arch/dotfiles
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Compare commits

base: arch:e8e2f867af2978b8ab8cf886215f98220dae1aad
Branches Tags
arch:master
..
compare: arch:9c578b932f140d84b0e3676c3bb3580104d785e0
Branches Tags
arch:master

5 commits
e8e2f867af ... 9c578b932f

Author SHA1 Message Date
Gabriel Simmer 9c578b932f
Default dark theme, elfeed feeds 2023-07-25 19:48:07 +01:00
Gabriel Simmer 3cc7875baa
(emacs) remove trial font face, new packages 2023-07-25 19:47:43 +01:00
Gabriel Simmer fa14a1e45f
New emacs splash screen 2023-07-25 19:46:27 +01:00
Gabriel Simmer 5855f350e4
Move systems.org contents 2023-07-25 19:46:10 +01:00
Gabriel Simmer 61fe57871e
update london home 2023-07-25 19:45:34 +01:00
6 changed files with 40 additions and 378 deletions
Show stats Expand all files Collapse all files

6
.emacs.d/custom.el
View file

@ -79,9 +79,11 @@
(tramp-connection-local-default-system-profile
(path-separator . ":")
(null-device . "/dev/null"))))
'(custom-enabled-themes '(modus-operandi-tinted))
'(custom-enabled-themes '(modus-vivendi-tinted))
'(custom-safe-themes
'("f82e68d489e6c21c9552c4e8e35a03d126d9eba632a8e7b4f9329d1374b4a19c" "d395c1793e0d64797d711c870571a0033174ca321ed48444efbe640bf692bf4f" "11873c4fbf465b956889adfa9182495db3bf214d9a70c0f858f07f6cc91cbd47" "eb7cd622a0916358a6ef6305e661c6abfad4decb4a7c12e73d6df871b8a195f8" "fb83a50c80de36f23aea5919e50e1bccd565ca5bb646af95729dc8c5f926cbf3" "e7820b899036ae7e966dcaaec29fd6b87aef253748b7de09e74fdc54407a7a02" "1781e8bccbd8869472c09b744899ff4174d23e4f7517b8a6c721100288311fa5" default))
'("28d61ac6f26030e3c649e9f75b6ebd93dbf7f5f7b2f13e14cb1fe101e8cf4737" "d015f7295925398145c42285e2ea4bb438d449d36e2b10ba0650024862ec93a8" "64947f83c308d1101f20c6ff86c308497c4d032acb75d8e9dcbc4012d9a3b36e" "277a5bce12d6957dbabb43a2f55ee2b6371388b749cbb29fd251df19334a1f0b" "4b92d689600e9851d098c73951f7075f8fd0bb705b4d68806305cf3e4f001c9e" "75441a94fb5e6943320ce21aa5acf9cb24c3f87915666800f3906af8e85e0892" "f82e68d489e6c21c9552c4e8e35a03d126d9eba632a8e7b4f9329d1374b4a19c" "d395c1793e0d64797d711c870571a0033174ca321ed48444efbe640bf692bf4f" "11873c4fbf465b956889adfa9182495db3bf214d9a70c0f858f07f6cc91cbd47" "eb7cd622a0916358a6ef6305e661c6abfad4decb4a7c12e73d6df871b8a195f8" "fb83a50c80de36f23aea5919e50e1bccd565ca5bb646af95729dc8c5f926cbf3" "e7820b899036ae7e966dcaaec29fd6b87aef253748b7de09e74fdc54407a7a02" "1781e8bccbd8869472c09b744899ff4174d23e4f7517b8a6c721100288311fa5" default))
'(elfeed-feeds
'("https://news.ycombinator.com/rss" "https://lobste.rs/rss" "http://rss.slashdot.org/slashdot/slashdotMain" "https://www.carrot.blog/feed.xml" "https://cendyne.dev/feed.xml" "https://christine.website/blog.rss" "https://daniel.haxx.se/blog/feed/" "https://soatok.blog/feed/" "https://drewdevault.com/blog/index.xml" "https://eli.thegreenplace.net/feeds/all.atom.xml" "https://emnudge.dev/blog.xml" "https://fasterthanli.me/index.xml" "https://www.fosskers.ca/en/rss" "https://blog.gabrielsimmer.com/posts/index.xml" "https://grumpygamer.com/rss2.0" "https://www.inconsistent.software/feed.xml" "https://inessential.com/xml/rss.xml" "https://www.jefftk.com/news.rss" "https://jvns.ca/atom.xml" "https://kofi.sexy/feed.xml" "https://www.lastweekinaws.com/feed/" "https://www.masteringemacs.org/feed" "https://nullrouted.space/feed/" "https://www.netmeister.org/blog/rss.xml" "https://tailscale.dev/feed.xml" "https://www.tbray.org/ongoing/ongoing.atom" "https://twi.github.io/blog/atom.xml" "https://vivekhaldar.com/index.xml" "https://what-if.xkcd.com/feed.atom" "https://www.ansible.com/blog/rss.xml" "https://tailscale.com/blog/index.xml" "https://kubernetes.io/feed.xml" "https://blog.cloudflare.com/rss/" "https://fly.io/blog/feed.xml" "https://webkit.org/feed/" "https://feeds.arstechnica.com/arstechnica/technology-lab" "https://sachachua.com/blog/category/emacs-news/feed/" "https://emnudge.dev/reads.xml" "https://www.gamersnexus.net/news/feed" "https://lwn.net/headlines/rss" "https://webzine.snowflake.ovh/atom.xml" "http://syndication.thedailywtf.com/TheDailyWtf" "https://github.com/louislam/uptime-kuma/releases.atom" "https://github.com/dani-garcia/vaultwarden/releases.atom" "https://www.commitstrip.com/en/feed/" "https://jensorensen.com/feed/" "https://loadingartist.com/index.xml" "https://www.monkeyuser.com/feed.xml" "https://www.oglaf.com/feeds/rss/" "https://www.smbc-comics.com/comic/rss" "https://theoatmeal.com/feed/rss" "https://www.youtube.com/feeds/videos.xml?channel_id=UCs4fQRyl1TJvoeOdekW6lYA" "https://www.youtube.com/feeds/videos.xml?channel_id=UCXuqSBlHAE6Xw-yeJA0Tunw" "https://www.youtube.com/feeds/videos.xml?channel_id=UC0Eqb484X8EiNrFLSUQVsaA" "https://www.youtube.com/feeds/videos.xml?channel_id=UCBa659QWEk1AI4Tg--mrJ2A"))
'(safe-local-variable-values
'((eval modify-syntax-entry 43 "'")
(eval modify-syntax-entry 36 "'")

