julian/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Compare commits

base: julian:08cf457aa3297eb23f7c5cd729d55b863a95145f
Branches Tags
julian:master julian:flake-updates julian:aurora julian:laptop
...
compare: julian:710c1dedb892a5e6462dd30254686c19bfc9ab2b
Branches Tags
julian:flake-updates julian:master julian:aurora julian:laptop

7 Commits
08cf457aa3 ... 710c1dedb8

Author SHA1 Message Date
Julian Mutter
710c1dedb8 install additional software
Some checks failed
Update Nix Flake / update-flake (push) Failing after 13s
Details
2025-10-05 15:36:37 +02:00
Julian Mutter
28ec5c73d4 format code 2025-10-05 15:36:26 +02:00
Julian Mutter
fc7285bd5c setup pob user for running pob2-frajul 2025-10-05 15:36:06 +02:00
Julian Mutter
11ee156b29 pipewire: try fixing video conference freeze 2025-10-05 15:34:21 +02:00
Julian Mutter
2dba549787 builder: setup as jenkins node 2025-10-05 15:33:58 +02:00
Julian Mutter
d28c7d870c add caches to substituters 2025-10-05 15:32:52 +02:00
Julian Mutter
8bf17e74ef use stable nixos-25.05 instead of unstable 2025-10-05 15:30:41 +02:00
16 changed files with 189 additions and 60 deletions
Expand all files Collapse all files

