mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-10 23:00:39 +02:00
Code Activity

chore: update fixes, add kanidm <-> firezone integration

Browse source
This commit is contained in:
oddlama 2025-03-16 13:59:10 +01:00
parent 605b6279ca
commit be7e4d158c
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
22 changed files with 105 additions and 94 deletions
Download patch file Download diff file Expand all files Collapse all files

8
flake.lock generated
View file

@ -1556,16 +1556,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1742002193, "lastModified": 1742069588,
"narHash": "sha256-zf9xEtVjvkR0h1+PfrJF2usNCiyzmWVw2AK0eMTJwmA=", "narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "a17b3fe5a72d0eb137b95f74a84cff6a7eee0af5", "rev": "c80f6a7e10b39afcc1894e02ef785b1ad0b0d7e5",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-unstable-small", "ref": "nixos-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

2
flake.nix
View file

@ -82,7 +82,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixvim = { nixvim = {
url = "github:nix-community/nixvim"; url = "github:nix-community/nixvim";

4
fz/modules/provision.exs
View file

@ -628,7 +628,7 @@ defmodule Provision do
if only_updated_attrs == %{} do if only_updated_attrs == %{} do
{:ok, existing} {:ok, existing}
else else
resource = case existing |> Resources.update_or_replace_resource(resource_attrs, temp_admin_subject) do resource = case existing |> Resources.update_resource(resource_attrs, temp_admin_subject) do
{:replaced, _old, new} -> {:replaced, _old, new} ->
UuidMapping.update_entities(slug, "resources", %{external_id => new.id}) UuidMapping.update_entities(slug, "resources", %{external_id => new.id})
new new
@ -668,7 +668,7 @@ defmodule Provision do
if only_updated_attrs == %{} do if only_updated_attrs == %{} do
{:ok, existing} {:ok, existing}
else else
policy = case existing |> Policies.update_or_replace_policy(policy_attrs, temp_admin_subject) do policy = case existing |> Policies.update_policy(policy_attrs, temp_admin_subject) do
{:replaced, _old, new} -> {:replaced, _old, new} ->
UuidMapping.update_entities(slug, "policies", %{external_id => new.id}) UuidMapping.update_entities(slug, "policies", %{external_id => new.id})
new new

16
fz/modules/server.nix
View file

@ -535,6 +535,13 @@ in
example = "My Organization"; example = "My Organization";
}; };
id = mkOption {
type = types.nullOr types.str;
description = "The uuid to assign to this account. A random uuid will be assigned when this is null.";
default = null;
example = "cbb88fd0-13e1-4ae4-9b6e-214a5a4666e8";
};
features = features =
let let
mkFeatureOption = mkFeatureOption =
@ -632,7 +639,7 @@ in
clientSecretFile = "/run/secrets/oidc-client-secret"; clientSecretFile = "/run/secrets/oidc-client-secret";
response_type = "code"; response_type = "code";
scope = "openid email name"; scope = "openid email name";
discorvery_document_uri = "https://auth.example.com/.well-known/openid-configuration"; discovery_document_uri = "https://auth.example.com/.well-known/openid-configuration";
}; };
}; };
}; };
@ -1014,6 +1021,9 @@ in
FEATURE_TRAFFIC_FILTERS_ENABLED = mkDefault true; FEATURE_TRAFFIC_FILTERS_ENABLED = mkDefault true;
FEATURE_SIGN_UP_ENABLED = mkDefault (!cfg.provision.enable); FEATURE_SIGN_UP_ENABLED = mkDefault (!cfg.provision.enable);
WEB_EXTERNAL_URL = mkDefault cfg.web.externalUrl;
API_EXTERNAL_URL = mkDefault cfg.api.externalUrl;
}; };
domain.settings = { domain.settings = {
@ -1032,8 +1042,6 @@ in
PHOENIX_HTTP_WEB_PORT = mkDefault cfg.web.port; PHOENIX_HTTP_WEB_PORT = mkDefault cfg.web.port;
PHOENIX_HTTP_API_PORT = mkDefault cfg.api.port; PHOENIX_HTTP_API_PORT = mkDefault cfg.api.port;
PHOENIX_SECURE_COOKIES = mkDefault true; # enforce HTTPS on cookies PHOENIX_SECURE_COOKIES = mkDefault true; # enforce HTTPS on cookies
WEB_EXTERNAL_URL = mkDefault cfg.web.externalUrl;
API_EXTERNAL_URL = mkDefault cfg.api.externalUrl;
}; };
api.settings = { api.settings = {
@ -1046,8 +1054,6 @@ in
PHOENIX_HTTP_WEB_PORT = mkDefault cfg.web.port; PHOENIX_HTTP_WEB_PORT = mkDefault cfg.web.port;
PHOENIX_HTTP_API_PORT = mkDefault cfg.api.port; PHOENIX_HTTP_API_PORT = mkDefault cfg.api.port;
PHOENIX_SECURE_COOKIES = mkDefault true; # enforce HTTPS on cookies PHOENIX_SECURE_COOKIES = mkDefault true; # enforce HTTPS on cookies
WEB_EXTERNAL_URL = mkDefault cfg.web.externalUrl;
API_EXTERNAL_URL = mkDefault cfg.api.externalUrl;
}; };
}; };
} }