5
.emacs.d/early-init.el
View file

@ -5,7 +5,7 @@
(with-current-buffer (get-buffer-create "*Welcome*")
(setq truncate-lines t)
(let* ((buffer-read-only)
(image-path "~/.emacs.d/emacs.png")
(image-path "~/.emacs.d/splash.png")
(image (create-image image-path))
(size (image-size image))
(height (cdr size))
@ -26,7 +26,8 @@
(read-only-mode +1)
(switch-to-buffer (current-buffer))
(local-set-key (kbd "<escape>") 'kill-this-buffer)
(local-set-key (kbd "t") 'vterm)))
(local-set-key (kbd "t") 'vterm)
(local-set-key (kbd "c") 'chatgpt-shell)))
(setq initial-scratch-message nil)
(setq inhibit-startup-screen t)

16
.emacs.d/init.el
View file

@ -2,8 +2,8 @@
(setq inhibit-startup-message t)
(setq auto-save-default nil)
(setq make-backup-files nil)
(cond ((find-font (font-spec :name "Berkeley Mono Trial"))
(set-face-attribute 'default nil :font "Berkeley Mono Trial" :height 120)))
(cond ((find-font (font-spec :name "Berkeley Mono"))
(set-face-attribute 'default nil :font "Berkeley Mono" :height 120)))
(global-set-key (kbd "<escape>") 'keyboard-escape-quit)
(scroll-bar-mode -1)
(tool-bar-mode -1)
@ -163,6 +163,8 @@
:hook (k8s-mode . yas-minor-mode))
(use-package kubernetes :straight t)
(use-package rust-mode :straight t)
(use-package tree-sitter :straight t)
(use-package tree-sitter-indent :straight t)
(use-package markdown-mode :straight t)
(use-package olivetti :straight t)
(use-package copilot
@ -173,12 +175,16 @@
(interactive)
(or (copilot-accept-completion)
(company-indent-or-complete-common nil)))
(use-package elfeed :straight t)
; modify company-mode behaviors
(use-package chatgpt-shell
:straight t)
; modify company-mode behaviors
(with-eval-after-load 'company
; disable inline previews
; disable inline previews
(delq 'company-preview-if-just-one-frontend company-frontends)
; enable tab completion
; enable tab completion
(define-key company-mode-map (kbd "C-<tab>") 'my-tab)
(define-key company-mode-map (kbd "C-TAB") 'my-tab)
(define-key company-active-map (kbd "C-<tab>") 'my-tab)

BIN
.emacs.d/splash.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 162 KiB

