diff --git a/flake.nix b/flake.nix index 978defe..b5ae866 100644 --- a/flake.nix +++ b/flake.nix @@ -102,6 +102,7 @@ ./modules/graphical/plasma.nix ./modules/graphical/hyprland.nix ./modules/graphical/emulators.nix + ./modules/graphical/gamemode.nix ./modules/graphical/shared.nix ./modules/hardware/nvidia.nix ./modules/hardware/ssd.nix diff --git a/modules/adguard.nix b/modules/adguard.nix index bd5d31a..ce80232 100644 --- a/modules/adguard.nix +++ b/modules/adguard.nix @@ -39,7 +39,7 @@ in "answer" = ip; } { - "domain" = "server.local"; + "domain" = "server.home.arpa"; "answer" = ip; } { @@ -47,39 +47,39 @@ in "answer" = ip; } { - "domain" = "adguard.local"; + "domain" = "adguard.home.arpa"; "answer" = ip; } { - "domain" = "nextcloud.local"; + "domain" = "nextcloud.home.arpa"; "answer" = ip; } { - "domain" = "kavita.local"; + "domain" = "kavita.home.arpa"; "answer" = ip; } { - "domain" = "yt.local"; + "domain" = "yt.home.arpa"; "answer" = ip; } { - "domain" = "nextcloud.local"; + "domain" = "nextcloud.home.arpa"; "answer" = wireguardIp; } { - "domain" = "kavita.local"; + "domain" = "kavita.home.arpa"; "answer" = wireguardIp; } { - "domain" = "yt.local"; + "domain" = "yt.home.arpa"; "answer" = wireguardIp; } { - "domain" = "turnserver.local"; + "domain" = "turnserver.home.arpa"; "answer" = wireguardIp; } { - "domain" = "inverter.local"; + "domain" = "inverter.home.arpa"; "answer" = "192.168.0.9"; } ]; diff --git a/modules/backup.nix b/modules/backup.nix index 846d04a..76b7a9c 100644 --- a/modules/backup.nix +++ b/modules/backup.nix @@ -37,10 +37,10 @@ passwordFile = config.age.secrets.restic-pw.path; paths = [ "/home" - "/var/backup/postgresql" - "/mnt/250ssd/matrix-synapse/media_store/" - "/mnt/250ssd/nextcloud" - "/mnt/250ssd/paperless" + "/var/backup/postgresql" + "/mnt/250ssd/matrix-synapse/media_store/" + "/mnt/250ssd/nextcloud" + "/mnt/250ssd/paperless" "/mnt/250ssd/kavita" ]; exclude = [ @@ -62,10 +62,10 @@ passwordFile = config.age.secrets.restic-pw.path; paths = [ "/home" - "/var/backup/postgresql" - "/mnt/250ssd/matrix-synapse/media_store/" - "/mnt/250ssd/nextcloud" - "/mnt/250ssd/paperless" + "/var/backup/postgresql" + "/mnt/250ssd/matrix-synapse/media_store/" + "/mnt/250ssd/nextcloud" + "/mnt/250ssd/paperless" ]; exclude = [ "/home/**/Cache" @@ -97,6 +97,7 @@ environmentFile = config.age.secrets.restic-s3.path; paths = [ "/home" + "/var/backup/postgresql" ]; pruneOpts = [ "--keep-daily 5" "--keep-weekly 5" "--keep-monthly 12" "--keep-yearly 75" ]; timerConfig = { diff --git a/modules/graphical/gamemode.nix b/modules/graphical/gamemode.nix new file mode 100644 index 0000000..a9fc680 --- /dev/null +++ b/modules/graphical/gamemode.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, ... }: + +{ + programs.gamemode = { + enable = true; + settings.custom = { + start = "${pkgs.libnotify}/bin/notify-send 'GameMode started'"; + end = "${pkgs.libnotify}/bin/notify-send 'GameMode ended'"; + }; + }; +} diff --git a/modules/graphical/hyprland.nix b/modules/graphical/hyprland.nix index 1bc860b..e39cc50 100644 --- a/modules/graphical/hyprland.nix +++ b/modules/graphical/hyprland.nix @@ -176,9 +176,11 @@ in konsole = "${pkgs.konsole}/bin/konsole"; thunar = "${pkgs.xfce.thunar}/bin/thunar"; wl-copy = "${pkgs.wl-clipboard}/bin/wl-copy"; + wl-paste = "${pkgs.wl-clipboard}/bin/wl-paste"; grim = "${pkgs.grim}/bin/grim"; slurp = "${pkgs.slurp}/bin/slurp"; swww = "${pkgs.swww}/bin/swww"; + pdfgrep = "${pkgs.pdfgrep}/bin/pdfgrep"; in [ "$mainMod, Q, exec, ${konsole}" "$mainMod, C, killactive" @@ -186,10 +188,12 @@ in "$mainMod, E, exec, ${thunar}" "$mainMod, V, togglefloating" "$mainMod, I, exec, ${rofi} -show drun -show-icons" - "$mainMod, S, exec, cat ~/songs | shuf -n 1 | sed \"s/^/b\.p /g\" | ${wl-copy}" + "$mainMod, S, exec, cat ~/songs | shuf -n 0 | sed \"s/^/b\.p /g\" | ${wl-copy}" "$mainMod, R, exec, ${swww} img $(ls -d ~/Nextcloud/dinge/Bg/* | shuf -n 1)" " , Print, exec, ${grim} -g \"$(${slurp} -d)\" - | ${wl-copy}" "ALT, SPACE, exec, ${rofi} -show combi" + + #"$mainMod, G, exec, ${wl-paste} | grep -C 10 -f - ~/Nextcloud/old_gdrive/fh/risikomanagement/crisam.txt | sed 's/^[ \\t]*//' | sed 's/[ \\t]*$//' | ${wl-copy}" "$mainMod, P, pseudo" # dwindle "$mainMod, J, togglesplit" # dwindle # Move focus with mainMod + arrow keys @@ -263,6 +267,35 @@ in "${pkgs.dunst}/bin/dunst &" ]; }; + extraConfig = let + wl-copy = "${pkgs.wl-clipboard}/bin/wl-copy"; + wl-paste = "${pkgs.wl-clipboard}/bin/wl-paste"; + in '' + bind = $mainMod, A, submap, notes + + submap = notes + # below + bind = $mainMod, B, exec, ${wl-paste} | grep -B 15 -i -f - ~/Nextcloud/old_gdrive/fh/risikomanagement/crisam.txt | sed 's/[ \t]*$//' | ${wl-copy} + # above + bind = $mainMod, A, exec, ${wl-paste} | grep -A 15 -i -f - ~/Nextcloud/old_gdrive/fh/risikomanagement/crisam.txt | sed 's/[ \t]*$//' | ${wl-copy} + # context + bind = $mainMod, C, exec, ${wl-paste} | grep -C 15 -i -f - ~/Nextcloud/old_gdrive/fh/risikomanagement/crisam.txt | sed 's/[ \t]*$//' | ${wl-copy} + # trim + bind = $mainMod, T, exec, ${wl-paste} | sed 's/[ \t]*$//' | sed 's/^[ \t]*//' | ${wl-copy} + # notes + bind = $mainMod, 1, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/1.txt | ${wl-copy} + bind = $mainMod, 2, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/2.txt | ${wl-copy} + bind = $mainMod, 3, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/3.txt | ${wl-copy} + bind = $mainMod, 4, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/4.txt | ${wl-copy} + bind = $mainMod, 5, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/5.txt | ${wl-copy} + bind = $mainMod, 6, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/6.txt | ${wl-copy} + bind = $mainMod, 7, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/7.txt | ${wl-copy} + bind = $mainMod, 8, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/8.txt | ${wl-copy} + bind = $mainMod, 0, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/0.txt | ${wl-copy} + + bind = , escape, submap, reset + submap = reset + ''; }; programs.waybar = { enable = true; diff --git a/modules/graphical/shared.nix b/modules/graphical/shared.nix index 17e2375..4c0532b 100644 --- a/modules/graphical/shared.nix +++ b/modules/graphical/shared.nix @@ -10,6 +10,7 @@ in enable = true; remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server + gamescopeSession.enable = true; }; programs.kdeconnect.enable = true; diff --git a/modules/hardware/nvidia.nix