1
hosts/sentinel/default.nix
View file

@ -13,6 +13,7 @@
./blog.nix ./blog.nix
./fs.nix ./fs.nix
./net.nix ./net.nix
./firezone.nix
./oauth2.nix ./oauth2.nix
./plausible.nix ./plausible.nix
./postgresql.nix ./postgresql.nix

31
hosts/sentinel/firezone.nix
View file

@ -2,6 +2,7 @@
config, config,
globals, globals,
lib, lib,
nodes,
... ...
}: }:
let let
@ -25,10 +26,11 @@ let
}; };
in in
{ {
age.secrets.firezone-smtp-password = { age.secrets.firezone-smtp-password.generator.script = "alnum";
generator.script = "alnum";
mode = "440"; # Mirror the original oauth2 secret
group = "firezone"; age.secrets.firezone-oauth2-client-secret = {
inherit (nodes.ward-kanidm.config.age.secrets.kanidm-oauth2-firezone) rekeyFile;
}; };
environment.persistence."/persist".directories = [ environment.persistence."/persist".directories = [
@ -53,7 +55,7 @@ in
inherit (config.repo.secrets.local.firezone.mail) from host username; inherit (config.repo.secrets.local.firezone.mail) from host username;
port = 465; port = 465;
implicitTls = true; implicitTls = true;
passwordFile = config.age.secrets.firezone-smtp-password.file; passwordFile = config.age.secrets.firezone-smtp-password.path;
}; };
provision = { provision = {
@ -68,6 +70,22 @@ in
email = "admin@${globals.domains.me}"; email = "admin@${globals.domains.me}";
}; };
auth.oidc =
let
client_id = "firezone";
in
{
name = "Kanidm";
adapter = "openid_connect";
adapter_config = {
scope = "openid email profile";
response_type = "code";
inherit client_id;
discovery_document_uri = "https://${globals.services.kanidm.domain}/oauth2/openid/${client_id}/.well-known/openid-configuration";
clientSecretFile = config.age.secrets.firezone-oauth2-client-secret.path;
};
};
# FIXME: dont hardcode, filter global service domains by internal state # FIXME: dont hardcode, filter global service domains by internal state
# FIXME: new entry here? make new adguardhome entry too. # FIXME: new entry here? make new adguardhome entry too.
resources = resources =
@ -110,10 +128,11 @@ in
{ } { }
// allow "everyone" "home.vlan-services.v4" // allow "everyone" "home.vlan-services.v4"
// allow "everyone" "home.vlan-services.v6" // allow "everyone" "home.vlan-services.v6"
// lib.genAttrs homeDomains (domain: allow "everyone" domain); // lib.mergeAttrsList (map (domain: allow "everyone" domain) homeDomains);
}; };
}; };
domain.settings.ERLANG_DISTRIBUTION_PORT = 9003;
api.externalUrl = "https://${firezoneDomain}/api/"; api.externalUrl = "https://${firezoneDomain}/api/";
web.externalUrl = "https://${firezoneDomain}/"; web.externalUrl = "https://${firezoneDomain}/";
}; };

14
hosts/sire/guests/grafana.nix
View file

@ -72,20 +72,6 @@ in
tokenFile = tokenFile =
nodes.sire-influxdb.config.age.secrets."grafana-influxdb-token-machines-${config.node.name}".path; nodes.sire-influxdb.config.age.secrets."grafana-influxdb-token-machines-${config.node.name}".path;
}; };
age.secrets."grafana-influxdb-token-home-${config.node.name}" = {
inherit (config.age.secrets.grafana-influxdb-token-home) rekeyFile;
mode = "440";
group = "influxdb2";
};
services.influxdb2.provision.organizations.home.auths."grafana home:home_assistant (${config.node.name})" =
{
readBuckets = [ "home_assistant" ];
writeBuckets = [ "home_assistant" ];
tokenFile =
nodes.sire-influxdb.config.age.secrets."grafana-influxdb-token-home-${config.node.name}".path;
};
}; };
globals.services.grafana.domain = grafanaDomain; globals.services.grafana.domain = grafanaDomain;

