From 48a4435e44a7140ce4bf0fc3bdae0a51c9079361 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Mon, 4 Dec 2023 23:13:31 +0100 Subject: [PATCH 01/16] courge: fix target --- hosts/courge/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/hosts/courge/Makefile b/hosts/courge/Makefile index d329433..9f2d2e9 100644 --- a/hosts/courge/Makefile +++ b/hosts/courge/Makefile @@ -6,8 +6,7 @@ cipher := aes-128-gcm autotrim := on reservation := 1G compression := zstd -target := nixos@192.168.3.101 -TARGET := root@192.168.3.101 +TARGET ?= root@192.168.3.101 machine-id.clear: touch -a $@ -- 2.47.2 From 9da6c732412648c8474b4980b6d2242224175216 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Tue, 5 Dec 2023 01:15:33 +0100 Subject: [PATCH 02/16] zfs: hide mountpoints from gvfs --- nixos/profiles/zfs.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/nixos/profiles/zfs.nix b/nixos/profiles/zfs.nix index e5b4db7..87e7abf 100644 --- a/nixos/profiles/zfs.nix +++ b/nixos/profiles/zfs.nix @@ -19,6 +19,7 @@ # Stable enough, clearer, and faster than the default /dev/disk/by-id boot.zfs.devNodes = "/dev/disk/by-partlabel"; # Not useful so far. + # See also https://github.com/NixOS/nixpkgs/issues/62644#issuecomment-1479523469 boot.zfs.forceImportAll = false; # More resilient for remote hosts, # though it may call zpool clear. @@ -37,6 +38,12 @@ services.zfs.trim.enable = true; services.zfs.trim.interval = "Sun *-*-01..07 00:15:00"; + # Hide ZFS mountpoints from gio, hence nautilus or caja + systemd.services.zfs-mount.postStart = '' + /run/wrappers/bin/mount -t zfs | cut -f 1 -d ' ' | + xargs -n 1 -r -t /run/wrappers/bin/mount -o remount,x-gvfs-hide + ''; + environment.systemPackages = [ pkgs.lzop # For remote syncoid pkgs.mbuffer # For remote syncoid -- 2.47.2 From 4d45753f4a8106fff10ff964490257793b51e5bf Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Tue, 5 Dec 2023 01:16:42 +0100 Subject: [PATCH 03/16] courge: gdm: enable to support screen locking --- hosts/courge.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/courge.nix b/hosts/courge.nix index b0e5649..aa62f64 100644 --- a/hosts/courge.nix +++ b/hosts/courge.nix @@ -69,6 +69,7 @@ }; displayManager = { defaultSession = "gnome"; + gdm.enable = true; autoLogin = { user = config.users.users.mo.name; }; -- 2.47.2 From cf98fd630adb0c2bf76012f77816a6885c7cb380 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Tue, 5 Dec 2023 14:46:50 +0100 Subject: [PATCH 04/16] yt-dlp: add yt-dlp-subs alias --- home-manager/profiles/yt-dlp.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home-manager/profiles/yt-dlp.nix b/home-manager/profiles/yt-dlp.nix index 4569b73..dd235e7 100644 --- a/home-manager/profiles/yt-dlp.nix +++ b/home-manager/profiles/yt-dlp.nix @@ -13,6 +13,8 @@ programs.bash.shellAliases = { yt = "yt-dlp"; yt-audio = "yt-dlp -f 'worstaudio[acodec=opus]/worstaudio'"; + yt-subs = "yt-dlp --write-subs --write-auto-sub --skip-download"; + yt-subs-fr = "yt-subs --sub-langs '-all,fr-orig,fr'"; }; xdg.configFile."yt-dlp/config".text = '' #--download-archive .downloaded -- 2.47.2 From 47c82554a761d551124729b0d48808623bf6efc7 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 7 Dec 2023 14:23:11 +0100 Subject: [PATCH 05/16] Add given password for hosts/patate/ssh/host.key to store. --- hosts/patate/ssh/host.key.gpg | Bin 0 -> 1528 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 hosts/patate/ssh/host.key.gpg diff --git a/hosts/patate/ssh/host.key.gpg b/hosts/patate/ssh/host.key.gpg new file mode 100644 index 0000000000000000000000000000000000000000..98d9cb44a5dd217c921c8a8a34f1993b98798ec9 GIT binary patch literal 1528 zcmV7M@dveQdv+`0HSjkPqaz$!