diff options
| -rw-r--r-- | flake.lock | 134 | ||||
| -rw-r--r-- | flake.nix | 3 | ||||
| m--------- | packages | 0 | ||||
| -rw-r--r-- | system/linde.nix | 20 | ||||
| -rw-r--r-- | user/settings/development/golang.nix | 11 | ||||
| -rw-r--r-- | user/settings/emacs.nix | 2 | ||||
| -rw-r--r-- | user/settings/fish.nix | 8 | ||||
| -rw-r--r-- | user/settings/user-interface.nix | 16 |
8 files changed, 143 insertions, 51 deletions
diff --git a/flake.lock b/flake.lock index 19b9cd30..de8cebf0 100644 --- a/flake.lock +++ b/flake.lock @@ -52,11 +52,11 @@ ] }, "locked": { - "lastModified": 1732420287, - "narHash": "sha256-CzvYF4x6jUh/+NEEIFrIY5t1W/N3IA2bNZJiMXu9GTo=", + "lastModified": 1732603785, + "narHash": "sha256-AEjWTJwOmSnVYsSJCojKgoguGfFfwel6z/6ud6UFMU8=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "3c52583b99666a349a6219dc1f0dd07d75c82d6a", + "rev": "6ab87b7c84d4ee873e937108c4ff80c015a40c7a", "type": "github" }, "original": { @@ -107,6 +107,25 @@ "type": "github" } }, + "emacs-overlay": { + "inputs": { + "nixpkgs": "nixpkgs_2", + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1732986626, + "narHash": "sha256-mm0VxNLhlcfX4to/Lv2tDPYWnQ+Py13Hq3cHc+RT9YI=", + "owner": "nix-community", + "repo": "emacs-overlay", + "rev": "d902534f27fea8439422e55c435d4b4bbf8a2472", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "emacs-overlay", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -226,11 +245,11 @@ ] }, "locked": { - "lastModified": 1732216375, - "narHash": "sha256-gFDjpoaVV7QoMTvxVN/W58e5mh2+5zagNBAK4IPBgpQ=", + "lastModified": 1732907966, + "narHash": "sha256-59DP0vcqNjY8ct3rmMhD9D4y+yYR2j7hg2D/z14iO/M=", "owner": "tailscale", "repo": "golink", - "rev": "43d714d264ac76d2048c9fdcfdd4a98bb5c16d51", + "rev": "2ecf9ef4d51e9b3d27cb0c2ab0fb8a0ef4543b6e", "type": "github" }, "original": { @@ -292,11 +311,11 @@ ] }, "locked": { - "lastModified": 1732453510, - "narHash": "sha256-mAOaLu++YRwOxCJ135Bhgf78WYhIKWHL2aGWCAoXoBg=", + "lastModified": 1732884235, + "narHash": "sha256-r8j6R3nrvwbT1aUp4EPQ1KC7gm0pu9VcV1aNaB+XG6Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "bd58a1132e9b7f121f65313bc662ad6c8a05f878", + "rev": "819f682269f4e002884702b87e445c82840c68f2", "type": "github" }, "original": { @@ -309,7 +328,7 @@ "inputs": { "devshell": "devshell", "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1731876430, @@ -332,11 +351,11 @@ ] }, "locked": { - "lastModified": 1732461762, - "narHash": "sha256-3SMxtkXlmzPmF4NXCt6lLF2IkdyAmO824PlScUKVhB0=", + "lastModified": 1732519917, + "narHash": "sha256-AGXhwHdJV0q/WNgqwrR2zriubLr785b02FphaBtyt1Q=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "bedc30c64442579943c1c6e7579db263d810884f", + "rev": "f4a5ca5771ba9ca31ad24a62c8d511a405303436", "type": "github" }, "original": { @@ -347,11 +366,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1731797098, - "narHash": "sha256-UhWmEZhwJZmVZ1jfHZFzCg+ZLO9Tb/v3Y6LC0UNyeTo=", + "lastModified": 1732483221, + "narHash": "sha256-kF6rDeCshoCgmQz+7uiuPdREVFuzhIorGOoPXMalL2U=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "672ac2ac86f7dff2f6f3406405bddecf960e0db6", + "rev": "45348ad6fb8ac0e8415f6e5e96efe47dd7f39405", "type": "github" }, "original": { @@ -378,11 +397,11 @@ }, "nixpkgs-small": { "locked": { - "lastModified": 1732446744, - "narHash": "sha256-yXqgr+GiC/RBr8n/6Bn9eRagitXbKXNcoSaZUCovuwI=", + "lastModified": 1732951447, + "narHash": "sha256-ndq0dD5E6FkqwmNYFS1wUAHa/5HixS3jLjulogM+7/E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2570b87e71ea16daadf0a93f1eae2d3ad4478a94", + "rev": "57feb2a16f705eeffb075888d92a986e66473012", "type": "github" }, "original": { @@ -394,6 +413,22 @@ }, "nixpkgs-stable": { "locked": { + "lastModified": 