Skip to content
My dotfiles
Nix Emacs Lisp Lua Perl Python Vim script Other
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.config [nixpkgs] update to nixpkgs-unstable Sep 1, 2019
.emacs.d nixpkgs config cleanup Aug 25, 2019
.irssi Add irssi config Jul 26, 2016
.ssh Add authorized keys Oct 10, 2017
.vim Update nvim config Feb 4, 2016
.zsh Submodules update Feb 12, 2014
bin Big cleanup Jan 30, 2019
channels [nixpkgs] update to nixpkgs-unstable Sep 8, 2019
naga [general] Integrate Razer Naga Chroma with my awesome wm setup Feb 22, 2017
nixos [nixpkgs] update to nixpkgs-unstable Sep 1, 2019
nixpkgs-local nixpkgs config cleanup Aug 25, 2019
nixpkgs-overlays [emacs] evil-surrond + flycheck-inline Apr 12, 2019
quantified-self Update May 30, 2018
.Xkeymap Add my custom keymap Aug 25, 2019
.Xresources [emacs] avy, wgrep, ivy-occur, electric-pair Mar 30, 2019
.gitconfig Configuration cleanup Aug 17, 2017
.gitignore [nixpkgs] update to nixpkgs-unstable Sep 1, 2019
.gitmodules Pin nixpkgs to the dotfiles Jul 11, 2016
.mbsyncrc Add my me@egoless.tech email Mar 26, 2019
.msmtprc Add my me@egoless.tech email Mar 26, 2019
.nethackrc [nixos] update nixpkgs channel Aug 15, 2017
.notmuch-config Add my me@egoless.tech email Mar 26, 2019
.nvim Switch to neovim and refactor config a bit Apr 8, 2015
.nvimrc Switch to neovim and refactor config a bit Apr 8, 2015
.tmux.conf Pin emacs packages with NixOS, global cleanup Mar 19, 2019
.vimrc [emacs] Transition to org-based configuration Mar 2, 2018
.zshrc More prose, add nixpkgs-local Jan 18, 2016
README.org [nixpkgs] update to nixpkgs-unstable Sep 1, 2019
emacs.org [emacs] Update el-patch patches Sep 13, 2019
imapnotify-gmail-config.js [mail] Add imapnotify to sync mail automatically Dec 13, 2017
imapnotify-kaaiot-config.js [mail] Add imapnotify to sync mail automatically Dec 13, 2017
setup.sh [mail] Document my mail setup Mar 28, 2017

README.org

Hi there! That’s my dotfiles. Most of config files are now generated by org-babel from this file (yes, from README.org). That’s literate programming applied to dotfiles. To generate all files you can open this file in emacs and press M-x org-babel-tangle. Or from command line with:

emacs README.org --batch -f org-babel-tangle

I keep this document in sync with generated config files just in case I won’t have access to my emacs. However, I recommend against looking at them—they’re just a generated mess; you’ll have much better time reading this doc instead—trust me.

Pieces not (yet) covered in this document are:

  • emacs configuration at .emacs.d/;
  • vim configuration at .vimrc and .vim/;
  • awesome wm configuration at .config/awesome/;
  • scripts at bin/;
  • irssi config at .irssi;

NixOS

I’m a NixOS user. What’s cool about it is that I can describe all my system configuration in one file (/etc/nixos/configuration.nix), so I can just copy it to other machine, call nixos-rebuild and have system with the same software, system settings, etc.

An outline looks like this.

{ config, pkgs, lib, ... }:
let
  meta = import ./meta.nix;
  machine-config = lib.getAttr meta.name {
    omicron = [
      <<machine-omicron>>
    ];
  };

in
{
  imports = [
    {
      nixpkgs.config.allowUnfree = true;

      # The NixOS release to be compatible with for stateful data such as databases.
      system.stateVersion = "15.09";
    }

    <<nixos-section>>
  ] ++ machine-config;
}

This <<nixos-section>> is replaced by other parts of this doc.

Default locations

Move nixos configuration from the default location to the dotfiles/nixos/configuration.nix.

Also disable channel mechanism and makes nixos use Nixpkgs in the dotfiles/channels directory. I usually follow nixpkgs-unstable, but that gives me more control.

{
  nix.nixPath =
    let dotfiles = "/home/rasen/dotfiles";
    in [
      "nixos-config=${dotfiles}/nixos/configuration.nix"
      "dotfiles=${dotfiles}"
      "${dotfiles}/channels"
    ];
}

If you want to override default configuration location for the very first nixos-rebuild, use -I flag:

sudo nixos-rebuild switch -I nixos-config=/etc/nixos/configuration.nix

Save config

Save nixos-config in the Nix store, so I can retrieve it later. The config for the currently running system is located at /var/run/current-system/configuration.nix.

{
  system.copySystemConfiguration = true;
}

This setting copies only the configuration.nix file, which works pretty nice as I have only one configuration file and don’t split it.

