Merge branch 'nixos-23.05' into consensus

hosts/brighde.nix

@@ -16,7 +16,7 @@
     efi.canTouchEfiVariables = true;
   };
 
-  deployment.targetHost = "10.42.0.123";
+  deployment.targetHost = "10.42.0.124";
   networking.hostName = "brighde"; # A poetess, sage, woman of wisdom, healing
 
   system.stateVersion = "22.05"; # The version of NixOS originally installed

hosts/dionach.nix

@@ -20,35 +20,40 @@
     ../profiles/nix-mio-ops.nix # mio-ops Nix tooling
     ../profiles/nixpkgs-dev.nix # Nix pkgs dev tools
     ../profiles/openssh.nix # Enable and configure openssh
+    ../profiles/pantheon.nix # Enable and configure the pantheon desktop
+    ../profiles/pipewire.nix # Enable and pipewire audio system
     ../profiles/powerManagement.nix # Power management for laptops
     ../profiles/qemu.nix # Qemu virtualisation
     ../profiles/typingTutor.nix # Typing tutorials
     ../profiles/weechat.nix # Weechat environment
-    ../profiles/xmonad.nix # Xmonad desktop environment
+    #../profiles/xmonad.nix # Xmonad desktop environment
     ../profiles/yubikey.nix # Yubikey tooling
     ../secrets/craige.nix # Ssshhhhh!
     ../secrets/root.nix # Ssshhhhh!
-    ../secrets/wireless.nix # Hey look! A squirrel!
+    #../secrets/wireless.nix # Hey look! A squirrel!
   ];
 
   deployment.targetHost = "localhost";
 
-  nixpkgs.config = {
-    allowUnfree = true;
-    permittedInsecurePackages = [
-      "openssl-1.0.2u"
-    ];
+  nixpkgs = {
+    config = {
+      allowUnfree = true;
+      permittedInsecurePackages = [
+        "openssl-1.0.2u"
+      ];
+    };
+    overlays = [(import ../overlays/ncmpcpp.nix)];
   };
 
   # Use the GRUB 2 boot loader.
   boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
   boot.loader.grub.device = "/dev/nvme0n1"; # or "nodev" for efi only
   boot.kernel.sysctl."net.ipv4.ip_forward" = "1";
   boot.extraModprobeConfig = "options kvm_intel nested=1";
 
   networking = {
     hostName = "dionach"; # Define your hostname.
+    networkmanager.enable = true; # Enables network support via NetworkManager.
   };
 
   systemd.network.networks.enp0s20f0u4u4i5.ipv6SendRAConfig = {
@@ -58,10 +63,15 @@
   };
 
   fonts.fonts = with pkgs; [
+    anonymousPro
     dejavu_fonts # A typeface family based on the Bitstream Vera fonts
-    fira-code # Monospace font with programming ligatures
+    fira-code # Monospace font with programming ligaturess
+    font-awesome
+    hack-font # A typeface designed for source code
+    jetbrains-mono
     #monoid         # Customisable coding font with alternates, ligatures and contextual positioning
     nerdfonts # Iconic font aggregator, collection, & patcher
+    open-sans # Used in in my polybar configuration
     xkcd-font # Font based handwriting in xkcd comics
   ];
 
@@ -85,13 +95,11 @@
     librewolf # Firefox fork, focused on privacy, security and freedom
     gcc
     gimp
-    gnome2.gvfs
     gnumake
     gnused
     google-authenticator # 2FA
     google-chrome # A freeware web browser developed by Google
     graphviz # Graph visualization tools
-    gvfs
     imagemagick
     inetutils # Common network utilies
     inotify-tools
@@ -99,7 +107,7 @@
     libmtp
     libgphoto2
     libreoffice-fresh # Libreoffice - fresh version
-    lxmenu-data
+    lxmenu-data # required by pcmanfm
     mkpasswd
     mp3info # MP3 tag editor / query tool
     mpd
@@ -117,10 +125,11 @@
     pstree # Show the set of running processes as a tree
     pwgen
     python3Full
-    python39Packages.restview # ReStructuredText viewer
-    python39Packages.sphinx # A tool that makes it easy to create intelligent and beautifulul documentation for Python projects
+    #python311Packages.restview # ReStructuredText viewer
+    python311Packages.sphinx # A tool that makes it easy to create intelligent and beautifulul documentation for Python projects
     radiotray-ng # Internet radio player
     rdiff-backup # External backups
+    shared-mime-info # required by pcmanfm
     shotwell
     signal-desktop
     smartmontools # Tools for monitoring the health of hard drives
@@ -148,6 +157,7 @@
 
