From 9b428c57988734b2e8d84d0e12cb9cb0b859d15f Mon Sep 17 00:00:00 2001 From: Marcus Godwin Date: Mon, 6 Mar 2023 19:21:17 -0500 Subject: [PATCH] after refactor --- flake.lock | 18 +-- flake.nix | 380 +---------------------------------------------- home_manager.nix | 131 ++++++++++++++++ panam.nix | 239 +++++++++++++++++++++++++++++ 4 files changed, 374 insertions(+), 394 deletions(-) create mode 100644 home_manager.nix create mode 100644 panam.nix diff --git a/flake.lock b/flake.lock index 028d8b3..bd9a620 100644 --- a/flake.lock +++ b/flake.lock @@ -71,8 +71,7 @@ "flake-utils": "flake-utils", "home-manager": "home-manager", "nixpkgs": "nixpkgs", - "nixpkgs_stable": "nixpkgs_stable", - "vps_nixpkgs": "vps_nixpkgs" + "nixpkgs_stable": "nixpkgs_stable" } }, "utils": { @@ -89,21 +88,6 @@ "repo": "flake-utils", "type": "github" } - }, - "vps_nixpkgs": { - "locked": { - "lastModified": 1673410828, - "narHash": "sha256-xAggTjXt7iqOe4lNRtq+B31cjxchvJOr9zIJJ4JmfY8=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "9852294f15c380cd61fd441538982426f8ee8ccc", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "master", - "type": "indirect" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 1f15f42..ba537a2 100644 --- a/flake.nix +++ b/flake.nix @@ -4,7 +4,6 @@ inputs = { nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs_stable.url = "nixpkgs/nixos-22.11"; - vps_nixpkgs.url = "nixpkgs/master"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; @@ -26,346 +25,9 @@ #}; }; - outputs = { self, nixpkgs, nixpkgs_stable, vps_nixpkgs, home-manager, flake-utils }@attrs: + outputs = { self, nixpkgs, nixpkgs_stable, home-manager, flake-utils }@attrs: let system = "x86_64-linux"; - homeManagerSharedModule = { - home-manager.useGlobalPkgs = true; - home-manager.users.marcus = { config, pkgs, lib, ... }:{ - # This value determines the Home Manager release that your - # configuration is compatible with. This helps avoid breakage - # when a new Home Manager release introduces backwards - # incompatible changes. - # - # You can update Home Manager without changing this value. See - # the Home Manager release notes for a list of state version - # changes in each release. - home.stateVersion = "22.11"; - - home.packages = with pkgs; [ ]; - programs.starship = { - enable = true; - enableBashIntegration = true; - settings = { - add_newline = false; - format = lib.concatStrings [ - "$username" - "$hostname" - "$directory" - "$jobs" - "$cmd_duration" - "$character" - ]; - directory = { - truncation_length = 10; - truncate_to_repo = false; - }; - scan_timeout = 10; - character = { - success_symbol = "➜"; - error_symbol = "➜"; - }; - }; - }; - programs.git = { - enable = true; - userName = "Marcus Godwin"; - userEmail = "godwin3@gatech.edu"; - }; - programs.vim = { - enable = true; - plugins = with pkgs.vimPlugins; [ - nerdcommenter vim-polyglot #parinfer-rust - ]; - settings = { - # Is the need for these obliviated by vim-polyglot using sleuth? - #expandtab = false; - tabstop = 4; - shiftwidth = 4; - }; - extraConfig = '' - set number - set hlsearch - nnoremap m :bn - nnoremap t :tabnew - nnoremap . :tabn - nnoremap , :tabp - nnoremap v :vsplit - nnoremap h :split - nnoremap q :q - inoremap jk - inoremap kj - - " Thanks to https://unix.stackexchange.com/questions/140898/vim-hide-status-line-in-the-bottom - let s:hidden_all = 0 - function! ToggleHiddenAll() - if s:hidden_all == 0 - let s:hidden_all = 1 - set noshowmode - set noruler - set laststatus=0 - set noshowcmd - else - let s:hidden_all = 0 - set showmode - set ruler - set laststatus=2 - set showcmd - endif - endfunction - - nnoremap :call ToggleHiddenAll() - ''; - }; - programs.tmux = { - enable = true; - extraConfig = '' - #$Id: vim-keys.conf,v 