Users

I’m the only user of the system:

{
  users.extraUsers.rasen = {
    isNormalUser = true;
    uid = 1000;
    extraGroups = [ "users" "wheel" "input" ];
    initialPassword = "HelloWorld";
  };
}

initialPassword is used only first time when user is created. It must be changed as soon as possible with passwd.

Machines

I currently have only one machine.

omicron

This is my small Dell XPS 13.

{
  imports = [
    <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
  ];

  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];

  nix.maxJobs = lib.mkDefault 4;

  powerManagement.cpuFreqGovernor = "powersave";

  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
}

LVM on LUKS setup for disk encryption.

{
  boot.initrd.luks.devices = [
    {
      name = "root";
      device = "/dev/disk/by-uuid/8b591c68-48cb-49f0-b4b5-2cdf14d583dc";
      preLVM = true;
    }
  ];
  fileSystems."/boot" = {
    device = "/dev/disk/by-uuid/BA72-5382";
    fsType = "vfat";
  };
  fileSystems."/" = {
    device = "/dev/disk/by-uuid/434a4977-ea2c-44c0-b363-e7cf6e947f00";
    fsType = "ext4";
    options = [ "noatime" "nodiratime" "discard" ];
  };
  fileSystems."/home" = {
    device = "/dev/disk/by-uuid/8bfa73e5-c2f1-424e-9f5c-efb97090caf9";
    fsType = "ext4";
    options = [ "noatime" "nodiratime" "discard" ];
  };
  swapDevices = [
    { device = "/dev/disk/by-uuid/26a19f99-4f3a-4bd5-b2ed-359bed344b1e"; }
  ];
}

Clickpad:

{
  services.xserver.libinput = {
    enable = true;
    accelSpeed = "0.7";
  };
}

Local overlay

As a responsible NixOS user, I refuse to install software blindly with sudo make install. That’s why I must write my own nix-expressions. I keep them in my local overlay until they’re merged upstream.

Store separate overlays in a directory:

{
  nix.nixPath = [ "nixpkgs-overlays=/home/rasen/dotfiles/nixpkgs-overlays" ];
}

The entry point is just a set of all my packages in nixpkgs-local/default.nix:

{ pkgs ? import <nixpkgs> { } }:

let
  callPackage = pkgs.lib.callPackageWith (pkgs // pkgs.xlibs // self);

  pythonPackages = pkgs.pythonPackages // rec {
    <<nixpkgs-local-python-packages>>
  };

  self = rec {
    <<nixpkgs-local-packages>>
  };

in self

You can install all packages to current user with:

nix-env -f nixpkgs-local/default.nix -i

To make package results testing better, I build them in isolated environment (for more info, see nixos manual):

{
  nix.useSandbox = "relaxed";
}

Note that this is =”relaxed”= instead of true, because I have some packages that require a network to build and thus are __noChroot.

Bluetooth

I have a bluetooth headset, so this enables bluetooth audio in NixOS.

{
  hardware.bluetooth.enable = true;
  hardware.pulseaudio = {
    enable = true;

    # NixOS allows either a lightweight build (default) or full build
    # of PulseAudio to be installed.  Only the full build has
    # Bluetooth support, so it must be selected here.
    package = pkgs.pulseaudioFull;
  };
}

NTFS

Install ntfs-3g to mount ntfs volumes in read-write mode.

{
  environment.systemPackages = [
    pkgs.ntfs3g
  ];
}

Services

NetworkManager

{
  networking = {
    hostName = meta.name;

    networkmanager.enable = true;

    # disable wpa_supplicant
    wireless.enable = false;
  };

  users.extraUsers.rasen.extraGroups = [ "networkmanager" ];

  environment.systemPackages = [
    pkgs.networkmanagerapplet
  ];
}

PulseAudio

Use pulseaudio (multiple sound sinks, skype calls). pavucontrol is PulseAudio Volume Control—a nice utility for controlling pulseaudio settings.

Also, Pulseaudio is a requirement for Firefox Quantum.

{
  hardware.pulseaudio = {
    enable = true;
    support32Bit = true;
  };

  environment.systemPackages = [ pkgs.pavucontrol ];
}

Locate

Update locate database daily.

{
  services.locate = {
    enable = true;
    localuser = "rasen";
  };
}

OpenVPN

All my computers are members of the VPN:

{
  services.openvpn.servers = {
    kaa = {
      config = ''
        client
        dev tap
        port 22
        proto tcp
        tls-client
        persist-key
        persist-tun
        ns-cert-type server
        remote vpn.kaa.org.ua
        ca /root/.vpn/ca.crt
        key /root/.vpn/alexey.shmalko.key
        cert /root/.vpn/alexey.shmalko.crt
      '';
      autoStart = false;
    };
  };
}

Avahi

Avahi is needed to allow resolution of .local names. For example, you can access this computer by omicron.local if we meet at the same local network. (Probably not, as it only works in the OpenVPN network.)

{
  services.avahi = {
    enable = true;
    browseDomains = [ ];
    interfaces = [ "tap0" ];
    nssmdns = true;
    publish = {
      enable = true;
      addresses = true;
    };
  };
}

SSH

{
  services.openssh = {
    enable = true;
    passwordAuthentication = false;
  };
}

Allow SSH access from my VPN network only.

