alexandre
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

merge into: alexandre:alacritty
Branches Tags
alexandre:main
alexandre:alacritty
...
pull from: alexandre:main
Branches Tags
alexandre:main
alexandre:alacritty

139 Commits
alacritty ... main

Author SHA1 Message Date
Alexandre LUCAZEAU d7a7573621 ADD shiori service 2023-12-28 12:54:54 +00:00
Alexandre LUCAZEAU d46068a1fe web : 
ADD wezterm
d2nix :
  ADD wezterm
 2023-12-05 20:12:19 +00:00
Alexandre LUCAZEAU 8de673c14d web : 
FIX : gitea disable registration
 2023-12-05 16:26:55 +00:00
Alexandre LUCAZEAU 3c497e4d50 web : 
ADD : Automatic upgrades
 2023-12-05 16:19:23 +00:00
Alexandre LUCAZEAU c56e8e1062 UPGRADE web server FROM 21.11 to 23.11 2023-12-05 16:11:20 +00:00
Alexandre LUCAZEAU 3bcf24b6a7 FIX : typo 2023-12-05 15:44:01 +00:00
LUCAZEAU Alexandre b9cd78e43a ADD nitrokey support 2023-11-25 21:19:34 +01:00
LUCAZEAU Alexandre b6908d9fb5 remove guake 
add thunderbird
 2023-11-25 21:18:47 +01:00
LUCAZEAU Alexandre 06ce7c704c Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-11-11 22:09:29 +01:00
Alexandre LUCAZEAU a9baa4d7e1 ADD sway initial configuration 2023-10-31 16:51:15 +01:00
Alexandre LUCAZEAU 99fb4d9338 ADD : hyperland 
REMOVE : OLD firefox config
RENAME : home_firefox to firefox.nix
UPDATE : bokkmark firefox
 2023-10-31 15:50:40 +01:00
Alexandre LUCAZEAU 1a6aaf8b88 ADD : David link bbb 2023-10-31 11:29:20 +01:00
Alexandre LUCAZEAU 4f31d688a9 ADD tmux 2023-10-29 22:53:21 +01:00
Alexandre LUCAZEAU bba08e6d7b ADD lap2nix host 2023-10-29 22:50:52 +01:00
LUCAZEAU Alexandre 7fbb88d06c ADD emacs 2023-10-26 16:37:07 +02:00
LUCAZEAU Alexandre 07ac227763 ADD freetube 2023-10-26 14:19:17 +02:00
LUCAZEAU Alexandre 88c631ca05 FIX : typo + bookmarks 2023-10-26 14:04:28 +02:00
LUCAZEAU Alexandre c755ef21b7 ADD packages 
ADD firefox configuration
 2023-10-25 22:19:00 +02:00
LUCAZEAU Alexandre 7cd30aba59 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-10-25 19:00:39 +02:00
LUCAZEAU Alexandre 88d76a48f4 modifié : firefox.nix 
modifié :         home.nix
	modifié :         ../nixos/configuration.nix
	modifié :         ../../../modules/neovim.nix
 2023-10-25 19:00:10 +02:00
Alexandre LUCAZEAU 154f768453 ADD bookmark for firefox 2023-10-25 15:43:33 +02:00
LUCAZEAU Alexandre f1551db735 ADD : d2nix new config 
FIX : archive old d2nix conf
 2023-10-23 09:43:50 +02:00
LUCAZEAU Alexandre 60876aa336 ADD template for security desktop 2023-10-22 14:16:52 +02:00
alexandre 74a7fbc330 test config for FIDO2 
systemd-cryptenroll --fido2-device=auto --fido2-with-user-verification=true /dev/sda2
systemd-cryptenroll --password /dev/sda2
export FIDO2_LABEL="/dev/sda2 @ $HOSTNAME"
fido2luks credential "$FIDO2_LABEL"
 2023-10-20 07:52:36 +00:00
Alexandre LUCAZEAU 30ef40d9d7 ADD mail config 
ADD FIDO2
 2023-10-14 12:23:39 +02:00
Alexandre LUCAZEAU 9b7fd6bc83 ADD drawio to packages 2023-09-25 16:31:27 +02:00
Alexandre LUCAZEAU d863842579 ADD thunar and thunar plugin 2023-09-25 16:31:08 +02:00
Alexandre LUCAZEAU 5eddacb1bf ADD freecad to d2nix 2023-08-27 18:34:30 +02:00
Alexandre LUCAZEAU e0cc780346 ADD cura to d2nix 2023-08-18 19:38:53 +02:00
Alexandre LUCAZEAU 7dbfbda8d7 ADD freecad package 2023-08-07 12:55:30 +02:00
Alexandre LUCAZEAU 40d1e8a325 FIX neovim for dell laptop and clean neovim.nix 2023-07-29 12:18:23 +02:00
Alexandre LUCAZEAU 4ec119d7c6 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-07-29 11:58:19 +02:00
Alexandre LUCAZEAU 95e68c60f8 ADD starship config file 2023-07-29 11:56:49 +02:00
Alexandre LUCAZEAU 3d6b171a43 ADD syncthing to web server 2023-07-28 18:11:10 +00:00
Alexandre LUCAZEAU 12fc483e17 ADD neovim to std install 2023-07-28 18:10:45 +00:00
Alexandre LUCAZEAU 07a61cc3d3 ACTIVATE Flake on d2nix 2023-07-28 00:23:23 +02:00
Alexandre LUCAZEAU b81d52cc8b REMOVE STARSHIP 2023-07-27 23:36:46 +02:00
Alexandre LUCAZEAU 086d9760bc ADD minimal neovim configuration 2023-07-27 10:16:34 +02:00
Alexandre LUCAZEAU aca6464f5b DEL VPN configuration 2023-07-27 10:16:03 +02:00
Alexandre LUCAZEAU 26f42cb446 ADD loading synchting module and enable flakes 2023-07-27 10:14:54 +02:00
Alexandre LUCAZEAU 13987650a7 ADD synchting service 2023-07-27 10:13:00 +02:00
Alexandre LUCAZEAU 589fa7fcbe CHANGE starship config from home-manager to configuration.nix 2023-07-26 20:19:54 +02:00
Alexandre LUCAZEAU ea886aec7c ADD Ferdi 2023-07-25 13:42:15 +02:00
Alexandre LUCAZEAU 17001c6525 ADD dunst config to d2nix 2023-07-23 18:21:48 +02:00
Alexandre LUCAZEAU 9bb93507cc modifié : configs/i3config 
modifié :         home.nix
	modifié :         packages.nix
	modifié :         starship.nix
	modifié :         ../nixos/configuration.nix
 2023-07-23 18:05:54 +02:00
Alexandre LUCAZEAU 9219c624e6 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-07-23 17:59:34 +02:00
Alexandre LUCAZEAU 1fd60ef277 FIX kdeconnect for laptop 2023-07-23 16:05:47 +02:00
Alexandre LUCAZEAU b033f64e7f supprimé : git.nix 
modifié :         home.nix
	renommé :         kdeconnect.nix -> ../../../modules/kdeconnect.nix
 2023-07-23 11:53:56 +02:00
Alexandre LUCAZEAU d78f9fdf35 UPGRADE git config by adding alias 2023-07-23 11:38:03 +02:00
Alexandre LUCAZEAU a1525be05a UPGRADE TO 23.05 
renommé :         hosts/dell-5590/nixpkgs/VPN.conf -> hosts/dell-5590/home-manager/VPN.conf
	renommé :         hosts/dell-5590/nixpkgs/bat.nix -> hosts/dell-5590/home-manager/bat.nix
	renommé :         hosts/dell-5590/nixpkgs/bat/default.nix -> hosts/dell-5590/home-manager/bat/default.nix
	renommé :         hosts/dell-5590/nixpkgs/colorschemes/nord.theme -> hosts/dell-5590/home-manager/colorschemes/nord.theme
	renommé :         hosts/dell-5590/nixpkgs/configs/.mbsyncrc -> hosts/dell-5590/home-manager/configs/.mbsyncrc
	renommé :         hosts/dell-5590/nixpkgs/configs/i3config -> hosts/dell-5590/home-manager/configs/i3config
	nouveau fichier : hosts/dell-5590/home-manager/configs/i3status-rust.toml
	renommé :         hosts/dell-5590/nixpkgs/configs/init.el -> hosts/dell-5590/home-manager/configs/init.el
	nouveau fichier : hosts/dell-5590/home-manager/configs/init.el-bak
	renommé :         hosts/dell-5590/nixpkgs/configs/msmtp_config -> hosts/dell-5590/home-manager/configs/msmtp_config
	renommé :         hosts/dell-5590/nixpkgs/configs/nextcloud.cfg -> hosts/dell-5590/home-manager/configs/nextcloud.cfg
	renommé :         hosts/dell-5590/nixpkgs/configs/xfce4/terminal/accels.scm -> hosts/dell-5590/home-manager/configs/xfce4/terminal/accels.scm
	renommé :         hosts/dell-5590/nixpkgs/configs/xfce4/terminal/colorschemes/nord.theme -> hosts/dell-5590/home-manager/configs/xfce4/terminal/colorschemes/nord.theme
	renommé :         hosts/dell-5590/nixpkgs/configs/xfce4/terminal/terminalrc -> hosts/dell-5590/home-manager/configs/xfce4/terminal/terminalrc
	renommé :         hosts/dell-5590/nixpkgs/configs/zellij -> hosts/dell-5590/home-manager/configs/zellij
	renommé :         hosts/dell-5590/nixpkgs/dunst.nix -> hosts/dell-5590/home-manager/dunst.nix
	renommé :         hosts/dell-5590/nixpkgs/emacs.nix -> hosts/dell-5590/home-manager/emacs.nix
	renommé :         hosts/dell-5590/nixpkgs/git.nix -> hosts/dell-5590/home-manager/git.nix
	renommé :         hosts/dell-5590/nixpkgs/gnupg.nix -> hosts/dell-5590/home-manager/gnupg.nix
	nouveau fichier : hosts/dell-5590/home-manager/home-manager
	renommé :         hosts/dell-5590/nixpkgs/home.nix -> hosts/dell-5590/home-manager/home.nix
	nouveau fichier : hosts/dell-5590/home-manager/i3status.nix
	renommé :         hosts/dell-5590/nixpkgs/kdeconnect.nix -> hosts/dell-5590/home-manager/kdeconnect.nix
	renommé :         hosts/dell-5590/nixpkgs/mails.nix -> hosts/dell-5590/home-manager/mails.nix
	renommé :         hosts/dell-5590/nixpkgs/packages.nix -> hosts/dell-5590/home-manager/packages.nix
	renommé :         hosts/dell-5590/nixpkgs/redshift.nix -> hosts/dell-5590/home-manager/redshift.nix
	renommé :         hosts/dell-5590/nixpkgs/starship.nix -> hosts/dell-5590/home-manager/starship.nix
	renommé :         hosts/dell-5590/nixpkgs/terminalrc -> hosts/dell-5590/home-manager/terminalrc
	renommé :         hosts/dell-5590/nixpkgs/variables.nix -> hosts/dell-5590/home-manager/variables.nix
	renommé :         hosts/dell-5590/nixpkgs/xidlehook.nix -> hosts/dell-5590/home-manager/xidlehook.nix
	modifié :         hosts/dell-5590/nixos/configuration.nix
	modifié :         hosts/dell-5590/nixos/packages.nix
	modifié :         hosts/dell-5590/nixos/services.nix
	supprimé :        hosts/dell-5590/nixpkgs/i3status.nix
	modifié :         modules/neovim.nix
 2023-07-23 11:02:54 +02:00
Alexandre LUCAZEAU 3162a9fb11 ADD module paperless - non use 2023-07-23 10:55:31 +02:00
Alexandre LUCAZEAU 65b65d8645 FIX : Powermanagement to performance 2023-07-16 11:40:30 +02:00
Alexandre LUCAZEAU d7224bb1de # powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; 
wermanagement module
 2023-07-16 11:39:04 +02:00
Alexandre LUCAZEAU 0606c9dd37 ADD location and redshift 2023-07-16 11:34:33 +02:00
Alexandre LUCAZEAU 10d7de15b8 FIX fish config 2023-07-15 21:11:10 +02:00
Alexandre LUCAZEAU d9a33394ec FIX clean config 2023-07-15 20:55:50 +02:00
Alexandre LUCAZEAU dfd9be293c ADD network config for d2nix 2023-07-15 20:21:59 +02:00
Alexandre LUCAZEAU 26154dbcae MAJ README 2023-07-15 19:48:15 +02:00
Alexandre LUCAZEAU 9722998bf0 ADD neovim 2023-07-15 19:16:13 +02:00
Alexandre LUCAZEAU 2eca5e8af4 FIX : error repo 2023-07-15 19:07:55 +02:00
Alexandre LUCAZEAU 200afd51b1 INIT d2nix configuration 2023-07-15 19:01:55 +02:00
Alexandre LUCAZEAU 823553a440 CHANGE neovim integration to neovim.nix module 
ADD Nextcloud desktop config
 2023-07-12 10:48:10 +02:00
Alexandre LUCAZEAU 668876dbb2 ADD : nextcloud.cfg for nextcloud desktop 
improve emacs org-roam
 2023-07-06 17:17:54 +02:00
Alexandre LUCAZEAU 3e09f26891 ADD emacs config modules 2023-06-23 19:49:21 +02:00
Alexandre LUCAZEAU c705573a0e Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-06-23 19:47:57 +02:00
Alexandre LUCAZEAU d712571efb ADD kdeconnect 
FIX Emacs configuration
 2023-06-23 19:47:16 +02:00
Alexandre LUCAZEAU 2c6a69c74c UPGRADE TO 23.05 2023-06-22 09:40:16 +00:00
Alexandre LUCAZEAU 7bf0b6e7db Upgrade sup.atlanticaweb.fr to 23.05 2023-06-21 19:15:44 +00:00
Alexandre LUCAZEAU 7c80d88a9d CHANGE capture. j for journal entry and n for note in journal 2023-06-21 18:24:42 +02:00
Alexandre LUCAZEAU 3b6b76c6cf FIX : init.el for org-capture 
TEST : kdeconnect to i3status
 2023-06-19 21:45:51 +02:00
Alexandre LUCAZEAU e766f11ae2 FIX i3status-rust : change to 0.30 format 2023-06-17 21:08:04 +02:00
Alexandre LUCAZEAU c627585531 UPGRADE TO 23.05 2023-06-17 20:39:14 +02:00
Alexandre LUCAZEAU 1191cd5a62 ADD kdeconnect 2023-06-12 14:30:21 +02:00
Alexandre LUCAZEAU 8de3cdf6a7 FIX all config 2023-06-08 09:39:18 +02:00
Alexandre LUCAZEAU 45dce66310 FIX nix garbage configuration 2023-06-05 13:43:03 +02:00
Alexandre LUCAZEAU 9131db7d33 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-05-23 10:33:57 +02:00
Alexandre LUCAZEAU 8c49155a1c ADD initial org-roam daillies config 2023-05-23 10:33:39 +02:00
Alexandre LUCAZEAU b4a668e8b8 ADD himalaya email app 2023-05-19 19:44:01 +02:00
Alexandre LUCAZEAU 4d691af4bc ADD plocate and user config 
ADD graphviz
 2023-05-19 19:42:20 +02:00
Alexandre LUCAZEAU 59000ce576 CHANGE WAIT for En attente de réponse in emacs config for todo list 2023-05-17 13:59:51 +02:00
Alexandre LUCAZEAU 6280c773da Modifications qui seront validées : 
modifié :         ../../nixos/configuration.nix
	nouveau fichier : ../../nixos/virtualbox.nix
	supprimé :        ../../nixos/vpn.nix
	modifié :         init.el
	modifié :         ../mails.nix
	modifié :         ../packages.nix
 2023-05-14 12:44:43 +02:00
Alexandre LUCAZEAU 6a4bfd0ba8 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-05-14 12:41:10 +02:00
Alexandre LUCAZEAU a271956d6a modifié : init.el 2023-05-07 12:11:54 +02:00
Alexandre LUCAZEAU 08e8bd46c6 ADD htop package in common.nix 
Remove appsmith to web server
ADD caddy configuration for jellyfin
 2023-04-14 14:45:23 +00:00
Alexandre LUCAZEAU ce000c0738 ADD jellyfin service and open port in firewall 
ADD kuma script docker image
 2023-04-14 13:24:04 +00:00
Alexandre LUCAZEAU a63163e2f2 ADD restic exporter docker 2023-03-30 20:29:08 +00:00
Alexandre LUCAZEAU a3455f131c Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-03-30 20:16:44 +00:00
Alexandre LUCAZEAU 953f00bdc7 ADD PVE prometheus 2023-03-30 20:15:53 +00:00
Alexandre LUCAZEAU 5af138568a UPDATE nextcloud 
DEL docker
 2023-03-30 19:15:52 +00:00
Alexandre LUCAZEAU 1e71533c6b ADD Shiori service as bookmarks.atlanticaweb.fr 2023-03-30 15:10:38 +00:00
Alexandre LUCAZEAU 9f96f8d62c modifié : ../dell-5590/nixos/vpn.nix 
modifié :         ../dell-5590/nixpkgs/configs/init.el
	modifié :         ../dell-5590/nixpkgs/emacs.nix
	modifié :         nextcloud.nix
 2023-03-09 22:11:40 +01:00
Alexandre LUCAZEAU d4618ce2e1 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-02-26 22:09:54 +01:00
Alexandre LUCAZEAU db86f8de7a nouveau fichier : kuma.nix 
modifié :         ../hosts/x201/nixos/dev.nix
 2023-02-26 13:11:33 +01:00
Alexandre LUCAZEAU 63f1df9864 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-02-26 12:47:42 +01:00
Alexandre LUCAZEAU f49c0d48dd modifié : nixpkgs/configs/init.el 
modifié :         nixpkgs/emacs.nix
 2023-02-18 11:10:17 +01:00
Alexandre LUCAZEAU 65a7bec7b4 FIX init.el : bug 
ADD oem user
 2023-02-14 10:05:06 +01:00
Alexandre LUCAZEAU 1906ea3e11 FIX : i3lock after remove yubikey 2023-02-10 11:31:17 +01:00
Alexandre LUCAZEAU 0e52ad26ca UPDATE emacs config 2023-02-08 11:01:16 +01:00
Alexandre LUCAZEAU 8c306a16f4 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-02-02 17:11:29 +01:00
Alexandre LUCAZEAU 8900d882fc
UPDATE emacs config : remember and restore the last cursor location of file 2023-02-02 09:53:47 +01:00
Alexandre LUCAZEAU df700bb704
UPDATE emacs config : remember history 2023-02-02 09:51:59 +01:00
Alexandre LUCAZEAU c92bfb5b89 DEL neovim config 2023-02-01 20:01:30 +01:00
Alexandre LUCAZEAU 84a49f16df Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-02-01 19:56:52 +01:00
Alexandre LUCAZEAU ca7cad8adc
ADD fonts : roboto-mono fira-code 
UPDATE emacs init.el
 2023-01-30 20:12:36 +01:00
Alexandre LUCAZEAU 632f6bc353 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-01-19 21:03:27 +01:00
Alexandre LUCAZEAU 440cdfca5a rg config test 2023-01-19 21:03:06 +01:00
Alexandre LUCAZEAU 68f7e16206
ADD : test VPN conf - don't use 2023-01-16 10:58:29 +01:00
Alexandre LUCAZEAU ecd84bfb99
ADD xfce terminal config theme 2023-01-16 10:57:42 +01:00
Alexandre LUCAZEAU b061b40af0
ADD xfce terminal config 2023-01-16 10:56:56 +01:00
Alexandre LUCAZEAU 603d5d0aa0
clean setup 2023-01-16 10:55:31 +01:00
Alexandre LUCAZEAU ba0a263391
ADD : rust 2023-01-16 10:51:17 +01:00
Alexandre LUCAZEAU 3824d80662
Test emacs config 2023-01-16 10:50:44 +01:00
Alexandre LUCAZEAU 81fd413a21 ADD : configuration ssmtp for alerting 2023-01-11 19:53:16 +01:00
Alexandre LUCAZEAU a8d570e566 ADD VLC guake 
ADD vlc and guake to i3 config for auto start
 2023-01-10 19:37:28 +01:00
Alexandre LUCAZEAU db5f756775 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-01-10 19:30:51 +01:00
Alexandre LUCAZEAU b77f3a28fe
FIX tmux configuration : session+prefix+tpm 
ADD Nord Theme to tmux
 2023-01-10 15:56:56 +01:00
Alexandre LUCAZEAU 5f9e65a1b3
UPGRADE 
add tmux module
 2023-01-08 14:22:17 +01:00
Alexandre LUCAZEAU 5ac0b0664c ADD comment 2023-01-07 19:30:15 +00:00
Alexandre LUCAZEAU 1436c71a30 Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2023-01-07 19:29:28 +00:00
Alexandre LUCAZEAU 4f268f0766 ADD lsd pkgs 2023-01-07 19:28:32 +00:00
Alexandre LUCAZEAU 7e56ae92da ADD : shiori service and open firewall port 8080 2023-01-07 19:20:06 +00:00
Alexandre LUCAZEAU 79f0aed686 ADD HP Envy 
FIX 22.11 homemanager conf
upgrade to 22.11
 2022-12-20 13:26:50 +01:00
Alexandre LUCAZEAU 249c42ff8d ADD ssh config for Hetzner storage boxes 
CHANGE backup config. Comment rest server, add hetzner storage box for
repository
 2022-12-15 15:41:18 +00:00
Alexandre LUCAZEAU e36966c7a7 ADD dev.nix - postgresql database 2022-11-29 16:12:05 +01:00
Alexandre LUCAZEAU 1c83e1e487
Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2022-11-23 21:14:48 +01:00
Alexandre LUCAZEAU d2dfc4b4ec
DEL : appsmith for laptop 
ADD : Astrovim but not use
ADD : some packages
 2022-11-23 21:13:35 +01:00
Alexandre LUCAZEAU 8ae37529d2 ADD appsmith 
FIX exa to lsd
 2022-11-08 20:27:38 +00:00
Alexandre LUCAZEAU 7385ec4edb ADD appsmith docker service 2022-10-19 19:07:02 +00:00
Alexandre LUCAZEAU 393efdc189
ADD docker directory 
ADD whoogle service and add service to atlanticaweb server
FIX i3 config : launch guake and remove alacritty
 2022-10-19 20:12:36 +02:00
Alexandre LUCAZEAU 553d476b36
ADD guake 
FIX fish aliases
 2022-10-15 18:04:27 +02:00
Alexandre LUCAZEAU b7880d4b21
ADD zellij multiplexeur 2022-10-14 10:38:14 +02:00
Alexandre LUCAZEAU 4d4754dbad
ADD vagrant package and configuration with libvirt 2022-10-13 12:27:30 +02:00
Alexandre LUCAZEAU 9d0bd731b1
ADD guake launch at startup 2022-10-11 16:10:48 +02:00
Alexandre LUCAZEAU b36187457a
Test wezterm 2022-09-29 09:16:47 +02:00
Alexandre LUCAZEAU abc24031f5
ADD bat 2022-09-28 16:35:35 +02:00
Alexandre LUCAZEAU cf9f38d48b
modules/users.nix : add alias lsd for ls 
i3config : add launch sublime-music
i3status.nix : add music bloc
nixpkgs/home.nix : add bat.nix
 2022-09-28 16:33:03 +02:00
Alexandre LUCAZEAU 6463f2dbe0
Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config 2022-09-22 09:52:59 +02:00
Alexandre LUCAZEAU 4930abe1c3
ADD drawio and wezterm package 2022-09-22 09:52:22 +02:00
Alexandre LUCAZEAU a19f4ee6e2
FIX dunst config 
FIX typo configuration.nix
ADD sublime-music package and adapt i3status-bar
 2022-09-22 09:49:44 +02:00
144 changed files with 5725 additions and 462 deletions
Show Stats Expand all files Collapse all files

