noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-07-06 21:20:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: noah:90fd9f54a724d8771ed79ac1ddc40275afe5262d
Branches Tags
noah:master noah:platform noah:home-manager-fix noah:immich-proxy noah:microcode noah:nixd noah:eblume-mole noah:language-checks noah:keyd-2.4.3 noah:sway noah:nixosmodules noah:unfree-predicate-by-pkgs noah:darwin-ssl
noah:pre-platform noah:begin-nixos noah:begin-nix noah:neovim-lua noah:pre-nix noah:legacy
...
compare: noah:master
Branches Tags
noah:master noah:platform noah:home-manager-fix noah:immich-proxy noah:microcode noah:nixd noah:eblume-mole noah:language-checks noah:keyd-2.4.3 noah:sway noah:nixosmodules noah:unfree-predicate-by-pkgs noah:darwin-ssl
noah:pre-platform noah:begin-nixos noah:begin-nix noah:neovim-lua noah:pre-nix noah:legacy

146 Commits
90fd9f54a7 ... master

Author SHA1 Message Date
Noah Masur
ea20d93079 fix: qcow-efi requires specific filesystem label 2025-07-04 22:59:40 -06:00
Noah Masur
b323723115 turn on services for flame 2025-07-05 01:02:46 +00:00
Noah Masur
89b260d12c fix hash output again for caddy 2025-07-03 23:02:36 -06:00
Noah Masur
a0f4380c9f adjust workflow for nixos-anywhere 2025-07-03 23:02:28 -06:00
Noah Masur
0a9774f9fa reenable features for flame 2025-07-03 22:34:50 -06:00
Noah Masur
c569257f03 don't reboot for nixos-anywhere 2025-07-03 20:42:25 -06:00
Noah Masur
d709030211 switch back to /dev/sda for volume path 2025-07-03 20:29:27 -06:00
Noah Masur
ecf6bdda45 fix: must specify network type if launch options 2025-07-03 18:38:13 -06:00
Noah Masur
5e2fca427d try using consistent volume naming for formatting disk 2025-07-03 18:34:09 -06:00
Noah Masur
c5ad3c66ea try fixing serial tty on flame 2025-07-03 18:13:55 -06:00
Noah Masur
6b5a01262e fix: nix-darwin deprecations of useractivationscripts 2025-07-02 18:48:23 -06:00
Noah Masur
d16ed6a4fc try setting more options from the official oci-common example 2025-07-02 17:56:59 -06:00
Noah Masur
6d5b460cb2 update flake lock 2025-07-02 14:57:56 -06:00
Noah Masur
a5b628dd30 fix: homeConfigurations need to be flattened 2025-07-02 14:48:21 -06:00
Noah Masur
5ed6870bdd allow darwin to build linux packages 2025-07-02 14:20:14 -06:00
Noah Masur
26c1c09402 convenience tweaks 2025-07-02 14:19:57 -06:00
Noah Masur
dd00ad6c2e try removing all other features from flame 2025-07-02 11:57:46 -06:00
Noah Masur
192e08a9d9 try systemd-boot instead of grub for flame 2025-07-02 10:47:19 -06:00
Noah Masur
227e6a68af try different disko config without lvm 2025-07-01 22:46:27 -06:00
Noah Masur
444ede2074 try using disko to format for nixos-anywhere 2025-07-01 18:19:14 -06:00
Noah Masur
c31fe46b61 try disabling some extra flame settings 2025-07-01 16:59:11 -06:00
Noah Masur
28d9806720 fix: duplicate filesystems declaration for flame 2025-07-01 16:36:05 -06:00
Noah Masur
5dea78926b run as aarch64 for nixos-anywhere deploy 2025-07-01 16:31:15 -06:00
Noah Masur
e8571fe6b7 try to build on remote for cross-architecture 2025-07-01 16:09:41 -06:00
Noah Masur
a9b3249e20 use actions deploy key for ssh instead of personal key 
this will allow us to connect to the machine for nixos-anywhere
 2025-07-01 16:02:03 -06:00
Noah Masur
73002607ab fix: clean up llm drivel 2025-07-01 00:46:10 -04:00
Noah Masur
267134044f temp: always install nix for nixos-anywhere 2025-07-01 00:42:35 -04:00
Noah Masur
0621c66981 try giving up and going back to ubuntu vm 2025-07-01 00:40:56 -04:00
Noah Masur
18b489592e attempts to add qcow-efi to get oracle to work 
and also adding things from the oci build
 2025-06-30 16:31:52 -04:00
Noah Masur
928be5132a fix: missing data source for domains 2025-06-29 22:05:19 -04:00
Noah Masur
11b7587783 fix: typos and llm inaccuracies 2025-06-29 22:02:51 -04:00
Noah Masur
2704642b3d fix: os details for source image of oracle 2025-06-29 22:00:30 -04:00
Noah Masur
95d86dcdff add terraform tfstate info 2025-06-29 21:57:58 -04:00
Noah Masur
e8bc263081 fixes for name of qcow2 image 2025-06-29 21:52:07 -04:00
Noah Masur
03d2326724 enable cross-compiling for aarch64 from gui machines 2025-06-29 08:24:27 -04:00
Noah Masur
5bc980eea9 temp: disable ren-find to fix build error 2025-06-28 18:41:39 -04:00
Noah Masur
a2866927f3 update hash for caddy cloudflare dns plugin 2025-06-28 16:15:04 -04:00
Noah Masur
c2100cbc39 fix: typo 2025-06-28 16:02:21 -04:00
Noah Masur
1d4b79e8f1 make sure litestream groups are appropriate 2025-06-28 16:00:06 -04:00
Noah Masur
3974c6ce5d fix: issue with litestream group 2025-06-28 15:56:14 -04:00
Noah Masur
67f6eb3a1c comment out uuids for flame filesystems 2025-06-28 15:45:57 -04:00
Noah Masur
e0cd3c9d79 try to cross-compile to aarch64 on gh action x86 2025-06-28 15:42:10 -04:00
Noah Masur
e7e94a1dc3 attempt to build and deploy to oracle 2025-06-28 15:31:17 -04:00
Noah Masur
20fc80c259 fix: nix flake check and packages formatting 2025-06-21 23:38:37 -04:00
Noah Masur
ae09296f36 fix aerc not using editor for composing 2025-06-17 21:28:10 -04:00
Noah Masur
44f769f5ed add more gh shortcuts to zellij 2025-06-07 16:38:58 -04:00
Noah Masur
6e29c95506 add mpv back to darwin 2025-06-07 16:38:23 -04:00
Noah Masur
ac0a8d6c38 fix: remember to mount immich zfs dataset 2025-06-04 01:45:14 +00:00
Noah Masur
6f32a0dfa3 fix: paperless upload 403s 2025-06-02 02:56:50 +00:00
Noah Masur
9feaca58f3 add audiobooks to local dns 2025-06-02 02:56:40 +00:00
Noah Masur
3084c90c13 add helix to power-user 2025-06-02 02:56:31 +00:00
Noah Masur
f20d477f67 get around official filebrowser module 2025-06-02 02:56:19 +00:00
Noah Masur
c8441fc265 enable daemon mode and sync v2 for atuin 2025-05-14 15:05:05 -04:00
Noah Masur
23f46e51e6 zellij to trigger nix rebuild of hm and nixos or darwin 2025-05-14 15:04:49 -04:00
Noah Masur
f2e09c9adc zellij function to do a gh run watch 2025-05-13 15:46:13 -04:00
Noah Masur
f0add607e6 replace substituteAll function with replaceVars 
substituteAll has been deprecated
 2025-05-13 15:46:13 -04:00
Noah Masur
b38205af93 setup karakeep basics 2025-05-12 03:07:38 +00:00
Noah Masur
12c9342748 fix: rofi power menu glyphs cut off 
the main issue is that i wasn't using the "mono" version of the nerd
font for hack. the font characters are not reported with the correct
fixed width which causes issues in rendering.
 2025-05-10 10:53:54 -04:00
Noah Masur
5d539abe21 shortcut for mpv shuffle mode 2025-05-10 10:39:51 -04:00
Noah Masur
cea08761bb use alt-l and alt-h in zellij locked mode 2025-05-10 10:39:35 -04:00
Noah Masur
eea972492e fix: betterlockscreen won't unlock system 2025-05-10 09:31:29 -04:00
Noah Masur
9014ca226e fix: class focus for aerc in xorg 2025-05-10 08:21:36 -04:00
Noah Masur
515859d22d add zed to darwin launcher 2025-05-08 16:22:36 -04:00
Noah Masur
aa6c91b65c add lazygit as a preset with custom keybinds 2025-05-07 13:47:17 -04:00
Noah Masur
d59692c813 fix pipewire and zellij on linux 2025-05-07 08:47:45 -04:00
Noah Masur
88266c9f8d use regular firefox package on darwin 2025-05-07 08:17:34 -04:00
Noah Masur
a1dfc77790 use enter key to save in helix 2025-05-07 08:17:11 -04:00
Noah Masur
b3a7b280b5 package mathesar and run as service 2025-05-05 20:36:27 +00:00
Noah Masur
e803e6a02a fix for cloudflare-dyndns using noproxy fix as well 2025-05-05 20:34:24 +00:00
Noah Masur
61c4e68fef replace wezterm with ghostty on linux 2025-05-03 20:34:46 -04:00
Noah Masur
faac8f3c8b forgot to include nautilus 2025-05-03 20:34:11 -04:00
Noah Masur
9b30f91b1d adjust helix to include more comment tokens 2025-05-03 20:33:48 -04:00
Noah Masur
5966368620 add ssh subdomain for git server 2025-05-03 22:09:36 +00:00
Noah Masur
820f5afe0b fix: cloudflare dyndns noproxy api key issues 2025-05-03 19:37:16 +00:00
Noah Masur
bfbacbe93e update lockfile and add pgweb, fixes to cloudflare caddy 2025-05-03 19:25:32 +00:00
Noah Masur
54a073b946 switch to self-hosted git for bpc 2025-05-03 14:22:06 +00:00
Noah Masur
8eede16bcd fix: staff requires bootloader 2025-04-26 13:02:46 -04:00
Noah Masur
11e0992d99 semi-failed packaging of actual budget prometheus exporter 2025-04-23 19:20:45 +00:00
Noah Masur
562295edb1 fix: wsl nativesystemd no longer used 2025-04-20 16:57:51 -04:00
Noah Masur
a719dc4309 fix: arrow must have filesystems 2025-04-16 14:31:36 -04:00
Noah Masur
0aecbd85cd switch actualbudget to native service 2025-04-14 21:46:20 +00:00
Noah Masur
28ac5523f8 rename vm-agent to vmagent 2025-04-14 19:10:34 +00:00
Noah Masur
645454cb9a fix: actual budget prometheus exporter 2025-04-14 19:10:22 +00:00
Noah Masur
b30893d968 fix: secret format for cloudflare dyndns service 2025-04-12 17:08:09 +00:00
Noah Masur
0ec67df9a3 try adding actual budget prometheus exporter 2025-04-11 21:46:11 -04:00
Noah Masur
7182ca7cd4 make vmagent and sshd default for linux hosts 2025-04-11 21:45:46 -04:00
Noah Masur
fbaa6f8894 enable ice menu bar cleanup for darwin 2025-04-11 21:45:20 -04:00
Noah Masur
3873ab7296 move syncnotes to nix 2025-04-07 16:35:52 -04:00
Noah Masur
7b32216684 aws ssm ssh in profile 2025-04-07 16:35:31 -04:00
Noah Masur
2f042713cc helix use esc to collapse selection 2025-04-07 16:35:14 -04:00
Noah Masur
011fb57347 fix: helix ignore for specific files 2025-04-07 16:35:00 -04:00
Noah Masur
ce308a6347 fix helix manpager 2025-04-07 16:34:31 -04:00
Noah Masur
31e93606f4 tabs working in zellij with ghostty 2025-04-07 16:33:50 -04:00
Noah Masur
b7317a721b try inheriting configs 2025-04-03 10:34:22 -04:00
Noah Masur
3684ce4b39 exclude keybase from zoxide 2025-04-03 10:34:11 -04:00
Noah Masur
b8337f1295 fix: don't break zellij when selecting the current dir 2025-04-01 09:51:20 -04:00
Noah Masur
b78bc5b3bb add today note vsplit 2025-03-31 15:08:18 -04:00
Noah Masur
5869e4a6b4 use flakes to update helix and yazi to fix integration issues 2025-03-31 11:19:52 -04:00
Noah Masur
2c55912abf improve notes experience in helix 2025-03-30 21:24:15 -04:00
Noah Masur
0be5c026a7 adjust lazygit which is still not perfect 2025-03-30 18:17:37 -04:00
Noah Masur
d427ccc577 add lazygit to helix and tweak zellij with locked mode 2025-03-30 18:09:07 -04:00
Noah Masur
3852551ebe fix: not locking zellij when switching sessions 2025-03-30 12:55:39 -04:00
Noah Masur
9727fd6a56 add lazygit to cli 2025-03-30 12:55:12 -04:00
Noah Masur
e233a2e354 update flake to fix zellij issue 2025-03-30 12:35:15 -04:00
Noah Masur
5b32f1f211 fix flake issues with organizing by system 2025-03-30 11:00:21 -04:00
Noah Masur
eace1ff3cf update actual budget 2025-03-28 02:07:30 +00:00
Noah Masur
5397e4e23f Merge branch 'platform' 
This is a large refactor to the dotfiles setup.
 2025-03-27 13:33:58 -04:00
Noah Masur
6933083cda adjust some zellij and helix keybinds 2025-03-27 13:01:53 -04:00
Noah Masur
39d9cb7e5a more lsps and fix syntax var colors 2025-03-24 09:53:30 -04:00
Noah Masur
b270e1643c update readme and tweak helix config 2025-03-23 18:41:37 -04:00
Noah Masur
cdbd94e64e upgrade to nextcloud 31 (without apps) 2025-03-23 20:53:35 +00:00
Noah Masur
9e3b003241 fix: enable calibre-web in preset 2025-03-23 20:47:05 +00:00
Noah Masur
802544575f fixes for read key 2025-03-23 19:11:27 +00:00
Noah Masur
a85180beee fix: enable prometheus stuff 2025-03-23 17:30:59 +00:00
Noah Masur
b901b9abd9 zellij tweaks and session switching 2025-03-23 10:10:56 -04:00
Noah Masur
870ab6894d fixes for swan 2025-03-23 13:30:57 +00:00
Noah Masur
12604f3109 fix flame settings 2025-03-23 00:32:06 +00:00
Noah Masur
59e67fb406 build succeed on swan 2025-03-22 23:45:06 +00:00
Noah Masur
6a7706ca85 some conveniences for helix 2025-03-21 13:51:28 -04:00
Noah Masur
12d0bccb42 integrate helix with fzf shortcuts 2025-03-19 14:16:01 -04:00
Noah Masur
cf7966d73d tweaks for ghostty and zellij 2025-03-19 13:51:42 -04:00
Noah Masur
fa1482dcfc some basic zellij and helix configs 2025-03-18 21:47:40 -04:00
Noah Masur
8e7ccbda59 use ctrl-f to accept autosuggestions 2025-03-17 23:30:59 -04:00
Noah Masur
59c5ca4816 zellij and helix config 2025-03-17 23:30:38 -04:00
Noah Masur
442249c242 replace wezterm with ghostty on dock 2025-03-17 21:44:13 -04:00
Noah Masur
5eb2b003d4 fix helix color for primary selection 2025-03-17 21:40:04 -04:00
Noah Masur
ef6070fe6d update hammerspoon notification dismissal for macos 15 2025-03-17 12:04:21 -04:00
Noah Masur
38906a802d reorg flake lines and remove unnecessary stanzas 2025-03-17 11:38:50 -04:00
Noah Masur
852ecf0b91 tweaks for ghostty, helix, zed 2025-03-17 11:00:19 -04:00
Noah Masur
a611b0ab69 move tree-sitter packages out of flake 2025-03-16 21:19:16 -04:00
Noah Masur
6802c4de2f fix: notmuch missing from desktop 2025-03-16 20:55:03 -04:00
Noah Masur
4dc9590ff8 replace wezterm with ghostty while i figure out issues 2025-03-16 16:22:41 -04:00
Noah Masur
e0588878b1 darwin build 2025-03-16 15:12:07 -04:00
Noah Masur
98356634cd switch on darwin 2025-03-16 14:00:38 -04:00
Noah Masur
1833b4b46c add home-manager to base nixos config 2025-03-14 20:03:24 +00:00
Noah Masur
3087b1a39c fix home-manager module in nixos rebuild 2025-03-14 15:47:08 +00:00
Noah Masur
a3ad019f4b add generators and clean up directories 2025-03-14 00:13:56 +00:00
Noah Masur
bdf163a50a consolidate build functions 2025-03-12 01:51:12 +00:00
Noah Masur
bf273925ad still working on consolidating 2025-03-11 02:31:22 +00:00
Noah Masur
1eae89b8ab coalescing code for imports 2025-03-10 03:37:48 +00:00
github-actions[bot]
956fa3184b flake.lock: Update 
Flake lock file updates:

• Updated input 'base16-nvim-src':
    'github:RRethy/base16-nvim/6ac181b5733518040a33017dde654059cd771b7c' (2024-05-23)
  → 'github:RRethy/base16-nvim/2fdd4e53286dbb8978699b5e1cd09835362a70f3' (2025-02-10)
• Updated input 'darwin':
    'github:lnl7/nix-darwin/ae406c04577ff9a64087018c79b4fdc02468c87c' (2025-02-05)
  → 'github:lnl7/nix-darwin/678b22642abde2ee77ae2218ab41d802f010e5b0' (2025-02-14)
• Updated input 'disko':
    'github:nix-community/disko/ff3568858c54bd306e9e1f2886f0f781df307dff' (2025-02-05)
  → 'github:nix-community/disko/4edb87a2ac9010da6fea50fc56d67e123fca85f4' (2025-02-15)
• Updated input 'firefox-darwin':
    'github:bandithedoge/nixpkgs-firefox-darwin/debb9b889951b74cee5cbdb45074dd9d289f25d6' (2025-02-08)
  → 'github:bandithedoge/nixpkgs-firefox-darwin/99a56b8763d3f5485c89e1e05ea8133f75821fbd' (2025-02-15)
• Updated input 'home-manager':
    'github:nix-community/home-manager/433799271274c9f2ab520a49527ebfe2992dcfbd' (2025-02-06)
  → 'github:nix-community/home-manager/6d3163aea47fdb1fe19744e91306a2ea4f602292' (2025-02-14)
• Updated input 'jujutsu':
    'github:martinvonz/jj/cc5b34809cefd9d9e8c64bb26f7494be22d43973' (2025-02-07)
  → 'github:martinvonz/jj/3bc111e60efdea774b6d979c0809256218b2549b' (2025-02-15)
• Updated input 'nextcloud-snappymail':
    'https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz?narHash=sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E%3D' (2025-02-08)
  → 'https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz?narHash=sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E%3D' (2025-02-15)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/550e11f27ba790351d390d9eca3b80ad0f0254e7' (2025-02-06)
  → 'github:nixos/nixpkgs/2ff53fe64443980e139eaa286017f53f88336dd0' (2025-02-13)
• Updated input 'nur':
    'github:nix-community/nur/3680f5c26f924c7903e684b93c96b743316a31da' (2025-02-08)
  → 'github:nix-community/nur/e353ac4b999db166ad92074ca66f2394d65aeb1d' (2025-02-15)
• Updated input 'nur/nixpkgs':
    'github:nixos/nixpkgs/550e11f27ba790351d390d9eca3b80ad0f0254e7' (2025-02-06)
  → 'github:nixos/nixpkgs/2ff53fe64443980e139eaa286017f53f88336dd0' (2025-02-13)
• Updated input 'nvim-tree-lua-src':
    'github:kyazdani42/nvim-tree.lua/70825f23db61ecd900c4cfea169bffe931926a9d' (2025-02-03)
  → 'github:kyazdani42/nvim-tree.lua/80523101f0ae48b7f1990e907b685a3d79776c01' (2025-02-09)
• Updated input 'wsl':
    'github:nix-community/NixOS-WSL/63c3b4ed1712a3a0621002cd59bfdc80875ecbb0' (2025-01-05)
  → 'github:nix-community/NixOS-WSL/0b2b8b31f69f24e9a75b4b18a32c771a48612d5e' (2025-02-14)
 2025-02-15 03:48:05 +00:00
github-actions[bot]
b73867ea27 flake.lock: Update 
Flake lock file updates:

• Updated input 'darwin':
    'github:lnl7/nix-darwin/49b807fa7c37568d7fbe2aeaafb9255c185412f9' (2025-01-30)
  → 'github:lnl7/nix-darwin/ae406c04577ff9a64087018c79b4fdc02468c87c' (2025-02-05)
• Updated input 'disko':
    'github:nix-community/disko/18d0a984cc2bc82cf61df19523a34ad463aa7f54' (2025-01-29)
  → 'github:nix-community/disko/ff3568858c54bd306e9e1f2886f0f781df307dff' (2025-02-05)
• Updated input 'firefox-darwin':
    'github:bandithedoge/nixpkgs-firefox-darwin/052c3b491b52de033f5bfc93612ecbb58034941f' (2025-02-01)
  → 'github:bandithedoge/nixpkgs-firefox-darwin/debb9b889951b74cee5cbdb45074dd9d289f25d6' (2025-02-08)
• Updated input 'home-manager':
    'github:nix-community/home-manager/801ddd8693481866c2cfb1efd44ddbae778ea572' (2025-02-01)
  → 'github:nix-community/home-manager/433799271274c9f2ab520a49527ebfe2992dcfbd' (2025-02-06)
• Updated input 'jujutsu':
    'github:martinvonz/jj/b35d503bf7c0170d10332f83a7020124f5e5958c' (2025-02-01)
  → 'github:martinvonz/jj/cc5b34809cefd9d9e8c64bb26f7494be22d43973' (2025-02-07)
• Updated input 'nextcloud-snappymail':
    'https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz?narHash=sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E%3D' (2025-02-01)
  → 'https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz?narHash=sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E%3D' (2025-02-08)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/9d3ae807ebd2981d593cddd0080856873139aa40' (2025-01-29)
  → 'github:nixos/nixpkgs/550e11f27ba790351d390d9eca3b80ad0f0254e7' (2025-02-06)
• Updated input 'nur':
    'github:nix-community/nur/95ddad0ff0e67c90314c6ca46324dce5f9a910d2' (2025-01-31)
  → 'github:nix-community/nur/3680f5c26f924c7903e684b93c96b743316a31da' (2025-02-08)
• Updated input 'nur/nixpkgs':
    'github:nixos/nixpkgs/9d3ae807ebd2981d593cddd0080856873139aa40' (2025-01-29)
  → 'github:nixos/nixpkgs/550e11f27ba790351d390d9eca3b80ad0f0254e7' (2025-02-06)
• Updated input 'nvim-lint-src':
    'github:mfussenegger/nvim-lint/789b7ada1b4f00e08d026dffde410dcfa6a0ba87' (2025-01-21)
  → 'github:mfussenegger/nvim-lint/6e9dd545a1af204c4022a8fcd99727ea41ffdcc8' (2025-02-06)
• Updated input 'nvim-tree-lua-src':
    'github:kyazdani42/nvim-tree.lua/d05881f65f0a653db8d830ccc4d2e07d6a720628' (2025-01-27)
  → 'github:kyazdani42/nvim-tree.lua/70825f23db61ecd900c4cfea169bffe931926a9d' (2025-02-03)
• Updated input 'tiny-inline-diagnostic-nvim-src':
    'github:rachartier/tiny-inline-diagnostic.nvim/aa6a7045b3984be2b6581741dbe9200f1701f7f7' (2025-01-30)
  → 'github:rachartier/tiny-inline-diagnostic.nvim/576351d53c1f6bda70252c3aaa710b01472024aa' (2025-02-05)
 2025-02-08 03:45:25 +00:00
github-actions[bot]
37427204de flake.lock: Update 
Flake lock file updates:

• Updated input 'darwin':
    'github:lnl7/nix-darwin/65cc1fa8e36ceff067daf6cfb142331f02f524d3' (2025-01-22)
  → 'github:lnl7/nix-darwin/49b807fa7c37568d7fbe2aeaafb9255c185412f9' (2025-01-30)
• Updated input 'disko':
    'github:nix-community/disko/bf0abfde48f469c256f2b0f481c6281ff04a5db2' (2025-01-16)
  → 'github:nix-community/disko/18d0a984cc2bc82cf61df19523a34ad463aa7f54' (2025-01-29)
• Updated input 'firefox-darwin':
    'github:bandithedoge/nixpkgs-firefox-darwin/ef9a452ffc26aed9265e2a5ff04952e960f8f21b' (2025-01-25)
  → 'github:bandithedoge/nixpkgs-firefox-darwin/052c3b491b52de033f5bfc93612ecbb58034941f' (2025-02-01)
• Updated input 'home-manager':
    'github:nix-community/home-manager/daf04c5950b676f47a794300657f1d3d14c1a120' (2025-01-24)
  → 'github:nix-community/home-manager/801ddd8693481866c2cfb1efd44ddbae778ea572' (2025-02-01)
• Updated input 'jujutsu':
    'github:martinvonz/jj/e58713c1355d0536e197a3f99ce5a5c713fe69c3' (2025-01-25)
  → 'github:martinvonz/jj/b35d503bf7c0170d10332f83a7020124f5e5958c' (2025-02-01)
• Updated input 'nextcloud-snappymail':
    'https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz?narHash=sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E%3D' (2025-01-25)
  → 'https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz?narHash=sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E%3D' (2025-02-01)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/0aa475546ed21629c4f5bbf90e38c846a99ec9e9' (2025-01-23)
  → 'github:nixos/nixpkgs/9d3ae807ebd2981d593cddd0080856873139aa40' (2025-01-29)
• Updated input 'nur':
    'github:nix-community/nur/e3bdfbe8b01b6469fd2351ab0cf867d9cfa73da8' (2025-01-25)
  → 'github:nix-community/nur/95ddad0ff0e67c90314c6ca46324dce5f9a910d2' (2025-01-31)
• Updated input 'nur/nixpkgs':
    'github:nixos/nixpkgs/0aa475546ed21629c4f5bbf90e38c846a99ec9e9' (2025-01-23)
  → 'github:nixos/nixpkgs/9d3ae807ebd2981d593cddd0080856873139aa40' (2025-01-29)
• Updated input 'nvim-tree-lua-src':
    'github:kyazdani42/nvim-tree.lua/fee1da88972f5972a8296813f6c00d7598325ebd' (2025-01-25)
  → 'github:kyazdani42/nvim-tree.lua/d05881f65f0a653db8d830ccc4d2e07d6a720628' (2025-01-27)
• Updated input 'rep':
    'github:robenkleene/rep-grep/10510d47e392cb9d30a861c69f702fd194b3fa88' (2024-02-06)
  → 'github:robenkleene/rep-grep/2a24f95170aa14b5182b2287125664a62f8688ef' (2025-02-01)
• Updated input 'tiny-inline-diagnostic-nvim-src':
    'github:rachartier/tiny-inline-diagnostic.nvim/5c00aec99f558b8f0a2c4445038f74e5f5435c00' (2025-01-23)
  → 'github:rachartier/tiny-inline-diagnostic.nvim/aa6a7045b3984be2b6581741dbe9200f1701f7f7' (2025-01-30)
• Updated input 'tree-sitter-bash':
    'github:tree-sitter/tree-sitter-bash/03f4927065b3c0d71a962be87130aa7e79b35448' (2025-01-24)
  → 'github:tree-sitter/tree-sitter-bash/0c46d792d54c536be5ff7eb18eb95c70fccdb232' (2025-01-31)
• Updated input 'tree-sitter-lua':
    'github:MunifTanjim/tree-sitter-lua/34e60e7f45fc313463c68090d88d742a55d1bd7a' (2024-10-21)
  → 'github:MunifTanjim/tree-sitter-lua/68d29aa745b68ae22cbbdb5dcb68c20232521ff6' (2025-01-31)
• Updated input 'tree-sitter-python':
    'github:tree-sitter/tree-sitter-python/ab2ba8be034368fa009f62f371c068b8728f9db7' (2025-01-23)
  → 'github:tree-sitter/tree-sitter-python/710796b8b877a970297106e5bbc8e2afa47f86ec' (2025-01-30)
 2025-02-01 03:47:04 +00:00
Noah Masur
6ee5ade2bc add trash from homebrew to path 2025-01-27 10:26:18 -05:00
Noah Masur
043cd8ce5c add ldapl script 2025-01-27 10:26:01 -05:00
github-actions[bot]
07a0d5185b flake.lock: Update 
Flake lock file updates:

• Updated input 'darwin':
    'github:lnl7/nix-darwin/87131f51f8256952d1a306b5521cedc2dc61aa08' (2025-01-18)
  → 'github:lnl7/nix-darwin/65cc1fa8e36ceff067daf6cfb142331f02f524d3' (2025-01-22)
• Updated input 'firefox-darwin':
    'github:bandithedoge/nixpkgs-firefox-darwin/3224752c71a5245e90cfae360e0dc5de98e2b53c' (2025-01-18)
  → 'github:bandithedoge/nixpkgs-firefox-darwin/ef9a452ffc26aed9265e2a5ff04952e960f8f21b' (2025-01-25)
• Updated input 'home-manager':
    'github:nix-community/home-manager/a0046af169ce7b1da503974e1b22c48ef4d71887' (2025-01-17)
  → 'github:nix-community/home-manager/daf04c5950b676f47a794300657f1d3d14c1a120' (2025-01-24)
• Updated input 'jujutsu':
    'github:martinvonz/jj/83d40d2c425fa2e050bdac8837b19e5beb3bef25' (2025-01-18)
  → 'github:martinvonz/jj/e58713c1355d0536e197a3f99ce5a5c713fe69c3' (2025-01-25)
• Updated input 'jujutsu/rust-overlay':
    'github:oxalica/rust-overlay/04d5f1836721461b256ec452883362c5edc5288e' (2025-01-02)
  → 'github:oxalica/rust-overlay/eb64cbcc8eee0fa87ebded92805280d2ec97415a' (2025-01-24)
• Updated input 'nextcloud-snappymail':
    'https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz?narHash=sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E%3D' (2025-01-18)
  → 'https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz?narHash=sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E%3D' (2025-01-25)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/5df43628fdf08d642be8ba5b3625a6c70731c19c' (2025-01-16)
  → 'github:nixos/nixpkgs/0aa475546ed21629c4f5bbf90e38c846a99ec9e9' (2025-01-23)
• Updated input 'nur':
    'github:nix-community/nur/62cdd681201843553ec740a85ccf2f0a6fca75c6' (2025-01-18)
  → 'github:nix-community/nur/e3bdfbe8b01b6469fd2351ab0cf867d9cfa73da8' (2025-01-25)
• Updated input 'nur/nixpkgs':
    'github:nixos/nixpkgs/5df43628fdf08d642be8ba5b3625a6c70731c19c' (2025-01-16)
  → 'github:nixos/nixpkgs/0aa475546ed21629c4f5bbf90e38c846a99ec9e9' (2025-01-23)
• Updated input 'nvim-lint-src':
    'github:mfussenegger/nvim-lint/dfa45de973c3ce7bd1b9a6d346f896a68ad07e44' (2025-01-06)
  → 'github:mfussenegger/nvim-lint/789b7ada1b4f00e08d026dffde410dcfa6a0ba87' (2025-01-21)
• Updated input 'nvim-tree-lua-src':
    'github:kyazdani42/nvim-tree.lua/fca0b67c0b5a31727fb33addc4d9c100736a2894' (2025-01-17)
  → 'github:kyazdani42/nvim-tree.lua/fee1da88972f5972a8296813f6c00d7598325ebd' (2025-01-25)
• Updated input 'tiny-inline-diagnostic-nvim-src':
    'github:rachartier/tiny-inline-diagnostic.nvim/aaa6f0dd097f8ca2478cad259e61b7cb26ec0eb8' (2025-01-15)
  → 'github:rachartier/tiny-inline-diagnostic.nvim/5c00aec99f558b8f0a2c4445038f74e5f5435c00' (2025-01-23)
• Updated input 'tree-sitter-bash':
    'github:tree-sitter/tree-sitter-bash/49c31006d8307dcb12bc5770f35b6d5b9e2be68e' (2024-11-11)
  → 'github:tree-sitter/tree-sitter-bash/03f4927065b3c0d71a962be87130aa7e79b35448' (2025-01-24)
• Updated input 'tree-sitter-python':
    'github:tree-sitter/tree-sitter-python/409b5d671eb0ea4972eeacaaca24bbec1acf79b1' (2025-01-07)
  → 'github:tree-sitter/tree-sitter-python/ab2ba8be034368fa009f62f371c068b8728f9db7' (2025-01-23)
 2025-01-25 03:44:22 +00:00
139 changed files with 4004 additions and 1470 deletions
Expand all files Collapse all files

2
.github/workflows/arrow-aws.yml vendored
View File

@ -3,7 +3,7 @@ name: Arrow (AWS)
run-name: Arrow (AWS) - ${{ inputs.rebuild && 'Rebuild and ' || '' }}${{ inputs.action == 'create' && 'Create' || ( inputs.action == 'destroy' && 'Destroy' || 'No Action' ) }}
env:
TERRAFORM_DIRECTORY: hosts/arrow/aws
TERRAFORM_DIRECTORY: deploy/aws
DEPLOY_IDENTITY_BASE64: ${{ secrets.DEPLOY_IDENTITY_BASE64 }}
ARROW_IDENTITY_BASE64: ${{ secrets.ARROW_IDENTITY_BASE64 }}
ZONE_NAME: masu.rs

200
.github/workflows/flame.yml vendored Normal file
View File

@ -0,0 +1,200 @@
name: Flame
run-name: Flame - ${{ inputs.rebuild && 'Rebuild and ' || '' }}${{ inputs.action == 'create' && 'Create' || ( inputs.action == 'destroy' && 'Destroy' || 'No Action' ) }}
env:
TERRAFORM_DIRECTORY: deploy/oracle
DEPLOY_IDENTITY_BASE64: ${{ secrets.DEPLOY_IDENTITY_BASE64 }}
FLAME_IDENTITY_BASE64: ${{ secrets.FLAME_IDENTITY_BASE64 }}
ZONE_NAME: masu.rs
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
CLOUDFLARE_ZONE_ID: ${{ secrets.CLOUDFLARE_ZONE_ID }}
OCI_CLI_USER: "ocid1.user.oc1..aaaaaaaa6lro2eoxdajjypjysepvzcavq5yn4qyozjyebxdiaoqziribuqba"
OCI_CLI_TENANCY: "ocid1.tenancy.oc1..aaaaaaaaudwr2ozedhjnrn76ofjgglgug6gexknjisd7gb7tkj3mjdp763da"
OCI_CLI_FINGERPRINT: "dd:d0:da:6d:83:46:8b:b3:d9:45:2b:c7:56:ae:30:94"
OCI_CLI_KEY_CONTENT: "${{ secrets.OCI_PRIVATE_KEY }}"
TF_VAR_oci_private_key: "${{ secrets.OCI_PRIVATE_KEY }}"
OCI_CLI_REGION: "us-ashburn-1"
on:
workflow_dispatch:
inputs:
rebuild:
description: Rebuild Image
type: boolean
default: false
action:
description: Terraform Action
type: choice
required: true
default: create
options:
- create
- destroy
- nothing
permissions:
id-token: write
contents: write
jobs:
build-deploy:
name: Build and Deploy
# runs-on: ubuntu-latest
runs-on: ubuntu-24.04-arm
steps:
- name: Checkout Repo Code
uses: actions/checkout@v4
# - name: Write OCI Key to File
# run: |
# echo "${{ env.OCI_PRIVATE_KEY_BASE64 }}" | base64 -d > OCI_PRIVATE_KEY
# # Enable access to KVM, required to build an image
# - name: Enable KVM group perms
# if: inputs.rebuild && inputs.action != 'destroy'
# run: |
# echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules
# sudo udevadm control --reload-rules
# sudo udevadm trigger --name-match=kvm
# sudo apt-get install -y qemu-user-static
# Install Nix
- name: Install Nix
# if: inputs.rebuild && inputs.action != 'destroy'
uses: cachix/install-nix-action@v31.4.1
with:
enable_kvm: true
extra_nix_config: |
system = aarch64-linux
system-features = aarch64-linux arm-linux kvm
# Build the image
- name: Build Image
if: inputs.rebuild && inputs.action != 'destroy'
run: nix build .#flame-qcow --system aarch64-linux
- name: List Images
if: inputs.rebuild && inputs.action != 'destroy'
run: |
ls -lh result/
echo "IMAGE_NAME=$(ls result/nixos.qcow2) >> $GITHUB_ENV
- name: Upload Image to S3
if: inputs.rebuild && inputs.action != 'destroy'
# env:
# AWS_ACCESS_KEY_ID: "<YOUR_OCI_ACCESS_KEY>"
# AWS_SECRET_ACCESS_KEY: "<YOUR_OCI_SECRET_KEY>"
# AWS_DEFAULT_REGION: "us-ashburn-1" # e.g., us-ashburn-1, us-phoenix-1
# AWS_ENDPOINT_URL: "https://masur.compat.objectstorage.us-ashburn-1.oraclecloud.com"
uses: oracle-actions/run-oci-cli-command@v1.3.2
with:
command: |
os object put \
--namespace "idptr5akf9pf" \
--bucket-name "noahmasur-images" \
--name "nixos.qcow2" \
--file "${IMAGE_NAME}" \
--part-size 128 \ # Optional: Specify part size in MiB for multipart uploads, default is 128 MiB
--parallel-upload-count 5 # Optional: Number of parallel uploads, default is 3
# Login to AWS
- name: AWS Assume Role
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::286370965832:role/github_actions_admin
aws-region: us-east-1
# Installs the Terraform binary and some other accessory functions.
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
# Checks whether Terraform is formatted properly. If this fails, you
# should install the pre-commit hook.
- name: Check Formatting
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
terraform fmt -no-color -check -diff -recursive
# Connects to remote state backend and download providers.
- name: Terraform Init
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: terraform init -input=false
# Deploys infrastructure or changes to infrastructure.
- name: Terraform Apply
if: inputs.action == 'create'
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
terraform apply \
-auto-approve \
-input=false
# Removes infrastructure.
- name: Terraform Destroy
if: inputs.action == 'destroy'
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
terraform destroy \
-auto-approve \
-input=false
- name: Get Host IP
if: inputs.action == 'create'
id: host
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: terraform output -raw host_ip
- name: Wait on SSH
if: inputs.action == 'create'
run: |
for i in $(seq 1 15); do
if $(nc -z -w 3 ${{ steps.host.outputs.stdout }} 22); then
exit 0
fi
sleep 10
done
- name: Write Identity Keys to Files
if: inputs.action == 'create'
run: |
echo "${{ env.DEPLOY_IDENTITY_BASE64 }}" | base64 -d > deploy_ed25519
chmod 0600 deploy_ed25519
echo "${{ env.FLAME_IDENTITY_BASE64 }}" | base64 -d > flame_ed25519
chmod 0600 flame_ed25519
mkdir -pv "${HOME}/.ssh/"
cp deploy_ed25519 "${HOME}/.ssh/id_ed25519"
- name: Run nixos-anywhere
if: inputs.action == 'create'
run: |
nix run github:nix-community/nixos-anywhere -- --flake github:nmasur/dotfiles#flame --build-on remote --no-reboot --target-host ubuntu@${{ steps.host.outputs.stdout }}
reboot now
- name: Wait on SSH After Reboot
if: inputs.action == 'create'
run: |
for i in $(seq 1 15); do
if $(nc -z -w 3 ${{ steps.host.outputs.stdout }} 22); then
exit 0
fi
sleep 10
done
- name: Copy Identity File to Host
if: inputs.action == 'create'
run: |
ssh -i deploy_ed25519 -o StrictHostKeyChecking=accept-new noah@${{ steps.host.outputs.stdout }} 'mkdir -pv .ssh'
scp -i deploy_ed25519 flame_ed25519 noah@${{ steps.host.outputs.stdout }}:~/.ssh/id_ed25519
# - name: Wipe Records
# if: ${{ inputs.action == 'destroy' }}
# run: |
# RECORD_ID=$(curl --request GET \
# --url https://api.cloudflare.com/client/v4/zones/${{ env.CLOUDFLARE_ZONE_ID }}/dns_records \
# --header 'Content-Type: application/json' \
# --header "Authorization: Bearer ${{ env.CLOUDFLARE_API_TOKEN }}" | jq -r '.result[] | select(.name == "n8n2.${{ env.ZONE_NAME }}") | .id')
# curl --request DELETE \
# --url https://api.cloudflare.com/client/v4/zones/${{ env.CLOUDFLARE_ZONE_ID }}/dns_records/${RECORD_ID} \
# --header 'Content-Type: application/json' \
# --header "Authorization: Bearer ${{ env.CLOUDFLARE_API_TOKEN }}"

67
README.md
View File

@ -8,38 +8,38 @@ configuration may be difficult to translate to a non-Nix system.
## System Features
| Feature | Program | Configuration |
|----------------|-----------------------------------------------------|-----------------------------------------------|
| OS | [NixOS](https://nixos.org) | [Link](./modules/nixos) |
| Display Server | [X11](https://www.x.org/wiki/) | [Link](./modules/nixos/graphical/xorg.nix) |
| Compositor | [Picom](https://github.com/yshui/picom) | [Link](./modules/nixos/graphical/picom.nix) |
| Window Manager | [i3](https://i3wm.org/) | [Link](./modules/nixos/graphical/i3.nix) |
| Panel | [Polybar](https://polybar.github.io/) | [Link](./modules/nixos/graphical/polybar.nix) |
| Font | [Victor Mono](https://rubjo.github.io/victor-mono/) | [Link](./modules/nixos/graphical/fonts.nix) |
| Launcher | [Rofi](https://github.com/davatorium/rofi) | [Link](./modules/nixos/graphical/rofi.nix) |
| Feature | Program | Configuration |
|----------------|-----------------------------------------------------|-----------------------------------------------------------------------------------|
| OS | [NixOS](https://nixos.org) | [Link](./platforms/nixos) |
| Display Server | [X11](https://www.x.org/wiki/) | [Link](./platforms/nixos/modules/nmasur/profiles/gui.nix) |
| Compositor | [Picom](https://github.com/yshui/picom) | [Link](./platforms/home-manager/modules/nmasur/presets/services/picom.nix) |
| Window Manager | [i3](https://i3wm.org/) | [Link](./platforms/home-manager/modules/nmasur/presets/services/i3.nix) |
| Panel | [Polybar](https://polybar.github.io/) | [Link](./platforms/home-manager/modules/nmasur/presets/services/polybar.nix) |
| Font | [Victor Mono](https://rubjo.github.io/victor-mono/) | [Link](./platforms/home-manager/modules/nmasur/presets/fonts.nix) |
| Launcher | [Rofi](https://github.com/davatorium/rofi) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/rofi/default.nix) |
## User Features
| Feature | Program | Configuration |
|--------------|----------------------------------------------------------------------------------|----------------------------------------------------|
| Dotfiles | [Home-Manager](https://github.com/nix-community/home-manager) | [Link](./modules/common) |
| Terminal | [Kitty](https://sw.kovidgoyal.net/kitty/) | [Link](./modules/common/applications/kitty.nix) |
| Shell | [Fish](https://fishshell.com/) | [Link](./modules/common/shell/fish) |
| Shell Prompt | [Starship](https://starship.rs/) | [Link](./modules/common/shell/starship.nix) |
| Colorscheme | [Gruvbox](https://github.com/morhetz/gruvbox) | [Link](./colorscheme/gruvbox/default.nix) |
| Wallpaper | [Road](https://gitlab.com/exorcist365/wallpapers/-/blob/master/gruvbox/road.jpg) | [Link](./hosts/tempest/default.nix) |
| Text Editor | [Neovim](https://neovim.io/) | [Link](./modules/common/neovim/config) |
| Browser | [Firefox](https://www.mozilla.org/en-US/firefox/new/) | [Link](./modules/common/applications/firefox.nix) |
| E-Mail | [Aerc](https://aerc-mail.org/) | [Link](./modules/common/mail/aerc.nix) |
| File Manager | [Nautilus](https://wiki.gnome.org/action/show/Apps/Files) | [Link](./modules/common/applications/nautilus.nix) |
| PDF Reader | [Zathura](https://pwmt.org/projects/zathura/) | [Link](./modules/common/applications/media.nix) |
| Video Player | [mpv](https://mpv.io/) | [Link](./modules/common/applications/media.nix) |
| Feature | Program | Configuration |
|--------------|----------------------------------------------------------------------------------|-------------------------------------------------------------------------------|
| Dotfiles | [Home-Manager](https://github.com/nix-community/home-manager) | [Link](./platforms/home-manager) |
| Terminal | [Ghostty](https://sw.kovidgoyal.net/kitty/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/ghostty.nix) |
| Shell | [Fish](https://fishshell.com/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/fish.nix) |
| Shell Prompt | [Starship](https://starship.rs/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/starship.nix) |
| Colorscheme | [Gruvbox](https://github.com/morhetz/gruvbox) | [Link](./colorscheme/gruvbox/default.nix) |
| Wallpaper | [Road](https://gitlab.com/exorcist365/wallpapers/-/blob/master/gruvbox/road.jpg) | [Link](./hosts/x86_64-linux/tempest/default.nix) |
| Text Editor | [Neovim](https://neovim.io/) | [Link](./pkgs/applications/editors/neovim/nmasur/neovim/package.nix) |
| Browser | [Firefox](https://www.mozilla.org/en-US/firefox/new/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/firefox.nix) |
| E-Mail | [Aerc](https://aerc-mail.org/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/aerc.nix) |
| File Manager | [Nautilus](https://wiki.gnome.org/action/show/Apps/Files) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/nautilus.nix) |
| PDF Reader | [Zathura](https://pwmt.org/projects/zathura/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/zathura.nix) |
| Video Player | [mpv](https://mpv.io/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/mpv.nix) |
## macOS Features
| Feature | Program | Configuration |
|----------|---------------------------------------------|--------------------------------------|
| Keybinds | [Hammerspoon](https://www.hammerspoon.org/) | [Link](./modules/darwin/hammerspoon) |
| Keybinds | [Hammerspoon](https://www.hammerspoon.org/) | [Link](./platforms/home-manager/modules/nmasur/presets/services/hammerspoon/) |
# Diagram
@ -51,15 +51,16 @@ configuration may be difficult to translate to a non-Nix system.
This repo contains a few more elaborate elements of configuration.
- [Neovim config](./modules/common/neovim/default.nix) generated with Nix2Vim
and source-controlled plugins, differing based on installed LSPs, for example.
- [Caddy JSON](./modules/nixos/services/caddy.nix) file (routes, etc.) based
dynamically on enabled services rendered with Nix.
- [Grafana config](./modules/nixos/services/grafana.nix) rendered with Nix.
- Custom [secrets deployment](./modules/nixos/services/secrets.nix) similar to
agenix.
- Base16 [colorschemes](./colorscheme/) applied to multiple applications,
including Firefox userChrome.
- [Neovim config](./pkgs/applications/editors/neovim/nmasur/neovim/package.nix)
generated with Nix2Vim and source-controlled plugins,
differing based on installed LSPs, for example. - [Caddy
JSON](./platforms/nixos/modules/nmasur/presets/services/caddy.nix) file (routes,
etc.) based dynamically on enabled services rendered with Nix. - [Grafana
config](./platforms/nixos/modules/nmasur/presets/services/grafana/grafana.nix)
rendered with Nix. - Custom [secrets
deployment](./platforms/nixos/modules/secrets.nix) similar to agenix. - Base16
[colorschemes](./colorscheme/) applied to multiple applications, including
Firefox userChrome.
---

115
deploy/oracle/main.tf Normal file
View File

@ -0,0 +1,115 @@
terraform {
backend "s3" {
bucket = "noahmasur-terraform"
key = "flame.tfstate"
region = "us-east-1"
use_lockfile = true
}
required_version = ">= 1.0.0"
required_providers {
oci = {
source = "oracle/oci"
version = "7.7.0"
}
}
}
provider "oci" {
auth = "APIKey"
tenancy_ocid = var.compartment_ocid
user_ocid = "ocid1.user.oc1..aaaaaaaa6lro2eoxdajjypjysepvzcavq5yn4qyozjyebxdiaoqziribuqba"
private_key = var.oci_private_key
fingerprint = "dd:d0:da:6d:83:46:8b:b3:d9:45:2b:c7:56:ae:30:94"
region = "us-ashburn-1"
}
# Get the latest Ubuntu image OCID
# We'll filter for a recent Ubuntu LTS version (e.g., 22.04 or 24.04) and pick the latest.
# Note: Image OCIDs are region-specific. This data source helps find the correct one.
data "oci_core_images" "ubuntu_image" {
compartment_id = var.compartment_ocid
operating_system = "Canonical Ubuntu"
# Adjust this version if you prefer a different Ubuntu LTS (e.g., "24.04")
operating_system_version = "24.04"
shape = var.instance_shape # Filter by the shape to ensure compatibility
sort_by = "TIMECREATED"
sort_order = "DESC"
}
# resource "oci_core_image" "my_custom_image" {
# compartment_id = var.compartment_ocid
# display_name = "noah-nixos"
# image_source_details {
# source_type = "objectStorageTuple" # Use this if specifying namespace, bucket, and object name
# # source_type = "objectStorageUri" # Use this if you have a pre-authenticated request URL (PAR)
# namespace_name = var.object_storage_namespace
# bucket_name = var.object_storage_bucket_name
# object_name = var.object_storage_object_name
# source_image_type = "QCOW2" # e.g., "QCOW2", "VMDK"
# # These properties help OCI understand how to launch instances from this image
# # Adjust based on your custom image's OS and boot mode
# operating_system = "NixOS" # e.g., "CentOS", "Debian", "Windows"
# operating_system_version = "25.05" # e.g., "7", "11", "2019"
# }
# launch_mode = "PARAVIRTUALIZED" # Or "NATIVE", "EMULATED", "CUSTOM"
# # Optional: for specific launch options if your image requires them
# # launch_options {
# # boot_volume_type = "PARAVIRTUALIZED"
# # firmware = "UEFI_64" # Or "BIOS"
# # network_type = "PARAVIRTUALIZED"
# # }
# # Time out for image import operation. Can take a while for large images.
# timeouts {
# create = "60m" # Default is 20m, often needs to be increased
# }
# }
data "oci_identity_availability_domains" "ads" {
compartment_id = var.compartment_ocid
}
resource "oci_core_instance" "my_compute_instance" {
compartment_id = var.compartment_ocid
availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name
shape = var.instance_shape
display_name = var.instance_display_name
source_details {
source_type = "image"
# Use the OCID of the latest Ubuntu image found by the data source
source_id = data.oci_core_images.ubuntu_image.images[0].id
# # Use the OCID of the newly imported custom image
# source_id = oci_core_image.my_custom_image.id
# Specify the boot volume size
boot_volume_size_in_gbs = var.boot_volume_size_in_gbs
boot_volume_vpus_per_gb = 20 # Highest free tier option
}
# launch_options {
# is_consistent_volume_naming_enabled = true # Sets boot device path to /dev/oracleoci/oraclevda
# network_type = "PARAVIRTUALIZED" # I think this is the default?
# }
create_vnic_details {
subnet_id = oci_core_subnet.my_public_subnet.id # Use the created subnet's ID
display_name = "primary_vnic"
assign_public_ip = true
hostname_label = "flame"
}
metadata = {
ssh_authorized_keys = var.ssh_public_key
user_data = base64encode(var.cloud_init_script)
}
# Optional: For flexible shapes (e.g., VM.Standard.E4.Flex), you might need to specify OCPUs and memory
shape_config {
ocpus = 4
memory_in_gbs = 24
}
}

