/by-uuid/20e33e39-6349-4763-ab23-c14cde35055f";
|
||||||
|
boot.initrd.luks.devices."luks-20e33e39-6349-4763-ab23-c14cde35055f".keyFile = "/crypto_keyfile.bin";
|
||||||
|
|
||||||
|
}
|
44
nodes/framework/hardware-configuration.nix
Executable file
44
nodes/framework/hardware-configuration.nix
Executable file
|
@ -0,0 +1,44 @@
|
||||||
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
|
# and may be overwritten by future invocations. Please make changes
|
||||||
|
# to /etc/nixos/configuration.nix instead.
|
||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
fileSystems."/" =
|
||||||
|
{ device = "/dev/disk/by-uuid/ba814b49-32a4-469a-867d-e00c697c25dd";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.initrd.luks.devices."luks-8a5e5d06-1728-4275-9ca6-0a9c8e959796".device = "/dev/disk/by-uuid/8a5e5d06-1728-4275-9ca6-0a9c8e959796";
|
||||||
|
|
||||||
|
fileSystems."/boot/efi" =
|
||||||
|
{ device = "/dev/disk/by-uuid/9818-F10B";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices =
|
||||||
|
[ { device = "/dev/disk/by-uuid/eb01f39e-e4c2-4bff-8994-b859e338343c"; }
|
||||||
|
];
|
||||||
|
|
||||||
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.wlp170s0.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
|
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||||
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
|
# high-resolution display
|
||||||
|
# hardware.video.hidpi.enable = lib.mkDefault true;
|
||||||
|
}
|
4
nodes/framework/host-metadata.nix
Normal file
4
nodes/framework/host-metadata.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
system = "x86_64-linux";
|
||||||
|
host = "framework";
|
||||||
|
}
|
117
nodes/knazarovcom/configuration.nix
Normal file
117
nodes/knazarovcom/configuration.nix
Normal file
|
@ -0,0 +1,117 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[
|
||||||
|
./hardware-configuration.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.loader.grub.enable = true;
|
||||||
|
networking.hostName = "knazarovcom";
|
||||||
|
boot.loader.grub.device = "/dev/vda";
|
||||||
|
|
||||||
|
|
||||||
|
users.users.knazarov = {
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = [ "wheel" ];
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJkgpPDojl4RtsuFLIsHkH/19s3trYljdn/Jmbb3FCHNAAAABHNzaDo= knazarov@framework"
|
||||||
|
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIO7W7yDKxAj9u1hu3zsZMJW+0HUnA/C/rkbuzkQantkaAAAABHNzaDo= knazarov@mira"];
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
vim
|
||||||
|
sops
|
||||||
|
goaccess
|
||||||
|
];
|
||||||
|
|
||||||
|
services.openssh.enable = true;
|
||||||
|
services.openssh.settings = {
|
||||||
|
PermitRootLogin = "no";
|
||||||
|