12
hosts/ward/guests/kanidm.nix
View file

@ -38,6 +38,7 @@ in
age.secrets.kanidm-oauth2-forgejo = mkRandomSecret; age.secrets.kanidm-oauth2-forgejo = mkRandomSecret;
age.secrets.kanidm-oauth2-grafana = mkRandomSecret; age.secrets.kanidm-oauth2-grafana = mkRandomSecret;
age.secrets.kanidm-oauth2-immich = mkRandomSecret; age.secrets.kanidm-oauth2-immich = mkRandomSecret;
age.secrets.kanidm-oauth2-firezone = mkRandomSecret;
age.secrets.kanidm-oauth2-paperless = mkRandomSecret; age.secrets.kanidm-oauth2-paperless = mkRandomSecret;
age.secrets.kanidm-oauth2-web-sentinel = mkRandomSecret; age.secrets.kanidm-oauth2-web-sentinel = mkRandomSecret;
@ -138,11 +139,14 @@ in
# Firezone # Firezone
groups."firezone.access" = { }; groups."firezone.access" = { };
systems.oauth2.firezone = { systems.oauth2.firezone = {
public = true;
displayName = "Firezone VPN"; displayName = "Firezone VPN";
# FIXME: change # NOTE: state: both uuids are runtime values
originUrl = "https://dummy.example.org/"; originUrl = [
originLanding = "https://dummy.example.org/"; "https://${globals.services.firezone.domain}/50e16678-6e95-49e2-b59e-d70d0e658843/sign_in/providers/fc8afaa3-ce60-4073-9cae-81dec9453a2d/handle_callback"
"https://${globals.services.firezone.domain}/50e16678-6e95-49e2-b59e-d70d0e658843/settings/identity_providers/openid_connect/fc8afaa3-ce60-4073-9cae-81dec9453a2d/handle_callback"
];
originLanding = "https://${globals.services.firezone.domain}/";
basicSecretFile = config.age.secrets.kanidm-oauth2-firezone.path;
preferShortUsername = true; preferShortUsername = true;
scopeMaps."firezone.access" = [ scopeMaps."firezone.access" = [
"openid" "openid"

3
nix/devshell.nix
View file

@ -86,8 +86,5 @@
} }
]; ];
}; };
# `nix fmt`
formatter = pkgs.alejandra;
}; };
} }

2
pkgs/mdns-repeater.nix
View file

@ -14,7 +14,7 @@ rustPlatform.buildRustPackage {
hash = "sha256-cIrHSzdzFqfArE2bqWPm+CULuQU/KajkRN+i0b+seD0="; hash = "sha256-cIrHSzdzFqfArE2bqWPm+CULuQU/KajkRN+i0b+seD0=";
}; };
cargoHash = "sha256-00Vh2AVECtqvkmLZmyDCR43tUqKdN4j1B8GnnRiWAmU="; cargoHash = "sha256-ZKY1UVxeMSQaPZecBCIleZSFMRAPP6Vv0uRcnSNUOY0=";
meta = { meta = {
description = "mDNS packet relayer"; description = "mDNS packet relayer";

11
secrets/generated/sentinel/coturn-password-netbird.age
View file

@ -1,11 +0,0 @@
age-encryption.org/v1
-> X25519 BX1TzWJvYYuXIc5jazmoefCDOrWYCc6vtQHqiidFK0k
KguZPOuk4LKDPogJ40mXA8okdLgG9PAx5fqYW2gkqwQ
-> piv-p256 xqSe8Q A58MztEJBOwOK0pPa7WngTGynn0I+VUFrCtibSKSwOep
sVyAneNoMlRnIPR502xrnFeQyI36GpzxqTRhjOpfU7w
-> YS-grease
WMxsZrN//DXWbO+03CQwRqPKXdeV844codU
--- BrgOOiY9Crg771rp77VQ0i3tM770D6CjGknWYRgoIfk
zîXNò,¹Ž1 ª?v(£oü¬›Õ®
ØÏÛ|ÄvF9àÞ™Þ»åm"dÑ�úâù?ƒ9?
ÒáòJn7Q-¦g‚�Q‘ïÄ^\f«Q