126
deploy/oracle/network.tf Normal file
View File

@ -0,0 +1,126 @@
resource "oci_core_vcn" "my_vpc" {
compartment_id = var.compartment_ocid
display_name = "main"
cidr_block = "10.0.0.0/16"
is_ipv6enabled = false
dns_label = "mainvcn" # Must be unique within your tenancy
}
resource "oci_core_internet_gateway" "my_igw" {
compartment_id = var.compartment_ocid
vcn_id = oci_core_vcn.my_vpc.id
display_name = "main-igw"
enabled = true
}
resource "oci_core_route_table" "my_public_route_table" {
compartment_id = var.compartment_ocid
vcn_id = oci_core_vcn.my_vpc.id
display_name = "main-public-rt"
# Default route to the Internet Gateway
route_rules {
destination = "0.0.0.0/0"
destination_type = "CIDR_BLOCK"
network_entity_id = oci_core_internet_gateway.my_igw.id
}
}
resource "oci_core_security_list" "my_public_security_list" {
compartment_id = var.compartment_ocid
vcn_id = oci_core_vcn.my_vpc.id
display_name = "main-public-sl"
# Egress Rules (Allow all outbound traffic)
egress_security_rules {
destination = "0.0.0.0/0"
destination_type = "CIDR_BLOCK"
protocol = "all"
}
# Ingress Rules
ingress_security_rules {
# SSH (TCP 22)
protocol = "6" # TCP
source = "0.0.0.0/0"
source_type = "CIDR_BLOCK"
tcp_options {
min = 22
max = 22
}
}
ingress_security_rules {
# HTTP (TCP 80)
protocol = "6" # TCP
source = "0.0.0.0/0"
source_type = "CIDR_BLOCK"
tcp_options {
min = 80
max = 80
}
}
ingress_security_rules {
# HTTPS (TCP 443)
protocol = "6" # TCP
source = "0.0.0.0/0"
source_type = "CIDR_BLOCK"
tcp_options {
min = 443
max = 443
}
}
ingress_security_rules {
# Custom Minecraft
protocol = "6" # TCP
source = "0.0.0.0/0"
source_type = "CIDR_BLOCK"
tcp_options {
min = 49732
max = 49732
}
}
ingress_security_rules {
# HTTPS (UDP 443) - For QUIC or specific UDP services
protocol = "17" # UDP
source = "0.0.0.0/0"
source_type = "CIDR_BLOCK"
udp_options {
min = 443
max = 443
}
}
ingress_security_rules {
# ICMP (Ping)
protocol = "1" # ICMP
source = "0.0.0.0/0"
source_type = "CIDR_BLOCK"
icmp_options {
type = 3 # Destination Unreachable (common for connectivity checks)
code = 4 # Fragmentation needed
}
}
ingress_security_rules {
protocol = "1" # ICMP
source = "0.0.0.0/0"
source_type = "CIDR_BLOCK"
icmp_options {
type = 8 # Echo Request (ping)
}
}
}
resource "oci_core_subnet" "my_public_subnet" {
compartment_id = var.compartment_ocid
vcn_id = oci_core_vcn.my_vpc.id
display_name = "main-public-subnet"
cidr_block = "10.0.0.0/24"
prohibit_public_ip_on_vnic = false # Allows instances in this subnet to get public IPs
route_table_id = oci_core_route_table.my_public_route_table.id
security_list_ids = [oci_core_security_list.my_public_security_list.id]
dns_label = "mainsub" # Must be unique within the VCN
}

19
deploy/oracle/outputs.tf Normal file
View File

@ -0,0 +1,19 @@
output "host_ip" {
description = "The public IP address of the launched instance."
value = oci_core_instance.my_compute_instance.public_ip
}
output "instance_id" {
description = "The OCID of the launched instance."
value = oci_core_instance.my_compute_instance.id
}
output "vpc_ocid" {
description = "The OCID of the created VCN."
value = oci_core_vcn.my_vpc.id
}
output "subnet_ocid" {
description = "The OCID of the created public subnet."
value = oci_core_subnet.my_public_subnet.id
}

63
deploy/oracle/variables.tf Normal file
View File

@ -0,0 +1,63 @@
variable "boot_volume_size_in_gbs" {
description = "The size of the boot volume in GBs."
type = number
default = 150
}
variable "cloud_init_script" {
description = "A cloud-init script to run on instance launch."
type = string
default = <<-EOF
#!/bin/bash
echo "Hello from cloud-init!" > /home/ubuntu/cloud-init-output.txt
EOF
}
variable "compartment_ocid" {
description = "The OCID of the compartment where the instance will be created."
type = string
default = "ocid1.tenancy.oc1..aaaaaaaaudwr2ozedhjnrn76ofjgglgug6gexknjisd7gb7tkj3mjdp763da"
}
variable "instance_display_name" {
description = "A user-friendly name for the instance."
type = string
default = "noah-nixos"
}
variable "instance_shape" {
description = "The shape of the OCI compute instance."
type = string
default = "VM.Standard.A1.Flex" # Example shape. Choose one available in your region/AD.
}
variable "object_storage_namespace" {
description = "Your OCI Object Storage namespace (usually your tenancy name)."
type = string
default = "idptr5akf9pf"
}
variable "object_storage_bucket_name" {
description = "The name of the Object Storage bucket where your custom image is located."
type = string
default = "noahmasur-images"
}
variable "object_storage_object_name" {
description = "The object name (file name) of your custom image in Object Storage."
type = string
default = "nixos.qcow2"
}
variable "oci_private_key" {
type = string
description = "API private key for Oracle Cloud management"
sensitive = true
}
variable "ssh_public_key" {
description = "Your public SSH key content."
type = string
# default = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s personal"
default = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKpPU2G9rSF8Q6waH62IJexDCQ6lY+8ZyVufGE3xMDGw actions-deploy"
}

402
flake.lock generated
View File

@ -22,11 +22,11 @@
]
},
"locked": {
"lastModified": 1741229100,
"narHash": "sha256-0HwrTDXp9buEwal/1ymK9uQmzUD5ozIA7CJGqnT/gLs=",
"lastModified": 1751313918,
"narHash": "sha256-HsJM3XLa43WpG+665aGEh8iS8AfEwOIQWk3Mke3e7nk=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "adf5c88ba1fe21af5c083b4d655004431f20c5ab",
"rev": "e04a388232d9a6ba56967ce5b53a8a6f713cdfcf",
"type": "github"
},
"original": {
@ -43,11 +43,11 @@
]
},
"locked": {
"lastModified": 1740485968,
"narHash": "sha256-WK+PZHbfDjLyveXAxpnrfagiFgZWaTJglewBWniTn2Y=",
"lastModified": 1750903843,
"narHash": "sha256-Ng9+f0H5/dW+mq/XOKvB9uwvGbsuiiO6HrPdAcVglCs=",
"owner": "nix-community",
"repo": "disko",
"rev": "19c1140419c4f1cdf88ad4c1cfb6605597628940",
"rev": "83c4da299c1d7d300f8c6fd3a72ac46cb0d59aae",
"type": "github"
},
"original": {
@ -76,11 +76,11 @@
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
},
"original": {
@ -148,6 +148,45 @@
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"helix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1751378814,
"narHash": "sha256-pdYjEgdVYEerzxxmrM0GJAFGZ+J50NRD0rtDZ16SuTM=",
"owner": "helix-editor",
"repo": "helix",
"rev": "6a090471a800b1001bdfd2b6e0b710c1cd439a4e",
"type": "github"
},
"original": {
"owner": "helix-editor",
"repo": "helix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -155,11 +194,11 @@
]
},
"locked": {
"lastModified": 1741378606,
"narHash": "sha256-ytDmwV93lZ1f6jswJkxEQz5cBlwje/2rH/yUZDADZNs=",
"lastModified": 1751485527,
"narHash": "sha256-E2AtD5UUeU50xco4gmgsCOs7tnBNsVi7+CdCZ4yQUrA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "95711f926676018d279ba09fe7530d03b5d5b3e2",
"rev": "25f003f8a9eae31a11938d53cb23e0b4a3c08d3a",
"type": "github"
},
"original": {
@ -180,11 +219,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1739821351,
"narHash": "sha256-QlVtMzAhECs9Esq3txqVW7/vM78ipB5IcI8uyCbTP7A=",
"lastModified": 1742156590,
"narHash": "sha256-aTM/2CrNN5utdVEQGsOA+kl4UozgH7VPLBQL5OXtBrg=",
"owner": "hraban",
"repo": "mac-app-util",
"rev": "c00d5b21ca1fdab8acef65e696795f0f15ec1158",
"rev": "341ede93f290df7957047682482c298e47291b4d",
"type": "github"
},
"original": {
@ -193,58 +232,6 @@
"type": "github"
}
},
"nextcloud-cookbook": {
"flake": false,
"locked": {
"lastModified": 1726214817,
"narHash": "sha256-Pfa+Xbopg20os+pnGgg+wpEX1MI5fz5JMb0K4a8rBhs=",
"type": "tarball",
"url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.2/cookbook-0.11.2.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.2/cookbook-0.11.2.tar.gz"
}
},
"nextcloud-external": {
"flake": false,
"locked": {
"lastModified": 1729501365,
"narHash": "sha256-OV6HhFBzmnQBO5btGEnqmKlaUMY7/t2Qm3XebclpBlM=",
"type": "tarball",
"url": "https://github.com/nextcloud-releases/external/releases/download/v5.5.2/external-v5.5.2.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/nextcloud-releases/external/releases/download/v5.5.2/external-v5.5.2.tar.gz"
}
},
"nextcloud-news": {
"flake": false,
"locked": {
"lastModified": 1729667622,
"narHash": "sha256-pnvyMZQ+NYMgH0Unfh5S19HdZSjnghgoUDAoi2KIXNI=",
"type": "tarball",
"url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha12/news.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha12/news.tar.gz"
}
},
"nextcloud-snappymail": {
"flake": false,
"locked": {
"lastModified": 1728502660,
"narHash": "sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E=",
"type": "tarball",
"url": "https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz"
}
},
"nix2vim": {
"inputs": {
"flake-utils": "flake-utils_2",
@ -253,11 +240,11 @@
]
},
"locked": {
"lastModified": 1740943170,
"narHash": "sha256-A0F7T/euSMen004cVQN/ZkMpLkgLXDs+mq/merhd+0Y=",
"lastModified": 1745846717,
"narHash": "sha256-GjwZEjCrI1/tQYylAQ+hU5JYD2hJI+rZmfICCIniWuE=",
"owner": "gytis-ivaskevicius",
"repo": "nix2vim",
"rev": "a562f32ff2393d0ed198103c65a3035bcdf83d4d",
"rev": "0cd899a39b56d665115f72ffc7c37e0f4cf41dbe",
"type": "github"
},
"original": {
@ -289,11 +276,11 @@
]
},
"locked": {
"lastModified": 1740947705,
"narHash": "sha256-Co2kAD2SZalOm+5zoxmzEVZNvZ17TyafuFsD46BwSdY=",
"lastModified": 1747663185,
"narHash": "sha256-Obh50J+O9jhUM/FgXtI3he/QRNiV9+J53+l+RlKSaAk=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "507911df8c35939050ae324caccc7cf4ffb76565",
"rev": "ee07ba0d36c38e9915c55d2ac5a8fb0f05f2afcc",
"type": "github"
},
"original": {
@ -304,11 +291,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1741246872,
"narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=",
"lastModified": 1751271578,
"narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "10069ef4cf863633f57238f179a0297de84bd8d3",
"rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df",
"type": "github"
},
"original": {
@ -334,6 +321,22 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1728538411,
"narHash": "sha256-f0SBJz1eZ2yOuKUr5CA9BHULGXVSn6miBuUWdTyhUhU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b69de56fac8c2b6f8fd27f2eca01dcda8e0a4221",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": "flake-parts",
@ -343,11 +346,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1741383898,
"narHash": "sha256-hIiLfvj0qZjBLhk5eBhIv8SZJ+bI8d06Hxp480mJ1aI=",
"lastModified": 1751485261,
"narHash": "sha256-QtPZgSHeBdS6yr2E9SUjqusslh3ztxskn54vIwl3pzU=",
"owner": "nix-community",
"repo": "nur",
"rev": "54352c3c3110f34e71a2ae9a0210aa6955555760",
"rev": "864d4a94df15802c83c212c2a9fe1d44eb6e78d5",
"type": "github"
},
"original": {
@ -360,28 +363,80 @@
"inputs": {
"darwin": "darwin",
"disko": "disko",
"helix": "helix",
"home-manager": "home-manager",
"mac-app-util": "mac-app-util",
"nextcloud-cookbook": "nextcloud-cookbook",
"nextcloud-external": "nextcloud-external",
"nextcloud-news": "nextcloud-news",
"nextcloud-snappymail": "nextcloud-snappymail",
"nix2vim": "nix2vim",
"nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable",
"nur": "nur",
"tree-sitter-bash": "tree-sitter-bash",
"tree-sitter-ini": "tree-sitter-ini",
"tree-sitter-lua": "tree-sitter-lua",
"tree-sitter-puppet": "tree-sitter-puppet",
"tree-sitter-python": "tree-sitter-python",
"tree-sitter-rasi": "tree-sitter-rasi",
"tree-sitter-vimdoc": "tree-sitter-vimdoc",
"wsl": "wsl",
"yazi": "yazi",
"zellij-switch": "zellij-switch",
"zenyd-mpv-scripts": "zenyd-mpv-scripts"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"helix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1740623427,
"narHash": "sha256-3SdPQrZoa4odlScFDUHd4CUPQ/R1gtH4Mq9u8CBiK8M=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "d342e8b5fd88421ff982f383c853f0fc78a847ab",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_2": {
"inputs": {
"nixpkgs": [
"yazi",
"nixpkgs"
]
},
"locked": {
"lastModified": 1747363019,
"narHash": "sha256-N4dwkRBmpOosa4gfFkFf/LTD8oOcNkAyvZ07JvRDEf0=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "0e624f2b1972a34be1a9b35290ed18ea4b419b6f",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_3": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1736476219,
"narHash": "sha256-+qyv3QqdZCdZ3cSO/cbpEY6tntyYjfe1bB12mdpNFaY=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "de30cc5963da22e9742bbbbb9a3344570ed237b9",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1689347925,
@ -412,118 +467,33 @@
"type": "github"
}
},
"tree-sitter-bash": {
"flake": false,
"systems_3": {
"locked": {
"lastModified": 1738310128,
"narHash": "sha256-ODWgFpCLLPgzNYXFhfAVvDXPr5bW8/49ezsaS9MOWMk=",
"owner": "tree-sitter",
"repo": "tree-sitter-bash",
"rev": "0c46d792d54c536be5ff7eb18eb95c70fccdb232",
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "tree-sitter",
"ref": "master",
"repo": "tree-sitter-bash",
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tree-sitter-ini": {
"flake": false,
"systems_4": {
"locked": {
"lastModified": 1725233451,
"narHash": "sha256-G11Aynq2rnkRwdkhspjYqtBD/h5k4aD+NvuE0QfploU=",
"owner": "justinmk",
"repo": "tree-sitter-ini",
"rev": "962568c9efa71d25720ab42c5d36e222626ef3a6",
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "justinmk",
"repo": "tree-sitter-ini",
"type": "github"
}
},
"tree-sitter-lua": {
"flake": false,
"locked": {
"lastModified": 1738303275,
"narHash": "sha256-mE84uI5AKbLvX5CM7NvA59Z8Ux+QFdqVjZf4hi06NAM=",
"owner": "MunifTanjim",
"repo": "tree-sitter-lua",
"rev": "68d29aa745b68ae22cbbdb5dcb68c20232521ff6",
"type": "github"
},
"original": {
"owner": "MunifTanjim",
"ref": "main",
"repo": "tree-sitter-lua",
"type": "github"
}
},
"tree-sitter-puppet": {
"flake": false,
"locked": {
"lastModified": 1734835631,
"narHash": "sha256-bO5g5AdhzpB13yHklpAndUHIX7Rvd7OMjH0Ds2ATA6Q=",
"owner": "amaanq",
"repo": "tree-sitter-puppet",
"rev": "15f192929b7d317f5914de2b4accd37b349182a6",
"type": "github"
},
"original": {
"owner": "amaanq",
"repo": "tree-sitter-puppet",
"type": "github"
}
},
"tree-sitter-python": {
"flake": false,
"locked": {
"lastModified": 1738275152,
"narHash": "sha256-t9etfZcrliF7f9hfiomh2U9P+3ufAm8iSK1y9rOhP7s=",
"owner": "tree-sitter",
"repo": "tree-sitter-python",
"rev": "710796b8b877a970297106e5bbc8e2afa47f86ec",
"type": "github"
},
"original": {
"owner": "tree-sitter",
"ref": "master",
"repo": "tree-sitter-python",
"type": "github"
}
},
"tree-sitter-rasi": {
"flake": false,
"locked": {
"lastModified": 1716296585,
"narHash": "sha256-sPrIVgGGaBaXeqHNxjcdJ/S2FvxyV6rD9UPKU/tpspw=",
"owner": "Fymyte",
"repo": "tree-sitter-rasi",
"rev": "6c9bbcfdf5f0f553d9ebc01750a3aa247a37b8aa",
"type": "github"
},
"original": {
"owner": "Fymyte",
"repo": "tree-sitter-rasi",
"type": "github"
}
},
"tree-sitter-vimdoc": {
"flake": false,
"locked": {
"lastModified": 1729686839,
"narHash": "sha256-Vrl4/cZL+TWlUMEeWZoHCAWhvlefcl3ajGcwyTNKOhI=",
"owner": "neovim",
"repo": "tree-sitter-vimdoc",
"rev": "d2e4b5c172a109966c2ce0378f73df6cede39400",
"type": "github"
},
"original": {
"owner": "neovim",
"repo": "tree-sitter-vimdoc",
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
@ -556,11 +526,11 @@
]
},
"locked": {
"lastModified": 1741192150,
"narHash": "sha256-wB140alXVla1Rw/kENerUoma2qO1Jy5IYWbmiSqmJu0=",
"lastModified": 1749574455,
"narHash": "sha256-fm2/8KPOYvvIAnNVtjDlTt/My00lIbZQ+LMrfQIWVzs=",
"owner": "nix-community",
"repo": "NixOS-WSL",
"rev": "0e4ccdb8181da2c6193c047b50ffee5f1a3b6dc1",
"rev": "917af390377c573932d84b5e31dd9f2c1b5c0f09",
"type": "github"
},
"original": {
@ -569,6 +539,50 @@
"type": "github"
}
},
"yazi": {
"inputs": {
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1751469973,
"narHash": "sha256-5Y1aVAYFmV20kmkhcHEQrDDvHiJVQGyYhD1SBCp639E=",
"owner": "sxyazi",
"repo": "yazi",
"rev": "c7f800ad7ecf76e3431ad1b7005fa24b53726802",
"type": "github"
},
"original": {
"owner": "sxyazi",
"repo": "yazi",
"type": "github"
}
},
"zellij-switch": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay_3",
"systems": "systems_4"
},
"locked": {
"lastModified": 1742588229,
"narHash": "sha256-IPg0pBw0ciF+xl6viq3nK+dvZoDZrfBDui7dkPLz258=",
"owner": "mostafaqanbaryan",
"repo": "zellij-switch",
"rev": "0e3c303c19890ccb03589230ac5a7c4307e573e4",
"type": "github"
},
"original": {
"owner": "mostafaqanbaryan",
"repo": "zellij-switch",
"type": "github"
}
},
"zenyd-mpv-scripts": {
"flake": false,
"locked": {