PasswordAuthentication = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
security.pam.enableSSHAgentAuth = true;
|
||||||
|
security.sudo.wheelNeedsPassword = false;
|
||||||
|
nix.settings.trusted-users = [ "@wheel" ];
|
||||||
|
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts = {
|
||||||
|
"knazarov.com" = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
root = "${pkgs.knazarovcom}/srv/knazarov.com";
|
||||||
|
|
||||||
|
locations."/.well-known/matrix/server" = {
|
||||||
|
extraConfig = ''
|
||||||
|
default_type application/json;
|
||||||
|
return 200 '{ "m.server": "matrix.knazarov.com:443" }';
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
locations."/.well-known/matrix/client" = {
|
||||||
|
extraConfig = ''
|
||||||
|
default_type application/json;
|
||||||
|
return 200 '{ "m.homeserver": { "base_url": "https://matrix.knazarov.com" } }';
|
||||||
|
add_header "Access-Control-Allow-Origin" *;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"vmatveeva.com" = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
root = "${pkgs.vmatveevacom}/srv/vmatveeva.com";
|
||||||
|
};
|
||||||
|
"matrix.knazarov.com" = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
locations."/_matrix" = {
|
||||||
|
proxyPass = "http://127.0.0.1:8008";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
security.acme.acceptTerms = true;
|
||||||
|
security.acme.certs = {
|
||||||
|
"knazarov.com".email = "mail@knazarov.com";
|
||||||
|
"vmatveeva.com".email = "mail@knazarov.com";
|
||||||
|
"matrix.knazarov.com".email = "mail@knazarov.com";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.dendrite = {
|
||||||
|
enable = true;
|
||||||
|
environmentFile = config.sops.secrets.matrix_registration_secret.path;
|
||||||
|
settings = {
|
||||||
|
global = {
|
||||||
|
server_name = "knazarov.com";
|
||||||
|
private_key = config.sops.secrets.matrix_key.path;
|
||||||
|
jetstream = {
|
||||||
|
storage_path = "/var/lib/dendrite/nats";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
client_api.registration_shared_secret = "$REGISTRATION_SHARED_SECRET";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.dendrite = {
|
||||||
|
serviceConfig.SupplementaryGroups = [ config.users.groups.keys.name ];
|
||||||
|
};
|
||||||
|
|
||||||
|
sops.defaultSopsFile = ./secrets.yaml;
|
||||||
|
sops.secrets = {
|
||||||
|
example_key = {};
|
||||||
|
matrix_key = {
|
||||||
|
mode = "0440";
|
||||||
|
group = config.users.groups.keys.name;
|
||||||
|
};
|
||||||
|
matrix_registration_secret = {
|
||||||
|
mode = "0440";
|
||||||
|
group = config.users.groups.keys.name;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
|
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||||
|
|
||||||
|
system.stateVersion = "23.05";
