colonelpanic/dotfiles
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commit current dotfiles changes

Browse Source
This commit is contained in:
Ivan Malison
2026-04-12 15:33:30 -07:00
committed by Kat Huang
parent af093f45ce
commit fa5145c1d7
11 changed files with 201 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
dotfiles/config/gtk-3.0/settings.ini.hm-backup Normal file
View File

@@ -0,0 +1,24 @@
[Settings]
gtk-application-prefer-dark-theme=true
gtk-button-images=1
gtk-cursor-theme-name=breeze_cursors
gtk-cursor-theme-size=24
gtk-decoration-layout=icon:minimize,maximize,close
gtk-enable-animations=true
gtk-enable-event-sounds=1
gtk-enable-input-feedback-sounds=1
gtk-fallback-icon-theme=gnome
gtk-font-name=Noto Sans 11
gtk-icon-theme-name=Numix-Circle
gtk-key-theme-name=Emacs
gtk-menu-images=1
gtk-modules=colorreload-gtk-module
gtk-primary-button-warps-slider=false
gtk-theme-name=Arc
gtk-toolbar-icon-size=GTK_ICON_SIZE_LARGE_TOOLBAR
gtk-toolbar-style=GTK_TOOLBAR_BOTH_HORIZ
gtk-xft-antialias=1
gtk-xft-dpi=107520
gtk-xft-hinting=1
gtk-xft-hintstyle=hintslight
gtk-xft-rgba=rgb

118
dotfiles/lib/bin/syncthing-private-vault Executable file
View File

@@ -0,0 +1,118 @@
#!/usr/bin/env bash
set -euo pipefail
PASS_ENTRY="syncthing/private-vault"
CIPHER_DIR="/var/lib/syncthing/sync/Private.encrypted"
MOUNT_POINT="${HOME}/Private"
usage() {
cat <<'EOF'
Usage: syncthing-private-vault <command>
Commands:
init Initialize the encrypted backing directory
mount Mount the decrypted view at ~/Private
unmount Unmount ~/Private
status Show current configuration and mount status
EOF
}
require_commands() {
local command_name
for command_name in gocryptfs pass mountpoint fusermount3 head mktemp mkdir; do
command -v "$command_name" >/dev/null 2>&1 || {
echo "Missing required command: $command_name" >&2
exit 1
}
done
}
write_password_file() {
PASSWORD_FILE="$(mktemp)"
chmod 600 "$PASSWORD_FILE"
trap 'rm -f "$PASSWORD_FILE"' EXIT
pass show "$PASS_ENTRY" | head -n1 > "$PASSWORD_FILE"
}
ensure_directories() {
mkdir -p "$CIPHER_DIR" "$MOUNT_POINT"
}
init_vault() {
if [ -e "$CIPHER_DIR/gocryptfs.conf" ]; then
echo "Vault already initialized at $CIPHER_DIR" >&2
return 1
fi
write_password_file
gocryptfs -q -init -passfile "$PASSWORD_FILE" "$CIPHER_DIR"
}
mount_vault() {
if mountpoint -q "$MOUNT_POINT"; then
echo "Vault already mounted at $MOUNT_POINT"
return 0
fi
if [ ! -e "$CIPHER_DIR/gocryptfs.conf" ]; then
echo "Vault has not been initialized yet: $CIPHER_DIR/gocryptfs.conf is missing" >&2
return 1
fi
write_password_file
exec gocryptfs -q -passfile "$PASSWORD_FILE" "$CIPHER_DIR" "$MOUNT_POINT"
}
unmount_vault() {
if ! mountpoint -q "$MOUNT_POINT"; then
echo "Vault is not mounted at $MOUNT_POINT"
return 0
fi
fusermount3 -u "$MOUNT_POINT"
}
status_vault() {
echo "pass entry: $PASS_ENTRY"
echo "cipher dir: $CIPHER_DIR"
echo "mount point: $MOUNT_POINT"
if [ -e "$CIPHER_DIR/gocryptfs.conf" ]; then
echo "initialized: yes"
else
echo "initialized: no"
fi
if mountpoint -q "$MOUNT_POINT"; then
echo "mounted: yes"
else
echo "mounted: no"
fi
}
main() {
require_commands
ensure_directories
case "${1:-}" in
init)
init_vault
;;
mount)
mount_vault
;;
unmount)
unmount_vault
;;
status)
status_vault
;;
*)
usage >&2
exit 1
;;
esac
}
main "$@"

1
nixos/action-cache-dir/actions-checkout@v3 Submodule

Submodule nixos/action-cache-dir/actions-checkout@v3 added at f43a0e5ff2

1
nixos/action-cache-dir/actions-upload-artifact@v3 Submodule

Submodule nixos/action-cache-dir/actions-upload-artifact@v3 added at a8a3f3ad30

1
nixos/action-cache-dir/jtmullen-submodule-branch-check-action@v1 Submodule

Submodule nixos/action-cache-dir/jtmullen-submodule-branch-check-action@v1 added at ab0d3a6927

