bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Lint and format

Browse source
This commit is contained in:
Filippo Berto 2022-06-30 09:30:21 +02:00
parent 9277dc6907
commit 9c0392359b
5 changed files with 68 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

41
home_manager/modules/kitty.nix
View file

@ -1,24 +1,25 @@
{ pkgs, ... }: { pkgs, ... }:
let strPalette = with pkgs.rice; pkgs.lib.rice.palette.toRgbHex rec { let
foreground = colorPalette.normal.white; strPalette = with pkgs.rice; pkgs.lib.rice.palette.toRgbHex rec {
background = colorPalette.normal.black; foreground = colorPalette.normal.white;
color0 = colorPalette.normal.black; background = colorPalette.normal.black;
color1 = colorPalette.normal.red; color0 = colorPalette.normal.black;
color2 = colorPalette.normal.green; color1 = colorPalette.normal.red;
color3 = colorPalette.normal.yellow; color2 = colorPalette.normal.green;
color4 = colorPalette.normal.blue; color3 = colorPalette.normal.yellow;
color5 = colorPalette.normal.magenta; color4 = colorPalette.normal.blue;
color6 = colorPalette.normal.cyan; color5 = colorPalette.normal.magenta;
color7 = colorPalette.normal.white; color6 = colorPalette.normal.cyan;
color8 = colorPalette.bright.black; color7 = colorPalette.normal.white;
color9 = colorPalette.bright.red; color8 = colorPalette.bright.black;
color10 = colorPalette.bright.green; color9 = colorPalette.bright.red;
color11 = colorPalette.bright.yellow; color10 = colorPalette.bright.green;
color12 = colorPalette.bright.blue; color11 = colorPalette.bright.yellow;
color13 = colorPalette.bright.magenta; color12 = colorPalette.bright.blue;
color14 = colorPalette.bright.cyan; color13 = colorPalette.bright.magenta;
color15 = colorPalette.bright.white; color14 = colorPalette.bright.cyan;
}; color15 = colorPalette.bright.white;
};
in in
{ {
programs.kitty = { programs.kitty = {

84
loki/configuration.nix
View file

@ -98,16 +98,19 @@ with lib;
load printers = no load printers = no
smb encrypt = required smb encrypt = required
''; '';
shares = let common = { shares =
"public" = "no"; let
"writeable" = "yes"; common = {
"create mask" = "0700"; "public" = "no";
"directory mask" = "2700"; "writeable" = "yes";
"browseable" = "yes"; "create mask" = "0700";
"guest ok" = "no"; "directory mask" = "2700";
"read only" = "no"; "browseable" = "yes";
"force group" = "users"; "guest ok" = "no";
}; in "read only" = "no";
"force group" = "users";
};
in
{ {
bertof = recursiveUpdate common { bertof = recursiveUpdate common {
path = "/mnt/raid0/bertof"; path = "/mnt/raid0/bertof";
@ -238,36 +241,39 @@ with lib;
systemd.packages = with pkgs; [ syncthing ]; systemd.packages = with pkgs; [ syncthing ];
systemd.services = let common = { systemd.services =
documentation = [ "man:syncthing(1)" ]; let
startLimitIntervalSec = 60; common = {
startLimitBurst = 4; documentation = [ "man:syncthing(1)" ];
after = [ "network.target" ]; startLimitIntervalSec = 60;
environment = { STNORESTART = "yes"; STNOUPGRADE = "yes"; }; startLimitBurst = 4;
wantedBy = [ "default.target" ]; after = [ "network.target" ];
serviceConfig = { environment = { STNORESTART = "yes"; STNOUPGRADE = "yes"; };
Restart = "on-failure"; wantedBy = [ "default.target" ];
RestartSec = 1; serviceConfig = {
SuccessExitStatus = "3 4"; Restart = "on-failure";
RestartForceExitStatus = "3 4"; RestartSec = 1;
SuccessExitStatus = "3 4";
RestartForceExitStatus = "3 4";
Group = config.ids.gids.users; Group = config.ids.gids.users;
MemoryDenyWriteExecute = true; MemoryDenyWriteExecute = true;
NoNewPrivileges = true; NoNewPrivileges = true;
PrivateDevices = true; PrivateDevices = true;
PrivateMounts = true; PrivateMounts = true;
PrivateTmp = true; PrivateTmp = true;
PrivateUsers = true; PrivateUsers = true;
ProtectControlGroups = true; ProtectControlGroups = true;
ProtectHostname = true; ProtectHostname = true;
ProtectKernelModules = true; ProtectKernelModules = true;
ProtectKernelTunables = true; ProtectKernelTunables = true;
RestrictNamespaces = true; RestrictNamespaces = true;
RestrictRealtime = true; RestrictRealtime = true;
RestrictSUIDSGID = true; RestrictSUIDSGID = true;
CapabilityBoundingSet = [ "~CAP_SYS_PTRACE" "~CAP_SYS_ADMIN" "~CAP_SETGID" "~CAP_SETUID" "~CAP_SETPCAP" "~CAP_SYS_TIME" "~CAP_KILL" ]; CapabilityBoundingSet = [ "~CAP_SYS_PTRACE" "~CAP_SYS_ADMIN" "~CAP_SETGID" "~CAP_SETUID" "~CAP_SETPCAP" "~CAP_SYS_TIME" "~CAP_KILL" ];
}; };
}; in };
in
{ {
syncthing-bertof = recursiveUpdate common { syncthing-bertof = recursiveUpdate common {
description = "Syncthing service bertof"; description = "Syncthing service bertof";

2
loki/hardware-configuration.nix
View file

@ -16,7 +16,7 @@
fileSystems."/" = fileSystems."/" =
{ {
device = "/dev/disk/by-uuid/44c53e75-a00d-47bc-a99b-2544fe513e51"; device = "/dev/disk/by-uuid/44c53e75-a00d-47bc-a99b-2544fe513e51";
fsType = "btrfs"; fsType = "btrfs";
}; };

2
odin/configuration-intel.nix
View file

@ -2,7 +2,7 @@
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }: { pkgs, ... }:
{ {
boot.initrd.kernelModules = [ "i915" ]; boot.initrd.kernelModules = [ "i915" ];

3
odin/configuration-nvidia.nix
View file

@ -1,9 +1,6 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ config, ... }:
{ {
boot.initrd.kernelModules = [ "i915" ]; boot.initrd.kernelModules = [ "i915" ];