{
  services.openssh = {
    # Doing this won't open firewall for everybody.
    ports = [];
    listenAddresses = [
      { addr = "0.0.0.0"; port = 22; }
    ];
  };

  # Open firewall for tap0 only
  networking.firewall = {
    extraCommands = ''
      ip46tables -D INPUT -i tap0 -p tcp -m tcp --dport 22 -j ACCEPT 2> /dev/null || true
      ip46tables -A INPUT -i tap0 -p tcp -m tcp --dport 22 -j ACCEPT
    '';
  };
}

Mosh

Mosh (mobile shell) is a cool addition to ssh.

{
  programs.mosh.enable = true;
}

Gitolite

{
  services.gitolite = {
    enable = true;
    user = "git";
    adminPubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHH15uiQw3jBbrdlcRb8wOr8KVltuwbHP/JOFAzXFO1l/4QxnKs6Nno939ugULM7Lu0Vx5g6FreuCOa2NMWk5rcjIwOzjrZnHZ7aoAVnE7H9scuz8NGnrWdc1Oq0hmcDxdZrdKdB6CPG/diGWNZy77nLvz5JcX1kPLZENPeApCERwR5SvLecA4Es5JORHz9ssEcf8I7VFpAebfQYDu+VZZvEu03P2+5SXv8+5zjiuxM7qxzqRmv0U8eftii9xgVNC7FaoRBhhM7yKkpbnqX7IeSU3WeVcw4+d1d8b9wD/sFOyGc1xAcvafLaGdgeCQGU729DupRRJokpw6bBRQGH29 rasen@omicron";
  };
}

dnsmasq

Use dnsmasq as a DNS cache.

{
  services.dnsmasq = {
    enable = true;

    # These are used in addition to resolv.conf
    servers = [
      "8.8.8.8"
      "8.8.4.4"
    ];

    extraConfig = ''
      listen-address=127.0.0.1
      cache-size=1000

      no-negcache
    '';
  };
}

Syncthing

I use Syncthing to sync my org-mode files to my phone.

{
  services.syncthing = {
    enable = true;
    user = "rasen";
    dataDir = "/home/rasen/.config/syncthing";
    configDir = "/home/rasen/.config/syncthing";
    openDefaultPorts = true;
  };
}

Firewall

Enable firewall. This blocks all ports (for ingress traffic) and pings.

{
  networking.firewall = {
    enable = true;
    allowPing = false;

    connectionTrackingModules = [];
    autoLoadConntrackHelpers = false;
  };
}

Development

{
  services.postgresql.enable = true;
}
{
  virtualisation.docker.enable = true;
}

Backup

I use borg for backups.

{
  environment.systemPackages = [ pkgs.borgbackup ];
}

Mail setup

Mbsync

I use mbsync to sync my accounts and make them available offline.

{
  environment.systemPackages = [
    pkgs.isync
  ];
}

Config file is .mbsyncrc.

MaildirStore local
Path ~/Mail/
Inbox ~/Mail/INBOX
SubFolders Verbatim

<<mbsync-gmail(name="gmail", email="rasen.dubi@gmail.com", path="Personal")>>
<<mbsync-gmail(name="ps", email="ashmalko@doctoright.org", path="protocolstandard")>>
<<mbsync-gmail(name="egoless", email="me@egoless.tech", path="egoless")>>

I have multiple Gmail accounts, so here is a general template.

(rasen/interpolate-string "
IMAPAccount <<name>>
Host imap.gmail.com
User <<email>>
PassCmd \"pass imap.gmail.com/<<email>>\"
SSLType IMAPS
CertificateFile /etc/ssl/certs/ca-certificates.crt

IMAPStore <<name>>-remote
Account <<name>>

Channel sync-<<name>>-all
Master :<<name>>-remote:\"[Gmail]/All Mail\"
Slave :local:<<path>>/all
Create Both
SyncState *

Channel sync-<<name>>-spam
Master :<<name>>-remote:\"[Gmail]/Spam\"
Slave :local:<<path>>/spam
Create Both
SyncState *

Channel sync-<<name>>-sent
Master :<<name>>-remote:\"[Gmail]/Sent Mail\"
Slave :local:<<path>>/sent
Create Both
SyncState *

Group sync-<<name>>
Channel sync-<<name>>-all
Channel sync-<<name>>-spam
Channel sync-<<name>>-sent
")

Dovecot

Dovecot serves fetched mail to gnus.

{
  services.dovecot2 = {
    enable = true;
    enablePop3 = false;
    enableImap = true;
    mailLocation = "maildir:~/Mail:LAYOUT=fs";
  };

  # dovecot has some helpers in libexec (namely, imap).
  environment.pathsToLink = [ "/libexec/dovecot" ];
}

msmtp

Msmtp is used to send mail.

