From 0ebd0bac2c118993f1ab92b952d5cc66a57298d5 Mon Sep 17 00:00:00 2001 From: Noah Masur <7386960+nmasur@users.noreply.github.com> Date: Wed, 29 Jan 2025 21:12:48 -0500 Subject: [PATCH] continuing dev --- flake.lock | 17 ------ flake.nix | 3 - modules/common/programming/default.nix | 12 ---- modules/common/programming/lua.nix | 17 ------ modules/common/programming/python.nix | 27 --------- modules/common/programming/rust.nix | 31 ---------- modules/common/programming/terraform.nix | 26 -------- modules/darwin/fonts.nix | 22 ------- modules/nixos/gaming/legendary.nix | 60 ------------------- modules/nixos/gaming/lutris.nix | 18 ------ modules/nixos/gaming/ryujinx.nix | 19 ------ overlays/stable.nix | 12 ++++ .../modules/nmasur/presets/fonts.nix | 38 ++++++++++++ .../modules/nmasur/presets/programs/cargo.nix | 32 ++++++++++ .../nmasur/presets/programs}/haskell.nix | 8 ++- .../modules/nmasur/presets/programs/lua.nix | 21 +++++++ .../nmasur/presets/programs/python.nix | 27 +++++++++ .../presets/programs}/rofi/brightness.nix | 0 .../programs/{rofi.nix => rofi/default.nix} | 2 +- .../nmasur/presets/programs}/rofi/power.nix | 0 .../presets/programs}/rofi/pulse-sink.sh | 0 .../presets/programs}/rofi/rofi-prompt.sh | 0 .../programs}/rofi/themes/brightness.rasi | 0 .../presets/programs}/rofi/themes/common.rasi | 0 .../programs}/rofi/themes/launcher.rasi | 0 .../presets/programs}/rofi/themes/power.rasi | 0 .../presets/programs}/rofi/themes/prompt.rasi | 0 .../nmasur/presets/programs/terraform.nix | 30 ++++++++++ .../nmasur/presets/programs/wezterm.nix | 13 ++-- .../modules/nmasur/presets/programs/wine.nix | 25 ++++++++ .../services}/hammerspoon/.stylua.toml | 0 .../Spoons/ControlEscape.spoon/init.lua | 0 .../close_notifications.applescript | 0 .../close_notifications_applescript.js | 0 .../Spoons/DismissAlerts.spoon/init.lua | 0 .../Spoons/Launcher.spoon/init.lua | 0 .../Spoons/MoveWindow.spoon/init.lua | 0 .../Spoons/MoveWindow.spoon/worklayout.lua | 0 .../default.nix} | 12 ++-- .../presets/services}/hammerspoon/init.lua | 0 .../nmasur/presets/services/loadkey.nix | 33 ++++++++++ .../modules/nmasur/profiles/developer.nix | 6 +- .../modules/nmasur/profiles/fun.nix | 10 ++-- .../modules/nmasur/profiles/linux-base.nix | 26 ++++---- .../modules/nmasur/profiles/linux-gaming.nix | 25 ++++++++ .../modules/nmasur/profiles/linux-gui.nix | 26 ++++---- .../modules/nmasur/profiles/work.nix | 6 ++ .../modules/nmasur/profiles/base.nix | 5 ++ .../modules/nmasur/presets/services/bind.nix | 2 +- .../modules/nmasur/presets/services/caddy.nix | 6 +- .../nmasur/presets}/services/cloudflare.nix | 31 +++++----- .../nixos/modules/nmasur/profiles/gaming.nix | 1 + .../nixos/modules/{services => }/secrets.nix | 0 .../services/cloudflare-dyndns-noproxy.nix | 4 +- .../nixos/modules}/services/honeypot.nix | 56 +++++++++-------- 55 files changed, 362 insertions(+), 347 deletions(-) delete mode 100644 modules/common/programming/default.nix delete mode 100644 modules/common/programming/lua.nix delete mode 100644 modules/common/programming/python.nix delete mode 100644 modules/common/programming/rust.nix delete mode 100644 modules/common/programming/terraform.nix delete mode 100644 modules/darwin/fonts.nix delete mode 100644 modules/nixos/gaming/legendary.nix delete mode 100644 modules/nixos/gaming/lutris.nix delete mode 100644 modules/nixos/gaming/ryujinx.nix create mode 100644 overlays/stable.nix create mode 100644 platforms/home-manager/modules/nmasur/presets/fonts.nix create mode 100644 platforms/home-manager/modules/nmasur/presets/programs/cargo.nix rename {modules/common/programming => platforms/home-manager/modules/nmasur/presets/programs}/haskell.nix (53%) create mode 100644 platforms/home-manager/modules/nmasur/presets/programs/lua.nix create mode 100644 platforms/home-manager/modules/nmasur/presets/programs/python.nix rename {modules/nixos/graphical => platforms/home-manager/modules/nmasur/presets/programs}/rofi/brightness.nix (100%) rename platforms/home-manager/modules/nmasur/presets/programs/{rofi.nix => rofi/default.nix} (99%) rename {modules/nixos/graphical => platforms/home-manager/modules/nmasur/presets/programs}/rofi/power.nix (100%) rename {modules/nixos/graphical => platforms/home-manager/modules/nmasur/presets/programs}/rofi/pulse-sink.sh (100%) rename {modules/nixos/graphical => platforms/home-manager/modules/nmasur/presets/programs}/rofi/rofi-prompt.sh (100%) rename {modules/nixos/graphical => platforms/home-manager/modules/nmasur/presets/programs}/rofi/themes/brightness.rasi (100%) rename {modules/nixos/graphical => platforms/home-manager/modules/nmasur/presets/programs}/rofi/themes/common.rasi (100%) rename {modules/nixos/graphical => platforms/home-manager/modules/nmasur/presets/programs}/rofi/themes/launcher.rasi (100%) rename {modules/nixos/graphical => platforms/home-manager/modules/nmasur/presets/programs}/rofi/themes/power.rasi (100%) rename {modules/nixos/graphical => platforms/home-manager/modules/nmasur/presets/programs}/rofi/themes/prompt.rasi (100%) create mode 100644 platforms/home-manager/modules/nmasur/presets/programs/terraform.nix create mode 100644 platforms/home-manager/modules/nmasur/presets/programs/wine.nix rename {modules/darwin => platforms/home-manager/modules/nmasur/presets/services}/hammerspoon/.stylua.toml (100%) rename {modules/darwin => platforms/home-manager/modules/nmasur/presets/services}/hammerspoon/Spoons/ControlEscape.spoon/init.lua (100%) rename {modules/darwin => platforms/home-manager/modules/nmasur/presets/services}/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications.applescript (100%) rename {modules/darwin => platforms/home-manager/modules/nmasur/presets/services}/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications_applescript.js (100%) rename {modules/darwin => platforms/home-manager/modules/nmasur/presets/services}/hammerspoon/Spoons/DismissAlerts.spoon/init.lua (100%) rename {modules/darwin => platforms/home-manager/modules/nmasur/presets/services}/hammerspoon/Spoons/Launcher.spoon/init.lua (100%) rename {modules/darwin => platforms/home-manager/modules/nmasur/presets/services}/hammerspoon/Spoons/MoveWindow.spoon/init.lua (100%) rename {modules/darwin => platforms/home-manager/modules/nmasur/presets/services}/hammerspoon/Spoons/MoveWindow.spoon/worklayout.lua (100%) rename platforms/home-manager/modules/nmasur/presets/services/{hammerspoon.nix => hammerspoon/default.nix} (81%) rename {modules/darwin => platforms/home-manager/modules/nmasur/presets/services}/hammerspoon/init.lua (100%) create mode 100644 platforms/home-manager/modules/nmasur/presets/services/loadkey.nix create mode 100644 platforms/home-manager/modules/nmasur/profiles/linux-gaming.nix rename {modules/nixos => platforms/nixos/modules/nmasur/presets}/services/cloudflare.nix (85%) rename platforms/nixos/modules/{services => }/secrets.nix (100%) rename {modules/nixos => platforms/nixos/modules}/services/honeypot.nix (57%) diff --git a/flake.lock b/flake.lock index b17f336..8163ced 100644 --- a/flake.lock +++ b/flake.lock @@ -492,22 +492,6 @@ "type": "github" } }, - "nixpkgs-caddy": { - "locked": { - "lastModified": 1699107987, - "narHash": "sha256-nWXETr4Oqy/vOfzgWyMY04qzEN2iREFJc5ycQ3XNu0A=", - "owner": "jpds", - "repo": "nixpkgs", - "rev": "a33b02fa9d664f31dadc8a874eb1a5dbaa9f4ecf", - "type": "github" - }, - "original": { - "owner": "jpds", - "ref": "caddy-external-plugins", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-stable": { "locked": { "lastModified": 1735563628, @@ -697,7 +681,6 @@ "nix2vim": "nix2vim", "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs", - "nixpkgs-caddy": "nixpkgs-caddy", "nixpkgs-stable": "nixpkgs-stable", "nur": "nur", "nvim-lint-src": "nvim-lint-src", diff --git a/flake.nix b/flake.nix index ea07be3..2b01609 100644 --- a/flake.nix +++ b/flake.nix @@ -10,9 +10,6 @@ # Used for specific stable packages nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.05"; - # Used for caddy plugins - nixpkgs-caddy.url = "github:jpds/nixpkgs/caddy-external-plugins"; - # Used for MacOS system config darwin = { url = "github:lnl7/nix-darwin/master"; diff --git a/modules/common/programming/default.nix b/modules/common/programming/default.nix deleted file mode 100644 index ee96303..0000000 --- a/modules/common/programming/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ ... }: -{ - - imports = [ - ./haskell.nix - ./kubernetes.nix - ./lua.nix - ./python.nix - ./rust.nix - ./terraform.nix - ]; -} diff --git a/modules/common/programming/lua.nix b/modules/common/programming/lua.nix deleted file mode 100644 index 5ff03a6..0000000 --- a/modules/common/programming/lua.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -{ - - options.lua.enable = lib.mkEnableOption "Lua programming language."; - - config = lib.mkIf config.lua.enable { - home-manager.users.${config.user}.home.packages = with pkgs; [ - stylua # Lua formatter - sumneko-lua-language-server # Lua LSP - ]; - }; -} diff --git a/modules/common/programming/python.nix b/modules/common/programming/python.nix deleted file mode 100644 index 525e482..0000000 --- a/modules/common/programming/python.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -{ - - options.python.enable = lib.mkEnableOption "Python programming language."; - - config = lib.mkIf config.python.enable { - - home-manager.users.${config.user} = { - - home.packages = with pkgs; [ - # python310 # Standard Python interpreter - pyright # Python language server - black # Python formatter - python310Packages.flake8 # Python linter - ]; - - programs.fish.shellAbbrs = { - py = "python3"; - }; - }; - }; -} diff --git a/modules/common/programming/rust.nix b/modules/common/programming/rust.nix deleted file mode 100644 index 4619ac8..0000000 --- a/modules/common/programming/rust.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -{ - - options.rust.enable = lib.mkEnableOption "Rust programming language."; - - config = lib.mkIf config.rust.enable { - - home-manager.users.${config.user} = { - - programs.fish.shellAbbrs = { - ca = "cargo"; - }; - - home.packages = with pkgs; [ - gcc - rustc - cargo - cargo-watch - clippy - rustfmt - pkg-config - openssl - ]; - }; - }; -} diff --git a/modules/common/programming/terraform.nix b/modules/common/programming/terraform.nix deleted file mode 100644 index 89ec115..0000000 --- a/modules/common/programming/terraform.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -{ - - options.terraform.enable = lib.mkEnableOption "Terraform tools."; - - config = lib.mkIf config.terraform.enable { - unfreePackages = [ "terraform" ]; - - home-manager.users.${config.user} = { - programs.fish.shellAbbrs = { - # Terraform - te = "terraform"; - }; - home.packages = with pkgs; [ - terraform # Terraform executable - terraform-ls # Language server - tflint # Linter - ]; - }; - }; -} diff --git a/modules/darwin/fonts.nix b/modules/darwin/fonts.nix deleted file mode 100644 index 42f217d..0000000 --- a/modules/darwin/fonts.