b/modules/hardware/nvidia.nix index e09bd32..1017c4e 100644 --- a/modules/hardware/nvidia.nix +++ b/modules/hardware/nvidia.nix @@ -28,6 +28,6 @@ # accessible via `nvidia-settings`. nvidiaSettings = true; # Optionally, you may need to select the appropriate driver version for your specific GPU. - package = config.boot.kernelPackages.nvidiaPackages.production; + package = config.boot.kernelPackages.nvidiaPackages.beta; }; } diff --git a/modules/invidious.nix b/modules/invidious.nix index 24e248f..381a20f 100644 --- a/modules/invidious.nix +++ b/modules/invidious.nix @@ -1,6 +1,6 @@ { config, vars, ...} : let - fqdn = "yt.local"; + fqdn = "yt.home.arpa"; useHttps = config.services.step-ca.enable; in { @@ -53,6 +53,8 @@ in services.nginx.virtualHosts."${fqdn}" = { forceSSL = useHttps; enableACME = useHttps; + quic = useHttps; + http3 = useHttps; locations."/" = { recommendedProxySettings = true; proxyPass = "http://127.0.0.1:8007"; diff --git a/modules/kavita.nix b/modules/kavita.nix index ebf759e..a78ccea 100644 --- a/modules/kavita.nix +++ b/modules/kavita.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, inputs, ... }: let - fqdn = "kavita.local"; + fqdn = "kavita.home.arpa"; useHttps = config.services.step-ca.enable; in { @@ -36,6 +36,8 @@ in services.nginx.virtualHosts."${fqdn}" = { forceSSL = useHttps; enableACME = useHttps; + quic = useHttps; + http3 = useHttps; locations."/".proxyPass = "http://127.0.0.1:5000"; locations."/".extraConfig = '' add_header Access-Control-Allow-Origin *; diff --git a/modules/nextcloud.nix b/modules/nextcloud.nix index 67c6cfd..90b6fde 100644 --- a/modules/nextcloud.nix +++ b/modules/nextcloud.nix @@ -1,7 +1,7 @@ { config, pkgs, lib, inputs, vars, ... }: let wireguardIp = vars.wireguardIp; - fqdn = "nextcloud.local"; + fqdn = "nextcloud.home.arpa"; useHttps = config.services.step-ca.enable; in { @@ -41,11 +41,11 @@ in enable = true; package = pkgs.nextcloud27; https = true; - hostName = "nextcloud.local"; + hostName = "nextcloud.home.arpa"; config.adminpassFile = config.age.secrets.nextcloud-admin.path; config.dbtype = "pgsql"; database.createLocally = true; - config.extraTrustedDomains = [ wireguardIp ]; + config.extraTrustedDomains = [ wireguardIp "nextcloud.home.arpa" ]; home = "/mnt/250ssd/nextcloud"; extraApps = with config.services.nextcloud.package.packages.apps; { inherit keeweb onlyoffice calendar mail; diff --git a/modules/nginx.nix b/modules/nginx.nix index 341b17e..86e72dd 100644 --- a/modules/nginx.nix +++ b/modules/nginx.nix @@ -1,5 +1,7 @@ +{ pkgs, ... }: { networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedUDPPorts = [ 80 443 ]; systemd.tmpfiles.rules = [ "d /data 0770 github-actions-runner nginx -" @@ -8,6 +10,7 @@ services.nginx = { enable = true; + package = pkgs.nginxQuic; # Use recommended settings recommendedGzipSettings = true; @@ -24,12 +27,14 @@ #serverAliases = [ # "www.kopatz.ddns.net" # "server.home" - # "server.local" + # "server.home.arpa" # "192.168.0.6" #]; root = "/data/website"; forceSSL = true; enableACME = true; + quic = true; + http3 = true; locations."~* \\.(jpg)$".extraConfig= '' add_header Access-Control-Allow-Origin *; ''; @@ -43,19 +48,15 @@ proxy_set_header X-NginX-Proxy true; proxy_pass http://localhost:5091; ''; - locations."