{
  environment.systemPackages = [
    pkgs.msmtp
  ];
}

Config file is .msmtprc.

defaults
auth on
tls on
tls_starttls off
tls_trust_file /etc/ssl/certs/ca-certificates.crt
logfile ~/.msmtp.log

<<msmtp-gmail(name="gmail", email="rasen.dubi@gmail.com")>>
<<msmtp-gmail(name="ps", email="ashmalko@doctoright.org")>>
<<msmtp-gmail(name="egoless", email="me@egoless.tech")>>

Again, general template for gmail accounts.

(rasen/interpolate-string "
# <<name>>
account <<name>>
host smtp.gmail.com
port 465
from <<email>>
user <<email>>
passwordeval \"pass imap.gmail.com/<<email>>\"
")

notmuch

Notmuch is used for tagging.

{
  environment.systemPackages = [
    pkgs.notmuch
  ];
}

Config file is .notmuch-config.

[user]
name=Alexey Shmalko
primary_email=rasen.dubi@gmail.com
other_email=ashmalko@cybervisiontech.com,ashmalko@kaaiot.io,ashmalko@doctoright.org,me@egoless.tech

[database]
path=/home/rasen/Mail

[new]
tags=inbox;
ignore=.mbsyncstate;.mbsyncstate.lock;.mbsyncstate.new;.mbsyncstate.journal;.uidvalidity;dovecot-uidlist;dovecot-keywords;dovecot.index;dovecot.index.log;dovecot.index.log.2;dovecot.index.cache;/^archive/

[search]
exclude_tags=deleted;spam;muted;

[crypto]
gpg_path=gpg2

Environment

General

I definitely use X server:

{
  services.xserver.enable = true;
}

Use English as my only supported locale:

{
  i18n.supportedLocales = [ "en_US.UTF-8/UTF-8" ];
}

Setup timezone:

{
  time.timeZone = "Europe/Kiev";
}

Login manager

I use SLiM. It stands for Simple Login Manager. It’s fast and has little dependencies. The projects is dead since 2014, but still works fine, so I keep using it.

{
  services.xserver.displayManager.slim.enable = true;
}

Window manager

I use awesome wm:

{
  services.xserver.displayManager.slim.enable = true;
  services.xserver.windowManager = {
    default = "awesome";
    awesome = {
      enable = true;
      luaModules = [ pkgs.luaPackages.luafilesystem pkgs.luaPackages.cjson ];
    };
  };
}

Disabling xterm makes awesome wm a default choice in slim:

{
  services.xserver.desktopManager.xterm.enable = false;
}

These packages are used by my awesome wm setup:

{
  environment.systemPackages = [
    pkgs.wmname
    pkgs.xclip
    pkgs.escrotum
  ];
}

Keyboard

Layouts

I use English and Ukrainian layouts. I also use Russian symbols, but they are on the third level.

{
  services.xserver.layout = "us,ua";
  services.xserver.xkbVariant = "workman,";

  # Use same config for linux console
  i18n.consoleUseXkbConfig = true;
}

Map left Caps Lock to Ctrl, and left Ctrl to switch between layout. (Shift-Ctrl triggers Caps Lock function.)

I toggle between them with either Caps Lock, or Menu key—I have two different keyboards, and one doesn’t have Menu when Caps Lock is too far on the second. I never use Caps Lock–the feature, so it’s nice to have Caps LED indicate alternate layouts.

{
  services.xserver.xkbOptions = "grp:lctrl_toggle,grp_led:caps,ctrl:nocaps";
}

Layout indicator

I use built-in awesome layout indicator. See .config/awesome/rc.lua for more details.

Redshift

Redshift adjusts the color temperature of the screen according to the position of the sun.

Blue light blocks melatonin (sleep harmone) secretion, so you feel less sleepy when you stare at computer screen. Redshift blocks some blue light (making screen more red), which should improve melatonin secretion and restore sleepiness (which is a good thing).

{
  services.redshift = {
    enable = true;
  };
  location.provider = "geoclue2";
}

Screen brightness

xbacklight stopped working recently. acpilight is a drop-in replacement.

{
  hardware.acpilight.enable = true;
  environment.systemPackages = [
    pkgs.acpilight
  ];
  users.extraUsers.rasen.extraGroups = [ "video" ];
}

acpilight wasn’t added to modules-list when module was added to nixpkgs. Submitted fix upstream: https://github.com/NixOS/nixpkgs/pull/57920.

{
  imports = [
    <nixpkgs/nixos/modules/hardware/acpilight.nix>
  ];
}

Look and Feel

Qt theme

This makes apps look like in KDE:

{
  environment.systemPackages = [
    pkgs.oxygen-icons5
  ];
}

The following block is a back-port of oxygen-gtk theme, which was removed with remove of KDE4 from nixpkgs.

