From 48a4435e44a7140ce4bf0fc3bdae0a51c9079361 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Mon, 4 Dec 2023 23:13:31 +0100 Subject: [PATCH 01/16] courge: fix target --- hosts/courge/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/hosts/courge/Makefile b/hosts/courge/Makefile index d329433..9f2d2e9 100644 --- a/hosts/courge/Makefile +++ b/hosts/courge/Makefile @@ -6,8 +6,7 @@ cipher := aes-128-gcm autotrim := on reservation := 1G compression := zstd -target := nixos@192.168.3.101 -TARGET := root@192.168.3.101 +TARGET ?= root@192.168.3.101 machine-id.clear: touch -a $@ -- 2.49.0 From 9da6c732412648c8474b4980b6d2242224175216 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Tue, 5 Dec 2023 01:15:33 +0100 Subject: [PATCH 02/16] zfs: hide mountpoints from gvfs --- nixos/profiles/zfs.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/nixos/profiles/zfs.nix b/nixos/profiles/zfs.nix index e5b4db7..87e7abf 100644 --- a/nixos/profiles/zfs.nix +++ b/nixos/profiles/zfs.nix @@ -19,6 +19,7 @@ # Stable enough, clearer, and faster than the default /dev/disk/by-id boot.zfs.devNodes = "/dev/disk/by-partlabel"; # Not useful so far. + # See also https://github.com/NixOS/nixpkgs/issues/62644#issuecomment-1479523469 boot.zfs.forceImportAll = false; # More resilient for remote hosts, # though it may call zpool clear. @@ -37,6 +38,12 @@ services.zfs.trim.enable = true; services.zfs.trim.interval = "Sun *-*-01..07 00:15:00"; + # Hide ZFS mountpoints from gio, hence nautilus or caja + systemd.services.zfs-mount.postStart = '' + /run/wrappers/bin/mount -t zfs | cut -f 1 -d ' ' | + xargs -n 1 -r -t /run/wrappers/bin/mount -o remount,x-gvfs-hide + ''; + environment.systemPackages = [ pkgs.lzop # For remote syncoid pkgs.mbuffer # For remote syncoid -- 2.49.0 From 4d45753f4a8106fff10ff964490257793b51e5bf Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Tue, 5 Dec 2023 01:16:42 +0100 Subject: [PATCH 03/16] courge: gdm: enable to support screen locking --- hosts/courge.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/courge.nix b/hosts/courge.nix index b0e5649..aa62f64 100644 --- a/hosts/courge.nix +++ b/hosts/courge.nix @@ -69,6 +69,7 @@ }; displayManager = { defaultSession = "gnome"; + gdm.enable = true; autoLogin = { user = config.users.users.mo.name; }; -- 2.49.0 From cf98fd630adb0c2bf76012f77816a6885c7cb380 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Tue, 5 Dec 2023 14:46:50 +0100 Subject: [PATCH 04/16] yt-dlp: add yt-dlp-subs alias --- home-manager/profiles/yt-dlp.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home-manager/profiles/yt-dlp.nix b/home-manager/profiles/yt-dlp.nix index 4569b73..dd235e7 100644 --- a/home-manager/profiles/yt-dlp.nix +++ b/home-manager/profiles/yt-dlp.nix @@ -13,6 +13,8 @@ programs.bash.shellAliases = { yt = "yt-dlp"; yt-audio = "yt-dlp -f 'worstaudio[acodec=opus]/worstaudio'"; + yt-subs = "yt-dlp --write-subs --write-auto-sub --skip-download"; + yt-subs-fr = "yt-subs --sub-langs '-all,fr-orig,fr'"; }; xdg.configFile."yt-dlp/config".text = '' #--download-archive .downloaded -- 2.49.0 From 47c82554a761d551124729b0d48808623bf6efc7 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 7 Dec 2023 14:23:11 +0100 Subject: [PATCH 05/16] Add given password for hosts/patate/ssh/host.key to store. --- hosts/patate/ssh/host.key.gpg | Bin 0 -> 1528 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 hosts/patate/ssh/host.key.gpg diff --git a/hosts/patate/ssh/host.key.gpg b/hosts/patate/ssh/host.key.gpg new file mode 100644 index 0000000000000000000000000000000000000000..98d9cb44a5dd217c921c8a8a34f1993b98798ec9 GIT binary patch literal 1528 zcmZQ@_Y83kiVO&0SX38dk+ToIb?!Su>eSI0{Aqh7CY-J6@IUEY6e z6xVYMbwA%aamKX^3WZJ%A?Zw8UR?=aE$A(lX0-kCP^oWFX3*o6r<&rW1-+w%R$>{)F#I)=w*{^nc77!+Bx)%%bAYR?4Alvg=7 zc{f~J_vwV}?0sLd4`i4Zv%0n$P5PstCfL2P%*0@R*oThGt&iD{sAyPTcYJZov+1$e z!pHuP)0ymM9q3X#d$hh!V6W#xqg;zlmz_t;f|v2%?t8dEyzlRwg6S##|Jg}eUa)vF>4_X%)&++JmOl%e!@RSJKn z^<6vODkj~M)fGlzc4b$~#QB-NzTSHAN-pD>>05V5@2Fa^?-0ArpW~?