Compare commits
139 Commits
Author | SHA1 | Date |
---|---|---|
Alexandre LUCAZEAU | d7a7573621 | |
Alexandre LUCAZEAU | d46068a1fe | |
Alexandre LUCAZEAU | 8de673c14d | |
Alexandre LUCAZEAU | 3c497e4d50 | |
Alexandre LUCAZEAU | c56e8e1062 | |
Alexandre LUCAZEAU | 3bcf24b6a7 | |
LUCAZEAU Alexandre | b9cd78e43a | |
LUCAZEAU Alexandre | b6908d9fb5 | |
LUCAZEAU Alexandre | 06ce7c704c | |
Alexandre LUCAZEAU | a9baa4d7e1 | |
Alexandre LUCAZEAU | 99fb4d9338 | |
Alexandre LUCAZEAU | 1a6aaf8b88 | |
Alexandre LUCAZEAU | 4f31d688a9 | |
Alexandre LUCAZEAU | bba08e6d7b | |
LUCAZEAU Alexandre | 7fbb88d06c | |
LUCAZEAU Alexandre | 07ac227763 | |
LUCAZEAU Alexandre | 88c631ca05 | |
LUCAZEAU Alexandre | c755ef21b7 | |
LUCAZEAU Alexandre | 7cd30aba59 | |
LUCAZEAU Alexandre | 88d76a48f4 | |
Alexandre LUCAZEAU | 154f768453 | |
LUCAZEAU Alexandre | f1551db735 | |
LUCAZEAU Alexandre | 60876aa336 | |
alexandre | 74a7fbc330 | |
Alexandre LUCAZEAU | 30ef40d9d7 | |
Alexandre LUCAZEAU | 9b7fd6bc83 | |
Alexandre LUCAZEAU | d863842579 | |
Alexandre LUCAZEAU | 5eddacb1bf | |
Alexandre LUCAZEAU | e0cc780346 | |
Alexandre LUCAZEAU | 7dbfbda8d7 | |
Alexandre LUCAZEAU | 40d1e8a325 | |
Alexandre LUCAZEAU | 4ec119d7c6 | |
Alexandre LUCAZEAU | 95e68c60f8 | |
Alexandre LUCAZEAU | 3d6b171a43 | |
Alexandre LUCAZEAU | 12fc483e17 | |
Alexandre LUCAZEAU | 07a61cc3d3 | |
Alexandre LUCAZEAU | b81d52cc8b | |
Alexandre LUCAZEAU | 086d9760bc | |
Alexandre LUCAZEAU | aca6464f5b | |
Alexandre LUCAZEAU | 26f42cb446 | |
Alexandre LUCAZEAU | 13987650a7 | |
Alexandre LUCAZEAU | 589fa7fcbe | |
Alexandre LUCAZEAU | ea886aec7c | |
Alexandre LUCAZEAU | 17001c6525 | |
Alexandre LUCAZEAU | 9bb93507cc | |
Alexandre LUCAZEAU | 9219c624e6 | |
Alexandre LUCAZEAU | 1fd60ef277 | |
Alexandre LUCAZEAU | b033f64e7f | |
Alexandre LUCAZEAU | d78f9fdf35 | |
Alexandre LUCAZEAU | a1525be05a | |
Alexandre LUCAZEAU | 3162a9fb11 | |
Alexandre LUCAZEAU | 65b65d8645 | |
Alexandre LUCAZEAU | d7224bb1de | |
Alexandre LUCAZEAU | 0606c9dd37 | |
Alexandre LUCAZEAU | 10d7de15b8 | |
Alexandre LUCAZEAU | d9a33394ec | |
Alexandre LUCAZEAU | dfd9be293c | |
Alexandre LUCAZEAU | 26154dbcae | |
Alexandre LUCAZEAU | 9722998bf0 | |
Alexandre LUCAZEAU | 2eca5e8af4 | |
Alexandre LUCAZEAU | 200afd51b1 | |
Alexandre LUCAZEAU | 823553a440 | |
Alexandre LUCAZEAU | 668876dbb2 | |
Alexandre LUCAZEAU | 3e09f26891 | |
Alexandre LUCAZEAU | c705573a0e | |
Alexandre LUCAZEAU | d712571efb | |
Alexandre LUCAZEAU | 2c6a69c74c | |
Alexandre LUCAZEAU | 7bf0b6e7db | |
Alexandre LUCAZEAU | 7c80d88a9d | |
Alexandre LUCAZEAU | 3b6b76c6cf | |
Alexandre LUCAZEAU | e766f11ae2 | |
Alexandre LUCAZEAU | c627585531 | |
Alexandre LUCAZEAU | 1191cd5a62 | |
Alexandre LUCAZEAU | 8de3cdf6a7 | |
Alexandre LUCAZEAU | 45dce66310 | |
Alexandre LUCAZEAU | 9131db7d33 | |
Alexandre LUCAZEAU | 8c49155a1c | |
Alexandre LUCAZEAU | b4a668e8b8 | |
Alexandre LUCAZEAU | 4d691af4bc | |
Alexandre LUCAZEAU | 59000ce576 | |
Alexandre LUCAZEAU | 6280c773da | |
Alexandre LUCAZEAU | 6a4bfd0ba8 | |
Alexandre LUCAZEAU | a271956d6a | |
Alexandre LUCAZEAU | 08e8bd46c6 | |
Alexandre LUCAZEAU | ce000c0738 | |
Alexandre LUCAZEAU | a63163e2f2 | |
Alexandre LUCAZEAU | a3455f131c | |
Alexandre LUCAZEAU | 953f00bdc7 | |
Alexandre LUCAZEAU | 5af138568a | |
Alexandre LUCAZEAU | 1e71533c6b | |
Alexandre LUCAZEAU | 9f96f8d62c | |
Alexandre LUCAZEAU | d4618ce2e1 | |
Alexandre LUCAZEAU | db86f8de7a | |
Alexandre LUCAZEAU | 63f1df9864 | |
Alexandre LUCAZEAU | f49c0d48dd | |
Alexandre LUCAZEAU | 65a7bec7b4 | |
Alexandre LUCAZEAU | 1906ea3e11 | |
Alexandre LUCAZEAU | 0e52ad26ca | |
Alexandre LUCAZEAU | 8c306a16f4 | |
Alexandre LUCAZEAU | 8900d882fc | |
Alexandre LUCAZEAU | df700bb704 | |
Alexandre LUCAZEAU | c92bfb5b89 | |
Alexandre LUCAZEAU | 84a49f16df | |
Alexandre LUCAZEAU | ca7cad8adc | |
Alexandre LUCAZEAU | 632f6bc353 | |
Alexandre LUCAZEAU | 440cdfca5a | |
Alexandre LUCAZEAU | 68f7e16206 | |
Alexandre LUCAZEAU | ecd84bfb99 | |
Alexandre LUCAZEAU | b061b40af0 | |
Alexandre LUCAZEAU | 603d5d0aa0 | |
Alexandre LUCAZEAU | ba0a263391 | |
Alexandre LUCAZEAU | 3824d80662 | |
Alexandre LUCAZEAU | 81fd413a21 | |
Alexandre LUCAZEAU | a8d570e566 | |
Alexandre LUCAZEAU | db5f756775 | |
Alexandre LUCAZEAU | b77f3a28fe | |
Alexandre LUCAZEAU | 5f9e65a1b3 | |
Alexandre LUCAZEAU | 5ac0b0664c | |
Alexandre LUCAZEAU | 1436c71a30 | |
Alexandre LUCAZEAU | 4f268f0766 | |
Alexandre LUCAZEAU | 7e56ae92da | |
Alexandre LUCAZEAU | 79f0aed686 | |
Alexandre LUCAZEAU | 249c42ff8d | |
Alexandre LUCAZEAU | e36966c7a7 | |
Alexandre LUCAZEAU | 1c83e1e487 | |
Alexandre LUCAZEAU | d2dfc4b4ec | |
Alexandre LUCAZEAU | 8ae37529d2 | |
Alexandre LUCAZEAU | 7385ec4edb | |
Alexandre LUCAZEAU | 393efdc189 | |
Alexandre LUCAZEAU | 553d476b36 | |
Alexandre LUCAZEAU | b7880d4b21 | |
Alexandre LUCAZEAU | 4d4754dbad | |
Alexandre LUCAZEAU | 9d0bd731b1 | |
Alexandre LUCAZEAU | b36187457a | |
Alexandre LUCAZEAU | abc24031f5 | |
Alexandre LUCAZEAU | cf9f38d48b | |
Alexandre LUCAZEAU | 6463f2dbe0 | |
Alexandre LUCAZEAU | 4930abe1c3 | |
Alexandre LUCAZEAU | a19f4ee6e2 |
|
@ -0,0 +1,20 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
host = "search.atlanticaweb.fr";
|
||||
in
|
||||
{
|
||||
virtualisation = {
|
||||
podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
};
|
||||
oci-containers = {
|
||||
backend = "podman";
|
||||
containers.appsmith-ce = {
|
||||
image = "appsmith/appsmith-ce";
|
||||
autoStart = true;
|
||||
ports = [ "5002:80" ]; #server locahost : docker localhost
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,23 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
host = "kuma.atlanticaweb.fr";
|
||||
in
|
||||
{
|
||||
virtualisation = {
|
||||
podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
};
|
||||
oci-containers = {
|
||||
backend = "podman";
|
||||
containers.uptime-kuma = {
|
||||
image = "louislam/uptime-kuma";
|
||||
autoStart = true;
|
||||
ports = [ "5001:3001" ]; #server locahost : docker localhost
|
||||
volumes = [
|
||||
"/srv/docker/uptime-kuma:/app/data"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,26 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
host = "restic.atlanticaweb.fr";
|
||||
in
|
||||
{
|
||||
virtualisation = {
|
||||
podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
};
|
||||
oci-containers = {
|
||||
backend = "podman";
|
||||
containers.restic-exporter = {
|
||||
image = "ngosang/restic-exporter";
|
||||
autoStart = true;
|
||||
ports = [ "8001:8001" ]; #server locahost : docker localhost
|
||||
volumes = [ "/opt/restic:/data" ];
|
||||
environment = [
|
||||
"TZ=Europe/Paris"
|
||||
"RESTIC_REPO_URL=sftp:u329746@u329746.your-storagebox.de:/home/Nextcloud"
|
||||
"RESTIC_REPO_PASSWORD=herzleid"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,20 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
host = "search.atlanticaweb.fr";
|
||||
in
|
||||
{
|
||||
virtualisation = {
|
||||
podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
};
|
||||
oci-containers = {
|
||||
backend = "podman";
|
||||
containers.whoogle-search = {
|
||||
image = "benbusby/whoogle-search";
|
||||
autoStart = true;
|
||||
ports = [ "5001:5000" ]; #server locahost : docker localhost
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,106 @@
|
|||
# Procédure d'installation du poste **d2nix**
|
||||
|
||||
Le poste dispose d'un EFI, le disque sera chiffré
|
||||
|
||||
## partitionnement
|
||||
|
||||
gdisk /dev/sda
|
||||
|
||||
* ````o```` creation d'une nouvelle table de partitions
|
||||
* ```n``` ajouter une partition de 500M de type ef00 pour l'EFI
|
||||
* ```` n ```` ajouter une partition avec le reste de l'espace disponible, type 8300
|
||||
* ```` w ```` on valide la table et on sort
|
||||
|
||||
### Chiffrement
|
||||
|
||||
cryptsetup luksFormat /dev/sda2 # création d'un volume chiffré
|
||||
cryptsetup luksOpen /dev/sda2 enc-pv # ouverture du volume chiffré sur le point /dev/mapper/enc-vp
|
||||
|
||||
### Partitionnement LVM
|
||||
Création de deux volumes logiques LVM. Le premier de 8Go pour la swap (j'ai 8Go de RAM) et le second pour la racine
|
||||
|
||||
pvcreate /dev/mapper/enc-pv
|
||||
vgcreate vg /dev/mapper/enc-pv
|
||||
lvcreate -L 8G -n swap vg
|
||||
lvcreate -l '100%FREE' -n root vg
|
||||
|
||||
### formattage
|
||||
|
||||
mkfs.fat /dev/sda1
|
||||
mkfs.ext4 -L root /dev/vg/root
|
||||
mkswap -L swap /dev/vg/swap
|
||||
|
||||
## Pré-installation
|
||||
|
||||
mount /dev/vg/root /mnt
|
||||
mkdir /mnt/boot
|
||||
mount /dev/sda1 /mnt/boot
|
||||
swapon /dev/vg/swap
|
||||
|
||||
## Installation
|
||||
|
||||
nixos-generate-config --root /mnt
|
||||
|
||||
A partir de là le système peut-être installé. Perso, je reprends une conf dans mon git que je modifie :
|
||||
|
||||
nix-shell -p git
|
||||
git clone https://git.atlanticaweb.fr/alexandre/nixos-config.git
|
||||
|
||||
Dans un premier temps je copie le répertoire `nixos-config/modules` dans `/mnt/etc/nixos` et je récupère un configuration.nix que je vais adapter.
|
||||
|
||||
Enfin dans le hardware.nix, il faut ajouter le volume /boot pour qu'il soit dans le **fstab** puis ajouter le chargement dans l'initrd du LVM et du déchiffrement. ça nous donne :
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/0BEC-722D";
|
||||
fsType = "vfat";
|
||||
};
|
||||
boot.initrd.luks.devices = {
|
||||
"partitions" = {
|
||||
device = "/dev/sda2";
|
||||
preLVM = true;
|
||||
};
|
||||
};
|
||||
|
||||
On peut démarrer l'installation avec :
|
||||
|
||||
nixos-install
|
||||
reboot
|
||||
|
||||
En cas d'erreur au reboot, on redémarre sur la clé. POur accéder à la configuration :
|
||||
|
||||
cryptsetup luksOpen /dev/sda2 enc-pv
|
||||
lvchange -a y /dev/vg/swap
|
||||
lvchange -a y /dev/vg/root
|
||||
mount /dev/vg/root /mnt
|
||||
mount /dev/sda1 /mnt/boot
|
||||
swapon /dev/vg/swap
|
||||
cp /mnt/etc/wpa_supplicant.conf /etc
|
||||
|
||||
Au reboot, je me connecte en root et je change le password de mon user.
|
||||
# Configuration utilisateur
|
||||
## home-manager
|
||||
J'ai opté pour une installation locale à mon utilisateur de home-manager
|
||||
ajouter le dépot correspondant à la version en cours de nixpkgs :
|
||||
|
||||
nix-channel --add https://github.com/nix-community/home-manager/archive/release-22.11.tar.gz home-manager
|
||||
|
||||
mise à jour de la base
|
||||
|
||||
nix-channel --update
|
||||
|
||||
Installation
|
||||
|
||||
nix-shell '<home-manager>' -A install
|
||||
|
||||
En cas de message d'erreur, il faut rebooter (c'est ce que j'ai fais).
|
||||
|
||||
Pour avoir mon dossier home-manager dans le depot git :
|
||||
|
||||
ln -s /home/alexandre/git/nixos-config/d2nix/home-manager/ ~/.config/
|
||||
J'ai également ajouté home-manager dans la liste des paquets à installer pour péréniser.
|
||||
|
||||
# Post-installation
|
||||
Il faut supprimer le dossier `/etc/nixos/` et à la place :
|
||||
|
||||
ln -s /home/alexandre/git/nixos-config/d2nix/nixos/ /etc/nixos
|
||||
Lien : https://gist.github.com/martijnvermaat/76f2e24d0239470dd71050358b4d5134
|
|
@ -0,0 +1,146 @@
|
|||
# version : 20220121
|
||||
|
||||
set $mod Mod4
|
||||
set $ALT Mod1
|
||||
|
||||
# Couleurs barre de titre et contour des fenetres
|
||||
set $blue #005588
|
||||
set $gray1 #484848
|
||||
set $gray2 #333333
|
||||
|
||||
set $ws1 "1: console"
|
||||
set $ws2 "2: office"
|
||||
set $ws3 "3: web"
|
||||
|
||||
# Couleur des fenetres avec et sans focus
|
||||
client.focused $gray1 $gray1 #FFFFFF #333333
|
||||
client.focused_inactive $gray2 $gray2 #FFFFFF #000000
|
||||
client.unfocused $gray2 $gray2 #FFFFFF #000000
|
||||
|
||||
# Police de caracteres pour les titres des fenetres. ISO 10646 = Unicode
|
||||
font pango:iosevka 10
|
||||
|
||||
# wallpaper
|
||||
exec --no-startup-id feh --bg-scale /home/alexandre/images/SF.jpg
|
||||
|
||||
# Redimensionnement de fenetres
|
||||
mode "resize" {
|
||||
bindsym h resize shrink width 10 px or 10 ppt
|
||||
bindsym j resize grow height 10 px or 10 ppt
|
||||
bindsym k resize shrink height 10 px or 10 ppt
|
||||
bindsym l resize grow width 10 px or 10 ppt
|
||||
|
||||
# Retour au mode normal: Enter ou Escape ou q ou ^[
|
||||
bindsym Return mode "default"
|
||||
bindsym q mode "default"
|
||||
bindsym Escape mode "default"
|
||||
bindcode Control+34 mode "default"
|
||||
}
|
||||
bindsym $mod+s mode "resize"
|
||||
|
||||
# Tue la fenetre avec le focus
|
||||
bindsym $mod+Shift+A kill
|
||||
|
||||
# split in horizontal orientation
|
||||
bindsym $mod+h split h
|
||||
|
||||
# split in vertical orientation
|
||||
bindsym $mod+v split v
|
||||
|
||||
# change container layout (stacked, tabbed, toggle split)
|
||||
bindsym $mod+p layout stacking
|
||||
bindsym $mod+w layout tabbed
|
||||
bindsym $mod+e layout toggle split
|
||||
|
||||
# toggle tiling / floating
|
||||
bindsym $mod+Shift+space floating toggle
|
||||
#
|
||||
# # change focus between tiling / floating windows
|
||||
bindsym $mod+space focus mode_toggle
|
||||
#
|
||||
# # focus the parent container
|
||||
bindsym $mod+a focus parent
|
||||
#
|
||||
# Change la fenetre ayant le focus
|
||||
bindsym $mod+Shift+Left move left
|
||||
bindsym $mod+Shift+Down move down
|
||||
bindsym $mod+Shift+Up move up
|
||||
bindsym $mod+Shift+Right move right
|
||||
|
||||
# Met la fenetre avec le focus en mode plein écran
|
||||
bindsym $mod+f fullscreen
|
||||
|
||||
# Deplacement entre les bureaux
|
||||
bindsym $mod+ampersand workspace $ws1
|
||||
bindsym $mod+eacute workspace $ws2
|
||||
bindsym $mod+quotedbl workspace $ws3
|
||||
bindsym $mod+apostrophe workspace 4
|
||||
bindsym $mod+parenleft workspace 5
|
||||
bindsym $mod+minus workspace 6
|
||||
bindsym $mod+egrave workspace 7
|
||||
bindsym $mod+underscore workspace 8
|
||||
bindsym $mod+ccedilla workspace 9
|
||||
bindsym $mod+agrave workspace 10
|
||||
|
||||
# Déplacement de la fenetre ayant le focus d'un bureau à l'autre
|
||||
bindsym $mod+Shift+1 move container to workspace $ws1
|
||||
bindsym $mod+Shift+2 move container to workspace $ws2
|
||||
bindsym $mod+Shift+3 move container to workspace $ws3
|
||||
bindsym $mod+Shift+4 move container to workspace 4
|
||||
bindsym $mod+Shift+5 move container to workspace 5
|
||||
bindsym $mod+Shift+6 move container to workspace 6
|
||||
bindsym $mod+Shift+7 move container to workspace 7
|
||||
bindsym $mod+Shift+8 move container to workspace 8
|
||||
bindsym $mod+Shift+9 move container to workspace 9
|
||||
bindsym $mod+Shift+0 move container to workspace 10
|
||||
|
||||
# Recharge le fichier de configuration
|
||||
bindsym $mod+Shift+C reload
|
||||
|
||||
# Redemarre i3 mais concerve ce qui est lancé. Utilisable pour les MAJ
|
||||
bindsym $mod+Shift+R restart
|
||||
|
||||
# sort d'i3
|
||||
bindsym $mod+Shift+E exit
|
||||
|
||||
# lance dmenu (le lanceur de pgm. la barre de dmenu est noir)
|
||||
bindsym $mod+d exec rofi -show drun -show-icons -modi drun
|
||||
|
||||
# status bar
|
||||
bar {
|
||||
font pango:DejaVu Sans Mono, FontAwesome 12
|
||||
position top
|
||||
status_command i3status-rs ~/.config/i3status-rust/config-bottom.toml
|
||||
colors {
|
||||
separator #666666
|
||||
background #222222
|
||||
statusline #dddddd
|
||||
focused_workspace #0088CC #0088CC #ffffff
|
||||
active_workspace #333333 #333333 #ffffff
|
||||
inactive_workspace #333333 #333333 #888888
|
||||
urgent_workspace #2f343a #900000 #ffffff
|
||||
}
|
||||
}
|
||||
|
||||
# alt+win+l : verouille la session, image de :
|
||||
bindsym $mod+$ALT+l exec i3lock -ti ~/images/coffee_time.png
|
||||
|
||||
# blocage automatique de l'ecran en cas d'inactivité
|
||||
exec xautolock -detectsleep -locker 'i3lock -ti ~/images/coffee_time.png'
|
||||
|
||||
# Capture d'ecran
|
||||
bindsym Print exec scrot -u '%Y-%m-%d-%T_$wx$h_scrot.png' -e 'mv $f ~/Screenshots/'
|
||||
|
||||
# start a terminal
|
||||
bindsym $mod+Return exec "LIBGL_ALWAYS_SOFTWARE=1 alacritty"
|
||||
bindsym $mod+m exec "i3-sensible-terminal -e ncmpcpp"
|
||||
|
||||
# Assigne les applications aux workspaces
|
||||
assign [class="firefox"] $ws3
|
||||
assign [class="emacs"] $ws2
|
||||
|
||||
# programmes au démarrage
|
||||
exec --no-startup-id nm-applet
|
||||
exec --no-startup-id nextcloud
|
||||
exec --no-startup-id vlc
|
||||
exec --no-startup-id guake
|
|
@ -1,7 +1,9 @@
|
|||
;;(scroll-bar-mode -1)
|
||||
;;(tool-bar-mode -1)
|
||||
;;(tooltip-mode -1)
|
||||
;;(menu-bar-mode -1)
|
||||
;; Keyboard-centric user interface
|
||||
(setq inhibit-startup-message t)
|
||||
(scroll-bar-mode -1)
|
||||
(tool-bar-mode -1)
|
||||
(menu-bar-mode -1)
|
||||
|
||||
(require 'package)
|
||||
(add-to-list 'package-archives '("melpa" . "https://melpa.org/packages/") t)
|
||||
;; Comment/uncomment this line to enable MELPA Stable if desired. See `package-archive-priorities`
|
||||
|
@ -13,12 +15,12 @@
|
|||
(column-number-mode 't) ; show current column in status bar
|
||||
(set-fringe-mode 10)
|
||||
|
||||
;; Indent 4 spaces by default. Use the "BSD" style for C-like languages.
