{ pkgs, lib, config, hostName, ... }:
{
-imports = [
- ./softwares.nix
- ./options.nix
- julm/mutt.nix
- (import (julm/hosts + "/${hostName}.nix"))
-];
-host.desktop = lib.elem hostName [ /*"losurdo"*/ "oignon" ];
-host.server = lib.elem hostName [ "losurdo" "mermet" ];
-host.admin = lib.elem hostName [ "losurdo" "mermet" "oignon" ];
-host.developer = lib.elem hostName [ "losurdo" "oignon" ];
-host.media = lib.elem hostName [ "losurdo" "oignon" ];
-programs.bat.enable = true;
-programs.bash.enable = true;
-#programs.broot.enable = true;
-programs.firefox = {
- enable = config.host.desktop;
- profiles =
- let defaultProfile = {
- settings = {
- "browser.bookmarks.showMobileBookmarks" = true;
- "browser.search.isUS" = false;
- "browser.search.region" = "FR";
- "distribution.searchplugins.defaultLocale" = "fr-FR";
- "general.useragent.locale" = "fr-FR";
- "security.identityblock.show_extended_validation" = true;
- "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
- };
- userChrome = builtins.readFile softwares/firefox/userChrome.css;
- }; in {
- "rp4xy6ye.2021" = lib.mkMerge [defaultProfile {
- id = 0;
- name = "2021";
- settings = {
- "browser.startup.homepage" = "https://code.sourcephile.fr";
- };
- }];
- "8y3d28fa.tor" = lib.mkMerge [defaultProfile {
- id = 1;
- name = "tor";
+ imports = [
+ ../home-manager/profiles/essential.nix
+ ../home-manager/profiles/vim.nix
+ ../home-manager/options.nix
+ julm/mutt.nix
+ (import (julm/hosts + "/${hostName}.nix"))
+ ];
+ programs.bash.shellAliases = {
+ firefox-calyx = "sudo systemd-run -P -p JoinsNamespaceOf=netns-calyx.service -p PrivateNetwork=true -p BindReadOnlyPaths=/etc/netns/calyx/resolv.conf:/etc/resolv.conf -E DISPLAY=$DISPLAY -p User=julm -E DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS -E LANG=$LANG -E LOCALE_ARCHIVE=$LOCALE_ARCHIVE -E PATH=$PATH -- firefox -P calyx";
+ };
+ programs.firefox.profiles =
+ let
+ defaultProfile = {
settings = {
- "browser.startup.homepage" = "https://check.torproject.org";
+ "browser.bookmarks.showMobileBookmarks" = true;
+ "browser.compactmode.show" = true;
+ "browser.search.isUS" = false;
+ "browser.search.region" = "FR";
+ "distribution.searchplugins.defaultLocale" = "fr-FR";
+ "dom.security.https_first" = true;
+ "dom.security.https_only_mode" = true;
+ "general.useragent.locale" = "fr-FR";
+ "privacy.globalprivacycontrol.enabled" = true;
+ "privacy.globalprivacycontrol.functionality.enabled" = true;
+ "security.identityblock.show_extended_validation" = true;
+ "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
+ #"privacy.firstparty.isolate" = true;
};
- }];
+ userChrome = lib.readFile ../home-manager/profiles/firefox/userChrome.css;
+ };
+ in
+ {
+ "0yplujgj.2022" = lib.mkMerge [
+ defaultProfile
+ {
+ id = 0;
+ name = "2022";
+ settings = {
+ "browser.startup.homepage" = "https://democracynow.org";
+ };
+ }
+ ];
+ "8y3d28fa.tor" = lib.mkMerge [
+ defaultProfile
+ {
+ id = 1;
+ name = "tor";
+ settings = {
+ "browser.startup.homepage" = "https://check.torproject.org";
+ "privacy.firstparty.isolate" = true;
+ };
+ }
+ ];
+ "zqa1ck7d.calyx" = lib.mkMerge [
+ defaultProfile
+ {
+ id = 2;
+ name = "calyx";
+ settings = {
+ "browser.startup.homepage" = "https://icanhazip.com";
+ "privacy.firstparty.isolate" = true;
+ };
+ }
+ ];
};
-};
-programs.gpg.enable = true;
-home.file."${config.programs.gpg.homedir}/gpg.conf".text = ''
- # julm@autogeree.net
- trusted-key 0xD15AF7F467E8299B
- # julm@sourcephile.fr (2021-08-12)
- trusted-key 0xA58CD81C3863926F
-'';
