summaryrefslogtreecommitdiff
path: root/nix
diff options
context:
space:
mode:
authorPreston Pan <ret2pop@nullring.xyz>2026-03-02 00:03:12 -0800
committerPreston Pan <ret2pop@nullring.xyz>2026-03-02 00:03:12 -0800
commit9484c4ec525c02caa8a65ecfe37ed24f1d4b321d (patch)
tree676712a1504939b37a69fbee9c235dc61917cd65 /nix
parenta05e0614c1bb75f77717a943dc4ac75a0cca4652 (diff)
Remove local nix directory to prepare for submodule
Diffstat (limited to 'nix')
-rw-r--r--nix/.sops.yaml13
-rwxr-xr-xnix/data/deploy-matterbridge.sh25
-rw-r--r--nix/data/matterbridge.toml25
-rw-r--r--nix/data/motd.txt8
-rw-r--r--nix/data/public-inbox.css143
-rw-r--r--nix/disko/btrfs-simple.nix77
-rw-r--r--nix/disko/drive-bios.nix35
-rw-r--r--nix/disko/drive-simple.nix42
-rw-r--r--nix/dns/default.nix3
-rw-r--r--nix/fake-update-dns.sh3
-rw-r--r--nix/flake.lock770
-rw-r--r--nix/flake.nix212
-rw-r--r--nix/flakevars.nix23
-rw-r--r--nix/init.el689
-rw-r--r--nix/modules/bitcoin.nix7
-rw-r--r--nix/modules/cgit.nix34
-rw-r--r--nix/modules/conduit.nix212
-rw-r--r--nix/modules/configuration.nix606
-rw-r--r--nix/modules/coturn.nix10
-rw-r--r--nix/modules/cuda.nix9
-rw-r--r--nix/modules/default.nix82
-rw-r--r--nix/modules/docker.nix15
-rw-r--r--nix/modules/dovecot.nix8
-rw-r--r--nix/modules/fail2ban.nix11
-rw-r--r--nix/modules/firejail.nix20
-rw-r--r--nix/modules/git-daemon.nix11
-rw-r--r--nix/modules/gitolite.nix8
-rw-r--r--nix/modules/gitweb.nix12
-rw-r--r--nix/modules/gotosocial.nix14
-rw-r--r--nix/modules/heisenbridge.nix9
-rw-r--r--nix/modules/home/default.nix219
-rw-r--r--nix/modules/home/emacs.nix102
-rw-r--r--nix/modules/home/fcitx.nix14
-rw-r--r--nix/modules/home/firefox.nix25
-rw-r--r--nix/modules/home/gammastep.nix20
-rw-r--r--nix/modules/home/git.nix40
-rw-r--r--nix/modules/home/gtk.nix27
-rw-r--r--nix/modules/home/home.nix11
-rw-r--r--nix/modules/home/hyprland.nix192
-rw-r--r--nix/modules/home/kitty.nix53
-rw-r--r--nix/modules/home/mako.nix15
-rw-r--r--nix/modules/home/mbsync.nix33
-rw-r--r--nix/modules/home/mpd.nix44
-rw-r--r--nix/modules/home/mpv.nix12
-rw-r--r--nix/modules/home/msmtp.nix27
-rw-r--r--nix/modules/home/pantalaimon.nix19
-rw-r--r--nix/modules/home/personal_secrets.nix23
-rw-r--r--nix/modules/home/secrets.nix35
-rw-r--r--nix/modules/home/user.nix202
-rw-r--r--nix/modules/home/vps_secrets.nix43
-rw-r--r--nix/modules/home/waybar.nix274
-rw-r--r--nix/modules/home/wofi.nix188
-rw-r--r--nix/modules/home/yt-dlp.nix13
-rw-r--r--nix/modules/home/zsh.nix47
-rw-r--r--nix/modules/honk.nix8
-rw-r--r--nix/modules/i2pd.nix9
-rw-r--r--nix/modules/icecast.nix21
-rw-r--r--nix/modules/impermanence.nix100
-rw-r--r--nix/modules/inspircd.nix539
-rw-r--r--nix/modules/ircd.nix12
-rw-r--r--nix/modules/kubo.nix20
-rw-r--r--nix/modules/maddy.nix196
-rw-r--r--nix/modules/matrix-appservice-irc.nix10
-rw-r--r--nix/modules/matterbridge.nix7
-rw-r--r--nix/modules/mautrix.nix150
-rw-r--r--nix/modules/murmur.nix14
-rw-r--r--nix/modules/nginx.nix54
-rw-r--r--nix/modules/ngircd.nix35
-rw-r--r--nix/modules/ntfy-sh.nix79
-rw-r--r--nix/modules/nvidia.nix22
-rw-r--r--nix/modules/ollama.nix20
-rw-r--r--nix/modules/pantalaimon.nix13
-rw-r--r--nix/modules/pipewire.nix42
-rw-r--r--nix/modules/postfix.nix8
-rw-r--r--nix/modules/public_inbox.nix86
-rw-r--r--nix/modules/secrets.nix118
-rw-r--r--nix/modules/ssh.nix13
-rw-r--r--nix/modules/tor.nix20
-rw-r--r--nix/modules/vars.nix131
-rw-r--r--nix/modules/xserver.nix27
-rw-r--r--nix/modules/znc.nix37
-rw-r--r--nix/poetry.lock363
-rw-r--r--nix/pyproject.toml18
-rw-r--r--nix/secrets/secrets.yaml21
-rw-r--r--nix/secrets/vps_secrets.yaml30
-rw-r--r--nix/spontaneity.qcow2bin21954560 -> 0 bytes
-rw-r--r--nix/systems/affinity/default.nix16
-rw-r--r--nix/systems/affinity/home.nix6
-rw-r--r--nix/systems/common.nix8
-rw-r--r--nix/systems/continuity/default.nix19
-rw-r--r--nix/systems/continuity/home.nix6
-rw-r--r--nix/systems/home-common.nix7
-rw-r--r--nix/systems/home.nix15
-rw-r--r--nix/systems/installer/commits.nix5
-rw-r--r--nix/systems/installer/default.nix156
-rw-r--r--nix/systems/rpi-skepticism/default.nix7
-rw-r--r--nix/systems/rpi-zero/default.nix21
-rw-r--r--nix/systems/rpi-zero/home.nix7
-rw-r--r--nix/systems/spontaneity/default.nix28
-rw-r--r--nix/systems/spontaneity/hardware-configuration.nix23
-rw-r--r--nix/systems/spontaneity/home.nix6
-rw-r--r--nix/topology/default.nix55
-rw-r--r--nix/update-dns.sh3
-rw-r--r--nix/vm-boot.log26
104 files changed, 0 insertions, 7451 deletions
diff --git a/nix/.sops.yaml b/nix/.sops.yaml
deleted file mode 100644
index 3613e2b..0000000
--- a/nix/.sops.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-keys:
- - &primary age165ul43e8rc0qwzz2f2q9cw02psm2mkudsrwavq2e0pxs280p64yqy2z0dr
- - &vps age1acpuyy2qnduyxzwvusd8urr6a78e3f37ylhvh2pngyqytf5r8ans5vkest
-creation_rules:
- - path_regex: secrets/secrets.yaml$
- key_groups:
- - age:
- - *primary
-
- - path_regex: secrets/vps_secrets.yaml$
- key_groups:
- - age:
- - *vps
diff --git a/nix/data/deploy-matterbridge.sh b/nix/data/deploy-matterbridge.sh
deleted file mode 100755
index a0758ec..0000000
--- a/nix/data/deploy-matterbridge.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-set -e # Exit on error
-
-# Ensure required environment variables are set
-#: "${MATTERBRIDGE_DISCORD_TOKEN:?Need to set MATTERBRIDGE_DISCORD_TOKEN}"
-: "${MATTERBRIDGE_MATRIX_PASS:?Need to set MATTERBRIDGE_MATRIX_PASS}"
-
-# Define paths
-TEMPLATE_CONFIG="matterbridge.toml"
-GENERATED_CONFIG="matterbridge.built.toml"
-REMOTE_SERVER="root@nullring.xyz"
-REMOTE_PATH="/etc/matterbridge.toml"
-
-# Generate config file
-sed "s|\${MATTERBRIDGE_MATRIX_PASS}|$MATTERBRIDGE_MATRIX_PASS|g" $TEMPLATE_CONFIG > $GENERATED_CONFIG
-
-# Securely transfer to server
-scp "$GENERATED_CONFIG" "$REMOTE_SERVER:$REMOTE_PATH"
-
-# Restart Matterbridge service
-ssh "$REMOTE_SERVER" "sudo systemctl restart matterbridge"
-
-# delete config file with secrets from repo
-shred -u "$GENERATED_CONFIG"
-
-echo "✅ Matterbridge config deployed successfully!"
diff --git a/nix/data/matterbridge.toml b/nix/data/matterbridge.toml
deleted file mode 100644
index aebb8c2..0000000
--- a/nix/data/matterbridge.toml
+++ /dev/null
@@ -1,25 +0,0 @@
-[matrix.mymatrix]
-Server="https://matrix.ret2pop.net"
-Login="bridge"
-Password="${MATTERBRIDGE_MATRIX_PASS}"
-RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
-NoHomeServerSuffix=true
-
-[irc.myirc]
-Server="nullring.xyz:6697"
-Nick="bridge"
-RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
-UseTLS=true
-SkipTLSVerify=true
-
-[[gateway]]
-name="gateway1"
-enable=true
-
-[[gateway.inout]]
-account="matrix.mymatrix"
-channel="!BQZli4UPBNC5w6ntXu:matrix.ret2pop.net"
-
-[[gateway.inout]]
-account="irc.myirc"
-channel="#nullring" \ No newline at end of file
diff --git a/nix/data/motd.txt b/nix/data/motd.txt
deleted file mode 100644
index ffcd31f..0000000
--- a/nix/data/motd.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-Welcome to the NullRing experience!
-The main channel is #nullring; we're glad to have you!
-
-Rules:
-1. Don't be annoying.
-2. No illegal content.
-And if you're here to have constructive, philisophical and theoretical
-conversations, this is the place for you!
diff --git a/nix/data/public-inbox.css b/nix/data/public-inbox.css
deleted file mode 100644
index df94873..0000000
--- a/nix/data/public-inbox.css
+++ /dev/null
@@ -1,143 +0,0 @@
-:root {
- --bg: #f8f9fa;
- --fg: #2e3440;
- --link: #5e81ac;
- --link-hover: #81a1c1;
- --border: #d8dee9;
- --card-bg: #ffffff;
- --meta-fg: #4c566a; /* Darker gray for better legibility */
- --btn-fg: #ffffff;
- --max-width: 780px;
-}
-
-@media (prefers-color-scheme: dark) {
- :root {
- --bg: #1a1b26;
- --fg: #a9b1d6;
- --link: #7aa2f7;
- --link-hover: #bb9af7;
- --border: #414868; /* Distinct border for dark mode */
- --card-bg: #1f2335;
- --meta-fg: #9aa5ce; /* Brighter gray for dark mode */
- --btn-fg: #1a1b26;
- }
-}
-
-span.q {
- color: var(--meta-fg);
- font-style: italic;
-}
-
-body {
- background-color: var(--bg);
- color: var(--fg);
- line-height: 1.6;
- max-width: var(--max-width);
- margin: 3rem auto;
- padding: 0 1.5rem;
- font-family: ui-monospace, "SF Mono", SFMono-Regular, Menlo, Consolas, "Liberation Mono", monospace;
-
- /* Keep this for smoother rendering on macOS/iOS */
- -webkit-font-smoothing: antialiased;
- -moz-osx-font-smoothing: grayscale;
-}
-
-/* 1. Global Link Fixes */
-body a, body a:visited {
- color: var(--link);
-}
-
-/* 2. Card Styling */
-body pre {
- white-space: pre-wrap;
- background: var(--card-bg);
- padding: 2rem;
- border-radius: 12px;
- border: 1px solid var(--border);
- margin-bottom: 2.5rem;
-}
-
-/* 3. Header Cleanup */
-body pre b:first-of-type {
- font-weight: 700;
- color: var(--link);
- font-size: 1.1rem;
- display: block;
- margin-bottom: 0.5rem;
-}
-
-/* 4. Fixing the "Permalink" label on documentation */
-/* We target links ending in / but EXCLUDE system paths like help or mirror */
-body pre a[href$="/"]:not([href*="_/"]):not([href*="new.atom"]) {
- font-size: 0;
- text-decoration: none;
- margin-right: 10px;
-}
-
-body pre a[href$="/"]:not([href*="_/"]):not([href*="new.atom"]):after {
- content: "permalink";
- font-size: 11px;
- font-weight: bold;
- color: var(--fg); /* Use main text color for high contrast */
- background: var(--bg);
- border: 1px solid var(--link); /* Use link color for the border */
- padding: 4px 10px;
- border-radius: 4px;
- display: inline-block;
-}
-
-/* 5. Fixing the "Raw" button contrast */
-body pre a[href$="/raw"] {
- font-size: 0;
- text-decoration: none;
-}
-
-body pre a[href$="/raw"]:after {
- content: "raw";
- font-size: 11px;
- font-weight: bold;
- color: var(--fg);
- background: var(--bg);
- border: 1px solid var(--link);
- padding: 4px 10px;
- border-radius: 4px;
- display: inline-block;
-}
-
-/* Hover effect for ghost buttons: solid color shift */
-body pre a[href$="/"]:hover:after,
-body pre a[href$="/raw"]:hover:after {
- background: var(--link);
- color: var(--btn-fg);
-}
-
-/* 6. The Reply Button (Primary Action) */
-body pre a[href$="#R"], body pre a[href$="#R"]:visited {
- font-size: 0;
- text-decoration: none;
-}
-
-body pre a[href$="#R"]:after {
- content: "REPLY";
- font-size: 12px;
- font-weight: bold;
- padding: 6px 20px;
- background: var(--link);
- color: var(--btn-fg);
- border-radius: 6px;
- display: inline-block;
- margin-left: 10px;
-}
-
-/* 7. Hide clutter */
-body pre a[href^="#r"], body pre a[href^="#r"] + b, body hr {
- display: none;
-}
-
-/* Fix: Mathematically outscore the header rule to keep link text inline */
-body pre a[href] b:first-of-type {
- display: inline;
- font-size: inherit;
- margin-bottom: 0;
- color: inherit;
-}
diff --git a/nix/disko/btrfs-simple.nix b/nix/disko/btrfs-simple.nix
deleted file mode 100644
index b49558d..0000000
--- a/nix/disko/btrfs-simple.nix
+++ /dev/null
@@ -1,77 +0,0 @@
-{ lib, config, ... }:
-let
- spec = {
- disko.devices = {
- disk = {
- main = {
- type = "disk";
- device = config.monorepo.vars.device;
- content = {
- type = "gpt";
- partitions = {
- ESP = {
- size = "512M";
- type = "EF00";
- content = {
- type = "filesystem";
- format = "vfat";
- mountpoint = "/boot";
- mountOptions = [ "umask=0077" ];
- };
- };
- luks = {
- size = "100%";
- content = {
- type = "luks";
- name = "crypted";
- passwordFile = "/tmp/secret.key";
- content = {
- type = "btrfs";
- extraArgs = [ "-f" ];
- subvolumes = {
- "/root" = {
- mountpoint = "/";
- mountOptions = [
- "compress=zstd"
- "noatime"
- ];
- };
-
- "/home" = {
- mountpoint = "/home";
- mountOptions = [
- "compress=zstd"
- "noatime"
- ];
- };
-
- "/nix" = {
- mountpoint = "/nix";
- mountOptions = [
- "compress=zstd"
- "noatime"
- ];
- };
-
- "/persistent" = {
- mountpoint = "/persistent";
- mountOptions = [
- "compress=zstd"
- "noatime"
- ];
- };
- };
- };
- };
- };
- };
- };
- };
- };
- };
- };
-in
-{
- monorepo.vars.diskoSpec = spec;
- disko.devices = spec.disko.devices;
-}
diff --git a/nix/disko/drive-bios.nix b/nix/disko/drive-bios.nix
deleted file mode 100644
index 3dd0a74..0000000
--- a/nix/disko/drive-bios.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{ config, lib, ... }:
-let
- spec = {
- disko.devices = {
- disk = {
- main = {
- device = config.monorepo.vars.device;
- type = "disk";
- content = {
- type = "gpt";
- partitions = {
- boot = {
- size = "1M";
- type = "EF02";
- };
- root = {
- label = "disk-main-root";
- size = "100%";
- content = {
- type = "filesystem";
- format = "ext4";
- mountpoint = "/";
- };
- };
- };
- };
- };
- };
- };
- };
-in
-{
- monorepo.vars.diskoSpec = spec;
- disko.devices = spec.disko.devices;
-}
diff --git a/nix/disko/drive-simple.nix b/nix/disko/drive-simple.nix
deleted file mode 100644
index 7e105cb..0000000
--- a/nix/disko/drive-simple.nix
+++ /dev/null
@@ -1,42 +0,0 @@
-{ lib, config, ... }:
-let
- spec = {
- disko.devices = {
- disk = {
- main = {
- device = config.monorepo.vars.device;
- type = "disk";
- content = {
- type = "gpt";
- partitions = {
- ESP = {
- type = "EF00";
- size = "500M";
- priority = 1;
- content = {
- type = "filesystem";
- format = "vfat";
- mountpoint = "/boot";
- mountOptions = [ "umask=0077" ];
- };
- };
- root = {
- size = "100%";
- priority = 2;
- content = {
- type = "filesystem";
- format = "ext4";
- mountpoint = "/";
- };
- };
- };
- };
- };
- };
- };
- };
-in
-{
- monorepo.vars.diskoSpec = spec;
- disko.devices = spec.disko.devices;
-}
diff --git a/nix/dns/default.nix b/nix/dns/default.nix
deleted file mode 100644
index 52ca8b6..0000000
--- a/nix/dns/default.nix
+++ /dev/null
@@ -1,3 +0,0 @@
-{
- defaultTTL = 120;
-}
diff --git a/nix/fake-update-dns.sh b/nix/fake-update-dns.sh
deleted file mode 100644
index a236cb2..0000000
--- a/nix/fake-update-dns.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-export CLOUDFLARE_TOKEN="$(cat /run/user/1000/secrets/cloudflare-dns | tr -d '\n')"
-poetry run octodns-sync --config-file result
diff --git a/nix/flake.lock b/nix/flake.lock
deleted file mode 100644
index b810ba5..0000000
--- a/nix/flake.lock
+++ /dev/null
@@ -1,770 +0,0 @@
-{
- "nodes": {
- "crane": {
- "inputs": {
- "nixpkgs": [
- "lanzaboote",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1717535930,
- "narHash": "sha256-1hZ/txnbd/RmiBPNUs7i8UQw2N89uAK3UzrGAWdnFfU=",
- "owner": "ipetkov",
- "repo": "crane",
- "rev": "55e7754ec31dac78980c8be45f8a28e80e370946",
- "type": "github"
- },
- "original": {
- "owner": "ipetkov",
- "repo": "crane",
- "type": "github"
- }
- },
- "deep-research": {
- "inputs": {
- "nixpkgs": "nixpkgs"
- },
- "locked": {
- "lastModified": 1755738911,
- "narHash": "sha256-BobMSFfhK8GprfN6V+BedMj6d1v/pKce6sqiETHiv48=",
- "owner": "ret2pop",
- "repo": "ollama-deep-researcher",
- "rev": "678a3ef8e8d8ded2aab9288fd7396579a13aec46",
- "type": "github"
- },
- "original": {
- "owner": "ret2pop",
- "repo": "ollama-deep-researcher",
- "type": "github"
- }
- },
- "disko": {
- "inputs": {
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1769524058,
- "narHash": "sha256-zygdD6X1PcVNR2PsyK4ptzrVEiAdbMqLos7utrMDEWE=",
- "owner": "nix-community",
- "repo": "disko",
- "rev": "71a3fc97d80881e91710fe721f1158d3b96ae14d",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "repo": "disko",
- "type": "github"
- }
- },
- "flake-compat": {
- "flake": false,
- "locked": {
- "lastModified": 1767039857,
- "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
- "owner": "NixOS",
- "repo": "flake-compat",
- "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "repo": "flake-compat",
- "type": "github"
- }
- },
- "flake-compat_2": {
- "flake": false,
- "locked": {
- "lastModified": 1696426674,
- "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
- "owner": "edolstra",
- "repo": "flake-compat",
- "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
- "type": "github"
- },
- "original": {
- "owner": "edolstra",
- "repo": "flake-compat",
- "type": "github"
- }
- },
- "flake-compat_3": {
- "flake": false,
- "locked": {
- "lastModified": 1733328505,
- "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
- "owner": "edolstra",
- "repo": "flake-compat",
- "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
- "type": "github"
- },
- "original": {
- "owner": "edolstra",
- "repo": "flake-compat",
- "type": "github"
- }
- },
- "flake-parts": {
- "inputs": {
- "nixpkgs-lib": [
- "lanzaboote",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1717285511,
- "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "type": "github"
- }
- },
- "flake-parts_2": {
- "inputs": {
- "nixpkgs-lib": "nixpkgs-lib"
- },
- "locked": {
- "lastModified": 1765835352,
- "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=",
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "rev": "a34fae9c08a15ad73f295041fec82323541400a9",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "type": "github"
- }
- },
- "flake-parts_3": {
- "inputs": {
- "nixpkgs-lib": [
- "nixpak",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1765835352,
- "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=",
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "rev": "a34fae9c08a15ad73f295041fec82323541400a9",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "type": "github"
- }
- },
- "flake-parts_4": {
- "inputs": {
- "nixpkgs-lib": [
- "nur",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1733312601,
- "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "type": "github"
- }
- },
- "flake-utils": {
- "inputs": {
- "systems": "systems"
- },
- "locked": {
- "lastModified": 1710146030,
- "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "flake-utils",
- "type": "github"
- }
- },
- "git-hooks": {
- "inputs": {
- "flake-compat": "flake-compat",
- "gitignore": "gitignore",
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1770726378,
- "narHash": "sha256-kck+vIbGOaM/dHea7aTBxdFYpeUl/jHOy5W3eyRvVx8=",
- "owner": "cachix",
- "repo": "git-hooks.nix",
- "rev": "5eaaedde414f6eb1aea8b8525c466dc37bba95ae",
- "type": "github"
- },
- "original": {
- "owner": "cachix",
- "repo": "git-hooks.nix",
- "type": "github"
- }
- },
- "gitignore": {
- "inputs": {
- "nixpkgs": [
- "git-hooks",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1709087332,
- "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
- "owner": "hercules-ci",
- "repo": "gitignore.nix",
- "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "gitignore.nix",
- "type": "github"
- }
- },
- "gitignore_2": {
- "inputs": {
- "nixpkgs": [
- "lanzaboote",
- "pre-commit-hooks-nix",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1709087332,
- "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
- "owner": "hercules-ci",
- "repo": "gitignore.nix",
- "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "gitignore.nix",
- "type": "github"
- }
- },
- "hercules-ci-effects": {
- "inputs": {
- "flake-parts": [
- "nixpak",
- "flake-parts"
- ],
- "nixpkgs": [
- "nixpak",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1765774562,
- "narHash": "sha256-UQhfCggNGDc7eam+EittlYmeW89CZVT1KkFIHZWBH7k=",
- "owner": "hercules-ci",
- "repo": "hercules-ci-effects",
- "rev": "edcbb19948b6caf1700434e369fde6ff9e6a3c93",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "hercules-ci-effects",
- "type": "github"
- }
- },
- "home-manager": {
- "inputs": {
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1763992789,
- "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=",
- "owner": "nix-community",
- "repo": "home-manager",
- "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "ref": "release-25.05",
- "repo": "home-manager",
- "type": "github"
- }
- },
- "home-manager_2": {
- "inputs": {
- "nixpkgs": [
- "impermanence",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1768598210,
- "narHash": "sha256-kkgA32s/f4jaa4UG+2f8C225Qvclxnqs76mf8zvTVPg=",
- "owner": "nix-community",
- "repo": "home-manager",
- "rev": "c47b2cc64a629f8e075de52e4742de688f930dc6",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "repo": "home-manager",
- "type": "github"
- }
- },
- "impermanence": {
- "inputs": {
- "home-manager": "home-manager_2",
- "nixpkgs": "nixpkgs_2"
- },
- "locked": {
- "lastModified": 1769548169,
- "narHash": "sha256-03+JxvzmfwRu+5JafM0DLbxgHttOQZkUtDWBmeUkN8Y=",
- "owner": "nix-community",
- "repo": "impermanence",
- "rev": "7b1d382faf603b6d264f58627330f9faa5cba149",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "repo": "impermanence",
- "type": "github"
- }
- },
- "lanzaboote": {
- "inputs": {
- "crane": "crane",
- "flake-compat": "flake-compat_2",
- "flake-parts": "flake-parts",
- "flake-utils": "flake-utils",
- "nixpkgs": [
- "nixpkgs"
- ],
- "pre-commit-hooks-nix": "pre-commit-hooks-nix",
- "rust-overlay": "rust-overlay"
- },
- "locked": {
- "lastModified": 1718178907,
- "narHash": "sha256-eSZyrQ9uoPB9iPQ8Y5H7gAmAgAvCw3InStmU3oEjqsE=",
- "owner": "nix-community",
- "repo": "lanzaboote",
- "rev": "b627ccd97d0159214cee5c7db1412b75e4be6086",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "ref": "v0.4.1",
- "repo": "lanzaboote",
- "type": "github"
- }
- },
- "nix-topology": {
- "inputs": {
- "flake-parts": "flake-parts_2",
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1769983422,
- "narHash": "sha256-/zQdD8Aogh16eD5lgFokRMA0EYCm5uQITKCA90/01Oo=",
- "owner": "oddlama",
- "repo": "nix-topology",
- "rev": "20b5c5c698d45cc0f950889b3f6379ced5ce9c4a",
- "type": "github"
- },
- "original": {
- "owner": "oddlama",
- "repo": "nix-topology",
- "type": "github"
- }
- },
- "nixos-dns": {
- "inputs": {
- "flake-compat": "flake-compat_3",
- "nixpkgs": [
- "nixpkgs"
- ],
- "systems": "systems_2",
- "treefmt-nix": "treefmt-nix"
- },
- "locked": {
- "lastModified": 1742583654,
- "narHash": "sha256-aTsLqhW9XD0O37BTJo0u5f0gkk/x4KnZ9sho9hSE6hE=",
- "owner": "Janik-Haag",
- "repo": "nixos-dns",
- "rev": "04b00ea7423c8dbe6e0ea78e4eb96f874a04c543",
- "type": "github"
- },
- "original": {
- "owner": "Janik-Haag",
- "repo": "nixos-dns",
- "type": "github"
- }
- },
- "nixpak": {
- "inputs": {
- "flake-parts": "flake-parts_3",
- "hercules-ci-effects": "hercules-ci-effects",
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1769288622,
- "narHash": "sha256-GaDPnzDQAx5WRi12XVttCHsVw0VkOMYNpniT7KHYNfk=",
- "owner": "nixpak",
- "repo": "nixpak",
- "rev": "4276954ad4f877d79801fd8952af38a3370bcb65",
- "type": "github"
- },
- "original": {
- "owner": "nixpak",
- "repo": "nixpak",
- "type": "github"
- }
- },
- "nixpkgs": {
- "locked": {
- "lastModified": 1755615617,
- "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "20075955deac2583bb12f07151c2df830ef346b4",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixos-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs-lib": {
- "locked": {
- "lastModified": 1765674936,
- "narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=",
- "owner": "nix-community",
- "repo": "nixpkgs.lib",
- "rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "repo": "nixpkgs.lib",
- "type": "github"
- }
- },
- "nixpkgs-stable": {
- "locked": {
- "lastModified": 1710695816,
- "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "614b4613980a522ba49f0d194531beddbb7220d3",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixos-23.11",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs_2": {
- "locked": {
- "lastModified": 1768564909,
- "narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=",
- "owner": "nixos",
- "repo": "nixpkgs",
- "rev": "e4bae1bd10c9c57b2cf517953ab70060a828ee6f",
- "type": "github"
- },
- "original": {
- "owner": "nixos",
- "ref": "nixos-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs_3": {
- "locked": {
- "lastModified": 1770197578,
- "narHash": "sha256-AYqlWrX09+HvGs8zM6ebZ1pwUqjkfpnv8mewYwAo+iM=",
- "owner": "nixos",
- "repo": "nixpkgs",
- "rev": "00c21e4c93d963c50d4c0c89bfa84ed6e0694df2",
- "type": "github"
- },
- "original": {
- "owner": "nixos",
- "ref": "nixos-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs_4": {
- "locked": {
- "lastModified": 1770197578,
- "narHash": "sha256-AYqlWrX09+HvGs8zM6ebZ1pwUqjkfpnv8mewYwAo+iM=",
- "owner": "nixos",
- "repo": "nixpkgs",
- "rev": "00c21e4c93d963c50d4c0c89bfa84ed6e0694df2",
- "type": "github"
- },
- "original": {
- "owner": "nixos",
- "ref": "nixos-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs_5": {
- "locked": {
- "lastModified": 1769740369,
- "narHash": "sha256-xKPyJoMoXfXpDM5DFDZDsi9PHArf2k5BJjvReYXoFpM=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "6308c3b21396534d8aaeac46179c14c439a89b8a",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixpkgs-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nur": {
- "inputs": {
- "flake-parts": "flake-parts_4",
- "nixpkgs": "nixpkgs_4"
- },
- "locked": {
- "lastModified": 1770405908,
- "narHash": "sha256-910mKFyjbU6/t8sPJ2U6S1cxJiTgYFU1OOMuihNJO20=",
- "owner": "nix-community",
- "repo": "NUR",
- "rev": "a84c4ed98604b96fc4cb6a4c2b24350aecd8ac3f",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "repo": "NUR",
- "type": "github"
- }
- },
- "pre-commit-hooks-nix": {
- "inputs": {
- "flake-compat": [
- "lanzaboote",
- "flake-compat"
- ],
- "gitignore": "gitignore_2",
- "nixpkgs": [
- "lanzaboote",
- "nixpkgs"
- ],
- "nixpkgs-stable": "nixpkgs-stable"
- },
- "locked": {
- "lastModified": 1717664902,
- "narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=",
- "owner": "cachix",
- "repo": "pre-commit-hooks.nix",
- "rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1",
- "type": "github"
- },
- "original": {
- "owner": "cachix",
- "repo": "pre-commit-hooks.nix",
- "type": "github"
- }
- },
- "root": {
- "inputs": {
- "deep-research": "deep-research",
- "disko": "disko",
- "git-hooks": "git-hooks",
- "home-manager": "home-manager",
- "impermanence": "impermanence",
- "lanzaboote": "lanzaboote",
- "nix-topology": "nix-topology",
- "nixos-dns": "nixos-dns",
- "nixpak": "nixpak",
- "nixpkgs": "nixpkgs_3",
- "nur": "nur",
- "scripts": "scripts",
- "sops-nix": "sops-nix",
- "sounds": "sounds",
- "wallpapers": "wallpapers"
- }
- },
- "rust-overlay": {
- "inputs": {
- "flake-utils": [
- "lanzaboote",
- "flake-utils"
- ],
- "nixpkgs": [
- "lanzaboote",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1717813066,
- "narHash": "sha256-wqbRwq3i7g5EHIui0bIi84mdqZ/It1AXBSLJ5tafD28=",
- "owner": "oxalica",
- "repo": "rust-overlay",
- "rev": "6dc3e45fe4aee36efeed24d64fc68b1f989d5465",
- "type": "github"
- },
- "original": {
- "owner": "oxalica",
- "repo": "rust-overlay",
- "type": "github"
- }
- },
- "scripts": {
- "locked": {
- "lastModified": 1709958643,
- "narHash": "sha256-+NHuHYUTUkjIOaCZlH7gICDwRu2dMgJ6smmU9DvgLT0=",
- "owner": "ret2pop",
- "repo": "scripts",
- "rev": "8e230dcb118d5a25629c1980a4764ae071bfb2bf",
- "type": "github"
- },
- "original": {
- "owner": "ret2pop",
- "repo": "scripts",
- "type": "github"
- }
- },
- "sops-nix": {
- "inputs": {
- "nixpkgs": "nixpkgs_5"
- },
- "locked": {
- "lastModified": 1770145881,
- "narHash": "sha256-ktjWTq+D5MTXQcL9N6cDZXUf9kX8JBLLBLT0ZyOTSYY=",
- "owner": "Mic92",
- "repo": "sops-nix",
- "rev": "17eea6f3816ba6568b8c81db8a4e6ca438b30b7c",
- "type": "github"
- },
- "original": {
- "owner": "Mic92",
- "repo": "sops-nix",
- "type": "github"
- }
- },
- "sounds": {
- "locked": {
- "lastModified": 1737024247,
- "narHash": "sha256-OTtqUYIe713ti4vaa8hS1Z0UvD/X4J9XkLzKgl2+RBE=",
- "owner": "ret2pop",
- "repo": "sounds",
- "rev": "9714690a6d216f9c55bfe56969d6e7d98768559f",
- "type": "github"
- },
- "original": {
- "owner": "ret2pop",
- "repo": "sounds",
- "type": "github"
- }
- },
- "systems": {
- "locked": {
- "lastModified": 1681028828,
- "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
- "owner": "nix-systems",
- "repo": "default",
- "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
- "type": "github"
- },
- "original": {
- "owner": "nix-systems",
- "repo": "default",
- "type": "github"
- }
- },
- "systems_2": {
- "locked": {
- "lastModified": 1681028828,
- "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
- "owner": "nix-systems",
- "repo": "default",
- "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
- "type": "github"
- },
- "original": {
- "id": "systems",
- "type": "indirect"
- }
- },
- "treefmt-nix": {
- "inputs": {
- "nixpkgs": [
- "nixos-dns",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1742370146,
- "narHash": "sha256-XRE8hL4vKIQyVMDXykFh4ceo3KSpuJF3ts8GKwh5bIU=",
- "owner": "numtide",
- "repo": "treefmt-nix",
- "rev": "adc195eef5da3606891cedf80c0d9ce2d3190808",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "treefmt-nix",
- "type": "github"
- }
- },
- "wallpapers": {
- "locked": {
- "lastModified": 1759390995,
- "narHash": "sha256-u3MP+vb4DXbuEo6B8zVesG6t6MCtG9vFjp7Cxsazlxs=",
- "owner": "ret2pop",
- "repo": "wallpapers",
- "rev": "3b88e204405fd594581b7d988abad9dc7e593884",
- "type": "github"
- },
- "original": {
- "owner": "ret2pop",
- "repo": "wallpapers",
- "type": "github"
- }
- }
- },
- "root": "root",
- "version": 7
-}
diff --git a/nix/flake.nix b/nix/flake.nix
deleted file mode 100644
index 4ad9dd8..0000000
--- a/nix/flake.nix
+++ /dev/null
@@ -1,212 +0,0 @@
-{
- description = "Emacs centric configurations for a complete networked system";
-
- inputs = {
- nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
- nur.url = "github:nix-community/NUR";
- sops-nix.url = "github:Mic92/sops-nix";
-
- scripts.url = "github:ret2pop/scripts";
- wallpapers.url = "github:ret2pop/wallpapers";
- sounds.url = "github:ret2pop/sounds";
- deep-research.url = "github:ret2pop/ollama-deep-researcher";
- impermanence.url = "github:nix-community/impermanence";
-
- nix-topology = {
- url = "github:oddlama/nix-topology";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- home-manager = {
- url = "github:nix-community/home-manager/release-25.05";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- disko = {
- url = "github:nix-community/disko";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- lanzaboote = {
- url = "github:nix-community/lanzaboote/v0.4.1";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- nixos-dns = {
- url = "github:Janik-Haag/nixos-dns";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- nixpak = {
- url = "github:nixpak/nixpak";
- inputs.nixpkgs.follows = "nixpkgs";
- };
-
- git-hooks = {
- url = "github:cachix/git-hooks.nix";
- inputs.nixpkgs.follows = "nixpkgs";
- };
- };
-
- outputs =
- { self
- , nixpkgs
- , home-manager
- , nur
- , disko
- , lanzaboote
- , sops-nix
- , nix-topology
- , nixos-dns
- , deep-research
- , impermanence
- , nixpak
- , git-hooks
- , ...