(CDuw2PaiEl z!ZjnTDyAakuu6E*mr1uTByIego2^;p#ed-I>x3t}u4_5HiDR9aq<38CvT(7~ub8Zi z<=O9N@3z0~_8^uk?LqdWdwb`fSrjYu_G8xrO>Ix%5~%{Ni3d%CwYO#p330REytOx3 zoUL{p@5%+jv0Rp(RW8Aud;WFYU!ZNAm*BIae46Hx1vjrUsxiCXKE7ma`~~Z`KOUS- ztc*+l{H8XYvtm!j7P03pwvDsT-Dc@;Kj3Ym*7|@=)#QXR>oVKr#g{XELJfUFcDi%N z+E{T8PMFORFc7JEeb>+%~FD?K}@{X%7V!|JC&F{h;?-turg zT;y{!@Gy&_#%=W~CAO}D1B$h^%xh-UxqiBRclX3^PwIo^*!Rj!*tWFZTBwaFN^^zy z0}iewfs+ltnM+Q(Jp171#5XC6=Rfc7T6r;M+V!&Erz#z;UB0OtxFYgcbEXW#mA>m2 z1zoS~O4HGwH)lIn<%G$}H{PX)3+^{QsXEzWfvddyt8*4FA6efNydyb}`Hs3WkL%*T z(-tckBx_`{?mh1PHTCai-NfXKoZm|4p>*+Ul80R%})gUbaU4#lq(g zKd>?Qe3`wVc*D6V;%CAtlWQh0-*Zbhda@~m!6Z7-GD-IA)@uix?j^OWN`DQTdgA5| zD_M?a#S{7lO(!>8z9E@$Mfk#rvidhk!nHHo`EA@QKEi%?;@m4z&i5j&J?IPEBXuT-)lieZ||DtY2~2 z=YK}rKDv3i+cwrMdu30Co4ob8egDTV$z9iEIOKk=EPlCqjfE4F_uh?tCa0f>E6qEm z?DIWPFxCA+)Mp-!xBDt4M(=v};l57MnQyO|^+fM~?9%jWT4(35$kW}a+)?uC{nu^T z>5`()o_Svn3z3k2Ic=+5nCYd4w_lReZhqvwb$;qawFz^WxAET+xR()S-KS?#9@XrQeV8UsUP`v!%@GYq-;%z}G!BZPKc8-}d{9Pr9?*Sp4-=(VSd~n_MqrPgOYV zjT61G=;uz}5_Th7qY8&VJS;*tR$mpI)bR96V{QDLi!yWG3rY#EFR$FxlB4kB|CZ*v E0PFeb{{R30 literal 0 HcmV?d00001 -- 2.49.0 From 76c320330df1add7a0c55c745b69c8123533fa4f Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 7 Dec 2023 14:24:47 +0100 Subject: [PATCH 06/16] Add given password for hosts/patate/credential.secret to store. --- hosts/patate/credential.secret.gpg | Bin 5226 -> 5246 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/hosts/patate/credential.secret.gpg b/hosts/patate/credential.secret.gpg index b82f9582f5c4d85203050d3d384b1a7f6192ddef..9e2ffc7a6aac474c92e1bfb64724354758655cd4 100644 GIT binary patch literal 5246 zcmZQ@_Y83kiVO&0NZoew%i-_qci2w*cYrIwG0HbZCpv#)oXORP*9}ew7${^v&O2WF zcK!lWhtdO^v(H!DXG+LBygVo4+RizLt9ERgsmeENy>(~5+>?qEPhJ{@U(ehkzs+_Q z^P`_qwTCAZPj8T3{W#-)PePLQO~w)rgS`jp4E--`Z_?P7-Dc&v_4;1Z#4Cg zn%yDxl=(|{hn+o;^z(D~_QkU{EZn2bUXa$%^)Y5~xb=nka>`S-E>B$M$IvFZ{_$5n zRoA7gntUHuE^$8Tu9E!bt^fOVk4|%lEtKP%6(Sk?j8{qR)+M>4-hZ5K83;a{XyX_p z=EpR-)kfraV~vgeecw9MA64tu^1l8lBF`Uj$LVFQfo+&}`QAmo!e6umR6c&m)UP_4 zw){xL%4k`yM4D*b97Gy86 ze|&S#t`j#!KX|z{C{I4sxG+JoMf70j#b}oe+%q_z$(-fB)OTRfxeb37FSdAkR`sOP z+>N_Jzy0;yDzc|%n$*nolUL_X2};jk^*K=|dsK(Lt)^nSmu7;c@fE?$5Z&h)9g_}N zFAsX47xjG&yOws%$Az!9H@^0}t}^HP!pbR!4owWbfA8J%ZF#YWYqIv9oyU7(PocP+ z+XZtAp*;)F3SU%oopfihdHnh#H}A@+W^8r%_&)kr;UZH(m#m2@B`ZV2w^v8(e<~BI zsPyXC!5;@1D~#Bea85Qkwkv3BmeO`-^Fl?(O-ENXuT#9TYa{>Kn^pO&DT!7yG9*|2 z^A~u#)bqWO!t1q@W<8(Jez*AR!n@(q1K+teHR$eeSeNuqXUY^d#@6b{>vb0_nx7Y% zlpD|fE-l#OYySPhH+x(ElSQdBCUE$hJTN+c{QHyyd%bnJdy+c@%rA$nQnFoi^ZK@x zAK5jI%g1R&U+?r+o$C4bukQWUdr^9&$|sg)CN-+g$xO66%YWg;S^hO2*#cjsna^ij z)$=}4sBqRw9u2$hCp$kk6sUige5_n7|Ka}Cn_pbviQ)6@yT3?xsf2iS>8!c7x~FV- z{T8PswXB_dVoivkYg-s|rRt{Xp($^r+)uhTYw{gGa_Pm&CmXJPvF1HyaW6qFg5$*O zhx2wHkDAdG?eM`Qp)r5nnH;Uo1lPw^ljh9!E1UPqQi$7+;og_a?|+La+?^&Ew$16B5XswlK;>PMP+a64RD^robi|=gOW9c`(J2$1My-V-w zIbvtQS8LJ|S8K1b-1Ft5=HQS&*Ghc1dCoXeJAYMJ@a}|{X*sKZrR~|1+BaRVvntD* zF_OnjI6KQAaQ>Y0G)!E%$k!<(?H>%4B``=ER4A>x%0VX1InN$mk5bzw@)n6DRHO z=_@(^znVW;|7-d)e$$PP`%l>?onpNc=CY%!=l!Jp57X3^^1XYpT5u1WPj1CL&TXGN z=OsRy)A`y`rjPfYgGsZafBEd7wr5wXB%(6Z8)Q!<{xQ|LyD_yZkoDEV*{XfP+hWXT zs_F{9o&4Z?%z;(t_8B6iq|X2$liRc`0;@68>bmT%?b%TZ`b?2s(1G^T%qJ)x7%Cm zSa->a#}7(H^~;y?bg?w+_dgZC{xUfwf&*!ar7CnEd&Z@vmhW_6@quOu33{?EgKHu|S z^>>@vc~V+)efF7zEx%E6A;Fz4{|b($)p={BWz-rF5IeL?rcuE@Wd-nu4S{>0;JZ6VdwRqdC`ZG_bn z7Ka+yRtWZnADylFO6q6${}*`={>@ta@zsHtS7v%#(a$uqO*xm(Kiv9VXlH@`+IYz$ zwSmpHhEgv!@cUTYdbRp)u-AeOhs5U{@VEM%d3uUf*UwX7nO$K=U0(42d%MQ{>Bp-* z@e?j?Gn*X4Y;|4Z^xQY8Un7+Myoi_ddXTJgG)iyQ(wWj+=`-{n80@4Z5yf73Wa_rH1O%zvp0>w7n7Op#)+NLm|XH~mfK zk=yQ$w+}8ddtPV!SYdV1Mkk|ajvI_8wqJbw2bZ7W>;bf5J~O*Uv1Nt<5i3X7;|&HR=Aru0sZ07LhAYeop;mw6<)AVb`G@%x_(7 ztk?UlpJVpID;; zjm5bQAH`2K)j3xEge&`|)VVe1r?0Y~8T3MTW9;1EbuJ;r!V=g2o!+9ce68>99m%O` z4L^SWnm;e@aMME%+vLEW8;n{F`L(S|4%bs}XVsj%vAgx&BPnjF=bxsPZ+|cLrm3@j z>qE{!=Jxpy)r#M!Oi^2Iux1_K>)euDuNe>1XH?WEFLsxk5W`}9mZ#-K@tv6xPqxM< zDm&^iwK*;EW@wfB%@gkvp=Ou-ujk1F^IFEOS{Hw=ZISY}zERiVy5M%Z!p!bZhvg*R zinT3F+bqH;I^oAs-YXe(iZ7J(-cER0dc=By|2igX2Z5PpyCRRgX0M;qtRwocC@D?A zR4$|a=*@tAYbAIOojw%R#+B>a61aG>Y%d%0wb<6|^Tu}BW|!@ctvB`H6Ps0Tw5)&m zu7W!5DJ4c{W*k~CQ_}q7Zfc!S%5(qQ6Z7YG7^&Xl%|50eERkI8(y!M)@%#S!Gm8#* zD9_@pyHR+*UZpZR?$hjiah>-*Z?