|
||||
(setq c-default-style
|
||||
(quote ((java-mode . "java")
|
||||
(awk-mode . "awk")
|
||||
(other . "bsd")))
|
||||
c-basic-offset 4)
|
||||
;;;; Indent 4 spaces by default. Use the "BSD" style for C-like languages.
|
||||
;;(setq c-default-style
|
||||
;; (quote ((java-mode . "java")
|
||||
;; (awk-mode . "awk")
|
||||
;; (other . "bsd")))
|
||||
;; c-basic-offset 4)
|
||||
|
||||
;; Use 4 spaces for one tab visually.
|
||||
(setq tab-width 4)
|
||||
|
@ -43,19 +45,18 @@
|
|||
)
|
||||
whitespace-line-column 100) ; column at which whitespace-mode says the line is too long
|
||||
;;(set-face-attribute 'default nil :font "JetBrains Mono" :height 150)
|
||||
(global-set-key (kbd "C-c c") 'org-capture)
|
||||
(global-set-key (kbd "C-c a") 'org-agenda)
|
||||
|
||||
;; themes
|
||||
(use-package doom-themes
|
||||
:init (load-theme 'doom-nord t)
|
||||
:init (doom-themes-org-config))
|
||||
(setq disabled-command-function nil)
|
||||
(setq inhibit-startup-screen t)
|
||||
(setq visible-bell t)
|
||||
|
||||
; Advanced per-language checks.
|
||||
(require 'flycheck)
|
||||
(global-flycheck-mode 1)
|
||||
(setq flycheck-checker-error-threshold 1000) ; for large go files and the escape checker
|
||||
;; Only y/n answers
|
||||
(defalias 'yes-or-no-p 'y-or-n-p)
|
||||
|
||||
(setq flycheck-check-syntax-automatically '(mode-enabled save))
|
||||
|
||||
;; Backup
|
||||
|
||||
|
@ -66,6 +67,18 @@
|
|||
backup-by-copying t) ;; Copy all files, don't rename them.
|
||||
(setq vc-make-backup-files t)
|
||||
(setq backup-directory-alist '(("" . "~/.emacs.d/backup")))
|
||||
(defvar emacs-autosave-directory
|
||||
(concat user-emacs-directory "autosaves/")
|
||||
"This variable dictates where to put auto saves. It is set to a
|
||||
directory called autosaves located wherever your .emacs.d/ is
|
||||
located.")
|
||||
|
||||
;; Sets all files to be backed up and auto saved in a single directory.
|
||||
(setq backup-directory-alist
|
||||
`((".*" . ,emacs-autosave-directory))
|
||||
auto-save-file-name-transforms
|
||||
`((".*" ,emacs-autosave-directory t)))
|
||||
|
||||
|
||||
(setq calendar-week-start-day 1)
|
||||
|
||||
|
@ -91,42 +104,39 @@
|
|||
;;(setq message-citation-line-function 'message-insert-formatted-citation-line)
|
||||
;;(setq message-citation-line-format "On %d/%m/%Y %H:%M, %N wrote:")
|
||||
|
||||
(defun default-web-indent-mode ()
|
||||
(setq indent-tabs-mode nil)
|
||||
(setq tab-width 2)
|
||||
(setq web-mode-markup-indent-offset 2)
|
||||
(setq web-mode-css-indent-offset 2)
|
||||
(setq web-mode-code-indent-offset 2))
|
||||
;;(defun default-web-indent-mode ()
|
||||
;; (setq indent-tabs-mode nil)
|
||||
;; (setq tab-width 2)
|
||||
;; (setq web-mode-markup-indent-offset 2)
|
||||
;; (setq web-mode-css-indent-offset 2)
|
||||
;; (setq web-mode-code-indent-offset 2))
|
||||
|
||||
(use-package doom-themes
|
||||
:init (load-theme 'doom-nord t)
|
||||
:init (doom-themes-org-config))
|
||||
|
||||
(use-package direnv
|
||||
:config (direnv-mode))
|
||||
|
||||
(use-package lsp-mode
|
||||
:config (setq lsp-keymap-prefix "C-c l")
|
||||
:config (setq lsp-signature-auto-activate t)
|
||||
:config (setq lsp-enable-on-type-formatting nil)
|
||||
:config (lsp-enable-which-key-integration t)
|
||||
:hook (lsp-mode . electric-pair-mode))
|
||||
;; (use-package lsp-mode
|
||||
;; :config (setq lsp-keymap-prefix "C-c l")
|
||||
;; :config (setq lsp-signature-auto-activate t)
|
||||
;; :config (setq lsp-enable-on-type-formatting nil)
|
||||
;; :config (lsp-enable-which-key-integration t)
|
||||
;; :hook (lsp-mode . electric-pair-mode))
|
||||
|
||||
(use-package web-mode
|
||||
:mode ("\\.json\\'" . web-mode)
|
||||
:mode ("\\.html?\\'" . web-mode)
|
||||
:mode ("\\.s?css\\'" . web-mode)
|
||||
:mode ("\\.[jt]sx?\\'" . web-mode)
|
||||
:hook (web-mode . lsp-deferred)
|
||||
:hook (web-mode . default-web-indent-mode))
|
||||
;;(use-package web-mode
|
||||
;; :mode ("\\.json\\'" . web-mode)
|
||||
;; :mode ("\\.html?\\'" . web-mode)
|
||||
;; :mode ("\\.s?css\\'" . web-mode)
|
||||
;; :mode ("\\.[jt]sx?\\'" . web-mode)
|
||||
;; :hook (web-mode . lsp-deferred)
|
||||
;; :hook (web-mode . default-web-indent-mode))
|
||||
|
||||
(use-package nix-mode
|
||||
:mode ("\\.nix\\'" . nix-mode)
|
||||
:hook (nix-mode . lsp-deferred))
|
||||
|
||||
(use-package rust-mode
|
||||
:hook (rust-mode . lsp-deferred)
|
||||
:config (setq rust-format-on-save t))
|
||||
;;(use-package rust-mode
|
||||
;; :hook (rust-mode . lsp-deferred)
|
||||
;; :config (setq rust-format-on-save t))
|
||||
|
||||
(use-package company
|
||||
:config (setq company-idle-delay 0.25)
|
||||
|
@ -139,41 +149,51 @@
|
|||
:hook (yas-minor-mode . yas-reload-all)
|
||||
:config (setq yas-snippet-dirs '("/etc/nixos/programs/emacs/snippets")))
|
||||
|
||||
(use-package prettier-js
|
||||
:after (web-mode)
|
||||
:hook (web-mode . prettier-js-mode))
|
||||
|
||||
(use-package smartparens
|
||||
:bind ("C-c s s" . sp-splice-sexp)
|
||||
:bind ("C-c s r" . sp-rewrap-sexp))
|
||||
|
||||
(use-package bbdb
|
||||
:init (bbdb-initialize 'gnus 'message)
|
||||
:init (bbdb-mua-auto-update-init 'gnus 'message)
|
||||
:config (setq bbdb-file "~/Nextcloud/PRIVE/13_Org/contacts/bbdb")
|
||||
:config (setq bbdb-mua-auto-update-p 'create))
|
||||
|
||||
(use-package org
|
||||
:config
|
||||
(setq org-startup-folded t)
|
||||
(setq org-agenda-files
|
||||
"~/Nextcloud/PRIVE/13_Org/agenda.org")
|
||||
(setq org-refile-use-outline-path 'file)
|
||||
(setq org-refile-targets
|
||||
'(("~/Nextcloud/PRIVE/13_Org/DRI.org" :maxlevel . 3)
|
||||
("~/Nextcloud/PRIVE/13_Org/perso.org" :level . 1)
|
||||
("~/Nextcloud/PRIVE/13_Org/pizajoffre.org" :level . 1)))
|
||||
(setq org-todo-keywords
|
||||
'((sequence "TODO(t)" "PENDING(p)" "|" "CANCELLED(c)" "DONE(d)")))
|
||||
(setq org-todo-keyword-faces
|
||||
'(("TODO" . (:foreground "#c678dd" :weight bold))
|
||||
("PENDING" . (:background "#3f444a" :foreground "#ff6c6b" :weight bold))))
|
||||
(setq org-capture-templates
|
||||
'(("i" "Inbox" entry (file "~/Nextcloud/PRIVE/13_Org/DRI.org") "* TODO %i%?")
|
||||
("a" "Agenda" entry (file "~/Nextcloud/PRIVE/13_Org/agenda.org") "* TODO %i%?\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))")))
|
||||
(setq org-agenda-custom-commands
|
||||
'(("t" "Today" tags-todo "+LEVEL=1+CATEGORY=\"tasks\"|+SCHEDULED<=\"<today>\"|+DEADLINE<=\"<today>\""))))
|
||||
;;(use-package prettier-js
|
||||
;; :after (web-mode)
|
||||
;; :hook (web-mode . prettier-js-mode))
|
||||
;;
|
||||
;;(use-package smartparens
|
||||
;; :bind ("C-c s s" . sp-splice-sexp)
|
||||
;; :bind ("C-c s r" . sp-rewrap-sexp))
|
||||
;;
|
||||
;;(use-package bbdb
|
||||
;; :init (bbdb-initialize 'gnus 'message)
|
||||
;; :init (bbdb-mua-auto-update-init 'gnus 'message)
|
||||
;; :config (setq bbdb-file "~/Nextcloud/PRIVE/13_Org/contacts/bbdb")
|
||||
;; :config (setq bbdb-mua-auto-update-p 'create))
|
||||
|
||||
;;(use-package org
|
||||
;; (setq org-startup-folded t)
|
||||
;; (setq org-refile-use-outline-path 'file)
|
||||
;; (setq org-refile-targets
|
||||
;; '(("~/Nextcloud/PRIVE/13_Org/DRI.org" :maxlevel . 3)
|
||||
;; ("~/Nextcloud/PRIVE/13_Org/perso.org" :level . 1)
|
||||
;; ("~/Nextcloud/PRIVE/13_Org/pizajoffre.org" :level . 1)))
|
||||
;; (setq org-todo-keywords
|
||||
;; '((sequence "TODO(t)" "PENDING(p)" "|" "CANCELLED(c)" "DONE(d)")))
|
||||
;; (setq org-todo-keyword-faces
|
||||
;; '(("TODO" . (:foreground "#c678dd" :weight bold))
|
||||
;; ("PENDING" . (:background "#3f444a" :foreground "#ff6c6b" :weight bold))))
|
||||
;; (setq org-capture-templates
|
||||
;; '(("i" "Inbox" entry (file "~/Nextcloud/PRIVE/13_Org/DRI.org") "* TODO %i%?")
|
||||
;; ("a" "Agenda" entry (file "~/Nextcloud/PRIVE/13_Org/agenda-DRI.org") "* TODO %i%?\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))")))
|
||||
;; (setq org-agenda-custom-commands
|
||||
;; '(("t" "Today" tags-todo "+LEVEL=1+CATEGORY=\"tasks\"|+SCHEDULED<=\"<today>\"|+DEADLINE<=\"<today>\""))))
|
||||
;;
|
||||
(use-package org-caldav
|
||||
:ensure t
|
||||
:config
|
||||
(setq org-caldav-url "https://next20.produhost.net/remote.php/dav/calendars/alexandre")
|
||||
(setq org-caldav-calendars
|
||||
'((:calendar-id "alexandre-dri" :files ("~/Nextcloud/PRIVE/13_Org/agenda.org")
|
||||
:inbox "~/Nextcloud/PRIVE/13_Org/agenda-DRI.org")
|
||||
)
|
||||
)
|
||||
(setq org-caldav-delete-org-entries 'never)
|
||||
(setq org-caldav-delete-calenda-entries 'never)
|
||||
(setq org-icalendar-timezone "Europe/Paris")
|
||||
)
|
||||
(use-package magit)
|
||||
(setq magit-fetch-modules-jobs 16); fetch 16 modules in parallel
|
||||
|
||||
|
@ -204,9 +224,6 @@
|
|||
(require 'org-mu4e)
|
||||
;;store link to message if in header view, not to header query
|
||||
(setq org-mu4e-link-query-in-headers-mode nil)
|
||||
(setq org-capture-templates
|
||||
'(("t" "todo" entry (file+headline "~/todo.org" "Tasks")
|
||||
"* TODO [#A] %?\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))\n%a\n")))
|
||||
|
||||
(setq mail-user-agent 'mu4e-user-agent)
|
||||
(setq org-mu4e-link-query-in-headers-mode t)
|
||||
|
@ -262,8 +279,17 @@
|
|||
/One Emacs to rule them all/
|
||||
#+end_signature")
|
||||
(org-msg-mode)
|
||||
(autoload 'markdown-mode "markdown-mode"
|
||||
"Major mode for editing Markdown files" t)
|
||||
(add-to-list 'auto-mode-alist
|
||||
'("\\.\\(?:md\\|markdown\\|mkd\\|mdown\\|mkdn\\|mdwn\\)\\'" . markdown-mode))
|
||||
|
||||
(autoload 'gfm-mode "markdown-mode"
|
||||
"Major mode for editing GitHub Flavored Markdown files" t)
|
||||
(add-to-list 'auto-mode-alist '("README\\.md\\'" . gfm-mode))
|
||||
|
||||
;; Org-Roam basic configuration
|
||||
(setq org-directory (concat (getenv "HOME") "/Nextcloud/PRIVE/notes"))
|
||||
(setq org-directory (concat (getenv "HOME") "/Nextcloud/PRIVE/13_Org"))
|
||||
|
||||
(use-package org-roam
|
||||
:after org
|
||||
|
@ -280,3 +306,86 @@
|
|||
("C-c n t" . org-roam-tag-add)
|
||||
("C-c n a" . org-roam-alias-add)
|
||||
("C-c n l" . org-roam-buffer-toggle)))))
|
||||
|
||||
;; org-mode
|
||||
(require 'org)
|
||||
(require 'remember)
|
||||
(require 'org-mouse)
|
||||
(setq org-startup-folded t
|
||||
org-pretty-entities t
|
||||
org-hide-emphasis-markers t
|
||||
org-startup-with-inline-images t
|
||||
org-image-actual-width '(300))
|
||||
;; files with ".org" open in org-mode
|
||||
(add-to-list 'auto-mode-alist '("\\.org$" . org-mode))
|
||||
|
||||
(setq org-agenda-files '("~/Nextcloud/PRIVE/13_Org/agenda-DRI.org" "~/Nextcloud/PRIVE/13_Org/perso.org"))
|
||||
;; one file org
|
||||
(defvar org-gtd-file "~/Nextcloud/PRIVE/13_Org/DRI.org")
|
||||
|
||||
;; Open DRI.org when I hit C-c g
|
||||
(defun gtd ()
|
||||
"Open the GTD file."
|
||||
(interactive)
|
||||
(find-file org-gtd-file))
|
||||
;; keybinding
|
||||
(global-set-key "\C-cl" 'org-store-link)
|
||||
(global-set-key "\C-ca" 'org-agenda)
|
||||
(global-set-key "\C-cr" 'org-remember)
|
||||
(global-set-key "\C-cg" 'gtd)
|
||||
|
||||
;; This seems like a good basic set of keywords to start out with:
|
||||
|
||||
(setq org-todo-keywords '((type "TODO" "SCHEDULED" "NEXT" "WAITING" "DONE")))
|
||||
|
||||
(setf org-todo-keyword-faces '(("NEXT" . (:foreground "yellow" :background "red" :bold t :weight bold))
|
||||
("TODO" . (:foreground "cyan" :background "steelblue" :bold t :weight bold))
|
||||
("WAITING" . (:foreground "yellow" :background "magenta2" :bold t :weight bold))
|
||||
("DONE" . (:foreground "gray50" :background "gray30"))))
|
||||
|
||||
;; tags
|
||||
(setq org-tag-alist '(("@devis" . ?w) ("@projet" . ?h) ("@client" . ?h) ("@prospect" . ?h) ("interne" . ?l)))
|
||||
|
||||
|
||||
(setq org-tag-faces
|
||||
'(
|
||||
("DEVIS" . (:foreground "OrangeRed" :weight bold))
|
||||
("@projet" . (:foreground "IndianRed1" :weight bold))
|
||||
("interne" . (:foreground "LimeGreen" :weight bold))
|
||||
)
|
||||
)
|
||||
|
||||
|
||||
;; Remember support. This creates several files:
|
||||
;;
|
||||
;; ~/todo.org Where remembered TODO's are stored.
|
||||
;; ~/journal.org Timestamped journal entries.
|
||||
;; ~/remember.org All other notes
|
||||
|
||||
;; and a keybinding of "C-c r" for making quick notes from any buffer.
|
||||
|
||||
;; These bits of Remembered information must eventually be reviewed
|
||||
;; and filed somewhere (perhaps in gtd.org, or in a project-specific
|
||||
;; org file.) The out-of-sight, out-of-mind rule applies here---if I
|
||||
;; don't review these auxiliary org-files, I'll probably forget what's
|
||||
;; in them.
|
||||
(setq org-reverse-note-order t) ;; note at beginning of file by default.
|
||||
(setq org-default-notes-file "~/remember.org")
|
||||
(setq remember-annotation-functions '(org-remember-annotation))
|
||||
(setq remember-handler-functions '(org-remember-handler))
|
||||
(add-hook 'remember-mode-hook 'org-remember-apply-template)
|
||||
|
||||
(setq org-remember-templates
|
||||
'((?t "* TODO %?\n %i\n %a" "~/Nextcloud/PRIVE/13_Org/todo.org")
|
||||
(?j "* %U %?\n\n %i\n %a" "~/Nextcloud/PRIVE/13_Org/journal.org")
|
||||
(?i "* %^{Title}\n %i\n %a" "~/Nextcloud/PRIVE/13_Org/remember.org" "New Ideas")))
|
||||
|
||||
(global-set-key "\C-cr" 'org-remember)
|
||||
(global-set-key [(f12)] 'org-remember)
|
||||
|
||||
|
||||
;; widen category field a little
|
||||
(setq org-agenda-prefix-format " %-17:c%?-12t% s")
|
||||
|
||||
;; https://gist.github.com/dandrews/4644693
|
||||
(setq org-ellipsis "⤵")
|
|
@ -112,10 +112,10 @@
|
|||
sticky_history = "yes";
|
||||
|
||||
# Maximum amount of notifications kept in history
|
||||
history_length = 15;
|
||||
history_length = 3;
|
||||
|
||||
# Display indicators for URLs (U) and actions (A).
|
||||
show_indicators = "no";
|
||||
show_indicators = "yes";