- }
- @attrs:
- let
- vars = import ./flakevars.nix;
- system = "x86_64-linux";
-
- pkgs = import nixpkgs { inherit system; };
- armPkgs = import nixpkgs { inherit system; };
-
- generate = nixos-dns.utils.generate nixpkgs.legacyPackages."${system}";
-
- dnsConfig = {
- inherit (self) nixosConfigurations;
- extraConfig = import ./dns/default.nix;
- };
-
- # function that generates all systems from hostnames
- mkConfigs = map (hostname:
- let
- isRpi = (builtins.match "rpi-.*" hostname) != null;
- hostSystem = if isRpi then "aarch64-linux" else system;
- in
- {
- name = "${hostname}";
- value = nixpkgs.lib.nixosSystem {
- system = hostSystem;
- specialArgs = attrs;
- modules =
- if (hostname == "installer") then [
- (./. + "/systems/${hostname}/default.nix")
- { networking.hostName = "${hostname}"; }
- nix-topology.nixosModules.default
- ] else
- (if isRpi then [
- (./. + "/systems/${hostname}/default.nix")
- disko.nixosModules.disko
- home-manager.nixosModules.home-manager
- sops-nix.nixosModules.sops
- lanzaboote.nixosModules.lanzaboote
- ] else
- ([
- {
- environment.systemPackages = with nixpkgs.lib; [
- deep-research.packages."${system}".deep-research
- ];
- }
- impermanence.nixosModules.impermanence
- nix-topology.nixosModules.default
- lanzaboote.nixosModules.lanzaboote
- disko.nixosModules.disko
- home-manager.nixosModules.home-manager
- sops-nix.nixosModules.sops
- nixos-dns.nixosModules.dns
- {
- nixpkgs.overlays = [ nur.overlays.default ];
- home-manager.extraSpecialArgs = attrs // {
- systemHostName = "${hostname}";
- };
- networking.hostName = "${hostname}";
- }
- (./. + "/systems/${hostname}/default.nix")
- ]));
- };
- });
-
- mkDiskoFiles = map (hostname: {
- name = "${hostname}";
- value = self.nixosConfigurations."${hostname}".config.monorepo.vars.diskoSpec;
- });
-
- pre-commit-check = git-hooks.lib.${system}.run {
- src = ./.;
- hooks = {
- # 1. Formatting
- nixpkgs-fmt.enable = false;
-
- # 2. Linting
- statix.enable = true;
- deadnix.enable = true;
-
- # 3. Custom VM Boot Check (The "Integration" part)
- # This runs the build-vm derivation to ensure it compiles
- vm-build-check = {
- enable = true;
- name = "vps-vm-build";
- description = "Ensure VPS configuration is buildable as a VM";
- entry = "nix build .#nixosConfigurations.vps.config.system.build.vm --no-link";
- pass_filenames = false;
- };
- };
- };
- in
- {
- checks."${system}" = {
- inherit pre-commit-check;
- };
-
- nixosConfigurations = builtins.listToAttrs (mkConfigs vars.hostnames);
-
- evalDisko = builtins.listToAttrs (mkDiskoFiles (builtins.filter (x: x != "installer") vars.hostnames));
-
- topology."${system}" = import nix-topology {
- pkgs = import nixpkgs {
- inherit system;
- overlays = [ nix-topology.overlays.default ];
- };
- modules = [
- ./topology/default.nix
- { nixosConfigurations = self.nixosConfigurations; }
- ];
- };
-
- devShell."${system}" = with pkgs; mkShell {
- inherit (pre-commit-check) shellHook;
- buildInputs = [
- fira-code
- python3
- poetry
- statix
- deadnix
- ];
- };
-
- packages."${system}" = {
- zoneFiles = generate.zoneFiles dnsConfig;
- octodns = generate.octodnsConfig {
- inherit dnsConfig;
-
- config = {
- providers = {
- cloudflare = {
- class = "octodns_cloudflare.CloudflareProvider";
- token = "env/CLOUDFLARE_TOKEN";
- };
- config = {
- check_origin = false;
- };
- };
- };
- zones = {
- "${vars.remoteHost}." = nixos-dns.utils.octodns.generateZoneAttrs [ "cloudflare" ];
- "${vars.orgHost}." = nixos-dns.utils.octodns.generateZoneAttrs [ "cloudflare" ];
- };
- };
- };
- };
-}
diff --git a/nix/flakevars.nix b/nix/flakevars.nix
deleted file mode 100644
index e737e82..0000000
--- a/nix/flakevars.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-let
- # I'm ret2pop! What's your name?
- internetName = "ret2pop";
-in
-{
- # Name of spontaneity box
- remoteHost = "${internetName}.net";
-
- # Your internet name
- internetName = internetName;
-
- # Name of your organization
- orgHost = "nullring.xyz";
-
- # Hostnames of my systems
- hostnames = [
- "rpi-zero"
- "affinity"
- "continuity"
- "spontaneity"
- "installer"
- ];
-}
diff --git a/nix/init.el b/nix/init.el
deleted file mode 100644
index e977c85..0000000
--- a/nix/init.el
+++ /dev/null
@@ -1,689 +0,0 @@
-(use-package emacs
-:custom
-;; global defaults
-(indent-tabs-mode nil "no real tabs, only spaces")
-(tab-width 2 "tab show as 2 spaces")
-(standard-indent 2 "base indentation")
-
-;; Startup errors
-(warning-minimum-level :emergency "Supress emacs warnings")
-(confirm-kill-processes nil "Don't ask to quit")
-(debug-ignored-errors (cons 'remote-file-error debug-ignored-errors) "Remove annoying error from debug errors")
-(browse-url-generic-program "librewolf")
-(browse-url-secondary-browser-function 'browse-url-generic)
-(browse-url-browser-function 'browse-url-generic)
-
-;; Mouse wheel
-(mouse-wheel-scroll-amount '(1 ((shift) . 1)) "Nicer scrolling")
-(mouse-wheel-progressive-speed nil "Make scrolling non laggy")
-(mouse-wheel-follow-mouse 't "Scroll correct window")
-(scroll-conservatively 101 "Sort of smooth scrolling")
-(scroll-step 1 "Scroll one line at a time")
-(debug-on-error nil "Don't make the annoying popups")
-(display-time-24hr-format t "Use 24 hour format to read the time")
- (display-line-numbers-type 'relative "Relative line numbers for easy vim jumping")
- (use-short-answers t "Use y instead of yes")
- (make-backup-files nil "Don't make backups")
- (display-fill-column-indicator-column 150 "Draw a line at 100 characters")
- (fill-column 150)
- (line-spacing 2 "Default line spacing")
- (c-doc-comment-style '((c-mode . doxygen)
- (c++-mode . doxygen)))
-
- :hook ((text-mode . visual-line-mode)
- (prog-mode . display-line-numbers-mode)
- (prog-mode . display-fill-column-indicator-mode)
- (org-mode . auto-fill-mode)
- (org-mode . display-fill-column-indicator-mode)
- (org-mode . display-line-numbers-mode)
- (org-mode . (lambda ()
- (setq prettify-symbols-alist
- '(("#+begin_src" . ?)
- ("#+BEGIN_SRC" . ?)
- ("#+end_src" . ?)
- ("#+END_SRC" . ?)
- ("#+begin_example" . ?)
- ("#+BEGIN_EXAMPLE" . ?)
- ("#+end_example" . ?)
- ("#+END_EXAMPLE" . ?)
- ("#+header:" . ?)
- ("#+HEADER:" . ?)
- ("#+name:" . ?﮸)
- ("#+NAME:" . ?﮸)
- ("#+results:" . ?)
- ("#+RESULTS:" . ?)
- ("#+call:" . ?)
- ("#+CALL:" . ?)
- (":PROPERTIES:" . ?)
- (":properties:" . ?)
- ("lambda" . ?λ)
- ("->" . ?→)
- ("map" . ?↦)
- ("/=" . ?≠)
- ("!=" . ?≠)
- ("==" . ?≡)
- ("<=" . ?≤)
- (">=" . ?≥)
- ("&&" . ?∧)
- ("||" . ?∨)
- ("sqrt" . ?√)
- ("..." . ?…)))
- (prettify-symbols-mode)))
- (prog-mode .
- (lambda ()
- (setq prettify-symbols-alist
- '(("lambda" . ?λ)
- ("->" . ?→)
- ("map" . ?↦)
- ("/=" . ?≠)
- ("!=" . ?≠)
- ("==" . ?≡)
- ("<=" . ?≤)
- (">=" . ?≥)
- ("&&" . ?∧)
- ("||" . ?∨)
- ("sqrt" . ?√)
- ("..." . ?…)))
- (prettify-symbols-mode))))
- :config
- (require 'tex-site)
- (server-start)
-
- ;; start wiith sane defaults
- (pixel-scroll-precision-mode 1)
- (display-battery-mode 1)
- (display-time-mode 1)
- (menu-bar-mode -1)
- (scroll-bar-mode -1)
- (tool-bar-mode -1)
-
- ;; load theme, fonts, and transparency. Prettify symbols.
- (global-prettify-symbols-mode 1)
- (set-face-attribute 'default nil :font "Iosevka Nerd Font" :height 130)
- (set-frame-parameter nil 'alpha-background 70)
- (add-to-list 'default-frame-alist '(alpha-background . 70)))
-
-(use-package org
- :hook
- ((org-mode-hook . (lambda () (remove-hook 'post-self-insert-hook #'yaml-electric-bar-and-angle t))))
- :custom
- (org-confirm-babel-evaluate nil "Don't ask to evaluate code block")
- (org-export-with-broken-links t "publish website even with broken links")
- (org-src-fontify-natively t "Colors!")
- (org-latex-preview-image-directory (expand-file-name "~/.cache/ltximg/") "don't use weird cache location")
- (org-preview-latex-image-directory (expand-file-name "~/.cache/ltximg/") "don't use weird cache location")
- (TeX-PDF-mode t)
- (org-latex-compiler "xelatex" "Use latex as default")
- (org-latex-pdf-process '("xelatex -interaction=nonstopmode -output-directory=%o %f") "set xelatex as default")
- (TeX-engine 'xetex "set xelatex as default engine")
- (preview-default-option-list '("displaymath" "textmath" "graphics") "preview latex")
- (preview-image-type 'png "Use PNGs")
-;; (org-format-latex-options (plist-put org-format-latex-options :scale 1.5) "space latex better")
- (org-return-follows-link t "be able to follow links without mouse")
- (org-habit-preceding-days 7 "See org habit entries")
- (org-habit-following-days 35 "See org habit entries")
- (org-habit-show-habits t "See org habit entries")
- (org-habit-show-habits-only-for-today nil "See org habit entries")
- (org-habit-show-all-today t "Show org habit graph")
- (org-startup-indented t "Indent the headings")
- (org-image-actual-width '(300) "Cap width")
- (org-startup-with-latex-preview t "see latex previews on opening file")
- (org-startup-with-inline-images t "See images on opening file")
- (org-hide-emphasis-markers t "prettify org mode")
- (org-use-sub-superscripts "{}" "Only display superscripts and subscripts when enclosed in {}")
- (org-pretty-entities t "prettify org mode")
- (org-agenda-files (list "~/monorepo/agenda.org" "~/org/notes.org" "~/org/agenda.org") "set default org files")
- (org-default-notes-file (concat org-directory "/notes.org") "Notes file")
- (org-publish-project-alist
- '(("website-org"
- :base-directory "~/monorepo"
- :base-extension "org"
- :publishing-directory "~/website_html"
- :recursive t
- :publishing-function org-html-publish-to-html
- :headline-levels 4
- :html-preamble t
- :html-preamble-format (("en" "<p class=\"preamble\"><a href=\"/index.html\">home</a> | <a href=\"./index.html\">section main page</a></p><hr>")))
- ("website-static"
- :base-directory "~/monorepo"
- :base-extension "css\\|js\\|png\\|jpg\\|gif\\|pdf\\|mp3\\|ogg\\|swf\\|ico\\|asc\\|pub\\|webmanifest\\|xml\\|svg\\|txt"
- :publishing-directory "~/website_html/"
- :recursive t
- :publishing-function org-publish-attachment)
- ("website" :auto-sitemap t :components ("website-org" "website-static"))) "functions to publish website")
- (org-html-postamble (concat "Copyright © 2024 " system-fullname) "set copyright notice on bottom of site")
- :config
- (require 'ox-publish)
- (require 'org-tempo)
- (require 'org-habit)
- (org-babel-do-load-languages 'org-babel-load-languages
- '((shell . t)
- (python . t)
- (latex . t))))
-
-(use-package unicode-fonts
- :init (unicode-fonts-setup))
-
-(use-package electric-pair
- :hook ((prog-mode . electric-pair-mode)
- (org-mode . (lambda () (setq-local electric-pair-inhibit-predicate (lambda (c) (if (eq c ?<) t (electric-pair-default-inhibit c))))))))
-
-(use-package wgrep
- :after grep)
-
-(defun insert-urandom-password (&optional length)
- (interactive "P")
- (let ((length (or length 32))
- (chars "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_=+[]{};:,.<>?"))
- (insert
- (with-temp-buffer
- (call-process "head" nil t nil "-c" (number-to-string length) "/dev/urandom")
- (let ((bytes (buffer-string)))
- (mapconcat (lambda (c)
- (string (elt chars (mod (string-to-char (char-to-string c)) (length chars)))))
- bytes ""))))))
-
-(use-package org-fragtog :hook (org-mode . org-fragtog-mode))
-
-(use-package yasnippet
- :config
- (add-to-list 'yas-snippet-dirs "~/monorepo/yasnippet/")
- (yas-global-mode 1)
- :hook (org-mode . (lambda () (yas-minor-mode) (yas-activate-extra-mode 'latex-mode))))
-
-(use-package company
- :config
- '(add-to-list 'company-backends '(company-ispell company-capf company-yasnippet company-files))
- :hook ((after-init . global-company-mode)))
-
-(use-package ispell
- :custom
- (ispell-program-name "aspell" "use aspell")
- (ispell-silently-savep t "Save changes to dict without confirmation")
- (ispell-dictionary "en" "Use english dictionary")
- (ispell-alternate-dictionary "~/.local/share/dict" "dict location"))
-
-(use-package flyspell
- :hook (text-mode . flyspell-mode))
-
-(use-package evil
- :custom
- (evil-want-keybinding nil "Don't load a whole bunch of default keybindings")
- :config
- (evil-mode 1)
- (evil-set-undo-system 'undo-redo)
- (evil-set-initial-state 'pdf-view-mode 'normal)
- ;; bind / and ? safely after evil is loaded
- (define-key evil-normal-state-map (kbd "/") 'swiper)
- (define-key evil-normal-state-map (kbd "?")
- (lambda () (interactive) (swiper "--reverse"))))
-
-(use-package evil-collection
- :after (evil)
- :config
- (with-eval-after-load 'evil-maps
- (define-key evil-motion-state-map (kbd "SPC") nil)
- (define-key evil-motion-state-map (kbd "RET") nil)
- (define-key evil-motion-state-map (kbd "TAB") nil))
- (evil-collection-init))
-
-
-(use-package evil-commentary
- :after (evil)
- :config
- (evil-commentary-mode))
-
-(use-package evil-org
- :after (evil org)
- :hook (org-mode . (lambda () evil-org-mode))
- :config
- (require 'evil-org-agenda)
- (evil-org-agenda-set-keys))
-
-(use-package which-key
- :config
- (which-key-mode))
-
-(use-package page-break-lines
- :init
- (page-break-lines-mode))
-
-(use-package org-journal
- :after (org)
- :custom
- (org-journal-dir "~/monorepo/journal/" "Set journal directory")
- (org-journal-date-format "%A, %d %B %Y" "Date format")
- (org-journal-file-format "%Y%m%d.org" "Automatic file creation format based on date")
- (org-journal-enable-agenda-integration t "All org-journal entries are org-agenda entries")
- :init
- (defun org-journal-file-header-func (time)
- "Custom function to create journal header."
- (concat
- (pcase org-journal-file-type
- (`daily "#+TITLE: Daily Journal\n#+STARTUP: showeverything\n#+DESCRIPTION: My daily journal entry\n#+AUTHOR: Preston Pan\n#+HTML_HEAD: <link rel=\"stylesheet\" type=\"text/css\" href=\"../style.css\" />\n#+html_head: <script src=\"https://polyfill.io/v3/polyfill.min.js?features=es6\"></script>\n#+html_head: <script id=\"MathJax-script\" async src=\"https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-mml-chtml.js\"></script>\n#+options: broken-links:t")
- (`weekly "#+TITLE: Weekly Journal\n#+STARTUP: folded")
- (`monthly "#+TITLE: Monthly Journal\n#+STARTUP: folded")
- (`yearly "#+TITLE: Yearly Journal\n#+STARTUP: folded"))))
- (setq org-journal-file-header 'org-journal-file-header-func))
-
-(use-package doom-modeline
- :config
- (doom-modeline-mode 1))
-
-(use-package doom-themes
- :ensure t
- :custom
- (doom-themes-enable-bold t)
- (doom-themes-enable-italic t)
- (doom-themes-treemacs-theme "doom-rouge")
- :config
- (load-theme 'doom-rouge t)
-
- (doom-themes-visual-bell-config)
- (doom-themes-treemacs-config)
- (doom-themes-org-config))
-;; (load-theme 'catppuccin :no-confirm)
-
-(use-package writegood-mode
- :hook (text-mode . writegood-mode))
-
-(use-package org-superstar
- :after (org)
- :hook (org-mode . (lambda () (org-superstar-mode 1))))
-
-;; (use-package eglot
- ;; :hook
- ;; (prog-mode . eglot-ensure)
- ;; (nix-mode . eglot-ensure)
- ;; :config
- ;; (add-to-list 'eglot-server-programs '(nix-mode . ("nil"))))
-
- (use-package lsp
- :hook
- (prog-mode . lsp))
-
-(with-eval-after-load 'lsp-mode
- (setq lsp-typescript-format-enable t
- lsp-typescript-indent-size 4
- lsp-typescript-tab-size 4
- lsp-typescript-indent-style "spaces"))
-
-(use-package editorconfig
- :config
- (editorconfig-mode 1))
-
- (use-package flycheck
- :config (global-flycheck-mode))
-
- (use-package platformio-mode
-:hook (prog-mode . platformio-conditionally-enable))
-
-(use-package irony-mode
- :hook (
- (c++-mode . irony-mode)
- (c-mode . irony-mode)
- (objc-mode . irony-mode)
- (irony-mode . irony-cdb-autosetup-compile-options)))
-
-(use-package irony-eldoc
- :hook ((irony-mode . irony-eldoc)))
-
-(use-package solidity-mode)
-(use-package company-solidity)
-(use-package solidity-flycheck
- :custom
- (solidity-flycheck-solc-checker-active t))
-
-(use-package projectile
- :custom
- (projectile-project-search-path '("~/org" "~/src" "~/monorepo" "~/projects") "search path for projects")
- :config
- (projectile-mode +1))
-
-(use-package dashboard
- :after (projectile)
- :custom
- (dashboard-banner-logo-title "Welcome, Commander!" "Set title for dashboard")
- (dashboard-icon-type 'nerd-icons "Use nerd icons")
- (dashboard-vertically-center-content t "Center content")
- (dashboard-set-init-info t)
- (dashboard-week-agenda t "Agenda in dashboard")
- (dashboard-items '((recents . 5)
- (bookmarks . 5)
- (projects . 5)
- (agenda . 5)
- (registers . 5)) "Look at some items")
- :config
- (dashboard-setup-startup-hook))
-
-(use-package counsel)
-
-(use-package ivy
- :custom
- (ivy-use-virtual-buffers t "Make searching more efficient")
- (enable-recursive-minibuffers t "Don't get soft locked when in a minibuffer")
- :bind
- ("C-s" . swiper)
- ("C-c C-r" . ivy-resume)
- ("M-x" . counsel-M-x)
- ("C-x C-f" . counsel-find-file)
- ("<f1> f" . counsel-describe-function)
- ("<f1> v" . counsel-describe-variable)
- ("<f1> o" . counsel-describe-symbol)
- ("<f1> l" . counsel-find-library)
- ("<f2> i" . counsel-info-lookup-symbol)
- ("<f2> u" . counsel-unicode-char)
- ("C-c g" . counsel-git)
- ("C-c j" . counsel-git-grep)
- ("C-c k" . counsel-ag)
- ("C-x l" . counsel-locate)
- :config
- (ivy-mode))
-(define-key ivy-minibuffer-map (kbd "C-j") 'ivy-immediate-done)
-
-(use-package magit)
-
-(use-package erc
- :hook
- ((erc-mode . erc-notifications-mode))
- :custom
- (erc-nick system-username "sets erc username to the one set in nix config")
- (erc-user-full-name system-fullname "sets erc fullname to the one set in nix config"))
-
-(use-package general
- :init
- (defun znc ()
- (interactive)
- (erc-tls :server "ret2pop.net"
- :port "5000"))
-
- (defun prestonpan ()
- (interactive)
- (erc-tls :server "nullring.xyz"
- :port "6697"))
-
- (defun liberachat ()
- (interactive)
- (erc-tls :server "irc.libera.chat"
- :port "6697"))
-
- (defun efnet ()
- (interactive)
- (erc-tls :server "irc.prison.net"
- :port "6697"))
-
- (defun matrix-org ()
- (interactive)
- (ement-connect))
-
- (defun gimp-org ()
- (interactive)
- (erc-tls :server "irc.gimp.org"
- :port "6697"))
-
- :config
- (general-create-definer leader-key :prefix "SPC")
- (leader-key 'normal
- "o c" '(org-capture :wk "Capture")
-
- ;; Org Mode
- "n" '(:ignore t :wk "Org mode plugins")
- "n j j" '(org-journal-new-entry :wk "Make new journal entry")
- "n r f" '(org-roam-node-find :wk "Find roam node")
- "n r i" '(org-roam-node-insert :wk "Insert roam node")
- "n r a" '(org-roam-alias-add :wk "Add alias to org roam node")
- "n r g" '(org-roam-graph :wk "Graph roam database")
- "m I" '(org-id-get-create :wk "Make org id")
-
- ;; Programming Projects
- "." '(counsel-find-file :wk "find file")
- "p a" '(projectile-add-known-project :wk "Add to project list")
-
- "N f" '(nix-flake :wk "nix flake menu")
- "f" '(:ignore t :wk "file operations")
- "f p" '(projectile-switch-project :wk "find project to switch to")
- "f f" '(counsel-fzf :wk "find file in project")
- "f s" '(counsel-rg :wk "find string in project")
-
- "y n s" '(yas-new-snippet :wk "Create new snippet")
-
- "g" '(:ignore t :wk "Magit")
- "g /" '(magit-dispatch :wk "git commands")
- "g P" '(magit-push :wk "git push")
- "g c" '(magit-commit :wk "git commit")
- "g p" '(magit-pull :wk "Pull from git")
- "g s" '(magit-status :wk "Change status of files")
- "g i" '(magit-init :wk "init new git project")
- "g r" '(magit-rebase :wk "Rebase branch")
- "g m" '(magit-merge :wk "Merge branches")
- "g b" '(magit-branch :wk "Git branch")
-
- "o p" '(treemacs :wk "Project Drawer")
- "o P" '(treemacs-projectile :wk "Import Projectile project to treemacs")
-
- "w r" '(writeroom-mode :wk "focus mode for writing")
-
- ;; Applications
- "o" '(:ignore t :wk "Open application")
- "o t" '(vterm :wk "Terminal")
- "o e" '(eshell :wk "Elisp Interpreter")
- "o m" '(mu4e :wk "Email")
- "o M" '(matrix-org :wk "Connect to matrix")
- "o r s" '(elfeed :wk "rss feed")
- "o a" '(org-agenda :wk "Open agenda")
- "o w" '(eww :wk "web browser")
- "m m" '(emms :wk "Music player")
- "s m" '(proced :wk "System Manager")
- "l p" '(list-processes :wk "List Emacs Processes")
-
- "m P p" '(org-publish :wk "Publish website components")
- "s e" '(sudo-edit :wk "Edit file with sudo")
-
- ;; "f f" '(eglot-format :wk "Format code buffer")
- "i p c" '(prestonpan :wk "Connect to my IRC server")
- "i l c" '(liberachat :wk "Connect to libera chat server")
- "i e c" '(efnet :wk "Connect to efnet chat server")
- "i g c" '(gimp-org :wk "Connect to gimp chat server")
- "i z c" '(znc :wk "Connect to my ZNC instance")
-
- ;; Documentation
- "h" '(:ignore t :wk "Documentation")
- "h v" '(counsel-describe-variable :wk "Describe variable")
- "h f" '(counsel-describe-function :wk "Describe function")
- "h h" '(help :wk "Help")
- "h m" '(woman :wk "Manual")
- "h i" '(info :wk "Info")
-
- "s i p" '(insert-urandom-password :wk "insert random password to buffer (for sops)")
-
- "h r r" '(lambda () (interactive) (org-babel-load-file (expand-file-name "~/monorepo/config/emacs.org")))))
-
-;; (use-package ellama
-;; :custom
-;; (ellama-sessions-directory "~/org/ellama/" "Set org directory for LLM sessions")
-;; :init
-;; (require 'llm-ollama)
-;; (setopt ellama-provider (make-llm-ollama
-;; :host "localhost"
-;; :chat-model "qwen2.5:14b")))
-
-(use-package minuet
- :bind
- (("M-y" . #'minuet-complete-with-minibuffer)
- ("C-c m" . #'minuet-show-suggestion)
- :map minuet-active-mode-map
- ("C-c r" . #'minuet-dismiss-suggestion)
- ("TAB" . #'minuet-accept-suggestion))
-
- :init
- (add-hook 'prog-mode-hook #'minuet-auto-suggestion-mode)
-
- :custom
- (minuet-request-timeout 40 "Max timeout in seconds")
- (minuet-provider 'openai-fim-compatible "FIM compatible OpenAI-like API (Ollama)")
- (minuet-n-completions 1 "I am using ghost text so I only need one possible completion")
- (minuet-context-window 1024 "how much context do I want?")
-
- :config
- (plist-put minuet-openai-fim-compatible-options :end-point "http://localhost:11434/v1/completions")
-
- (plist-put minuet-openai-fim-compatible-options :name "Ollama")
- (plist-put minuet-openai-fim-compatible-options :api-key "TERM")
- (plist-put minuet-openai-fim-compatible-options :model "qwen2.5-coder:14b")
-
- (minuet-set-optional-options minuet-openai-fim-compatible-options :max_tokens 50))
-
-(use-package elfeed
- :custom
- (elfeed-search-filter "@1-month-ago +unread" "Only display unread articles from a month ago")
-
- :config
- (run-with-timer 0 (* 60 60 4) 'elfeed-update)
-
- :hook ((elfeed-search-mode . elfeed-update)))
-
-(use-package elfeed-org
- :custom
- (rmh-elfeed-org-files '("~/monorepo/config/elfeed.org") "Use elfeed config in repo as default")
- :config
- (elfeed-org))
-
-(use-package elfeed-tube
- :after elfeed
- :demand t
- :config
- (elfeed-tube-setup)
- :bind (:map elfeed-show-mode-map
- ("F" . elfeed-tube-fetch)
- ([remap save-buffer] . elfeed-tube-save)
- :map elfeed-search-mode-map
- ("F" . elfeed-tube-fetch)
- ([remap save-buffer] . elfeed-tube-save)))
-
-(use-package elfeed-tube-mpv
- :bind (:map elfeed-show-mode-map
- ("C-c C-f" . elfeed-tube-mpv-follow-mode)
- ("C-c C-c" . elfeed-tube-mpv)
- ("C-c C-w" . elfeed-tube-mpv-where)
- :map elfeed-search-mode-map
- ("M" . elfeed-tube-mpv)))
-
-(use-package treemacs)
-(use-package treemacs-evil
- :after (treemacs evil))
-(use-package treemacs-projectile
- :after (treemacs projectile))
-(use-package treemacs-magit
- :after (treemacs magit))
-
-(use-package eww
- :custom
- (search-engines
- '((("google" "g") "https://google.com/search?q=%s")
- (("duckduckgo" "d" "ddg") "https://duckduckgo.com/?q=%s")
- (("rfc" "r") "https://www.rfc-editor.org/rfc/rfc%s.txt")
- (("rfc-kw" "rk") "https://www.rfc-editor.org/search/rfc_search_detail.php?title=%s"))
- "use this set of search engines")
-
- (search-engine-default "google" "Use google as default")
- (eww-search-prefix "https://google.com/search?q=" "Google prefix")
- :hook ((eww-mode . (lambda () (local-set-key (kbd "y Y") #'eww-copy-page-url)))))
-
-(use-package org-roam
- :after (org)
- :custom
- (org-roam-db-update-on-save t "Update org-roam db")
- (org-roam-graph-viewer "librewolf" "Use librewolf to view org-roam graph")
- (org-roam-directory (file-truename "~/monorepo/mindmap") "Set org-roam directory inside monorepo")
- (org-roam-capture-templates '(("d" "default" plain "%?"