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -{ - - home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin { - - home.packages = with pkgs; [ nerd-fonts.victor-mono ]; - - programs.alacritty.settings = { - font.normal.family = "VictorMono"; - }; - - programs.kitty.font = { - package = pkgs.nerd-fonts.victor-mono; - name = "VictorMono Nerd Font Mono"; - }; - }; -} diff --git a/modules/nixos/gaming/legendary.nix b/modules/nixos/gaming/legendary.nix deleted file mode 100644 index e8ee270..0000000 --- a/modules/nixos/gaming/legendary.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: - -let - home-packages = config.home-manager.users.${config.user}.home.packages; -in -{ - - options.gaming.legendary.enable = lib.mkEnableOption "Legendary Epic Games launcher."; - - config = lib.mkIf config.gaming.legendary.enable { - environment.systemPackages = with pkgs; [ - legendary-gl - wineWowPackages.stable # 32-bit and 64-bit wineWowPackages, see https://nixos.wiki/wiki/Wine - heroic # GUI launcher - ]; - - home-manager.users.${config.user} = { - - xdg.configFile."legendary/config.ini".text = '' - [Legendary] - ; Disables the automatic update check - disable_update_check = false - ; Disables the notice about an available update on exit - disable_update_notice = true - ; Set install directory - install_dir = ${config.homePath}/media/games - ; Make output quiet - log_level = error - ''; - - home.file = - let - ignorePatterns = '' - .wine/ - drive_c/''; - in - { - ".rgignore".text = ignorePatterns; - ".fdignore".text = ignorePatterns; - }; - - programs.fish.functions = lib.mkIf (builtins.elem pkgs.fzf home-packages) { - epic-games = { - body = '' - set game (legendary list 2>/dev/null \ - | awk '/^ \* / { print $0; }' \ - | sed -e 's/ (.*)$//' -e 's/ \* //' \ - | fzf) - and legendary launch "$game" &> /dev/null - ''; - }; - }; - }; - }; -} diff --git a/modules/nixos/gaming/lutris.nix b/modules/nixos/gaming/lutris.nix deleted file mode 100644 index 7d11f4e..0000000 --- a/modules/nixos/gaming/lutris.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -{ - - options.gaming.lutris.enable = lib.mkEnableOption "Lutris game installer."; - - config = lib.mkIf config.gaming.lutris.enable { - environment.systemPackages = with pkgs; [ - lutris - amdvlk # Vulkan drivers (probably already installed) - wineWowPackages.stable # 32-bit and 64-bit wineWowPackages - ]; - }; -} diff --git a/modules/nixos/gaming/ryujinx.nix b/modules/nixos/gaming/ryujinx.nix deleted file mode 100644 index 1bd1191..0000000 --- a/modules/nixos/gaming/ryujinx.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -{ - - options.gaming.ryujinx.enable = lib.mkEnableOption "Ryujinx Nintendo Switch application."; - - config = lib.mkIf config.gaming.ryujinx.enable { - environment.systemPackages = with pkgs; [ ryujinx ]; - - home-manager.users.${config.user}.xdg.desktopEntries.ryujinx = lib.mkIf pkgs.stdenv.isLinux { - name = "Ryujinx"; - exec = "env DOTNET_EnableAlternateStackCheck=1 Ryujinx -r /home/${config.user}/media/games/ryujinx/ %f"; - }; - }; -} diff --git a/overlays/stable.nix b/overlays/stable.nix new file mode 100644 index 0000000..114740b --- /dev/null +++ b/overlays/stable.nix @@ -0,0 +1,12 @@ +# Include stable packages +# Adapted from https://github.com/PsychoLlama/dotfiles/blob/dd41f8c60fdc85868dbd7d88cf933348b497dcf0/lib/overlays/latest-packages.nix + +inputs: _final: prev: { + # Provides `pkgs.stable`. + stable = import inputs.nixpkgs-stable { + inherit (prev) system config; + overlays = [ + # inputs.self.overlays.vim-plugins + ]; + }; +} diff --git a/platforms/home-manager/modules/nmasur/presets/fonts.nix b/platforms/home-manager/modules/nmasur/presets/fonts.nix new file mode 100644 index 0000000..0b56196 --- /dev/null +++ b/platforms/home-manager/modules/nmasur/presets/fonts.nix @@ -0,0 +1,38 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + cfg = config.nmasur.presets.fonts; +in +{ + + options.nmasur.presets.fonts.enable = lib.mkEnableOption "Font configuration"; + + config = lib.mkIf cfg.enable { + + home.packages = [ + pkgs.victor-mono # Used for Vim and Terminal + pkgs.nerd-fonts.hack # For Polybar, Rofi + ]; + fonts.fontconfig = { + enable = true; + defaultFonts.monospace = [ "Victor Mono" ]; + }; + + xsession.windowManager.i3.config.fonts = { + names = [ "pango:Victor Mono" ]; + # style = "Regular"; + # size = 11.0; + }; + services.polybar.config."bar/main".font-0 = "Hack Nerd Font:size=10;2"; + programs.rofi.font = "Hack Nerd Font 14"; + programs.alacritty.settings.font.normal.family = "VictorMono"; + programs.kitty.font.name = "VictorMono Nerd Font Mono"; + config.nmasur.presets.programs.wezterm.font = "VictorMono Nerd Font Mono"; + services.dunst.settings.global.font = "Hack Nerd Font 14"; + }; +} diff --git a/platforms/home-manager/modules/nmasur/presets/programs/cargo.nix b/platforms/home-manager/modules/nmasur/presets/programs/cargo.nix new file mode 100644 index 0000000..cdff3c3 --- /dev/null +++ b/platforms/home-manager/modules/nmasur/presets/programs/cargo.nix @@ -0,0 +1,32 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + cfg = config.nmasur.presets.programs.cargo; +in +{ + + options.nmasur.presets.programs.cargo.enable = lib.mkEnableOption "Cargo for programming language."; + + config = lib.mkIf cfg.enable { + + programs.fish.shellAbbrs = { + ca = "cargo"; + }; + + home.packages = with pkgs; [ + gcc + rustc + cargo + cargo-watch + clippy + rustfmt + pkg-config + openssl + ]; + }; +} diff --git a/modules/common/programming/haskell.nix b/platforms/home-manager/modules/nmasur/presets/programs/haskell.nix similarity index 53% rename from modules/common/programming/haskell.nix rename to platforms/home-manager/modules/nmasur/presets/programs/haskell.nix index 4074b99..9fb55f2 100644 --- a/modules/common/programming/haskell.