$tinRF~#vg1QQ<^G@Pk}oW88cwom{_)*#*Mxh{ z#p@3gHElXrc;wN;PiI>-3a9^M>wOgV`tvo@dx>H!w_G*8ndPLZ)yuoFP2ov7&BAhR zPLM;A-18-ePu_dPqiFg;aJ}V&H_op=i`@Nm{I0}@qN!U9_ZRZ!CO@>>+sAX`+ANa` z_j;8h?LN=`q2|0IZbz?MMOBGim|a)&#z)GrUdD^vwr@RZe8o7UXUPwRyP0RZEZ*up zD>V6gjkWCHr=-JYc%r%Po|nGE&R`_BP29}SJlaf1qyJs3LJ>!ARsJ!XtZ2Tx2^TgW zD^Fe=u{yQ7WV2DHzFNuBR6g7Fne316{5X4et!hcyl>RGc0@7@cuHim0^$i2}r^QOA z+R2H0=5td;!vtzv-!%?%Sh7|qSqk2!Lg|yCiGwXhS zbiHxdCgX>TKD3^jS6jnhxFFUkNMp(5Ka1)=8XsHTvLQ{kP*APg?ZKyd?~n?SIp#M_ z&R1`cDwj%VK)+rj^&R$E}5l$TrQ>VzvQH&?3#ESC7zbM3!N3d_H_T<+6mnXv0j zU1DbFDty88oldSQ6aN&?J!hUeo_#}v8$cMoh~t`6*ZRc+|hD!(t0 zZOM!4=kA`KtnT5@Y$<88U}E~7sI`kXYzR9XbD~9?xABqln{JL{i&@KUjejy>4Z+1ZD zOs-SkV>{OvmvYewSEs!fVhlL?c1B~~>J18!XJhxV+uw_?nbYqY=U~<2b*x`C&vN;* z`K+CMht;G`eNR!_vG_={>wnP|XYQQL>eJWwQr}jtzH0hCp%;vi{L5e1tlIkOVUk2@ zzk_apWY|-|#lAkLqRoVS?)A=4KI3pzQp0q4sl$HDnupJqW&N$xF0uVzbFQW6$&Kf+ zm;bTu?wZbY|Gg&*_e_Dx9M=mIzW%AVZB9Mr)246mO4}=KPRSL&bY|Wq-2tD((Ijd*RnlH`uP2`${;qzrx zA3|RA6vneOx_-Tym~HLi&Gjkj>)pOdGn(W1&n&$3sYYn)_4LcVu5W5fmFCBVGrilS zl~-FdVRmKi!wW~W<93&7*`?5!Ls5= zt(>4xzePZEmG`6Bb0*sbh@>_i@||Zp`^cZ93mu!IHVBnyi?f~!?YFt#5Y$mHYrO!c zTW{U;EqrT3L<9324mUZ>kCRgITQK9(vM05rjvE!HDkUzBo5r~MekZGV-NcX6>U^Vn zOI_E6xlezvW;f$;tJODpB>N8RdHH>Ib@%pcksncR^A3NSaF2&g%XyW@?O*#<-J8Bj zZhR^3Cp%L*e4pVw!-TKg6RLh0hdWrEJMgOh(Ql@_BRK*K_6BT!@i+TTo({*i*le*m z3^TtL>2=jx+?lFdV77J16CMj0hTWIf@t#eze6(_|hws#U*_y;Cf18uN6Z<0c_*D6cpX1Cw{d+GM2>R=z|GmOd`Cq0}H zALPxk^61RjOXZ$O=X<9=7pb3_x#ev7fvB5O7ZsLu@>nK>Jl8+(as0|d&FrZ!|D}s8 zv`gAAbF4`=ewyx_qu%ks%eH=8A->ftap7ch^VCWWkro@aS+88mD)R0~n7xR*QrWL( z`Gdbg;`jRiaYMOdO8RN*v$%do`K|fOH}Q9+pu>;z^}ObrULLnL z!rsNXv$mS}HJtUzn!GvK@ZBb0A4Q zO7oasd#_mge(I8AU|-RmtlsxFQ+Bm1=bGyHCsCYBkHsb*+08#SJ;d5h;YWP@f-6&3 zacwd-G}BRCbUm;BMRI7Ydqm1EtB#Pwio?PmPIP~_KbcxuQfnDJb6K35kR^*ulb^3k zhgyhlaYWgViLAdoz6mRS-CN6L*z7zrb>YJ!-+G^lWUtzOCVyX+erC@{!CZ&iWko02 zoM+4`aLxErz$$+%guA*Yr#WWsYMv}RMy_2ywmo)@`?fdMeulEm=M?jGa#!m05?QJQ z|8q!rKNRxX^VG2+@@s|h?<}%N3g4!` zX(NNz9EW?CmKw(;dH>YOSo)p&PfSPkwWNdt-1w!7EdW${&8`%>Na1NEB-GEO*H+TLQUL+4Q9>@RXvtolN=Fk9bxHy zqFHd^QoDsWi^`UF95`?|b&_E_w~mj|I#b4(Ru_LQ(*JaY>2ZR?vF(?2|6P&T_u+!f z^E}VuIVP_XqzmF_`bDiP&OBmz?9rZVwli~f)Uyll?pTno>UL>y8q2v7Uhku6ckUhx zw{>3J`rKD2Bg6Fk>HRwdGplu$ZhIWGF7C3R+npa;R+Impop-#p!8Lea#Or^TJ0m`= zsS}Pe`qFEoX1TXWd6MFx-d8b41#V<5=JI%N6MVtRc+tAbn=$JyTQq(8%%7KDbV29p zwSoZGN83}j=rBdx`9ddUw9lY@W)QSG?`VoE9$rAA1$o@3<24 zXk%-^wvDHrZt-6-i-UDx&t<=>?$f_K_X<2-IM1|f;WhRMd)LzpJNwx$toSFKD)XYH zU7F?0ya0C5mcaUgnNN1je{6`+YU2M-w~kwv(`gS#e$LH z(wE})vnujw{?9JkonLo-Vzg@YKC|~bboDpO?_r(KHSdvxRu_YWa>wni$BTp8^Ay(h zKHy)q^kV0dShtvxcGj=5Jghdl4;Sy8y6>vs{trsUH`gECGUHo<`qf5fQQevMX9r$i WYOj7rbxLk==cTBrcK=HZ_5c7_SR1kc literal 5226 zcmZQ@_Y83kiVO&05al&&X1}GbBe#Mj@6NNxMq?}G11FWPFmv*oi^~LR+`kzj`||kN z3~L?R)`CNA+hU)_yB#j$wsolMIig>iF7~wS;4_I$#d&L|PSIYJ+BJEm%XPb}-hP=% z&sNSj@$AQ}J*%dwb6soEWiXYyz4FnWxR(9fL_bAr__=FKt&PREzS9d`WApL;&B_@_7gmX@&Z!!o!dFogMZFacx{T;iDAu?bW?^XFXfW-;u2K@K#5d@%idk7SG)J1J11~ zX?-cJ_ry$l?xWOhM|L(HrO)r;IHE=Gc0Ag8Q}@r$Z?WsX3(ng9`MLRw1s-1e-!of3 zZjlrGc}_8ZRr0y_eoM28=1)7slFd{8*T$wj@SI7F|H3Dek6ZL|<_4-Ou28?P`u<}^ z(2t2rT31XqT)JJ`pgDWft%k>?(h8T~FAsi@!#eT&gKbv|)_!xGd}Grl_EpYF6J$c3 zF@FyHGW+T$*&Qpc?d3hX*qrg=gtn{aA2MuVYyA*=rYuugVe!u+ipvBHTBkiS%l+(i zV20VEnX?6bwA|M4J(*`pJstCD!~u znx4!s>F_nV^WTgd{9OM3JCd0CnQPOdB}bmjth}nY?1jm;B+WavwvE@VzuPE(ir$qt z9whM9NByqH#HVq^4fJlW^2aX%H1O3BGxPp zA&I3W(c(UWhF^AySx-~xEs3#Mx+rMY62Fi+)>q1R9oDc|DBpaaE3afhy=_1H!`9Qz zym403g3gLu*dOE?ymRrTwo;eXHo=m?7T&A4elO76w1RtOa?&%orK;i2nUT}Dn zGAU)MZ#~zQx0U%tPDN5o;dB4*nZNq_EidnfM{e>y3h?coRCM!9eA)bU$wzJ|i!AAJ zEl~}A7`E$r+@p$L8x5E0S=4Z7PRfw#>dgo?UVd#^=+``9?FalJNs~V&nX~NKC!FA6ce5GrY9fsb-O(v}%yMP*)3+!mn6yJwAu9*pNT}x72Sr^QLIw zn_z((D(fGt>*|kKrMl?)r2L(7n)V@bx43to7Z$&ID#iPrLypqN#nXkR{1)>n6)X;8 zchzV;`}<_H?uPLF5NcY=+uh9?aGH-1ZVn2D!o~LThVXt zu`>Y<846qcZFc{RPrg1Yyx448g6YS#7q8ixWLZtjQxKeeSVhp`eb=gM#{+W9)k5Cf zRGPm2{By_Hw67OKXB+g#XUy~4RB&z6@u1Jg+(mymZ2c6FbKyCy^6t@0d(o_FQ5 zos_IhIL85j#g0p#Eb^Rpi|qj0w+TunciXS*{1o`0;@LY!p2LN+Caq-8vVXgMw!7n; zO;27Ls;CMejB)l9*9FU&Jxh$W-z9`yLPdwijP~6I3!Z{9fO^ zDSXY}WB`+xtvB;SF(D_Za>=Wb;U*}c#FbJkXcZP_LIrl#;`=U&-a zYt#B|?yik;cM z{Lsrbo$J%`{@zRzmz)2@{YpjV4Yi}+gw8(oTV;5D(e@?GHpk9weEw?F0?nv<$09E- zR$Hy${ylyj>vH>j;qT4&<&~}HT$TLyI%2$2Kml z_0axM7xMqe=Cy?