diff options
Diffstat (limited to 'nix/modules')
| -rw-r--r-- | nix/modules/configuration.nix | 11 | ||||
| -rw-r--r-- | nix/modules/home/default.nix | 2 | ||||
| -rw-r--r-- | nix/modules/home/fcitx.nix | 4 | ||||
| -rw-r--r-- | nix/modules/home/hyprland.nix | 65 | ||||
| -rw-r--r-- | nix/modules/home/zsh.nix | 1 | ||||
| -rw-r--r-- | nix/modules/impermanence.nix | 4 | ||||
| -rw-r--r-- | nix/modules/pipewire.nix | 8 | ||||
| -rw-r--r-- | nix/modules/xserver.nix | 2 | ||||
| -rw-r--r-- | nix/modules/znc.nix | 6 |
9 files changed, 62 insertions, 41 deletions
diff --git a/nix/modules/configuration.nix b/nix/modules/configuration.nix index c906529..e2d12e2 100644 --- a/nix/modules/configuration.nix +++ b/nix/modules/configuration.nix @@ -40,11 +40,10 @@ }; systemd = { + services.NetworkManager-wait-online.enable = false; coredump.enable = false; network.config.networkConfig.IPv6PrivacyExtensions = "kernel"; tmpfiles.settings = { - "restricthome"."/home/*".Z.mode = "~0700"; - "restrictetcnixos"."/etc/nixos/*".Z = { mode = "0000"; user = "root"; @@ -108,7 +107,6 @@ "pti=on" "randomize_kstack_offset=on" "vsyscall=none" - "module.sig_enforce=1" # "lockdown=confidentiality" # cpu @@ -123,11 +121,10 @@ # mineral # "init_on_alloc=1" - "random.trust_cpu=off" - "random.trust_bootloader=off" + # "random.trust_bootloader=off" # "init_on_free=1" "quiet" - "loglevel=0" + # "loglevel=0" ]; blacklistedKernelModules = [ @@ -250,7 +247,7 @@ }; jitterentropy-rngd.enable = true; - resolved.dnssec = true; + resolved.settings.Resolve.DNSSEC = true; # usbguard.enable = true; usbguard.enable = false; dbus.apparmor = "enabled"; diff --git a/nix/modules/home/default.nix b/nix/modules/home/default.nix index f8a1ad5..c991927 100644 --- a/nix/modules/home/default.nix +++ b/nix/modules/home/default.nix @@ -186,7 +186,7 @@ imagemagick supercollider inkscape - kdePackages.kdenlive + # kdePackages.kdenlive # kicad murmur ]) else []); diff --git a/nix/modules/home/fcitx.nix b/nix/modules/home/fcitx.nix index b4bb965..1907590 100644 --- a/nix/modules/home/fcitx.nix +++ b/nix/modules/home/fcitx.nix @@ -3,12 +3,12 @@ i18n.inputMethod = { type = "fcitx5"; enable = lib.mkDefault config.monorepo.profiles.graphics.enable; - fcitx5.addons = with pkgs; [ + fcitx5.addons = if config.monorepo.profiles.graphics.enable then (with pkgs; [ fcitx5-gtk qt6Packages.fcitx5-chinese-addons qt6Packages.fcitx5-configtool fcitx5-mozc fcitx5-rime - ]; + ]) else []; }; } diff --git a/nix/modules/home/hyprland.nix b/nix/modules/home/hyprland.nix index de343b5..b649e96 100644 --- a/nix/modules/home/hyprland.nix +++ b/nix/modules/home/hyprland.nix @@ -32,34 +32,53 @@ "__GLX_VENDOR_LIBRARY_NAME,nvidia" "ELECTRON_OZONE_PLATFORM_HINT,auto" ]; - # layerrule = [ - # "blur:top,waybar" - # ]; + monitor = [ "DP-4,2560x1440@165.000000,0x0,1" "Unknown-1,disable" ]; - windowrulev2 = [ - "workspace 1, class:^(emacs)$" - "workspace 2, class:^(firefox)$" - "workspace 2, title:^(.*Tor Browser.*)$" - "workspace 2, title:^(.*Chromium-browser.*)$" - "workspace 2, class:^(chromium)$" - "workspace 3, class:^(discord)$" - "workspace 3, class:^(vesktop)$" - "workspace 3, title:^(.*fluffychat.*)$" - "workspace 3, class:^(.*element-desktop.*)$" - "workspace 4, class:^(.*qpwgraph.*)$" - "workspace 4, class:^(.*pavucontrol.*)$" - "workspace 4, class:^(.*mpv.*)$" - "workspace 5, title:^(.*Monero.*)$" - "workspace 5, title:^(.*org\.bitcoin\..