(let
  oldpkgs = import (pkgs.fetchFromGitHub {
    owner = "NixOS";
    repo = "nixpkgs-channels";
    rev = "1aa77d0519ae23a0dbef6cab6f15393cfadcc454";
    sha256 = "1gcd8938n3z0a095b0203fhxp6lddaw1ic1rl33q441m1w0i19jv";
  }) { config = config.nixpkgs.config; };
in {
  environment.systemPackages = [ oldpkgs.oxygen-gtk2 oldpkgs.oxygen-gtk3 ];

  environment.shellInit = ''
    export GTK_PATH=$GTK_PATH:${oldpkgs.oxygen_gtk}/lib/gtk-2.0
    export GTK2_RC_FILES=$GTK2_RC_FILES:${oldpkgs.oxygen_gtk}/share/themes/oxygen-gtk/gtk-2.0/gtkrc
  '';
})

Find a way to make deadbeef use oxygen theme

The theme has some issues with deadbeef, so I install adwaita icons to make deadbeef usable.

{
  environment.systemPackages = [
    pkgs.gnome3.adwaita-icon-theme
  ];
}

Fonts

I’m not a font guru, so I just stuffed a bunch of random fonts in here.

{
  fonts = {
    enableCoreFonts = true;
    enableFontDir = true;
    enableGhostscriptFonts = false;

    fonts = with pkgs; [
      inconsolata
      corefonts
      dejavu_fonts
      source-code-pro
      ubuntu_font_family
      unifont
    ];
  };
}

HiDPI

These are for omicron-only.

Xft.dpi: 276
Xcursor.size: 64
{
  i18n = {
    consolePackages = [
      pkgs.terminus_font
    ];
    consoleFont = "ter-132n";
  };
}
{
  services.xserver.dpi = 276;
}

Applications

Here go applications (almost) every normal user needs.

GPG

{
  environment.systemPackages = [
    pkgs.gnupg
    pkgs.pinentry
  ];
  programs.gnupg.agent = {
    enable = true;
    enableSSHSupport = true;
  };

  ## is it no longer needed?
  #
  # systemd.user.sockets.gpg-agent-ssh = {
  #   wantedBy = [ "sockets.target" ];
  #   listenStreams = [ "%t/gnupg/S.gpg-agent.ssh" ];
  #   socketConfig = {
  #     FileDescriptorName = "ssh";
  #     Service = "gpg-agent.service";
  #     SocketMode = "0600";
  #     DirectoryMode = "0700";
  #   };
  # };

  services.pcscd.enable = true;
}

Yubikey

{
  environment.systemPackages = [
    pkgs.yubikey-manager
    pkgs.yubikey-personalization
    pkgs.yubikey-personalization-gui
  ];

  services.udev.packages = [ pkgs.yubikey-personalization ];
}

password-store

Install password-store along with one-time password extension.

{
  environment.systemPackages = [
    (pkgs.pass.withExtensions (exts: [ exts.pass-otp ]))
  ];
}

Install browserpass firefox extension backend.

{
  programs.browserpass.enable = true;
}

KDE apps

I don’t use full KDE but some apps are definitely nice.

{
  environment.systemPackages = [
    pkgs.gwenview
    pkgs.dolphin
    pkgs.kdeFrameworks.kfilemetadata
    pkgs.filelight
    pkgs.shared_mime_info
  ];
}

KDE apps might have issues with mime types without this:

{
  environment.pathsToLink = [ "/share" ];
}

Browsers

Google Chrome

Google Chrome used to be my default browser and I still use it from time to time.

{
  environment.systemPackages = [
    pkgs.google-chrome
  ];
}

Firefox

I use Firefox Quantum as my default browser now.

{
  environment.systemPackages = [
    pkgs.firefox
    pkgs.icedtea_web
  ];
}

I also need an old Firefox with Java support. I use Firefox Extended Support Release for that (pinned to the latest version with Java support). It clashes with firefox-devedition, so I do some renaming here.

(let
  oldpkgs = import (pkgs.fetchFromGitHub {
    owner = "NixOS";
    repo = "nixpkgs-channels";
    rev = "14cbeaa892da1d2f058d186b2d64d8b49e53a6fb";
    sha256 = "0lfhkf9vxx2l478mvbmwm70zj3vfn9365yax7kvm7yp07b5gclbr";
  }) { config = { firefox.icedtea = true; }; };
in {
  nixpkgs.config.firefox = {
    icedtea = true;
  };

  environment.systemPackages = [
    (pkgs.runCommand "firefox-esr" { preferLocalBuild = true; } ''
      mkdir -p $out/bin
      ln -s ${oldpkgs.firefox-esr}/bin/firefox $out/bin/firefox-esr
    '')
  ];
})

Zathura

Zathura is a cool document viewer with Vim-like bindings.

{
  environment.systemPackages = [
    pkgs.zathura
  ];
}

Enable incremental search (Zathura’s config goes to ~/.config/zathura/zathurarc).

set incremental-search true

These are my rebinding for Workman layout (swap j/k):

map j scroll up
map k scroll down

Screen locking

Slock

Slock is a simple X display locker and should probably not crash as xscreensaver does.

Slock tries to disable OOM killer (so the locker is not killed when memory is low) and this requires a suid flag for executable. Otherwise, you get the following message:

slock: unable to disable OOM killer. Make sure to suid or sgid slock.
{
  programs.slock.enable = true;
}

xss-lock

xss-lock is a small utility to plug a screen locker into screen saver extension for X. This automatically activates selected screensaver after a period of user inactivity, or when system goes to sleep.