/tracker-site" = { - tryFiles = "$uri $uri/ /tracker-site/index.html =404"; - }; + locations."/tracker-site" = { + tryFiles = "$uri $uri/ /tracker-site/index.html =404"; + }; locations."/tracker-site/api" = { extraConfig ='' rewrite /tracker-site/api/(.*) /$1 break; ''; proxyPass = "http://127.0.0.1:8080"; }; - - #locations."~/books(.*)$" = { - # proxyPass = "http://127.0.0.1:5000"; - #}; }; #discord bot for tracking useractivity public version "activitytracker.site" = { @@ -65,6 +66,8 @@ root = "/data/website/tracker-site-public"; forceSSL = true; enableACME = true; + quic = true; + http3 = true; locations."/" = { tryFiles = "$uri $uri/ /index.html =404"; }; @@ -75,10 +78,10 @@ proxyPass = "http://127.0.0.1:8081"; }; }; - "adguard.local" = { + "adguard.home.arpa" = { locations."/".proxyPass = "http://127.0.0.1:3000"; }; - "kavita.local" = { + "kavita.home.arpa" = { locations."/".proxyPass = "http://127.0.0.1:5000"; locations."/".extraConfig = '' add_header Access-Control-Allow-Origin *; diff --git a/modules/postgres.nix b/modules/postgres.nix index 07a7f30..893aa04 100644 --- a/modules/postgres.nix +++ b/modules/postgres.nix @@ -3,8 +3,9 @@ services.postgresql = { enable = true; authentication = pkgs.lib.mkOverride 10 '' - #type database DBuser auth-method optional_ident_map - local sameuser all peer map=superuser_map + #type database DBuser auth-method optional_ident_map + local sameuser all peer map=superuser_map + local all postgres peer ''; identMap = '' # ArbitraryMapName systemUser DBUser diff --git a/modules/step-ca.nix b/modules/step-ca.nix index b2b41d2..e4751eb 100644 --- a/modules/step-ca.nix +++ b/modules/step-ca.nix @@ -49,7 +49,7 @@ in port = 8443; intermediatePasswordFile = config.age.secrets.step-ca-pw.path; settings = { - dnsNames = [ "localhost" "127.0.0.1" "*.local" ]; + dnsNames = [ "localhost" "127.0.0.1" "*.home.arpa" ]; root = pkgs.writeTextFile { name = "root.ca"; text = root_ca; diff --git a/systems/pc/configuration.nix b/systems/pc/configuration.nix index e598c40..f89929b 100644 --- a/systems/pc/configuration.nix +++ b/systems/pc/configuration.nix @@ -81,8 +81,8 @@ # services.xserver.libinput.enable = true; # Enable automatic login for the user. - services.xserver.displayManager.autoLogin.enable = true; - services.xserver.displayManager.autoLogin.user = "kopatz"; + #services.xserver.displayManager.autoLogin.enable = true; + #services.xserver.displayManager.autoLogin.user = "kopatz"; # Allow unfree packages nixpkgs.config.allowUnfree = true; diff --git a/users/kopatz.nix b/users/kopatz.nix index bb67028..e7cf1f9 100644 --- a/users/kopatz.nix +++ b/users/kopatz.nix @@ -51,6 +51,19 @@ in enableZshIntegration = true; nix-direnv.enable = true; }; + programs.lf = { + enable = true; + previewer.source = pkgs.writeShellScript "pv.sh" '' + #!/bin/sh + case "$(${pkgs.file}/bin/file -Lb --mime-type -- "$1")" in + #image/*|video/*) ${pkgs.chafa}/bin/chafa -f sixel -s "$2x$3" --animate false $1;; + application/x-tar) tar tf "$1";; + application/vnd.rar) ${pkgs.p7zip}/bin/7z l "$1";; + application/x-7z-compressed) ${pkgs.p7zip}/bin/7z l "$1";; + *) ${pkgs.ctpv}/bin/ctpv "$1";; + esac + ''; + }; home.stateVersion = "23.05"; }; };