   services.acpid.enable = true;
   services.blueman.enable = true;
+  services.gvfs.enable = true; # required by pcmanfm
   services.kbfs.enable = true;
 
   services.xserver.desktopManager.enlightenment.enable = true;
@@ -180,14 +190,14 @@
   # Enable sound.
   sound.enable = true;
   hardware = {
-    pulseaudio = {
-      enable = true;
-      systemWide = false;
-      package = pkgs.pulseaudioFull;
-    };
+    #pulseaudio = {
+    #  enable = true;
+    #  systemWide = false;
+    #  package = pkgs.pulseaudioFull;
+    #};
     bluetooth = {
       enable = true;
-      hsphfpd.enable = true;
+      #hsphfpd.enable = true;
       settings = {Policy = {AutoEnable = "true";};};
     };
     opengl.enable = true;

hosts/iolear-beag.nix

@@ -12,10 +12,9 @@
 
   # Use the GRUB 2 boot loader.
   boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
   boot.loader.grub.device = "/dev/sda";
 
-  deployment.targetHost = "10.42.0.124";
+  deployment.targetHost = "10.42.0.127";
   networking.hostName = "iolear-beag"; # Define your hostname.
 
   system.stateVersion = "18.09"; # The version of NixOS originally installed

hosts/sithlainnir.nix

@@ -12,7 +12,6 @@
 
   # Use the GRUB 2 boot loader.
   boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
   boot.loader.grub.device = "/dev/sda";
 
   deployment.targetHost = "10.42.0.114";

hosts/teintidh.nix

@@ -13,7 +13,6 @@
 
   # Use the GRUB 2 boot loader.
   boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
   boot.loader.grub.device = "/dev/sda";
 
   deployment.targetHost = "10.42.0.127";

nix/sources.json

@@ -68,16 +68,16 @@
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "nixpkgs": {
-        "branch": "nixos-22.11",
+        "branch": "nixos-23.05",
         "builtin": false,
         "description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to",
         "homepage": "https://github.com/NixOS/nixpkgs",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "c8a17ce7abc03c50cd072e9e6c9b389c5f61836b",
-        "sha256": "1fn2yj5hs8jcnlqq63jnz4kqpfbi15gjgsa8grl5wpnhlhzc3dgh",
+        "rev": "af8279f65fe71ce5a448408034a8c06e2b4b2c66",
+        "sha256": "0xz6nbkql0yinwzbysrffkvd2jnsvkyj13lafgbszrlg2l4i1y44",
         "type": "tarball",
-        "url": "https://github.com/NixOS/nixpkgs/archive/c8a17ce7abc03c50cd072e9e6c9b389c5f61836b.tar.gz",
+        "url": "https://github.com/NixOS/nixpkgs/archive/af8279f65fe71ce5a448408034a8c06e2b4b2c66.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "nixpkgsUnstable": {

profiles/desktopCraige.nix

@@ -18,7 +18,7 @@
     shared-mime-info # A database of common MIME types
     sweethome3d.application # design and visualise homes
     termonad # Terminal emulator configurable in Haskell
+    whalebird # Mastodon client
     yt-dlp # Command-line tool to download videos
-    whalebird # Mastodon, Pleroma and Misskey client
   ];
 }

profiles/ebooks.nix

@@ -7,7 +7,7 @@
   environment.variables = {FOLIATE_TTS_LANG = "en-gb";};
 
   environment.systemPackages = with pkgs; [
-    #python39Packages.gtts   # Speech synthesizer, required for text to speech.
+    #python311Packages.gtts   # Speech synthesizer, required for text to speech.
     foliate # A simple and modern GTK eBook reader
     vlc
   ];