{
  environment.systemPackages = [
    pkgs.xss-lock
  ];
}

Other applications

Don’t require additional setup.

{
  environment.systemPackages = [
    pkgs.libreoffice
    pkgs.qbittorrent
    pkgs.google-play-music-desktop-player
    pkgs.deadbeef
    pkgs.tdesktop # Telegram

    pkgs.mplayer
    pkgs.smplayer

    # Used by naga setup
    pkgs.xdotool

    pkgs.hledger
    pkgs.drive
  ];
}

Development

Editors

I’m a seasoned Vim user, but I’ve switched to emacs.

{
  environment.systemPackages = [
    (pkgs.vim_configurable.override { python3 = true; })
    pkgs.neovim
  ];
}

Start emacs as a daemon:

{
  services.emacs = {
    enable = true;
    defaultEditor = true;
    package = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs:
      (with epkgs.melpaPackages; [
        use-package
        diminish
        el-patch

        evil
        evil-numbers
        evil-swap-keys
        evil-collection
        evil-surround
        evil-magit
        evil-org

        lispyville
        aggressive-indent
        paren-face

        smex
        ivy
        counsel
        counsel-projectile
        whitespace-cleanup-mode
        which-key
        projectile
        diff-hl
        yasnippet
        company
        flycheck
        color-identifiers-mode
        magit
        f

        imenu-list
        avy
        wgrep
        org-pomodoro
        org-cliplink
        org-download
        nix-mode
        haskell-mode
        rust-mode
        racer
        pip-requirements
        js2-mode
        rjsx-mode
        typescript-mode
        tide
        vue-mode
        php-mode
        web-mode
        groovy-mode
        go-mode
        lua-mode
        ledger-mode
        markdown-mode
        edit-indirect
        json-mode
        yaml-mode
        jinja2-mode
        gitconfig-mode
        terraform-mode
        clojure-mode
        cider
        graphviz-dot-mode
        fish-mode
        visual-fill-column
        beacon
        google-translate
        writegood-mode
        edit-server

        general
        flycheck-jest
        purescript-mode
        psc-ide
        restclient
        mbsync
        nix-sandbox
        prettier-js
        flycheck-rust
        flycheck-inline
        monokai-theme
        spaceline

        lsp-mode
        lsp-ui
        company-lsp

        # provided by pkgs.notmuch:
        # notmuch
      ]) ++
      [
        epkgs.orgPackages.org-plus-contrib

        pkgs.ycmd
      ]
    );
  };
  environment.systemPackages = [
    pkgs.ripgrep
    (pkgs.aspellWithDicts (dicts: with dicts; [en en-computers en-science ru uk]))

    pkgs.rustup
    # pkgs.rustracer

    pkgs.clojure
    pkgs.leiningen
  ];
  environment.variables.RUST_SRC_PATH = "${pkgs.rustPlatform.rustcSrc}";
}

rxvt-unicode

I use urxvt as my terminal emulator:

{
  environment.systemPackages = [
    pkgs.rxvt_unicode
  ];
}

Urxvt gets its setting from .Xresources file. If you ever want to reload it on-the-fly, type the following (or press C-c C-c if you’re reading this document in emacs now):

xrdb ~/.Xresources

General setup

See rxvt-unicode documentation for the full reference.

urxvt.loginShell:         true
urxvt.saveLines:         65535
urxvt.urgentOnBell:       true

urxvt.scrollBar:         false
urxvt.scrollTtyOutput:   false
urxvt.scrollTtyKeypress:  true
urxvt.secondaryScroll:    true

The next piece disables annoying message when pressing Ctrl+Shift:

urxvt.iso14755: False

Copy-paste with Ctrl+Shift+C, Ctrl+Shift+V:

From urxvt-perls:

Since version 9.20 rxvt-unicode natively supports copying to and pasting from the CLIPBOARD buffer with the Ctrl-Meta-c and Ctrl-Meta-v key bindings. The clipboard.autocopy setting is provided by the selection_to_clipboard extension shipped with rxvt-unicode.

That means, I don’t need perl extensions at all.

Font

I use Terminus font.

{
  fonts = {
    fonts = [
      pkgs.powerline-fonts
      pkgs.terminus_font
    ];
  };
}
URxvt.font: -*-terminus-medium-r-normal-*-32-*-*-*-*-*-iso10646-1

Color theme

I like Molokai color theme.

URxvt*background: #101010
URxvt*foreground: #d0d0d0
URxvt*color0:     #101010
URxvt*color1:     #960050
URxvt*color2:     #66aa11
URxvt*color3:     #c47f2c
URxvt*color4:     #30309b
URxvt*color5:     #7e40a5
URxvt*color6:     #3579a8
URxvt*color7:     #9999aa
URxvt*color8:     #303030
URxvt*color9:     #ff0090
URxvt*color10:    #80ff00
URxvt*color11:    #ffba68
URxvt*color12:    #5f5fee
URxvt*color13:    #bb88dd
URxvt*color14:    #4eb4fa
URxvt*color15:    #d0d0d0

fish

fish is a cool shell, I use it as my default for day-to-day work.