#^GuZP&tOk*E`Hf*xmBiOvU5dMnE6Se$zOxl{onQOWB8=&2?6Fy zR;`mSn9viuxxGN^*S^Y=7rB(Xma^}wY`InWN-;$KS=jQwNnZ+nb+!9fJlYcEt8kTT z$CGE@`?bBB4rMO+^LWmtDU)?BY+AM9!oPrh=MU$vc(4BD&q-V7{&kD5MoQoNmYZ6! zT`uGnCKaroA>I(;mFn#H=T0`$Nrtek?rrP$-AgRCyPRV1X^v;))_Hbi z-1##di+>i>{{NS$%fS59^RB)~!h6rD@f<$dn^Ze@EH!i6Y;gI@9~P%A8@)I$@6}5+ zXHb0Iz0g3XZQ=6srvz7RSTs}X-Gb798?JrY`X$HfBSph{Qx~u2u#dRl(-o`7I(w-# zb8+Xyhda2_r(8ene(A zHrY@4xvuT0Mp^lt7K6Z>RZH5A&x&LfTvgI=b$xxts>wedU7zUmLnUag*sBlv&y0_Y z?$kPcVDj@$Hi`5(JQA(BGj4Y}RlVe>_1n6Atja(1A^EtrZJ>|EWahssd{zeWtVxsqa&Vp1yy<(FdEK>p z9bMD-m9NX+WX9AT>;GN3`CV-Cts1$_dG8jwakOQHy%}{{3I) zvdi?e*V()Yy5DR(HS{iSXWGMYcTviZl@oV863F_k)FxrveBH=S@X>QTULWA8YxwR>z1s<6t_i#EZ@4^XUq`6?&!rVNStgvHAsKlnfB*g> z^R7qRo-|9^9r$T~yVpgPuTt-#>Aju0kG@Z~|DyD2ei!%j>8i6PoIcqpW&WJg-(Gvt z+Ptt8jfc!#kA2N5bo#b?>VLM>UxEjoFl=lIbKp~ZXtyo)dc2w7@uu13H|}%(;cJw( zondu8j>&TGIc+I{D`K+2FAv{ctSxjWCdTq>mCujj4f#Pu`aW%MYDquyD z(sNdpM`-os->&3l|6=$5ddug^bC*l~{w{qearQ(*Z)@~lizpcz-@QSZOS}clc`h&; zSIuSj(LSOiw5Vs_nb&i>Cj45P^4t1vA4kZFQ;HW~E{QAXJRm16{fXsFjgja26`Yw} zh1HeK8{eI^)9n2$e*2=f#^H%-*J{N#Up!H|dwHD8my@BIeVYVoa(bsexOGd7m-mam z-=`HBySqFX-~FkKypzIXKKG0Ahm5Tgw`Jei@_V7tGa2JV&x>cYcA9r8ob=enDehE% z_dpEKynYXEm(SNC*RHM$%Q1;vxALTe-j+GjHy#a`y6esEPo~>${P{IKR!XGwjl;x_ z^B?}5(B3@5>q0_GlHK0kPRY6_OY44FmjBVZH!Y&tF3?&lYF%6GRZWG5`sc+WPIqtP z%XrkFcsE)5IGghf*gD`LGrU4l*h*JnMuhW8?86<+SkQD*62oW1pfnf=n`Z;sBpT-W}A zWuN+=aNX7mN5AbqC2qWF_Tq>(-w6#eN8T#QHrxDmpUS}cokcTj_EYbNLQ1pttSxx( z-23B=1x;VuZgFSqiFvg`&AepeH%G5WEk}$#tga6+c<86@%kRzWTA7k}*jh%1;A!E>L7o%@O4qAC{m%ez~*Wjxj_3ppypbG|e)a!q@t*{_AV z;?Jk0#rN%r+wkPouUVIJWIsp!m64KnSZVXg_xxvPnY&8!r1wm0m0!Kcw#nQ)X+hEx zu1lZ$x+aOTyjMxxwN;zCF8*xdQ@H+G^_Gu^(>=R4hpwyeu6&);Tob3Z?tYMOP2Qrd)y5~K zq}wi(8*TnQ|LBFAzcmvB-pHQKK3!4ug)?)fvHv>R$jrXNc-vJyJg+_SjS3rgX-B*` zz^dnwSDbz4lEB&MSm&>4Y5EB_w!iw8w@=K{i0^0OvWxd6-qqwOi{1*pIN!nP$q~U$ZT_c;&>HnyVfg&P`_xZ4qlbEtsmYWaXFl{d?wIuB~ghy-?5lnqRqZ{$8_FrtR}o{=c8FOqqX{UjMgwyB3FZY_xZMAC+LAl`k!Pqx4@T z`{S}Qqa>Y%CxsR_-RCl`Q}y`Q)+8sd@!ln-{e5 zAHU2YrS)ejxc5JKkoMa9pSz)M^0{NL8KlH|q-Tfw?JHK`NqiGue_5SlvtFvz=bS5w zzu(wSSiFks>i@?-y^p)h`Q~cbc!ve)F`)f*&_^=T`r}`Q?Lmrg=}38Pn9TAWiR{#Mu6WB7s_OS~Sx(&6i!X z-u#4T{r2p)QBWEh6mbCs+cWU2Oo}WTSiCp+p_T32XO{TpSoE81~rqedH zaLY@g}L(&c&PA;=Xut&G)!w{piNa*6-i`U*z6%_)Sg(Us(9o z1#`U){`|Y6vv|_Q4_qa(E00*8?mZzXP`oEK*JZs!0L%GZVc8*t2T$yiTUz*AnkB{m zd-UqdY6f{dZTs6Jr)iFv%sa)AHLO^x(u?#_hij{`6S#Bfc(k@`4lE z<_1CGInGs~1{>QoOLaX0)631vy-QW+*p*=IKky0`(1vb`!o;zP~kj_NG@;*K-8^eOwZ| z{V-!l)>)oitNxlt}_O00M$;o$8zCkyB+_RPF%`Ib;(lBWF75e^W z%Bv}JgP7W%Z<}(gMKs%uYmp2?LDb}Jy_@P>47cBMDGfR-b5hISjk9=z?7c}wF?p}W GzW@NrJ|M;b -- 2.49.0 From 2a157ad4e71f04fa70c5b3b03a474fa392b849fd Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 7 Dec 2023 15:16:52 +0100 Subject: [PATCH 07/16] patate: update to nixos-23.11 --- hosts/patate.nix | 7 +-- hosts/patate/machine-id.clear | Bin 0 -> 55 bytes hosts/patate/networking.nix | 39 ++++++++++++++++ hosts/patate/networking/nftables.nix | 65 +++++++++++++++++++++++++++ hosts/patate/ssh/host.key.cred | Bin 0 -> 691 bytes hosts/patate/wireguard.nix | 1 - 6 files changed, 105 insertions(+), 7 deletions(-) create mode 100644 hosts/patate/machine-id.clear create mode 100644 hosts/patate/networking.nix create mode 100644 hosts/patate/networking/nftables.nix create mode 100644 hosts/patate/ssh/host.key.cred diff --git a/hosts/patate.nix b/hosts/patate.nix index 91ef3aa..65164e0 100644 --- a/hosts/patate.nix +++ b/hosts/patate.nix @@ -1,14 +1,12 @@ { config, pkgs, lib, ... }: { imports = [ - ../nixos/profiles/dnscrypt-proxy2.nix ../nixos/profiles/graphical.nix ../nixos/profiles/lang-fr.nix ../nixos/profiles/printing.nix - ../nixos/profiles/wireguard/wg-intra.nix patate/backup.nix patate/hardware.nix - patate/wireguard.nix + patate/networking.nix ]; # Lower kernel's security for better performances @@ -52,7 +50,6 @@ ]; }; }; - install.substituteOnDestination = false; environment.systemPackages = [ pkgs.riseup-vpn # Can't be installed by home-manager because it needs to install policy-kit rules @@ -80,8 +77,6 @@ virtualisation.virtualbox.host.enable = true; - services.openssh.openFirewall = true; - # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you should. diff --git a/hosts/patate/machine-id.clear b/hosts/patate/machine-id.clear new file mode 100644 index 0000000000000000000000000000000000000000..1a09bcbbf71421adcb48e99cbd93bf4c03c843c8 GIT binary patch literal 55 zcmZQ@_Y83kiVO&02sj(quxR7C{uz%IN`RCK% NHE(O#UK)lQ0RZUz9F_n8 literal 0 HcmV?d00001 diff --git a/hosts/patate/networking.nix b/hosts/patate/networking.nix new file mode 100644 index 0000000..6628e5e --- /dev/null +++ b/hosts/patate/networking.nix @@ -0,0 +1,39 @@ +{ pkgs, lib, ... }: +{ + imports = [ + ../../nixos/profiles/dnscrypt-proxy2.nix + ../../nixos/profiles/wireguard/wg-intra.nix + ../../nixos/profiles/networking/ssh.nix + ./wireguard.nix + networking/nftables.nix + ]; + install.substituteOnDestination = false; + + networking.nftables.ruleset = lib.mkAfter '' + table inet filter { + chain input { + ip daddr 10.0.0.0/8 counter goto input-lan + ip daddr 172.16.0.0/12 counter goto input-lan + ip daddr 192.168.0.0/16 counter goto input-lan + ip daddr 224.0.0.0/3 counter goto input-lan + goto input-net + } + chain output { + ip daddr 10.0.0.0/8 counter goto output-lan + ip daddr 172.16.0.0/12 counter goto output-lan + ip daddr 192.168.0.0/16 counter goto output-lan + ip daddr 224.0.0.0/3 counter goto output-lan + jump output-net + log level warn prefix "output-net: " counter drop + } + } + ''; + + networking.networkmanager.enable = true; + services.avahi.enable = true; + services.openssh.settings.X11Forwarding = true; + services.vnstat.enable = true; + systemd.services.sshd.serviceConfig.LoadCredentialEncrypted = [ + "host.key:${ssh/host.key.cred}" + ]; +} diff --git a/hosts/patate/networking/nftables.nix b/hosts/patate/networking/nftables.nix new file mode 100644 index 0000000..30927b0 --- /dev/null +++ b/hosts/patate/networking/nftables.nix @@ -0,0 +1,65 @@ +{ config, ... }: +let + inherit (config.users) users; +in +{ + networking.firewall.enable = false; + security.lockKernelModules = false; + systemd.services.disable-kernel-module-loading.after = [ "nftables.service" ]; + # echo -e "$(nix eval hosts.courge.config.networking.nftables.ruleset)" + # nft list ruleset + networking.nftables = { + enable = true; + /* + preCheckRuleset = '' + sed -i ruleset.conf \ + -e 's/ip daddr losurdo.wg//' + ''; + */ + ruleset = '' + table inet filter { + chain input-intra { + tcp dport { ssh, 2222 } counter accept comment "SSH" + udp dport 60001-60010 counter accept comment "Mosh" + tcp dport 5201 counter accept comment "iperf" + } + chain input-lan { + tcp dport { ssh, 2222 } counter accept comment "SSH" + udp dport 60001-60010 counter accept comment "Mosh" + } + chain input-net { + } + + chain output-intra { + tcp dport { ssh, 2222 } counter accept comment "SSH" + udp dport 60001-60100 counter accept comment "Mosh" + tcp dport { http, https } counter accept comment "HTTP" + tcp dport git counter accept comment "Git" + tcp dport 5201 counter accept comment "iperf" + } + chain output-lan { + tcp dport { ssh, 2222 } counter accept comment "SSH" + udp dport 60001-60100 counter accept comment "Mosh" + tcp dport bootps counter accept comment "DHCP" + tcp dport { 4444, 5555 } counter accept + tcp dport 5201 counter accept comment "iperf" + } + chain output-net { + tcp dport { ssh, 2222, 20022 } counter accept comment "SSH" + udp dport 60001-60100 counter accept comment "Mosh" + udp dport ntp skuid ${users.systemd-timesync.name} counter accept comment "NTP" + meta l4proto { udp, tcp } skuid dnscrypt-proxy2 counter accept comment "dnscrypt-proxy2" + tcp dport { http, https } counter accept comment "HTTP" + tcp dport git counter accept comment "Git" + tcp dport imaps counter accept comment "IMAPS" + tcp dport submissions counter accept comment "SMTPS" + tcp dport xmpp-client counter accept comment "XMPP client" + tcp dport 5223 counter accept comment "XMPP client direct TLS" + tcp dport 5281 counter accept comment "XMPP HTTPS" + tcp dport nntps counter accept