profiles/forgejo.nix

@@ -9,7 +9,6 @@
   sources = import ../nix/sources.nix;
   unstable = import sources.nixpkgsUnstable {};
 in {
-
   services.gitea = {
     enable = true; # Enable Forgejo
     appName = "mcwhirter.io: Forgejo Service"; # Give the site a name
@@ -23,7 +22,7 @@ in {
     httpPort = 3002; # Provided unique port
     package = unstable.forgejo; # a soft fork of gitea
     settings = let
-      docutils = pkgs.python37.withPackages (ps:
+      docutils = pkgs.python39.withPackages (ps:
         with ps; [
           docutils # Provides rendering of ReStructured Text files
           pygments # Provides syntax highlighting
@@ -99,14 +98,12 @@ in {
       # Hostname to be redirected
       enableACME = true; # Use ACME certs
       forceSSL = true; # Force SSL
-      locations."/".proxyPass = "http://localhost:3002/"; # Proxy Forgejo
       globalRedirect = "source.mcwhirter.io"; # Redirect permanently to the host
     };
     virtualHosts."code.mcwhirter.io" = {
       # Hostname to be redirected
       enableACME = true; # Use ACME certs
       forceSSL = true; # Force SSL
-      locations."/".proxyPass = "http://localhost:3002/"; # Proxy Forgejo
       globalRedirect = "source.mcwhirter.io"; # Redirect permanently to the host
     };
   };

profiles/host_common.nix

@@ -16,9 +16,7 @@
   ];
 
   # Common boot settings
-  boot = {
-    cleanTmpDir = true; # Clean /tmp on reboot
-  };
+  boot.tmp.cleanOnBoot = true; # Clean /tmp on reboot
 
   # Select internationalisation properties.
   i18n = {

profiles/iog.nix

@@ -6,7 +6,7 @@
   ...
 }: let
   sources = import ../nix/sources.nix;
-  nixVersion = (import sources.nixpkgs {}).nixVersions.nix_2_9;
+  nixVersion = (import sources.nixpkgs {}).nixVersions.nix_2_13;
 in {
   imports = [../profiles/terminal-recording.nix ../profiles/nix-direnv.nix];
 

profiles/neovim.nix

@@ -39,6 +39,7 @@
         # Write a custom Neovim config for NixOS
         customRC = ''
           " Preferred global default settings:
+          set mouse=                    " disable mouse input
           set nocompatible
           set backspace=indent,eol,start
           set number relativenumber     " Enable relative line numbers by default
@@ -50,7 +51,7 @@
           syntax on                     " Enable syntax highlighting
           set t_Co=256                  " Use 265 colors in vim
           set background=dark           " Set the default background scheme
-          colorscheme onedarkpro        " Set the default colour scheme
+          colorscheme onedark           " Set the default colour scheme
           "let g:one_allow_italics = 1   " I love italic for comments
           set spell spelllang=en_au     " Defaul spell checking language
           set spellfile=~/.vim-spell.en.utf-8.add    " Add the spellfile
@@ -99,10 +100,12 @@
           let hour = strftime("%H")
           if 7 <= hour && hour < 17
             "set background=dark
-            "hi Normal ctermbg=none              " Set a transparent background
+            hi Normal guibg=NONE ctermbg=NONE   " Set a transparent background
+            hi NormalNC guibg=NONE ctermbg=NONE " Set a transparent background
           else
             "set background=dark
-            "hi Normal ctermbg=none              " Set a transparent background
+            hi Normal guibg=NONE ctermbg=NONE   " Set a transparent background
+            hi NormalNC guibg=NONE ctermbg=NONE " Set a transparent background
           endif
 
           " Transparent editing of gpg encrypted files.

profiles/nextcloud.nix

@@ -28,7 +28,7 @@
       startAt = "01:00:00"; # When to run the update
     };
     enableBrokenCiphersForSSE = false; # force upgrade to SSL v3
-    package = pkgs.nextcloud25;
+    package = pkgs.nextcloud26;
   };
 
   systemd = {

profiles/openssh.nix

@@ -7,15 +7,17 @@
 }: {
   services.openssh = {
     enable = true; # Enable the OpenSSH daemon.
-    permitRootLogin = "prohibit-password";
-    kbdInteractiveAuthentication = false;
-    passwordAuthentication = false;
-    openFirewall = true;
     hostKeys = [
       {
         path = "/etc/ssh/ssh_host_ed25519_key";
         type = "ed25519";
       }
     ];
+    openFirewall = true;
+    settings = {
+      KbdInteractiveAuthentication = false;
+      PasswordAuthentication = false;
+      PermitRootLogin = "prohibit-password";
+    };
   };
 }

profiles/yubikey.nix

@@ -46,7 +46,7 @@
       yubikey-manager-qt # Configure any YubiKey over USB interfaces
       yubikey-personalization # Lib & CLI tool to personalize YubiKeys
       yubikey-personalization-gui # QT based utility to facilitate Yubikey reconfiguration
-      yubioath-desktop # Yubikey Desktop Authenticator
+      yubioath-flutter # Yubikey Desktop Authenticator
     ];
     shellInit = ''
       export GPG_TTY="$(tty)"