9
secrets/generated/sentinel/firezone-smtp-password.age Normal file
View file

@ -0,0 +1,9 @@
age-encryption.org/v1
-> X25519 Gzk3bRqlbpbgW3fXyRO1TeRwrsnIl8tlrJvlZNosumY
pK+U7VMR4u3S8BeJqItbCmYbztqq/jDsWhTbCCXH6WU
-> piv-p256 xqSe8Q A+/ooJ9I0y4YmaHT0ThGMLCZnCEh+3fNq8mHgJMeyZp8
DN7R3acmGPo+M0ViZHmxpF0vRVJpAvLo4dxu38b0bpI
-> lBX/-grease x; r=v G
pjzOklWngnYUYJZdkksmUQ
--- icbgmGJLDB2QlRlUM00HuGuNuTjPmcp6/DcBpdtHh9A
h=í…È'{ëÈ{ÞgxÕ&Ÿ5,+©ù .àpÒ£ÇbþwuÓ¹—MtîcÎPÌJÆ÷†pqú™Ú]�˜ÕÕza[“;‹ä§pÖI׊,,ȵ\ ‰Ë

BIN
secrets/generated/ward-kanidm/kanidm-oauth2-firezone.age Normal file
View file

Binary file not shown.

8
secrets/rekeyed/sentinel/51d1a589617efed367ff3596808b226f-firezone-oauth2-client-secret.age Normal file
View file

@ -0,0 +1,8 @@

8
secrets/rekeyed/sentinel/aed1ea3be56668ed906deced14a943e8-firezone-smtp-password.age Normal file
View file

@ -0,0 +1,8 @@
age-encryption.org/v1
-> ssh-ed25519 yV7lcA WYRq7v3xWWyzeK++/g47yipqWVZUGgLq/+yYl67IHDE
y1WkR/96uJRBxhf8zzgVu6axra+NEz2K/SRRWB62mvg
-> #eX-grease 7
JhcpKxu5n888mqp4AcU/w5QQg60FCmrtYoR3rSUAuVwujZQqjnBg2kGeTcx92C9k
gHTSDKG35486OGdj
--- RfXbamiLRsqT5RllmqjC9y4YwBsOEM0mWmMHeSKr8zo
š¸Ë8Ø,ø%L6SPŸ"¾‰ËÎQREî‚¥ Ük«ÍŒý ³ïˆöÌß’J&b‚ze ³*Ã~†+0ec 0…íMÍ i>É4ÇÐek ²díx

7
secrets/rekeyed/sire-influxdb/b83247c406e7672605e94a6d354ecb29-grafana-influxdb-token-home-sire-grafana.age
View file

@ -1,7 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 1tdZKQ AsgXjTnMlWoukmKdk3jBqZKildhbuhemjeXVEP6hxU4
27r8siEl0mvMKMUxXapJqYgHkc/3pO3pGQwzKFV9lV8
-> IzSa}-grease )hD+%g6Z
jdkBplRj8opuM6K2D4j2g4CeyQ
--- 9/pgTJnwXS0d4avPkE4joBUEiCxGOzzAM2+O4kAayxg
: ÉQqA”Üx�}‡hœW!ÇkËFKoC¿²<e•s¶²áS�ËŠ׈ò(¿¸£ép£¨2y`nMZ<æ9EÆ@áóÿv¬ÿ¦E'‡S

BIN
secrets/rekeyed/sire-samba/914d40cfbe0773d015f14ae0ad83e1a6-samba-passdb.tdb.age Normal file
View file

Binary file not shown.

BIN
secrets/rekeyed/sire-samba/a9e0aa88be1b3578afb826fb83339890-samba-passdb.tdb.age
View file

Binary file not shown.

