ktiu/omniflake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

diesdas

Browse source
This commit is contained in:
Till 2026-01-19 20:19:47 +01:00
parent deebde0386
commit 3c34e65b68
12 changed files with 91 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

1
home/default.nix
View file

@ -29,7 +29,6 @@
nyxt nyxt
# media # media
#bookworm
anki-bin anki-bin
qbittorrent qbittorrent
nicotine-plus nicotine-plus

6
home/firefox.nix
View file

@ -3,11 +3,6 @@
{ {
programs.firefox = { programs.firefox = {
enable = true; enable = true;
# package = pkgs.firefox.override {
# cfg = {
# enableTridactylNative = true;
# };
# };
policies = { policies = {
DisableFirefoxAccounts = true; DisableFirefoxAccounts = true;
DisablePocket = true; DisablePocket = true;
@ -42,6 +37,7 @@
adaptive-tab-bar-colour adaptive-tab-bar-colour
auto-tab-discard auto-tab-discard
keepassxc-browser keepassxc-browser
passff
tampermonkey tampermonkey
ublock-origin ublock-origin
vimium vimium

8
home/fish.nix
View file

@ -23,6 +23,14 @@
echo (set_color magenta)fish $version(set_color normal) echo (set_color magenta)fish $version(set_color normal)
end end
function brief;
khal list today 1d --day-format=
echo ""
task rc.verbose=nothing rc.report.foo.columns:id,description.count rc.report.foo.sort:urgency- foo +READY limit:5
echo ""
tree --noreport -L 1 ~/desktop
end
fzf --fish | source fzf --fish | source
function startrloft --description 'Starts R with custom environment' function startrloft --description 'Starts R with custom environment'

6
home/mail/default.nix
View file

@ -36,7 +36,7 @@
smtp.tls.useStartTls = true; smtp.tls.useStartTls = true;
userName = "tstraube"; userName = "tstraube";
notmuch.enable = true; notmuch.enable = true;
passwordCommand = "secret-tool lookup server uni-frankfurt.de account tstraube"; passwordCommand = "pass uni/hrz";
signature = { signature = {
text = '' text = ''
Dr. Till Straube (he/him) Dr. Till Straube (he/him)
@ -114,7 +114,7 @@
unset crypt_auto_smime unset crypt_auto_smime
unalternates * unalternates *
alternates @t9e.me$ alternates @t9e.me$ @ktiu.net$
set reverse_name set reverse_name
set my_signature = ${ set my_signature = ${
@ -131,7 +131,7 @@
enable = true; enable = true;
extraConfig.from = "*@t9e.me"; extraConfig.from = "*@t9e.me";
}; };
passwordCommand = "secret-tool lookup server arielle.ktiu.net account till.straube@t9e.me"; passwordCommand = "pass mail/arielle.ktiu.net";
}; };
ktiu = { ktiu = {

36
home/minimal.nix
View file

@ -16,14 +16,15 @@
xdg.userDirs = { xdg.userDirs = {
enable = true; enable = true;
desktop = "${config.home.homeDirectory}/desktop";
documents = "${config.home.homeDirectory}/misc";
download = "${config.home.homeDirectory}/tmp"; download = "${config.home.homeDirectory}/tmp";
music = "${config.home.homeDirectory}/media/music"; music = "${config.home.homeDirectory}/media/music";
pictures = "${config.home.homeDirectory}/media/img"; pictures = "${config.home.homeDirectory}/media/img";
videos = "${config.home.homeDirectory}/media/vid";
documents = "${config.home.homeDirectory}/misc";
templates = "${config.xdg.dataHome}/templates";
publicShare = "${config.home.homeDirectory}/box"; publicShare = "${config.home.homeDirectory}/box";
desktop = null; templates = "${config.xdg.dataHome}/templates";
videos = "${config.home.homeDirectory}/media/vid";
}; };
home.packages = with pkgs; [ home.packages = with pkgs; [
@ -71,4 +72,31 @@
enable = true; enable = true;
settings.styles.theme = "default-light"; settings.styles.theme = "default-light";
}; };
programs.ssh.matchBlocks = {
geocom = {
hostname = "geocom.uni-frankfurt.de";
user = "till";
identityFile = "${config.home.homeDirectory}/.ssh/tstraube";
};
};
programs.gpg.settings = {
no-emit-version = true;
no-comments = true;
keyserver = "hkps://keys.openpgp.org/";
keyserver-options = [
"no-honor-keyserver-url"
"include-revoked"
];
personal-cipher-preferences = "AES256 AES192 AES CAST5";
personal-digest-preferences = "SHA512 SHA384 SHA256 SHA224";
cert-digest-algo = "SHA512";
default-preference-list = "SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
};
} }

18
home/password-store.nix
View file

@ -1,14 +1,24 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
# services.gnome.gnome-keyring.enable = lib.mkForce false;
# services.gnome.gnome-keyring.enable = false;
services.pass-secret-service.enable = true;
programs.password-store = { programs.password-store = {
enable = true; enable = true;
settings = { settings = {
PASSWORD_STORE_DIR = "$XDG_DATA_HOME/crypto/password-store"; PASSWORD_STORE_DIR = "${config.xdg.dataHome}/crypto/password-store";
}; };
}; };
programs.firefox.nativeMessagingHosts = [
pkgs.passff-host
];
services.pass-secret-service = {
enable = true;
};
home.packages = with pkgs; [
pinentry-all
];
} }