- :target (file+head "${title}.org"
- "#+title: ${title}\n#+author: Preston Pan\n#+html_head: <link rel=\"stylesheet\" type=\"text/css\" href=\"../style.css\" />\n#+html_head: <script src=\"https://polyfill.io/v3/polyfill.min.js?features=es6\"></script>\n#+html_head: <script id=\"MathJax-script\" async src=\"https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-mml-chtml.js\"></script>\n#+options: broken-links:t")
- :unnarrowed t)) "org-roam files start with this snippet by default")
- :config
- (org-roam-db-autosync-mode)
- ;; Otherwise links are broken when publishing
- (org-roam-update-org-id-locations))
-
-(use-package org-roam-ui
- :after org-roam
- :hook (after-init . org-roam-ui-mode)
- :custom
- (org-roam-ui-sync-theme t "Use emacs theme for org-roam-ui")
- (org-roam-ui-follow t "Have cool visual while editing org-roam")
- (org-roam-ui-update-on-save t "This option is obvious")
- (org-roam-ui-open-on-start t "Have cool visual open in librewolf when emacs loads"))
-
-(use-package pinentry
- :custom (epa-pinentry-mode `loopback "Set this option to match gpg-agent.conf")
- :config (pinentry-start))
-
-(use-package smtpmail
- :custom
- (user-mail-address system-email "Use our email")
- (user-full-name system-fullname "Use our full name")
- (sendmail-program "msmtp" "Use msmtp in order to send emails")
- (send-mail-function 'smtpmail-send-it "This is required for this to work")
- (message-sendmail-f-is-evil t "Use evil-mode for sendmail")
- (message-sendmail-extra-arguments '("--read-envelope-from") "idk what this does")
- (message-send-mail-function 'message-send-mail-with-sendmail "Use sendmail"))
-
-(use-package mu4e
- :after smtpmail
- :hook
- ((mu4e-compose-mode . mml-secure-message-sign-pgpmime))
- :custom
- (mu4e-drafts-folder "/Drafts" "Set drafts folder mu db")
- (mu4e-sent-folder "/Sent" "Set sent folder in mu db")
- (mu4e-trash-folder "/Trash" "Set trash folder in mu db")
- (mu4e-attachment-dir "~/Downloads" "Set downloads folder for attachments")
- (mu4e-view-show-addresses 't "Show email addresses in main view")
- (mu4e-confirm-quit nil "Don't ask to quit")
- (message-kill-buffer-on-exit t "Kill buffer when I exit mu4e")
- (mu4e-compose-dont-reply-to-self t "Don't include self in replies")
- (mu4e-change-filenames-when-moving t)
- (mu4e-get-mail-command (concat "mbsync " system-username) "Use mbsync for imap")
- (mu4e-compose-reply-ignore-address (list "no-?reply" system-email) "ignore my own address and noreply")
- (mu4e-html2text-command "w3m -T text/html" "Use w3m to convert html to text")
- (mu4e-update-interval 300 "Update duration")
- (mu4e-headers-auto-update t "Auto-updates feed")
- (mu4e-view-show-images t "Shows images")
- (mu4e-compose-signature-auto-include nil)
- (mml-secure-openpgp-sign-with-sender t)
- (mml-secure-openpgp-signers (list system-gpgkey))
- (mail-user-agent 'mu4e-user-agent)
- (message-mail-user-agent 'mu4e-user-agent)
- (mu4e-use-fancy-chars t "Random option to make mu4e look nicer"))
-
-(use-package emms
- :custom
- (emms-source-file-default-directory (expand-file-name "~/music/") "Use directory specified in Nix")
- (emms-player-mpd-music-directory (expand-file-name "~/music/") "Use directory specified in Nix")
- (emms-player-mpd-server-name "localhost" "Connect to localhost")
- (emms-player-mpd-server-port "6600" "Connect to port 6600")
- (emms-player-list '(emms-player-mpd) "Use mpd")
- (emms-lyrics-display-on-modeline t)
- :hook
- ((emms-playlist-mode . emms-lyrics-mode)
- (emms-player-started . emms-lyrics-lrclib-get))
- :init
- (emms-all)
- (add-to-list 'emms-info-functions 'emms-info-mpd)
- (add-to-list 'emms-player-list 'emms-player-mpd)
- :config (emms-player-mpd-connect))
-
-(use-package centaur-tabs
- :custom
- (centaur-tabs-set-icons t "use icons for centaur-tabs")
- (centaur-tabs-set-modified-marker t "show when buffer modified")
- (centaur-tabs-icon-type 'all-the-icons "use all-the-icons for icons")
- :demand
- :config
- (centaur-tabs-mode t)
- :bind
- ("C-<prior>" . centaur-tabs-backward)
- ("C-<next>" . centaur-tabs-forward))
-
-(use-package lean4-mode
- :commands lean4-mode
- :vc (:url "https://github.com/leanprover-community/lean4-mode.git"
- :rev "76895d8939111654a472cfc617cfd43fbf5f1eb6"))
diff --git a/nix/modules/bitcoin.nix b/nix/modules/bitcoin.nix
deleted file mode 100644
index bd014bb..0000000
--- a/nix/modules/bitcoin.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ config, lib, ... }:
-{
- services.bitcoind."${config.monorepo.vars.userName}" = {
- enable = lib.mkDefault config.monorepo.profiles.workstation.enable;
- prune = 10000;
- };
-}
diff --git a/nix/modules/cgit.nix b/nix/modules/cgit.nix
deleted file mode 100644
index 5bf888d..0000000
--- a/nix/modules/cgit.nix
+++ /dev/null
@@ -1,34 +0,0 @@
-{ lib, config, ... }:
-let
- serverName = "git.${config.monorepo.vars.orgHost}";
-in
-{
- services.cgit."my-projects" = {
- enable = lib.mkDefault config.services.gitDaemon.enable;
- scanPath = "${config.users.users.git.home}";
- settings = {
- root-title = "Nullring Git Server";
- root-desc = "Projects and cool things";
- enable-commit-graph = 1;
- enable-log-filecount = 1;
- enable-log-linecount = 1;
- enable-index-owner = 0;
- clone-prefix = "https://${serverName}";
- enable-tree-linenumbers = 1;
- strict-export = "git-daemon-export-ok";
- };
- gitHttpBackend = {
- enable = true;
- checkExportOkFiles = true;
- };
- nginx = {
- virtualHost = "${serverName}";
- };
- };
-
- networking.domains.subDomains."${serverName}" = lib.mkIf config.services.cgit."my-projects".enable { };
- services.nginx.virtualHosts."${serverName}" = lib.mkIf config.services.cgit."my-projects".enable {
- forceSSL = true;
- enableACME = true;
- };
-}
diff --git a/nix/modules/conduit.nix b/nix/modules/conduit.nix
deleted file mode 100644
index edc8e8b..0000000
--- a/nix/modules/conduit.nix
+++ /dev/null
@@ -1,212 +0,0 @@
-{ config, lib, ... }:
-let
- livekitListenPort = 8443;
- # secrets.yaml
- livekit_secret = "livekit_secret";
- conduit_secret = "conduit_secrets";
-in
-{
- sops.secrets = lib.mkIf config.services.matrix-conduit.enable {
- "${livekit_secret}" = lib.mkIf config.services.livekit.enable {
- format = "yaml";
- mode = "0444";
- };
-
- "${conduit_secret}" = {
- format = "yaml";
- };
- };
-
- services.matrix-conduit = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- secretFile = "/run/secrets/${conduit_secret}";
- settings.global = {
- server_name = "matrix.${config.monorepo.vars.orgHost}";
- trusted_servers = [
- "matrix.org"
- "nixos.org"
- "conduit.rs"
- ];
- address = "0.0.0.0";
- port = 6167;
- allow_registration = false;
- };
- };
-
-
- services.livekit = {
- enable = lib.mkDefault (config.services.matrix-conduit.enable || config.services.matrix-synapse.enable);
- keyFile = "/run/secrets/${livekit_secret}";
- settings = {
- port = 7880;
- turn = {
- enabled = true;
- domain = "livekit.${config.monorepo.vars.orgHost}";
- cert_file = "/var/lib/acme/livekit.${config.monorepo.vars.orgHost}/fullchain.pem";
- key_file = "/var/lib/acme/livekit.${config.monorepo.vars.orgHost}/key.pem";
- tls_port = 5349;
- udp_port = 3478;
- };
-
- rtc = {
- use_external_ip = true;
- tcp_port = 7881;
- udp_port = 7882;
- port_range_start = 50000;
- port_range_end = 60000;
- };
- };
- };
-
- services.lk-jwt-service = {
- enable = lib.mkDefault config.services.livekit.enable;
- port = 6495;
- livekitUrl = "wss://livekit.${config.monorepo.vars.orgHost}";
- keyFile = "/run/secrets/${livekit_secret}";
- };
-
- # TODO: split into conduit and livekit
- networking.firewall.allowedTCPPorts = lib.mkIf config.services.matrix-conduit.enable [ 8448 7881 5349 livekitListenPort ];
-
- # this is fine though
- networking.firewall.allowedUDPPorts = lib.mkIf config.services.livekit.enable [ 7882 3478 ];
- networking.firewall.allowedUDPPortRanges = lib.mkIf config.services.livekit.enable [
- { from = 49152; to = 65535; }
- ];
-
- networking.domains.subDomains."matrix.${config.monorepo.vars.orgHost}" = lib.mkIf config.services.matrix-conduit.enable { };
- networking.domains.subDomains."livekit.${config.monorepo.vars.orgHost}" = lib.mkIf config.services.livekit.enable { };
-
- services.nginx.virtualHosts."matrix.${config.monorepo.vars.orgHost}" = lib.mkIf config.services.matrix-conduit.enable {
- enableACME = lib.mkDefault config.monorepo.profiles.server.enable;
- forceSSL = true;
- listen = [
- {
- addr = "0.0.0.0";
- port = 443;
- ssl = true;
- }
- {
- addr = "[::]";
- port = 443;
- ssl = true;
- }
- {
- addr = "0.0.0.0";
- port = 8448;
- ssl = true;
- }
- {
- addr = "[::]";
- port = 8448;
- ssl = true;
- }
- ];
- locations."/_matrix/" = {
- proxyPass = "http://127.0.0.1:${toString config.services.matrix-conduit.settings.global.port}";
- extraConfig = ''
- proxy_set_header Host $host;
- proxy_buffers 32 16k;
- proxy_read_timeout 5m;
- '';
- };
-
- locations."= /.well-known/matrix/server" = {
- extraConfig = ''
- default_type application/json;
- add_header Content-Type application/json;
- add_header Access-Control-Allow-Origin *;
- '';
-
- return = ''200 '{"m.server": "matrix.${config.monorepo.vars.orgHost}:443"}' '';
- };
-
- locations."/.well-known/matrix/client" = {
- extraConfig = ''
- default_type application/json;
- add_header Access-Control-Allow-Origin *;
- '';
-
- return = "200 '{\"m.homeserver\": {\"base_url\": \"https://matrix.${config.monorepo.vars.orgHost}\"}, \"org.matrix.msc4143.rtc_foci\": [{\"type\": \"livekit\", \"livekit_service_url\": \"https://matrix.${config.monorepo.vars.orgHost}:${toString livekitListenPort}\"}]}'";
- };
-
- extraConfig = ''
- merge_slashes off;
- '';
- };
-
-
- services.nginx.virtualHosts."matrix.${config.monorepo.vars.orgHost}-livekit" = lib.mkIf config.services.livekit.enable {
- serverName = "matrix.${config.monorepo.vars.orgHost}";
- listen = [
- {
- addr = "0.0.0.0";
- port = livekitListenPort;
- ssl = true;
- }
- {
- addr = "[::]";
- port = livekitListenPort;
- ssl = true;
- }
- ];
- addSSL = true;
- enableACME = false;
- forceSSL = false;
- useACMEHost = "matrix.${config.monorepo.vars.orgHost}";
-
- locations."/" = {
- proxyPass = "http://127.0.0.1:${toString config.services.lk-jwt-service.port}";
- proxyWebsockets = true;
- extraConfig = ''
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- '';
- };
- };
-
- services.nginx.virtualHosts."livekit.${config.monorepo.vars.orgHost}" = lib.mkIf config.services.livekit.enable {
- enableACME = true;
- forceSSL = true;
- locations."/" = {
- proxyPass = "http://127.0.0.1:${toString config.services.livekit.settings.port}";
- proxyWebsockets = true;
- extraConfig = ''
- proxy_read_timeout 3600s;
- proxy_send_timeout 3600s;
-
- # Standard headers for LiveKit
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
-
- # --- CORS CONFIGURATION START ---
- # 1. Allow all origins (including app.element.io)
- add_header 'Access-Control-Allow-Origin' '*' always;
-
- # 2. Allow specific methods (POST is required for /sfu/get)
- add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
-
- # 3. Allow headers (Content-Type is crucial for JSON)
- add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
-
- # 4. Handle the OPTIONS preflight request immediately
- if ($request_method = 'OPTIONS') {
- add_header 'Access-Control-Allow-Origin' '*' always;
- add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
- add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
- add_header 'Access-Control-Max-Age' 1728000;
- add_header 'Content-Type' 'text/plain; charset=utf-8';
- add_header 'Content-Length' 0;
- return 204;
- }
- # --- CORS CONFIGURATION END ---
- '';
- };
- };
-}
diff --git a/nix/modules/configuration.nix b/nix/modules/configuration.nix
deleted file mode 100644
index bee737f..0000000
--- a/nix/modules/configuration.nix
+++ /dev/null
@@ -1,606 +0,0 @@
-{ config, pkgs, lib, ... }:
-let
- userGroups = [
- "nginx"
- "git"
- "ircd"
- "ngircd"
- "conduit"
- "livekit"
- "matterbridge"
- "maddy"
- "ntfy-sh"
- "public-inbox"
- "plugdev"
- ];
- allDomains =
- (lib.attrNames config.networking.domains.baseDomains) ++
- (lib.attrNames config.networking.domains.subDomains);
-
- # 2. Generate BOTH possible outcomes in advance
- prodHosts = map (dom: "${config.monorepo.profiles.server.ipv4} ${dom}") allDomains;
- vmHosts = map (dom: "127.0.0.1 ${dom}") allDomains;
-in
-{
- imports = [
- ./cgit.nix
- ./public_inbox.nix
- ./matterbridge.nix
- ./mautrix.nix
- ./xserver.nix
- ./ssh.nix
- ./pipewire.nix
- ./tor.nix
- ./kubo.nix
- ./nvidia.nix
- ./cuda.nix
- ./nginx.nix
- ./secrets.nix
- ./git-daemon.nix
- ./ollama.nix
- ./i2pd.nix
- ./conduit.nix
- ./bitcoin.nix
- ./murmur.nix
- ./ngircd.nix
- ./znc.nix
- ./docker.nix
- ./impermanence.nix
- ./coturn.nix
- ./maddy.nix
- ./ntfy-sh.nix
- ./fail2ban.nix
- ];
-
- environment.etc."wpa_supplicant.conf".text = ''
- country=CA
- '';
- systemd.tmpfiles.rules = [
- "d /srv/git 0755 git git -"
- ];
-
- zramSwap = lib.mkIf config.monorepo.profiles.desktop.enable {
- enable = true;
- algorithm = "zstd";
- memoryPercent = 50;
- };
-
- virtualisation.vmVariant = lib.mkIf config.monorepo.profiles.server.enable {
- sops.validateSopsFiles = false;
- disko.devices = lib.mkForce { };
- virtualisation.forwardPorts = [
- { from = "host"; host.port = 10443; guest.port = 443; }
- { from = "host"; host.port = 9080; guest.port = 80; }
- ];
- virtualisation.useNixStoreImage = false;
- virtualisation.sharedDirectories.sops-keys = {
- source = "/home/preston/.config/sops/age"; # Path to your host key
- target = "/home/preston/.config/sops/age";
- };
- networking.extraHosts = lib.mkForce (lib.concatStringsSep "\n" vmHosts);
- networking.defaultGateway = lib.mkForce null;
- networking.interfaces."${config.monorepo.profiles.server.interface}".useDHCP = lib.mkForce true;
-
- fileSystems."/" = lib.mkForce {
- device = "/dev/disk/by-label/nixos";
- fsType = "ext4";
- };
- systemd.services.sops-nix = {
- unitConfig.RequiresMountsFor = "/home/preston/.config/sops/age";
- };
- };
-
- documentation = {
- enable = lib.mkDefault config.monorepo.profiles.documentation.enable;
- man.enable = lib.mkDefault config.monorepo.profiles.documentation.enable;
- dev.enable = lib.mkDefault config.monorepo.profiles.documentation.enable;
- };
-
- environment = {
- etc = {
- securetty.text = ''
- # /etc/securetty: list of terminals on which root is allowed to login.
- # See securetty(5) and login(1).
- '';
- };
- };
-
-
- systemd.network.enable = lib.mkDefault config.monorepo.profiles.server.enable;
- systemd.network.networks."40-${config.monorepo.profiles.server.interface}" = lib.mkIf config.monorepo.profiles.server.enable {
- matchConfig.Name = "${config.monorepo.profiles.server.interface}";
- networkConfig = {
- IPv6AcceptRA = true;
- IPv6PrivacyExtensions = false;
- };
- ipv6AcceptRAConfig = {
- UseAutonomousPrefix = false;
- };
- };
-
- systemd = {
- services.NetworkManager-wait-online.enable = false;
- coredump.enable = false;
- network.config.networkConfig.IPv6PrivacyExtensions = "kernel";
- tmpfiles.settings = {
- "restrictetcnixos"."/etc/nixos/*".Z = {
- mode = "0000";
- user = "root";
- group = "root";
- };
- };
- };
-
-
- boot = {
- supportedFilesystems = {
- btrfs = true;
- ext4 = true;
- };
-
- extraModprobeConfig = ''
- options snd-usb-audio vid=0x1235 pid=0x8200 device_setup=1
- options rtw88_core disable_lps_deep=y power_save=0 disable_aspm_l1ss=y
- options rtw88_pci disable_msi=y disable_aspm=y
- options rtw_core disable_lps_deep=y
- options rtw_pci disable_msi=y disable_aspm=y
- options rtw89_core disable_ps_mode=y
- options rtw89_pci disable_aspm_l1=y disable_aspm_l1ss=y disable_clkreq=y
- options iwlwifi 11n_disable=8 uapsd_disable=1 bt_coex_active=0 disable_11ax=1 power_save=0
- '';
- extraModulePackages = [ ];
-
- initrd = {
- availableKernelModules = [
- "xhci_pci"
- "ahci"
- "usb_storage"
- "sd_mod"
- "nvme"
- "sd_mod"
- "ehci_pci"
- "rtsx_pci_sdmmc"
- "usbhid"
- ];
-
- kernelModules = [ ];
- };
-
- lanzaboote = {
- enable = config.monorepo.profiles.secureBoot.enable;
- pkiBundle = "/var/lib/sbctl";
- };
-
- loader = {
- systemd-boot.enable = lib.mkForce ((! config.monorepo.profiles.grub.enable) && (! config.monorepo.profiles.secureBoot.enable));
- efi.canTouchEfiVariables = lib.mkForce (! config.monorepo.profiles.grub.enable);
- };
-
- kernelModules = [
- "snd-seq"
- "snd-rawmidi"
- "xhci_hcd"
- "kvm_intel"
- "af_packet"
- "ccm"
- "ctr"
- "cmac"
- "arc4"
- "ecb"
- "michael_mic"
- "gcm"
- "sha256"
- "sha384"
- ];
-
- kernelParams = [
- "cfg80211.reg_alpha2=CA"
- "usbcore.autosuspend=-1"
- "pcie_aspm=off"
- "pci=noaer"
- # "debugfs=off"
- "page_alloc.shuffle=1"
- "slab_nomerge"
- # "page_poison=1"
-
- # madaidan
- "pti=on"
- "randomize_kstack_offset=on"
- "vsyscall=none"
- # "lockdown=confidentiality"
-
- # cpu
- "spectre_v2=on"
- "spec_store_bypass_disable=on"
- "tsx=off"
- "l1tf=full,force"
- "kvm.nx_huge_pages=force"
-
- # hardened
- "extra_latent_entropy"
-
- # mineral
- # "init_on_alloc=1"
- # "random.trust_bootloader=off"
- # "init_on_free=1"
- "quiet"
- # "loglevel=0"
- ];
-
- blacklistedKernelModules = [
- "netrom"
- "rose"
-
- "adfs"
- "affs"
- "bfs"
- "befs"
- "cramfs"
- "efs"
- "erofs"
- "exofs"
- "freevxfs"
- "f2fs"
- "hfs"
- "hpfs"
- "jfs"
- "minix"
- "nilfs2"
- "ntfs"
- "omfs"
- "qnx4"
- "qnx6"
- "sysv"
- "ufs"
- ];
-
- kernel.sysctl =
- if config.monorepo.profiles.server.enable then {
- "net.ipv6.conf.${config.monorepo.profiles.server.interface}.autoconf" = 0;
- "net.ipv6.conf.${config.monorepo.profiles.server.interface}.accept_ra" = 1;
- } else {
- "kernel.ftrace_enabled" = false;
- "net.core.bpf_jit_enable" = false;
- "kernel.kptr_restrict" = 2;
-
- # madaidan
- "kernel.smtcontrol" = "on";
- "vm.swappiness" = 1;
- "vm.unprivileged_userfaultfd" = 0;
- "dev.tty.ldisc_autoload" = 0;
- "kernel.kexec_load_disabled" = 1;
- "kernel.sysrq" = 4;
- "kernel.perf_event_paranoid" = 3;
-
- # net
- "net.ipv4.ip_forward" = 1;
- "net.ipv4.icmp_echo_ignore_broadcasts" = true;
- # "net.ipv4.conf.all.accept_redirects" = false;
- # "net.ipv4.conf.all.secure_redirects" = false;
- # "net.ipv4.conf.default.accept_redirects" = false;
- # "net.ipv4.conf.default.secure_redirects" = false;
- # "net.ipv6.conf.all.accept_redirects" = false;
- # "net.ipv6.conf.default.accept_redirects" = false;
- };
- };
-
- networking = {
- interfaces = lib.mkIf config.monorepo.profiles.server.enable {
- "${config.monorepo.profiles.server.interface}" = {
- ipv4.addresses = [
- {
- address = config.monorepo.profiles.server.ipv4;
- prefixLength = 24;
- }
- ];
- ipv6.addresses = [
- {
- address = config.monorepo.profiles.server.ipv6;
- prefixLength = 64;
- }
- ];
- useDHCP = lib.mkForce false;
- };
- };
-
- defaultGateway = lib.mkIf config.monorepo.profiles.server.enable config.monorepo.profiles.server.gateway;
- useDHCP = false;
- tempAddresses = lib.mkIf config.monorepo.profiles.server.enable "disabled";
- extraHosts = lib.mkIf config.monorepo.profiles.server.enable (lib.concatStringsSep "\n" prodHosts);
-
- domains = lib.mkIf config.monorepo.profiles.server.enable {
- enable = true;
- baseDomains = {
- "${config.monorepo.vars.remoteHost}" = {
- a.data = config.monorepo.profiles.server.ipv4;
- aaaa.data = config.monorepo.profiles.server.ipv6;
- };
- "${config.monorepo.vars.orgHost}" = {
- a.data = config.monorepo.profiles.server.ipv4;
- aaaa.data = config.monorepo.profiles.server.ipv6;
- txt = {
- data = "v=spf1 ip4:${config.monorepo.profiles.server.ipv4} ip6:${config.monorepo.profiles.server.ipv6} -all";
- };
- };
- };
- };
-
-
- nameservers = [ "8.8.8.8" "1.1.1.1" ];
- dhcpcd.enable = (! config.monorepo.profiles.server.enable);
- networkmanager = {
- enable = lib.mkForce (! config.monorepo.profiles.server.enable); # rpis need network
- wifi = {
- powersave = false;
- };
- ensureProfiles = {
- profiles = {
- home-wifi = {
- connection = {
- id = "TELUS6572";
- permissions = "";
- type = "wifi";
- };
- ipv4 = {
- dns-search = "";
- method = "auto";
- };
- ipv6 = {
- addr-gen-mode = "stable-privacy";
- dns-search = "";
- method = "auto";
- };
- wifi = {
- mac-address-blacklist = "";
- mode = "infrastructure";
- ssid = "TELUS6572";
- };
- wifi-security = {
- auth-alg = "open";
- key-mgmt = "wpa-psk";
- # when someone actually steals my internet then I will be concerned.
- # This password only matters if you actually show up to my house in real life.
- # That would perhaps allow for some nasty networking related shenanigans.
- # I guess we'll cross that bridge when I get there.
- psk = "b4xnrv6cG6GX";
- };
- };
- };
- };
- };
- firewall = {
- allowedTCPPorts = [ 22 11434 ];
- allowedUDPPorts = [ ];
- };
- };
-
- hardware = {
- wirelessRegulatoryDatabase = true;
- enableAllFirmware = true;
- cpu.intel.updateMicrocode = true;
- graphics.enable = ! config.monorepo.profiles.ttyonly.enable;
-
- bluetooth = {
- enable = lib.mkDefault config.monorepo.profiles.desktop.enable;
- powerOnBoot = lib.mkDefault config.monorepo.profiles.desktop.enable;
- };
- };
-
- services = {
- pulseaudio.enable = ! config.monorepo.profiles.pipewire.enable;
- chrony = {
- enable = true;
- enableNTS = true;
- servers = [ "time.cloudflare.com" "ptbtime1.ptb.de" "ptbtime2.ptb.de" ];
- };
-
- jitterentropy-rngd.enable = true;
- resolved.settings.Resolve.DNSSEC = true;
- # usbguard.enable = true;
- usbguard.enable = false;
- dbus.apparmor = "enabled";
-
- # Misc.
- udev = {
- extraRules = '''';
- packages =
- if config.monorepo.profiles.workstation.enable then with pkgs; [
- platformio-core
- platformio-core.udev
- openocd
- ] else [ ];
- };
-
- printing.enable = lib.mkDefault config.monorepo.profiles.workstation.enable;
- udisks2.enable = (! config.monorepo.profiles.ttyonly.enable);
- };
-
- programs = {
- nix-ld.enable = true;
- zsh.enable = true;
- light.enable = true;
- ssh.enableAskPassword = false;
- };
-
- nixpkgs = {
- hostPlatform = lib.mkDefault "x86_64-linux";
- config = {
- allowUnfree = true;
- cudaSupport = lib.mkDefault config.monorepo.profiles.cuda.enable;
- };
- };
-
- security = {
- acme = {
- acceptTerms = true;
- defaults.email = "${config.monorepo.vars.internetName}@gmail.com";
- };
- apparmor = {
- enable = true;
- killUnconfinedConfinables = true;
- packages = with pkgs; [
- apparmor-profiles
- ];
- # policies = {
- # firefox.path = "${pkgs.apparmor-profiles}/share/apparmor/extra-profiles/firefox";
- # };
- };
-
- pam.loginLimits = [
- { domain = "*"; item = "nofile"; type = "-"; value = "32768"; }
- { domain = "*"; item = "memlock"; type = "-"; value = "32768"; }
- ];
- rtkit.enable = true;
-
- lockKernelModules = true;
- protectKernelImage = true;
-
- allowSimultaneousMultithreading = true;
- forcePageTableIsolation = true;
-
- tpm2 = {
- enable = true;
- pkcs11.enable = true;
- tctiEnvironment.enable = true;
- };
-
- auditd.enable = true;
- audit.enable = true;
- chromiumSuidSandbox.enable = (! config.monorepo.profiles.ttyonly.enable);
- sudo.enable = true;
- };
-
- xdg.portal = {
- enable = (! config.monorepo.profiles.ttyonly.enable);
- wlr.enable = (! config.monorepo.profiles.ttyonly.enable);
- extraPortals = with pkgs; if (! config.monorepo.profiles.ttyonly.enable) then [
- xdg-desktop-portal-gtk
- xdg-desktop-portal
- xdg-desktop-portal-hyprland
- ] else [ ];
- config.common.default = "*";
- };
-
- environment.etc."gitconfig".text = ''
- [init]
- defaultBranch = main
- '';
- environment.extraInit = ''
- umask 0022
- '';
- environment.systemPackages = with pkgs; [
- restic
- sbctl
- gitFull
- git-lfs
- git-lfs-transfer
- vim
- curl
- nmap
- exiftool
- (writeShellScriptBin "new-repo"
- ''
- #!/bin/bash
- cd ${config.users.users.git.home}
- git init --bare "$1"
- vim "$1/description"
- chown -R git:git "$1"
- ''
- )
- ];
-
- users.groups = lib.genAttrs userGroups (name: lib.mkDefault { });
-
- users.users = lib.genAttrs userGroups
- (name: {
- isSystemUser = lib.mkDefault true;
- group = "${name}";
- extraGroups = [ "acme" "nginx" ];
- }) // {
- conduit = {
- isSystemUser = lib.mkDefault true;
- group = "conduit";
- extraGroups = [ ];
- };
- matterbridge = {
- isSystemUser = lib.mkDefault true;
- group = "matterbridge";
- extraGroups = [ ];
- };
-
- public-inbox = {
- isSystemUser = lib.mkDefault true;
- group = "public-inbox";
-
- extraGroups = [ "acme" "nginx" "git" ];
- };
-
- ircd = {
- isSystemUser = lib.mkDefault true;
- group = "ircd";
- home = "/home/ircd";
- };
-
- nginx = {
- group = "nginx";
- isSystemUser = lib.mkDefault true;
- extraGroups = [ "acme" ];
- };
-
- root.openssh.authorizedKeys.keys = [
- config.monorepo.vars.sshKey
- ];
-
- git = {
- isSystemUser = true;
- home = "/srv/git";
- shell = "/bin/sh";
- group = "git";
- openssh.authorizedKeys.keys = [
- config.monorepo.vars.sshKey
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIEF+mcL9nDkzVhCYyYWCIrP+b6oRiiaV509jywbD0Vq nix-on-droid@localhost"
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCedJm0yYB0qLah/Y7PqLVgNh6qp+yujssGtuR05KbZLzSnsLUjUMObMyjFB9xTKrSGDqyoMkNe2l5VXMBJ9wBKLbzqMWbkakAWOj7EC/qZ6dFWA075mniwAuWKY/Q8QYohAJbbeU4j0ObWrltd4ar2Ac9vsVyftYF5efg8PEqVdOxzrBn5taY1zCCRjee5ISeRDIovnBbq7x86jsx5VnXTjMN9FZCI2qmz992Sg/PPXpXat+O1YQlG0eBHEny2Ug9gaAYnGOVr6kZKE4lrjz47nrXVXO6lJsNXmuzTVnEgo30DAA3dV4fws/M5ptM5Pgg2qe94HyHWhhmtXOekWmGtP3YxpVe3M/SPl31UL570ZDuuCcpJTsbe90ZyXC3CiSJkLKbmFkfOgZ6DI2LT8KSp09/2NCtZYriLN/nXObn6gQzByGMxVyKNx2hh8ENt9hzTCAk5lYDK3g3wS8eLCY3EH/caEqT9mLZEZeRHtAhtfozo1VJL7sSZ0Zm7wiIxHylwOshh1sYI1gb1MgMqNnrr1t8+8UK+Q0NERQW3yiphG36HXWy/DdCG0EF+N850KbgH1FFur+m+3hZCZCFVp3tGCcOC+bxWMBT3+9yC6LARi5cFjLQaWLsNO5xEs4vqX3+s3QjJ0pAYDkgtoeY2Fbh+imN+JasWn/cSy5p3UdE4ZQ== andrei@kiss"
- ];
- };
- "${config.monorepo.vars.userName}" = {
- openssh.authorizedKeys.keys = [
- config.monorepo.vars.sshKey
- ];
-
- linger = true;
- initialPassword = "${config.monorepo.vars.userName}";
- isNormalUser = true;
- description = config.monorepo.vars.fullName;
- extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" "docker" "plugdev" ];
- shell = pkgs.zsh;
- packages = [ ];
- };
- };
-
- nixpkgs.config.permittedInsecurePackages = [
- "python3.13-ecdsa-0.19.1"
- "olm-3.2.16"
- ];
-
- nix = {
- settings = {
- keep-outputs = true;
- keep-derivations = true;
- auto-optimise-store = true;
- max-jobs = 4;
- cores = 0;
- substituters = [
- "https://cache.nixos-cuda.org"
- ];
- trusted-public-keys = [
- "cache.nixos-cuda.org:74DUi4Ye579gUqzH4ziL9IyiJBlDpMRn9MBN8oNan9M="
- ];
- experimental-features = "nix-command flakes ca-derivations";
- trusted-users = [ "@wheel" ];
- };
- gc.automatic = true;
- };
- time.timeZone = config.monorepo.vars.timeZone;
- i18n.defaultLocale = "en_CA.UTF-8";
- system.stateVersion = "24.11";
-}
diff --git a/nix/modules/coturn.nix b/nix/modules/coturn.nix
deleted file mode 100644
index 3ceeac6..0000000
--- a/nix/modules/coturn.nix
+++ /dev/null
@@ -1,10 +0,0 @@
-{ lib, config, ... }:
-{
- services.coturn = {
- enable = false;
- use-auth-secret = true;
- listening-ips = [ "0.0.0.0" ];
- cert = "/var/lib/acme/matrix.${config.monorepo.vars.orgHost}/fullchain.pem";
- static-auth-secret-file = "/run/secrets/coturn_secret";
- };
-}
diff --git a/nix/modules/cuda.nix b/nix/modules/cuda.nix
deleted file mode 100644
index d5d9b7c..0000000
--- a/nix/modules/cuda.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
- environment.systemPackages = (if config.monorepo.profiles.cuda.enable then with pkgs; [
- cudatoolkit
- cudaPackages.cudnn
- cudaPackages.libcublas
- linuxPackages.nvidia_x11
- ] else []);
-}
diff --git a/nix/modules/default.nix b/nix/modules/default.nix
deleted file mode 100644
index 80c057f..0000000
--- a/nix/modules/default.nix
+++ /dev/null
@@ -1,82 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- imports = [
- ./configuration.nix
- ./vars.nix
- ];
-
- options = {
- monorepo = {
- profiles = {
- cuda.enable = lib.mkEnableOption "Enables CUDA support";
- documentation.enable = lib.mkEnableOption "Enables documentation on system.";
- secureBoot.enable = lib.mkEnableOption "Enables secure boot. See sbctl.";
- pipewire.enable = lib.mkEnableOption "Enables pipewire low latency audio setup";
- tor.enable = lib.mkEnableOption "Enables tor along with torsocks";
-
- server = {
- enable = lib.mkEnableOption "Enables server services";
- interface = lib.mkOption { type = lib.types.str; default = "eth0"; };
- ipv4 = lib.mkOption { type = lib.types.nullOr lib.types.str; default = null; };
- ipv6 = lib.mkOption { type = lib.types.nullOr lib.types.str; default = null; };
- gateway = lib.mkOption { type = lib.types.nullOr lib.types.str; default = null; };
- };
-
- ttyonly.enable = lib.mkEnableOption "TTY only, no xserver";
- grub.enable = lib.mkEnableOption "Enables grub instead of systemd-boot";
- workstation.enable = lib.mkEnableOption "Enables workstation services";
- desktop.enable = lib.mkEnableOption "Enables everything common to desktops";
- impermanence.enable = lib.mkEnableOption "Enables imperamanence";
- home.enable = lib.mkEnableOption "Enables home profiles";
- };
- };
- };
-
- config = {
- environment.systemPackages = lib.mkIf config.monorepo.profiles.documentation.enable ((with pkgs; [
- linux-manual
- man-pages
- man-pages-posix
- iproute2
- silver-searcher
- ripgrep
- ]) ++
- (if (config.monorepo.vars.fileSystem == "btrfs") then with pkgs; [
- btrfs-progs
- btrfs-snap
- btrfs-list
- btrfs-heatmap
- ] else [ ]));
-
- boot.loader.grub = lib.mkIf config.monorepo.profiles.grub.enable {
- enable = true;
- };
-
- assertions = [
- {
- assertion = !(config.monorepo.profiles.workstation.enable && config.monorepo.profiles.server.enable);
- message = ''
- You can't enable both workstation and server profile together. Please select only one.
- '';
- }
- {
- assertion = !(config.monorepo.profiles.desktop.enable && config.monorepo.profiles.server.enable);
- message = ''
- You can't enable both desktop and server profile together. Please select only one.