20
docker/appsmith.nix Normal file
View File

@ -0,0 +1,20 @@
{ config, pkgs, ... }:
let
host = "search.atlanticaweb.fr";
in
{
virtualisation = {
podman = {
enable = true;
dockerCompat = true;
};
oci-containers = {
backend = "podman";
containers.appsmith-ce = {
image = "appsmith/appsmith-ce";
autoStart = true;
ports = [ "5002:80" ]; #server locahost : docker localhost
};
};
};
}

23
docker/kuma.nix Normal file
View File

@ -0,0 +1,23 @@
{ config, pkgs, ... }:
let
host = "kuma.atlanticaweb.fr";
in
{
virtualisation = {
podman = {
enable = true;
dockerCompat = true;
};
oci-containers = {
backend = "podman";
containers.uptime-kuma = {
image = "louislam/uptime-kuma";
autoStart = true;
ports = [ "5001:3001" ]; #server locahost : docker localhost
volumes = [
"/srv/docker/uptime-kuma:/app/data"
];
};
};
};
}

26
docker/restic-exporter.nix Normal file
View File

@ -0,0 +1,26 @@
{ config, pkgs, ... }:
let
host = "restic.atlanticaweb.fr";
in
{
virtualisation = {
podman = {
enable = true;
dockerCompat = true;
};
oci-containers = {
backend = "podman";
containers.restic-exporter = {
image = "ngosang/restic-exporter";
autoStart = true;
ports = [ "8001:8001" ]; #server locahost : docker localhost
volumes = [ "/opt/restic:/data" ];
environment = [
"TZ=Europe/Paris"
"RESTIC_REPO_URL=sftp:u329746@u329746.your-storagebox.de:/home/Nextcloud"
"RESTIC_REPO_PASSWORD=herzleid"
];
};
};
};
}

20
docker/whoogle.nix Normal file
View File

@ -0,0 +1,20 @@
{ config, pkgs, ... }:
let
host = "search.atlanticaweb.fr";
in
{
virtualisation = {
podman = {
enable = true;
dockerCompat = true;
};
oci-containers = {
backend = "podman";
containers.whoogle-search = {
image = "benbusby/whoogle-search";
autoStart = true;
ports = [ "5001:5000" ]; #server locahost : docker localhost
};
};
};
}

106
hosts/d2nix-archives/README.md Normal file
View File

@ -0,0 +1,106 @@
# Procédure d'installation du poste **d2nix**
Le poste dispose d'un EFI, le disque sera chiffré
## partitionnement
gdisk /dev/sda
* ````o```` creation d'une nouvelle table de partitions
* ```n``` ajouter une partition de 500M de type ef00 pour l'EFI
* ```` n ```` ajouter une partition avec le reste de l'espace disponible, type 8300
* ```` w ```` on valide la table et on sort
### Chiffrement
cryptsetup luksFormat /dev/sda2 # création d'un volume chiffré
cryptsetup luksOpen /dev/sda2 enc-pv # ouverture du volume chiffré sur le point /dev/mapper/enc-vp
### Partitionnement LVM
Création de deux volumes logiques LVM. Le premier de 8Go pour la swap (j'ai 8Go de RAM) et le second pour la racine
pvcreate /dev/mapper/enc-pv
vgcreate vg /dev/mapper/enc-pv
lvcreate -L 8G -n swap vg
lvcreate -l '100%FREE' -n root vg
### formattage
mkfs.fat /dev/sda1
mkfs.ext4 -L root /dev/vg/root
mkswap -L swap /dev/vg/swap
## Pré-installation
mount /dev/vg/root /mnt
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot
swapon /dev/vg/swap
## Installation
nixos-generate-config --root /mnt
A partir de là le système peut-être installé. Perso, je reprends une conf dans mon git que je modifie :
nix-shell -p git
git clone https://git.atlanticaweb.fr/alexandre/nixos-config.git
Dans un premier temps je copie le répertoire `nixos-config/modules` dans `/mnt/etc/nixos` et je récupère un configuration.nix que je vais adapter.
Enfin dans le hardware.nix, il faut ajouter le volume /boot pour qu'il soit dans le **fstab** puis ajouter le chargement dans l'initrd du LVM et du déchiffrement. ça nous donne :
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/0BEC-722D";
fsType = "vfat";
};
boot.initrd.luks.devices = {
"partitions" = {
device = "/dev/sda2";
preLVM = true;
};
};
On peut démarrer l'installation avec :
nixos-install
reboot
En cas d'erreur au reboot, on redémarre sur la clé. POur accéder à la configuration :
cryptsetup luksOpen /dev/sda2 enc-pv
lvchange -a y /dev/vg/swap
lvchange -a y /dev/vg/root
mount /dev/vg/root /mnt
mount /dev/sda1 /mnt/boot
swapon /dev/vg/swap
cp /mnt/etc/wpa_supplicant.conf /etc
Au reboot, je me connecte en root et je change le password de mon user.
# Configuration utilisateur
## home-manager
J'ai opté pour une installation locale à mon utilisateur de home-manager
ajouter le dépot correspondant à la version en cours de nixpkgs :
nix-channel --add https://github.com/nix-community/home-manager/archive/release-22.11.tar.gz home-manager
mise à jour de la base
nix-channel --update
Installation
nix-shell '<home-manager>' -A install
En cas de message d'erreur, il faut rebooter (c'est ce que j'ai fais).
Pour avoir mon dossier home-manager dans le depot git :
ln -s /home/alexandre/git/nixos-config/d2nix/home-manager/ ~/.config/
J'ai également ajouté home-manager dans la liste des paquets à installer pour péréniser.
# Post-installation
Il faut supprimer le dossier `/etc/nixos/` et à la place :
ln -s /home/alexandre/git/nixos-config/d2nix/nixos/ /etc/nixos
Lien : https://gist.github.com/martijnvermaat/76f2e24d0239470dd71050358b4d5134

0
hosts/dell-5590/nixpkgs/colorschemes/nord.theme → hosts/d2nix-archives/home-manager/colorschemes/nord.theme
View File

146
hosts/d2nix-archives/home-manager/configs/i3config Normal file
View File

@ -0,0 +1,146 @@
# version : 20220121
set $mod Mod4
set $ALT Mod1
# Couleurs barre de titre et contour des fenetres
set $blue #005588
set $gray1 #484848
set $gray2 #333333
set $ws1 "1: console"
set $ws2 "2: office"
set $ws3 "3: web"
# Couleur des fenetres avec et sans focus
client.focused $gray1 $gray1 #FFFFFF #333333
client.focused_inactive $gray2 $gray2 #FFFFFF #000000
client.unfocused $gray2 $gray2 #FFFFFF #000000
# Police de caracteres pour les titres des fenetres. ISO 10646 = Unicode
font pango:iosevka 10
# wallpaper
exec --no-startup-id feh --bg-scale /home/alexandre/images/SF.jpg
# Redimensionnement de fenetres
mode "resize" {
bindsym h resize shrink width 10 px or 10 ppt
bindsym j resize grow height 10 px or 10 ppt
bindsym k resize shrink height 10 px or 10 ppt
bindsym l resize grow width 10 px or 10 ppt
# Retour au mode normal: Enter ou Escape ou q ou ^[
bindsym Return mode "default"
bindsym q mode "default"
bindsym Escape mode "default"
bindcode Control+34 mode "default"
}
bindsym $mod+s mode "resize"
# Tue la fenetre avec le focus
bindsym $mod+Shift+A kill
# split in horizontal orientation
bindsym $mod+h split h
# split in vertical orientation
bindsym $mod+v split v
# change container layout (stacked, tabbed, toggle split)
bindsym $mod+p layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split
# toggle tiling / floating
bindsym $mod+Shift+space floating toggle
#
# # change focus between tiling / floating windows
bindsym $mod+space focus mode_toggle
#
# # focus the parent container
bindsym $mod+a focus parent
#
# Change la fenetre ayant le focus
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
# Met la fenetre avec le focus en mode plein écran
bindsym $mod+f fullscreen
# Deplacement entre les bureaux
bindsym $mod+ampersand workspace $ws1
bindsym $mod+eacute workspace $ws2
bindsym $mod+quotedbl workspace $ws3
bindsym $mod+apostrophe workspace 4
bindsym $mod+parenleft workspace 5
bindsym $mod+minus workspace 6
bindsym $mod+egrave workspace 7
bindsym $mod+underscore workspace 8
bindsym $mod+ccedilla workspace 9
bindsym $mod+agrave workspace 10
# Déplacement de la fenetre ayant le focus d'un bureau à l'autre
bindsym $mod+Shift+1 move container to workspace $ws1
bindsym $mod+Shift+2 move container to workspace $ws2
bindsym $mod+Shift+3 move container to workspace $ws3
bindsym $mod+Shift+4 move container to workspace 4
bindsym $mod+Shift+5 move container to workspace 5
bindsym $mod+Shift+6 move container to workspace 6
bindsym $mod+Shift+7 move container to workspace 7
bindsym $mod+Shift+8 move container to workspace 8
bindsym $mod+Shift+9 move container to workspace 9
bindsym $mod+Shift+0 move container to workspace 10
# Recharge le fichier de configuration
bindsym $mod+Shift+C reload
# Redemarre i3 mais concerve ce qui est lancé. Utilisable pour les MAJ
bindsym $mod+Shift+R restart
# sort d'i3
bindsym $mod+Shift+E exit
# lance dmenu (le lanceur de pgm. la barre de dmenu est noir)
bindsym $mod+d exec rofi -show drun -show-icons -modi drun
# status bar
bar {
font pango:DejaVu Sans Mono, FontAwesome 12
position top
status_command i3status-rs ~/.config/i3status-rust/config-bottom.toml
colors {
separator #666666
background #222222
statusline #dddddd
focused_workspace #0088CC #0088CC #ffffff
active_workspace #333333 #333333 #ffffff
inactive_workspace #333333 #333333 #888888
urgent_workspace #2f343a #900000 #ffffff
}
}
# alt+win+l : verouille la session, image de :
bindsym $mod+$ALT+l exec i3lock -ti ~/images/coffee_time.png
# blocage automatique de l'ecran en cas d'inactivité
exec xautolock -detectsleep -locker 'i3lock -ti ~/images/coffee_time.png'
# Capture d'ecran
bindsym Print exec scrot -u '%Y-%m-%d-%T_$wx$h_scrot.png' -e 'mv $f ~/Screenshots/'
# start a terminal
bindsym $mod+Return exec "LIBGL_ALWAYS_SOFTWARE=1 alacritty"
bindsym $mod+m exec "i3-sensible-terminal -e ncmpcpp"
# Assigne les applications aux workspaces
assign [class="firefox"] $ws3
assign [class="emacs"] $ws2
# programmes au démarrage
exec --no-startup-id nm-applet
exec --no-startup-id nextcloud
exec --no-startup-id vlc
exec --no-startup-id guake

269
hosts/dell-5590/nixpkgs/configs/init.el → hosts/d2nix-archives/home-manager/configs/init.el
View File