523
flake.nix
View File

@ -34,12 +34,6 @@
inputs.nixpkgs.follows = "nixpkgs";
};
# # Use official Firefox binary for macOS
# firefox-darwin = {
# url = "github:bandithedoge/nixpkgs-firefox-darwin";
# inputs.nixpkgs.follows = "nixpkgs";
# };
# Better App install management in macOS
mac-app-util = {
url = "github:hraban/mac-app-util";
@ -52,12 +46,6 @@
inputs.nixpkgs.follows = "nixpkgs";
};
# # Wallpapers
# wallpapers = {
# url = "gitlab:exorcist365/wallpapers";
# flake = false;
# };
# Used to generate NixOS images for other platforms
nixos-generators = {
url = "github:nix-community/nixos-generators";
@ -70,390 +58,206 @@
inputs.nixpkgs.follows = "nixpkgs";
};
# # Neovim plugins
# base16-nvim-src = {
# url = "github:RRethy/base16-nvim";
# flake = false;
# };
# nvim-lspconfig-src = {
# # https://github.com/neovim/nvim-lspconfig/tags
# url = "github:neovim/nvim-lspconfig/v0.1.8";
# flake = false;
# };
# cmp-nvim-lsp-src = {
# url = "github:hrsh7th/cmp-nvim-lsp";
# flake = false;
# };
# baleia-nvim-src = {
# # https://github.com/m00qek/baleia.nvim/tags
# url = "github:m00qek/baleia.nvim";
# flake = false;
# };
# nvim-treesitter-src = {
# # https://github.com/nvim-treesitter/nvim-treesitter/tags
# url = "github:nvim-treesitter/nvim-treesitter/v0.9.2";
# flake = false;
# };
# telescope-nvim-src = {
# # https://github.com/nvim-telescope/telescope.nvim/releases
# url = "github:nvim-telescope/telescope.nvim/0.1.8";
# flake = false;
# };
# telescope-project-nvim-src = {
# url = "github:nvim-telescope/telescope-project.nvim";
# flake = false;
# };
# toggleterm-nvim-src = {
# # https://github.com/akinsho/toggleterm.nvim/tags
# url = "github:akinsho/toggleterm.nvim/v2.12.0";
# flake = false;
# };
# bufferline-nvim-src = {
# # https://github.com/akinsho/bufferline.nvim/releases
# url = "github:akinsho/bufferline.nvim/v4.6.1";
# flake = false;
# };
# nvim-tree-lua-src = {
# url = "github:kyazdani42/nvim-tree.lua";
# flake = false;
# };
# hmts-nvim-src = {
# url = "github:calops/hmts.nvim";
# flake = false;
# };
# fidget-nvim-src = {
# # https://github.com/j-hui/fidget.nvim/tags
# url = "github:j-hui/fidget.nvim/v1.4.5";
# flake = false;
# };
# nvim-lint-src = {
# url = "github:mfussenegger/nvim-lint";
# flake = false;
# };
# tiny-inline-diagnostic-nvim-src = {
# url = "github:rachartier/tiny-inline-diagnostic.nvim";
# flake = false;
# };
# snipe-nvim-src = {
# url = "github:leath-dub/snipe.nvim";
# flake = false;
# };
# Tree-Sitter Grammars
tree-sitter-bash = {
url = "github:tree-sitter/tree-sitter-bash/master";
flake = false;
};
tree-sitter-python = {
url = "github:tree-sitter/tree-sitter-python/master";
flake = false;
};
tree-sitter-lua = {
url = "github:MunifTanjim/tree-sitter-lua/main";
flake = false;
};
tree-sitter-ini = {
url = "github:justinmk/tree-sitter-ini";
flake = false;
};
tree-sitter-puppet = {
url = "github:amaanq/tree-sitter-puppet";
flake = false;
};
tree-sitter-rasi = {
url = "github:Fymyte/tree-sitter-rasi";
flake = false;
};
tree-sitter-vimdoc = {
url = "github:neovim/tree-sitter-vimdoc";
flake = false;
};
# MPV Scripts
zenyd-mpv-scripts = {
url = "github:zenyd/mpv-scripts";
flake = false;
};
# # Git alternative
# # Fixes: https://github.com/martinvonz/jj/issues/4784
# jujutsu = {
# url = "github:martinvonz/jj";
# inputs.nixpkgs.follows = "nixpkgs";
# };
# Zellij Switcher
zellij-switch = {
url = "github:mostafaqanbaryan/zellij-switch";
inputs.nixpkgs.follows = "nixpkgs";
};
# Nextcloud Apps
nextcloud-news = {
# https://github.com/nextcloud/news/releases
url = "https://github.com/nextcloud/news/releases/download/25.0.0-alpha12/news.tar.gz";
flake = false;
# Text editor
helix = {
url = "github:helix-editor/helix";
inputs.nixpkgs.follows = "nixpkgs";
};
nextcloud-external = {
# https://github.com/nextcloud-releases/external/releases
url = "https://github.com/nextcloud-releases/external/releases/download/v5.5.2/external-v5.5.2.tar.gz";
flake = false;
};
nextcloud-cookbook = {
# https://github.com/christianlupus-nextcloud/cookbook-releases/releases/
url = "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.2/cookbook-0.11.2.tar.gz";
flake = false;
};
nextcloud-snappymail = {
# https://github.com/the-djmaze/snappymail/releases
# https://snappymail.eu/repository/nextcloud
url = "https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz";
# url = "https://github.com/nmasur/snappymail-nextcloud/releases/download/v2.36.3/snappymail-2.36.3-nextcloud.tar.gz";
flake = false;
# Terminal file manager
yazi = {
url = "github:sxyazi/yazi";
inputs.nixpkgs.follows = "nixpkgs";
};
# # Nextcloud Apps
# nextcloud-news = {
# # https://github.com/nextcloud/news/releases
# url = "https://github.com/nextcloud/news/releases/download/25.0.0-alpha12/news.tar.gz";
# flake = false;
# };
# nextcloud-external = {
# # https://github.com/nextcloud-releases/external/releases
# url = "https://github.com/nextcloud-releases/external/releases/download/v5.5.2/external-v5.5.2.tar.gz";
# flake = false;
# };
# nextcloud-cookbook = {
# # https://github.com/christianlupus-nextcloud/cookbook-releases/releases/
# url = "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.2/cookbook-0.11.2.tar.gz";
# flake = false;
# };
# nextcloud-snappymail = {
# # https://github.com/the-djmaze/snappymail/releases
# # https://snappymail.eu/repository/nextcloud
# url = "https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz";
# # url = "https://github.com/nmasur/snappymail-nextcloud/releases/download/v2.36.3/snappymail-2.36.3-nextcloud.tar.gz";
# flake = false;
# };
};
outputs =
{ nixpkgs, ... }@inputs:
let
# Global configuration for my systems
globals =
hostnames =
let
baseName = "masu.rs";
in
rec {
user = "noah";
fullName = "Noah Masur";
gitName = fullName;
gitEmail = "7386960+nmasur@users.noreply.github.com";
mail.server = "noahmasur.com";
mail.imapHost = "imap.purelymail.com";
mail.smtpHost = "smtp.purelymail.com";
dotfilesRepo = "https://github.com/nmasur/dotfiles";
hostnames = {
audiobooks = "read.${baseName}";
books = "books.${baseName}";
budget = "money.${baseName}";
content = "cloud.${baseName}";
download = "download.${baseName}";
files = "files.${baseName}";
git = "git.${baseName}";
imap = "imap.purelymail.com";
influxdb = "influxdb.${baseName}";
irc = "irc.${baseName}";
mail = "noahmasur.com";
metrics = "metrics.${baseName}";
minecraft = "minecraft.${baseName}";
n8n = "n8n.${baseName}";
notifications = "ntfy.${baseName}";
paperless = "paper.${baseName}";
photos = "photos.${baseName}";
prometheus = "prom.${baseName}";
secrets = "vault.${baseName}";
smtp = "smtp.purelymail.com";
status = "status.${baseName}";
stream = "stream.${baseName}";
transmission = "transmission.${baseName}";
};
{
audiobooks = "read.${baseName}";
bookmarks = "keep.${baseName}";
books = "books.${baseName}";
budget = "money.${baseName}";
content = "cloud.${baseName}";
download = "download.${baseName}";
files = "files.${baseName}";
git = "git.${baseName}";
imap = "imap.purelymail.com";
influxdb = "influxdb.${baseName}";
irc = "irc.${baseName}";
mail = "noahmasur.com";
mathesar = "mathesar.${baseName}";
metrics = "metrics.${baseName}";
minecraft = "minecraft.${baseName}";
n8n = "n8n.${baseName}";
notifications = "ntfy.${baseName}";
paperless = "paper.${baseName}";
photos = "photos.${baseName}";
postgresql = "pg.${baseName}";
prometheus = "prom.${baseName}";
secrets = "vault.${baseName}";
smtp = "smtp.purelymail.com";
status = "status.${baseName}";
stream = "stream.${baseName}";
transmission = "transmission.${baseName}";
};
# Common overlays to always use
overlays = [
inputs.nur.overlays.default
inputs.nix2vim.overlay
# inputs.jujutsu.overlays.default # Fix: https://github.com/martinvonz/jj/issues/4784
# (import ./overlays/neovim-plugins.nix inputs)
# (import ./overlays/tree-sitter.nix inputs)
# (import ./overlays/mpv-scripts.nix inputs)
# (import ./overlays/nextcloud-apps.nix inputs)
# (import ./overlays/pkgs.nix)
] ++ (import ./overlays inputs);
# System types to support.
supportedSystems = [
"x86_64-linux"
"x86_64-darwin"
"aarch64-linux"
"aarch64-darwin"
];
# Helper function to generate an attrset '{ x86_64-linux = f "x86_64-linux"; ... }'.
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
# { system -> pkgs }
pkgsBySystem = forAllSystems (
system:
import nixpkgs {
inherit system overlays;
config.permittedInsecurePackages = [ "litestream-0.3.13" ];
config.allowUnfree = true;
}
);
# stablePkgsBySystem = forAllSystems (system: import nixpkgs { inherit system overlays; });
buildHome =
{ pkgs, modules }:
inputs.home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = modules ++ [
./platforms/home-manager
];
};
buildNixos =
{ pkgs, modules }:
nixpkgs.lib.nixosSystem {
inherit pkgs;
modules = modules ++ [
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
inputs.wsl.nixosModules.wsl
./platforms/nixos
{
home-manager.extraSpecialArgs = {
hostnames = globals.hostnames;
};
}
];
specialArgs = {
hostnames = globals.hostnames;
};
};
buildDarwin =
{ pkgs, modules }:
inputs.darwin.lib.darwinSystem {
inherit pkgs;
modules = modules ++ [
inputs.home-manager.darwinModules.home-manager
inputs.mac-app-util.darwinModules.default
./platforms/nix-darwin
];
};
x86_64-linux-hosts = (import ./hosts nixpkgs).x86_64-linux-hosts;
aarch64-linux-hosts = (import ./hosts nixpkgs).aarch64-linux-hosts;
aarch64-darwin-hosts = (import ./hosts nixpkgs).aarch64-darwin-hosts;
in
rec {
# The plan
# Import all the host configurations as modules
# Setup the modules as nixosModules, homeModules, darwinModules
# Create nixosConfigurations using the different pkgs for each system
# What to do with home config?
lib = import ./lib inputs;
flattenAttrset = attrs: builtins.foldl' lib.mergeAttrs { } (builtins.attrValues attrs);
nixosModules = x86_64-linux-hosts // aarch64-linux-hosts;
darwinModules = aarch64-darwin-hosts;
nixosConfigurations = flattenAttrset (
builtins.mapAttrs (
system: hosts:
builtins.mapAttrs (
name: module:
lib.buildNixos {
inherit system module;
specialArgs = { inherit hostnames; };
}
) hosts
) lib.linuxHosts
);
inherit buildDarwin pkgsBySystem;
darwinConfigurations = flattenAttrset (
builtins.mapAttrs (
system: hosts:
builtins.mapAttrs (
name: module:
lib.buildDarwin {
inherit system module;
specialArgs = { inherit hostnames; };
}
) hosts
) lib.darwinHosts
);
# Contains my full system builds, including home-manager
# nixos-rebuild switch --flake .#tempest
nixosConfigurations =
(builtins.mapAttrs (
name: module:
buildNixos {
pkgs = pkgsBySystem.x86_64-linux;
modules = [ module ];
}
) x86_64-linux-hosts)
// (builtins.mapAttrs (
name: module:
buildNixos {
pkgs = pkgsBySystem.aarch64-linux;
modules = [ module ];
}
) aarch64-linux-hosts);
homeModules = builtins.mapAttrs (
system: hosts:
builtins.mapAttrs (
name: module: (builtins.head (lib.attrsToList module.home-manager.users)).value
) hosts
) lib.hosts;
# Contains my full Mac system builds, including home-manager
# darwin-rebuild switch --flake .#lookingglass
darwinConfigurations = builtins.mapAttrs (
name: module:
buildDarwin {
pkgs = pkgsBySystem.aarch64-darwin;
modules = [ module ];
}
) aarch64-darwin-hosts;
# For quickly applying home-manager settings with:
# home-manager switch --flake .#tempest
homeConfigurations = builtins.mapAttrs (
name: module:
buildHome {
pkgs = pkgsBySystem.x86_64-linux;
module = [ module ];
}
) nixosModules;
homeConfigurations = flattenAttrset (
builtins.mapAttrs (
system: hosts:
builtins.mapAttrs (
name: module:
lib.buildHome {
inherit system module;
specialArgs = { inherit hostnames; };
}
) hosts
) homeModules
);
# Disk formatting, only used once
diskoConfigurations = {
root = import ./disks/root.nix;
root = import ./hosts/x86_64-linux/swan/root.nix;
};
generators = builtins.mapAttrs (
# x86_64-linux = { arrow = ...; swan = ...; }
system: hosts:
(lib.concatMapAttrs (name: module: {
"${name}-aws" = lib.generateImage {
inherit system module;
format = "amazon";
specialArgs = { inherit hostnames; };
};
"${name}-iso" = lib.generateImage {
inherit system module;
format = "iso";
specialArgs = { inherit hostnames; };
};
"${name}-qcow" = lib.generateImage {
inherit system module;
format = "qcow-efi";
specialArgs = { inherit hostnames; };
# extraModules = [ "${nixpkgs}/nixos/modules/virtualisation/oci-image.nix" ];
};
}) hosts)
) lib.linuxHosts # x86_64-linux = { arrow = ...; swan = ...; }
;
# packages =
# let
# staff =
# system:
# import ./hosts/staff {
# inherit
# inputs
# globals
# overlays
# system
# ;
# };
# neovim =
# system:
# let
# pkgs = import nixpkgs { inherit system overlays; };
# in
# import ./modules/common/neovim/package {
# inherit pkgs;
# colors = (import ./colorscheme/gruvbox-dark).dark;
# };
# in
# {
# x86_64-linux.staff = staff "x86_64-linux";
# x86_64-linux.arrow = inputs.nixos-generators.nixosGenerate rec {
# system = "x86_64-linux";
# format = "iso";
# modules = import ./hosts/arrow/modules.nix { inherit inputs globals overlays; };
# };
# x86_64-linux.arrow-aws = inputs.nixos-generators.nixosGenerate rec {
# system = "x86_64-linux";
# format = "amazon";
# modules = import ./hosts/arrow/modules.nix { inherit inputs globals overlays; } ++ [
# (
# { ... }:
# {
# boot.kernelPackages = inputs.nixpkgs.legacyPackages.x86_64-linux.linuxKernel.packages.linux_6_6;
# amazonImage.sizeMB = 16 * 1024;
# permitRootLogin = "prohibit-password";
# boot.loader.systemd-boot.enable = inputs.nixpkgs.lib.mkForce false;
# boot.loader.efi.canTouchEfiVariables = inputs.nixpkgs.lib.mkForce false;
# services.amazon-ssm-agent.enable = true;
# users.users.ssm-user.extraGroups = [ "wheel" ];
# }
# )
# ];
# };
# lib.forSystems lib.linuxSystems (
# system: generateImagesForHosts system // lib.pkgsBySystem.${system}.nmasur
# )
# // lib.forSystems lib.darwinSystems (system: lib.pkgsBySystem.${system}.nmasur);
# # Package Neovim config into standalone package
# x86_64-linux.neovim = neovim "x86_64-linux";
# x86_64-darwin.neovim = neovim "x86_64-darwin";
# aarch64-linux.neovim = neovim "aarch64-linux";
# aarch64-darwin.neovim = neovim "aarch64-darwin";
# };
packages = lib.forAllSystems (
system:
# Share the custom packages that I have placed under the nmasur namespace
lib.pkgsBySystem.${system}.nmasur
//
# Share generated images for each relevant host
(if (lib.hasInfix "linux" system) then generators.${system} else { })
packages = forAllSystems (system: pkgsBySystem.${system}.nmasur);
# //
# # Oracle
# {
# flame-oci = nixosConfigurations.flame.config.system.build.OCIImage;
# }
);
# Development environments
devShells = forAllSystems (system: {
default = pkgsBySystem.${system}.nmasur.dotfiles-devshell;
devShells = lib.forAllSystems (system: {
default = lib.pkgsBySystem.${system}.nmasur.dotfiles-devshell;
});
checks = forAllSystems (
checks = lib.forAllSystems (
system:
let
pkgs = import nixpkgs { inherit system overlays; };
pkgs = import nixpkgs {
inherit system;
overlays = lib.overlays;
};
in
{
neovim =
@ -472,15 +276,18 @@
}
);
formatter = forAllSystems (
formatter = lib.forAllSystems (
system:
let
pkgs = import nixpkgs { inherit system overlays; };
pkgs = import nixpkgs {
inherit system;
inherit (lib) overlays;
};
in
pkgs.nixfmt-rfc-style
);
# Templates for starting other projects quickly
templates = (import ./templates nixpkgs.lib);
templates = (import ./templates { inherit lib; });
};
}

6
hosts/aarch64-darwin/lookingglass/default.nix
View File

@ -21,6 +21,7 @@ rec {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
host = "lookingglass";
};
nmasur.profiles = {
common.enable = true;
@ -29,9 +30,12 @@ rec {
work.enable = true;
experimental.enable = true;
};
nmasur.presets.programs.git = {
nmasur.presets.programs.git-work.work = {
name = "Noah-Masur_1701";
email = "${nmasur.settings.username}@take2games.com";
};
home.stateVersion = "23.05";
};
system.stateVersion = 5;
}

22
hosts/aarch64-linux/default.nix
View File

@ -1,22 +0,0 @@
# Return a list of all NixOS hosts
{ nixpkgs, ... }:
let
inherit (nixpkgs) lib;
in
lib.pipe (lib.filesystem.listFilesRecursive ./.) [
# Get only files ending in default.nix
(builtins.filter (name: lib.hasSuffix "default.nix" name))
# Remove this file
(builtins.filter (name: name != ./default.nix))
# Import each host function
map
(file: {
name = builtins.baseNameOf (builtins.dirOf file);
value = import file;
})
# Convert to an attrset of hostname -> host function
(builtins.listToAttrs)
]

131
hosts/aarch64-linux/flame/default.nix
View File

@ -23,30 +23,32 @@ rec {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
host = networking.hostName;
};
nmasur.profiles = {
common.enable = true;
linux-base.enable = true;
power-user.enable = true;
};
nmasur.presets.programs.helix.enable = true;
home.stateVersion = "23.05";
};
system.stateVersion = "23.05";
# File systems must be declared in order to boot
# This is the root filesystem containing NixOS
# I forgot to set a clean label for it
fileSystems."/" = {
device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
fsType = "ext4";
};
# # This is the root filesystem containing NixOS
# # I forgot to set a clean label for it
# fileSystems."/" = {
# device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
# fsType = "ext4";
# };
# This is the boot filesystem for systemd-boot
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/D5CA-237A";
fsType = "vfat";
};
# # This is the boot filesystem for systemd-boot
# fileSystems."/boot" = {
# device = "/dev/disk/by-uuid/D5CA-237A";
# fsType = "vfat";
# };
# Allows private remote access over the internet
nmasur.presets.services.cloudflared = {
@ -56,4 +58,111 @@ rec {
ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org";
};
};
# Taken from https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/oci-common.nix
# fileSystems."/" = {
# device = "/dev/disk/by-label/nixos";
# fsType = "ext4";
# autoResize = true;
# };
# fileSystems."/boot" = {
# device = "/dev/disk/by-label/ESP";
# fsType = "vfat";
# };
boot.loader.efi.canTouchEfiVariables = false;
boot.loader.grub = {
device = "nodev";
splashImage = null;
extraConfig = ''
serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
terminal_input --append serial
terminal_output --append serial
'';
efiInstallAsRemovable = true;
efiSupport = true;
};
boot.loader.systemd-boot.enable = false;
# https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/configuringntpservice.htm#Configuring_the_Oracle_Cloud_Infrastructure_NTP_Service_for_an_Instance
networking.timeServers = [ "169.254.169.254" ];
boot.growPartition = true;
boot.kernelParams = [
"net.ifnames=0"
"nvme.shutdown_timeout=10"
"nvme_core.shutdown_timeout=10"
"libiscsi.debug_libiscsi_eh=1"
"crash_kexec_post_notifiers"
# aarch64-linux
"console=ttyAMA0,115200n8"
# VNC console
"console=tty1"
];
boot.initrd.availableKernelModules = [
"virtio_net"
"virtio_pci"
"virtio_mmio"
"virtio_blk"
"virtio_scsi"
"9p"
"9pnet_virtio"
];
boot.initrd.kernelModules = [
"virtio_balloon"
"virtio_console"
"virtio_rng"
"virtio_gpu"
];
networking.useDHCP = true;
# networking = {
# defaultGateway = "10.0.0.1";
# interfaces.eth0 = {
# ipAddress = throw "set your own";
# prefixLength = 24;
# };
# };
disko.devices = {
disk = {
main = {
type = "disk";
# device = "/dev/oracleoci/oraclevda"; # Consistent volume naming
device = "/dev/sda"; # Consistent volume naming
content = {
type = "gpt";
partitions = {
boot = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
# # Otherwise the instance may not have a working network-online.target,
# # making the fetch-ssh-keys.service fail
# networking.useNetworkd = true;
}

1
hosts/x86_64-darwin/readme.md Normal file
View File

@ -0,0 +1 @@
# No x86 Darwin Hosts Currently

15
hosts/x86_64-linux/arrow/default.nix
View File

@ -19,6 +19,7 @@ rec {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
host = networking.hostName;
};
nmasur.profiles = {
common.enable = true;
@ -29,4 +30,18 @@ rec {
system.stateVersion = "23.05";
# These filesystems are ignored by nixos-generators
# This is the root filesystem containing NixOS
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
# This is the boot filesystem for Grub
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
}

21
hosts/x86_64-linux/hydra/default.nix
View File

@ -19,6 +19,7 @@ rec {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
host = networking.hostName;
};
nmasur.profiles = {
common.enable = true;
@ -30,4 +31,24 @@ rec {
system.stateVersion = "23.05";
# This is the root filesystem containing NixOS
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
# This is the boot filesystem for Grub
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usb_storage"
"sd_mod"
];
}

4
hosts/x86_64-linux/staff/default.nix
View File

@ -23,6 +23,7 @@ rec {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
host = networking.hostName;
};
nmasur.profiles = {
common.enable = true;
@ -41,6 +42,9 @@ rec {
# Not sure what's necessary but too afraid to remove anything
# File systems must be declared in order to boot
# Required to have a boot loader to work
boot.loader.systemd-boot.enable = true;
# This is the root filesystem containing NixOS
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";

7
hosts/x86_64-linux/swan/default.nix
View File

@ -14,20 +14,25 @@ rec {
server.enable = true;
home.enable = true;
nas.enable = true;
shared-media.enable = true;
};
home-manager.users."noah" = {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
host = networking.hostName;
};
nmasur.profiles = {
common.enable = true;
linux-base.enable = true;
power-user.enable = true;
};
home.stateVersion = "23.05";
};
system.stateVersion = "23.05";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules = [
"xhci_pci"
@ -63,7 +68,7 @@ rec {
# Sets root ext4 filesystem instead of declaring it manually
disko = {
enableConfig = true;
devices = (import ../../../disks/root.nix { disk = "/dev/nvme0n1"; });
devices = (import ./root.nix { disk = "/dev/nvme0n1"; });
};
# Allows private remote access over the internet

8
hosts/x86_64-linux/tempest/default.nix
View File

@ -17,10 +17,13 @@ rec {
gaming.enable = true;
};
nmasur.presets.services.grub.enable = true;
home-manager.users."noah" = {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
host = networking.hostName;
};
nmasur.profiles = {
common.enable = true;
@ -31,14 +34,11 @@ rec {
developer.enable = true;
experimental.enable = true;
};
nmasur.presets.services.mbsync = {
user = nmasur.settings.username;
server = "noahmasur.com";
};
home.stateVersion = "23.05";
};
system.stateVersion = "23.05";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules = [
"nvme"

234
lib/default.nix Normal file
View File

@ -0,0 +1,234 @@
inputs:
let
lib = inputs.nixpkgs.lib;
in
lib
// rec {
# Returns all files in a directory matching a suffix
filesInDirectoryWithSuffix =
directory: suffix:
lib.pipe (lib.filesystem.listFilesRecursive directory) [
# Get only files ending in .nix
(builtins.filter (name: lib.hasSuffix suffix name))
];
# Returns all files ending in .nix for a directory
nixFiles = directory: filesInDirectoryWithSuffix directory ".nix";
# Returns all files ending in default.nix for a directory
defaultFiles = directory: filesInDirectoryWithSuffix directory "default.nix";
# Imports all files in a directory and passes inputs
importOverlays =
directory:
lib.pipe (nixFiles directory) [
# Import each overlay file
(map (file: (import file) inputs))
];
# Import default files as attrset with keys provided by parent directory
defaultFilesToAttrset =
directory:
lib.pipe (defaultFiles directory) [
# Import each file
(map (file: {
name = builtins.baseNameOf (builtins.dirOf file);
value = import file;
}))
# Convert to an attrset of parent dir name -> file
(builtins.listToAttrs)
];
# [ package1/package.nix package2/package.nix package2/hello.sh ]
buildPkgsFromDirectoryAndPkgs =
directory: pkgs:
lib.pipe (filesInDirectoryWithSuffix directory "package.nix") [
# Apply callPackage to create a derivation
# Must use final.callPackage to avoid infinite recursion
# [ package1.drv package2.drv ]
(builtins.map (name: pkgs.callPackage name { }))
# Convert the list to an attrset with keys from pname or name attr
# { package1 = package1.drv, package2 = package2.drv }
(builtins.listToAttrs (
map (v: {
name = v."pname" or v."name";
value = v;
})
))
];
# Common overlays to always use
overlays = [
inputs.nur.overlays.default
inputs.nix2vim.overlay
inputs.zellij-switch.overlays.default
inputs.helix.overlays.default
inputs.yazi.overlays.default
] ++ (importOverlays ../overlays);
# System types to support.
supportedSystems = [
"x86_64-linux"
"x86_64-darwin"
"aarch64-linux"
"aarch64-darwin"
];
# Split system types by operating system
linuxSystems = builtins.filter (lib.hasSuffix "linux") supportedSystems;
darwinSystems = builtins.filter (lib.hasSuffix "darwin") supportedSystems;
# Helper function to generate an attrset '{ x86_64-linux = f "x86_64-linux"; ... }'.
forSystems = systems: lib.genAttrs systems;
forAllSystems = lib.genAttrs supportedSystems;
# { x86_64-linux = { tempest = { settings = ...; }; }; };
hosts = forAllSystems (system: defaultFilesToAttrset ../hosts/${system});
linuxHosts = lib.filterAttrs (name: value: builtins.elem name linuxSystems) hosts;
darwinHosts = lib.filterAttrs (name: value: builtins.elem name darwinSystems) hosts;
# { system -> pkgs }
pkgsBySystem = forAllSystems (
system:
import inputs.nixpkgs {
inherit system overlays;
config.permittedInsecurePackages = [ "litestream-0.3.13" ];
config.allowUnfree = true;
}
);
colorscheme = defaultFilesToAttrset ../colorscheme;
homeModule = {
home-manager = {
# Include home-manager config in NixOS
sharedModules = nixFiles ../platforms/home-manager;
# Use the system-level nixpkgs instead of Home Manager's
useGlobalPkgs = lib.mkDefault true;
# Install packages to /etc/profiles instead of ~/.nix-profile, useful when
# using multiple profiles for one user
useUserPackages = lib.mkDefault true;
};
};
buildHome =
{
system,
module,
specialArgs,
}:
inputs.home-manager.lib.homeManagerConfiguration {
pkgs = pkgsBySystem.${system};
modules = [
{ imports = (nixFiles ../platforms/home-manager); }
module
];
extraSpecialArgs = {
inherit colorscheme;
} // specialArgs;
};
buildNixos =
{
system,
module,
specialArgs,
}:
inputs.nixpkgs.lib.nixosSystem {
inherit specialArgs;
pkgs = pkgsBySystem.${system};
modules = [
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
inputs.wsl.nixosModules.wsl
{ imports = (nixFiles ../platforms/nixos); }
module
{
home-manager = {
extraSpecialArgs = {
inherit colorscheme;
} // specialArgs;
} // homeModule.home-manager;
}
];
};
buildDarwin =
{
system,
module,
specialArgs,
}:
inputs.darwin.lib.darwinSystem {
inherit system specialArgs;
modules = [
inputs.home-manager.darwinModules.home-manager
inputs.mac-app-util.darwinModules.default
{
imports = (nixFiles ../platforms/nix-darwin);
nixpkgs.pkgs = pkgsBySystem.${system};
}
module
{
home-manager = {
extraSpecialArgs = {
inherit colorscheme;
} // specialArgs;
} // homeModule.home-manager;
}
];
};
generatorOptions = {
amazon = {
aws.enable = true;
};
iso = {
nmasur.profiles.wsl.enable = lib.mkForce false;
boot.loader.grub.enable = lib.mkForce false;
};
qcow-efi = {
nmasur.profiles.wsl.enable = lib.mkForce false;
boot.loader.grub.enable = lib.mkForce false;
fileSystems."/boot".device = lib.mkForce "/dev/disk/by-label/ESP";
};
};
generateImage =
{
system,
module,
format,
specialArgs,
}:
inputs.nixos-generators.nixosGenerate {
inherit system format;
pkgs = pkgsBySystem.${system};
modules = [
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
inputs.wsl.nixosModules.wsl
{
imports = (nixFiles ../platforms/nixos) ++ (nixFiles ../platforms/generators);
}
generatorOptions.${format}
module
{
home-manager = {
extraSpecialArgs = {
inherit colorscheme;
} // specialArgs;
} // homeModule.home-manager;
}
];
specialArgs = {
} // specialArgs;
};
}

67
modules/common/shell/work.nix Normal file
View File

@ -0,0 +1,67 @@
{
config,
pkgs,
lib,
...
}:
{
home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin {
home.packages =
let
ldap_scheme = "ldaps";
magic_prefix = "take";
ldap_port = 3269;
jq_parse = pkgs.writeShellScriptBin "ljq" ''
jq --slurp \
--raw-input 'split("\n\n")|map(split("\n")|map(select(.[0:1]!="#" and length>0)) |select(length > 0)|map(capture("^(?<key>[^:]*:?): *(?<value>.*)") |if .key[-1:.key|length] == ":" then .key=.key[0:-1]|.value=(.value|@base64d) else . end)| group_by(.key) | map({key:.[0].key,value:(if .|length > 1 then [.[].value] else .[].value end)}) | from_entries)' | jq -r 'del(.[].thumbnailPhoto)'
'';
ldap_script = pkgs.writeShellScriptBin "ldap" ''
if ! [ "$LDAP_HOST" ]; then
echo "No LDAP_HOST specified!"
exit 1
fi
SEARCH_FILTER="$@"
ldapsearch -LLL \
-B -o ldif-wrap=no \
-E pr=5000/prompt \
-H "${ldap_scheme}://''${LDAP_HOST}:${builtins.toString ldap_port}" \
-D "${pkgs.lib.toUpper magic_prefix}2\\${pkgs.lib.toLower config.user}" \
-w "$(${pkgs._1password-cli}/bin/op item get T2 --fields label=password --reveal)" \
-b "dc=''${LDAP_HOST//./,dc=}" \
-s "sub" -x "(cn=''${SEARCH_FILTER})" \
| ${jq_parse}/bin/ljq
'';
ldapm_script = pkgs.writeShellScriptBin "ldapm" ''
if ! [ "$LDAP_HOST" ]; then
echo "No LDAP_HOST specified!"
exit 1
fi
${ldap_script}/bin/ldap "$@" | jq '[ .[].memberOf] | add'
'';
ldapg_script = pkgs.writeShellScriptBin "ldapg" ''
if ! [ "$LDAP_HOST" ]; then
echo "No LDAP_HOST specified!"
exit 1
fi
${ldap_script}/bin/ldap "$@" | jq '[ .[].member] | add'
'';
ldapl_script = pkgs.writeShellScriptBin "ldapl" ''
if ! [ "$LDAP_HOST" ]; then
echo "No LDAP_HOST specified!"
exit 1
fi
${ldap_script}/bin/ldap "*$@*" | jq -r '.[].name'
'';
in
[
ldap_script
ldapm_script
ldapg_script
ldapl_script
jq_parse
];
};
}