|
||||
|
||||
# The height of a single line. If the height is smaller than the
|
||||
# font height, it will get raised to the font height.
|
|
@ -19,6 +19,7 @@
|
|||
prettier-js
|
||||
smartparens
|
||||
org
|
||||
org-roam
|
||||
magit
|
||||
bbdb
|
||||
projectile
|
||||
|
@ -29,6 +30,7 @@
|
|||
which-key
|
||||
elpaPackages.org
|
||||
]));
|
||||
|
||||
};
|
||||
|
||||
home.file = {
|
|
@ -0,0 +1,25 @@
|
|||
{
|
||||
programs.himalaya = {
|
||||
enable = true;
|
||||
};
|
||||
accounts.email.accounts = {
|
||||
zimbra = {
|
||||
primary = true;
|
||||
himalaya.enable = true;
|
||||
address = "alexandre.lucazeau@free.fr";
|
||||
realName = "Alexandre LUCAZEAU";
|
||||
userName = "alexandre.lucazeau";
|
||||
passwordCommand = "keepassxc-cli show -a Password --no-password -k $HOME/keyx/emails.key $HOME/keys/emails.kbx zimbra";
|
||||
imap = {
|
||||
host = "imap.free.fr";
|
||||
port = 993;
|
||||
tls.enable = true;
|
||||
};
|
||||
smtp = {
|
||||
host = "smtp.free.fr";
|
||||
port = 587;
|
||||
tls.enable = false;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -4,15 +4,17 @@
|
|||
./gnupg.nix
|
||||
./git.nix
|
||||
./variables.nix
|
||||
./starship.nix
|
||||
./i3status.nix
|
||||
./emacs.nix
|
||||
./mails.nix
|
||||
./dunst.nix
|
||||
# ./redshift.nix
|
||||
# ../../../modules/neovim.nix
|
||||
../../../modules/rust.nix
|
||||
# ./himalaya.nix
|
||||
./mails.nix
|
||||
../../../modules/tmux.nix
|
||||
../../../modules/emacs.nix
|
||||
../../../modules/neovim.nix
|
||||
];
|
||||
home.stateVersion = "23.05";
|
||||
home.username = "alexandre";
|
||||
home.homeDirectory = "/home/alexandre";
|
||||
home.keyboard = {
|
||||
layout = "fr";
|
||||
variant = "bepo";
|
||||
|
@ -20,6 +22,4 @@
|
|||
xdg.configFile = {
|
||||
"i3/config".source = ./configs/i3config;
|
||||
};
|
||||
xsession.numlock.enable = true;
|
||||
}
|
||||
|
|
@ -0,0 +1,49 @@
|
|||
|
||||
{ config, pkgs, ... }:{
|
||||
|
||||
programs.i3status-rust = {
|
||||
enable = true;
|
||||
bars = {
|
||||
bottom = {
|
||||
blocks = [
|
||||
{
|
||||
block = "disk_space";
|
||||
path = "/";
|
||||
format = "$icon $percentage";
|
||||
format_alt = " $icon $available / $total ";
|
||||
info_type = "used";
|
||||
interval = 60;
|
||||
warning = 20.0;
|
||||
alert = 10.0;
|
||||
}
|
||||
{
|
||||
block = "memory";
|
||||
format = " $icon $mem_avail.eng(prefix:M)/$mem_total.eng(prefix:M)($mem_total_used_percents.eng(w:2)) ";
|
||||
}
|
||||
{
|
||||
block = "cpu";
|
||||
interval = 1;
|
||||
}
|
||||
{
|
||||
block = "load";
|
||||
interval = 1;
|
||||
format = "{1m}";
|
||||
}
|
||||
{ block = "sound"; }
|
||||
{
|
||||
block = "kdeconnect";
|
||||
format = " $icon {$bat_icon $bat_charge |}{$notif_icon |}{$network_icon$network_strength $network_type |}";
|
||||
bat_good = 101;
|
||||
}
|
||||
{
|
||||
block = "time";
|
||||
interval = 60;
|
||||
format = " $icon $timestamp.datetime(f:'%d/%m %R', l:fr_FR) ";
|
||||
}
|
||||
];
|
||||
icons = "material-nf";
|
||||
theme = "nord-dark";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,47 @@
|
|||
{ pkgs, config, lib, ... }:{
|
||||
# accounts.email.maildirBasePath = "Mailsdir";
|
||||
accounts.email= {
|
||||
accounts = {
|
||||
dri = {
|
||||
primary = true;
|
||||
address = "alexandre@dri.fr";
|
||||
userName = "1847_alexandre";
|
||||
realName = "Alexandre LUCAZEAU";
|
||||
passwordCommand = "keepassxc-cli show -a Password --no-password -k $HOME/Nextcloud/PRIVE/keys/emails $HOME/Nextcloud/PRIVE/Keepass/emails.kdbx emails";
|
||||
flavor = "plain";
|
||||
folders = {
|
||||
inbox = "INBOX";
|
||||
trash = "Junk";
|
||||
};
|
||||
imap = {
|
||||
host = "imap.dri.fr";
|
||||
tls.enable = false;
|
||||
};
|
||||
smtp = {
|
||||
host = "smtp.dri.fr";
|
||||
port = 587;
|
||||
tls.enable = false;
|
||||
};
|
||||
|
||||
mbsync = {
|
||||
enable = true;
|
||||
create = "both";
|
||||
expunge = "both";
|
||||
};
|
||||
notmuch.enable = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
services.mbsync = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
programs = {
|
||||
msmtp.enable = true;
|
||||
mbsync.enable = true;
|
||||
notmuch.enable = true;
|
||||
};
|
||||
#xdg.configFile = {
|
||||
# "msmtp/config".source= ./configs/msmtp_config;
|
||||
#};
|
||||
}
|
|
@ -0,0 +1,53 @@
|
|||
{ pkgs, ... }: {
|
||||
home.packages = with pkgs; [
|
||||
home-manager
|
||||
spaceFM
|
||||
jq
|
||||
nextcloud-client
|
||||
libreoffice
|
||||
btop
|
||||
neomutt
|
||||
notmuch
|
||||
isync
|
||||
zathura
|
||||
rofi
|
||||
rofi-pass
|
||||
simple-scan
|
||||
brightnessctl
|
||||
gimp
|
||||
scrot
|
||||
papirus-icon-theme
|
||||
audio-recorder
|
||||
starship
|
||||
inkscape
|
||||
firefox
|
||||
poppler_utils
|
||||
texlive.combined.scheme-full
|
||||
hugo
|
||||
eww
|
||||
alacritty
|
||||
youtube-dl
|
||||
zola
|
||||
keepassxc
|
||||
zlib
|
||||
python3
|
||||
nodejs
|
||||
vlc
|
||||
guake
|
||||
graphviz
|
||||
kdeconnect
|
||||
openssl
|
||||
openvpn
|
||||
feh
|
||||
ferdi
|
||||
thunderbird
|
||||
cura
|
||||
freecad
|
||||
drawio
|
||||
chromium
|
||||
fido2luks
|
||||
];
|
||||
nixpkgs.config.permittedInsecurePackages = [
|
||||
"ferdi-5.8.1"
|
||||
];
|
||||
}
|
|
@ -0,0 +1,127 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
<nixpkgs/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix>
|
||||
./hardware-configuration.nix
|
||||
./services.nix
|
||||
./network.nix
|
||||
modules/common.nix
|
||||
modules/smtp.nix
|
||||
modules/redshift.nix
|
||||
# modules/starship.nix
|
||||
modules/syncthing.nix
|
||||
# modules/powermanagement.nix
|
||||
|
||||
];
|
||||
|
||||
boot = {
|
||||
loader.systemd-boot.enable = true;
|
||||
loader.efi.canTouchEfiVariables = true;
|
||||
plymouth.enable = true;
|
||||
tmp.cleanOnBoot = true;
|
||||
kernelParams = [ "i915.enable_fbc=1" ];
|
||||
};
|
||||
boot.initrd.luks.fido2Support = true;
|
||||
boot.initrd.luks.devices."/dev/sda2".device = "/dev/sda2";
|
||||
boot.initrd.luks.devices."/dev/sda2".fido2.credential = "a67d17616bf2568727498dffa95205df943383ab3a2f9798606532d5791a155a37dd52dae2262619c1da2be7562ec9dd94888c71a9326fea70dfe16214b5ea8ec0143b010000";
|
||||
|
||||
hardware = {
|
||||
# Enable microcode updates for Intel CPU
|
||||
cpu.intel.updateMicrocode = true;
|
||||
# Enable Kernel same-page merging
|
||||
ksm.enable = true;
|
||||
# Enable all the firmware
|
||||
enableAllFirmware = true;
|
||||
# Enable all the firmware with a license allowing redistribution. (i.e. free firmware and firmware-linux-nonfree)
|
||||
enableRedistributableFirmware = true;
|
||||
# Enable OpenGL drivers
|
||||
opengl.enable = true;
|
||||
opengl.extraPackages = with pkgs; [
|
||||
vaapiIntel
|
||||
vaapiVdpau
|
||||
libvdpau-va-gl
|
||||
];
|
||||
pulseaudio = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
i18n.defaultLocale = "fr_FR.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
|
||||
fonts = {
|
||||
fontDir.enable = true;
|
||||
enableGhostscriptFonts = true;
|
||||
fonts = with pkgs; [
|
||||
corefonts
|
||||
vistafonts
|
||||
inconsolata
|
||||
terminus_font
|
||||
proggyfonts
|
||||
dejavu_fonts
|
||||
font-awesome
|
||||
nerdfonts
|
||||
source-code-pro
|
||||
source-sans-pro
|
||||
source-serif-pro
|
||||
];
|
||||
};
|
||||
|
||||
programs = {
|
||||
fish.enable = true;
|
||||
fish.interactiveShellInit = ''
|
||||
set -gx EDITOR nvim
|
||||
'';
|
||||
ssh = {
|
||||
setXAuthLocation = true;
|
||||
forwardX11 = true;
|
||||
};
|
||||
dconf.enable=true;
|
||||
};
|
||||
programs.thunar.enable = true;
|
||||
|
||||
programs.thunar.plugins = with pkgs.xfce; [
|
||||
thunar-archive-plugin
|
||||
thunar-volman
|
||||
];
|
||||
# Enable sound.
|
||||
sound.enable = true;
|
||||
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
users = {
|
||||
groups.ntp = {};
|
||||
defaultUserShell = "/run/current-system/sw/bin/fish";
|
||||
extraUsers.alexandre = {
|
||||
isNormalUser = true;
|
||||
home = "/home/alexandre";
|
||||
description = "alexandre";
|
||||
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "scanner" "plocate" "lp" ];
|
||||
# hashedPassword = "$6$7m77oPQxa$W9YnRLo1X2eqztBHwpoH8diHGkBno5O39AMyL9Qm8y8I6uW63H2Nwx4p239OG5zhOxA8J1lZvHTQ3hKPSP9mT/";
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
google-fonts
|
||||
gnome.adwaita-icon-theme
|
||||
networkmanagerapplet
|
||||
];
|
||||
|
||||
environment.variables.EDITOR = "nvim";
|
||||
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
}
|
||||
|
|
@ -0,0 +1,47 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/b670bb55-7e29-4477-8f58-118c42598f40";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/0BEC-722D";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/d52b6afe-cb3f-4e92-8e4b-5394a0bef647"; }
|
||||
];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
"partitions" = {
|
||||
device = "/dev/sda2";
|
||||
preLVM = true; # You may want to set this to false if you need to start a network service first
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
/home/alexandre/git/nixos-config/modules/
|
|
@ -0,0 +1,19 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
networking = {
|
||||
hostName = "d2nix";
|
||||
interfaces.enp0s31f6.useDHCP = true;
|
||||
networkmanager.enable = true;
|
||||
stevenblack.block = [ "fakenews" "gambling" "porn" ];
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowedTCPPortRanges = [
|
||||
{ from = 1714; to = 1764; } # KDE Connect
|
||||
];
|
||||
allowedUDPPortRanges = [
|
||||
{ from = 1714; to = 1764; } # KDE Connect
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,50 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
services = {
|
||||
avahi = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
printing.enable = true;
|
||||
clamav = {
|
||||
daemon.enable = true;
|
||||
updater.enable = true;
|
||||
};
|
||||
locate = {
|
||||
enable = true;
|
||||
locate = pkgs.plocate;
|
||||
interval = "hourly";
|
||||
localuser = null;
|
||||
};
|
||||
redshift = {
|
||||
enable = true;
|
||||
brightness = {
|
||||
# Note the string values below.
|
||||
day = "1";
|
||||
night = "1";
|
||||
};
|
||||
temperature = {
|
||||
day = 5500;
|
||||
night = 3700;
|
||||
};
|
||||
};
|
||||
geoclue2.appConfig.redshift.isAllowed = true;
|
||||
automatic-timezoned.enable = true;
|
||||
xserver = {
|
||||
enable = true;
|
||||
autorun = true;
|
||||
windowManager.i3.enable = true;
|
||||
displayManager.defaultSession = "none+i3";
|
||||
layout = "fr";
|
||||
xkbOptions = "eurosign:e";
|
||||
};
|
||||
openssh = {
|
||||
enable = true;
|
||||
settings.PermitRootLogin = "no";
|
||||
};
|
||||
ntp.enable = true;
|
||||
tlp.enable = true;
|
||||
fstrim.enable = true;
|
||||
};
|
||||
}
|
|
@ -0,0 +1,8 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
#configDir = "/home/alexandre/git/nixos-config/hosts/dell-5590/nixpkgs/";
|
||||
programs.bat = {
|
||||
enable = true;
|
||||
# } // (import "${configDir}/bat");
|
||||
} // (import "/home/alexandre/git/nixos-config/hosts/dell-5590/home-manager/bat");
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
{
|
||||
config = {
|
||||
decorations = "auto";
|
||||
paging = "auto";
|
||||
theme = "Nord";
|
||||
};
|
||||
}
|
|
@ -0,0 +1,101 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
programs.firefox = {
|
||||
enable = true;
|
||||
package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
|
||||
extraPolicies = {
|
||||
CaptivePortal = false;
|
||||
DisableFirefoxStudies = true;
|
||||
DisablePocket = true;
|
||||
DisableTelemetry = true;
|
||||
DisableFirefoxAccounts = false;
|
||||
NoDefaultBookmarks = true;
|
||||
OfferToSaveLogins = true;
|
||||
OfferToSaveLoginsDefault = true;
|
||||
PasswordManagerEnabled = true;
|
||||
FirefoxHome = {
|
||||
Search = true;
|
||||
Pocket = false;
|
||||
Snippets = false;
|
||||
TopSites = false;
|
||||
Highlights = false;
|
||||
};
|
||||
UserMessaging = {
|
||||
ExtensionRecommendations = false;
|
||||
SkipOnboarding = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
profiles = {
|
||||
alexandre = {
|
||||
id = 0;
|
||||
name = "alexandre";
|
||||
search = {
|
||||
force = true;
|
||||
default = "Google";
|
||||
engines = {
|
||||
"Nix Packages" = {
|
||||
urls = [{
|
||||
template = "https://search.nixos.org/packages";
|
||||
params = [
|
||||
{ name = "type"; value = "packages"; }
|
||||
{ name = "query"; value = "{searchTerms}"; }
|
||||
];
|
||||
}];
|
||||
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
|
||||
definedAliases = [ "@np" ];
|
||||
};
|
||||
"NixOS Wiki" = {
|
||||
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
|
||||
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
||||
updateInterval = 24 * 60 * 60 * 1000;
|
||||
definedAliases = [ "@nw" ];
|
||||
};
|
||||
"Wikipedia (en)".metaData.alias = "@wiki";
|
||||
"Google".metaData.hidden = false;
|
||||
"Amazon.com".metaData.hidden = true;
|
||||
"Bing".metaData.hidden = true;
|
||||
"eBay".metaData.hidden = true;
|
||||
};
|
||||
};
|
||||
|
||||
bookmarks = [
|
||||
{
|
||||
name = "wikipedia";
|
||||
tags = [ "wiki" ];
|
||||
keyword = "wiki";
|
||||
url = "https://en.wikipedia.org/wiki/Special:Search?search=%s&go=Go";
|
||||
}
|
||||
{
|
||||
name = "kernel.org";
|
||||
url ="https://v2.produhost.net/panel/16148/dashboard";
|
||||
}
|
||||
{
|
||||
name = "Nix sites";
|
||||
toolbar = true;
|
||||
bookmarks = [
|
||||
{
|
||||
name = "homepage";
|
||||
url = "https://nixos.org/";
|
||||
}
|
||||
{
|
||||
name = "wiki";
|
||||
tags = [ "wiki" "nix" ];
|
||||
url = "https://nixos.wiki/";
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
settings = {
|
||||
"general.smoothScroll" = true;
|
||||
};
|
||||
|
||||
extraConfig = ''
|
||||
user_pref("full-screen-api.ignore-widgets", true);
|
||||
user_pref("media.ffmpeg.vaapi.enabled", true);
|
||||
user_pref("media.rdd-vpx.enabled", true);
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,78 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./home_firefox.nix
|
||||
./packages.nix
|
||||
../../../modules/neovim.nix
|
||||
../../../modules/tmux.nix
|
||||
../../../modules/git.nix
|
||||
../../../modules/emacs.nix
|
||||
];
|
||||
# Home Manager needs a bit of information about you and the paths it should
|
||||
# manage.
|
||||
home.username = "alexandre";
|
||||
home.homeDirectory = "/home/alexandre";
|
||||
|
||||
# This value determines the Home Manager release that your configuration is
|
||||
# compatible with. This helps avoid breakage when a new Home Manager release
|
||||
# introduces backwards incompatible changes.
|
||||
#
|
||||
# You should not change this value, even if you update Home Manager. If you do
|
||||
# want to update the value, then make sure to first check the Home Manager
|
||||
# release notes.
|
||||
home.stateVersion = "23.05"; # Please read the comment before changing.
|
||||
|
||||
# The home.packages option allows you to install Nix packages into your
|
||||
# environment.
|
||||
home.packages = [
|
||||
# # Adds the 'hello' command to your environment. It prints a friendly
|
||||
# # "Hello, world!" when run.
|
||||
# pkgs.hello
|
||||
|
||||
# # It is sometimes useful to fine-tune packages, for example, by applying
|
||||
# # overrides. You can do that directly here, just don't forget the
|
||||
# # parentheses. Maybe you want to install Nerd Fonts with a limited number of
|
||||
# # fonts?
|
||||
# (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
|
||||
|
||||
# # You can also create simple shell scripts directly inside your
|
||||
# # configuration. For example, this adds a command 'my-hello' to your
|
||||
# # environment:
|
||||
# (pkgs.writeShellScriptBin "my-hello" ''
|
||||
# echo "Hello, ${config.home.username}!"
|
||||
# '')
|
||||
];
|
||||
|
||||
# Home Manager is pretty good at managing dotfiles. The primary way to manage
|
||||
# plain files is through 'home.file'.
|
||||
home.file = {
|
||||
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
|
||||
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
|
||||
# # symlink to the Nix store copy.
|
||||
# ".screenrc".source = dotfiles/screenrc;
|
||||
|
||||
# # You can also set the file content immediately.
|
||||
# ".gradle/gradle.properties".text = ''
|
||||
# org.gradle.console=verbose
|
||||
# org.gradle.daemon.idletimeout=3600000
|
||||
# '';
|
||||
};
|
||||
|
||||
# You can also manage environment variables but you will have to manually
|
||||
# source
|
||||
#
|
||||
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
|
||||
#
|
||||
# or
|
||||
#
|
||||
# /etc/profiles/per-user/alexandre/etc/profile.d/hm-session-vars.sh
|
||||
#
|
||||
# if you don't want to manage your shell through Home Manager.
|
||||
home.sessionVariables = {
|
||||
# EDITOR = "emacs";
|
||||
};
|
||||
|
||||
# Let Home Manager install and manage itself.
|
||||
programs.home-manager.enable = true;
|
||||
}
|
|
@ -0,0 +1,112 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
|
||||
inherit pkgs;
|
||||
};
|
||||
in
|
||||
{
|
||||
programs.firefox = {
|
||||
enable = true ;
|
||||
profiles.default = {
|
||||
isDefault = true ;
|
||||
extensions = lib.mkIf config.programs.firefox.enable
|
||||
(with nur.repos.rycee.firefox-addons; [
|
||||
french-dictionary
|
||||
i-dont-care-about-cookies
|
||||
ublock-origin
|
||||
privacy-badger
|
||||
keepassxc-browser
|
||||
clearurls
|
||||
decentraleyes
|
||||
floccus
|
||||
]);
|
||||
search = {
|
||||
force = true;
|
||||
default = "Google";
|
||||
engines = {
|
||||
"Nix Packages" = {
|
||||
urls = [{
|
||||
template = "https://search.nixos.org/packages";
|
||||
params = [
|
||||
{ name = "type"; value = "packages"; }
|
||||
{ name = "query"; value = "{searchTerms}"; }
|
||||
];
|
||||
}];
|
||||
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
|
||||
definedAliases = [ "@np" ];
|
||||
};
|
||||
"NixOS Wiki" = {
|
||||
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
|
||||
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
||||
updateInterval = 24 * 60 * 60 * 1000;
|
||||
definedAliases = [ "@nw" ];
|
||||
};
|
||||
"Wikipedia (en)".metaData.alias = "@wiki";
|
||||
"Google".metaData.hidden = false;
|
||||
"Amazon.com".metaData.hidden = true;
|
||||
"Bing".metaData.hidden = true;
|
||||
"eBay".metaData.hidden = true;
|
||||
};
|
||||
};
|
||||
|
||||
bookmarks = [
|
||||
{
|
||||
name = "DRI";
|
||||
toolbar = true;
|
||||
bookmarks = [
|
||||
{
|
||||
name = "wiki";
|
||||
tags = [ "wiki" ];
|
||||
keyword = "wiki";
|
||||
url = "https://en.wikipedia.org/wiki/Special:Search?search=";
|
||||
}
|
||||
{
|
||||
name = "AVV";
|
||||
url ="https://v2.produhost.net/panel/16148/dashboard";
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
settings = {
|
||||
settings = {
|
||||
"browser.contentblocking.category" = "strict" ;
|
||||
"browser.search.region" = "CH" ;
|
||||
"browser.startup.homepage" = https://www.google.fr ;
|
||||
"browser.toolbars.bookmarks.visibility" = "always";
|
||||
"dom.security.https_only_mode" = true ;
|
||||
"dom.security.https_only_mode_ever_enabled" = true ;
|
||||
"extensions.blocklist.pingCountVersion" = -1 ;
|
||||
"extensions.databaseSchema" = 35 ;
|
||||
"extensions.ui.dictionary.hidden" = false ;
|
||||
"extensions.ui.extension.hidden" = false ;
|
||||
"extensions.ui.locale.hidden" = true ;
|
||||
"extensions.ui.sitepermission.hidden" = true ;
|
||||
"extensions.webcompat.enable_shims" = true ;
|
||||
"extensions.webcompat.perform_injections" = true ;
|
||||
"extensions.webcompat.perform_ua_overrides" = true ;
|
||||
"findbar.highlightAll" = true ;
|
||||
"font.name.serif.x-western" = "FreeSerif" ;
|
||||
"font.size.variable.x-western" = 20 ;
|
||||
"media.eme.enabled" = true ;
|
||||
"pref.browser.homepage.disable_button.current_page" = false ;
|
||||
"print_printer" = "Mozilla Save to PDF" ;
|
||||
"privacy.annotate_channels.strict_list.enabled" = true ;
|
||||
"privacy.clearOnShutdown.cookies" = true ;
|
||||
"privacy.clearOnShutdown.downloads" = false ;
|
||||
"privacy.clearOnShutdown.formdata" = false ;
|
||||
"privacy.clearOnShutdown.history" = false ;
|
||||
"privacy.clearOnShutdown.offlineApps" = true ;
|
||||
"privacy.clearOnShutdown.sessions" = false ;
|
||||
"privacy.donottrackheader.enabled" = true ;
|
||||
"privacy.firstparty.isolate" = true ;
|
||||
"privacy.history.custom" = true ;
|
||||
"privacy.purge_trackers.date_in_cookie_database" = 0 ;
|
||||
"privacy.trackingprotection.emailtracking.enabled" = true ;
|
||||
"privacy.trackingprotection.enabled" = true ;
|
||||
"privacy.trackingprotection.socialtracking.enabled" = true ;
|
||||
};
|
||||
};
|
||||
} ;
|
||||
} ;
|
||||
}
|
|
@ -0,0 +1,47 @@
|
|||
{ pkgs, ... }: {
|
||||
programs.go.enable = true;
|
||||
home.packages = with pkgs; [
|
||||
jq
|
||||
nextcloud-client
|
||||
libreoffice
|
||||
rofi
|
||||
poppler_utils
|
||||
brightnessctl
|
||||
chromium
|
||||
gimp
|
||||
scrot
|
||||
papirus-icon-theme
|
||||
ganttproject-bin
|
||||
audio-recorder
|
||||
pandoc
|
||||
hugo
|
||||
whois
|
||||
inkscape
|
||||
feh
|
||||
ispell
|
||||
aspellDicts.fr
|
||||
nix-direnv
|
||||
keepassxc
|
||||
direnv
|
||||
texlive.combined.scheme-full
|
||||
zola
|
||||
exa
|
||||
python3
|
||||
unar # like 7z
|
||||
nmap
|
||||
libnotify
|
||||
sublime-music
|
||||
drawio
|
||||
lsd
|
||||
guake
|
||||
dig
|
||||
vlc
|
||||
pinta
|
||||
linphone
|
||||
graphviz
|
||||
freecad
|
||||
freetube
|
||||
thunderbird
|
||||
];
|
||||
nixpkgs.config.permittedInsecurePackages = [ "ferdi-5.8.1" ];
|
||||
}
|
|
@ -0,0 +1,180 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running `nixos-help`).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
./services.nix
|
||||
./extra_hw.nix
|
||||
./gnome.nix
|
||||
./nitrokey.nix
|
||||
];
|
||||
|
||||
boot = {
|
||||
loader.systemd-boot.enable = true;
|
||||
loader.grub.efiSupport = true;
|
||||
loader.grub.efiInstallAsRemovable = true;
|
||||
loader.grub.device = "nodev";
|
||||
plymouth.enable = true;
|
||||
tmp.cleanOnBoot = true ;
|
||||
kernelParams = [ "i915.enable_fbc=1" ];
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = "d2nix"; # Define your hostname.
