muon/flake
1
0
Fork 0
mirror of https://codeberg.org/muon/home.git synced 2026-03-08 03:25:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: muon:5bdf9e3a2c97bcb499369792f467ba4fbe84b450
Branches Tags
muon:main
muon:homelab
muon:vps
muon:container
muon:fresh
muon:i3
muon:hyprland
muon:refactor
muon:legacy
...
compare: muon:b1fdab737cca1017dbff29e4fd996be8da6917e1
Branches Tags
muon:main
muon:homelab
muon:vps
muon:container
muon:fresh
muon:i3
muon:hyprland
muon:refactor
muon:legacy

2 commits
5bdf9e3a2c ... b1fdab737c

Author SHA1 Message Date
muon
b1fdab737c Add random wallpaper 2025-12-26 13:21:08 +00:00
muon
fc14a394aa Add embedded syntax hl 2025-12-26 10:48:31 +00:00
9 changed files with 330 additions and 273 deletions
Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -25,7 +25,7 @@ sudo cp {/mnt,/mnt/persist}/etc/machine-id
## Erasure
```nix
boot.initrd.postResumeCommands = lib.mkAfter ''
boot.initrd.postResumeCommands = lib.mkAfter /* bash */ ''
mkdir /btrfs_tmp
mount /dev/mapper/crypted /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then

4
hosts/muvo/home.nix
View file

@ -21,6 +21,7 @@ in {
mods.desktop.development.enable = true;
mods.desktop.productivity.enable = false;
mods.zen.enable = true;
mods.theme.slideshow.enable = true;
home.packages = with pkgs; [
pulseaudio
@ -35,9 +36,6 @@ in {
enable = true;
hooks.postswitch = {
"notify-i3" = "${pkgs.i3}/bin/i3-msg restart";
"set-wallpaper" = ''
${lib.getExe pkgs.feh} --bg-fill --nofehbg ${./wallpaper.png}
'';
};
};

1
modules/home/desktop/default.nix
View file

@ -14,6 +14,7 @@ in {
./productivity.nix
./media.nix
./zen.nix
./theme.nix
];
mods.hyprland.enable = lib.mkIf cfg.wayland.enable true;

8
modules/home/desktop/development.nix
View file

@ -12,7 +12,9 @@
programs.nyxt = {
enable = false;
config = ''
config =
# lisp
''
(in-package #:nyxt-user)
(defvar *my-search-engines*
@ -73,7 +75,9 @@
hm = "https://home-manager-options.extranix.com/?release=master&query={}";
};
extraConfig = ''
extraConfig =
# py
''
host = c.content.blocking.hosts.lists.append
host("https://www.github.developerdan.com/hosts/lists/facebook-extended.txt")

24
modules/home/desktop/theme.nix Normal file
View file

@ -0,0 +1,24 @@
{
lib,
config,
...
}: let
cfg = config.mods.theme.slideshow;
in {
options.mods.theme.slideshow = {
enable = lib.mkEnableOption "enables slideshow wallpaper";
folder = lib.mkOption {
default = "%h/misc/pictures/wallpapers";
description = "slideshow wallpaper folder";
};
};
config = lib.mkIf cfg.enable {
services.random-background = lib.mkIf cfg.enable {
enable = true;
imageDirectory = cfg.folder;
enableXinerama = true;
interval = "1s";
};
};
}

12
modules/nixos/impermanence.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
with lib; {
options.mods.impermanence.enable = mkEnableOption "enables impermanence";
@ -8,7 +13,10 @@ with lib; {
files = ["/var/lib/sops-nix/key.txt" "/etc/machine-id"];
};
boot.initrd.postResumeCommands = lib.mkAfter ''
boot.initrd.postResumeCommands =
lib.mkAfter # sh
''
mkdir /btrfs_tmp
mount /dev/mapper/crypted /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then

59
modules/nixos/server/grav/service.nix
View file

@ -1,10 +1,20 @@
{ config, lib, pkgs, ... }:
let
inherit (lib)
generators mapAttrs mkDefault mkEnableOption mkIf mkPackageOption mkOption
types;
{
config,
lib,
pkgs,
...