1732749044, + "narHash": "sha256-T38FQOg0BV5M8FN1712fovzNakSOENEYs+CSkg31C9Y=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0c5b4ecbed5b155b705336aa96d878e55acd8685", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { + "locked": { "lastModified": 1710695816, "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", "owner": "NixOS", @@ -410,6 +445,22 @@ }, "nixpkgs_2": { "locked": { + "lastModified": 1732758367, + "narHash": "sha256-RzaI1RO0UXqLjydtz3GAXSTzHkpb/lLD1JD8a0W4Wpo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "fa42b5a5f401aab8a32bd33c9a4de0738180dc59", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { "lastModified": 1731755305, "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=", "owner": "NixOS", @@ -424,13 +475,13 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { - "lastModified": 1732014248, - "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", + "lastModified": 1732837521, + "narHash": "sha256-jNRNr49UiuIwaarqijgdTR2qLPifxsVhlJrKzQ8XUIE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", + "rev": "970e93b9f82e2a0f3675757eb0bfc73297cc6370", "type": "github" }, "original": { @@ -440,7 +491,23 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { + "locked": { + "lastModified": 1718530797, + "narHash": "sha256-pup6cYwtgvzDpvpSCFh1TEUjw2zkNpk8iolbKnyFmmU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b60ebf54c15553b393d144357375ea956f89e9a9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { "locked": { "lastModified": 1710765496, "narHash": "sha256-p7ryWEeQfMwTB6E0wIUd5V2cFTgq+DRRBz2hYGnJZyA=", @@ -463,11 +530,11 @@ ] }, "locked": { - "lastModified": 1732392136, - "narHash": "sha256-i5wCb2tpgm8qjE06rOlHb/rLduXL6DwZGSX5rLu5dGA=", + "lastModified": 1732995839, + "narHash": "sha256-W4puZ9bsWChKITK/9eFWP33yNP9hd40QHYy8nFntTkE=", "ref": "refs/heads/main", - "rev": "8676655b28c94931c1ad2e443740341b348b056c", - "revCount": 36, + "rev": "7045e0e5dee00764d5329f3d3cecde04ef61a630", + "revCount": 37, "type": "git", "url": "file:packages" }, @@ -480,8 +547,8 @@ "inputs": { "flake-compat": "flake-compat_2", "gitignore": "gitignore", - "nixpkgs": "nixpkgs_4", - "nixpkgs-stable": "nixpkgs-stable" + "nixpkgs": "nixpkgs_6", + "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { "lastModified": 1718819804, @@ -502,12 +569,13 @@ "agenix": "agenix", "darwin": "darwin_2", "deploy-rs": "deploy-rs", + "emacs-overlay": "emacs-overlay", "golink": "golink", "home-manager": "home-manager_2", "nh-darwin": "nh-darwin", "nix-index-database": "nix-index-database", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-small": "nixpkgs-small", "personal": "personal", "searchix": "searchix", @@ -519,9 +587,7 @@ "inputs": { "flake-utils": "flake-utils_2", "gomod2nix": "gomod2nix", - "nixpkgs": [ - "nixpkgs-small" - ], + "nixpkgs": "nixpkgs_5", "pre-commit-hooks": "pre-commit-hooks", "simple-css": "simple-css" }, diff --git a/flake.nix b/flake.nix index bb326751..e61f528f 100644 --- a/flake.nix +++ b/flake.nix @@ -7,6 +7,7 @@ nix-index-database.inputs.nixpkgs.follows = "nixpkgs"; darwin.url = "github:lnl7/nix-darwin/master"; darwin.inputs.nixpkgs.follows = "nixpkgs"; + emacs-overlay.url = "github:nix-community/emacs-overlay"; home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; nh-darwin.url = "github:ToyVo/nh_darwin"; @@ -36,6 +37,7 @@ , nixpkgs , nixpkgs-small , nixos-hardware + , emacs-overlay , home-manager , darwin , nh-darwin @@ -65,6 +67,7 @@ inherit system; overlays = readOverlays (toString ./overlays) ++ [ agenix.overlays.default + emacs-overlay.overlays.default (self: super: { personal = personal.packages.