|
||||
networkmanager.enable = true;
|
||||
firewall.enable = true;
|
||||
};
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
i18n.defaultLocale = "fr_FR.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
fonts = {
|
||||
fontDir.enable = true;
|
||||
enableGhostscriptFonts = true;
|
||||
fonts = with pkgs; [
|
||||
corefonts
|
||||
vistafonts
|
||||
powerline-fonts
|
||||
inconsolata
|
||||
terminus_font
|
||||
proggyfonts
|
||||
dejavu_fonts
|
||||
font-awesome
|
||||
nerdfonts
|
||||
source-code-pro
|
||||
source-sans-pro
|
||||
source-serif-pro
|
||||
iosevka
|
||||
roboto-mono
|
||||
fira-code
|
||||
];
|
||||
};
|
||||
|
||||
#sound.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users = {
|
||||
groups.ntp = {};
|
||||
defaultUserShell = "/run/current-system/sw/bin/fish";
|
||||
extraUsers.alexandre = {
|
||||
isNormalUser = true;
|
||||
home = "/home/alexandre";
|
||||
description = "alexandre";
|
||||
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "scanner" "plocate" "lp" ];
|
||||
packages = with pkgs; [
|
||||
#firefox
|
||||
gitAndTools.gitFull
|
||||
];
|
||||
};
|
||||
extraUsers.oem = {
|
||||
isNormalUser = true;
|
||||
home = "/home/oem";
|
||||
description = "oem";
|
||||
extraGroups = [ "wheel" "networkmanager" ];
|
||||
};
|
||||
};
|
||||
|
||||
environment.variables = {
|
||||
EDITOR = "nvim";
|
||||
BROWSER = "firefox";
|
||||
LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS";
|
||||
TERMINAL = "xfce4-terminal";
|
||||
PRIVATE_BROWSER = "firefox -private";
|
||||
};
|
||||
|
||||
security = {
|
||||
rtkit.enable = true; # for pipewire
|
||||
apparmor.enable = true;
|
||||
pam = {
|
||||
u2f = {
|
||||
enable = true;
|
||||
control = "requisite";
|
||||
};
|
||||
services = {
|
||||
login.u2fAuth = true;
|
||||
lightdm.u2fAuth = true;
|
||||
gdm.u2fAuth = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
|
||||
nixpkgs.config = {
|
||||
allowUnfree = true;
|
||||
};
|
||||
|
||||
nix.settings.auto-optimise-store = true;
|
||||
nix.gc = {
|
||||
automatic = true;
|
||||
dates = "weekly";
|
||||
persistent = true;
|
||||
options = "--delete-older-than 10d";
|
||||
};
|
||||
|
||||
|
||||
programs = {
|
||||
htop = {
|
||||
enable = true;
|
||||
settings.show_cpu_temperature = 1;
|
||||
};
|
||||
fish = {
|
||||
enable = true;
|
||||
interactiveShellInit = ''
|
||||
set -gx EDITOR nvim
|
||||
'';
|
||||
shellAliases = {
|
||||
ll = "ls -l";
|
||||
ls = "lsd";
|
||||
cat = "bat";
|
||||
sysrs = "sudo nixos-rebuild switch";
|
||||
sysup = "sudo nixos-rebuild switch --upgrade";
|
||||
sysclean = "sudo nix-collect-garbage -d; and sudo nix-store --optimise";
|
||||
# nvim = "nvim -u ~/.config/nvim/init.lua";
|
||||
};
|
||||
};
|
||||
};
|
||||
environment.systemPackages = with pkgs; [
|
||||
neovim
|
||||
bat
|
||||
lsd
|
||||
pam_u2f
|
||||
gsmartcontrol
|
||||
lm_sensors
|
||||
wezterm
|
||||
];
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.gnupg.agent = {
|
||||
# enable = true;
|
||||
# enableSSHSupport = true;
|
||||
# };
|
||||
|
||||
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It's perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
|
||||
inherit pkgs;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
hardware = {
|
||||
cpu.intel.updateMicrocode = true;
|
||||
enableAllFirmware = true;
|
||||
pulseaudio.enable = false;
|
||||
bluetooth = {
|
||||
enable = true;
|
||||
settings = {
|
||||
General = {
|
||||
Enable = "Source,Sink,Media,Socket";
|
||||
};
|
||||
};
|
||||
};
|
||||
logitech = {
|
||||
wireless.enable = true;
|
||||
wireless.enableGraphical = true;
|
||||
};
|
||||
opengl = {
|
||||
enable = true;
|
||||
extraPackages = with pkgs; [
|
||||
intel-media-driver # LIBVA_DRIVER_NAME=iHD
|
||||
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
|
||||
vaapiVdpau
|
||||
libvdpau-va-gl
|
||||
];
|
||||
};
|
||||
};
|
||||
# Video acceleration
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
|
||||
};
|
||||
}
|
|
@ -0,0 +1,29 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
|
||||
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
|
||||
|
||||
environment.gnome.excludePackages = (with pkgs; [
|
||||
gnome-photos
|
||||
gnome-tour
|
||||
]) ++ (with pkgs.gnome; [
|
||||
cheese # webcam tool
|
||||
gnome-music
|
||||
gedit # text editor
|
||||
epiphany # web browser
|
||||
totem # video player
|
||||
tali # poker game
|
||||
iagno # go game
|
||||
hitori # sudoku game
|
||||
atomix # puzzle game
|
||||
]);
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
pkgs.gnome3.gnome-tweaks
|
||||
gnomeExtensions.appindicator
|
||||
gnomeExtensions.yakuake
|
||||
gnomeExtensions.workspace-indicator-2
|
||||
gnomeExtensions.wireless-hid
|
||||
gnomeExtensions.vitals
|
||||
];
|
||||
}
|
|
@ -0,0 +1,49 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" "vfat" "nls_cp437" "nls_iso8859-1" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" "coretemp" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/8eea016d-9dd3-4149-8e5c-014d7d90695f";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/0382-3D00";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/1ffd2601-020f-4635-923b-4053676070d7"; }
|
||||
];
|
||||
# boot.initrd.luks.yubikeySupport = true;
|
||||
boot.initrd.luks.devices = {
|
||||
"partitions" = {
|
||||
device = "/dev/sda2";
|
||||
preLVM = true;
|
||||
crypttabExtraOpts = ["fido2-device=auto"];
|
||||
};
|
||||
};
|
||||
boot.initrd.systemd.enable = true;
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp0s20f0u10.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
|
||||
# Enable touchpad support (enabled default in most desktopManager).
|
||||
# services.xserver.libinput.enable = true;
|
||||
|
||||
}
|
|
@ -0,0 +1,14 @@
|
|||
{config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
hardware.nitrokey = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
services.pcscd.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
nitrokey-app
|
||||
];
|
||||
}
|
||||
|
|
@ -0,0 +1,54 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
services = {
|
||||
avahi = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
clamav = {
|
||||
daemon.enable = true;
|
||||
updater.enable = true;
|
||||
};
|
||||
|
||||
ntp = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
thermald = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
fstrim = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
locate = {
|
||||
enable = true;
|
||||
locate = pkgs.plocate;
|
||||
interval = "hourly";
|
||||
localuser = null;
|
||||
};
|
||||
|
||||
pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
};
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
xserver = {
|
||||
enable = true;
|
||||
# Configure keymap in X11
|
||||
layout = "fr";
|
||||
xkbOptions = "eurosign:e,caps:escape";
|
||||
# Enable the GNOME Desktop Environment.
|
||||
displayManager.gdm.enable = true;
|
||||
desktopManager.gnome.enable = true;
|
||||
};
|
||||
udev.extraRules = ''
|
||||
ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", ENV{DISPLAY}=":0", ENV{XAUTHORITY}="/home/alexandre/.Xauthority" RUN+="${pkgs.sudo}/bin/sudo -u alexandre ${pkgs.xdg-utils}/bin/xdg-screensaver lock"
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -0,0 +1,8 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
#configDir = "/home/alexandre/git/nixos-config/hosts/dell-5590/nixpkgs/";
|
||||
programs.bat = {
|
||||
enable = true;
|
||||
# } // (import "${configDir}/bat");
|
||||
} // (import "/home/alexandre/git/nixos-config/hosts/dell-5590/home-manager/bat");
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
{
|
||||
config = {
|
||||
decorations = "auto";
|
||||
paging = "auto";
|
||||
theme = "Nord";
|
||||
};
|
||||
}
|
|
@ -42,7 +42,7 @@ mode "resize" {
|
|||
bindsym $mod+s mode "resize"
|
||||
|
||||
# Tue la fenetre avec le focus
|
||||
bindsym $mod+Shift+A kill
|
||||
bindsym $mod+k kill
|
||||
|
||||
# split in horizontal orientation
|
||||
bindsym $mod+h split h
|
||||
|
@ -97,7 +97,7 @@ bindsym $mod+Shift+8 move container to workspace 8
|
|||
bindsym $mod+Shift+9 move container to workspace $ws9
|
||||
bindsym $mod+Shift+0 move container to workspace 10
|
||||
|
||||
# Recharge le fichier de configuration
|
||||
## # Recharge le fichier de configuration
|
||||
bindsym $mod+Shift+C reload
|
||||
|
||||
# Redemarre i3 mais concerve ce qui est lancé. Utilisable pour les MAJ
|
||||
|
@ -113,7 +113,7 @@ bindsym $mod+d exec rofi -show drun -show-icons -modi drun
|
|||
bar {
|
||||
font pango:DejaVu Sans Mono, FontAwesome 12
|
||||
position top
|
||||
status_command i3status-rs ~/.config/i3status-rust/config-bottom.toml
|
||||
status_command i3status-rs ~/.config/i3status-rust/bar.toml
|
||||
colors {
|
||||
separator #666666
|
||||
background #222222
|
||||
|
@ -143,12 +143,16 @@ exec --no-startup-id nm-applet
|
|||
exec --no-startup-id nextcloud
|
||||
exec --no-startup-id udiskie -t
|
||||
exec --no-startup-id blueman-applet
|
||||
exec --no-startup-id vlc
|
||||
exec --no-startup-id guake
|
||||
exec --no-startup-id kdeconnect-indicator
|
||||
exec --no-startup-id i3-msg 'workspace $ws9; exec keepassxc;'
|
||||
#exec --no-startup-id i3-msg 'workspace $ws5; exec emacs;'
|
||||
exec --no-startup-id i3-msg 'workspace $ws1; exec alacritty;'
|
||||
exec --no-startup-id i3-msg 'workspace $ws1; exec ferdi;'
|
||||
exec --no-startup-id i3-msg 'workspace $ws2; exec thunderbird;'
|
||||
exec --no-startup-id i3-msg 'workspace $ws3; exec firefox;'
|
||||
|
||||
exec --no-startup-id xset s off
|
||||
exec --no-startup-id xset -dpms
|
||||
|
||||
tiling_drag modifier titlebar
|
|
@ -0,0 +1,47 @@
|
|||
[theme]
|
||||
theme = "nord-dark"
|
||||
[icons]
|
||||
icons = "material-nf"
|
||||
|
||||
[[block]]
|
||||
block = "disk_space"
|
||||
path = "/"
|
||||
format = "$icon $percentage"
|
||||
format_alt = " $icon $available / $total "
|
||||
info_type = "used"
|
||||
interval = 60
|
||||
warning = 20.0
|
||||
alert = 10.0
|
||||
|
||||
[[block]]
|
||||
block = "memory"
|
||||
format = " $icon $mem_avail.eng(prefix:M)/$mem_total.eng(prefix:M)($mem_total_used_percents.eng(w:2)) "
|
||||
|
||||
[[block]]
|
||||
block = "cpu"
|
||||
interval = 1
|
||||
|
||||
[[block]]
|
||||
block = "load"
|
||||
interval = 1
|
||||
format = "{1m}"
|
||||
|
||||
[[block]]
|
||||
block = "sound"
|
||||
|
||||
[[block]]
|
||||
block = "backlight"
|
||||
|
||||
[[block]]
|
||||
block = "battery"
|
||||
|
||||
[[block]]
|
||||
block = "kdeconnect"
|
||||
format = " $icon {$bat_icon $bat_charge |}{$notif_icon |}{$network_icon$network_strength $network_type |}"
|
||||
bat_good = 101
|
||||
|
||||
[[block]]
|
||||
block = "time"
|
||||
interval = 60
|
||||
format = " $icon $timestamp.datetime(f:'%d/%m %R', l:fr_FR) "
|
||||
|
|
@ -0,0 +1,216 @@
|
|||
;; Keyboard-centric user interface
|
||||
(setq inhibit-startup-message t)
|
||||
(scroll-bar-mode -1)
|
||||
(tool-bar-mode -1)
|
||||
(menu-bar-mode -1)
|
||||
|
||||
(require 'package)
|
||||
(add-to-list 'package-archives '("melpa" . "https://melpa.org/packages/") t)
|
||||
;; Comment/uncomment this line to enable MELPA Stable if desired. See `package-archive-priorities`
|
||||
;; and `package-pinned-packages`. Most users will not need or want to do this.
|
||||
;;(add-to-list 'package-archives '("melpa-stable" . "https://stable.melpa.org/packages/") t)
|
||||
(package-initialize)
|
||||
|
||||
|
||||
(column-number-mode 't) ; show current column in status bar
|
||||
(add-hook 'text-mode-hook 'turn-on-auto-fill)
|
||||
(set-fringe-mode 10)
|
||||
|
||||
;; Use 4 spaces for one tab visually.
|
||||
(setq tab-width 4)
|
||||
|
||||
(show-paren-mode t) ; highlight matching open and close parentheses
|
||||
(global-hl-line-mode) ; highlight current line
|
||||
(global-visual-line-mode t) ; wrap long lines
|
||||
(setq split-window-preferred-function
|
||||
'visual-fill-column-split-window-sensibly) ; wrap at window boundary
|
||||
|
||||
(global-whitespace-mode) ; enable whitespace handling by default
|
||||
(setq
|
||||
whitespace-style ; see (apropos 'whitespace-style)
|
||||
'(face ; viz via faces
|
||||
trailing ; trailing blanks visualized
|
||||
lines-tail ; lines beyond whitespace-line-column visualized
|
||||
space-before-tab
|
||||
space-after-tab
|
||||
newline ; lines with only blanks visualized
|
||||
indentation ; spaces used for indent when config wants tabs
|
||||
empty ; empty lines at beginning or end or buffer
|
||||
)
|
||||
whitespace-line-column 150) ; column at which whitespace-mode says the line is too long
|
||||
;;(set-face-attribute 'default nil :font "JetBrains Mono" :height 150)
|
||||
|
||||
;; themes
|
||||
(use-package doom-themes
|
||||
:init (load-theme 'doom-nord t)
|
||||
:init (doom-themes-org-config))
|
||||
(setq disabled-command-function nil)
|
||||
(setq inhibit-startup-screen t)
|
||||
(setq visible-bell t)
|
||||
|
||||
;; Only y/n answers
|
||||
(defalias 'yes-or-no-p 'y-or-n-p)
|
||||
|
||||
;; Save what you enter into minibuffer prompts
|
||||
(setq history-length 25)
|
||||
(savehist-mode 1)
|
||||
|
||||
;; Remember and restore the last cursor location of opened files
|
||||
(save-place-mode 1)
|
||||
|
||||
;; Backup
|
||||
|
||||
(setq version-control t ;; Use version numbers for backups.
|
||||
kept-new-versions 10 ;; Number of newest versions to keep.
|
||||
kept-old-versions 0 ;; Number of oldest versions to keep.
|
||||
delete-old-versions t ;; Don't ask to delete excess backup versions.
|
||||
backup-by-copying t) ;; Copy all files, don't rename them.
|
||||
(setq vc-make-backup-files t)
|
||||
(setq backup-directory-alist '(("" . "~/.emacs.d/backup")))
|
||||
(defvar emacs-autosave-directory
|
||||
(concat user-emacs-directory "autosaves/")
|
||||
"This variable dictates where to put auto saves. It is set to a
|
||||
directory called autosaves located wherever your .emacs.d/ is
|
||||
located.")
|
||||
|
||||
;; Sets all files to be backed up and auto saved in a single directory.
|
||||
(setq backup-directory-alist
|
||||
`((".*" . ,emacs-autosave-directory))
|
||||
auto-save-file-name-transforms
|
||||
`((".*" ,emacs-autosave-directory t)))
|
||||
|
||||
|
||||
(setq calendar-week-start-day 1)
|
||||
|
||||
|
||||
(use-package nix-mode
|
||||
:mode ("\\.nix\\'" . nix-mode)
|
||||
:hook (nix-mode . lsp-deferred))
|
||||
|
||||
(use-package magit)
|
||||
(setq magit-fetch-modules-jobs 16); fetch 16 modules in parallel
|
||||
|
||||
(use-package which-key
|
||||
:init (which-key-mode)
|
||||
:config (setq which-key-idle-delay 0.5))
|
||||
|
||||
(autoload 'markdown-mode "markdown-mode"
|
||||
"Major mode for editing Markdown files" t)
|
||||
(add-to-list 'auto-mode-alist
|
||||
'("\\.\\(?:md\\|markdown\\|mkd\\|mdown\\|mkdn\\|mdwn\\)\\'" . markdown-mode))
|
||||
|
||||
(autoload 'gfm-mode "markdown-mode"
|
||||
"Major mode for editing GitHub Flavored Markdown files" t)
|
||||
(add-to-list 'auto-mode-alist '("README\\.md\\'" . gfm-mode))
|
||||
|
||||
;; org-mode
|
||||
(require 'org)
|
||||
(require 'org-mouse)
|
||||
(setq org-startup-folded t
|
||||
org-pretty-entities t
|
||||
org-hide-emphasis-markers t
|
||||
org-startup-with-inline-images t
|
||||
org-agenda-include-deadlines t
|
||||
org-image-actual-width '(300))
|
||||
;; files with ".org" open in org-mode
|
||||
(add-to-list 'auto-mode-alist '("\\.org$" . org-mode))
|
||||
(setq org-agenda-files '("/home/alexandre/Nextcloud/PRIVE/13_Org/backlog.org" "/home/alexandre/Nextcloud/PRIVE/13_Org/notes"))
|
||||
(setq org-directory (concat (getenv "HOME") "/Nextcloud/PRIVE/13_Org/notes"))
|
||||
(setq org-default-notes-file "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
(setq org-todo-keywords '((type "TODO" "En cours" "WAIT" "CANCELED" "DONE")))
|
||||
(setf org-todo-keyword-faces '(("TODO" . (:foreground "cyan" :background "steelblue" :bold t :weight bold))
|
||||
("En cours" . (:foreground "yellow" :background "red" :bold t :weight bold))
|
||||
("En attente de réponse" . (:foreground "yellow" :background "magenta2" :bold t :weight bold))
|
||||
("CANCELED" . (:foreground "gray" :background "dime grey" :bold t :weight bold))
|
||||
("DONE" . (:foreground "gray50" :background "gray30"))))
|
||||
|
||||
;; tags
|
||||
(setq org-tag-alist '(("DEVIS" . ?d) ("PROJETS" . ?p) ("CLIENT" . ?c) ("PROSPECT" . ?o) ("INTERNE" . ?i) ("AO" . ?a) ("PJ" . ?z) ("AVV" . ?v) ("LEGACY" . ?l) ("ROC" . ?r)))
|
||||
|
||||
(setq org-tag-faces
|
||||
'(
|
||||
("DEVIS" . (:foreground "OrangeRed" :weight bold))
|
||||
("ROC" . (:foreground "OrangeRed" :weight bold))
|
||||
("PJ" . (:foreground "brightyellow" :weight bold))
|
||||
("PROJET" . (:foreground "IndianRed1" :weight bold))
|
||||
("INTERNE" . (:foreground "LimeGreen" :weight bold))
|
||||
("LEGACY" . (:foreground "LimeGreen" :weight bold))
|
||||
("CLIENT" . (:foreground "Orange" :weight bold))
|
||||
("PROSPECT" . (:foreground "MediumPurple3" :weight bold))
|
||||
("AO" . (:foreground "HotPink2" :weight bold))
|
||||
)
|
||||
)
|
||||
;; org-capture use to add note to backlog file. At the end of day, use org-refile to dispatch to good note
|
||||
;; https://sachachua.com/blog/2014/11/using-org-mode-keep-process-journal/
|
||||
|
||||
(setq org-capture-templates
|
||||
'(("t" "TODO" entry (file+datetree "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
"* TODO %? %^G \n %U" :empty-lines 1)
|
||||
("s" "Scheduled TODO" entry (file+datetree "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
"* TODO %? %^G \nSCHEDULED: %^t\n %U" :empty-lines 1)
|
||||
("l" "Link" entry (file "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
"* TODO %a %? %^G\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))\n")
|
||||
("j" "Journal entry" plain
|
||||
(file+datetree+prompt "~/Nextcloud/PRIVE/13_Org/journal.org")
|
||||
"%K ****** %a\n%i\n%?\n")
|
||||
("n" "Note dans le journal" entry (file "~/Nextcloud/PRIVE/13_Org/journal.org")
|
||||
"**** %? %^G\n" :empty-lines 1)))
|
||||
|
||||
;; Org-Roam basic configuration
|
||||
(use-package org-roam
|
||||
:after org
|
||||
:init
|
||||
(setq org-roam-v2-ack t) ;; Acknowledge V2 upgrade
|
||||
:custom
|
||||
(org-roam-directory (file-truename org-directory))
|
||||
(org-roam-completion-everywhere t)
|
||||
:bind (("C-c n l" . org-roam-buffer-toggle)
|
||||
("C-c n f" . org-roam-node-find)
|
||||
("C-c n o" . org-open-at-point)
|
||||
("C-c n j" . org-roam-dailies-capture-today)
|
||||
("C-c n i" . org-roam-node-insert))
|
||||
:config
|
||||
(org-roam-setup)
|
||||
(org-roam-db-autosync-mode)
|
||||
)
|
||||
|
||||
;; caldav
|
||||
;;(setq org-caldav-url "https://next20.produhost.net/remote.php/dav/alexandre")
|
||||
;;(setq org-caldav-calendars
|
||||
;; '((:calendar-id "alexandre-dri"
|
||||
;; :files ("~/Nextcloud/PRIVE/13_Org/calendar/alexandre-dri.org")
|
||||
;; :inbox "~/Nextcloud/PRIVE/13_Org/calendar/alexandre-dri-inbox.org")))
|
||||
;;(setq org-icalendar-include-todo 'all
|
||||
;; org-caldav-sync-todo t)
|
||||
;;
|
||||
(use-package org-journal
|
||||
:ensure t
|
||||
:defer t
|
||||
:init
|
||||
;; Change default prefix key; needs to be set before loading org-journal
|
||||
(setq org-journal-prefix-key "C-c j ")
|
||||
:config
|
||||
(setq org-journal-file-type=weekly
|
||||
org-journal-date-format "%A, %d %B %Y"))
|
||||
|
||||
;;;; Index org file and backlog file
|
||||
(defvar org-gtd-file "~/Nextcloud/PRIVE/13_Org/DRI.org")
|
||||
(defvar org-backlog-file "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
|
||||
;; Open DRI.org when I hit C-c g
|
||||
(defun gtd ()
|
||||
"Open the GTD file."
|
||||
(interactive)
|
||||
(find-file org-gtd-file))
|
||||
|
||||
;; Open backlog.org when I hit file hit C-c b
|
||||
(defun gtb ()
|
||||
"Open the backlog file."
|
||||
(interactive)
|
||||
(find-file org-backlog-file))
|
||||
|
||||
;; keybinding
|
||||
(global-set-key "\C-cl" 'org-store-link)
|
||||
(global-set-key "\C-ca" 'org-agenda)
|
||||
(global-set-key "\C-cg" 'gtd)
|
||||
(global-set-key "\C-cb" 'gtb)
|
|
@ -0,0 +1,218 @@
|
|||
;; Keyboard-centric user interface
|
||||
(setq inhibit-startup-message t)
|
||||
(scroll-bar-mode -1)
|
||||
(tool-bar-mode -1)
|
||||
(menu-bar-mode -1)
|
||||
|
||||
(require 'package)
|
||||
(add-to-list 'package-archives '("melpa" . "https://melpa.org/packages/") t)
|
||||
;; Comment/uncomment this line to enable MELPA Stable if desired. See `package-archive-priorities`
|
||||
;; and `package-pinned-packages`. Most users will not need or want to do this.