90
flake.lock generated
View File

@@ -38,11 +38,11 @@
"utils": "utils"
},
"locked": {
"lastModified": 1749105467,
"narHash": "sha256-hXh76y/wDl15almBcqvjryB50B0BaiXJKk20f314RoE=",
"lastModified": 1756719547,
"narHash": "sha256-N9gBKUmjwRKPxAafXEk1EGadfk2qDZPBQp4vXWPHINQ=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "6bc76b872374845ba9d645a2f012b764fecd765f",
"rev": "125ae9e3ecf62fb2c0fd4f2d894eb971f1ecaed2",
"type": "github"
},
"original": {
@@ -58,11 +58,11 @@
]
},
"locked": {
"lastModified": 1753140376,
"narHash": "sha256-7lrVrE0jSvZHrxEzvnfHFE/Wkk9DDqb+mYCodI5uuB8=",
"lastModified": 1758287904,
"narHash": "sha256-IGmaEf3Do8o5Cwp1kXBN1wQmZwQN3NLfq5t4nHtVtcU=",
"owner": "nix-community",
"repo": "disko",
"rev": "545aba02960caa78a31bd9a8709a0ad4b6320a5c",
"rev": "67ff9807dd148e704baadbd4fd783b54282ca627",
"type": "github"
},
"original": {
@@ -111,11 +111,11 @@
]
},
"locked": {
"lastModified": 1753121425,
"narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=",
"lastModified": 1759362264,
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "644e0fc48951a860279da645ba77fe4a6e814c5e",
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881",
"type": "github"
},
"original": {
@@ -203,15 +203,16 @@
]
},
"locked": {
"lastModified": 1753470191,
"narHash": "sha256-hOUWU5L62G9sm8NxdiLWlLIJZz9H52VuFiDllHdwmVA=",
"lastModified": 1758463745,
"narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "a1817d1c0e5eabe7dfdfe4caa46c94d9d8f3fdb6",
"rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.05",
"repo": "home-manager",
"type": "github"
}
@@ -245,16 +246,16 @@
]
},
"locked": {
"lastModified": 1748294338,
"narHash": "sha256-FVO01jdmUNArzBS7NmaktLdGA5qA3lUMJ4B7a05Iynw=",
"lastModified": 1754860581,
"narHash": "sha256-EM0IE63OHxXCOpDHXaTyHIOk2cNvMCGPqLt/IdtVxgk=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "cc5f390f7caf265461d4aab37e98d2292ebbdb85",
"rev": "babfe85a876162c4acc9ab6fb4483df88fa1f281",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.0.8",
"ref": "v0.1.1",
"repo": "ixx",
"type": "github"
}
@@ -348,11 +349,11 @@
]
},
"locked": {
"lastModified": 1753455814,
"narHash": "sha256-c78Dm4hxF9z1grjKbkKPvkOccIIxIl+optGRL0UDnf4=",
"lastModified": 1754476755,
"narHash": "sha256-vSF0VMEmPMzwNkrXIZwkhOSYmKES9BaDK/LlEe7/q8E=",
"owner": "doronbehar",
"repo": "nix-matlab",
"rev": "550d8ad0c21c63991e873bf4dcfe3d69adc1a2f1",
"rev": "0e9c9fb660f9e1a1e4d59fd083e0212a15b513e2",
"type": "gitlab"
},
"original": {
@@ -363,11 +364,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1753122741,
"narHash": "sha256-nFxE8lk9JvGelxClCmwuJYftbHqwnc01dRN4DVLUroM=",
"lastModified": 1759582739,
"narHash": "sha256-spZegilADH0q5OngM86u6NmXxduCNv5eX9vCiUPhOYc=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "cc66fddc6cb04ab479a1bb062f4d4da27c936a22",
"rev": "3441b5242af7577230a78ffb03542add264179ab",
"type": "github"
},
"original": {
@@ -407,18 +408,18 @@
"type": "github"
}
},
"nixpkgs-stable": {
"nixpkgs-unstable": {
"locked": {
"lastModified": 1751274312,
"narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=",
"lastModified": 1759381078,
"narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674",
"rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.11",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
@@ -437,16 +438,16 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1753250450,
"narHash": "sha256-i+CQV2rPmP8wHxj0aq4siYyohHwVlsh40kV89f3nw1s=",
"lastModified": 1759580034,
"narHash": "sha256-YWo57PL7mGZU7D4WeKFMiW4ex/O6ZolUS6UNBHTZfkI=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "fc02ee70efb805d3b2865908a13ddd4474557ecf",
"rev": "3bcc93c5f7a4b30335d31f21e2f1281cba68c318",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
@@ -461,15 +462,16 @@
"systems": "systems_5"
},
"locked": {
"lastModified": 1753487377,
"narHash": "sha256-dEr3pYtC4/1PhP5ADIV8Fjjmxv6WC6UisQAUqtwdews=",
"lastModified": 1758373036,
"narHash": "sha256-tm73KNHsGQwAAoFEcAvuXAmHf3KaWLSuf/R9UQ6WMnU=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "3d09c8eaceb7a78ef9f5568024da1616f00c33e3",
"rev": "a30decbd5fc231e84dfefeb75bc7f57d8167726c",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "nixos-25.05",
"repo": "nixvim",
"type": "github"
}
@@ -484,11 +486,11 @@
]
},
"locked": {
"lastModified": 1753385846,
"narHash": "sha256-XDu9T2o6Rxe0acpchwQ2aXaRfE/uEYALpVbf+9QDEO4=",
"lastModified": 1758662783,
"narHash": "sha256-igrxT+/MnmcftPOHEb+XDwAMq3Xg1Xy7kVYQaHhPlAg=",
"owner": "NuschtOS",
"repo": "search",
"rev": "5c7e4eff303cba8447ffb443522b3c72bc47a9ba",
"rev": "7d4c0fc4ffe3bd64e5630417162e9e04e64b27a4",
"type": "github"
},
"original": {
@@ -509,7 +511,7 @@
"nix-matlab": "nix-matlab",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-unstable": "nixpkgs-unstable",
"nixvim": "nixvim",
"sheet-organizer": "sheet-organizer",
"sops-nix": "sops-nix",
@@ -546,11 +548,11 @@
]
},
"locked": {
"lastModified": 1752544651,
"narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=",
"lastModified": 1759635238,
"narHash": "sha256-UvzKi02LMFP74csFfwLPAZ0mrE7k6EiYaKecplyX9Qk=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "2c8def626f54708a9c38a5861866660395bb3461",
"rev": "6e5a38e08a2c31ae687504196a230ae00ea95133",
"type": "github"
},
"original": {
@@ -685,11 +687,11 @@
"yazi-flavors": {
"flake": false,
"locked": {
"lastModified": 1751970029,
"narHash": "sha256-RtunaCs1RUfzjefFLFu5qLRASbyk5RUILWTdavThRkc=",
"lastModified": 1758842767,
"narHash": "sha256-+awiEG5ep0/6GaW8YXJ7FP0/xrL4lSrJZgr7qjh8iBc=",
"owner": "yazi-rs",
"repo": "flavors",
"rev": "d3fd3a5d774b48b3f88845f4f0ae1b82f106d331",
"rev": "2d73b79da7c1a04420c6c5ef0b0974697f947ef6",
"type": "github"
},
"original": {