{
  programs.fish.enable = true;
  users.defaultUserShell = pkgs.fish;
}

Vi key bindings

Tangle to .config/fish/functions/fish_user_key_bindings.fish.

function fish_user_key_bindings
    fish_vi_key_bindings

    bind -s j up-or-search
    bind -s k down-or-search
    bind -s -M visual j up-line
    bind -s -M visual k down-line

    bind -s '.' repeat-jump
end

Zsh

Zsh is my secondary shell. I use it when I need sh compatibility. (fish is not sh compliant.)

{
  programs.zsh.enable = true;
}

Prompt

source $HOME/.zsh/git-prompt/zshrc.sh

PROMPT='%B%F{green}%n@%m%k %B%F{blue}%1~%b$(git_super_status) %B%F{blue}%# %b%f%k'
RPROMPT="[%?] %T"

The ~/.zsh/git-prompt/ is a submodule, so don’t forget to initialize it!

git submodule update --init --recursive

Aliases

Nothing special, but g=git is a real timesaver.

alias ls='ls --color=auto'
alias grep='grep --color=auto'

alias g="git"

PATH

Install stuff in ~/.local/; ~/bin/ is for my helper scripts (linked to bin directory in dotfiles repo).

export PATH="${HOME}/bin:${PATH}"
export PATH="${HOME}/.local/bin:${PATH}"

export LD_LIBRARY_PATH="${HOME}/.local/lib:${LD_LIBRARY_PATH}"

Other

This part was written long time ago; I’m not sure I understand and use all of it:

autoload -U compinit promptinit
autoload -U colors
compinit
promptinit
colors

# Lines configured by zsh-newuser-install
HISTFILE=~/.histfile
HISTSIZE=1000
SAVEHIST=1000
setopt appendhistory autocd
unsetopt beep
bindkey -e
# End of lines configured by zsh-newuser-install
# The following lines were added by compinstall
zstyle :compinstall filename '/home/rasen/.zshrc'

zstyle ':completion:*:descriptions' format '%U%B%d%b%u'
zstyle ':completion:*:warnings' format '%BSorry, no matches for: %d%b'

setopt correct
setopt hist_ignore_space
setopt hist_ignore_all_dups
setopt extendedglob

setopt listpacked

zstyle ':completion:*' use-cache on
zstyle ':completion:*' cache-path ~/.zsh/cache

zstyle ':completion:*' completer _complete _match _approximate
zstyle ':completion:*:match:*' original only
zstyle ':completion:*:approximate:*' max-errors 1 numeric

zstyle ':completion:*:functions' ignored-patters '_*'

xdvi() { command xdvi ${*:-*.dvi(om[1])} }
zstyle ':completion:*:*:xdvi:*' menu yes select
zstyle ':completion:*:*:xdvi:*' file-sort time

zstyle ':completion:*' squeeze-slashes true

# End of lines added by compinstall
# create a zkbd compatible hash;
# to add other keys to this hash, see: man 5 terminfo
typeset -A key

key[Home]=${terminfo[khome]}

key[End]=${terminfo[kend]}
key[Insert]=${terminfo[kich1]}
key[Delete]=${terminfo[kdch1]}
key[Up]=${terminfo[kcuu1]}
key[Down]=${terminfo[kcud1]}
key[Left]=${terminfo[kcub1]}
key[Right]=${terminfo[kcuf1]}
key[PageUp]=${terminfo[kpp]}
key[PageDown]=${terminfo[knp]}

# setup key accordingly
[[ -n "${key[Home]}"    ]]  && bindkey  "${key[Home]}"    beginning-of-line
[[ -n "${key[End]}"     ]]  && bindkey  "${key[End]}"     end-of-line
[[ -n "${key[Insert]}"  ]]  && bindkey  "${key[Insert]}"  overwrite-mode
[[ -n "${key[Delete]}"  ]]  && bindkey  "${key[Delete]}"  delete-char
[[ -n "${key[Up]}"      ]]  && bindkey  "${key[Up]}"      up-line-or-history
[[ -n "${key[Down]}"    ]]  && bindkey  "${key[Down]}"    down-line-or-history
[[ -n "${key[Left]}"    ]]  && bindkey  "${key[Left]}"    backward-char
[[ -n "${key[Right]}"   ]]  && bindkey  "${key[Right]}"   forward-char

# Finally, make sure the terminal is in application mode, when zle is
# active. Only then are the values from $terminfo valid.
if (( ${+terminfo[smkx]} )) && (( ${+terminfo[rmkx]} )); then
    function zle-line-init () {
        printf '%s' "${terminfo[smkx]}"
    }
    function zle-line-finish () {
        printf '%s' "${terminfo[rmkx]}"
    }
    zle -N zle-line-init
    zle -N zle-line-finish
fi

TODO review this

git

{
  environment.systemPackages = [
    pkgs.gitFull
    pkgs.gitg
  ];
}

Basic info: my name, email, ui, editor, rerere.