@ -1,7 +1,9 @@
;;(scroll-bar-mode -1)
;;(tool-bar-mode -1)
;;(tooltip-mode -1)
;;(menu-bar-mode -1)
;; Keyboard-centric user interface
(setq inhibit-startup-message t)
(scroll-bar-mode -1)
(tool-bar-mode -1)
(menu-bar-mode -1)
(require 'package)
(add-to-list 'package-archives '("melpa" . "https://melpa.org/packages/") t)
;; Comment/uncomment this line to enable MELPA Stable if desired. See `package-archive-priorities`
@ -13,12 +15,12 @@
(column-number-mode 't) ; show current column in status bar
(set-fringe-mode 10)
;; Indent 4 spaces by default. Use the "BSD" style for C-like languages.
(setq c-default-style
(quote ((java-mode . "java")
(awk-mode . "awk")
(other . "bsd")))
c-basic-offset 4)
;;;; Indent 4 spaces by default. Use the "BSD" style for C-like languages.
;;(setq c-default-style
;; (quote ((java-mode . "java")
;; (awk-mode . "awk")
;; (other . "bsd")))
;; c-basic-offset 4)
;; Use 4 spaces for one tab visually.
(setq tab-width 4)
@ -43,19 +45,18 @@
)
whitespace-line-column 100) ; column at which whitespace-mode says the line is too long
;;(set-face-attribute 'default nil :font "JetBrains Mono" :height 150)
(global-set-key (kbd "C-c c") 'org-capture)
(global-set-key (kbd "C-c a") 'org-agenda)
;; themes
(use-package doom-themes
:init (load-theme 'doom-nord t)
:init (doom-themes-org-config))
(setq disabled-command-function nil)
(setq inhibit-startup-screen t)
(setq visible-bell t)
; Advanced per-language checks.
(require 'flycheck)
(global-flycheck-mode 1)
(setq flycheck-checker-error-threshold 1000) ; for large go files and the escape checker
;; Only y/n answers
(defalias 'yes-or-no-p 'y-or-n-p)
(setq flycheck-check-syntax-automatically '(mode-enabled save))
;; Backup
@ -66,6 +67,18 @@
backup-by-copying t) ;; Copy all files, don't rename them.
(setq vc-make-backup-files t)
(setq backup-directory-alist '(("" . "~/.emacs.d/backup")))
(defvar emacs-autosave-directory
(concat user-emacs-directory "autosaves/")
"This variable dictates where to put auto saves. It is set to a
directory called autosaves located wherever your .emacs.d/ is
located.")
;; Sets all files to be backed up and auto saved in a single directory.
(setq backup-directory-alist
`((".*" . ,emacs-autosave-directory))
auto-save-file-name-transforms
`((".*" ,emacs-autosave-directory t)))
(setq calendar-week-start-day 1)
@ -91,42 +104,39 @@
;;(setq message-citation-line-function 'message-insert-formatted-citation-line)
;;(setq message-citation-line-format "On %d/%m/%Y %H:%M, %N wrote:")
(defun default-web-indent-mode ()
(setq indent-tabs-mode nil)
(setq tab-width 2)
(setq web-mode-markup-indent-offset 2)
(setq web-mode-css-indent-offset 2)
(setq web-mode-code-indent-offset 2))
;;(defun default-web-indent-mode ()
;; (setq indent-tabs-mode nil)
;; (setq tab-width 2)
;; (setq web-mode-markup-indent-offset 2)
;; (setq web-mode-css-indent-offset 2)
;; (setq web-mode-code-indent-offset 2))
(use-package doom-themes
:init (load-theme 'doom-nord t)
:init (doom-themes-org-config))
(use-package direnv
:config (direnv-mode))
(use-package lsp-mode
:config (setq lsp-keymap-prefix "C-c l")
:config (setq lsp-signature-auto-activate t)
:config (setq lsp-enable-on-type-formatting nil)
:config (lsp-enable-which-key-integration t)
:hook (lsp-mode . electric-pair-mode))
;; (use-package lsp-mode
;; :config (setq lsp-keymap-prefix "C-c l")
;; :config (setq lsp-signature-auto-activate t)
;; :config (setq lsp-enable-on-type-formatting nil)
;; :config (lsp-enable-which-key-integration t)
;; :hook (lsp-mode . electric-pair-mode))
(use-package web-mode
:mode ("\\.json\\'" . web-mode)
:mode ("\\.html?\\'" . web-mode)
:mode ("\\.s?css\\'" . web-mode)
:mode ("\\.[jt]sx?\\'" . web-mode)
:hook (web-mode . lsp-deferred)
:hook (web-mode . default-web-indent-mode))
;;(use-package web-mode
;; :mode ("\\.json\\'" . web-mode)
;; :mode ("\\.html?\\'" . web-mode)
;; :mode ("\\.s?css\\'" . web-mode)
;; :mode ("\\.[jt]sx?\\'" . web-mode)
;; :hook (web-mode . lsp-deferred)
;; :hook (web-mode . default-web-indent-mode))
(use-package nix-mode
:mode ("\\.nix\\'" . nix-mode)
:hook (nix-mode . lsp-deferred))
(use-package rust-mode
:hook (rust-mode . lsp-deferred)
:config (setq rust-format-on-save t))
;;(use-package rust-mode
;; :hook (rust-mode . lsp-deferred)
;; :config (setq rust-format-on-save t))
(use-package company
:config (setq company-idle-delay 0.25)
@ -139,41 +149,51 @@
:hook (yas-minor-mode . yas-reload-all)
:config (setq yas-snippet-dirs '("/etc/nixos/programs/emacs/snippets")))
(use-package prettier-js
:after (web-mode)
:hook (web-mode . prettier-js-mode))
(use-package smartparens
:bind ("C-c s s" . sp-splice-sexp)
:bind ("C-c s r" . sp-rewrap-sexp))
(use-package bbdb
:init (bbdb-initialize 'gnus 'message)
:init (bbdb-mua-auto-update-init 'gnus 'message)
:config (setq bbdb-file "~/Nextcloud/PRIVE/13_Org/contacts/bbdb")
:config (setq bbdb-mua-auto-update-p 'create))
(use-package org
:config
(setq org-startup-folded t)
(setq org-agenda-files
"~/Nextcloud/PRIVE/13_Org/agenda.org")
(setq org-refile-use-outline-path 'file)
(setq org-refile-targets
'(("~/Nextcloud/PRIVE/13_Org/DRI.org" :maxlevel . 3)
("~/Nextcloud/PRIVE/13_Org/perso.org" :level . 1)
("~/Nextcloud/PRIVE/13_Org/pizajoffre.org" :level . 1)))
(setq org-todo-keywords
'((sequence "TODO(t)" "PENDING(p)" "|" "CANCELLED(c)" "DONE(d)")))
(setq org-todo-keyword-faces
'(("TODO" . (:foreground "#c678dd" :weight bold))
("PENDING" . (:background "#3f444a" :foreground "#ff6c6b" :weight bold))))
(setq org-capture-templates
'(("i" "Inbox" entry (file "~/Nextcloud/PRIVE/13_Org/DRI.org") "* TODO %i%?")
("a" "Agenda" entry (file "~/Nextcloud/PRIVE/13_Org/agenda.org") "* TODO %i%?\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))")))
(setq org-agenda-custom-commands
'(("t" "Today" tags-todo "+LEVEL=1+CATEGORY=\"tasks\"|+SCHEDULED<=\"<today>\"|+DEADLINE<=\"<today>\""))))
;;(use-package prettier-js
;; :after (web-mode)
;; :hook (web-mode . prettier-js-mode))
;;
;;(use-package smartparens
;; :bind ("C-c s s" . sp-splice-sexp)
;; :bind ("C-c s r" . sp-rewrap-sexp))
;;
;;(use-package bbdb
;; :init (bbdb-initialize 'gnus 'message)
;; :init (bbdb-mua-auto-update-init 'gnus 'message)
;; :config (setq bbdb-file "~/Nextcloud/PRIVE/13_Org/contacts/bbdb")
;; :config (setq bbdb-mua-auto-update-p 'create))
;;(use-package org
;; (setq org-startup-folded t)
;; (setq org-refile-use-outline-path 'file)
;; (setq org-refile-targets
;; '(("~/Nextcloud/PRIVE/13_Org/DRI.org" :maxlevel . 3)
;; ("~/Nextcloud/PRIVE/13_Org/perso.org" :level . 1)
;; ("~/Nextcloud/PRIVE/13_Org/pizajoffre.org" :level . 1)))
;; (setq org-todo-keywords
;; '((sequence "TODO(t)" "PENDING(p)" "|" "CANCELLED(c)" "DONE(d)")))
;; (setq org-todo-keyword-faces
;; '(("TODO" . (:foreground "#c678dd" :weight bold))
;; ("PENDING" . (:background "#3f444a" :foreground "#ff6c6b" :weight bold))))
;; (setq org-capture-templates
;; '(("i" "Inbox" entry (file "~/Nextcloud/PRIVE/13_Org/DRI.org") "* TODO %i%?")
;; ("a" "Agenda" entry (file "~/Nextcloud/PRIVE/13_Org/agenda-DRI.org") "* TODO %i%?\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))")))
;; (setq org-agenda-custom-commands
;; '(("t" "Today" tags-todo "+LEVEL=1+CATEGORY=\"tasks\"|+SCHEDULED<=\"<today>\"|+DEADLINE<=\"<today>\""))))
;;
(use-package org-caldav
:ensure t
:config
(setq org-caldav-url "https://next20.produhost.net/remote.php/dav/calendars/alexandre")
(setq org-caldav-calendars
'((:calendar-id "alexandre-dri" :files ("~/Nextcloud/PRIVE/13_Org/agenda.org")
:inbox "~/Nextcloud/PRIVE/13_Org/agenda-DRI.org")
)
)
(setq org-caldav-delete-org-entries 'never)
(setq org-caldav-delete-calenda-entries 'never)
(setq org-icalendar-timezone "Europe/Paris")
)
(use-package magit)
(setq magit-fetch-modules-jobs 16); fetch 16 modules in parallel
@ -204,9 +224,6 @@
(require 'org-mu4e)
;;store link to message if in header view, not to header query
(setq org-mu4e-link-query-in-headers-mode nil)
(setq org-capture-templates
'(("t" "todo" entry (file+headline "~/todo.org" "Tasks")
"* TODO [#A] %?\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))\n%a\n")))
(setq mail-user-agent 'mu4e-user-agent)
(setq org-mu4e-link-query-in-headers-mode t)
@ -262,8 +279,17 @@
/One Emacs to rule them all/
#+end_signature")
(org-msg-mode)
(autoload 'markdown-mode "markdown-mode"
"Major mode for editing Markdown files" t)
(add-to-list 'auto-mode-alist
'("\\.\\(?:md\\|markdown\\|mkd\\|mdown\\|mkdn\\|mdwn\\)\\'" . markdown-mode))
(autoload 'gfm-mode "markdown-mode"
"Major mode for editing GitHub Flavored Markdown files" t)
(add-to-list 'auto-mode-alist '("README\\.md\\'" . gfm-mode))
;; Org-Roam basic configuration
(setq org-directory (concat (getenv "HOME") "/Nextcloud/PRIVE/notes"))
(setq org-directory (concat (getenv "HOME") "/Nextcloud/PRIVE/13_Org"))
(use-package org-roam
:after org
@ -280,3 +306,86 @@
("C-c n t" . org-roam-tag-add)
("C-c n a" . org-roam-alias-add)
("C-c n l" . org-roam-buffer-toggle)))))
;; org-mode
(require 'org)
(require 'remember)
(require 'org-mouse)
(setq org-startup-folded t
org-pretty-entities t
org-hide-emphasis-markers t
org-startup-with-inline-images t
org-image-actual-width '(300))
;; files with ".org" open in org-mode
(add-to-list 'auto-mode-alist '("\\.org$" . org-mode))
(setq org-agenda-files '("~/Nextcloud/PRIVE/13_Org/agenda-DRI.org" "~/Nextcloud/PRIVE/13_Org/perso.org"))
;; one file org
(defvar org-gtd-file "~/Nextcloud/PRIVE/13_Org/DRI.org")
;; Open DRI.org when I hit C-c g
(defun gtd ()
"Open the GTD file."
(interactive)
(find-file org-gtd-file))
;; keybinding
(global-set-key "\C-cl" 'org-store-link)
(global-set-key "\C-ca" 'org-agenda)
(global-set-key "\C-cr" 'org-remember)
(global-set-key "\C-cg" 'gtd)
;; This seems like a good basic set of keywords to start out with:
(setq org-todo-keywords '((type "TODO" "SCHEDULED" "NEXT" "WAITING" "DONE")))
(setf org-todo-keyword-faces '(("NEXT" . (:foreground "yellow" :background "red" :bold t :weight bold))
("TODO" . (:foreground "cyan" :background "steelblue" :bold t :weight bold))
("WAITING" . (:foreground "yellow" :background "magenta2" :bold t :weight bold))
("DONE" . (:foreground "gray50" :background "gray30"))))
;; tags
(setq org-tag-alist '(("@devis" . ?w) ("@projet" . ?h) ("@client" . ?h) ("@prospect" . ?h) ("interne" . ?l)))
(setq org-tag-faces
'(
("DEVIS" . (:foreground "OrangeRed" :weight bold))
("@projet" . (:foreground "IndianRed1" :weight bold))
("interne" . (:foreground "LimeGreen" :weight bold))
)
)
;; Remember support. This creates several files:
;;
;; ~/todo.org Where remembered TODO's are stored.
;; ~/journal.org Timestamped journal entries.
;; ~/remember.org All other notes
;; and a keybinding of "C-c r" for making quick notes from any buffer.
;; These bits of Remembered information must eventually be reviewed
;; and filed somewhere (perhaps in gtd.org, or in a project-specific
;; org file.) The out-of-sight, out-of-mind rule applies here---if I
;; don't review these auxiliary org-files, I'll probably forget what's
;; in them.
(setq org-reverse-note-order t) ;; note at beginning of file by default.
(setq org-default-notes-file "~/remember.org")
(setq remember-annotation-functions '(org-remember-annotation))
(setq remember-handler-functions '(org-remember-handler))
(add-hook 'remember-mode-hook 'org-remember-apply-template)
(setq org-remember-templates
'((?t "* TODO %?\n %i\n %a" "~/Nextcloud/PRIVE/13_Org/todo.org")
(?j "* %U %?\n\n %i\n %a" "~/Nextcloud/PRIVE/13_Org/journal.org")
(?i "* %^{Title}\n %i\n %a" "~/Nextcloud/PRIVE/13_Org/remember.org" "New Ideas")))
(global-set-key "\C-cr" 'org-remember)
(global-set-key [(f12)] 'org-remember)
;; widen category field a little
(setq org-agenda-prefix-format " %-17:c%?-12t% s")
;; https://gist.github.com/dandrews/4644693
(setq org-ellipsis "")

0
hosts/x201/nixpkgs/configs/starship.toml → hosts/d2nix-archives/home-manager/configs/starship.toml
View File

4
hosts/dell-5590/nixpkgs/dunst.nix → hosts/d2nix-archives/home-manager/dunst.nix
View File

@ -112,10 +112,10 @@
sticky_history = "yes";
# Maximum amount of notifications kept in history
history_length = 15;
history_length = 3;
# Display indicators for URLs (U) and actions (A).
show_indicators = "no";
show_indicators = "yes";
# The height of a single line. If the height is smaller than the
# font height, it will get raised to the font height.

2
hosts/x201/nixpkgs/emacs.nix → hosts/d2nix-archives/home-manager/emacs.nix
View File

@ -19,6 +19,7 @@
prettier-js
smartparens
org
org-roam
magit
bbdb
projectile
@ -29,6 +30,7 @@
which-key
elpaPackages.org
]));
};
home.file = {

0
hosts/x201/nixpkgs/git.nix → hosts/d2nix-archives/home-manager/git.nix
View File

0
hosts/x201/nixpkgs/gnupg.nix → hosts/d2nix-archives/home-manager/gnupg.nix
View File

25
hosts/d2nix-archives/home-manager/himalaya.nix Normal file
View File

@ -0,0 +1,25 @@
{
programs.himalaya = {
enable = true;
};
accounts.email.accounts = {
zimbra = {
primary = true;
himalaya.enable = true;
address = "alexandre.lucazeau@free.fr";
realName = "Alexandre LUCAZEAU";
userName = "alexandre.lucazeau";
passwordCommand = "keepassxc-cli show -a Password --no-password -k $HOME/keyx/emails.key $HOME/keys/emails.kbx zimbra";
imap = {
host = "imap.free.fr";
port = 993;
tls.enable = true;
};
smtp = {
host = "smtp.free.fr";
port = 587;
tls.enable = false;
};
};
};
}

16
hosts/dell-5590/nixpkgs/home.nix → hosts/d2nix-archives/home-manager/home.nix
View File

@ -4,15 +4,17 @@
./gnupg.nix
./git.nix
./variables.nix
./starship.nix
./i3status.nix
./emacs.nix
./mails.nix
./dunst.nix
# ./redshift.nix
# ../../../modules/neovim.nix
../../../modules/rust.nix
# ./himalaya.nix
./mails.nix
../../../modules/tmux.nix
../../../modules/emacs.nix
../../../modules/neovim.nix
];
home.stateVersion = "23.05";
home.username = "alexandre";
home.homeDirectory = "/home/alexandre";
home.keyboard = {
layout = "fr";
variant = "bepo";
@ -20,6 +22,4 @@
xdg.configFile = {
"i3/config".source = ./configs/i3config;
};
xsession.numlock.enable = true;
}

49
hosts/d2nix-archives/home-manager/i3status.nix Normal file
View File

@ -0,0 +1,49 @@
{ config, pkgs, ... }:{
programs.i3status-rust = {
enable = true;
bars = {
bottom = {
blocks = [
{
block = "disk_space";
path = "/";
format = "$icon $percentage";
format_alt = " $icon $available / $total ";
info_type = "used";
interval = 60;
warning = 20.0;
alert = 10.0;
}
{
block = "memory";
format = " $icon $mem_avail.eng(prefix:M)/$mem_total.eng(prefix:M)($mem_total_used_percents.eng(w:2)) ";
}
{
block = "cpu";
interval = 1;
}
{
block = "load";
interval = 1;
format = "{1m}";
}
{ block = "sound"; }
{
block = "kdeconnect";
format = " $icon {$bat_icon $bat_charge |}{$notif_icon |}{$network_icon$network_strength $network_type |}";
bat_good = 101;
}
{
block = "time";
interval = 60;
format = " $icon $timestamp.datetime(f:'%d/%m %R', l:fr_FR) ";
}
];
icons = "material-nf";
theme = "nord-dark";
};
};
};
}

47
hosts/d2nix-archives/home-manager/mails.nix Normal file
View File

@ -0,0 +1,47 @@
{ pkgs, config, lib, ... }:{
# accounts.email.maildirBasePath = "Mailsdir";
accounts.email= {
accounts = {
dri = {
primary = true;
address = "alexandre@dri.fr";
userName = "1847_alexandre";
realName = "Alexandre LUCAZEAU";
passwordCommand = "keepassxc-cli show -a Password --no-password -k $HOME/Nextcloud/PRIVE/keys/emails $HOME/Nextcloud/PRIVE/Keepass/emails.kdbx emails";
flavor = "plain";
folders = {
inbox = "INBOX";
trash = "Junk";
};
imap = {
host = "imap.dri.fr";
tls.enable = false;
};
smtp = {
host = "smtp.dri.fr";
port = 587;
tls.enable = false;
};
mbsync = {
enable = true;
create = "both";
expunge = "both";
};
notmuch.enable = true;
};
};
};
services.mbsync = {
enable = true;
};
programs = {
msmtp.enable = true;
mbsync.enable = true;
notmuch.enable = true;
};
#xdg.configFile = {
# "msmtp/config".source= ./configs/msmtp_config;
#};
}

0
hosts/x201/nixpkgs/nixpkgs → hosts/d2nix-archives/home-manager/nixpkgs
View File

53
hosts/d2nix-archives/home-manager/packages.nix Normal file
View File

@ -0,0 +1,53 @@
{ pkgs, ... }: {
home.packages = with pkgs; [
home-manager
spaceFM
jq
nextcloud-client
libreoffice
btop
neomutt
notmuch
isync
zathura
rofi
rofi-pass
simple-scan
brightnessctl
gimp
scrot
papirus-icon-theme
audio-recorder
starship
inkscape
firefox
poppler_utils
texlive.combined.scheme-full
hugo
eww
alacritty
youtube-dl
zola
keepassxc
zlib
python3
nodejs
vlc
guake
graphviz
kdeconnect
openssl
openvpn
feh
ferdi
thunderbird
cura
freecad
drawio
chromium
fido2luks
];
nixpkgs.config.permittedInsecurePackages = [
"ferdi-5.8.1"
];
}

0
hosts/dell-5590/nixpkgs/terminalrc → hosts/d2nix-archives/home-manager/terminalrc
View File

0
hosts/x201/nixpkgs/variables.nix → hosts/d2nix-archives/home-manager/variables.nix
View File

127
hosts/d2nix-archives/nixos/configuration.nix Normal file
View File

@ -0,0 +1,127 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
<nixpkgs/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix>
./hardware-configuration.nix
./services.nix
./network.nix
modules/common.nix
modules/smtp.nix
modules/redshift.nix
# modules/starship.nix
modules/syncthing.nix
# modules/powermanagement.nix
];
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
plymouth.enable = true;
tmp.cleanOnBoot = true;
kernelParams = [ "i915.enable_fbc=1" ];
};
boot.initrd.luks.fido2Support = true;
boot.initrd.luks.devices."/dev/sda2".device = "/dev/sda2";
boot.initrd.luks.devices."/dev/sda2".fido2.credential = "a67d17616bf2568727498dffa95205df943383ab3a2f9798606532d5791a155a37dd52dae2262619c1da2be7562ec9dd94888c71a9326fea70dfe16214b5ea8ec0143b010000";
hardware = {
# Enable microcode updates for Intel CPU
cpu.intel.updateMicrocode = true;
# Enable Kernel same-page merging
ksm.enable = true;
# Enable all the firmware
enableAllFirmware = true;
# Enable all the firmware with a license allowing redistribution. (i.e. free firmware and firmware-linux-nonfree)
enableRedistributableFirmware = true;
# Enable OpenGL drivers
opengl.enable = true;
opengl.extraPackages = with pkgs; [
vaapiIntel
vaapiVdpau
libvdpau-va-gl
];
pulseaudio = {
enable = true;
};
};
# Set your time zone.
time.timeZone = "Europe/Paris";
nixpkgs.config.allowUnfree = true;
i18n.defaultLocale = "fr_FR.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
fonts = {
fontDir.enable = true;
enableGhostscriptFonts = true;
fonts = with pkgs; [
corefonts
vistafonts
inconsolata
terminus_font
proggyfonts
dejavu_fonts
font-awesome
nerdfonts
source-code-pro
source-sans-pro
source-serif-pro
];
};
programs = {
fish.enable = true;
fish.interactiveShellInit = ''
set -gx EDITOR nvim
'';
ssh = {
setXAuthLocation = true;
forwardX11 = true;
};
dconf.enable=true;
};
programs.thunar.enable = true;
programs.thunar.plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
# Enable sound.
sound.enable = true;
system.stateVersion = "23.05"; # Did you read the comment?
users = {
groups.ntp = {};
defaultUserShell = "/run/current-system/sw/bin/fish";
extraUsers.alexandre = {
isNormalUser = true;
home = "/home/alexandre";
description = "alexandre";
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "scanner" "plocate" "lp" ];
# hashedPassword = "$6$7m77oPQxa$W9YnRLo1X2eqztBHwpoH8diHGkBno5O39AMyL9Qm8y8I6uW63H2Nwx4p239OG5zhOxA8J1lZvHTQ3hKPSP9mT/";
};
};
environment.systemPackages = with pkgs; [
google-fonts
gnome.adwaita-icon-theme
networkmanagerapplet
];
environment.variables.EDITOR = "nvim";
nix.settings.experimental-features = [ "nix-command" "flakes" ];
}

47
hosts/d2nix-archives/nixos/hardware-configuration.nix Normal file
View File

@ -0,0 +1,47 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/b670bb55-7e29-4477-8f58-118c42598f40";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/0BEC-722D";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/d52b6afe-cb3f-4e92-8e4b-5394a0bef647"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
boot.initrd.luks.devices = {
"partitions" = {
device = "/dev/sda2";
preLVM = true; # You may want to set this to false if you need to start a network service first
};
};
}

1
hosts/d2nix-archives/nixos/modules Symbolic link
View File

@ -0,0 +1 @@
/home/alexandre/git/nixos-config/modules/

19
hosts/d2nix-archives/nixos/network.nix Normal file
View File

@ -0,0 +1,19 @@
{ config, lib, pkgs, ... }:
{
networking = {
hostName = "d2nix";
interfaces.enp0s31f6.useDHCP = true;
networkmanager.enable = true;
stevenblack.block = [ "fakenews" "gambling" "porn" ];
firewall = {
enable = true;
allowedTCPPortRanges = [
{ from = 1714; to = 1764; } # KDE Connect
];
allowedUDPPortRanges = [
{ from = 1714; to = 1764; } # KDE Connect
];
};
};
}

50
hosts/d2nix-archives/nixos/services.nix Normal file
View File

@ -0,0 +1,50 @@
{ config, pkgs, ... }:
{
services = {
avahi = {
enable = true;
openFirewall = true;
};
printing.enable = true;
clamav = {
daemon.enable = true;
updater.enable = true;
};
locate = {
enable = true;
locate = pkgs.plocate;
interval = "hourly";
localuser = null;
};
redshift = {
enable = true;
brightness = {
# Note the string values below.
day = "1";
night = "1";
};
temperature = {
day = 5500;
night = 3700;
};
};
geoclue2.appConfig.redshift.isAllowed = true;
automatic-timezoned.enable = true;
xserver = {
enable = true;
autorun = true;
windowManager.i3.enable = true;
displayManager.defaultSession = "none+i3";
layout = "fr";
xkbOptions = "eurosign:e";
};
openssh = {
enable = true;
settings.PermitRootLogin = "no";
};
ntp.enable = true;
tlp.enable = true;
fstrim.enable = true;
};
}