|
||||
;;(add-to-list 'package-archives '("melpa-stable" . "https://stable.melpa.org/packages/") t)
|
||||
(package-initialize)
|
||||
|
||||
|
||||
(column-number-mode 't) ; show current column in status bar
|
||||
(add-hook 'text-mode-hook 'turn-on-auto-fill)
|
||||
(set-fringe-mode 10)
|
||||
|
||||
;; Use 4 spaces for one tab visually.
|
||||
(setq tab-width 4)
|
||||
|
||||
(show-paren-mode t) ; highlight matching open and close parentheses
|
||||
(global-hl-line-mode) ; highlight current line
|
||||
(global-visual-line-mode t) ; wrap long lines
|
||||
(setq split-window-preferred-function
|
||||
'visual-fill-column-split-window-sensibly) ; wrap at window boundary
|
||||
|
||||
(global-whitespace-mode) ; enable whitespace handling by default
|
||||
(setq
|
||||
whitespace-style ; see (apropos 'whitespace-style)
|
||||
'(face ; viz via faces
|
||||
trailing ; trailing blanks visualized
|
||||
lines-tail ; lines beyond whitespace-line-column visualized
|
||||
space-before-tab
|
||||
space-after-tab
|
||||
newline ; lines with only blanks visualized
|
||||
indentation ; spaces used for indent when config wants tabs
|
||||
empty ; empty lines at beginning or end or buffer
|
||||
)
|
||||
whitespace-line-column 150) ; column at which whitespace-mode says the line is too long
|
||||
;;(set-face-attribute 'default nil :font "JetBrains Mono" :height 150)
|
||||
|
||||
;; themes
|
||||
(use-package doom-themes
|
||||
:init (load-theme 'doom-nord t)
|
||||
:init (doom-themes-org-config))
|
||||
(setq disabled-command-function nil)
|
||||
(setq inhibit-startup-screen t)
|
||||
(setq visible-bell t)
|
||||
|
||||
;; Only y/n answers
|
||||
(defalias 'yes-or-no-p 'y-or-n-p)
|
||||
|
||||
;; Save what you enter into minibuffer prompts
|
||||
(setq history-length 25)
|
||||
(savehist-mode 1)
|
||||
|
||||
;; Remember and restore the last cursor location of opened files
|
||||
(save-place-mode 1)
|
||||
|
||||
;; Backup
|
||||
|
||||
(setq version-control t ;; Use version numbers for backups.
|
||||
kept-new-versions 10 ;; Number of newest versions to keep.
|
||||
kept-old-versions 0 ;; Number of oldest versions to keep.
|
||||
delete-old-versions t ;; Don't ask to delete excess backup versions.
|
||||
backup-by-copying t) ;; Copy all files, don't rename them.
|
||||
(setq vc-make-backup-files t)
|
||||
(setq backup-directory-alist '(("" . "~/.emacs.d/backup")))
|
||||
(defvar emacs-autosave-directory
|
||||
(concat user-emacs-directory "autosaves/")
|
||||
"This variable dictates where to put auto saves. It is set to a
|
||||
directory called autosaves located wherever your .emacs.d/ is
|
||||
located.")
|
||||
|
||||
;; Sets all files to be backed up and auto saved in a single directory.
|
||||
(setq backup-directory-alist
|
||||
`((".*" . ,emacs-autosave-directory))
|
||||
auto-save-file-name-transforms
|
||||
`((".*" ,emacs-autosave-directory t)))
|
||||
|
||||
|
||||
(setq calendar-week-start-day 1)
|
||||
|
||||
|
||||
;; keybinding
|
||||
(global-set-key "\C-cnj" 'org-journal-new-entry)
|
||||
(global-set-key "\C-cl" 'org-store-link)
|
||||
(global-set-key "\C-ca" 'org-agenda)
|
||||
(global-set-key "\C-c g" 'gtd)
|
||||
|
||||
(use-package nix-mode
|
||||
:mode ("\\.nix\\'" . nix-mode)
|
||||
:hook (nix-mode . lsp-deferred))
|
||||
|
||||
(use-package magit)
|
||||
(setq magit-fetch-modules-jobs 16); fetch 16 modules in parallel
|
||||
|
||||
(use-package which-key
|
||||
:init (which-key-mode)
|
||||
:config (setq which-key-idle-delay 0.5))
|
||||
|
||||
(autoload 'markdown-mode "markdown-mode"
|
||||
"Major mode for editing Markdown files" t)
|
||||
(add-to-list 'auto-mode-alist
|
||||
'("\\.\\(?:md\\|markdown\\|mkd\\|mdown\\|mkdn\\|mdwn\\)\\'" . markdown-mode))
|
||||
|
||||
(autoload 'gfm-mode "markdown-mode"
|
||||
"Major mode for editing GitHub Flavored Markdown files" t)
|
||||
(add-to-list 'auto-mode-alist '("README\\.md\\'" . gfm-mode))
|
||||
|
||||
;; org-mode
|
||||
(require 'org)
|
||||
(require 'org-mouse)
|
||||
(setq org-startup-folded t
|
||||
org-pretty-entities t
|
||||
org-hide-emphasis-markers t
|
||||
org-startup-with-inline-images t
|
||||
org-agenda-include-deadlines t
|
||||
org-image-actual-width '(300))
|
||||
;; files with ".org" open in org-mode
|
||||
(add-to-list 'auto-mode-alist '("\\.org$" . org-mode))
|
||||
(setq org-agenda-files '("/home/alexandre/Nextcloud/PRIVE/13_Org/backlog.org" "/home/alexandre/Nextcloud/PRIVE/13_Org/notes" "/home/alexandre/Nextcloud/PRIVE/13_Org/journal"))
|
||||
(setq org-directory (concat (getenv "HOME") "/Nextcloud/PRIVE/13_Org/notes"))
|
||||
(setq org-default-notes-file "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
;;(setq org-capture-templates
|
||||
;; '(("b" "Ajouter au backlog" entry
|
||||
;; (file "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
;; "* TODO %?" :empty-lines 1))
|
||||
(setq org-capture-templates
|
||||
'(("t" "TODO" entry (file+datetree "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
"* TODO %? %^G \n %U" :empty-lines 1)
|
||||
("s" "Scheduled TODO" entry (file+datetree "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
"* TODO %? %^G \nSCHEDULED: %^t\n %U" :empty-lines 1)
|
||||
("l" "Link" entry (file "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
"* TODO %a %? %^G\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))\n")
|
||||
("n" "Note" entry (file "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
"* %? %^G\n%U" :empty-lines 1)
|
||||
("j" "Journal" entry (file+datetree "~/Nextcloud/PRIVE/13_Org/backlog.org")
|
||||
"* %? %^G\nEntered on %U\n")))
|
||||
;; Org-Roam basic configuration
|
||||
|
||||
(use-package org-roam
|
||||
:after org
|
||||
:init (setq org-roam-v2-ack t) ;; Acknowledge V2 upgrade
|
||||
:custom
|
||||
(org-roam-directory (file-truename org-directory))
|
||||
:config
|
||||
(org-roam-setup)
|
||||
(org-roam-db-autosync-mode)
|
||||
:bind (("C-c n f" . org-roam-node-find)
|
||||
("C-c n r" . org-roam-node-random)
|
||||
("C-c n o" . org-open-at-point)
|
||||
("C-c n i" . org-roam-node-insert)
|
||||
;; (:map org-mode-map
|
||||
;; (("C-c n i" . org-roam-node-insert)
|
||||
;; ("C-c n t" . org-roam-tag-add)
|
||||
;; ("C-c n a" . org-roam-alias-add)
|
||||
;; ("C-c n l" . org-roam-buffer-toggle)
|
||||
;; ("C-c n o" . org-open-at-point)
|
||||
;; ("C-c n d" . org-roam-dailies-capture-today)
|
||||
;; ("C-c n T" . org-roam-dailies-goto-today)
|
||||
;; ("C-M-i" . completion-at-point))))
|
||||
)
|
||||
;; (:map org-roam-dailies-map
|
||||
;; (map!
|
||||
;; "\C-c n T" 'org-roam-dailies-goto-today
|
||||
;; "\C-c n d" 'org-roam-dailies-capture-today))
|
||||
(setq org-roam-dailies-capture-templates
|
||||
'(("d" "default" entry
|
||||
"* %?"
|
||||
:target (file+head "journal-%<%Y>.org" "#+TITLE: %<%Y-%m-%d>\n"))))
|
||||
|
||||
;; one file org
|
||||
(defvar org-gtd-file "~/Nextcloud/PRIVE/13_Org/DRI.org")
|
||||
|
||||
;; Open DRI.org when I hit C-c g
|
||||
(defun gtd ()
|
||||
"Open the GTD file."
|
||||
(interactive)
|
||||
(find-file org-gtd-file))
|
||||
|
||||
;; This seems like a good basic set of keywords to start out with:
|
||||
|
||||
(setq org-todo-keywords '((type "TODO" "En cours" "WAIT" "CANCELED" "DONE")))
|
||||
|
||||
(setf org-todo-keyword-faces '(("TODO" . (:foreground "cyan" :background "steelblue" :bold t :weight bold))
|
||||
("En cours" . (:foreground "yellow" :background "red" :bold t :weight bold))
|
||||
("En attente de réponse" . (:foreground "yellow" :background "magenta2" :bold t :weight bold))
|
||||
("CANCELED" . (:foreground "gray" :background "dime grey" :bold t :weight bold))
|
||||
("DONE" . (:foreground "gray50" :background "gray30"))))
|
||||
|
||||
;; tags
|
||||
(setq org-tag-alist '(("DEVIS" . ?d) ("PROJETS" . ?p) ("CLIENT" . ?c) ("PROSPECT" . ?o) ("INTERNE" . ?i) ("AO" . ?a) ("PJ" . ?z) ("AVV" . ?v) ("PERSO" . ?z)))
|
||||
|
||||
|
||||
(setq org-tag-faces
|
||||
'(
|
||||
("DEVIS" . (:foreground "OrangeRed" :weight bold))
|
||||
("PJ" . (:foreground "brightyellow" :weight bold))
|
||||
("PROJET" . (:foreground "IndianRed1" :weight bold))
|
||||
("INTERNE" . (:foreground "LimeGreen" :weight bold))
|
||||
("CLIENT" . (:foreground "Orange" :weight bold))
|
||||
("PROSPECT" . (:foreground "MediumPurple3" :weight bold))
|
||||
("AO" . (:foreground "HotPink2" :weight bold))
|
||||
("PERSO" . (:foreground "firebrick" :weight bold))
|
||||
)
|
||||
)
|
||||
;;; Org-journal
|
||||
;; https://github.com/bastibe/org-journal
|
||||
;; C-c C-j
|
||||
;;(require 'org-journal)
|
||||
;;(setq org-journal-date-prefix "#+TITLE: "
|
||||
;; org-journal-carryover-items "-TODO=\"DONE\""
|
||||
;; org-journal-time-prefix "* "
|
||||
;; org-journal-date-format "%a, %Y-%m-%d"
|
||||
;; org-journal-file-format "%Y-%m-%d-journal.org"
|
||||
;; org-journal-dir "/home/alexandre/Nextcloud/PRIVE/13_Org/journal/")
|
|
@ -0,0 +1,44 @@
|
|||
[General]
|
||||
clientVersion=3.6.4git
|
||||
confirmExternalStorage=false
|
||||
crashReporter=true
|
||||
monoIcons=false
|
||||
newBigFolderSizeLimit=500
|
||||
optionalServerNotifications=true
|
||||
showCallNotifications=true
|
||||
updateSegment=67
|
||||
useNewBigFolderSizeLimit=false
|
||||
|
||||
[Accounts]
|
||||
0\Folders\1\ignoreHiddenFiles=false
|
||||
0\Folders\1\journalPath=.sync_70e356a9188d.db
|
||||
0\Folders\1\localPath=/home/alexandre/Nextcloud/PRIVE/
|
||||
0\Folders\1\paused=false
|
||||
0\Folders\1\targetPath=/
|
||||
0\Folders\1\version=2
|
||||
0\Folders\1\virtualFilesMode=off
|
||||
0\authType=webflow
|
||||
0\dav_user=alexandre
|
||||
0\serverVersion=25.0.1.1
|
||||
0\url=https://next.atlanticaweb.fr
|
||||
0\user=@Invalid()
|
||||
0\version=1
|
||||
0\webflow_user=alexandre
|
||||
1\Folders\3\ignoreHiddenFiles=false
|
||||
1\Folders\3\journalPath=.sync_214037720ec4.db
|
||||
1\Folders\3\localPath=/home/alexandre/Nextcloud/DRI/
|
||||
1\Folders\3\paused=false
|
||||
1\Folders\3\targetPath=/
|
||||
1\Folders\3\version=2
|
||||
1\Folders\3\virtualFilesMode=off
|
||||
1\authType=webflow
|
||||
1\dav_user=alexandre
|
||||
1\serverVersion=26.0.2.1
|
||||
1\url=https://next20.produhost.net
|
||||
1\user=@Invalid()
|
||||
1\version=1
|
||||
1\webflow_user=alexandre
|
||||
version=2
|
||||
|
||||
[Settings]
|
||||
geometry="@ByteArray(\x1\xd9\xd0\xcb\0\x3\0\0\0\0\x3=\0\0\0\xab\0\0\x5\xd4\0\0\x3\x1f\0\0\x3?\0\0\0\xab\0\0\x5\xd2\0\0\x3\x1d\0\0\0\0\0\0\0\0\a\x80\0\0\x3?\0\0\0\xab\0\0\x5\xd2\0\0\x3\x1d)"
|
|
@ -0,0 +1,58 @@
|
|||
; xfce4-terminal GtkAccelMap rc-file -*- scheme -*-
|
||||
; this file is an automated accelerator map dump
|
||||
;
|
||||
(gtk_accel_path "<Actions>/terminal-window/goto-tab-2" "<Alt>2")
|
||||
(gtk_accel_path "<Actions>/terminal-window/goto-tab-6" "<Alt>6")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/copy-input" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/close-other-tabs" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/move-tab-right" "<Primary><Shift>Page_Down")
|
||||
(gtk_accel_path "<Actions>/terminal-window/goto-tab-7" "<Alt>7")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/set-title-color" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/edit-menu" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/zoom-menu" "")
|
||||
(gtk_accel_path "<Actions>/terminal-window/goto-tab-1" "<Alt>1")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/fullscreen" "F11")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/read-only" "")
|
||||
(gtk_accel_path "<Actions>/terminal-window/goto-tab-5" "<Alt>5")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/preferences" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/reset-and-clear" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/about" "")
|
||||
(gtk_accel_path "<Actions>/terminal-window/goto-tab-4" "<Alt>4")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/close-window" "<Primary><Shift>q")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/reset" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/save-contents" "")
|
||||
(gtk_accel_path "<Actions>/terminal-window/toggle-menubar" "F10")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/copy" "<Primary><Shift>c")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/copy-html" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/last-active-tab" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/show-borders" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/view-menu" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/detach-tab" "<Primary><Shift>d")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/scroll-on-output" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/show-toolbar" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/next-tab" "<Primary>Page_Down")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/tabs-menu" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/search-next" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/search-prev" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/undo-close-tab" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/set-title" "<Primary><Shift>s")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/contents" "F1")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/zoom-reset" "<Primary>0")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/close-tab" "<Primary><Shift>w")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/new-tab" "<Primary><Shift>t")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/new-window" "<Primary><Shift>n")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/terminal-menu" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/show-menubar" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/select-all" "<Primary><Shift>a")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/paste" "<Primary><Shift>v")
|
||||
(gtk_accel_path "<Actions>/terminal-window/goto-tab-9" "<Alt>9")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/move-tab-left" "<Primary><Shift>Page_Up")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/search" "<Primary><Shift>f")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/file-menu" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/prev-tab" "<Primary>Page_Up")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/paste-selection" "")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/zoom-in" "<Primary>plus")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/zoom-out" "<Primary>minus")
|
||||
(gtk_accel_path "<Actions>/terminal-window/goto-tab-8" "<Alt>8")
|
||||
; (gtk_accel_path "<Actions>/terminal-window/help-menu" "")
|
||||
(gtk_accel_path "<Actions>/terminal-window/goto-tab-3" "<Alt>3")
|
|
@ -0,0 +1,9 @@
|
|||
[Scheme]
|
||||
Name=Nord
|
||||
ColorCursor=#D8DEE9
|
||||
ColorForeground=#D8DEE9
|
||||
ColorBackground=#2E3440
|
||||
TabActivityColor=#88C0D0
|
||||
ColorPalette=#3B4252;#BF616A;#A3BE8C;#EBCB8B;#81A1C1;#B48EAD;#88C0D0;#E5E9F0;#4C566A;#BF616A;#A3BE8C;#EBCB8B;#81A1C1;#B48EAD;#8FBCBB;#ECEFF4
|
||||
ColorBold=#D8DEE9
|
||||
ColorBoldUseDefault=FALSE
|
|
@ -0,0 +1,37 @@
|
|||
[Configuration]
|
||||
ColorForeground=#D8DEE9
|
||||
ColorBackground=#2E3440
|
||||
ColorCursor=#D8DEE9
|
||||
ColorBold=#D8DEE9
|
||||
ColorBoldUseDefault=FALSE
|
||||
ColorPalette=#3B4252;#BF616A;#A3BE8C;#EBCB8B;#81A1C1;#B48EAD;#88C0D0;#E5E9F0;#4C566A;#BF616A;#A3BE8C;#EBCB8B;#81A1C1;#B48EAD;#8FBCBB;#ECEFF4
|
||||
MiscAlwaysShowTabs=FALSE
|
||||
MiscBell=FALSE
|
||||
MiscBellUrgent=FALSE
|
||||
MiscBordersDefault=FALSE
|
||||
MiscCursorBlinks=FALSE
|
||||
MiscCursorShape=TERMINAL_CURSOR_SHAPE_BLOCK
|
||||
MiscDefaultGeometry=80x24
|
||||
MiscInheritGeometry=FALSE
|
||||
MiscMenubarDefault=FALSE
|
||||
MiscMouseAutohide=FALSE
|
||||
MiscMouseWheelZoom=TRUE
|
||||
MiscToolbarDefault=FALSE
|
||||
MiscConfirmClose=TRUE
|
||||
MiscCycleTabs=TRUE
|
||||
MiscTabCloseButtons=TRUE
|
||||
MiscTabCloseMiddleClick=TRUE
|
||||
MiscTabPosition=GTK_POS_TOP
|
||||
MiscHighlightUrls=TRUE
|
||||
MiscMiddleClickOpensUri=FALSE
|
||||
MiscCopyOnSelect=TRUE
|
||||
MiscShowRelaunchDialog=TRUE
|
||||
MiscRewrapOnResize=TRUE
|
||||
MiscUseShiftArrowsToScroll=FALSE
|
||||
MiscSlimTabs=FALSE
|
||||
MiscNewTabAdjacent=FALSE
|
||||
MiscSearchDialogOpacity=100
|
||||
MiscShowUnsafePasteDialog=TRUE
|
||||
TabActivityColor=#88C0D0
|
||||
MiscRightClickAction=TERMINAL_RIGHT_CLICK_ACTION_CONTEXT_MENU
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
copy_command: "xclip -selection clipboard" # x11
|
||||
#copy_command: "wl-copy" # wayland
|
||||
theme: nord
|
||||
themes:
|
||||
nord:
|
||||
fg: [216,222,233]
|
||||
bg: [46,52,64]
|
||||
black: [59,66,82]
|
||||
red: [191,97,106]
|
||||
green: [163,190,140]
|
||||
yellow: [235,203,139]
|
||||
blue: [129,161,193]
|
||||
magenta: [180,142,173]
|
||||
cyan: [136,192,208]
|
||||
white: [229,233,240]
|
||||
orange: [208,135,112]
|
|
@ -0,0 +1,262 @@
|
|||
{ pkgs, ... }: {
|
||||
|
||||
services.dunst = {
|
||||
enable = true;
|
||||
settings = {
|
||||
global = {
|
||||
font = "Iosevka Term 11";
|
||||
# Allow a small subset of html markup:
|
||||
# <b>bold</b>
|
||||
# <i>italic</i>
|
||||
# <s>strikethrough</s>
|
||||
# <u>underline</u>
|
||||
#
|
||||
# For a complete reference see
|
||||
# <http://developer.gnome.org/pango/stable/PangoMarkupFormat.html>.
|
||||
# If markup is not allowed, those tags will be stripped out of the
|
||||
# message.
|
||||
markup = "yes";
|
||||
plain_text = "no";
|
||||
|
||||
# The format of the message. Possible variables are:
|
||||
# %a appname
|
||||
# %s summary
|
||||
# %b body
|
||||
# %i iconname (including its path)
|
||||
# %I iconname (without its path)
|
||||
# %p progress value if set ([ 0%] to [100%]) or nothing
|
||||
# Markup is allowed
|
||||
format = ''
|
||||
%a
|
||||
<b>%s</b>
|
||||
%b'';
|
||||
|
||||
# Sort messages by urgency.
|
||||
sort = "yes";
|
||||
|
||||
# Show how many messages are currently hidden (because of geometry).
|
||||
indicate_hidden = "yes";
|
||||
|
||||
# Alignment of message text.
|
||||
# Possible values are "left", "center" and "right".
|
||||
alignment = "center";
|
||||
|
||||
# The frequency with wich text that is longer than the notification
|
||||
# window allows bounces back and forth.
|
||||
# This option conflicts with "word_wrap".
|
||||
# Set to 0 to disable.
|
||||
bounce_freq = 0;
|
||||
|
||||
# Show age of message if message is older than show_age_threshold
|
||||
# seconds.
|
||||
# Set to -1 to disable.
|
||||
show_age_threshold = 1;
|
||||
|
||||
# Split notifications into multiple lines if they don't fit into
|
||||
# geometry.
|
||||
word_wrap = "yes";
|
||||
|
||||
# Ignore newlines '\n' in notifications.
|
||||
ignore_newline = "no";
|
||||
|
||||
# Hide duplicate's count and stack them
|
||||
stack_duplicates = "yes";
|
||||
hide_duplicates_count = "no";
|
||||
|
||||
# The geometry of the window:
|
||||
# [{width}]x{height}[+/-{x}+/-{y}]
|
||||
# The geometry of the message window.
|
||||
# The height is measured in number of notifications everything else
|
||||
# in pixels. If the width is omitted but the height is given
|
||||
# ("-geometry x2"), the message window expands over the whole screen
|
||||
# (dmenu-like). If width is 0, the window expands to the longest
|
||||
# message displayed. A positive x is measured from the left, a
|
||||
# negative from the right side of the screen. Y is measured from
|
||||
# the top and down respectevly.
|
||||
# The width can be negative. In this case the actual width is the
|
||||
# screen width minus the width defined in within the geometry option.
|
||||
geometry = "500x10-0+0";
|
||||
|
||||
# Shrink window if it's smaller than the width. Will be ignored if
|
||||
# width is 0.
|
||||
shrink = "no";
|
||||
|
||||
# Don't remove messages, if the user is idle (no mouse or keyboard input)
|
||||
# for longer than idle_threshold seconds.
|
||||
# Set to 0 to disable.
|
||||
idle_threshold = 0;