1
nixos/action-cache-dir/shimataro-ssh-key-action@v2 Submodule

Submodule nixos/action-cache-dir/shimataro-ssh-key-action@v2 added at d4fffb5087

1
nixos/configuration.nix
View File

@@ -39,6 +39,7 @@
./ssh.nix ./ssh.nix
./sni.nix ./sni.nix
./syncthing.nix ./syncthing.nix
./syncthing-private-vault.nix
./taffybar.nix ./taffybar.nix
./tailscale.nix ./tailscale.nix
./tts.nix ./tts.nix

29
nixos/home-manager.nix
View File

@@ -30,8 +30,7 @@ in {
xdg.mimeApps = lib.mkIf nixos.config.myModules.desktop.enable ( xdg.mimeApps = lib.mkIf nixos.config.myModules.desktop.enable (
let let
browser = "google-chrome.desktop"; browser = "google-chrome.desktop";
imageViewer = "org.gnome.Loupe.desktop"; imageViewer = "org.kde.gwenview.desktop";
fallbackImageViewer = "okularApplication_kimgio.desktop";
pdfViewer = "okularApplication_pdf.desktop"; pdfViewer = "okularApplication_pdf.desktop";
comicViewer = "okularApplication_comicbook.desktop"; comicViewer = "okularApplication_comicbook.desktop";
djvuViewer = "okularApplication_djvu.desktop"; djvuViewer = "okularApplication_djvu.desktop";
@@ -51,6 +50,7 @@ in {
"image/bmp" "image/bmp"
"image/gif" "image/gif"
"image/heic" "image/heic"
"image/heif"
"image/jpeg" "image/jpeg"
"image/jxl" "image/jxl"
"image/png" "image/png"
@@ -60,9 +60,6 @@ in {
"image/vnd.microsoft.icon" "image/vnd.microsoft.icon"
"image/webp" "image/webp"
]) ])
// (mimeMap fallbackImageViewer [
"image/heif"
])
// (mimeMap pdfViewer [ // (mimeMap pdfViewer [
"application/pdf" "application/pdf"
"application/x-bzpdf" "application/x-bzpdf"
@@ -169,6 +166,28 @@ in {
} }
); );
home.activation.refreshChromeDesktopMimeCache = lib.hm.dag.entryAfter ["writeBoundary"] ''
applications_dir="$HOME/.local/share/applications"
if [ -d "$applications_dir" ]; then
for desktop_file in \
"$applications_dir/google-chrome.desktop" \
"$applications_dir/com.google.Chrome.desktop"
do
if [ -f "$desktop_file" ]; then
${pkgs.gnused}/bin/sed -i \
-e 's,image/gif;,,g' \
-e 's,image/jpeg;,,g' \
-e 's,image/png;,,g' \
-e 's,image/webp;,,g' \
"$desktop_file"
fi
done
${pkgs.desktop-file-utils}/bin/update-desktop-database "$applications_dir" >/dev/null 2>&1 || true
fi
'';
xsession = { xsession = {
enable = true; enable = true;
preferStatusNotifierItems = true; preferStatusNotifierItems = true;

5
nixos/overlay.nix
View File

@@ -59,6 +59,11 @@ in
cp "${prev.google-chrome}/share/applications/$desktopName" "$desktopFile" cp "${prev.google-chrome}/share/applications/$desktopName" "$desktopFile"
substituteInPlace "$desktopFile" \ substituteInPlace "$desktopFile" \
--replace-fail "${prev.google-chrome}/bin/google-chrome-stable" "$out/bin/google-chrome-stable" --replace-fail "${prev.google-chrome}/bin/google-chrome-stable" "$out/bin/google-chrome-stable"
substituteInPlace "$desktopFile" \
--replace-fail "image/gif;" "" \
--replace-fail "image/jpeg;" "" \
--replace-fail "image/png;" "" \
--replace-fail "image/webp;" ""
fi fi
done done
''; '';

1
nixos/result Symbolic link
View File

@@ -0,0 +1 @@
/nix/store/hyqw547cingjqmviy6qj76aa1p084jwn-nixos-system-ryzen-shine-26.05pre-git

24
nixos/syncthing-private-vault.nix Normal file
View File

@@ -0,0 +1,24 @@
{
config,
lib,
pkgs,
...
}: let
cipherDir = "/var/lib/syncthing/sync/Private.encrypted";
mountPoint = "/home/imalison/Private";
in
lib.mkIf config.myModules.syncthing.enable {
system.activationScripts.syncthingPrivateVault = {
text = ''
install -d -o syncthing -g syncthing -m 2770 ${lib.escapeShellArg cipherDir}
'';
};
home-manager.users.imalison = {lib, ...}: {
home.packages = [pkgs.gocryptfs];
home.activation.ensureSyncthingPrivateVaultMountpoint = lib.hm.dag.entryAfter ["writeBoundary"] ''
mkdir -p ${lib.escapeShellArg mountPoint}
'';
};
}