patate: sync config architecture
authorSéverine Popek <severine.popek@autistici.org>
Fri, 19 Nov 2021 18:19:33 +0000 (19:19 +0100)
committerJulien Moutinho <julm+julm-nix@sourcephile.fr>
Wed, 24 Nov 2021 10:14:34 +0000 (11:14 +0100)
15 files changed:
homes/julm.nix
homes/programs/xmonad.nix
homes/sevy.nix
homes/sevy/hosts/patate.nix [new file with mode: 0644]
hosts/patate.nix
private/root/oignon/nix/binary-cache/priv.pem [deleted file]
private/root/oignon/nix/binary-cache/pub.pem [deleted file]
private/root/oignon/wireguard/wg-intra/privateKey [deleted file]
private/root/patate/wireguard/wg-intra/privateKey [deleted file]
profiles/drawing.nix
profiles/essential.nix
profiles/graphical.nix
profiles/latex.nix [new file with mode: 0644]
profiles/security.nix
profiles/xfce.nix [new file with mode: 0644]

index b9fd3579c563039a0d460f5ff26b2da5fd548ca8..121d241adc94ab60ba04d7f0788e3c93e0d1e32f 100644 (file)
@@ -85,12 +85,4 @@ programs.git = {
   };
 };
 home.stateVersion = "20.09";
-home.sessionPath = [ "${config.home.homeDirectory}/bin" ];
-home.sessionVariables = {
-  EDITOR = "vim";
-  LANG = "fr_FR.UTF-8";
-  LESS = "-FRSX";
-  LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
-  MANPAGER = "less";
-};
 }
index afd6a94ab2221466e26c3f7b5cd34cc69beced01..3d166bd4f5ddbb6ef64ed64f9c0584f43571f350 100644 (file)
@@ -20,29 +20,6 @@ xsession = {
     config = xmonad/xmonad.hs;
   };
 };
-services.screen-locker = {
-  enable = true;
-  lockCmd = toString (pkgs.writeShellScript "xsecurelock" ''
-    export PATH=${with pkgs; lib.makeBinPath [coreutils gnugrep xsecurelock xorg.xset]}
-    XSECURELOCK_BLANK_DPMS_STATE=off \
-    XSECURELOCK_BLANK_TIMEOUT=1 \
-    XSECURELOCK_DIM_TIME_MS=2000 \
-    XSECURELOCK_DISCARD_FIRST_KEYPRESS=0 \
-    XSECURELOCK_SAVER=saver_blank \
-    XSECURELOCK_SHOW_DATETIME=1 \
-    XSECURELOCK_SHOW_HOSTNAME=1 \
-    XSECURELOCK_SHOW_USERNAME=1 \
-    XSECURELOCK_WAIT_TIME_MS=2000 \
-    ${pkgs.xsecurelock}/bin/xsecurelock
-  '');
-    #XSECURELOCK_SWITCH_USER_COMMAND="${pkgs.lightdm}/bin/dm-tool switch-to-greeter" \
-  inactiveInterval = lib.mkDefault 3; # minutes
-  xautolock.detectSleep = true;
-  xss-lock.extraOptions = [
-    "--transfer-sleep-lock"
-    #"-n" "${pkgs.xss-lock}/share/doc/xss-lock/dim-screen.sh"
-  ];
-};
 home.packages = [
   pkgs.acpilight
   pkgs.copyq
@@ -59,8 +36,6 @@ home.packages = [
   pkgs.xorg.xhost
   pkgs.xorg.xmodmap
   pkgs.xorg.xset
-  pkgs.xsecurelock
-  pkgs.xss-lock
 ];
 xresources.properties = {
   "Xft.antialias" = true;
index 5c89f30f30259f2789b5f04de4083454943d61b4..0f87810afd0c54c680128d5fe9247226f738b7ce 100644 (file)
 imports = [
   ./programs.nix
   ./options.nix
+  (import (sevy/hosts + "/${hostName}.nix"))
 ];
-host.desktop =
-  hostName == "patate";
-gtk.enable = config.host.desktop;
-programs.bash.enable = true;
-# error: attribute 'gtk3' missing
-#programs.firefox.enable = config.host.desktop;
 programs.git.enable = true;
 programs.git.package = pkgs.gitMinimal;
-programs.gpg.enable = true;
-programs.htop.enable = true;
-programs.home-manager.enable = true;
-programs.ssh.enable = true;
 programs.vim.enable = true;