56
modules/darwin/homebrew.nix Normal file
View File

@ -0,0 +1,56 @@
{
config,
pkgs,
lib,
...
}:
{
# Homebrew - Mac-specific packages that aren't in Nix
config = lib.mkIf pkgs.stdenv.isDarwin {
# # Requires Homebrew to be installed
system.activationScripts.preActivation.text = ''
if ! xcode-select --version 2>/dev/null; then
$DRY_RUN_CMD xcode-select --install
fi
if ! /opt/homebrew/bin/brew --version 2>/dev/null; then
$DRY_RUN_CMD /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
fi
'';
# Add homebrew paths to CLI path
home-manager.users.${config.user}.home.sessionPath = [
"/opt/homebrew/bin/"
"/opt/homebrew/opt/trash/bin/"
];
homebrew = {
enable = true;
onActivation = {
autoUpdate = false; # Don't update during rebuild
cleanup = "zap"; # Uninstall all programs not declared
upgrade = true;
};
global = {
brewfile = true; # Run brew bundle from anywhere
lockfiles = false; # Don't save lockfile (since running from anywhere)
};
brews = [
"trash" # Delete files and folders to trash instead of rm
];
casks = [
"1password" # 1Password will not launch from Nix on macOS
# "gitify" # Git notifications in menu bar (downgrade manually from 4.6.1)
"keybase" # GUI on Nix not available for macOS
# "logitech-g-hub" # Mouse and keyboard management
"logitune" # Logitech webcam firmware
"meetingbar" # Show meetings in menu bar
"scroll-reverser" # Different scroll style for mouse vs. trackpad
"notunes" # Don't launch Apple Music with the play button
"steam" # Not packaged for Nixon macOS
"epic-games" # Not packaged for Nix
];
};
};
}

29
overlays/bypass-paywalls-clean.nix
View File

@ -1,29 +0,0 @@
inputs: _final: prev: {
# Based on:
# https://git.sr.ht/~rycee/nur-expressions/tree/master/item/pkgs/firefox-addons/default.nix#L34
bypass-paywalls-clean =
let
addonId = "magnolia@12.34";
in
prev.stdenv.mkDerivation rec {
pname = "bypass-paywalls-clean";
version = "4.0.6.0";
src = builtins.fetchGit {
url = "https://gitflic.ru/project/magnolia1234/bpc_uploads.git";
# owner = "magnolia1234";
# repo = "bpc_uploads";
ref = "main";
rev = "a3012f84bad9719760150832803f2ea07af8dae3";
# sha256 = "0000000000000000000000000000000000000000000000000000";
};
preferLocalBuild = true;
allowSubstitutes = true;
buildCommand = ''
dst="$out/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}"
mkdir -p "$dst"
install -v -m644 "${src}" "$dst/${addonId}.xpi"
'';
};
}

16
overlays/default.nix
View File

@ -1,16 +0,0 @@
# Return a list of all overlays
inputs:
let
lib = inputs.nixpkgs.lib;
in
lib.pipe (lib.filesystem.listFilesRecursive ./.) [
# Get only files ending in .nix
(builtins.filter (name: lib.hasSuffix ".nix" name))
# Remove this file
(builtins.filter (name: name != ./default.nix))
# Import each overlay file
(map (file: (import file) inputs))
]

43
overlays/tree-sitter.nix
View File

@ -1,43 +0,0 @@
inputs: _final: prev: {
tree-sitter-grammars = prev.tree-sitter-grammars // {
# Fix: bash highlighting doesn't work as of this commit:
# https://github.com/NixOS/nixpkgs/commit/49cce41b7c5f6b88570a482355d9655ca19c1029
tree-sitter-bash = prev.tree-sitter-grammars.tree-sitter-bash.overrideAttrs (old: {
src = inputs.tree-sitter-bash;
});
# Fix: invalid node in position. Broken as of this commit (replaced with newer):
# https://github.com/NixOS/nixpkgs/commit/8ec3627796ecc899e6f47f5bf3c3220856ead9c5
tree-sitter-python = prev.tree-sitter-grammars.tree-sitter-python.overrideAttrs (old: {
src = inputs.tree-sitter-python;
});
# Fix: invalid structure in position.
tree-sitter-lua = prev.tree-sitter-grammars.tree-sitter-lua.overrideAttrs (old: {
src = inputs.tree-sitter-lua;
});
# Add grammars not in nixpks
tree-sitter-ini = prev.tree-sitter.buildGrammar {
language = "ini";
version = "1.0.0";
src = inputs.tree-sitter-ini;
};
tree-sitter-puppet = prev.tree-sitter.buildGrammar {
language = "puppet";
version = "1.0.0";
src = inputs.tree-sitter-puppet;
};
tree-sitter-rasi = prev.tree-sitter.buildGrammar {
language = "rasi";
version = "0.1.1";
src = inputs.tree-sitter-rasi;
};
tree-sitter-vimdoc = prev.tree-sitter.buildGrammar {
language = "vimdoc";
version = "2.1.0";
src = inputs.tree-sitter-vimdoc;
};
};
}

23
pkgs/applications/editors/neovim/nmasur/neovim/config/colors.nix
View File

@ -9,11 +9,30 @@
# Sets Neovim colors based on Nix colorscheme
options.colors = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
type = lib.types.nullOr (lib.types.attrsOf lib.types.str);
description = "Attrset of base16 colorscheme key value pairs.";
default = {
# Nord
base00 = "#2E3440";
base01 = "#3B4252";
base02 = "#434C5E";
base03 = "#4C566A";
base04 = "#D8DEE9";
base05 = "#E5E9F0";
base06 = "#ECEFF4";
base07 = "#8FBCBB";
base08 = "#88C0D0";
base09 = "#81A1C1";
base0A = "#5E81AC";
base0B = "#BF616A";
base0C = "#D08770";
base0D = "#EBCB8B";
base0E = "#A3BE8C";
base0F = "#B48EAD";
};
};
config = {
config = lib.mkIf (config.colors != null) {
plugins = [ pkgs.vimPlugins.base16-nvim ];
setup.base16-colorscheme = config.colors;

12
pkgs/applications/editors/neovim/nmasur/neovim/config/lsp.nix
View File

@ -8,9 +8,9 @@
{
# Terraform optional because non-free
options.terraform = lib.mkEnableOption "Whether to enable Terraform LSP";
options.github = lib.mkEnableOption "Whether to enable GitHub features";
options.kubernetes = lib.mkEnableOption "Whether to enable Kubernetes features";
options.enableTerraform = lib.mkEnableOption "Whether to enable Terraform LSP";
options.enableGithub = lib.mkEnableOption "Whether to enable GitHub features";
options.enableKubernetes = lib.mkEnableOption "Whether to enable Kubernetes features";
config = {
plugins = [
@ -54,7 +54,7 @@
use.lspconfig.terraformls.setup = dsl.callWith {
cmd =
if config.terraform then
if config.enableTerraform then
[
"${pkgs.terraform-ls}/bin/terraform-ls"
"serve"
@ -93,7 +93,7 @@
nix = [ "nixfmt" ];
rust = [ "rustfmt" ];
sh = [ "shfmt" ];
terraform = if config.terraform then [ "terraform_fmt" ] else [ ];
terraform = if config.enableTerraform then [ "terraform_fmt" ] else [ ];
hcl = [ "hcl" ];
};
formatters = {
@ -110,7 +110,7 @@
"-ci"
];
};
terraform_fmt.command = if config.terraform then "${pkgs.terraform}/bin/terraform" else "";
terraform_fmt.command = if config.enableTerraform then "${pkgs.terraform}/bin/terraform" else "";
hcl.command = "${pkgs.hclfmt}/bin/hclfmt";
};
};

38
pkgs/applications/editors/neovim/nmasur/neovim/config/syntax.nix
View File

@ -2,26 +2,24 @@
{
plugins = [
(pkgs.vimPlugins.nvim-treesitter.withPlugins (
_plugins: with pkgs.tree-sitter-grammars; [
tree-sitter-bash
tree-sitter-c
tree-sitter-fish
tree-sitter-hcl
tree-sitter-ini
tree-sitter-json
tree-sitter-lua
tree-sitter-markdown
tree-sitter-markdown-inline
tree-sitter-nix
tree-sitter-puppet
tree-sitter-python
tree-sitter-rasi
tree-sitter-toml
tree-sitter-vimdoc
tree-sitter-yaml
]
))
(pkgs.vimPlugins.nvim-treesitter.withPlugins (_plugins: [
pkgs.nmasur.ini-grammar
pkgs.nmasur.puppet-grammar
pkgs.nmasur.rasi-grammar
pkgs.nmasur.vimdoc-grammar
pkgs.tree-sitter-grammars.tree-sitter-bash
pkgs.tree-sitter-grammars.tree-sitter-c
pkgs.tree-sitter-grammars.tree-sitter-fish
pkgs.tree-sitter-grammars.tree-sitter-hcl
pkgs.tree-sitter-grammars.tree-sitter-json
pkgs.tree-sitter-grammars.tree-sitter-lua
pkgs.tree-sitter-grammars.tree-sitter-markdown
pkgs.tree-sitter-grammars.tree-sitter-markdown-inline
pkgs.tree-sitter-grammars.tree-sitter-nix
pkgs.tree-sitter-grammars.tree-sitter-python
pkgs.tree-sitter-grammars.tree-sitter-toml
pkgs.tree-sitter-grammars.tree-sitter-yaml
]))
pkgs.vimPlugins.vim-matchup # Better % jumping in languages
pkgs.vimPlugins.playground # Tree-sitter experimenting
pkgs.vimPlugins.nginx-vim

4
pkgs/applications/editors/neovim/nmasur/neovim/config/toggleterm.nix
View File

@ -18,7 +18,7 @@
lua = ''
${builtins.readFile ./toggleterm.lua}
${if config.github then (builtins.readFile ./github.lua) else ""}
${if config.kubernetes then (builtins.readFile ./kubernetes.lua) else ""}
${if config.enableGithub then (builtins.readFile ./github.lua) else ""}
${if config.enableKubernetes then (builtins.readFile ./kubernetes.lua) else ""}
'';
}

14
pkgs/applications/editors/neovim/nmasur/neovim/package.nix
View File

@ -28,10 +28,10 @@
{
pkgs,
colors ? (import ../../../../../../colorscheme/nord).dark,
terraform ? false,
github ? false,
kubernetes ? false,
colors ? null,
enableTerraform ? false,
enableGithub ? false,
enableKubernetes ? false,
...
}:
@ -41,9 +41,9 @@ pkgs.neovimBuilder {
package = pkgs.neovim-unwrapped;
inherit
colors
terraform
github
kubernetes
enableTerraform
enableGithub
enableKubernetes
;
imports = [
./config/align.nix

12
pkgs/development/tools/parsing/tree-sitter/grammars/tree-sitter-ini/package.nix Normal file
View File

@ -0,0 +1,12 @@
{ pkgs, fetchFromGitHub }:
pkgs.tree-sitter.buildGrammar {
language = "ini";
version = "1.3.0";
src = fetchFromGitHub {
owner = "justinmk";
repo = "tree-sitter-ini";
rev = "32b31863f222bf22eb43b07d4e9be8017e36fb31";
sha256 = "sha256-kWCaOIC81GP5EHCqzPZP9EUgYy39CZ6/8TVS6soB6Wo=";
};
}

12
pkgs/development/tools/parsing/tree-sitter/grammars/tree-sitter-puppet/package.nix Normal file
View File

@ -0,0 +1,12 @@
{ pkgs, fetchFromGitHub }:
pkgs.tree-sitter.buildGrammar {
language = "puppet";
version = "1.3.0";
src = fetchFromGitHub {
owner = "tree-sitter-grammars";
repo = "tree-sitter-puppet";
rev = "15f192929b7d317f5914de2b4accd37b349182a6";
sha256 = "sha256-bO5g5AdhzpB13yHklpAndUHIX7Rvd7OMjH0Ds2ATA6Q=";
};
}

12
pkgs/development/tools/parsing/tree-sitter/grammars/tree-sitter-rasi/package.nix Normal file
View File

@ -0,0 +1,12 @@
{ pkgs, fetchFromGitHub }:
pkgs.tree-sitter.buildGrammar {
language = "rasi";
version = "0.1.2";
src = fetchFromGitHub {
owner = "Fymyte";
repo = "tree-sitter-rasi";
rev = "6c9bbcfdf5f0f553d9ebc01750a3aa247a37b8aa";
sha256 = "sha256-sPrIVgGGaBaXeqHNxjcdJ/S2FvxyV6rD9UPKU/tpspw=";
};
}

12
pkgs/development/tools/parsing/tree-sitter/grammars/tree-sitter-vimdoc/package.nix Normal file
View File

@ -0,0 +1,12 @@
{ pkgs, fetchFromGitHub }:
pkgs.tree-sitter.buildGrammar {
language = "vimdoc";
version = "3.0.0";
src = fetchFromGitHub {
owner = "neovim";
repo = "tree-sitter-vimdoc";
rev = "d2e4b5c172a109966c2ce0378f73df6cede39400";
sha256 = "sha256-Vrl4/cZL+TWlUMEeWZoHCAWhvlefcl3ajGcwyTNKOhI=";
};
}

295
pkgs/mathesar/package.nix Normal file
View File

@ -0,0 +1,295 @@
{
runtimeShell,
python313,
python313Packages,
fetchFromGitHub,
fetchPypi,
fetchurl,
gettext,
unzip,
...
}:
let
django-modern-rpc = python313Packages.buildPythonPackage rec {
pname = "django_modern_rpc";
version = "1.1.0";
src = fetchPypi {
inherit pname version;
hash = "sha256-+LBIfkBxe9lvfZIqPI2lFSshTZBL1NpmCWBAgToyJns=";
};
doCheck = false;
pyproject = true;
build-system = [
python313Packages.setuptools
python313Packages.wheel
python313Packages.poetry-core
];
};
django-property-filter = python313Packages.buildPythonPackage rec {
pname = "django_property_filter";
version = "1.3.0";
src = fetchPypi {
inherit pname version;
hash = "sha256-dpsF4hm0S4lQ6tIRJ0bXgPjWTr1fq1NSCZP0M6L4Efk=";
};
doCheck = false;
pyproject = true;
build-system = [
python313Packages.setuptools
python313Packages.wheel
python313Packages.django
python313Packages.django-filter
];
};
django-fernet-encrypted-fields = python313Packages.buildPythonPackage rec {
pname = "django-fernet-encrypted-fields";
version = "0.3.0";
src = fetchPypi {
inherit pname version;
hash = "sha256-OAMb2vFySm6IXuE3zGaivX3DcmxDjhiep+RHmewLqbM=";
};
doCheck = false;
pyproject = true;
build-system = [
python313Packages.setuptools
python313Packages.wheel
];
propagatedBuildInputs = with python313Packages; [
django
cryptography
];
};
drf-access-policy = python313Packages.buildPythonPackage rec {
pname = "drf-access-policy";
version = "1.5.0";
src = fetchPypi {
inherit pname version;
hash = "sha256-EsahQYIgjUBUSi/W8GXbc7pvYLPRJ6kpJg6A3RkrjL8=";
};
doCheck = false;
pyproject = true;
build-system = [
python313Packages.setuptools
python313Packages.wheel
];
propagatedBuildInputs = with python313Packages; [
pyparsing
djangorestframework
];
};
pythonPkg = python313.override {
self = python313;
packageOverrides = pyfinal: pyprev: {
inherit
django-modern-rpc
django-property-filter
django-fernet-encrypted-fields
drf-access-policy
# psycopg-binary
;
};
};
python = pythonPkg.withPackages (
ps: with ps; [
gunicorn
django
clevercsv
django
dj-database-url
django-filter
django-modern-rpc
django-property-filter
djangorestframework
django-fernet-encrypted-fields
drf-access-policy
frozendict
gunicorn
psycopg
# psycopg-binary
psycopg2-binary
requests
sqlalchemy
whitenoise
]
);
staticAssets = fetchurl {
url = "https://github.com/mathesar-foundation/mathesar/releases/download/0.2.2/static_files.zip";
sha256 = "sha256-1X2zFpCSwilUxhqHlCw/tg8C5zVcVL6CxDa9yh0ylGA=";
};
in
python313Packages.buildPythonApplication rec {
pname = "mathesar";
version = "0.2.2";
src = fetchFromGitHub {
owner = "mathesar-foundation";
repo = "mathesar";
rev = version;
sha256 = "sha256-LHxFJpPV0GJfokSPzfZQO44bBg/+QjXsk04Ry9uhUAs=";
};
format = "other";
nativeBuildInputs = [ unzip ];
propagatedBuildInputs = [
python.pkgs.gunicorn
python.pkgs.django
];
buildInputs = [
gettext
];
dependencies = [
pythonPkg.pkgs.clevercsv
pythonPkg.pkgs.django
pythonPkg.pkgs.dj-database-url
pythonPkg.pkgs.django-filter
pythonPkg.pkgs.django-modern-rpc
pythonPkg.pkgs.django-property-filter
pythonPkg.pkgs.djangorestframework
pythonPkg.pkgs.django-fernet-encrypted-fields
pythonPkg.pkgs.drf-access-policy
pythonPkg.pkgs.frozendict
pythonPkg.pkgs.gunicorn
pythonPkg.pkgs.psycopg
pythonPkg.pkgs.psycopg2-binary
pythonPkg.pkgs.requests
pythonPkg.pkgs.sqlalchemy
pythonPkg.pkgs.whitenoise
];
# Manually unzip the extra zip file into a temporary directory
postUnpack = ''
mkdir -p $TMPDIR/unzipped
unzip ${staticAssets} -d $TMPDIR/unzipped
'';
# Override the default build phase to prevent it from looking for setup.py
# Add any non-Python build commands here if needed (e.g., building frontend assets)
buildPhase = ''
runHook preBuild
echo "Skipping standard Python build phase; application files copied in installPhase."
# If you had frontend assets to build, you'd run the command here, e.g.:
# npm install
# npm run build
runHook postBuild
'';
# This copies the application code into the Nix store output
installPhase = ''
runHook preInstall
# Destination: python's site-packages directory within $out
# This makes 'import mathesar', 'import db', etc. work more easily.
INSTALL_PATH="$out/lib/${python.libPrefix}/site-packages/${pname}"
mkdir -p "$INSTALL_PATH"
echo "Copying application code to $INSTALL_PATH"
# Copy all essential source directories needed at runtime
# Adjust this list based on mathesar's actual structure and runtime needs!
cp -r mathesar "$INSTALL_PATH/"
cp -r db "$INSTALL_PATH/"
cp -r config "$INSTALL_PATH/"
cp -r translations "$INSTALL_PATH/"
cp -r mathesar_ui "$INSTALL_PATH/" # If needed
# Copy the management script
cp manage.py "$INSTALL_PATH/"
# Copy assets from unzipped directory
mkdir -p "$INSTALL_PATH/mathesar/static/mathesar"
cp -r $TMPDIR/unzipped/static_files/* "$INSTALL_PATH/mathesar/static/mathesar"
# Create wrapper scripts in $out/bin for easy execution
mkdir -p $out/bin
# Wrapper for manage.py
# It ensures the app code is in PYTHONPATH and runs manage.py
echo "Creating manage.py wrapper..."
cat <<EOF > $out/bin/mathesar-manage
#!${python.interpreter}
import os
import sys
# Add the installation path to the Python path
sys.path.insert(0, "$INSTALL_PATH")
# Set DJANGO_SETTINGS_MODULE environment variable if required by mathesar
# You might need to adjust 'config.settings.production' to the actual settings file used
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'config.settings.production')
# Change directory to where manage.py is, if necessary for relative paths
# os.chdir("$INSTALL_PATH")
print(f"Running manage.py from: $INSTALL_PATH/manage.py")
print(f"Python path includes: $INSTALL_PATH")
print(f"Executing with args: {sys.argv[1:]}")
# Find manage.py and execute it
manage_py_path = os.path.join("$INSTALL_PATH", "manage.py")
if not os.path.exists(manage_py_path):
print(f"Error: manage.py not found at {manage_py_path}", file=sys.stderr)
sys.exit(1)
# Prepare arguments for execute_from_command_line
# The first argument should be the script name itself
argv = [manage_py_path] + sys.argv[1:]
try:
from django.core.management import execute_from_command_line
execute_from_command_line(argv)
except Exception as e:
print(f"Error executing manage.py: {e}", file=sys.stderr)
# Optionally re-raise or exit with error
import traceback
traceback.print_exc()
sys.exit(1)
EOF
chmod +x $out/bin/mathesar-manage
# Wrapper for install
echo "Creating install wrapper..."
cat <<EOF > $out/bin/mathesar-install
#!${runtimeShell}
# Add the app to the Python Path
export PYTHONPATH="$INSTALL_PATH:\${"PYTHONPATH:-"}"
# Set Django settings module if needed
export DJANGO_SETTINGS_MODULE='config.settings.production'
# Change to the app directory
cd "$INSTALL_PATH"
${python}/bin/python -m mathesar.install
EOF
chmod +x $out/bin/mathesar-install
# Wrapper for gunicorn (example)
# Assumes mathesar uses a standard wsgi entry point, e.g., config/wsgi.py
# Adjust 'config.wsgi:application' if necessary
echo "Creating gunicorn wrapper..."
cat <<EOF > $out/bin/mathesar-gunicorn
#!${runtimeShell}
# Add the app to the Python Path
export PYTHONPATH="$INSTALL_PATH:\${"PYTHONPATH:-"}"
# Set Django settings module if needed
export DJANGO_SETTINGS_MODULE='config.settings.production'
# Change to the app directory if gunicorn needs it
# cd "$INSTALL_PATH"
# Execute gunicorn, passing along any arguments
# Ensure the gunicorn package is in propagatedBuildInputs
exec ${python}/bin/gunicorn config.wsgi:application "\$@"
EOF
chmod +x $out/bin/mathesar-gunicorn
runHook postInstall
'';
}

6
pkgs/misc/bypass-paywalls-clean/package.nix
View File

@ -5,11 +5,11 @@
pkgs.stdenv.mkDerivation rec {
pname = "bypass-paywalls-clean";
version = "4.0.6.0";
version = "4.1.1.4";
src = builtins.fetchGit {
url = "https://gitflic.ru/project/magnolia1234/bpc_uploads.git";
url = "https://git.masu.rs/noah/bpc-uploads.git";
ref = "main";
rev = "a3012f84bad9719760150832803f2ea07af8dae3";
rev = "9166b13355721b047878f259e04c2e9b476b4210";
};
preferLocalBuild = true;
allowSubstitutes = true;

91
pkgs/prometheus-actual-exporter/package.nix Normal file
View File

@ -0,0 +1,91 @@
{
lib,
fetchFromGitHub,
nodejs_20,
buildNpmPackage,
nodePackages,
python3,
gcc,
gnumake,
}:
let
in
buildNpmPackage (finalAttrs: rec {
pname = "prometheus-actual-exporter";
version = "1.1.5";
src = fetchFromGitHub {
owner = "sakowicz";
repo = "actual-budget-prometheus-exporter";
tag = version;
hash = "sha256-DAmWr1HngxAjhOJW9OnMfDqpxBcZT+Tpew/w/YYJIYU=";
};
patches = [ ./tsconfig.patch ];
npmDepsHash = "sha256-N8xqRYFelolNGTEhG22M7KJ7B5U/uW7o+/XfLF8rHMg=";
nativeBuildInputs = [
nodejs_20
nodePackages.typescript
python3
nodePackages.node-gyp
gcc
gnumake
];
postPatch = ''
echo "Removing better-sqlite3 install script before npm install"
sed -i '/"install"/d' node_modules/better-sqlite3/package.json || true
sed -i '/"install"/d' package.json || true
'';
preBuild = ''
echo "Disabling prebuilt install script from better-sqlite3"
find node_modules/better-sqlite3 -name package.json -exec sed -i '/"install"/d' {} +
rm -f node_modules/better-sqlite3/build/Release/better_sqlite3.node || true
'';
buildPhase = ''
# export npm_config_build_from_source=true
# export npm_config_unsafe_perm=true
# export BINARY_SITE=none
# export PATH=${nodePackages.node-gyp}/bin:$PATH
# export npm_config_node_gyp=${nodePackages.node-gyp}/bin/node-gyp
# npm rebuild better-sqlite3 --build-from-source --verbose
npm run build
'';
installPhase = ''
mkdir -p $out/{bin,lib}
cp -r . $out/lib/prometheus-actual-exporter
makeWrapper ${lib.getExe nodejs_20} $out/bin/prometheus-actual-exporter \
--add-flags "$out/lib/prometheus-actual-exporter/dist/app.js"
'';
postInstall = ''
echo "Removing prebuilt .node and rebuilding better-sqlite3"
export npm_config_build_from_source=true
export npm_config_unsafe_perm=true
export BINARY_SITE=none
export PATH=${nodePackages.node-gyp}/bin:$PATH
export npm_config_node_gyp=${nodePackages.node-gyp}/bin/node-gyp
sed -i '/"install"/d' node_modules/better-sqlite3/package.json
rm -f node_modules/better-sqlite3/build/Release/better_sqlite3.node || true
npm rebuild better-sqlite3 --build-from-source --verbose
'';
meta = {
description = "Prometheus exporter for Actual Budget";
homepage = "https://github.com/sakowicz/actual-budget-prometheus-exporter";
mainProgram = "prometheus-actual-exporter";
};
})