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/haskell.nix @@ -1,9 +1,13 @@ { config, lib, ... }: +let + cfg = config.nmasur.presets.programs.haskell; +in { - options.haskell.enable = lib.mkEnableOption "Haskell programming language."; + options.nmasur.presets.programs.haskell.enable = + lib.mkEnableOption "Haskell programming language config."; - config = lib.mkIf config.haskell.enable { + config = lib.mkIf cfg.enable { # Binary Cache for Haskell.nix nix.settings.trusted-public-keys = [ "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ]; diff --git a/platforms/home-manager/modules/nmasur/presets/programs/lua.nix b/platforms/home-manager/modules/nmasur/presets/programs/lua.nix new file mode 100644 index 0000000..0e1d44b --- /dev/null +++ b/platforms/home-manager/modules/nmasur/presets/programs/lua.nix @@ -0,0 +1,21 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + cfg = config.nmasur.presets.programs.lua; +in +{ + + options.nmasur.presets.programs.lua.enable = lib.mkEnableOption "Lua programming language."; + + config = lib.mkIf cfg.enable { + home.packages = [ + pkgs.stylua # Lua formatter + pkgs.sumneko-lua-language-server # Lua LSP + ]; + }; +} diff --git a/platforms/home-manager/modules/nmasur/presets/programs/python.nix b/platforms/home-manager/modules/nmasur/presets/programs/python.nix new file mode 100644 index 0000000..1a7f95d --- /dev/null +++ b/platforms/home-manager/modules/nmasur/presets/programs/python.nix @@ -0,0 +1,27 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + cfg = config.nmasur.presets.programs.python; +in +{ + + options.nmasur.presets.programs.python.enable = lib.mkEnableOption "Python programming language."; + + config = lib.mkIf cfg.enable { + + home.packages = [ + pkgs.pyright # Python language server + pkgs.black # Python formatter + pkgs.python310Packages.flake8 # Python linter + ]; + + programs.fish.shellAbbrs = { + py = "python3"; + }; + }; +} diff --git a/modules/nixos/graphical/rofi/brightness.nix b/platforms/home-manager/modules/nmasur/presets/programs/rofi/brightness.nix similarity index 100% rename from modules/nixos/graphical/rofi/brightness.nix rename to platforms/home-manager/modules/nmasur/presets/programs/rofi/brightness.nix diff --git a/platforms/home-manager/modules/nmasur/presets/programs/rofi.nix b/platforms/home-manager/modules/nmasur/presets/programs/rofi/default.nix similarity index 99% rename from platforms/home-manager/modules/nmasur/presets/programs/rofi.nix rename to platforms/home-manager/modules/nmasur/presets/programs/rofi/default.nix index 5d35ed4..fcd5cac 100644 --- a/platforms/home-manager/modules/nmasur/presets/programs/rofi.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/rofi/default.nix @@ -168,7 +168,7 @@ in home.file.".local/share/rofi/themes" = { recursive = true; - source = ./rofi/themes; + source = ./themes; }; }; diff --git a/modules/nixos/graphical/rofi/power.nix b/platforms/home-manager/modules/nmasur/presets/programs/rofi/power.nix similarity index 100% rename from modules/nixos/graphical/rofi/power.nix rename to platforms/home-manager/modules/nmasur/presets/programs/rofi/power.nix diff --git a/modules/nixos/graphical/rofi/pulse-sink.sh b/platforms/home-manager/modules/nmasur/presets/programs/rofi/pulse-sink.sh similarity index 100% rename from modules/nixos/graphical/rofi/pulse-sink.sh rename to platforms/home-manager/modules/nmasur/presets/programs/rofi/pulse-sink.sh diff --git a/modules/nixos/graphical/rofi/rofi-prompt.sh b/platforms/home-manager/modules/nmasur/presets/programs/rofi/rofi-prompt.sh similarity index 100% rename from modules/nixos/graphical/rofi/rofi-prompt.sh rename to platforms/home-manager/modules/nmasur/presets/programs/rofi/rofi-prompt.sh diff --git a/modules/nixos/graphical/rofi/themes/brightness.rasi b/platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/brightness.rasi similarity index 100% rename from modules/nixos/graphical/rofi/themes/brightness.rasi rename to platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/brightness.rasi diff --git a/modules/nixos/graphical/rofi/themes/common.rasi b/platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/common.rasi similarity index 100% rename from modules/nixos/graphical/rofi/themes/common.rasi rename to platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/common.rasi diff --git a/modules/nixos/graphical/rofi/themes/launcher.rasi b/platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/launcher.rasi similarity index 100% rename from modules/nixos/graphical/rofi/themes/launcher.rasi rename to platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/launcher.rasi diff --git a/modules/nixos/graphical/rofi/themes/power.rasi b/platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/power.rasi similarity index 100% rename from modules/nixos/graphical/rofi/themes/power.rasi rename to platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/power.rasi diff --git a/modules/nixos/graphical/rofi/themes/prompt.rasi b/platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/prompt.rasi similarity index 100% rename from modules/nixos/graphical/rofi/themes/prompt.rasi