{%I1XC;{U)Do9S0_s66EIK9eE{zj@?Agmi z@9}{bE*MssU12dbLaZKdVV#Ib`Z=*$uGP zuJXtoo4)jGz-Tvf1x1H4lKdbh5sR^QG%%l5@QBle;|IhfC^^?b=*CHc;})UgPvd6- zKAOOaA`;WBMFiA1@@c2lMg+m7L&7moehaF=9HcaYli23im$luAa7wFR_E z4{0{Vp6Nq-Kwk00!vY@Y5<7$ofAQ7T6rsKl3rO3lKE(ia`+8&#i96js4SE7CbgOtW zRz7ysb{7u<_3O3K)NKLGm$kSXxO$+z!Urt;$7MKlJ0e)+;-kb0m{xjRcx1yQS90`{ z+t6aM{cUS0dP)z#_3L2dy4NZ~>|O<#VlKxL(-U(V`dn&gr)%${eP;=Hyoj_G=R`e$o6g$= zkB7iZG$w`M1|>AeGXBlEU zb4XfGEe|qtBId~}=p?6rtL0K$%Ntnj3<}|*OvO>d1R*HfCwd|Vig3UoeSHJ0n0`g_ z+ugg7_T+z49tXW1khZ0NI}(NhS}CX(;0Ow&QIj$DHyM)Co5Ay8>|~>#=Z}i1(Oj0- zcKgbCK-SaQBT=YX#)D}b0Mw4x(Gf+|x@Igdo}9M|d61K1*zRN(5x+CZC6hRyMIRsP z&N%7fJJ}K38J+{&CnF3+qmIissQ?*#9BSU$VDtgUN^Kv{8|%G28@85W2vPslroYU2x=^k>{~spdzqxD zvm_IytS9K9=i%@M08I3opmVU!lo!lad1HK#1KvhwGUT#U05n@+Ibt2nwbsBw-eQL( z8}(L|$l16$9SDOV$S*L0$*|Md8EDiK(8zXw>|zsrnTHQNhbHx5x#HSE#&}B5Q332m zL_9Stt&l;EvhUewY1Q`W5cAlbaH)B&G0DS1dOsfpcInzb{F-dK1}Stk?Xe;)Wpp&MYoWVkoB28OCM zqj4_euC;0(rF5-flekGFfALt4Ea_I=l_eP=papaY-jP0zE`&5DVT`?FW6Q0y6!n>R zqQNdPOT-7=k)6~UL*7{`vIafA(-ESmiWmYTgMg;$)fCwQzOb9YDDDVsm(r*|ggnwo zQFr(+fDO^&>>kmGol%t#zNd>b`Rjknrjw>P`vekfDr!3ZAw&!Lek`wK1h*<^VU`zO za=sc$p)?&(L0PnzUbfedHH#-8?m0W-Ax=Vq&Ft2-Ot+}*Tx$AWYtQ*u+r_h|Mz#gC zy&cI{H0?~=-}w3&y4D;B9{H(r>8q?bLIO*@v5qv$9=K^fKG>xOG*85QQ{OV?IZ7$51DwLVrg z(tz#sV`ka$4cgC@(I$|b1GW#^5Z-87JB}_icUq-b@Ph=FBKzWR=y@+w24tL$fZT^* z4vUp$lB#!2hu@>gM+DfT^~!RbZ5Y`K>0QcrK)qfS*rNHl4Ri-GJu-Me{0syV*sIkM el7Qv(fqh?`(Hxxb5gHS(cX_geY#{jmw1eI2`RV@v literal 0 HcmV?d00001 -- 2.47.2 From 76c320330df1add7a0c55c745b69c8123533fa4f Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 7 Dec 2023 14:24:47 +0100 Subject: [PATCH 06/16] Add given password for hosts/patate/credential.secret to store. --- hosts/patate/credential.secret.gpg | Bin 5226 -> 5246 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/hosts/patate/credential.secret.gpg b/hosts/patate/credential.secret.gpg index b82f9582f5c4d85203050d3d384b1a7f6192ddef..9e2ffc7a6aac474c92e1bfb64724354758655cd4 100644 GIT binary patch literal 5246 zcmV-^6oKmiM@dveQdv+`0A;qx^uzbBxILEszzSeNT1{juTW_&mG}YnPFw0OdAZz1p z$9?Uepfx~sz_V-5c;5nGZo{W+Xx6!$!+N;3nI#UIuRDp49^`n)!pYp&kyJR2g074I(Dm(jLW2{6g9=5#fhE9!AhNI1;>}%@fffMUvd3H(#&B+1(x` zXthA`?_0)kqBRjjYLO&#sa03Edsx5a991DA>c+wN!2x(O2c!v;G{(A8wQ3@_LpO0D zL9)fFgRUXey0H(f*?MmUWMMj(Xc?*gPY~^;N$)Zs>#dTS=bs1NbM>L!SC>)lMS_4W zxInIA{w$P~1_6b8S=WBhID_YLGO^)B9 zEu|P2dv%(fJuS*S4NjwGVuY=e$gETmMTS-bc_p%!Rb=fNN6AHlDGtZP(&(w=u-5cD z4aPX$U?x}y$eZDwyT@9Xf?GiFG+=>mp3H12iC{(JdXk)*PIjK^IT8y_0N(V|@B0=Y z-R+==bs9NDtzr&Bt;a!b&gUDvqhfvy5uQ@5Iu&8Dd-S&8m+c&QZ@Lc6X5$;|O}VmU zChljBjKn@T4t+F)UVT3#r%CDJgHu%e)^ts_NtncapQ=_NY^(Zayu4+OmoABV zYD)oG3^o&MYA{i+%&2Ck3?DhZOU(JQ>YtM@^=IY}HL*dz%0FVt1>9CdxQdMLlE2|*CZ!JU=&KRD225>uo(Z<|iJoER zoQdl>9F7g%Ks19vPj{PAhUV3J7+Pp2fE~(V{534yv1N);1?r)jC5}_JTsN5|EfMXL z;P+XWtLP)?p6wPhkl#BFV~+^VD0PF=eWcZmmREa-ukrZEfyFM68AT2*~J) z(CJx*u6)$(C z42lGUFOTIH*Xd(qSO6N}ML`%Bja16xU&;nvinBv-z_OTRu@?YAJ2&&NcjdCUK~r$B zNG;UR_-fKLtW39$cO|KUN4;~al66eaKZB%a+ihrDGvU&f#H8S%#lK+Or%b)dhL~z3 z+m7{#v^;;G4SMEVpQS9SQPMF__eolZ+v!mu^9P?v{(JX4eV!UBolL$oR;So>&}>WZ z?Tt{N)*o0!bI;-N(j|xzBe4}lga(YtRKcB$p@8a=qHJ{c0Zi9&(p+#OX&RAg!FPFX zK^;wLr9AuRbgeu#xX%SW^i{D`f0q@P(Vc4*#HeQEU$j1;HwaEmLX{jTMwE@7?YJzC zQr;HSAL^HdtXCh%NYM4TjnWiH3_Gm!-e+}xo|J7Um3)GQG-1(8tAYOOgP%=tKCydps>Ohp1@B!`)SLR zI*R$qR%wb>#YE^2{_U(swUy#wZHj`WfI@c)6o$O`xSR(xBUl~f^V{dELKD3?17jq|2Juw{$(Jq zjj$+`8UQ$Atz15r>}kZ?M?u@cqBiG#GvgquaQa6H) zV3v>#0pSDYj}(%W;N(?PU)2G`B7n5Ih8iv!07nFBI{t>Jm=q?