[user]
    name = Alexey Shmalko
    email = rasen.dubi@gmail.com

[sendemail]
    smtpencryption = ssl
    smtpserver = smtp.gmail.com
    smtpuser = rasen.dubi@gmail.com
    smtpserverport = 465

[color]
    ui = true

[core]
    editor = vim

[push]
    default = simple

[pull]
    rebase = true

[rebase]
    autostash = true

[rerere]
    enabled = true

Configure signing with gpg.

[user]
    signingkey = EB3066C3

[gpg]
    program = gpg2

[push]
    gpgSign = if-asked

I have LOTS of aliases:

[alias]
    cl  = clone
    gh-cl = gh-clone
    cr  = cr-fix
    p   = push
    pl  = pull
    f   = fetch
    fa  = fetch --all
    a   = add
    ap  = add -p
    d   = diff
    dl  = diff HEAD~ HEAD
    ds  = diff --staged
    l   = log --show-signature
    l1  = log -1
    lp  = log -p
    c   = commit
    ca  = commit --amend
    co  = checkout
    cb  = checkout -b
    cm  = checkout origin/master
    de  = checkout --detach
    fco = fetch-checkout
    br  = branch
    s   = status
    re  = reset --hard
    r   = rebase
    rc  = rebase --continue
    ri  = rebase -i
    m   = merge
    t   = tag
    su  = submodule update --init --recursive
    bi  = bisect

Always push to github with ssh keys instead of login/password.

[url "git@github.com:"]
    pushInsteadOf = https://github.com/

tmux

{
  environment.systemPackages = [
    pkgs.tmux
  ];
}

Use C-a as a prefix.

set -g prefix C-a
unbind-key C-b
bind-key C-a send-prefix

Move windows (tabs) around. Stealed from here.

bind-key S-left swap-window -t -1
bind-key S-right swap-window -t +1

TODO describe other settings

# To make vim work properly
set -g default-terminal "screen-256color"

set -g status-keys vi
setw -g mode-keys vi

set -g history-limit 10000

# Start numbering from 1
set -g base-index 1

# Allows for faster key repetition
set -s escape-time 0

bind h select-pane -L
bind j select-pane -D
bind k select-pane -U
bind l select-pane -R

bind-key s split-window
bind-key v split-window -h

bind r source-file ~/.tmux.conf \; display-message "Config reloaded..."

set-window-option -g automatic-rename

Other terminal goodies

{
  environment.systemPackages = [
    pkgs.wget
    pkgs.htop
    pkgs.psmisc
    pkgs.zip
    pkgs.unzip
    pkgs.unrar
    pkgs.p7zip
    pkgs.bind
    pkgs.file
    pkgs.which
    pkgs.utillinuxCurses

    pkgs.patchelf

    pkgs.nox

    pkgs.python
    pkgs.python3

    pkgs.awscli
    pkgs.nodejs-10_x
    pkgs.shellcheck

    pkgs.irssi
  ];
  environment.variables.NPM_CONFIG_PREFIX = "$HOME/.npm-global";
  environment.variables.PATH = "$HOME/.npm-global/bin:$PATH";
}

Man pages

This install a number of default man pages for the linux/posix system.

{
  environment.systemPackages = [
    pkgs.man-pages
    pkgs.stdman
    pkgs.posix_man_pages
    pkgs.stdmanpages
  ];
}

Meta

Setup

There is a setup.sh script in this directory. It just links all files to $HOME:

FILES=".vimrc .vim .nvimrc .nvim .gitconfig .zshrc .zsh .tmux.conf .Xresources .config/awesome .config/nvim .nethackrc .emacs.d .ssh bin .config/zathura .irssi .config/xkb .config/fish .msmtprc .notmuch-config .mbsyncrc"

DEST=$1

if [ -z "$DEST" ]; then
    DEST="$HOME"
fi

BASE=$(cd "$(dirname "$0")" && pwd)

ask_install() {
    FILENAME=$1

    LINK="$DEST/$FILENAME"
    TARGET="$BASE/$FILENAME"

    if [ -e $LINK ]; then
        echo "$LINK exists. Skipping..."
    else
        read -r -p "Link $LINK to $TARGET? [y/N] " response
        case $response in
            [yY][eE][sS]|[yY])
                ln -v -s "$TARGET" "$LINK"
                ;;
        esac
    fi
}

for FILE in $FILES; do
    ask_install $FILE
done

Install fisherman

Fisherman is a plugin manager for fish.

if [ ! -e "$DEST/.config/fish/functions/fisher.fish" ]; then
    read -r -p "Install fisherman and all plugins? [y/N] " response
    case $response in
        [yY][eE][sS]|[yY])
            curl -Lo "$DEST/.config/fish/functions/fisher.fish" --create-dirs \
                https://raw.githubusercontent.com/fisherman/fisherman/master/fisher.fish
            fish -c fisher
            ;;
    esac
fi

Private :crypt-:

You can’t perform that action at this time.