rename to platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/prompt.rasi diff --git a/platforms/home-manager/modules/nmasur/presets/programs/terraform.nix b/platforms/home-manager/modules/nmasur/presets/programs/terraform.nix new file mode 100644 index 0000000..b170851 --- /dev/null +++ b/platforms/home-manager/modules/nmasur/presets/programs/terraform.nix @@ -0,0 +1,30 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + cfg = config.nmasur.presets.programs.terraform; +in +{ + + options.nmasur.presets.programs.terraform.enable = + lib.mkEnableOption "Terraform infrastructure management"; + + config = lib.mkIf cfg.enable { + + unfreePackages = [ "terraform" ]; + + programs.fish.shellAbbrs = { + te = "terraform"; + }; + + home.packages = with pkgs; [ + terraform + terraform-ls + tflint + ]; + }; +} diff --git a/platforms/home-manager/modules/nmasur/presets/programs/wezterm.nix b/platforms/home-manager/modules/nmasur/presets/programs/wezterm.nix index 0175b30..f1299ac 100644 --- a/platforms/home-manager/modules/nmasur/presets/programs/wezterm.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/wezterm.nix @@ -7,12 +7,17 @@ let cfg = config.nmasur.presets.programs.wezterm; - font = config.programs.kitty.font.name; in { - options.nmasur.presets.programs.wezterm.enable = lib.mkEnableOption "WezTerm terminal"; + options.nmasur.presets.programs.wezterm = { + enable = lib.mkEnableOption "WezTerm terminal"; + font = lib.mkOption { + type = lib.types.str; + description = "Name of the font for WezTerm"; + }; + }; config = lib.mkIf cfg.enable { # Set the i3 terminal @@ -99,7 +104,7 @@ in bottom = 12, } - config.font = wezterm.font('${font}', { weight = 'Bold'}) + config.font = wezterm.font('${cfg.font}', { weight = 'Bold'}) config.font_size = ${if pkgs.stdenv.isLinux then "14.0" else "18.0"} -- Fix color blocks instead of text @@ -108,7 +113,7 @@ in -- Tab Bar config.hide_tab_bar_if_only_one_tab = true config.window_frame = { - font = wezterm.font('${font}', { weight = 'Bold'}), + font = wezterm.font('${cfg.font}', { weight = 'Bold'}), font_size = ${if pkgs.stdenv.isLinux then "12.0" else "16.0"}, } diff --git a/platforms/home-manager/modules/nmasur/presets/programs/wine.nix b/platforms/home-manager/modules/nmasur/presets/programs/wine.nix new file mode 100644 index 0000000..6bd8e18 --- /dev/null +++ b/platforms/home-manager/modules/nmasur/presets/programs/wine.nix @@ -0,0 +1,25 @@ +{ config, lib, ... }: + +let + cfg = config.nmasur.presets.programs.wine; +in + +{ + options.nmasur.presets.programs.wine.enable = lib.mkEnableOption "Wine settings"; + + config = lib.mkIf cfg.enable { + + # Ignore wine directories in searches + home.file = + let + ignorePatterns = '' + .wine/ + drive_c/''; + in + { + ".rgignore".text = ignorePatterns; + ".fdignore".text = ignorePatterns; + }; + + }; +} diff --git a/modules/darwin/hammerspoon/.stylua.toml b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/.stylua.toml similarity index 100% rename from modules/darwin/hammerspoon/.stylua.toml rename to platforms/home-manager/modules/nmasur/presets/services/hammerspoon/.stylua.toml diff --git a/modules/darwin/hammerspoon/Spoons/ControlEscape.spoon/init.lua b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/ControlEscape.spoon/init.lua similarity index 100% rename from modules/darwin/hammerspoon/Spoons/ControlEscape.spoon/init.lua rename to platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/ControlEscape.spoon/init.lua diff --git a/modules/darwin/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications.applescript b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications.applescript similarity index 100% rename from modules/darwin/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications.applescript rename to platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications.applescript diff --git a/modules/darwin/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications_applescript.js b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications_applescript.js similarity index 100% rename from modules/darwin/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications_applescript.js rename to platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications_applescript.js diff --git a/modules/darwin/hammerspoon/Spoons/DismissAlerts.spoon/init.lua b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/DismissAlerts.spoon/init.lua similarity index 100% rename from modules/darwin/hammerspoon/Spoons/DismissAlerts.spoon/init.lua rename to platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/DismissAlerts.spoon/init.lua diff --git a/modules/darwin/hammerspoon/Spoons/Launcher.spoon/init.lua b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/Launcher.spoon/init.lua similarity index 100% rename from modules/darwin/hammerspoon/Spoons/Launcher.spoon/init.lua rename to platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/Launcher.spoon/init.lua diff --git a/modules/darwin/hammerspoon/Spoons/MoveWindow.spoon/init.lua b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/MoveWindow.spoon/init.lua similarity index 100% rename from modules/darwin/hammerspoon/Spoons/MoveWindow.spoon/init.lua rename to platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/MoveWindow.spoon/init.lua diff --git a/modules/darwin/hammerspoon/Spoons/MoveWindow.spoon/worklayout.lua b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/MoveWindow.spoon/worklayout.lua similarity index 100% rename from