11
home/slim-desktop.nix
View file

@ -11,6 +11,7 @@
home.packages = with pkgs; [ home.packages = with pkgs; [
aichat
usbutils usbutils
wl-clipboard wl-clipboard
@ -19,7 +20,7 @@
notmuch notmuch
w3m w3m
openssl openssl
gnupg # gnupg
urlscan urlscan
ripmime ripmime
@ -50,11 +51,10 @@
# media # media
rhythmbox rhythmbox
vlc vlc
appimage-run appimage-run
# secrets # secrets
libsecret # libsecret
keepassxc keepassxc
yubioath-flutter yubioath-flutter
@ -70,9 +70,12 @@
]; ];
programs.taskwarrior = { programs.taskwarrior = {
package = pkgs.taskwarrior3;
enable = true; enable = true;
package = pkgs.taskwarrior3;
dataLocation = "${config.xdg.dataHome}/taskwarrior/tasks"; dataLocation = "${config.xdg.dataHome}/taskwarrior/tasks";
colorTheme = "light-256"; colorTheme = "light-256";
config = { config = {
report.list.columns = ["id" "depends.indicator" "priority" "project" "recur.indicator" "scheduled.countdown" "due" "until.age" "status.short" "description.count" "tags"]; report.list.columns = ["id" "depends.indicator" "priority" "project" "recur.indicator" "scheduled.countdown" "due" "until.age" "status.short" "description.count" "tags"];

1
ssh/till@nova.pub
View file

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDr1G6eXwR8t8k/2Vm1CX8ARt7q2GVPtX+xdOFqDonQy0yPai85s1Y+wkIivC9GvdyK1Q5EM2Vl7PKOvJxAJwwevgPTp6hsg9JOc2v0WNJ12p9a0NF2cXJwmgIVs2z0GTritJpO0VwWUdjI+RJORpTAkkMskEWB4IU/ub1nOUya2Hq7xvI9GcvnVoA7nWRs2X6VHHQLIbkrc9+a3MdGtJim1/yJ/CfiX/RueWZ8ANBpieUmgwjQJn6WYCCl/q2fId4vc/njtwmF/Tx5H4MxVCMpPmbbD7XAN04cXMpZOKKAHHbwM14SpslQFDPnfmF9f3BdEvTaxJOu7Fs8nE6XEJs+gUgY4lGQfaoPOKN7uyD/reVfqTwkvF7PzhiT7FEhPycpU5gNGyTka/o63xB3kCdlXhWBb3qmWB8E+0va0XdUj0STzjws3EtLLkoGJoXjp9UTQxqL31sxfPZQWQ7NmHne4/UR/R8xlv2Ul4VKBou8ZV6+5thsYo08JJiSbfnN9Ms= till@nova

22
system/desktop.nix
View file

@ -1,23 +1,16 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
imports = imports = [
[ ./interception-tools.nix
./interception-tools.nix ./secrets.nix
]; ];
# zramSwap.enable = true;
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
# networking.firewall = {
# allowedTCPPorts = [ 4000 ];
# };
i18n.extraLocaleSettings = { i18n.extraLocaleSettings = {
LC_TIME = "en_GB.UTF-8"; LC_TIME = "en_GB.UTF-8";
LC_CTYPE = "de_DE.UTF-8"; LC_CTYPE = "de_DE.UTF-8";
@ -41,11 +34,6 @@
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
programs.gnupg.agent = {
enable = true;
pinentryPackage = pkgs.pinentry-curses;
};
environment.sessionVariables = { environment.sessionVariables = {
XDG_CONFIG_HOME = "$HOME/.config"; XDG_CONFIG_HOME = "$HOME/.config";
XDG_CACHE_HOME = "$HOME/.cache"; XDG_CACHE_HOME = "$HOME/.cache";
@ -69,8 +57,6 @@
dbus.enable = true; dbus.enable = true;
flatpak.enable = true; flatpak.enable = true;
fwupd.enable = true; fwupd.enable = true;
# mullvad-vpn.enable = true;
# mullvad-vpn.package = pkgs.mullvad-vpn;
printing.enable = true; printing.enable = true;
udisks2.enable = true; udisks2.enable = true;
}; };

2
system/gnome.nix
View file

@ -25,6 +25,8 @@
services.gnome.gnome-browser-connector.enable = true; services.gnome.gnome-browser-connector.enable = true;
services.gnome.gnome-keyring.enable = lib.mkForce false;
programs.kdeconnect = { programs.kdeconnect = {
enable = true; enable = true;
package = lib.mkForce pkgs.gnomeExtensions.gsconnect; package = lib.mkForce pkgs.gnomeExtensions.gsconnect;

11
system/secrets.nix Normal file
View file

@ -0,0 +1,11 @@
{ config, pkgs, ... }:
{
programs.gnupg.agent = {
enable = true;
pinentryPackage = pkgs.pinentry-gnome3;
enableSSHSupport = true;
};
}

9
system/yubikey.nix
View file

@ -1,6 +1,13 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
services.pcscd.enable = true;
environment.systemPackages = with pkgs; [
yubikey-personalization
];
services.udev = { services.udev = {
packages = [ pkgs.yubikey-personalization ]; packages = [ pkgs.yubikey-personalization ];
# extraRules = '' # extraRules = ''
@ -12,8 +19,10 @@
# RUN+="${pkgs.systemd}/bin/loginctl lock-sessions" # RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
# ''; # '';
}; };
security.pam.services = { security.pam.services = {
login.u2fAuth = true; login.u2fAuth = true;
sudo.u2fAuth = true; sudo.u2fAuth = true;
}; };
} }