8
flake.nix
View File

@@ -2,8 +2,8 @@
description = "Home Manager configuration of julian";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
systems.url = "github:nix-systems/default-linux";
nixos-hardware.url = "github:nixos/nixos-hardware";
impermanence.url = "github:nix-community/impermanence";
@@ -11,7 +11,7 @@
deploy-rs.url = "github:serokell/deploy-rs";
home-manager = {
url = "github:nix-community/home-manager";
url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
@@ -33,7 +33,7 @@
flake = false;
};
nixvim = {
url = "github:nix-community/nixvim";
url = "github:nix-community/nixvim/nixos-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-matlab = {

2
homes/julian/features/hyprland/default.nix
View File

@@ -24,7 +24,7 @@ in {
./zathura.nix
./waypipe.nix
./hyprbars.nix
# ./hyprbars.nix
];
xdg.portal = {

2
homes/julian/features/neovim/default.nix
View File

@@ -4,7 +4,7 @@
inputs,
...
}: {
imports = [inputs.nixvim.homeModules.nixvim];
imports = [inputs.nixvim.homeManagerModules.nixvim];
home.sessionVariables = {
EDITOR = "nvim";

6
homes/julian/features/suites/desktop/default.nix
View File

@@ -22,6 +22,7 @@
calibre # ebook manager and viewer
# digikam
discord
discord-ptb # in case discord updates take their time
# dvdisaster
# element-desktop
# rocketchat-desktop
@@ -31,6 +32,7 @@
nheko
evince # Simple pdf reader, good for focusing on document content
firefox
vivaldi
# geogebra
cheese
handbrake
@@ -61,8 +63,12 @@
zotero # Manage papers and other sources
pdfpc # Present slides in pdf form
networkmanager-openvpn
keepassxc
## My scripts
frajul.open-messaging
frajul.xwacomcalibrate
frajul.pob2-frajul
];
}

1
hosts/aspi/default.nix
View File

@@ -5,6 +5,7 @@
../common/global
../common/users/julian
../common/users/yukari
../common/users/pob
../common/optional/binarycaches.nix
../common/optional/remote-builder.nix

66
hosts/builder/default.nix
View File

@@ -1,7 +1,11 @@
# sudo nixos-rebuild switch --flake .#builder --target-host root@192.168.3.118
# or
# deploy .#builder
{config, ...}: {
{
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
@@ -11,6 +15,7 @@
networking.hostName = "builder";
system.stateVersion = "23.11";
users.mutableUsers = false;
users.users.nix = {
isNormalUser = true;
description = "Nix";
@@ -32,10 +37,13 @@
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
"https://hyprland.cachix.org"
"https://devenv.cachix.org"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
];
trusted-users = ["nix"];
@@ -100,9 +108,28 @@
services.openssh = {
enable = true;
# require public key authentication for better security
settings.PasswordAuthentication = true;
settings.PasswordAuthentication = false;
settings.KbdInteractiveAuthentication = false;
settings.PermitRootLogin = "yes";
# Add older algorithms for jenkins ssh-agents-plugin to be compatible
settings.Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
"hmac-sha2-512"
"hmac-sha2-256"
"umac-128@openssh.com"
];
settings.KexAlgorithms = [
"diffie-hellman-group-exchange-sha1"
"diffie-hellman-group14-sha1"
"mlkem768x25519-sha256"
"sntrup761x25519-sha512"
"sntrup761x25519-sha512@openssh.com"
"curve25519-sha256"
"curve25519-sha256@libssh.org"
"diffie-hellman-group-exchange-sha256"
];
};
users.users."root".openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjSZYdoF/51F+ykcBAYVCzCPTF5EEigWBL1APiR0h+H julian@aspi"
@@ -200,7 +227,16 @@
url = "https://gitlab.julian-mutter.de";
name = "builder";
tokenFile = config.sops.secrets."gitea_token".path;
labels = []; # use default labels
labels = [
# provide a debian base with nodejs for actions
"debian-latest:docker://node:18-bullseye"
# fake the ubuntu name, because node provides no ubuntu builds
"ubuntu-latest:docker://node:18-bullseye"
# devenv
"devenv:docker://ghcr.io/cachix/devenv/devenv:latest"
# provide native execution on the host
"nixos:host"
];
};
virtualisation.docker.enable = true;
@@ -271,4 +307,28 @@
"/var/run/docker.sock:/var/run/docker.sock"
];
};
### Jenkins node
users.users.jenkins = {
createHome = true;
home = "/var/lib/jenkins";
group = "jenkins";
isNormalUser = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ36sQhVz3kUEi8754G7r3rboihhG4iqFK/UvQm6SING jenkins@home"
];
packages = with pkgs; [
git
devenv
];
extraGroups = [
"docker"
];
};
users.groups.jenkins = {};
programs.java = {
enable = true;
package = pkgs.jdk21; # Same as jenkins version on home
};
}