<8Z#+P75DD3Jb<*R zCE5HlfK(k52NCw_#&@_EV`!B`K~8IK{WN-S(zPC&$QEzW;|?puz>ULU9xq}cL%+fV zUWh6<-2+y_yg1bG`%C&qG?8qrXZxs#W3hZ*fzVmeQh5iGLgKwR3<$4H`@`xcpda6& zSX$Sj5&SaR2kq?qSIPr_nQ)sc4-s}Y?{P(9-@%H)Fp4-?smb$Y`ZBF{xG{>txC8A) zJUg#VubemJRQVQT?sNgVdR&d@d-ACoY1ZvE;-C|PS*0OTQuwWs3JB3k6ERM<-^!1j zI8Mn-C2#~a3`sV$roY@`&$Arhevp&Im(}I`?5FH6*7P~P)r-a3@Jo&{!<^EYVWPbq z&dm%AE;w4u`w1P!{?y#A3sAZr3m zX!u|r>#x9xMO7|fcX3RpPpXBg5gL#V^NIQ z0V;rReT5=G*Jayke973mh2G*C3mWJ0mUp-B7VLtFf3@KWQ3Hpc;U;tJB$OtnFs!Z) z>uq#xN|@nin0S06qemW)Tm(DK420-&+?g2UwO?T)K`sJ@LZnLog&zA1UrbmgK4boj z;Zx<}@OzkUd@-&E|q`2@< zdB6E*8R$9LF_Joi`1dioklsUcufTGGvcYl0;^Femg(z{C`38;RR_pWDHQr$s1lmO? z_BL#0CVwAB29ykB%LD}0oKiqy9_OUP$=>1&AvN$3uQ}lCL+kSt-SWrX81QnHv@ySN z4Q*rLKD~|%*w&gf(B6$BSw8cd_$EWBUbu}$czSd`Rz8YbvEn0LN;9KIx3$GH)H7&| zr1&7+Y0Zi_?JnkVH2u~EcER#u!^{j@3f<2e+y?+M9<~=YPB&XN5-5-ET_AD@je2j! zJZf7GZjjKk#&=_*SgU1wbh9#vFD7)QWez>BX$Rxn_|4s|C3I$#kJQXiW1nCzP0 zZ(DyeRzo_%}|aiCp7QYfU8{GxyHGsdfgux2fB5hja9;PQVY)odSEeir_yuAPkx^HE(xz7wSpMqP>&w9tAqOdp#hNLDRkO_%W$C(@^0dUdB z4g;f~=I&aI1})C&!0e5-XFBcCJ?{m9j&9K&su6;(k&`p&0~+fuj?g5)VpXtmAp?k< zA`z=+Uq^L8tK7nwW&(UoHY7D=w4E@*{#7w6KzB&>hY3sf;8ycpYPtOa0w|V8H1`xF zGaz!;lP_^#XJ^n;{rJPK>A<430D7J+B~ykm3b!OIHdGl*t9==e6hEbJTs}1PyI%*n zU5F3leJc>I8cIfqt6>|0F;7+EVoOy*3J4Kv$S}X{TeX63S(Tuv{ zh@n6qr#jfBi3{!=7a0A#*Wq@>BGe`O(9^Voj|l4;WZfGHzN7M|-E$|KIy_$@o8aaLeu+_9IJq-i9AML#({MPKd0`i zt7x_Wklr7wtEFI25wqwR5pOoY9L#M(j^jQ>Tts&jkkyv&5&=-f?U;dXtFRzh&0W3+ zKi*$_oR39bKst;{#*Za#Ij82I1&I#BCK}53WG1+y#Dhiu6{yVI$!d--DD;1ZcPFZs z-V*2mSr4b^JgT+o;bItNk3cPO8CK;HqfJc8TQ(9*-i??e%s|x{C^e^bK)*SB;pe7m z{dp^NJ^y^pgmUEA=UvnO1-puu0^jdR1PhrEd2B_{koEk3J%eS&OolHo>MKfSoOIMq zX9EqSi%^;as;AA?{WiSGuK)YX{|d=ByTW@l2Xn?w!8{#Wl-i=7+Pq7IZ)~fXnx7jA z_7v6_G3Taw@KorGabE<1MfKHTYdb_s3i4X@-Hwu&gI^EKq0;hv61CT7(~U*!eRU$A zURMI{vMO$Ua*&&OZQ;2Q#ZY&7)U27Jc0Gai2E{cCR z+?6eGHnpVW3^*JByVI@>&0#s>shvnom2VwBl=Y46FToaB6s=i^#nbOLJ|SwKPtE%}Q#Mvr{?XSZLnX z>Q(C-?uYmlYslH0BYR@F#qsi)wFz~NBKC*ic{g18z0^BR@`@e+2dIZ*CywoD9jhG) ztb1SNS_!4bU1P+%50z(BJ3b)zUtgfqm8uG|Gch(SC8F1Ef9PXXT}N1Cx;ltdVR*w6 z@W_kzKgnfvbbUEfnWkPw5;+7Mf=*3Dh$d7`b69rxkp=ol_7frXy?qKXgF~5Rq2a{# zjpY<;s<+H24__pIk zUiQ6RKbRvt^JF)!9@Kv>VFY>+{|FjO;Sx%`{PmX7Yyef*MB_{~#v2HG+Y| zA|LUJax3D^U&q=`t^=fUbA|ITcESHt5wUYU+_XikB#*$y9p9d75S=XtOinnV z^|Yb>x4t#pqBvq#wlA`=07{%d-qNKrUSdo6ENG?o3;bM&d)9iO;#v}CRPQ|9Yvk61 z{dKBGjgY?S^uU4E2Z)t`1UcO*exSUglyRr=qgy4mO$5|W=y5bDPeN5RMiVfZo>e8r zXMAH=TRT`eN63Q_p`|{d*>ZNLh`_+ZWs)(63oJ}Bt~CLfI??)~FY?p^<6uC>x6>{D z)EK_-&>ZJ(NpqYu>R=miUztu?u5)R`HOAt+YX;1mxPJ!_4Y;6hB}UStW(3Z34NJvl z+}*)fJwu~~=S>o5Xf@Bvzqk=;dn~24<5I3((-B78_$oS+{mq`oeSk$%zF6!2(}`H} ztbP+(GW3l+CON%wBa$J)jp|&*5ZG#?3P|rfQ_w;)qON(_T&~kNg7WhZZfA1PEY;R< zP(|XmWV9>-Sl<3^A66YF#;xmONp`B-WR1D*DT9>>ZgaNyoP-Jw_`M;oxYS(Yv4wE9 zvC8GNPo$a%1)+@7PSr=3^yf-Z$8nxDcA?e>SU*L}0J)C`(5U_sWgO^)hZ_XUo=^uB zgi(KRndG{i3WQQ{;c)vUh+qJW)f|3ht)(os!vUALP%HU;NFF3O0RYnUbBE0&A7)SH z(>~9x*O6N#d%iaBxGgWUAG`&h3ZCK^DvAIYBZ%9Ia1w1X`qq&v7)e*n&B6HcV#k83AU?Br4zJ1jkgaKeVRUFBa!!*&ZjKz@wGFMVeg<#xg57_xJ2t(BB3qGgJcnMBt<)k{uk zBIc=>$maN(ysDKa3f6=z05u-lsp8yTguk{G@>sC>y0m>fIQEXqp+uVIw34f$rUdl+ z^I_*Br!Fy+zJ@-JE)bHcOxGKBd>in6jcbn#rWC)6XW*b z$xXzWcXcE3jkMf}lrA(4@%g;+1W#s{31AYbsj&z|34kPzI&q+7L4$g;%?E=EhG~9N zw}mg@NS8BYbDLB-sSm3CrfB|ROSQoQS_VD@*TLS*1ZkIqc;K3kcQRI z;Q+J-h45X>c4;FZqxr-krVucNmf|*T^Gd*&HlmrE5lkvZtPbRn4vpbPaoZ+t`QLIB zaSe3aJTpJB(WSiuw5V|CFJmFk7_9%rXJY`8!`2?p_A)?DMF0N8VP*3Qvf`w~{xLl;~##jCIt}%-R?MkOPqoYK38;9m0Qg)|K2r22G=a zfpF4Fy3ic8Xx(|c6c-db1VB__b#z-7Oc62kxfVN?B#m@jIHjUenxsxtoIBKay2B_q zp&x_a3T||ue?5-};f2dX4PH8yQq2_5zfwh0xuepCbwsN?QyEh@OR5U{peeGb3#nsb z<{qUbSLYtuOhM2<;$)I!l}&#N)a`k1azb(%0#}{?yq~Mr+Dc2|#MuqvP)&=Ha@ovZ zcAu_e#MmPgq>M#$B~#&6y4POfc>1w1r7k#p2q}_i8j6i*Q!