-home.file.".profile".text = ''
-  # Tell XFCE to not start ssh-agent
-  if command -v xfconf-query >/dev/null && test ''${DISPLAY:+set}; then
-    xfconf-query -c xfce4-session -p /startup/ssh-agent/enabled -n -t bool -s false
-  fi
-'';
-services.gpg-agent.enable = true;
-services.redshift.enable = config.host.desktop;
-services.screen-locker = {
-  enable = true;
-  lockCmd = toString (pkgs.writeShellScript "xsecurelock" ''
-    export PATH=${with pkgs; lib.makeBinPath [coreutils gnugrep xsecurelock xorg.xset]}
-    XSECURELOCK_BLANK_DPMS_STATE=off \
-    XSECURELOCK_BLANK_TIMEOUT=1 \
-    XSECURELOCK_DIM_TIME_MS=2000 \
-    XSECURELOCK_DISCARD_FIRST_KEYPRESS=0 \
-    XSECURELOCK_SAVER=saver_blank \
-    XSECURELOCK_SHOW_DATETIME=1 \
-    XSECURELOCK_SHOW_HOSTNAME=1 \
-    XSECURELOCK_SHOW_USERNAME=1 \
-    XSECURELOCK_WAIT_TIME_MS=2000 \
-    ${pkgs.xsecurelock}/bin/xsecurelock
-  '');
-    #XSECURELOCK_SWITCH_USER_COMMAND="${pkgs.lightdm}/bin/dm-tool switch-to-greeter" \
-  inactiveInterval = lib.mkDefault 5; # minutes
-  xautolock.detectSleep = true;
-  xss-lock.extraOptions = [
-    "--transfer-sleep-lock"
-    #"-n" "${pkgs.xss-lock}/share/doc/xss-lock/dim-screen.sh"
-  ];
-};
-home.sessionPath = [ "${config.home.homeDirectory}/bin" ];
 home.sessionVariables = {
   EDITOR = "vim -g";
-  LANG = "fr_FR.UTF-8";
-  LESS = "-FRSX";
-  LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
-  MANPAGER = "less";
 };
-home.packages = [
-  pkgs.acpi
-  pkgs.aria2
-  pkgs.aspell
-  pkgs.aspellDicts.fr
-  pkgs.bc
-  pkgs.binutils
-  pkgs.bmon
-  pkgs.coreutils
-  pkgs.croc
-  pkgs.cryptsetup
-  pkgs.curl
-  pkgs.dino
-  #pkgs.dnsutils
-  pkgs.dstat
-  pkgs.ffmpeg
-  pkgs.file
-  pkgs.git-crypt
-  pkgs.go-mtpfs
-  pkgs.gnumake
-  pkgs.gvfs
-  #pkgs.haskell.packages.ghc865.zerobin
-  pkgs.hledger
-  pkgs.hunspell
-  pkgs.hunspellDicts.fr-moderne
-  pkgs.imagemagick
-  pkgs.inetutils
-  pkgs.knot-dns
-  pkgs.less
-  pkgs.linuxPackages.cpupower
-  pkgs.lm_sensors
-  pkgs.lsof
-  pkgs.lsscsi
-  #pkgs.meli
-  pkgs.miniupnpc
-  pkgs.ncdu
-  pkgs.neofetch
-  pkgs.ntfs3g
-  #pkgs.onionshare
-  pkgs.p7zip
-  pkgs.pass
-  pkgs.pciutils
-  pkgs.procps
-  pkgs.rdfind
-  pkgs.smartmontools
-  pkgs.sshfs
-  pkgs.sudo
-  pkgs.tig
-  pkgs.tree
-  pkgs.unzip
-  pkgs.usbutils
-  pkgs.utillinux
-  pkgs.vbetool
-  pkgs.wget
-  pkgs.which
-  pkgs.xdg_utils
-  pkgs.yt-dlp
-  ] ++ lib.optionals config.host.desktop [
-  #pkgs.amule
-  pkgs.chromium
-  pkgs.copyq
-  pkgs.djview
-  pkgs.dmenu
-  pkgs.evince
-  pkgs.firefox
-  #pkgs.freecad
-  pkgs.freeciv_gtk
-  pkgs.geeqie
-  pkgs.gimp
-  pkgs.gparted
-  pkgs.graphviz
-  pkgs.keepass
-  pkgs.libdvdcss
-  pkgs.libreoffice
-  pkgs.liferea
-  pkgs.mplayer
-  pkgs.mumble
-  pkgs.networkmanager-openvpn
-  pkgs.networkmanagerapplet
-  pkgs.pasystray
-  pkgs.pavucontrol
-  (pkgs.qgis.override { extraPythonPackages = (ps: [
-    ps.pyqt5_with_qtwebkit
-  ]); })
-  pkgs.thunderbird
-  pkgs.transmission-gtk
-  pkgs.vlc
-  pkgs.xclip
-  pkgs.xorg.xhost
-  pkgs.xsane
-
-  pkgs.elementary-xfce-icon-theme
-  pkgs.gnome3.gnome-calculator
-  pkgs.gnome3.defaultIconTheme
-  pkgs.gnome3.file-roller