|
||||||
|
}
|
32
nodes/knazarovcom/hardware-configuration.nix
Normal file
32
nodes/knazarovcom/hardware-configuration.nix
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
|
# and may be overwritten by future invocations. Please make changes
|
||||||
|
# to /etc/nixos/configuration.nix instead.
|
||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [ ];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.kernelModules = [ ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
fileSystems."/" =
|
||||||
|
{ device = "/dev/disk/by-uuid/3c286fff-9eaf-4839-9b29-5c686d33cf49";
|
||||||
|
fsType = "btrfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices =
|
||||||
|
[ { device = "/dev/disk/by-uuid/976561a7-9e30-42cf-8598-97f1d93cafed"; }
|
||||||
|
];
|
||||||
|
|
||||||
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.ens3.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
|
virtualisation.hypervGuest.enable = true;
|
||||||
|
}
|
4
nodes/knazarovcom/host-metadata.nix
Normal file
4
nodes/knazarovcom/host-metadata.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
system = "x86_64-linux";
|
||||||
|
host = "knazarovcom";
|
||||||
|
}
|
44
nodes/knazarovcom/secrets.yaml
Normal file
44
nodes/knazarovcom/secrets.yaml
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
hello: ENC[AES256_GCM,data:Bv1MBhqWVzeDc0Qx0n3QagUbEUDUjCARZNiQ4qYnX9PsiQvHN21vsBiu9blBaA==,iv:rhxag0W9EER7lNRY9WsrvOyxxvqC7DSjgI9KR71hjm4=,tag:qJoMp8G0jQGBeoakBR+Zlw==,type:str]
|
||||||
|
example_key: ENC[AES256_GCM,data:J09ZRQJg34iARNVGlQ==,iv:tFtCB+FfSLJad4oQNJsyOE9lz6y3Pj8nNq4x5WswNNs=,tag:8+OWJHmXzUrDl6qrSvWlYA==,type:str]
|
||||||
|
matrix_registration_secret: ENC[AES256_GCM,data:YbEp3LRrMs3gGG9tE1CCXXWoFdV9hXaTx4/VOHwSqyxAlQWnBXGUHwI6R1fE0e6ZzLT2+9g=,iv:YXLG/GsfRxSMwLd0Trl7xjuVPdAe7krEbh5YxAYzOb8=,tag:DYoEoMGH76pkVr6DAzjj+g==,type:str]
|
||||||
|
matrix_key: ENC[AES256_GCM,data:+7Ru9Q57kECDCPp/SjvdIDFGveFJ8XI8/Dv+tTwpUdRt6yNeXOT1his8kP/F9Bod5LZLKD+3mZBJV39GCfl7Mha1pQowWj3UGLwUu1o/wJ2G83YSoa9leJc9Ug9vBSixAsP34g9lUTD/zrlvQtCNjZbtqx3D4B4DTUWUmN8jiE1ah+zXoO4U5YY=,iv:gUdM5cEh+LMP++1I7F/+148u7HBY3SKQvGVcVX6bL/U=,tag:evbi9tmmlbklrpaB1tvezA==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1esdg28lplhhvrj6vmqu9x0adyxj5trp2dp7my3k57kjhkstkk9cqkg5qkj
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5ODlUK3d2RkoyQU11MFlT
|
||||||
|
SW1UeWhzYmxDQW40UkMyUmpGNGpJZjh3SldZCjNTR2NiajUrT1VybWRYbTNrZUs5
|
||||||
|
UE9kQ0pOb2FrSzk0d2tiNGtMQW83K1UKLS0tIDdKUE9CRlZwN0hMcXdhdWRvNXFh
|
||||||
|
anBCR0NXVlhLSXVCc2swTzNqOUFOSkUKyIRL9aCv3m6Qz7OaE7dSYzFYNeeFEprW
|
||||||
|
/9XLB4FzTCK3xoBeeFGevm8Z6z9k+2eku5dQUjAZ5FrVZLPM+fUgRw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2023-06-11T20:37:31Z"
|
||||||