}U5rd9QB6D!~kRAQ6y zVmAc5z7uNc6N`?V`M`_X9PV?x36TY{}Ze=Ul0Od=8jmYkEs3ji1boaO(j1s_jeD}8Tmsig3! zq){8xT#7#Fr-~Xf3pPxjit7qGRmk?w&(&*wp1 zX7$lkn=p@GXr4~8aMrTNQuD?~75YH6@=$Eh>}>W&j^m-Ehpg<3f6^RIruBit%H}5d z=`5bW19@^dXlCFZtJtZ)0WlWTp9y*%q3JA`E1xO9Namo`o3;_e60lXlT7xSO$*E15 zPa@K&PAYfg3H`bbP%Ut!%&Nfh$rhk0*kjq7^MY`xVP0J*oUYeR+ipY|R{ZxQFTH-3Wk}E^KmLF1TZ@iMlC}I5-W2$r=3@B)bl!8OJCP;~{k zmZ%gDx0r2BDa*<~lKw(kU7?TViHA3uH!7xNW;odltEH&6Hbq;Eh6idzxY3A-aG z9lhpHY^{1$w7M1Sd~x}Sy&amZW{*7H1?_f1>#;C-3Hx~{#O8wj)`#btP_>0rWWfn_ z+arM6@|?(6rQ!%adItkPcf#q0EZ3H9{n=(09-rh#)OcywCdKv=&E-z2G0&p6qys$0 z&avm}vY;ti-o{zcqb92$NB3W@1*bp0SMN8zZg#H;s$>1h{98PT51RUj`7^=|b`A&F z*q8PqR+GlDrF}>%@P1VP#Ivn&h@Lbe-aAl^!&*^LyxYb)ma2`~*U@u}TTky)I=p03qv( zp)f3lp{LKv5vs7FnJVs}bx_zvjw>&8$A4KBR*hw&uLwU_&`gS5E(M#VI|Flxk>R)t zXO!2=N5Rc0Ap|*b3-JUdp1#o_Sqn=$gCo2iOyYW4*UD18lY+`)f-sD-Ka}~dhUF-B zcie<9QQ3N=hR2#&1re%rfYq;mXsVO=;@6Qv_#{%D7V7XX<}=3?xhl)Rljn&B7-yUe z7=>+^+lfJYtRrKlcs34(CxyZBA@@QR-BuBUx8{=shY>GWnssT|huviI;;y1xK94;{ z@p^B<@MFg-JyA?JlLP&zOsP@~tY#nd!LB-1IJ8OmiSoKI6_i?c)DS#caf0b7cHn+T!L zLy7B*wgkTz20q$(bWHcsguc^MzTrVQ{9wOgnHR*uaQ?$1_@@;vz3Hz@u7YW#Xr6_w<=x}xEvvV%zg1Bnc^h5gRU*6Ppi^l&Mq~xeD)L*M~1x`m^@N; zn=H9C3^5A)z4w;#WgpQz_MhM!3*s#a=w_SPjOIF2p= zW24u}LOtrjeBzY}uoE4TDjUQniR>HQWvRyRdUvdgx3>0mB`(M6Sd`rA8DszTQeWL- zEbROyi@kpLyOsY2W%?1o_;avtQgSa$h83;nNAV9k`4U(o zpb2CobZ#}Tf-k}$?hX=*+>9<^z_cKmS^HrrzH$Jjd<`=X*}1tmil?TybeVRu9$3^Vcr#)BhY)4C z3Xlg_55xYXI|1SRKEd1;un+#l$=0s7-t8iNGEk8}bCqd@@O|s0nF`aeH}#vF^=2DUI_N+tDj1!;vP| zeHXLQ$aTA?UPScCRVj|L5PWQnmEhXiCJhbrPfqfvXuFC?0q*>HS=?j{H=Xn&@MyJ> zwrkw9`=K)C95Z1_(ab8jH;Ew0NVW+VLVw-BTnwI%NDD;s)>*BqepYNWU9PFgKrXbL zm$AiAmAdS^@-?>D{Q8$&8WeTxK#_>g@czgvvzSWIU}R!Gy^V<(e&nTo`Z;&}D&Ce@ zdp=P+Dq60FUDYWd;V;h?Sj&sH4rtCsu#|9s#ZKxPYxRSQ;a~4)R{R(6=ipECH z@|8CZC;4q8zNlCr0rv;IbrWL4OdhxB7iPhbqDJhhzlHE?i(h@EU%W5u--i_ZK zC=W)qs3v&5qLRUOog;>9FSgb{OtP^ZS^tH+6@I!dUX6`OmD<0{42vH*a-_pwRUMdV zb{2PmQ4}rXy=(AsURG&`<25Y~v%M5Mzh@W*C;Ia)K7j8O%^>N%Y$F7S0h_h(Hb14O z?8TnbeuwY`z9;-wErrm<_P@#(GqRhbScXlIfE>i_A{~P~`$v@k1@{CgR-5HZ;SwU6 zysdEH=S%U}pn~;=+6!pBTKGRgX>(+S)Zm|H%C5cAyE4rghM3rGycA& zd-WZOl6+}f{Jj8PaGY2S-wX!}As)d-RgE(;>1^*FSh7vQP2^2)^z5(P)e8L z3(oW7wtDhl(SNaL+RGz6{yicI0)o!geIlgxQ{Og&fu3ZHY8n{*Aa5vj?5~!I05Myz zhEh*95xQ(g?{zhlXIjtCg{PBy$V6%=*sv47whhfMmbqz-e>i=5vWn69 zf({_p>m}MuNJ8E|?84V14XNv5gM3~luHRBkd~Tw(do#%z8-~z#GPC=i#n9RNDPd6T z9nEXYczW~+X}L2`t{quvj&WZ-s*DWlNN+N6fx0VL=)eUoNN#g$+|m%uTU|r-W@ay7 z*thETZoU>dG7kA+rqSOR?tE?|71~qLpF%m!c^L*t;aeHpLxEYy*A1r4JeF)d@x#_IqY7K|I4 zS5CfjAPiybUw_jl2(vC_I`eGQA^Yq-kfW*!)&Jx9OUFc<_C+~?!T>p$FwjISt`ciC z?W=L{@!G-nj9*v&)AD~#Yq(NV72Rq{Oc&Y9NTB%HEuDM++4S&BX*Z05HUgDaQYlM} zVO@{G6j3VdgehjSpB=2PH^@nUw`=W`B0FZbWgJU#HzRs3U-t4+%fpL_zFK~x3Dx2( zkguACsjm?~do|Se6fB*p;J}kJx@%r0={|dKnXm@MG!e0N=1QBt&&LF0=dl`#IrIIM zj}{)I^c2;PKjvZ>1diS~VJuMy1&rxL0eRk{fEO?MKbYa9Do z75}stmzjr#X_UKSLSx++y!K&py<_1zJ)L9pROit3!y*jG(FTF#r&$Z*r(3Nf3|uSc z&-$vQ@d0AAN~i844L;BxG4)iM#(OdZT@M-O6&7#rP`(Mt+|>A)_5n1O?Gc(=^VveS zCRaIm9ZHXscGVl2BDR#I zO2PU4xQTO;(eMg%9jU}S%ZL>RZjZ7{Z&H7d(wDPs>wa(ML_2tl6)T zq09BtlgfXSkM)9)T%i~O9%HU5POuW-$ejVV`oZ}~r1)QcX_KJHD>pDwS8PLiRWPxK zDRnJKQDYm9Gd<{o{09x5EKcYRwF~s{J-Oi)SOQ zMLtM5fN${z_H#z$$?h6WQrP(3Js6E`b^#hFFo611@7ZMPl$}xnhv&AG#)K7XMhc=F k0B~B9wvDoWL@~G8M0HZb9LXwAMhSDU9o~{MTyE Date: Thu, 7 Dec 2023 15:16:52 +0100 Subject: [PATCH 07/16] patate: update to nixos-23.11 --- hosts/patate.nix | 7 +-- hosts/patate/machine-id.clear | Bin 0 -> 55 bytes