Skip to content

gabyx/dotfiles

Repository files navigation

+

Gabyx's Dotfiles &
NixOS Configuration

License Buy Me A Coffee Give me a Star

These are my dotfiles managed with chezmoi.io for Linux and MacOS (and partially the other shit OS which desperately tries to convert itself into a *nix OS) and NixOS configurations for Desktop and VM.

Screenshot

Program Name
Linux Distribution NixOS
Window Manager sway
Bar waybar
Wallpaper Setter sway
Program Launcher & Menus rofi
Clipboard copyq with special password ignore command
Screenshot grimshot
Colorpicking hyprpick and gcolor3
Nightshifting gammastep
Notification swaync
Calendar and Meeting Status vdirsyncer and khal
Browser Chrome
Editor Nvim with Astrovim
Normal Font NotoSans Nerd Font
Editor/Terminal Font JetBrainsMono Nerd Font
Shell zsh
Terminal Emulator wezterm kitty

NixOS Configurations

See the documentation to learn how to install NixOS on to your system or in a VM.

Configuration Files

To install configuration files we use chezmoi:

chezmoi init https://github.com/gabyx/chezmoi.git
chezmoi diff

and to apply use

  • For non encrypted files use (which is truly non-interactively, no passphrase prompt)

    just apply-configs-exclude-encrypted
  • For encrypted files use (which might prompt for the passphrase):

    just apply-configs

Minimal Requirements

To deploy the configs you need the minimal stuff installed:

  • findutils
  • delta
  • git
  • git-lfs
  • age
  • just

Encryption

Chezmoi is configured to use age as encryption tool with a secret private-key file config/dot_config/chezmoi/key.age which was generated with:

age-keygen > key
age-keygen | tee | age -e --armor > key.age && rm key

where the printed private key P acts as the passphrase to decrypt key.age.

This file key.age is encrypted and contains the private key for all age encryption in this repository. The file is encoded in human-readable PEM format (--armor).

The file key.age is decrypted when chezmoi apply is run in a before hook such that all encrypted files can be decrypted in one go. The decrypted key is then again deleted in a after hook](config/run_after_delete-decrypted-private-key.sh).

The "passphrase" P can be stored into the login keyring to make just apply-configs pass non-interactively:

secret-tool store --label='Chezmoi Key-File Passphrase' chezmoi keyfile-private-key

Inspect the store with seahorse.

Mail & Calendar

I am using gnome-online-accounts because they work flawlessly for a various of different providers (google, Exchange). The mail/calendar client evolution is really good and has a very nice user-experience also with PGP etc. It is honestly better than thunderbird and integrates better into the system and also from a security perspective (does not contain a browser etc.).

Automated setup of these online accounts apparently works but is still a bit brittle. It is crucial to follow the below steps.

Automated Setup

Setting up the accounts happens with the two folders:

  • ~/.config/goa-1.0
  • ~/.config/evolution/sources

Skip to step 3 on a fresh system.

  1. Check that there are no online accounts already setup:

    XDG_CURRENT_DESKTOP=GNOME gnome-control-center

    Check tab Online Accounts.

  2. Make sure you do not have anything in your login keyring with a name starting with GOA. Check seahorse. Should be automatically true if no online accounts are setup.

  3. Kill all evolution processes: evolution --force-shutdown.

  4. Delete all evolution settings and state:

    Stop also the services for evolution:

    systemctl --user stop evolution-addressbook-factory.service
    systemctl --user stop evolution-calendar-factory.service
    systemctl --user stop evolution-source-registry.service
    systemctl --user daemon-reload
    rm -rf ~/.config/evolution
    rm -rf ~/.local/share/evolution
  5. Apply the two folders ~/.config/goa-1.0 and ~/.config/evolution/sources with (uncomment the ignore in .chezmoiignore).

    just cm apply
    
    find ~/.config/evolution/sources -type f -name "*.source" | \
       xargs -I {} sed -i -E "s@NeedsInitialSetup=false@NeedsInitialSetup=true@" {}
  6. Restart the dbus service, as it controls the goa-daemon. Since we are using dbus-broker which exposes all dbus services as systemd services we can restart it together with the evolution services which might still be running.

    systemctl --user restart dbus-broker

    This should log you out and then login again.

    Only resetting with systemctl --user restart dbus-:[email protected] or just login out did not work.

  7. Stop any evolution already running after login.

    evolution --force-shutdown
    systemctl --user stop evolution-addressbook-factory.service
    systemctl --user stop evolution-calendar-factory.service
    systemctl --user stop evolution-source-registry.service
  8. Now provide credentials to the online accounts in gnome-control-center:

    XDG_CURRENT_DESKTOP=GNOME gnome-control-center
  9. Check mail.nix for adjustments in the dconf settings GUID strings.

  10. Start evolution and you should see now all accounts be connected and working. If evolution starts up without having picked up the accounts, you probably need another dbus restart above or logout or complete restart.

Troubleshooting

  • When I log out and in again, evolution gets sometimes really stuck in authentication and what helps is to do

       systemctl --user restart dbus-broker
  • When vdirsyncer sync fails you can get the offending calendar entries by doing:

       curl -u "$user:$password" http://localhost:1080/users/[email protected]/calendar/<file-path>

    or delete it with

       curl -u "$user:$password" -X DELETE http://localhost:1080/users/[email protected]/calendar/<file-path>

    which resolves duplicate items issues.