1.2 2010-09-18 09:36:15 nicm Exp $ - # - # vim-keys.conf, v1.2 2010/09/12 - # - # By Daniel Thau. Public domain. - # - # This configuration file binds many vi- and vim-like bindings to the - # appropriate tmux key bindings. Note that for many key bindings there is no - # tmux analogue. This is intended for tmux 1.3, which handles pane selection - # differently from the previous versions - - # split windows like vim - # vim's definition of a horizontal/vertical split is reversed from tmux's - bind s split-window -v - bind v split-window -h - - # move around panes with hjkl, as one would in vim after pressing ctrl-w - bind h select-pane -L - bind j select-pane -D - bind k select-pane -U - bind l select-pane -R - - # resize panes like vim - # feel free to change the "1" to however many lines you want to resize by, only - # one at a time can be slow - bind < resize-pane -L 1 - bind > resize-pane -R 1 - bind - resize-pane -D 1 - bind + resize-pane -U 1 - - # bind : to command-prompt like vim - # this is the default in tmux already - bind : command-prompt - - # vi-style controls for copy mode - setw -g mode-keys vi - ''; - }; - }; - }; - commonConfigFunc = ({ config, lib, pkgs, modulesPath, ... }: (specificPkgs: { - nixpkgs.config.allowUnfree = true; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. - time.timeZone = "America/New_York"; - users.extraUsers.marcus = { - name = "marcus"; - isNormalUser = true; - group = "users"; - extraGroups = [ "wheel" "disk" "audio" "video" "networkmanager" "systemd-journal" "sway" "plugdev" "adbusers" "docker" ]; - createHome = true; - home = "/home/marcus"; - shell = "/run/current-system/sw/bin/bash"; - }; - users.extraUsers.nathan = { - name = "nathan"; - isNormalUser = true; - group = "users"; - extraGroups = [ "wheel" "disk" "audio" "video" "networkmanager" "systemd-journal" "sway" "plugdev" "adbusers" "docker" ]; - createHome = true; - home = "/home/nathan"; - shell = "/run/current-system/sw/bin/bash"; - }; - - # Pi Hole + docker setup - virtualisation.oci-containers.backend = "docker"; - virtualisation.docker.autoPrune.enable = true; - - virtualisation.oci-containers.containers.pihole = { - #image = "pihole/pihole:2023.02.2"; - image = "pihole/pihole:latest"; - ports = [ - "5353:53/upd" - "5353:53/tcp" - "9091:80/tcp" - ]; - volumes = [ - "/var/lib/pihole/:/etc/pihole/" - "/var/lib/dnsmasq.d:/etc/dnsmasq.d" - ]; - environment = { - TZ = config.time.timeZone; - WEB_PORT = "80"; - WEBPASSWORD = "critical"; - PIHOLE_DNS_ = "172.17.0.1"; - REV_SERVER = "true"; - REV_SERVER_DOMAIN = "pihole.local"; - REV_SERVER_TARGET = "192.168.1.1"; - REV_SERVER_CIDR = "192.168.1.0/16"; - DNSMASQ_LISTENING = "all"; - }; - extraOptions = [ - "--add-host=host.docker.internal:host-gateway" - ]; - }; - #systemd.services."docker-pihole".postStart = '' - #while ! docker ps | grep pihole; do - #sleep 10s - #echo "Waiting on containers" - #done - #sleep 30s - - #docker exec pihole pihole -a adlist add "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" - #docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/AdguardDNS.txt" - #docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/Easylist.txt" - #docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/Easyprivacy.txt" - - #docker exec pihole pihole -g - #''; - - # Enable flatpak for installing/running steam link software - services.flatpak.enable = true; - - # testing - services.jellyfin.