hosts/patate/networking.nix | 39 ++++++++++++++++ hosts/patate/networking/nftables.nix | 65 +++++++++++++++++++++++++++ hosts/patate/ssh/host.key.cred | Bin 0 -> 691 bytes hosts/patate/wireguard.nix | 1 - 6 files changed, 105 insertions(+), 7 deletions(-) create mode 100644 hosts/patate/machine-id.clear create mode 100644 hosts/patate/networking.nix create mode 100644 hosts/patate/networking/nftables.nix create mode 100644 hosts/patate/ssh/host.key.cred diff --git a/hosts/patate.nix b/hosts/patate.nix index 91ef3aa..65164e0 100644 --- a/hosts/patate.nix +++ b/hosts/patate.nix @@ -1,14 +1,12 @@ { config, pkgs, lib, ... }: { imports = [ - ../nixos/profiles/dnscrypt-proxy2.nix ../nixos/profiles/graphical.nix ../nixos/profiles/lang-fr.nix ../nixos/profiles/printing.nix - ../nixos/profiles/wireguard/wg-intra.nix patate/backup.nix patate/hardware.nix - patate/wireguard.nix + patate/networking.nix ]; # Lower kernel's security for better performances @@ -52,7 +50,6 @@ ]; }; }; - install.substituteOnDestination = false; environment.systemPackages = [ pkgs.riseup-vpn # Can't be installed by home-manager because it needs to install policy-kit rules @@ -80,8 +77,6 @@ virtualisation.virtualbox.host.enable = true; - services.openssh.openFirewall = true; - # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you should. diff --git a/hosts/patate/machine-id.clear b/hosts/patate/machine-id.clear new file mode 100644 index 0000000000000000000000000000000000000000..1a09bcbbf71421adcb48e99cbd93bf4c03c843c8 GIT binary patch literal 55 zcmV-70LcFUM@dveQdv+`08q_QfTFR^k7o4Dz0#HPhjA?H0qH~jM)w9f_jbrX>W#Dc N~T$gM}q zHSJ#Y(_87DEI9OE`|y^@^0te6hnZZ*xxb_c^NRuhZ|}No(32@yQJ`J>iZB`?EOmxZ zKK2)BbYx32Z?c&Alnx z`L*jgjRqeZ$V%<`4u1JHMhFypGg8)=)DMMu_P}5wqD5WKd?#H8ED-CDae&KsLnO zxJ_eNPd4H|itihU3fD7RWG6dhtrl#0O{iWZCZy1_}5Rg4o?)TT~ofxZl zw}L}hXc2eWTq>9i=R87@_Ae&4HUCWe3e4tgFAPD1BVLH>;Xrd4|2}}O&_GC?m-`Yu zpPh&l+D)>4ZPmLlLL5h46*guqm_UY6=ukSw0s#TmLG2kHfWidsd<+7`eEoF&2Qmx_ z%#O#@V1#*`-=H4@tpX-kp0_cfg_(X>rn2+tJubh8X$AQD<@2OCzxX_i{N!xB5~gc3 z-C(gPN5mfrBEB?&AlBs80vgf&hJSs;=M*5*)hiRQhbA_q4;@2x=pVw|KiJMg;u`qS zv3Y?T&J#lV<{&h%04peH~j*O0~Ck0eC0w9ZS;WKM(UPkHV3MMz_^_c4glZ?3=r5|%J@~B z25xGxj~QJNhmb8!WEd|O=YfXd_4O;0=d<}@;3zOG^wVDUefP_oZf$Aj9BAlVSNRan Zfg+JB)s^ELsXVkH96Mw0Uy`fE5!SY_QRn~w literal 0 HcmV?d00001 diff --git a/hosts/patate/wireguard.nix b/hosts/patate/wireguard.nix index 784901b..75146c5 100644 --- a/hosts/patate/wireguard.nix +++ b/hosts/patate/wireguard.nix @@ -4,7 +4,6 @@ _: "privateKey:${./wireguard/wg-intra/privateKey.cred}" ]; networking.wireguard.wg-intra.peers.mermet.enable = true; - networking.wireguard.wg-intra.peers.losurdo.enable = true; networking.wireguard.wg-intra.peers.aubergine.enable = true; networking.wireguard.wg-intra.peers.oignon.enable = true; } -- 2.47.2 From 16769e3b93e6962f0af1260b1ff14116b48da53b Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Thu, 7 Dec 2023 19:56:00 +0100 Subject: [PATCH 08/16] T480: enable fwupd --- nixos/profiles/hardware/T480.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/profiles/hardware/T480.nix b/nixos/profiles/hardware/T480.nix index a4983dd..8f1543b 100644 --- a/nixos/profiles/hardware/T480.nix +++ b/nixos/profiles/hardware/T480.nix @@ -49,6 +49,7 @@ with lib; hardware.trackpoint.enable = mkDefault true; hardware.trackpoint.emulateWheel = mkDefault config.hardware.trackpoint.enable; + services.fwupd.enable = true; services.upower.enable = true; services.xserver.libinput.enable = mkDefault true; } -- 2.47.2 From