12
pkgs/prometheus-actual-exporter/tsconfig.patch Normal file
View File

@ -0,0 +1,12 @@
diff --git a/tsconfig.json b/tsconfig.json
index 5106135..3a340f6 100644
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -8,5 +8,6 @@
"skipLibCheck": true,
"lib": ["es2020"],
"outDir": "./dist"
- }
+ },
+ "include": ["src/**/*", "app.ts"]
}

10
pkgs/tools/misc/ocr/ocr.sh
View File

@ -8,7 +8,7 @@ TEXT_FILE="/tmp/ocr.txt"
IMAGE_FILE="/tmp/ocr.png"
function notify-send() {
/usr/bin/osascript -e "display notification \"$2\" with title \"OCR\""
/usr/bin/osascript -e "display notification \"$2\" with title \"OCR\""
}
PATH="/usr/local/bin/:$PATH"
@ -32,8 +32,8 @@ STATUS=$?
# specify /tmp/ocr.txt as the file path, tesseract would out the text to
# /tmp/ocr.txt.txt
cd /tmp || {
echo "Failed to jump to directory."
exit 1
echo "Failed to jump to directory."
exit 1
}
tesseract "$IMAGE_FILE" "${TEXT_FILE//\.txt/}"
@ -41,8 +41,8 @@ tesseract "$IMAGE_FILE" "${TEXT_FILE//\.txt/}"
# of lines in the file
LINES=$(wc -l <$TEXT_FILE)
if [ "$LINES" -eq 0 ]; then
notify-send "ocr" "no text was detected"
exit 1
notify-send "ocr" "no text was detected"
exit 1
fi
# Copy text to clipboard

15
platforms/generators/aws/default.nix
View File

@ -14,18 +14,19 @@ in
config = lib.mkIf cfg.enable {
# AWS settings require this
permitRootLogin = "prohibit-password";
nmasur.presets.services.openssh-aws.enable = lib.mkDefault true;
# Make sure disk size is large enough
# https://github.com/nix-community/nixos-generators/issues/150
amazonImage.sizeMB = 16 * 1024;
virtualisation.diskSize = lib.mkDefault (16 * 1024); # In MB
boot.kernelPackages = pkgs.legacyPackages.x86_64-linux.linuxKernel.packages.linux_6_6;
boot.kernelPackages = lib.mkDefault pkgs.linuxKernel.packages.linux_6_6;
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
services.amazon-ssm-agent.enable = true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; # Default, conflicts with tempest
services.amazon-ssm-agent.enable = lib.mkDefault true;
users.users.ssm-user.extraGroups = [ "wheel" ];
services.udisks2.enable = lib.mkForce false; # Off by default already; conflicts with gvfs for nautilus
boot.loader.grub.device = lib.mkForce "/dev/xvda"; # Default, conflicts with tempest
boot.loader.grub.efiSupport = lib.mkForce false; # Default, conflicts with tempest
};
}

9
platforms/generators/default.nix
View File

@ -1,9 +0,0 @@
{ lib, ... }:
{
imports = lib.pipe (lib.filesystem.listFilesRecursive ./.) [
# Get only files ending in .nix
(builtins.filter (name: lib.hasSuffix ".nix" name))
# Remove this file
(builtins.filter (name: name != ./default.nix))
];
}

9
platforms/home-manager/default.nix
View File

@ -1,9 +0,0 @@
{ lib, ... }:
{
imports = lib.pipe (lib.filesystem.listFilesRecursive ./.) [
# Get only files ending in .nix
(builtins.filter (name: lib.hasSuffix ".nix" name))
# Remove this file
(builtins.filter (name: name != ./default.nix))
];
}

3
platforms/home-manager/modules/nmasur/presets/fonts.nix
View File

@ -15,7 +15,7 @@ in
config = lib.mkIf cfg.enable {
home.packages = [
pkgs.victor-mono # Used for Vim and Terminal
pkgs.nerd-fonts.victor-mono # Used for Vim and Terminal
pkgs.nerd-fonts.hack # For Polybar, Rofi
];
fonts.fontconfig = {
@ -33,6 +33,7 @@ in
programs.alacritty.settings.font.normal.family = "VictorMono";
programs.kitty.font.name = "VictorMono Nerd Font Mono";
nmasur.presets.programs.wezterm.font = "VictorMono Nerd Font Mono";
programs.ghostty.settings.font-family = "VictorMono Nerd Font Mono";
services.dunst.settings.global.font = "Hack Nerd Font 14";
};
}

38
platforms/home-manager/modules/nmasur/presets/programs/aerc.nix
View File

@ -183,6 +183,9 @@ in
"audio/*" = "${pkgs.mpv}/bin/mpv -";
"image/*" = "${pkgs.feh}/bin/feh -";
};
compose = {
editor = config.home.sessionVariables.EDITOR;
};
};
};
accounts.email.accounts.home.aerc = {
@ -199,19 +202,28 @@ in
exec = "${lib.getExe config.nmasur.presets.services.i3.terminal} aerc %u";
};
xsession.windowManager.i3.config.keybindings = lib.mkIf pkgs.stdenv.isLinux {
"${config.xsession.windowManager.i3.config.modifier}+Shift+e" = "exec ${
# Don't name the script `aerc` or it will affect grep
builtins.toString (
pkgs.writeShellScript "focus-mail.sh" ''
count=$(ps aux | grep -c aerc)
if [ "$count" -eq 1 ]; then
i3-msg "exec --no-startup-id ${lib.getExe config.nmasur.presets.services.i3.terminal} start --class aerc -- aerc"
sleep 0.25
fi
i3-msg "[class=aerc] focus"
''
)
}";
"${config.xsession.windowManager.i3.config.modifier}+Shift+e" =
let
terminal = config.nmasur.presets.services.i3.terminal;
startupCommand =
if terminal == pkgs.wezterm then
"start --class com.noah.aerc -- aerc"
else
"--class=com.noah.aerc --command=aerc";
in
"exec ${
# Don't name the script `aerc` or it will affect grep
builtins.toString (
pkgs.writeShellScript "focus-mail.sh" ''
count=$(ps aux | grep -c aerc)
if [ "$count" -eq 1 ]; then
i3-msg "exec --no-startup-id ${lib.getExe terminal} ${startupCommand}"
sleep 0.25
fi
i3-msg "[class=com.noah.aerc] focus"
''
)
}";
};
programs.fish.shellAbbrs = {

2
platforms/home-manager/modules/nmasur/presets/programs/atuin.nix
View File

@ -15,6 +15,7 @@ in
config = lib.mkIf cfg.enable {
programs.atuin = {
enable = true;
daemon.enable = true;
flags = [
"--disable-up-arrow"
"--disable-ctrl-r"
@ -33,6 +34,7 @@ in
secrets_filter = true;
enter_accept = false;
keymap_mode = "vim-normal";
records = true; # Sync v2
};
};

19
platforms/home-manager/modules/nmasur/presets/programs/aws-ssh/aws-ssh.nix Normal file
View File

@ -0,0 +1,19 @@
{ config, lib, ... }:
let
cfg = config.nmasur.presets.programs.aws-ssh;
in
{
options.nmasur.presets.programs.aws-ssh.enable = lib.mkEnableOption "AWS SSH tools";
config = lib.mkIf cfg.enable {
# Ignore wine directories in searches
home.file.".ssh/aws-ssm-ssh-proxy-command.sh" = {
text = builtins.readFile ./aws-ssm-ssh-proxy-command.sh;
executable = true;
};
};
}

69
platforms/home-manager/modules/nmasur/presets/programs/aws-ssh/aws-ssm-ssh-proxy-command.sh Normal file
View File

@ -0,0 +1,69 @@
#!/usr/bin/env bash
set -eu
################################################################################
#
# For documentation see https://github.com/qoomon/aws-ssm-ssh-proxy-command
#
################################################################################
getInstanceId() {
local instance_name="$1"
local instance_id=$(aws ec2 describe-instances --filters "Name=tag:Name,Values=${instance_name}" --query "Reservations[].Instances[?State.Name == 'running'].InstanceId" --output text)
echo "${instance_id}"
}
instance_name="$1"
ssh_user="$2"
ssh_port="$3"
ssh_public_key_path="$4"
ec2InstanceIdPattern='^m?i-[0-9a-f]{8,17}$'
if [[ $instance_name =~ $ec2InstanceIdPattern ]]; then
instance_id=$instance_name
else
instance_id=$(getInstanceId "$instance_name")
if [[ -z $instance_id ]]; then
echo "Found no running instances with name \"${instance_name}\"."
exit 1
else
echo "Instance ID for \"${instance_name}\": \"${instance_id}\""
fi
fi
REGION_SEPARATOR='--'
if echo "$instance_id" | grep -q -e "${REGION_SEPARATOR}"; then
export AWS_REGION="${instance_id##*"${REGION_SEPARATOR}"}"
instance_id="${instance_id%%"$REGION_SEPARATOR"*}"
fi
>/dev/stderr echo "Add public key ${ssh_public_key_path} for ${ssh_user} at instance ${instance_id} for 10 seconds"
ssh_public_key="$(cat "${ssh_public_key_path}")"
aws ssm send-command \
--instance-ids "${instance_id}" \
--document-name 'AWS-RunShellScript' \
--comment "Add an SSH public key to authorized_keys for 10 seconds" \
--parameters commands="
\"
set -eu
mkdir -p ~${ssh_user}/.ssh && cd ~${ssh_user}/.ssh
authorized_key='${ssh_public_key} ssm-session'
echo \\\"\${authorized_key}\\\" >> authorized_keys
sleep 10
(grep -v -F \\\"\${authorized_key}\\\" authorized_keys || true) > authorized_keys~
mv authorized_keys~ authorized_keys
\"
"
>/dev/stderr echo "Start ssm session to instance ${instance_id}"
aws ssm start-session \
--target "${instance_id}" \
--document-name 'AWS-StartSSHSession' \
--parameters "portNumber=${ssh_port}"

3
platforms/home-manager/modules/nmasur/presets/programs/direnv.nix
View File

@ -17,6 +17,9 @@ in
programs.direnv = {
enable = true;
nix-direnv.enable = true;
config = {
global.hide_env_diff = true;
};
};
};
}

2
platforms/home-manager/modules/nmasur/presets/programs/firefox.nix
View File

@ -23,7 +23,7 @@ in
programs.firefox = {
enable = true;
package = if pkgs.stdenv.isDarwin then pkgs.firefox-bin else pkgs.firefox;
package = pkgs.firefox;
profiles.default = {
id = 0;
name = "default";

9
platforms/home-manager/modules/nmasur/presets/programs/fish.nix
View File

@ -24,9 +24,12 @@ in
nmasur.presets.programs.fish.fish_user_key_bindings = # fish
''
# Shift-Enter (defined by terminal)
bind -M insert \x1F accept-autosuggestion
bind -M default \x1F accept-autosuggestion
for mode in insert default visual
# Shift-Enter (defined by terminal)
bind -M $mode \x1F accept-autosuggestion
# Ctrl-f to accept auto-suggestions
bind -M $mode \cf forward-char
end
'';
programs.fish = {

44
platforms/home-manager/modules/nmasur/presets/programs/fzf/default.nix
View File

@ -25,7 +25,13 @@ in
functions = {
edit = {
description = "Open a file in Vim";
body = builtins.readFile ./fish/edit.fish;
body = # fish
''
set vimfile (fzf)
and set vimfile (echo $vimfile | tr -d '\r')
and commandline -r "${builtins.baseNameOf config.home.sessionVariables.EDITOR} \"$vimfile\""
and commandline -f execute
'';
};
fcd = {
description = "Jump to directory";
@ -51,11 +57,40 @@ in
};
recent = {
description = "Open a recent file in Vim";
body = builtins.readFile ./fish/recent.fish;
body = # fish
''
set vimfile (fd -t f --exec /usr/bin/stat -f "%m%t%N" | sort -nr | cut -f2 | fzf)
and set vimfile (echo $vimfile | tr -d '\r')
and commandline -r "${builtins.baseNameOf config.home.sessionVariables.EDITOR} $vimfile"
and commandline -f execute
'';
};
search-and-edit = {
description = "Search and open the relevant file in Vim";
body = builtins.readFile ./fish/search-and-edit.fish;
body = # fish
''
set vimfile ( \
rg \
--color=always \
--line-number \
--no-heading \
--smart-case \
--iglob "!/Library/**" \
--iglob "!/System/**" \
--iglob "!Users/$HOME/Library/*" \
".*" \
| fzf --ansi \
--height "80%" \
--color "hl:-1:underline,hl+:-1:underline:reverse" \
--delimiter : \
--preview 'bat --color=always {1} --highlight-line {2}' \
--preview-window 'up,60%,border-bottom,+{2}+3/3,~3'
)
and set line_number (echo $vimfile | tr -d '\r' | cut -d':' -f2)
and set vimfile (echo $vimfile | tr -d '\r' | cut -d':' -f1)
and commandline -r "${builtins.baseNameOf config.home.sessionVariables.EDITOR} +$line_number \"$vimfile\""
and commandline -f execute
'';
};
};
shellAbbrs = {
@ -77,9 +112,6 @@ in
# Ctrl-e
bind -M insert \ce recent
bind -M default \ce recent
# Ctrl-f
bind -M insert \cf fcd
bind -M default \cf fcd
# Ctrl-p
bind -M insert \cp projects
bind -M default \cp projects

4
platforms/home-manager/modules/nmasur/presets/programs/fzf/fish/edit.fish
View File

@ -1,4 +0,0 @@
set vimfile (fzf)
and set vimfile (echo $vimfile | tr -d '\r')
and commandline -r "vim \"$vimfile\""
and commandline -f execute

4
platforms/home-manager/modules/nmasur/presets/programs/fzf/fish/recent.fish
View File

@ -1,4 +0,0 @@
set vimfile (fd -t f --exec /usr/bin/stat -f "%m%t%N" | sort -nr | cut -f2 | fzf)
and set vimfile (echo $vimfile | tr -d '\r')
and commandline -r "vim $vimfile"
and commandline -f execute

21
platforms/home-manager/modules/nmasur/presets/programs/fzf/fish/search-and-edit.fish
View File

@ -1,21 +0,0 @@
set vimfile ( \
rg \
--color=always \
--line-number \
--no-heading \
--smart-case \
--iglob "!/Library/**" \
--iglob "!/System/**" \
--iglob "!Users/$HOME/Library/*" \
".*" \
| fzf --ansi \
--height "80%" \
--color "hl:-1:underline,hl+:-1:underline:reverse" \
--delimiter : \
--preview 'bat --color=always {1} --highlight-line {2}' \
--preview-window 'up,60%,border-bottom,+{2}+3/3,~3'
)
and set line_number (echo $vimfile | tr -d '\r' | cut -d':' -f2)
and set vimfile (echo $vimfile | tr -d '\r' | cut -d':' -f1)
and commandline -r "vim +$line_number \"$vimfile\""
and commandline -f execute

85
platforms/home-manager/modules/nmasur/presets/programs/ghostty.nix Normal file
View File

@ -0,0 +1,85 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.nmasur.presets.programs.ghostty;
in
{
options.nmasur.presets.programs.ghostty.enable = lib.mkEnableOption "Ghostty terminal";
config = lib.mkIf cfg.enable {
# Set the i3 terminal
nmasur.presets.services.i3.terminal = config.programs.ghostty.package;
programs.ghostty = {
enable = true;
package = if pkgs.stdenv.isDarwin then pkgs.nur.repos.DimitarNestorov.ghostty else pkgs.ghostty;
enableFishIntegration = true;
enableBashIntegration = true;
enableZshIntegration = true;
installBatSyntax = false; # The file doesn't seem to exist in the pkg
settings = {
theme = config.theme.name;
font-size = 16;
macos-titlebar-style = "hidden";
window-decoration = false;
macos-non-native-fullscreen = true;
quit-after-last-window-closed = lib.mkIf pkgs.stdenv.isDarwin true;
fullscreen = if pkgs.stdenv.isDarwin then true else false;
keybind = [
"super+t=unbind" # Pass super-t to underlying tool (e.g. zellij tabs)
"super+shift+]=unbind"
"super+shift+[=unbind"
"ctrl+tab=unbind"
"ctrl+shift+tab=unbind"
"ctrl+tab=text:\\x1b[9;5u"
"ctrl+shift+tab=text:\\x1b[9;6u"
"super+k=unbind"
"super+shift+e=unbind"
];
};
themes."gruvbox" = {
background = config.theme.colors.base00;
cursor-color = config.theme.colors.base04;
foreground = config.theme.colors.base05;
palette = [
"0=${config.theme.colors.base00}"
"1=${config.theme.colors.base08}"
"2=${config.theme.colors.base0B}"
"3=${config.theme.colors.base0A}"
"4=${config.theme.colors.base0D}"
"5=${config.theme.colors.base0E}"
"6=${config.theme.colors.base0C}"
"7=${config.theme.colors.base05}"
"8=${config.theme.colors.base03}"
"9=${config.theme.colors.base08}"
"10=${config.theme.colors.base0B}"
"11=${config.theme.colors.base0A}"
"12=${config.theme.colors.base0C}"
"13=${config.theme.colors.base0E}"
"14=${config.theme.colors.base0C}"
"15=${config.theme.colors.base07}"
"16=${config.theme.colors.base09}"
"17=${config.theme.colors.base0F}"
"18=${config.theme.colors.base01}"
"19=${config.theme.colors.base02}"
"20=${config.theme.colors.base04}"
"21=${config.theme.colors.base06}"
];
selection-background = config.theme.colors.base02;
selection-foreground = config.theme.colors.base00;
};
};
};
}

6
platforms/home-manager/modules/nmasur/presets/programs/git-work.nix
View File

@ -27,10 +27,12 @@ in
name = lib.mkOption {
type = lib.types.str;
description = "Name to use for personal git commits";
default = config.nmasur.presets.programs.git.name;
};
email = lib.mkOption {
type = lib.types.str;
description = "Email to use for personal git commits";
default = config.nmasur.presets.programs.git.email;
};
};
};
@ -42,7 +44,7 @@ in
userEmail = lib.mkForce cfg.work.email;
includes = [
{
path = "${config.xdg.configHome}/${config.xdg.configFile."git/personal".target}";
path = "${config.home.homeDirectory}/${config.xdg.configFile."git/personal".target}";
condition = "gitdir:~/dev/personal/";
}
];
@ -50,7 +52,7 @@ in
};
# Personal git config
xdg.configFile."git/personal".text = pkgs.formats.gitIni {
xdg.configFile."git/personal".text = lib.generators.toGitINI {
user = {
name = cfg.personal.name;
email = cfg.personal.email;

2
platforms/home-manager/modules/nmasur/presets/programs/git/default.nix
View File

@ -32,7 +32,7 @@ in
userName = cfg.name;
userEmail = cfg.email;
extraConfig = {
core.pager = "${pkgs.git}/share/git/contrib/diff-highlight/diff-highlight | less -F";
core.pager = "${pkgs.git}/share/git/contrib/diff-highlight/diff-highlight | less --no-init";
interactive.difffilter = "${pkgs.git}/share/git/contrib/diff-highlight/diff-highlight";
pager = {
branch = "false";

425
platforms/home-manager/modules/nmasur/presets/programs/helix.nix Normal file
View File

@ -0,0 +1,425 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.nmasur.presets.programs.helix;
in
{
options.nmasur.presets.programs.helix.enable = lib.mkEnableOption "Helix text editor";
config = lib.mkIf cfg.enable {
# Use Neovim as the editor for git commit messages
programs.git.extraConfig.core.editor = lib.mkForce "${lib.getExe pkgs.helix}";
programs.jujutsu.settings.ui.editor = lib.mkForce "${lib.getExe pkgs.helix}";
# Set Neovim as the default app for text editing and manual pages
home.sessionVariables = {
EDITOR = lib.mkForce "${lib.getExe pkgs.helix}";
MANPAGER = lib.mkForce "sh -c 'col -bx | ${lib.getExe pkgs.helix}'";
MANWIDTH = 87;
MANROFFOPT = "-c";
};
# Create quick aliases for launching Helix
programs.fish = {
shellAbbrs = {
h = lib.mkForce "hx";
};
};
programs.helix = {
enable = true;
package = pkgs.helix; # pkgs.evil-helix
languages = {
language-server.nixd = {
command = "${pkgs.nixd}/bin/nixd";
};
language-server.fish-lsp = {
command = "${pkgs.fish-lsp}/bin/fish-lsp";
};
language-server.yaml-language-server = {
command = lib.getExe pkgs.yaml-language-server;
};
language-server.marksman = {
command = lib.getExe pkgs.marksman;
};
language-server.terraform-ls = {
command = "${lib.getExe pkgs.terraform-ls} serve";
};
language-server.bash-language-server = {
command = lib.getExe (
pkgs.bash-language-server.overrideAttrs {
buildInputs = [
pkgs.shellcheck
pkgs.shfmt
];
}
);
};
language = [
{
name = "nix";
auto-format = true;
language-servers = [ "nixd" ];
}
{
name = "markdown";
auto-format = false;
language-servers = [ "marksman" ];
formatter = {
command = lib.getExe pkgs.mdformat;
args = [ "-" ];
};
# Allows return key to continue the token on the next line
comment-tokens = [
"-"
"+"
"*"
"- [ ]"
">"
];
}
{
name = "tfvars";
auto-format = true;
language-servers = [ "terraform-ls" ];
formatter = {
command = lib.getExe pkgs.terraform;
args = [
"fmt"
"-"
];
};
}
{
name = "hcl";
auto-format = true;
language-servers = [ "terraform-ls" ];
formatter = {
command = lib.getExe pkgs.terraform;
args = [
"fmt"
"-"
];
};
}
{
name = "bash";
auto-format = true;
}
];
};
ignores = [
"content/.obsidian/**"
];
settings = {
theme = "base16";
keys.normal = {
# Use the enter key to save the file
ret = ":write";
# Get out of multiple cursors and selection
esc = [
"collapse_selection"
"keep_primary_selection"
];
# Enable and disable inlay hints
space.H = ":toggle lsp.display-inlay-hints";
# Toggle floating pane
space.t = ":sh zellij action toggle-floating-panes";
# Today's note
space.n = ":vsplit %sh{fish -c 'generate-today'}";
# Open lazygit
# Unfortunately, this breaks mouse input and the terminal after quitting Helix
space.l = [
":write-all"
":new"
":insert-output ${lib.getExe pkgs.lazygit}"
":buffer-close!"
":redraw"
":reload-all"
":set mouse false"
":set mouse true"
];
# Open yazi
# https://github.com/sxyazi/yazi/pull/2461
# Won't work until next Helix release
C-y = [
":sh rm -f /tmp/unique-file"
":insert-output ${lib.getExe pkgs.yazi} %{buffer_name} --chooser-file=/tmp/unique-file"
":insert-output echo \\x1b[?1049h\\x1b[?2004h > /dev/tty"
":open %sh{cat /tmp/unique-file}"
":redraw"
];
# Extend selection above
X = "select_line_above";
# Move lines up or down
A-j = [
"extend_to_line_bounds"
"delete_selection"
"paste_after"
];
A-k = [
"extend_to_line_bounds"
"delete_selection"
"move_line_up"
"paste_before"
];
};
editor = {
# Change cursors depending on the mode
cursor-shape = {
insert = "bar";
normal = "block";
select = "underline";
};
# Text width
soft-wrap = {
enable = true;
};
# View line numbers relative to the current cursors
line-number = "relative";
# Show hidden files
file-picker = {
hidden = false;
git-ignore = true;
git-global = true;
git-exclude = true;
};
# Show whitespace visible to the user
# Waiting for trailing whitespace option ideally
whitespace = {
render = {
# space = "all";
tab = "all";
};
characters = {
# space = "·";
tab = "";
};
};
};
};
themes."${config.programs.helix.settings.theme}" = {
"attributes" = config.theme.colors.base09;
"comment" = {
fg = config.theme.colors.base03;
modifiers = [ "italic" ];
};
"constant" = config.theme.colors.base09;
"constant.character.escape" = config.theme.colors.base0C;
"constant.numeric" = config.theme.colors.base09;
"constructor" = config.theme.colors.base0D;
"debug" = config.theme.colors.base03;
"diagnostic" = {
modifiers = [ "underlined" ];
};
"diff.delta" = config.theme.colors.base09;
"diff.minus" = config.theme.colors.base08;
"diff.plus" = config.theme.colors.base0B;
"error" = config.theme.colors.base08;
"function" = config.theme.colors.base0D;
"hint" = config.theme.colors.base03;
"info" = config.theme.colors.base0D;
"keyword" = config.theme.colors.base0E;
"label" = config.theme.colors.base0E;
"namespace" = config.theme.colors.base0E;
"operator" = config.theme.colors.base05;
"special" = config.theme.colors.base0D;
"string" = config.theme.colors.base0B;
"type" = config.theme.colors.base0A;
"variable" = config.theme.colors.base08;
"variable.other.member" = config.theme.colors.base05;
"warning" = config.theme.colors.base09;
"markup.bold" = {
fg = config.theme.colors.base0A;
modifiers = [ "bold" ];
};
"markup.heading" = config.theme.colors.base0D;
"markup.italic" = {
fg = config.theme.colors.base0E;
modifiers = [ "italic" ];
};
"markup.link.text" = config.theme.colors.base08;
"markup.link.url" = {
fg = config.theme.colors.base09;
modifiers = [ "underlined" ];
};
"markup.list" = config.theme.colors.base08;
"markup.quote" = config.theme.colors.base0C;
"markup.raw" = config.theme.colors.base0B;
"markup.strikethrough" = {
modifiers = [ "crossed_out" ];
};
"diagnostic.hint" = {
underline = {
style = "curl";
};
};
"diagnostic.info" = {
underline = {
style = "curl";
};
};
"diagnostic.warning" = {
underline = {
style = "curl";
};
};
"diagnostic.error" = {
underline = {
style = "curl";
};
};
"ui.background" = {
bg = config.theme.colors.base00;
};
"ui.bufferline.active" = {
fg = config.theme.colors.base00;
bg = config.theme.colors.base03;
modifiers = [ "bold" ];
};
"ui.bufferline" = {
fg = config.theme.colors.base04;
bg = config.theme.colors.base00;
};
"ui.cursor" = {
fg = config.theme.colors.base0A;
modifiers = [ "reversed" ];
};
"ui.cursor.insert" = {
fg = config.theme.colors.base0A;
modifiers = [ "reversed" ];
};
"ui.cursorline.primary" = {
fg = config.theme.colors.base05;
bg = config.theme.colors.base01;
};
"ui.cursor.match" = {
fg = config.theme.colors.base0A;
modifiers = [ "reversed" ];
};
"ui.cursor.select" = {
fg = config.theme.colors.base0A;
modifiers = [ "reversed" ];
};
"ui.gutter" = {
bg = config.theme.colors.base00;
};
"ui.help" = {
fg = config.theme.colors.base06;
bg = config.theme.colors.base01;
};
"ui.linenr" = {
fg = config.theme.colors.base03;
bg = config.theme.colors.base00;
};
"ui.linenr.selected" = {
fg = config.theme.colors.base04;
bg = config.theme.colors.base01;
modifiers = [ "bold" ];
};
"ui.menu" = {
fg = config.theme.colors.base05;
bg = config.theme.colors.base01;
};
"ui.menu.scroll" = {
fg = config.theme.colors.base03;
bg = config.theme.colors.base01;
};
"ui.menu.selected" = {
fg = config.theme.colors.base01;
bg = config.theme.colors.base04;
};
"ui.popup" = {
bg = config.theme.colors.base01;
};
"ui.selection" = {
bg = config.theme.colors.base01;
};
"ui.selection.primary" = {
bg = config.theme.colors.base02;
};
"ui.statusline" = {
fg = config.theme.colors.base04;
bg = config.theme.colors.base01;
};
"ui.statusline.inactive" = {
bg = config.theme.colors.base01;
fg = config.theme.colors.base03;
};
"ui.statusline.insert" = {
fg = config.theme.colors.base00;
bg = config.theme.colors.base0B;
};
"ui.statusline.normal" = {
fg = config.theme.colors.base00;
bg = config.theme.colors.base03;
};
"ui.statusline.select" = {
fg = config.theme.colors.base00;
bg = config.theme.colors.base0F;
};
"ui.text" = config.theme.colors.base05;
"ui.text.focus" = config.theme.colors.base05;
"ui.virtual.indent-guide" = {
fg = config.theme.colors.base03;
};
"ui.virtual.inlay-hint" = {
fg = config.theme.colors.base03;
};
"ui.virtual.ruler" = {
bg = config.theme.colors.base01;
};
"ui.virtual.jump-label" = {
fg = config.theme.colors.base0A;
modifiers = [ "bold" ];
};
"ui.window" = {
bg = config.theme.colors.base01;
};
};
};
};
}