8
hosts/d2nix/home-manager/bat.nix Normal file
View File

@ -0,0 +1,8 @@
{ config, pkgs, ... }:
{
#configDir = "/home/alexandre/git/nixos-config/hosts/dell-5590/nixpkgs/";
programs.bat = {
enable = true;
# } // (import "${configDir}/bat");
} // (import "/home/alexandre/git/nixos-config/hosts/dell-5590/home-manager/bat");
}

7
hosts/d2nix/home-manager/bat/default.nix Normal file
View File

@ -0,0 +1,7 @@
{
config = {
decorations = "auto";
paging = "auto";
theme = "Nord";
};
}

101
hosts/d2nix/home-manager/firefox.nix Normal file
View File

@ -0,0 +1,101 @@
{ config, lib, pkgs, ... }:
{
programs.firefox = {
enable = true;
package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
extraPolicies = {
CaptivePortal = false;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DisableFirefoxAccounts = false;
NoDefaultBookmarks = true;
OfferToSaveLogins = true;
OfferToSaveLoginsDefault = true;
PasswordManagerEnabled = true;
FirefoxHome = {
Search = true;
Pocket = false;
Snippets = false;
TopSites = false;
Highlights = false;
};
UserMessaging = {
ExtensionRecommendations = false;
SkipOnboarding = true;
};
};
};
profiles = {
alexandre = {
id = 0;
name = "alexandre";
search = {
force = true;
default = "Google";
engines = {
"Nix Packages" = {
urls = [{
template = "https://search.nixos.org/packages";
params = [
{ name = "type"; value = "packages"; }
{ name = "query"; value = "{searchTerms}"; }
];
}];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@np" ];
};
"NixOS Wiki" = {
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000;
definedAliases = [ "@nw" ];
};
"Wikipedia (en)".metaData.alias = "@wiki";
"Google".metaData.hidden = false;
"Amazon.com".metaData.hidden = true;
"Bing".metaData.hidden = true;
"eBay".metaData.hidden = true;
};
};
bookmarks = [
{
name = "wikipedia";
tags = [ "wiki" ];
keyword = "wiki";
url = "https://en.wikipedia.org/wiki/Special:Search?search=%s&go=Go";
}
{
name = "kernel.org";
url ="https://v2.produhost.net/panel/16148/dashboard";
}
{
name = "Nix sites";
toolbar = true;
bookmarks = [
{
name = "homepage";
url = "https://nixos.org/";
}
{
name = "wiki";
tags = [ "wiki" "nix" ];
url = "https://nixos.wiki/";
}
];
}
];
settings = {
"general.smoothScroll" = true;
};
extraConfig = ''
user_pref("full-screen-api.ignore-widgets", true);
user_pref("media.ffmpeg.vaapi.enabled", true);
user_pref("media.rdd-vpx.enabled", true);
'';
};
};
};
}

78
hosts/d2nix/home-manager/home.nix Normal file
View File

@ -0,0 +1,78 @@
{ config, pkgs, ... }:
{
imports = [
./home_firefox.nix
./packages.nix
../../../modules/neovim.nix
../../../modules/tmux.nix
../../../modules/git.nix
../../../modules/emacs.nix
];
# Home Manager needs a bit of information about you and the paths it should
# manage.
home.username = "alexandre";
home.homeDirectory = "/home/alexandre";
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
home.stateVersion = "23.05"; # Please read the comment before changing.
# The home.packages option allows you to install Nix packages into your
# environment.
home.packages = [
# # Adds the 'hello' command to your environment. It prints a friendly
# # "Hello, world!" when run.
# pkgs.hello
# # It is sometimes useful to fine-tune packages, for example, by applying
# # overrides. You can do that directly here, just don't forget the
# # parentheses. Maybe you want to install Nerd Fonts with a limited number of
# # fonts?
# (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
# # You can also create simple shell scripts directly inside your
# # configuration. For example, this adds a command 'my-hello' to your
# # environment:
# (pkgs.writeShellScriptBin "my-hello" ''
# echo "Hello, ${config.home.username}!"
# '')
];
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
home.file = {
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
# # symlink to the Nix store copy.
# ".screenrc".source = dotfiles/screenrc;
# # You can also set the file content immediately.
# ".gradle/gradle.properties".text = ''
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
};
# You can also manage environment variables but you will have to manually
# source
#
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# /etc/profiles/per-user/alexandre/etc/profile.d/hm-session-vars.sh
#
# if you don't want to manage your shell through Home Manager.
home.sessionVariables = {
# EDITOR = "emacs";
};
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}

112
hosts/d2nix/home-manager/home_firefox.nix Normal file
View File

@ -0,0 +1,112 @@
{ config, lib, pkgs, ... }:
let
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
inherit pkgs;
};
in
{
programs.firefox = {
enable = true ;
profiles.default = {
isDefault = true ;
extensions = lib.mkIf config.programs.firefox.enable
(with nur.repos.rycee.firefox-addons; [
french-dictionary
i-dont-care-about-cookies
ublock-origin
privacy-badger
keepassxc-browser
clearurls
decentraleyes
floccus
]);
search = {
force = true;
default = "Google";
engines = {
"Nix Packages" = {
urls = [{
template = "https://search.nixos.org/packages";
params = [
{ name = "type"; value = "packages"; }
{ name = "query"; value = "{searchTerms}"; }
];
}];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@np" ];
};
"NixOS Wiki" = {
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000;
definedAliases = [ "@nw" ];
};
"Wikipedia (en)".metaData.alias = "@wiki";
"Google".metaData.hidden = false;
"Amazon.com".metaData.hidden = true;
"Bing".metaData.hidden = true;
"eBay".metaData.hidden = true;
};
};
bookmarks = [
{
name = "DRI";
toolbar = true;
bookmarks = [
{
name = "wiki";
tags = [ "wiki" ];
keyword = "wiki";
url = "https://en.wikipedia.org/wiki/Special:Search?search=";
}
{
name = "AVV";
url ="https://v2.produhost.net/panel/16148/dashboard";
}
];
}
];
settings = {
settings = {
"browser.contentblocking.category" = "strict" ;
"browser.search.region" = "CH" ;
"browser.startup.homepage" = https://www.google.fr ;
"browser.toolbars.bookmarks.visibility" = "always";
"dom.security.https_only_mode" = true ;
"dom.security.https_only_mode_ever_enabled" = true ;
"extensions.blocklist.pingCountVersion" = -1 ;
"extensions.databaseSchema" = 35 ;
"extensions.ui.dictionary.hidden" = false ;
"extensions.ui.extension.hidden" = false ;
"extensions.ui.locale.hidden" = true ;
"extensions.ui.sitepermission.hidden" = true ;
"extensions.webcompat.enable_shims" = true ;
"extensions.webcompat.perform_injections" = true ;
"extensions.webcompat.perform_ua_overrides" = true ;
"findbar.highlightAll" = true ;
"font.name.serif.x-western" = "FreeSerif" ;
"font.size.variable.x-western" = 20 ;
"media.eme.enabled" = true ;
"pref.browser.homepage.disable_button.current_page" = false ;
"print_printer" = "Mozilla Save to PDF" ;
"privacy.annotate_channels.strict_list.enabled" = true ;
"privacy.clearOnShutdown.cookies" = true ;
"privacy.clearOnShutdown.downloads" = false ;
"privacy.clearOnShutdown.formdata" = false ;
"privacy.clearOnShutdown.history" = false ;
"privacy.clearOnShutdown.offlineApps" = true ;
"privacy.clearOnShutdown.sessions" = false ;
"privacy.donottrackheader.enabled" = true ;
"privacy.firstparty.isolate" = true ;
"privacy.history.custom" = true ;
"privacy.purge_trackers.date_in_cookie_database" = 0 ;
"privacy.trackingprotection.emailtracking.enabled" = true ;
"privacy.trackingprotection.enabled" = true ;
"privacy.trackingprotection.socialtracking.enabled" = true ;
};
};
} ;
} ;
}

47
hosts/d2nix/home-manager/packages.nix Normal file
View File

@ -0,0 +1,47 @@
{ pkgs, ... }: {
programs.go.enable = true;
home.packages = with pkgs; [
jq
nextcloud-client
libreoffice
rofi
poppler_utils
brightnessctl
chromium
gimp
scrot
papirus-icon-theme
ganttproject-bin
audio-recorder
pandoc
hugo
whois
inkscape
feh
ispell
aspellDicts.fr
nix-direnv
keepassxc
direnv
texlive.combined.scheme-full
zola
exa
python3
unar # like 7z
nmap
libnotify
sublime-music
drawio
lsd
guake
dig
vlc
pinta
linphone
graphviz
freecad
freetube
thunderbird
];
nixpkgs.config.permittedInsecurePackages = [ "ferdi-5.8.1" ];
}

180
hosts/d2nix/nixos/configuration.nix Normal file
View File

@ -0,0 +1,180 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
./services.nix
./extra_hw.nix
./gnome.nix
./nitrokey.nix
];
boot = {
loader.systemd-boot.enable = true;
loader.grub.efiSupport = true;
loader.grub.efiInstallAsRemovable = true;
loader.grub.device = "nodev";
plymouth.enable = true;
tmp.cleanOnBoot = true ;
kernelParams = [ "i915.enable_fbc=1" ];
};
networking = {
hostName = "d2nix"; # Define your hostname.
networkmanager.enable = true;
firewall.enable = true;
};
# Set your time zone.
time.timeZone = "Europe/Paris";
i18n.defaultLocale = "fr_FR.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
fonts = {
fontDir.enable = true;
enableGhostscriptFonts = true;
fonts = with pkgs; [
corefonts
vistafonts
powerline-fonts
inconsolata
terminus_font
proggyfonts
dejavu_fonts
font-awesome
nerdfonts
source-code-pro
source-sans-pro
source-serif-pro
iosevka
roboto-mono
fira-code
];
};
#sound.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users = {
groups.ntp = {};
defaultUserShell = "/run/current-system/sw/bin/fish";
extraUsers.alexandre = {
isNormalUser = true;
home = "/home/alexandre";
description = "alexandre";
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "scanner" "plocate" "lp" ];
packages = with pkgs; [
#firefox
gitAndTools.gitFull
];
};
extraUsers.oem = {
isNormalUser = true;
home = "/home/oem";
description = "oem";
extraGroups = [ "wheel" "networkmanager" ];
};
};
environment.variables = {
EDITOR = "nvim";
BROWSER = "firefox";
LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS";
TERMINAL = "xfce4-terminal";
PRIVATE_BROWSER = "firefox -private";
};
security = {
rtkit.enable = true; # for pipewire
apparmor.enable = true;
pam = {
u2f = {
enable = true;
control = "requisite";
};
services = {
login.u2fAuth = true;
lightdm.u2fAuth = true;
gdm.u2fAuth = true;
};
};
};
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixpkgs.config = {
allowUnfree = true;
};
nix.settings.auto-optimise-store = true;
nix.gc = {
automatic = true;
dates = "weekly";
persistent = true;
options = "--delete-older-than 10d";
};
programs = {
htop = {
enable = true;
settings.show_cpu_temperature = 1;
};
fish = {
enable = true;
interactiveShellInit = ''
set -gx EDITOR nvim
'';
shellAliases = {
ll = "ls -l";
ls = "lsd";
cat = "bat";
sysrs = "sudo nixos-rebuild switch";
sysup = "sudo nixos-rebuild switch --upgrade";
sysclean = "sudo nix-collect-garbage -d; and sudo nix-store --optimise";
# nvim = "nvim -u ~/.config/nvim/init.lua";
};
};
};
environment.systemPackages = with pkgs; [
neovim
bat
lsd
pam_u2f
gsmartcontrol
lm_sensors
wezterm
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
nixpkgs.config.packageOverrides = pkgs: {
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
inherit pkgs;
};
};
}

33
hosts/d2nix/nixos/extra_hw.nix Normal file
View File

@ -0,0 +1,33 @@
{ config, pkgs, ... }:
{
hardware = {
cpu.intel.updateMicrocode = true;
enableAllFirmware = true;
pulseaudio.enable = false;
bluetooth = {
enable = true;
settings = {
General = {
Enable = "Source,Sink,Media,Socket";
};
};
};
logitech = {
wireless.enable = true;
wireless.enableGraphical = true;
};
opengl = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver # LIBVA_DRIVER_NAME=iHD
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
vaapiVdpau
libvdpau-va-gl
];
};
};
# Video acceleration
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
};
}

29
hosts/d2nix/nixos/gnome.nix Normal file
View File

@ -0,0 +1,29 @@
{ config, pkgs, ... }:
{
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
environment.gnome.excludePackages = (with pkgs; [
gnome-photos
gnome-tour
]) ++ (with pkgs.gnome; [
cheese # webcam tool
gnome-music
gedit # text editor
epiphany # web browser
totem # video player
tali # poker game
iagno # go game
hitori # sudoku game
atomix # puzzle game
]);
environment.systemPackages = with pkgs; [
pkgs.gnome3.gnome-tweaks
gnomeExtensions.appindicator
gnomeExtensions.yakuake
gnomeExtensions.workspace-indicator-2
gnomeExtensions.wireless-hid
gnomeExtensions.vitals
];
}

49
hosts/d2nix/nixos/hardware-configuration.nix Normal file
View File

@ -0,0 +1,49 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" "vfat" "nls_cp437" "nls_iso8859-1" ];
boot.initrd.kernelModules = [ "dm-snapshot" "coretemp" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/8eea016d-9dd3-4149-8e5c-014d7d90695f";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/0382-3D00";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/1ffd2601-020f-4635-923b-4053676070d7"; }
];
# boot.initrd.luks.yubikeySupport = true;
boot.initrd.luks.devices = {
"partitions" = {
device = "/dev/sda2";
preLVM = true;
crypttabExtraOpts = ["fido2-device=auto"];
};
};
boot.initrd.systemd.enable = true;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f0u10.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

7
hosts/d2nix/nixos/laptop.nix Normal file
View File

@ -0,0 +1,7 @@
{ config, pkgs, ... }:
{
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
}

14
hosts/d2nix/nixos/nitrokey.nix Normal file
View File

@ -0,0 +1,14 @@
{config, pkgs, lib, ... }:
{
hardware.nitrokey = {
enable = true;
};
services.pcscd.enable = true;
environment.systemPackages = with pkgs; [
nitrokey-app
];
}

54
hosts/d2nix/nixos/services.nix Normal file
View File

@ -0,0 +1,54 @@
{ config, pkgs, ... }:
{
services = {
avahi = {
enable = true;
openFirewall = true;
};
clamav = {
daemon.enable = true;
updater.enable = true;
};
ntp = {
enable = true;
};
thermald = {
enable = true;
};
fstrim = {
enable = true;
};
locate = {
enable = true;
locate = pkgs.plocate;
interval = "hourly";
localuser = null;
};
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# Enable the X11 windowing system.
xserver = {
enable = true;
# Configure keymap in X11
layout = "fr";
xkbOptions = "eurosign:e,caps:escape";
# Enable the GNOME Desktop Environment.
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
udev.extraRules = ''
ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", ENV{DISPLAY}=":0", ENV{XAUTHORITY}="/home/alexandre/.Xauthority" RUN+="${pkgs.sudo}/bin/sudo -u alexandre ${pkgs.xdg-utils}/bin/xdg-screensaver lock"
'';
};
}

8
hosts/dell-5590/home-manager/bat.nix Normal file
View File

@ -0,0 +1,8 @@
{ config, pkgs, ... }:
{
#configDir = "/home/alexandre/git/nixos-config/hosts/dell-5590/nixpkgs/";
programs.bat = {
enable = true;
# } // (import "${configDir}/bat");
} // (import "/home/alexandre/git/nixos-config/hosts/dell-5590/home-manager/bat");
}

7
hosts/dell-5590/home-manager/bat/default.nix Normal file
View File

@ -0,0 +1,7 @@
{
config = {
decorations = "auto";
paging = "auto";
theme = "Nord";
};
}

0
hosts/x201/nixpkgs/colorschemes/nord.theme → hosts/dell-5590/home-manager/colorschemes/nord.theme
View File

0
hosts/dell-5590/nixpkgs/configs/.mbsyncrc → hosts/dell-5590/home-manager/configs/.mbsyncrc
View File

12
hosts/dell-5590/nixpkgs/configs/i3config → hosts/dell-5590/home-manager/configs/i3config
View File

@ -42,7 +42,7 @@ mode "resize" {
bindsym $mod+s mode "resize"
# Tue la fenetre avec le focus
bindsym $mod+Shift+A kill
bindsym $mod+k kill
# split in horizontal orientation
bindsym $mod+h split h
@ -97,7 +97,7 @@ bindsym $mod+Shift+8 move container to workspace 8
bindsym $mod+Shift+9 move container to workspace $ws9
bindsym $mod+Shift+0 move container to workspace 10
# Recharge le fichier de configuration
## # Recharge le fichier de configuration
bindsym $mod+Shift+C reload
# Redemarre i3 mais concerve ce qui est lancé. Utilisable pour les MAJ
@ -113,7 +113,7 @@ bindsym $mod+d exec rofi -show drun -show-icons -modi drun
bar {
font pango:DejaVu Sans Mono, FontAwesome 12
position top
status_command i3status-rs ~/.config/i3status-rust/config-bottom.toml
status_command i3status-rs ~/.config/i3status-rust/bar.toml
colors {
separator #666666
background #222222
@ -143,12 +143,16 @@ exec --no-startup-id nm-applet
exec --no-startup-id nextcloud
exec --no-startup-id udiskie -t
exec --no-startup-id blueman-applet
exec --no-startup-id vlc
exec --no-startup-id guake
exec --no-startup-id kdeconnect-indicator
exec --no-startup-id i3-msg 'workspace $ws9; exec keepassxc;'
#exec --no-startup-id i3-msg 'workspace $ws5; exec emacs;'
exec --no-startup-id i3-msg 'workspace $ws1; exec alacritty;'
exec --no-startup-id i3-msg 'workspace $ws1; exec ferdi;'
exec --no-startup-id i3-msg 'workspace $ws2; exec thunderbird;'
exec --no-startup-id i3-msg 'workspace $ws3; exec firefox;'
exec --no-startup-id xset s off
exec --no-startup-id xset -dpms
tiling_drag modifier titlebar

47
hosts/dell-5590/home-manager/configs/i3status-rust.toml Normal file
View File

@ -0,0 +1,47 @@
[theme]
theme = "nord-dark"
[icons]
icons = "material-nf"
[[block]]
block = "disk_space"
path = "/"
format = "$icon $percentage"
format_alt = " $icon $available / $total "
info_type = "used"
interval = 60
warning = 20.0
alert = 10.0
[[block]]
block = "memory"
format = " $icon $mem_avail.eng(prefix:M)/$mem_total.eng(prefix:M)($mem_total_used_percents.eng(w:2)) "
[[block]]
block = "cpu"
interval = 1
[[block]]
block = "load"
interval = 1
format = "{1m}"
[[block]]
block = "sound"
[[block]]
block = "backlight"
[[block]]
block = "battery"
[[block]]
block = "kdeconnect"
format = " $icon {$bat_icon $bat_charge |}{$notif_icon |}{$network_icon$network_strength $network_type |}"
bat_good = 101
[[block]]
block = "time"
interval = 60
format = " $icon $timestamp.datetime(f:'%d/%m %R', l:fr_FR) "