|
mac: ENC[AES256_GCM,data:7ke0oXjI31ocCqOxDriTOIVTm4Y/vsNKrsS1GioenIzzUBmkc+cFABuczAbkLMr7C0AEgMdHEA57e56xArQWJTNb0juBsA4oBWzIYxm/sYhZRdh29Mbp3zoJsNkLeiSi9JjF5Rptr5k8x01CV5swthStGUMQQ0TfbAQmqG7blBg=,iv:DSMu0htVdJ02yIqm6OTFsIejV901PryF9D6U/K5XqPk=,tag:yo1h+zrv5RFL/NniiZ70Bg==,type:str]
|
||||||
|
pgp:
|
||||||
|
- created_at: "2023-06-11T20:10:06Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
wcFMAz3KbDTqPV7IAQ/6A4DxTlvQhUDgjBwnYmXSKIjcSo8baOoPNrkYDpAOdMFd
|
||||||
|
IzQ6gVHwQWKTifuvv6rWArwDW1vD6pC8urmvCB0kzoGPr/4oX/K+881aTREJKmIe
|
||||||
|
DMZd1kz9N+hw92fJ1SCwYPgTwdjm2+e1yaHl1SzM/N1TgO1Li0LA9ZH+zxwheLBw
|
||||||
|
zJtdX6ND894MiptITBfNhkXKxj1YpyZvZeoFbR6Tj2fnyTPxgNluHKDXVpuY8m7f
|
||||||
|
Ma/rdd2eXcOJBpI2iVnkgVqnwjP+lSpYAYvjYeAoe6z+0Cmh8/qpqS1UrdhqUUgI
|
||||||
|
An75cYeUV9XjuozuvyUcTvHaOFygDK++W8Q/50s9aniz9kyy88fV0PZH1TsByu9N
|
||||||
|
wi3PTYc3VpkeIyDz+T4Xk++8jCWyUXBS6LB+9AxTFGRmnjv5u93JQ7m+82lkhpR/
|
||||||
|
DVgdGZKpD2wUvfF1pCGq3qXL/Cy1EOs5PDkbirmqvMLgkcRNn4+cuJqbLsHR+T5F
|
||||||
|
hngtOKFhcgaFtrNLN8p59PTvW4xI+CkAkhKFQs7MCS3SjtojGqVxeKJQlTws3P6P
|
||||||
|
QRxbNlMh2YagSAhVHl2uJGOYey0ylvU0ROZFL4F4FQWEcGv7zHBxGr9d6yv9ygrF
|
||||||
|
6KO25T1y8w6jnptZfnGTaMW83stOLGUyRRp7x3OxfOZbDabvnLwzqKyfPgNXv03S
|
||||||
|
UQENFxwrbTf+YiKpzF9Z99CmMEqVEJBZz9cO5jnBffN2/bRb8KNaImiDge759QSn
|
||||||
|
cpfJadxIM1KFbj54Y0CS8GuRN2ycl8myhqGsC0D1W0kFXA==
|
||||||
|
=rJP2
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: DDB4423999505236CF585F9B0560020C9C577C1B
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.7.3
|
22
nodes/mira/configuration.nix
Normal file
22
nodes/mira/configuration.nix
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
{ self, config, lib, nixpkgs, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# Bootloader.
|
||||||
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||||
|
|
||||||
|
# Setup keyfile
|
||||||
|
boot.initrd.secrets = {
|
||||||
|
"/crypto_keyfile.bin" = null;
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.hostName = "mira";
|
||||||
|
# Enable swap on luks
|
||||||
|
boot.initrd.luks.devices."luks-8aa0584a-df60-42c3-adc2-d88b85544c85".device = "/dev/disk/by-uuid/8aa0584a-df60-42c3-adc2-d88b85544c85";
|
||||||
|
boot.initrd.luks.devices."luks-8aa0584a-df60-42c3-adc2-d88b85544c85".keyFile = "/crypto_keyfile.bin";
|
||||||
|
|
||||||
|
}
|
50
nodes/mira/hardware-configuration.nix
Normal file
50
nodes/mira/hardware-configuration.nix
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
|
# and may be overwritten by future invocations. Please make changes
|
||||||
|
# to /etc/nixos/configuration.nix instead.
|
||||||
|
{ config, lib, pkgs, system76, modulesPath, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
|
||||||
|