8
secrets/rekeyed/ward-kanidm/d83c617c4c5e10973b2cfed9dd24968e-kanidm-oauth2-firezone.age Normal file
View file

@ -0,0 +1,8 @@
age-encryption.org/v1
-> ssh-ed25519 QciEZQ idJr/VJAtIAUnnvoDAkMlo286BA6TYRqc8kLSHeE2Co
Zv7M8UrRrw1JyJqFgOBJPa5NY+uxXjzlJuGllhw801Q
-> ?:-grease 2?G::0R} gLEw_"6 <${T&lQ$
LRL9I+tbqUXwvpoQo4E/5wsqpsSVDBWDm4/9Om9L9ICN6CgAABI22aqT3QZQ
--- i9oMGRPqtoSvq+G9L3O/Kg0IHKYYGp6xX3bp0ps9tDk
Ò§›Mf.MøÒsC
ãu“½ŽÚ5:;¹²“Ê+5ÞÝ“{EÄšÝÃ$ ¡âÐ-²¸%’§ùæ ‚Z¡tŒ[e”ؕÉYˆïÑÔFëCà¿;Cå_

25
users/myuser/dev/gdb.nix
View file

@ -1,29 +1,4 @@
{ pkgs, ... }:
let
# pwndbg wraps a gdb binary for us, but we want debuginfod in there too.
# Also make it the default gdb.
pwndbgWithDebuginfod =
(pkgs.pwndbg.override {
gdb = pkgs.gdb.override {
enableDebuginfod = true;
};
}).overrideAttrs
(
_finalAttrs: previousAttrs: {
installPhase =
previousAttrs.installPhase
+ ''
ln -s $out/bin/pwndbg $out/bin/gdb
'';
}
);
in
{ {
home.packages = [
pwndbgWithDebuginfod
pkgs.hotspot
];
home.file.gdbinit = { home.file.gdbinit = {
target = ".gdbinit"; target = ".gdbinit";
text = '' text = ''

