diff options
| -rw-r--r-- | config/nix.org | 132 | ||||
| -rw-r--r-- | flake.nix | 2 | ||||
| m--------- | nix | 0 | ||||
| -rw-r--r-- | style.scss | 24 |
4 files changed, 151 insertions, 7 deletions
diff --git a/config/nix.org b/config/nix.org index 83f06dc..caabe50 100644 --- a/config/nix.org +++ b/config/nix.org @@ -2454,6 +2454,105 @@ We must put Nixpkgs in another configuration because we don't want to include it }; } #+end_src +** AutoUpdater +#+begin_src nix :tangle ../nix/modules/auto-update.nix +{ config, pkgs, lib, ... }: + +{ + config = lib.mkIf config.monorepo.profiles.workstation.enable { + systemd.timers.monorepo-flake-updater = { + description = "Timer for Automated Monorepo Flake Updates"; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnCalendar = "hourly"; + Persistent = true; + }; + }; + + systemd.services.monorepo-flake-updater = { + description = "Automated Flake Update, Check, and Patch for Monorepo"; + wants = [ "network-online.target" ]; + after = [ "network-online.target" ]; + + serviceConfig = { + Type = "oneshot"; + User = "${config.monorepo.vars.userName}"; + }; + environment = { + HOME = "/home/${config.monorepo.vars.userName}"; + }; + + path = with pkgs; [ git nix coreutils curl ]; + script = '' + # Exit immediately if any command fails + set -euo pipefail + + API_URL="https://channels.nixos.org/nixos-unstable/git-revision" + if ! curl --silent --head --location --fail "$API_URL" > /dev/null; then + echo "No internet or NixOS API is down. Aborting." + exit 0 + fi + + LATEST_REV=$(curl --silent --location "$API_URL") + STATE_FILE="$HOME/.local/state/monorepo-updater-rev" + + mkdir -p "$(dirname "$STATE_FILE")" + + if [ ! -f "$STATE_FILE" ]; then + echo "First run. Initializing baseline hash ($LATEST_REV) and exiting." + echo "$LATEST_REV" > "$STATE_FILE" + exit 0 + fi + + if [ "$(cat "$STATE_FILE")" = "$LATEST_REV" ]; then + echo "Channel has not bumped since last check ($LATEST_REV). Aborting." + exit 0 + fi + + echo "$LATEST_REV" > "$STATE_FILE" + + TEMP_DIR=$(mktemp -d) + trap 'rm -rf "$TEMP_DIR"' EXIT + cd "$TEMP_DIR" + + echo "Cloning repository..." + git clone git://git.nullring.xyz/monorepo.git --recurse-submodules + + cd monorepo/nix + + # Create and checkout [date]-bump branch INSIDE the submodule + DATE=$(date +%Y-%m-%d) + BRANCH_NAME="''${DATE}-bump" + git checkout -b "$BRANCH_NAME" + + echo "Running nix flake update..." + nix flake update --extra-experimental-features "nix-command flakes" + + # If the channel bumped, but flake update didn't change flake.lock, exit + if git diff --quiet flake.lock; then + echo "No actual updates to flake.lock. Aborting." + exit 0 + fi + + nix flake check --extra-experimental-features "nix-command flakes" + + git config user.name "NixOS Updater" + git config user.email "updater@localhost" + git add flake.lock + git commit -m "chore: automated flake update ''${DATE}" + + PATCH_DIR="$HOME/monorepo/nix" + mkdir -p "$PATCH_DIR" + PATCH_FILE="$PATCH_DIR/0000-flake-update-''${DATE}.patch" + + git format-patch -1 HEAD --stdout > "$PATCH_FILE" + echo "Successfully checked updates and created patch at $PATCH_FILE" +''; + }; + }; +} +#+end_src + ** Main Configuration This is the backbone of the all the NixOS configurations, with all these options being shared because they enhance security. @@ -3494,19 +3593,41 @@ be straightforward. *** QuteBrowser #+begin_src nix :tangle ../nix/modules/home/qutebrowser.nix -{ lib, config, catppuccin-qutebrowser, ... }: +{ pkgs, lib, config, catppuccin-qutebrowser, ... }: { programs.qutebrowser = { enable = lib.mkDefault config.monorepo.profiles.graphics.enable; + package = pkgs.qutebrowser.overrideAttrs (old: { + qtWrapperArgs = (old.qtWrapperArgs or []) ++ [ + "--set" "__EGL_VENDOR_LIBRARY_FILENAMES" "/run/opengl-driver/share/glvnd/egl_vendor.d/10_nvidia.json" + "--set" "GBM_BACKEND" "nvidia-drm" + "--set" "__GLX_VENDOR_LIBRARY_NAME" "nvidia" + "--set" "QT_QPA_PLATFORM" "wayland" + ]; + }); + enableDefaultBindings = true; searchEngines = { + DEFAULT = "https://search.marginalia.nu/search?query={}"; g = "https://www.google.com/search?hl=en&q={}"; w = "https://en.wikipedia.org/wiki/Special:Search?search={}&go=Go&ns0=1"; aw = "https://wiki.archlinux.org/?search={}"; nw = "https://wiki.nixos.org/index.php?search={}"; npk = "https://search.nixos.org/packages?channel=unstable&query={}"; }; + settings = { + # This is the magic combination for Qtile + Wayland + Qutebrowser + qt.args = [ + "enable-features=UseOzonePlatform" + "disable-gpu" + "disable-software-rasterizer" + "disable-gpu-sandbox" + ]; + + # Force Qt to draw the UI in software mode so it doesn't look for OpenGL + qt.force_software_rendering = "qt-quick"; + content.blocking.method = "both"; fonts.default_family = "Lora"; fonts.default_size = "12pt"; @@ -3523,10 +3644,8 @@ be straightforward. # Hints fonts.hints = "bold 12pt Lora"; - - # Rendering - qt.force_software_rendering = "chromium"; }; + extraConfig = (builtins.readFile "${catppuccin-qutebrowser}/setup.py") + '' config.load_autoconfig() @@ -4220,7 +4339,7 @@ for these configurations. homeDirectory = "/home/${super.monorepo.vars.userName}"; stateVersion = "24.11"; sessionVariables = { - QTWEBENGINE_FORCE_USE_GBM = 0; + QT_QPA_PLATFORM = "wayland;xcb"; NIXOS_OZONE_WL = 1; XDG_SESSION_TYPE = "wayland"; XDG_CURRENT_DESKTOP = "qtile"; @@ -4233,6 +4352,7 @@ for these configurations. unzip mupdf zathura + qt6.qtwayland fzf # passwords @@ -4246,7 +4366,7 @@ for these configurations. # Apps # octaveFull - grim swww vim element-desktop signal-desktop signal-cli imv slurp wl-clipboard + grim awww vim element-desktop signal-desktop signal-cli imv slurp wl-clipboard # Sound/media pavucontrol alsa-utils imagemagick ffmpeg pulseaudio @@ -267,7 +267,7 @@ xvfb-run -a emacs -q -l ${self}/tests/ci-runner.el || { printf "after emacs\n" CSS_HASH="$(python3 $HOME/monorepo/tests/test-csp-hash.py $HOME/website_html/index.html)" cat <<EOF > $HOME/website_html/csp_header.conf -add_header Content-Security-Policy "default-src 'self'; style-src 'self' 'sha256-$CSS_HASH'; font-src 'self';"; +add_header Content-Security-Policy "default-src 'none'; script-src 'none'; style-src 'self' 'sha256-$CSS_HASH'; font-src 'self'; img-src 'self'; object-src 'none'; base-uri 'none'; form-action 'none';"; EOF echo "Setting up Graph View..." diff --git a/nix b/nix -Subproject fdb5ae36cc411784bfda9622f5bd2b054342e75 +Subproject 21f6cf9070bebd0a711f8bfc8d9ba3de41523f2 @@ -206,6 +206,18 @@ h4 { font-size: 1.1rem; font-weight: 700; color: var(--text-main); } h5 { font-size: 1rem; font-weight: 700; color: var(--link-color); } h6 { font-size: 0.85rem; font-weight: 400; text-transform: uppercase; letter-spacing: 1px; color: color-mix(in srgb, var(--text-main) 60%, transparent); } +h1, h2, h3, h4, h5, h6 { + [class^="section-number-"] { + font-family: var(--font-mono), monospace; + color: color-mix(in srgb, var(--text-main) 35%, transparent); + font-weight: 400; + font-size: 0.65em; + letter-spacing: 0.05em; + margin-right: 0.75em; + vertical-align: middle; + } +} + p, ul, ol { margin-top: 1rem; margin-bottom: 1rem; } li { margin-top: 0.3rem; } @@ -362,6 +374,18 @@ math { } } +.outline-text-2 > p:first-of-type::first-letter, +#text-1 > p:first-of-type::first-letter { + float: left; + font-size: 3.5rem; + line-height: 0.8; + margin-right: 0.15em; + margin-top: 0.1em; + font-family: var(--font-header), serif; + font-weight: 700; + color: var(--accent); +} + h1.title { padding-top: 1.5rem; margin-top: 0.5rem; |