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - pulse.enable = true; - }; - services.dbus.enable = true; - xdg.portal = { - enable = true; - wlr.enable = true; - extraPortals = [pkgs.xdg-desktop-portal-gtk ]; - gtkUsePortal = true; - }; - nixpkgs.overlays = [ (self: super: { - glusterfs = (import nixpkgs_stable { inherit system; overlays = []; }).pkgs.glusterfs; - }) ]; - services.glusterfs.enable = true; - - programs.sway = { - enable = true; - wrapperFeatures.gtk = true; - extraPackages = with pkgs; [ - swaylock # lockscreen - swayidle - xwayland # for legacy apps - #waybar # status bar - mako # notification daemon - kanshi # autorandr - bemenu # is this right? - i3status - ffmpeg_5-full - ]; - }; - - environment = { - etc = { - "sway/config".source = ./sway_config; - }; - }; - # For steam, and Vulkan in general - hardware.opengl.driSupport = true; - hardware.opengl.driSupport32Bit = true; - - nixpkgs.config.packageOverrides = pkgs: { - vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; - }; - hardware.opengl = { - enable = true; - extraPackages = with pkgs; [ - intel-media-driver - vaapiIntel - vaapiVdpau - libvdpau-va-gl - intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) - ]; - }; - - environment.systemPackages = with pkgs; [ - tmux vim wget curl git w3m iftop iotop killall file unzip zip ripgrep imv killall gomuks htop - firefox-wayland chromium gnome.nautilus - vlc steam transmission-gtk mupdf - foot pavucontrol pywal - sway wayland glib dracula-theme gnome.adwaita-icon-theme wl-clipboard - (pkgs.writeTextFile { - name = "dbus-sway-environment"; - destination = "/bin/dbus-sway-environment"; - executable = true; - - text = '' - dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway - systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr - systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr - ''; - }) - # currently, there is some friction between sway and gtk: - # https://github.com/swaywm/sway/wiki/GTK-3-settings-on-Wayland - # the suggested way to set gtk settings is with gsettings - # for gsettings to work, we need to tell it where the schemas are - # using the XDG_DATA_DIR environment variable - # run at the end of sway config - (pkgs.writeTextFile { - name = "configure-gtk"; - destination = "/bin/configure-gtk"; - executable = true; - text = let - schema = pkgs.gsettings-desktop-schemas; - datadir = "${schema}/share/gsettings-schemas/${schema.name}"; - in '' - export XDG_DATA_DIRS=${datadir}:$XDG_DATA_DIRS - gnome_schema=org.gnome.desktop.interface - gsettings set $gnome_schema gtk-theme 'Dracula' - ''; - }) - ] ++ specificPkgs; - programs.waybar.enable = true; - - # kanshi systemd service - systemd.user.services.kanshi = { - description = "kanshi daemon"; - serviceConfig = { - Type = "simple"; - ExecStart = "${pkgs.kanshi}/bin/kanshi -c kanshi_config_file"; - }; - }; - - services.openssh.enable = true; - services.tailscale.enable = true; - networking.firewall.enable = false; - - #services.pihole = { - #enable = true; - #hostConfig = { - #user = "pihole"; - #enableLingeringForUser = true; - #persistVolumes = true; - #dnsPort = 5335; - #webPort = 8080; - #}; - #piholeConfig.ftl = { - #LOCAL_IPV4 = "192.168.4.200"; - #}; - #piholeConfig.web = { - #virtualHost = "pi.hole"; - #password = "password"; - #}; - #}; - - #networking.firewall.interfaces.eth0 = { - #allowedTCPPorts = [ 5335 8080 ]; - #allowedUDPPorts = [ 5335 ]; - #}; - })); in { nixosConfigurations.panam = nixpkgs.lib.nixosSystem { inherit system; @@ -376,44 +38,8 @@ #pihole.nixosModules.${system}.default home-manager.nixosModules.home-manager - homeManagerSharedModule - ({ config, lib, pkgs, modulesPath, ... }@innerArgs: (lib.recursiveUpdate (commonConfigFunc innerArgs []) { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - # needed for stable restarts of pi-hole container - #boot.cleanTmpDir = true; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { device = "/dev/disk/by-uuid/b22f705d-8d3d-4d6c-997d-226399f03e18"; fsType = "ext4"; }; - fileSystems."