28
users/myuser/graphical/i3.nix
View file

@ -21,7 +21,7 @@ let
version = "1.0.0"; version = "1.0.0";
src = ./i3-per-workspace-layout; src = ./i3-per-workspace-layout;
cargoHash = "sha256-9/k5IaMmLtbRP9hzcvi0+v6NJSihR+bcXzQB9oisfkk="; cargoHash = "sha256-TSVN2BAfP3w1UdlEacPPWdWG6TmUdEHPtSgDZ7XqtE8=";
meta = with lib; { meta = with lib; {
description = "A helper utility to allow assigning a layout to each workspace in i3"; description = "A helper utility to allow assigning a layout to each workspace in i3";
@ -41,7 +41,7 @@ let
rev = "8c2a80fd111dcb9ce7e956b867c0d0180b13b649"; rev = "8c2a80fd111dcb9ce7e956b867c0d0180b13b649";
hash = "sha256-Rv4dTycB19c2JyQ0y5WpDpX15D2RhjKq2lPOyuK2Ki8="; hash = "sha256-Rv4dTycB19c2JyQ0y5WpDpX15D2RhjKq2lPOyuK2Ki8=";
}; };
cargoHash = "sha256-mwPLroz7oE7NNdc/H/sH9mnXj3KyT75U55UE7tMyZMw="; cargoHash = "sha256-jSve8wMRP4p2eDVkLR1i4jjQ5pa2jKVheOeElY2HirM=";
meta = with lib; { meta = with lib; {
description = "Better focus navigation for sway and i3"; description = "Better focus navigation for sway and i3";
@ -68,10 +68,14 @@ in
keybindings = keybindings =
{ {
"XF86AudioRaiseVolume" = "exec --no-startup-id ${getExe pkgs.scripts.volume} set-volume @DEFAULT_AUDIO_SINK@ 5%+"; "XF86AudioRaiseVolume" =
"XF86AudioLowerVolume" = "exec --no-startup-id ${getExe pkgs.scripts.volume} set-volume @DEFAULT_AUDIO_SINK@ 5%-"; "exec --no-startup-id ${getExe pkgs.scripts.volume} set-volume @DEFAULT_AUDIO_SINK@ 5%+";
"XF86AudioMute" = "exec --no-startup-id ${getExe pkgs.scripts.volume} set-mute @DEFAULT_AUDIO_SINK@ toggle"; "XF86AudioLowerVolume" =
"XF86AudioMicMute" = "exec --no-startup-id ${getExe pkgs.scripts.volume} set-mute @DEFAULT_AUDIO_SOURCE@ toggle"; "exec --no-startup-id ${getExe pkgs.scripts.volume} set-volume @DEFAULT_AUDIO_SINK@ 5%-";
"XF86AudioMute" =
"exec --no-startup-id ${getExe pkgs.scripts.volume} set-mute @DEFAULT_AUDIO_SINK@ toggle";
"XF86AudioMicMute" =
"exec --no-startup-id ${getExe pkgs.scripts.volume} set-mute @DEFAULT_AUDIO_SOURCE@ toggle";
"XF86AudioPlay" = "exec --no-startup-id ${getExe pkgs.playerctl} play-pause"; "XF86AudioPlay" = "exec --no-startup-id ${getExe pkgs.playerctl} play-pause";
"XF86AudioNext" = "exec --no-startup-id ${getExe pkgs.playerctl} next"; "XF86AudioNext" = "exec --no-startup-id ${getExe pkgs.playerctl} next";
"XF86AudioPrev" = "exec --no-startup-id ${getExe pkgs.playerctl} previous"; "XF86AudioPrev" = "exec --no-startup-id ${getExe pkgs.playerctl} previous";
@ -92,7 +96,8 @@ in
"F11" = "exec --no-startup-id ${getExe pkgs.scripts.screenshot-area-scan-qr}"; "F11" = "exec --no-startup-id ${getExe pkgs.scripts.screenshot-area-scan-qr}";
# Exlicitly without --no-startup-id to show the spinner # Exlicitly without --no-startup-id to show the spinner
"F12" = "exec ${getExe pkgs.scripts.screenshot-screen}"; "F12" = "exec ${getExe pkgs.scripts.screenshot-screen}";
"Print" = "exec --no-startup-id env QT_AUTO_SCREEN_SCALE_FACTOR=0 QT_SCREEN_SCALE_FACTORS='' ${getExe pkgs.flameshot} gui"; "Print" =
"exec --no-startup-id env QT_AUTO_SCREEN_SCALE_FACTOR=0 QT_SCREEN_SCALE_FACTORS='' ${getExe pkgs.flameshot} gui";
"Shift+r" = "reload"; "Shift+r" = "reload";
"q" = "kill"; "q" = "kill";
@ -118,7 +123,8 @@ in
"Return" = "fullscreen toggle"; "Return" = "fullscreen toggle";
"a" = "focus parent"; "a" = "focus parent";
"Shift+Ctrl+q" = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; "Shift+Ctrl+q" =
"exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'";
"r" = "mode resize"; "r" = "mode resize";
"1" = "workspace number 1"; "1" = "workspace number 1";
@ -262,8 +268,10 @@ in
}; };
}; };
fingerprint = { fingerprint = {
${monitorMain} = "00ffffffffffff001e6d9a5b078e0a000b1f0104b53c2278f919c1ae5044af260e5054210800d1c061404540314001010101010101014dd000a0f0703e803020350058542100001a000000fd0c3090505086010a202020202020000000fc003237474e3935300a2020202020000000ff003131314e5447594c423731390a02e602032d7123090707830100004410040301e2006ae305c000e60605017360216d1a0000020b309000047321602900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f47012790300030128d8060284ff0e9f002f801f006f08910002000400404f0104ff0e9f002f801f006f086200020004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006d90"; ${monitorMain} =
${monitorLeft} = "00ffffffffffff001e6d095b39790700081a0104b53c22789f3035a7554ea3260f50542108007140818081c0a9c0d1c08100010101014dd000a0f0703e803020650c58542100001a286800a0f0703e800890650c58542100001a000000fd00283d878738010a202020202020000000fc004c4720556c7472612048440a2001850203117144900403012309070783010000023a801871382d40582c450058542100001e565e00a0a0a029503020350058542100001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c8"; "00ffffffffffff001e6d9a5b078e0a000b1f0104b53c2278f919c1ae5044af260e5054210800d1c061404540314001010101010101014dd000a0f0703e803020350058542100001a000000fd0c3090505086010a202020202020000000fc003237474e3935300a2020202020000000ff003131314e5447594c423731390a02e602032d7123090707830100004410040301e2006ae305c000e60605017360216d1a0000020b309000047321602900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f47012790300030128d8060284ff0e9f002f801f006f08910002000400404f0104ff0e9f002f801f006f086200020004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006d90";
${monitorLeft} =
"00ffffffffffff001e6d095b39790700081a0104b53c22789f3035a7554ea3260f50542108007140818081c0a9c0d1c08100010101014dd000a0f0703e803020650c58542100001a286800a0f0703e800890650c58542100001a000000fd00283d878738010a202020202020000000fc004c4720556c7472612048440a2001850203117144900403012309070783010000023a801871382d40582c450058542100001e565e00a0a0a029503020350058542100001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c8";
}; };
}; };
}; };

2
users/myuser/graphical/theme.nix
View file

@ -58,7 +58,7 @@
cursor = { cursor = {
package = pkgs.bibata-cursors; package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice"; name = "Bibata-Modern-Ice";
# size = 24; size = 20;
}; };
}; };
} }