- '';
- }
- ];
- monorepo = {
- profiles = {
- desktop.enable = lib.mkDefault config.monorepo.profiles.workstation.enable;
- documentation.enable = lib.mkDefault true;
- pipewire.enable = lib.mkDefault true;
- tor.enable = lib.mkDefault true;
- impermanence.enable = lib.mkDefault false;
- server.enable = lib.mkDefault false;
- ttyonly.enable = lib.mkDefault config.monorepo.profiles.server.enable;
- home.enable = lib.mkDefault config.monorepo.profiles.desktop.enable;
- };
- };
- };
-}
diff --git a/nix/modules/docker.nix b/nix/modules/docker.nix
deleted file mode 100644
index 9eb18f5..0000000
--- a/nix/modules/docker.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ lib, config, vars, ... }:
-{
- # virtualisation = {
- # oci-containers = {
- # backend = "podman";
- # containers = {};
- # };
- # containers.enable = true;
- # podman = {
- # enable = true;
- # dockerCompat = true;
- # defaultNetwork.settings.dns_enabled = true;
- # };
- # };
-}
diff --git a/nix/modules/dovecot.nix b/nix/modules/dovecot.nix
deleted file mode 100644
index 2921ad8..0000000
--- a/nix/modules/dovecot.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ config, lib, ... }:
-{
- services.dovecot2 = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- enableImap = true;
- enablePop3 = true;
- };
-}
diff --git a/nix/modules/fail2ban.nix b/nix/modules/fail2ban.nix
deleted file mode 100644
index 5d289a0..0000000
--- a/nix/modules/fail2ban.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{ lib, config, ... }:
-{
- services.fail2ban = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- # Ban IP after 5 failures for 1 hour
- maxretry = 5;
- bantime = "1h";
- banaction = "iptables-allports";
- banaction-allports = "iptables-allports";
- };
-}
diff --git a/nix/modules/firejail.nix b/nix/modules/firejail.nix
deleted file mode 100644
index 054171a..0000000
--- a/nix/modules/firejail.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ pkgs, lib, ... }:
-{
- programs.firejail = {
- enable = true;
- wrappedBinaries = {
- firefox = {
- executable = "${lib.getBin pkgs.firefox-bin}/bin/firefox";
- profile = "${pkgs.firejail}/etc/firejail/firefox.profile";
- };
- emacs = {
- executable = "${lib.getBin pkgs.emacs-pgtk}/bin/emacs";
- profile = "${pkgs.firejail}/etc/firejail/emacs.profile";
- };
- zathura = {
- executable = "${lib.getBin pkgs.zathura}/bin/zathura";
- profile = "${pkgs.firejail}/etc/firejail/zathura.profile";
- };
- };
- };
-}
diff --git a/nix/modules/git-daemon.nix b/nix/modules/git-daemon.nix
deleted file mode 100644
index 972ab67..0000000
--- a/nix/modules/git-daemon.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{ config, lib, ... }:
-{
- services.gitDaemon = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- exportAll = true;
- basePath = "${config.users.users.git.home}";
- };
- networking.firewall.allowedTCPPorts = lib.mkIf config.services.gitDaemon.enable [
- 9418
- ];
-}
diff --git a/nix/modules/gitolite.nix b/nix/modules/gitolite.nix
deleted file mode 100644
index 33f647b..0000000
--- a/nix/modules/gitolite.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ lib, config, ... }:
-{
- services.gitolite = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- description = "My Gitolite User";
- adminPubkey = config.monorepo.vars.sshKey;
- };
-}
diff --git a/nix/modules/gitweb.nix b/nix/modules/gitweb.nix
deleted file mode 100644
index 69cb951..0000000
--- a/nix/modules/gitweb.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ lib, config, ... }:
-{
- services.gitweb = {
- gitwebTheme = lib.mkDefault config.monorepo.profiles.server.enable;
- projectroot = "/srv/git/";
- extraConfig = ''
-our $export_ok = "git-daemon-export-ok";
-our $site_name = "NullRing Git Server";
-our $site_header = "NullRing Projects";
-'';
- };
-}
diff --git a/nix/modules/gotosocial.nix b/nix/modules/gotosocial.nix
deleted file mode 100644
index b0a0c21..0000000
--- a/nix/modules/gotosocial.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ lib, config, ... }:
-{
- services.gotosocial = {
- enable = lib.mkDefault false;
- setupPostgresqlDB = true;
- settings = {
- application-name = "Nullring GoToSocial Instance";
- host = "gotosocial.${config.monorepo.vars.orgHost}";
- protocol = "https";
- bind-address = "127.0.0.1";
- port = 8080;
- };
- };
-}
diff --git a/nix/modules/heisenbridge.nix b/nix/modules/heisenbridge.nix
deleted file mode 100644
index f3b88fc..0000000
--- a/nix/modules/heisenbridge.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ lib, config, ... }:
-{
- services.heisenbridge = {
- enable = true;
- registrationUrl = "http://localhost:6167";
- owner = "@ret2pop:matrix.nullring.xyz";
- homeserver = "http://localhost:6167";
- };
-}
diff --git a/nix/modules/home/default.nix b/nix/modules/home/default.nix
deleted file mode 100644
index 80b28ee..0000000
--- a/nix/modules/home/default.nix
+++ /dev/null
@@ -1,219 +0,0 @@
-{ lib, config, pkgs, sops-nix, super, ... }:
-{
- imports = [
- sops-nix.homeManagerModules.sops
- ../vars.nix
- ./fcitx.nix
- ./emacs.nix
- ./firefox.nix
- ./git.nix
- ./hyprland.nix
- ./mpv.nix
- ./yt-dlp.nix
- ./wofi.nix
- ./kitty.nix
- ./waybar.nix
- ./zsh.nix
- ./mbsync.nix
- ./msmtp.nix
- ./gammastep.nix
- ./mpd.nix
- ./mako.nix
- ./user.nix
- ./gtk.nix
- ./secrets.nix
- ./pantalaimon.nix
- ];
-
- options = {
- monorepo.profiles = {
- enable = lib.mkEnableOption "Enables home manager desktop configuration";
- # Programs
- graphics.enable = lib.mkEnableOption "Enables graphical programs for user";
- lang-c.enable = lib.mkEnableOption "Enables C language support";
- lang-sh.enable = lib.mkEnableOption "Enables sh language support";
- lang-rust.enable = lib.mkEnableOption "Enables Rust language support";
- lang-python.enable = lib.mkEnableOption "Enables python language support";
- lang-sol.enable = lib.mkEnableOption "Enables solidity language support";
- lang-openscad.enable = lib.mkEnableOption "Enables openscad language support";
- lang-js.enable = lib.mkEnableOption "Enables javascript language support";
- lang-nix.enable = lib.mkEnableOption "Enables nix language support";
- lang-idris.enable = lib.mkEnableOption "Enables idris language support";
- lang-agda.enable = lib.mkEnableOption "Enables agda language support";
- lang-coq.enable = lib.mkEnableOption "Enables coq language support";
- lang-lean.enable = lib.mkEnableOption "Enables lean language support";
- lang-haskell.enable = lib.mkEnableOption "Enables haskell language support";
- crypto.enable = lib.mkEnableOption "Enables various cryptocurrency wallets";
- art.enable = lib.mkEnableOption "Enables various art programs";
- music.enable = lib.mkEnableOption "Enables mpd";
- workstation.enable = lib.mkEnableOption "Enables workstation packages (music production and others)";
- cuda.enable = lib.mkEnableOption "Enables CUDA user package builds";
- hyprland.enable = lib.mkEnableOption "Enables hyprland";
- email.enable = lib.mkEnableOption "Enables email";
- };
- };
-
- config = {
- home.packages = (if config.monorepo.profiles.email.enable then [ pkgs.mu ] else [ ])
- ++
- (if config.monorepo.profiles.lang-c.enable then
- (with pkgs; [
- autobuild
- clang
- gdb
- gnumake
- bear
- clang-tools
- autotools-language-server
- ]) else [ ])
- ++
- (if config.monorepo.profiles.workstation.enable then
- (with pkgs; [
- mumble
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-js.enable then
- (with pkgs; [
- nodejs
- bun
- yarn
- typescript
- typescript-language-server
- vscode-langservers-extracted
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-rust.enable then
- (with pkgs; [
- cargo
- rust-analyzer
- rustfmt
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-python.enable then
- (with pkgs; [
- poetry
- python3
- python314Packages.python-lsp-server
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-sol.enable then
- (with pkgs; [
- solc
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-openscad.enable then
- (with pkgs; [
- openscad
- openscad-lsp
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-sh.enable then
- (with pkgs; [
- bash-language-server
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-haskell.enable then
- (with pkgs; [
- haskell-language-server
- haskellPackages.hlint
- ghc
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-coq.enable then
- (with pkgs; [
- coq
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-lean.enable then
- (with pkgs; [
- lean4
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-agda.enable then
- (with pkgs; [
- agda
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-idris.enable then
- (with pkgs; [
- idris
- idris2Packages.idris2Lsp
- ]) else [ ])
- ++
- (if config.monorepo.profiles.lang-nix.enable then
- (with pkgs; [
- nil
- nixd
- nixfmt
- nix-prefetch-scripts
- ]) else [ ])
- ++
- (if config.monorepo.profiles.crypto.enable then
- (with pkgs; [
- bitcoin
- # electrum
- monero-cli
- monero-gui
- ]) else [ ])
- ++
- (if config.monorepo.profiles.art.enable then
- (with pkgs; [
- inkscape
- # krita
- ]) else [ ])
- ++
- (if config.monorepo.profiles.music.enable then
- (with pkgs; [
- mpc
- sox
- ]) else [ ])
- ++
- (if config.monorepo.profiles.workstation.enable then
- (with pkgs; [
- alsa-utils
- alsa-scarlett-gui
- ardour
- audacity
- # blender
- foxdot
- fluidsynth
- qjackctl
- qsynth
- qpwgraph
- imagemagick
- supercollider
- inkscape
- # kdePackages.kdenlive
- # kicad
- murmur
- ]) else [ ]);
-
- monorepo.profiles = {
- enable = lib.mkDefault super.monorepo.profiles.home.enable;
- music.enable = lib.mkDefault config.monorepo.profiles.enable;
- email.enable = lib.mkDefault config.monorepo.profiles.enable;
- cuda.enable = lib.mkDefault super.monorepo.profiles.cuda.enable;
-
- # Programming
- graphics.enable = lib.mkDefault (! super.monorepo.profiles.ttyonly.enable);
- hyprland.enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- lang-c.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-rust.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-python.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-sol.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-sh.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-openscad.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-js.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-nix.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-coq.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-lean.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-haskell.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-idris.enable = lib.mkDefault config.monorepo.profiles.enable;
- lang-agda.enable = lib.mkDefault config.monorepo.profiles.enable;
-
- crypto.enable = lib.mkDefault config.monorepo.profiles.enable;
- art.enable = lib.mkDefault config.monorepo.profiles.enable;
- workstation.enable = lib.mkDefault super.monorepo.profiles.workstation.enable;
- };
- };
-}
diff --git a/nix/modules/home/emacs.nix b/nix/modules/home/emacs.nix
deleted file mode 100644
index bc85177..0000000
--- a/nix/modules/home/emacs.nix
+++ /dev/null
@@ -1,102 +0,0 @@
-{ lib, config, pkgs, super, ... }:
-{
- programs.emacs =
- {
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- package = pkgs.emacs-pgtk;
- extraConfig = ''
-(setq debug-on-error t)
-(setq system-email "${super.monorepo.vars.email}")
-(setq system-username "${super.monorepo.vars.internetName}")
-(setq system-fullname "${super.monorepo.vars.fullName}")
-(setq system-gpgkey "${super.monorepo.vars.gpgKey}")
-(load "${pkgs.writeText "init.el" (builtins.readFile ../../init.el)}")
-'';
-
- extraPackages = epkgs: [
- epkgs.agda2-mode
- epkgs.all-the-icons
- epkgs.auctex
- epkgs.catppuccin-theme
- epkgs.company
- epkgs.company-solidity
- epkgs.counsel
- epkgs.centaur-tabs
- epkgs.dashboard
- epkgs.doom-themes
- epkgs.doom-modeline
- epkgs.elfeed
- epkgs.elfeed-org
- epkgs.elfeed-tube
- epkgs.elfeed-tube-mpv
- epkgs.elpher
- epkgs.ement
- epkgs.emmet-mode
- epkgs.emms
- epkgs.enwc
- epkgs.evil
- epkgs.evil-collection
- epkgs.evil-commentary
- epkgs.evil-org
- epkgs.f
- epkgs.flycheck
- epkgs.general
- epkgs.gptel
- epkgs.gruvbox-theme
- epkgs.haskell-mode
- epkgs.htmlize
- epkgs.idris-mode
- epkgs.irony-eldoc
- epkgs.ivy
- epkgs.ivy-pass
- epkgs.kiwix
- epkgs.latex-preview-pane
- epkgs.lsp-ivy
- epkgs.lsp-mode
- epkgs.lsp-haskell
- epkgs.lyrics-fetcher
- epkgs.mastodon
- epkgs.magit
- epkgs.magit-delta
- epkgs.mu4e
- epkgs.minuet
- epkgs.nix-mode
- epkgs.org-fragtog
- epkgs.org-journal
- epkgs.org-roam
- epkgs.org-roam-ui
- epkgs.org-superstar
- epkgs.page-break-lines
- epkgs.password-store
- epkgs.pdf-tools
- epkgs.pinentry
- epkgs.platformio-mode
- epkgs.projectile
- epkgs.rustic
- epkgs.scad-mode
- epkgs.simple-httpd
- epkgs.solidity-flycheck
- epkgs.solidity-mode
- epkgs.sudo-edit
- epkgs.telega
- epkgs.treemacs
- epkgs.treemacs-evil
- epkgs.treemacs-magit
- epkgs.treemacs-projectile
- epkgs.treesit-auto
- epkgs.typescript-mode
- epkgs.unicode-fonts
- epkgs.use-package
- epkgs.vterm
- epkgs.wgrep
- epkgs.web-mode
- epkgs.websocket
- epkgs.which-key
- epkgs.writegood-mode
- epkgs.writeroom-mode
- epkgs.yaml-mode
- epkgs.yasnippet
- epkgs.yasnippet-snippets
- ];
- };
-}
diff --git a/nix/modules/home/fcitx.nix b/nix/modules/home/fcitx.nix
deleted file mode 100644
index 1907590..0000000
--- a/nix/modules/home/fcitx.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ config, pkgs, lib, ... }:
-{
- i18n.inputMethod = {
- type = "fcitx5";
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- fcitx5.addons = if config.monorepo.profiles.graphics.enable then (with pkgs; [
- fcitx5-gtk
- qt6Packages.fcitx5-chinese-addons
- qt6Packages.fcitx5-configtool
- fcitx5-mozc
- fcitx5-rime
- ]) else [];
- };
-}
diff --git a/nix/modules/home/firefox.nix b/nix/modules/home/firefox.nix
deleted file mode 100644
index d339ba8..0000000
--- a/nix/modules/home/firefox.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- programs.librewolf = {
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- package = pkgs.librewolf;
- profiles = {
- default = {
- id = 0;
- name = "default";
- isDefault = true;
-
- extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
- ublock-origin
- tree-style-tab
- firefox-color
- vimium
- privacy-redirect
- ] ++ (lib.optional config.monorepo.profiles.crypto.enable pkgs.nur.repos.rycee.firefox-addons.metamask);
- settings = {
- "privacy.resistFingerprinting.letterboxing" = true;
- };
- };
- };
- };
-}
diff --git a/nix/modules/home/gammastep.nix b/nix/modules/home/gammastep.nix
deleted file mode 100644
index 208dda7..0000000
--- a/nix/modules/home/gammastep.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ lib, config, ... }:
-{
- services.gammastep = {
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- provider = "manual";
- latitude = 49.282730;
- longitude = -123.120735;
-
- temperature = {
- day = 5000;
- night = 3000;
- };
-
- settings = {
- general = {
- adjustment-method = "wayland";
- };
- };
- };
-}
diff --git a/nix/modules/home/git.nix b/nix/modules/home/git.nix
deleted file mode 100644
index 4018a3b..0000000
--- a/nix/modules/home/git.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-{ pkgs, lib, config, super, ... }:
-{
- programs.git = {
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- package = pkgs.gitFull;
- lfs.enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- userName = super.monorepo.vars.fullName;
- userEmail = "${super.monorepo.vars.email}";
- signing = {
- key = super.monorepo.vars.gpgKey;
- signByDefault = true;
- };
-
- extraConfig = {
- init.defaultBranch = "main";
- credential."mail.${super.monorepo.vars.orgHost}" = {
- username = "${super.monorepo.vars.email}";
- helper = "!f() { test \"$1\" = get && echo \"password=$(cat /run/user/1000/secrets/mail)\"; }; f";
- };
-
- sendemail = {
- smtpserver = "mail.${super.monorepo.vars.orgHost}";
- smtpuser = "${super.monorepo.vars.email}";
- smtpserverport = 465;
- smtpencryption = "ssl";
- };
- };
-
- aliases = {
- pl = "pull";
- ps = "push";
- co = "checkout";
- c = "commit";
- a = "add";
- st = "status";
- sw = "switch";
- b = "branch";
- };
- };
-}
diff --git a/nix/modules/home/gtk.nix b/nix/modules/home/gtk.nix
deleted file mode 100644
index 6283581..0000000
--- a/nix/modules/home/gtk.nix
+++ /dev/null
@@ -1,27 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- config = lib.mkIf config.monorepo.profiles.graphics.enable {
- gtk = {
- theme = {
- name = "catppuccin-mocha-pink-standard";
- package = pkgs.catppuccin-gtk.override {
- variant = "mocha";
- accents = [ "pink" ];
- };
- };
- };
- xdg.configFile = {
- "gtk-4.0/assets".source = "${config.gtk.theme.package}/share/themes/${config.gtk.theme.name}/gtk-4.0/assets";
- "gtk-4.0/gtk.css".source = "${config.gtk.theme.package}/share/themes/${config.gtk.theme.name}/gtk-4.0/gtk.css";
- "gtk-4.0/gtk-dark.css".source = "${config.gtk.theme.package}/share/themes/${config.gtk.theme.name}/gtk-4.0/gtk-dark.css";
-
- "gtk-3.0/gtk.css".source = "${config.gtk.theme.package}/share/themes/${config.gtk.theme.name}/gtk-3.0/gtk.css";
- "gtk-3.0/gtk-dark.css".source = "${config.gtk.theme.package}/share/themes/${config.gtk.theme.name}/gtk-3.0/gtk-dark.css";
- "gtk-3.0/settings.ini".text = ''
- [Settings]
- gtk-theme-name=${config.gtk.theme.name}
- gtk-application-prefer-dark-theme=1
- '';
- };
- };
-}
diff --git a/nix/modules/home/home.nix b/nix/modules/home/home.nix
deleted file mode 100644
index aa55550..0000000
--- a/nix/modules/home/home.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{ config, sops-nix, ... }:
-{
- home-manager = {
- sharedModules = [
- sops-nix.homeManagerModules.sops
- ];
- useGlobalPkgs = true;
- useUserPackages = true;
- users."${config.monorepo.vars.userName}" = import ./default.nix;
- };
-}
diff --git a/nix/modules/home/hyprland.nix b/nix/modules/home/hyprland.nix
deleted file mode 100644
index c836b81..0000000
--- a/nix/modules/home/hyprland.nix
+++ /dev/null
@@ -1,192 +0,0 @@
-{ lib, config, wallpapers, pkgs, scripts, ... }:
-{
- wayland.windowManager.hyprland = {
- enable = lib.mkDefault config.monorepo.profiles.hyprland.enable;
- package = pkgs.hyprland;
- xwayland.enable = true;
- systemd.enable = true;
- settings = {
- "$mod" = "SUPER";
- bezier = [
- "overshot, 0.05, 0.9, 0.1, 1.05"
- ];
- animation = [
- # "workspaces, 1, 10, overshot"
- "windows, 1, 2, default"
- "workspaces, 1, 2, default, slidefade 20%"
- ];
- exec-once = [
- "waybar"
- "swww-daemon --format xrgb"
- "sh -c 'swww img \"$(find ${wallpapers} -type f \\( -iname \"*.jpg\" -o -iname \"*.png\" \\) | shuf -n1)\"'"
- "fcitx5-remote -r"
- "fcitx5 -d --replace"
- "fcitx5-remote -r"
- "emacs"
- "librewolf"
- ];
- env = [
- "LIBVA_DRIVER_NAME,nvidia"
- "XDG_SESSION_TYPE,wayland"
- "GBM_BACKEND,nvidia-drm"
- "__GLX_VENDOR_LIBRARY_NAME,nvidia"
- "ELECTRON_OZONE_PLATFORM_HINT,auto"
- ];
-
- monitor = [
- "DP-4,2560x1440@165.000000,0x0,1"
- "Unknown-1,disable"
- ];
-
- layerrule = [
- {
- name = "waybar blur";
- "match:namespace" = "waybar";
- blur = "on";
- }
- ];
-
- windowrule = [
- {
- name = "emacs";
- "match:class" = "emacs";
- workspace = 1;
- }
- {
- name = "librewolf";
- "match:class" = "librewolf";
- workspace = 2;
- }
- {
- name = "chromium-browser";
- "match:class" = "chromium-browser";
- workspace = 2;
- }
- {
- name = "signal";
- "match:class" = "signal";
- workspace = 3;
- }
- {
- name = "Element";
- "match:class" = "Element";
- workspace = 3;
- }
- {
- name = "pavucontrol";
- "match:class" = "pavucontrol";
- workspace = 4;
- }
- {
- name = "qpwgraph";
- "match:class" = "qpwgraph";
- workspace = 4;
- }
- {
- name = "mpv";
- "match:class" = "mpv";
- workspace = 4;
- }
- ];
-
- bind = [
- "$mod, F, exec, librewolf"
- "$mod, Return, exec, kitty"
- "$mod, E, exec, emacs"
- "$mod, B, exec, bitcoin-qt"
- "$mod, S, exec, pavucontrol"
- "$mod, M, exec, monero-wallet-gui"
- "$mod, V, exec, element-desktop"
- "$mod, C, exec, signal-desktop"
- "$mod, D, exec, wofi --show run"
- "$mod, P, exec, bash ${scripts}/powermenu.sh"
- "$mod, Q, killactive"
- "$mod SHIFT, H, movewindow, l"
- "$mod SHIFT, L, movewindow, r"
- "$mod SHIFT, K, movewindow, u"
- "$mod SHIFT, J, movewindow, d"
-
- "$mod SHIFT, T, togglefloating"
- "$mod SHIFT, F, fullscreen"
-
- "$mod, H, movefocus, l"
- "$mod, L, movefocus, r"
- "$mod, K, movefocus, u"
- "$mod, J, movefocus, d"
- ", XF86AudioPlay, exec, mpc toggle"
- ", Print, exec, grim"
-
- "$mod, right, resizeactive, 30 0"
- "$mod, left, resizeactive, -30 0"
- "$mod, up, resizeactive, 0 -30"
- "$mod, down, resizeactive, 0 30"
- ]
- ++ (
- builtins.concatLists (builtins.genList
- (
- x:
- let
- ws =
- let
- c = (x + 1) / 10;
- in
- builtins.toString (x + 1 - (c * 10));
- in
- [
- "$mod, ${ws}, workspace, ${toString (x + 1)}"
- "$mod SHIFT, ${ws}, movetoworkspace, ${toString (x + 1)}"
- ]
- )
- 10)
- );
- bindm = [
- "$mod, mouse:272, movewindow"
- "$mod, mouse:273, resizewindow"
- "$mod ALT, mouse:272, resizewindow"
- ];
- binde = [
- ", XF86AudioRaiseVolume, exec, wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%+"
- ", XF86AudioLowerVolume, exec, wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%-"
- ", XF86AudioNext, exec, mpc next"
- ", XF86AudioPrev, exec, mpc prev"
- ", XF86MonBrightnessUp , exec, xbacklight -inc 10"
- ", XF86MonBrightnessDown, exec, xbacklight -dec 10"
- ];
- decoration = {
- blur = {
- enabled = true;
- size = 9;
- passes = 4;
- contrast = 0.8;
- brightness = 1.1;
- noise = 0.02;
- new_optimizations = true;
- ignore_opacity = true;
- xray = false;
- };
- rounding = 5;
- };
- input = {
- scroll_method = "on_button_down";
- scroll_button = 276;
- sensitivity = -0.5;
- kb_options = "caps:swapescape";
- repeat_delay = 300;
- repeat_rate = 50;
- natural_scroll = false;
- touchpad = {
- natural_scroll = true;
- disable_while_typing = true;
- tap-to-click = true;
- };
- };
- cursor = {
- no_hardware_cursors = true;
- };
- misc = {
- force_default_wallpaper = 0;
- disable_hyprland_logo = true;
- };
- };
- };
-}
diff --git a/nix/modules/home/kitty.nix b/nix/modules/home/kitty.nix
deleted file mode 100644
index b3e6e33..0000000
--- a/nix/modules/home/kitty.nix
+++ /dev/null
@@ -1,53 +0,0 @@
-{ lib, config, ... }:
-{
- programs.kitty = {
- enable = lib.mkDefault (config.monorepo.profiles.hyprland.enable && config.monorepo.profiles.graphics.enable);
- settings = {
- enable_audio_bell = false;
- font_family = "Iosevka Nerd Font";
- font_size = 14;
- confirm_os_window_close = 0;
- background_opacity = "0.7";
- # Catppuccin theme
- foreground = "#cdd6f4";
- background = "#1e1e2e";
- selection_foreground = "#1e1e2e";
- selection_background = "#f5e0dc";
- cursor = "#f5e0dc";
- cursor_text_color = "#1e1e2e";
- url_color = "#f5e0dc";
- active_border_color = "#B4BEFE";
- inactive_border_color = "#6C7086";
- bell_border_color = "#F9E2AF";
- wayland_titlebar_color = "#1E1E2E";
- macos_titlebar_color = "#1E1E2E";
- active_tab_foreground = "#11111B";
- active_tab_background = "#CBA6F7";
- inactive_tab_foreground = "#CDD6F4";
- inactive_tab_background = "#181825";
- tab_bar_background = "#11111B";
- mark1_foreground = "#1E1E2E";
- mark1_background = "#B4BEFE";
- mark2_foreground = "#1E1E2E";
- mark2_background = "#CBA6F7";
- mark3_foreground = "#1E1E2E";
- mark3_background = "#74C7EC";
- color0 = "#45475A";
- color8 = "#585B70";
- color1 = "#F38BA8";
- color9 = "#F38BA8";
- color2 = "#A6E3A1";
- color10 = "#A6E3A1";
- color3 = "#F9E2AF";
- color11 = "#F9E2AF";
- color4 = "#89B4FA";
- color12 = "#89B4FA";
- color5 = "#F5C2E7";
- color13 = "#F5C2E7";
- color6 = "#94E2D5";
- color14 = "#94E2D5";
- color7 = "#BAC2DE";
- color15 = "#A6ADC8";
- };
- };
-}
diff --git a/nix/modules/home/mako.nix b/nix/modules/home/mako.nix
deleted file mode 100644
index 14edde8..0000000
--- a/nix/modules/home/mako.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ lib, config, sounds, ... }:
-{
- services.mako = {
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- settings = {
- on-notify = "exec mpv ${sounds}/polite.ogg --no-config --no-video";
- background-color = "#11111bf8";
- text-color = "#cdd6f4";
- border-color = "#89b4faff";
- border-radius = 1;
- font = "Fira Code 10";
- default-timeout = 3000;
- };
- };
-}
diff --git a/nix/modules/home/mbsync.nix b/nix/modules/home/mbsync.nix
deleted file mode 100644
index 893528e..0000000
--- a/nix/modules/home/mbsync.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{ lib, config, super, ... }:
-{
- programs.mbsync = {
- enable = lib.mkDefault config.monorepo.profiles.email.enable;
- extraConfig = ''
- IMAPAccount ${super.monorepo.vars.internetName}
- Host mail.${super.monorepo.vars.orgHost}
- User ${super.monorepo.vars.email}
- PassCmd "cat ${config.sops.secrets.mail.path}"
- Port 993
- TLSType IMAPS
- AuthMechs *
- CertificateFile /etc/ssl/certs/ca-certificates.crt
-
- IMAPStore ${super.monorepo.vars.internetName}-remote
- Account ${super.monorepo.vars.internetName}
-
- MaildirStore ${super.monorepo.vars.internetName}-local
- Path ~/email/${super.monorepo.vars.internetName}/
- Inbox ~/email/${super.monorepo.vars.internetName}/INBOX
- SubFolders Verbatim
-
- Channel ${super.monorepo.vars.internetName}
- Far :${super.monorepo.vars.internetName}-remote:
- Near :${super.monorepo.vars.internetName}-local:
- Patterns *
- Create Near
- Sync All
- Expunge None
- SyncState *
- '';
- };
-}
diff --git a/nix/modules/home/mpd.nix b/nix/modules/home/mpd.nix
deleted file mode 100644
index b423a70..0000000
--- a/nix/modules/home/mpd.nix
+++ /dev/null
@@ -1,44 +0,0 @@
-{ lib, config, ... }:
-{
- services.mpd = {
- enable = lib.mkDefault config.monorepo.profiles.music.enable;
- dbFile = "/home/${config.monorepo.vars.userName}/.config/mpd/db";
- dataDir = "/home/${config.monorepo.vars.userName}/.config/mpd/";
- network.port = 6600;
- musicDirectory = "/home/${config.monorepo.vars.userName}/music";
- playlistDirectory = "/home/${config.monorepo.vars.userName}/.config/mpd/playlists";
- network.listenAddress = "0.0.0.0";
- extraConfig = ''
- audio_output {
- type "pipewire"
- name "pipewire output"
- }
-
- audio_output {
- type "httpd"
- name "Ret2pop's Music Stream"
- encoder "opus"
- port "8000"
- bitrate "128000"
- format "48000:16:1"
- always_on "yes"
- tags "yes"
- }
-
- audio_output {
- type "shout"
- name "My VPS Stream"
- host "127.0.0.1"
- port "8888"
- mount "/stream"
- password "SuperSecretSourcePass"
- bitrate "128"
- format "44100:16:2"
- protocol "icecast2"
- user "source"
- description "My MPD Stream"
- genre "Mixed"
- }
- '';
- };
-}
diff --git a/nix/modules/home/mpv.nix b/nix/modules/home/mpv.nix
deleted file mode 100644
index 6dd7f4d..0000000
--- a/nix/modules/home/mpv.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ lib, config, ... }:
-{
- programs.mpv = {
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- config = {
- profile = "gpu-hq";
- force-window = true;
- ytdl-format = "bestvideo+bestaudio";
- cache-default = 4000000;
- };
- };
-}
diff --git a/nix/modules/home/msmtp.nix b/nix/modules/home/msmtp.nix
deleted file mode 100644
index c1abd8f..0000000
--- a/nix/modules/home/msmtp.nix
+++ /dev/null
@@ -1,27 +0,0 @@
-{ lib, config, super, ... }:
-{
- programs.msmtp = {
- enable = lib.mkDefault config.monorepo.profiles.email.enable;
- extraConfig = ''
- # Set default values for all following accounts.
- defaults
- auth on
- tls on
- tls_trust_file /etc/ssl/certs/ca-certificates.crt
- tls_certcheck off
- logfile ~/.msmtp.log
-
- # Gmail
- account ${super.monorepo.vars.internetName}
- host mail.${super.monorepo.vars.orgHost}
- port 587
- from ${super.monorepo.vars.email}
- user ${super.monorepo.vars.email}
- passwordeval "cat ${config.sops.secrets.mail.path}"
-
-
- # Set a default account
- account default : ${super.monorepo.vars.internetName}
- '';
- };
-}
diff --git a/nix/modules/home/pantalaimon.nix b/nix/modules/home/pantalaimon.nix
deleted file mode 100644
index 35e72c3..0000000
--- a/nix/modules/home/pantalaimon.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-{ lib, config, ... }:
-{
- services.pantalaimon = {
- enable = lib.mkDefault false;
- settings = {
- Default = {
- LogLevel = "Debug";
- SSL = true;
- };
-
- local-matrix = {
- Homeserver = "https://matrix.nullring.xyz";
- ListenAddress = "127.0.0.1";
- ListenPort = 8008;
- };
- };
-
- };
-}
diff --git a/nix/modules/home/personal_secrets.nix b/nix/modules/home/personal_secrets.nix
deleted file mode 100644
index 9013de1..0000000
--- a/nix/modules/home/personal_secrets.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{ lib, config, ... }:
-{
- config = lib.mkIf config.monorepo.profiles.graphics.enable {
- sops.secrets = {
- mail = {
- format = "yaml";
- path = "${config.sops.defaultSymlinkPath}/mail";
- };
- cloudflare-dns = {
- format = "yaml";
- path = "${config.sops.defaultSymlinkPath}/cloudflare-dns";
- };
- digikey = {
- format = "yaml";
- path = "${config.sops.defaultSymlinkPath}/digikey";
- };
- dn42 = {
- format = "yaml";
- path = "${config.sops.defaultSymlinkPath}/dn42";
- };
- };
- };
-}
diff --git a/nix/modules/home/secrets.nix b/nix/modules/home/secrets.nix
deleted file mode 100644
index 00be79b..0000000
--- a/nix/modules/home/secrets.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{ config, super, ... }:
-{
- sops = {
- defaultSopsFile =
- if config.monorepo.profiles.graphics.enable
- then ../../secrets/secrets.yaml
- else ../../secrets/vps_secrets.yaml;
-
- age = {
- keyFile = "/home/${super.monorepo.vars.userName}/.config/sops/age/keys.txt";
- };
-
- secrets =
- if super.monorepo.profiles.desktop.enable then {
- mail = {
- format = "yaml";
- path = "${config.sops.defaultSymlinkPath}/mail";
- };
- cloudflare-dns = {
- format = "yaml";
- path = "${config.sops.defaultSymlinkPath}/cloudflare-dns";
- };
- digikey = {
- format = "yaml";
- path = "${config.sops.defaultSymlinkPath}/digikey";
- };
- dn42 = {
- format = "yaml";
- path = "${config.sops.defaultSymlinkPath}/dn42";
- };
- } else { };
- defaultSymlinkPath = "/run/user/1000/secrets";
- defaultSecretsMountPoint = "/run/user/1000/secrets.d";
- };
-}
diff --git a/nix/modules/home/user.nix b/nix/modules/home/user.nix
deleted file mode 100644
index d378fb6..0000000
--- a/nix/modules/home/user.nix
+++ /dev/null
@@ -1,202 +0,0 @@
-{ lib, config, super, pkgs, ... }:
-{
- home = {
- activation.startup-files = lib.hm.dag.entryAfter [ "installPackages" ] ''
- if [ ! -d "/home/${config.monorepo.vars.userName}/email/${config.monorepo.vars.internetName}/" ]; then
- mkdir -p /home/${config.monorepo.vars.userName}/email/${config.monorepo.vars.internetName}/
- fi
-
- if [ ! -d "/home/${config.monorepo.vars.userName}/music" ]; then
- mkdir -p /home/${config.monorepo.vars.userName}/music
- fi
-
- if [ ! -d /home/${config.monorepo.vars.userName}/org ]; then
- mkdir -p /home/${config.monorepo.vars.userName}/org
- fi
-
- if [ ! -d /home/${config.monorepo.vars.userName}/src ]; then
- mkdir -p /home/${config.monorepo.vars.userName}/src
- fi
-
- touch /home/${config.monorepo.vars.userName}/org/agenda.org
- touch /home/${config.monorepo.vars.userName}/org/notes.org
- '';
-
- enableNixpkgsReleaseCheck = false;
- username = config.monorepo.vars.userName;
- homeDirectory = "/home/${config.monorepo.vars.userName}";
- stateVersion = "24.11";
-
- packages = with pkgs; (if config.monorepo.profiles.graphics.enable then [
- # wikipedia
- # kiwix kiwix-tools
- gnupg
- unzip
- mupdf
- zathura
-
- fzf
- # passwords
- age
- sops
-
- # formatting
- ghostscript
- texliveFull
- pandoc
-
- # Emacs Deps
- graphviz
- jq
-
- # Apps
- # octaveFull
- grim
- swww
- vim
- kotatogram-desktop
- tg
- qwen-code
- element-desktop
- signal-desktop
- signal-cli
- thunderbird
- jami
-
- # Sound/media
- pavucontrol
- alsa-utils
- imagemagick
- ffmpeg
- helvum
-
- # Net
- curl
- rsync
- gitFull
- iamb
- ungoogled-chromium
-
- # Tor
- torsocks
- tor-browser
-
- # For transfering secrets onto new system
- stow
-
- # fonts
- nerd-fonts.iosevka
- noto-fonts
- noto-fonts-cjk-sans
- noto-fonts-color-emoji
- fira-code
- font-awesome_6
- victor-mono
- (aspellWithDicts
- (dicts: with dicts; [ en en-computers en-science ]))
-
- # Misc.