a1f642d7ab3a0d5a124b1ad6d9e67c5c9d3e0ddf Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Fri, 8 Dec 2023 13:45:17 +0100 Subject: [PATCH 09/16] nix: remove dead code --- flake.nix | 6 ------ 1 file changed, 6 deletions(-) diff --git a/flake.nix b/flake.nix index 42b4ad2..e2eabf0 100644 --- a/flake.nix +++ b/flake.nix @@ -131,12 +131,6 @@ nix-store --add-root hosts/${hostName}.nixpkgs --indirect --realise ${nixpkgsPath} nix-store --add-root hosts/${hostName}.root --indirect --realise ${build.toplevel} - - if test "''${TARGET_ROOT:+set}"; then - NIX_STORE_DIR=/nix/store - targetStore="store=$NIX_STORE_DIR&remote-store=$TARGET_ROOT%3fstore=$NIX_STORE_DIR%26real=$TARGET_ROOT$NIX_STORE_DIR"; \ - else TARGET_ROOT=/ - fi nix copy --to "ssh://${target}?''${targetStore-}"${lib.optionalString config.install.substituteOnDestination " --substitute-on-destination"} ${build.toplevel} if ssh ${target} set -x ';' \ -- 2.47.2 From 757c3b8be3e2a9f79839cc0f8138966f1901dff9 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Sun, 10 Dec 2023 16:43:54 +0100 Subject: [PATCH 10/16] hosts: install packages --- homes/julm/hosts/oignon.nix | 13 ++++++++++++- homes/sevy/hosts/patate.nix | 9 +++++---- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/homes/julm/hosts/oignon.nix b/homes/julm/hosts/oignon.nix index da65523..0807c16 100644 --- a/homes/julm/hosts/oignon.nix +++ b/homes/julm/hosts/oignon.nix @@ -28,10 +28,21 @@ PASSWORD_STORE_DIR = "$HOME/files/sec/.password-store"; }; home.packages = [ + pkgs.ghostscript + #pkgs.go-mtpfs + pkgs.ntfs3g + pkgs.p7zip + pkgs.pdftk + pkgs.vips + pkgs.poppler_utils + # psnup conflicts with pkgs.texlive.combined.scheme-* + (lib.lowPrio pkgs.psutils) + pkgs.qpdf pkgs.libreoffice pkgs.calibre pkgs.evince - pkgs.stig + pkgs.xsane + #pkgs.stig pkgs.gthumb pkgs.thunderbird #pkgs.chromium diff --git a/homes/sevy/hosts/patate.nix b/homes/sevy/hosts/patate.nix index 7f38001..eda1d3d 100644 --- a/homes/sevy/hosts/patate.nix +++ b/homes/sevy/hosts/patate.nix @@ -16,13 +16,14 @@ ]; programs.firefox.enable = false; # error: attribute 'gtk3' missing home.packages = [ - pkgs.libreoffice - pkgs.thunderbird - pkgs.gthumb - pkgs.evince pkgs.chromium + pkgs.evince pkgs.firefox + pkgs.gthumb + pkgs.libreoffice + pkgs.thunderbird pkgs.vlc + pkgs.xsane #(pkgs.qgis.override { extraPythonPackages = (ps: [ # ps.pyqt5_with_qtwebkit #]); }) -- 2.47.2 From 469e6018efb1b6021a7d4aa539800f5afb0eb98a Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Tue, 12 Dec 2023 10:50:57 +0100 Subject: [PATCH 11/16] bash: fix ffmpeg-audio --- home-manager/profiles/bash.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/home-manager/profiles/bash.nix b/home-manager/profiles/bash.nix index f6c3d65..aadb1d4 100644 --- a/home-manager/profiles/bash.nix +++ b/home-manager/profiles/bash.nix @@ -82,7 +82,7 @@ with lib; ffmpeg-audio () { for i in "$@"; do - ffmpeg -i "$i" -vn -map 0:a -acodec copy "''${i%.*}".audio + ffmpeg -i "$i" -vn -map 0:a -acodec copy "''${i%.*}".audio-only.mkv done } ffmpeg-opus () { @@ -90,6 +90,13 @@ with lib; ffmpeg -i "$i" -vn -map 0:a -c:a libopus -b:a 64k -application voip "''${i%.*}".opus done } + opusenc-voice () { + find "$@" -depth -type f -print0 | sort -n -z | + xargs -0 -P "$(lscpu --online -p | grep -v "#" | wc -l)" -I {} bash -c ' + test -e "''${0%.*}".opus || + nice -n 19 ffmpeg -y -i "$0" -map 0:a -b:a 32k -application voip "''${0%.