-  pkgs.gnome3.gnome-keyring
-  pkgs.gnome3.seahorse
-  pkgs.hicolor-icon-theme
-  pkgs.xfce.thunar-volman
-];
 }
diff --git a/homes/sevy/hosts/patate.nix b/homes/sevy/hosts/patate.nix
new file mode 100644 (file)
index 0000000..7f5ed95
--- /dev/null
@@ -0,0 +1,33 @@
+{ pkgs, lib, config, ... }:
+{
+imports = [
+  ../../../profiles/chat.nix
+  ../../../profiles/developing.nix
+  ../../../profiles/drawing.nix
+  ../../../profiles/gaming.nix
+  ../../../profiles/graphical.nix
+  ../../../profiles/networking.nix
+  ../../../profiles/office.nix
+  ../../../profiles/security.nix
+  ../../../profiles/sharing.nix
+  ../../../profiles/system.nix
+  ../../../profiles/video.nix
+  ../../../profiles/web.nix
+  ../../../profiles/xfce.nix
+];
+programs.firefox.enable = false; # error: attribute 'gtk3' missing
+programs.bash.shellAliases.riseup = "sudo ip netns exec riseup sudo -u $USER PULSE_SERVER=/run/user/$(id -u $USER)/pulse/native";
+programs.bash.shellAliases.firefox = "riseup firefox";
+programs.gpg.homedir = "${config.home.homeDirectory}/documents/sec/.gnupg";
+home.sessionVariables = {
+  PASSWORD_STORE_DIR = "$HOME/documents/sec/.password-store";
+};
+home.packages = [
+  pkgs.gpsbabel
+  (pkgs.qgis.override { extraPythonPackages = (ps: [
+    ps.pyqt5_with_qtwebkit
+  ]); })
+  #pkgs.libva-utils
+  #pkgs.ristretto
+];
+}
index ec3b0c1a32661c0fe975643f133fc365c00411f7..96d495f12af52e55b9113d9c0171a0b106e1e1aa 100644 (file)
@@ -45,7 +45,7 @@ nix = {
   gc.dates = "weekly";
   gc.options = "--delete-older-than 7d";
   nixPath = lib.mkForce [ ];
-  trustedUsers = [ users.sevy.name ];
+  trustedUsers = [ config.users.users.sevy.name ];
   binaryCaches = [
     "http://nix-localcache.losurdo.wg"
     "ssh://nix-ssh@oignon.wg"
diff --git a/private/root/oignon/nix/binary-cache/priv.pem b/private/root/oignon/nix/binary-cache/priv.pem
deleted file mode 100644 (file)
index c79390e..0000000
Binary files a/private/root/oignon/nix/binary-cache/priv.pem and /dev/null differ
diff --git a/private/root/oignon/nix/binary-cache/pub.pem b/private/root/oignon/nix/binary-cache/pub.pem
deleted file mode 100644 (file)
index 66be1b8..0000000
Binary files a/private/root/oignon/nix/binary-cache/pub.pem and /dev/null differ
diff --git a/private/root/oignon/wireguard/wg-intra/privateKey b/private/root/oignon/wireguard/wg-intra/privateKey
deleted file mode 100644 (file)
index 1c74c2d..0000000
Binary files a/private/root/oignon/wireguard/wg-intra/privateKey and /dev/null differ
diff --git a/private/root/patate/wireguard/wg-intra/privateKey b/private/root/patate/wireguard/wg-intra/privateKey
deleted file mode 100755 (executable)
index 8b1e3ee..0000000
Binary files a/private/root/patate/wireguard/wg-intra/privateKey and /dev/null differ
index f81dbb6cd5b9b7a9c0f55b95db8a367bc436cca7..798dce8753348f2345bab9ce2f9b36e9cd7b0be4 100644 (file)
@@ -10,6 +10,5 @@ home.packages = [
   pkgs.imagemagick
   pkgs.inkscape
   pkgs.optipng
-  (pkgs.texlive.combine { inherit (pkgs.texlive) scheme-medium xdvi ucs; })
 ];
 }
index 0c2cc63288bece3153813756e0c67b0382ccb43b..5b1e68bc879ad78334e814d7377aeae95efa2aaa 100644 (file)
@@ -1,6 +1,7 @@
 { pkgs, lib, config, ... }:
 {
 programs.bash.enable = lib.mkDefault true;
+programs.home-manager.enable = true;
 programs.htop.enable = lib.mkDefault true;
 programs.tmux.enable = lib.mkDefault true;
 home.packages = [
@@ -16,4 +17,12 @@ home.packages = [
   pkgs.utillinux
   pkgs.which
 ];
+home.sessionPath = [ "${config.home.homeDirectory}/bin" ];
+home.sessionVariables = {
+  EDITOR = "vim";
+  LANG = "fr_FR.UTF-8";
+  LESS = "-FRSX";
+  LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
+  MANPAGER = "less";
+};
 }
index d53eff77d7b611edad5964a6d74eb0b45ab21715..020eff7bdccba4de7763d731b740460a15de5361 100644 (file)
@@ -1,6 +1,6 @@
 { pkgs, lib, config, ... }:
 {
-services.redshift.enable = lib.mkDefault true;
+gtk.enable = true;
 home.packages = [
   pkgs.arandr
   pkgs.dmenu
@@ -13,5 +13,34 @@ home.packages = [
   pkgs.x2goclient
   pkgs.xclip
   pkgs.xorg.xkill
+  pkgs.xsecurelock
+  pkgs.xss-lock
 ];
+home.sessionVariables = {
+  EDITOR = "vim -g";
+};
+services.redshift.enable = lib.mkDefault true;
+services.screen-locker = {
+  enable = true;
+  lockCmd = toString (pkgs.writeShellScript "xsecurelock" ''
+    export PATH=${with pkgs; lib.makeBinPath [coreutils gnugrep xsecurelock xorg.xset]}
+    XSECURELOCK_BLANK_DPMS_STATE=off \
+    XSECURELOCK_BLANK_TIMEOUT=1 \
+    XSECURELOCK_DIM_TIME_MS=2000 \
+    XSECURELOCK_DISCARD_FIRST_KEYPRESS=0 \
+    XSECURELOCK_SAVER=saver_blank \
+    XSECURELOCK_SHOW_DATETIME=1 \
+    XSECURELOCK_SHOW_HOSTNAME=1 \
+    XSECURELOCK_SHOW_USERNAME=1 \
+    XSECURELOCK_WAIT_TIME_MS=2000 \
+    ${pkgs.xsecurelock}/bin/xsecurelock
+  '');
+    #XSECURELOCK_SWITCH_USER_COMMAND="${pkgs.lightdm}/bin/dm-tool switch-to-greeter" \
+  inactiveInterval = lib.mkDefault 3; # minutes
+  xautolock.detectSleep = true;
+  xss-lock.extraOptions = [
+    "--transfer-sleep-lock"
+    #"-n" "${pkgs.xss-lock}/share/doc/xss-lock/dim-screen.sh"
+  ];
+};
 }
diff --git a/profiles/latex.nix b/profiles/latex.nix
new file mode 100644 (file)
index 0000000..de7f297
--- /dev/null
@@ -0,0 +1,6 @@
+{ pkgs, lib, config, ... }:
+{
+home.packages = [
+  (pkgs.texlive.combine { inherit (pkgs.texlive) scheme-medium xdvi ucs; })
+];
+}
index 287b3085fb2dc9f82bd9af5176f4c307de4b74cd..535f0b152cc88813d26047593617b31dc685ae74 100644 (file)
@@ -1,5 +1,7 @@
 { pkgs, lib, config, nixosConfig, ... }:
 {
+programs.gpg.enable = true;
+services.gpg-agent.enable = true;
 home.packages = [
   pkgs.mkpasswd
   pkgs.pass
diff --git a/profiles/xfce.nix b/profiles/xfce.nix
new file mode 100644 (file)
index 0000000..dfb2633
--- /dev/null
@@ -0,0 +1,20 @@
+{ pkgs, lib, config, ... }:
+{
+home.file.".profile".text = ''
+  # Tell XFCE to not start ssh-agent
+  if command -v xfconf-query >/dev/null && test ''${DISPLAY:+set}; then
+    xfconf-query -c xfce4-session -p /startup/ssh-agent/enabled -n -t bool -s false
+  fi
+'';
+home.packages = [
+  pkgs.mate.caja # Thunar does not map user_id over sftp://
+  pkgs.elementary-xfce-icon-theme
+  pkgs.gnome3.defaultIconTheme
+  pkgs.gnome3.file-roller
+  pkgs.gnome3.gnome-calculator
+  pkgs.gnome3.gnome-keyring
+  pkgs.gnome3.seahorse
+  pkgs.hicolor-icon-theme
+  pkgs.xfce.thunar-volman
+];
+}