- pinentry-gnome3
- x11_ssh_askpass
- xdg-utils
- acpilight
- pfetch
- libnotify
- htop
-
- (pkgs.writeShellScriptBin "help"
- ''
- #!/usr/bin/env sh
- # Portable, colored, nicely aligned alias list
-
- # Generate uncolored alias pairs
- aliases=$(cat <<'EOF'
- ${let aliases = config.programs.zsh.shellAliases;
- in lib.concatStringsSep "\n" (lib.mapAttrsToList (name: value:
- "${name} -> ${value}"
- ) aliases)}
- EOF
- )
-
- # Align and color using awk
- echo "$aliases" | awk '
- BEGIN {
- GREEN="\033[0;32m";
- YELLOW="\033[0;33m";
- RESET="\033[0m";
- maxlen=0;
- }
- {
- # Split line on " -> "
- split($0, parts, / -> /);
- name[NR]=parts[1];
- cmd[NR]=parts[2];
- if(length(parts[1])>maxlen) maxlen=length(parts[1]);
- }
- END {
- for(i=1;i<=NR;i++) {
- # printf with fixed width for alias name
- printf "%s%-*s%s -> %s%s%s\n", GREEN, maxlen, name[i], RESET, YELLOW, cmd[i], RESET;
- }
- }'
- '')
-
- (writeShellScriptBin "remote-build"
- ''
- #!/bin/bash
- nixos-rebuild --sudo --ask-sudo-password --target-host "$1" switch --flake $HOME/monorepo/nix#spontaneity
- ''
- )
- (writeShellScriptBin "install-vps"
- ''
- #!/bin/bash
- nix run github:nix-community/nixos-anywhere -- --generate-hardware-config nixos-generate-config $HOME/monorepo/nix/systems/spontaneity/hardware-configuration.nix --flake $HOME/monorepo/nix#spontaneity --target-host "$1"
- '')
- (writeShellScriptBin "secrets"
- ''
- #!/bin/bash
- cd "$HOME/secrets"
- git pull # repo is over LAN
- stow */ # manage secrets with gnu stow
- cd "$HOME"
- '')
- (writeShellScriptBin "spontaneity-ci"
- ''
- #!/bin/bash
- nixos-rebuild build-vm --flake $HOME/monorepo/nix#spontaneity && QEMU_OPTS="-serial stdio" ./result/bin/run-spontaneity-vm 2>&1 | tee vm-boot.log'')
- ] else [
- pfetch
- # net
- curl
- torsocks
- rsync
- ]);
- };
-
- services = {
- gpg-agent = {
- pinentry.package = pkgs.pinentry-emacs;
- enable = true;
- extraConfig = ''
- allow-emacs-pinentry
- allow-loopback-pinentry
- '';
- };
- };
- xdg.mimeApps = {
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- defaultApplications = {
- "x-scheme-handler/mailto" = "emacsclient-mail.desktop";
- "text/html" = "librewolf.desktop";
- "text/xml" = "librewolf.desktop";
- "application/xhtml+xml" = "librewolf.desktop";
- "x-scheme-handler/http" = "librewolf.desktop";
- "x-scheme-handler/https" = "librewolf.desktop";
- "x-scheme-handler/about" = "librewolf.desktop";
- "x-scheme-handler/unknown" = "librewolf.desktop";
- };
- };
-
- programs.bash.enable = true;
- fonts.fontconfig.enable = true;
-}
diff --git a/nix/modules/home/vps_secrets.nix b/nix/modules/home/vps_secrets.nix
deleted file mode 100644
index df75a39..0000000
--- a/nix/modules/home/vps_secrets.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-{ lib, config, ... }:
-{
- config = lib.mkIf (!config.monorepo.profiles.graphics.enable) {
- sops.secrets = {
- znc = {
- format = "yaml";
- path = "${config.sops.defaultsymlinkpath}/znc";
- };
- znc_password_salt = {
- format = "yaml";
- path = "${config.sops.defaultsymlinkpath}/znc_password_salt";
- };
- znc_password_hash = {
- format = "yaml";
- path = "${config.sops.defaultsymlinkpath}/znc_password_hash";
- };
- matrix_bridge = {
- format = "yaml";
- path = "${config.sops.defaultsymlinkpath}/matrix_bridge";
- };
- coturn_secret = {
- format = "yaml";
- path = "${config.sops.defaultsymlinkpath}/coturn_secret";
- };
- livekit_secret = {
- format = "yaml";
- path = "${config.sops.defaultsymlinkpath}/livekit_secret";
- };
- livekit = {
- format = "yaml";
- path = "${config.sops.defaultsymlinkpath}/livekit";
- };
- conduit_secrets = {
- format = "yaml";
- path = "${config.sops.defaultsymlinkpath}/conduit_secrets";
- };
- mautrix_env = {
- format = "yaml";
- path = "${config.sops.defaultsymlinkpath}/mautrix_env";
- };
- };
- };
-}
diff --git a/nix/modules/home/waybar.nix b/nix/modules/home/waybar.nix
deleted file mode 100644
index 8e797a5..0000000
--- a/nix/modules/home/waybar.nix
+++ /dev/null
@@ -1,274 +0,0 @@
-{ lib, config, ... }:
-{
- programs.waybar = {
- enable = lib.mkDefault config.monorepo.profiles.hyprland.enable;
- style = ''
- * {
- border: none;
- border-radius: 0px;
- font-family: Iosevka Nerd Font, FontAwesome, Noto Sans CJK;
- font-size: 14px;
- font-style: normal;
- min-height: 0;
- }
-
- window#waybar {
- background: rgba(30, 30, 46, 0.5);
- border-bottom: 1px solid #45475a;
- color: #cdd6f4;
- }
-
- #workspaces {
- background: #45475a;
- margin: 5px 5px 5px 5px;
- padding: 0px 5px 0px 5px;
- border-radius: 16px;
- border: solid 0px #f4d9e1;
- font-weight: normal;
- font-style: normal;
- }
- #workspaces button {
- padding: 0px 5px;
- border-radius: 16px;
- color: #a6adc8;
- }
-
- #workspaces button.active {
- color: #f4d9e1;
- background-color: transparent;
- border-radius: 16px;
- }
-
- #workspaces button:hover {
- background-color: #cdd6f4;
- color: black;
- border-radius: 16px;
- }
-
- #custom-date, #clock, #battery, #pulseaudio, #network, #custom-randwall, #custom-launcher {
- background: transparent;
- padding: 5px 5px 5px 5px;
- margin: 5px 5px 5px 5px;
- border-radius: 8px;
- border: solid 0px #f4d9e1;
- }
-
- #custom-date {
- color: #D3869B;
- }
-
- #custom-power {
- color: #24283b;
- background-color: #db4b4b;
- border-radius: 5px;
- margin-right: 10px;
- margin-top: 5px;
- margin-bottom: 5px;
- margin-left: 0px;
- padding: 5px 10px;
- }
-
- #tray {
- background: #45475a;
- margin: 5px 5px 5px 5px;
- border-radius: 16px;
- padding: 0px 5px;
- /*border-right: solid 1px #282738;*/
- }
-
- #clock {
- color: #cdd6f4;
- background-color: #45475a;
- border-radius: 0px 0px 0px 24px;
- padding-left: 13px;
- padding-right: 15px;
- margin-right: 0px;
- margin-left: 10px;
- margin-top: 0px;
- margin-bottom: 0px;
- font-weight: bold;
- /*border-left: solid 1px #282738;*/
- }
-
- #battery {
- color: #89b4fa;
- }
-
- #battery.charging {
- color: #a6e3a1;
- }
-
- #battery.warning:not(.charging) {
- background-color: #f7768e;
- color: #f38ba8;
- border-radius: 5px 5px 5px 5px;
- }
-
- #backlight {
- background-color: #24283b;
- color: #db4b4b;
- border-radius: 0px 0px 0px 0px;
- margin: 5px;
- margin-left: 0px;
- margin-right: 0px;
- padding: 0px 0px;
- }
-
- #network {
- color: #f4d9e1;
- border-radius: 8px;
- margin-right: 5px;
- }
-
- #pulseaudio {
- color: #f4d9e1;
- border-radius: 8px;
- margin-left: 0px;
- }
-
- #pulseaudio.muted {
- background: transparent;
- color: #928374;
- border-radius: 8px;
- margin-left: 0px;
- }
-
- #custom-randwall {
- color: #f4d9e1;
- border-radius: 8px;
- margin-right: 0px;
- }
-
- #custom-launcher {
- color: #e5809e;
- background-color: #45475a;
- border-radius: 0px 24px 0px 0px;
- margin: 0px 0px 0px 0px;
- padding: 0 20px 0 13px;
- /*border-right: solid 1px #282738;*/
- font-size: 20px;
- }
-
- #custom-launcher button:hover {
- background-color: #FB4934;
- color: transparent;
- border-radius: 8px;
- margin-right: -5px;
- margin-left: 10px;
- }
-
- #custom-playerctl {
- background: #45475a;
- padding-left: 15px;
- padding-right: 14px;
- border-radius: 16px;
- /*border-left: solid 1px #282738;*/
- /*border-right: solid 1px #282738;*/
- margin-top: 5px;
- margin-bottom: 5px;
- margin-left: 0px;
- font-weight: normal;
- font-style: normal;
- font-size: 16px;
- }
-
- #custom-playerlabel {
- background: transparent;
- padding-left: 10px;
- padding-right: 15px;
- border-radius: 16px;
- /*border-left: solid 1px #282738;*/
- /*border-right: solid 1px #282738;*/
- margin-top: 5px;
- margin-bottom: 5px;
- font-weight: normal;
- font-style: normal;
- }
-
- #window {
- background: #45475a;
- padding-left: 15px;
- padding-right: 15px;
- border-radius: 16px;
- /*border-left: solid 1px #282738;*/
- /*border-right: solid 1px #282738;*/
- margin-top: 5px;
- margin-bottom: 5px;
- font-weight: normal;
- font-style: normal;
- }
-
- #custom-wf-recorder {
- padding: 0 20px;
- color: #e5809e;
- background-color: #1E1E2E;
- }
-
- #cpu {
- background-color: #45475a;
- /*color: #FABD2D;*/
- border-radius: 16px;
- margin: 5px;
- margin-left: 5px;
- margin-right: 5px;
- padding: 0px 10px 0px 10px;
- font-weight: bold;
- }
-
- #memory {
- background-color: #45475a;
- /*color: #83A598;*/
- border-radius: 16px;
- margin: 5px;
- margin-left: 5px;
- margin-right: 5px;
- padding: 0px 10px 0px 10px;
- font-weight: bold;
- }
-
- #disk {
- background-color: #45475a;
- /*color: #8EC07C;*/
- border-radius: 16px;
- margin: 5px;
- margin-left: 5px;
- margin-right: 5px;
- padding: 0px 10px 0px 10px;
- font-weight: bold;
- }
-
- #custom-hyprpicker {
- background-color: #45475a;
- /*color: #8EC07C;*/
- border-radius: 16px;
- margin: 5px;
- margin-left: 5px;
- margin-right: 5px;
- padding: 0px 11px 0px 9px;
- font-weight: bold;
- }
- '';
- settings = {
- mainBar = {
- layer = "top";
- position = "top";
- height = 50;
-
- output = config.monorepo.vars.monitors;
-
- modules-left = [ "hyprland/workspaces" ];
- modules-center = [ "hyprland/window" ];
- modules-right = [ "battery" "clock" ];
-
- battery = {
- format = "{icon} {capacity}%";
- format-icons = ["" "" "" "" "" ];
- };
-
- clock = {
- format = "⏰ {:%a %d, %b %H:%M}";
- };
- };
- };
- };
-}
diff --git a/nix/modules/home/wofi.nix b/nix/modules/home/wofi.nix
deleted file mode 100644
index ec2e3bc..0000000
--- a/nix/modules/home/wofi.nix
+++ /dev/null
@@ -1,188 +0,0 @@
-{ lib, config, ... }:
-{
- programs.wofi = {
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- settings = {
- location = "bottom-right";
- allow_markup = true;
- show = "drun";
- width = 750;
- height = 400;
- always_parse_args = true;
- show_all = false;
- term = "kitty";
- hide_scroll = true;
- print_command = true;
- insensitive = true;
- prompt = "Run what, Commander?";
- columns = 2;
- };
-
- style = ''
- @define-color rosewater #f5e0dc;
- @define-color rosewater-rgb rgb(245, 224, 220);
- @define-color flamingo #f2cdcd;
- @define-color flamingo-rgb rgb(242, 205, 205);
- @define-color pink #f5c2e7;
- @define-color pink-rgb rgb(245, 194, 231);
- @define-color mauve #cba6f7;
- @define-color mauve-rgb rgb(203, 166, 247);
- @define-color red #f38ba8;
- @define-color red-rgb rgb(243, 139, 168);
- @define-color maroon #eba0ac;
- @define-color maroon-rgb rgb(235, 160, 172);
- @define-color peach #fab387;
- @define-color peach-rgb rgb(250, 179, 135);
- @define-color yellow #f9e2af;
- @define-color yellow-rgb rgb(249, 226, 175);
- @define-color green #a6e3a1;
- @define-color green-rgb rgb(166, 227, 161);
- @define-color teal #94e2d5;
- @define-color teal-rgb rgb(148, 226, 213);
- @define-color sky #89dceb;
- @define-color sky-rgb rgb(137, 220, 235);
- @define-color sapphire #74c7ec;
- @define-color sapphire-rgb rgb(116, 199, 236);
- @define-color blue #89b4fa;
- @define-color blue-rgb rgb(137, 180, 250);
- @define-color lavender #b4befe;
- @define-color lavender-rgb rgb(180, 190, 254);
- @define-color text #cdd6f4;
- @define-color text-rgb rgb(205, 214, 244);
- @define-color subtext1 #bac2de;
- @define-color subtext1-rgb rgb(186, 194, 222);
- @define-color subtext0 #a6adc8;
- @define-color subtext0-rgb rgb(166, 173, 200);
- @define-color overlay2 #9399b2;
- @define-color overlay2-rgb rgb(147, 153, 178);
- @define-color overlay1 #7f849c;
- @define-color overlay1-rgb rgb(127, 132, 156);
- @define-color overlay0 #6c7086;
- @define-color overlay0-rgb rgb(108, 112, 134);
- @define-color surface2 #585b70;
- @define-color surface2-rgb rgb(88, 91, 112);
- @define-color surface1 #45475a;
- @define-color surface1-rgb rgb(69, 71, 90);
- @define-color surface0 #313244;
- @define-color surface0-rgb rgb(49, 50, 68);
- @define-color base #1e1e2e;
- @define-color base-rgb rgb(30, 30, 46);
- @define-color mantle #181825;
- @define-color mantle-rgb rgb(24, 24, 37);
- @define-color crust #11111b;
- @define-color crust-rgb rgb(17, 17, 27);
-
- * {
- font-family: 'Iosevka Nerd Font', monospace;
- font-size: 14px;
- }
-
- /* Window */
- window {
- margin: 0px;
- padding: 10px;
- border: 0.16em solid @lavender;
- border-radius: 0.1em;
- background-color: @base;
- animation: slideIn 0.5s ease-in-out both;
- }
-
- /* Slide In */
- @keyframes slideIn {
- 0% {
- opacity: 0;
- }
-
- 100% {
- opacity: 1;
- }
- }
-
- /* Inner Box */
- #inner-box {
- margin: 5px;
- padding: 10px;
- border: none;
- background-color: @base;
- animation: fadeIn 0.5s ease-in-out both;
- }
-
- /* Fade In */
- @keyframes fadeIn {
- 0% {
- opacity: 0;
- }
-
- 100% {
- opacity: 1;
- }
- }
-
- /* Outer Box */
- #outer-box {
- margin: 5px;
- padding: 10px;
- border: none;
- background-color: @base;
- }
-
- /* Scroll */
- #scroll {
- margin: 0px;
- padding: 10px;
- border: none;
- background-color: @base;
- }
-
- /* Input */
- #input {
- margin: 5px 20px;
- padding: 10px;
- border: none;
- border-radius: 0.1em;
- color: @text;
- background-color: @base;
- animation: fadeIn 0.5s ease-in-out both;
- }
-
- #input image {
- border: none;
- color: @red;
- }
-
- #input * {
- outline: 4px solid @red!important;
- }
-
- /* Text */
- #text {
- margin: 5px;
- border: none;
- color: @text;
- animation: fadeIn 0.5s ease-in-out both;
- }
-
- #entry {
- background-color: @base;
- }
-
- #entry arrow {
- border: none;
- color: @lavender;
- }
-
- /* Selected Entry */
- #entry:selected {
- border: 0.11em solid @lavender;
- }
-
- #entry:selected #text {
- color: @mauve;
- }
-
- #entry:drop(active) {
- background-color: @lavender!important;
- }
- '';
- };
-}
diff --git a/nix/modules/home/yt-dlp.nix b/nix/modules/home/yt-dlp.nix
deleted file mode 100644
index b9dd8e0..0000000
--- a/nix/modules/home/yt-dlp.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ lib, config, ... }:
-{
- programs.yt-dlp = {
- enable = lib.mkDefault config.monorepo.profiles.graphics.enable;
- settings = {
- embed-thumbnail = true;
- embed-subs = true;
- sub-langs = "all";
- downloader = "aria2c";
- downloader-args = "aria2c:'-c -x8 -s8 -k1M'";
- };
- };
-}
diff --git a/nix/modules/home/zsh.nix b/nix/modules/home/zsh.nix
deleted file mode 100644
index 62dcbd5..0000000
--- a/nix/modules/home/zsh.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{ lib, config, pkgs, systemHostName, ... }:
-{
- programs.zsh = {
- enable = true;
- initContent = ''
- umask 0022
- export EXTRA_CCFLAGS="-I/usr/include"
- source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh
- export QT_QPA_PLATFORM="wayland"
- export OLLAMA_MODEL="qwen3:14b"
- '';
-
- localVariables = {
- EDITOR = "emacsclient --create-frame --alternate-editor=vim";
- INPUT_METHOD = "fcitx";
- QT_IM_MODULE = "fcitx";
- GTK_IM_MODULE = "fcitx";
- XMODIFIERS = "@im=fcitx";
- XIM_SERVERS = "fcitx";
- WXSUPPRESS_SIZER_FLAGS_CHECK = "1";
- };
-
- shellAliases = {
- clone-secrets = "git clone ssh://\"$1\"/home/preston/secrets \"$HOME/secrets\"";
- get-channel-id = "yt-dlp --print \"%(channel_id)s\" --playlist-end 1 \"$1\"";
- se = "sops edit";
- f = "vim $(fzf)";
- e = "cd $(find . -type d -print | fzf)";
- c = "clear";
- g = "git";
- v = "vim";
- py = "python3";
- build-installer = "nix build $HOME/monorepo/nix#nixosConfigurations.installer.config.system.build.isoImage";
- rb = "sudo nixos-rebuild switch --flake $HOME/monorepo/nix#${systemHostName}";
- nfu = "cd ~/monorepo/nix && git add . && git commit -m \"new flake lock\" && nix flake update";
- usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/${config.monorepo.vars.internetName}-website/";
- usite
- = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/${config.monorepo.vars.internetName}-website/";
- sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l";
- };
- loginExtra = ''
- if [[ "$(tty)" = "/dev/tty1" ]]; then
- exec Hyprland
- fi
- '';
- };
-}
diff --git a/nix/modules/honk.nix b/nix/modules/honk.nix
deleted file mode 100644
index 985a544..0000000
--- a/nix/modules/honk.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ lib, config, ... }:
-{
- services.honk = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- servername = "ret2pop.net";
- username = "ret2pop";
- };
-}
diff --git a/nix/modules/i2pd.nix b/nix/modules/i2pd.nix
deleted file mode 100644
index 9e942fa..0000000
--- a/nix/modules/i2pd.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ config, lib, ... }:
-{
- services.i2pd = {
- enable = lib.mkDefault false;
- address = "0.0.0.0";
- inTunnels = { };
- outTunnels = { };
- };
-}
diff --git a/nix/modules/icecast.nix b/nix/modules/icecast.nix
deleted file mode 100644
index 7d3d88d..0000000
--- a/nix/modules/icecast.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ lib, config, ... }:
-{
- services.icecast = {
- enable = lib.mkDefault false;
- listen.address = "0.0.0.0";
- extraConfig = ''
- <mount type="default">
- <public>0</public>
- <intro>/stream.m3u</intro>
- <max-listener-duration>3600</max-listener-duration>
- <authentication type="url">
- <option name="mount_add" value="http://auth.example.org/stream_start.php"/>
- </authentication>
- <http-headers>
- <header name="foo" value="bar" />
- </http-headers>
- </mount>
- '';
- };
- admin.password = "changeme";
-}
diff --git a/nix/modules/impermanence.nix b/nix/modules/impermanence.nix
deleted file mode 100644
index 4fa886a..0000000
--- a/nix/modules/impermanence.nix
+++ /dev/null
@@ -1,100 +0,0 @@
-{ lib, config, ... }:
-{
- assertions = [
- {
- assertion = (! (config.monorepo.profiles.impermanence.enable && (! (config.monorepo.vars.fileSystem == "btrfs"))));
- message = "Impermanence requires btrfs filesystem.";
- }
- ];
-
- boot.initrd.postResumeCommands = (if config.monorepo.profiles.impermanence.enable then lib.mkAfter ''
- mkdir /btrfs_tmp
- mount -t btrfs -n -o subvol=/ /dev/mapper/crypted /btrfs_tmp
- if [[ -e /btrfs_tmp/root ]]; then
- mkdir -p /btrfs_tmp/old_roots
- timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
- mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
- fi
-
- delete_subvolume_recursively() {
- IFS=$'\n'
- for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
- delete_subvolume_recursively "/btrfs_tmp/$i"
- done
- btrfs subvolume delete "$1"
- }
-
- for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
- delete_subvolume_recursively "$i"
- done
-
- btrfs subvolume create /btrfs_tmp/root
- umount -n /btrfs_tmp
- '' else "");
-
- boot.initrd.luks.devices = (if (config.monorepo.vars.fileSystem == "btrfs") then {
- crypted = {
- device = "/dev/disk/by-partlabel/disk-main-luks";
- };
- } else {});
-
- fileSystems = if (config.monorepo.profiles.impermanence.enable) then {
- "/persistent" = {
- neededForBoot = true;
- };
- "/home" = {
- neededForBoot = true;
- };
- } else {};
-
- environment.persistence."/persistent" = {
- enable = config.monorepo.profiles.impermanence.enable;
- hideMounts = true;
- directories = [
- "/var/log"
- "/var/lib/bluetooth"
- "/var/lib/nixos"
- "/var/lib/systemd/coredump"
- "/etc/NetworkManager/system-connections"
- ];
- files = [
- "/etc/machine-id"
- { file = "/var/keys/secret_file"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
- ];
- users."${config.monorepo.vars.userName}" = {
- directories = [
- "Downloads"
- "music"
- "Pictures"
- "Documents"
- "Videos"
- "Monero"
- "org"
- "monorepo"
- "soundfont"
- "website_html"
- "ardour"
- "audacity"
- "img"
- "email"
- "projects"
- "secrets"
-
- ".emacs.d"
- ".elfeed"
- ".electrum"
- ".mozilla"
- ".bitmonero"
- ".config"
- ".crypto"
- { directory = ".gnupg"; mode = "0700"; }
- { directory = ".ssh"; mode = "0700"; }
- { directory = ".local/share/keyrings"; mode = "0700"; }
- ".local/share/direnv"
- ];
- files = [
- ".emacs"
- ];
- };
- };
-}
diff --git a/nix/modules/inspircd.nix b/nix/modules/inspircd.nix
deleted file mode 100644
index bf3e9ba..0000000
--- a/nix/modules/inspircd.nix
+++ /dev/null
@@ -1,539 +0,0 @@
-{ lib, config, ... }:
-{
- services.inspircd = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- modules = [ "ssl_openssl" ];
- config = ''
-<server name="nullring.xyz"
- description="Nullring IRC Instance"
- network="NullRing">
-
-<admin
- name="Preston Pan"
- nick="prestonp"
- email="ret2pop@gmail.com">
-
-<bind
- address="0.0.0.0"
- port="6697"
- type="clients"
- ssl="openssl">
-
-<module name="ssl_openssl">
-<openssl certfile="/var/lib/acme/fullchain.pem" keyfile="/var/lib/acme/key.pem">
-
-<power
- # hash: what hash these passwords are hashed with.
- # Requires the module for selected hash (m_md5.so, m_sha256.so
- # or m_ripemd160.so) be loaded and the password hashing module
- # (m_password_hash.so) loaded.
- # Options here are: "md5", "sha256" and "ripemd160", or one of
- # these prefixed with "hmac-", e.g.: "hmac-sha256".
- # Optional, but recommended. Create hashed passwords with:
- # /mkpasswd <hash> <password>
- #hash="sha256"
-
- # diepass: Password for opers to use if they need to shutdown (die)
- # a server.
- diepass=""
-
- # restartpass: Password for opers to use if they need to restart
- # a server.
- restartpass="">
-
-<connect
- # name: Name to use for this connect block. Mainly used for
- # connect class inheriting.
- name="main"
-
- # allow: What IP addresses/hosts to allow for this block.
- allow="*"
-
- # maxchans: Maximum number of channels a user in this class
- # be in at one time. This overrides every other maxchans setting.
- #maxchans="30"
-
- # timeout: How long (in seconds) the server will wait before
- # disconnecting a user if they do not do anything on connect.
- # (Note, this is a client-side thing, if the client does not
- # send /nick, /user or /pass)
- timeout="10"
-
- # pingfreq: How often (in seconds) the server tries to ping connecting clients.
- pingfreq="120"
-
- # hardsendq: maximum amount of data allowed in a client's send queue
- # before they are dropped. Keep this value higher than the length of
- # your network's /LIST or /WHO output, or you will have lots of
- # disconnects from sendq overruns!
- # Setting this to "1M" is equivalent to "1048576", "8K" is 8192, etc.
- hardsendq="1M"
-
- # softsendq: amount of data in a client's send queue before the server
- # begins delaying their commands in order to allow the sendq to drain
- softsendq="8192"
-
- # recvq: amount of data allowed in a client's queue before they are dropped.
- # Entering "8K" is equivalent to "8192", see above.
- recvq="8K"
-
- # threshold: This specifies the amount of command penalty a user is allowed to have
- # before being quit or fakelagged due to flood. Normal commands have a penalty of 1,
- # ones such as /OPER have penalties up to 10.
- #
- # If you are not using fakelag, this should be at least 20 to avoid excess flood kills
- # from processing some commands.
- threshold="10"
-
- # commandrate: This specifies the maximum rate that commands can be processed.
- # If commands are sent more rapidly, the user's penalty will increase and they will
- # either be fakelagged or killed when they reach the threshold
- #
- # Units are millicommands per second, so 1000 means one line per second.
- commandrate="1000"
-
- # fakelag: Use fakelag instead of killing users for excessive flood
- #
- # Fake lag stops command processing for a user when a flood is detected rather than
- # immediately killing them; their commands are held in the recvq and processed later
- # as the user's command penalty drops. Note that if this is enabled, flooders will
- # quit with "RecvQ exceeded" rather than "Excess Flood".
- fakelag="on"
-
- # localmax: Maximum local connections per IP.
-
- localmax="200"
-
- # globalmax: Maximum global (network-wide) connections per IP.
-
- globalmax="200"
-
- # useident: Defines if users in this class must respond to a ident query or not.
- useident="no"
-
- # limit: How many users are allowed in this class
- limit="5000"
-
- # modes: Usermodes that are set on users in this block on connect.
- # Enabling this option requires that the m_conn_umodes module be loaded.
- # This entry is highly recommended to use for/with IP Cloaking/masking.
- # For the example to work, this also requires that the m_cloaking
- # module be loaded as well.
- modes="+x">
-
-
-#-#-#-#-#-#-#-#-#-#-#-#- CIDR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-
-# #
-# CIDR configuration allows detection of clones and applying of #
-# throttle limits across a CIDR range. (A CIDR range is a group of #
-# IPs, for example, the CIDR range 192.168.1.0-192.168.1.255 may be #
-# represented as 192.168.1.0/24). This means that abuse across an ISP #
-# is detected and curtailed much easier. Here is a good chart that #
-# shows how many IPs the different CIDRs correspond to: #
-# http://en.wikipedia.org/wiki/CIDR#Prefix_aggregation #
-# #
-
-<cidr
- # ipv4clone: specifies how many bits of an IP address should be
- # looked at for clones. The default only looks for clones on a
- # single IP address of a user. You do not want to set this
- # extremely low. (Values are 0-32).
- ipv4clone="32"
-
- # ipv6clone: specifies how many bits of an IP address should be
- # looked at for clones. The default only looks for clones on a
- # single IP address of a user. You do not want to set this
- # extremely low. (Values are 0-128).
- ipv6clone="128">
-
-<channels
- # users: Maximum number of channels a user can be in at once.
- users="20"
-
- # opers: Maximum number of channels an oper can be in at once.
- opers="60">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# DNS SERVER -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# If these values are not defined, InspIRCd uses the default DNS resolver
-# of your system.
-
-<dns
- # server: DNS server to use to attempt to resolve IP's to hostnames.
- # in most cases, you won't need to change this, as inspircd will
- # automatically detect the nameserver depending on /etc/resolv.conf
- # (or, on Windows, your set nameservers in the registry.)
- # Note that this must be an IP address and not a hostname, because
- # there is no resolver to resolve the name until this is defined!
- #
- # server="127.0.0.1"
-
- # timeout: seconds to wait to try to resolve DNS/hostname.
- timeout="5">
-
-# An example of using an IPv6 nameserver
-#<dns server="::1" timeout="5">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# PID FILE -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# Define the path to the PID file here. The PID file can be used to #
-# rehash the ircd from the shell or to terminate the ircd from the #
-# shell using shell scripts, perl scripts, etc... and to monitor the #
-# ircd's state via cron jobs. If this is a relative path, it will be #
-# relative to the configuration directory, and if it is not defined, #
-# the default of 'inspircd.pid' is used. #
-# #
-
-#<pid file="/path/to/inspircd.pid">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#- BANLIST LIMITS #-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# Use these tags to customise the ban limits on a per channel basis. #
-# The tags are read from top to bottom, and any tag found which #
-# matches the channels name applies the banlimit to that channel. #
-# It is advisable to put an entry with the channel as '*' at the #
-# bottom of the list. If none are specified or no maxbans tag is #
-# matched, the banlist size defaults to 64 entries. #
-# #
-
-<banlist chan="#largechan" limit="128">
-<banlist chan="*" limit="69">
-
-#-#-#-#-#-#-#-#-#-#-#- DISABLED FEATURES -#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# This tag is optional, and specifies one or more features which are #
-# not available to non-operators. #
-# #
-# For example you may wish to disable NICK and prevent non-opers from #
-# changing their nicknames. #
-# Note that any disabled commands take effect only after the user has #
-# 'registered' (e.g. after the initial USER/NICK/PASS on connection) #
-# so for example disabling NICK will not cripple your network. #
-# #
-# You can also define if you want to disable any channelmodes #
-# or usermodes from your users. #
-# #
-# `fakenonexistant' will make the ircd pretend that nonexistant #
-# commands simply don't exist to non-opers ("no such command"). #
-# #
-#<disabled commands="TOPIC MODE" usermodes="" chanmodes="" fakenonexistant="yes">
-
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#- RTFM LINE -#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# Just remove this... Its here to make you read ALL of the config #
-# file options ;) #
-
-#<die value="You should probably edit your config *PROPERLY* and try again.">
-
-
-
-#-#-#-#-#-#-#-#-#-#-#-#-#- SERVER OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# Settings to define which features are usable on your server. #
-# #
-
-<options
- # prefixquit: What (if anything) users' quit messages
- # should be prefixed with.
- prefixquit="Quit: "
-
- # suffixquit: What (if anything) users' quit messages
- # should be suffixed with.
- suffixquit=""
-
- # prefixpart: What (if anything) users' part messages
- # should be prefixed with.
- prefixpart="&quot;"
- # NOTE: Use "\"" instead of "&quot;" if not using <config format="xml">
-
- # suffixpart: What (if anything) users' part message
- # should be suffixed with.
- suffixpart="&quot;"
-
- # fixedquit: Set all users' quit messages to this value.
- #fixedquit=""
-
- # fixedpart: Set all users' part messages in all channels
- # to this value.
- #fixedpart=""
-
- # syntaxhints: If enabled, if a user fails to send the correct parameters
- # for a command, the ircd will give back some help text of what
- # the correct parameters are.
- syntaxhints="no"
-
- # cyclehosts: If enabled, when a user gets a host set, it will cycle
- # them in all their channels. If not, it will simply change their host
- # without cycling them.