/boot" = { device = "/dev/disk/by-uuid/BE49-6634"; fsType = "vfat"; }; - swapDevices = [ { device = "/dev/disk/by-uuid/9b8aa223-f67b-4c1a-9161-a3daec3dfefc"; } ]; - # Mounted data drives for use by glusterfs - fileSystems."/data/brick1" = { device = "/dev/disk/by-label/gfs_ssd1"; fsType = "xfs"; }; - fileSystems."/data/brick2" = { device = "/dev/disk/by-label/gfs_hdd1"; fsType = "xfs"; }; - fileSystems."/data/brick3" = { device = "/dev/disk/by-label/gfs_hdd2"; fsType = "xfs"; }; - # Glusterfs shared storage - fileSystems."/ghost_in_the_stream" = { device = "panam:/gv0"; fsType = "glusterfs"; }; - networking.useDHCP = lib.mkDefault true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - # high-resolution display - hardware.video.hidpi.enable = lib.mkDefault true; - - - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - # don't suspend on lid close - services.logind.lidSwitch = "ignore"; - networking.hostName = "panam"; # Define your hostname. - - system.stateVersion = "22.11"; # Did you read the comment? - })) + ./home_manager.nix + ./panam.nix ]; }; }; diff --git a/home_manager.nix b/home_manager.nix new file mode 100644 index 0000000..964707f --- /dev/null +++ b/home_manager.nix @@ -0,0 +1,131 @@ +{ + home-manager.useGlobalPkgs = true; + home-manager.users.marcus = { config, pkgs, lib, ... }:{ + # This value determines the Home Manager release that your + # configuration is compatible with. This helps avoid breakage + # when a new Home Manager release introduces backwards + # incompatible changes. + # + # You can update Home Manager without changing this value. See + # the Home Manager release notes for a list of state version + # changes in each release. + home.stateVersion = "22.11"; + + home.packages = with pkgs; [ ]; + programs.starship = { + enable = true; + enableBashIntegration = true; + settings = { + add_newline = false; + format = lib.concatStrings [ + "$username" + "$hostname" + "$directory" + "$jobs" + "$cmd_duration" + "$character" + ]; + directory = { + truncation_length = 10; + truncate_to_repo = false; + }; + scan_timeout = 10; + character = { + success_symbol = "➜"; + error_symbol = "➜"; + }; + }; + }; + programs.git = { + enable = true; + userName = "Marcus Godwin"; + userEmail = "godwin3@gatech.edu"; + }; + programs.vim = { + enable = true; + plugins = with pkgs.vimPlugins; [ + nerdcommenter vim-polyglot #parinfer-rust + ]; + settings = { + # Is the need for these obliviated by vim-polyglot using sleuth? + #expandtab = false; + tabstop = 4; + shiftwidth = 4; + }; + extraConfig = '' + set number + set hlsearch + nnoremap m :bn + nnoremap t :tabnew + nnoremap . :tabn + nnoremap , :tabp + nnoremap v :vsplit + nnoremap h :split + nnoremap q :q + inoremap jk + inoremap kj + + " Thanks to https://unix.stackexchange.com/questions/140898/vim-hide-status-line-in-the-bottom + let s:hidden_all = 0 + function! ToggleHiddenAll() + if s:hidden_all == 0 + let s:hidden_all = 1 + set noshowmode + set noruler + set laststatus=0 + set noshowcmd + else + let s:hidden_all = 0 + set showmode + set ruler + set laststatus=2 + set showcmd + endif + endfunction + + nnoremap :call ToggleHiddenAll() + ''; + }; + programs.tmux = { + enable = true; + extraConfig = '' + #$Id: vim-keys.conf,v 1.2 2010-09-18 09:36:15 nicm Exp $ + # + # vim-keys.conf, v1.2 2010/09/12 + # + # By Daniel Thau. Public domain. + # + # This configuration file binds many vi- and vim-like bindings to the + # appropriate tmux key bindings. Note that for many key bindings there is no + # tmux analogue. This is intended for tmux 1.3, which handles pane selection + # differently from the previous versions + + # split windows like vim + # vim's definition of a horizontal/vertical split is reversed from tmux's + bind s split-window -v + bind v split-window -h + + # move around panes with hjkl, as one would in vim after pressing ctrl-w + bind h select-pane -L + bind j select-pane -D + bind k select-pane -U + bind l select-pane -R + + # resize panes like vim + # feel free to change the "1" to however many lines you want to resize by, only + # one at a time can be slow + bind < resize-pane -L 1 + bind > resize-pane -R 1 + bind - resize-pane -D 1 + bind + resize-pane -U 1 + + # bind : to command-prompt like vim + # this is the default in tmux already + bind : command-prompt + + # vi-style controls for copy mode + setw -g mode-keys vi + ''; + }; + }; +} diff --git a/panam.nix b/panam.nix new file mode 100644 index 0000000..0a9126e --- /dev/null +++ b/panam.nix @@ -0,0 +1,239 @@ +({ config, lib, pkgs, modulesPath, ... }: { + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + # needed for stable restarts of pi-hole container + #boot.cleanTmpDir = true; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { device = "/dev/disk/by-uuid/b22f705d-8d3d-4d6c-997d-226399f03e18"; fsType = "ext4"; }; + fileSystems."/boot" = { device = "/dev/disk/by-uuid/BE49-6634"; fsType = "vfat"; }; + swapDevices = [ { device = "/dev/disk/by-uuid/9b8aa223-f67b-4c1a-9161-a3daec3dfefc"; } ]; + # Mounted data drives for use by glusterfs + fileSystems."/data/brick1" = { device = "/dev/disk/by-label/gfs_ssd1"; fsType = "xfs"; }; + fileSystems."/data/brick2" = { device = "/dev/disk/by-label/gfs_hdd1"; fsType = "xfs"; }; + fileSystems."/data/brick3" = { device = "/dev/disk/by-label/gfs_hdd2"; fsType = "xfs"; }; + # Glusterfs shared storage + #fileSystems."/ghost_in_the_stream" = { device = "panam:/gv0"; fsType = "glusterfs"; }; + networking.useDHCP = lib.mkDefault true; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + # high-resolution display + hardware.video.hidpi.enable = lib.mkDefault true; + + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "panam"; # Define your hostname. + + system.stateVersion = "22.11"; # Did you read the comment? + + nixpkgs.config.allowUnfree = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + time.timeZone = "America/New_York"; + users.extraUsers.marcus = { + name = "marcus"; + isNormalUser = true; + group = "users"; + extraGroups = [ "wheel" "disk" "audio" "video" "networkmanager" "systemd-journal" "sway" "plugdev" "adbusers" "docker" ]; + createHome = true; + home = "/home/marcus"; + shell = "/run/current-system/sw/bin/bash"; + }; + users.extraUsers.nathan = { + name = "nathan"; + isNormalUser = true; + group = "users"; + extraGroups = [ "wheel" "disk" "audio" "video" "networkmanager" "systemd-journal" "sway" "plugdev" "adbusers" "docker" ]; + createHome = true; + home = "/home/nathan"; + shell = "/run/current-system/sw/bin/bash"; + }; + + # Pi Hole + docker setup + virtualisation.oci-containers.backend = "docker"; + virtualisation.docker.autoPrune.enable = true; + + virtualisation.oci-containers.containers.pihole = { + #image = "pihole/pihole:2023.02.2"; + image = "pihole/pihole:latest"; + ports = [ + "5353:53/upd" + "5353:53/tcp" + "9091:80/tcp" + ]; + volumes = [ + "/var/lib/pihole/:/etc/pihole/" + "/var/lib/dnsmasq.d:/etc/dnsmasq.d" + ]; + environment = { + TZ = config.time.timeZone; + WEB_PORT = "80"; + WEBPASSWORD = "critical"; + PIHOLE_DNS_ = "172.17.0.1"; + REV_SERVER = "true"; + REV_SERVER_DOMAIN = "pihole.local"; + REV_SERVER_TARGET = "192.168.1.1"; + REV_SERVER_CIDR = "192.168.1.0/16"; + DNSMASQ_LISTENING = "all"; + }; + extraOptions = [ + "--add-host=host.docker.internal:host-gateway" + ]; + }; + #systemd.services."docker-pihole".postStart = '' + #while ! docker ps | grep pihole; do + #sleep 10s + #echo "Waiting on containers" + #done + #sleep 30s + + #docker exec pihole pihole -a adlist add "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" + #docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/AdguardDNS.txt" + #docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/Easylist.txt" + #docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/Easyprivacy.txt" + + #docker exec pihole pihole -g + #''; + + # Enable flatpak for installing/running steam link software + services.flatpak.enable = true; + + # testing + services.jellyfin.