noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-07-06 22:30:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: noah:69dd348c9275710e9af03c10f5f0809207589cf0
Branches Tags
noah:master noah:platform noah:home-manager-fix noah:immich-proxy noah:microcode noah:nixd noah:eblume-mole noah:language-checks noah:keyd-2.4.3 noah:sway noah:nixosmodules noah:unfree-predicate-by-pkgs noah:darwin-ssl
noah:pre-platform noah:begin-nixos noah:begin-nix noah:neovim-lua noah:pre-nix noah:legacy
..
compare: noah:nixosmodules
Branches Tags
noah:master noah:platform noah:home-manager-fix noah:immich-proxy noah:microcode noah:nixd noah:eblume-mole noah:language-checks noah:keyd-2.4.3 noah:sway noah:nixosmodules noah:unfree-predicate-by-pkgs noah:darwin-ssl
noah:pre-platform noah:begin-nixos noah:begin-nix noah:neovim-lua noah:pre-nix noah:legacy

1 Commits
69dd348c92 ... nixosmodul

Author SHA1 Message Date
Noah Masur
b0b9827a2e try to configure using nixosModules 
doesn't seem like there's that much benefit?
 2023-07-10 17:56:15 -06:00
177 changed files with 1038 additions and 5715 deletions
Expand all files Collapse all files

20
.github/workflows/check.yml vendored
View File

@ -1,20 +0,0 @@
name: Check Build
on:
workflow_dispatch: # allows manual triggering
jobs:
check:
name: Check
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v3
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v4
- name: Check Nixpkgs Inputs
uses: DeterminateSystems/flake-checker-action@v5
- name: Add Nix Cache
uses: DeterminateSystems/magic-nix-cache-action@v2
- name: Check the Flake
run: nix flake check

63
.github/workflows/update.yml vendored
View File

@ -1,63 +0,0 @@
name: Update Flake
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: '33 3 * * 0' # runs weekly on Sunday at 03:33
permissions:
contents: write
pull-requests: write
checks: write
jobs:
lockfile:
name: Lockfile
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v3
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v4
- name: Check Nixpkgs Inputs
uses: DeterminateSystems/flake-checker-action@v5
- name: Add Nix Cache
uses: DeterminateSystems/magic-nix-cache-action@v2
- name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@v19
id: update
with:
pr-title: "Update flake.lock" # Title of PR to be created
pr-labels: | # Labels to be set on the PR
dependencies
automated
- name: Check the Flake
id: check
run: nix flake check
- name: Update Check Status
uses: LouisBrunner/checks-action@v1.6.1
if: always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
name: Update Flake
conclusion: ${{ job.status }}
output: |
{"summary":"${{ steps.check.outputs.stdout }}"}
- name: Enable Pull Request Automerge
if: success()
run: |
gh pr merge \
--rebase \
--auto \
${{ steps.update.outputs.pull-request-number }}
env:
GH_TOKEN: ${{ github.token }}
- name: Close Pull Request If Failed
if: failure()
run: |
gh pr close \
--comment "Auto-closing pull request" \
--delete-branch \
${{ steps.update.outputs.pull-request-number }}
env:
GH_TOKEN: ${{ github.token }}

24
README.md
View File

@ -41,30 +41,6 @@ configuration may be difficult to translate to a non-Nix system.
| --- | --- | --- |
| Keybinds | [Hammerspoon](https://www.hammerspoon.org/) | [Link](./modules/darwin/hammerspoon) |
# Diagram
![Diagram](https://github.com/nmasur/dotfiles/assets/7386960/ed3e7202-09c4-4a9c-9b14-0272c01647f6)
- [flake.nix](./flake.nix)
- [hosts](./hosts/)
- [modules](./modules/)
---
# Unique Configurations
This repo contains a few more elaborate elements of configuration.
- [Neovim config](./modules/common/neovim/default.nix) generated with Nix2Vim
and source-controlled plugins, differing based on installed LSPs, for example.
- [Caddy JSON](./modules/nixos/services/caddy.nix) file (routes, etc.) based
dynamically on enabled services rendered with Nix.
- [Grafana config](./modules/nixos/services/grafana.nix) rendered with Nix.
- Custom [secrets deployment](./modules/nixos/services/secrets.nix) similar to
agenix.
- Base16 [colorschemes](./colorscheme/) applied to multiple applications,
including Firefox userChrome.
---
# Installation

9
apps/README.md
View File

@ -1,9 +0,0 @@
# Apps
These are all my miscellaneous utilies and scripts to accompany this project.
They can be run with:
```
nix run github:nmasur/dotfiles#appname
```

2
apps/encrypt-secret.nix
View File

@ -11,7 +11,7 @@
tmpfile=$(mktemp)
echo "''${secret}" > ''${tmpfile}
${pkgs.age}/bin/age --encrypt --armor --recipients-file ${
builtins.toString ../misc/public-keys
builtins.toString ../public-keys
} $tmpfile
rm $tmpfile
'');

4
apps/installer.nix
View File

@ -17,8 +17,8 @@
--foreground "#fb4934" \
"Missing required parameter." \
"Usage: installer -- <disk> <host>" \
"Example: installer -- nvme0n1 tempest" \
"Flake example: nix run github:nmasur/dotfiles#installer -- nvme0n1 tempest"
"Example: installer -- nvme0n1 desktop" \
"Flake example: nix run github:nmasur/dotfiles#installer -- nvme0n1 desktop"
echo "(exiting)"
exit 1
fi

1
apps/loadkey.nix
View File

@ -5,7 +5,6 @@
program = builtins.toString (pkgs.writeShellScript "loadkey" ''
printf "\nEnter the seed phrase for your SSH key...\n"
printf "\nThen press ^D when complete.\n\n"
mkdir -p ~/.ssh/
${pkgs.melt}/bin/melt restore ~/.ssh/id_ed25519
printf "\n\nContinuing activation.\n\n"
'');

2
apps/reencrypt-secrets.nix
View File

@ -17,7 +17,7 @@
--identity ~/.ssh/id_ed25519 $encryptedfile > $tmpfile
echo "Encrypting ''${encryptedfile}..."
${pkgs.age}/bin/age --encrypt --armor --recipients-file ${
builtins.toString ../misc/public-keys
builtins.toString ../public-keys
} $tmpfile > $encryptedfile
rm $tmpfile
done

5
colorscheme/README.md
View File

@ -1,5 +0,0 @@
# Colorschemes
Color information for different themes is found here. The colors are sourced
and used with [base16](https://github.com/chriskempson/base16) format
consistently across the system.

5
disks/README.md
View File

@ -1,5 +0,0 @@
# Disks
These are my [disko](https://github.com/nix-community/disko) configurations,
which allow me to save desired disk formatting layouts as a declarative file so
I don't have to remember how to format my disks later on.

4
docs/README.md
View File

@ -1,4 +0,0 @@
# Documentation
Reference documents for some of the more complicated services and maintenance
tasks.

17
docs/installation.md
View File

@ -49,24 +49,19 @@ move the `windows/alacritty.yml` file to
To get started on a bare macOS installation, first install Nix:
```bash
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
sh -c "$(curl -L https://nixos.org/nix/install)"
```
Launch a new shell. Then use Nix to switch to the macOS configuration:
Then use Nix to build nix-darwin:
```bash
sudo rm /etc/bashrc
sudo rm /etc/nix/nix.conf
nix \
--extra-experimental-features flakes \
--extra-experimental-features nix-command \
run nix-darwin -- switch \
--flake github:nmasur/dotfiles#lookingglass
nix-build https://github.com/LnL7/nix-darwin/archive/master.tar.gz -A installer
./result/bin/darwin-installer
```
Once installed, you can continue to update the macOS configuration:
Then switch to the macOS configuration:
```bash
darwin-rebuild switch --flake ~/dev/personal/dotfiles
darwin-rebuild switch --flake github:nmasur/dotfiles#lookingglass
```

65
docs/repair-nextcloud.md
View File

@ -1,65 +0,0 @@
# Repairing Nextcloud
You can run the maintenance commands like this:
```
sudo -u nextcloud nextcloud-occ maintenance:mode --on
sudo -u nextcloud nextcloud-occ maintenance:repair
sudo -u nextcloud nextcloud-occ maintenance:mode --off
```
## Rescan Files
```
sudo -u nextcloud nextcloud-occ files:scan --all
```
## Converting from SQLite to MySQL (mariadb)
First: keep Nextcloud set to SQLite as its dbtype, and separately launch MySQL
as a service by copying the configuration found
[here](https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/services/web-apps/nextcloud.nix).
No password is necessary, since the user-based auth works with UNIX sockets.
You can connect to the MySQL instance like this:
```
sudo -u nextcloud mysql -S /run/mysqld/mysqld.sock
```
Create a blank database for Nextcloud:
```sql
create database nextcloud;
```
Now setup the [conversion](https://docs.nextcloud.com/server/17/admin_manual/configuration_database/db_conversion.html):
```
sudo -u nextcloud nextcloud-occ db:convert-type mysql nextcloud localhost nextcloud
```
Ignore the password prompt. Proceed with the conversion.
Now `config.php` will be updated but the override config from NixOS will not
be. Now update your NixOS configuration:
- Remove the `mysql` service you created.
- Set `dbtype` to `mysql`.
- Set `database.createLocally` to `true`.
Rebuild your configuration.
Now, make sure to enable [4-byte
support](https://docs.nextcloud.com/server/latest/admin_manual/configuration_database/mysql_4byte_support.html)
in the database.
## Backing Up MySQL Database
Use this mysqldump command:
```
sudo -u nextcloud mysqldump -S /run/mysqld/mysqld.sock --default-character-set=utf8mb4 nextcloud > backup.sql
```

43
docs/restore-nextcloud.md Normal file
View File

@ -0,0 +1,43 @@
# Restoring Nextcloud From Backup
Install the `litestream` package.
```
nix-shell --run fish -p litestream
```
Set the S3 credentials:
```
set -x AWS_ACCESS_KEY_ID (read)
set -x AWS_SECRET_ACCESS_KEY (read)
```
Restore from S3:
```
litestream restore -o nextcloud.db s3://noahmasur-backup.s3.us-west-002.backblazeb2.com/nextcloud
```
Install Nextcloud. Then copy DB:
```
sudo rm /data/nextcloud/data/nextcloud.db*
sudo mv nextcloud.db /data/nextcloud/data/
sudo chown nextcloud:nextcloud /data/nextcloud/data/nextcloud.db
sudo chmod 770 /data/nextcloud/data/nextcloud.db
```
Restart Nextcloud:
```
sudo systemctl restart phpfpm-nextcloud.service
```
Adjust Permissions and Directories:
```
sudo mkdir /data/nextcloud/data/noah/files
sudo chown nextcloud:nextcloud /data/nextcloud/data/noah/files
```

45
docs/zfs.md
View File

@ -1,45 +0,0 @@
# ZFS
Swan runs its root on ext4. The ZFS drives are managed imperatively (this
[disko configuration](../disks/zfs.nix) is an unused work-in-progress).
The basic ZFS settings are managed [here](../modules/nixos/hardware/zfs.nix).
## Creating a New Dataset
```
sudo zfs create tank/mydataset
sudo zfs set compression=zstd tank/myzstddataset
sudo zfs set mountpoint=/data/mydataset tank/mydataset
```
## Maintenance
### Get Status
```
sudo zpool status
```
### Replace Disk
```
sudo zdb
sudo zpool status -g # Show by GUID
sudo zpool offline tank <GUID>
sudo zpool status
# Remove old disk, insert new disk
sudo zdb
sudo zpool replace tank <OLD GUID> /dev/disk/by-id/<NEW PATH>
sudo zpool status
```
## Initial Setup
```
sudo zpool create tank raidz1 sda sdb sdc
sudo zpool set ashift=12 tank
sudo zpool set autoexpand=on tank
sudo zpool set compression=on tank
```

466
flake.lock generated
View File

@ -17,80 +17,31 @@
"type": "github"
}
},
"age": {
"flake": false,
"locked": {
"lastModified": 1672087018,
"narHash": "sha256-LRxxJQLQkzoCNYGS/XBixVmYXoZ1mPHKvFicPGXYLcw=",
"owner": "FiloSottile",
"repo": "age",
"rev": "c6dcfa1efcaa27879762a934d5bea0d1b83a894c",
"type": "github"
},
"original": {
"owner": "FiloSottile",
"ref": "v1.1.1",
"repo": "age",
"type": "github"
}
},
"baleia-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1704551058,
"narHash": "sha256-0NmiGzMFvL1awYOVtiaSd+O4sAR524x68xwWLgArlqs=",
"owner": "m00qek",
"repo": "baleia.nvim",
"rev": "6d9cbdaca3a428bc7296f838fdfce3ad01ee7495",
"type": "github"
},
"original": {
"owner": "m00qek",
"repo": "baleia.nvim",
"type": "github"
}
},
"bufferline-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1695205521,
"narHash": "sha256-MQMpXMgUpZA0E9TunzjXeOQxDWSCTogXbvi9VJnv4Kw=",
"lastModified": 1687763763,
"narHash": "sha256-wbOeylzjjScQXkrDbBU2HtrOZrp2YUK+wQ2aOkgxmRQ=",
"owner": "akinsho",
"repo": "bufferline.nvim",
"rev": "6ecd37e0fa8b156099daedd2191130e083fb1490",
"rev": "bf2f6b7edd0abf6b0732f5e5c0a8f30e51611c75",
"type": "github"
},
"original": {
"owner": "akinsho",
"ref": "v4.4.0",
"ref": "v4.2.0",
"repo": "bufferline.nvim",
"type": "github"
}
},
"bypass-paywalls-clean": {
"flake": false,
"locked": {
"lastModified": 1705573187,
"narHash": "sha256-eDjesK2DON3pG9faUSTNPG1xWieV8LG75Rf+crGk3Lk=",
"owner": "magnolia1234",
"repo": "bpc-uploads",
"rev": "55af5ff1f6a7f8ea7fc57253029c07de8f481c62",
"type": "gitlab"
},
"original": {
"owner": "magnolia1234",
"repo": "bpc-uploads",
"type": "gitlab"
}
},
"cmp-nvim-lsp-src": {
"flake": false,
"locked": {
"lastModified": 1702205473,
"narHash": "sha256-/0sh9vJBD9pUuD7q3tNSQ1YLvxFMNykdg5eG+LjZAA8=",
"lastModified": 1687494203,
"narHash": "sha256-mU0soCz79erJXMMqD/FyrJZ0mu2n6fE0deymPzQlxts=",
"owner": "hrsh7th",
"repo": "cmp-nvim-lsp",
"rev": "5af77f54de1b16c34b23cba810150689a3a90312",
"rev": "44b16d11215dce86f253ce0c30949813c0a90765",
"type": "github"
},
"original": {
@ -106,11 +57,11 @@
]
},
"locked": {
"lastModified": 1705796049,
"narHash": "sha256-zkqbujNu3ixEar79QJTpJeOG5MYse1uJdcjl9f96uBg=",
"lastModified": 1687517837,
"narHash": "sha256-Ea+JTy6NSf+wWIFrgC8gnOnyt01xwmtDEn2KecvaBkg=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "3ac7acd32db4f7111015e8d5349ff6067df01bf6",
"rev": "6460468e7a3e1290f132fee4170ebeaa127f6f32",
"type": "github"
},
"original": {
@ -127,11 +78,11 @@
]
},
"locked": {
"lastModified": 1705540973,
"narHash": "sha256-kNt/qAEy7ueV7NKbVc8YMHWiQAAgrir02MROYNI8fV0=",
"lastModified": 1687598357,
"narHash": "sha256-70ciIe8415oQnQypawaqocEaLJcI1XtkqRNmle8vsrg=",
"owner": "nix-community",
"repo": "disko",
"rev": "0033adc6e3f1ed076f3ed1c637ef1dfe6bef6733",
"rev": "1e7098ee0448dc5d33df394d040f454cd42a809c",
"type": "github"
},
"original": {
@ -140,23 +91,6 @@
"type": "github"
}
},
"fidget-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1702031048,
"narHash": "sha256-wbjQuOFd/2339TIrUA97PYsV8N3PZsS+xbyMsyZmki8=",
"owner": "j-hui",
"repo": "fidget.nvim",
"rev": "300018af4abd00610a345e382ca1f4b7ba420f77",
"type": "github"
},
"original": {
"owner": "j-hui",
"ref": "v1.1.0",
"repo": "fidget.nvim",
"type": "github"
}
},
"firefox-darwin": {
"inputs": {
"nixpkgs": [
@ -164,11 +98,11 @@
]
},
"locked": {
"lastModified": 1705798126,
"narHash": "sha256-h+alhyRhMYDZmGk7pYDRdOF71Aa7NWG7Q5wcF6Ycf3I=",
"lastModified": 1688605308,
"narHash": "sha256-B9suu7dcdX4a18loO5ul237gqIJ5/+TRuheLj8fJjwM=",
"owner": "bandithedoge",
"repo": "nixpkgs-firefox-darwin",
"rev": "51cc53fd6e6a1625a00565f110edc09f9ea7cfd9",
"rev": "78d28acf685e19d353b2ecb6c38eeb3fc624fc68",
"type": "github"
},
"original": {
@ -180,11 +114,11 @@
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
@ -194,15 +128,12 @@
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1687709756,
"narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=",
"lastModified": 1678901627,
"narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7",
"rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6",
"type": "github"
},
"original": {
@ -213,7 +144,7 @@
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
"systems": "systems"
},
"locked": {
"lastModified": 1685518550,
@ -231,14 +162,14 @@
},
"flake-utils_3": {
"inputs": {
"systems": "systems_3"
"systems": "systems_2"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"lastModified": 1685518550,
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
"type": "github"
},
"original": {
@ -247,22 +178,6 @@
"type": "github"
}
},
"hmts-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1693226725,
"narHash": "sha256-jUuztOqNBltC3axa7s3CPJz9Cmukfwkf846+Z/gAxCU=",
"owner": "calops",
"repo": "hmts.nvim",
"rev": "14fd941d7ec2bb98314a1aacaa2573d97f1629ab",
"type": "github"
},
"original": {
"owner": "calops",
"repo": "hmts.nvim",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -270,11 +185,11 @@
]
},
"locked": {
"lastModified": 1705794055,
"narHash": "sha256-mv/KrxEAZNhpPJcDqdQ709If9p2DTEYIDPo2r9xchlg=",
"lastModified": 1687627695,
"narHash": "sha256-6Pu7nWb52PRtUmihwuDNShDmsZiXgtXR0OARtH4DSik=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "9b378afae72cb07471e19aefc30e8e05ef2d7a61",
"rev": "172d46d4b2677b32277d903bdf4cff77c2cc6477",
"type": "github"
},
"original": {
@ -284,58 +199,6 @@
"type": "github"
}
},
"nextcloud-cookbook": {
"flake": false,
"locked": {
"lastModified": 1702545935,
"narHash": "sha256-19LN1nYJJ0RMWj6DrYPvHzocTyhMfYdpdhBFch3fpHE=",
"type": "tarball",
"url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.0/cookbook-0.11.0.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.0/cookbook-0.11.0.tar.gz"
}
},
"nextcloud-external": {
"flake": false,
"locked": {
"lastModified": 1699624334,
"narHash": "sha256-RCL2RP5twRDLxI/KfAX6QLYQOzqZmSWsfrC5ZQIwTD4=",
"type": "tarball",
"url": "https://github.com/nextcloud-releases/external/releases/download/v5.3.1/external-v5.3.1.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/nextcloud-releases/external/releases/download/v5.3.1/external-v5.3.1.tar.gz"
}
},
"nextcloud-news": {
"flake": false,
"locked": {
"lastModified": 1703426420,
"narHash": "sha256-AENBJH/bEob5JQvw4WEi864mdLYJ5Mqe78HJH6ceCpI=",
"type": "tarball",
"url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha3/news.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha3/news.tar.gz"
}
},
"nextcloud-snappymail": {
"flake": false,
"locked": {
"lastModified": 1705808478,
"narHash": "sha256-UeZXoZFEPJj7zEVNTXJ3IYNt/wI7VFq3Pjh1ubMHCBo=",
"type": "tarball",
"url": "https://snappymail.eu/repository/nextcloud/snappymail-2.32.0-nextcloud.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://snappymail.eu/repository/nextcloud/snappymail-2.32.0-nextcloud.tar.gz"
}
},
"nil": {
"inputs": {
"flake-utils": "flake-utils",
@ -345,16 +208,16 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1691372739,
"narHash": "sha256-fZ8KfBMcIFO/R7xaWtB85SFeuUjb9SCH8fxYBnY8068=",
"lastModified": 1680544266,
"narHash": "sha256-d/TusDXmIo8IT5DNRA21lN+nOVSER8atIx9TJteR6LQ=",
"owner": "oxalica",
"repo": "nil",
"rev": "97abe7d3d48721d4e0fcc1876eea83bb4247825b",
"rev": "56a1fa87b98a9508920f4b0ab8fe36d5b54b2362",
"type": "github"
},
"original": {
"owner": "oxalica",
"ref": "2023-08-09",
"ref": "2023-04-03",
"repo": "nil",
"type": "github"
}
@ -382,11 +245,11 @@
},
"nixlib": {
"locked": {
"lastModified": 1693701915,
"narHash": "sha256-waHPLdDYUOHSEtMKKabcKIMhlUOHPOOPQ9UyFeEoovs=",
"lastModified": 1687049841,
"narHash": "sha256-FBNZQfWtA7bb/rwk92mfiWc85x4hXta2OAouDqO5W8w=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "f5af57d3ef9947a70ac86e42695231ac1ad00c25",
"rev": "908af6d1fa3643c5818ea45aa92b21d6385fbbe5",
"type": "github"
},
"original": {
@ -403,11 +266,11 @@
]
},
"locked": {
"lastModified": 1705400161,
"narHash": "sha256-0MFaNIwwpVWB1N9m7cfHAM2pSVtYESQ7tlHxnDTOhM4=",
"lastModified": 1687398392,
"narHash": "sha256-T6kc3NMTpGJk1/dve8PGupeVcxboEb78xtTKhe3LL/A=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "521fb4cdd8a2e1a00d1adf0fea7135d1faf04234",
"rev": "649171f56a45af13ba693c156207eafbbbf7edfe",
"type": "github"
},
"original": {
@ -418,11 +281,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1705677747,
"narHash": "sha256-eyM3okYtMgYDgmYukoUzrmuoY4xl4FUujnsv/P6I/zI=",
"lastModified": 1687502512,
"narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "bbe7d8f876fbbe7c959c90ba2ae2852220573261",
"rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f",
"type": "github"
},
"original": {
@ -432,14 +295,30 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1686929285,
"narHash": "sha256-WGtVzn+vGMPTXDO0DMNKVFtf+zUSqeW+KKk4Y/Ae99I=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "93fddcf640ceca0be331210ba3101cee9d91c13d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"null-ls-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1691810493,
"narHash": "sha256-cWA0rzkOp/ekVKaFee7iea1lhnqKtWUIU+fW5M950wI=",
"lastModified": 1686871437,
"narHash": "sha256-MxIZqyRW8jStiDNXt7Bsw8peDLKpqxKEaUuIJsXkGMI=",
"owner": "jose-elias-alvarez",
"repo": "null-ls.nvim",
"rev": "0010ea927ab7c09ef0ce9bf28c2b573fc302f5a7",
"rev": "bbaf5a96913aa92281f154b08732be2f57021c45",
"type": "github"
},
"original": {
@ -450,11 +329,11 @@
},
"nur": {
"locked": {
"lastModified": 1705801736,
"narHash": "sha256-t+merRH3MW8ASSIf968SIJJxiRnhomFGapP/X4usTyc=",
"lastModified": 1687625402,
"narHash": "sha256-V+vSWypmm/tGbwNXGhqzmiV7vTjV2gNCEh9N7OhNnyA=",
"owner": "nix-community",
"repo": "nur",
"rev": "ff6497ef576a1d88ef7ecb7e40e3a7cd9a410b2b",
"rev": "aeaf37c7538965e45700d39e6b5dc9c9a0e0749c",
"type": "github"
},
"original": {
@ -483,11 +362,11 @@
"nvim-tree-lua-src": {
"flake": false,
"locked": {
"lastModified": 1705793548,
"narHash": "sha256-/q/tfkHKnC2lYXhN0VLUXjaWzFt+c2n+8+aAP08CmI4=",
"lastModified": 1687132855,
"narHash": "sha256-ZRUoCDBv8rO8ZUBUMLgo33EBbqD9+ZOSET9rkFsA++E=",
"owner": "kyazdani42",
"repo": "nvim-tree.lua",
"rev": "74525ac04760bf0d9fec2bf51474d2b05f36048e",
"rev": "c3c6544ee00333b0f1d6a13735d0dd302dba4f70",
"type": "github"
},
"original": {
@ -499,51 +378,29 @@
"nvim-treesitter-src": {
"flake": false,
"locked": {
"lastModified": 1705769570,
"narHash": "sha256-KosjU476A7zzbhxSu7MEXvVfSZZrTwTO6GD5FJOnm0c=",
"lastModified": 1681121236,
"narHash": "sha256-iPsPDLhVKJ14iP1/2cCgcY9SCKK/DQz9Y0mQB1DqNiM=",
"owner": "nvim-treesitter",
"repo": "nvim-treesitter",
"rev": "5cc562748729b6dc9563ea5a3d676ff102ab38b1",
"rev": "cc360a9beb1b30d172438f640e2c3450358c4086",
"type": "github"
},
"original": {
"owner": "nvim-treesitter",
"ref": "master",
"ref": "v0.9.0",
"repo": "nvim-treesitter",
"type": "github"
}
},
"proton-ge": {
"flake": false,
"locked": {
"lastModified": 1700610476,
"narHash": "sha256-IoClZ6hl2lsz9OGfFgnz7vEAGlSY2+1K2lDEEsJQOfU=",
"type": "tarball",
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-25/GE-Proton8-25.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-25/GE-Proton8-25.tar.gz"
}
},
"root": {
"inputs": {
"Comment-nvim-src": "Comment-nvim-src",
"age": "age",
"baleia-nvim-src": "baleia-nvim-src",
"bufferline-nvim-src": "bufferline-nvim-src",
"bypass-paywalls-clean": "bypass-paywalls-clean",
"cmp-nvim-lsp-src": "cmp-nvim-lsp-src",
"darwin": "darwin",
"disko": "disko",
"fidget-nvim-src": "fidget-nvim-src",
"firefox-darwin": "firefox-darwin",
"hmts-nvim-src": "hmts-nvim-src",
"home-manager": "home-manager",
"nextcloud-cookbook": "nextcloud-cookbook",
"nextcloud-external": "nextcloud-external",
"nextcloud-news": "nextcloud-news",
"nextcloud-snappymail": "nextcloud-snappymail",
"nil": "nil",
"nix2vim": "nix2vim",
"nixos-generators": "nixos-generators",
@ -553,19 +410,12 @@
"nvim-lspconfig-src": "nvim-lspconfig-src",
"nvim-tree-lua-src": "nvim-tree-lua-src",
"nvim-treesitter-src": "nvim-treesitter-src",
"proton-ge": "proton-ge",
"telescope-nvim-src": "telescope-nvim-src",
"telescope-project-nvim-src": "telescope-project-nvim-src",
"toggleterm-nvim-src": "toggleterm-nvim-src",
"tree-sitter-bash": "tree-sitter-bash",
"tree-sitter-ini": "tree-sitter-ini",
"tree-sitter-lua": "tree-sitter-lua",
"tree-sitter-puppet": "tree-sitter-puppet",
"tree-sitter-python": "tree-sitter-python",
"tree-sitter-rasi": "tree-sitter-rasi",
"vscode-terraform-snippets": "vscode-terraform-snippets",
"wallpapers": "wallpapers",
"wsl": "wsl",
"zenyd-mpv-scripts": "zenyd-mpv-scripts"
"wsl": "wsl"
}
},
"rust-overlay": {
@ -580,11 +430,11 @@
]
},
"locked": {
"lastModified": 1688783586,
"narHash": "sha256-HHaM2hk2azslv1kH8zmQxXo2e7i5cKgzNIuK4yftzB0=",
"lastModified": 1680488274,
"narHash": "sha256-0vYMrZDdokVmPQQXtFpnqA2wEgCCUXf5a3dDuDVshn0=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "7a29283cc242c2486fc67f60b431ef708046d176",
"rev": "7ec2ff598a172c6e8584457167575b3a1a5d80d8",
"type": "github"
},
"original": {
@ -623,34 +473,19 @@
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"telescope-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1697004956,
"narHash": "sha256-7SqYFnfCjotOBhuX6Wx1IOhgMKoxaoI1a4SKz1d5RVM=",
"lastModified": 1686302912,
"narHash": "sha256-fV3LLRwAPykVGc4ImOnUSP+WTrPp9Ad9OTfBJ6wqTMk=",
"owner": "nvim-telescope",
"repo": "telescope.nvim",
"rev": "7011eaae0ac1afe036e30c95cf80200b8dc3f21a",
"rev": "776b509f80dd49d8205b9b0d94485568236d1192",
"type": "github"
},
"original": {
"owner": "nvim-telescope",
"ref": "0.1.4",
"ref": "0.1.2",
"repo": "telescope.nvim",
"type": "github"
}
@ -658,11 +493,11 @@
"telescope-project-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1701464478,
"narHash": "sha256-touMCltcnqkrQYV1NtNeWLQeFVGt+WM3aIWIdKilA7w=",
"lastModified": 1682606566,
"narHash": "sha256-H6lrPjpOUVleKHB0ziI+6dthg9ymitHhEWtcgYJTrKo=",
"owner": "nvim-telescope",
"repo": "telescope-project.nvim",
"rev": "1aaf16580a614601a7f7077d9639aeb457dc5559",
"rev": "7c64b181dd4e72deddcf6f319e3bf1e95b2a2f30",
"type": "github"
},
"original": {
@ -674,116 +509,33 @@
"toggleterm-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1695636777,
"narHash": "sha256-o8xzoo7OuYrPnKlfrupQ24Ja9hZy1qQVnvwO0FO+4zM=",
"lastModified": 1685434104,
"narHash": "sha256-oiCnBrvft6XxiQtQH8E4F842xhh348SaTpHzaeb+iDY=",
"owner": "akinsho",
"repo": "toggleterm.nvim",
"rev": "faee9d60428afc7857e0927fdc18daa6c409fa64",
"rev": "95204ece0f2a54c89c4395295432f9aeedca7b5f",
"type": "github"
},
"original": {
"owner": "akinsho",
"ref": "v2.8.0",
"ref": "v2.7.0",
"repo": "toggleterm.nvim",
"type": "github"
}
},
"tree-sitter-bash": {
"vscode-terraform-snippets": {
"flake": false,
"locked": {
"lastModified": 1705686017,
"narHash": "sha256-+Mpks0FyQLl26TX63J6WhaAl/QDUR1k9wSUY5SFwL+w=",
"owner": "tree-sitter",
"repo": "tree-sitter-bash",
"rev": "f7239f638d3dc16762563a9027faeee518ce1bd9",
"lastModified": 1614849738,
"narHash": "sha256-v392tyzXV+zyBNt5OCB2NBCK7JcByrTa5Ne/nFtSCJI=",
"owner": "run-at-scale",
"repo": "vscode-terraform-doc-snippets",
"rev": "6ab3e44b566e660f38922cf908e6e547eaa5d4b4",
"type": "github"
},
"original": {
"owner": "tree-sitter",
"ref": "master",
"repo": "tree-sitter-bash",
"type": "github"
}
},
"tree-sitter-ini": {
"flake": false,
"locked": {
"lastModified": 1699877527,
"narHash": "sha256-dYPeVTNWO4apY5dsjsKViavU7YtLeGTp6BzEemXhsEU=",
"owner": "justinmk",
"repo": "tree-sitter-ini",
"rev": "bcb84a2d4bcd6f55b911c42deade75c8f90cb0c5",
"type": "github"
},
"original": {
"owner": "justinmk",
"repo": "tree-sitter-ini",
"type": "github"
}
},
"tree-sitter-lua": {
"flake": false,
"locked": {
"lastModified": 1694072484,
"narHash": "sha256-5t5w8KqbefInNbA12/jpNzmky/uOUhsLjKdEqpl1GEc=",
"owner": "MunifTanjim",
"repo": "tree-sitter-lua",
"rev": "9668709211b2e683f27f414454a8b51bf0a6bda1",
"type": "github"
},
"original": {
"owner": "MunifTanjim",
"ref": "main",
"repo": "tree-sitter-lua",
"type": "github"
}
},
"tree-sitter-puppet": {
"flake": false,
"locked": {
"lastModified": 1690231696,
"narHash": "sha256-YEjjy9WLwITERYqoeSVrRYnwVBIAwdc4o0lvAK9wizw=",
"owner": "amaanq",
"repo": "tree-sitter-puppet",
"rev": "9ce9a5f7d64528572aaa8d59459ba869e634086b",
"type": "github"
},
"original": {
"owner": "amaanq",
"repo": "tree-sitter-puppet",
"type": "github"
}
},
"tree-sitter-python": {
"flake": false,
"locked": {
"lastModified": 1700218345,
"narHash": "sha256-hXNxa895SyNOG7PH2vAIkWbcMjZDjWYDsCafBZuvnT0=",
"owner": "tree-sitter",
"repo": "tree-sitter-python",
"rev": "4bfdd9033a2225cc95032ce77066b7aeca9e2efc",
"type": "github"
},
"original": {
"owner": "tree-sitter",
"ref": "master",
"repo": "tree-sitter-python",
"type": "github"
}
},
"tree-sitter-rasi": {
"flake": false,
"locked": {
"lastModified": 1678701563,
"narHash": "sha256-2nYZoLcrxxxiOJEySwHUm93lzMg8mU+V7LIP63ntFdA=",
"owner": "Fymyte",
"repo": "tree-sitter-rasi",
"rev": "371dac6bcce0df5566c1cfebde69d90ecbeefd2d",
"type": "github"
},
"original": {
"owner": "Fymyte",
"repo": "tree-sitter-rasi",
"owner": "run-at-scale",
"repo": "vscode-terraform-doc-snippets",
"type": "github"
}
},
@ -807,16 +559,14 @@
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs"
]
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1705359964,
"narHash": "sha256-ys1MDjIH6z5UP7gAciRfUAlf2FJV0t3yFib965N/S+I=",
"lastModified": 1687279045,
"narHash": "sha256-LR0dsXd/A07M61jclyBUW0wRojEQteWReKM35zoJXp0=",
"owner": "nix-community",
"repo": "NixOS-WSL",
"rev": "bb3eeeb96ce059ae29309138874ccf58e796f4b1",
"rev": "a8486b5d191f11d571f15d80b6e265d1712d01cf",
"type": "github"
},
"original": {
@ -824,22 +574,6 @@
"repo": "NixOS-WSL",
"type": "github"
}
},
"zenyd-mpv-scripts": {
"flake": false,
"locked": {
"lastModified": 1705694835,
"narHash": "sha256-t5BV8+azCvGZG0hfx5nft013sZugrge3AC4VbUcRNOg=",
"owner": "zenyd",
"repo": "mpv-scripts",
"rev": "3ad7502fe2d6575b395db5568afdf830872c85d0",
"type": "github"
},
"original": {
"owner": "zenyd",
"repo": "mpv-scripts",
"type": "github"
}
}
},
"root": "root",

191
flake.nix
View File

@ -9,15 +9,12 @@
# Used for MacOS system config
darwin = {
url = "github:lnl7/nix-darwin/master";
url = "github:/lnl7/nix-darwin/master";
inputs.nixpkgs.follows = "nixpkgs";
};
# Used for Windows Subsystem for Linux compatibility
wsl = {
url = "github:nix-community/NixOS-WSL";
inputs.nixpkgs.follows = "nixpkgs";
};
wsl.url = "github:nix-community/NixOS-WSL";
# Used for user packages and dotfiles
home-manager = {
@ -61,13 +58,12 @@
# Nix language server
nil = {
url = "github:oxalica/nil/2023-08-09";
url = "github:oxalica/nil/2023-04-03";
inputs.nixpkgs.follows = "nixpkgs";
};
# Neovim plugins
nvim-lspconfig-src = {
# https://github.com/neovim/nvim-lspconfig/tags
url = "github:neovim/nvim-lspconfig/v0.1.6";
flake = false;
};
@ -79,22 +75,16 @@
url = "github:jose-elias-alvarez/null-ls.nvim";
flake = false;
};
baleia-nvim-src = {
# https://github.com/m00qek/baleia.nvim/tags
url = "github:m00qek/baleia.nvim";
flake = false;
};
Comment-nvim-src = {
url = "github:numToStr/Comment.nvim/v0.8.0";
flake = false;
};
nvim-treesitter-src = {
# https://github.com/nvim-treesitter/nvim-treesitter/tags
url = "github:nvim-treesitter/nvim-treesitter/master";
url = "github:nvim-treesitter/nvim-treesitter/v0.9.0";
flake = false;
};
telescope-nvim-src = {
url = "github:nvim-telescope/telescope.nvim/0.1.4";
url = "github:nvim-telescope/telescope.nvim/0.1.2";
flake = false;
};
telescope-project-nvim-src = {
@ -102,113 +92,38 @@
flake = false;
};
toggleterm-nvim-src = {
url = "github:akinsho/toggleterm.nvim/v2.8.0";
url = "github:akinsho/toggleterm.nvim/v2.7.0";
flake = false;
};
bufferline-nvim-src = {
url = "github:akinsho/bufferline.nvim/v4.4.0";
url = "github:akinsho/bufferline.nvim/v4.2.0";
flake = false;
};
nvim-tree-lua-src = {
url = "github:kyazdani42/nvim-tree.lua";
flake = false;
};
hmts-nvim-src = {
url = "github:calops/hmts.nvim";
flake = false;
};
fidget-nvim-src = {
# https://github.com/j-hui/fidget.nvim/tags
url = "github:j-hui/fidget.nvim/v1.1.0";
flake = false;
};
# Tree-Sitter Grammars
tree-sitter-bash = {
url = "github:tree-sitter/tree-sitter-bash/master";
flake = false;
};
tree-sitter-python = {
url = "github:tree-sitter/tree-sitter-python/master";
flake = false;
};
tree-sitter-lua = {
url = "github:MunifTanjim/tree-sitter-lua/main";
flake = false;
};
tree-sitter-ini = {
url = "github:justinmk/tree-sitter-ini";
flake = false;
};
tree-sitter-puppet = {
url = "github:amaanq/tree-sitter-puppet";
flake = false;
};
tree-sitter-rasi = {
url = "github:Fymyte/tree-sitter-rasi";
flake = false;
};
# MPV Scripts
zenyd-mpv-scripts = {
url = "github:zenyd/mpv-scripts";
flake = false;
};
# Age encryption (pin because of failed builds)
age = {
url = "github:FiloSottile/age/v1.1.1";
flake = false;
};
# GE version of Proton for game compatibility
# Alternatively, could consider using https://github.com/fufexan/nix-gaming
proton-ge = {
# https://github.com/GloriousEggroll/proton-ge-custom/releases
url =
"https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-25/GE-Proton8-25.tar.gz";
flake = false;
};
# Firefox addon from outside the extension store
bypass-paywalls-clean = {
# https://gitlab.com/magnolia1234/bpc-uploads/-/commits/master/?ref_type=HEADS
url = "gitlab:magnolia1234/bpc-uploads";
flake = false;
};
# Nextcloud Apps
nextcloud-news = {
# https://github.com/nextcloud/news/releases
url =
"https://github.com/nextcloud/news/releases/download/25.0.0-alpha3/news.tar.gz";
flake = false;
};
nextcloud-external = {
# https://github.com/nextcloud-releases/external/releases
url =
"https://github.com/nextcloud-releases/external/releases/download/v5.3.1/external-v5.3.1.tar.gz";
flake = false;
};
nextcloud-cookbook = {
# https://github.com/christianlupus-nextcloud/cookbook-releases/releases/
url =
"https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.0/cookbook-0.11.0.tar.gz";
flake = false;
};
nextcloud-snappymail = {
# https://github.com/the-djmaze/snappymail/releases
url =
"https://snappymail.eu/repository/nextcloud/snappymail-2.32.0-nextcloud.tar.gz";
vscode-terraform-snippets = {
url = "github:run-at-scale/vscode-terraform-doc-snippets";
flake = false;
};
};
outputs = { nixpkgs, ... }@inputs:
outputs = { self, nixpkgs, ... }@inputs:
let
# Common overlays to always use
overlays = [
inputs.nur.overlay
inputs.nix2vim.overlay
(import ./overlays/neovim-plugins.nix inputs)
(import ./overlays/calibre-web.nix)
(import ./overlays/disko.nix inputs)
(import ./overlays/tree-sitter.nix inputs)
];
# Global configuration for my systems
globals = let baseName = "masu.rs";
in rec {
@ -219,13 +134,12 @@
mail.server = "noahmasur.com";
mail.imapHost = "imap.purelymail.com";
mail.smtpHost = "smtp.purelymail.com";
dotfilesRepo = "https://github.com/nmasur/dotfiles";
dotfilesRepo = "git@github.com:nmasur/dotfiles";
nixpkgs.overlays = overlays;
hostnames = {
git = "git.${baseName}";
influxdb = "influxdb.${baseName}";
metrics = "metrics.${baseName}";
prometheus = "prom.${baseName}";
paperless = "paper.${baseName}";
secrets = "vault.${baseName}";
stream = "stream.${baseName}";
content = "cloud.${baseName}";
@ -234,25 +148,6 @@
};
};
# Common overlays to always use
overlays = [
inputs.nur.overlay
inputs.nix2vim.overlay
(import ./overlays/neovim-plugins.nix inputs)
(import ./overlays/calibre-web.nix)
(import ./overlays/disko.nix inputs)
(import ./overlays/tree-sitter.nix inputs)
(import ./overlays/caddy.nix inputs)
(import ./overlays/mpv-scripts.nix inputs)
(import ./overlays/nextcloud-apps.nix inputs)
(import ./overlays/betterlockscreen.nix)
(import ./overlays/age.nix inputs)
(import ./overlays/proton-ge.nix inputs)
(import ./overlays/gh-collaborators.nix)
(import ./overlays/bypass-paywalls-clean.nix inputs)
(import ./overlays/terraform.nix)
];
# System types to support.
supportedSystems =
[ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ];
@ -262,20 +157,26 @@
in rec {
nixosModules = {
globals = { config }: { config = globals; };
common = import ./modules/common;
nixos = import ./modules/nixos;
darwin = import ./modules/darwin;
};
# Contains my full system builds, including home-manager
# nixos-rebuild switch --flake .#tempest
nixosConfigurations = {
tempest = import ./hosts/tempest { inherit inputs globals overlays; };
hydra = import ./hosts/hydra { inherit inputs globals overlays; };
flame = import ./hosts/flame { inherit inputs globals overlays; };
swan = import ./hosts/swan { inherit inputs globals overlays; };
tempest = import ./hosts/tempest { inherit self; };
hydra = import ./hosts/hydra { inherit self; };
flame = import ./hosts/flame { inherit self; };
swan = import ./hosts/swan { inherit self; };
};
# Contains my full Mac system builds, including home-manager
# darwin-rebuild switch --flake .#lookingglass
darwinConfigurations = {
lookingglass =
import ./hosts/lookingglass { inherit inputs globals overlays; };
lookingglass = import ./hosts/lookingglass { inherit self; };
};
# For quickly applying home-manager settings with:
@ -291,10 +192,8 @@
diskoConfigurations = { root = import ./disks/root.nix; };
packages = let
aws = system:
import ./hosts/aws { inherit inputs globals overlays system; };
staff = system:
import ./hosts/staff { inherit inputs globals overlays system; };
aws = system: import ./hosts/aws { inherit self system; };
staff = system: import ./hosts/staff { inherit self system; };
neovim = system:
let pkgs = import nixpkgs { inherit system overlays; };
in import ./modules/common/neovim/package {
@ -329,24 +228,6 @@
});
checks = forAllSystems (system:
let pkgs = import nixpkgs { inherit system overlays; };
in {
neovim = pkgs.runCommand "neovim-check-health" {
buildInputs = [ inputs.self.packages.${system}.neovim ];
} ''
mkdir -p $out
export HOME=$TMPDIR
nvim -c "checkhealth" -c "write $out/health.log" -c "quitall"
# Check for errors inside the health log
if $(grep "ERROR" $out/health.log); then
cat $out/health.log
exit 1
fi
'';
});
# Templates for starting other projects quickly
templates = rec {
default = basic;

14
hosts/README.md
View File

@ -1,7 +1,5 @@
# Hosts
These are the individual machines managed by this flake.
| Host | Purpose |
| --- | --- |
| [aws](./aws/default.nix) | AWS AMI |
@ -12,15 +10,3 @@ These are the individual machines managed by this flake.
| [swan](./swan/default.nix) | Home server |
| [tempest](./tempest/default.nix) | Linux desktop |
## NixOS Workflow
Each hosts file is imported into [nixosConfigurations](../flake.nix) and passed
the arguments from the flake (inputs, globals, overlays). The `nixosSystem`
function in that hosts file will be called by the NixOS module system during a
nixos-rebuild.
Each module in the each host's `modules` list is either a function or an
attrset. The attrsets will simply apply values to options that have been
declared in the config by other modules. Meanwhile, the functions will be
passed various arguments, several of which you will see listed at the top of
each of their files.

14
hosts/aws/default.nix
View File

@ -1,13 +1,14 @@
{ inputs, system, globals, overlays, ... }:
{ self, system, ... }:
inputs.nixos-generators.nixosGenerate {
self.inputs.nixos-generators.nixosGenerate {
inherit system;
format = "amazon";
modules = [
globals
inputs.home-manager.nixosModules.home-manager
self.inputs.home-manager.nixosModules.home-manager
self.nixosModules.globals
self.nixosModules.common
self.nixosModules.nixos
{
nixpkgs.overlays = overlays;
networking.hostName = "sheep";
gui.enable = false;
theme.colors = (import ../../colorscheme/gruvbox).dark;
@ -17,9 +18,6 @@ inputs.nixos-generators.nixosGenerate {
# AWS settings require this
permitRootLogin = "prohibit-password";
}
../../modules/common
../../modules/nixos
../../modules/nixos/services/sshd.nix
] ++ [
# Required to fix diskSize errors during build
({ ... }: { amazonImage.sizeMB = 16 * 1024; })

2
hosts/aws/main.tf
View File

@ -26,7 +26,7 @@ data "aws_iam_policy_document" "vmimport" {
actions = [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:ListBucket",
]
resources = [
"arn:aws:s3:::${aws_s3_object.image.bucket}",

51
hosts/flame/default.nix
View File

@ -1,72 +1,58 @@
# The Flame
# System configuration for an Oracle free server
# See [readme](../README.md) to explain how this file works.
# How to install:
# https://blog.korfuri.fr/posts/2022/08/nixos-on-an-oracle-free-tier-ampere-machine/
# These days, probably use nixos-anywhere instead.
{ inputs, globals, overlays, ... }:
{ self, ... }:
inputs.nixpkgs.lib.nixosSystem {
self.inputs.nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
specialArgs = { };
modules = [
globals
inputs.home-manager.nixosModules.home-manager
../../modules/common
../../modules/nixos
self.inputs.home-manager.nixosModules.home-manager
self.nixosModules.globals
self.nixosModules.common
self.nixosModules.nixos
{
nixpkgs.overlays = overlays;
# Hardware
server = true;
networking.hostName = "flame";
# Not sure what's necessary but too afraid to remove anything
imports = [ (inputs.nixpkgs + "/nixos/modules/profiles/qemu-guest.nix") ];
imports =
[ (self.inputs.nixpkgs + "/nixos/modules/profiles/qemu-guest.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" "usbhid" ];
# File systems must be declared in order to boot
# This is the root filesystem containing NixOS
# I forgot to set a clean label for it
fileSystems."/" = {
device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
fsType = "ext4";
};
# This is the boot filesystem for systemd-boot
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/D5CA-237A";
fsType = "vfat";
};
# Theming
# Server doesn't require GUI
gui.enable = false;
# Still require colors for programs like Neovim, K9S
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
# Disable passwords, only use SSH key
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
# Programs and services
atuin.enable = true;
cloudflare.enable = true; # Proxy traffic with Cloudflare
dotfiles.enable = true; # Clone dotfiles
neovim.enable = true;
giteaRunner.enable = true;
services.caddy.enable = true;
services.grafana.enable = true;
services.openssh.enable = true;
services.victoriametrics.enable = true;
services.influxdb2.enable = true;
services.prometheus.enable = true;
services.gitea.enable = true;
services.vaultwarden.enable = true;
services.minecraft-server.enable = true; # Setup Minecraft server
# Allows private remote access over the internet
cloudflareTunnel = {
enable = true;
id = "bd250ee1-ed2e-42d2-b627-039f1eb5a4d2";
@ -75,6 +61,8 @@ inputs.nixpkgs.lib.nixosSystem {
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org";
};
giteaRunner.enable = true;
# Nextcloud backup config
backup.s3 = {
endpoint = "s3.us-west-002.backblazeb2.com";
@ -82,10 +70,6 @@ inputs.nixpkgs.lib.nixosSystem {
accessKeyId = "0026b0e73b2e2c80000000005";
};
# Disable passwords, only use SSH key
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
# # Wireguard config for Transmission
# wireguard.enable = true;
# networking.wireguard.interfaces.wg0 = {
@ -115,6 +99,9 @@ inputs.nixpkgs.lib.nixosSystem {
# # VPN port forwarding
# services.transmission.settings.peer-port = 57599;
# # Grant access to Transmission directories from Jellyfin
# users.users.jellyfin.extraGroups = [ "transmission" ];
}
];
}

21
hosts/hydra/default.nix
View File

@ -1,30 +1,27 @@
# The Hydra
# System configuration for WSL
# See [readme](../README.md) to explain how this file works.
{ self, ... }:
{ inputs, globals, overlays, ... }:
inputs.nixpkgs.lib.nixosSystem {
self.inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { };
modules = [
../../modules/common
../../modules/nixos
../../modules/wsl
globals
inputs.wsl.nixosModules.wsl
inputs.home-manager.nixosModules.home-manager
self.inputs.wsl.nixosModules.wsl
self.inputs.home-manager.nixosModules.home-manager
self.nixosModules.globals
self.nixosModules.common
self.nixosModules.nixos
self.nixosModules.wsl
{
networking.hostName = "hydra";
nixpkgs.overlays = overlays;
identityFile = "/home/${globals.user}/.ssh/id_ed25519";
gui.enable = false;
theme = {
colors = (import ../../colorscheme/gruvbox).dark;
dark = true;
};
passwordHash = inputs.nixpkgs.lib.fileContents ../../misc/password.sha512;
passwordHash = inputs.nixpkgs.lib.fileContents ../../password.sha512;
wsl = {
enable = true;
wslConf.automount.root = "/mnt";

77
hosts/lookingglass/default.nix
View File

@ -1,49 +1,46 @@
# The Looking Glass
# System configuration for my work Macbook
{ inputs, globals, overlays, ... }:
{ self, ... }:
inputs.darwin.lib.darwinSystem {
system = "aarch64-darwin";
self.inputs.darwin.lib.darwinSystem {
system = "x86_64-darwin";
specialArgs = { };
modules = [
../../modules/common
../../modules/darwin
(globals // rec {
user = "Noah.Masur";
gitName = "Noah-Masur_1701";
gitEmail = "${user}@take2games.com";
})
inputs.home-manager.darwinModules.home-manager
{
nixpkgs.overlays = [ inputs.firefox-darwin.overlay ] ++ overlays;
networking.hostName = "lookingglass";
identityFile = "/Users/Noah.Masur/.ssh/id_ed25519";
gui.enable = true;
theme = {
colors = (import ../../colorscheme/gruvbox-dark).dark;
dark = true;
self.inputs.home-manager.darwinModules.home-manager
self.nixosModules.common
self.nixosModules.darwin
({ config, lib, ... }: {
config = rec {
user = lib.mkForce "Noah.Masur";
gitName = lib.mkForce "Noah-Masur_1701";
gitEmail = lib.mkForce "${user}@take2games.com";
nixpkgs.overlays = [ self.inputs.firefox-darwin.overlay ];
networking.hostName = "lookingglass";
identityFile = "/Users/${user}/.ssh/id_ed25519";
gui.enable = true;
theme = {
colors = (import ../../colorscheme/gruvbox-dark).dark;
dark = true;
};
mail.user = globals.user;
charm.enable = true;
neovim.enable = true;
mail.enable = true;
mail.aerc.enable = true;
mail.himalaya.enable = false;
kitty.enable = true;
discord.enable = true;
firefox.enable = true;
dotfiles.enable = true;
nixlang.enable = true;
terraform.enable = true;
python.enable = true;
lua.enable = true;
kubernetes.enable = true;
_1password.enable = true;
slack.enable = true;
};
mail.user = globals.user;
atuin.enable = true;
charm.enable = true;
neovim.enable = true;
mail.enable = true;
mail.aerc.enable = true;
mail.himalaya.enable = false;
kitty.enable = true;
discord.enable = true;
firefox.enable = true;
dotfiles.enable = true;
nixlang.enable = true;
terraform.enable = true;
python.enable = true;
rust.enable = true;
lua.enable = true;
obsidian.enable = true;
kubernetes.enable = true;
_1password.enable = true;
slack.enable = true;
}
})
];
}

54
hosts/staff/default.nix
View File

@ -1,31 +1,32 @@
# The Staff
# ISO configuration for my USB drive
{ inputs, system, overlays, ... }:
{ self, system, ... }:
inputs.nixos-generators.nixosGenerate {
self.inputs.nixos-generators.nixosGenerate {
inherit system;
format = "install-iso";
modules = [{
nixpkgs.overlays = overlays;
networking.hostName = "staff";
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"
];
services.openssh = {
enable = true;
ports = [ 22 ];
allowSFTP = true;
settings = {
GatewayPorts = "no";
X11Forwarding = false;
PasswordAuthentication = false;
PermitRootLogin = "yes";
modules = [
self.nixosModules.global
self.nixosModules.common
self.nixosModules.nixos
({ config, pkgs, ... }: {
networking.hostName = "staff";
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"
];
services.openssh = {
enable = true;
ports = [ 22 ];
allowSFTP = true;
settings = {
GatewayPorts = "no";
X11Forwarding = false;
PasswordAuthentication = false;
PermitRootLogin = "yes";
};
};
};
environment.systemPackages =
let pkgs = import inputs.nixpkgs { inherit system overlays; };
in with pkgs; [
environment.systemPackages = with pkgs; [
git
vim
wget
@ -35,9 +36,10 @@ inputs.nixos-generators.nixosGenerate {
colors = (import ../../colorscheme/gruvbox).dark;
})
];
nix.extraOptions = ''
experimental-features = nix-command flakes
warn-dirty = false
'';
}];
nix.extraOptions = ''
experimental-features = nix-command flakes
warn-dirty = false
'';
})
];
}

47
hosts/swan/default.nix
View File

@ -1,28 +1,22 @@
# The Swan
# System configuration for my home NAS server
# See [readme](../README.md) to explain how this file works.
{ self, ... }:
{ inputs, globals, overlays, ... }:
inputs.nixpkgs.lib.nixosSystem {
self.inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { };
modules = [
globals
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
../../modules/common
../../modules/nixos
self.inputs.home-manager.nixosModules.home-manager
self.inputs.disko.nixosModules.disko
self.nixosModules.globals
self.nixosModules.common
self.nixosModules.nixos
{
nixpkgs.overlays = overlays;
# Hardware
server = true;
physical = true;
networking.hostName = "swan";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ];
@ -35,57 +29,35 @@ inputs.nixpkgs.lib.nixosSystem {
"amdgpu.cik_support=1"
"amdgpu.dc=1"
];
# Required binary blobs to boot on this machine
hardware.enableRedistributableFirmware = true;
# Prioritize efficiency over performance
powerManagement.cpuFreqGovernor = "powersave";
# Allow firmware updates
hardware.cpu.intel.updateMicrocode = true;
# ZFS
zfs.enable = true;
# Generated with: head -c 8 /etc/machine-id
networking.hostId = "600279f4"; # Random ID required for ZFS
# Sets root ext4 filesystem instead of declaring it manually
disko = {
enableConfig = true;
devices = (import ../../disks/root.nix { disk = "/dev/nvme0n1"; });
};
# Automatically load the ZFS pool on boot
boot.zfs.extraPools = [ "tank" ];
# Theming
# Server doesn't require GUI
gui.enable = false;
# Still require colors for programs like Neovim, K9S
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
# Programs and services
atuin.enable = true;
neovim.enable = true;
cloudflare.enable = true;
dotfiles.enable = true;
arrs.enable = true;
services.bind.enable = true;
services.caddy.enable = true;
services.jellyfin.enable = true;
services.nextcloud.enable = true;
services.calibre-web.enable = true;
services.openssh.enable = true;
services.prometheus.enable = false;
services.vmagent.enable = true;
services.prometheus.enable = true;
services.samba.enable = true;
services.paperless.enable = true;
services.postgresql.enable = true;
# Allows private remote access over the internet
cloudflareTunnel = {
enable = true;
id = "646754ac-2149-4a58-b51a-e1d0a1f3ade2";
@ -94,7 +66,6 @@ inputs.nixpkgs.lib.nixosSystem {
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCHF/UMtJqPFrf6f6GRY0ZFnkCW7b6sYgUTjTtNfRj1RdmNic1NoJZql7y6BrqQinZvy7nsr1UFDNWoHn6ah3tg= open-ssh-ca@cloudflareaccess.org";
};
# Send regular backups and litestream for DBs to an S3-like bucket
backup.s3 = {
endpoint = "s3.us-west-002.backblazeb2.com";
bucket = "noahmasur-backup";

55
hosts/tempest/default.nix
View File

@ -1,43 +1,28 @@
# The Tempest
# System configuration for my desktop
# See [readme](../README.md) to explain how this file works.
{ self, ... }:
{ inputs, globals, overlays, ... }:
inputs.nixpkgs.lib.nixosSystem {
self.inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
globals
inputs.home-manager.nixosModules.home-manager
../../modules/common
../../modules/nixos
self.inputs.home-manager.nixosModules.home-manager
self.nixosModules.globals
self.nixosModules.common
self.nixosModules.nixos
{
nixpkgs.overlays = overlays;
# Hardware
physical = true;
networking.hostName = "tempest";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
# Graphics and VMs
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [ "kvm-amd" ];
services.xserver.videoDrivers = [ "amdgpu" ];
# Required binary blobs to boot on this machine
hardware.enableRedistributableFirmware = true;
# Prioritize performance over efficiency
powerManagement.cpuFreqGovernor = "performance";
# Allow firmware updates
hardware.cpu.amd.updateMicrocode = true;
# Helps reduce GPU fan noise under idle loads
hardware.fancontrol.enable = true;
hardware.fancontrol.config = ''
# Configuration file generated by pwmconfig, changes will be lost
@ -54,38 +39,30 @@ inputs.nixpkgs.lib.nixosSystem {
MAXPWM=hwmon0/pwm1=240
'';
# File systems must be declared in order to boot
# This is the root filesystem containing NixOS
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
# This is the boot filesystem for Grub
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
# Secrets must be prepared ahead before deploying
passwordHash = inputs.nixpkgs.lib.fileContents ../../misc/password.sha512;
# Must be prepared ahead
identityFile = "/home/${globals.user}/.ssh/id_ed25519";
passwordHash = self.inputs.nixpkgs.lib.fileContents ../../password.sha512;
# Theming
# Turn on all features related to desktop and graphical applications
gui.enable = true;
# Set the system-wide theme, also used for non-graphical programs
theme = {
colors = (import ../../colorscheme/gruvbox-dark).dark;
dark = true;
};
wallpaper = "${inputs.wallpapers}/gruvbox/road.jpg";
gtk.theme.name = inputs.nixpkgs.lib.mkDefault "Adwaita-dark";
wallpaper = "${self.inputs.wallpapers}/gruvbox/road.jpg";
gtk.theme.name = self.inputs.nixpkgs.lib.mkDefault "Adwaita-dark";
# Programs and services
atuin.enable = true;
charm.enable = true;
neovim.enable = true;
media.enable = true;
@ -102,7 +79,6 @@ inputs.nixpkgs.lib.nixosSystem {
keybase.enable = true;
mullvad.enable = false;
nixlang.enable = true;
rust.enable = true;
yt-dlp.enable = true;
gaming = {
dwarf-fortress.enable = true;
@ -113,11 +89,7 @@ inputs.nixpkgs.lib.nixosSystem {
leagueoflegends.enable = true;
ryujinx.enable = true;
};
services.vmagent.enable = true; # Enables Prometheus metrics
services.openssh.enable =
true; # Required for Cloudflare tunnel and identity file
# Allows private remote access over the internet
cloudflareTunnel = {
enable = true;
id = "ac133a82-31fb-480c-942a-cdbcd4c58173";
@ -126,11 +98,6 @@ inputs.nixpkgs.lib.nixosSystem {
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";
};
# Allows requests to force machine to wake up
# This network interface might change, needs to be set specifically for each machine.
# Or set usePredictableInterfaceNames = false
networking.interfaces.enp5s0.wakeOnLan.enable = true;
}
];
}

21
misc/README.md
View File

@ -1,21 +0,0 @@
# Miscellaneous
These files contain important data sourced by the configuration, or simply
information to store for safekeeping later.
---
Creating hashed password for [password.sha512](./password.sha512):
```
mkpasswd -m sha-512
```
---
Getting key for [public-keys](./public-keys):
```
ssh-keyscan -t ed25519 <hostname>
```

23
misc/libratbag-profile
View File

@ -1,23 +0,0 @@
Profile 1: (active)
Name: n/a
Report Rate: 1000Hz
Resolutions:
0: 400dpi (active) (default)
1: 800dpi
2: 1600dpi
3: 2400dpi
4: 0dpi
Button: 0 is mapped to 'button 1'
Button: 1 is mapped to 'button 2'
Button: 2 is mapped to 'button 3'
Button: 3 is mapped to 'button 4'
Button: 4 is mapped to 'button 5'
Button: 5 is mapped to macro '↕F11'
Button: 6 is mapped to macro '↕VOLUMEDOWN'
Button: 7 is mapped to macro '↕VOLUMEUP'
Button: 8 is mapped to 'unknown'
Button: 9 is mapped to 'wheel-right'
Button: 10 is mapped to 'wheel-left'
LED: 0, depth: monochrome, mode: on, color: 000000
LED: 1, depth: monochrome, mode: on, color: 000000
LED: 2, depth: monochrome, mode: on, color: 000000

1
modules/README.md
View File

@ -5,5 +5,4 @@
| [common](./common/default.nix) | User programs and OS-agnostic configuration |
| [darwin](./darwin/default.nix) | macOS-specific configuration |
| [nixos](./nixos/default.nix) | NixOS-specific configuration |
| [wsl](./wsl/default.nix) | WSL-specific configuration |

22
modules/common/applications/1password.nix
View File

@ -9,22 +9,12 @@
};
};
config = lib.mkIf (config.gui.enable && config._1password.enable) {
unfreePackages = [ "1password" "_1password-gui" "1password-cli" ];
home-manager.users.${config.user} = {
home.packages = with pkgs; [ _1password-gui ];
config = lib.mkIf
(config.gui.enable && config._1password.enable && pkgs.stdenv.isLinux) {
unfreePackages = [ "1password" "_1password-gui" ];
home-manager.users.${config.user} = {
home.packages = with pkgs; [ _1password-gui ];
};
};
# https://1password.community/discussion/135462/firefox-extension-does-not-connect-to-linux-app
# On Mac, does not apply: https://1password.community/discussion/142794/app-and-browser-integration
# However, the button doesn't work either:
# https://1password.community/discussion/140735/extending-support-for-trusted-web-browsers
environment.etc."1password/custom_allowed_browsers".text = ''
${
config.home-manager.users.${config.user}.programs.firefox.package
}/Applications/Firefox.app/Contents/MacOS/firefox
firefox
'';
};
}

26
modules/common/applications/firefox.nix
View File

@ -16,7 +16,6 @@
unfreePackages = [
(lib.mkIf config._1password.enable "onepassword-password-manager")
"okta-browser-plugin"
"wappalyzer"
];
home-manager.users.${config.user} = {
@ -29,23 +28,21 @@
id = 0;
name = "default";
isDefault = true;
# https://nur.nix-community.org/repos/rycee/
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
(lib.mkIf config._1password.enable onepassword-password-manager)
pkgs.bypass-paywalls-clean
darkreader
don-t-fuck-with-paste
facebook-container
markdownload
ublock-origin
vimium
multi-account-containers
facebook-container
(lib.mkIf config._1password.enable onepassword-password-manager)
okta-browser-plugin
sponsorblock
reddit-enhancement-suite
return-youtube-dislikes
markdownload
darkreader
snowflake
sponsorblock
ublock-origin
ublacklist
vimium
don-t-fuck-with-paste
i-dont-care-about-cookies
wappalyzer
];
settings = {
@ -76,9 +73,6 @@
"media.ffmpeg.vaapi.enabled" =
true; # Enable hardware video acceleration
"cookiebanners.ui.desktop.enabled" = true; # Reject cookie popups
"devtools.command-button-screenshot.enabled" =
true; # Scrolling screenshot of entire page
"svg.context-properties.content.enabled" = true; # Sidebery styling
};
userChrome = ''
:root {
@ -119,7 +113,7 @@
background-color: ${config.theme.colors.base00};
color: ${config.theme.colors.base06} !important;
}
.tab-content[selected] {
.tab-content[selected=true] {
border-bottom: 2px solid color-mix(in srgb, var(--identity-tab-color) 25%, transparent);
background-color: ${config.theme.colors.base01} !important;
color: ${config.theme.colors.base07} !important;

12
modules/common/applications/kitty.nix
View File

@ -28,22 +28,13 @@
programs.rofi.terminal =
lib.mkIf pkgs.stdenv.isLinux "${pkgs.kitty}/bin/kitty";
# Display images in the terminal
programs.fish.shellAliases = {
icat = "kitty +kitten icat";
ssh = "kitty +kitten ssh";
};
programs.kitty = {
enable = true;
environment = { };
extraConfig = "";
font.size = 14;
keybindings = {
# Use shift+enter to complete text suggestions in fish
"shift+enter" = "send_text all \\x1F";
# Easy fullscreen toggle (for macOS)
"super+f" = "toggle_fullscreen";
};
settings = {
@ -94,6 +85,7 @@
# Scrollback
scrolling_lines = 10000;
scrollback_pager_history_size = 10; # MB
scrollback_pager = "${pkgs.neovim}/bin/nvim -c 'normal G'";
# Window
window_padding_width = 6;
@ -101,7 +93,7 @@
tab_bar_edge = "top";
tab_bar_style = "slant";
# Disable audio
# Audio
enable_audio_bell = false;
};
};

22
modules/common/applications/media.nix
View File

@ -22,8 +22,8 @@
enable = true;
bindings = { };
config = {
image-display-duration = 2; # For cycling through images
hwdec = "auto-safe"; # Attempt to use GPU decoding for video
image-display-duration = 2;
hwdec = "auto-safe";
};
scripts = [
@ -31,11 +31,25 @@
pkgs.mpvScripts.autoload
# Delete current file after quitting
pkgs.mpvScripts.mpv-delete-file
(pkgs.stdenv.mkDerivation rec {
pname = "mpv-delete-file";
version = "0.1"; # made-up
src = pkgs.fetchFromGitHub {
owner = "zenyd";
repo = "mpv-scripts";
rev = "19ea069abcb794d1bf8fac2f59b50d71ab992130";
sha256 = "sha256-OBCuzCtgfSwj0i/rBNranuu4LRc47jObwQIJgQQoerg=";
} + "/delete_file.lua";
dontBuild = true;
dontUnpack = true;
installPhase =
"install -Dm644 ${src} $out/share/mpv/scripts/delete_file.lua";
passthru.scriptName = "delete_file.lua";
})
];
};
# Set default programs for opening PDFs and other media
# Set default for opening PDFs
xdg.mimeApps = {
associations.added = {
"application/pdf" = [ "pwmt.zathura-cb.desktop" ];

5
modules/common/applications/obsidian.nix
View File

@ -15,9 +15,8 @@
home.packages = with pkgs; [ obsidian ];
};
# Broken on 2023-12-11
# https://forum.obsidian.md/t/electron-25-is-now-eol-please-upgrade-to-a-newer-version/72878/8
nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ];
# Broken on 2023-04-16
nixpkgs.config.permittedInsecurePackages = [ "electron-21.4.0" ];
};

10
modules/common/default.nix
View File

@ -59,7 +59,7 @@
};
dotfilesRepo = lib.mkOption {
type = lib.types.str;
description = "Link to dotfiles repository HTTPS URL.";
description = "Link to dotfiles repository.";
};
unfreePackages = lib.mkOption {
type = lib.types.listOf lib.types.str;
@ -75,18 +75,10 @@
type = lib.types.str;
description = "Hostname for metrics server.";
};
paperless = lib.mkOption {
type = lib.types.str;
description = "Hostname for document server (paperless-ngx).";
};
prometheus = lib.mkOption {
type = lib.types.str;
description = "Hostname for Prometheus server.";
};
influxdb = lib.mkOption {
type = lib.types.str;
description = "Hostname for InfluxDB2 server.";
};
secrets = lib.mkOption {
type = lib.types.str;
description = "Hostname for passwords and secrets (Vaultwarden).";

2
modules/common/mail/aerc.nix
View File

@ -68,7 +68,7 @@
"!" = ":term<space>";
"|" = ":pipe<space>";
"/" = ":search<space>-a<space>";
"/" = ":search<space>";
"\\" = ":filter <space>";
n = ":next-result<Enter>";
N = ":prev-result<Enter>";

38
modules/common/mail/default.nix
View File

@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }: {
imports = [ ./himalaya.nix ./aerc.nix ./system.nix ];
imports = [ ./himalaya.nix ./aerc.nix ];
options = {
mail.enable = lib.mkEnableOption "Mail service.";
@ -27,32 +27,15 @@
home-manager.users.${config.user} = {
programs.mbsync = { enable = true; };
# Automatically check for mail and keep files synced locally
services.mbsync = lib.mkIf pkgs.stdenv.isLinux {
enable = true;
frequency = "*:0/5";
postExec = "${pkgs.notmuch}/bin/notmuch new";
};
# Used to watch for new mail and trigger sync
services.imapnotify.enable = pkgs.stdenv.isLinux;
# Allows sending email from CLI/sendmail
programs.msmtp.enable = true;
# Better local mail search
programs.notmuch = {
enable = true;
new.ignore =
[ ".mbsyncstate.lock" ".mbsyncstate.journal" ".mbsyncstate.new" ];
};
programs.notmuch.enable = true;
accounts.email = {
# Where email files are stored
maildirBasePath = "${config.homePath}/mail";
accounts = {
home = let address = "${config.mail.user}@${config.mail.server}";
in {
@ -65,17 +48,13 @@
"hey"
"admin"
];
# Options for contact completion
alot = { };
flavor = "plain";
imap = {
host = config.mail.imapHost;
port = 993;
tls.enable = true;
};
# Watch for mail and run notifications or sync
imapnotify = {
enable = true;
boxes = [ "Inbox" ];
@ -84,11 +63,7 @@
config.home-manager.users.${config.user}.services.dunst.enable
"${pkgs.libnotify}/bin/notify-send 'New mail arrived'";
};
# Name of the directory in maildir for this account
maildir = { path = "main"; };
# Bi-directional syncing options for local files
mbsync = {
enable = true;
create = "both";
@ -99,17 +74,12 @@
CopyArrivalDate = "yes"; # Sync time of original message
};
};
# Enable indexing
notmuch.enable = true;
# Used to login and send and receive emails
passwordCommand =
"${pkgs.age}/bin/age --decrypt --identity ~/.ssh/id_ed25519 ${
"${pkgs.age}/bin/age --decrypt --identity ${config.identityFile} ${
pkgs.writeText "mailpass.age"
(builtins.readFile ../../../private/mailpass.age)
}";
smtp = {
host = config.mail.smtpHost;
port = 465;

34
modules/common/mail/system.nix
View File

@ -1,34 +0,0 @@
{ config, pkgs, lib, ... }: {
config = lib.mkIf (config.mail.enable || config.server) {
home-manager.users.${config.user} = {
programs.msmtp.enable = true;
# The system user for sending automatic notifications
accounts.email.accounts.system =
let address = "system@${config.mail.server}";
in {
userName = address;
realName = "NixOS System";
primary = !config.mail.enable; # Only primary if mail not enabled
inherit address;
passwordCommand =
"${pkgs.age}/bin/age --decrypt --identity ${config.identityFile} ${
pkgs.writeText "mailpass-system.age"
(builtins.readFile ../../../private/mailpass-system.age)
}";
msmtp.enable = true;
smtp = {
host = config.mail.smtpHost;
port = 465;
tls.enable = true;
};
};
};
};
}

3
modules/common/neovim/config/align.nix
View File

@ -1,7 +1,4 @@
{ pkgs, ... }: {
# Plugin for aligning text programmatically
plugins = [ pkgs.vimPlugins.tabular ];
lua = ''
-- Align

3
modules/common/neovim/config/bufferline.nix
View File

@ -1,7 +1,4 @@
{ pkgs, ... }: {
# Shows buffers in a VSCode-style tab layout
plugins = [
pkgs.vimPlugins.bufferline-nvim
pkgs.vimPlugins.vim-bbye # Better closing of buffers

2
modules/common/neovim/config/colors.nix
View File

@ -1,7 +1,5 @@
{ pkgs, lib, config, ... }: {
# Sets Neovim colors based on Nix colorscheme
options.colors = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
description = "Attrset of base16 colorscheme key value pairs.";

29
modules/common/neovim/config/completion.nix
View File

@ -9,6 +9,7 @@
pkgs.vimPlugins.luasnip
pkgs.vimPlugins.cmp_luasnip
pkgs.vimPlugins.cmp-rg
pkgs.vimPlugins.friendly-snippets
];
use.cmp.setup = dsl.callWith {
@ -23,7 +24,12 @@
end
'';
# Basic completion keybinds
snippet.expand = dsl.rawLua ''
function(args)
require("luasnip").lsp_expand(args.body)
end
'';
mapping = {
"['<C-n>']" = dsl.rawLua
"require('cmp').mapping.select_next_item({ behavior = require('cmp').SelectBehavior.Insert })";
@ -58,25 +64,24 @@
'';
};
# These are where the completion engine gets its suggestions
sources = [
{ name = "nvim_lua"; } # Fills in common Neovim lua functions
{ name = "nvim_lsp"; } # LSP results
{ name = "path"; } # Shell completion from current PATH
{ name = "nvim_lua"; }
{ name = "nvim_lsp"; }
{ name = "luasnip"; }
{ name = "path"; }
{
name = "buffer"; # Grep for text from the current text buffer
name = "buffer";
keyword_length = 3;
max_item_count = 10;
}
{
name = "rg"; # Grep for text from the current directory
name = "rg";
keyword_length = 6;
max_item_count = 10;
option = { additional_arguments = "--ignore-case"; };
}
];
# Styling of the completion menu
formatting = {
fields = [ "kind" "abbr" "menu" ];
format = dsl.rawLua ''
@ -110,6 +115,7 @@
}
vim_item.kind = string.format("%s", kind_icons[vim_item.kind])
vim_item.menu = ({
luasnip = "[Snippet]",
buffer = "[Buffer]",
path = "[Path]",
rg = "[Grep]",
@ -129,6 +135,13 @@
};
lua = ''
-- Load snippets
-- Check status: :lua require("luasnip").log.open()
require("luasnip.loaders.from_vscode").lazy_load()
require("luasnip.loaders.from_vscode").lazy_load({ paths = { "${
builtins.toString pkgs.vscode-terraform-snippets
}" } })
-- Use buffer source for `/`
require('cmp').setup.cmdline("/", {
sources = {

14
modules/common/neovim/config/github.lua
View File

@ -1,14 +0,0 @@
-- Keymap to open file in GitHub web
vim.keymap.set("n", "<Leader>gr", ":!gh browse %<CR><CR>", { silent = true })
-- Pop a terminal to watch the current run
local gitwatch =
require("toggleterm.terminal").Terminal:new({ cmd = "fish --interactive --init-command 'gh run watch'" })
-- Set a toggle for this terminal
function GITWATCH_TOGGLE()
gitwatch:toggle()
end
-- Keymap to toggle the run
vim.keymap.set("n", "<Leader>gw", GITWATCH_TOGGLE)

6
modules/common/neovim/config/kubernetes.lua
View File

@ -1,6 +0,0 @@
local k9s = require("toggleterm.terminal").Terminal:new({ cmd = "k9s" })
function K9S_TOGGLE()
k9s:toggle()
end
vim.keymap.set("n", "<Leader>9", K9S_TOGGLE)

162
modules/common/neovim/config/lsp.nix
View File

@ -1,110 +1,76 @@
{ pkgs, lib, config, dsl, ... }: {
{ pkgs, dsl, ... }: {
# Terraform optional because non-free
options.terraform = lib.mkEnableOption "Whether to enable Terraform LSP";
options.github = lib.mkEnableOption "Whether to enable GitHub features";
options.kubernetes =
lib.mkEnableOption "Whether to enable Kubernetes features";
plugins = [
pkgs.vimPlugins.nvim-lspconfig
pkgs.vimPlugins.lsp-colors-nvim
pkgs.vimPlugins.null-ls-nvim
];
config =
use.lspconfig.lua_ls.setup = dsl.callWith {
settings = { Lua = { diagnostics = { globals = [ "vim" "hs" ]; }; }; };
capabilities = dsl.rawLua "require('cmp_nvim_lsp').default_capabilities()";
cmd = [ "${pkgs.lua-language-server}/bin/lua-language-server" ];
};
let
use.lspconfig.nil_ls.setup = dsl.callWith {
cmd = [ "${pkgs.nil}/bin/nil" ];
capabilities = dsl.rawLua "require('cmp_nvim_lsp').default_capabilities()";
};
terraformFormat = if config.terraform then ''
require("null-ls").builtins.formatting.terraform_fmt.with({
command = "${pkgs.terraform}/bin/terraform",
extra_filetypes = { "hcl" },
}),
'' else
"";
use.lspconfig.pyright.setup = dsl.callWith {
cmd = [ "${pkgs.pyright}/bin/pyright-langserver" "--stdio" ];
};
in {
plugins = [
pkgs.vimPlugins.nvim-lspconfig
pkgs.vimPlugins.null-ls-nvim
pkgs.vimPlugins.fidget-nvim
];
use.lspconfig.terraformls.setup =
dsl.callWith { cmd = [ "${pkgs.terraform-ls}/bin/terraform-ls" "serve" ]; };
setup.fidget = { };
vim.api.nvim_create_augroup = dsl.callWith [ "LspFormatting" { } ];
use.lspconfig.lua_ls.setup = dsl.callWith {
settings = { Lua = { diagnostics = { globals = [ "vim" "hs" ]; }; }; };
capabilities =
dsl.rawLua "require('cmp_nvim_lsp').default_capabilities()";
cmd = [ "${pkgs.lua-language-server}/bin/lua-language-server" ];
};
lua = ''
${builtins.readFile ./lsp.lua}
use.lspconfig.nil_ls.setup = dsl.callWith {
cmd = [ "${pkgs.nil}/bin/nil" ];
capabilities =
dsl.rawLua "require('cmp_nvim_lsp').default_capabilities()";
};
-- Prevent infinite log size (change this when debugging)
vim.lsp.set_log_level("off")
use.lspconfig.pyright.setup = dsl.callWith {
cmd = [ "${pkgs.pyright}/bin/pyright-langserver" "--stdio" ];
};
require("null-ls").setup({
sources = {
require("null-ls").builtins.formatting.stylua.with({ command = "${pkgs.stylua}/bin/stylua" }),
require("null-ls").builtins.formatting.black.with({ command = "${pkgs.black}/bin/black" }),
require("null-ls").builtins.diagnostics.ruff.with({ command = "${pkgs.ruff}/bin/ruff" }),
require("null-ls").builtins.formatting.fish_indent.with({ command = "${pkgs.fish}/bin/fish_indent" }),
require("null-ls").builtins.formatting.nixfmt.with({ command = "${pkgs.nixfmt}/bin/nixfmt" }),
require("null-ls").builtins.formatting.rustfmt.with({ command = "${pkgs.rustfmt}/bin/rustfmt" }),
require("null-ls").builtins.diagnostics.shellcheck.with({ command = "${pkgs.shellcheck}/bin/shellcheck" }),
require("null-ls").builtins.formatting.shfmt.with({
command = "${pkgs.shfmt}/bin/shfmt",
extra_args = { "-i", "4", "-ci" },
}),
require("null-ls").builtins.formatting.terraform_fmt.with({
command = "${pkgs.terraform}/bin/terraform",
extra_filetypes = { "hcl" },
}),
},
use.lspconfig.terraformls.setup = dsl.callWith {
cmd = if config.terraform then [
"${pkgs.terraform-ls}/bin/terraform-ls"
"serve"
] else
[ "echo" ];
};
use.lspconfig.rust_analyzer.setup = dsl.callWith {
cmd = [ "${pkgs.rust-analyzer}/bin/rust-analyzer" ];
settings = {
"['rust-analyzer']" = { check = { command = "clippy"; }; };
};
};
vim.api.nvim_create_augroup = dsl.callWith [ "LspFormatting" { } ];
lua = ''
${builtins.readFile ./lsp.lua}
-- Prevent infinite log size (change this when debugging)
vim.lsp.set_log_level("off")
require("null-ls").setup({
sources = {
require("null-ls").builtins.formatting.stylua.with({ command = "${pkgs.stylua}/bin/stylua" }),
require("null-ls").builtins.formatting.black.with({ command = "${pkgs.black}/bin/black" }),
require("null-ls").builtins.diagnostics.ruff.with({ command = "${pkgs.ruff}/bin/ruff" }),
require("null-ls").builtins.formatting.fish_indent.with({ command = "${pkgs.fish}/bin/fish_indent" }),
require("null-ls").builtins.formatting.nixfmt.with({ command = "${pkgs.nixfmt}/bin/nixfmt" }),
require("null-ls").builtins.formatting.rustfmt.with({ command = "${pkgs.rustfmt}/bin/rustfmt" }),
require("null-ls").builtins.diagnostics.shellcheck.with({ command = "${pkgs.shellcheck}/bin/shellcheck" }),
require("null-ls").builtins.formatting.shfmt.with({
command = "${pkgs.shfmt}/bin/shfmt",
extra_args = { "-i", "4", "-ci" },
}),
${terraformFormat}
},
on_attach = function(client, bufnr)
if client.supports_method("textDocument/formatting") then
-- Auto-format on save
vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
vim.api.nvim_create_autocmd("BufWritePre", {
group = augroup,
buffer = bufnr,
callback = function()
vim.lsp.buf.format({ bufnr = bufnr })
end,
})
-- Use internal formatting for bindings like gq.
vim.api.nvim_create_autocmd("LspAttach", {
callback = function(args)
vim.bo[args.buf].formatexpr = nil
end,
})
end
end,
})
'';
};
on_attach = function(client, bufnr)
if client.supports_method("textDocument/formatting") then
-- Auto-format on save
vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
vim.api.nvim_create_autocmd("BufWritePre", {
group = augroup,
buffer = bufnr,
callback = function()
vim.lsp.buf.format({ bufnr = bufnr })
end,
})
-- Use internal formatting for bindings like gq.
vim.api.nvim_create_autocmd("LspAttach", {
callback = function(args)
vim.bo[args.buf].formatexpr = nil
end,
})
end
end,
})
'';
}

17
modules/common/neovim/config/misc.nix
View File

@ -7,14 +7,11 @@
pkgs.vimPlugins.comment-nvim # Smart comment commands
pkgs.vimPlugins.glow-nvim # Markdown preview popup
pkgs.vimPlugins.nvim-colorizer-lua # Hex color previews
pkgs.vimPlugins.which-key-nvim # Keybind helper
];
# Initialize some plugins
setup.Comment = { };
setup.colorizer = { user_default_options = { names = false; }; };
setup.colorizer = { };
setup.glow = { };
setup.which-key = { };
vim.o = {
termguicolors = true; # Set to truecolor
@ -44,17 +41,11 @@
relativenumber = true; # Relative numbers instead of absolute
};
# For which-key-nvim
vim.o.timeout = true;
vim.o.timeoutlen = 300;
# Better backup, swap and undo storage
vim.o.backup = true; # Easier to recover and more secure
vim.bo.swapfile = false; # Instead of swaps, create backups
vim.bo.undofile = true; # Keeps undos after quit
vim.o.backupdir =
dsl.rawLua ''vim.fn.expand("~/.local/state/nvim/backup//")'';
vim.o.undodir = dsl.rawLua ''vim.fn.expand("~/.local/state/nvim/undo//")'';
vim.o.backupdir = dsl.rawLua ''vim.fn.stdpath("cache") .. "/backup"'';
# Required for nvim-cmp completion
vim.opt.completeopt = [ "menu" "menuone" "noselect" ];
@ -69,6 +60,10 @@
" Remember last position when reopening file
au BufReadPost * if line("'\"") > 0 && line("'\"") <= line("$") | exe "normal! g`\"" | endif
" LaTeX options
au FileType tex inoremap ;bf \textbf{}<Esc>i
au BufWritePost *.tex silent! execute "!pdflatex -output-directory=%:p:h % >/dev/null 2>&1" | redraw!
" Flash highlight when yanking
au TextYankPost * silent! lua vim.highlight.on_yank { timeout = 250 }
'';

5
modules/common/neovim/config/syntax.nix
View File

@ -4,7 +4,6 @@
(pkgs.vimPlugins.nvim-treesitter.withPlugins (_plugins:
with pkgs.tree-sitter-grammars; [
tree-sitter-bash
# tree-sitter-c
tree-sitter-fish
tree-sitter-hcl
tree-sitter-ini
@ -23,9 +22,7 @@
pkgs.vimPlugins.playground # Tree-sitter experimenting
pkgs.vimPlugins.nginx-vim
pkgs.vimPlugins.vim-helm
pkgs.baleia-nvim # Clean ANSI from kitty scrollback
# pkgs.hmts-nvim # Tree-sitter injections for home-manager
(pkgs.vimUtils.buildVimPlugin {
(pkgs.vimUtils.buildVimPluginFrom2Nix {
pname = "nmasur";
version = "0.1";
src = ../plugin;

2
modules/common/neovim/config/telescope.nix
View File

@ -1,7 +1,5 @@
{ pkgs, dsl, ... }: {
# Telescope is a fuzzy finder that can work with different sub-plugins
plugins = [
pkgs.vimPlugins.telescope-nvim
pkgs.vimPlugins.project-nvim

14
modules/common/neovim/config/toggleterm.lua
View File

@ -12,8 +12,6 @@ vim.api.nvim_create_autocmd("TermOpen", {
end,
})
-- These are all the different types of terminals we can trigger
local terminal = require("toggleterm.terminal").Terminal
local basicterminal = terminal:new()
@ -26,5 +24,17 @@ function NIXPKGS_TOGGLE()
nixpkgs:toggle()
end
local gitwatch = terminal:new({ cmd = "fish --interactive --init-command 'gh run watch'" })
function GITWATCH_TOGGLE()
gitwatch:toggle()
end
local k9s = terminal:new({ cmd = "k9s" })
function K9S_TOGGLE()
k9s:toggle()
end
vim.keymap.set("n", "<Leader>t", TERM_TOGGLE)
vim.keymap.set("n", "<Leader>P", NIXPKGS_TOGGLE)
vim.keymap.set("n", "<Leader>gw", GITWATCH_TOGGLE)
vim.keymap.set("n", "<Leader>9", K9S_TOGGLE)

10
modules/common/neovim/config/toggleterm.nix
View File

@ -1,6 +1,4 @@
{ pkgs, dsl, config, ... }: {
# Toggleterm provides a floating terminal inside the editor for quick access
{ pkgs, dsl, ... }: {
plugins = [ pkgs.vimPlugins.toggleterm-nvim ];
@ -10,10 +8,6 @@
direction = "float";
};
lua = ''
${builtins.readFile ./toggleterm.lua}
${if config.github then (builtins.readFile ./github.lua) else ""}
${if config.kubernetes then (builtins.readFile ./kubernetes.lua) else ""}
'';
lua = builtins.readFile ./toggleterm.lua;
}

21
modules/common/neovim/config/tree.nix
View File

@ -1,7 +1,5 @@
{ pkgs, dsl, ... }: {
# This plugin creates a side drawer for navigating the current project
plugins = [ pkgs.vimPlugins.nvim-tree-lua pkgs.vimPlugins.nvim-web-devicons ];
# Disable netrw eagerly
@ -12,16 +10,16 @@
};
setup.nvim-tree = {
disable_netrw = true; # Disable the built-in file manager
hijack_netrw = true; # Works as the file manager
sync_root_with_cwd = true; # Change project whenever currend dir changes
respect_buf_cwd = true; # Change to exact location of focused buffer
update_focused_file = { # Change project based on the focused buffer
disable_netrw = true;
hijack_netrw = true;
sync_root_with_cwd = true;
respect_buf_cwd = true;
update_focused_file = {
enable = true;
update_root = true;
ignore_list = { };
};
diagnostics = { # Enable LSP and linter integration
diagnostics = {
enable = true;
icons = {
hint = "";
@ -30,7 +28,7 @@
error = "";
};
};
renderer = { # Show files with changes vs. current commit
renderer = {
icons = {
glyphs = {
git = {
@ -45,7 +43,6 @@
};
};
};
# Set keybinds and initialize program
on_attach = dsl.rawLua ''
function (bufnr)
local api = require('nvim-tree.api')
@ -61,15 +58,15 @@
vim.keymap.set('n', 'v', api.node.open.vertical, opts('Open: Vertical Split'))
end
'';
view = { # Set look and feel
view = {
width = 30;
hide_root_folder = false;
side = "left";
number = false;
relativenumber = false;
};
};
# Toggle the sidebar
lua = ''
vim.keymap.set("n", "<Leader>e", ":NvimTreeFindFileToggle<CR>", { silent = true })
'';

24
modules/common/neovim/default.nix
View File

@ -5,9 +5,6 @@ let
neovim = import ./package {
inherit pkgs;
colors = config.theme.colors;
terraform = config.terraform.enable;
github = true;
kubernetes = config.kubernetes.enable;
};
in {
@ -21,17 +18,11 @@ in {
home.packages = [ neovim ];
# Use Neovim as the editor for git commit messages
programs.git.extraConfig.core.editor = "nvim";
programs.jujutsu.settings.ui.editor = "nvim";
# Set Neovim as the default app for text editing and manual pages
home.sessionVariables = {
EDITOR = "nvim";
MANPAGER = "nvim +Man!";
};
# Create quick aliases for launching Neovim
programs.fish = {
shellAliases = { vim = "nvim"; };
shellAbbrs = {
@ -40,20 +31,12 @@ in {
vll = "nvim -c 'Telescope oldfiles'";
};
};
programs.kitty.settings.scrollback_pager = lib.mkForce ''
${neovim}/bin/nvim -c 'setlocal nonumber nolist showtabline=0 foldcolumn=0|Man!' -c "autocmd VimEnter * normal G" -'';
# Set Neovim as the kitty terminal "scrollback" (vi mode) option.
# Requires removing some of the ANSI escape codes that are sent to the
# scrollback using sed and baleia, as well as removing several
# unnecessary features.
programs.kitty.settings.scrollback_pager = ''
$SHELL -c 'sed -r "s/[[:cntrl:]]\]133;[AC]..//g" | ${neovim}/bin/nvim -c "setlocal nonumber norelativenumber nolist laststatus=0" -c "lua baleia = require(\"baleia\").setup({}); baleia.once(0)" -c "map <silent> q :qa!<CR>" -c "autocmd VimEnter * normal G"' '';
# Create a desktop option for launching Neovim from a file manager
# (Requires launching the terminal and then executing Neovim)
xdg.desktopEntries.nvim = lib.mkIf pkgs.stdenv.isLinux {
name = "Neovim wrapper";
exec = "kitty nvim %F";
mimeType = [ "text/plain" "text/markdown" ];
};
xdg.mimeApps.defaultApplications = lib.mkIf pkgs.stdenv.isLinux {
"text/plain" = [ "nvim.desktop" ];
@ -62,6 +45,9 @@ in {
};
# # Used for icons in Vim
# fonts.fonts = with pkgs; [ nerdfonts ];
};
}

7
modules/common/neovim/lua/keybinds.lua
View File

@ -39,6 +39,7 @@ key("n", "<Leader>fs", ":write<CR>")
key("n", "<Leader>fd", ":lcd %:p:h<CR>", { silent = true })
key("n", "<Leader>fu", ":lcd ..<CR>", { silent = true })
key("n", "<Leader><Tab>", ":b#<CR>", { silent = true })
key("n", "<Leader>gr", ":!gh repo view -w<CR><CR>", { silent = true })
key("n", "<Leader>tt", [[<Cmd>exe 'edit $NOTES_PATH/journal/'.strftime("%Y-%m-%d_%a").'.md'<CR>]])
key("n", "<Leader>jj", ":!journal<CR>:e<CR>")
@ -64,12 +65,6 @@ key("n", "<C-Down>", ":resize -2<CR>", { silent = true })
key("n", "<C-Left>", ":vertical resize -2<CR>", { silent = true })
key("n", "<C-Right>", ":vertical resize +2<CR>", { silent = true })
-- Quickfix
key("n", "]q", ":cnext<CR>")
key("n", "[q", ":cprevious<CR>")
key("n", "co", ":copen<CR>")
key("n", "cq", ":cclose<CR>")
-- Other
key("n", "<A-CR>", ":noh<CR>", { silent = true }) --- Clear search in VimWiki
key("n", "Y", "y$") --- Copy to end of line

4
modules/common/neovim/package/default.nix
View File

@ -26,13 +26,13 @@
# ] ++ extraConfig;
# }
{ pkgs, colors, terraform ? false, github ? false, kubernetes ? false, ... }:
{ pkgs, colors, ... }:
# Comes from nix2vim overlay:
# https://github.com/gytis-ivaskevicius/nix2vim/blob/master/lib/neovim-builder.nix
pkgs.neovimBuilder {
package = pkgs.neovim-unwrapped;
inherit colors terraform github kubernetes;
inherit colors;
imports = [
../config/align.nix
../config/bufferline.nix

1
modules/common/programming/default.nix
View File

@ -6,7 +6,6 @@
./lua.nix
./nix.nix
./python.nix
./rust.nix
./terraform.nix
];

17
modules/common/programming/rust.nix
View File

@ -1,17 +0,0 @@
{ config, pkgs, lib, ... }: {
options.rust.enable = lib.mkEnableOption "Rust programming language.";
config = lib.mkIf config.rust.enable {
home-manager.users.${config.user} = {
programs.fish.shellAbbrs = { ca = "cargo"; };
home.packages = with pkgs; [ cargo rustc clippy gcc ];
};
};
}

1
modules/common/programming/terraform.nix
View File

@ -3,7 +3,6 @@
options.terraform.enable = lib.mkEnableOption "Terraform tools.";
config = lib.mkIf config.terraform.enable {
unfreePackages = [ "terraform" ];
home-manager.users.${config.user} = {
programs.fish.shellAbbrs = {

11
modules/common/repositories/dotfiles.nix
View File

@ -1,7 +1,5 @@
{ config, pkgs, lib, ... }: {
# Allows me to make sure I can work on my dotfiles locally
options.dotfiles.enable = lib.mkEnableOption "Clone dotfiles.";
config = lib.mkIf config.dotfiles.enable {
@ -16,8 +14,13 @@
[ "writeBoundary" ] ''
if [ ! -d "${config.dotfilesPath}" ]; then
$DRY_RUN_CMD mkdir --parents $VERBOSE_ARG $(dirname "${config.dotfilesPath}")
$DRY_RUN_CMD ${pkgs.git}/bin/git \
clone ${config.dotfilesRepo} "${config.dotfilesPath}"
# Force HTTPS because anonymous SSH doesn't work
GIT_CONFIG_COUNT=1 \
GIT_CONFIG_KEY_0="url.https://github.com/.insteadOf" \
GIT_CONFIG_VALUE_0="git@github.com:" \
$DRY_RUN_CMD \
${pkgs.git}/bin/git clone ${config.dotfilesRepo} "${config.dotfilesPath}"
fi
'';

3
modules/common/repositories/notes.nix
View File

@ -1,8 +1,5 @@
{ config, ... }: {
# This is just a placeholder as I expect to interact with my notes in a
# certain location
home-manager.users.${config.user} = {
home.sessionVariables = {

39
modules/common/shell/atuin.nix
View File

@ -1,39 +0,0 @@
{ config, lib, ... }: {
# Shell history sync
options.atuin.enable = lib.mkEnableOption "Atuin";
config = {
home-manager.users.${config.user} = lib.mkIf config.atuin.enable {
programs.atuin = {
enable = true;
flags = [ "--disable-up-arrow" "--disable-ctrl-r" ];
settings = {
auto_sync = true;
update_check = false;
sync_address = "https://api.atuin.sh";
search_mode = "fuzzy";
filter_mode = "host"; # global, host, session, directory
search_mode_shell_up_key_binding = "fuzzy";
filter_mode_shell_up_key_binding = "session";
style = "compact"; # or auto,full
show_help = true;
history_filter = [ ];
secrets_filter = true;
enter_accept = false;
keymap_mode = "vim-normal";
};
};
};
# Give root user the same setup
home-manager.users.root.programs.atuin =
config.home-manager.users.${config.user}.programs.atuin;
};
}

26
modules/common/shell/bash/scripts/docker-cleanup.sh
View File

@ -1,26 +0,0 @@
#!/bin/sh
# Stop all containers
if [ "$(docker ps -a -q)" ]; then
echo "Stopping docker containers..."
docker stop "$(docker ps -a -q)"
else
echo "No running docker containers."
fi
# Remove all stopped containers
if [ "$(docker ps -a -q)" ]; then
echo "Removing docker containers..."
docker rm "$(docker ps -a -q)"
else
echo "No stopped docker containers."
fi
# Remove all untagged images
if docker images | grep -q "^<none>"; then
docker rmi "$(docker images | grep "^<none>" | awk '{print $3}')"
else
echo "No untagged docker images."
fi
echo "Cleaned up docker."

3
modules/common/shell/charm.nix
View File

@ -1,7 +1,5 @@
{ config, pkgs, lib, ... }: {
# Convenience utilities from charm.sh
options.charm.enable = lib.mkEnableOption "Charm utilities.";
config.home-manager.users.${config.user} = lib.mkIf config.charm.enable {
@ -10,7 +8,6 @@
glow # Markdown previews
skate # Key-value store
charm # Manage account and filesystem
pop # Send emails from a TUI
];
};

2
modules/common/shell/default.nix
View File

@ -1,6 +1,5 @@
{ ... }: {
imports = [
./atuin.nix
./bash
./charm.nix
./direnv.nix
@ -8,7 +7,6 @@
./fzf.nix
./git.nix
./github.nix
./jujutsu.nix
./nixpkgs.nix
./starship.nix
./utilities.nix

17
modules/common/shell/direnv.nix
View File

@ -1,28 +1,11 @@
{ config, ... }: {
# Enables quickly entering Nix shells when changing directories
home-manager.users.${config.user}.programs.direnv = {
enable = true;
nix-direnv.enable = true;
config = { whitelist = { prefix = [ config.dotfilesPath ]; }; };
};
# programs.direnv.direnvrcExtra = ''
# layout_postgres() {
# export PGDATA="$(direnv_layout_dir)/postgres"
# export PGHOST="$PGDATA"
#
# if [[ ! -d "PGDATA" ]]; then
# initdb
# cat >> "$PGDATA/postgres.conf" <<- EOF
# listen_addresses = '''
# unix_socket_directories = '$PGHOST'
# EOF
# echo "CREATE DATABASE $USER;" | postgres --single -E postgres
# fi
# }
# '';
# Prevent garbage collection
nix.extraOptions = ''
keep-outputs = true

16
modules/common/shell/fish/default.nix
View File

@ -1,24 +1,19 @@
{ config, pkgs, lib, ... }: {
users.users.${config.user}.shell = pkgs.fish;
programs.fish.enable = true; # Needed for LightDM to remember username
programs.fish.enable =
true; # Needed for LightDM to remember username (TODO: fix)
home-manager.users.${config.user} = {
# Packages used in abbreviations and aliases
home.packages = with pkgs; [ curl ];
home.packages = with pkgs; [ curl exa ];
programs.fish = {
enable = true;
shellAliases = {
# Version of bash which works much better on the terminal
bash = "${pkgs.bashInteractive}/bin/bash";
# Use eza (exa) instead of ls for fancier output
ls = "${pkgs.eza}/bin/eza --group";
# Move files to XDG trash on the commandline
ls = "exa";
trash = lib.mkIf pkgs.stdenv.isLinux "${pkgs.trash-cli}/bin/trash-put";
};
functions = {
@ -123,6 +118,9 @@
dr = "docker run --rm -it";
db = "docker build . -t";
# Rust
ca = "cargo";
};
shellInit = "";
};

2
modules/common/shell/fish/functions/fish_user_key_bindings.fish
View File

@ -18,5 +18,3 @@ bind -M insert \cn 'commandline -r "nix shell nixpkgs#"'
bind -M default \cn 'commandline -r "nix shell nixpkgs#"'
bind -M insert \x11F nix-fzf
bind -M default \x11F nix-fzf
bind -M insert \ch _atuin_search --filter-mode global
bind -M default \ch _atuin_search --filter-mode global

9
modules/common/shell/fzf.nix
View File

@ -1,6 +1,4 @@
{ config, pkgs, ... }: {
# FZF is a fuzzy-finder for the terminal
{ config, ... }: {
home-manager.users.${config.user} = {
@ -16,9 +14,10 @@
--search-path $HOME/dev \
--type directory \
--exact-depth 2 \
| ${pkgs.proximity-sort}/bin/proximity-sort $PWD \
| sed 's/\\/$//' \
| fzf --tiebreak=index \
| fzf \
--delimiter '/' \
--with-nth 6.. \
)
and cd $projdir
and commandline -f execute

13
modules/common/shell/git.nix
View File

@ -35,20 +35,8 @@ in {
init = { defaultBranch = "master"; };
};
ignores = [ ".direnv/**" "result" ];
includes = [{
path = "~/.config/git/personal";
condition = "gitdir:~/dev/personal/";
}];
};
# Personal git config
# TODO: fix with variables
xdg.configFile."git/personal".text = ''
[user]
name = "Noah Masur"
email = "7386960+nmasur@users.noreply.github.com"
'';
programs.fish.shellAbbrs = {
g = "git";
gs = "git status";
@ -70,7 +58,6 @@ in {
git switch (git symbolic-ref refs/remotes/origin/HEAD | cut -d"/" -f4)'';
gcob = "git switch -c";
gb = "git branch";
gpd = "git push origin -d";
gbd = "git branch -d";
gbD = "git branch -D";
gr = "git reset";

6
modules/common/shell/github.nix
View File

@ -5,9 +5,8 @@
programs.gh =
lib.mkIf config.home-manager.users.${config.user}.programs.git.enable {
enable = true;
gitCredentialHelper.enable = true;
enableGitCredentialHelper = true;
settings.git_protocol = "https";
extensions = [ pkgs.gh-collaborators ];
};
programs.fish =
@ -15,7 +14,7 @@
shellAbbrs = {
ghr = "gh repo view -w";
gha =
"gh run list | head -1 | awk '{ print \\$\\(NF-2\\) }' | xargs gh run view";
"gh run list | head -1 | awk '{ print $(NF-2) }' | xargs gh run view";
grw = "gh run watch";
grf = "gh run view --log-failed";
grl = "gh run view --log";
@ -57,7 +56,6 @@
| fzf \
--header-lines=1 \
--layout=reverse \
--height=100% \
--bind "ctrl-o:execute:gh repo view -w ''${organization}/{1}" \
--bind "shift-up:preview-half-page-up" \
--bind "shift-down:preview-half-page-down" \

21
modules/common/shell/jujutsu.nix
View File

@ -1,21 +0,0 @@
{ config, ... }: {
config = {
home-manager.users.${config.user}.programs.jujutsu = {
enable = true;
enableFishIntegration = true;
# https://github.com/martinvonz/jj/blob/main/docs/config.md
settings = {
user = {
name = config.home-manager.users.${config.user}.programs.git.userName;
email =
config.home-manager.users.${config.user}.programs.git.userEmail;
};
};
};
};
}

19
modules/common/shell/nixpkgs.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, lib, ... }: {
{ config, pkgs, ... }: {
home-manager.users.${config.user} = {
programs.fish = {
@ -60,24 +60,12 @@
enableFishIntegration = true;
};
# Create nix-index if doesn't exist
home.activation.createNixIndex =
let cacheDir = "${config.homePath}/.cache/nix-index";
in lib.mkIf
config.home-manager.users.${config.user}.programs.nix-index.enable
(config.home-manager.users.${config.user}.lib.dag.entryAfter
[ "writeBoundary" ] ''
if [ ! -d ${cacheDir} ]; then
$DRY_RUN_CMD ${pkgs.nix-index}/bin/nix-index -f ${pkgs.path}
fi
'');
};
nix = {
# Set channel to flake packages, used for nix-shell commands
nixPath = [{ nixpkgs = pkgs.path; }];
nixPath = [ "nixpkgs=${pkgs.path}" ];
# Set registry to this flake's packages, used for nix X commands
registry.nixpkgs.to = {
@ -85,9 +73,6 @@
path = builtins.toString pkgs.path;
};
# For security, only allow specific users
settings.allowed-users = [ "@wheel" config.user ];
};
}

13
modules/common/shell/utilities.nix
View File

@ -23,10 +23,7 @@ in {
dig # DNS lookup
fd # find
htop # Show system processes
killall # Force quit
inetutils # Includes telnet, whois
jless # JSON viewer
jo # JSON output
jq # JSON manipulation
lf # File viewer
qrencode # Generate qr codes
@ -37,20 +34,16 @@ in {
tree # View directory hierarchy
vimv-rs # Batch rename files
unzip # Extract zips
dua # File sizes (du)
du-dust # Disk usage tree (ncdu)
duf # Basic disk information (df)
];
programs.zoxide.enable = true; # Shortcut jump command
home.file = {
".rgignore".text = ignorePatterns;
".fdignore".text = ignorePatterns;
".digrc".text = "+noall +answer"; # Cleaner dig commands
};
xdg.configFile."fd/ignore".text = ignorePatterns;
programs.bat = {
enable = true; # cat replacement
config = {
@ -59,6 +52,10 @@ in {
};
};
programs.fish.shellAbbrs = {
cat = "bat"; # Swap cat with bat
};
programs.fish.functions = {
ping = {
description = "Improved ping";

10
modules/darwin/hammerspoon.nix
View File

@ -20,22 +20,12 @@
};
xdg.configFile."hammerspoon/Spoons/MoveWindow.spoon".source =
./hammerspoon/Spoons/MoveWindow.spoon;
home.activation.reloadHammerspoon =
config.home-manager.users.${config.user}.lib.dag.entryAfter
[ "writeBoundary" ] ''
$DRY_RUN_CMD /Applications/Hammerspoon.app/Contents/Frameworks/hs/hs -c "hs.reload()"
$DRY_RUN_CMD sleep 1
$DRY_RUN_CMD /Applications/Hammerspoon.app/Contents/Frameworks/hs/hs -c "hs.console.clearConsole()"
'';
};
homebrew.casks = [ "hammerspoon" ];
system.activationScripts.postUserActivation.text = ''
defaults write org.hammerspoon.Hammerspoon MJConfigFile "~/.config/hammerspoon/init.lua"
sudo killall Dock
'';
};

15
modules/darwin/hammerspoon/Spoons/Launcher.spoon/init.lua
View File

@ -54,19 +54,14 @@ function obj:init()
end)
-- Launcher shortcuts
self.launcher:bind("ctrl", "space", function() end)
self.launcher:bind("ctrl", "space", function()
end)
self.launcher:bind("", "return", function()
self:switch("@kitty@")
end)
self.launcher:bind("", "C", function()
self:switch("Calendar.app")
end)
self.launcher:bind("shift", "D", function()
hs.execute("launchctl remove com.paloaltonetworks.gp.pangps")
hs.execute("launchctl remove com.paloaltonetworks.gp.pangpa")
hs.alert.show("Disconnected from GlobalProtect", nil, nil, 4)
self.launcher:exit()
end)
self.launcher:bind("", "E", function()
self:switch("Mail.app")
end)
@ -85,12 +80,6 @@ function obj:init()
self.launcher:bind("", "P", function()
self:switch("System Preferences.app")
end)
self.launcher:bind("shift", "P", function()
hs.execute("launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist")
hs.execute("launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist")
hs.alert.show("Reconnecting to GlobalProtect", nil, nil, 4)
self.launcher:exit()
end)
self.launcher:bind("", "R", function()
hs.console.clearConsole()
hs.reload()

9
modules/darwin/hammerspoon/Spoons/MoveWindow.spoon/worklayout.lua
View File

@ -55,15 +55,6 @@ local function worklayout()
local layout = concat(left, right, laptop)
hs.layout.apply(layout)
end)
-- Reload Hammerspoon whenever layout changes
hs.screen.watcher.new(function()
-- Pause for 5 seconds to give time for layout to change
hs.timer.doAfter(5, function()
-- Perform the actual reload
hs.reload()
end)
end)
end
return worklayout

1
modules/darwin/hammerspoon/init.lua
View File

@ -1,4 +1,3 @@
hs.ipc.cliInstall() -- Install Hammerspoon CLI program
hs.loadSpoon("ControlEscape"):start() -- Load Hammerspoon bits from https://github.com/jasonrudolph/ControlEscape.spoon
hs.loadSpoon("Launcher"):init()
hs.loadSpoon("DismissAlerts"):init()

22
modules/darwin/homebrew.nix
View File

@ -8,15 +8,11 @@
if ! xcode-select --version 2>/dev/null; then
$DRY_RUN_CMD xcode-select --install
fi
if ! /opt/homebrew/bin/brew --version 2>/dev/null; then
if ! /usr/local/bin/brew --version 2>/dev/null; then
$DRY_RUN_CMD /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
fi
'';
# Add homebrew paths to CLI path
home-manager.users.${config.user}.home.sessionPath =
[ "/opt/homebrew/bin/" ];
homebrew = {
enable = true;
onActivation = {
@ -28,22 +24,24 @@
brewfile = true; # Run brew bundle from anywhere
lockfiles = false; # Don't save lockfile (since running from anywhere)
};
taps = [
"homebrew/cask" # Required for casks
"homebrew/cask-drivers" # Used for Logitech G-Hub
];
brews = [
"trash" # Delete files and folders to trash instead of rm
"openjdk" # Required by Apache Directory Studio
];
casks = [
"1password" # 1Password will not launch from Nix on macOS
"1password" # 1Password packaging on Nix is broken for macOS
"apache-directory-studio" # Packaging on Nix is not available for macOS
# "gitify" # Git notifications in menu bar (downgrade manually from 4.6.1)
"gitify" # Git notifications in menu bar
"keybase" # GUI on Nix not available for macOS
# "logitech-g-hub" # Mouse and keyboard management
"logitune" # Logitech webcam firmware
"logitech-g-hub" # Mouse and keyboard management
"meetingbar" # Show meetings in menu bar
# "obsidian" # Obsidian packaging on Nix is not available for macOS
"obsidian" # Obsidian packaging on Nix is not available for macOS
"scroll-reverser" # Different scroll style for mouse vs. trackpad
# "steam" # Not packaged for Nix
# "epic-games" # Not packaged for Nix
"steam" # Not packaged for Nix
];
};

2
modules/darwin/networking.nix
View File

@ -2,7 +2,7 @@
config = lib.mkIf pkgs.stdenv.isDarwin {
networking = {
computerName = config.networking.hostName;
computerName = "${config.fullName}'\\''s Mac";
# Adjust if necessary
# hostName = "";
};

25
modules/darwin/system.nix
View File

@ -34,8 +34,8 @@
# Enable full keyboard access for all controls (e.g. enable Tab in modal dialogs)
AppleKeyboardUIMode = 3;
# Only hide menu bar in fullscreen
_HIHideMenuBar = false;
# Automatically show and hide the menu bar
_HIHideMenuBar = true;
# Expand save panel by default
NSNavPanelExpandedStateForSaveMode = true;
@ -154,15 +154,11 @@
echo "Show the ~/Library folder"
chflags nohidden ~/Library
if [ ! $(defaults read com.apple.dock magnification) = "1" ]; then
echo "Enable dock magnification"
defaults write com.apple.dock magnification -bool true
fi
echo "Enable dock magnification"
defaults write com.apple.dock magnification -bool true
if [ ! $(defaults read com.apple.dock largesize) = "48" ]; then
echo "Set dock magnification size"
defaults write com.apple.dock largesize -int 48
fi
echo "Set dock magnification size"
defaults write com.apple.dock largesize -int 48
echo "Define dock icon function"
__dock_item() {
@ -184,16 +180,9 @@
"$(__dock_item /System/Applications/Mail.app)" \
"$(__dock_item /Applications/zoom.us.app)" \
"$(__dock_item ${pkgs.discord}/Applications/Discord.app)" \
"$(__dock_item ${pkgs.obsidian}/Applications/Obsidian.app)" \
"$(__dock_item /Applications/Obsidian.app)" \
"$(__dock_item ${pkgs.kitty}/Applications/kitty.app)" \
"$(__dock_item /System/Applications/System\ Settings.app)"
echo "MeetingBar settings"
defaults write leits.MeetingBar eventTimeFormat -string "\"show\""
defaults write leits.MeetingBar eventTitleFormat -string "\"none\""
defaults write leits.MeetingBar eventTitleIconFormat -string "\"iconCalendar\""
defaults write leits.MeetingBar slackBrowser -string "{\"deletable\":true,\"arguments\":\"\",\"name\":\"Slack\",\"path\":\"\"}"
defaults write leits.MeetingBar zoomBrowser -string "{\"deletable\":true,\"arguments\":\"\",\"name\":\"Zoom\",\"path\":\"\"}"
'';
};

14
modules/darwin/user.nix
View File

@ -9,19 +9,13 @@
};
# Used for aerc
home-manager.users.${config.user} = {
# Default shell setting doesn't work
home.sessionVariables = { SHELL = "${pkgs.fish}/bin/fish"; };
# Used for aerc
xdg.enable = true;
home.sessionVariables = {
XDG_CONFIG_HOME = "${config.homePath}/.config";
};
};
# Fix for: 'Error: HOME is set to "/var/root" but we expect "/var/empty"'
home-manager.users.root.home.homeDirectory = lib.mkForce "/var/root";
};
}

6
modules/darwin/utilities.nix
View File

@ -2,8 +2,6 @@
{
unfreePackages = [ "consul" "vault-bin" ];
home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin {
home.packages = with pkgs; [
@ -13,13 +11,11 @@
youtube-dl # Convert web videos
pandoc # Convert text documents
mpd # TUI slideshows
mpv # Video player
gnupg # Encryption
awscli2
awslogs
google-cloud-sdk
ansible
vault-bin
vault
consul
noti # Create notifications programmatically
ipcalc # Make IP network calculations

2
modules/nixos/applications/calibre.nix
View File

@ -14,8 +14,6 @@
home.packages = with pkgs; [ calibre ];
# home.sessionVariables = { CALIBRE_USE_DARK_PALETTE = 1; };
};
# Forces Calibre to use dark mode
environment.sessionVariables = { CALIBRE_USE_DARK_PALETTE = "1"; };
};
}

12
modules/nixos/applications/nautilus.nix
View File

@ -18,14 +18,12 @@
home-manager.users.${config.user} = {
# Quick button for launching nautilus
xsession.windowManager.i3.config.keybindings = {
"${
config.home-manager.users.${config.user}.xsession.windowManager.i3.config.modifier
}+n" = "exec --no-startup-id ${pkgs.gnome.nautilus}/bin/nautilus";
};
# Generates a QR code and previews it with sushi
programs.fish.functions = {
qr = {
body =
@ -33,7 +31,7 @@
};
};
# Set Nautilus as default for opening directories
# Set default for opening directories
xdg.mimeApps = {
associations.added."inode/directory" = [ "org.gnome.Nautilus.desktop" ];
# associations.removed = {
@ -42,7 +40,6 @@
defaultApplications."inode/directory" =
lib.mkBefore [ "org.gnome.Nautilus.desktop" ];
};
};
# # Set default for opening directories
@ -53,13 +50,6 @@
# lib.mkForce [ "org.gnome.Nautilus.desktop" ];
# };
# Delete Trash files older than 1 week
systemd.user.services.empty-trash = {
description = "Empty Trash on a regular basis";
wantedBy = [ "default.target" ];
script = "${pkgs.trash-cli}/bin/trash-empty 7";
};
};
}

9
modules/nixos/gaming/steam.nix
View File

@ -22,15 +22,6 @@
];
# Adapted in part from: https://github.com/Shawn8901/nix-configuration/blob/1c48be94238a9f463cf0bbd1e1842a4454286514/modules/nixos/steam-compat-tools/default.nix
# Based on: https://github.com/NixOS/nixpkgs/issues/73323
environment.sessionVariables.STEAM_EXTRA_COMPAT_TOOLS_PATHS =
lib.makeBinPath [ pkgs.proton-ge-custom ];
# Seems like NetworkManager can help speed up Steam launch
# https://www.reddit.com/r/archlinux/comments/qguhco/steam_startup_time_arch_1451_seconds_fedora_34/hi8opet/
networking.networkmanager.enable = true;
};
}

1
modules/nixos/graphical/default.nix
View File

@ -3,7 +3,6 @@
imports = [
./dunst.nix
./fonts.nix
./gtk.nix
./i3.nix
./picom.nix
./polybar.nix

2
modules/nixos/graphical/fonts.nix
View File

@ -6,7 +6,7 @@ in {
config = lib.mkIf (config.gui.enable && pkgs.stdenv.isLinux) {
fonts.packages = with pkgs; [
fonts.fonts = with pkgs; [
victor-mono # Used for Vim and Terminal
(nerdfonts.override { fonts = [ "Hack" ]; }) # For Polybar, Rofi
];

51
modules/nixos/graphical/gtk.nix
View File

@ -1,51 +0,0 @@
{ config, pkgs, lib, ... }: {
options = {
gtk.theme = {
name = lib.mkOption {
type = lib.types.str;
description = "Theme name for GTK applications";
};
package = lib.mkOption {
type = lib.types.package;
description = "Theme package for GTK applications";
default = pkgs.gnome-themes-extra;
};
};
};
config = lib.mkIf config.gui.enable {
home-manager.users.${config.user} = {
gtk = let
gtkExtraConfig = {
gtk-application-prefer-dark-theme = config.theme.dark;
};
in {
enable = true;
theme = {
name = config.gtk.theme.name;
package = config.gtk.theme.package;
};
gtk3.extraConfig = gtkExtraConfig;
gtk4.extraConfig = gtkExtraConfig;
};
};
# Required for setting GTK theme (for preferred-color-scheme in browser)
services.dbus.packages = [ pkgs.dconf ];
programs.dconf.enable = true;
# Make the login screen dark
services.xserver.displayManager.lightdm.greeters.gtk.theme = {
name = config.gtk.theme.name;
package = config.gtk.theme.package;
};
environment.sessionVariables = { GTK_THEME = config.gtk.theme.name; };
};
}

12
modules/nixos/graphical/i3.nix
View File

@ -45,7 +45,7 @@ in {
{ class = "obsidian"; }
];
"${ws3}" = [{ class = "discord"; }];
"${ws4}" = [ { class = "steam"; } { class = "Steam"; } ];
"${ws4}" = [{ class = "Steam"; }];
};
bars = [{ command = "echo"; }]; # Disable i3bar
colors = let
@ -95,15 +95,13 @@ in {
# Adjust screen brightness
"Shift+F12" =
# Disable dynamic sleep
# https://github.com/rockowitz/ddcutil/issues/323
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 + 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 + 30";
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 + 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 + 30";
"Shift+F11" =
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 - 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 - 30";
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 - 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 - 30";
"XF86MonBrightnessUp" =
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 + 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 + 30";
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 + 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 + 30";
"XF86MonBrightnessDown" =
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 - 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 - 30";
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 - 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 - 30";
# Media player controls
"XF86AudioPlay" = "exec ${pkgs.playerctl}/bin/playerctl play-pause";

33
modules/nixos/graphical/polybar.nix
View File

@ -36,7 +36,7 @@
module-margin = 1;
modules-left = "i3";
modules-center = "xwindow";
modules-right = "mailcount network pulseaudio date keyboard power";
modules-right = "mailcount pulseaudio date power";
cursor-click = "pointer";
cursor-scroll = "ns-resize";
enable-ipc = true;
@ -106,14 +106,8 @@
interval = 10;
format = "<label>";
exec = builtins.toString (pkgs.writeShellScript "mailcount.sh" ''
${pkgs.notmuch}/bin/notmuch new --quiet 2>&1>/dev/null
UNREAD=$(
${pkgs.notmuch}/bin/notmuch count \
is:inbox and \
is:unread and \
folder:main/Inbox \
2>/dev/null
)
${pkgs.notmuch}/bin/notmuch new > /dev/null
UNREAD=$(${pkgs.notmuch}/bin/notmuch count is:inbox and is:unread and folder:main/Inbox)
if [ $UNREAD = "0" ]; then
echo ""
else
@ -124,16 +118,6 @@
"i3-msg 'exec --no-startup-id kitty --class aerc aerc'; sleep 0.15; i3-msg '[class=aerc] focus'";
};
"module/network" = {
type = "internal/network";
interface-type = "wired";
interval = 3;
accumulate-stats = true;
format-connected = "<label-connected>";
format-disconnected = "<label-disconnected>";
label-connected = "";
label-disconnected = "";
};
"module/pulseaudio" = {
type = "internal/pulseaudio";
# format-volume-prefix = "VOL ";
@ -143,10 +127,10 @@
# label-volume-background = colors.background;
format-volume-foreground = config.theme.colors.base0B;
label-volume = "%percentage%%";
label-muted = "󰝟 ---";
label-muted = " ---";
label-muted-foreground = config.theme.colors.base03;
ramp-volume-0 = "";
ramp-volume-1 = "󰕾";
ramp-volume-1 = "";
ramp-volume-2 = "";
click-right = config.audioSwitchCommand;
};
@ -200,17 +184,10 @@
label-foreground = config.theme.colors.base0A;
# format-background = colors.background;
};
"module/keyboard" = {
type = "custom/text";
content = "󰌌";
click-left = "doas systemctl restart keyd";
content-foreground = config.theme.colors.base04;
};
"module/power" = {
type = "custom/text";
content = " ";
click-left = config.powerCommand;
click-right = "polybar-msg cmd restart";
content-foreground = config.theme.colors.base04;
};
"settings" = {

2
modules/nixos/graphical/rofi.nix
View File

@ -59,7 +59,7 @@ in {
border = mkLiteral "0px";
border-radius = mkLiteral "0px";
border-color = mkLiteral config.theme.colors.base04;
children = map mkLiteral [ "inputbar" "message" "listview" ];
children = map mkLiteral [ "inputbar" "listview" ];
spacing = mkLiteral "10px";
padding = mkLiteral "10px";
};

7
modules/nixos/graphical/rofi/brightness.nix
View File

@ -28,18 +28,17 @@ in {
-sep ';' \
-selected-row 1)
case "$chosen" in
"$dimmer")
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 25; ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 25
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 25; ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 25
;;
"$medium")
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 75; ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 75
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 75; ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 75
;;
"$brighter")
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 100; ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 100
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 100; ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 100
;;
*) exit 1 ;;

14
modules/nixos/graphical/rofi/power.nix
View File

@ -25,23 +25,21 @@ in {
| ${rofi}/bin/rofi \
-theme-str '@import "power.rasi"' \
-hover-select \
-me-select-entry "" \
-me-select-entry ''' \
-me-accept-entry MousePrimary \
-dmenu \
-sep ';' \
-selected-row 2)
confirm () {
${builtins.readFile ./rofi-prompt.sh}
}
case "$chosen" in
"$power_off")
confirm 'Shutdown?' && doas shutdown now
${
builtins.toString ./rofi-prompt.sh
} 'Shutdown?' && doas shutdown now
;;
"$reboot")
confirm 'Reboot?' && doas reboot
${builtins.toString ./rofi-prompt.sh} 'Reboot?' && doas reboot
;;
"$lock")
@ -53,7 +51,7 @@ in {
;;
"$log_out")
confirm 'Logout?' && i3-msg exit
${builtins.toString ./rofi-prompt.sh} 'Logout?' && i3-msg exit
;;
*) exit 1 ;;

6
modules/nixos/graphical/rofi/rofi-prompt.sh
View File

@ -32,7 +32,7 @@ done
chosen=$(printf '%s;%s\n' "$yes" "$no" |
rofi -theme-str '@import "prompt.rasi"' \
-hover-select \
-me-select-entry "" \
-me-select-entry '' \
-me-accept-entry MousePrimary \
-p "$query" \
-dmenu \
@ -42,6 +42,6 @@ chosen=$(printf '%s;%s\n' "$yes" "$no" |
-selected-row 1)
case "$chosen" in
"$yes") return 0 ;;
*) return 1 ;;
"$yes") exit 0 ;;
*) exit 1 ;;
esac

21
modules/nixos/graphical/rofi/themes/prompt.rasi
View File

@ -4,13 +4,14 @@
*/
@import "common.rasi"
* {
font: @prompt-text-font;
font: @text-font;
}
#window {
height: @prompt-window-height;
width: @prompt-window-width;
children: [ inputbar, horibox ];
border: @prompt-window-border;
border-color: @accent;
}
#inputbar {
enabled: false;
@ -18,6 +19,8 @@
#prompt {
padding: @prompt-prompt-padding;
margin: @prompt-prompt-margin;
background-color: @accent;
text-color: @background-light;
}
#listview {
padding: @prompt-listview-padding;
@ -28,3 +31,19 @@
font: @prompt-text-font;
padding: @prompt-element-padding;
}
element.alternate.active,
element.normal.active,
element.alternate.urgent,
element.normal.urgent {
background-color: @background-light;
text-color: @foreground;
}
element.selected.urgent {
background-color: @off;
text-color: @background;
}
element.selected.active {
background-color: @on;
text-color: @background;
}

44
modules/nixos/graphical/xorg.nix
View File

@ -1,6 +1,27 @@
{ config, pkgs, lib, ... }: {
config = lib.mkIf config.gui.enable {
options = {
gtk.theme = {
name = lib.mkOption {
type = lib.types.str;
description = "Theme name for GTK applications";
};
package = lib.mkOption {
type = lib.types.str;
description = "Theme package name for GTK applications";
default = "gnome-themes-extra";
};
};
};
config = let
gtkTheme = {
name = config.gtk.theme.name;
package = pkgs."${config.gtk.theme.package}";
};
in lib.mkIf config.gui.enable {
# Enable the X11 windowing system.
services.xserver = {
@ -15,8 +36,10 @@
enable = config.services.xserver.enable;
background = config.wallpaper;
# Make the login screen dark
greeters.gtk.theme = gtkTheme;
# Show default user
# Also make sure /var/lib/AccountsService/users/<user> has SystemAccount=false
extraSeatDefaults = ''
greeter-hide-users = false
'';
@ -31,6 +54,12 @@
xclip # Clipboard
];
# Required for setting GTK theme (for preferred-color-scheme in browser)
services.dbus.packages = [ pkgs.dconf ];
programs.dconf.enable = true;
environment.sessionVariables = { GTK_THEME = config.gtk.theme.name; };
home-manager.users.${config.user} = {
programs.fish.shellAliases = {
@ -38,6 +67,17 @@
pbpaste = "xclip -selection clipboard -out";
};
gtk = let
gtkExtraConfig = {
gtk-application-prefer-dark-theme = config.theme.dark;
};
in {
enable = true;
theme = gtkTheme;
gtk3.extraConfig = gtkExtraConfig;
gtk4.extraConfig = gtkExtraConfig;
};
};
};

2
modules/nixos/hardware/boot.nix
View File

@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }: {
boot.loader = lib.mkIf (config.physical && !config.server) {
boot.loader = lib.mkIf config.physical {
grub = {
enable = true;

13
modules/nixos/hardware/keyboard.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, ... }: {
{ config, ... }: {
config = {
@ -15,18 +15,9 @@
# Use capslock as escape and/or control
services.keyd = {
enable = true;
keyboards = {
default = {
ids = [ "*" ];
settings = { main = { capslock = "overload(control, esc)"; }; };
};
};
settings = { main = { capslock = "overload(control, esc)"; }; };
};
# For some reason, keyd doesn't restart properly when updating
system.activationScripts.keyd.text =
"${pkgs.systemd}/bin/systemctl restart keyd.service";
# Enable num lock on login
home-manager.users.${config.user}.xsession.numlock.enable = true;

18
modules/nixos/hardware/networking.nix
View File

@ -1,8 +1,13 @@
{ config, pkgs, lib, ... }: {
{ config, lib, ... }: {
config = lib.mkIf config.physical {
networking.useDHCP = !config.networking.networkmanager.enable;
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
networking.useDHCP = false;
networking.interfaces.enp5s0.useDHCP = true;
networking.interfaces.wlp4s0.useDHCP = true;
networking.firewall.allowPing = lib.mkIf config.server true;
@ -10,9 +15,6 @@
services.avahi = {
enable = true;
domainName = "local";
ipv6 = false; # Should work either way
# Resolve local hostnames using Avahi DNS
nssmdns4 = true;
publish = {
enable = true;
addresses = true;
@ -21,10 +23,8 @@
};
};
environment.systemPackages = [
(pkgs.writeShellScriptBin "wake-tempest"
"${pkgs.wakeonlan}/bin/wakeonlan --ip=192.168.1.255 74:56:3C:40:37:5D")
];
# Resolve local hostnames using Avahi DNS
services.avahi.nssmdns = true;
};

4
modules/nixos/hardware/server.nix
View File

@ -1,6 +1,6 @@
{ config, lib, ... }: {
{ config, pkgs, lib, ... }: {
config = lib.mkIf config.server {
config = lib.mkIf (pkgs.stdenv.isLinux && config.server) {
# Servers need a bootloader or they won't start
boot.loader.systemd-boot.enable = true;

2
modules/nixos/hardware/sleep.nix
View File

@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }: {
config = lib.mkIf (config.physical && !config.server) {
config = lib.mkIf config.physical {
# Prevent wake from keyboard
powerManagement.powerDownCommands = ''

Some files were not shown because too many files have changed in this diff Show More