341
Systems.org
View file

@ -1,340 +1 @@
#+title: NixOS System Configurations
#+PROPERTY: header-args :mkdirp yes
* Systems
I have opted to use NixOS for my systems moving forward. You can read a bit more
about this move [[https://blog.gabrielsimmer.com/posts/from-guix-to-nixos][here]]. I haven't dabbled with custom configuration too much so
this is pretty close to the default configuration.
** London
London is my primary desktop.
Be sure to import the hardware configuration the Nix installer generates.
#+begin_src nix :tangle nix/configuration.nix
# Tangled in ../Systems.org
{ config, pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
];
#+end_src
Bootloader is GRUB so I can dual boot Windows. =enableCryptodisk= is annoying but apparently neccesary.
#+begin_src nix :tangle nix/configuration.nix
boot.loader.grub = {
enable = true;
version = 2;
device = "nodev";
useOSProber = true;
efiSupport = true;
enableCryptodisk = true;
canTouchEfiVariables = true;
efiSysMountPoint = "/boot/efi";
};
#+end_src
Basic system stuff that I won't really touch by hand. Importantly, enabled nix flakes.
#+begin_src nix :tangle nix/configuration.nix
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
boot.kernelPackages = pkgs.linuxPackages_6_0;
# Setup keyfile
boot.initrd.secrets = {
"/crypto_keyfile.bin" = null;
};
# Enable swap on luks
boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".device = "/dev/disk/by-uuid/63100442-37df-4579-a787-cb2f2c67b3d1";
boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".keyFile = "/crypto_keyfile.bin";
nix.settings.experimental-features = [ "nix-command" "flakes" ];
time.timeZone = "Europe/London";
i18n.defaultLocale = "en_GB.utf8";
#+end_src
Networking stuff. I use Tailscale as a mesh VPN, and Mullvad for "privacy".
#+begin_src nix :tangle nix/configuration.nix
networking.hostName = "LONDON"; # Define your hostname.
# Enable networking
networking.networkmanager.enable = true;
systemd.services.NetworkManager-wait-online.enable = false;
networking.firewall.checkReversePath = "loose";
networking.firewall.allowedTCPPorts = [ 3389 ]; # for RDP
services.mullvad-vpn.enable = true;
services.tailscale.enable = true;
#+end_src
Next, X11! I haven't quite made the switch to Wayland. Theoretically Plasma supports it but it doesn't seem to want to work. Long term I want to run Sway on an ultrawide. I also enable RDP in case I need to remote back into my desktop (if I can't use SSH for whatever reason). Also enable the nvidia drivers here.
#+begin_src nix :tangle nix/configuration.nix
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the KDE Plasma Desktop Environment.
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;
services.xrdp.enable = true;
services.xrdp.defaultWindowManager = "startplasma-x11";
# Configure keymap in X11
services.xserver = {
layout = "us";
xkbVariant = "";
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
services.xserver.videoDrivers = [ "nvidia" ];
hardware.opengl.enable = true;
#+end_src
Basic user setup. I use home-manager for my profile applications so just give me vim and that's it (I actually use emacs, but it doesn't hurt to have a fallback).
#+begin_src nix :tangle nix/configuration.nix
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh ];
users.users.gsimmer = {
shell = pkgs.zsh;
isNormalUser = true;
description = "Gabriel Simmer";
extraGroups = [ "networkmanager" "wheel" ];
packages = with pkgs; [ vim ];
};
#+end_src
Misc. utilities. Printing, sound, Docker, Steam, fonts. Why is Steam installed at a system level? I don't know. I think I got confused. This will be move to home-manager at some point.
#+begin_src nix :tangle nix/configuration.nix
environment.systemPackages = with pkgs; [
os-prober
tailscale
cifs-utils
pinentry-curses
];
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
};
virtualisation = {
docker = {
enable = true;
rootless = {
enable = true;
setSocketVariable = true;
};
};
};
programs.dconf.enable = true;
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = false;
};
fonts.fonts = with pkgs; [
ibm-plex
jetbrains-mono
];