${system}; enchant = super.enchant.override { diff --git a/packages b/packages -Subproject 8676655b28c94931c1ad2e443740341b348b056 +Subproject 7045e0e5dee00764d5329f3d3cecde04ef61a63 diff --git a/system/linde.nix b/system/linde.nix index ba88075d..573eb78e 100644 --- a/system/linde.nix +++ b/system/linde.nix @@ -853,6 +853,10 @@ in permitCertUid = "caddy"; port = tsPort; }; + services.tailscaleAuth = { + enable = true; + group = "caddy"; + }; services.caddy = { enable = true; email = "caddy@alanpearce.eu"; @@ -874,6 +878,19 @@ in root * ${config.services.paperless.package}/lib/paperless-ngx/static file_server } + forward_auth unix//run/tailscale-nginx-auth/tailscale-nginx-auth.sock { + uri /auth + header_up Remote-Addr {remote_host} + header_up Remote-Port {remote_port} + header_up Original-URI {uri} + copy_headers { + Tailscale-User>X-Webauth-User + Tailscale-Name>X-Webauth-Name + Tailscale-Login>X-Webauth-Login + Tailscale-Tailnet>X-Webauth-Tailnet + Tailscale-Profile-Picture>X-Webauth-Profile-Picture + } + } reverse_proxy [::1]:${toString config.services.paperless.port} ''; }; @@ -893,6 +910,9 @@ in PAPERLESS_PROXY_SSL_HEADER = [ "HTTP_X_FORWARDED_PROTO" "https" ]; PAPERLESS_ENABLE_COMPRESSION = false; # let caddy do it + PAPERLESS_ENABLE_HTTP_REMOTE_USER = true; + PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME = "HTTP_X_WEBAUTH_USER"; + PAPERLESS_OCR_SKIP_ARCHIVE_FILE = "with_text"; PAPERLESS_OCR_LANGUAGE = "deu+eng"; PAPERLESS_IGNORE_DATES = "09.08.90"; diff --git a/user/settings/development/golang.nix b/user/settings/development/golang.nix index c0f92209..34a74896 100644 --- a/user/settings/development/golang.nix +++ b/user/settings/development/golang.nix @@ -15,6 +15,13 @@ home.sessionPath = [ "$HOME/go/bin" ]; + home.shellAliases = { + gom = "go mod"; + gomt = "go mod tidy"; + gomd = "go mod download"; + gog = "go get"; + gogu = "go get -u"; + }; home.sessionVariables.GOTOOLCHAIN = "local"; # use installed go tools programs.emacs.extraPackages = epkgs: (with epkgs; [ go-eldoc @@ -24,8 +31,4 @@ programs.neovim.plugins = with pkgs.vimPlugins; [ coc-go ]; - programs.fish.shellAbbrs = { - gmt = "go mod tidy"; - gmd = "go mod download"; - }; } diff --git a/user/settings/emacs.nix b/user/settings/emacs.nix index 26071562..cec5ee59 100644 --- a/user/settings/emacs.nix +++ b/user/settings/emacs.nix @@ -124,7 +124,7 @@ in goto-chg helpful jinx - just-mode + just-ts-mode justl kind-icon lua-mode diff --git a/user/settings/fish.nix b/user/settings/fish.nix index cfefa9ff..91d87505 100644 --- a/user/settings/fish.nix +++ b/user/settings/fish.nix @@ -40,7 +40,13 @@ set --export FZF_DEFAULT_OPTS '--cycle --layout=reverse --border --height=90% --preview-window=wrap --marker="*"' fzf_configure_bindings --directory=\cx\cf - set --universal hydro_multiline true + set --global hydro_multiline true + set --global hydro_color_pwd 00AFFF + set --global hydro_color_git 5FD700 + set --global hydro_color_start FF00FF + set --global hydro_color_error D70000 + set --global hydro_color_prompt 5FAF00 + set --global hydro_color_duration 87875F ''; shellAliases = { hist-freq-lines = lib.mkForce "history | sort | uniq -c | sort -gr | head -n100 | less"; diff --git a/user/settings/user-interface.nix b/user/settings/user-interface.nix index 5e1337ba..e46abb98 100644 --- a/user/settings/user-interface.nix +++ b/user/settings/user-interface.nix @@ -28,17 +28,11 @@ in [ inter input-fonts - # see https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/data/fonts/nerdfonts/shas.nix - (nerdfonts.override { - fonts = [ - "JetBrainsMono" - "IBMPlexMono" - "ZedMono" - "Recursive" - "NerdFontsSymbolsOnly" - ]; - }) - ] + ] ++ (with pkgs.nerd-fonts; [ + blex-mono + jetbrains-mono + recursive-mono + ]) ++ lib.optionals (!stdenv.isDarwin) (with pkgs; [ (discord.override { withOpenASAR = true; }) |