modules/darwin/hammerspoon/Spoons/MoveWindow.spoon/worklayout.lua rename to platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/MoveWindow.spoon/worklayout.lua diff --git a/platforms/home-manager/modules/nmasur/presets/services/hammerspoon.nix b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/default.nix similarity index 81% rename from platforms/home-manager/modules/nmasur/presets/services/hammerspoon.nix rename to platforms/home-manager/modules/nmasur/presets/services/hammerspoon/default.nix index c55d9fb..47f4ad4 100644 --- a/platforms/home-manager/modules/nmasur/presets/services/hammerspoon.nix +++ b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/default.nix @@ -15,20 +15,18 @@ in lib.mkEnableOption "Hammerspoon macOS automation"; config = lib.mkIf cfg.enable { - xdg.configFile."hammerspoon/init.lua".source = ./hammerspoon/init.lua; - xdg.configFile."hammerspoon/Spoons/ControlEscape.spoon".source = - ./hammerspoon/Spoons/ControlEscape.spoon; - xdg.configFile."hammerspoon/Spoons/DismissAlerts.spoon".source = - ./hammerspoon/Spoons/DismissAlerts.spoon; + xdg.configFile."hammerspoon/init.lua".source = ./init.lua; + xdg.configFile."hammerspoon/Spoons/ControlEscape.spoon".source = ./Spoons/ControlEscape.spoon; + xdg.configFile."hammerspoon/Spoons/DismissAlerts.spoon".source = ./Spoons/DismissAlerts.spoon; xdg.configFile."hammerspoon/Spoons/Launcher.spoon/init.lua".source = pkgs.substituteAll { - src = ./hammerspoon/Spoons/Launcher.spoon/init.lua; + src = ./Spoons/Launcher.spoon/init.lua; firefox = "${pkgs.firefox-bin}/Applications/Firefox.app"; discord = "${pkgs.discord}/Applications/Discord.app"; wezterm = "${pkgs.wezterm}/Applications/WezTerm.app"; obsidian = "${pkgs.obsidian}/Applications/Obsidian.app"; slack = "${pkgs.slack}/Applications/Slack.app"; }; - xdg.configFile."hammerspoon/Spoons/MoveWindow.spoon".source = ./hammerspoon/Spoons/MoveWindow.spoon; + xdg.configFile."hammerspoon/Spoons/MoveWindow.spoon".source = ./Spoons/MoveWindow.spoon; home.activation.reloadHammerspoon = config.home-manager.users.${config.user}.lib.dag.entryAfter [ "writeBoundary" ] diff --git a/modules/darwin/hammerspoon/init.lua b/platforms/home-manager/modules/nmasur/presets/services/hammerspoon/init.lua similarity index 100% rename from modules/darwin/hammerspoon/init.lua rename to platforms/home-manager/modules/nmasur/presets/services/hammerspoon/init.lua diff --git a/platforms/home-manager/modules/nmasur/presets/services/loadkey.nix b/platforms/home-manager/modules/nmasur/presets/services/loadkey.nix new file mode 100644 index 0000000..830fb16 --- /dev/null +++ b/platforms/home-manager/modules/nmasur/presets/services/loadkey.nix @@ -0,0 +1,33 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + cfg = config.nmasur.presets.services.loadkey; +in +{ + + options.nmasur.presets.services.loadkey.enable = + lib.mkEnableOption "Load the private key as an SSH file"; + + config = lib.mkIf cfg.enable { + + home.activation = { + + # Always load the key if it doesn't exist + cloneDotfiles = config.lib.dag.entryAfter [ "writeBoundary" ] '' + if [ ! -f ~/.ssh/id_ed25519 ]; then + run mkdir -p ~/.ssh/ + + $DRY_RUN_CMD mkdir --parents $VERBOSE_ARG $(dirname "${config.dotfilesPath}") + $DRY_RUN_CMD ${pkgs.git}/bin/git \ + clone ${config.dotfilesRepo} "${config.dotfilesPath}" + fi + ''; + }; + + }; +} diff --git a/platforms/home-manager/modules/nmasur/profiles/developer.nix b/platforms/home-manager/modules/nmasur/profiles/developer.nix index e10ae93..4736473 100644 --- a/platforms/home-manager/modules/nmasur/profiles/developer.nix +++ b/platforms/home-manager/modules/nmasur/profiles/developer.nix @@ -15,10 +15,12 @@ in config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ - pgcli # Postgres client with autocomplete + home.packages = lib.mkDefault [ + pkgs.pgcli # Postgres client with autocomplete ]; + programs.helix.enable = lib.mkDefault true; + }; } diff --git a/platforms/home-manager/modules/nmasur/profiles/fun.nix b/platforms/home-manager/modules/nmasur/profiles/fun.nix index 5d4b875..3de70a4 100644 --- a/platforms/home-manager/modules/nmasur/profiles/fun.nix +++ b/platforms/home-manager/modules/nmasur/profiles/fun.nix @@ -15,14 +15,14 @@ in config = lib.mkIf cfg.enable { - home.packages = with pkgs; [ + home.packages = lib.mkDefault [ # Charm tools - glow # Markdown previews - skate # Key-value store - charm # Manage account and filesystem - pop # Send emails from a TUI + pkgs.glow # Markdown previews + pkgs.skate # Key-value store + pkgs.charm # Manage account and filesystem + pkgs.pop # Send emails from a TUI ]; diff --git a/platforms/home-manager/modules/nmasur/profiles/linux-base.nix b/platforms/home-manager/modules/nmasur/profiles/linux-base.nix index 596e6d7..2953346 100644 --- a/platforms/home-manager/modules/nmasur/profiles/linux-base.nix +++ b/platforms/home-manager/modules/nmasur/profiles/linux-base.nix @@ -16,28 +16,28 @@ in config = lib.mkIf cfg.enable { # Allow Nix to manage the default applications list - mimeApps.enable = true; + mimeApps.enable = lib.mkDefault true; # Set directories for application defaults userDirs = { - enable = true; - createDirectories = true; - documents = "$HOME/documents"; - download = config.userDirs.download; - music = "$HOME/media/music"; - pictures = "$HOME/media/images"; - videos = "$HOME/media/videos"; - desktop = "$HOME/other/desktop"; - publicShare = "$HOME/other/public"; - templates = "$HOME/other/templates"; + enable = lib.mkDefault true; + createDirectories = lib.mkDefault true; + documents = lib.mkDefault "$HOME/documents"; + download = lib.mkDefault config.userDirs.download; + music = lib.mkDefault "$HOME/media/music"; + pictures = lib.mkDefault "$HOME/media/images"; + videos = lib.mkDefault "$HOME/media/videos"; + desktop = lib.mkDefault "$HOME/other/desktop"; + publicShare = lib.mkDefault "$HOME/other/public"; + templates = lib.mkDefault "$HOME/other/templates"; extraConfig = { - XDG_DEV_DIR = "$HOME/dev"; + XDG_DEV_DIR = lib.mkDefault "$HOME/dev"; }; }; programs.fish.shellAliases = { # Move files to XDG trash on the commandline - trash = "${pkgs.trash-cli}/bin/trash-put"; + trash = lib.mkDefault "${pkgs.trash-cli}/bin/trash-put"; }; }; } diff --git a/platforms/home-manager/modules/nmasur/profiles/linux-gaming.nix b/platforms/home-manager/modules/nmasur/profiles/linux-gaming.nix new file mode 100644 index 0000000..0a7f139 --- /dev/null +++ b/platforms/home-manager/modules/nmasur/profiles/linux-gaming.nix @@ -0,0 +1,25 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + cfg = config.nmasur.profiles.linux-gaming; +in + +{ + + options.nmasur.profiles.linux-gaming.enable = lib.mkEnableOption "Linux gaming home"; + + config = lib.mkIf cfg.enable { + + config.nmasur.programs.wine.enable = lib.mkDefault true; + + home.packages = lib.mkDefault [ + pkgs.heroic + ]; + + }; +} diff --git a/platforms/home-manager/modules/nmasur/profiles/linux-gui.nix b/platforms/home-manager/modules/nmasur/profiles/linux-gui.nix index 62883cc..4a3cea0 100644 --- a/platforms/home-manager/modules/nmasur/profiles/linux-gui.nix +++ b/platforms/home-manager/modules/nmasur/profiles/linux-gui.nix @@ -17,32 +17,34 @@ in # Cursor home.pointerCursor = { - name = "Adwaita"; - package = pkgs.adwaita-icon-theme; - size = 24; - gtk.enable = true; - x11.enable = true; + name = lib.mkDefault "Adwaita"; + package = lib.mkDefault pkgs.adwaita-icon-theme; + size = lib.mkDefault 24; + gtk.enable = lib.mkDefault true; + x11.enable = lib.mkDefault true; }; # Enable num lock on login - xsession.numlock.enable = true; + xsession.numlock.enable = lib.mkDefault true; # Dark theme gtk = let gtkExtraConfig = { - gtk-application-prefer-dark-theme = config.theme.dark; + gtk-application-prefer-dark-theme = lib.mkDefault config.theme.dark; }; in { - enable = true; + enable = lib.mkDefault true; theme = { - name = config.gtk.theme.name; - package = config.gtk.theme.package; + name = lib.mkDefault config.gtk.theme.name; + package = lib.mkDefault config.gtk.theme.package; }; - gtk3.extraConfig = gtkExtraConfig; - gtk4.extraConfig = gtkExtraConfig; + gtk3.extraConfig = lib.mkDefault gtkExtraConfig; + gtk4.extraConfig = lib.mkDefault gtkExtraConfig; }; + programs.zed-editor.enable = lib.mkDefault true; + }; } diff --git a/platforms/home-manager/modules/nmasur/profiles/work.nix b/platforms/home-manager/modules/nmasur/profiles/work.nix index e5a2af8..1cdb241 100644 --- a/platforms/home-manager/modules/nmasur/profiles/work.nix +++ b/platforms/home-manager/modules/nmasur/profiles/work.nix @@ -58,6 +58,12 @@ in text = builtins.readFile ../../modules/common/shell/bash/scripts/terraform-init.sh; }) ]; + + programs.helix.enable = lib.mkDefault true; + programs.zed-editor.enable = lib.mkDefault true; + + config.nmasur.presets.programs.terraform.enable = lib.mkDefault true; + }; } diff --git a/platforms/nix-darwin/modules/nmasur/profiles/base.nix b/platforms/nix-darwin/modules/nmasur/profiles/base.nix index dc89595..93a57ec 100644 --- a/platforms/nix-darwin/modules/nmasur/profiles/base.nix +++ b/platforms/nix-darwin/modules/nmasur/profiles/base.nix @@ -22,5 +22,10 @@ in "notunes" # Don't launch Apple Music with the play button ]; + # Add homebrew paths to CLI path + home.sessionPath = [ + "/opt/homebrew/opt/trash/bin" + ]; + }; } diff --git a/platforms/nixos/modules/nmasur/presets/services/bind.nix b/platforms/nixos/modules/nmasur/presets/services/bind.nix index 2520b6a..19caaf5 100644 --- a/platforms/nixos/modules/nmasur/presets/services/bind.nix +++ b/platforms/nixos/modules/nmasur/presets/services/bind.nix @@ -34,7 +34,7 @@ in # Normally I block all requests not coming from Cloudflare, so I have to also # allow my local network. - caddy.cidrAllowlist = [ "192.168.0.0/16" ]; + config.nmasur.presets.services.caddy.cidrAllowlist = [ "192.168.0.0/16" ]; services.bind = { diff --git a/platforms/nixos/modules/nmasur/presets/services/caddy.nix b/platforms/nixos/modules/nmasur/presets/services/caddy.nix index 7a0280f..754d964 100644 --- a/platforms/nixos/modules/nmasur/presets/services/caddy.nix +++ b/platforms/nixos/modules/nmasur/presets/services/caddy.nix @@ -50,10 +50,10 @@ in config = lib.mkIf cfg.enable { # Force Caddy to 403 if not coming from allowlisted source - caddy.cidrAllowlist = lib.mkDefault [ "127.0.0.1/32" ]; - caddy.routes = lib.mkBefore [ + cfg.cidrAllowlist = lib.mkDefault [ "127.0.0.1/32" ]; + cfg.routes = lib.mkBefore [ { - match = [ { not = [ { remote_ip.ranges = config.caddy.cidrAllowlist; } ]; } ]; + match = [ { not = [ { remote_ip.ranges = cfg.cidrAllowlist; } ]; } ]; handle = [ { handler = "static_response"; diff --git a/modules/nixos/services/cloudflare.nix b/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix similarity index 85% rename from modules/nixos/services/cloudflare.nix rename to platforms/nixos/modules/nmasur/presets/services/cloudflare.nix index 788de80..deccf15 100644 --- a/modules/nixos/services/cloudflare.nix +++ b/platforms/nixos/modules/nmasur/presets/services/cloudflare.nix @@ -11,13 +11,14 @@ { config, pkgs, - pkgs-caddy, lib, ... }: let + cfg = config.nmasur.presets.services.cloudflare; + cloudflareIpRanges = [ # Cloudflare IPv4: https://www.cloudflare.com/ips-v4 @@ -49,29 +50,25 @@ let in { - options.cloudflare.enable = lib.mkEnableOption "Use Cloudflare."; + options.nmasur.presets.services.cloudflare = { + enable = lib.mkEnableOption "Cloudflare proxy configuration"; - options.cloudflare.noProxyDomains = lib.mkOption { - type = lib.types.listOf lib.types.str; - description = "Domains to use for dyndns without CDN proxying."; - default = [ ]; + noProxyDomains = lib.mkOption { + type = lib.types.listOf lib.types.str; + description = "Domains to use for dyndns without CDN proxying."; + default = [ ]; + }; }; - config = lib.mkIf config.cloudflare.enable { + config = lib.mkIf cfg.enable { # Forces Caddy to error if coming from a non-Cloudflare IP - caddy.cidrAllowlist = cloudflareIpRanges; + config.nmasur.presets.services.caddy.cidrAllowlist = cloudflareIpRanges; # Tell Caddy to use Cloudflare DNS for ACME challenge validation - services.caddy.package = pkgs-caddy.caddy.override { - externalPlugins = [ - { - name = "cloudflare"; - repo = "github.com/caddy-dns/cloudflare"; - version = "master"; - } - ]; - vendorHash = "sha256-C7JOGd4sXsRZL561oP84V2/pTg7szEgF4OFOw35yS1s="; + services.caddy.package = pkgs.caddy.withPlugins { + plugins = [ "github.com/caddy-dns/cloudflare@master" ]; + hash = "sha256-C7JOGd4sXsRZL561oP84V2/pTg7szEgF4OFOw35yS1s="; }; caddy.tlsPolicies = [ { diff --git a/platforms/nixos/modules/nmasur/profiles/gaming.nix b/platforms/nixos/modules/nmasur/profiles/gaming.nix index 80b0b47..c9e5456 100644 --- a/platforms/nixos/modules/nmasur/profiles/gaming.nix +++ b/platforms/nixos/modules/nmasur/profiles/gaming.nix @@ -25,5 +25,6 @@ in programs.gamemode.enable = true; environment.systemPackages = with pkgs; [ moonlight-qt ]; + }; } diff --git a/platforms/nixos/modules/services/secrets.nix b/platforms/nixos/modules/secrets.nix similarity index 100% rename from platforms/nixos/modules/services/secrets.nix rename to platforms/nixos/modules/secrets.nix diff --git a/platforms/nixos/modules/services/cloudflare-dyndns-noproxy.nix b/platforms/nixos/modules/services/cloudflare-dyndns-noproxy.nix index fb14cd7..0303ae3 100644 --- a/platforms/nixos/modules/services/cloudflare-dyndns-noproxy.nix +++ b/platforms/nixos/modules/services/cloudflare-dyndns-noproxy.nix @@ -18,7 +18,7 @@ in # Run a second copy of dyn-dns for non-proxied domains # Adapted from: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/services/networking/cloudflare-dyndns.nix systemd.services.cloudflare-dyndns-noproxy = - lib.mkIf ((builtins.length config.cloudflare.noProxyDomains) > 0) + lib.mkIf ((builtins.length config.nmasur.presets.services.cloudflare.noProxyDomains) > 0) { description = "CloudFlare Dynamic DNS Client (no proxy)"; after = [ @@ -30,7 +30,7 @@ in startAt = "*:0/5"; environment = { - CLOUDFLARE_DOMAINS = toString config.cloudflare.noProxyDomains; + CLOUDFLARE_DOMAINS = toString config.nmasur.presets.services.cloudflare.noProxyDomains; }; serviceConfig = { diff --git a/modules/nixos/services/honeypot.nix b/platforms/nixos/modules/services/honeypot.nix similarity index 57% rename from modules/nixos/services/honeypot.nix rename to platforms/nixos/modules/services/honeypot.nix index 8b5fb60..a41b392 100644 --- a/modules/nixos/services/honeypot.nix +++ b/platforms/nixos/modules/services/honeypot.nix @@ -18,6 +18,8 @@ let + cfg = config.services.honeypot; + portsToBlock = [ 25545 25565 @@ -47,35 +49,37 @@ let in { - options.honeypot.enable = lib.mkEnableOption "Honeypot fail2ban system."; + options.services.honeypot.enable = lib.mkEnableOption "Honeypot fail2ban system."; - config.networking.firewall = lib.mkIf config.honeypot.enable { + config = lib.mkIf cfg.enable { + networking.firewall = { - extraPackages = [ pkgs.ipset ]; - # allowedTCPPorts = portsToBlock; + extraPackages = [ pkgs.ipset ]; + # allowedTCPPorts = portsToBlock; - # Restore ban list when starting up - extraCommands = '' - if test -f /var/lib/ipset.conf - then - ipset restore -! < /var/lib/ipset.conf - else - ipset -exist create blocked hash:ip ${if expire > 0 then "timeout ${toString expire}" else ""} - ipset -exist create blocked6 hash:ip family inet6 ${ - if expire > 0 then "timeout ${toString expire}" else "" - } - fi - ${create-rules} - ''; + # Restore ban list when starting up + extraCommands = '' + if test -f /var/lib/ipset.conf + then + ipset restore -! < /var/lib/ipset.conf + else + ipset -exist create blocked hash:ip ${if expire > 0 then "timeout ${toString expire}" else ""} + ipset -exist create blocked6 hash:ip family inet6 ${ + if expire > 0 then "timeout ${toString expire}" else "" + } + fi + ${create-rules} + ''; - # Save list when shutting down - extraStopCommands = '' - ipset -exist create blocked hash:ip ${if expire > 0 then "timeout ${toString expire}" else ""} - ipset -exist create blocked6 hash:ip family inet6 ${ - if expire > 0 then "timeout ${toString expire}" else "" - } - ipset save > /var/lib/ipset.conf - ${delete-rules} - ''; + # Save list when shutting down + extraStopCommands = '' + ipset -exist create blocked hash:ip ${if expire > 0 then "timeout ${toString expire}" else ""} + ipset -exist create blocked6 hash:ip family inet6 ${ + if expire > 0 then "timeout ${toString expire}" else "" + } + ipset save > /var/lib/ipset.conf + ${delete-rules} + ''; + }; }; }