-services.gpg-agent.enable = true;
-services.gpg-agent.sshKeys = [
- # julm@autogeree.net
- "D275EBA09C7E1FFBFB47F6EEF164E6D56FB24AB2"
- # julm@sourcephile.fr (2021-08-12)
- "3D94D14514F1EA2B6D62F1275D888897B082415D"
-];
-programs.direnv.enable = true;
-programs.htop.enable = true;
-programs.irssi.enable = hostName == "mermet" || hostName == "losurdo";
-programs.irssi.extraConfig = builtins.readFile julm/irssi/config;
-home.file.".irssi/passwd".text = ''
- FreeNode : ${pkgs.pass}/bin/pass freenode.net/irc/julm
- GeekNode : ${pkgs.pass}/bin/pass geeknode.org/irc/julm
- IndyMedia : ${pkgs.pass}/bin/pass indymedia.org/irc/julm
- Libera : ${pkgs.pass}/bin/pass libera.chat/irc/julm
- OFTC : ${pkgs.pass}/bin/pass oftc.net/irc/julm
- ToileLibre : ${pkgs.pass}/bin/pass toile-libre.org/irc/julm
-'';
-programs.man.enable = true;
-#programs.neovim.enable = true;
-programs.ssh.enable = true;
-programs.ssh.matchBlocks."lan.losurdo.sourcephile.fr" = {
- compression = true; # Helps to get a better framerate with forwardX11
- forwardX11 = true;
- forwardX11Trusted = true;
- serverAliveInterval = 15;
-};
-programs.tmux.enable = true;
-programs.vim.enable = true;
-manual.manpages.enable = true;
-programs.git = {
- enable = true;
- userName = "Julien Moutinho";
- userEmail = "julm@sourcephile.fr";
- signing.key = "0x7182433A39582282929B2A222E3618DD0D087650";
- signing.signByDefault = false;
- package =
- if lib.elem hostName [ "losurdo" "oignon" ]
- then pkgs.gitFull
- else pkgs.gitMinimal;
- extraConfig = {
- sendemail.smtpEncryption = "ssl"; # Yes, "ssl", not "tls" which does not work because it expects STARTTLS.
- sendemail.smtpServer = "mail.sourcephile.fr";
- sendemail.smtpServerPort = "465";
- sendemail.smtpUser = "julm@sourcephile.fr";
- };
-};
-services.redshift.enable = lib.mkDefault config.host.desktop;
-xsession.enable = lib.mkDefault config.host.desktop;
-xsession.windowManager.xmonad.enable = lib.mkDefault config.host.desktop;
-home.stateVersion = "20.09";
-home.sessionPath = [ "${config.home.homeDirectory}/bin" ];
-home.sessionVariables = {
- EDITOR = "vim";
- LANG = "fr_FR.UTF-8";
- LESS = "-FRSX";
- LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
- MANPAGER = "less";
-};
-# Warning: triggers a rebuild of mumble
-#nixpkgs.config.mumble.speechdSupport = lib.mkDefault config.host.desktop;
-home.packages = [
- #pkgs.amfora
- pkgs.bc
- #pkgs.browsh
- #pkgs.cabal2nix
- pkgs.coreutils
- pkgs.croc
- pkgs.curl
- #pkgs.dnsutils
- pkgs.exa
- pkgs.file
- #pkgs.git-remote-gpg
- pkgs.glib # gio
- #pkgs.go-mtpfs
- pkgs.gvfs
- #pkgs.haskell.packages.ghc865.zerobin
- pkgs.htop
- pkgs.hwinfo
- pkgs.inetutils
- #pkgs.ipfs
- #pkgs.i7z
- pkgs.less
- pkgs.lf
- pkgs.lftp
- pkgs.libfaketime
- pkgs.libidn
- pkgs.libxml2.bin
- #pkgs.linuxPackages.cpupower
- #pkgs.linuxPackages.perf
- pkgs.lm_sensors
- pkgs.lsof
- pkgs.lsscsi
- pkgs.mastodon-archive
- #pkgs.meli
- pkgs.mosh
- pkgs.ncdu
- pkgs.ncurses
- pkgs.ntfs3g
- #pkgs.onionshare
- pkgs.openssl
- pkgs.p7zip
- pkgs.pass
- pkgs.pastebinit
- pkgs.pciutils
- pkgs.poppler_utils
- pkgs.powertop
- pkgs.procps
- #pkgs.profanity
- pkgs.pv
- #pkgs.ranger
- #pkgs.ripgrep
- pkgs.sanoid
- #pkgs.sdate
- pkgs.sshfs
- pkgs.tcpdump
- pkgs.tree
- pkgs.unar
- pkgs.unzip
- pkgs.usbutils
- pkgs.utillinux
- pkgs.vbetool
- pkgs.wget
- pkgs.wgetpaste
- pkgs.which
- pkgs.xdg_utils
- pkgs.zfs
- ] ++ lib.optionals config.host.desktop [
- #pkgs.calibre
- #pkgs.chromium
- pkgs.amule
- pkgs.dino
- pkgs.djview
- pkgs.dmenu
- pkgs.evince
- pkgs.freeciv_gtk
- pkgs.gajim