comment "NNTPS" + tcp dport 5201 counter accept comment "iperf" + } + } + ''; + }; +} diff --git a/hosts/patate/ssh/host.key.cred b/hosts/patate/ssh/host.key.cred new file mode 100644 index 0000000000000000000000000000000000000000..a3400e21bea679699367aaee714681636ff1b493 GIT binary patch literal 691 zcmZQ@_Y83kiVO&0DE@eA->a~eLpz-`YWMD~u>V_Y>|}BCcjXkGWvBcLCY@O8e%kbH z+}F#|FX!o4e2M@4VcN-0+q$dUXT}`gxqk`A=WfRT`R{k-UYM*I8Mq+!cb9>bl1^z` zfZaFo%qI&H*{v{?aw{s$0h9lHPy!Who}sPmd^dF zm2TM#mz@K|Epkd1?v(4{zQy`^Tf+aBe^y-C(|5)8T7a>jTgOXR!Ob@XQv%Y?nHq-O zSG~gj*um_`ogKc(5&mY6?7QAecW_-dj!sdxPFX9KQ{}rNPDO3Wg|#~B+O^Mq9Agrg zU>ox8`}J3IC018#Z*q>v5G=nLqcwx~xsB7rZ~AK6P5=A+<~s8%N1w;BMLDkH^+ShZ z$^Ui@>n=EW%$@#Q$aenR4v|~Fo9c3}?ly3eagP%%`CIar-H3kx!!q%B}5z97xerc<>zde)n z$FHZKmssroVbk;HNzNXjW!WZo6E8d{tX` zL%W*UQhr(IvKR7)?%3Zr=ln?O$AyiRjne0Yoqj!2FxkMMJ6V@4H^DIbPW{KIDa)Po zjz0X6+88!D|JY>)Xgl?zOCk|6MycP zhTCqhrlpy&uWCN9V=g}*!vhW;fg7=>euU0p%gfr>FBvP?K0((nMM7Wvd1KqduV1w% zKi~W_>4AoU&X>z^-)g^~o}HJQ`CKOBMNIflf%A<@6Sc2SeJs7wW{aYXb@Kc8Nvn?v GUIPHOuu Date: Thu, 7 Dec 2023 19:56:00 +0100 Subject: [PATCH 08/16] T480: enable fwupd --- nixos/profiles/hardware/T480.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/profiles/hardware/T480.nix b/nixos/profiles/hardware/T480.nix index a4983dd..8f1543b 100644 --- a/nixos/profiles/hardware/T480.nix +++ b/nixos/profiles/hardware/T480.nix @@ -49,6 +49,7 @@ with lib; hardware.trackpoint.enable = mkDefault true; hardware.trackpoint.emulateWheel = mkDefault config.hardware.trackpoint.enable; + services.fwupd.enable = true; services.upower.enable = true; services.xserver.libinput.enable = mkDefault true; } -- 2.49.0 From a1f642d7ab3a0d5a124b1ad6d9e67c5c9d3e0ddf Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 8 Dec 2023 13:45:17 +0100 Subject: [PATCH 09/16] nix: remove dead code --- flake.nix | 6 ------ 1 file changed, 6 deletions(-) diff --git a/flake.nix b/flake.nix index 42b4ad2..e2eabf0 100644 --- a/flake.nix +++ b/flake.nix @@ -131,12 +131,6 @@ nix-store --add-root hosts/${hostName}.nixpkgs --indirect --realise ${nixpkgsPath} nix-store --add-root hosts/${hostName}.root --indirect --realise ${build.toplevel} - - if test "''${TARGET_ROOT:+set}"; then - NIX_STORE_DIR=/nix/store - targetStore="store=$NIX_STORE_DIR&remote-store=$TARGET_ROOT%3fstore=$NIX_STORE_DIR%26real=$TARGET_ROOT$NIX_STORE_DIR"; \ - else TARGET_ROOT=/ - fi nix copy --to "ssh://${target}?''${targetStore-}"${lib.optionalString config.install.substituteOnDestination " --substitute-on-destination"} ${build.toplevel} if ssh ${target} set -x ';' \ -- 2.49.0 From 757c3b8be3e2a9f79839cc0f8138966f1901dff9 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sun, 10 Dec 2023 16:43:54 +0100 Subject: [PATCH 10/16] hosts: install packages --- homes/julm/hosts/oignon.nix | 13 ++++++++++++- homes/sevy/hosts/patate.nix | 9 +++++---- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/homes/julm/hosts/oignon.nix b/homes/julm/hosts/oignon.nix index da65523..0807c16 100644 --- a/homes/julm/hosts/oignon.nix +++ b/homes/julm/hosts/oignon.nix @@ -28,10 +28,21 @@ PASSWORD_STORE_DIR = "$HOME/files/sec/.password-store"; }; home.packages = [ + pkgs.ghostscript + #pkgs.go-mtpfs + pkgs.ntfs3g + pkgs.p7zip + pkgs.pdftk + pkgs.vips + pkgs.poppler_utils + # psnup conflicts with pkgs.texlive.combined.scheme-* + (lib.lowPrio pkgs.psutils) + pkgs.qpdf pkgs.libreoffice pkgs.calibre pkgs.evince - pkgs.stig + pkgs.xsane + #pkgs.stig pkgs.gthumb pkgs.thunderbird #pkgs.chromium diff --git a/homes/sevy/hosts/patate.nix b/homes/sevy/hosts/patate.nix index 7f38001..eda1d3d 100644 --- a/homes/sevy/hosts/patate.nix +++ b/homes/sevy/hosts/patate.nix @@ -16,13 +16,14 @@ ]; programs.firefox.enable = false; # error: attribute 'gtk3' missing home.packages = [ - pkgs.libreoffice - pkgs.thunderbird - pkgs.gthumb - pkgs.evince pkgs.chromium + pkgs.evince pkgs.firefox + pkgs.gthumb + pkgs.libreoffice + pkgs.thunderbird pkgs.vlc + pkgs.xsane #(pkgs.qgis.override { extraPythonPackages = (ps: [ # ps.pyqt5_with_qtwebkit #]); }) -- 2.49.0 From 469e6018efb1b6021a7d4aa539800f5afb0eb98a Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Tue, 12 Dec 2023 10:50:57 +0100 Subject: [PATCH 11/16] bash: fix ffmpeg-audio --- home-manager/profiles/bash.