- cyclehosts="yes"
-
- # cyclehostsfromuser: If enabled, the source of the mode change for
- # cyclehosts will be the user who cycled. This can look nicer, but
- # triggers anti-takeover mechanisms of some obsolete bots.
- cyclehostsfromuser="no"
-
- # ircumsgprefix: Use undernet-style message prefixing for NOTICE and
- # PRIVMSG. If enabled, it will add users' prefix to the line, if not,
- # it will just message the user normally.
- ircumsgprefix="no"
-
- # announcets: If set to yes, when the timestamp on a channel changes, all users
- # in the channel will be sent a NOTICE about it.
- announcets="yes"
-
- # allowmismatch: Setting this option to yes will allow servers to link even
- # if they don't have the same "optionally common" modules loaded. Setting this to
- # yes may introduce some desyncs and unwanted behaviour.
- allowmismatch="no"
-
- # defaultbind: Sets the default for <bind> tags without an address. Choices are
- # ipv4 or ipv6; if not specified, IPv6 will be used if your system has support,
- # falling back to IPv4 otherwise.
- defaultbind="auto"
-
- # hostintopic: If enabled, channels will show the host of the topic setter
- # in the topic. If set to no, it will only show the nick of the topic setter.
- hostintopic="yes"
-
- # pingwarning: If a server does not respond to a ping within x seconds,
- # it will send a notice to opers with snomask +l informing that the server
- # is about to ping timeout.
- pingwarning="15"
-
- # serverpingfreq: How often pings are sent between servers (in seconds).
- serverpingfreq="60"
-
- # defaultmodes: What modes are set on a empty channel when a user
- # joins it and it is unregistered.
- defaultmodes="nt"
-
- # moronbanner: This is the text that is sent to a user when they are
- # banned from the server.
- moronbanner="You're banned! Email abuse@example.com with the ERROR line below for help."
-
- # exemptchanops: exemptions for channel access restrictions based on prefix.
- exemptchanops="nonick:v flood:o"
-
- # invitebypassmodes: This allows /invite to bypass other channel modes.
- # (Such as +k, +j, +l, etc.)
- invitebypassmodes="yes"
-
- # nosnoticestack: This prevents snotices from 'stacking' and giving you
- # the message saying '(last message repeated X times)'. Defaults to no.
- nosnoticestack="no"
-
- # welcomenotice: When turned on, this sends a NOTICE to connecting users
- # with the text Welcome to <networkname>! after successful registration.
- # Defaults to yes.
- welcomenotice="yes">
-
-
-#-#-#-#-#-#-#-#-#-#-#-# PERFORMANCE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#
-# #
-
-<performance
- # netbuffersize: Size of the buffer used to receive data from clients.
- # The ircd may only read this amount of text in 1 go at any time.
- netbuffersize="10240"
-
- # somaxconn: The maximum number of connections that may be waiting
- # in the accept queue. This is *NOT* the total maximum number of
- # connections per server. Some systems may only allow this to be up
- # to 5, while others (such as Linux and *BSD) default to 128.
- somaxconn="128"
-
- # limitsomaxconn: By default, somaxconn (see above) is limited to a
- # safe maximum value in the 2.0 branch for compatibility reasons.
- # This setting can be used to disable this limit, forcing InspIRCd
- # to use the value specified above.
- limitsomaxconn="true"
-
- # softlimit: This optional feature allows a defined softlimit for
- # connections. If defined, it sets a soft max connections value.
- softlimit="12800"
-
- # quietbursts: When syncing or splitting from a network, a server
- # can generate a lot of connect and quit messages to opers with
- # +C and +Q snomasks. Setting this to yes squelches those messages,
- # which makes it easier for opers, but degrades the functionality of
- # bots like BOPM during netsplits.
- quietbursts="yes"
-
- # nouserdns: If enabled, no DNS lookups will be performed on
- # connecting users. This can save a lot of resources on very busy servers.
- nouserdns="no">
-
-#-#-#-#-#-#-#-#-#-#-#-# SECURITY CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
-# #
-
-<security
-
- # announceinvites: This option controls which members of the channel
- # receive an announcement when someone is INVITEd. Available values:
- # 'none' - don't send invite announcements
- # 'all' - send invite announcements to all members
- # 'ops' - send invite announcements to ops and higher ranked users
- # 'dynamic' - send invite announcements to halfops (if available) and
- # higher ranked users. This is the recommended setting.
- announceinvites="dynamic"
-
- # hidemodes: If enabled, then the listmodes given will be hidden
- # from users below halfop. This is not recommended to be set on +b
- # as it may break some functionality in popular clients such as mIRC.
- hidemodes="eI"
-
- # hideulines: If this value is set to yes, U-lined servers will
- # be hidden from non-opers in /links and /map.
- hideulines="no"
-
- # flatlinks: If this value is set to yes, /map and /links will
- # be flattened when shown to non-opers.
- flatlinks="no"
-
- # hidewhois: When defined, the given text will be used in place
- # of the server a user is on when whoised by a non-oper. Most
- # networks will want to set this to something like "*.netname.net"
- # to conceal the actual server a user is on.
- # Note that enabling this will cause users' idle times to only be
- # shown when the format /WHOIS <nick> <nick> is used.
- hidewhois=""
-
- # hidebans: If this value is set to yes, when a user is banned ([gkz]lined)
- # only opers will see the ban message when the user is removed
- # from the server.
- hidebans="no"
-
- # hidekills: If defined, replaces who set a /kill with a custom string.
- hidekills=""
-
- # hideulinekills: Hide kills from clients of ulined servers from server notices.
- hideulinekills="yes"
-
- # hidesplits: If enabled, non-opers will not be able to see which
- # servers split in a netsplit, they will only be able to see that one
- # occurred (If their client has netsplit detection).
- hidesplits="no"
-
- # maxtargets: Maximum number of targets per command.
- # (Commands like /notice, /privmsg, /kick, etc)
- maxtargets="20"
-
- # customversion: Displays a custom string when a user /version's
- # the ircd. This may be set for security reasons or vanity reasons.
- customversion=""
-
- # operspywhois: show opers (users/auspex) the +s channels a user is in. Values:
- # splitmsg Split with an explanatory message
- # yes Split with no explanatory message
- # no Do not show
- operspywhois="no"
-
- # runasuser: If this is set, InspIRCd will attempt to switch
- # to run as this user, which allows binding of ports under 1024.
- # You should NOT set this unless you are starting as root.
- # NOT SUPPORTED/NEEDED UNDER WINDOWS.
- #runasuser=""
-
- # runasgroup: If this is set, InspIRCd will attempt to switch
- # to run as this group, which allows binding of ports under 1024.
- # You should NOT set this unless you are starting as root.
- # NOT SUPPORTED/NEEDED UNDER WINDOWS.
- #runasgroup=""
-
- # restrictbannedusers: If this is set to yes, InspIRCd will not allow users
- # banned on a channel to change nickname or message channels they are
- # banned on.
- restrictbannedusers="yes"
-
- # genericoper: Setting this value to yes makes all opers on this server
- # appear as 'is an IRC operator' in their WHOIS, regardless of their
- # oper type, however oper types are still used internally. This only
- # affects the display in WHOIS.
- genericoper="no"
-
- # userstats: /stats commands that users can run (opers can run all).
- userstats="Pu">
-
-<limits
- # maxnick: Maximum length of a nickname.
- maxnick="500"
-
- # maxchan: Maximum length of a channel name.
- maxchan="500"
-
- # maxmodes: Maximum number of mode changes per line.
- maxmodes="20"
-
- # maxident: Maximum length of a ident/username.
- maxident="500"
-
- # maxquit: Maximum length of a quit message.
- maxquit="255"
-
- # maxtopic: Maximum length of a channel topic.
- maxtopic="307"
-
- # maxkick: Maximum length of a kick message.
- maxkick="255"
-
- # maxgecos: Maximum length of a GECOS (realname).
- maxgecos="128"
-
- # maxaway: Maximum length of an away message.
- maxaway="200">
-
-<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="logs/ircd.log">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#- WHOWAS OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# This tag lets you define the behaviour of the /whowas command of #
-# your server. #
-# #
-
-<whowas
- # groupsize: Maximum entries per nick shown when performing
- # a /whowas nick.
- groupsize="10"
-
- # maxgroups: Maximum number of nickgroups that can be added to
- # the list so that /whowas does not use a lot of resources on
- # large networks.
- maxgroups="100000"
-
- # maxkeep: Maximum time a nick is kept in the whowas list
- # before being pruned. Time may be specified in seconds,
- # or in the following format: 1y2w3d4h5m6s. Minimum is
- # 1 hour.
- maxkeep="3d">
-
-<badnick
- # nick: Nick to disallow. Wildcards are supported.
- nick="ChanServ"
-
- # reason: Reason to display on /nick.
- reason="Reserved For Services">
-
-<badnick nick="NickServ" reason="Reserved For Services">
-<badnick nick="OperServ" reason="Reserved For Services">
-<badnick nick="MemoServ" reason="Reserved For Services">
-
-<badhost host="root@*" reason="Don't IRC as root!">
-
-<insane
- # hostmasks: Allow bans with insane hostmasks. (over-reaching bans)
- hostmasks="no"
-
- # ipmasks: Allow bans with insane ipmasks. (over-reaching bans)
- ipmasks="no"
-
- # nickmasks: Allow bans with insane nickmasks. (over-reaching bans)
- nickmasks="no"
-
- # trigger: What percentage of users on the network to trigger
- # specifying an insane ban as. The default is 95.5%, which means
- # if you have a 1000 user network, a ban will not be allowed if it
- # will be banning 955 or more users.
- trigger="95.5">
-'';
- };
-}
diff --git a/nix/modules/ircd.nix b/nix/modules/ircd.nix
deleted file mode 100644
index ee4eb75..0000000
--- a/nix/modules/ircd.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ lib, config, ... }:
-{
- services.ircdHybrid = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- extraIPs = [ "0.0.0.0" ];
- extraPort = "6697";
- adminEmail = "ret2pop@gmail.com";
- description = "NullRing IRC instance";
- serverName = "nullring.xyz";
- certificate = "/var/lib/acme/nullring.xyz/cert.pem";
- };
-}
diff --git a/nix/modules/kubo.nix b/nix/modules/kubo.nix
deleted file mode 100644
index c64295d..0000000
--- a/nix/modules/kubo.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ config, pkgs, lib, ... }:
-{
- services.kubo = {
- enable = lib.mkDefault config.monorepo.profiles.workstation.enable;
- autoMount = false;
- enableGC = true;
- settings = {
- Addresses.API = [
- "/ip4/127.0.0.1/tcp/5001"
- ];
- Bootstrap = [
- "/ip4/128.199.219.111/tcp/4001/ipfs/QmSoLSafTMBsPKadTEgaXctDQVcqN88CNLHXMkTNwMKPnu"
- "/ip4/162.243.248.213/tcp/4001/ipfs/QmSoLueR4xBeUbY9WZ9xGUUxunbKWcrNFTDAadQJmocnWm"
- ];
- Datastore = {
- StorageMax = "20GB";
- };
- };
- };
-}
diff --git a/nix/modules/maddy.nix b/nix/modules/maddy.nix
deleted file mode 100644
index 6cd2350..0000000
--- a/nix/modules/maddy.nix
+++ /dev/null
@@ -1,196 +0,0 @@
-{ lib, config, options, ... }:
-let
- emailServerName = "mail.${config.monorepo.vars.orgHost}";
- serverName = "list.${config.monorepo.vars.orgHost}";
- password_path = "mail_monorepo_password";
-in
-{
- sops.secrets = lib.mkIf config.services.maddy.enable {
- "${password_path}" = lib.mkIf config.services.maddy.enable {
- format = "yaml";
- owner = "maddy";
- };
- };
-
- services.maddy = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- openFirewall = true;
- hostname = "${config.monorepo.vars.orgHost}";
- primaryDomain = "mail.${config.monorepo.vars.orgHost}";
- localDomains = [
- "$(primary_domain)"
- "${config.monorepo.vars.orgHost}"
- ];
- tls = {
- loader = "file";
- certificates = [
- {
- keyPath = "/var/lib/acme/mail.${config.monorepo.vars.orgHost}/key.pem";
- certPath = "/var/lib/acme/mail.${config.monorepo.vars.orgHost}/fullchain.pem";
- }
- ];
- };
- config = builtins.replaceStrings [
- "imap tcp://0.0.0.0:143"
- "submission tcp://0.0.0.0:587"
- ] [
- "imap tls://0.0.0.0:993 tcp://0.0.0.0:143"
- "submission tls://0.0.0.0:465 tcp://0.0.0.0:587"
- ]
- options.services.maddy.config.default;
-
- ensureAccounts = (builtins.map (x: "${x}@${config.monorepo.vars.orgHost}") config.monorepo.vars.projects) ++ [
- "${config.monorepo.vars.internetName}@${config.monorepo.vars.orgHost}"
- "discussion@${config.monorepo.vars.orgHost}"
- ];
- ensureCredentials = lib.genAttrs config.services.maddy.ensureAccounts
- (name: {
- passwordFile = "/run/secrets/${password_path}";
- }) // {
- "${config.monorepo.vars.internetName}@${config.monorepo.vars.orgHost}" = {
- passwordFile = "/run/secrets/mail_password";
- };
- };
- };
-
- systemd.tmpfiles.rules = [
- "C+ /var/lib/public-inbox/style.css 0644 public-inbox public-inbox - ${../data/public-inbox.css}"
- ];
- systemd.services.public-inbox-httpd =
- if config.monorepo.profiles.server.enable then {
- preStart = ''
- # Copy or link the file.
- # Using 'cp' is often safer for sandboxed services than linking to the store. Lol.
- cp -f ${../data/public-inbox.css} /var/lib/public-inbox/style.css
- chmod 644 /var/lib/public-inbox/style.css
- '';
-
- serviceConfig = {
- # Allow the service to see the file it just created
- BindPaths = [
- "/var/lib/public-inbox"
- "${config.users.users.git.home}"
- ];
- ReadOnlyPaths = [ "/var/lib/public-inbox/style.css" ];
- # Ensure it can actually write to the directory during preStart
- ReadWritePaths = [ "/var/lib/public-inbox" ];
- };
- } else { };
-
- systemd.services.public-inbox-watch =
- if config.monorepo.profiles.server.enable then {
- after = [ "sops-nix.service" ];
- confinement.enable = lib.mkForce false;
- preStart = ''
- mkdir -p /var/lib/public-inbox/.tmp
- chmod 0700 /var/lib/public-inbox/.tmp
- ln -sfn ${config.sops.templates."public-inbox-netrc".path} /var/lib/public-inbox/.netrc
- '';
- environment = {
- PUBLIC_INBOX_FORCE_IPV4 = "1";
- NETRC = config.sops.templates."public-inbox-netrc".path;
- HOME = "/var/lib/public-inbox";
- TMPDIR = "/var/lib/public-inbox/.tmp";
- };
-
- serviceConfig = {
- RestrictSUIDSGID = lib.mkForce false;
- ReadWritePaths = [ "/var/lib/public-inbox" ];
- RestrictAddressFamilies = lib.mkForce [ "AF_UNIX" "AF_INET" "AF_INET6" ];
- PrivateNetwork = lib.mkForce false;
- SystemCallFilter = lib.mkForce [ ];
- RootDirectory = lib.mkForce "";
-
- CapabilityBoundingSet = lib.mkForce [ "~" ];
- UMask = lib.mkForce "0022";
- ProtectSystem = lib.mkForce false;
- };
- } else { };
-
- services.public-inbox = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- settings = {
- coderepo = lib.genAttrs config.monorepo.vars.projects (name: {
- dir = "${config.users.users.git.home}/${name}.git";
- # works even if no cgit server running here, this is just the default
- cgitUrl = "https://git.${config.monorepo.vars.orgHost}/${name}.git";
- });
- publicinbox.css = [ "/var/lib/public-inbox/style.css" ];
- publicinbox.wwwlisting = "all";
- };
- http = {
- enable = true;
- port = 9090;
- };
- inboxes = lib.genAttrs config.monorepo.vars.projects
- (name: {
- description = "discussion of the ${name} project.";
- address = [ "${name}@${config.monorepo.vars.orgHost}" ];
- inboxdir = "/var/lib/public-inbox/${name}";
- url = "https://list.${config.monorepo.vars.orgHost}/${name}";
- watch = [ "imaps://${name}${config.monorepo.vars.orgHost}@${emailServerName}/INBOX" ];
- coderepo = [ "${name}" ];
- }) // {
- "discussion" = {
- description = "Main Nullring Discussion Mailing List";
- address = [ "discussion@${config.monorepo.vars.orgHost}" ];
- inboxdir = "/var/lib/public-inbox/discuss";
- url = "https://${serverName}/discussion";
- watch = [ "imaps://discussion%40${config.monorepo.vars.orgHost}@${emailServerName}/INBOX" ];
- };
- };
- };
-
- networking.domains.baseDomains."${config.monorepo.vars.orgHost}" = lib.mkIf config.services.maddy.enable {
- mx.data = [
- {
- preference = 10;
- exchange = "${emailServerName}";
- }
- ];
- };
-
- networking.domains.subDomains = lib.mkIf config.services.maddy.enable {
- "${serverName}" = { };
- "${emailServerName}" = { };
- "_dmarc.${config.monorepo.vars.orgHost}" = {
- txt = {
- data = "v=DMARC1; p=none";
- };
- };
- "default._domainkey.${config.monorepo.vars.orgHost}" = {
- txt = {
- data = "v=DKIM1; k=rsa; p=${config.monorepo.vars.dkimKey}";
- };
- };
- };
-
- networking.firewall.allowedTCPPorts = lib.mkIf config.services.maddy.enable [
- 143
- 465
- 587
- 993
- ];
-
- services.nginx.virtualHosts."${serverName}" = lib.mkIf config.services.public-inbox.enable {
- forceSSL = true;
- enableACME = true;
- locations."/" = {
- proxyPass = "http://localhost:${toString config.services.public-inbox.http.port}";
- extraConfig = ''
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- '';
- };
- };
-
- services.nginx.virtualHosts."${emailServerName}" = lib.mkIf config.services.maddy.enable {
- serverName = "${emailServerName}";
- root = "/var/www/dummy";
- addSSL = true;
- enableACME = true;
- };
-
-}
diff --git a/nix/modules/matrix-appservice-irc.nix b/nix/modules/matrix-appservice-irc.nix
deleted file mode 100644
index 518cdde..0000000
--- a/nix/modules/matrix-appservice-irc.nix
+++ /dev/null
@@ -1,10 +0,0 @@
-{ lib, config, ... }:
-{
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- registrationUrl = "localhost";
-
- settings = {
- homeserver.url = "https://matrix.nullring.xyz";
- homserver.domain = "matrix.nullring.xyz";
- };
-}
diff --git a/nix/modules/matterbridge.nix b/nix/modules/matterbridge.nix
deleted file mode 100644
index 85a2295..0000000
--- a/nix/modules/matterbridge.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ lib, config, ... }:
-{
- services.matterbridge = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- configPath = "${config.sops.templates.matterbridge.path}";
- };
-}
diff --git a/nix/modules/mautrix.nix b/nix/modules/mautrix.nix
deleted file mode 100644
index abdb50d..0000000
--- a/nix/modules/mautrix.nix
+++ /dev/null
@@ -1,150 +0,0 @@
-{ lib, config, ... }:
-{
- services.mautrix-discord = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- environmentFile = "/run/secrets/mautrix_env";
- settings = {
- bridge = {
- animated_sticker = {
- args = {
- fps = 25;
- height = 320;
- width = 320;
- };
- target = "webp";
- };
- autojoin_thread_on_open = true;
- avatar_proxy_key = "generate";
- backfill = {
- forward_limits = {
- initial = {
- channel = 0;
- dm = 0;
- thread = 0;
- };
- max_guild_members = -1;
- missed = {
- channel = 0;
- dm = 0;
- thread = 0;
- };
- };
- };
- cache_media = "unencrypted";
- channel_name_template = "{{if or (eq .Type 3) (eq .Type 4)}}{{.Name}}{{else}}#{{.Name}}{{end}}";
- command_prefix = "!discord";
- custom_emoji_reactions = true;
- delete_guild_on_leave = true;
- delete_portal_on_channel_delete = false;
- delivery_receipts = false;
- direct_media = {
- allow_proxy = true;
- enabled = false;
- server_key = "generate";
- };
- displayname_template = "{{if .Webhook}}Webhook{{else}}{{or .GlobalName .Username}}{{if .Bot}} (bot){{end}}{{end}}";
- double_puppet_allow_discovery = true;
- double_puppet_server_map = { };
- embed_fields_as_tables = true;
- enable_webhook_avatars = true;
- encryption = {
- allow = false;
- allow_key_sharing = false;
- appservice = false;
- default = false;
- delete_keys = {
- delete_fully_used_on_decrypt = false;
- delete_on_device_delete = false;
- delete_outbound_on_ack = false;
- delete_outdated_inbound = false;
- delete_prev_on_new_session = false;
- dont_store_outbound = false;
- periodically_delete_expired = false;
- ratchet_on_decrypt = false;
- };
- msc4190 = false;
- plaintext_mentions = false;
- require = false;
- rotation = {
- disable_device_change_key_rotation = false;
- enable_custom = false;
- messages = 100;
- milliseconds = 604800000;
- };
- verification_levels = {
- receive = "unverified";
- send = "unverified";
- share = "cross-signed-tofu";
- };
- };
- federate_rooms = true;
- guild_name_template = "{{.Name}}";
- login_shared_secret_map = { };
- management_room_text = {
- additional_help = "";
- welcome = "Hello, I'm a Discord bridge bot.";
- welcome_connected = "Use `help` for help.";
- welcome_unconnected = "Use `help` for help or `login` to log in.";
- };
- message_error_notices = true;
- message_status_events = false;
- mute_channels_on_create = false;
- permissions = {
- "@${config.monorepo.vars.internetName}:matrix.${config.monorepo.vars.orgHost}" = "admin";
- "*" = "user";
- };
- portal_message_buffer = 128;
- prefix_webhook_messages = true;
- private_chat_portal_meta = "default";
- provisioning = {
- debug_endpoints = false;
- prefix = "/_matrix/provision";
- shared_secret = "generate";
- };
- public_address = null;
- resend_bridge_info = false;
- restricted_rooms = false;
- startup_private_channel_create_limit = 5;
- sync_direct_chat_list = false;
- use_discord_cdn_upload = true;
- username_template = "discord_{{.}}";
- };
-
- appservice = {
- address = "http://localhost:29334";
- hostname = "0.0.0.0";
- port = 29334;
- id = "discord";
- bot = {
- username = "discordbot";
- displayname = "Discord bridge bot";
- avatar = "mxc://maunium.net/nIdEykemnwdisvHbpxflpDlC";
- };
- ephemeral_events = true;
- async_transactions = false;
- database = {
- type = "sqlite3";
- uri = "file:${config.services.mautrix-discord.dataDir}/mautrix-discord.db?_txlock=immediate";
- max_open_conns = 20;
- max_idle_conns = 2;
- max_conn_idle_time = null;
- max_conn_lifetime = null;
- };
- as_token = "$MAUTRIX_DISCORD_APPSERVICE_AS_TOKEN";
- hs_token = "$MAUTRIX_DISCORD_APPSERVICE_HS_TOKEN";
- };
-
- dataDir = "/var/lib/mautrix-discord";
- homeserver = {
- async_media = false;
- message_send_checkpoint_endpoint = null;
- ping_interval_seconds = 0;
- software = "standard";
- status_endpoint = null;
- websocket = false;
- domain = "matrix.${config.monorepo.vars.orgHost}";
- address = "http://localhost:6167";
- };
- };
- };
-}
diff --git a/nix/modules/murmur.nix b/nix/modules/murmur.nix
deleted file mode 100644
index fcd4434..0000000
--- a/nix/modules/murmur.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ lib, config, ... }:
-{
- services.murmur = {
-# enable = lib.mkDefault config.monorepo.profiles.server.enable;
- enable = false;
- openFirewall = true;
- hostName = "0.0.0.0";
- welcometext = "Wecome to the Null Murmur instance!";
- registerName = "nullring";
- registerHostname = "${config.monorepo.vars.orgHost}";
- sslCert = "/var/lib/acme/${config.monorepo.vars.orgHost}/fullchain.pem";
- sslKey = "/var/lib/acme/${config.monorepo.vars.orgHost}/sslKey.pem";
- };
-}
diff --git a/nix/modules/nginx.nix b/nix/modules/nginx.nix
deleted file mode 100644
index f911fc1..0000000
--- a/nix/modules/nginx.nix
+++ /dev/null
@@ -1,54 +0,0 @@
-{ config, lib, ... }:
-{
- services.nginx = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- user = "nginx";
- recommendedGzipSettings = true;
- recommendedOptimisation = true;
- recommendedTlsSettings = true;
- recommendedProxySettings = false;
- virtualHosts = {
- "${config.monorepo.vars.remoteHost}" = {
- serverName = "${config.monorepo.vars.remoteHost}";
- serverAliases = [ "${config.monorepo.vars.internetName}.${config.monorepo.vars.orgHost}" ];
- root = "/var/www/${config.monorepo.vars.internetName}-website/";
- addSSL = true;
- enableACME = true;
- };
-
- # the port comes from ssh tunnelling
- "music.${config.monorepo.vars.remoteHost}" = lib.mkIf config.monorepo.profiles.server.enable {
- addSSL = true;
- enableACME = true;
- basicAuthFile = config.sops.secrets."mpd_password".path;
- locations."/" = {
- proxyPass = "http://localhost:8000";
- extraConfig = ''
- proxy_buffering off;
- proxy_http_version 1.1;
- proxy_set_header Connection "";
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_read_timeout 36000s;
- '';
- };
- };
-
- "${config.monorepo.vars.orgHost}" = {
- serverName = "${config.monorepo.vars.orgHost}";
- root = "/var/www/nullring/";
- addSSL = true;
- enableACME = true;
- };
- };
- };
-
- networking.firewall.allowedTCPPorts = lib.mkIf config.services.nginx.enable [ 80 443 ];
-
- networking.domains.subDomains = lib.mkIf config.services.nginx.enable {
- "${config.monorepo.vars.remoteHost}" = { };
- "${config.monorepo.vars.orgHost}" = { };
- "${config.monorepo.vars.internetName}.${config.monorepo.vars.orgHost}" = { };
- };
-}
diff --git a/nix/modules/ngircd.nix b/nix/modules/ngircd.nix
deleted file mode 100644
index 12c719e..0000000
--- a/nix/modules/ngircd.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{ lib, config, ... }:
-{
- services.ngircd = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- config = ''
- [Global]
- Name = ${config.monorepo.vars.orgHost}
- Info = NullRing IRC Instance
- Listen = ::,0.0.0.0
- MotdFile = /etc/motd.txt
- Network = NullRing
- Ports = 6667
- [Options]
- PAM = no
- [SSL]
- CertFile = /var/lib/acme/${config.monorepo.vars.orgHost}/fullchain.pem
- CipherList = HIGH:!aNULL:@STRENGTH:!SSLv3
- KeyFile = /var/lib/acme/${config.monorepo.vars.orgHost}/key.pem
- Ports = 6697
- '';
- };
-
- environment.etc."motd.txt" = {
- source = ../data/motd.txt;
- mode = "644";
- user = "ngircd";
- group = "ngircd";
- };
-
- networking.firewall.allowedTCPPorts =
- if (config.services.ngircd.enable == true) then [
- 6697
- 6667
- ] else [ ];
-}
diff --git a/nix/modules/ntfy-sh.nix b/nix/modules/ntfy-sh.nix
deleted file mode 100644
index 3cbab0e..0000000
--- a/nix/modules/ntfy-sh.nix
+++ /dev/null
@@ -1,79 +0,0 @@
-{ pkgs, lib, config, ... }:
-let
- serverName = "ntfy.${config.monorepo.vars.remoteHost}";
- port = 2586;
- ntfySecret = "ntfy";
-in
-{
- sops.secrets."${ntfySecret}" = lib.mkIf config.services.ntfy-sh.enable {
- format = "yaml";
- owner = "ntfy-sh";
- };
-
- services.ntfy-sh = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- settings = {
- base-url = "https://${serverName}";
- listen-http = "127.0.0.1:${toString port}";
- envrionmentFile = "/run/secrets/${ntfySecret}";
- auth-file = "/var/lib/ntfy-sh/user.db";
- auth-default-access = "deny-all";
- enable-login = true;
- };
- };
-
- services.nginx.enable = config.services.ntfy-sh.enable;
-
- systemd.services.ntfy-sh = lib.mkIf config.services.ntfy-sh.enable {
- serviceConfig = {
- EnvironmentFile = "/run/secrets/${ntfySecret}";
- };
- postStart = lib.mkForce ''
- # 1. Wait for the server to initialize the database
- echo "Waiting for ntfy auth database to appear..."
- TIMEOUT=30
- while [ ! -f /var/lib/ntfy-sh/user.db ]; do
- sleep 1
- TIMEOUT=$((TIMEOUT-1))
- if [ $TIMEOUT -le 0 ]; then
- echo "Timed out waiting for database creation!"
- exit 1
- fi
- done
-
- echo "Database found. Configuring admin user..."
-
- # 2. Define the username
- ADMIN_USER="ret2pop"
-
- # 3. Check if user exists, create if missing
- # We pipe the password twice because 'ntfy user add' asks for confirmation
- if ! ${pkgs.ntfy-sh}/bin/ntfy user list | grep -q "$ADMIN_USER"; then
- echo "Creating admin user $ADMIN_USER..."
- printf "$ADMIN_PASSWORD\n$ADMIN_PASSWORD" | \
- ${pkgs.ntfy-sh}/bin/ntfy user add --role=admin "$ADMIN_USER"
- echo "User created."
- else
- echo "Admin user already exists."
- fi
- '';
- };
-
- networking.domains.subDomains."${serverName}" = lib.mkIf config.services.ntfy-sh.enable { };
- services.nginx.virtualHosts."${serverName}" = lib.mkIf config.services.ntfy-sh.enable {
- serverName = "${serverName}";
- enableACME = true;
- forceSSL = true;
- locations."/" = {
- proxyPass = "http://127.0.0.1:${toString port}";
- proxyWebsockets = true;
- extraConfig = ''
- proxy_buffering off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- '';
- };
- };
-}
diff --git a/nix/modules/nvidia.nix b/nix/modules/nvidia.nix
deleted file mode 100644
index 5b05d28..0000000
--- a/nix/modules/nvidia.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
- hardware = {
- graphics.extraPackages = (if config.monorepo.profiles.cuda.enable
- then with pkgs; [
- libva-vdpau-driver
- libvdpau-va-gl
- nvidia-vaapi-driver
- ] else []);
-
- nvidia = {
- modesetting.enable = lib.mkDefault config.monorepo.profiles.cuda.enable;
- powerManagement = {
- enable = lib.mkDefault config.monorepo.profiles.cuda.enable;
- finegrained = false;
- };
- open = config.monorepo.profiles.cuda.enable;
- package = config.boot.kernelPackages.nvidiaPackages.stable;
- nvidiaSettings = false;
- };
- };
-}
diff --git a/nix/modules/ollama.nix b/nix/modules/ollama.nix
deleted file mode 100644
index a9144ae..0000000
--- a/nix/modules/ollama.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
- # services.open-webui.enable = lib.mkDefault (!config.monorepo.profiles.server.enable);
- services.ollama = {
- enable = lib.mkDefault config.monorepo.profiles.desktop.enable;
- package = if (config.monorepo.profiles.cuda.enable) then pkgs.ollama-cuda else pkgs.ollama-vulkan;
- loadModels =
- if (config.monorepo.profiles.cuda.enable) then [
- "qwen3:30b"
- "qwen3-coder:latest"
- "qwen2.5-coder:latest"
- "gemma3:12b-it-qat"
- ] else [
- "qwen3:0.6b"
- "qwen2.5-coder:0.5b"
- ];
- host = "0.0.0.0";
- openFirewall = true;
- };
-}
diff --git a/nix/modules/pantalaimon.nix b/nix/modules/pantalaimon.nix
deleted file mode 100644
index e82e50f..0000000
--- a/nix/modules/pantalaimon.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ lib, config, ... }:
-{
- services.pantalaimon-headless = {
- instances = {
- "nullring" = {
- ssl = true;
- homeserver = "https://matrix.nullring.xyz";
- listenAddress = "localhost";
- listenPort = 8009;
- };
- };
- };
-}
diff --git a/nix/modules/pipewire.nix b/nix/modules/pipewire.nix
deleted file mode 100644
index 0fc2d69..0000000
--- a/nix/modules/pipewire.nix
+++ /dev/null
@@ -1,42 +0,0 @@
-{ lib, config, ... }:
-{
- services.pipewire = {
- enable = lib.mkDefault config.monorepo.profiles.pipewire.enable;
- alsa = {
- enable = lib.mkDefault config.monorepo.profiles.pipewire.enable;
- support32Bit = true;
- };
- pulse.enable = lib.mkDefault config.monorepo.profiles.pipewire.enable;
- jack.enable = lib.mkDefault config.monorepo.profiles.pipewire.enable;
- wireplumber.enable = lib.mkDefault config.monorepo.profiles.pipewire.enable;
- extraConfig = {
- pipewire."92-low-latency" = {
- "context.properties" = {
- "default.clock.rate" = 48000;
- "default.clock.quantum" = 512;
- "default.clock.min-quantum" = 512;
- "default.clock.max-quantum" = 1024;
- };
- pipewire-pulse."92-low-latency" = {
- "context.properties" = [
- {
- name = "libpipewire-module-protocol-pulse";
- args = { };
- }
- ];
- "pulse.properties" = {
- "pulse.min.req" = "32/48000";
- "pulse.default.req" = "32/48000";
- "pulse.max.req" = "32/48000";
- "pulse.min.quantum" = "32/48000";
- "pulse.max.quantum" = "32/48000";
- };
- "stream.properties" = {
- "node.latency" = "32/48000";
- "resample.quality" = 1;
- };
- };
- };
- };
- };
-}
diff --git a/nix/modules/postfix.nix b/nix/modules/postfix.nix
deleted file mode 100644
index 35c9e21..0000000
--- a/nix/modules/postfix.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ config, lib, ... }:
-{
- services.postfix = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- config = {
- };
- };
-}
diff --git a/nix/modules/public_inbox.nix b/nix/modules/public_inbox.nix
deleted file mode 100644
index 3cd084b..0000000
--- a/nix/modules/public_inbox.nix
+++ /dev/null
@@ -1,86 +0,0 @@
-{ lib, config, ... }:
-{
- systemd.tmpfiles.rules = [
- "C+ /var/lib/public-inbox/style.css 0644 public-inbox public-inbox - ${../data/public-inbox.css}"
- ];
- systemd.services.public-inbox-httpd = if config.monorepo.profiles.server.enable then {
- preStart = ''
- # Copy or link the file.