|
||||
|
||||
# The transparency of the window. Range: [0; 100].
|
||||
# This option will only work if a compositing windowmanager is
|
||||
# present (e.g. xcompmgr, compiz, etc.).
|
||||
# transparency = 5
|
||||
|
||||
# Which monitor should the notifications be displayed on.
|
||||
#monitor = keyboard
|
||||
|
||||
# Display notification on focused monitor. Possible modes are:
|
||||
# mouse: follow mouse pointer
|
||||
# keyboard: follow window with keyboard focus
|
||||
# none: don't follow anything
|
||||
#
|
||||
# "keyboard" needs a windowmanager that exports the
|
||||
# _NET_ACTIVE_WINDOW property.
|
||||
# This should be the case for almost all modern windowmanagers.
|
||||
#
|
||||
# If this option is set to mouse or keyboard, the monitor option
|
||||
# will be ignored.
|
||||
follow = "mouse";
|
||||
|
||||
# Should a notification popped up from history be sticky or timeout
|
||||
# as if it would normally do.
|
||||
sticky_history = "yes";
|
||||
|
||||
# Maximum amount of notifications kept in history
|
||||
history_length = 3;
|
||||
|
||||
# Display indicators for URLs (U) and actions (A).
|
||||
show_indicators = "yes";
|
||||
|
||||
# The height of a single line. If the height is smaller than the
|
||||
# font height, it will get raised to the font height.
|
||||
# This adds empty space above and under the text.
|
||||
line_height = 3;
|
||||
|
||||
# Draw a line of "separatpr_height" pixel height between two
|
||||
# notifications.
|
||||
# Set to 0 to disable.
|
||||
separator_height = 1;
|
||||
|
||||
# Padding between text and separator.
|
||||
padding = 1;
|
||||
|
||||
# Horizontal padding.
|
||||
horizontal_padding = 1;
|
||||
|
||||
# Define a color for the separator.
|
||||
# possible values are:
|
||||
# * auto: dunst tries to find a color fitting to the background;
|
||||
# * foreground: use the same color as the foreground;
|
||||
# * frame: use the same color as the frame;
|
||||
# * anything else will be interpreted as a X color.
|
||||
separator_color = "frame";
|
||||
|
||||
# Print a notification on startup.
|
||||
# This is mainly for error detection, since dbus (re-)starts dunst
|
||||
# automatically after a crash.
|
||||
startup_notification = true;
|
||||
|
||||
# dmenu path.
|
||||
dmenu = "${pkgs.dmenu}/bin/dmenu -p dunst:";
|
||||
|
||||
# Browser for opening urls in context menu.
|
||||
# browser = /usr/bin/firefox -new-tab
|
||||
|
||||
# Align icons left/right/off
|
||||
icon_position = "off";
|
||||
max_icon_size = 80;
|
||||
|
||||
frame_width = 2;
|
||||
frame_color = "#8EC07C";
|
||||
|
||||
};
|
||||
shortcuts = {
|
||||
|
||||
# Shortcuts are specified as [modifier+][modifier+]...key
|
||||
# Available modifiers are "ctrl", "mod1" (the alt-key), "mod2",
|
||||
# "mod3" and "mod4" (windows-key).
|
||||
# Xev might be helpful to find names for keys.
|
||||
|
||||
# Close notification.
|
||||
close = "ctrl+space";
|
||||
|
||||
# Close all notifications.
|
||||
close_all = "ctrl+shift+space";
|
||||
|
||||
# Redisplay last message(s).
|
||||
# On the US keyboard layout "grave" is normally above TAB and left
|
||||
# of "1".
|
||||
#history = "ctrl+grave";
|
||||
|
||||
# Context menu.
|
||||
context = "mod4+u";
|
||||
};
|
||||
|
||||
urgency_low = {
|
||||
frame_color = "#268bd2";
|
||||
foreground = "#002b36";
|
||||
background = "#fdf6e3";
|
||||
#timeout = 1;
|
||||
};
|
||||
|
||||
urgency_normal = {
|
||||
frame_color = "#b58900";
|
||||
foreground = "#002b36";
|
||||
background = "#fdf6e3";
|
||||
#timeout = 1;
|
||||
};
|
||||
|
||||
urgency_critical = {
|
||||
frame_color = "#dc322f";
|
||||
foreground = "#002b36";
|
||||
background = "#fdf6e3";
|
||||
#timeout = 1;
|
||||
};
|
||||
};
|
||||
|
||||
# Every section that isn't one of the above is interpreted as a rules to
|
||||
# override settings for certain messages.
|
||||
# Messages can be matched by "appname", "summary", "body", "icon", "category",
|
||||
# "msg_urgency" and you can override the "timeout", "urgency", "foreground",
|
||||
# "background", "new_icon" and "format".
|
||||
# Shell-like globbing will get expanded.
|
||||
#
|
||||
# SCRIPTING
|
||||
# You can specify a script that gets run when the rule matches by
|
||||
# setting the "script" option.
|
||||
# The script will be called as follows:
|
||||
# script appname summary body icon urgency
|
||||
# where urgency can be "LOW", "NORMAL" or "CRITICAL".
|
||||
#
|
||||
# NOTE: if you don't want a notification to be displayed, set the format
|
||||
# to "".
|
||||
# NOTE: It might be helpful to run dunst -print in a terminal in order
|
||||
# to find fitting options for rules.
|
||||
|
||||
#[espeak]
|
||||
# summary = "*"
|
||||
# script = dunst_espeak.sh
|
||||
|
||||
#[script-test]
|
||||
# summary = "*script*"
|
||||
# script = dunst_test.sh
|
||||
|
||||
#[ignore]
|
||||
# # This notification will not be displayed
|
||||
# summary = "foobar"
|
||||
# format = ""
|
||||
|
||||
#[signed_on]
|
||||
# appname = Pidgin
|
||||
# summary = "*signed on*"
|
||||
# urgency = low
|
||||
#
|
||||
#[signed_off]
|
||||
# appname = Pidgin
|
||||
# summary = *signed off*
|
||||
# urgency = low
|
||||
#
|
||||
#[says]
|
||||
# appname = Pidgin
|
||||
# summary = *says*
|
||||
# urgency = critical
|
||||
#
|
||||
#[twitter]
|
||||
# appname = Pidgin
|
||||
# summary = *twitter.com*
|
||||
# urgency = normal
|
||||
#
|
||||
# vim: ft=cfg
|
||||
|
||||
};
|
||||
}
|
|
@ -0,0 +1,50 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
home.packages = with pkgs; [
|
||||
multimarkdown
|
||||
];
|
||||
services.emacs.enable = true;
|
||||
programs.emacs = {
|
||||
enable = true;
|
||||
extraPackages = (epkgs:
|
||||
(with epkgs; [
|
||||
use-package
|
||||
dash
|
||||
doom-themes
|
||||
lsp-mode
|
||||
web-mode
|
||||
nix-mode
|
||||
rust-mode
|
||||
ledger-mode
|
||||
direnv
|
||||
company
|
||||
yasnippet
|
||||
prettier-js
|
||||
smartparens
|
||||
org
|
||||
org-journal
|
||||
org-roam
|
||||
org-msg
|
||||
org-caldav
|
||||
magit
|
||||
evil
|
||||
bbdb
|
||||
projectile
|
||||
flycheck
|
||||
ivy
|
||||
counsel
|
||||
counsel-projectile
|
||||
lsp-ivy
|
||||
which-key
|
||||
elpaPackages.org
|
||||
markdown-mode
|
||||
]));
|
||||
};
|
||||
|
||||
home.file = {
|
||||
".emacs.d/init.el" = {
|
||||
source = ./configs/init.el;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,38 @@
|
|||
{ pkgs, config, ... }: {
|
||||
imports = [
|
||||
./packages.nix
|
||||
./gnupg.nix
|
||||
./variables.nix
|
||||
./starship.nix
|
||||
./i3status.nix
|
||||
./emacs.nix
|
||||
./mails.nix
|
||||
./dunst.nix
|
||||
./bat.nix
|
||||
# ./redshift.nix
|
||||
../../../modules/neovim.nix
|
||||
../../../modules/rust.nix
|
||||
../../../modules/tmux.nix
|
||||
../../../modules/git.nix
|
||||
];
|
||||
home.keyboard = {
|
||||
layout = "fr";
|
||||
variant = "bepo";
|
||||
};
|
||||
xdg.configFile = {
|
||||
"i3/config".source = ./configs/i3config;
|
||||
};
|
||||
# xdg.configFile = {
|
||||
# "Nextcloud/nextcloud.cfg".source = ./configs/nextcloud.cfg;
|
||||
# };
|
||||
xsession.numlock.enable = true;
|
||||
home.file = {
|
||||
"./.config/zellij/config.yaml" = {
|
||||
source = ./configs/zellij;
|
||||
};
|
||||
};
|
||||
home.sessionPath = [
|
||||
"$HOME/.local/bin"
|
||||
];
|
||||
}
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
|
||||
{ config, pkgs, ... }:{
|
||||
|
||||
programs.i3status-rust = {
|
||||
enable = true;
|
||||
};
|
||||
xdg.configFile = {
|
||||
"i3status-rust/bar.toml".source = ./configs/i3status-rust.toml;
|
||||
};
|
||||
}
|
|
@ -23,7 +23,11 @@
|
|||
tls.enable = false;
|
||||
};
|
||||
|
||||
mbsync.enable = true;
|
||||
mbsync = {
|
||||
enable = true;
|
||||
create = "both";
|
||||
expunge = "both";
|
||||
};
|
||||
notmuch.enable = true;
|
||||
};
|
||||
};
|
|
@ -3,7 +3,6 @@
|
|||
home.packages = with pkgs; [
|
||||
firefox
|
||||
thunderbird
|
||||
vim
|
||||
jq
|
||||
nextcloud-client
|
||||
libreoffice
|
||||
|
@ -44,15 +43,32 @@
|
|||
zola
|
||||
exa
|
||||
bat
|
||||
vimPlugins.vim-markdown-composer
|
||||
neovim
|
||||
python3
|
||||
mtr
|
||||
ferdi
|
||||
powertop
|
||||
unar # like 7z
|
||||
nmap
|
||||
udiskie
|
||||
libnotify
|
||||
sublime-music
|
||||
drawio
|
||||
lsd
|
||||
vagrant
|
||||
guake
|
||||
dig
|
||||
vlc
|
||||
ferdi
|
||||
pinta
|
||||
openvpn
|
||||
networkmanager-openvpn
|
||||
python39Packages.grip
|
||||
linphone
|
||||
graphviz
|
||||
evince
|
||||
kdeconnect
|
||||
freecad
|
||||
];
|
||||
nixpkgs.config.permittedInsecurePackages = [
|
||||
"ferdi-5.8.1"
|
||||
];
|
||||
}
|
|
@ -3,7 +3,7 @@
|
|||
#config ={
|
||||
home.sessionVariables = {
|
||||
LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS";
|
||||
EDITOR = "vim";
|
||||
EDITOR = "nvim";
|
||||
TERMINAL = "xfce4-terminal";
|
||||
BROWSER = "firefox";
|
||||
PRIVATE_BROWSER = "firefox -private";
|
|
@ -11,7 +11,10 @@
|
|||
./hardware-configuration.nix
|
||||
./services.nix
|
||||
./packages.nix
|
||||
# ./vpn.nix
|
||||
# ./VPN.nix
|
||||
../modules/prometheus-node.nix
|
||||
../modules/syncthing.nix
|
||||
];
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
|
@ -21,13 +24,31 @@
|
|||
};
|
||||
|
||||
programs = {
|
||||
zsh.enable = true;
|
||||
fish.enable = true;
|
||||
htop = {
|
||||
enable = true;
|
||||
settings.show_cpu_temperature = 1;
|
||||
};
|
||||
fish = {
|
||||
enable = true;
|
||||
interactiveShellInit = ''
|
||||
set -gx EDITOR nvim
|
||||
'';
|
||||
shellAliases = {
|
||||
ll = "ls -l";
|
||||
ls = "lsd";
|
||||
cat = "bat";
|
||||
sysrs = "sudo nixos-rebuild switch";
|
||||
sysup = "sudo nixos-rebuild switch --upgrade";
|
||||
sysclean = "sudo nix-collect-garbage -d; and sudo nix-store --optimise";
|
||||
nvim = "nvim -u ~/.config/nvim/init.lua";
|
||||
};
|
||||
};
|
||||
ssh = {
|
||||
setXAuthLocation = true;
|
||||
forwardX11 = true;
|
||||
};
|
||||
};
|
||||
sound.enable = true;
|
||||
# hardware
|
||||
hardware = {
|
||||
logitech = {
|
||||
|
@ -36,9 +57,11 @@
|
|||
};
|
||||
pulseaudio = {
|
||||
enable = true;
|
||||
extraConfig = "
|
||||
load-module module-switch-on-connect
|
||||
";
|
||||
extraConfig =''
|
||||
load-module module-switch-on-connect
|
||||
extraModules = [ pkgs.pulseaudio-modules-bt ];
|
||||
'';
|
||||
package = pkgs.pulseaudioFull;
|
||||
};
|
||||
sane = {
|
||||
enable = true;
|
||||
|
@ -98,8 +121,16 @@
|
|||
enable = true;
|
||||
unmanaged = [ "interface-name:ve-*" ];
|
||||
};
|
||||
firewall.enable = true;
|
||||
firewall.allowedTCPPorts = [ 24800 ];
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 24800 6600 1194 ];
|
||||
allowedTCPPortRanges = [
|
||||
{ from = 1714; to = 1764; } # KDE Connect
|
||||
];
|
||||
allowedUDPPortRanges = [
|
||||
{ from = 1714; to = 1764; } # KDE Connect
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
i18n.defaultLocale = "fr_FR.UTF-8";
|
||||
|
@ -125,18 +156,21 @@
|
|||
source-sans-pro
|
||||
source-serif-pro
|
||||
iosevka
|
||||
roboto-mono
|
||||
fira-code
|
||||
];
|
||||
};
|
||||
|
||||
# run garbage collector at 19h00 everyday
|
||||
# and remove stuff older than 60 days
|
||||
nix.gc.automatic = true;
|
||||
nix.gc.dates = "19:00";
|
||||
nix.gc.persistent = true;
|
||||
nix.gc.options = "--delete-older-than 60d";
|
||||
nix.settings.auto-optimise-store = true;
|
||||
nix.gc = {
|
||||
automatic = true;
|
||||
dates = "weekly";
|
||||
persistent = true;
|
||||
options = "--delete-older-than 10d";
|
||||
};
|
||||
|
||||
# clean /tmp at boot
|
||||
boot.cleanTmpDir = true;
|
||||
boot.tmp.cleanOnBoot = true;
|
||||
|
||||
nixpkgs.config = {
|
||||
allowUnfree = true;
|
||||
|
@ -145,24 +179,31 @@
|
|||
system.stateVersion = "21.05"; # Did you read the comment?
|
||||
|
||||
environment.variables = {
|
||||
EDITOR = "vim";
|
||||
EDITOR = "nvim";
|
||||
BROWSER = "firefox";
|
||||
LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS";
|
||||
TERMINAL = "xfce4-terminal";
|
||||
PRIVATE_BROWSER = "firefox -private";
|
||||
DEFAULT-WEB-BROWSER = "firefox";
|
||||
};
|
||||
|
||||
users = {
|
||||
users.ntp.group = "ntp";
|
||||
groups.ntp = {};
|
||||
defaultUserShell = "/run/current-system/sw/bin/fish";
|
||||
extraUsers.oem = {
|
||||
isNormalUser = true;
|
||||
home = "/home/oem";
|
||||
description = "oem";
|
||||
extraGroups = [ "wheel" "networkmanager" "plocate" ];
|
||||
hashedPassword = "$6$TWZqEbF3s7f4Yx8s$xsUheHLM75u1IdvD/6AWnk9c8El2FgGiU5C4mnZddWl8hFaGF2nPojHqvj2l7muJwQ6c8f7A4MRpAKh7PezuN/";
|
||||
};
|
||||
extraUsers.alexandre = {
|
||||
isNormalUser = true;
|
||||
home = "/home/alexandre";
|
||||
description = "alexandre";
|
||||
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "vboxusers" "scanner" "lp" "plocate" ];
|
||||
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "qemu-libvirtd" "vboxusers" "scanner" "lp" "plocate" ];
|
||||
hashedPassword = "$6$7m77oPQxa$W9YnRLo1X2eqztBHwpoH8diHGkBno5O39AMyL9Qm8y8I6uW63H2Nwx4p239OG5zhOxA8J1lZvHTQ3hKPSP9mT/";
|
||||
};
|
||||
};
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
}
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
||||
wget lshw openssh bc unzip zip file which vim gnumake tmux
|
||||
wget lshw openssh bc unzip zip file which gnumake tmux
|
||||
gitAndTools.gitFull
|
||||
dmenu
|
||||
pkgs.dconf
|
||||
|
@ -20,5 +20,6 @@
|
|||
utf8proc
|
||||
pam_u2f
|
||||
zlib
|
||||
openvpn
|
||||
];
|
||||
}
|
||||
|
|
|
@ -2,10 +2,15 @@
|
|||
|
||||
{
|
||||
# SERVICES
|
||||
virtualisation.libvirtd.enable = true;
|
||||
services = {
|
||||
printing = {
|
||||
enable = true;
|
||||
drivers = [ pkgs.brlaser ];
|
||||
drivers = [ pkgs.brlaser pkgs.hplip];
|
||||
};
|
||||
avahi = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
blueman = {
|
||||
|
@ -73,12 +78,11 @@
|
|||
desktopManager = {
|
||||
xterm.enable = false;
|
||||
xfce.enable = true;
|
||||
xfce.thunarPlugins = with pkgs; [ xfce.thunar-volman xfce.thunar-archive-plugin ];
|
||||
};
|
||||
};
|
||||
|
||||
udev.extraRules = ''
|
||||
ACTION=="remove", ENV{ID_BUS}=="usb", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", RUN+="${pkgs.i3lock}/bin/i3lock -i /home/alexandre/images/coffee_time.png";
|
||||
ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", ENV{DISPLAY}=":0", ENV{XAUTHORITY}="/home/alexandre/.Xauthority" RUN+="${pkgs.sudo}/bin/sudo -u alexandre ${pkgs.xautolock}/bin/xautolock -locknow"
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
{ pkgs, ... }: {
|
||||
virtualisation.virtualbox.host.enable = true;
|
||||
virtualisation.virtualbox.host.enableExtensionPack = true;
|
||||
users.extraGroups.vboxusers.members = [ "alexandre" ];
|
||||
}
|
|
@ -1,74 +0,0 @@
|
|||
{ config, pkgs, ... }:{
|
||||
|
||||
programs.i3status-rust = {
|
||||
enable = true;
|
||||
bars = {
|
||||
bottom = {
|
||||
blocks = [
|
||||
{
|
||||
block = "disk_space";
|
||||
path = "/";
|
||||
alias = "/";
|
||||
info_type = "available";
|
||||
unit = "GB";
|
||||
interval = 60;
|
||||
warning = 20.0;
|
||||
alert = 10.0;
|
||||
}
|
||||
{
|
||||
block = "memory";
|
||||
display_type = "memory";
|
||||
format_mem = "{mem_used_percents}";
|
||||
format_swap = "{swap_used_percents}";
|
||||
}
|
||||
{
|
||||
block = "cpu";
|
||||
interval = 1;
|
||||
}
|
||||
{
|
||||
block = "load";
|
||||
interval = 1;
|
||||
format = "{1m}";
|
||||
}
|
||||
{
|
||||
block = "sound";
|
||||
headphones_indicator = true;
|
||||
on_click = "pavucontrol";
|
||||
}
|
||||
{
|
||||
block = "net";
|
||||
device = "enp0s20f0u6u1i5";
|
||||
interval = 5;
|
||||
format = "{graph_up}{graph_down}";
|
||||
}
|
||||
{
|
||||
block = "net";
|
||||
interval = 5;
|
||||
device = "tun0";
|
||||
hide_missing = true;
|
||||
}
|
||||
{
|
||||
block = "net";
|
||||
interval = 5;
|
||||
device = "wlp2s0";
|
||||
format = "{ssid} {signal_strength} {ip} {speed_down;K*b}";
|
||||
hide_missing = true;
|
||||
}
|
||||
{
|
||||
block = "backlight";
|
||||
}
|
||||
{
|
||||
block = "battery";
|
||||
}
|
||||
{
|
||||
block = "time";
|
||||
interval = 60;
|
||||
format = "%a %d/%m %R";
|
||||
}
|
||||
];
|
||||
icons = "material-nf";
|
||||
theme = "nord-dark";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,8 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
#configDir = "/home/alexandre/git/nixos-config/hosts/dell-5590/nixpkgs/";
|
||||
programs.bat = {
|
||||
enable = true;
|
||||
# } // (import "${configDir}/bat");
|
||||
} // (import "/home/alexandre/git/nixos-config/hosts/dell-5590/home-manager/bat");
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
{
|
||||
config = {
|
||||
decorations = "auto";
|
||||
paging = "auto";
|
||||
theme = "Nord";
|
||||
};
|
||||
}
|
|
@ -0,0 +1,120 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
|
||||
inherit pkgs;
|
||||
};
|
||||
in
|
||||
{
|
||||
programs.firefox = {
|
||||
enable = true ;
|
||||
profiles.default = {
|
||||
isDefault = true ;
|
||||
extensions = lib.mkIf config.programs.firefox.enable
|
||||
(with nur.repos.rycee.firefox-addons; [
|
||||
french-dictionary
|
||||
i-dont-care-about-cookies
|
||||
ublock-origin
|
||||
privacy-badger
|
||||
keepassxc-browser
|
||||
clearurls
|
||||
decentraleyes
|
||||
floccus
|
||||
]);
|
||||
search = {
|
||||
force = true;
|
||||
default = "Google";
|
||||
engines = {
|
||||
"Nix Packages" = {
|
||||
urls = [{
|
||||
template = "https://search.nixos.org/packages";
|
||||
params = [
|
||||
{ name = "type"; value = "packages"; }
|
||||
{ name = "query"; value = "{searchTerms}"; }
|
||||
];
|
||||
}];
|
||||
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
|
||||
definedAliases = [ "@np" ];
|
||||
};
|
||||
"NixOS Wiki" = {
|
||||
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
|
||||
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
||||
updateInterval = 24 * 60 * 60 * 1000;
|
||||
definedAliases = [ "@nw" ];
|
||||
};
|
||||
"Wikipedia (en)".metaData.alias = "@wiki";
|
||||
"Google".metaData.hidden = false;
|
||||
"Amazon.com".metaData.hidden = true;
|
||||
"Bing".metaData.hidden = true;
|
||||
"eBay".metaData.hidden = true;
|
||||
};
|
||||
};
|
||||
|
||||
bookmarks = [
|
||||
{
|
||||
name = "DRI";
|
||||
toolbar = true;
|
||||
bookmarks = [
|
||||
{
|
||||
name = "wiki";
|
||||
tags = [ "wiki" ];
|
||||
keyword = "wiki";
|
||||
url = "https://en.wikipedia.org/wiki/Special:Search?search=";
|
||||
}
|
||||
{
|
||||
name = "AVV";
|
||||
url ="https://v2.produhost.net/panel/16148/dashboard";
|
||||
}
|
||||
{
|
||||
name = "Alexandre";
|
||||
url = "https://bbb.produhost.net/b/ale-1a8-984";
|
||||
}
|
||||
{
|
||||
name = "David";
|
||||
url = "https://bbb.produhost.net/b/dav-5aj-hxx";
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
settings = {
|
||||
settings = {
|
||||
"browser.contentblocking.category" = "strict" ;
|
||||
"browser.search.region" = "CH" ;
|
||||
"browser.startup.homepage" = https://www.google.fr ;
|
||||
"browser.toolbars.bookmarks.visibility" = "always";
|
||||
"dom.security.https_only_mode" = true ;
|
||||
"dom.security.https_only_mode_ever_enabled" = true ;
|
||||
"extensions.blocklist.pingCountVersion" = -1 ;
|
||||
"extensions.databaseSchema" = 35 ;
|
||||
"extensions.ui.dictionary.hidden" = false ;
|
||||
"extensions.ui.extension.hidden" = false ;
|
||||
"extensions.ui.locale.hidden" = true ;
|
||||
"extensions.ui.sitepermission.hidden" = true ;
|
||||
"extensions.webcompat.enable_shims" = true ;
|
||||
"extensions.webcompat.perform_injections" = true ;
|
||||
"extensions.webcompat.perform_ua_overrides" = true ;
|
||||
"findbar.highlightAll" = true ;
|
||||
"font.name.serif.x-western" = "FreeSerif" ;
|
||||
"font.size.variable.x-western" = 20 ;
|
||||
"media.eme.enabled" = true ;
|
||||
"pref.browser.homepage.disable_button.current_page" = false ;
|
||||
"print_printer" = "Mozilla Save to PDF" ;
|
||||
"privacy.annotate_channels.strict_list.enabled" = true ;
|
||||
"privacy.clearOnShutdown.cookies" = true ;
|
||||
"privacy.clearOnShutdown.downloads" = false ;
|
||||
"privacy.clearOnShutdown.formdata" = false ;
|
||||
"privacy.clearOnShutdown.history" = false ;
|
||||
"privacy.clearOnShutdown.offlineApps" = true ;
|
||||
"privacy.clearOnShutdown.sessions" = false ;
|
||||
"privacy.donottrackheader.enabled" = true ;
|
||||
"privacy.firstparty.isolate" = true ;
|
||||
"privacy.history.custom" = true ;
|
||||
"privacy.purge_trackers.date_in_cookie_database" = 0 ;
|
||||
"privacy.trackingprotection.emailtracking.enabled" = true ;
|
||||
"privacy.trackingprotection.enabled" = true ;
|
||||
"privacy.trackingprotection.socialtracking.enabled" = true ;
|
||||
};
|
||||
};
|
||||
} ;
|
||||
} ;
|
||||
}
|
|
@ -0,0 +1,78 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./firefox.nix
|
||||
./packages.nix
|
||||
../../../modules/neovim.nix
|
||||
../../../modules/emacs.nix
|
||||
../../../modules/tmux.nix
|
||||
../../../modules/git.nix
|
||||
];