- pkgs.geeqie
- pkgs.gimp
- pkgs.glxinfo
- pkgs.gparted
- pkgs.gpicview
- pkgs.hicolor-icon-theme
- pkgs.keepass
- pkgs.libdvdcss
- pkgs.libreoffice
- pkgs.liferea
- pkgs.mpv
- pkgs.mumble
- pkgs.networkmanager-openvpn
- pkgs.networkmanagerapplet
- pkgs.nix-du
- pkgs.pavucontrol
- pkgs.pdftk
- pkgs.thunderbird
- pkgs.transmission-gtk
- pkgs.vlc
- pkgs.xclip
- pkgs.xorg.xkill
- pkgs.xsane
- pkgs.yubikey-personalization-gui
- ] ++ lib.optionals config.host.media [
- pkgs.aria2
- pkgs.convmv
- pkgs.ffmpeg
- pkgs.imagemagick
- pkgs.mplayer
- pkgs.podl
- pkgs.stig
- pkgs.youtube-dl
- ] ++ lib.optionals config.host.admin [
- #pkgs.compsize
- pkgs.acpi
- pkgs.bmon
- pkgs.cachix
- pkgs.cryptsetup
- pkgs.dstat
- pkgs.e2fsprogs
- pkgs.ethtool
- pkgs.knot-dns
- pkgs.ldns
- pkgs.miniupnpc
- pkgs.nmon
- pkgs.nnn
- pkgs.parted
- pkgs.rdfind
- pkgs.smartmontools
- pkgs.strace
- pkgs.stress-ng
- ] ++ lib.optionals config.host.developer [
- pkgs.aspell
- pkgs.aspellDicts.fr
- pkgs.binutils
- pkgs.binwalk
- #pkgs.dracut not yet packaged
- pkgs.git-crypt
- pkgs.git-quick-stats
- pkgs.gnumake
- pkgs.graphviz
- pkgs.hledger
- pkgs.hunspell
- pkgs.hunspellDicts.fr-moderne
- pkgs.jq
- pkgs.neofetch
- pkgs.nix-prefetch-git
- pkgs.nixpkgs-review
- pkgs.opusTools
- pkgs.patchelf
- pkgs.qprint
- pkgs.reuse
- pkgs.shellcheck
- pkgs.sipcalc
- pkgs.socat
- pkgs.sqlite
- pkgs.tig
- pkgs.xmlstarlet
- pkgs.xsel
- pkgs.yubikey-personalization
+ home.file."${config.programs.gpg.homedir}/gpg.conf".text = ''
+ # julm@autogeree.net
+ trusted-key 0xD15AF7F467E8299B
+ # julm@sourcephile.fr (2021-08-12)
+ trusted-key 0xA58CD81C3863926F
+ '';
+ services.gpg-agent.sshKeys = [
+ # julm@autogeree.net
+ "D275EBA09C7E1FFBFB47F6EEF164E6D56FB24AB2"
+ # julm@sourcephile.fr (2021-08-12)
+ "3D94D14514F1EA2B6D62F1275D888897B082415D"
+ # Ed25519 key added on: 2021-10-31 06:48:49
+ # Fingerprints: MD5:fe:fe:81:79:d8:7f:e4:ff:64:ac:f3:1c:bd:65:24:3a
+ # SHA256:bCfwfC8MQTjm6c1HcMLtzvGpnWRdqLwe/bvbh2jsNaA
+ "F6CCA60CF05FADAE911CFBEC0BCDED22F40A19FD"
];
+ programs.irssi.extraConfig = lib.readFile julm/irssi/config;
+ xdg.configFile."doom/config.el".text = lib.readFile julm/emacs/config.el;
+ home.file.".irssi/passwd".text = ''
+ FreeNode : ${pkgs.pass}/bin/pass freenode.net/irc/julm
+ GeekNode : ${pkgs.pass}/bin/pass geeknode.org/irc/julm
+ IndyMedia : ${pkgs.pass}/bin/pass indymedia.org/irc/julm
+ Libera : ${pkgs.pass}/bin/pass libera.chat/irc/julm
+ OFTC : ${pkgs.pass}/bin/pass oftc.net/irc/julm
+ ToileLibre : ${pkgs.pass}/bin/pass toile-libre.org/irc/julm
+ '';
+ programs.ssh.matchBlocks =
+ {
+ "aubergine.wg" = {
+ compression = true; # Helps to get a better framerate with forwardX11
+ forwardAgent = true;
+ forwardX11 = true;
+ forwardX11Trusted = true;
+ serverAliveInterval = 15;
+ };
+ "patate.wg" = {
+ user = "sevy";
+ #proxyJump = "mermet.wg";
+ };
+ } //
+ lib.genAttrs [ "lan.losurdo.sourcephile.fr" "losurdo.wg" ]
+ (_: {
+ compression = true; # Helps to get a better framerate with forwardX11
+ forwardX11 = true;
+ forwardX11Trusted = true;
+ serverAliveInterval = 15;
+ });
+ programs.git = {
+ userName = "Julien Moutinho";
+ userEmail = "julm@sourcephile.fr";
+ signing.key = "0x4FE467034C11017B429BAC53A58CD81C3863926F";
+ signing.signByDefault = false;
+ extraConfig = {
+ sendemail.smtpEncryption = "ssl"; # Yes, "ssl", not "tls" which does not work because it expects STARTTLS.
+ sendemail.smtpServer = "mail.sourcephile.fr";
+ sendemail.smtpServerPort = "465";
+ sendemail.smtpUser = "julm@sourcephile.fr";
+ };
+ };
}