216
hosts/dell-5590/home-manager/configs/init.el Normal file
View File

@ -0,0 +1,216 @@
;; Keyboard-centric user interface
(setq inhibit-startup-message t)
(scroll-bar-mode -1)
(tool-bar-mode -1)
(menu-bar-mode -1)
(require 'package)
(add-to-list 'package-archives '("melpa" . "https://melpa.org/packages/") t)
;; Comment/uncomment this line to enable MELPA Stable if desired. See `package-archive-priorities`
;; and `package-pinned-packages`. Most users will not need or want to do this.
;;(add-to-list 'package-archives '("melpa-stable" . "https://stable.melpa.org/packages/") t)
(package-initialize)
(column-number-mode 't) ; show current column in status bar
(add-hook 'text-mode-hook 'turn-on-auto-fill)
(set-fringe-mode 10)
;; Use 4 spaces for one tab visually.
(setq tab-width 4)
(show-paren-mode t) ; highlight matching open and close parentheses
(global-hl-line-mode) ; highlight current line
(global-visual-line-mode t) ; wrap long lines
(setq split-window-preferred-function
'visual-fill-column-split-window-sensibly) ; wrap at window boundary
(global-whitespace-mode) ; enable whitespace handling by default
(setq
whitespace-style ; see (apropos 'whitespace-style)
'(face ; viz via faces
trailing ; trailing blanks visualized
lines-tail ; lines beyond whitespace-line-column visualized
space-before-tab
space-after-tab
newline ; lines with only blanks visualized
indentation ; spaces used for indent when config wants tabs
empty ; empty lines at beginning or end or buffer
)
whitespace-line-column 150) ; column at which whitespace-mode says the line is too long
;;(set-face-attribute 'default nil :font "JetBrains Mono" :height 150)
;; themes
(use-package doom-themes
:init (load-theme 'doom-nord t)
:init (doom-themes-org-config))
(setq disabled-command-function nil)
(setq inhibit-startup-screen t)
(setq visible-bell t)
;; Only y/n answers
(defalias 'yes-or-no-p 'y-or-n-p)
;; Save what you enter into minibuffer prompts
(setq history-length 25)
(savehist-mode 1)
;; Remember and restore the last cursor location of opened files
(save-place-mode 1)
;; Backup
(setq version-control t ;; Use version numbers for backups.
kept-new-versions 10 ;; Number of newest versions to keep.
kept-old-versions 0 ;; Number of oldest versions to keep.
delete-old-versions t ;; Don't ask to delete excess backup versions.
backup-by-copying t) ;; Copy all files, don't rename them.
(setq vc-make-backup-files t)
(setq backup-directory-alist '(("" . "~/.emacs.d/backup")))
(defvar emacs-autosave-directory
(concat user-emacs-directory "autosaves/")
"This variable dictates where to put auto saves. It is set to a
directory called autosaves located wherever your .emacs.d/ is
located.")
;; Sets all files to be backed up and auto saved in a single directory.
(setq backup-directory-alist
`((".*" . ,emacs-autosave-directory))
auto-save-file-name-transforms
`((".*" ,emacs-autosave-directory t)))
(setq calendar-week-start-day 1)
(use-package nix-mode
:mode ("\\.nix\\'" . nix-mode)
:hook (nix-mode . lsp-deferred))
(use-package magit)
(setq magit-fetch-modules-jobs 16); fetch 16 modules in parallel
(use-package which-key
:init (which-key-mode)
:config (setq which-key-idle-delay 0.5))
(autoload 'markdown-mode "markdown-mode"
"Major mode for editing Markdown files" t)
(add-to-list 'auto-mode-alist
'("\\.\\(?:md\\|markdown\\|mkd\\|mdown\\|mkdn\\|mdwn\\)\\'" . markdown-mode))
(autoload 'gfm-mode "markdown-mode"
"Major mode for editing GitHub Flavored Markdown files" t)
(add-to-list 'auto-mode-alist '("README\\.md\\'" . gfm-mode))
;; org-mode
(require 'org)
(require 'org-mouse)
(setq org-startup-folded t
org-pretty-entities t
org-hide-emphasis-markers t
org-startup-with-inline-images t
org-agenda-include-deadlines t
org-image-actual-width '(300))
;; files with ".org" open in org-mode
(add-to-list 'auto-mode-alist '("\\.org$" . org-mode))
(setq org-agenda-files '("/home/alexandre/Nextcloud/PRIVE/13_Org/backlog.org" "/home/alexandre/Nextcloud/PRIVE/13_Org/notes"))
(setq org-directory (concat (getenv "HOME") "/Nextcloud/PRIVE/13_Org/notes"))
(setq org-default-notes-file "~/Nextcloud/PRIVE/13_Org/backlog.org")
(setq org-todo-keywords '((type "TODO" "En cours" "WAIT" "CANCELED" "DONE")))
(setf org-todo-keyword-faces '(("TODO" . (:foreground "cyan" :background "steelblue" :bold t :weight bold))
("En cours" . (:foreground "yellow" :background "red" :bold t :weight bold))
("En attente de réponse" . (:foreground "yellow" :background "magenta2" :bold t :weight bold))
("CANCELED" . (:foreground "gray" :background "dime grey" :bold t :weight bold))
("DONE" . (:foreground "gray50" :background "gray30"))))
;; tags
(setq org-tag-alist '(("DEVIS" . ?d) ("PROJETS" . ?p) ("CLIENT" . ?c) ("PROSPECT" . ?o) ("INTERNE" . ?i) ("AO" . ?a) ("PJ" . ?z) ("AVV" . ?v) ("LEGACY" . ?l) ("ROC" . ?r)))
(setq org-tag-faces
'(
("DEVIS" . (:foreground "OrangeRed" :weight bold))
("ROC" . (:foreground "OrangeRed" :weight bold))
("PJ" . (:foreground "brightyellow" :weight bold))
("PROJET" . (:foreground "IndianRed1" :weight bold))
("INTERNE" . (:foreground "LimeGreen" :weight bold))
("LEGACY" . (:foreground "LimeGreen" :weight bold))
("CLIENT" . (:foreground "Orange" :weight bold))
("PROSPECT" . (:foreground "MediumPurple3" :weight bold))
("AO" . (:foreground "HotPink2" :weight bold))
)
)
;; org-capture use to add note to backlog file. At the end of day, use org-refile to dispatch to good note
;; https://sachachua.com/blog/2014/11/using-org-mode-keep-process-journal/
(setq org-capture-templates
'(("t" "TODO" entry (file+datetree "~/Nextcloud/PRIVE/13_Org/backlog.org")
"* TODO %? %^G \n %U" :empty-lines 1)
("s" "Scheduled TODO" entry (file+datetree "~/Nextcloud/PRIVE/13_Org/backlog.org")
"* TODO %? %^G \nSCHEDULED: %^t\n %U" :empty-lines 1)
("l" "Link" entry (file "~/Nextcloud/PRIVE/13_Org/backlog.org")
"* TODO %a %? %^G\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))\n")
("j" "Journal entry" plain
(file+datetree+prompt "~/Nextcloud/PRIVE/13_Org/journal.org")
"%K ****** %a\n%i\n%?\n")
("n" "Note dans le journal" entry (file "~/Nextcloud/PRIVE/13_Org/journal.org")
"**** %? %^G\n" :empty-lines 1)))
;; Org-Roam basic configuration
(use-package org-roam
:after org
:init
(setq org-roam-v2-ack t) ;; Acknowledge V2 upgrade
:custom
(org-roam-directory (file-truename org-directory))
(org-roam-completion-everywhere t)
:bind (("C-c n l" . org-roam-buffer-toggle)
("C-c n f" . org-roam-node-find)
("C-c n o" . org-open-at-point)
("C-c n j" . org-roam-dailies-capture-today)
("C-c n i" . org-roam-node-insert))
:config
(org-roam-setup)
(org-roam-db-autosync-mode)
)
;; caldav
;;(setq org-caldav-url "https://next20.produhost.net/remote.php/dav/alexandre")
;;(setq org-caldav-calendars
;; '((:calendar-id "alexandre-dri"
;; :files ("~/Nextcloud/PRIVE/13_Org/calendar/alexandre-dri.org")
;; :inbox "~/Nextcloud/PRIVE/13_Org/calendar/alexandre-dri-inbox.org")))
;;(setq org-icalendar-include-todo 'all
;; org-caldav-sync-todo t)
;;
(use-package org-journal
:ensure t
:defer t
:init
;; Change default prefix key; needs to be set before loading org-journal
(setq org-journal-prefix-key "C-c j ")
:config
(setq org-journal-file-type=weekly
org-journal-date-format "%A, %d %B %Y"))
;;;; Index org file and backlog file
(defvar org-gtd-file "~/Nextcloud/PRIVE/13_Org/DRI.org")
(defvar org-backlog-file "~/Nextcloud/PRIVE/13_Org/backlog.org")
;; Open DRI.org when I hit C-c g
(defun gtd ()
"Open the GTD file."
(interactive)
(find-file org-gtd-file))
;; Open backlog.org when I hit file hit C-c b
(defun gtb ()
"Open the backlog file."
(interactive)
(find-file org-backlog-file))
;; keybinding
(global-set-key "\C-cl" 'org-store-link)
(global-set-key "\C-ca" 'org-agenda)
(global-set-key "\C-cg" 'gtd)
(global-set-key "\C-cb" 'gtb)

218
hosts/dell-5590/home-manager/configs/init.el-bak Normal file
View File

@ -0,0 +1,218 @@
;; Keyboard-centric user interface
(setq inhibit-startup-message t)
(scroll-bar-mode -1)
(tool-bar-mode -1)
(menu-bar-mode -1)
(require 'package)
(add-to-list 'package-archives '("melpa" . "https://melpa.org/packages/") t)
;; Comment/uncomment this line to enable MELPA Stable if desired. See `package-archive-priorities`
;; and `package-pinned-packages`. Most users will not need or want to do this.
;;(add-to-list 'package-archives '("melpa-stable" . "https://stable.melpa.org/packages/") t)
(package-initialize)
(column-number-mode 't) ; show current column in status bar
(add-hook 'text-mode-hook 'turn-on-auto-fill)
(set-fringe-mode 10)
;; Use 4 spaces for one tab visually.
(setq tab-width 4)
(show-paren-mode t) ; highlight matching open and close parentheses
(global-hl-line-mode) ; highlight current line
(global-visual-line-mode t) ; wrap long lines
(setq split-window-preferred-function
'visual-fill-column-split-window-sensibly) ; wrap at window boundary
(global-whitespace-mode) ; enable whitespace handling by default
(setq
whitespace-style ; see (apropos 'whitespace-style)
'(face ; viz via faces
trailing ; trailing blanks visualized
lines-tail ; lines beyond whitespace-line-column visualized
space-before-tab
space-after-tab
newline ; lines with only blanks visualized
indentation ; spaces used for indent when config wants tabs
empty ; empty lines at beginning or end or buffer
)
whitespace-line-column 150) ; column at which whitespace-mode says the line is too long
;;(set-face-attribute 'default nil :font "JetBrains Mono" :height 150)
;; themes
(use-package doom-themes
:init (load-theme 'doom-nord t)
:init (doom-themes-org-config))
(setq disabled-command-function nil)
(setq inhibit-startup-screen t)
(setq visible-bell t)
;; Only y/n answers
(defalias 'yes-or-no-p 'y-or-n-p)
;; Save what you enter into minibuffer prompts
(setq history-length 25)
(savehist-mode 1)
;; Remember and restore the last cursor location of opened files
(save-place-mode 1)
;; Backup
(setq version-control t ;; Use version numbers for backups.
kept-new-versions 10 ;; Number of newest versions to keep.
kept-old-versions 0 ;; Number of oldest versions to keep.
delete-old-versions t ;; Don't ask to delete excess backup versions.
backup-by-copying t) ;; Copy all files, don't rename them.
(setq vc-make-backup-files t)
(setq backup-directory-alist '(("" . "~/.emacs.d/backup")))
(defvar emacs-autosave-directory
(concat user-emacs-directory "autosaves/")
"This variable dictates where to put auto saves. It is set to a
directory called autosaves located wherever your .emacs.d/ is
located.")
;; Sets all files to be backed up and auto saved in a single directory.
(setq backup-directory-alist
`((".*" . ,emacs-autosave-directory))
auto-save-file-name-transforms
`((".*" ,emacs-autosave-directory t)))
(setq calendar-week-start-day 1)
;; keybinding
(global-set-key "\C-cnj" 'org-journal-new-entry)
(global-set-key "\C-cl" 'org-store-link)
(global-set-key "\C-ca" 'org-agenda)
(global-set-key "\C-c g" 'gtd)
(use-package nix-mode
:mode ("\\.nix\\'" . nix-mode)
:hook (nix-mode . lsp-deferred))
(use-package magit)
(setq magit-fetch-modules-jobs 16); fetch 16 modules in parallel
(use-package which-key
:init (which-key-mode)
:config (setq which-key-idle-delay 0.5))
(autoload 'markdown-mode "markdown-mode"
"Major mode for editing Markdown files" t)
(add-to-list 'auto-mode-alist
'("\\.\\(?:md\\|markdown\\|mkd\\|mdown\\|mkdn\\|mdwn\\)\\'" . markdown-mode))
(autoload 'gfm-mode "markdown-mode"
"Major mode for editing GitHub Flavored Markdown files" t)
(add-to-list 'auto-mode-alist '("README\\.md\\'" . gfm-mode))
;; org-mode
(require 'org)
(require 'org-mouse)
(setq org-startup-folded t
org-pretty-entities t
org-hide-emphasis-markers t
org-startup-with-inline-images t
org-agenda-include-deadlines t
org-image-actual-width '(300))
;; files with ".org" open in org-mode
(add-to-list 'auto-mode-alist '("\\.org$" . org-mode))
(setq org-agenda-files '("/home/alexandre/Nextcloud/PRIVE/13_Org/backlog.org" "/home/alexandre/Nextcloud/PRIVE/13_Org/notes" "/home/alexandre/Nextcloud/PRIVE/13_Org/journal"))
(setq org-directory (concat (getenv "HOME") "/Nextcloud/PRIVE/13_Org/notes"))
(setq org-default-notes-file "~/Nextcloud/PRIVE/13_Org/backlog.org")
;;(setq org-capture-templates
;; '(("b" "Ajouter au backlog" entry
;; (file "~/Nextcloud/PRIVE/13_Org/backlog.org")
;; "* TODO %?" :empty-lines 1))
(setq org-capture-templates
'(("t" "TODO" entry (file+datetree "~/Nextcloud/PRIVE/13_Org/backlog.org")
"* TODO %? %^G \n %U" :empty-lines 1)
("s" "Scheduled TODO" entry (file+datetree "~/Nextcloud/PRIVE/13_Org/backlog.org")
"* TODO %? %^G \nSCHEDULED: %^t\n %U" :empty-lines 1)
("l" "Link" entry (file "~/Nextcloud/PRIVE/13_Org/backlog.org")
"* TODO %a %? %^G\nSCHEDULED: %(org-insert-time-stamp (org-read-date nil t \"+0d\"))\n")
("n" "Note" entry (file "~/Nextcloud/PRIVE/13_Org/backlog.org")
"* %? %^G\n%U" :empty-lines 1)
("j" "Journal" entry (file+datetree "~/Nextcloud/PRIVE/13_Org/backlog.org")
"* %? %^G\nEntered on %U\n")))
;; Org-Roam basic configuration
(use-package org-roam
:after org
:init (setq org-roam-v2-ack t) ;; Acknowledge V2 upgrade
:custom
(org-roam-directory (file-truename org-directory))
:config
(org-roam-setup)
(org-roam-db-autosync-mode)
:bind (("C-c n f" . org-roam-node-find)
("C-c n r" . org-roam-node-random)
("C-c n o" . org-open-at-point)
("C-c n i" . org-roam-node-insert)
;; (:map org-mode-map
;; (("C-c n i" . org-roam-node-insert)
;; ("C-c n t" . org-roam-tag-add)
;; ("C-c n a" . org-roam-alias-add)
;; ("C-c n l" . org-roam-buffer-toggle)
;; ("C-c n o" . org-open-at-point)
;; ("C-c n d" . org-roam-dailies-capture-today)
;; ("C-c n T" . org-roam-dailies-goto-today)
;; ("C-M-i" . completion-at-point))))
)
;; (:map org-roam-dailies-map
;; (map!
;; "\C-c n T" 'org-roam-dailies-goto-today
;; "\C-c n d" 'org-roam-dailies-capture-today))
(setq org-roam-dailies-capture-templates
'(("d" "default" entry
"* %?"
:target (file+head "journal-%<%Y>.org" "#+TITLE: %<%Y-%m-%d>\n"))))
;; one file org
(defvar org-gtd-file "~/Nextcloud/PRIVE/13_Org/DRI.org")
;; Open DRI.org when I hit C-c g
(defun gtd ()
"Open the GTD file."
(interactive)
(find-file org-gtd-file))
;; This seems like a good basic set of keywords to start out with:
(setq org-todo-keywords '((type "TODO" "En cours" "WAIT" "CANCELED" "DONE")))
(setf org-todo-keyword-faces '(("TODO" . (:foreground "cyan" :background "steelblue" :bold t :weight bold))
("En cours" . (:foreground "yellow" :background "red" :bold t :weight bold))
("En attente de réponse" . (:foreground "yellow" :background "magenta2" :bold t :weight bold))
("CANCELED" . (:foreground "gray" :background "dime grey" :bold t :weight bold))
("DONE" . (:foreground "gray50" :background "gray30"))))
;; tags
(setq org-tag-alist '(("DEVIS" . ?d) ("PROJETS" . ?p) ("CLIENT" . ?c) ("PROSPECT" . ?o) ("INTERNE" . ?i) ("AO" . ?a) ("PJ" . ?z) ("AVV" . ?v) ("PERSO" . ?z)))
(setq org-tag-faces
'(
("DEVIS" . (:foreground "OrangeRed" :weight bold))
("PJ" . (:foreground "brightyellow" :weight bold))
("PROJET" . (:foreground "IndianRed1" :weight bold))
("INTERNE" . (:foreground "LimeGreen" :weight bold))
("CLIENT" . (:foreground "Orange" :weight bold))
("PROSPECT" . (:foreground "MediumPurple3" :weight bold))
("AO" . (:foreground "HotPink2" :weight bold))
("PERSO" . (:foreground "firebrick" :weight bold))
)
)
;;; Org-journal
;; https://github.com/bastibe/org-journal
;; C-c C-j
;;(require 'org-journal)
;;(setq org-journal-date-prefix "#+TITLE: "
;; org-journal-carryover-items "-TODO=\"DONE\""
;; org-journal-time-prefix "* "
;; org-journal-date-format "%a, %Y-%m-%d"
;; org-journal-file-format "%Y-%m-%d-journal.org"
;; org-journal-dir "/home/alexandre/Nextcloud/PRIVE/13_Org/journal/")

0
hosts/dell-5590/nixpkgs/configs/msmtp_config → hosts/dell-5590/home-manager/configs/msmtp_config
View File

44
hosts/dell-5590/home-manager/configs/nextcloud.cfg Normal file
View File

@ -0,0 +1,44 @@
[General]
clientVersion=3.6.4git
confirmExternalStorage=false
crashReporter=true
monoIcons=false
newBigFolderSizeLimit=500
optionalServerNotifications=true
showCallNotifications=true
updateSegment=67
useNewBigFolderSizeLimit=false
[Accounts]
0\Folders\1\ignoreHiddenFiles=false
0\Folders\1\journalPath=.sync_70e356a9188d.db
0\Folders\1\localPath=/home/alexandre/Nextcloud/PRIVE/
0\Folders\1\paused=false
0\Folders\1\targetPath=/
0\Folders\1\version=2
0\Folders\1\virtualFilesMode=off
0\authType=webflow
0\dav_user=alexandre
0\serverVersion=25.0.1.1
0\url=https://next.atlanticaweb.fr
0\user=@Invalid()
0\version=1
0\webflow_user=alexandre
1\Folders\3\ignoreHiddenFiles=false
1\Folders\3\journalPath=.sync_214037720ec4.db
1\Folders\3\localPath=/home/alexandre/Nextcloud/DRI/
1\Folders\3\paused=false
1\Folders\3\targetPath=/
1\Folders\3\version=2
1\Folders\3\virtualFilesMode=off
1\authType=webflow
1\dav_user=alexandre
1\serverVersion=26.0.2.1
1\url=https://next20.produhost.net
1\user=@Invalid()
1\version=1
1\webflow_user=alexandre
version=2
[Settings]
geometry="@ByteArray(\x1\xd9\xd0\xcb\0\x3\0\0\0\0\x3=\0\0\0\xab\0\0\x5\xd4\0\0\x3\x1f\0\0\x3?\0\0\0\xab\0\0\x5\xd2\0\0\x3\x1d\0\0\0\0\0\0\0\0\a\x80\0\0\x3?\0\0\0\xab\0\0\x5\xd2\0\0\x3\x1d)"

58
hosts/dell-5590/home-manager/configs/xfce4/terminal/accels.scm Normal file
View File