96
platforms/home-manager/modules/nmasur/presets/programs/lazygit.nix Normal file
View File

@ -0,0 +1,96 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.nmasur.presets.programs.lazygit;
in
{
options.nmasur.presets.programs.lazygit.enable = lib.mkEnableOption "Lazygit git TUI";
config = lib.mkIf cfg.enable {
programs.lazygit = {
enable = true;
settings = {
git.paging = {
# useConfig = true;
pager = "${pkgs.git}/share/git/contrib/diff-highlight/diff-highlight";
};
os = {
edit = "${config.home.sessionVariables.EDITOR} {{filename}}";
editAtLine = "${config.home.sessionVariables.EDITOR} {{filename}}:{{line}}";
editAtLineAndWait = "${config.home.sessionVariables.EDITOR} {{filename}}:{{line}}";
openDirInEditor = "${config.home.sessionVariables.EDITOR}";
open = "${config.home.sessionVariables.EDITOR} {{filename}}";
};
customCommands = [
{
key = "N";
context = "files";
command = "git add -N {{.SelectedFile.Name}}";
}
{
key = "<a-enter>";
context = "global";
command =
let
openGitUrl = pkgs.writeShellScriptBin "open-git-url" ''
# Try to get the remote URL using two common methods; suppress stderr for individual commands.
# "git remote get-url origin" is generally preferred.
# "git config --get remote.origin.url" is a fallback.
URL=$(git remote get-url origin 2>/dev/null || git config --get remote.origin.url 2>/dev/null);
# Check if a URL was actually found.
if [ -z "$URL" ]; then
# Send error message to stderr so it might appear in lazygit logs or notifications.
echo "Lazygit: Could not determine remote URL for 'origin'." >&2;
# Exit with an error code.
exit 1;
fi;
# Check if the URL is a GitHub SSH URL and convert it to HTTPS.
# This uses echo and grep to check for "@github.com" and then sed for transformation.
if echo "$URL" | grep -q "@github.com:"; then
# Transform git@github.com:user/repo.git to https://github.com/user/repo
# The first sed handles the main transformation.
# The second sed removes a trailing .git if present, for a cleaner URL.
URL=$(echo "$URL" | sed "s|git@github.com:|https://github.com/|" | sed "s|\.git$||");
# Optional: Log the transformation for debugging.
# echo "Lazygit: Transformed GitHub SSH URL to '$URL'" >&2;
fi;
# Determine the operating system.
OS="$(uname -s)";
# Optional: Echo for debugging. This might appear in lazygit logs or as a brief message.
# Remove " >&2" if you want to see it as a potential success message in lazygit UI (if it shows stdout).
# echo "Lazygit: Opening URL '$URL' on '$OS'" >&2;
# Execute the appropriate command to open the URL based on the OS.
case "$OS" in
Darwin*) # macOS
open "$URL";;
Linux*) # Linux
xdg-open "$URL";;
*) # Unsupported OS
echo "Lazygit: Unsupported OS ('$OS'). Could not open URL." >&2;
exit 1;;
esac
'';
in
lib.getExe openGitUrl;
}
];
};
};
programs.fish.shellAbbrs = {
lg = "lazygit";
};
};
}

4
platforms/home-manager/modules/nmasur/presets/programs/mpv.nix
View File

@ -31,5 +31,9 @@ in
pkgs.mpvScripts.mpv-delete-file
];
};
programs.fish.shellAbbrs = {
mpvs = "mpv --shuffle=yes";
};
};
}

6
platforms/home-manager/modules/nmasur/presets/programs/nixpkgs-darwin.nix
View File

@ -21,6 +21,12 @@ in
config = lib.mkIf (cfg.enable) {
# These are useful for triggering from zellij (rather than running directly in the shell)
nmasur.presets.programs.nixpkgs.commands.rebuildNixos = pkgs.writeShellScriptBin "rebuild-darwin" ''
git -C ${config.nmasur.presets.programs.dotfiles.path} add --intent-to-add --all
darwin-rebuild switch --flake "${config.nmasur.presets.programs.dotfiles.path}#${config.nmasur.settings.host}"
'';
programs.fish = {
shellAbbrs = lib.mkIf config.nmasur.presets.programs.dotfiles.enable {
nr = {

26
platforms/home-manager/modules/nmasur/presets/programs/nixpkgs.nix
View File

@ -11,10 +11,34 @@ in
{
options.nmasur.presets.programs.nixpkgs.enable = lib.mkEnableOption "Nixpkgs presets";
options.nmasur.presets.programs.nixpkgs = {
enable = lib.mkEnableOption "Nixpkgs presets";
commands = {
# These are useful for triggering from zellij (rather than running directly in the shell)
rebuildHome = lib.mkOption {
type = lib.types.package;
default = pkgs.writeShellScriptBin "rebuild-home" ''
git -C ${config.nmasur.presets.programs.dotfiles.path} add --intent-to-add --all
${lib.getExe pkgs.home-manager} switch --flake "${config.nmasur.presets.programs.dotfiles.path}#${config.nmasur.settings.host}"
'';
};
rebuildNixos = lib.mkOption {
type = lib.types.package;
default = pkgs.writeShellScriptBin "rebuild-nixos" ''
git -C ${config.nmasur.presets.programs.dotfiles.path} add --intent-to-add --all
doas nixos-rebuild switch --flake ${config.nmasur.presets.programs.dotfiles.path}
'';
};
};
};
config = lib.mkIf cfg.enable {
home.packages = [
cfg.commands.rebuildHome
cfg.commands.rebuildNixos
];
programs.fish = {
shellAbbrs = {
n = "nix";

62
platforms/home-manager/modules/nmasur/presets/programs/notes/default.nix
View File

@ -44,21 +44,22 @@ in
programs.fish.functions = {
syncnotes = {
description = "Full git commit on notes";
body = builtins.readFile lib.getExe (
pkgs.writers.writeFishBin "syncnotes" {
makeWrapperArgs = [
"--prefix"
"PATH"
":"
"${lib.makeBinPath [ pkgs.git ]}"
];
} builtins.readFile ./syncnotes.fish
);
body =
let
git = lib.getExe pkgs.git;
in
# fish
''
${git} -C ${cfg.path} pull
${git} -C ${cfg.path} add -A
${git} -C ${cfg.path} commit -m autosync
${git} -C ${cfg.path} push
'';
};
note = {
description = "Edit or create a note";
argumentNames = "filename";
body = builtins.readFile lib.getExe (
body = lib.getExe (
pkgs.writers.writeFishBin "note" {
makeWrapperArgs = [
"--prefix"
@ -69,7 +70,44 @@ in
pkgs.fzf
]}"
];
} builtins.readFile ./note.fish
} (builtins.readFile ./note.fish)
);
};
generate-today = {
description = "Create today's note";
body = # fish
''
set filename $(date +%Y-%m-%d_%a)
set filepath "${cfg.path}/content/journal/$filename.md"
if ! test -e "$filepath"
echo -e "---\ntitle: $(date +"%A, %B %e %Y") - $(curl "https://wttr.in/New+York+City?u&format=1")\ntags: [ journal ]\n---\n\n" > "$filepath"
end
echo "$filepath"
'';
};
today = {
description = "Edit or create today's note";
body = lib.getExe (
pkgs.writers.writeFishBin "today"
{
makeWrapperArgs = [
"--prefix"
"PATH"
":"
"${lib.makeBinPath [
pkgs.curl
pkgs.helix
]}"
];
} # fish
''
set filename $(date +%Y-%m-%d_%a)
set filepath "${cfg.path}/content/journal/$filename.md"
if ! test -e "$filepath"
echo -e "---\ntitle: $(date +"%A, %B %e %Y") - $(curl "https://wttr.in/New+York+City?u&format=1")\ntags: [ journal ]\n---\n\n" > "$filepath"
end
hx "$filepath"
''
);
};
};

5
platforms/home-manager/modules/nmasur/presets/programs/rofi/themes/common.rasi
View File

@ -5,7 +5,7 @@
* {
/* General */
font: "Hack Nerd Font 60";
font: "Hack Nerd Font Mono 60";
/* option menus: i3-layout, music, power and screenshot
*
@ -13,7 +13,6 @@
* around using this character: ■
* We then add add 100 actual padding around the icons.
* -12px 0px -19px -96px */
option-element-padding: 1% 1% 1% 1%;
option-5-window-padding: 4% 4%;
option-5-listview-spacing: 15px;
@ -46,7 +45,7 @@
layout: horizontal;
}
element {
padding: 40px 68px 43px 30px;
padding: 40px 62px 40px 36px;
}
#window {
padding: 20px;

53
platforms/home-manager/modules/nmasur/presets/programs/zed-editor.nix Normal file
View File

@ -0,0 +1,53 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.nmasur.presets.programs.zed-editor;
in
{
options.nmasur.presets.programs.zed-editor.enable = lib.mkEnableOption "Zed text editor";
config = lib.mkIf cfg.enable {
programs.zed-editor = {
enable = true;
extensions = [
"nix"
"rust"
];
extraPackages = [ pkgs.nixd ];
installRemoteServer = false;
userKeymaps = [
{
context = "Workspace";
bindings = {
ctrl-shift-t = "workspace::NewTerminal";
};
}
];
userSettings = {
features = {
copilot = false;
};
telemetry = {
metrics = false;
};
vim_mode = true;
ui_font_size = 16;
buffer_font_size = 16;
};
};
};
}

245
platforms/home-manager/modules/nmasur/presets/programs/zellij.nix Normal file
View File

@ -0,0 +1,245 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.nmasur.presets.programs.zellij;
in
{
options.nmasur.presets.programs.zellij.enable = lib.mkEnableOption "Zellij terminal multiplexer";
config = lib.mkIf cfg.enable {
home.packages = [ pkgs.zellij-switch ];
programs.fish = {
shellAbbrs.z = "zellij";
functions = {
zellij-session = {
# description = "Open a session in Zellij";
body = # fish
''
set TARGET_DIR $(zoxide query --interactive)
if test -z $TARGET_DIR
return 0
end
if test "$TARGET_DIR" = $(pwd)
return 1
end
zellij pipe --plugin file:$(which zellij-switch.wasm) -- "--cwd $TARGET_DIR --layout default --session $(basename $TARGET_DIR)"
'';
};
gh-run = {
body = # fish
''
zellij action new-pane --start-suspended -- gh run watch
'';
};
};
};
xdg.configFile."zellij/layouts/compact-top.kdl".text = # kdl
''
layout {
pane size=1 borderless=true {
plugin location="compact-bar"
}
pane
}
'';
xdg.configFile."zellij/layouts/default.kdl".text = # kdl
''
layout {
pane size=1 borderless=true {
plugin location="tab-bar"
}
pane
pane size=1 borderless=true {
plugin location="status-bar"
}
}
'';
programs.zellij = {
enable = true;
enableBashIntegration = true;
enableFishIntegration = true;
enableZshIntegration = true;
# Not yet available in unstable
# attachExistingSession = true;
# exitShellOnExit = true;
settings = {
default_mode = "locked";
# default_layout = "compact-top";
# Remove border
pane_frames = false;
# Scrollback
scrollback_editor = config.home.sessionVariables.EDITOR;
show_startup_tips = false;
keybinds = {
normal = {
};
session = {
"bind \"w\"" = {
LaunchOrFocusPlugin = {
_args = [ "session-manager" ];
floating = true;
move_to_focused_tab = true;
};
SwitchToMode = {
_args = [ "locked" ];
};
};
};
scroll = {
"bind \"e\"" = {
EditScrollback = { };
SwitchToMode = {
_args = [ "locked" ];
};
};
};
shared = {
"bind \"Alt Shift p\"" = {
Run = {
_args = [
"${pkgs.fish}/bin/fish"
"-c"
"zellij-session"
];
close_on_exit = true;
};
};
"bind \"Alt Shift h\"" = {
Run = {
_args = [
(lib.getExe config.nmasur.presets.programs.nixpkgs.commands.rebuildHome)
];
# close_on_exit = false;
};
};
"bind \"Alt Shift r\"" = {
Run = {
_args = [
(lib.getExe config.nmasur.presets.programs.nixpkgs.commands.rebuildNixos)
];
# close_on_exit = false;
};
};
"bind \"Alt Shift w\"" = {
Run = {
_args = [
(lib.getExe pkgs.gh)
"run"
"watch"
];
# direction = "Right";
# close_on_exit = false;
# start_suspended = true;
};
};
"bind \"Alt Shift l\"" = {
Run = {
_args = [
(lib.getExe pkgs.gh)
"run"
"view"
"--log"
];
};
};
"bind \"Alt Shift f\"" = {
Run = {
_args = [
(lib.getExe pkgs.gh)
"run"
"view"
"--log-failed"
];
};
};
"bind \"Super Shift ]\"" = {
GoToNextTab = { };
};
"bind \"Super Shift [\"" = {
GoToPreviousTab = { };
};
"bind \"Ctrl Tab\"" = {
GoToNextTab = { };
};
"bind \"Ctrl Shift Tab\"" = {
GoToPreviousTab = { };
};
"bind \"Super t\"" = lib.mkIf pkgs.stdenv.isDarwin {
NewTab = { };
};
"bind \"Alt t\"" = lib.mkIf pkgs.stdenv.isLinux {
NewTab = { };
};
"bind \"Super k\"" = lib.mkIf pkgs.stdenv.isDarwin {
SwitchToMode = {
_args = [ "scroll" ];
};
};
"bind \"Alt k\"" = lib.mkIf pkgs.stdenv.isLinux {
SwitchToMode = {
_args = [ "scroll" ];
};
};
"bind \"Super Shift e\"" = lib.mkIf pkgs.stdenv.isDarwin {
EditScrollback = { };
SwitchToMode = {
_args = [ "locked" ];
};
};
"bind \"Alt Shift e\"" = lib.mkIf pkgs.stdenv.isLinux {
EditScrollback = { };
SwitchToMode = {
_args = [ "locked" ];
};
};
"bind \"Alt l\"" = {
MoveFocusOrTab = {
_args = [ "Right" ];
};
};
"bind \"Alt h\"" = {
MoveFocusOrTab = {
_args = [ "Left" ];
};
};
};
};
theme = "custom";
themes.custom = {
fg = "${config.theme.colors.base03}";
bg = "${config.theme.colors.base02}";
black = "${config.theme.colors.base00}";
red = "${config.theme.colors.base08}";
green = "${config.theme.colors.base04}";
yellow = "${config.theme.colors.base0A}";
blue = "${config.theme.colors.base0D}";
magenta = "${config.theme.colors.base0E}";
cyan = "${config.theme.colors.base0C}";
white = "${config.theme.colors.base04}";
orange = "${config.theme.colors.base09}";
};
};
};
};
}

101
platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications.applescript
View File

@ -1,21 +1,96 @@
# Credit: https://github.com/Ptujec/LaunchBar/blob/f7b5a0dba9919c2fec879513f68a044f78748539/Notifications/Dismiss%20all%20notifications.lbaction/Contents/Scripts/default.applescript
# Credit: https://github.com/Ptujec/LaunchBar/blob/a6dca4f21f3474eab0454fdd306bff6bab0d4f16/Notifications/Dismiss%20all%20notifications.lbaction/Contents/Scripts/default.applescript
tell application "System Events"
try
set _groups to groups of UI element 1 of scroll area 1 of group 1 of window "Notification Center" of application process "NotificationCenter"
(*
Close notifications Applescript Action for LaunchBar
by Christian Bender (@ptujec)
2024-10-15
repeat with _group in _groups
requires macOS 15.2
set _actions to actions of _group
Copyright see: https://github.com/Ptujec/LaunchBar/blob/master/LICENSE
repeat with _action in _actions
if description of _action is in {"Schlie§en", "Alle entfernen", "Close", "Clear All"} then
perform _action
Helpful:
- https://applehelpwriter.com/2016/08/09/applescript-get-item-number-of-list-item/
- https://www.macscripter.net/t/coerce-gui-scripting-information-into-string/62842/3
- https://forum.keyboardmaestro.com/t/understanding-applescript-ui-scripting-to-click-menus/29039/23?page=2
*)
use AppleScript version "2.4" -- Yosemite (10.10) or later
use scripting additions
use framework "Foundation"
property NSArray : a reference to current application's NSArray
property alertAndBannerSet : {"AXNotificationCenterAlert", "AXNotificationCenterBanner"}
property closeActionSet : {"Close", "Clear All", "Schließen", "Alle entfernen", "Cerrar", "Borrar todo", "关闭", "清除全部", "Fermer", "Tout effacer", "Закрыть", "Очистить все", "إغلاق", "مسح الكل", "Fechar", "Limpar tudo", "閉じる", "すべてクリア", "बंद करें", "सभी हटाएं", "Zamknij", "Wyczyść wszystko"}
on run
tell application "System Events"
try
set _main_group to group 1 of scroll area 1 of group 1 of group 1 of window 1 of application process "NotificationCenter"
on error eStr number eNum
display notification eStr with title "Error " & eNum sound name "Frog"
return
end try
set _headings to UI elements of _main_group whose role is "AXHeading"
set _headingscount to count of _headings
end tell
repeat _headingscount times
tell application "System Events" to set _roles to role of UI elements of _main_group
set _headingIndex to its getIndexOfItem:"AXHeading" inList:_roles
set _closeButtonIndex to _headingIndex + 1
tell application "System Events" to click item _closeButtonIndex of UI elements of _main_group
delay 0.4
end repeat
tell application "System Events"
try
set _groups to groups of _main_group
if _groups is {} then
if subrole of _main_group is in alertAndBannerSet then
set _actions to actions of _main_group
repeat with _action in _actions
if description of _action is in closeActionSet then
perform _action
end if
end repeat
end if
return
end if
repeat with _group in _groups
set _actions to actions of first item of _groups # always picking the first to avoid index error
repeat with _action in _actions
if description of _action is in closeActionSet then
perform _action
end if
end repeat
end repeat
on error
if subrole of _main_group is in alertAndBannerSet then
set _actions to actions of _main_group
repeat with _action in _actions
if description of _action is in closeActionSet then
perform _action
end if
end repeat
end if
end try
end tell
end run
end repeat
end try
end tell
on getIndexOfItem:anItem inList:aList
set anArray to NSArray's arrayWithArray:aList
set ind to ((anArray's indexOfObject:anItem) as number) + 1
if ind is greater than (count of aList) then
display dialog "Item '" & anItem & "' not found in list." buttons "OK" default button "OK" with icon 2 with title "Error"
return 0
else
return ind
end if
end getIndexOfItem:inList:

298
platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications_applescript.js
View File

@ -1,298 +0,0 @@
/* Credit: https://gist.github.com/lancethomps/a5ac103f334b171f70ce2ff983220b4f */
function run(input, parameters) {
const appNames = [];
const skipAppNames = [];
const verbose = true;
const scriptName = "close_notifications_applescript";
const CLEAR_ALL_ACTION = "Clear All";
const CLEAR_ALL_ACTION_TOP = "Clear";
const CLOSE_ACTION = "Close";
const notNull = (val) => {
return val !== null && val !== undefined;
};
const isNull = (val) => {
return !notNull(val);
};
const notNullOrEmpty = (val) => {
return notNull(val) && val.length > 0;
};
const isNullOrEmpty = (val) => {
return !notNullOrEmpty(val);
};
const isError = (maybeErr) => {
return notNull(maybeErr) && (maybeErr instanceof Error || maybeErr.message);
};
const systemVersion = () => {
return Application("Finder").version().split(".").map(val => parseInt(val));
};
const systemVersionGreaterThanOrEqualTo = (vers) => {
return systemVersion()[0] >= vers;
};
const isBigSurOrGreater = () => {
return systemVersionGreaterThanOrEqualTo(11);
};
const V11_OR_GREATER = isBigSurOrGreater();
const APP_NAME_MATCHER_ROLE = V11_OR_GREATER ? "AXStaticText" : "AXImage";
const hasAppNames = notNullOrEmpty(appNames);
const hasSkipAppNames = notNullOrEmpty(skipAppNames);
const hasAppNameFilters = hasAppNames || hasSkipAppNames;
const appNameForLog = hasAppNames ? ` [${appNames.join(",")}]` : "";
const logs = [];
const log = (message, ...optionalParams) => {
let message_with_prefix = `${new Date().toISOString().replace("Z", "").replace("T", " ")} [${scriptName}]${appNameForLog} ${message}`;
console.log(message_with_prefix, optionalParams);
logs.push(message_with_prefix);
};
const logError = (message, ...optionalParams) => {
if (isError(message)) {
let err = message;
message = `${err}${err.stack ? (" " + err.stack) : ""}`;
}
log(`ERROR ${message}`, optionalParams);
};
const logErrorVerbose = (message, ...optionalParams) => {
if (verbose) {
logError(message, optionalParams);
}
};
const logVerbose = (message) => {
if (verbose) {
log(message);
}
};
const getLogLines = () => {
return logs.join("\n");
};
const getSystemEvents = () => {
let systemEvents = Application("System Events");
systemEvents.includeStandardAdditions = true;
return systemEvents;
};
const getNotificationCenter = () => {
try {
return getSystemEvents().processes.byName("NotificationCenter");
} catch (err) {
logError("Could not get NotificationCenter");
throw err;
}
};
const getNotificationCenterGroups = (retryOnError = false) => {
try {
let notificationCenter = getNotificationCenter();
if (notificationCenter.windows.length <= 0) {
return [];
}
if (!V11_OR_GREATER) {
return notificationCenter.windows();
}
return notificationCenter.windows[0].uiElements[0].uiElements[0].uiElements();
} catch (err) {
logError("Could not get NotificationCenter groups");
if (retryOnError) {
logError(err);
log("Retrying getNotificationCenterGroups...");
return getNotificationCenterGroups(false);
} else {
throw err;
}
}
};
const isClearButton = (description, name) => {
return description === "button" && name === CLEAR_ALL_ACTION_TOP;
};
const matchesAnyAppNames = (value, checkValues) => {
if (isNullOrEmpty(checkValues)) {
return false;
}
let lowerAppName = value.toLowerCase();
for (let checkValue of checkValues) {
if (lowerAppName === checkValue.toLowerCase()) {
return true;
}
}
return false;
};
const matchesAppName = (role, value) => {
if (role !== APP_NAME_MATCHER_ROLE) {
return false;
}
if (hasAppNames) {
return matchesAnyAppNames(value, appNames);
}
return !matchesAnyAppNames(value, skipAppNames);
};
const notificationGroupMatches = (group) => {
try {
let description = group.description();
if (V11_OR_GREATER && isClearButton(description, group.name())) {
return true;
}
if (V11_OR_GREATER && description !== "group") {
return false;
}
if (!V11_OR_GREATER) {
let matchedAppName = !hasAppNameFilters;
if (!matchedAppName) {
for (let elem of group.uiElements()) {
if (matchesAppName(elem.role(), elem.description())) {
matchedAppName = true;
break;
}
}
}
if (matchedAppName) {
return notNull(findCloseActionV10(group, -1));
}
return false;
}
if (!hasAppNameFilters) {
return true;
}
let firstElem = group.uiElements[0];
return matchesAppName(firstElem.role(), firstElem.value());
} catch (err) {
logErrorVerbose(`Caught error while checking window, window is probably closed: ${err}`);
logErrorVerbose(err);
}
return false;
};
const findCloseActionV10 = (group, closedCount) => {
try {
for (let elem of group.uiElements()) {
if (elem.role() === "AXButton" && elem.title() === CLOSE_ACTION) {
return elem.actions["AXPress"];
}
}
} catch (err) {
logErrorVerbose(`(group_${closedCount}) Caught error while searching for close action, window is probably closed: ${err}`);
logErrorVerbose(err);
return null;
}
log("No close action found for notification");
return null;
};
const findCloseAction = (group, closedCount) => {
try {
if (!V11_OR_GREATER) {
return findCloseActionV10(group, closedCount);
}
let checkForPress = isClearButton(group.description(), group.name());
let clearAllAction;
let closeAction;
for (let action of group.actions()) {
let description = action.description();
if (description === CLEAR_ALL_ACTION) {
clearAllAction = action;
break;
} else if (description === CLOSE_ACTION) {
closeAction = action;
} else if (checkForPress && description === "press") {
clearAllAction = action;
break;
}
}
if (notNull(clearAllAction)) {
return clearAllAction;
} else if (notNull(closeAction)) {
return closeAction;
}
} catch (err) {
logErrorVerbose(`(group_${closedCount}) Caught error while searching for close action, window is probably closed: ${err}`);
logErrorVerbose(err);
return null;
}
log("No close action found for notification");
return null;
};
const closeNextGroup = (groups, closedCount) => {
try {
for (let group of groups) {
if (notificationGroupMatches(group)) {
let closeAction = findCloseAction(group, closedCount);
if (notNull(closeAction)) {
try {
closeAction.perform();
return [true, 1];
} catch (err) {
logErrorVerbose(`(group_${closedCount}) Caught error while performing close action, window is probably closed: ${err}`);
logErrorVerbose(err);
}
}
return [true, 0];
}
}
return false;
} catch (err) {
logError("Could not run closeNextGroup");
throw err;
}
};
try {
let groupsCount = getNotificationCenterGroups(true).filter(group => notificationGroupMatches(group)).length;
if (groupsCount > 0) {
logVerbose(`Closing ${groupsCount}${appNameForLog} notification group${(groupsCount > 1 ? "s" : "")}`);
let startTime = new Date().getTime();
let closedCount = 0;
let maybeMore = true;
let maxAttempts = 2;
let attempts = 1;
while (maybeMore && ((new Date().getTime() - startTime) <= (1000 * 30))) {
try {
let closeResult = closeNextGroup(getNotificationCenterGroups(), closedCount);
maybeMore = closeResult[0];
if (maybeMore) {
closedCount = closedCount + closeResult[1];
}
} catch (innerErr) {
if (maybeMore && closedCount === 0 && attempts < maxAttempts) {
log(`Caught an error before anything closed, trying ${maxAttempts - attempts} more time(s).`)
attempts++;
} else {
throw innerErr;
}
}
}
} else {
throw Error(`No${appNameForLog} notifications found...`);
}
} catch (err) {
logError(err);
logError(err.message);
getLogLines();
throw err;
}
return getLogLines();
}