services.yubikey-agent.enable = true;
services.pcscd.enable = true;
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
pinentryFlavor = "curses";
enableSSHSupport = true;
};
system.stateVersion = "22.05";
}
#+end_src
Hardware configuration generated by the NixOS installer.
#+begin_src nix :tangle nix/hardware-configuration.nix
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/cd6f3e34-65ce-4be5-b4d4-6818e70dcff3";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-0cd5d85e-e232-4f75-a8b3-087737657fef".device = "/dev/disk/by-uuid/0cd5d85e-e232-4f75-a8b3-087737657fef";
fileSystems."/boot/efi" =
{ device = "/dev/disk/by-uuid/AB23-FA19";
fsType = "vfat";
};
fileSystems."/home/gsimmer/FHG" = {
device = "/dev/disk/by-label/FHG";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/c50f2d93-2f31-4afc-ad26-4730a8f4b7f0"; }
];
networking.useDHCP = lib.mkDefault true;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.video.hidpi.enable = lib.mkDefault true;
}
#+end_src
** Raspberry Pis
/This section is deprecated, as my Pis now run Raspbian with k3s./
I have two Raspberry Pis - a 3B+ ("watcher"), and a 4 ("panda"). Watcher
serves as a watchdog for my self hosted services, usually living on Panda.
*** The Installer Image
Very minimal changes required here, only really need to enabled the SSH daemon and add my key so I can push the actual configuration.
I might investigate bundling the "real" configurations into the live installer image, so I have to run fewer commands.
[[https://nixos.wiki/wiki/NixOS_on_ARM#Getting_the_installer][More info on the NixOS Wiki]]
#+begin_src nix :tangle nix/image-configuration.nix
{ ... }: {
imports = [
<nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
];
services.sshd.enable = true;
services.ntp.enable = true;
users.users.gsimmer = {
isNormalUser = true;
extraGroups = [ "wheel" ];
password = "pass"; # This gets changed. Don't get any ideas.
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
};
}
#+end_src
*** Watcher
Watcher is my Raspberry Pi 3B+ responsible for monitoring various
services and devices on my network (and generally the wider web).
It uses [[https://github.com/gmemstr/platypus][Platypus]] (my custom monitoring platform) for this, along
with some cron jobs to curl the services themselves.
Actually declaractive install of Platypus is TODO, once I have the
next release tagged.
#+begin_src nix :tangle nix/watcher-configuration.nix
{ config, pkgs, lib, ... }: {
boot.loader.grub.enable = false;
boot.loader.generic-extlinux-compatible.enable = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
services.sshd.enable = true;
services.ntp.enable = true;
users.users.gsimmer = {
isNormalUser = true;
extraGroups = [ "wheel" ];
password = "pass"; # This gets changed. Don't get any ideas.
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"];
};
environment.systemPackages = [ pkgs.git pkgs.curl ];
systemd.user.services.ensure-curlscript = {
script = ''
# At some point this will pull down a more complete script.
echo "Done!"
'';
wantedBy = [ "multi-user.target" ];
};
# Enable cron services
services.cron = {
enable = true;
systemCronJobs = [
"*/5 * * * * gsimmer curl -I -o /dev/null -w \"$(date)|\\%{http_code}\" https://pw.gmem.ca > /home/gsimmer/pw-status"
"*/5 * * * * gsimmer curl -I -o /dev/null -w \"$(date)|\\%{http_code}\" https://hue.gmem.ca > /home/gsimmer/hue-status"
];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
};
};
networking.firewall.enable = false;
}
#+end_src
*** Panda
Panda is a general-purpose Raspberry Pi 4, responsible for hosting
some network shares and my password manager (using [[https://github.com/dani-garcia/vaultwarden][Vaultwarden]]).
Largely TODO, this currently runs Raspbian until I'm happy with my
testbed.
#+begin_src nix :tangle nix/panda-configuration.nix
{ ... }: {
imports = [
<nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
];
# put your own configuration here, for example ssh keys:
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"
];
}
#+end_src
Moved to [[https://vancouver.scorpion-ghost.ts.net/git/arch/infra][arch/infra]].