@ -0,0 +1,58 @@
; xfce4-terminal GtkAccelMap rc-file -*- scheme -*-
; this file is an automated accelerator map dump
;
(gtk_accel_path "<Actions>/terminal-window/goto-tab-2" "<Alt>2")
(gtk_accel_path "<Actions>/terminal-window/goto-tab-6" "<Alt>6")
; (gtk_accel_path "<Actions>/terminal-window/copy-input" "")
; (gtk_accel_path "<Actions>/terminal-window/close-other-tabs" "")
; (gtk_accel_path "<Actions>/terminal-window/move-tab-right" "<Primary><Shift>Page_Down")
(gtk_accel_path "<Actions>/terminal-window/goto-tab-7" "<Alt>7")
; (gtk_accel_path "<Actions>/terminal-window/set-title-color" "")
; (gtk_accel_path "<Actions>/terminal-window/edit-menu" "")
; (gtk_accel_path "<Actions>/terminal-window/zoom-menu" "")
(gtk_accel_path "<Actions>/terminal-window/goto-tab-1" "<Alt>1")
; (gtk_accel_path "<Actions>/terminal-window/fullscreen" "F11")
; (gtk_accel_path "<Actions>/terminal-window/read-only" "")
(gtk_accel_path "<Actions>/terminal-window/goto-tab-5" "<Alt>5")
; (gtk_accel_path "<Actions>/terminal-window/preferences" "")
; (gtk_accel_path "<Actions>/terminal-window/reset-and-clear" "")
; (gtk_accel_path "<Actions>/terminal-window/about" "")
(gtk_accel_path "<Actions>/terminal-window/goto-tab-4" "<Alt>4")
; (gtk_accel_path "<Actions>/terminal-window/close-window" "<Primary><Shift>q")
; (gtk_accel_path "<Actions>/terminal-window/reset" "")
; (gtk_accel_path "<Actions>/terminal-window/save-contents" "")
(gtk_accel_path "<Actions>/terminal-window/toggle-menubar" "F10")
; (gtk_accel_path "<Actions>/terminal-window/copy" "<Primary><Shift>c")
; (gtk_accel_path "<Actions>/terminal-window/copy-html" "")
; (gtk_accel_path "<Actions>/terminal-window/last-active-tab" "")
; (gtk_accel_path "<Actions>/terminal-window/show-borders" "")
; (gtk_accel_path "<Actions>/terminal-window/view-menu" "")
; (gtk_accel_path "<Actions>/terminal-window/detach-tab" "<Primary><Shift>d")
; (gtk_accel_path "<Actions>/terminal-window/scroll-on-output" "")
; (gtk_accel_path "<Actions>/terminal-window/show-toolbar" "")
; (gtk_accel_path "<Actions>/terminal-window/next-tab" "<Primary>Page_Down")
; (gtk_accel_path "<Actions>/terminal-window/tabs-menu" "")
; (gtk_accel_path "<Actions>/terminal-window/search-next" "")
; (gtk_accel_path "<Actions>/terminal-window/search-prev" "")
; (gtk_accel_path "<Actions>/terminal-window/undo-close-tab" "")
; (gtk_accel_path "<Actions>/terminal-window/set-title" "<Primary><Shift>s")
; (gtk_accel_path "<Actions>/terminal-window/contents" "F1")
; (gtk_accel_path "<Actions>/terminal-window/zoom-reset" "<Primary>0")
; (gtk_accel_path "<Actions>/terminal-window/close-tab" "<Primary><Shift>w")
; (gtk_accel_path "<Actions>/terminal-window/new-tab" "<Primary><Shift>t")
; (gtk_accel_path "<Actions>/terminal-window/new-window" "<Primary><Shift>n")
; (gtk_accel_path "<Actions>/terminal-window/terminal-menu" "")
; (gtk_accel_path "<Actions>/terminal-window/show-menubar" "")
; (gtk_accel_path "<Actions>/terminal-window/select-all" "<Primary><Shift>a")
; (gtk_accel_path "<Actions>/terminal-window/paste" "<Primary><Shift>v")
(gtk_accel_path "<Actions>/terminal-window/goto-tab-9" "<Alt>9")
; (gtk_accel_path "<Actions>/terminal-window/move-tab-left" "<Primary><Shift>Page_Up")
; (gtk_accel_path "<Actions>/terminal-window/search" "<Primary><Shift>f")
; (gtk_accel_path "<Actions>/terminal-window/file-menu" "")
; (gtk_accel_path "<Actions>/terminal-window/prev-tab" "<Primary>Page_Up")
; (gtk_accel_path "<Actions>/terminal-window/paste-selection" "")
; (gtk_accel_path "<Actions>/terminal-window/zoom-in" "<Primary>plus")
; (gtk_accel_path "<Actions>/terminal-window/zoom-out" "<Primary>minus")
(gtk_accel_path "<Actions>/terminal-window/goto-tab-8" "<Alt>8")
; (gtk_accel_path "<Actions>/terminal-window/help-menu" "")
(gtk_accel_path "<Actions>/terminal-window/goto-tab-3" "<Alt>3")

9
hosts/dell-5590/home-manager/configs/xfce4/terminal/colorschemes/nord.theme Normal file
View File

@ -0,0 +1,9 @@
[Scheme]
Name=Nord
ColorCursor=#D8DEE9
ColorForeground=#D8DEE9
ColorBackground=#2E3440
TabActivityColor=#88C0D0
ColorPalette=#3B4252;#BF616A;#A3BE8C;#EBCB8B;#81A1C1;#B48EAD;#88C0D0;#E5E9F0;#4C566A;#BF616A;#A3BE8C;#EBCB8B;#81A1C1;#B48EAD;#8FBCBB;#ECEFF4
ColorBold=#D8DEE9
ColorBoldUseDefault=FALSE

37
hosts/dell-5590/home-manager/configs/xfce4/terminal/terminalrc Normal file
View File

@ -0,0 +1,37 @@
[Configuration]
ColorForeground=#D8DEE9
ColorBackground=#2E3440
ColorCursor=#D8DEE9
ColorBold=#D8DEE9
ColorBoldUseDefault=FALSE
ColorPalette=#3B4252;#BF616A;#A3BE8C;#EBCB8B;#81A1C1;#B48EAD;#88C0D0;#E5E9F0;#4C566A;#BF616A;#A3BE8C;#EBCB8B;#81A1C1;#B48EAD;#8FBCBB;#ECEFF4
MiscAlwaysShowTabs=FALSE
MiscBell=FALSE
MiscBellUrgent=FALSE
MiscBordersDefault=FALSE
MiscCursorBlinks=FALSE
MiscCursorShape=TERMINAL_CURSOR_SHAPE_BLOCK
MiscDefaultGeometry=80x24
MiscInheritGeometry=FALSE
MiscMenubarDefault=FALSE
MiscMouseAutohide=FALSE
MiscMouseWheelZoom=TRUE
MiscToolbarDefault=FALSE
MiscConfirmClose=TRUE
MiscCycleTabs=TRUE
MiscTabCloseButtons=TRUE
MiscTabCloseMiddleClick=TRUE
MiscTabPosition=GTK_POS_TOP
MiscHighlightUrls=TRUE
MiscMiddleClickOpensUri=FALSE
MiscCopyOnSelect=TRUE
MiscShowRelaunchDialog=TRUE
MiscRewrapOnResize=TRUE
MiscUseShiftArrowsToScroll=FALSE
MiscSlimTabs=FALSE
MiscNewTabAdjacent=FALSE
MiscSearchDialogOpacity=100
MiscShowUnsafePasteDialog=TRUE
TabActivityColor=#88C0D0
MiscRightClickAction=TERMINAL_RIGHT_CLICK_ACTION_CONTEXT_MENU

16
hosts/dell-5590/home-manager/configs/zellij Normal file
View File

@ -0,0 +1,16 @@
copy_command: "xclip -selection clipboard" # x11
#copy_command: "wl-copy" # wayland
theme: nord
themes:
nord:
fg: [216,222,233]
bg: [46,52,64]
black: [59,66,82]
red: [191,97,106]
green: [163,190,140]
yellow: [235,203,139]
blue: [129,161,193]
magenta: [180,142,173]
cyan: [136,192,208]
white: [229,233,240]
orange: [208,135,112]

262
hosts/dell-5590/home-manager/dunst.nix Normal file
View File

@ -0,0 +1,262 @@
{ pkgs, ... }: {
services.dunst = {
enable = true;
settings = {
global = {
font = "Iosevka Term 11";
# Allow a small subset of html markup:
# <b>bold</b>
# <i>italic</i>
# <s>strikethrough</s>
# <u>underline</u>
#
# For a complete reference see
# <http://developer.gnome.org/pango/stable/PangoMarkupFormat.html>.
# If markup is not allowed, those tags will be stripped out of the
# message.
markup = "yes";
plain_text = "no";
# The format of the message. Possible variables are:
# %a appname
# %s summary
# %b body
# %i iconname (including its path)
# %I iconname (without its path)
# %p progress value if set ([ 0%] to [100%]) or nothing
# Markup is allowed
format = ''
%a
<b>%s</b>
%b'';
# Sort messages by urgency.
sort = "yes";
# Show how many messages are currently hidden (because of geometry).
indicate_hidden = "yes";
# Alignment of message text.
# Possible values are "left", "center" and "right".
alignment = "center";
# The frequency with wich text that is longer than the notification
# window allows bounces back and forth.
# This option conflicts with "word_wrap".
# Set to 0 to disable.
bounce_freq = 0;
# Show age of message if message is older than show_age_threshold
# seconds.
# Set to -1 to disable.
show_age_threshold = 1;
# Split notifications into multiple lines if they don't fit into
# geometry.
word_wrap = "yes";
# Ignore newlines '\n' in notifications.
ignore_newline = "no";
# Hide duplicate's count and stack them
stack_duplicates = "yes";
hide_duplicates_count = "no";
# The geometry of the window:
# [{width}]x{height}[+/-{x}+/-{y}]
# The geometry of the message window.
# The height is measured in number of notifications everything else
# in pixels. If the width is omitted but the height is given
# ("-geometry x2"), the message window expands over the whole screen
# (dmenu-like). If width is 0, the window expands to the longest
# message displayed. A positive x is measured from the left, a
# negative from the right side of the screen. Y is measured from
# the top and down respectevly.
# The width can be negative. In this case the actual width is the
# screen width minus the width defined in within the geometry option.
geometry = "500x10-0+0";
# Shrink window if it's smaller than the width. Will be ignored if
# width is 0.
shrink = "no";
# Don't remove messages, if the user is idle (no mouse or keyboard input)
# for longer than idle_threshold seconds.
# Set to 0 to disable.
idle_threshold = 0;
# The transparency of the window. Range: [0; 100].
# This option will only work if a compositing windowmanager is
# present (e.g. xcompmgr, compiz, etc.).
# transparency = 5
# Which monitor should the notifications be displayed on.
#monitor = keyboard
# Display notification on focused monitor. Possible modes are:
# mouse: follow mouse pointer
# keyboard: follow window with keyboard focus
# none: don't follow anything
#
# "keyboard" needs a windowmanager that exports the
# _NET_ACTIVE_WINDOW property.
# This should be the case for almost all modern windowmanagers.
#
# If this option is set to mouse or keyboard, the monitor option
# will be ignored.
follow = "mouse";
# Should a notification popped up from history be sticky or timeout
# as if it would normally do.
sticky_history = "yes";
# Maximum amount of notifications kept in history
history_length = 3;
# Display indicators for URLs (U) and actions (A).
show_indicators = "yes";
# The height of a single line. If the height is smaller than the
# font height, it will get raised to the font height.
# This adds empty space above and under the text.
line_height = 3;
# Draw a line of "separatpr_height" pixel height between two
# notifications.
# Set to 0 to disable.
separator_height = 1;
# Padding between text and separator.
padding = 1;
# Horizontal padding.
horizontal_padding = 1;
# Define a color for the separator.
# possible values are:
# * auto: dunst tries to find a color fitting to the background;
# * foreground: use the same color as the foreground;
# * frame: use the same color as the frame;
# * anything else will be interpreted as a X color.
separator_color = "frame";
# Print a notification on startup.
# This is mainly for error detection, since dbus (re-)starts dunst
# automatically after a crash.
startup_notification = true;
# dmenu path.
dmenu = "${pkgs.dmenu}/bin/dmenu -p dunst:";
# Browser for opening urls in context menu.
# browser = /usr/bin/firefox -new-tab
# Align icons left/right/off
icon_position = "off";
max_icon_size = 80;
frame_width = 2;
frame_color = "#8EC07C";
};
shortcuts = {
# Shortcuts are specified as [modifier+][modifier+]...key
# Available modifiers are "ctrl", "mod1" (the alt-key), "mod2",
# "mod3" and "mod4" (windows-key).
# Xev might be helpful to find names for keys.
# Close notification.
close = "ctrl+space";
# Close all notifications.
close_all = "ctrl+shift+space";
# Redisplay last message(s).
# On the US keyboard layout "grave" is normally above TAB and left
# of "1".
#history = "ctrl+grave";
# Context menu.
context = "mod4+u";
};
urgency_low = {
frame_color = "#268bd2";
foreground = "#002b36";
background = "#fdf6e3";
#timeout = 1;
};
urgency_normal = {
frame_color = "#b58900";
foreground = "#002b36";
background = "#fdf6e3";
#timeout = 1;
};
urgency_critical = {
frame_color = "#dc322f";
foreground = "#002b36";
background = "#fdf6e3";
#timeout = 1;
};
};
# Every section that isn't one of the above is interpreted as a rules to
# override settings for certain messages.
# Messages can be matched by "appname", "summary", "body", "icon", "category",
# "msg_urgency" and you can override the "timeout", "urgency", "foreground",
# "background", "new_icon" and "format".
# Shell-like globbing will get expanded.
#
# SCRIPTING
# You can specify a script that gets run when the rule matches by
# setting the "script" option.
# The script will be called as follows:
# script appname summary body icon urgency
# where urgency can be "LOW", "NORMAL" or "CRITICAL".
#
# NOTE: if you don't want a notification to be displayed, set the format
# to "".
# NOTE: It might be helpful to run dunst -print in a terminal in order
# to find fitting options for rules.
#[espeak]
# summary = "*"
# script = dunst_espeak.sh
#[script-test]
# summary = "*script*"
# script = dunst_test.sh
#[ignore]
# # This notification will not be displayed
# summary = "foobar"
# format = ""
#[signed_on]
# appname = Pidgin
# summary = "*signed on*"
# urgency = low
#
#[signed_off]
# appname = Pidgin
# summary = *signed off*
# urgency = low
#
#[says]
# appname = Pidgin
# summary = *says*
# urgency = critical
#
#[twitter]
# appname = Pidgin
# summary = *twitter.com*
# urgency = normal
#
# vim: ft=cfg
};
}

50
hosts/dell-5590/home-manager/emacs.nix Normal file
View File

@ -0,0 +1,50 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
multimarkdown
];
services.emacs.enable = true;
programs.emacs = {
enable = true;
extraPackages = (epkgs:
(with epkgs; [
use-package
dash
doom-themes
lsp-mode
web-mode
nix-mode
rust-mode
ledger-mode
direnv
company
yasnippet
prettier-js
smartparens
org
org-journal
org-roam
org-msg
org-caldav
magit
evil
bbdb
projectile
flycheck
ivy
counsel
counsel-projectile
lsp-ivy
which-key
elpaPackages.org
markdown-mode
]));
};
home.file = {
".emacs.d/init.el" = {
source = ./configs/init.el;
};
};
}

0
hosts/dell-5590/nixpkgs/gnupg.nix → hosts/dell-5590/home-manager/gnupg.nix
View File

38
hosts/dell-5590/home-manager/home.nix Normal file
View File

@ -0,0 +1,38 @@
{ pkgs, config, ... }: {
imports = [
./packages.nix
./gnupg.nix
./variables.nix
./starship.nix
./i3status.nix
./emacs.nix
./mails.nix
./dunst.nix
./bat.nix
# ./redshift.nix
../../../modules/neovim.nix
../../../modules/rust.nix
../../../modules/tmux.nix
../../../modules/git.nix
];
home.keyboard = {
layout = "fr";
variant = "bepo";
};
xdg.configFile = {
"i3/config".source = ./configs/i3config;
};
# xdg.configFile = {
# "Nextcloud/nextcloud.cfg".source = ./configs/nextcloud.cfg;
# };
xsession.numlock.enable = true;
home.file = {
"./.config/zellij/config.yaml" = {
source = ./configs/zellij;
};
};
home.sessionPath = [
"$HOME/.local/bin"
];
}

10
hosts/dell-5590/home-manager/i3status.nix Normal file
View File

@ -0,0 +1,10 @@
{ config, pkgs, ... }:{
programs.i3status-rust = {
enable = true;
};
xdg.configFile = {
"i3status-rust/bar.toml".source = ./configs/i3status-rust.toml;
};
}

6
hosts/dell-5590/nixpkgs/mails.nix → hosts/dell-5590/home-manager/mails.nix
View File

@ -23,7 +23,11 @@
tls.enable = false;
};
mbsync.enable = true;
mbsync = {
enable = true;
create = "both";
expunge = "both";
};
notmuch.enable = true;
};
};

24
hosts/dell-5590/nixpkgs/packages.nix → hosts/dell-5590/home-manager/packages.nix
View File

@ -3,7 +3,6 @@
home.packages = with pkgs; [
firefox
thunderbird
vim
jq
nextcloud-client
libreoffice
@ -44,15 +43,32 @@
zola
exa
bat
vimPlugins.vim-markdown-composer
neovim
python3
mtr
ferdi
powertop
unar # like 7z
nmap
udiskie
libnotify
sublime-music
drawio
lsd
vagrant
guake
dig
vlc
ferdi
pinta
openvpn
networkmanager-openvpn
python39Packages.grip
linphone
graphviz
evince
kdeconnect
freecad
];
nixpkgs.config.permittedInsecurePackages = [
"ferdi-5.8.1"
];
}

0
hosts/dell-5590/nixpkgs/redshift.nix → hosts/dell-5590/home-manager/redshift.nix
View File

0
hosts/dell-5590/nixpkgs/starship.nix → hosts/dell-5590/home-manager/starship.nix
View File

0
hosts/x201/nixpkgs/terminalrc → hosts/dell-5590/home-manager/terminalrc
View File

2
hosts/dell-5590/nixpkgs/variables.nix → hosts/dell-5590/home-manager/variables.nix
View File

@ -3,7 +3,7 @@
#config ={
home.sessionVariables = {
LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS";
EDITOR = "vim";
EDITOR = "nvim";
TERMINAL = "xfce4-terminal";
BROWSER = "firefox";
PRIVATE_BROWSER = "firefox -private";

0
hosts/dell-5590/nixpkgs/xidlehook.nix → hosts/dell-5590/home-manager/xidlehook.nix
View File