6
hosts/builder/secrets.yaml
View File

File diff suppressed because one or more lines are too long

3
hosts/common/optional/binarycaches.nix
View File

@@ -10,11 +10,14 @@
"https://cache.nixos.org/"
"https://hyprland.cachix.org"
"http://binarycache.julian-mutter.de"
"https://devenv.cachix.org"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"binarycache.julian-mutter.de:oJ67uRFwRhNPKL58CHzy3QQLv38Kx7OA1K+6xlEPu7E="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
];
trusted-users = [

2
hosts/common/optional/pcmanfm.nix
View File

@@ -1,7 +1,7 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
shared-mime-info # extended mimetype support
lxmenu-data # open with "Installed Applications"
lxde.lxmenu-data # open with "Installed Applications"
pcmanfm
];

9
hosts/common/optional/pipewire.nix
View File

@@ -3,6 +3,7 @@
services.pulseaudio.enable = false;
services.pipewire = {
enable = true;
wireplumber.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
@@ -14,6 +15,14 @@
"module.x11.bell" = false;
};
};
"10-increase-buffer" = {
"context.properties" = {
"default.clock.rate" = 48000;
"default.clock.quantum" = 1024;
"default.clock.min-quantum" = 1024;
"default.clock.max-quantum" = 2048;
};
};
};
};
}

28
hosts/common/users/pob/default.nix Normal file
View File

@@ -0,0 +1,28 @@
{
pkgs,
config,
...
}: let
ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
in {
users.mutableUsers = false;
users.users.pob = {
description = "A helper user to use another profile for some applications";
group = "pob";
isNormalUser = true;
shell = pkgs.fish;
extraGroups = ifTheyExist [
"networkmanager"
];
packages = with pkgs; [
firefox
wineWowPackages.stable # 32-bit and 64-bit wine
winetricks
];
};
users.groups.pob = {};
security.sudo.extraConfig = ''
julian ALL=(pob) NOPASSWD: ALL
'';
}

5
modules/nixos/hydra-auto-upgrade.nix
View File

@@ -11,7 +11,10 @@ in {
system.hydraAutoUpgrade = {
enable = lib.mkEnableOption "periodic hydra-based auto upgrade";
operation = lib.mkOption {
type = lib.types.enum ["switch" "boot"];
type = lib.types.enum [
"switch"
"boot"
];
default = "switch";
};
dates = lib.mkOption {

4
overlays/default.nix
View File

@@ -25,11 +25,11 @@
my-pkgs = final: prev: {frajul = import ../pkgs {pkgs = final;};};
nixpkgs-stable-unstable = final: prev: {
unstable = import inputs.nixpkgs {
unstable = import inputs.nixpkgs-unstable {
system = prev.system;
config.allowUnfree = true;
};
stable = import inputs.nixpkgs-stable {
stable = import inputs.nixpkgs {
system = prev.system;
config.allowUnfree = true;
};

1
pkgs/default.nix
View File

@@ -13,4 +13,5 @@
pob2 = pkgs.callPackage ./pob2 {};
wl-ocr = pkgs.callPackage ./wl-ocr {};
rtklib = pkgs.qt6Packages.callPackage ./rtklib {};
pob2-frajul = pkgs.callPackage ./pob2-frajul {};
}

16
pkgs/pob2-frajul/default.nix Normal file
View File

@@ -0,0 +1,16 @@
{
writeShellApplication,
xhost,
}:
writeShellApplication {
name = "pob2-frajul";
runtimeInputs = [
xhost
];
text = ''
xhost +
sudo -u pob -i sh /home/pob/pob2.sh
'';
}