*)$" - "workspace 5, title:^(.*Bitcoin Core - preston.*)$" - "workspace 5, title:^(.*org\.getmonero\..*)$" - "workspace 5, title:^(.*Monero - preston.*)$" - "workspace 5, title:^(.*electrum.*)$" - "pseudo,title:fcitx" + + layerrule = [ + { + name = "waybar blur"; + "match:namespace" = "waybar"; + blur = "on"; + } ]; + + windowrule = [ + { + name = "emacs"; + "match:class" = "emacs"; + workspace = 1; + } + { + name = "firefox"; + "match:class" = "firefox"; + workspace = 2; + } + { + name = "vesktop"; + "match:class" = "vesktop"; + workspace = 3; + } + { + name = "pavucontrol"; + "match:class" = "pavucontrol"; + workspace = 4; + } + { + name = "qpwgraph"; + "match:class" = "qpwgraph"; + workspace = 4; + } + { + name = "mpv"; + "match:class" = "mpv"; + workspace = 4; + } + ]; + bind = [ "$mod, F, exec, firefox" "$mod, Return, exec, kitty" diff --git a/nix/modules/home/zsh.nix b/nix/modules/home/zsh.nix index 31468e1..62dcbd5 100644 --- a/nix/modules/home/zsh.nix +++ b/nix/modules/home/zsh.nix @@ -37,7 +37,6 @@ usite = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/${config.monorepo.vars.internetName}-website/"; sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l"; - i3 = "exec ${pkgs.i3}/bin/i3"; }; loginExtra = '' if [[ "$(tty)" = "/dev/tty1" ]]; then diff --git a/nix/modules/impermanence.nix b/nix/modules/impermanence.nix index 36b2f7e..ad942ff 100644 --- a/nix/modules/impermanence.nix +++ b/nix/modules/impermanence.nix @@ -9,7 +9,7 @@ boot.initrd.postResumeCommands = (if config.monorepo.profiles.impermanence.enable then lib.mkAfter '' mkdir /btrfs_tmp - mount /dev/mapper/crypted /btrfs_tmp + mount -t btrfs -n -o subvol=/ /dev/mapper/crypted /btrfs_tmp if [[ -e /btrfs_tmp/root ]]; then mkdir -p /btrfs_tmp/old_roots timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") @@ -29,7 +29,7 @@ done btrfs subvolume create /btrfs_tmp/root - umount /btrfs_tmp + umount -n /btrfs_tmp '' else ""); boot.initrd.luks.devices = (if (config.monorepo.vars.fileSystem == "btrfs") then { diff --git a/nix/modules/pipewire.nix b/nix/modules/pipewire.nix index 4ca3610..0fc2d69 100644 --- a/nix/modules/pipewire.nix +++ b/nix/modules/pipewire.nix @@ -3,12 +3,12 @@ services.pipewire = { enable = lib.mkDefault config.monorepo.profiles.pipewire.enable; alsa = { - enable = true; + enable = lib.mkDefault config.monorepo.profiles.pipewire.enable; support32Bit = true; }; - pulse.enable = true; - jack.enable = true; - wireplumber.enable = true; + pulse.enable = lib.mkDefault config.monorepo.profiles.pipewire.enable; + jack.enable = lib.mkDefault config.monorepo.profiles.pipewire.enable; + wireplumber.enable = lib.mkDefault config.monorepo.profiles.pipewire.enable; extraConfig = { pipewire."92-low-latency" = { "context.properties" = { diff --git a/nix/modules/xserver.nix b/nix/modules/xserver.nix index 29aec23..7bc40af 100644 --- a/nix/modules/xserver.nix +++ b/nix/modules/xserver.nix @@ -8,7 +8,7 @@ windowManager = { i3 = { - enable = ! config.monorepo.profiles.ttyonly.enable; + enable = (! config.monorepo.profiles.ttyonly.enable); }; }; diff --git a/nix/modules/znc.nix b/nix/modules/znc.nix index c2e2079..758f720 100644 --- a/nix/modules/znc.nix +++ b/nix/modules/znc.nix @@ -25,6 +25,12 @@ useSSL = true; modules = [ "simple_away" ]; }; + "nullring" = { + server = "nullring.xyz"; + port = 6697; + useSSL = true; + modules = [ "simple_away" "log" ]; + }; }; }; }; |