75
hosts/dell-5590/nixos/configuration.nix
View File

@ -11,7 +11,10 @@
./hardware-configuration.nix
./services.nix
./packages.nix
# ./vpn.nix
# ./VPN.nix
../modules/prometheus-node.nix
../modules/syncthing.nix
];
# Use the systemd-boot EFI boot loader.
@ -21,13 +24,31 @@
};
programs = {
zsh.enable = true;
fish.enable = true;
htop = {
enable = true;
settings.show_cpu_temperature = 1;
};
fish = {
enable = true;
interactiveShellInit = ''
set -gx EDITOR nvim
'';
shellAliases = {
ll = "ls -l";
ls = "lsd";
cat = "bat";
sysrs = "sudo nixos-rebuild switch";
sysup = "sudo nixos-rebuild switch --upgrade";
sysclean = "sudo nix-collect-garbage -d; and sudo nix-store --optimise";
nvim = "nvim -u ~/.config/nvim/init.lua";
};
};
ssh = {
setXAuthLocation = true;
forwardX11 = true;
};
};
sound.enable = true;
# hardware
hardware = {
logitech = {
@ -36,9 +57,11 @@
};
pulseaudio = {
enable = true;
extraConfig = "
load-module module-switch-on-connect
";
extraConfig =''
load-module module-switch-on-connect
extraModules = [ pkgs.pulseaudio-modules-bt ];
'';
package = pkgs.pulseaudioFull;
};
sane = {
enable = true;
@ -98,8 +121,16 @@
enable = true;
unmanaged = [ "interface-name:ve-*" ];
};
firewall.enable = true;
firewall.allowedTCPPorts = [ 24800 ];
firewall = {
enable = true;
allowedTCPPorts = [ 24800 6600 1194 ];
allowedTCPPortRanges = [
{ from = 1714; to = 1764; } # KDE Connect
];
allowedUDPPortRanges = [
{ from = 1714; to = 1764; } # KDE Connect
];
};
};
i18n.defaultLocale = "fr_FR.UTF-8";
@ -125,18 +156,21 @@
source-sans-pro
source-serif-pro
iosevka
roboto-mono
fira-code
];
};
# run garbage collector at 19h00 everyday
# and remove stuff older than 60 days
nix.gc.automatic = true;
nix.gc.dates = "19:00";
nix.gc.persistent = true;
nix.gc.options = "--delete-older-than 60d";
nix.settings.auto-optimise-store = true;
nix.gc = {
automatic = true;
dates = "weekly";
persistent = true;
options = "--delete-older-than 10d";
};
# clean /tmp at boot
boot.cleanTmpDir = true;
boot.tmp.cleanOnBoot = true;
nixpkgs.config = {
allowUnfree = true;
@ -145,24 +179,31 @@
system.stateVersion = "21.05"; # Did you read the comment?
environment.variables = {
EDITOR = "vim";
EDITOR = "nvim";
BROWSER = "firefox";
LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS";
TERMINAL = "xfce4-terminal";
PRIVATE_BROWSER = "firefox -private";
DEFAULT-WEB-BROWSER = "firefox";
};
users = {
users.ntp.group = "ntp";
groups.ntp = {};
defaultUserShell = "/run/current-system/sw/bin/fish";
extraUsers.oem = {
isNormalUser = true;
home = "/home/oem";
description = "oem";
extraGroups = [ "wheel" "networkmanager" "plocate" ];
hashedPassword = "$6$TWZqEbF3s7f4Yx8s$xsUheHLM75u1IdvD/6AWnk9c8El2FgGiU5C4mnZddWl8hFaGF2nPojHqvj2l7muJwQ6c8f7A4MRpAKh7PezuN/";
};
extraUsers.alexandre = {
isNormalUser = true;
home = "/home/alexandre";
description = "alexandre";
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "vboxusers" "scanner" "lp" "plocate" ];
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "qemu-libvirtd" "vboxusers" "scanner" "lp" "plocate" ];
hashedPassword = "$6$7m77oPQxa$W9YnRLo1X2eqztBHwpoH8diHGkBno5O39AMyL9Qm8y8I6uW63H2Nwx4p239OG5zhOxA8J1lZvHTQ3hKPSP9mT/";
};
};
nix.settings.experimental-features = [ "nix-command" "flakes" ];
}

3
hosts/dell-5590/nixos/packages.nix
View File

@ -4,7 +4,7 @@
environment.systemPackages = with pkgs; [
wget lshw openssh bc unzip zip file which vim gnumake tmux
wget lshw openssh bc unzip zip file which gnumake tmux
gitAndTools.gitFull
dmenu
pkgs.dconf
@ -20,5 +20,6 @@
utf8proc
pam_u2f
zlib
openvpn
];
}

10
hosts/dell-5590/nixos/services.nix
View File

@ -2,10 +2,15 @@
{
# SERVICES
virtualisation.libvirtd.enable = true;
services = {
printing = {
enable = true;
drivers = [ pkgs.brlaser ];
drivers = [ pkgs.brlaser pkgs.hplip];
};
avahi = {
enable = true;
openFirewall = true;
};
blueman = {
@ -73,12 +78,11 @@
desktopManager = {
xterm.enable = false;
xfce.enable = true;
xfce.thunarPlugins = with pkgs; [ xfce.thunar-volman xfce.thunar-archive-plugin ];
};
};
udev.extraRules = ''
ACTION=="remove", ENV{ID_BUS}=="usb", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", RUN+="${pkgs.i3lock}/bin/i3lock -i /home/alexandre/images/coffee_time.png";
ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", ENV{DISPLAY}=":0", ENV{XAUTHORITY}="/home/alexandre/.Xauthority" RUN+="${pkgs.sudo}/bin/sudo -u alexandre ${pkgs.xautolock}/bin/xautolock -locknow"
'';
};
}

5
hosts/dell-5590/nixos/virtualbox.nix Normal file
View File

@ -0,0 +1,5 @@
{ pkgs, ... }: {
virtualisation.virtualbox.host.enable = true;
virtualisation.virtualbox.host.enableExtensionPack = true;
users.extraGroups.vboxusers.members = [ "alexandre" ];
}

74
hosts/dell-5590/nixpkgs/i3status.nix
View File

@ -1,74 +0,0 @@
{ config, pkgs, ... }:{
programs.i3status-rust = {
enable = true;
bars = {
bottom = {
blocks = [
{
block = "disk_space";
path = "/";
alias = "/";
info_type = "available";
unit = "GB";
interval = 60;
warning = 20.0;
alert = 10.0;
}
{
block = "memory";
display_type = "memory";
format_mem = "{mem_used_percents}";
format_swap = "{swap_used_percents}";
}
{
block = "cpu";
interval = 1;
}
{
block = "load";
interval = 1;
format = "{1m}";
}
{
block = "sound";
headphones_indicator = true;
on_click = "pavucontrol";
}
{
block = "net";
device = "enp0s20f0u6u1i5";
interval = 5;
format = "{graph_up}{graph_down}";
}
{
block = "net";
interval = 5;
device = "tun0";
hide_missing = true;
}
{
block = "net";
interval = 5;
device = "wlp2s0";
format = "{ssid} {signal_strength} {ip} {speed_down;K*b}";
hide_missing = true;
}
{
block = "backlight";
}
{
block = "battery";
}
{
block = "time";
interval = 60;
format = "%a %d/%m %R";
}
];
icons = "material-nf";
theme = "nord-dark";
};
};
};
}

8
hosts/lap2nix/home-manager/bat.nix Normal file
View File

@ -0,0 +1,8 @@
{ config, pkgs, ... }:
{
#configDir = "/home/alexandre/git/nixos-config/hosts/dell-5590/nixpkgs/";
programs.bat = {
enable = true;
# } // (import "${configDir}/bat");
} // (import "/home/alexandre/git/nixos-config/hosts/dell-5590/home-manager/bat");
}

7
hosts/lap2nix/home-manager/bat/default.nix Normal file
View File

@ -0,0 +1,7 @@
{
config = {
decorations = "auto";
paging = "auto";
theme = "Nord";
};
}

120
hosts/lap2nix/home-manager/firefox.nix Normal file
View File

@ -0,0 +1,120 @@
{ config, lib, pkgs, ... }:
let
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
inherit pkgs;
};
in
{
programs.firefox = {
enable = true ;
profiles.default = {
isDefault = true ;
extensions = lib.mkIf config.programs.firefox.enable
(with nur.repos.rycee.firefox-addons; [
french-dictionary
i-dont-care-about-cookies
ublock-origin
privacy-badger
keepassxc-browser
clearurls
decentraleyes
floccus
]);
search = {
force = true;
default = "Google";
engines = {
"Nix Packages" = {
urls = [{
template = "https://search.nixos.org/packages";
params = [
{ name = "type"; value = "packages"; }
{ name = "query"; value = "{searchTerms}"; }
];
}];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@np" ];
};
"NixOS Wiki" = {
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000;
definedAliases = [ "@nw" ];
};
"Wikipedia (en)".metaData.alias = "@wiki";
"Google".metaData.hidden = false;
"Amazon.com".metaData.hidden = true;
"Bing".metaData.hidden = true;
"eBay".metaData.hidden = true;
};
};
bookmarks = [
{
name = "DRI";
toolbar = true;
bookmarks = [
{
name = "wiki";
tags = [ "wiki" ];
keyword = "wiki";
url = "https://en.wikipedia.org/wiki/Special:Search?search=";
}
{
name = "AVV";
url ="https://v2.produhost.net/panel/16148/dashboard";
}
{
name = "Alexandre";
url = "https://bbb.produhost.net/b/ale-1a8-984";
}
{
name = "David";
url = "https://bbb.produhost.net/b/dav-5aj-hxx";
}
];
}
];
settings = {
settings = {
"browser.contentblocking.category" = "strict" ;
"browser.search.region" = "CH" ;
"browser.startup.homepage" = https://www.google.fr ;
"browser.toolbars.bookmarks.visibility" = "always";
"dom.security.https_only_mode" = true ;
"dom.security.https_only_mode_ever_enabled" = true ;
"extensions.blocklist.pingCountVersion" = -1 ;
"extensions.databaseSchema" = 35 ;
"extensions.ui.dictionary.hidden" = false ;
"extensions.ui.extension.hidden" = false ;
"extensions.ui.locale.hidden" = true ;
"extensions.ui.sitepermission.hidden" = true ;
"extensions.webcompat.enable_shims" = true ;
"extensions.webcompat.perform_injections" = true ;
"extensions.webcompat.perform_ua_overrides" = true ;
"findbar.highlightAll" = true ;
"font.name.serif.x-western" = "FreeSerif" ;
"font.size.variable.x-western" = 20 ;
"media.eme.enabled" = true ;
"pref.browser.homepage.disable_button.current_page" = false ;
"print_printer" = "Mozilla Save to PDF" ;
"privacy.annotate_channels.strict_list.enabled" = true ;
"privacy.clearOnShutdown.cookies" = true ;
"privacy.clearOnShutdown.downloads" = false ;
"privacy.clearOnShutdown.formdata" = false ;
"privacy.clearOnShutdown.history" = false ;
"privacy.clearOnShutdown.offlineApps" = true ;
"privacy.clearOnShutdown.sessions" = false ;
"privacy.donottrackheader.enabled" = true ;
"privacy.firstparty.isolate" = true ;
"privacy.history.custom" = true ;
"privacy.purge_trackers.date_in_cookie_database" = 0 ;
"privacy.trackingprotection.emailtracking.enabled" = true ;
"privacy.trackingprotection.enabled" = true ;
"privacy.trackingprotection.socialtracking.enabled" = true ;
};
};
} ;
} ;
}

78
hosts/lap2nix/home-manager/home.nix Normal file
View File

@ -0,0 +1,78 @@
{ config, pkgs, ... }:
{
imports = [
./firefox.nix
./packages.nix
../../../modules/neovim.nix
../../../modules/emacs.nix
../../../modules/tmux.nix
../../../modules/git.nix
];
# Home Manager needs a bit of information about you and the paths it should
# manage.
home.username = "alexandre";
home.homeDirectory = "/home/alexandre";
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
home.stateVersion = "23.05"; # Please read the comment before changing.
# The home.packages option allows you to install Nix packages into your
# environment.
home.packages = [
# # Adds the 'hello' command to your environment. It prints a friendly
# # "Hello, world!" when run.
# pkgs.hello
# # It is sometimes useful to fine-tune packages, for example, by applying
# # overrides. You can do that directly here, just don't forget the
# # parentheses. Maybe you want to install Nerd Fonts with a limited number of
# # fonts?
# (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
# # You can also create simple shell scripts directly inside your
# # configuration. For example, this adds a command 'my-hello' to your
# # environment:
# (pkgs.writeShellScriptBin "my-hello" ''
# echo "Hello, ${config.home.username}!"
# '')
];
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
home.file = {
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
# # symlink to the Nix store copy.
# ".screenrc".source = dotfiles/screenrc;
# # You can also set the file content immediately.
# ".gradle/gradle.properties".text = ''
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
};
# You can also manage environment variables but you will have to manually
# source
#
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# /etc/profiles/per-user/alexandre/etc/profile.d/hm-session-vars.sh
#
# if you don't want to manage your shell through Home Manager.
home.sessionVariables = {
# EDITOR = "emacs";
};
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}

46
hosts/lap2nix/home-manager/packages.nix Normal file
View File

@ -0,0 +1,46 @@
{ pkgs, ... }: {
programs.go.enable = true;
home.packages = with pkgs; [
jq
nextcloud-client
libreoffice
rofi
poppler_utils
brightnessctl
chromium
gimp
scrot
papirus-icon-theme
ganttproject-bin
audio-recorder
pandoc
hugo
whois
inkscape
feh
ispell
aspellDicts.fr
nix-direnv
keepassxc
direnv
texlive.combined.scheme-full
zola
exa
python3
unar # like 7z
nmap
libnotify
sublime-music
drawio
lsd
dig
vlc
pinta
# python39Packages.grip
linphone
graphviz
freecad
thunderbird
];
nixpkgs.config.permittedInsecurePackages = [ "ferdi-5.8.1" ];
}

179
hosts/lap2nix/nixos/configuration.nix Normal file
View File

@ -0,0 +1,179 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
./laptop.nix
./services.nix
./gnome.nix
./extra_hw.nix
];
# Use the systemd-boot EFI boot loader.
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
loader.grub.efiSupport = true;
loader.grub.efiInstallAsRemovable = true;
loader.grub.device = "nodev";
plymouth.enable = true;
tmp.cleanOnBoot = true ;
kernelParams = [ "i915.enable_fbc=1" ];
};
networking = {
hostName = "lap2nix";
networkmanager.enable = true;
firewall.enable = true;
};
time.timeZone = "Europe/Paris";
# Select internationalisation properties.
i18n.defaultLocale = "fr_FR.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
fonts = {
fontDir.enable = true;
enableGhostscriptFonts = true;
fonts = with pkgs; [
corefonts
vistafonts
powerline-fonts
inconsolata
terminus_font
proggyfonts
dejavu_fonts
font-awesome
nerdfonts
source-code-pro
source-sans-pro
source-serif-pro
iosevka
roboto-mono
fira-code
];
};
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
users = {
groups.ntp = {};
defaultUserShell = "/run/current-system/sw/bin/fish";
extraUsers.alexandre = {
isNormalUser = true;
home = "/home/alexandre";
description = "alexandre";
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "scanner" "plocate" "lp" ];
packages = with pkgs; [
firefox
gitAndTools.gitFull
];
};
extraUsers.oem = {
isNormalUser = true;
home = "/home/oem";
description = "oem";
extraGroups = [ "wheel" "networkmanager" ];
};
};
environment.variables = {
EDITOR = "nvim";
BROWSER = "firefox";
LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS";
TERMINAL = "xfce4-terminal";
PRIVATE_BROWSER = "firefox -private";
};
security = {
rtkit.enable = true; # for pipewire
apparmor.enable = true;
pam = {
u2f = {
enable = true;
control = "requisite";
};
services = {
login.u2fAuth = true;
lightdm.u2fAuth = true;
gdm.u2fAuth = true;
};
};
};
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixpkgs.config = {
allowUnfree = true;
};
environment.systemPackages = with pkgs; [
neovim
bat
lsd
pam_u2f
gsmartcontrol
lm_sensors
];
nix.settings.auto-optimise-store = true;
nix.gc = {
automatic = true;
dates = "weekly";
persistent = true;
options = "--delete-older-than 10d";
};
programs.hyprland.enable = true;
programs = {
htop = {
enable = true;
settings.show_cpu_temperature = 1;
};
fish = {
enable = true;
interactiveShellInit = ''
set -gx EDITOR nvim
'';
shellAliases = {
ll = "ls -l";
ls = "lsd";
cat = "bat";
sysrs = "sudo nixos-rebuild switch";
sysup = "sudo nixos-rebuild switch --upgrade";
sysclean = "sudo nix-collect-garbage -d; and sudo nix-store --optimise";
# nvim = "nvim -u ~/.config/nvim/init.lua";
};
};
};
system.stateVersion = "23.05"; # Did you read the comment?
nixpkgs.config.packageOverrides = pkgs: {
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
inherit pkgs;
};
};
}

33
hosts/lap2nix/nixos/extra_hw.nix Normal file
View File

@ -0,0 +1,33 @@
{ config, pkgs, ... }:
{
hardware = {
cpu.intel.updateMicrocode = true;
enableAllFirmware = true;
pulseaudio.enable = false;
bluetooth = {
enable = true;
settings = {
General = {
Enable = "Source,Sink,Media,Socket";
};
};
};
logitech = {
wireless.enable = true;
wireless.enableGraphical = true;
};
opengl = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver # LIBVA_DRIVER_NAME=iHD
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
vaapiVdpau
libvdpau-va-gl
];
};
};
# Video acceleration
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
};
}

29
hosts/lap2nix/nixos/gnome.nix Normal file
View File

@ -0,0 +1,29 @@
{ config, pkgs, ... }:
{
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
environment.gnome.excludePackages = (with pkgs; [
gnome-photos
gnome-tour
]) ++ (with pkgs.gnome; [
cheese # webcam tool
gnome-music
gedit # text editor
epiphany # web browser
totem # video player
tali # poker game
iagno # go game
hitori # sudoku game
atomix # puzzle game
]);
environment.systemPackages = with pkgs; [
pkgs.gnome3.gnome-tweaks
gnomeExtensions.appindicator
gnomeExtensions.yakuake
gnomeExtensions.workspace-indicator-2
gnomeExtensions.wireless-hid
gnomeExtensions.vitals
];
}

51
hosts/lap2nix/nixos/hardware-configuration.nix Normal file
View File

@ -0,0 +1,51 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "vmd" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/72f89746-dc22-4d98-a060-7cb1b5d4ff99";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/749C-8D77";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/69166e6c-3405-4025-8a22-ca456e65dfdf"; }
];
boot.initrd.luks.devices = {
"partitions" = {
device = "/dev/nvme0n1p2";
preLVM = true;
crypttabExtraOpts = ["fido2-device=auto"];
};
};
boot.initrd.systemd.enable = true;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

7
hosts/lap2nix/nixos/laptop.nix Normal file
View File

@ -0,0 +1,7 @@
{ config, pkgs, ... }:
{
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
}

55
hosts/lap2nix/nixos/services.nix Normal file
View File

@ -0,0 +1,55 @@
{ config, pkgs, ... }:
{
services = {
avahi = {
enable = true;
openFirewall = true;
};
clamav = {
daemon.enable = true;
updater.enable = true;
};
ntp = {
enable = true;
};
thermald = {
enable = true;
};
fstrim = {
enable = true;
};
locate = {
enable = true;
locate = pkgs.plocate;
interval = "hourly";
localuser = null;
};
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# Enable the X11 windowing system.
xserver = {
enable = true;
# Configure keymap in X11
layout = "fr";
xkbOptions = "eurosign:e,caps:escape";
# Enable the GNOME Desktop Environment.
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
#ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", ENV{DISPLAY}=":0", ENV{XAUTHORITY}="/home/alexandre/.Xauthority" RUN+="${pkgs.sudo}/bin/sudo -u alexandre ${pkgs.xdg-utils}/bin/xdg-screensaver lock"
udev.extraRules = ''
ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", RUN+="${pkgs.sudo}/bin/sudo -u alexandre ${pkgs.dbus}/bin/dbus-send --type=method_call --dest=org.gnome.ScreenSaver /org/gnome/ScreenSaver org.gnome.ScreenSaver.Lock"
'';
};
}

22
hosts/next/backup.nix
View File

@ -1,16 +1,20 @@
{config, pkgs, ...}:
{
environment.systemPackages = with pkgs; [
restic
];
services.restic.backups = {
localbackup = {
initialize = true;
passwordFile = "/run/restic_pass";
paths = [ "/var/lib/nextcloud/data/" "/var/backup/postgresql" ];
repository = "rest:https://back.atlanticaweb.fr/Nextcloud";
timerConfig = {
OnCalendar = "02:05";
RandomizedDelaySec = "5h";
};
remotebackup = {
initialize = true;
passwordFile = "/run/restic_pass";
paths = [ "/var/lib/nextcloud/data/" "/var/backup/postgresql" ];
#repository = "rest:https://back.atlanticaweb.fr/Nextcloud";
repository = "sftp:u329746@u329746.your-storagebox.de:/home/Nextcloud";
timerConfig = {
OnCalendar = "02:05";
RandomizedDelaySec = "5h";
};
};
};
services.postgresqlBackup = {
enable = true;

7
hosts/next/configuration.nix
View File

@ -9,6 +9,8 @@
../modules/navidrome.nix
../modules/transmission.nix
../modules/prometheus-node.nix
# ../docker/appsmith.nix
# ../docker/baserow.nix
./agenix.nix
# <agenix/modules/age.nix>
];
@ -22,8 +24,11 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUA1RW6JwZasspAp8qmFRFnlV5WXjhLfStAAkM+KYLv lucazeau.alexandre@gmail.com"
];
networking.firewall.allowedTCPPorts = [ 80 443 22 9002 4533];
programs.ssh.extraConfig = "Host u329746.your-storagebox.de\n Hostname u329746.your-storagebox.de\n Port 23\n user u329746\n IdentityFile /home/alexandre/.ssh/id_ed25519-perso";
networking.firewall.allowedTCPPorts = [ 80 443 22 9002 4533 5050 8080];
services.qemuGuest.enable = true;
services.shiori.enable = true;
# environment.systemPackages = [ (pkgs.callPackage <agenix/pkgs/agenix.nix> {}) ];
# age.secrets.secret_restic = {

2
hosts/next/databases.nix
View File

@ -6,7 +6,7 @@ networking.firewall.allowedTCPPorts = [ 5432 5050 ];
services.postgresql = {
enable = true;
enableTCPIP = true;
authentication = "host all all 192.168.0.0/16 trust";
authentication = "host all all 192.168.0.0/16 trust \nhost all all 10.88.0.0/16 trust";
# Ensure the database, user, and permissions always exist
ensureDatabases = [ "pizzajoffredb" ];

10
hosts/next/nextcloud.nix
View File

@ -31,6 +31,14 @@ services.nginx = {
proxyWebsockets = true;
};
};
"bookmark.atlanticaweb.fr" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8080/";
proxyWebsockets = true;
};
};
};
};
@ -40,7 +48,7 @@ security.acme.acceptTerms = true;
# Actual Nextcloud Config
services.nextcloud = {
enable = true;
package = pkgs.nextcloud24;
package = pkgs.nextcloud25;
hostName = "next.atlanticaweb.fr";
# Enable built-in virtual host management
# Takes care of somewhat complicated setup

9
hosts/sup/configuration.nix
View File

@ -2,17 +2,20 @@
imports = [
./hardware-configuration.nix
./firewall-services.nix
./VPN.nix
../modules/users.nix
../modules/common.nix
../modules/smtp.nix
../modules/grafana.nix
../docker/podman.nix
];
system.stateVersion = "22.05";
boot.cleanTmpDir = true;
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
networking.hostName = "sup";
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUA1RW6JwZasspAp8qmFRFnlV5WXjhLfStAAkM+KYLv lucazeau.alexandre@gmail.com"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUA1RW6JwZasspAp8qmFRFnlV5WXjhLfStAAkM+KYLv lucazeau.alexandre@gmail.com"
];
}

172
hosts/template/README.md Normal file
View File

@ -0,0 +1,172 @@
# Procédure d'installation d'un poste sécurisé.
La procédure ci-dessous permet de mettre en place un poste sécurisé. Les fichiers de ce dépôt ont vocation à être utilisés comme template.
Le disque est chiffré, l'authentification des comptes utilisateurs nécessite une clé hardware et un mot de passe (2FA).
Le déchiffrement du poste nécessite également une clé hardware (FIDO2).
Pour la sécurité, **apparmor** et **clamav** sont installés.
Le compte utilisateur ne peut pas devenir root, il faut passer par un compte tiers. Sous **nixos** il n'y a pas pas beaucoup d'intéret puisque nous utilisons **home-manager** pour installer des applications, mais c'est une bonne pratique.
Ce template installe gnome comme environnement de bureau, pour sa polyvalence.
Pour aller plus loins en matière de sécurité, nous pouvons supprimer les mots de passes de déchiffrement. Attention, la suppression des mots de passes rend impossible l'ajout d'une clé (matériel) ou d'un nouveau mot de passe.
**systemd-cryptenroll** permet de créer un mo de passe de récupération. Il est généré par l'ordinateur avec beaucoup d'entropie.
Personnellement, j'ai une clé yubikey, une clé nitrokey et un mot de passe de récupération, stocké dans une base chiffrée.
# Partie 1 : installation de base
Le poste dispose d'un EFI, le disque sera chiffré
## partitionnement
gdisk /dev/sda
* ````o```` creation d'une nouvelle table de partitions
* ```n``` ajouter une partition de 500M de type ef00 pour l'EFI
* ```` n ```` ajouter une partition avec le reste de l'espace disponible, type 8300
* ```` w ```` on valide la table et on sort
### Chiffrement
cryptsetup luksFormat /dev/sda2 # création d'un volume chiffré
cryptsetup luksOpen /dev/sda2 enc-pv # ouverture du volume chiffré sur le point /dev/mapper/enc-vp
### Partitionnement LVM
Création de deux volumes logiques LVM. Le premier de 8Go pour la swap (j'ai 8Go de RAM) et le second pour la racine
pvcreate /dev/mapper/enc-pv
vgcreate vg /dev/mapper/enc-pv
lvcreate -L 8G -n swap vg
lvcreate -l '100%FREE' -n root vg
### formattage
mkfs.fat /dev/sda1
mkfs.ext4 -L root /dev/vg/root
mkswap -L swap /dev/vg/swap
## Pré-installation
mount /dev/vg/root /mnt
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot
swapon /dev/vg/swap
## Préparation de l'installation
nixos-generate-config --root /mnt
A partir de là le template peut-être installé.
nix-shell -p git
git clone https://git.atlanticaweb.fr/alexandre/nixos-config.git
Enfin dans le hardware.nix, il faut ajouter le volume /boot pour qu'il soit dans le **fstab** puis ajouter le chargement dans l'initrd du LVM et du déchiffrement. ça nous donne :
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/0BEC-722D";
fsType = "vfat";
};
boot.initrd.luks.devices = {
"partitions" = {
device = "/dev/sda2";
preLVM = true;
};
};
## Notes sur la sécurisation u2f et le déchiffrement via clé FIDO2
### Pour la partie authentification u2f
L'authentification u2f avec une clée Yubikey 5 nécessite une configuration par utilisateur.
nix-shell -p pam_u2f
mkdir -p ~/.config/Yubico
pamu2fcfg > ~/.config/Yubico/u2f_keys
Si vous avez 2 clés, pour ajouter la seconde clé :
pamu2fcfg -n >> ~/.config/Yubico/u2f_keys
### Pour le déchiffrement de la partition LUKS avec le protocole FIDO2
Pour cette partie, il faut regénéré l'initrd avec le support FIDO2 et l'ajout de systemd.
Pour cela il faut modifier :
boot.initrd.luks.devices = {
"partitions" = {
device = "/dev/sda2";
preLVM = true;
};
};
en :
boot.initrd.luks.devices = {
"partitions" = {
device = "/dev/sda2";
preLVM = true;
crypttabExtraOpts = ["fido2-device=auto"];
};
};
boot.initrd.systemd.enable = true;
L'ajout des clés de déchiffrement se fait simplement via :
systemd-cryptenroll --fido2-device=auto /dev/sda2
ou pour un déchiffrement uniquement via clé fido2 :
systemd-cryptenroll --unlock-fido2-device=auto /dev/sda2
Cette commande est à exécutée pour chaque clée que vous possédez.
Pour générer une clé de récupération :
systemd-cryptenroll --recovery-key /dev/sda2
Pour supprimer une clée d'un slot :
systemd-cryptenroll --wipe-slot=2 #supprime la clé du slot 2
Pour supprimer tous les mots de passe :
systemd-cryptenroll --wipe-slot=password /dev/sda2
Pour supprimer toutes les clés :
systemd-cryptenroll --wipe-slot=fido2 /dev/sda2
## Installation
On peut démarrer l'installation avec :
nixos-install
reboot
En cas d'erreur au reboot, on redémarre sur la clé. POur accéder à la configuration :
cryptsetup luksOpen /dev/sda2 enc-pv
lvchange -a y /dev/vg/swap
lvchange -a y /dev/vg/root
mount /dev/vg/root /mnt
mount /dev/sda1 /mnt/boot
swapon /dev/vg/swap
cp /mnt/etc/wpa_supplicant.conf /etc
Au reboot, je me connecte en root et je change le password de mon user.
# Configuration utilisateur
## home-manager
J'ai opté pour une installation locale à mon utilisateur de home-manager
ajouter le dépot correspondant à la version en cours de nixpkgs :
nix-channel --add https://github.com/nix-community/home-manager/archive/release-22.11.tar.gz home-manager
mise à jour de la base
nix-channel --update
reboot
Installation
nix-shell '<home-manager>' -A install

84
hosts/template/home-manager/firefox.nix Normal file
View File

@ -0,0 +1,84 @@
{ config, pkgs, theme, ... }:
{
programs.firefox = {
enable = true;
package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
extraPolicies = {
CaptivePortal = false;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
DisableFirefoxAccounts = false;
NoDefaultBookmarks = true;
OfferToSaveLogins = true;
OfferToSaveLoginsDefault = true;
PasswordManagerEnabled = true;
FirefoxHome = {
Search = true;
Pocket = false;
Snippets = false;
TopSites = false;
Highlights = false;
};
UserMessaging = {
ExtensionRecommendations = false;
SkipOnboarding = true;
};
};
};
profiles = {
alexandre = {
id = 0;
name = "alexandre";
search = {
force = true;
default = "Google";
engines = {
"Nix Packages" = {
urls = [{
template = "https://search.nixos.org/packages";
params = [
{ name = "type"; value = "packages"; }
{ name = "query"; value = "{searchTerms}"; }
];
}];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@np" ];
};
"NixOS Wiki" = {
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000;
definedAliases = [ "@nw" ];
};
"Wikipedia (en)".metaData.alias = "@wiki";
"Google".metaData.hidden = false;
"Amazon.com".metaData.hidden = true;
"Bing".metaData.hidden = true;
"eBay".metaData.hidden = true;
};
};
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
ublock-origin
privacy-badger
keepassxc-browser
clearurls
decentraleyes
floccus
languagetool
disconnect
];
settings = {
"general.smoothScroll" = true;
};
# extraConfig = ''
# user_pref("full-screen-api.ignore-widgets", true);
# user_pref("media.ffmpeg.vaapi.enabled", true);
# user_pref("media.rdd-vpx.enabled", true);
# '';
};
};
};
}

73
hosts/template/home-manager/home.nix Normal file
View File

@ -0,0 +1,73 @@
{ config, pkgs, ... }:
{
imports = [
./firefox.nix
];
# Home Manager needs a bit of information about you and the paths it should
# manage.
home.username = "alexandre";
home.homeDirectory = "/home/alexandre";
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
home.stateVersion = "23.05"; # Please read the comment before changing.
# The home.packages option allows you to install Nix packages into your
# environment.
home.packages = [
# # Adds the 'hello' command to your environment. It prints a friendly
# # "Hello, world!" when run.
# pkgs.hello
# # It is sometimes useful to fine-tune packages, for example, by applying
# # overrides. You can do that directly here, just don't forget the
# # parentheses. Maybe you want to install Nerd Fonts with a limited number of
# # fonts?
# (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
# # You can also create simple shell scripts directly inside your
# # configuration. For example, this adds a command 'my-hello' to your
# # environment:
# (pkgs.writeShellScriptBin "my-hello" ''
# echo "Hello, ${config.home.username}!"
# '')
];
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
home.file = {
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
# # symlink to the Nix store copy.
# ".screenrc".source = dotfiles/screenrc;
# # You can also set the file content immediately.
# ".gradle/gradle.properties".text = ''
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
};
# You can also manage environment variables but you will have to manually
# source
#
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# /etc/profiles/per-user/alexandre/etc/profile.d/hm-session-vars.sh
#
# if you don't want to manage your shell through Home Manager.
home.sessionVariables = {
# EDITOR = "emacs";
};
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}

177
hosts/template/nixos/configuration.nix Normal file
View File

@ -0,0 +1,177 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
./services.nix
./extra_hw.nix
];
boot = {
loader.systemd-boot.enable = true;
loader.grub.efiSupport = true;
loader.grub.efiInstallAsRemovable = true;
loader.grub.device = "nodev";
plymouth.enable = true;
tmp.cleanOnBoot = true ;
kernelParams = [ "i915.enable_fbc=1" ];
};
networking = {
hostName = "d2nix"; # Define your hostname.
networkmanager.enable = true;
firewall.enable = true;
};
# Set your time zone.
time.timeZone = "Europe/Paris";
i18n.defaultLocale = "fr_FR.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
fonts = {
fontDir.enable = true;
enableGhostscriptFonts = true;
fonts = with pkgs; [
corefonts
vistafonts
powerline-fonts
inconsolata
terminus_font
proggyfonts
dejavu_fonts
font-awesome
nerdfonts
source-code-pro
source-sans-pro
source-serif-pro
iosevka
roboto-mono
fira-code
];
};
#sound.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users = {
groups.ntp = {};
defaultUserShell = "/run/current-system/sw/bin/fish";
extraUsers.alexandre = {
isNormalUser = true;
home = "/home/alexandre";
description = "alexandre";
extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "scanner" "plocate" "lp" ];
packages = with pkgs; [
firefox
gitAndTools.gitFull
];
};
extraUsers.oem = {
isNormalUser = true;
home = "/home/oem";
description = "oem";
extraGroups = [ "wheel" "networkmanager" ];
};
};
environment.variables = {
EDITOR = "nvim";
BROWSER = "firefox";
LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS";
TERMINAL = "xfce4-terminal";
PRIVATE_BROWSER = "firefox -private";
};
security = {
rtkit.enable = true; # for pipewire
apparmor.enable = true;
pam = {
u2f = {
enable = true;
control = "requisite";
};
services = {
login.u2fAuth = true;
lightdm.u2fAuth = true;
gdm.u2fAuth = true;
};
};
};
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixpkgs.config = {
allowUnfree = true;
};
nix.settings.auto-optimise-store = true;
nix.gc = {
automatic = true;
dates = "weekly";
persistent = true;
options = "--delete-older-than 10d";
};
programs = {
htop = {
enable = true;
settings.show_cpu_temperature = 1;
};
fish = {
enable = true;
interactiveShellInit = ''
set -gx EDITOR nvim
'';
shellAliases = {
ll = "ls -l";
ls = "lsd";
cat = "bat";
sysrs = "sudo nixos-rebuild switch";
sysup = "sudo nixos-rebuild switch --upgrade";
sysclean = "sudo nix-collect-garbage -d; and sudo nix-store --optimise";
# nvim = "nvim -u ~/.config/nvim/init.lua";
};
};
};
environment.systemPackages = with pkgs; [
neovim
bat
lsd
pam_u2f
gsmartcontrol
lm_sensors
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
nixpkgs.config.packageOverrides = pkgs: {
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
inherit pkgs;
};
};
}

33
hosts/template/nixos/extra_hw.nix Normal file
View File

@ -0,0 +1,33 @@
{ config, pkgs, ... }:
{
hardware = {
cpu.intel.updateMicrocode = true;
enableAllFirmware = true;
pulseaudio.enable = false;
bluetooth = {
enable = true;
settings = {
General = {
Enable = "Source,Sink,Media,Socket";
};
};
};
logitech = {
wireless.enable = true;
wireless.enableGraphical = true;
};
opengl = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver # LIBVA_DRIVER_NAME=iHD
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
vaapiVdpau
libvdpau-va-gl
];
};
};
# Video acceleration
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
};
}

49
hosts/template/nixos/hardware-configuration.nix Normal file
View File

@ -0,0 +1,49 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" "vfat" "nls_cp437" "nls_iso8859-1" ];
boot.initrd.kernelModules = [ "dm-snapshot" "coretemp" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/8eea016d-9dd3-4149-8e5c-014d7d90695f";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/0382-3D00";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/1ffd2601-020f-4635-923b-4053676070d7"; }
];
# boot.initrd.luks.yubikeySupport = true;
boot.initrd.luks.devices = {
"partitions" = {
device = "/dev/sda2";
preLVM = true;
crypttabExtraOpts = ["fido2-device=auto"];
};
};
boot.initrd.systemd.enable = true;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f0u10.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

7
hosts/template/nixos/laptop.nix Normal file
View File

@ -0,0 +1,7 @@
{ config, pkgs, ... }:
{
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
}

51
hosts/template/nixos/services.nix Normal file
View File

@ -0,0 +1,51 @@
{ config, pkgs, ... }:
{
services = {
avahi = {
enable = true;
openFirewall = true;
};
clamav = {
daemon.enable = true;
updater.enable = true;
};
ntp = {
enable = true;
};
thermald = {
enable = true;
};
fstrim = {
enable = true;
};
locate = {
enable = true;
locate = pkgs.plocate;
interval = "hourly";
localuser = null;
};
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# Enable the X11 windowing system.
xserver = {
enable = true;
# Configure keymap in X11
layout = "fr";
xkbOptions = "eurosign:e,caps:escape";
# Enable the GNOME Desktop Environment.
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
};
}

134
hosts/text-nixos/configuration.nix Normal file
View File

@ -0,0 +1,134 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the GRUB 2 boot loader.
# boot.loader.grub.enable = true;
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Define on which hard drive you want to install Grub.
boot = {
loader.systemd-boot.enable = true;
loader.grub.efiSupport = true;
loader.grub.efiInstallAsRemovable = true;
loader.grub.device = "nodev"; # or "nodev" for efi only
## OK initrd.luks.fido2Support = true;
## OK initrd.luks.devices."partitions".device = "/dev/sda2";
## OK initrd.luks.devices.partitions.crypttabExtraOpts = ["fido2-device=auto" "headless=true" ];
## OK initrd.luks.devices."partitions".fallbackToPassword = true;
## OK initrd.luks.devices."partitions".fido2.credentials = [
## OK "5cd4080973f89909db8f92dbb3f4352b"
## OK "a693320606d47eaf7049673fd2184332791a52aba4d077303277d98ea79da172488d52dae2262619c1da2be7562ec9dd94888c71a9326fea70dfe16214b5ea8ec014ea010000"
## OK ];
plymouth.enable = true;
tmp.cleanOnBoot = true ;
kernelParams = [ "i915.enable_fbc=1" ];
};
networking.hostName = "d2nix"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
time.timeZone = "Europe/Paris";
i18n.defaultLocale = "fr_FR.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
# };
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
# Configure keymap in X11
# services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# users.users.alice = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = with pkgs; [
# firefox
# tree
# ];
# };
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
fido2luks
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

54
hosts/text-nixos/hardware-configuration.nix Normal file
View File

@ -0,0 +1,54 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
# { device = "/dev/sda2";
{ device = "/dev/disk/by-uuid/20388412-0d02-4091-a320-c4096d1d4a4e";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/D96D-5573";
fsType = "vfat";
};
boot.initrd.luks.devices = {
"partitions" = {
device = "/dev/sda2";
preLVM = true;
};
};
boot.initrd.luks.devices.root = {
crypttabExtraOpts = [ "fido2-device=auto" "fido2-with-user-verification=true" ];
device = "/dev/sda2";
};
boot.initrd.systemd.enable = true;
swapDevices =
[ { device = "/dev/disk/by-uuid/b4c59607-58e7-4af9-85c2-2fa5bf618f8e"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f0u10.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

28
hosts/web/configuration.nix
View File

@ -1,24 +1,32 @@
# atlanticaweb.fr 37.187.103.8/24
{ pkgs, ... }: {
imports = [
./hardware-configuration.nix
./webserver.nix
./firewall-web.nix
../modules/gitea.nix
../modules/prometheus-node.nix
../modules/common.nix
../modules/users.nix
modules/gitea.nix
modules/prometheus-node.nix
modules/common.nix
modules/users.nix
# ../docker/appsmith.nix
docker/kuma.nix
modules/syncthing.nix
];
system.stateVersion = "21.11";
system.stateVersion = "23.11";
boot.cleanTmpDir = true;
boot.tmp.cleanOnBoot = true;
zramSwap.enable = false;
networking.hostName = "web";
services.openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
kbdInteractiveAuthentication = false;
};
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
system.autoUpgrade.enable = true;
system.autoUpgrade.allowReboot = true;
}

1
hosts/web/docker Symbolic link
View File

@ -0,0 +1 @@
/home/alexandre/git/nixos-config/docker/

2
hosts/web/firewall-web.nix
View File

@ -4,7 +4,7 @@
networking.firewall = {
allowPing = true;
# allowed TCP range
allowedTCPPorts = [ 22 80 443 9002 2021];
allowedTCPPorts = [ 22 80 443 9002 2021 8096 8920];
};
services.fail2ban = {
enable = true;

1
hosts/web/modules Symbolic link
View File

@ -0,0 +1 @@
/home/alexandre/git/nixos-config/modules/

Some files were not shown because too many files have changed in this diff Show More