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + pulse.enable = true; + }; + services.dbus.enable = true; + xdg.portal = { + enable = true; + wlr.enable = true; + extraPortals = [pkgs.xdg-desktop-portal-gtk ]; + gtkUsePortal = true; + }; + nixpkgs.overlays = [ + ]; + + programs.sway = { + enable = true; + wrapperFeatures.gtk = true; + extraPackages = with pkgs; [ + swaylock # lockscreen + swayidle + xwayland # for legacy apps + #waybar # status bar + mako # notification daemon + kanshi # autorandr + bemenu # is this right? + i3status + ffmpeg_5-full + ]; + }; + + environment = { + etc = { + "sway/config".source = ./sway_config; + }; + }; + # For steam, and Vulkan in general + hardware.opengl.driSupport = true; + hardware.opengl.driSupport32Bit = true; + + nixpkgs.config.packageOverrides = pkgs: { + vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; + }; + hardware.opengl = { + enable = true; + extraPackages = with pkgs; [ + intel-media-driver + vaapiIntel + vaapiVdpau + libvdpau-va-gl + intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) + ]; + }; + + environment.systemPackages = with pkgs; [ + tmux vim wget curl git w3m iftop iotop killall file unzip zip ripgrep imv killall gomuks htop + firefox-wayland chromium gnome.nautilus + vlc steam transmission-gtk mupdf + foot pavucontrol pywal + sway wayland glib dracula-theme gnome.adwaita-icon-theme wl-clipboard + (pkgs.writeTextFile { + name = "dbus-sway-environment"; + destination = "/bin/dbus-sway-environment"; + executable = true; + + text = '' + dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway + systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr + systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr + ''; + }) + # currently, there is some friction between sway and gtk: + # https://github.com/swaywm/sway/wiki/GTK-3-settings-on-Wayland + # the suggested way to set gtk settings is with gsettings + # for gsettings to work, we need to tell it where the schemas are + # using the XDG_DATA_DIR environment variable + # run at the end of sway config + (pkgs.writeTextFile { + name = "configure-gtk"; + destination = "/bin/configure-gtk"; + executable = true; + text = let + schema = pkgs.gsettings-desktop-schemas; + datadir = "${schema}/share/gsettings-schemas/${schema.name}"; + in '' + export XDG_DATA_DIRS=${datadir}:$XDG_DATA_DIRS + gnome_schema=org.gnome.desktop.interface + gsettings set $gnome_schema gtk-theme 'Dracula' + ''; + }) + ]; + programs.waybar.enable = true; + + # kanshi systemd service + systemd.user.services.kanshi = { + description = "kanshi daemon"; + serviceConfig = { + Type = "simple"; + ExecStart = "${pkgs.kanshi}/bin/kanshi -c kanshi_config_file"; + }; + }; + + services.openssh.enable = true; + services.tailscale.enable = true; + networking.firewall.enable = false; + + #services.pihole = { + #enable = true; + #hostConfig = { + #user = "pihole"; + #enableLingeringForUser = true; + #persistVolumes = true; + #dnsPort = 5335; + #webPort = 8080; + #}; + #piholeConfig.ftl = { + #LOCAL_IPV4 = "192.168.4.200"; + #}; + #piholeConfig.web = { + #virtualHost = "pi.hole"; + #password = "password"; + #}; + #}; + + #networking.firewall.interfaces.eth0 = { + #allowedTCPPorts = [ 5335 8080 ]; + #allowedUDPPorts = [ 5335 ]; + #}; +}) +