50
home-manager/london.nix
View file

@ -1,32 +1,16 @@
{ config, pkgs, callPackage, ... }:
{
nixpkgs.overlays = [
(self: super:
let
# Overlay function
emacs-overlay =
import (builtins.fetchTarball {
url = https://github.com/nix-community/emacs-overlay/archive/master.tar.gz;
});
#
# Extract version pointing to master branch
emacsGit = (emacs-overlay self super).emacsGit;
#
# Override source attribute
emacs-custom-base = emacsGit.overrideAttrs ( old: {
src = pkgs.fetchFromSavannah {
repo = "emacs";
rev = "89ac5ba11c773764f418c92ab47a237287a0d233";
sha256 = "19qjj0aw7w0rz29jpa1x48jmv3mh1p1aky82y040xmk6axg8blnl";
};
});
in
{
emacs-custom = emacs-custom-base;
}
)
];
nixpkgs.overlays =
let
discordOverlay = self: super: {
discord = super.discord.override { withOpenASAR = true; withVencord = true; };
};
in
[
(import (builtins.fetchTarball {
url = https://github.com/nix-community/emacs-overlay/archive/master.tar.gz;
})) discordOverlay];
home.username = "gsimmer";
home.homeDirectory = "/home/gsimmer";
@ -38,6 +22,7 @@
enable = true;
interactiveShellInit = ''
set fish_greeting
atuin init fish | source
'';
plugins = [
{
@ -62,7 +47,7 @@
programs.git = {
enable = true;
userName = "Gabriel Simmer";
userEmail = "gsimmer@protonmail.com";
userEmail = "g@gmem.ca";
signing = {
key = "C81B106D46C5B875";
signByDefault = true;
@ -71,7 +56,7 @@
programs.emacs = {
enable = true;
package = pkgs.emacs-custom;
package = pkgs.emacs-unstable-pgtk;
extraPackages = epkgs: [
epkgs.vterm
];
@ -87,7 +72,6 @@
};
home.packages = with pkgs; [
discord
spotify
bitwarden-cli
mullvad-vpn
@ -96,12 +80,20 @@
obs-studio
python3
lmms
thunderbird
prismlauncher
ripgrep
kitty
cider
virt-manager
jre8
parsec-bin
nodejs
telegram-desktop
atuin
age-plugin-yubikey
rage
discord
];
# This value determines the Home Manager release that your