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/home-manager/profiles/bash.nix b/home-manager/profiles/bash.nix index f6c3d65..aadb1d4 100644 --- a/home-manager/profiles/bash.nix +++ b/home-manager/profiles/bash.nix @@ -82,7 +82,7 @@ with lib; ffmpeg-audio () { for i in "$@"; do - ffmpeg -i "$i" -vn -map 0:a -acodec copy "''${i%.*}".audio + ffmpeg -i "$i" -vn -map 0:a -acodec copy "''${i%.*}".audio-only.mkv done } ffmpeg-opus () { @@ -90,6 +90,13 @@ with lib; ffmpeg -i "$i" -vn -map 0:a -c:a libopus -b:a 64k -application voip "''${i%.*}".opus done } + opusenc-voice () { + find "$@" -depth -type f -print0 | sort -n -z | + xargs -0 -P "$(lscpu --online -p | grep -v "#" | wc -l)" -I {} bash -c ' + test -e "''${0%.*}".opus || + nice -n 19 ffmpeg -y -i "$0" -map 0:a -b:a 32k -application voip "''${0%.*}".opus + ' {} \; + } ibm-fan () { if [ $# -gt 0 ] then sudo tee /proc/acpi/ibm/fan <<<"level $1" @@ -104,13 +111,6 @@ with lib; mkpass () { tr -d -C 'A-Za-z0-9' Date: Fri, 15 Dec 2023 22:13:56 +0100 Subject: [PATCH 12/16] tmsu: enable --- home-manager/profiles/essential.nix | 1 + home-manager/profiles/tmsu.nix | 32 +++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 home-manager/profiles/tmsu.nix diff --git a/home-manager/profiles/essential.nix b/home-manager/profiles/essential.nix index e7582e0..df13301 100644 --- a/home-manager/profiles/essential.nix +++ b/home-manager/profiles/essential.nix @@ -8,6 +8,7 @@ ./htop.nix ./lf.nix ./ssh.nix + ./tmsu.nix ./tmux.nix ]; programs.bat.enable = lib.mkDefault true; diff --git a/home-manager/profiles/tmsu.nix b/home-manager/profiles/tmsu.nix new file mode 100644 index 0000000..3f20067 --- /dev/null +++ b/home-manager/profiles/tmsu.nix @@ -0,0 +1,32 @@ +{ pkgs, ... }: +{ + home.packages = [ + pkgs.tmsu + ]; + programs.bash = { + shellAliases = { + m = "tmsu"; + ml = "tmsu files"; + mmv = "tmsu-mv"; + mt = "tmsu-tag"; + mts = "tmsu tags"; + mu = "tmsu-untag"; + }; + initExtra = '' + tmsu-tag () { + local tags + tags=$1; shift + tmsu tag --tags "$tags" "$@" + } + tmsu-mv () { + mv "$@" && + tmsu repair --manual -- "$@" + } + tmsu-untag () { + local tags + tags=$1; shift + tmsu untag --tags "$tags" "$@" + } + ''; + }; +} -- 2.49.0 From d2effb7a72c0b09a500f02c528a762ef19286b08 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 20 Dec 2023 22:54:26 +0100 Subject: [PATCH 13/16] xmonad: setup xmodmap --- home-manager/profiles/graphical.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/home-manager/profiles/graphical.nix b/home-manager/profiles/graphical.nix index 6df0e3e..1500190 100644 --- a/home-manager/profiles/graphical.nix +++ b/home-manager/profiles/graphical.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, nixosConfig, ... }: +{ pkgs, lib, config, nixosConfig, ... }: { imports = [ ./redshift.nix @@ -21,4 +21,10 @@ NO_AT_BRIDGE = "1"; }; services.redshift.enable = lib.mkDefault true; + home.file.".Xmodmap".text = '' + ! œ and Œ with AltGr+o and AltGr+Shift+o + keycode 32 = o O o O oe OE + ''; + systemd.user.services.setxkbmap.Service.ExecStartPost = + "${pkgs.xorg.xmodmap}/bin/xmodmap ${config.home.homeDirectory}/.Xmodmap"; } -- 2.49.0 From 2f2f282fb92c9ae02db353766ebef11e1cea3456 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 20 Dec 2023 22:57:50 +0100 Subject: [PATCH 14/16] git: peek at difftastic and delta --- home-manager/profiles/bash.nix | 6 ---- home-manager/profiles/git.nix | 56 ++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+), 6 deletions(-) diff --git a/home-manager/profiles/bash.nix b/home-manager/profiles/bash.nix index aadb1d4..b686a81 100644 --- a/home-manager/profiles/bash.nix +++ b/home-manager/profiles/bash.nix @@ -10,10 +10,6 @@ with lib; c = "bat"; cl = "clear"; emacs = "emacsclient --create-frame"; - g = "git"; - ge = "git-edit-commit"; - gg = "git grep"; - gge = "git-grep-edit"; grep = "grep --color"; j = "sudo journalctl -u"; jb = "sudo journalctl -b"; @@ -165,8 +161,6 @@ with lib; done | sort -nk1,1 } - git-edit-commit () { $EDITOR $(git diff-tree --no-commit-id --name-only -r "$@"); } - git-grep-edit () { $EDITOR $(git grep --name-only --recursive "$@"); } # Recursively mount not-mounted dataset, # loading their keys if needed. diff --git a/home-manager/profiles/git.nix b/home-manager/profiles/git.nix index f5f4dc7..d346473 100644 --- a/home-manager/profiles/git.nix +++ b/home-manager/profiles/git.nix @@ -2,12 +2,15 @@ { home.packages = [ pkgs.b4 + pkgs.delta + pkgs.difftastic pkgs.git-chglog pkgs.git-cliff pkgs.git-crypt pkgs.git-filter-repo #pkgs.git-publish pkgs.git-quick-stats + pkgs.gitui pkgs.tig ]; programs.git = { @@ -28,8 +31,12 @@ co = "checkout"; d = "diff"; dc = "diff --cached"; + dcw = "diff --cached --word-diff=color"; dh = "diff --histogram"; dp = "diff --patience"; + dt = "difftool --patience"; + dtc = "difftool --cached"; + dw = "diff --word-diff=color"; g = "grep"; ign = "ls-files -o -i --exclude-standard"; l = "log"; @@ -100,5 +107,54 @@ sendemail.validate = "true"; web.browser = "elinks"; }; + iniContent = { + /* + diff.external = lib.concatStringsSep " " [ + "${pkgs.difftastic}/bin/difft" + "--color auto" + "--background dark" + "--display side-by-side" + ]; + */ + # difftastic + /* + diff.tool = "difftastic"; + difftool.prompt = false; + difftool.difftastic.cmd = ''${pkgs.difftastic}/bin/difft "$LOCAL" "$REMOTE"''; + pager.difftool = true; + */ + + # delta + /* + core.pager = "delta"; + interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only --features=interactive"; + delta.features = "decorations"; + delta.interactive = { + keep-plus-minus-markers = false; + }; + delta.decorations = { + commit-decoration-style = "blue ol"; + commit-style = "raw"; + file-style = "omit"; + hunk-header-decoration-style = "blue box"; + hunk-header-file-style = "red"; + hunk-header-line-number-style = "#067a00"; + hunk-header-style = "file line-number syntax"; + }; + */ + }; + }; + programs.bash = { + shellAliases = { + g = "git"; + ge = "git-edit-commit"; + gg = "git grep"; + gge = "git-grep-edit"; + gui = "gitui"; + }; + initExtra = '' + git-edit-commit () { $EDITOR $(git diff-tree --no-commit-id --name-only -r "$@"); } + git-grep-edit () { $EDITOR $(git grep --name-only --recursive "$@"); } + ''; }; } -- 2.49.0 From a330098c9c1ee7735a679590184cee46946cd1fd Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 20 Dec 2023 23:00:23 +0100 Subject: [PATCH 15/16] perf: add to essential profile --- home-manager/profiles/essential.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home-manager/profiles/essential.nix b/home-manager/profiles/essential.nix index df13301..eede824 100644 --- a/home-manager/profiles/essential.nix +++ b/home-manager/profiles/essential.nix @@ -15,6 +15,7 @@ programs.home-manager.enable = true; home.packages = [ nixosConfig.boot.kernelPackages.cpupower + nixosConfig.boot.kernelPackages.perf pkgs.acpi pkgs.binutils pkgs.cryptsetup -- 2.49.0 From a31260620b6b41072ebea196333d6c069d4d4c9c Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 20 Dec 2023 23:38:18 +0100 Subject: [PATCH 16/16] gtk: prefer-dark color-scheme --- home-manager/profiles/graphical.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/home-manager/profiles/graphical.nix b/home-manager/profiles/graphical.nix index 1500190..4f6beca 100644 --- a/home-manager/profiles/graphical.nix +++ b/home-manager/profiles/graphical.nix @@ -27,4 +27,21 @@ ''; systemd.user.services.setxkbmap.Service.ExecStartPost = "${pkgs.xorg.xmodmap}/bin/xmodmap ${config.home.homeDirectory}/.Xmodmap"; + programs.bash.shellAliases = { + gtk-light = "dconf write /org/gnome/desktop/interface/color-scheme '\"prefer-light\"'"; + gtk-dark = "dconf write /org/gnome/desktop/interface/color-scheme '\"prefer-dark\"'"; + }; + dconf.settings = { + "org/gnome/desktop/interface" = { + color-scheme = "prefer-dark"; + }; + }; + gtk = { + theme.name = "Adwaita"; + gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; + gtk3 = { + bookmarks = lib.mkDefault [ + ]; + }; + }; } -- 2.49.0