|
||||
# Home Manager needs a bit of information about you and the paths it should
|
||||
# manage.
|
||||
home.username = "alexandre";
|
||||
home.homeDirectory = "/home/alexandre";
|
||||
|
||||
# This value determines the Home Manager release that your configuration is
|
||||
# compatible with. This helps avoid breakage when a new Home Manager release
|
||||
# introduces backwards incompatible changes.
|
||||
#
|
||||
# You should not change this value, even if you update Home Manager. If you do
|
||||
# want to update the value, then make sure to first check the Home Manager
|
||||
# release notes.
|
||||
home.stateVersion = "23.05"; # Please read the comment before changing.
|
||||
|
||||
# The home.packages option allows you to install Nix packages into your
|
||||
# environment.
|
||||
home.packages = [
|
||||
# # Adds the 'hello' command to your environment. It prints a friendly
|
||||
# # "Hello, world!" when run.
|
||||
# pkgs.hello
|
||||
|
||||
# # It is sometimes useful to fine-tune packages, for example, by applying
|
||||
# # overrides. You can do that directly here, just don't forget the
|
||||
# # parentheses. Maybe you want to install Nerd Fonts with a limited number of
|
||||
# # fonts?
|
||||
# (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
|
||||
|
||||
# # You can also create simple shell scripts directly inside your
|
||||
# # configuration. For example, this adds a command 'my-hello' to your
|
||||
# # environment:
|
||||
# (pkgs.writeShellScriptBin "my-hello" ''
|
||||
# echo "Hello, ${config.home.username}!"
|
||||
# '')
|
||||
];
|
||||
|
||||
# Home Manager is pretty good at managing dotfiles. The primary way to manage
|
||||
# plain files is through 'home.file'.
|
||||
home.file = {
|
||||
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
|
||||
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
|
||||
# # symlink to the Nix store copy.
|
||||
# ".screenrc".source = dotfiles/screenrc;
|
||||
|
||||
# # You can also set the file content immediately.
|
||||
# ".gradle/gradle.properties".text = ''
|
||||
# org.gradle.console=verbose
|
||||
# org.gradle.daemon.idletimeout=3600000
|
||||
# '';
|
||||
};
|
||||
|
||||
# You can also manage environment variables but you will have to manually
|
||||
# source
|
||||
#
|
||||
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
|
||||
#
|
||||
# or
|
||||
#
|
||||
# /etc/profiles/per-user/alexandre/etc/profile.d/hm-session-vars.sh
|
||||
#
|
||||
# if you don't want to manage your shell through Home Manager.
|
||||
home.sessionVariables = {
|
||||
# EDITOR = "emacs";
|
||||
};
|
||||
|
||||
# Let Home Manager install and manage itself.
|
||||
programs.home-manager.enable = true;
|
||||
}
|
|
@ -0,0 +1,46 @@
|
|||
{ pkgs, ... }: {
|
||||
programs.go.enable = true;
|
||||
home.packages = with pkgs; [
|
||||
jq
|
||||
nextcloud-client
|
||||
libreoffice
|
||||
rofi
|
||||
poppler_utils
|
||||
brightnessctl
|
||||
chromium
|
||||
gimp
|
||||
scrot
|
||||
papirus-icon-theme
|
||||
ganttproject-bin
|
||||
audio-recorder
|
||||
pandoc
|
||||
hugo
|
||||
whois
|
||||
inkscape
|
||||
feh
|
||||
ispell
|
||||
aspellDicts.fr
|
||||
nix-direnv
|
||||
keepassxc
|
||||
direnv
|
||||
texlive.combined.scheme-full
|
||||
zola
|
||||
exa
|
||||
python3
|
||||
unar # like 7z
|
||||
nmap
|
||||
libnotify
|
||||
sublime-music
|
||||
drawio
|
||||
lsd
|
||||
dig
|
||||
vlc
|
||||
pinta
|
||||
# python39Packages.grip
|
||||
linphone
|
||||
graphviz
|
||||
freecad
|
||||
thunderbird
|
||||
];
|
||||
nixpkgs.config.permittedInsecurePackages = [ "ferdi-5.8.1" ];
|
||||
}
|
|
@ -0,0 +1,179 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running `nixos-help`).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
./laptop.nix
|
||||
./services.nix
|
||||
./gnome.nix
|
||||
./extra_hw.nix
|
||||
];
|
||||
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot = {
|
||||
loader.systemd-boot.enable = true;
|
||||
loader.efi.canTouchEfiVariables = true;
|
||||
loader.grub.efiSupport = true;
|
||||
loader.grub.efiInstallAsRemovable = true;
|
||||
loader.grub.device = "nodev";
|
||||
plymouth.enable = true;
|
||||
tmp.cleanOnBoot = true ;
|
||||
kernelParams = [ "i915.enable_fbc=1" ];
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = "lap2nix";
|
||||
networkmanager.enable = true;
|
||||
firewall.enable = true;
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n.defaultLocale = "fr_FR.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
|
||||
fonts = {
|
||||
fontDir.enable = true;
|
||||
enableGhostscriptFonts = true;
|
||||
fonts = with pkgs; [
|
||||
corefonts
|
||||
vistafonts
|
||||
powerline-fonts
|
||||
inconsolata
|
||||
terminus_font
|
||||
proggyfonts
|
||||
dejavu_fonts
|
||||
font-awesome
|
||||
nerdfonts
|
||||
source-code-pro
|
||||
source-sans-pro
|
||||
source-serif-pro
|
||||
iosevka
|
||||
roboto-mono
|
||||
fira-code
|
||||
];
|
||||
};
|
||||
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
services.xserver.enable = true;
|
||||
|
||||
|
||||
# Enable the GNOME Desktop Environment.
|
||||
services.xserver.displayManager.gdm.enable = true;
|
||||
services.xserver.desktopManager.gnome.enable = true;
|
||||
|
||||
users = {
|
||||
groups.ntp = {};
|
||||
defaultUserShell = "/run/current-system/sw/bin/fish";
|
||||
extraUsers.alexandre = {
|
||||
isNormalUser = true;
|
||||
home = "/home/alexandre";
|
||||
description = "alexandre";
|
||||
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "scanner" "plocate" "lp" ];
|
||||
packages = with pkgs; [
|
||||
firefox
|
||||
gitAndTools.gitFull
|
||||
];
|
||||
};
|
||||
extraUsers.oem = {
|
||||
isNormalUser = true;
|
||||
home = "/home/oem";
|
||||
description = "oem";
|
||||
extraGroups = [ "wheel" "networkmanager" ];
|
||||
};
|
||||
};
|
||||
|
||||
environment.variables = {
|
||||
EDITOR = "nvim";
|
||||
BROWSER = "firefox";
|
||||
LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS";
|
||||
TERMINAL = "xfce4-terminal";
|
||||
PRIVATE_BROWSER = "firefox -private";
|
||||
};
|
||||
|
||||
security = {
|
||||
rtkit.enable = true; # for pipewire
|
||||
apparmor.enable = true;
|
||||
pam = {
|
||||
u2f = {
|
||||
enable = true;
|
||||
control = "requisite";
|
||||
};
|
||||
services = {
|
||||
login.u2fAuth = true;
|
||||
lightdm.u2fAuth = true;
|
||||
gdm.u2fAuth = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
|
||||
nixpkgs.config = {
|
||||
allowUnfree = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
neovim
|
||||
bat
|
||||
lsd
|
||||
pam_u2f
|
||||
gsmartcontrol
|
||||
lm_sensors
|
||||
];
|
||||
|
||||
nix.settings.auto-optimise-store = true;
|
||||
nix.gc = {
|
||||
automatic = true;
|
||||
dates = "weekly";
|
||||
persistent = true;
|
||||
options = "--delete-older-than 10d";
|
||||
};
|
||||
|
||||
programs.hyprland.enable = true;
|
||||
programs = {
|
||||
htop = {
|
||||
enable = true;
|
||||
settings.show_cpu_temperature = 1;
|
||||
};
|
||||
fish = {
|
||||
enable = true;
|
||||
interactiveShellInit = ''
|
||||
set -gx EDITOR nvim
|
||||
'';
|
||||
shellAliases = {
|
||||
ll = "ls -l";
|
||||
ls = "lsd";
|
||||
cat = "bat";
|
||||
sysrs = "sudo nixos-rebuild switch";
|
||||
sysup = "sudo nixos-rebuild switch --upgrade";
|
||||
sysclean = "sudo nix-collect-garbage -d; and sudo nix-store --optimise";
|
||||
# nvim = "nvim -u ~/.config/nvim/init.lua";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
|
||||
inherit pkgs;
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
hardware = {
|
||||
cpu.intel.updateMicrocode = true;
|
||||
enableAllFirmware = true;
|
||||
pulseaudio.enable = false;
|
||||
bluetooth = {
|
||||
enable = true;
|
||||
settings = {
|
||||
General = {
|
||||
Enable = "Source,Sink,Media,Socket";
|
||||
};
|
||||
};
|
||||
};
|
||||
logitech = {
|
||||
wireless.enable = true;
|
||||
wireless.enableGraphical = true;
|
||||
};
|
||||
opengl = {
|
||||
enable = true;
|
||||
extraPackages = with pkgs; [
|
||||
intel-media-driver # LIBVA_DRIVER_NAME=iHD
|
||||
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
|
||||
vaapiVdpau
|
||||
libvdpau-va-gl
|
||||
];
|
||||
};
|
||||
};
|
||||
# Video acceleration
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
|
||||
};
|
||||
}
|
|
@ -0,0 +1,29 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
|
||||
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
|
||||
|
||||
environment.gnome.excludePackages = (with pkgs; [
|
||||
gnome-photos
|
||||
gnome-tour
|
||||
]) ++ (with pkgs.gnome; [
|
||||
cheese # webcam tool
|
||||
gnome-music
|
||||
gedit # text editor
|
||||
epiphany # web browser
|
||||
totem # video player
|
||||
tali # poker game
|
||||
iagno # go game
|
||||
hitori # sudoku game
|
||||
atomix # puzzle game
|
||||
]);
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
pkgs.gnome3.gnome-tweaks
|
||||
gnomeExtensions.appindicator
|
||||
gnomeExtensions.yakuake
|
||||
gnomeExtensions.workspace-indicator-2
|
||||
gnomeExtensions.wireless-hid
|
||||
gnomeExtensions.vitals
|
||||
];
|
||||
}
|
|
@ -0,0 +1,51 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "vmd" "nvme" "usbhid" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/72f89746-dc22-4d98-a060-7cb1b5d4ff99";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/749C-8D77";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/69166e6c-3405-4025-8a22-ca456e65dfdf"; }
|
||||
];
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
"partitions" = {
|
||||
device = "/dev/nvme0n1p2";
|
||||
preLVM = true;
|
||||
crypttabExtraOpts = ["fido2-device=auto"];
|
||||
};
|
||||
};
|
||||
|
||||
boot.initrd.systemd.enable = true;
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
|
||||
# Enable touchpad support (enabled default in most desktopManager).
|
||||
# services.xserver.libinput.enable = true;
|
||||
|
||||
}
|
|
@ -0,0 +1,55 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
services = {
|
||||
avahi = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
clamav = {
|
||||
daemon.enable = true;
|
||||
updater.enable = true;
|
||||
};
|
||||
|
||||
ntp = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
thermald = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
fstrim = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
locate = {
|
||||
enable = true;
|
||||
locate = pkgs.plocate;
|
||||
interval = "hourly";
|
||||
localuser = null;
|
||||
};
|
||||
|
||||
pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
};
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
xserver = {
|
||||
enable = true;
|
||||
# Configure keymap in X11
|
||||
layout = "fr";
|
||||
xkbOptions = "eurosign:e,caps:escape";
|
||||
# Enable the GNOME Desktop Environment.
|
||||
displayManager.gdm.enable = true;
|
||||
desktopManager.gnome.enable = true;
|
||||
};
|
||||
#ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", ENV{DISPLAY}=":0", ENV{XAUTHORITY}="/home/alexandre/.Xauthority" RUN+="${pkgs.sudo}/bin/sudo -u alexandre ${pkgs.xdg-utils}/bin/xdg-screensaver lock"
|
||||
udev.extraRules = ''
|
||||
ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", RUN+="${pkgs.sudo}/bin/sudo -u alexandre ${pkgs.dbus}/bin/dbus-send --type=method_call --dest=org.gnome.ScreenSaver /org/gnome/ScreenSaver org.gnome.ScreenSaver.Lock"
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -1,16 +1,20 @@
|
|||
{config, pkgs, ...}:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
restic
|
||||
];
|
||||
services.restic.backups = {
|
||||
localbackup = {
|
||||
initialize = true;
|
||||
passwordFile = "/run/restic_pass";
|
||||
paths = [ "/var/lib/nextcloud/data/" "/var/backup/postgresql" ];
|
||||
repository = "rest:https://back.atlanticaweb.fr/Nextcloud";
|
||||
timerConfig = {
|
||||
OnCalendar = "02:05";
|
||||
RandomizedDelaySec = "5h";
|
||||
};
|
||||
remotebackup = {
|
||||
initialize = true;
|
||||
passwordFile = "/run/restic_pass";
|
||||
paths = [ "/var/lib/nextcloud/data/" "/var/backup/postgresql" ];
|
||||
#repository = "rest:https://back.atlanticaweb.fr/Nextcloud";
|
||||
repository = "sftp:u329746@u329746.your-storagebox.de:/home/Nextcloud";
|
||||
timerConfig = {
|
||||
OnCalendar = "02:05";
|
||||
RandomizedDelaySec = "5h";
|
||||
};
|
||||
};
|
||||
};
|
||||
services.postgresqlBackup = {
|
||||
enable = true;
|
||||
|
|
|
@ -9,6 +9,8 @@
|
|||
../modules/navidrome.nix
|
||||
../modules/transmission.nix
|
||||
../modules/prometheus-node.nix
|
||||
# ../docker/appsmith.nix
|
||||
# ../docker/baserow.nix
|
||||
./agenix.nix
|
||||
# <agenix/modules/age.nix>
|
||||
];
|
||||
|
@ -22,8 +24,11 @@
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUA1RW6JwZasspAp8qmFRFnlV5WXjhLfStAAkM+KYLv lucazeau.alexandre@gmail.com"
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 22 9002 4533];
|
||||
programs.ssh.extraConfig = "Host u329746.your-storagebox.de\n Hostname u329746.your-storagebox.de\n Port 23\n user u329746\n IdentityFile /home/alexandre/.ssh/id_ed25519-perso";
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 22 9002 4533 5050 8080];
|
||||
services.qemuGuest.enable = true;
|
||||
|
||||
services.shiori.enable = true;
|
||||
|
||||
# environment.systemPackages = [ (pkgs.callPackage <agenix/pkgs/agenix.nix> {}) ];
|
||||
# age.secrets.secret_restic = {
|
||||
|
|
|
@ -6,7 +6,7 @@ networking.firewall.allowedTCPPorts = [ 5432 5050 ];
|
|||
services.postgresql = {
|
||||
enable = true;
|
||||
enableTCPIP = true;
|
||||
authentication = "host all all 192.168.0.0/16 trust";
|
||||
authentication = "host all all 192.168.0.0/16 trust \nhost all all 10.88.0.0/16 trust";
|
||||
|
||||
# Ensure the database, user, and permissions always exist
|
||||
ensureDatabases = [ "pizzajoffredb" ];
|
||||
|
|
|
@ -31,6 +31,14 @@ services.nginx = {
|
|||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
"bookmark.atlanticaweb.fr" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:8080/";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -40,7 +48,7 @@ security.acme.acceptTerms = true;
|
|||
# Actual Nextcloud Config
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
package = pkgs.nextcloud24;
|
||||
package = pkgs.nextcloud25;
|
||||
hostName = "next.atlanticaweb.fr";
|
||||
# Enable built-in virtual host management
|
||||
# Takes care of somewhat complicated setup
|
||||
|
|
|
@ -2,17 +2,20 @@
|
|||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./firewall-services.nix
|
||||
./VPN.nix
|
||||
../modules/users.nix
|
||||
../modules/common.nix
|
||||
../modules/smtp.nix
|
||||
../modules/grafana.nix
|
||||
|
||||
../docker/podman.nix
|
||||
|
||||
];
|
||||
system.stateVersion = "22.05";
|
||||
boot.cleanTmpDir = true;
|
||||
boot.tmp.cleanOnBoot = true;
|
||||
zramSwap.enable = true;
|
||||
networking.hostName = "sup";
|
||||
services.openssh.enable = true;
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUA1RW6JwZasspAp8qmFRFnlV5WXjhLfStAAkM+KYLv lucazeau.alexandre@gmail.com"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUA1RW6JwZasspAp8qmFRFnlV5WXjhLfStAAkM+KYLv lucazeau.alexandre@gmail.com"
|
||||
];
|
||||
}
|
||||
|
|
|
@ -0,0 +1,172 @@
|
|||
# Procédure d'installation d'un poste sécurisé.
|
||||
La procédure ci-dessous permet de mettre en place un poste sécurisé. Les fichiers de ce dépôt ont vocation à être utilisés comme template.
|
||||
|
||||
Le disque est chiffré, l'authentification des comptes utilisateurs nécessite une clé hardware et un mot de passe (2FA).
|
||||
Le déchiffrement du poste nécessite également une clé hardware (FIDO2).
|
||||
|
||||
Pour la sécurité, **apparmor** et **clamav** sont installés.
|
||||
|
||||
Le compte utilisateur ne peut pas devenir root, il faut passer par un compte tiers. Sous **nixos** il n'y a pas pas beaucoup d'intéret puisque nous utilisons **home-manager** pour installer des applications, mais c'est une bonne pratique.
|
||||
Ce template installe gnome comme environnement de bureau, pour sa polyvalence.
|
||||
|
||||
Pour aller plus loins en matière de sécurité, nous pouvons supprimer les mots de passes de déchiffrement. Attention, la suppression des mots de passes rend impossible l'ajout d'une clé (matériel) ou d'un nouveau mot de passe.
|
||||
**systemd-cryptenroll** permet de créer un mo de passe de récupération. Il est généré par l'ordinateur avec beaucoup d'entropie.
|
||||
|
||||
Personnellement, j'ai une clé yubikey, une clé nitrokey et un mot de passe de récupération, stocké dans une base chiffrée.
|
||||
|
||||
# Partie 1 : installation de base
|
||||
Le poste dispose d'un EFI, le disque sera chiffré
|
||||
|
||||
## partitionnement
|
||||
|
||||
gdisk /dev/sda
|
||||
|
||||
* ````o```` creation d'une nouvelle table de partitions
|
||||
* ```n``` ajouter une partition de 500M de type ef00 pour l'EFI
|
||||
* ```` n ```` ajouter une partition avec le reste de l'espace disponible, type 8300
|
||||
* ```` w ```` on valide la table et on sort
|
||||
|
||||
### Chiffrement
|
||||
|
||||
cryptsetup luksFormat /dev/sda2 # création d'un volume chiffré
|
||||
cryptsetup luksOpen /dev/sda2 enc-pv # ouverture du volume chiffré sur le point /dev/mapper/enc-vp
|
||||
|
||||
### Partitionnement LVM
|
||||
Création de deux volumes logiques LVM. Le premier de 8Go pour la swap (j'ai 8Go de RAM) et le second pour la racine
|
||||
|
||||
pvcreate /dev/mapper/enc-pv
|
||||
vgcreate vg /dev/mapper/enc-pv
|
||||
lvcreate -L 8G -n swap vg
|
||||
lvcreate -l '100%FREE' -n root vg
|
||||
|
||||
### formattage
|
||||
|
||||
mkfs.fat /dev/sda1
|
||||
mkfs.ext4 -L root /dev/vg/root
|
||||
mkswap -L swap /dev/vg/swap
|
||||
|
||||
## Pré-installation
|
||||
|
||||
mount /dev/vg/root /mnt
|
||||
mkdir /mnt/boot
|
||||
mount /dev/sda1 /mnt/boot
|
||||
swapon /dev/vg/swap
|
||||
|
||||
## Préparation de l'installation
|
||||
|
||||
nixos-generate-config --root /mnt
|
||||
|
||||
A partir de là le template peut-être installé.