}: let
inherit
(lib)
generators
mapAttrs
mkDefault
mkEnableOption
mkIf
mkPackageOption
mkOption
types
;
cfg = config.mods.services.grav;
@ -22,10 +32,8 @@ let
ln -sf /var/lib/grav/$p $out/$p
done
'';
# systemSettingsYaml =
# yamlFormat.generate "grav-settings.yaml" cfg.systemSettings;
in {
options.mods.services.grav = {
enable = mkEnableOption "grav";
@ -97,7 +105,10 @@ in {
group = "grav";
phpPackage = cfg.phpPackage.buildEnv {
extensions = { all, enabled }:
extensions = {
all,
enabled,
}:
with all; [
apcu
ctype
@ -115,7 +126,8 @@ in {
zip
];
extraConfig = generators.toKeyValue {
extraConfig =
generators.toKeyValue {
mkKeyValue = generators.mkKeyValueDefault {} " = ";
} {
output_buffering = "0";
@ -169,10 +181,12 @@ in {
${cfg.virtualHost} = {
root = "${servedRoot}";
listen = [{
listen = [
{
addr = cfg.addr;
port = cfg.port;
}];
}
];
locations = {
"= /robots.txt" = {
@ -202,8 +216,7 @@ in {
};
# deny running scripts inside core system folders
"~* /(system|vendor)/.*\\.(txt|xml|md|html|htm|shtml|shtm|json|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$" =
{
"~* /(system|vendor)/.*\\.(txt|xml|md|html|htm|shtml|shtm|json|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$" = {
priority = 300;
extraConfig = ''
return 403;
@ -211,8 +224,7 @@ in {
};
# deny running scripts inside user folder
"~* /user/.*\\.(txt|md|json|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$" =
{
"~* /user/.*\\.(txt|md|json|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$" = {
priority = 300;
extraConfig = ''
return 403;
@ -220,8 +232,7 @@ in {
};
# deny access to specific files in the root folder
"~ /(LICENSE\\.txt|composer\\.lock|composer\\.json|nginx\\.conf|web\\.config|htaccess\\.txt|\\.htaccess)" =
{
"~ /(LICENSE\\.txt|composer\\.lock|composer\\.json|nginx\\.conf|web\\.config|htaccess\\.txt|\\.htaccess)" = {
priority = 300;
extraConfig = ''
return 403;
@ -245,7 +256,9 @@ in {
};
};
extraConfig = ''
extraConfig =
# sh
''
index index.php index.html /index.php$request_uri;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
@ -268,8 +281,10 @@ in {
};
};
systemd.tmpfiles.rules = let datadir = "/var/lib/grav";
in map (dir: "d '${dir}' 0750 grav grav - -") [
systemd.tmpfiles.rules = let
datadir = "/var/lib/grav";
in
map (dir: "d '${dir}' 0750 grav grav - -") [
"/var/cache/grav"
"${datadir}/assets"
"${datadir}/backup"

25
modules/nixos/server/nginx.nix
View file

@ -1,9 +1,12 @@
{ pkgs, lib, config, ... }:
let
{
pkgs,
lib,
config,
...
}: let
cfg = config.mods.server.nginx;
in with lib; {
in
with lib; {
options.mods.server.nginx = {
enable = mkEnableOption {
default = false;
@ -44,7 +47,9 @@ in with lib; {
# Only allow PFS-enabled ciphers with AES256
# sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
appendHttpConfig = ''
appendHttpConfig =
# sh
''
# Add HSTS header with preloading to HTTPS requests.
# Adding this header to HTTP requests is discouraged
# map $scheme $hsts_header {
@ -96,10 +101,12 @@ in with lib; {
proxyWebsockets = true;
};
};
in mapAttrs' (name: port:
nameValuePair ("${name}.${cfg.domain}")
in
mapAttrs' (name: port:
nameValuePair "${name}.${cfg.domain}"
# (proxy port // { default = true; })) cfg.ports;
(proxy port)) cfg.ports;
(proxy port))
cfg.ports;
};
};
}

16
modules/nixos/theme/default.nix
View file

@ -20,18 +20,17 @@ in {
};
config = lib.mkIf cfg.enable {
stylix.enable = true;
stylix.autoEnable = true;
stylix.base16Scheme = cfg.scheme;
stylix.image = cfg.wallpaper;
stylix.cursor = {
stylix = {
enable = true;
autoEnable = true;
base16Scheme = cfg.scheme;
image = cfg.wallpaper;
cursor = {
name = "phinger-cursors-light";
package = pkgs.phinger-cursors;
size = 16;
};
stylix.fonts = {
fonts = {
monospace = {
package = pkgs.nerd-fonts.commit-mono;
name = "CommitMono Nerd Font";
@ -43,6 +42,7 @@ in {
serif = config.stylix.fonts.monospace;
sansSerif = config.stylix.fonts.monospace;
};
};
fonts.packages = with pkgs; [
openmoji-color