*}".opus + ' {} \; + } ibm-fan () { if [ $# -gt 0 ] then sudo tee /proc/acpi/ibm/fan <<<"level $1" @@ -104,13 +111,6 @@ with lib; mkpass () { tr -d -C 'A-Za-z0-9' Date: Fri, 15 Dec 2023 22:13:56 +0100 Subject: [PATCH 12/16] tmsu: enable --- home-manager/profiles/essential.nix | 1 + home-manager/profiles/tmsu.nix | 32 +++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 home-manager/profiles/tmsu.nix diff --git a/home-manager/profiles/essential.nix b/home-manager/profiles/essential.nix index e7582e0..df13301 100644 --- a/home-manager/profiles/essential.nix +++ b/home-manager/profiles/essential.nix @@ -8,6 +8,7 @@ ./htop.nix ./lf.nix ./ssh.nix + ./tmsu.nix ./tmux.nix ]; programs.bat.enable = lib.mkDefault true; diff --git a/home-manager/profiles/tmsu.nix b/home-manager/profiles/tmsu.nix new file mode 100644 index 0000000..3f20067 --- /dev/null +++ b/home-manager/profiles/tmsu.nix @@ -0,0 +1,32 @@ +{ pkgs, ... }: +{ + home.packages = [ + pkgs.tmsu + ]; + programs.bash = { + shellAliases = { + m = "tmsu"; + ml = "tmsu files"; + mmv = "tmsu-mv"; + mt = "tmsu-tag"; + mts = "tmsu tags"; + mu = "tmsu-untag"; + }; + initExtra = '' + tmsu-tag () { + local tags + tags=$1; shift + tmsu tag --tags "$tags" "$@" + } + tmsu-mv () { + mv "$@" && + tmsu repair --manual -- "$@" + } + tmsu-untag () { + local tags + tags=$1; shift + tmsu untag --tags "$tags" "$@" + } + ''; + }; +} -- 2.47.2 From d2effb7a72c0b09a500f02c528a762ef19286b08 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 20 Dec 2023 22:54:26 +0100 Subject: [PATCH 13/16] xmonad: setup xmodmap --- home-manager/profiles/graphical.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/home-manager/profiles/graphical.nix b/home-manager/profiles/graphical.nix index 6df0e3e..1500190 100644 --- a/home-manager/profiles/graphical.nix +++ b/home-manager/profiles/graphical.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, nixosConfig, ... }: +{ pkgs, lib, config, nixosConfig, ... }: { imports = [ ./redshift.nix @@ -21,4 +21,10 @@ NO_AT_BRIDGE = "1"; }; services.redshift.enable = lib.mkDefault true; + home.file.".Xmodmap".text = '' + ! œ and Œ with AltGr+o and AltGr+Shift+o + keycode 32 = o O o O oe OE + ''; + systemd.user.services.setxkbmap.Service.ExecStartPost = + "${pkgs.xorg.xmodmap}/bin/xmodmap ${config.home.homeDirectory}/.Xmodmap"; } -- 2.47.2 From 2f2f282fb92c9ae02db353766ebef11e1cea3456 Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 20 Dec 2023 22:57:50 +0100 Subject: [PATCH 14/16] git: peek at difftastic and delta --- home-manager/profiles/bash.nix | 6 ---- home-manager/profiles/git.nix | 56 ++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+), 6 deletions(-) diff --git a/home-manager/profiles/bash.nix b/home-manager/profiles/bash.nix index aadb1d4..b686a81 100644 --- a/home-manager/profiles/bash.nix +++ b/home-manager/profiles/bash.nix @@ -10,10 +10,6 @@ with lib; c = "bat"; cl = "clear"; emacs = "emacsclient --create-frame"; - g = "git"; - ge = "git-edit-commit"; - gg = "git grep"; - gge = "git-grep-edit"; grep = "grep --color"; j = "sudo journalctl -u"; jb = "sudo journalctl -b"; @@ -165,8 +161,6 @@ with lib; done | sort -nk1,1 } - git-edit-commit () { $EDITOR $(git diff-tree --no-commit-id --name-only -r "$@"); } - git-grep-edit () { $EDITOR $(git grep --name-only --recursive "$@"); } # Recursively mount not-mounted dataset, # loading their keys if needed. diff --git a/home-manager/profiles/git.nix b/home-manager/profiles/git.nix index f5f4dc7..d346473 100644 --- a/home-manager/profiles/git.nix +++ b/home-manager/profiles/git.nix @@ -2,12 +2,15 @@ { home.packages = [ pkgs.b4 + pkgs.delta + pkgs.difftastic pkgs.git-chglog