- # Using 'cp' is often safer for sandboxed services than linking to the store. Lol.
- cp -f ${../data/public-inbox.css} /var/lib/public-inbox/style.css
- chmod 644 /var/lib/public-inbox/style.css
- '';
-
- serviceConfig = {
- # Allow the service to see the file it just created
- BindPaths = [
- "/var/lib/public-inbox"
- "${config.users.users.git.home}"
- ];
- ReadOnlyPaths = [ "/var/lib/public-inbox/style.css" ];
- # Ensure it can actually write to the directory during preStart
- ReadWritePaths = [ "/var/lib/public-inbox" ];
- };
- } else {};
-
- systemd.services.public-inbox-watch = if config.monorepo.profiles.server.enable then {
- after = [ "sops-nix.service" ];
- confinement.enable = lib.mkForce false;
- preStart = ''
- mkdir -p /var/lib/public-inbox/.tmp
- chmod 0700 /var/lib/public-inbox/.tmp
- ln -sfn ${config.sops.templates."public-inbox-netrc".path} /var/lib/public-inbox/.netrc
- '';
- environment = {
- PUBLIC_INBOX_FORCE_IPV4 = "1";
- NETRC = config.sops.templates."public-inbox-netrc".path;
- HOME = "/var/lib/public-inbox";
- TMPDIR = "/var/lib/public-inbox/.tmp";
- };
-
- serviceConfig = {
- RestrictSUIDSGID = lib.mkForce false;
- ReadWritePaths = [ "/var/lib/public-inbox" ];
- RestrictAddressFamilies = lib.mkForce [ "AF_UNIX" "AF_INET" "AF_INET6" ];
- PrivateNetwork = lib.mkForce false;
- SystemCallFilter = lib.mkForce [];
- RootDirectory = lib.mkForce "";
-
- CapabilityBoundingSet = lib.mkForce [ "~" ];
- UMask = lib.mkForce "0022";
- ProtectSystem = lib.mkForce false;
- };
- } else {};
-
- services.public-inbox = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- settings = {
- coderepo = lib.genAttrs config.monorepo.vars.projects (name: {
- dir = "${config.users.users.git.home}/${name}.git";
- cgitUrl = "https://git.${config.monorepo.vars.orgHost}/${name}.git";
- });
- publicinbox.css = ["/var/lib/public-inbox/style.css"];
- publicinbox.wwwlisting = "all";
- };
- http = {
- enable = true;
- port = 9090;
- };
- inboxes = lib.genAttrs config.monorepo.vars.projects (name: {
- description = "discussion of the ${name} project.";
- address = [ "${name}@${config.monorepo.vars.orgHost}" ];
- inboxdir = "/var/lib/public-inbox/${name}";
- url = "https://list.${config.monorepo.vars.orgHost}/${name}";
- watch = [ "imaps://${name}${config.monorepo.vars.orgHost}@mail.${config.monorepo.vars.orgHost}/INBOX" ];
- coderepo = [ "${name}" ];
- }) // {
- "discussion" = {
- description = "Main Nullring Discussion Mailing List";
- address = [ "discussion@${config.monorepo.vars.orgHost}" ];
- inboxdir = "/var/lib/public-inbox/discuss";
- url = "https://list.${config.monorepo.vars.orgHost}/discussion";
- watch = [ "imaps://discussion%40${config.monorepo.vars.orgHost}@mail.${config.monorepo.vars.orgHost}/INBOX" ];
- };
- };
- };
-}
diff --git a/nix/modules/secrets.nix b/nix/modules/secrets.nix
deleted file mode 100644
index dc0a7c3..0000000
--- a/nix/modules/secrets.nix
+++ /dev/null
@@ -1,118 +0,0 @@
-{ config, ... }:
-{
- sops = {
- defaultSopsFile =
- if config.monorepo.profiles.server.enable
- then ../secrets/vps_secrets.yaml
- else ../secrets/secrets.yaml;
-
-
- templates =
- if config.monorepo.profiles.server.enable then {
- "public-inbox-netrc" = {
- owner = "public-inbox";
- group = "public-inbox";
- mode = "0400";
- content = (builtins.concatStringsSep "\n" (builtins.map (x: "machine mail.${config.monorepo.vars.orgHost} login ${x}@${config.monorepo.vars.orgHost} password ${config.sops.placeholder."mail_monorepo_password_pi"}") config.monorepo.vars.projects)) + ''
- machine mail.${config.monorepo.vars.orgHost} login discussion@${config.monorepo.vars.orgHost} password ${config.sops.placeholder."mail_monorepo_password_pi"}'';
- };
- "matterbridge" = {
- owner = "matterbridge";
- content = ''
- [irc.myirc]
- Server="127.0.0.1:6667"
- Nick="bridge"
- RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
- UseTLS=false
-
- [telegram.mytelegram]
- Token="${config.sops.placeholder.telegram_token}"
- RemoteNickFormat="<({PROTOCOL}){NICK}> "
- MessageFormat="HTMLNick :"
- QuoteFormat="{MESSAGE} (re @{QUOTENICK}: {QUOTEMESSAGE})"
- QuoteLengthLimit=46
- IgnoreMessages="^/"
-
- [discord.mydiscord]
- Token="${config.sops.placeholder.discord_token}"
- Server="Null Identity"
- AutoWebHooks=true
- RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
- PreserveThreading=true
-
- [[gateway]]
- name="gateway1"
- enable=true
-
- [[gateway.inout]]
- account="irc.myirc"
- channel="#nullring"
-
- [[gateway.inout]]
- account="discord.mydiscord"
- channel="ID:996282946879242262"
-
- [[gateway.inout]]
- account="telegram.mytelegram"
- channel="-5290629325"
- '';
- };
- } else { };
-
- age = {
- keyFile = "/home/${config.monorepo.vars.userName}/.config/sops/age/keys.txt";
- };
-
- secrets =
- if config.monorepo.profiles.desktop.enable then {
- mail = {
- format = "yaml";
- };
- cloudflare-dns = {
- format = "yaml";
- };
- digikey = {
- format = "yaml";
- };
- dn42 = {
- format = "yaml";
- };
- } else {
- znc = {
- format = "yaml";
- };
- znc_password_salt = {
- format = "yaml";
- };
- znc_password_hash = {
- format = "yaml";
- };
- matrix_bridge = {
- format = "yaml";
- };
- mail_password = {
- format = "yaml";
- owner = "maddy";
- };
-
- mail_monorepo_password_pi = {
- format = "yaml";
- owner = "public-inbox";
- };
-
- mautrix_env = {
- format = "yaml";
- };
- telegram_token = {
- format = "yaml";
- };
- discord_token = {
- format = "yaml";
- };
- mpd_password = {
- format = "yaml";
- owner = "nginx";
- };
- };
- };
-}
diff --git a/nix/modules/ssh.nix b/nix/modules/ssh.nix
deleted file mode 100644
index c816f1c..0000000
--- a/nix/modules/ssh.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ config, lib, ... }:
-{
- services.openssh = {
- enable = true;
- settings = {
- PasswordAuthentication = false;
- AllowUsers = [ config.monorepo.vars.userName "git" ];
- PermitRootLogin = "no";
- KbdInteractiveAuthentication = false;
- };
- };
- networking.firewall.allowedTCPPorts = lib.mkIf config.services.openssh.enable [ 22 ];
-}
diff --git a/nix/modules/tor.nix b/nix/modules/tor.nix
deleted file mode 100644
index 73cb4b2..0000000
--- a/nix/modules/tor.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ config, lib, ... }:
-{
- services.tor = {
- enable = lib.mkDefault config.monorepo.profiles.tor.enable;
- openFirewall = true;
- client = {
- enable = lib.mkDefault config.monorepo.profiles.tor.enable;
- socksListenAddress = {
- IsolateDestAddr = true;
- addr = "127.0.0.1";
- port = 9050;
- };
- dns.enable = true;
- };
- torsocks = {
- enable = lib.mkDefault config.monorepo.profiles.tor.enable;
- server = "127.0.0.1:9050";
- };
- };
-}
diff --git a/nix/modules/vars.nix b/nix/modules/vars.nix
deleted file mode 100644
index 062a17a..0000000
--- a/nix/modules/vars.nix
+++ /dev/null
@@ -1,131 +0,0 @@
-{ lib, ... }:
-let
- vars = import ../flakevars.nix;
-in
-{
- options.monorepo.vars = {
- device = lib.mkOption {
- type = lib.types.str;
- default = "/dev/sda";
- example = "/dev/nvme0n1";
- description = "device that NixOS is installed to";
- };
-
- internetName = lib.mkOption {
- type = lib.types.str;
- default = "${vars.internetName}";
- example = "myinternetname";
- description = "Internet name to be used for internet usernames";
- };
-
- sshKey = lib.mkOption {
- type = lib.types.str;
- default = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICts6+MQiMwpA+DfFQxjIN214Jn0pCw/2BDvOzPhR/H2 preston@continuity-dell";
- example = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICts6+MQiMwpA+DfFQxjIN214Jn0pCw/2BDvOzPhR/H2 preston@continuity-dell";
- description = "Admin public key for managing multiple configurations";
- };
-
- dkimKey = lib.mkOption {
- type = lib.types.str;
- default = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC9GpfjvQlldPrHAC7Yt+ZF0aduUIVV4j2+KUkF0j6NsrpOgvU6COWKQSod/B/qyPBLWf+w5P5YiJ9XnOgw6Db/I9C67eusEHnV/cbvokXLQjSBvXee1OEdrT9i+6iUgDeGWP4CrD1DcwvXzAcCI9exy3yALHVlbkyYvi0KAYofs8dVQ3JCwSCMlol71lA6ULJ2zbCIWeSOv9/C6QZ5HOIeeoFLesX6O/YvF4FYxWbSHy244TXYuczQKuayjKgD6e8gIT5WJRQj8IAWOQ2podWw6hSuB3Ig+ekoOfnl5ivJGOMbAzFTj8FtbS4ncyidLU1kIOeuLfiILeDDLlIeYTwIDAQAB";
- example = "string_after_p=";
- description = "dkim key to put in host record for email";
- };
-
- repoName = lib.mkOption {
- type = lib.types.str;
- default = "monorepo";
- example = "myreponame";
- description = "Name of this repository";
- };
-
- projects = lib.mkOption {
- type = lib.types.listOf lib.types.str;
- default = [
- "monorepo"
- "nullerbot"
- ];
- example = [
- "project1"
- "project2"
- "project3"
- ];
- description = "Names of repos that will have mailing lists";
- };
-
- fileSystem = lib.mkOption {
- type = lib.types.str;
- default = "ext4";
- example = "btrfs";
- description = "filesystem to install with disko";
- };
-
- diskoSpec = lib.mkOption {
- type = lib.types.attrs;
- description = "retains a copy of the disko spec for reflection";
- };
-
- fullName = lib.mkOption {
- type = lib.types.str;
- default = "Preston Pan";
- example = "John Doe";
- description = "Full Name";
- };
-
- userName = lib.mkOption {
- type = lib.types.str;
- default = "preston";
- example = "myUser";
- description = "system username";
- };
-
- gpgKey = lib.mkOption {
- type = lib.types.str;
- default = "AEC273BF75B6F54D81343A1AC1FE6CED393AE6C1";
- example = "1234567890ABCDEF...";
- description = "GPG key fingerprint";
- };
-
- remoteHost = lib.mkOption {
- type = lib.types.str;
- default = "${vars.remoteHost}";
- example = "example.com";
- description = "Address to push to and pull from for website and git repos";
- };
-
- orgHost = lib.mkOption {
- type = lib.types.str;
- default = "${vars.orgHost}";
- example = "orgname.org";
- description = "Domain name of your organization, points to same VPS as remoteHost";
- };
-
- email = lib.mkOption {
- type = lib.types.str;
- default = "${vars.internetName}@${vars.orgHost}";
- example = "example@example.org";
- description = "Admin email address";
- };
-
- timeZone = lib.mkOption {
- type = lib.types.str;
- default = "America/Vancouver";
- example = "America/Chicago";
- description = "Linux timezone";
- };
-
- monitors = lib.mkOption {
- type = lib.types.listOf lib.types.str;
- default = [
- "HDMI-A-1"
- "eDP-1"
- "DP-2"
- "DP-3"
- "DP-4"
- "LVDS-1"
- ];
- example = [];
- description = "Monitors that waybar will use";
- };
- };
-}
diff --git a/nix/modules/xserver.nix b/nix/modules/xserver.nix
deleted file mode 100644
index e3e0d9d..0000000
--- a/nix/modules/xserver.nix
+++ /dev/null
@@ -1,27 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- services.xserver = {
- enable = (! config.monorepo.profiles.ttyonly.enable);
- displayManager = {
- startx.enable = (! config.monorepo.profiles.ttyonly.enable);
- };
-
- # windowManager = {
- # i3 = {
- # enable = (! config.monorepo.profiles.ttyonly.enable);
- # };
- # };
-
- desktopManager = {
- runXdgAutostartIfNone = true;
- };
-
- # xkb = {
- # layout = "us";
- # variant = "";
- # options = "caps:escape";
- # };
-
- videoDrivers = (if config.monorepo.profiles.cuda.enable then [ "nvidia" ] else [ ]);
- };
-}
diff --git a/nix/modules/znc.nix b/nix/modules/znc.nix
deleted file mode 100644
index c9f9b51..0000000
--- a/nix/modules/znc.nix
+++ /dev/null
@@ -1,37 +0,0 @@
-{ lib, config, ... }:
-{
- services.znc = {
- enable = lib.mkDefault config.monorepo.profiles.server.enable;
- openFirewall = true;
- confOptions = {
- useSSL = true;
- passBlock = ''
-<Pass password>
- Method = sha256
- Hash = d4abdd69aa24de69693885c5bd83a4a0e9ee989e1a69a905041b0dad9abc06ea
- Salt = sDY,?H5AxC-!gH3a.:)D
-</Pass>
-'';
- modules = [
- "partyline"
- "webadmin"
- "adminlog"
- "log"
- ];
- networks = {
- "libera" = {
- server = "irc.libera.chat";
- port = 6697;
- useSSL = true;
- modules = [ "simple_away" ];
- };
- "nullring" = {
- server = "${config.monorepo.vars.orgHost}";
- port = 6697;
- useSSL = true;
- modules = [ "simple_away" "log" ];
- };
- };
- };
- };
-}
diff --git a/nix/poetry.lock b/nix/poetry.lock
deleted file mode 100644
index c99deac..0000000
--- a/nix/poetry.lock
+++ /dev/null
@@ -1,363 +0,0 @@
-# This file is automatically @generated by Poetry 1.8.4 and should not be changed by hand.
-
-[[package]]
-name = "certifi"
-version = "2025.1.31"
-description = "Python package for providing Mozilla's CA Bundle."
-optional = false
-python-versions = ">=3.6"
-files = [
- {file = "certifi-2025.1.31-py3-none-any.whl", hash = "sha256:ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe"},
- {file = "certifi-2025.1.31.tar.gz", hash = "sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651"},
-]
-
-[[package]]
-name = "charset-normalizer"
-version = "3.4.1"
-description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet."
-optional = false
-python-versions = ">=3.7"
-files = [
- {file = "charset_normalizer-3.4.1-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:91b36a978b5ae0ee86c394f5a54d6ef44db1de0815eb43de826d41d21e4af3de"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:7461baadb4dc00fd9e0acbe254e3d7d2112e7f92ced2adc96e54ef6501c5f176"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:e218488cd232553829be0664c2292d3af2eeeb94b32bea483cf79ac6a694e037"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:80ed5e856eb7f30115aaf94e4a08114ccc8813e6ed1b5efa74f9f82e8509858f"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b010a7a4fd316c3c484d482922d13044979e78d1861f0e0650423144c616a46a"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:4532bff1b8421fd0a320463030c7520f56a79c9024a4e88f01c537316019005a"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:d973f03c0cb71c5ed99037b870f2be986c3c05e63622c017ea9816881d2dd247"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:3a3bd0dcd373514dcec91c411ddb9632c0d7d92aed7093b8c3bbb6d69ca74408"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:d9c3cdf5390dcd29aa8056d13e8e99526cda0305acc038b96b30352aff5ff2bb"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_s390x.whl", hash = "sha256:2bdfe3ac2e1bbe5b59a1a63721eb3b95fc9b6817ae4a46debbb4e11f6232428d"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:eab677309cdb30d047996b36d34caeda1dc91149e4fdca0b1a039b3f79d9a807"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-win32.whl", hash = "sha256:c0429126cf75e16c4f0ad00ee0eae4242dc652290f940152ca8c75c3a4b6ee8f"},
- {file = "charset_normalizer-3.4.1-cp310-cp310-win_amd64.whl", hash = "sha256:9f0b8b1c6d84c8034a44893aba5e767bf9c7a211e313a9605d9c617d7083829f"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:8bfa33f4f2672964266e940dd22a195989ba31669bd84629f05fab3ef4e2d125"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:28bf57629c75e810b6ae989f03c0828d64d6b26a5e205535585f96093e405ed1"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:f08ff5e948271dc7e18a35641d2f11a4cd8dfd5634f55228b691e62b37125eb3"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:234ac59ea147c59ee4da87a0c0f098e9c8d169f4dc2a159ef720f1a61bbe27cd"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fd4ec41f914fa74ad1b8304bbc634b3de73d2a0889bd32076342a573e0779e00"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:eea6ee1db730b3483adf394ea72f808b6e18cf3cb6454b4d86e04fa8c4327a12"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:c96836c97b1238e9c9e3fe90844c947d5afbf4f4c92762679acfe19927d81d77"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:4d86f7aff21ee58f26dcf5ae81a9addbd914115cdebcbb2217e4f0ed8982e146"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:09b5e6733cbd160dcc09589227187e242a30a49ca5cefa5a7edd3f9d19ed53fd"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_s390x.whl", hash = "sha256:5777ee0881f9499ed0f71cc82cf873d9a0ca8af166dfa0af8ec4e675b7df48e6"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:237bdbe6159cff53b4f24f397d43c6336c6b0b42affbe857970cefbb620911c8"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-win32.whl", hash = "sha256:8417cb1f36cc0bc7eaba8ccb0e04d55f0ee52df06df3ad55259b9a323555fc8b"},
- {file = "charset_normalizer-3.4.1-cp311-cp311-win_amd64.whl", hash = "sha256:d7f50a1f8c450f3925cb367d011448c39239bb3eb4117c36a6d354794de4ce76"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:73d94b58ec7fecbc7366247d3b0b10a21681004153238750bb67bd9012414545"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:dad3e487649f498dd991eeb901125411559b22e8d7ab25d3aeb1af367df5efd7"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c30197aa96e8eed02200a83fba2657b4c3acd0f0aa4bdc9f6c1af8e8962e0757"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2369eea1ee4a7610a860d88f268eb39b95cb588acd7235e02fd5a5601773d4fa"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bc2722592d8998c870fa4e290c2eec2c1569b87fe58618e67d38b4665dfa680d"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ffc9202a29ab3920fa812879e95a9e78b2465fd10be7fcbd042899695d75e616"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:804a4d582ba6e5b747c625bf1255e6b1507465494a40a2130978bda7b932c90b"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:0f55e69f030f7163dffe9fd0752b32f070566451afe180f99dbeeb81f511ad8d"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:c4c3e6da02df6fa1410a7680bd3f63d4f710232d3139089536310d027950696a"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:5df196eb874dae23dcfb968c83d4f8fdccb333330fe1fc278ac5ceeb101003a9"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:e358e64305fe12299a08e08978f51fc21fac060dcfcddd95453eabe5b93ed0e1"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-win32.whl", hash = "sha256:9b23ca7ef998bc739bf6ffc077c2116917eabcc901f88da1b9856b210ef63f35"},
- {file = "charset_normalizer-3.4.1-cp312-cp312-win_amd64.whl", hash = "sha256:6ff8a4a60c227ad87030d76e99cd1698345d4491638dfa6673027c48b3cd395f"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:aabfa34badd18f1da5ec1bc2715cadc8dca465868a4e73a0173466b688f29dda"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:22e14b5d70560b8dd51ec22863f370d1e595ac3d024cb8ad7d308b4cd95f8313"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:8436c508b408b82d87dc5f62496973a1805cd46727c34440b0d29d8a2f50a6c9"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2d074908e1aecee37a7635990b2c6d504cd4766c7bc9fc86d63f9c09af3fa11b"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:955f8851919303c92343d2f66165294848d57e9bba6cf6e3625485a70a038d11"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:44ecbf16649486d4aebafeaa7ec4c9fed8b88101f4dd612dcaf65d5e815f837f"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:0924e81d3d5e70f8126529951dac65c1010cdf117bb75eb02dd12339b57749dd"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:2967f74ad52c3b98de4c3b32e1a44e32975e008a9cd2a8cc8966d6a5218c5cb2"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:c75cb2a3e389853835e84a2d8fb2b81a10645b503eca9bcb98df6b5a43eb8886"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:09b26ae6b1abf0d27570633b2b078a2a20419c99d66fb2823173d73f188ce601"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:fa88b843d6e211393a37219e6a1c1df99d35e8fd90446f1118f4216e307e48cd"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-win32.whl", hash = "sha256:eb8178fe3dba6450a3e024e95ac49ed3400e506fd4e9e5c32d30adda88cbd407"},
- {file = "charset_normalizer-3.4.1-cp313-cp313-win_amd64.whl", hash = "sha256:b1ac5992a838106edb89654e0aebfc24f5848ae2547d22c2c3f66454daa11971"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f30bf9fd9be89ecb2360c7d94a711f00c09b976258846efe40db3d05828e8089"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:97f68b8d6831127e4787ad15e6757232e14e12060bec17091b85eb1486b91d8d"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7974a0b5ecd505609e3b19742b60cee7aa2aa2fb3151bc917e6e2646d7667dcf"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fc54db6c8593ef7d4b2a331b58653356cf04f67c960f584edb7c3d8c97e8f39e"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:311f30128d7d333eebd7896965bfcfbd0065f1716ec92bd5638d7748eb6f936a"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_aarch64.whl", hash = "sha256:7d053096f67cd1241601111b698f5cad775f97ab25d81567d3f59219b5f1adbd"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_i686.whl", hash = "sha256:807f52c1f798eef6cf26beb819eeb8819b1622ddfeef9d0977a8502d4db6d534"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_ppc64le.whl", hash = "sha256:dccbe65bd2f7f7ec22c4ff99ed56faa1e9f785482b9bbd7c717e26fd723a1d1e"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_s390x.whl", hash = "sha256:2fb9bd477fdea8684f78791a6de97a953c51831ee2981f8e4f583ff3b9d9687e"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_x86_64.whl", hash = "sha256:01732659ba9b5b873fc117534143e4feefecf3b2078b0a6a2e925271bb6f4cfa"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-win32.whl", hash = "sha256:7a4f97a081603d2050bfaffdefa5b02a9ec823f8348a572e39032caa8404a487"},
- {file = "charset_normalizer-3.4.1-cp37-cp37m-win_amd64.whl", hash = "sha256:7b1bef6280950ee6c177b326508f86cad7ad4dff12454483b51d8b7d673a2c5d"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:ecddf25bee22fe4fe3737a399d0d177d72bc22be6913acfab364b40bce1ba83c"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8c60ca7339acd497a55b0ea5d506b2a2612afb2826560416f6894e8b5770d4a9"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b7b2d86dd06bfc2ade3312a83a5c364c7ec2e3498f8734282c6c3d4b07b346b8"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:dd78cfcda14a1ef52584dbb008f7ac81c1328c0f58184bf9a84c49c605002da6"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6e27f48bcd0957c6d4cb9d6fa6b61d192d0b13d5ef563e5f2ae35feafc0d179c"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:01ad647cdd609225c5350561d084b42ddf732f4eeefe6e678765636791e78b9a"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:619a609aa74ae43d90ed2e89bdd784765de0a25ca761b93e196d938b8fd1dbbd"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:89149166622f4db9b4b6a449256291dc87a99ee53151c74cbd82a53c8c2f6ccd"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_ppc64le.whl", hash = "sha256:7709f51f5f7c853f0fb938bcd3bc59cdfdc5203635ffd18bf354f6967ea0f824"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_s390x.whl", hash = "sha256:345b0426edd4e18138d6528aed636de7a9ed169b4aaf9d61a8c19e39d26838ca"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:0907f11d019260cdc3f94fbdb23ff9125f6b5d1039b76003b5b0ac9d6a6c9d5b"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-win32.whl", hash = "sha256:ea0d8d539afa5eb2728aa1932a988a9a7af94f18582ffae4bc10b3fbdad0626e"},
- {file = "charset_normalizer-3.4.1-cp38-cp38-win_amd64.whl", hash = "sha256:329ce159e82018d646c7ac45b01a430369d526569ec08516081727a20e9e4af4"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:b97e690a2118911e39b4042088092771b4ae3fc3aa86518f84b8cf6888dbdb41"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:78baa6d91634dfb69ec52a463534bc0df05dbd546209b79a3880a34487f4b84f"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1a2bc9f351a75ef49d664206d51f8e5ede9da246602dc2d2726837620ea034b2"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:75832c08354f595c760a804588b9357d34ec00ba1c940c15e31e96d902093770"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0af291f4fe114be0280cdd29d533696a77b5b49cfde5467176ecab32353395c4"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0167ddc8ab6508fe81860a57dd472b2ef4060e8d378f0cc555707126830f2537"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:2a75d49014d118e4198bcee5ee0a6f25856b29b12dbf7cd012791f8a6cc5c496"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:363e2f92b0f0174b2f8238240a1a30142e3db7b957a5dd5689b0e75fb717cc78"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_ppc64le.whl", hash = "sha256:ab36c8eb7e454e34e60eb55ca5d241a5d18b2c6244f6827a30e451c42410b5f7"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_s390x.whl", hash = "sha256:4c0907b1928a36d5a998d72d64d8eaa7244989f7aaaf947500d3a800c83a3fd6"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:04432ad9479fa40ec0f387795ddad4437a2b50417c69fa275e212933519ff294"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-win32.whl", hash = "sha256:3bed14e9c89dcb10e8f3a29f9ccac4955aebe93c71ae803af79265c9ca5644c5"},
- {file = "charset_normalizer-3.4.1-cp39-cp39-win_amd64.whl", hash = "sha256:49402233c892a461407c512a19435d1ce275543138294f7ef013f0b63d5d3765"},
- {file = "charset_normalizer-3.4.1-py3-none-any.whl", hash = "sha256:d98b1668f06378c6dbefec3b92299716b931cd4e6061f3c875a71ced1780ab85"},
- {file = "charset_normalizer-3.4.1.tar.gz", hash = "sha256:44251f18cd68a75b56585dd00dae26183e102cd5e0f9f1466e6df5da2ed64ea3"},
-]
-
-[[package]]
-name = "dnspython"
-version = "2.7.0"
-description = "DNS toolkit"
-optional = false
-python-versions = ">=3.9"
-files = [
- {file = "dnspython-2.7.0-py3-none-any.whl", hash = "sha256:b4c34b7d10b51bcc3a5071e7b8dee77939f1e878477eeecc965e9835f63c6c86"},
- {file = "dnspython-2.7.0.tar.gz", hash = "sha256:ce9c432eda0dc91cf618a5cedf1a4e142651196bbcd2c80e89ed5a907e5cfaf1"},
-]
-
-[package.extras]
-dev = ["black (>=23.1.0)", "coverage (>=7.0)", "flake8 (>=7)", "hypercorn (>=0.16.0)", "mypy (>=1.8)", "pylint (>=3)", "pytest (>=7.4)", "pytest-cov (>=4.1.0)", "quart-trio (>=0.11.0)", "sphinx (>=7.2.0)", "sphinx-rtd-theme (>=2.0.0)", "twine (>=4.0.0)", "wheel (>=0.42.0)"]
-dnssec = ["cryptography (>=43)"]
-doh = ["h2 (>=4.1.0)", "httpcore (>=1.0.0)", "httpx (>=0.26.0)"]
-doq = ["aioquic (>=1.0.0)"]
-idna = ["idna (>=3.7)"]
-trio = ["trio (>=0.23)"]
-wmi = ["wmi (>=1.5.1)"]
-
-[[package]]
-name = "fqdn"
-version = "1.5.1"
-description = "Validates fully-qualified domain names against RFC 1123, so that they are acceptable to modern bowsers"
-optional = false
-python-versions = ">=2.7, !=3.0, !=3.1, !=3.2, !=3.3, !=3.4, <4"
-files = [
- {file = "fqdn-1.5.1-py3-none-any.whl", hash = "sha256:3a179af3761e4df6eb2e026ff9e1a3033d3587bf980a0b1b2e1e5d08d7358014"},
- {file = "fqdn-1.5.1.tar.gz", hash = "sha256:105ed3677e767fb5ca086a0c1f4bb66ebc3c100be518f0e0d755d9eae164d89f"},
-]
-
-[[package]]
-name = "idna"
-version = "3.10"
-description = "Internationalized Domain Names in Applications (IDNA)"
-optional = false
-python-versions = ">=3.6"
-files = [
- {file = "idna-3.10-py3-none-any.whl", hash = "sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3"},
- {file = "idna-3.10.tar.gz", hash = "sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9"},
-]
-
-[package.extras]
-all = ["flake8 (>=7.1.1)", "mypy (>=1.11.2)", "pytest (>=8.3.2)", "ruff (>=0.6.2)"]
-
-[[package]]
-name = "natsort"
-version = "8.4.0"
-description = "Simple yet flexible natural sorting in Python."
-optional = false
-python-versions = ">=3.7"
-files = [
- {file = "natsort-8.4.0-py3-none-any.whl", hash = "sha256:4732914fb471f56b5cce04d7bae6f164a592c7712e1c85f9ef585e197299521c"},
- {file = "natsort-8.4.0.tar.gz", hash = "sha256:45312c4a0e5507593da193dedd04abb1469253b601ecaf63445ad80f0a1ea581"},
-]
-
-[package.extras]
-fast = ["fastnumbers (>=2.0.0)"]
-icu = ["PyICU (>=1.0.0)"]
-
-[[package]]
-name = "octodns"
-version = "1.11.0"
-description = "OctoDNS: DNS as code - Tools for managing DNS across multiple providers"
-optional = false
-python-versions = ">=3.9"
-files = [
- {file = "octodns-1.11.0-py3-none-any.whl", hash = "sha256:620e5399f44e2f1cfd072446fc8f3a6e1b37a7c8c8fe01356fab2a21a3308c75"},
- {file = "octodns-1.11.0.tar.gz", hash = "sha256:fef5ee42fdf6e3097c7a77061f762c6923881be4ee91280ef216e66ea429fc83"},
-]
-
-[package.dependencies]
-dnspython = ">=2.2.1"
-fqdn = ">=1.5.0"
-idna = ">=3.3"
-natsort = ">=5.5.0"
-python-dateutil = ">=2.8.1"
-PyYaml = ">=4.2b1"
-
-[package.extras]
-dev = ["black (>=24.3.0,<25.0.0)", "build (>=0.7.0)", "isort (>=5.11.5)", "pycountry (>=19.8.18)", "pycountry-convert (>=0.7.2)", "pyflakes (>=2.2.0)", "pytest (>=6.2.5)", "pytest-cov (>=3.0.0)", "pytest-network (>=0.0.1)", "readme_renderer[md] (>=26.0)", "twine (>=3.4.2)"]
-
-[[package]]
-name = "octodns-bind"
-version = "0.0.7"
-description = "RFC compliant (Bind9) provider for octoDNS"
-optional = false
-python-versions = ">=3.9"
-files = [
- {file = "octodns_bind-0.0.7-py3-none-any.whl", hash = "sha256:bdb5b4c1f1931b1bb798581b6375862533bf2cf7b0125d465f369c6a4637f522"},
- {file = "octodns_bind-0.0.7.tar.gz", hash = "sha256:b83acb090e416c6dc7421e63b52c6196d75e788593b40552015fe5096405cfb9"},
-]
-
-[package.dependencies]
-dnspython = ">=2.2.1"
-octodns = ">=0.9.20"
-
-[package.extras]
-dev = ["black (>=24.3.0,<25.0.0)", "build (>=0.7.0)", "isort (>=5.11.5)", "pyflakes (>=2.2.0)", "pytest", "pytest-cov", "pytest-network", "readme_renderer[md] (>=26.0)", "twine (>=3.4.2)"]
-test = ["pytest", "pytest-cov", "pytest-network"]
-
-[[package]]
-name = "octodns-cloudflare"
-version = "0.0.9"
-description = "Cloudflare provider for octoDNS"
-optional = false
-python-versions = ">=3.9"
-files = [
- {file = "octodns_cloudflare-0.0.9-py3-none-any.whl", hash = "sha256:6027012a10c456443727e7d1319ae4abb21726f1f68286f87d99a86a94756aee"},
- {file = "octodns_cloudflare-0.0.9.tar.gz", hash = "sha256:a0872d5443d4d1deb3ce02dec3f2422e40781c5ec47fdd5c3fd6b15802188c67"},
-]
-
-[package.dependencies]
-octodns = ">=0.9.20"
-requests = ">=2.27.0"
-
-[package.extras]
-dev = ["black (>=24.3.0,<25.0.0)", "build (>=0.7.0)", "isort (>=5.11.5)", "pyflakes (>=2.2.0)", "pytest", "pytest-cov", "pytest-network", "readme_renderer[md] (>=26.0)", "requests_mock", "twine (>=3.4.2)"]
-test = ["pytest", "pytest-cov", "pytest-network", "requests_mock"]
-
-[[package]]
-name = "python-dateutil"
-version = "2.9.0.post0"
-description = "Extensions to the standard Python datetime module"
-optional = false
-python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7"
-files = [
- {file = "python-dateutil-2.9.0.post0.tar.gz", hash = "sha256:37dd54208da7e1cd875388217d5e00ebd4179249f90fb72437e91a35459a0ad3"},
- {file = "python_dateutil-2.9.0.post0-py2.py3-none-any.whl", hash = "sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427"},
-]
-
-[package.dependencies]
-six = ">=1.5"
-
-[[package]]
-name = "pyyaml"
-version = "6.0.2"
-description = "YAML parser and emitter for Python"
-optional = false
-python-versions = ">=3.8"
-files = [
- {file = "PyYAML-6.0.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086"},
- {file = "PyYAML-6.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf"},
- {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237"},
- {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b"},
- {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed"},
- {file = "PyYAML-6.0.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180"},
- {file = "PyYAML-6.0.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68"},
- {file = "PyYAML-6.0.2-cp310-cp310-win32.whl", hash = "sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99"},
- {file = "PyYAML-6.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e"},
- {file = "PyYAML-6.0.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774"},
- {file = "PyYAML-6.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee"},
- {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c"},
- {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317"},
- {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85"},
- {file = "PyYAML-6.0.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4"},
- {file = "PyYAML-6.0.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e"},
- {file = "PyYAML-6.0.2-cp311-cp311-win32.whl", hash = "sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5"},
- {file = "PyYAML-6.0.2-cp311-cp311-win_amd64.whl", hash = "sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44"},
- {file = "PyYAML-6.0.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab"},
- {file = "PyYAML-6.0.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725"},
- {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5"},
- {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425"},
- {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476"},
- {file = "PyYAML-6.0.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48"},
- {file = "PyYAML-6.0.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b"},
- {file = "PyYAML-6.0.2-cp312-cp312-win32.whl", hash = "sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4"},
- {file = "PyYAML-6.0.2-cp312-cp312-win_amd64.whl", hash = "sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8"},
- {file = "PyYAML-6.0.2-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba"},
- {file = "PyYAML-6.0.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1"},
- {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133"},
- {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484"},
- {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5"},
- {file = "PyYAML-6.0.2-cp313-cp313-musllinux_1_1_aarch64.whl", hash = "sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc"},
- {file = "PyYAML-6.0.2-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652"},
- {file = "PyYAML-6.0.2-cp313-cp313-win32.whl", hash = "sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183"},
- {file = "PyYAML-6.0.2-cp313-cp313-win_amd64.whl", hash = "sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563"},
- {file = "PyYAML-6.0.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a"},
- {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5"},
- {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d"},
- {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083"},
- {file = "PyYAML-6.0.2-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706"},
- {file = "PyYAML-6.0.2-cp38-cp38-win32.whl", hash = "sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a"},
- {file = "PyYAML-6.0.2-cp38-cp38-win_amd64.whl", hash = "sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff"},
- {file = "PyYAML-6.0.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d"},
- {file = "PyYAML-6.0.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f"},
- {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290"},
- {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12"},
- {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19"},
- {file = "PyYAML-6.0.2-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e"},
- {file = "PyYAML-6.0.2-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725"},
- {file = "PyYAML-6.0.2-cp39-cp39-win32.whl", hash = "sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631"},
- {file = "PyYAML-6.0.2-cp39-cp39-win_amd64.whl", hash = "sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8"},
- {file = "pyyaml-6.0.2.tar.gz", hash = "sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e"},
-]
-
-[[package]]
-name = "requests"
-version = "2.32.3"
-description = "Python HTTP for Humans."
