]> Git — Sourcephile - julm/julm-nix.git/blob - homes/julm.nix
aubergine: sftp: do not bind on off2
[julm/julm-nix.git] / homes / julm.nix
1 { pkgs, lib, config, hostName, ... }:
2 {
3 imports = [
4 ../home-manager/profiles/essential.nix
5 ../home-manager/profiles/vim.nix
6 ../home-manager/options.nix
7 julm/mutt.nix
8 (import (julm/hosts + "/${hostName}.nix"))
9 ];
10 programs.bash.shellAliases = {
11 firefox-calyx = "sudo systemd-run -P -p JoinsNamespaceOf=netns-calyx.service -p PrivateNetwork=true -p BindReadOnlyPaths=/etc/netns/calyx/resolv.conf:/etc/resolv.conf -E DISPLAY=$DISPLAY -p User=julm -E DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS -E LANG=$LANG -E LOCALE_ARCHIVE=$LOCALE_ARCHIVE -E PATH=$PATH -- firefox -P calyx";
12 };
13 programs.browserpass.enable = config.programs.firefox.enable;
14 programs.firefox.profiles =
15 let
16 defaultProfile = {
17 settings = {
18 "browser.bookmarks.showMobileBookmarks" = true;
19 "browser.compactmode.show" = true;
20 "browser.search.isUS" = false;
21 "browser.search.region" = "FR";
22 "distribution.searchplugins.defaultLocale" = "fr-FR";
23 "dom.security.https_first" = true;
24 "dom.security.https_only_mode" = true;
25 "general.useragent.locale" = "fr-FR";
26 "privacy.globalprivacycontrol.enabled" = true;
27 "privacy.globalprivacycontrol.functionality.enabled" = true;
28 "security.identityblock.show_extended_validation" = true;
29 "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
30 #"privacy.firstparty.isolate" = true;
31 };
32 userChrome = lib.readFile ../home-manager/profiles/firefox/userChrome.css;
33 };
34 in
35 {
36 "0yplujgj.2022" = lib.mkMerge [
37 defaultProfile
38 {
39 id = 0;
40 name = "2022";
41 settings = {
42 "browser.startup.homepage" = "https://democracynow.org";
43 };
44 }
45 ];
46 "8y3d28fa.tor" = lib.mkMerge [
47 defaultProfile
48 {
49 id = 1;
50 name = "tor";
51 settings = {
52 "browser.startup.homepage" = "https://check.torproject.org";
53 "privacy.firstparty.isolate" = true;
54 };
55 }
56 ];
57 "zqa1ck7d.calyx" = lib.mkMerge [
58 defaultProfile
59 {
60 id = 2;
61 name = "calyx";
62 settings = {
63 "browser.startup.homepage" = "https://icanhazip.com";
64 "privacy.firstparty.isolate" = true;
65 };
66 }
67 ];
68 };
69 home.file."${config.programs.gpg.homedir}/gpg.conf".text = ''
70 # julm@autogeree.net
71 trusted-key 0xD15AF7F467E8299B
72 # julm@sourcephile.fr (2021-08-12)
73 trusted-key 0xA58CD81C3863926F
74 '';
75 services.gpg-agent.sshKeys = [
76 # julm@autogeree.net
77 "D275EBA09C7E1FFBFB47F6EEF164E6D56FB24AB2"
78 # julm@sourcephile.fr (2021-08-12)
79 "3D94D14514F1EA2B6D62F1275D888897B082415D"
80 # julm@oignon
81 # Ed25519 key added on: 2021-10-31 06:48:49
82 # Fingerprints: MD5:fe:fe:81:79:d8:7f:e4:ff:64:ac:f3:1c:bd:65:24:3a
83 # SHA256:bCfwfC8MQTjm6c1HcMLtzvGpnWRdqLwe/bvbh2jsNaA
84 "F6CCA60CF05FADAE911CFBEC0BCDED22F40A19FD"
85 # Radicle key added on 2024-05-21 23:24:10
86 # Fingerprints: SHA256:yhSIWvGFqN0oM/oTE1hMhEdhlSSEeCMcp/g/3TdNKYY
87 "1D6AF2BF857201D98413475AE022F8A4CFC34BF0"
88 # julm@pumpkin
89 # Ed25519 key added on: 2025-01-08 21:16:22
90 # Fingerprints: MD5:f5:d0:fe:37:c3:54:47:cf:17:ec:9b:f5:15:3e:b3:15
91 # SHA256:EDzxI3g1w+iPf1WUovsbuZckU/tseEGVdXmkGYcvhas
92 "C399CC38D6AACFF9FD1BF608AFC4D117A46331D0"
93 ];
94 programs.irssi.extraConfig = lib.readFile julm/irssi/irssi.conf;
95 xdg.configFile."doom/config.el".text = lib.readFile julm/emacs/config.el;
96 home.file.".irssi/passwd" = lib.mkIf config.programs.irssi.enable {
97 text = ''
98 FreeNode : ${pkgs.pass}/bin/pass freenode.net/irc/julm
99 GeekNode : ${pkgs.pass}/bin/pass geeknode.org/irc/julm
100 IndyMedia : ${pkgs.pass}/bin/pass indymedia.org/irc/julm
101 Libera : ${pkgs.pass}/bin/pass libera.chat/irc/julm
102 OFTC : ${pkgs.pass}/bin/pass oftc.net/irc/julm
103 ToileLibre : ${pkgs.pass}/bin/pass toile-libre.org/irc/julm
104 '';
105 };
106 programs.ssh.matchBlocks =
107 {
108 "aubergine.sp" = {
109 #compression = true; # Helps to get a better framerate with forwardX11
110 forwardAgent = true;
111 forwardX11 = true;
112 forwardX11Trusted = true;
113 serverAliveInterval = 15;
114 extraOptions = {
115 Ciphers = "aes128-gcm@openssh.com";
116 };
117 };
118 "blackberry.sp" = {
119 user = "julm";
120 };
121 "courge.sp" = {
122 user = "mo";
123 };
124 "patate.sp" = {
125 user = "sevy";
126 };
127 } //
128 lib.genAttrs [ "lan.losurdo.sourcephile.fr" "losurdo.sp" ]
129 (_: {
130 compression = true; # Helps to get a better framerate with forwardX11
131 forwardX11 = true;
132 forwardX11Trusted = true;
133 serverAliveInterval = 15;
134 });
135 programs.git = {
136 userName = "Julien Moutinho";
137 userEmail = "julm@sourcephile.fr";
138 signing.key = "0x4FE467034C11017B429BAC53A58CD81C3863926F";
139 signing.signByDefault = false;
140 extraConfig = {
141 sendemail.smtpEncryption = "ssl"; # Yes, "ssl", not "tls" which does not work because it expects STARTTLS.
142 sendemail.smtpServer = "mail.sourcephile.fr";
143 sendemail.smtpServerPort = "465";
144 sendemail.smtpUser = "julm@sourcephile.fr";
145 };
146 };
147 }