boot.kernelModules = [ "kvm-amd"];
|
||||||
|
|
||||||
|
boot.kernelParams = [ "mem_sleep_default=deep" ];
|
||||||
|
|
||||||
|
fileSystems."/" =
|
||||||
|
{ device = "/dev/disk/by-uuid/1a71ab59-b65c-4866-a76c-a1372cc30cb8";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.initrd.luks.devices."luks-ad5fe721-9e57-45ae-bc7a-9724590d97e8".device = "/dev/disk/by-uuid/ad5fe721-9e57-45ae-bc7a-9724590d97e8";
|
||||||
|
|
||||||
|
fileSystems."/boot/efi" =
|
||||||
|
{ device = "/dev/disk/by-uuid/36AD-6828";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices =
|
||||||
|
[ { device = "/dev/disk/by-uuid/9ea6aaab-0e78-411f-90fa-5161d897419b"; }
|
||||||
|
];
|
||||||
|
|
||||||
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.enp16s0.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.enp21s0u4.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
|
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
|
|
||||||
|
# for mira
|
||||||
|
hardware.system76.enableAll = true;
|
||||||
|
}
|
4
nodes/mira/host-metadata.nix
Normal file
4
nodes/mira/host-metadata.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
{
|
||||||
|
system = "x86_64-linux";
|
||||||
|
host = "mira";
|
||||||
|
}
|
53
secrets.yaml
Normal file
53
secrets.yaml
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
hello: ENC[AES256_GCM,data:+LPt8J+Ks1m10+zZ2Q96r3K2W6Yeng7M7+c2TYDQ+/4AJl6Xc6hVnU8PKk28RA==,iv:v3B/CcFFA7kuuPcYDa5qha0ZrtskW5p443Zm8kM7xqA=,tag:r8Y9uf1dmp+VfJOHFG75PQ==,type:str]
|
||||||
|
fastmail_password: ENC[AES256_GCM,data:tHr8PqIg9DigRBu2bgjUeg==,iv:NI9bENFPuKcOt1cd2kg2DKU22J1dJ+3mK7UoceZagR4=,tag:oEgeQb1iLKisOqHi9Ds7xg==,type:str]
|
||||||
|
github_token: ENC[AES256_GCM,data:E1+wrI5VUlnsqfKNH6fY7IXqHIiagAByLYCfIfdd2+HcvniAvZzaIyKB3nma5eks3csN5A9XgYXRb09lELroW00obmIWbWZPdFhDccHRtVOqFq/r+x27O/3MAkDqID5mc8xD8SqWUibr9UZfXjFcXC4bx7+a4pyy45akz9RLIJRVKDzxMBGmZ/wQcuFS9uy2Pv2yWRL7q4olzvc/kzNFRWCLU7ThIAJSIx//NluOE8xjsA==,iv:Cdc2wwGdXprch1hHd0CwJM6vUAYmfhI4FpcKjcoIZYY=,tag:so8BJtjHGcGzayPqMwy43A==,type:str]
|
||||||
|
mullvad_account: ENC[AES256_GCM,data:CO4wl2vNAMEC9oy37nIrpw==,iv:a3w64u8XQ/tihIDxIPPtdZ6F7dldLPvRzGUs1MpVe4M=,tag:HQxJVuGEvI0fVj8yGptbdA==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1le98v5v0xnlnc4y0ydgj9kwfftt8g5wduws8zsadgc97pj0fzecs55tjvz
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXR0U3YzJ0cmlJT3kyM1RX
|
||||||
|
TFVqYXd2ZExQbjlYV25zOTRRdURZMFB6aFhvCldENzRReWFUVC9Eb3Y5YjZ1dTN3
|
||||||
|
SFBMb2hHUU1hbHUxaTlmQ1g0MldvS1EKLS0tIGlIVi9VTFpWa2tUL0dNTkdxcUh6
|
||||||
|
Wkw4bzhQQkZTL2NWWkdZZG56SXIzUjAK1BAmCn/xthTFMuGi+wfxtmGbl8OGDWVd
|
||||||
|
eK292+qPudunqhhkuCvRCSO4A/MOIYcuiGN4IgIpw3rt8IdcypjOzQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1rkmhgep2jhdnma24x7ufzr686cwq6p3nk7mmedykan0d7c36xaus2y58sw