|
||||
|
||||
nix-shell -p git
|
||||
git clone https://git.atlanticaweb.fr/alexandre/nixos-config.git
|
||||
|
||||
Enfin dans le hardware.nix, il faut ajouter le volume /boot pour qu'il soit dans le **fstab** puis ajouter le chargement dans l'initrd du LVM et du déchiffrement. ça nous donne :
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/0BEC-722D";
|
||||
fsType = "vfat";
|
||||
};
|
||||
boot.initrd.luks.devices = {
|
||||
"partitions" = {
|
||||
device = "/dev/sda2";
|
||||
preLVM = true;
|
||||
};
|
||||
};
|
||||
|
||||
## Notes sur la sécurisation u2f et le déchiffrement via clé FIDO2
|
||||
|
||||
### Pour la partie authentification u2f
|
||||
L'authentification u2f avec une clée Yubikey 5 nécessite une configuration par utilisateur.
|
||||
|
||||
nix-shell -p pam_u2f
|
||||
mkdir -p ~/.config/Yubico
|
||||
pamu2fcfg > ~/.config/Yubico/u2f_keys
|
||||
|
||||
Si vous avez 2 clés, pour ajouter la seconde clé :
|
||||
|
||||
pamu2fcfg -n >> ~/.config/Yubico/u2f_keys
|
||||
|
||||
### Pour le déchiffrement de la partition LUKS avec le protocole FIDO2
|
||||
Pour cette partie, il faut regénéré l'initrd avec le support FIDO2 et l'ajout de systemd.
|
||||
|
||||
Pour cela il faut modifier :
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
"partitions" = {
|
||||
device = "/dev/sda2";
|
||||
preLVM = true;
|
||||
};
|
||||
};
|
||||
|
||||
en :
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
"partitions" = {
|
||||
device = "/dev/sda2";
|
||||
preLVM = true;
|
||||
crypttabExtraOpts = ["fido2-device=auto"];
|
||||
};
|
||||
};
|
||||
boot.initrd.systemd.enable = true;
|
||||
|
||||
L'ajout des clés de déchiffrement se fait simplement via :
|
||||
|
||||
systemd-cryptenroll --fido2-device=auto /dev/sda2
|
||||
|
||||
ou pour un déchiffrement uniquement via clé fido2 :
|
||||
|
||||
systemd-cryptenroll --unlock-fido2-device=auto /dev/sda2
|
||||
|
||||
Cette commande est à exécutée pour chaque clée que vous possédez.
|
||||
|
||||
Pour générer une clé de récupération :
|
||||
|
||||
systemd-cryptenroll --recovery-key /dev/sda2
|
||||
|
||||
Pour supprimer une clée d'un slot :
|
||||
|
||||
systemd-cryptenroll --wipe-slot=2 #supprime la clé du slot 2
|
||||
|
||||
Pour supprimer tous les mots de passe :
|
||||
|
||||
systemd-cryptenroll --wipe-slot=password /dev/sda2
|
||||
|
||||
Pour supprimer toutes les clés :
|
||||
|
||||
systemd-cryptenroll --wipe-slot=fido2 /dev/sda2
|
||||
|
||||
## Installation
|
||||
On peut démarrer l'installation avec :
|
||||
|
||||
nixos-install
|
||||
reboot
|
||||
|
||||
En cas d'erreur au reboot, on redémarre sur la clé. POur accéder à la configuration :
|
||||
|
||||
cryptsetup luksOpen /dev/sda2 enc-pv
|
||||
lvchange -a y /dev/vg/swap
|
||||
lvchange -a y /dev/vg/root
|
||||
mount /dev/vg/root /mnt
|
||||
mount /dev/sda1 /mnt/boot
|
||||
swapon /dev/vg/swap
|
||||
cp /mnt/etc/wpa_supplicant.conf /etc
|
||||
|
||||
Au reboot, je me connecte en root et je change le password de mon user.
|
||||
|
||||
# Configuration utilisateur
|
||||
## home-manager
|
||||
J'ai opté pour une installation locale à mon utilisateur de home-manager
|
||||
ajouter le dépot correspondant à la version en cours de nixpkgs :
|
||||
|
||||
nix-channel --add https://github.com/nix-community/home-manager/archive/release-22.11.tar.gz home-manager
|
||||
|
||||
mise à jour de la base
|
||||
|
||||
nix-channel --update
|
||||
reboot
|
||||
|
||||
Installation
|
||||
|
||||
nix-shell '<home-manager>' -A install
|
||||
|
|
@ -0,0 +1,84 @@
|
|||
{ config, pkgs, theme, ... }:
|
||||
{
|
||||
|
||||
programs.firefox = {
|
||||
enable = true;
|
||||
package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
|
||||
extraPolicies = {
|
||||
CaptivePortal = false;
|
||||
DisableFirefoxStudies = true;
|
||||
DisablePocket = true;
|
||||
DisableTelemetry = true;
|
||||
DisableFirefoxAccounts = false;
|
||||
NoDefaultBookmarks = true;
|
||||
OfferToSaveLogins = true;
|
||||
OfferToSaveLoginsDefault = true;
|
||||
PasswordManagerEnabled = true;
|
||||
FirefoxHome = {
|
||||
Search = true;
|
||||
Pocket = false;
|
||||
Snippets = false;
|
||||
TopSites = false;
|
||||
Highlights = false;
|
||||
};
|
||||
UserMessaging = {
|
||||
ExtensionRecommendations = false;
|
||||
SkipOnboarding = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
profiles = {
|
||||
alexandre = {
|
||||
id = 0;
|
||||
name = "alexandre";
|
||||
search = {
|
||||
force = true;
|
||||
default = "Google";
|
||||
engines = {
|
||||
"Nix Packages" = {
|
||||
urls = [{
|
||||
template = "https://search.nixos.org/packages";
|
||||
params = [
|
||||
{ name = "type"; value = "packages"; }
|
||||
{ name = "query"; value = "{searchTerms}"; }
|
||||
];
|
||||
}];
|
||||
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
|
||||
definedAliases = [ "@np" ];
|
||||
};
|
||||
"NixOS Wiki" = {
|
||||
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
|
||||
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
||||
updateInterval = 24 * 60 * 60 * 1000;
|
||||
definedAliases = [ "@nw" ];
|
||||
};
|
||||
"Wikipedia (en)".metaData.alias = "@wiki";
|
||||
"Google".metaData.hidden = false;
|
||||
"Amazon.com".metaData.hidden = true;
|
||||
"Bing".metaData.hidden = true;
|
||||
"eBay".metaData.hidden = true;
|
||||
};
|
||||
};
|
||||
|
||||
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
|
||||
ublock-origin
|
||||
privacy-badger
|
||||
keepassxc-browser
|
||||
clearurls
|
||||
decentraleyes
|
||||
floccus
|
||||
languagetool
|
||||
disconnect
|
||||
];
|
||||
settings = {
|
||||
"general.smoothScroll" = true;
|
||||
};
|
||||
# extraConfig = ''
|
||||
# user_pref("full-screen-api.ignore-widgets", true);
|
||||
# user_pref("media.ffmpeg.vaapi.enabled", true);
|
||||
# user_pref("media.rdd-vpx.enabled", true);
|
||||
# '';
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,73 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./firefox.nix
|
||||
];
|
||||
# Home Manager needs a bit of information about you and the paths it should
|
||||
# manage.
|
||||
home.username = "alexandre";
|
||||
home.homeDirectory = "/home/alexandre";
|
||||
|
||||
# This value determines the Home Manager release that your configuration is
|
||||
# compatible with. This helps avoid breakage when a new Home Manager release
|
||||
# introduces backwards incompatible changes.
|
||||
#
|
||||
# You should not change this value, even if you update Home Manager. If you do
|
||||
# want to update the value, then make sure to first check the Home Manager
|
||||
# release notes.
|
||||
home.stateVersion = "23.05"; # Please read the comment before changing.
|
||||
|
||||
# The home.packages option allows you to install Nix packages into your
|
||||
# environment.
|
||||
home.packages = [
|
||||
# # Adds the 'hello' command to your environment. It prints a friendly
|
||||
# # "Hello, world!" when run.
|
||||
# pkgs.hello
|
||||
|
||||
# # It is sometimes useful to fine-tune packages, for example, by applying
|
||||
# # overrides. You can do that directly here, just don't forget the
|
||||
# # parentheses. Maybe you want to install Nerd Fonts with a limited number of
|
||||
# # fonts?
|
||||
# (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
|
||||
|
||||
# # You can also create simple shell scripts directly inside your
|
||||
# # configuration. For example, this adds a command 'my-hello' to your
|
||||
# # environment:
|
||||
# (pkgs.writeShellScriptBin "my-hello" ''
|
||||
# echo "Hello, ${config.home.username}!"
|
||||
# '')
|
||||
];
|
||||
|
||||
# Home Manager is pretty good at managing dotfiles. The primary way to manage
|
||||
# plain files is through 'home.file'.
|
||||
home.file = {
|
||||
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
|
||||
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
|
||||
# # symlink to the Nix store copy.
|
||||
# ".screenrc".source = dotfiles/screenrc;
|
||||
|
||||
# # You can also set the file content immediately.
|
||||
# ".gradle/gradle.properties".text = ''
|
||||
# org.gradle.console=verbose
|
||||
# org.gradle.daemon.idletimeout=3600000
|
||||
# '';
|
||||
};
|
||||
|
||||
# You can also manage environment variables but you will have to manually
|
||||
# source
|
||||
#
|
||||
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
|
||||
#
|
||||
# or
|
||||
#
|
||||
# /etc/profiles/per-user/alexandre/etc/profile.d/hm-session-vars.sh
|
||||
#
|
||||
# if you don't want to manage your shell through Home Manager.
|
||||
home.sessionVariables = {
|
||||
# EDITOR = "emacs";
|
||||
};
|
||||
|
||||
# Let Home Manager install and manage itself.
|
||||
programs.home-manager.enable = true;
|
||||
}
|
|
@ -0,0 +1,177 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running `nixos-help`).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
./services.nix
|
||||
./extra_hw.nix
|
||||
];
|
||||
|
||||
boot = {
|
||||
loader.systemd-boot.enable = true;
|
||||
loader.grub.efiSupport = true;
|
||||
loader.grub.efiInstallAsRemovable = true;
|
||||
loader.grub.device = "nodev";
|
||||
plymouth.enable = true;
|
||||
tmp.cleanOnBoot = true ;
|
||||
kernelParams = [ "i915.enable_fbc=1" ];
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = "d2nix"; # Define your hostname.
|
||||
networkmanager.enable = true;
|
||||
firewall.enable = true;
|
||||
};
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
i18n.defaultLocale = "fr_FR.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
fonts = {
|
||||
fontDir.enable = true;
|
||||
enableGhostscriptFonts = true;
|
||||
fonts = with pkgs; [
|
||||
corefonts
|
||||
vistafonts
|
||||
powerline-fonts
|
||||
inconsolata
|
||||
terminus_font
|
||||
proggyfonts
|
||||
dejavu_fonts
|
||||
font-awesome
|
||||
nerdfonts
|
||||
source-code-pro
|
||||
source-sans-pro
|
||||
source-serif-pro
|
||||
iosevka
|
||||
roboto-mono
|
||||
fira-code
|
||||
];
|
||||
};
|
||||
|
||||
#sound.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users = {
|
||||
groups.ntp = {};
|
||||
defaultUserShell = "/run/current-system/sw/bin/fish";
|
||||
extraUsers.alexandre = {
|
||||
isNormalUser = true;
|
||||
home = "/home/alexandre";
|
||||
description = "alexandre";
|
||||
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "scanner" "plocate" "lp" ];
|
||||
packages = with pkgs; [
|
||||
firefox
|
||||
gitAndTools.gitFull
|
||||
];
|
||||
};
|
||||
extraUsers.oem = {
|
||||
isNormalUser = true;
|
||||
home = "/home/oem";
|
||||
description = "oem";
|
||||
extraGroups = [ "wheel" "networkmanager" ];
|
||||
};
|
||||
};
|
||||
|
||||
environment.variables = {
|
||||
EDITOR = "nvim";
|
||||
BROWSER = "firefox";
|
||||
LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS";
|
||||
TERMINAL = "xfce4-terminal";
|
||||
PRIVATE_BROWSER = "firefox -private";
|
||||
};
|
||||
|
||||
security = {
|
||||
rtkit.enable = true; # for pipewire
|
||||
apparmor.enable = true;
|
||||
pam = {
|
||||
u2f = {
|
||||
enable = true;
|
||||
control = "requisite";
|
||||
};
|
||||
services = {
|
||||
login.u2fAuth = true;
|
||||
lightdm.u2fAuth = true;
|
||||
gdm.u2fAuth = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
|
||||
nixpkgs.config = {
|
||||
allowUnfree = true;
|
||||
};
|
||||
|
||||
nix.settings.auto-optimise-store = true;
|
||||
nix.gc = {
|
||||
automatic = true;
|
||||
dates = "weekly";
|
||||
persistent = true;
|
||||
options = "--delete-older-than 10d";
|
||||
};
|
||||
|
||||
|
||||
programs = {
|
||||
htop = {
|
||||
enable = true;
|
||||
settings.show_cpu_temperature = 1;
|
||||
};
|
||||
fish = {
|
||||
enable = true;
|
||||
interactiveShellInit = ''
|
||||
set -gx EDITOR nvim
|
||||
'';
|
||||
shellAliases = {
|
||||
ll = "ls -l";
|
||||
ls = "lsd";
|
||||
cat = "bat";
|
||||
sysrs = "sudo nixos-rebuild switch";
|
||||
sysup = "sudo nixos-rebuild switch --upgrade";
|
||||
sysclean = "sudo nix-collect-garbage -d; and sudo nix-store --optimise";
|
||||
# nvim = "nvim -u ~/.config/nvim/init.lua";
|
||||
};
|
||||
};
|
||||
};
|
||||
environment.systemPackages = with pkgs; [
|
||||
neovim
|
||||
bat
|
||||
lsd
|
||||
pam_u2f
|
||||
gsmartcontrol
|
||||
lm_sensors
|
||||
];
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.gnupg.agent = {
|
||||
# enable = true;
|
||||
# enableSSHSupport = true;
|
||||
# };
|
||||
|
||||
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It's perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
|
||||
inherit pkgs;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
hardware = {
|
||||
cpu.intel.updateMicrocode = true;
|
||||
enableAllFirmware = true;
|
||||
pulseaudio.enable = false;
|
||||
bluetooth = {
|
||||
enable = true;
|
||||
settings = {
|
||||
General = {
|
||||
Enable = "Source,Sink,Media,Socket";
|
||||
};
|
||||
};
|
||||
};
|
||||
logitech = {
|
||||
wireless.enable = true;
|
||||
wireless.enableGraphical = true;
|
||||
};
|
||||
opengl = {
|
||||
enable = true;
|
||||
extraPackages = with pkgs; [
|
||||
intel-media-driver # LIBVA_DRIVER_NAME=iHD
|
||||
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
|
||||
vaapiVdpau
|
||||
libvdpau-va-gl
|
||||
];
|
||||
};
|
||||
};
|
||||
# Video acceleration
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
|
||||
};
|
||||
}
|
|
@ -0,0 +1,49 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" "vfat" "nls_cp437" "nls_iso8859-1" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" "coretemp" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/8eea016d-9dd3-4149-8e5c-014d7d90695f";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/0382-3D00";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/1ffd2601-020f-4635-923b-4053676070d7"; }
|
||||
];
|
||||
# boot.initrd.luks.yubikeySupport = true;
|
||||
boot.initrd.luks.devices = {
|
||||
"partitions" = {
|
||||
device = "/dev/sda2";
|
||||
preLVM = true;
|
||||
crypttabExtraOpts = ["fido2-device=auto"];
|
||||
};
|
||||
};
|
||||
boot.initrd.systemd.enable = true;
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp0s20f0u10.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
|
||||
# Enable touchpad support (enabled default in most desktopManager).
|
||||
# services.xserver.libinput.enable = true;
|
||||
|
||||
}
|
|
@ -0,0 +1,51 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
services = {
|
||||
avahi = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
clamav = {
|
||||
daemon.enable = true;
|
||||
updater.enable = true;
|
||||
};
|
||||
|
||||
ntp = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
thermald = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
fstrim = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
locate = {
|
||||
enable = true;
|
||||
locate = pkgs.plocate;
|
||||
interval = "hourly";
|
||||
localuser = null;
|
||||
};
|
||||
|
||||
pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
};
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
xserver = {
|
||||
enable = true;
|
||||
# Configure keymap in X11
|
||||
layout = "fr";
|
||||
xkbOptions = "eurosign:e,caps:escape";
|
||||
# Enable the GNOME Desktop Environment.
|
||||
displayManager.gdm.enable = true;
|
||||
desktopManager.gnome.enable = true;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,134 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running `nixos-help`).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
# Use the GRUB 2 boot loader.
|
||||
# boot.loader.grub.enable = true;
|
||||
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||
# Define on which hard drive you want to install Grub.
|
||||
boot = {
|
||||
loader.systemd-boot.enable = true;
|
||||
loader.grub.efiSupport = true;
|
||||
loader.grub.efiInstallAsRemovable = true;
|
||||
loader.grub.device = "nodev"; # or "nodev" for efi only
|
||||
## OK initrd.luks.fido2Support = true;
|
||||
## OK initrd.luks.devices."partitions".device = "/dev/sda2";
|
||||
## OK initrd.luks.devices.partitions.crypttabExtraOpts = ["fido2-device=auto" "headless=true" ];
|
||||
## OK initrd.luks.devices."partitions".fallbackToPassword = true;
|
||||
## OK initrd.luks.devices."partitions".fido2.credentials = [
|
||||
## OK "5cd4080973f89909db8f92dbb3f4352b"
|
||||
## OK "a693320606d47eaf7049673fd2184332791a52aba4d077303277d98ea79da172488d52dae2262619c1da2be7562ec9dd94888c71a9326fea70dfe16214b5ea8ec014ea010000"
|
||||
## OK ];
|
||||
plymouth.enable = true;
|
||||
tmp.cleanOnBoot = true ;
|
||||
kernelParams = [ "i915.enable_fbc=1" ];
|
||||
};
|
||||
networking.hostName = "d2nix"; # Define your hostname.
|
||||
# Pick only one of the below networking options.
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
|
||||
|
||||
# Set your time zone.
|
||||
# time.timeZone = "Europe/Amsterdam";
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
i18n.defaultLocale = "fr_FR.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
|
||||
# Configure network proxy if necessary
|
||||
# networking.proxy.default = "http://user:password@proxy:port/";
|
||||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||
|
||||
# Select internationalisation properties.
|
||||
# i18n.defaultLocale = "en_US.UTF-8";
|
||||
# console = {
|
||||
# font = "Lat2-Terminus16";
|
||||
# keyMap = "us";
|
||||
# useXkbConfig = true; # use xkbOptions in tty.
|
||||
# };
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
services.xserver.enable = true;
|
||||
|
||||
|
||||
# Enable the GNOME Desktop Environment.
|
||||
services.xserver.displayManager.gdm.enable = true;
|
||||
services.xserver.desktopManager.gnome.enable = true;
|
||||
|
||||
|
||||
# Configure keymap in X11
|
||||
# services.xserver.layout = "us";
|
||||
# services.xserver.xkbOptions = "eurosign:e,caps:escape";
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
# services.printing.enable = true;
|
||||
|
||||
# Enable sound.
|
||||
# sound.enable = true;
|
||||
# hardware.pulseaudio.enable = true;
|
||||
|
||||
# Enable touchpad support (enabled default in most desktopManager).
|
||||
# services.xserver.libinput.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
# users.users.alice = {
|
||||
# isNormalUser = true;
|
||||
# extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||
# packages = with pkgs; [
|
||||
# firefox
|
||||
# tree
|
||||
# ];
|
||||
# };
|
||||
|
||||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
environment.systemPackages = with pkgs; [
|
||||
neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
|
||||
fido2luks
|
||||
];
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.mtr.enable = true;
|
||||
# programs.gnupg.agent = {
|
||||
# enable = true;
|
||||
# enableSSHSupport = true;
|
||||
# };
|
||||
|
||||
# List services that you want to enable:
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
# services.openssh.enable = true;
|
||||
|
||||
# Open ports in the firewall.
|
||||
# networking.firewall.allowedTCPPorts = [ ... ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
# Or disable the firewall altogether.
|
||||
# networking.firewall.enable = false;
|
||||
|
||||
# Copy the NixOS configuration file and link it from the resulting system
|
||||
# (/run/current-system/configuration.nix). This is useful in case you
|
||||
# accidentally delete configuration.nix.
|
||||
# system.copySystemConfiguration = true;
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It's perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,54 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
# { device = "/dev/sda2";
|
||||
{ device = "/dev/disk/by-uuid/20388412-0d02-4091-a320-c4096d1d4a4e";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/D96D-5573";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
"partitions" = {
|
||||
device = "/dev/sda2";
|
||||
preLVM = true;
|
||||
};
|
||||
};
|
||||
boot.initrd.luks.devices.root = {
|
||||
crypttabExtraOpts = [ "fido2-device=auto" "fido2-with-user-verification=true" ];
|
||||
device = "/dev/sda2";
|
||||
};
|
||||
boot.initrd.systemd.enable = true;
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/b4c59607-58e7-4af9-85c2-2fa5bf618f8e"; }
|
||||
];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp0s20f0u10.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
|
@ -1,24 +1,32 @@
|
|||
# atlanticaweb.fr 37.187.103.8/24
|
||||
{ pkgs, ... }: {
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./webserver.nix
|
||||
./firewall-web.nix
|
||||
../modules/gitea.nix
|
||||
../modules/prometheus-node.nix
|
||||
../modules/common.nix
|
||||
../modules/users.nix
|
||||
modules/gitea.nix
|
||||
modules/prometheus-node.nix
|
||||
modules/common.nix
|
||||
modules/users.nix
|
||||
# ../docker/appsmith.nix
|
||||
docker/kuma.nix
|
||||
modules/syncthing.nix
|
||||
];
|
||||
|
||||
system.stateVersion = "21.11";
|
||||
system.stateVersion = "23.11";
|
||||
|
||||
boot.cleanTmpDir = true;
|
||||
boot.tmp.cleanOnBoot = true;
|
||||
zramSwap.enable = false;
|
||||
networking.hostName = "web";
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
permitRootLogin = "no";
|
||||
passwordAuthentication = false;
|
||||
kbdInteractiveAuthentication = false;
|
||||
};
|
||||
settings = {
|
||||
PermitRootLogin = "no";
|
||||
PasswordAuthentication = false;
|
||||
KbdInteractiveAuthentication = false;
|
||||
};
|
||||
};
|
||||
system.autoUpgrade.enable = true;
|
||||
system.autoUpgrade.allowReboot = true;
|
||||
|
||||
}
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
/home/alexandre/git/nixos-config/docker/
|
|
@ -4,7 +4,7 @@
|
|||
networking.firewall = {
|
||||
allowPing = true;
|
||||
# allowed TCP range
|
||||
allowedTCPPorts = [ 22 80 443 9002 2021];
|
||||
allowedTCPPorts = [ 22 80 443 9002 2021 8096 8920];
|
||||
};
|
||||
services.fail2ban = {
|
||||
enable = true;
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
/home/alexandre/git/nixos-config/modules/
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue