From 75d4dbe8684611b683e54f13eec7ea43bf5e747a Mon Sep 17 00:00:00 2001 From: Noah Masur <7386960+nmasur@users.noreply.github.com> Date: Sun, 9 Mar 2025 18:04:01 +0000 Subject: [PATCH] move apps into pkgs and rename hosts --- apps/README.md | 9 - apps/default.nix | 31 ---- apps/encrypt-secret.nix | 19 -- apps/format-root.nix | 9 - apps/help.nix | 24 --- apps/installer.nix | 50 ------ apps/neovim.nix | 12 -- apps/readme.nix | 11 -- apps/rebuild.nix | 17 -- {hosts-old/arrow => deploy}/aws/ec2.tf | 0 {hosts-old/arrow => deploy}/aws/image.tf | 0 {hosts-old/arrow => deploy}/aws/main.tf | 0 {hosts-old/arrow => deploy}/aws/outputs.tf | 0 {hosts-old/arrow => deploy}/aws/variables.tf | 0 {hosts-old/arrow => deploy}/vultr/main.tf | 0 flake.nix | 41 +---- hosts-old/arrow/default.nix | 41 ----- hosts-old/arrow/modules.nix | 32 ---- hosts-old/hydra/default.nix | 51 ------ hosts-old/staff/default.nix | 53 ------ .../aarch64-darwin/lookingglass/default.nix | 0 .../aarch64-linux/default.nix | 0 .../aarch64-linux/flame/cloudflared-flame.age | 0 .../aarch64-linux/flame/default.nix | 0 {hosts-by-platform => hosts}/default.nix | 0 hosts/x86_64-linux/arrow/default.nix | 32 ++++ hosts/x86_64-linux/hydra/default.nix | 33 ++++ .../x86_64-linux/staff/default.nix | 0 .../x86_64-linux/swan/cloudflared-swan.age | 0 .../x86_64-linux/swan/default.nix | 15 -- .../x86_64-linux/swan/root.nix | 0 .../tempest/cloudflared-tempest.age | 0 .../x86_64-linux/tempest/default.nix | 0 modules/README.md | 9 - modules/common/default.nix | 167 ------------------ .../editors/neovim/nmasur/neovim/package.nix | 2 +- pkgs/tools/misc/default/package.nix | 18 ++ pkgs/tools/misc/dotfiles-devshell/package.nix | 12 ++ pkgs/tools/misc/encrypt-secret/package.nix | 11 ++ pkgs/tools/misc/installer/package.nix | 44 +++++ pkgs/tools/misc/readme/package.nix | 5 + pkgs/tools/misc/rebuild/package.nix | 11 ++ .../nixos/modules/nmasur/profiles/base.nix | 10 +- .../nixos/modules/nmasur/profiles/wsl.nix | 11 ++ 44 files changed, 188 insertions(+), 592 deletions(-) delete mode 100644 apps/README.md delete mode 100644 apps/default.nix delete mode 100644 apps/encrypt-secret.nix delete mode 100644 apps/format-root.nix delete mode 100644 apps/help.nix delete mode 100644 apps/installer.nix delete mode 100644 apps/neovim.nix delete mode 100644 apps/readme.nix delete mode 100644 apps/rebuild.nix rename {hosts-old/arrow => deploy}/aws/ec2.tf (100%) rename {hosts-old/arrow => deploy}/aws/image.tf (100%) rename {hosts-old/arrow => deploy}/aws/main.tf (100%) rename {hosts-old/arrow => deploy}/aws/outputs.tf (100%) rename {hosts-old/arrow => deploy}/aws/variables.tf (100%) rename {hosts-old/arrow => deploy}/vultr/main.tf (100%) delete mode 100644 hosts-old/arrow/default.nix delete mode 100644 hosts-old/arrow/modules.nix delete mode 100644 hosts-old/hydra/default.nix delete mode 100644 hosts-old/staff/default.nix rename {hosts-by-platform => hosts}/aarch64-darwin/lookingglass/default.nix (100%) rename {hosts-by-platform => hosts}/aarch64-linux/default.nix (100%) rename {hosts-by-platform => hosts}/aarch64-linux/flame/cloudflared-flame.age (100%) rename {hosts-by-platform => hosts}/aarch64-linux/flame/default.nix (100%) rename {hosts-by-platform => hosts}/default.nix (100%) create mode 100644 hosts/x86_64-linux/arrow/default.nix create mode 100644 hosts/x86_64-linux/hydra/default.nix rename {hosts-by-platform => hosts}/x86_64-linux/staff/default.nix (100%) rename {hosts-by-platform => hosts}/x86_64-linux/swan/cloudflared-swan.age (100%) rename {hosts-by-platform => hosts}/x86_64-linux/swan/default.nix (80%) rename {hosts-by-platform => hosts}/x86_64-linux/swan/root.nix (100%) rename {hosts-by-platform => hosts}/x86_64-linux/tempest/cloudflared-tempest.age (100%) rename {hosts-by-platform => hosts}/x86_64-linux/tempest/default.nix (100%) delete mode 100644 modules/README.md delete mode 100644 modules/common/default.nix create mode 100644 pkgs/tools/misc/default/package.nix create mode 100644 pkgs/tools/misc/dotfiles-devshell/package.nix create mode 100644 pkgs/tools/misc/encrypt-secret/package.nix create mode 100644 pkgs/tools/misc/installer/package.nix create mode 100644 pkgs/tools/misc/readme/package.nix create mode 100644 pkgs/tools/misc/rebuild/package.nix diff --git a/apps/README.md b/apps/README.md deleted file mode 100644 index eadcea4..0000000 --- a/apps/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# Apps - -These are all my miscellaneous utilies and scripts to accompany this project. - -They can be run with: - -``` -nix run github:nmasur/dotfiles#appname -``` diff --git a/apps/default.nix b/apps/default.nix deleted file mode 100644 index 02355ce..0000000 --- a/apps/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ pkgs, ... }: -rec { - - # Show quick helper - default = import ./help.nix { inherit pkgs; }; - - # Format primary disk - format-root = import ./format-root.nix { inherit pkgs; }; - - # Format and install from nothing (deprecated) - installer = import ./installer.nix { inherit pkgs; }; - - # Display the readme for this repository - readme = import ./readme.nix { inherit pkgs; }; - - # Rebuild - rebuild = import ./rebuild.nix { inherit pkgs; }; - - # Load the SSH key for this machine - loadkey = import ./loadkey.nix { inherit pkgs; }; - - # Encrypt secret for all machines - encrypt-secret = import ./encrypt-secret.nix { inherit pkgs; }; - - # Re-encrypt secrets for all machines - reencrypt-secrets = import ./reencrypt-secrets.nix { inherit pkgs; }; - - # Run neovim as an app - neovim = import ./neovim.nix { inherit pkgs; }; - nvim = neovim; -} diff --git a/apps/encrypt-secret.nix b/apps/encrypt-secret.nix deleted file mode 100644 index 19f6f32..0000000 --- a/apps/encrypt-secret.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ pkgs, ... }: -{ - - # nix run github:nmasur/dotfiles#encrypt-secret > private/mysecret.age - - type = "app"; - - program = builtins.toString ( - pkgs.writeShellScript "encrypt-secret" '' - printf "\nEnter the secret data to encrypt for all hosts...\n\n" 1>&2 - read -p "Secret: " secret - printf "\nEncrypting...\n\n" 1>&2 - tmpfile=$(mktemp) - echo "''${secret}" > ''${tmpfile} - ${pkgs.age}/bin/age --encrypt --armor --recipients-file ${builtins.toString ../misc/public-keys} $tmpfile - rm $tmpfile - '' - ); -} diff --git a/apps/format-root.nix b/apps/format-root.nix deleted file mode 100644 index acf7afd..0000000 --- a/apps/format-root.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ pkgs, ... }: -{ - - # This script will partition and format drives; use at your own risk! - - type = "app"; - - program = pkgs.lib.getExe pkgs.nmasur.format-root; -} diff --git a/apps/help.nix b/apps/help.nix deleted file mode 100644 index 4f3e82f..0000000 --- a/apps/help.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ pkgs, ... }: -{ - - type = "app"; - - program = builtins.toString ( - pkgs.writeShellScript "default" '' - ${pkgs.gum}/bin/gum style --margin "1 2" --padding "0 2" --foreground "15" --background "55" "Options" - ${pkgs.gum}/bin/gum format --type=template -- ' {{ Italic "Run with" }} {{ Color "15" "69" " nix run github:nmasur/dotfiles#" }}{{ Color "15" "62" "someoption" }}{{ Color "15" "69" " " }}.' - echo "" - echo "" - ${pkgs.gum}/bin/gum format --type=template -- \ - ' • {{ Color "15" "57" " readme " }} {{ Italic "Documentation for this repository." }}' \ - ' • {{ Color "15" "57" " rebuild " }} {{ Italic "Switch to this configuration." }}' \ - ' • {{ Color "15" "57" " installer " }} {{ Italic "Format and install from nothing." }}' \ - ' • {{ Color "15" "57" " neovim " }} {{ Italic "Test out the Neovim package." }}' \ - ' • {{ Color "15" "57" " loadkey " }} {{ Italic "Load an ssh key for this machine using melt." }}' \ - ' • {{ Color "15" "57" " encrypt-secret " }} {{ Italic "Encrypt a secret for all machines." }}' \ - ' • {{ Color "15" "57" " reencrypt-secrets " }} {{ Italic "Reencrypt all secrets when new machine is added." }}' \ - echo "" - echo "" - '' - ); -} diff --git a/apps/installer.nix b/apps/installer.nix deleted file mode 100644 index 4609c52..0000000 --- a/apps/installer.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ pkgs, ... }: -{ - - # Inspired by https://github.com/cleverca22/nix-tests/blob/master/kexec/justdoit.nix - # This script will partition and format drives; use at your own risk! - - type = "app"; - - program = builtins.toString ( - pkgs.writeShellScript "installer" '' - set -e - - DISK=$1 - FLAKE=$2 - PARTITION_PREFIX="" - - if [ -z "$DISK" ] || [ -z "$FLAKE" ]; then - ${pkgs.gum}/bin/gum style --width 50 --margin "1 2" --padding "2 4" \ - --foreground "#fb4934" \ - "Missing required parameter." \ - "Usage: installer -- " \ - "Example: installer -- nvme0n1 tempest" \ - "Flake example: nix run github:nmasur/dotfiles#installer -- nvme0n1 tempest" - echo "(exiting)" - exit 1 - fi - - case "$DISK" in nvme*) - PARTITION_PREFIX="p" - esac - - ${pkgs.gum}/bin/gum confirm \ - "This will ERASE ALL DATA on the disk /dev/''${DISK}. Are you sure you want to continue?" \ - --default=false - - ${pkgs.parted}/bin/parted /dev/''${DISK} -- mklabel gpt - ${pkgs.parted}/bin/parted /dev/''${DISK} -- mkpart primary 512MiB 100% - ${pkgs.parted}/bin/parted /dev/''${DISK} -- mkpart ESP fat32 1MiB 512MiB - ${pkgs.parted}/bin/parted /dev/''${DISK} -- set 3 esp on - mkfs.ext4 -L nixos /dev/''${DISK}''${PARTITION_PREFIX}1 - mkfs.fat -F 32 -n boot /dev/''${DISK}''${PARTITION_PREFIX}2 - - mount /dev/disk/by-label/nixos /mnt - mkdir --parents /mnt/boot - mount /dev/disk/by-label/boot /mnt/boot - - ${pkgs.nixos-install-tools}/bin/nixos-install --flake github:nmasur/dotfiles#''${FLAKE} - '' - ); -} diff --git a/apps/neovim.nix b/apps/neovim.nix deleted file mode 100644 index b027fb2..0000000 --- a/apps/neovim.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ pkgs, ... }: -{ - - type = "app"; - - program = "${ - (import ../modules/common/neovim/package { - inherit pkgs; - colors = (import ../colorscheme/nord).dark; - }) - }/bin/nvim"; -} diff --git a/apps/readme.nix b/apps/readme.nix deleted file mode 100644 index 51ad625..0000000 --- a/apps/readme.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ pkgs, ... }: -{ - - type = "app"; - - program = builtins.toString ( - pkgs.writeShellScript "readme" '' - ${pkgs.glow}/bin/glow --pager ${builtins.toString ../README.md} - '' - ); -} diff --git a/apps/rebuild.nix b/apps/rebuild.nix deleted file mode 100644 index 90e69d5..0000000 --- a/apps/rebuild.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ pkgs, ... }: -{ - - type = "app"; - - program = builtins.toString ( - pkgs.writeShellScript "rebuild" '' - echo ${pkgs.system} - SYSTEM=${if pkgs.stdenv.isDarwin then "darwin" else "linux"} - if [ "$SYSTEM" == "darwin" ]; then - sudo darwin-rebuild switch --flake ${builtins.toString ../.} - else - doas nixos-rebuild switch --flake ${builtins.toString ../.} - fi - '' - ); -} diff --git a/hosts-old/arrow/aws/ec2.tf b/deploy/aws/ec2.tf similarity index 100% rename from hosts-old/arrow/aws/ec2.tf rename to deploy/aws/ec2.tf diff --git a/hosts-old/arrow/aws/image.tf b/deploy/aws/image.tf similarity index 100% rename from hosts-old/arrow/aws/image.tf rename to deploy/aws/image.tf diff --git a/hosts-old/arrow/aws/main.tf b/deploy/aws/main.tf similarity index 100% rename from hosts-old/arrow/aws/main.tf rename to deploy/aws/main.tf diff --git a/hosts-old/arrow/aws/outputs.tf b/deploy/aws/outputs.tf similarity index 100% rename from hosts-old/arrow/aws/outputs.tf rename to deploy/aws/outputs.tf diff --git a/hosts-old/arrow/aws/variables.tf b/deploy/aws/variables.tf similarity index 100% rename from hosts-old/arrow/aws/variables.tf rename to deploy/aws/variables.tf diff --git a/hosts-old/arrow/vultr/main.tf b/deploy/vultr/main.tf similarity index 100% rename from hosts-old/arrow/vultr/main.tf rename to deploy/vultr/main.tf diff --git a/flake.nix b/flake.nix index 72a96e9..8c5aab9 100644 --- a/flake.nix +++ b/flake.nix @@ -327,9 +327,9 @@ ]; }; - x86_64-linux-hosts = (import ./hosts-by-platform nixpkgs).x86_64-linux-hosts; - aarch64-linux-hosts = (import ./hosts-by-platform nixpkgs).aarch64-linux-hosts; - aarch64-darwin-hosts = (import ./hosts-by-platform nixpkgs).aarch64-darwin-hosts; + x86_64-linux-hosts = (import ./hosts nixpkgs).x86_64-linux-hosts; + aarch64-linux-hosts = (import ./hosts nixpkgs).aarch64-linux-hosts; + aarch64-darwin-hosts = (import ./hosts nixpkgs).aarch64-darwin-hosts; in rec { @@ -443,39 +443,12 @@ # aarch64-darwin.neovim = neovim "aarch64-darwin"; # }; - mypackages = forAllSystems (system: pkgsBySystem.${system}.nmasur); - - packages = mypackages; - - # # Programs that can be run by calling this flake - # apps = forAllSystems ( - # system: - # let - # pkgs = import nixpkgs { inherit system overlays; }; - # in - # import ./apps { inherit pkgs; } - # ); + packages = forAllSystems (system: pkgsBySystem.${system}.nmasur); # Development environments - devShells = forAllSystems ( - system: - let - pkgs = import nixpkgs { inherit system overlays; }; - in - { - - # Used to run commands and edit files in this repo - default = pkgs.mkShell { - buildInputs = with pkgs; [ - git - stylua - nixfmt-rfc-style - shfmt - shellcheck - ]; - }; - } - ); + devShells = forAllSystems (system: { + default = pkgsBySystem.${system}.nmasur.dotfiles-devshell; + }); checks = forAllSystems ( system: diff --git a/hosts-old/arrow/default.nix b/hosts-old/arrow/default.nix deleted file mode 100644 index 3d19975..0000000 --- a/hosts-old/arrow/default.nix +++ /dev/null @@ -1,41 +0,0 @@ -# The Arrow -# System configuration for temporary VM - -{ - inputs, - globals, - overlays, - ... -}: - -inputs.nixpkgs.lib.nixosSystem rec { - system = "x86_64-linux"; - specialArgs = { - pkgs-caddy = import inputs.nixpkgs-caddy { inherit system; }; - }; - modules = import ./modules.nix { inherit inputs globals overlays; } ++ [ - { - # This is the root filesystem containing NixOS - fileSystems."/" = { - device = "/dev/disk/by-label/nixos"; - fsType = "ext4"; - }; - - # This is the boot filesystem for Grub - fileSystems."/boot" = { - device = "/dev/disk/by-label/boot"; - fsType = "vfat"; - }; - - virtualisation.vmVariant = { - virtualisation.forwardPorts = [ - { - from = "host"; - host.port = 2222; - guest.port = 22; - } - ]; - }; - } - ]; -} diff --git a/hosts-old/arrow/modules.nix b/hosts-old/arrow/modules.nix deleted file mode 100644 index 699e5cc..0000000 --- a/hosts-old/arrow/modules.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - inputs, - globals, - overlays, -}: - -[ - globals - inputs.home-manager.nixosModules.home-manager - { - nixpkgs.overlays = overlays; - networking.hostName = "arrow"; - physical = false; - server = true; - gui.enable = false; - theme.colors = (import ../../colorscheme/gruvbox).dark; - publicKeys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s personal" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKpPU2G9rSF8Q6waH62IJexDCQ6lY+8ZyVufGE3xMDGw deploy" - ]; - identityFile = "/home/${globals.user}/.ssh/id_ed25519"; - cloudflare.enable = true; - services.openssh.enable = true; - services.caddy.enable = true; - services.n8n.enable = true; - - # nix-index seems to eat up too much memory for Vultr - home-manager.users.${globals.user}.programs.nix-index.enable = inputs.nixpkgs.lib.mkForce false; - } - ../../modules/common - ../../modules/nixos -] diff --git a/hosts-old/hydra/default.nix b/hosts-old/hydra/default.nix deleted file mode 100644 index 161b1a9..0000000 --- a/hosts-old/hydra/default.nix +++ /dev/null @@ -1,51 +0,0 @@ -# The Hydra -# System configuration for WSL - -# See [readme](../README.md) to explain how this file works. - -{ - inputs, - globals, - overlays, - ... -}: - -inputs.nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { }; - modules = [ - ../../modules/common - ../../modules/nixos - ../../modules/wsl - globals - inputs.wsl.nixosModules.wsl - inputs.home-manager.nixosModules.home-manager - { - networking.hostName = "hydra"; - nixpkgs.overlays = overlays; - identityFile = "/home/${globals.user}/.ssh/id_ed25519"; - gui.enable = false; - theme = { - colors = (import ../../colorscheme/gruvbox).dark; - dark = true; - }; - passwordHash = inputs.nixpkgs.lib.fileContents ../../misc/password.sha512; - wsl = { - enable = true; - wslConf.automount.root = "/mnt"; - defaultUser = globals.user; - startMenuLaunchers = true; - nativeSystemd = true; - wslConf.network.generateResolvConf = true; # Turn off if it breaks VPN - interop.includePath = false; # Including Windows PATH will slow down Neovim command mode - }; - - neovim.enable = true; - mail.enable = true; - mail.aerc.enable = true; - mail.himalaya.enable = true; - dotfiles.enable = true; - lua.enable = true; - } - ]; -} diff --git a/hosts-old/staff/default.nix b/hosts-old/staff/default.nix deleted file mode 100644 index d73fdb4..0000000 --- a/hosts-old/staff/default.nix +++ /dev/null @@ -1,53 +0,0 @@ -# The Staff -# ISO configuration for my USB drive - -{ - inputs, - system, - overlays, - ... -}: - -inputs.nixos-generators.nixosGenerate { - inherit system; - format = "install-iso"; - modules = [ - { - nixpkgs.overlays = overlays; - networking.hostName = "staff"; - users.extraUsers.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s" - ]; - services.openssh = { - enable = true; - ports = [ 22 ]; - allowSFTP = true; - settings = { - GatewayPorts = "no"; - X11Forwarding = false; - PasswordAuthentication = false; - PermitRootLogin = "yes"; - }; - }; - environment.systemPackages = - let - pkgs = import inputs.nixpkgs { inherit system overlays; }; - in - with pkgs; - [ - git - vim - wget - curl - (import ../../modules/common/neovim/package { - inherit pkgs; - colors = (import ../../colorscheme/gruvbox).dark; - }) - ]; - nix.extraOptions = '' - experimental-features = nix-command flakes - warn-dirty = false - ''; - } - ]; -} diff --git a/hosts-by-platform/aarch64-darwin/lookingglass/default.nix b/hosts/aarch64-darwin/lookingglass/default.nix similarity index 100% rename from hosts-by-platform/aarch64-darwin/lookingglass/default.nix rename to hosts/aarch64-darwin/lookingglass/default.nix diff --git a/hosts-by-platform/aarch64-linux/default.nix b/hosts/aarch64-linux/default.nix similarity index 100% rename from hosts-by-platform/aarch64-linux/default.nix rename to hosts/aarch64-linux/default.nix diff --git a/hosts-by-platform/aarch64-linux/flame/cloudflared-flame.age b/hosts/aarch64-linux/flame/cloudflared-flame.age similarity index 100% rename from hosts-by-platform/aarch64-linux/flame/cloudflared-flame.age rename to hosts/aarch64-linux/flame/cloudflared-flame.age diff --git a/hosts-by-platform/aarch64-linux/flame/default.nix b/hosts/aarch64-linux/flame/default.nix similarity index 100% rename from hosts-by-platform/aarch64-linux/flame/default.nix rename to hosts/aarch64-linux/flame/default.nix diff --git a/hosts-by-platform/default.nix b/hosts/default.nix similarity index 100% rename from hosts-by-platform/default.nix rename to hosts/default.nix diff --git a/hosts/x86_64-linux/arrow/default.nix b/hosts/x86_64-linux/arrow/default.nix new file mode 100644 index 0000000..f5b742f --- /dev/null +++ b/hosts/x86_64-linux/arrow/default.nix @@ -0,0 +1,32 @@ +# The Arrow +# System configuration for temporary VM + +rec { + # Hardware + networking.hostName = "arrow"; + + nmasur.settings = { + username = "noah"; + fullName = "Noah Masur"; + }; + + nmasur.profiles = { + base.enable = true; + server.enable = true; + }; + + home-manager.users."noah" = { + nmasur.settings = { + username = nmasur.settings.username; + fullName = nmasur.settings.fullName; + }; + nmasur.profiles = { + common.enable = true; + linux-base.enable = true; + }; + home.stateVersion = "23.05"; + }; + + system.stateVersion = "23.05"; + +} diff --git a/hosts/x86_64-linux/hydra/default.nix b/hosts/x86_64-linux/hydra/default.nix new file mode 100644 index 0000000..f93081e --- /dev/null +++ b/hosts/x86_64-linux/hydra/default.nix @@ -0,0 +1,33 @@ +# The Hydra +# System configuration for WSL + +rec { + # Hardware + networking.hostName = "hydra"; + + nmasur.settings = { + username = "noah"; + fullName = "Noah Masur"; + }; + + nmasur.profiles = { + base.enable = true; + wsl.enable = true; + }; + + home-manager.users."noah" = { + nmasur.settings = { + username = nmasur.settings.username; + fullName = nmasur.settings.fullName; + }; + nmasur.profiles = { + common.enable = true; + linux-base.enable = true; + power-user.enable = true; + }; + home.stateVersion = "23.05"; + }; + + system.stateVersion = "23.05"; + +} diff --git a/hosts-by-platform/x86_64-linux/staff/default.nix b/hosts/x86_64-linux/staff/default.nix similarity index 100% rename from hosts-by-platform/x86_64-linux/staff/default.nix rename to hosts/x86_64-linux/staff/default.nix diff --git a/hosts-by-platform/x86_64-linux/swan/cloudflared-swan.age b/hosts/x86_64-linux/swan/cloudflared-swan.age similarity index 100% rename from hosts-by-platform/x86_64-linux/swan/cloudflared-swan.age rename to hosts/x86_64-linux/swan/cloudflared-swan.age diff --git a/hosts-by-platform/x86_64-linux/swan/default.nix b/hosts/x86_64-linux/swan/default.nix similarity index 80% rename from hosts-by-platform/x86_64-linux/swan/default.nix rename to hosts/x86_64-linux/swan/default.nix index bed74d3..f0fd650 100644 --- a/hosts-by-platform/x86_64-linux/swan/default.nix +++ b/hosts/x86_64-linux/swan/default.nix @@ -7,21 +7,6 @@ rec { nmasur.settings = { username = "noah"; fullName = "Noah Masur"; - # hostnames = - # let - # baseName = "masu.rs"; - # in - # { - # audiobooks = "read.${baseName}"; - # books = "books.${baseName}"; - # content = "cloud.${baseName}"; - # download = "download.${baseName}"; - # files = "files.${baseName}"; - # paperless = "paper.${baseName}"; - # photos = "photos.${baseName}"; - # prometheus = "prom.${baseName}"; - # stream = "stream.${baseName}"; - # }; }; nmasur.profiles = { diff --git a/hosts-by-platform/x86_64-linux/swan/root.nix b/hosts/x86_64-linux/swan/root.nix similarity index 100% rename from hosts-by-platform/x86_64-linux/swan/root.nix rename to hosts/x86_64-linux/swan/root.nix diff --git a/hosts-by-platform/x86_64-linux/tempest/cloudflared-tempest.age b/hosts/x86_64-linux/tempest/cloudflared-tempest.age similarity index 100% rename from hosts-by-platform/x86_64-linux/tempest/cloudflared-tempest.age rename to hosts/x86_64-linux/tempest/cloudflared-tempest.age diff --git a/hosts-by-platform/x86_64-linux/tempest/default.nix b/hosts/x86_64-linux/tempest/default.nix similarity index 100% rename from hosts-by-platform/x86_64-linux/tempest/default.nix rename to hosts/x86_64-linux/tempest/default.nix diff --git a/modules/README.md b/modules/README.md deleted file mode 100644 index 74fd03b..0000000 --- a/modules/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# Modules - -| Module | Purpose | -| --- | --- | -| [common](./common/default.nix) | User programs and OS-agnostic configuration | -| [darwin](./darwin/default.nix) | macOS-specific configuration | -| [nixos](./nixos/default.nix) | NixOS-specific configuration | -| [wsl](./wsl/default.nix) | WSL-specific configuration | - diff --git a/modules/common/default.nix b/modules/common/default.nix deleted file mode 100644 index 0aedeb3..0000000 --- a/modules/common/default.nix +++ /dev/null @@ -1,167 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -{ - - imports = [ - ./applications - ./mail - ./neovim - ./programming - ./repositories - ./shell - ]; - - options = { - # user = lib.mkOption { - # type = lib.types.str; - # description = "Primary user of the system"; - # }; - # fullName = lib.mkOption { - # type = lib.types.str; - # description = "Human readable name of the user"; - # }; - # userDirs = { - # # Required to prevent infinite recursion when referenced by himalaya - # download = lib.mkOption { - # type = lib.types.str; - # description = "XDG directory for downloads"; - # default = if pkgs.stdenv.isDarwin then "$HOME/Downloads" else "$HOME/downloads"; - # }; - # }; - # identityFile = lib.mkOption { - # type = lib.types.str; - # description = "Path to existing private key file."; - # default = "/etc/ssh/ssh_host_ed25519_key"; - # }; - # homePath = lib.mkOption { - # type = lib.types.path; - # description = "Path of user's home directory."; - # default = builtins.toPath ( - # if pkgs.stdenv.isDarwin then "/Users/${config.user}" else "/home/${config.user}" - # ); - # }; - # dotfilesPath = lib.mkOption { - # type = lib.types.path; - # description = "Path of dotfiles repository."; - # default = config.homePath + "/dev/personal/dotfiles"; - # }; - # dotfilesRepo = lib.mkOption { - # type = lib.types.str; - # description = "Link to dotfiles repository HTTPS URL."; - # }; - # unfreePackages = lib.mkOption { - # type = lib.types.listOf lib.types.str; - # description = "List of unfree packages to allow."; - # default = [ ]; - # }; - # insecurePackages = lib.mkOption { - # type = lib.types.listOf lib.types.str; - # description = "List of insecure packages to allow."; - # default = [ ]; - # }; - # hostnames = { - # audiobooks = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for audiobook server (Audiobookshelf)."; - # }; - # budget = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for budgeting server (ActualBudget)."; - # }; - # files = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for files server (Filebrowser)."; - # }; - # git = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for git server (Gitea)."; - # }; - # metrics = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for metrics server."; - # }; - # minecraft = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for Minecraft server."; - # }; - # paperless = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for document server (paperless-ngx)."; - # }; - # photos = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for photo management (Immich)."; - # }; - # prometheus = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for Prometheus server."; - # }; - # influxdb = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for InfluxDB2 server."; - # }; - # secrets = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for passwords and secrets (Vaultwarden)."; - # }; - # stream = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for video/media library (Jellyfin)."; - # }; - # content = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for personal content system (Nextcloud)."; - # }; - # books = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for books library (Calibre-Web)."; - # }; - # download = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for download services."; - # }; - # irc = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for IRC services."; - # }; - # n8n = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for n8n automation."; - # }; - # notifications = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for push notification services (ntfy)."; - # }; - # status = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for status page (Uptime-Kuma)."; - # }; - # transmission = lib.mkOption { - # type = lib.types.str; - # description = "Hostname for peer2peer downloads (Transmission)."; - # }; - # }; - }; - - config = - let - stateVersion = "23.05"; - in - { - - # Allow specified unfree packages (identified elsewhere) - # Retrieves package object based on string name - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.unfreePackages; - - # Allow specified insecure packages (identified elsewhere) - nixpkgs.config.permittedInsecurePackages = config.insecurePackages; - - # Pin a state version to prevent warnings - home-manager.users.${config.user}.home.stateVersion = stateVersion; - home-manager.users.root.home.stateVersion = stateVersion; - }; -} diff --git a/pkgs/applications/editors/neovim/nmasur/neovim/package.nix b/pkgs/applications/editors/neovim/nmasur/neovim/package.nix index 74d1fc2..6871028 100644 --- a/pkgs/applications/editors/neovim/nmasur/neovim/package.nix +++ b/pkgs/applications/editors/neovim/nmasur/neovim/package.nix @@ -28,7 +28,7 @@ { pkgs, - colors ? (import ../../../../../../colorscheme/gruvbox).dark, + colors ? (import ../../../../../../colorscheme/nord).dark, terraform ? false, github ? false, kubernetes ? false, diff --git a/pkgs/tools/misc/default/package.nix b/pkgs/tools/misc/default/package.nix new file mode 100644 index 0000000..c86f746 --- /dev/null +++ b/pkgs/tools/misc/default/package.nix @@ -0,0 +1,18 @@ +{ pkgs, ... }: + +pkgs.writeShellScriptBin "default" '' + ${pkgs.gum}/bin/gum style --margin "1 2" --padding "0 2" --foreground "15" --background "55" "Options" + ${pkgs.gum}/bin/gum format --type=template -- ' {{ Italic "Run with" }} {{ Color "15" "69" " nix run github:nmasur/dotfiles#" }}{{ Color "15" "62" "someoption" }}{{ Color "15" "69" " " }}.' + echo "" + echo "" + ${pkgs.gum}/bin/gum format --type=template -- \ + ' • {{ Color "15" "57" " readme " }} {{ Italic "Documentation for this repository." }}' \ + ' • {{ Color "15" "57" " rebuild " }} {{ Italic "Switch to this configuration." }}' \ + ' • {{ Color "15" "57" " installer " }} {{ Italic "Format and install from nothing." }}' \ + ' • {{ Color "15" "57" " neovim " }} {{ Italic "Test out the Neovim package." }}' \ + ' • {{ Color "15" "57" " loadkey " }} {{ Italic "Load an ssh key for this machine using melt." }}' \ + ' • {{ Color "15" "57" " encrypt-secret " }} {{ Italic "Encrypt a secret for all machines." }}' \ + ' • {{ Color "15" "57" " reencrypt-secrets " }} {{ Italic "Reencrypt all secrets when new machine is added." }}' + echo "" + echo "" +'' diff --git a/pkgs/tools/misc/dotfiles-devshell/package.nix b/pkgs/tools/misc/dotfiles-devshell/package.nix new file mode 100644 index 0000000..c40333e --- /dev/null +++ b/pkgs/tools/misc/dotfiles-devshell/package.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: + +pkgs.mkShell { + name = "dotfiles-devshell"; + buildInputs = with pkgs; [ + git + stylua + nixfmt-rfc-style + shfmt + shellcheck + ]; +} diff --git a/pkgs/tools/misc/encrypt-secret/package.nix b/pkgs/tools/misc/encrypt-secret/package.nix new file mode 100644 index 0000000..161edf4 --- /dev/null +++ b/pkgs/tools/misc/encrypt-secret/package.nix @@ -0,0 +1,11 @@ +{ pkgs, ... }: + +pkgs.writeShellScriptBin "encrypt-secret" '' + printf "\nEnter the secret data to encrypt for all hosts...\n\n" 1>&2 + read -p "Secret: " secret + printf "\nEncrypting...\n\n" 1>&2 + tmpfile=$(mktemp) + echo "''${secret}" > ''${tmpfile} + ${pkgs.age}/bin/age --encrypt --armor --recipients-file ${builtins.toString ../../../../misc/public-keys} $tmpfile + rm $tmpfile +'' diff --git a/pkgs/tools/misc/installer/package.nix b/pkgs/tools/misc/installer/package.nix new file mode 100644 index 0000000..90c51de --- /dev/null +++ b/pkgs/tools/misc/installer/package.nix @@ -0,0 +1,44 @@ +{ pkgs, ... }: + +# Inspired by https://github.com/cleverca22/nix-tests/blob/master/kexec/justdoit.nix +# This script will partition and format drives; use at your own risk! + +pkgs.writeShellScriptBin "installer" '' + set -e + + DISK=$1 + FLAKE=$2 + PARTITION_PREFIX="" + + if [ -z "$DISK" ] || [ -z "$FLAKE" ]; then + ${pkgs.gum}/bin/gum style --width 50 --margin "1 2" --padding "2 4" \ + --foreground "#fb4934" \ + "Missing required parameter." \ + "Usage: installer -- " \ + "Example: installer -- nvme0n1 tempest" \ + "Flake example: nix run github:nmasur/dotfiles#installer -- nvme0n1 tempest" + echo "(exiting)" + exit 1 + fi + + case "$DISK" in nvme*) + PARTITION_PREFIX="p" + esac + + ${pkgs.gum}/bin/gum confirm \ + "This will ERASE ALL DATA on the disk /dev/''${DISK}. Are you sure you want to continue?" \ + --default=false + + ${pkgs.parted}/bin/parted /dev/''${DISK} -- mklabel gpt + ${pkgs.parted}/bin/parted /dev/''${DISK} -- mkpart primary 512MiB 100% + ${pkgs.parted}/bin/parted /dev/''${DISK} -- mkpart ESP fat32 1MiB 512MiB + ${pkgs.parted}/bin/parted /dev/''${DISK} -- set 3 esp on + mkfs.ext4 -L nixos /dev/''${DISK}''${PARTITION_PREFIX}1 + mkfs.fat -F 32 -n boot /dev/''${DISK}''${PARTITION_PREFIX}2 + + mount /dev/disk/by-label/nixos /mnt + mkdir --parents /mnt/boot + mount /dev/disk/by-label/boot /mnt/boot + + ${pkgs.nixos-install-tools}/bin/nixos-install --flake github:nmasur/dotfiles#''${FLAKE} +'' diff --git a/pkgs/tools/misc/readme/package.nix b/pkgs/tools/misc/readme/package.nix new file mode 100644 index 0000000..75f36df --- /dev/null +++ b/pkgs/tools/misc/readme/package.nix @@ -0,0 +1,5 @@ +{ pkgs, ... }: + +pkgs.writeShellScriptBin "readme" '' + ${pkgs.glow}/bin/glow --pager ${builtins.toString ../../../../README.md} +'' diff --git a/pkgs/tools/misc/rebuild/package.nix b/pkgs/tools/misc/rebuild/package.nix new file mode 100644 index 0000000..bc9e729 --- /dev/null +++ b/pkgs/tools/misc/rebuild/package.nix @@ -0,0 +1,11 @@ +{ pkgs, ... }: + +pkgs.writeShellScriptBin "rebuild" '' + echo ${pkgs.system} + SYSTEM=${if pkgs.stdenv.isDarwin then "darwin" else "linux"} + if [ "$SYSTEM" == "darwin" ]; then + sudo darwin-rebuild switch --flake ${builtins.toString ../../../../.} + else + doas nixos-rebuild switch --flake ${builtins.toString ../../../../.} + fi +'' diff --git a/platforms/nixos/modules/nmasur/profiles/base.nix b/platforms/nixos/modules/nmasur/profiles/base.nix index 83bddcf..dbea6c0 100644 --- a/platforms/nixos/modules/nmasur/profiles/base.nix +++ b/platforms/nixos/modules/nmasur/profiles/base.nix @@ -18,18 +18,12 @@ in nmasur.presets = { vm.enable = lib.mkDefault true; - services = { - # Allow tunneling into the machine - cloudflared.enable = lib.mkDefault true; - openssh.enable = lib.mkDefault true; - }; programs = { doas.enable = lib.mkDefault true; }; }; -programs.fish.enable = lib.mkDefault config.home-manager.users.${username}.programs.fish.enable; - + programs.fish.enable = lib.mkDefault config.home-manager.users.${username}.programs.fish.enable; # Allows us to declaritively set password users.mutableUsers = lib.mkDefault false; @@ -75,5 +69,7 @@ programs.fish.enable = lib.mkDefault config.home-manager.users.${username}.progr allowUnfreePackages = config.home-manager.users.${username}.allowUnfreePackages; + wsl.enable = lib.mkDefault false; + }; } diff --git a/platforms/nixos/modules/nmasur/profiles/wsl.nix b/platforms/nixos/modules/nmasur/profiles/wsl.nix index b8f93cc..8c4716a 100644 --- a/platforms/nixos/modules/nmasur/profiles/wsl.nix +++ b/platforms/nixos/modules/nmasur/profiles/wsl.nix @@ -1,6 +1,7 @@ { config, lib, ... }: let + inherit (config.nmasur.settings) username; cfg = config.nmasur.profiles.wsl; in @@ -9,6 +10,16 @@ in config = lib.mkIf cfg.enable { + wsl = { + enable = true; + wslConf.automount.root = lib.mkDefault "/mnt"; + defaultUser = lib.mkDefault username; + startMenuLaunchers = lib.mkDefault true; + nativeSystemd = lib.mkDefault true; + wslConf.network.generateResolvConf = lib.mkDefault true; # Turn off if it breaks VPN + interop.includePath = lib.mkDefault false; # Including Windows PATH will slow down Neovim command mode + }; + # # Replace config directory with our repo, since it sources from config on # # every launch # system.activationScripts.configDir.text = ''