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOWnR2b3F5SWp3VlJHQXB1
|
||||||
|
WlJhWFJ4ZWZsd3FvaVBYMzlSNnE1R3JQWEdZCnh4bjNOVytBWE1DT1JZN1ZCYnN5
|
||||||
|
TXB2NDFnSldQRlJBOWtjTStBT0cyS3cKLS0tIGdBY2YyWm83dVN0bk4vOVhQRS9x
|
||||||
|
U3loV2xDMkM5SWNXRDJobDloL0FVUUkK3OP7KvcKkE8mJ880dm6LMFZUxELjl8/P
|
||||||
|
6+q8qAYiAvl0Cbd4GzkNpUuBbLlFFWfFmC0vbgg8gyZ6xI5AFhHAPw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2023-07-09T20:32:29Z"
|
||||||
|
mac: ENC[AES256_GCM,data:c9+qPvLsiCgZPZ2vguQGCb+5LEr8cg32VGCyUvqiqICq5xtMZeDK7Uj8n0yLj0USaZ7bttUiI2CBpEl6anRSrXUGoJwmvJboXVi9/Xex5tv45hvdGA4Hd3P88K8kVRankOVhpogBRzcOpp4JsrtgxDTKabekpnaEr2l7H+5sXDU=,iv:no7t2FUwUaQWiuDDHe3Z5C5zoG5rnMeD9ar8PhtxyE4=,tag:AJYWdPdRGhG5epTsiD+cTw==,type:str]
|
||||||
|
pgp:
|
||||||
|
- created_at: "2023-06-10T01:03:11Z"
|
||||||
|
enc: |-
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
wcFMAz3KbDTqPV7IAQ/9ExkcLHiNnRPI9tls9yD6/FhLDoNnQDeDlezcHarqGXF8
|
||||||
|
971t2odI+vHFMNfq3xNqCbIBsycwP9FTey3P1bMnUuZ7Pp1kFc4Z3DFjm3nsnoky
|
||||||
|
PnoRfPJzETOmwb4TExv6XxlUAnjzPWkRrhWL4sacg9ia+LIa1mBzHkc2h0ldNcDF
|
||||||
|
TkG/tbPR6raJcd4LgVvPJLpBe7FUQAQDsQ3mozt364KnZ+poltR5sf4kttAhfgVt
|
||||||
|
lbkbFleOsIc1mhmQSMbi4ta6ofc96XPyHN7rwAGWIrhxUl9oGpnLrlxNXxytNYLG
|
||||||
|
hokRnFgi5DQMIhzO2DJb3Z88+92+xpub5IOhUhn5vJJcT74NNXcGd9/1b4srLdDt
|
||||||
|
NoFtKEZQWBys0u3wrJUW3Lm/ouEmDPuQbSZlV3/dddMF6Vx4KixU/03yg3fBuHUF
|
||||||
|
f7zhw1l1fGuKv4FFLGgAShMsqPOK+KZswHQr2JSE1tv69VbD2C11wmf2lr5tmJBM
|
||||||
|
Dy3HNPsIFsmzkAVt5be0ehZbyF91Gwjg89TO4gV8PN2gSVWxBwk5n7jKpoKOta3e
|
||||||
|
PYyC/z/OVp0HayxZOIShhdY1N9lxAYXO1kS8AhpGttAj5Xd4jm3gr6O8+6sM8yqL
|
||||||
|
BYKR2g/dnPm1QcChPTNxSgzmYxhK0Rud4mNXw/RB9DPTHlBbjkt4pDvrm/UvJZXS
|
||||||
|
UQHNnqrqjq3U8cLpP6x1wGexp+VilezFpzzrR9B9nLWVvskbfeUy3CoIq4Kedzoh
|
||||||
|
9l1/byLB8CIcnDz7ewA3wZsCYCuP+np8uvbMx9srJVia8Q==
|
||||||
|
=3Z1t
|
||||||
|
-----END PGP MESSAGE-----
|
||||||
|
fp: DDB4423999505236CF585F9B0560020C9C577C1B
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.7.3
|
9
switch.sh
Executable file
9
switch.sh
Executable file
|
@ -0,0 +1,9 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
if [ "$1" = "mira" ]; then
|
||||||
|
nixos-rebuild switch --use-remote-sudo --flake `pwd`#mira
|
||||||
|
elif [ "$1" = "framework" ]; then
|
||||||
|
NIX_SSHOPTS="-t" nixos-rebuild switch --target-host framework --use-remote-sudo --flake `pwd`#framework
|
||||||
|
elif [ "$1" = "knazarovcom" ]; then
|
||||||
|
nixos-rebuild switch --target-host knazarov.com --use-remote-sudo --flake `pwd`#knazarovcom
|
||||||
|
fi
|
BIN
wallpaper.jpg
Executable file
BIN
wallpaper.jpg
Executable file
Binary file not shown.
After Width: | Height: | Size: 122 KiB |
Loading…
Reference in a new issue