-optional = false
-python-versions = ">=3.8"
-files = [
- {file = "requests-2.32.3-py3-none-any.whl", hash = "sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6"},
- {file = "requests-2.32.3.tar.gz", hash = "sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760"},
-]
-
-[package.dependencies]
-certifi = ">=2017.4.17"
-charset-normalizer = ">=2,<4"
-idna = ">=2.5,<4"
-urllib3 = ">=1.21.1,<3"
-
-[package.extras]
-socks = ["PySocks (>=1.5.6,!=1.5.7)"]
-use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"]
-
-[[package]]
-name = "six"
-version = "1.17.0"
-description = "Python 2 and 3 compatibility utilities"
-optional = false
-python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7"
-files = [
- {file = "six-1.17.0-py2.py3-none-any.whl", hash = "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274"},
- {file = "six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81"},
-]
-
-[[package]]
-name = "urllib3"
-version = "2.3.0"
-description = "HTTP library with thread-safe connection pooling, file post, and more."
-optional = false
-python-versions = ">=3.9"
-files = [
- {file = "urllib3-2.3.0-py3-none-any.whl", hash = "sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df"},
- {file = "urllib3-2.3.0.tar.gz", hash = "sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d"},
-]
-
-[package.extras]
-brotli = ["brotli (>=1.0.9)", "brotlicffi (>=0.8.0)"]
-h2 = ["h2 (>=4,<5)"]
-socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"]
-zstd = ["zstandard (>=0.18.0)"]
-
-[metadata]
-lock-version = "2.0"
-python-versions = "^3.12"
-content-hash = "b967624f7bb1032a2db260b12540cfb90ff5f4d7d9b5a90dc7e47eeea79f044b"
diff --git a/nix/pyproject.toml b/nix/pyproject.toml
deleted file mode 100644
index 458298b..0000000
--- a/nix/pyproject.toml
+++ /dev/null
@@ -1,18 +0,0 @@
-[tool.poetry]
-name = "monorepo"
-version = "0.1.0"
-description = "My Monorepo"
-authors = ["Preston Pan <ret2pop@gmail.com>"]
-license = "MIT"
-readme = "README.md"
-package-mode = false
-
-[tool.poetry.dependencies]
-python = "^3.12"
-octodns-cloudflare = "^0.0.9"
-octodns-bind = "^0.0.7"
-
-
-[build-system]
-requires = ["poetry-core"]
-build-backend = "poetry.core.masonry.api"
diff --git a/nix/secrets/secrets.yaml b/nix/secrets/secrets.yaml
deleted file mode 100644
index 6a15ac1..0000000
--- a/nix/secrets/secrets.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-mail: ENC[AES256_GCM,data:3gWbYL94WTUDNpSa/43Mrlc9Dj1zyWMpBqVCt+U=,iv:dqiIkQ0oF2lTbuQjZpEx6hp7jA+dijs8erfrITVF/KI=,tag:jOsR4RMUC7rUOQG5j8SASw==,type:str]
-mail_old: ENC[AES256_GCM,data:rZLF7iE+JZu6NNwmws3EDgSs4A==,iv:Cfy/Q4wPeD/nx9r/afqlTVo5KarNJpxsAUd2eFT5tUE=,tag:gjMk8cTs1/6da/o5loWriw==,type:str]
-digikey: ENC[AES256_GCM,data:U1c2HYB/YjwlyHvD3XVTqWJdb9/8BeS6,iv:DNsBoaqgUPdfO9knQLCMeJVO8kctQ9XNvcY2xcpI0NM=,tag:kuJ9BYqVx0GeTBSW5EsItg==,type:str]
-cloudflare-dns: ENC[AES256_GCM,data:Gztc/M+r/eRO2DwyLxlIBxS7B7MpOXimbFkQwlYhq9SzGG/fLl6Xqw==,iv:aDyNwbc8EyrNyhucULUkeg7VM7BmqNQTndSTh1SWqq0=,tag:HvysjKquD1g2PCrCgX2swg==,type:str]
-dn42: ENC[AES256_GCM,data:xSYssg7ReFjmf7LvmqmH/A==,iv:Gj/LZrxzRJLOLbP5rumjmViYWP6ufW3ocngektBW3V8=,tag:SA4f1vAnMFUO5Yk6NTr81Q==,type:str]
-nginx_password: ENC[AES256_GCM,data:/vDYWMEzNtu9h6jStzFlhdlfLDCimWUC/hmH4XoUWG1hW0RaQhn2vy+Qrr2O,iv:4YPQvar2qrFBMXvWyTn7M+WLpNPwrMB9mf7a9oyY2Yg=,tag:axsTqOuBdsbEIF+UvRuNfA==,type:str]
-sops:
- age:
- - recipient: age165ul43e8rc0qwzz2f2q9cw02psm2mkudsrwavq2e0pxs280p64yqy2z0dr
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlNHJDMllEZkJYQitsTlls
- WTRkQUdJOWZxRDR1WkFXdWRDUllFVmFGUFZnCmh3Mi9KMGM2aTFxQksxT1cyVDJ1
- bytaVGVIVnlyY1hacS9BVG1aSVVCOTQKLS0tIGdLTEFORTZsYmFkMGZHUWJ5akFQ
- OFFNeEtOTk5FSm9RaDFad0UyeWZ2WDgKIwGoB4a5WAIkE93gzqdUzNlo5vgQ1zLy
- yhEFrE1NbhyItnZIg/yRhqFG0dv7D3pEP3pq2Seew6pKJg/s9UTJ8Q==
- -----END AGE ENCRYPTED FILE-----
- lastmodified: "2026-02-16T06:29:48Z"
- mac: ENC[AES256_GCM,data:EQ/faGU28DJlmfITjnVe/9W0Gq8RCYYQVxOtL9l4T6n68Tthj+F9cRujdfeNS/eLkrkyni4HQM4gj1yuwbWDe3/c3Fi2XXy8fY3NJq2T2LJn8M1O6GFR0lczJ4vg5C5vnhtJOMthhKfz2UwSbUYJ6WE/K4PF9T8NrZnxG923ckQ=,iv:yJRKxq/KnhVQM5KWxosoimGKT0tlUgQMxFGy5YrUqAM=,tag:QmlwF3t6E0Z7WirDzUuMug==,type:str]
- unencrypted_suffix: _unencrypted
- version: 3.11.0
diff --git a/nix/secrets/vps_secrets.yaml b/nix/secrets/vps_secrets.yaml
deleted file mode 100644
index ca86225..0000000
--- a/nix/secrets/vps_secrets.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-livekit_secret: ENC[AES256_GCM,data:akkd9OREC024n5NfE/suM0B9SjBdPZbXMnz62Qwy2XNW+HhJw1ixhYoR8PQoR6K0unrAUAFhwWtQp+aJ1i+5q1rdpLV/3povvXYPaGg8EnE=,iv:uMuIfLYT1lvDWY8PYjnWWne7WOd0BBgBJn5mvd9ltAs=,tag:JQlRe5IY4f1RVvsq+56lKQ==,type:str]
-livekit: ENC[AES256_GCM,data:DFWsez5+O7fyI1P/3w8wKj2YpblP+fDR/r4Ry7lLJNnZxiCbT3iS0Rm9lfe3zqZbjHvhpnYtOMPApoegJFEonQ==,iv:SditYIuc+W+AdX4AgKx2j4A4K7FXXHpewcf7KzMB8qY=,tag:EwF9DKf7uGZZKf7kF8RsNg==,type:str]
-znc: ENC[AES256_GCM,data:iFNZ0tgciFU=,iv:oAAqMoov5Nv9AUBILlRpgTLJyu7l1uQshbag0ujewP4=,tag:RXtbn4EEH2523qX9MC0ODA==,type:str]
-mpd_password: ENC[AES256_GCM,data:yuSxdkf6ihe1a4qh6yGnrWLUzfe6+NiL9xdscw3mDNkDuqfhCcFAk4SSFNCH,iv:fJL42NDSPUk7b19nONu7pVwpfDaE//r/MgdoIpCI53w=,tag:OJst5kg3wvCU36YE7KuDGQ==,type:str]
-conduit_secrets: ENC[AES256_GCM,data:q6r4f275/6JKStX51+5qWozz+5L3UF4gTPaj4TOXskjRSn28cLKuoKix4mpKCqamef3SVU8THmPg3kwF5o4Gbm3XpZLieUyPaGCWxnwEaGZ8V5XaBZE=,iv:vsxezaahD0yCBmg0bAHMQfg9AjB52x/At5AowBTFARs=,tag:AXhgVDcTG7q1K91He7CFJA==,type:str]
-mautrix_env: ENC[AES256_GCM,data:Ab1mRgaXSS3VSB2sBo5AT0KaceubrcbAdomUEArmavbsjdWYQLkXbu8/BEALMTgif6c6+4u0iR3dLbRmmobBXGS03mdcR94MQbuWWH6VmHZ5VpydJQOMSl6FBcbOVgGBBp8srUmjVTLsDFobaZCCQJNfK2J3f2wbJqbDMgoUDb5B2LuElAJAuKABxCgl/isCovZpAKwbl65rK1GzZCDc9Z54o3BKLPH6Wa2K4RHnhnYjRl8HZCd/g4WRTVZh6kMIRluWtqdIVHPXAH0oc80=,iv:USZqyHzLt53mkveDxIUq0Tvyw08sUm+MpgsrjWeDiO8=,tag:4Ftfu3ALM77YnftxLkz/YQ==,type:str]
-matrix_bridge: ENC[AES256_GCM,data:w0BEETuDXVlKLlAs4JIQxMs=,iv:6IBAyKHmPJLqQWZFJD0NVT0rSXuGuAiCV2O6c3bP42o=,tag:oiyMCb4wtyqLIBrfvTirQw==,type:str]
-znc_password_hash: ENC[AES256_GCM,data:ji7qfy8aw5x2UZ5V++VKFHU925Tk2dgv2S90rrzePDhpC824LjqKqCF9Vrk8aNS9qxEB4Om0KVWWjITr1c+gPA==,iv:dX2TXQjQr+Y0y71O6LP13rxJuUz9zECgcPW3czkWmAk=,tag:oBlqoTWJjhaF3gBTUMCNPA==,type:str]
-znc_password_salt: ENC[AES256_GCM,data:e7YZkNB32RiqgCPGoehwsfZzOHM=,iv:GrhwBRBZ1ZSHJOnVg0XF6N5Oh/4tJ4Dvje0NiuGC4b8=,tag:IRjUrpkFBDO2OSu5dMyPSw==,type:str]
-telegram_token: ENC[AES256_GCM,data:hfstqM3NphVnK86LYp8EYe09kflMzQ1/SO5rm5UIkWN7wdl7mbq+sw3svc4YhQ==,iv:o6TbrGBCly0s3US9041cKmpLpThB/umhBEdZE9E3v54=,tag:WJ/KS4Uc9wtIcjpyfmzLfA==,type:str]
-discord_token: ENC[AES256_GCM,data:1mJ0lKTz2SmaP3PIn3ThWX6Mjbv3tywtLtF65SVkkCEtI79wcPeqK83l6jb3yG+ugntNR7lfQxLgbbURnTil3jc7yVOsYreL,iv:ExZ8xFkH6RR7rHATh8oBEEZWfV5Rt1YVEx8gUicQrV0=,tag:wKJ3P8ie/ppHU9VStQlk0Q==,type:str]
-mail_password: ENC[AES256_GCM,data:W24/1l9YrV+M1enkAgRv2uZuhUIYAjpcRkX7tbc=,iv:F8oLCpthhecllJvGSmHUaFgmBKDg/g3o85CPJ/nCcxU=,tag:bPxcZNXdQ/jkK+saaIKbSw==,type:str]
-mail_monorepo_password: ENC[AES256_GCM,data:jZ1QCB+BAMTEiLVD3FZ0LZBWHP+SSaI8uz5ln4e8be5w7rhJFw==,iv:yJe4mP4PmrJpgdpyjKajZP/F6PXglGY2EsRyIn+a7E0=,tag:LA1PkGXckc8huWI4QH6NdQ==,type:str]
-mail_monorepo_password_pi: ENC[AES256_GCM,data:9hEu6C9K7SidQtsJWoyOPBW3wSn1otg7fuXz2VUFWTPDYOHUjQ==,iv:R3I8bUHweR3UdfZkIHr7nkv8MqSPB8r/FaHA71mpxUg=,tag:aZuteMevsdX8PlZBVoXDjA==,type:str]
-ntfy: ENC[AES256_GCM,data:wKCZ/7GXRWPoVRoXDBD0E0sR6ZRQjSE8USwqHQFOT/QiqIx+aI0awcRuORyGbCE=,iv:aBO9I/528sX6ncnBHMBDVB6mLbc45A7xXiu9p7Kh0Ao=,tag:Xgp3UURxPYcO5DlN53sBVw==,type:str]
-sops:
- age:
- - recipient: age1acpuyy2qnduyxzwvusd8urr6a78e3f37ylhvh2pngyqytf5r8ans5vkest
- enc: |
- -----BEGIN AGE ENCRYPTED FILE-----
- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKTy9PT2o5eDJ5bXFOdXhE
- Z0xjNXcwME54N3JtbmJqNm9CYjhQZTNCRlJjCjY1K24ra1RCZTVYRHRWZkwyd1Z6
- Y0llN2pWRkwrYnZBZFJKWHROUUI1V0EKLS0tIGJBK1ZCOW5oUlRWd2dPV21lbkZs
- dDZONnI0bG5heTYzaDkxeGo3VlFmdm8K377mvFFxtFSURAWeFvLDJTkm8wppKr/B
- Y4qrdU3xBaTwqlsC/7lElQClaUbM+YMF/padENsD6IfyoGN8lGUQQw==
- -----END AGE ENCRYPTED FILE-----
- lastmodified: "2026-02-15T22:41:35Z"
- mac: ENC[AES256_GCM,data:H/OmVDNzaOL4QIr+5WOL9hgdoRUcxYQqL9ykGX3CR2xYsrPI17ktkoUR6sxjg2oW9bgvRVU3cU8DryiwGgziFyP6cnA0FlTKGp2CGw3KoKYjDtzgKucT7e0mYOmktirQVaQR604gpbB33/yHLTpbz4vNKkiyxQsv+VCUg9tuDvE=,iv:EJqFMQgrq/w0jIpHg8rj0OKWWf02+unOIeyYPwXTCfw=,tag:b6HouUF7BMSrF4fPBit7PA==,type:str]
- unencrypted_suffix: _unencrypted
- version: 3.11.0
diff --git a/nix/spontaneity.qcow2 b/nix/spontaneity.qcow2
deleted file mode 100644
index 7e34c11..0000000
--- a/nix/spontaneity.qcow2
+++ /dev/null
Binary files differ
diff --git a/nix/systems/affinity/default.nix b/nix/systems/affinity/default.nix
deleted file mode 100644
index 33d6bc6..0000000
--- a/nix/systems/affinity/default.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{ config, lib, home-manager, ... }:
-{
- imports = [
- ../common.nix
- ../../disko/drive-simple.nix
- ];
- config = {
- monorepo = {
- vars.device = "/dev/nvme0n1";
- profiles = {
- cuda.enable = true;
- workstation.enable = true;
- };
- };
- };
-}
diff --git a/nix/systems/affinity/home.nix b/nix/systems/affinity/home.nix
deleted file mode 100644
index 59b05fc..0000000
--- a/nix/systems/affinity/home.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- imports = [
- ../home-common.nix
- ];
-}
diff --git a/nix/systems/common.nix b/nix/systems/common.nix
deleted file mode 100644
index c122b0d..0000000
--- a/nix/systems/common.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ config, lib, ... }:
-{
- imports = [
- ./home.nix
- ../modules/default.nix
- ];
- # Put configuration (e.g. monorepo variable configuration) common to all configs here
-}
diff --git a/nix/systems/continuity/default.nix b/nix/systems/continuity/default.nix
deleted file mode 100644
index d4da62f..0000000
--- a/nix/systems/continuity/default.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-{ ... }:
-{
- imports = [
- ../../disko/btrfs-simple.nix
- ../common.nix
- ];
- config = {
- monorepo = {
- profiles = {
- impermanence.enable = true;
- desktop.enable = true;
- };
- vars = {
- device = "/dev/sda";
- fileSystem = "btrfs";
- };
- };
- };
-}
diff --git a/nix/systems/continuity/home.nix b/nix/systems/continuity/home.nix
deleted file mode 100644
index 59b05fc..0000000
--- a/nix/systems/continuity/home.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- imports = [
- ../home-common.nix
- ];
-}
diff --git a/nix/systems/home-common.nix b/nix/systems/home-common.nix
deleted file mode 100644
index ba0e6f2..0000000
--- a/nix/systems/home-common.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ lib, config, ... }:
-{
- imports = [
- ../modules/home/default.nix
- ];
- # Put configuration (e.g. monorepo variable configuration) common to all configs here
-}
diff --git a/nix/systems/home.nix b/nix/systems/home.nix
deleted file mode 100644
index 1e86ebb..0000000
--- a/nix/systems/home.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ config, sops-nix, ... }:
-{
- home-manager = {
- backupFileExtension = "backup";
- sharedModules = [
- sops-nix.homeManagerModules.sops
- ];
- extraSpecialArgs = {
- super = config;
- };
- useGlobalPkgs = true;
- useUserPackages = true;
- users."${config.monorepo.vars.userName}" = (import (./. + "/${config.networking.hostName}/home.nix"));
- };
-}
diff --git a/nix/systems/installer/commits.nix b/nix/systems/installer/commits.nix
deleted file mode 100644
index 27e6aab..0000000
--- a/nix/systems/installer/commits.nix
+++ /dev/null
@@ -1,5 +0,0 @@
-{
- diskoCommitHash = "c8a0e78d86b12ea67be6ed0f7cae7f9bfabae75a";
- monorepoCommitHash = "7d8501ebc97fc238d73dee4638ab58eb32a11dc1";
- monorepoUrl = "https://github.com/ret2pop/monorepo";
-}
diff --git a/nix/systems/installer/default.nix b/nix/systems/installer/default.nix
deleted file mode 100644
index e9232cb..0000000
--- a/nix/systems/installer/default.nix
+++ /dev/null
@@ -1,156 +0,0 @@
-{ pkgs, config, lib, modulesPath, ... }:
-let
- commits = import ./commits.nix;
-in
-{
- imports = [
- (modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
- ];
-
- networking = {
- networkmanager = {
- enable = true;
- };
- firewall = {
- allowedTCPPorts = [ 22 ];
- allowedUDPPorts = [ ];
- };
- wireless.enable = false;
- };
- services.openssh = {
- enable = true;
- ports = [ 22 ];
- settings = {
- PasswordAuthentication = false;
- AllowUsers = null;
- UseDns = true;
- PermitRootLogin = lib.mkForce "prohibit-password";
- };
- };
-
- users.extraUsers.root.password = "nixos";
- users.extraUsers.nixos.password = "nixos";
- users.users = {
- root.openssh.authorizedKeys.keys = [
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICts6+MQiMwpA+DfFQxjIN214Jn0pCw/2BDvOzPhR/H2 preston@continuity-dell"
- ];
- nixos = {
- packages = with pkgs; [
- gitFull
- curl
- gum
- (writeShellScriptBin "nix_installer"
- ''
-#!/usr/bin/env bash
-
-set -euo pipefail
-
-if [ "$(id -u)" -eq 0 ]; then
- echo "ERROR! $(basename "$0") should be run as a regular user"
- exit 1
-fi
-
-cd "$HOME"
-
-ping -q -c1 google.com &>/dev/null && echo "online! Proceeding with the installation..." || nmtui
-
-if [ ! -d "$HOME/monorepo/" ]; then
- git clone ${commits.monorepoUrl}
- cd "$HOME/monorepo"
- git checkout "${commits.monorepoCommitHash}"
- cd "$HOME"
-fi
-
-gum style --border normal --margin "1" --padding "1 2" "Enter a password for the encrypted disk. If you're not installing a profile with an encrypted disk, you can leave this blank."
-echo "$(gum input --password)" > /tmp/secret.key
-
-gum style --border normal --margin "1" --padding "1 2" "Choose a system to install or select \`new\` in order to create a new system."
-
-SYSTEM="$(gum choose $(find "$HOME/monorepo/nix/systems" -mindepth 1 -maxdepth 1 -type d -printf "%f\n" | grep -v -E 'installer'; printf "New"))"
-
-if [[ "$SYSTEM" == "New" ]]; then
- gum style --border normal --margin "1" --padding "1 2" "Choose a system name"
- SYSTEM="$(gum input --placeholder "system name")"
-
- gum style --border normal --margin "1" --padding "1 2" "Select a drive file or create a new drive file."
- DRIVE="$(gum choose $(find "$HOME/monorepo/nix/disko" -mindepth 1 -maxdepth 1 -type f -printf "%f\n"; printf "New"))"
-
- if [[ "$DRIVE" == "New" ]]; then
- gum style --border normal --margin "1" --padding "1 2" "Choose a name to call your drive file."
- DRIVE="$(gum input --placeholder "drive file name (ex: partition_scheme.nix)")"
- fi
-fi
-
-
-if [ ! -d "$HOME/monorepo/nix/systems/$SYSTEM" ]; then
- mkdir -p "$HOME/monorepo/nix/systems/$SYSTEM"
- cp "$HOME/monorepo/nix/systems/continuity/home.nix" "$HOME/monorepo/nix/systems/$SYSTEM/home.nix"
- cat > "$HOME/monorepo/nix/systems/$SYSTEM/default.nix" <<EOF
-{ ... }:
-{
- imports = [
- ../includes.nix
- ../../disko/$DRIVE
- ];
- # CHANGEME
- config.monorepo.vars.drive = "/dev/sda";
-}
-EOF
-
- gum style --border normal --margin "1" --padding "1 2" "Edit the system default.nix with options."
- gum input --placeholder "Press Enter to continue" >/dev/null
- vim "$HOME/monorepo/nix/systems/$SYSTEM/default.nix"
-
- gum style --border normal --margin "1" --padding "1 2" "Edit the home default.nix with options."
- gum input --placeholder "Press Enter to continue" >/dev/null
- vim "$HOME/monorepo/nix/systems/$SYSTEM/home.nix"
-
- sed -i "/hostnames = \[/,/];/ s/];/ \"$1\"\n ];/" "$HOME/monorepo/nix/flake.nix"
-
- if [ ! -f "$HOME/monorepo/nix/disko/$DRIVE" ]; then
- cp "$HOME/monorepo/nix/disko/drive-simple.nix" "$HOME/monorepo/nix/disko/$DRIVE"
- gum style --border normal --margin "1" --padding "1 2" "Edit the drive file with your preferred partitioning scheme."
- gum input --placeholder "Press Enter to continue" >/dev/null
- vim "$HOME/monorepo/nix/disko/$DRIVE"
- fi
- cd "$HOME/monorepo" && git add . && cd "$HOME"
-fi
-
-nix --extra-experimental-features 'nix-command flakes' eval "$HOME/monorepo/nix#evalDisko.$SYSTEM" > "$HOME/drive.nix"
-
-gum style --border normal --margin "1" --padding "1 2" "Formatting the drive is destructive!"
-if gum confirm "Are you sure you want to continue?"; then
- echo "Proceeding..."
-else
- echo "Aborting."
- exit 1
-fi
-
-sudo nix --experimental-features "nix-command flakes" run "github:nix-community/disko/${commits.diskoCommitHash}" -- --mode destroy,format,mount "$HOME/drive.nix"
-
-cd /mnt
-sudo nixos-install --flake "$HOME/monorepo/nix#$SYSTEM"
-
-target_user="$(ls /mnt/home | head -n1)"
-if [ -z "$target_user" ]; then
- echo "No user directories found in /mnt/home"
- exit 1
-fi
-sudo cp -r "$HOME/monorepo" "/mnt/home/$target_user/"
-
-echo "rebooting..."; sleep 3; reboot
-'')
- ];
- };
- };
-
- systemd = {
- services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
- targets = {
- sleep.enable = false;
- suspend.enable = false;
- hibernate.enable = false;
- hybrid-sleep.enable = false;
- };
- };
-}
diff --git a/nix/systems/rpi-skepticism/default.nix b/nix/systems/rpi-skepticism/default.nix
deleted file mode 100644
index ec9ff9f..0000000
--- a/nix/systems/rpi-skepticism/default.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ lib, config, ... }:
-{
- imports = [
- ../common.nix
- ../../disko/btrfs-simple.nix
- ];
-}
diff --git a/nix/systems/rpi-zero/default.nix b/nix/systems/rpi-zero/default.nix
deleted file mode 100644
index bb56332..0000000
--- a/nix/systems/rpi-zero/default.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ lib, config, home-manager, ... }:
-{
- imports = [
- ../common.nix
- ];
- config = {
- zramSwap = {
- enable = true;
- algorithm = "zstd";
- memoryPercent = 100;
- };
- boot.loader.grub.enable = false;
- boot.loader.generic-extlinux-compatible.enable = true;
- monorepo = {
- vars.device = "/dev/mmcblk0";
- profiles = {
- ttyonly.enable = true;
- };
- };
- };
-}
diff --git a/nix/systems/rpi-zero/home.nix b/nix/systems/rpi-zero/home.nix
deleted file mode 100644
index 205ea02..0000000
--- a/nix/systems/rpi-zero/home.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- imports = [
- ../home-common.nix
- ];
- config.monorepo.profiles.enable = false;
-}
diff --git a/nix/systems/spontaneity/default.nix b/nix/systems/spontaneity/default.nix
deleted file mode 100644
index 823c7b9..0000000
--- a/nix/systems/spontaneity/default.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{ config, lib, ... }:
-{
- imports = [
- ../common.nix
- ../../disko/drive-bios.nix
-
- # nixos-anywhere generates this file
- ./hardware-configuration.nix
- ];
- config = {
- monorepo = {
- vars.device = "/dev/vda";
- profiles = {
- server = {
- enable = true;
- ipv4 = "66.42.84.130";
- gateway = "66.42.84.1";
- ipv6 = "2001:19f0:5401:10d0:5400:5ff:fe4a:7794";
- interface = "ens3";
- };
- grub.enable = true;
- pipewire.enable = false;
- tor.enable = false;
- };
- };
- boot.loader.grub.device = "nodev";
- };
-}
diff --git a/nix/systems/spontaneity/hardware-configuration.nix b/nix/systems/spontaneity/hardware-configuration.nix
deleted file mode 100644
index 050ed23..0000000
--- a/nix/systems/spontaneity/hardware-configuration.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
- imports = [ ];
-
- boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
- boot.initrd.kernelModules = [ ];
- boot.kernelModules = [ ];
- boot.extraModulePackages = [ ];
-
- # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
- # (the default) this is the recommended approach. When using systemd-networkd it's
- # still possible to use this option, but it's recommended to use it in conjunction
- # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
- networking.useDHCP = lib.mkDefault true;
- # networking.interfaces.ens3.useDHCP = lib.mkDefault true;
-
- nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- virtualisation.hypervGuest.enable = true;
-}
diff --git a/nix/systems/spontaneity/home.nix b/nix/systems/spontaneity/home.nix
deleted file mode 100644
index 59b05fc..0000000
--- a/nix/systems/spontaneity/home.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{ lib, config, pkgs, ... }:
-{
- imports = [
- ../home-common.nix
- ];
-}
diff --git a/nix/topology/default.nix b/nix/topology/default.nix
deleted file mode 100644
index ce4fedd..0000000
--- a/nix/topology/default.nix
+++ /dev/null
@@ -1,55 +0,0 @@
-{ config, ... }:
-let
- inherit
- (config.lib.topology);
-in
-{
- nodes = {
- spontaneity = {
- interfaces.wan.network = "remote";
- };
- installer = {
- interfaces.lan.network = "home";
- };
- affinity = {
- interfaces.lan = {
- network = "home";
- physicalConnections = [
- {
- node = "spontaneity";
- interface = "wan";
- }
- {
- node = "installer";
- interface = "lan";
- }
- ];
- };
- };
- continuity = {
- interfaces.lan = {
- network = "home";
- physicalConnections = [
- {
- node = "spontaneity";
- interface = "wan";
- }
- {
- node = "affinity";
- interface = "lan";
- }
- ];
- };
- };
- };
- networks = {
- home = {
- name = "Home Network";
- cidrv4 = "192.168.1.1/24";
- };
- remote = {
- name = "Remote Network";
- cidrv4 = "144.202.27.169/32";
- };
- };
-}
diff --git a/nix/update-dns.sh b/nix/update-dns.sh
deleted file mode 100644
index d3b0819..0000000
--- a/nix/update-dns.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-export CLOUDFLARE_TOKEN="$(cat /run/user/1000/secrets/cloudflare-dns | tr -d '\n')"
-poetry run octodns-sync --config-file result --doit
diff --git a/nix/vm-boot.log b/nix/vm-boot.log
deleted file mode 100644
index c2d5312..0000000
--- a/nix/vm-boot.log
+++ /dev/null
@@ -1,26 +0,0 @@
-Disk image does not exist, creating the virtualisation disk image...
-Formatting '/tmp/tmp.ghXtpZvFNR', fmt=raw size=1073741824
-mke2fs 1.47.3 (8-Jul-2025)
-Discarding device blocks: 0/262144 done
-Creating filesystem with 262144 4k blocks and 65536 inodes
-Filesystem UUID: 40fde25e-3bf6-4f1d-b38f-0f1e5bf5c63e
-Superblock backups stored on blocks:
- 32768, 98304, 163840, 229376
-
-Allocating group tables: 0/8 done
-Writing inode tables: 0/8 done
-Creating journal (8192 blocks): done
-Writing superblocks and filesystem accounting information: 0/8 done
-
-Virtualisation disk image created.
-[ 2.098286] systemd-ssh-generator[405]: Failed to query local AF_VSOCK CID: Cannot assign requested address
-[ 2.101053] (sd-exec-[393]: /nix/store/5j9cg6adv3d2l403fcfklz4lmf9fd0l8-systemd-258.3/lib/systemd/system-generators/systemd-ssh-generator failed with exit status 1.
-[ 2.546593] systemd[1]: sops-nix.service: Service has no ExecStart=, ExecStop=, or SuccessAction=. Refusing.
-[ 3.073461] kvm_intel: VMX not supported by CPU 0
-[!p]104[?7h[!p]104[?7h]3008;start=0f8977aca4ae4aceb248698121ee52a0;user=root;hostname=spontaneity;machineid=2deb26c4bda24c9d99e20bb2027746c7;bootid=bff39adaca784375af4c4c91ecca3ad9;pid=1436;pidfdid=1736;comm=(agetty);servicename=serial-getty@ttyS0.service;invocationid=9dc6890ff18e4f539a5c570df5f30b70;type=service\P+q6E616D65\
-
-<<< Welcome to NixOS 26.05.20260204.00c21e4 (x86_64) - ttyS0 >>>
-
-Run 'nixos-help' for the NixOS manual.
-
-spontaneity login: \ No newline at end of file
generated by cgit v1.3 (git 2.53.0) at 2026-05-31 17:22:33 +0000