pkgs.git-cliff pkgs.git-crypt pkgs.git-filter-repo #pkgs.git-publish pkgs.git-quick-stats + pkgs.gitui pkgs.tig ]; programs.git = { @@ -28,8 +31,12 @@ co = "checkout"; d = "diff"; dc = "diff --cached"; + dcw = "diff --cached --word-diff=color"; dh = "diff --histogram"; dp = "diff --patience"; + dt = "difftool --patience"; + dtc = "difftool --cached"; + dw = "diff --word-diff=color"; g = "grep"; ign = "ls-files -o -i --exclude-standard"; l = "log"; @@ -100,5 +107,54 @@ sendemail.validate = "true"; web.browser = "elinks"; }; + iniContent = { + /* + diff.external = lib.concatStringsSep " " [ + "${pkgs.difftastic}/bin/difft" + "--color auto" + "--background dark" + "--display side-by-side" + ]; + */ + # difftastic + /* + diff.tool = "difftastic"; + difftool.prompt = false; + difftool.difftastic.cmd = ''${pkgs.difftastic}/bin/difft "$LOCAL" "$REMOTE"''; + pager.difftool = true; + */ + + # delta + /* + core.pager = "delta"; + interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only --features=interactive"; + delta.features = "decorations"; + delta.interactive = { + keep-plus-minus-markers = false; + }; + delta.decorations = { + commit-decoration-style = "blue ol"; + commit-style = "raw"; + file-style = "omit"; + hunk-header-decoration-style = "blue box"; + hunk-header-file-style = "red"; + hunk-header-line-number-style = "#067a00"; + hunk-header-style = "file line-number syntax"; + }; + */ + }; + }; + programs.bash = { + shellAliases = { + g = "git"; + ge = "git-edit-commit"; + gg = "git grep"; + gge = "git-grep-edit"; + gui = "gitui"; + }; + initExtra = '' + git-edit-commit () { $EDITOR $(git diff-tree --no-commit-id --name-only -r "$@"); } + git-grep-edit () { $EDITOR $(git grep --name-only --recursive "$@"); } + ''; }; } -- 2.47.2 From a330098c9c1ee7735a679590184cee46946cd1fd Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 20 Dec 2023 23:00:23 +0100 Subject: [PATCH 15/16] perf: add to essential profile --- home-manager/profiles/essential.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home-manager/profiles/essential.nix b/home-manager/profiles/essential.nix index df13301..eede824 100644 --- a/home-manager/profiles/essential.nix +++ b/home-manager/profiles/essential.nix @@ -15,6 +15,7 @@ programs.home-manager.enable = true; home.packages = [ nixosConfig.boot.kernelPackages.cpupower + nixosConfig.boot.kernelPackages.perf pkgs.acpi pkgs.binutils pkgs.cryptsetup -- 2.47.2 From a31260620b6b41072ebea196333d6c069d4d4c9c Mon Sep 17 00:00:00 2001 From: Julien Moutinho Date: Wed, 20 Dec 2023 23:38:18 +0100 Subject: [PATCH 16/16] gtk: prefer-dark color-scheme --- home-manager/profiles/graphical.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/home-manager/profiles/graphical.nix b/home-manager/profiles/graphical.nix index 1500190..4f6beca 100644 --- a/home-manager/profiles/graphical.nix +++ b/home-manager/profiles/graphical.nix @@ -27,4 +27,21 @@ ''; systemd.user.services.setxkbmap.Service.ExecStartPost = "${pkgs.xorg.xmodmap}/bin/xmodmap ${config.home.homeDirectory}/.Xmodmap"; + programs.bash.shellAliases = { + gtk-light = "dconf write /org/gnome/desktop/interface/color-scheme '\"prefer-light\"'"; + gtk-dark = "dconf write /org/gnome/desktop/interface/color-scheme '\"prefer-dark\"'"; + }; + dconf.settings = { + "org/gnome/desktop/interface" = { + color-scheme = "prefer-dark"; + }; + }; + gtk = { + theme.name = "Adwaita"; + gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; + gtk3 = { + bookmarks = lib.mkDefault [ + ]; + }; + }; } -- 2.47.2