9
platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/Launcher.spoon/init.lua
View File

@ -56,11 +56,15 @@ function obj:init()
-- Launcher shortcuts
self.launcher:bind("ctrl", "space", function() end)
self.launcher:bind("", "return", function()
self:switch("@wezterm@")
-- self:switch("@wezterm@")
self:switch("@ghostty@")
end)
self.launcher:bind("", "C", function()
self:switch("Calendar.app")
end)
self.launcher:bind("", "D", function()
self:switch("@discord@")
end)
self.launcher:bind("shift", "D", function()
hs.execute("launchctl remove com.paloaltonetworks.gp.pangps")
hs.execute("launchctl remove com.paloaltonetworks.gp.pangpa")
@ -101,6 +105,9 @@ function obj:init()
self.launcher:bind("", "Z", function()
self:switch("zoom.us.app")
end)
self.launcher:bind("shift", "Z", function()
self:switch("@zed@")
end)
end
function obj:switch(app)

1
platforms/home-manager/modules/nmasur/presets/services/hammerspoon/Spoons/MoveWindow.spoon/worklayout.lua
View File

@ -42,6 +42,7 @@ local function worklayout()
-- set the layout
local left = {
{ "WezTerm", nil, WORK_ONLY_MONITOR, u(0, 0, 1 / 2, 1), nil, nil, visible = true },
{ "Ghostty", nil, WORK_ONLY_MONITOR, u(0, 0, 1 / 2, 1), nil, nil, visible = true },
}
local right = {
{ "Slack", nil, WORK_ONLY_MONITOR, u(1 / 2, 0, 1 / 2, 1), nil, nil, visible = true },

19
platforms/home-manager/modules/nmasur/presets/services/hammerspoon/default.nix
View File

@ -18,14 +18,17 @@ in
xdg.configFile."hammerspoon/init.lua".source = ./init.lua;
xdg.configFile."hammerspoon/Spoons/ControlEscape.spoon".source = ./Spoons/ControlEscape.spoon;
xdg.configFile."hammerspoon/Spoons/DismissAlerts.spoon".source = ./Spoons/DismissAlerts.spoon;
xdg.configFile."hammerspoon/Spoons/Launcher.spoon/init.lua".source = pkgs.substituteAll {
src = ./Spoons/Launcher.spoon/init.lua;
firefox = "${pkgs.firefox-bin}/Applications/Firefox.app";
discord = "${pkgs.discord}/Applications/Discord.app";
wezterm = "${pkgs.wezterm}/Applications/WezTerm.app";
obsidian = "${pkgs.obsidian}/Applications/Obsidian.app";
slack = "${pkgs.slack}/Applications/Slack.app";
};
xdg.configFile."hammerspoon/Spoons/Launcher.spoon/init.lua".source =
pkgs.replaceVars ./Spoons/Launcher.spoon/init.lua
{
discord = "${pkgs.discord}/Applications/Discord.app";
firefox = "${pkgs.firefox-unwrapped}/Applications/Firefox.app";
ghostty = "${config.programs.ghostty.package}/Applications/Ghostty.app";
obsidian = "${pkgs.obsidian}/Applications/Obsidian.app";
slack = "${pkgs.slack}/Applications/Slack.app";
wezterm = "${pkgs.wezterm}/Applications/WezTerm.app";
zed = "${pkgs.zed-editor}/Applications/Zed.app";
};
xdg.configFile."hammerspoon/Spoons/MoveWindow.spoon".source = ./Spoons/MoveWindow.spoon;
home.activation.reloadHammerspoon = config.lib.dag.entryAfter [ "writeBoundary" ] ''

7
platforms/home-manager/modules/nmasur/presets/services/i3.nix
View File

@ -94,7 +94,7 @@ in
ws10 = "10:X";
in
{
terminal = cfg.terminal.meta.mainProgram;
# terminal = cfg.terminal.meta.mainProgram;
modifier = modifier;
assigns = {
"${ws1}" = [ { class = "Firefox"; } ];
@ -103,6 +103,7 @@ in
{ class = "kitty"; }
{ class = "obsidian"; }
{ class = "wezterm"; }
{ class = "ghostty"; }
];
"${ws3}" = [ { class = "discord"; } ];
"${ws4}" = [
@ -213,9 +214,9 @@ in
cfg.commands.lockScreen != null
) "exec ${cfg.commands.lockScreen}";
"${modifier}+Mod1+h" =
"exec --no-startup-id ${lib.getExe cfg.terminal} -e sh -c '${pkgs.home-manager}/bin/home-manager switch --flake ${config.nmasur.presets.programs.dotfiles.path} || read'";
"exec --no-startup-id ${lib.getExe cfg.terminal} --command sh -c '${pkgs.home-manager}/bin/home-manager switch --flake ${config.nmasur.presets.programs.dotfiles.path} || read'";
"${modifier}+Mod1+r" =
"exec --no-startup-id ${lib.getExe cfg.terminal} -e sh -c 'doas nixos-rebuild switch --flake ${config.nmasur.presets.programs.dotfiles.path} || read'";
"exec --no-startup-id ${lib.getExe cfg.terminal} --command sh -c 'doas nixos-rebuild switch --flake ${config.nmasur.presets.programs.dotfiles.path} || read'";
# Window options
"${modifier}+q" = "kill";

4
platforms/home-manager/modules/nmasur/presets/services/keybase.nix
View File

@ -35,5 +35,9 @@ in
".rgignore".text = ignorePatterns;
".fdignore".text = ignorePatterns;
};
# Ignore in zoxide
home.sessionVariables = {
_ZO_EXCLUDE_DIRS = "$HOME/keybase/*";
};
};
}

4
platforms/home-manager/modules/nmasur/presets/services/mbsync/mbsync.nix
View File

@ -6,7 +6,7 @@
}:
let
inherit (config.nmasur.settings) fullName hostnames;
inherit (config.nmasur.settings) username fullName hostnames;
cfg = config.nmasur.presets.services.mbsync;
in
@ -17,10 +17,12 @@ in
user = lib.mkOption {
type = lib.types.str;
description = "User name for the email address.";
default = username;
};
server = lib.mkOption {
type = lib.types.str;
description = "Server name for the email address.";
default = hostnames.mail;
};
imapHost = lib.mkOption {
type = lib.types.str;

14
platforms/home-manager/modules/nmasur/presets/services/polybar.nix
View File

@ -129,14 +129,22 @@ in
folder:main/Inbox \
2>/dev/null
)
if [ $UNREAD = "0" ]; then
if [ "$UNREAD" = "0" ]; then
echo ""
else
echo "%{T2}%{T-} $UNREAD "
fi
''
);
click-left = "i3-msg 'exec --no-startup-id kitty --class aerc aerc'; sleep 0.15; i3-msg '[class=aerc] focus'";
click-left =
let
startupCommand =
if config.nmasur.presets.services.i3.terminal == pkgs.wezterm then
"start --class aerc -- aerc"
else
"--class=aerc --command=aerc";
in
"i3-msg 'exec --no-startup-id ${config.nmasur.presets.services.i3.terminal} ${startupCommand}'; sleep 0.15; i3-msg '[class=aerc] focus'";
};
"module/network" = {
type = "internal/network";
@ -218,7 +226,7 @@ in
"module/power" = {
type = "custom/text";
content = " ";
click-left = config.nmasur.presets.services.i3.commands.toggleBar;
click-left = config.nmasur.presets.services.i3.commands.power;
click-right = "polybar-msg cmd restart";
content-foreground = config.theme.colors.base04;
};

4
platforms/home-manager/modules/nmasur/profiles/common.nix
View File

@ -13,6 +13,10 @@ in
config = lib.mkIf cfg.enable {
home.username = config.nmasur.settings.username;
home.homeDirectory =
if pkgs.stdenv.isDarwin then "/Users/${config.home.username}" else "/home/${config.home.username}";
home.packages = [
pkgs.dig # DNS lookup
pkgs.fd # find

13
platforms/home-manager/modules/nmasur/profiles/darwin-base.nix
View File

@ -14,6 +14,16 @@ in
options.nmasur.profiles.darwin-base.enable = lib.mkEnableOption "Base macOS home-manager config";
config = lib.mkIf cfg.enable {
nmasur.presets = {
fonts.enable = lib.mkDefault true;
services.hammerspoon.enable = lib.mkDefault true;
programs.nixpkgs-darwin.enable = lib.mkDefault true;
programs.mpv.enable = lib.mkDefault true;
};
home.homeDirectory = lib.mkForce "/Users/${config.home.username}";
# Default shell setting doesn't work
home.sessionVariables = {
SHELL = "${pkgs.fish}/bin/fish";
@ -22,6 +32,8 @@ in
# Used for aerc
xdg.enable = lib.mkDefault pkgs.stdenv.isDarwin;
programs.fish.shellAbbrs.t = "trash";
# Add homebrew paths to CLI path
home.sessionPath = [
"/opt/homebrew/bin/"
@ -30,6 +42,7 @@ in
home.packages = [
pkgs.noti # Create notifications programmatically
pkgs.ice-bar # Menu bar hiding
];
};

13
platforms/home-manager/modules/nmasur/profiles/experimental.nix
View File

@ -15,6 +15,14 @@ in
config = lib.mkIf cfg.enable {
nmasur.presets.programs = {
zed-editor.enable = lib.mkDefault true;
ghostty.enable = lib.mkDefault true;
helix.enable = lib.mkDefault true;
zellij.enable = lib.mkDefault true;
lazygit.enable = lib.mkDefault true;
};
home.packages = [
# Charm tools
@ -24,13 +32,12 @@ in
pkgs.charm # Manage account and filesystem
pkgs.pop # Send emails from a TUI
pkgs.yazi # TUI file explorer
];
programs.gh-dash.enable = lib.mkDefault true;
programs.helix.enable = lib.mkDefault true;
programs.zed-editor.enable = lib.mkDefault true;
programs.himalaya.enable = lib.mkDefault true;
};
}

3
platforms/home-manager/modules/nmasur/profiles/linux-gui.nix
View File

@ -24,13 +24,14 @@ in
discord.enable = lib.mkDefault true;
dotfiles.enable = lib.mkDefault true;
firefox.enable = lib.mkDefault true;
ghostty.enable = lib.mkDefault true;
mpv.enable = lib.mkDefault true;
nautilus.enable = lib.mkDefault true;
notmuch.enable = lib.mkDefault true;
nsxiv.enable = lib.mkDefault true;
obsidian.enable = lib.mkDefault true;
rofi.enable = lib.mkDefault true;
xclip.enable = lib.mkDefault true;
wezterm.enable = lib.mkDefault true;
zathura.enable = lib.mkDefault true;
};
services = {

23
platforms/home-manager/modules/nmasur/profiles/power-user.nix
View File

@ -15,25 +15,26 @@ in
home.packages = [
pkgs.age # Encryption
pkgs.bc # Calculator
pkgs.bottom # System monitor (top)
pkgs.delta # Fancy diffs
pkgs.difftastic # Other fancy diffs
pkgs.doggo # DNS client (dig)
pkgs.du-dust # Disk usage tree (ncdu)
pkgs.dua # File sizes (du)
pkgs.duf # Basic disk information (df)
pkgs.jless # JSON viewer
pkgs.jo # JSON output
pkgs.mpd # TUI slideshows
pkgs.nmasur.jqr # FZF fq JSON tool
pkgs.nmasur.osc # Clipboard over SSH
# pkgs.nmasur.ren-find # Rename files
# pkgs.nmasur.rep-grep # Replace text in files
pkgs.pandoc # Convert text documents
pkgs.qrencode # Generate qr codes
pkgs.nmasur.ren-find # Rename files
pkgs.nmasur.rep-grep # Replace text in files
pkgs.spacer # Output lines in terminal
pkgs.tealdeer # Cheatsheets
pkgs.tree # Print tree in terminal
pkgs.vimv-rs # Batch rename files
pkgs.dua # File sizes (du)
pkgs.du-dust # Disk usage tree (ncdu)
pkgs.duf # Basic disk information (df)
pkgs.pandoc # Convert text documents
pkgs.mpd # TUI slideshows
pkgs.doggo # DNS client (dig)
pkgs.bottom # System monitor (top)
pkgs.nmasur.jqr # FZF fq JSON tool
];
programs.fish.shellAliases = {
@ -57,9 +58,11 @@ in
fish.enable = lib.mkDefault true;
fzf.enable = lib.mkDefault true;
git.enable = lib.mkDefault true;
helix.enable = lib.mkDefault true;
neovim.enable = lib.mkDefault true;
nix-index.enable = lib.mkDefault true;
nixpkgs.enable = lib.mkDefault true;
notes.enable = lib.mkDefault true;
prettyping.enable = lib.mkDefault true;
ripgrep.enable = lib.mkDefault true;
weather.enable = lib.mkDefault true;

5
platforms/home-manager/modules/nmasur/profiles/work.nix
View File

@ -39,11 +39,14 @@ in
pkgs.nmasur.terraform-init # Quick shortcut for initializing Terraform backend
];
programs.fish.shellAliases.ec2 = "aws-ec2";
nmasur.presets = {
fonts.enable = lib.mkDefault true;
programs = {
_1password.enable = lib.mkDefault true;
atuin.enable = lib.mkDefault true;
aws-ssh.enable = lib.mkDefault true;
bash.enable = lib.mkDefault true;
bat.enable = lib.mkDefault true;
direnv.enable = lib.mkDefault true;
@ -52,6 +55,7 @@ in
firefox.enable = lib.mkDefault true;
fish.enable = lib.mkDefault true;
fzf.enable = lib.mkDefault true;
ghostty.enable = lib.mkDefault true;
git-work.enable = lib.mkDefault true;
git.enable = lib.mkDefault true;
github.enable = lib.mkDefault true;
@ -64,7 +68,6 @@ in
starship.enable = lib.mkDefault true;
terraform.enable = lib.mkDefault true;
weather.enable = lib.mkDefault true;
wezterm.enable = lib.mkDefault true;
};
};

4
platforms/home-manager/modules/nmasur/settings.nix
View File

@ -10,6 +10,10 @@
type = lib.types.str;
description = "Human readable name of the user";
};
host = lib.mkOption {
type = lib.types.str;
description = "Name of the host of this deployment";
};
hostnames = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
description = "Map of service names to FQDNs";

4
platforms/home-manager/theme.nix
View File

@ -1,4 +1,4 @@
{ lib, ... }:
{ lib, colorscheme, ... }:
{
@ -11,7 +11,7 @@
colors = lib.mkOption {
type = lib.types.attrs;
description = "Base16 color scheme.";
default = (import ../../colorscheme/gruvbox).dark;
default = colorscheme.gruvbox.dark;
};
mode = lib.mkOption {
type = lib.types.enum [

9
platforms/nix-darwin/default.nix
View File

@ -1,9 +0,0 @@
{ lib, ... }:
{
imports = lib.pipe (lib.filesystem.listFilesRecursive ./.) [
# Get only files ending in .nix
(builtins.filter (name: lib.hasSuffix ".nix" name))
# Remove this file
(builtins.filter (name: name != ./default.nix))
];
}

2
platforms/nix-darwin/modules/nmasur/presets/programs/homebrew.nix
View File

@ -15,7 +15,7 @@ in
config = lib.mkIf cfg.enable {
# Requires Homebrew to be installed
system.activationScripts.preUserActivation.text = ''
system.activationScripts.preActivation.text = ''
if ! xcode-select --version 2>/dev/null; then
$DRY_RUN_CMD xcode-select --install
fi

5
platforms/nix-darwin/modules/nmasur/presets/services/dock.nix
View File

@ -6,6 +6,7 @@
}:
let
inherit (config.nmasur.settings) username;
cfg = config.nmasur.presets.services.dock;
in
@ -45,13 +46,13 @@ in
"/Applications/1Password.app"
"${pkgs.slack}/Applications/Slack.app"
"/System/Applications/Calendar.app"
"${pkgs.firefox-bin}/Applications/Firefox.app"
"${pkgs.firefox-unwrapped}/Applications/Firefox.app"
"/System/Applications/Messages.app"
"/System/Applications/Mail.app"
"/Applications/zoom.us.app"
"${config.home-manager.users.${username}.programs.ghostty.package}/Applications/Ghostty.app"
"${pkgs.discord}/Applications/Discord.app"
"${pkgs.obsidian}/Applications/Obsidian.app"
"${pkgs.wezterm}/Applications/WezTerm.app"
];
};
};

2
platforms/nix-darwin/modules/nmasur/presets/services/finder.nix
View File

@ -59,7 +59,7 @@ in
};
# User-level settings
system.activationScripts.postUserActivation.text = ''
system.activationScripts.postActivation.text = ''
echo "Show the ~/Library folder"
chflags nohidden ~/Library
'';

2
platforms/nix-darwin/modules/nmasur/presets/services/hammerspoon.nix
View File

@ -18,7 +18,7 @@ in
homebrew.casks = [ "hammerspoon" ];
system.activationScripts.postUserActivation.text = ''
system.activationScripts.postActivation.text = ''
defaults write org.hammerspoon.Hammerspoon MJConfigFile "${
config.home-manager.users.${username}.xdg.configHome
}/hammerspoon/init.lua"

2
platforms/nix-darwin/modules/nmasur/presets/services/menubar.nix
View File

@ -15,7 +15,7 @@ in
config = lib.mkIf cfg.enable {
# User-level settings
system.activationScripts.postUserActivation.text = ''
system.activationScripts.postActivation.text = ''
echo "Reduce Menu Bar padding"
defaults write -globalDomain NSStatusItemSelectionPadding -int 6
defaults write -globalDomain NSStatusItemSpacing -int 6

24
platforms/nix-darwin/modules/nmasur/presets/services/nix-daemon.nix
View File

@ -1,24 +0,0 @@
{
config,
lib,
...
}:
let
cfg = config.nmasur.presets.services.nix-daemon;
in
{
options.nmasur.presets.services.nix-daemon.enable = lib.mkEnableOption "Nix garbage collection";
config = lib.mkIf cfg.enable {
services.nix-daemon.enable = true;
nix.gc.interval = {
Hour = 12;
Minute = 15;
Day = 1;
};
};
}

7
platforms/nix-darwin/modules/nmasur/presets/services/nix.nix
View File

@ -18,6 +18,8 @@ in
nix = {
enable = true;
# Set channel to flake packages, used for nix-shell commands
nixPath = [ "nixpkgs=${pkgs.path}" ];
@ -37,6 +39,11 @@ in
gc = {
automatic = true;
options = "--delete-older-than 10d";
interval = {
Hour = 12;
Minute = 15;
Day = 1;
};
};
settings = {

2
platforms/nix-darwin/modules/nmasur/presets/services/settings.nix
View File

@ -14,7 +14,7 @@ in
config = lib.mkIf cfg.enable {
security.pam.enableSudoTouchIdAuth = true;
security.pam.services.sudo_local.touchIdAuth = true;
system = {

2
platforms/nix-darwin/modules/nmasur/presets/services/user.nix
View File

@ -16,7 +16,7 @@ in
config = lib.mkIf cfg.enable {
users.users."${username}" = {
# macOS user
home = config.home-manager.users.${username}.home.homeDirectory;
home = "/Users/${username}";
uid = 502;
# shell = pkgs.fish; # Default shell
};

33
platforms/nix-darwin/modules/nmasur/profiles/base.nix
View File

@ -14,9 +14,22 @@ in
config = lib.mkIf cfg.enable {
nmasur.presets.programs = {
fish = lib.mkDefault true;
homebrew = lib.mkDefault true;
system.primaryUser = config.nmasur.settings.username;
nmasur.presets = {
programs = {
fish.enable = lib.mkDefault true;
homebrew.enable = lib.mkDefault true;
};
services = {
dock.enable = lib.mkDefault true;
finder.enable = lib.mkDefault true;
hammerspoon.enable = lib.mkDefault true;
menubar.enable = lib.mkDefault true;
nix.enable = lib.mkDefault true;
settings.enable = lib.mkDefault true;
user.enable = lib.mkDefault true;
};
};
homebrew.brews = [
@ -25,20 +38,8 @@ in
homebrew.casks = [
"scroll-reverser" # Different scroll style for mouse vs. trackpad
"notunes" # Don't launch Apple Music with the play button
"topnotch" # Darkens the menu bar to complete black
];
# Include home-manager config in nix-darwin
home-manager = {
sharedModules = [ ../../../../home-manager ];
# Use the system-level nixpkgs instead of Home Manager's
useGlobalPkgs = lib.mkDefault true;
# Install packages to /etc/profiles instead of ~/.nix-profile, useful when
# using multiple profiles for one user
useUserPackages = lib.mkDefault true;
};
};
}

8
platforms/nix-darwin/modules/nmasur/profiles/extra.nix
View File

@ -20,5 +20,13 @@ in
"keybase" # GUI on Nix not available for macOS
];
nix.linux-builder = {
enable = true;
systems = [
"x86_64-linux"
"aarch64-linux"
];
};
};
}

9
platforms/nixos/default.nix
View File

@ -1,9 +0,0 @@
{ lib, ... }:
{
imports = lib.pipe (lib.filesystem.listFilesRecursive ./.) [
# Get only files ending in .nix
(builtins.filter (name: lib.hasSuffix ".nix" name))
# Remove this file
(builtins.filter (name: name != ./default.nix))
];
}

85
platforms/nixos/modules/nmasur/presets/services/actualbudget.nix
View File

@ -1,85 +0,0 @@
{
config,
lib,
...
}:
let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.actualbudget;
in
{
options.nmasur.presets.services.actualbudget = {
enable = lib.mkEnableOption "ActualBudget budgeting service";
port = lib.mkOption {
type = lib.types.port;
description = "Port to use for the localhost";
default = 5006;
};
};
config = lib.mkIf cfg.enable {
virtualisation.podman.enable = true;
# Create a shared group for generic services
users.groups.shared = { };
users.users.actualbudget = {
isSystemUser = true;
group = "shared";
uid = 980;
};
# Create budget directory, allowing others to manage it
systemd.tmpfiles.rules = [
"d /var/lib/actualbudget 0770 actualbudget shared"
];
virtualisation.oci-containers.containers.actualbudget = {
workdir = null;
volumes = [ "/var/lib/actualbudget:/data" ];
user = "${toString (builtins.toString config.users.users.actualbudget.uid)}";
pull = "missing";
privileged = false;
ports = [ "127.0.0.1:${builtins.toString cfg.port}:5006" ];
networks = [ ];
log-driver = "journald";
labels = {
app = "actualbudget";
};
image = "ghcr.io/actualbudget/actual-server:25.1.0";
hostname = null;
environmentFiles = [ ];
environment = {
DEBUG = "actual:config"; # Enable debug logging
ACTUAL_TRUSTED_PROXIES = builtins.concatStringsSep "," [ "127.0.0.1" ];
};
dependsOn = [ ];
autoStart = true;
};
# Allow web traffic to Caddy
nmasur.presets.services.caddy.routes = [
{
match = [ { host = [ hostnames.budget ]; } ];
handle = [
{
handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${builtins.toString cfg.port}"; } ];
}
];
}
];
# Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.budget ];
# Backups
services.restic.backups.default.paths = [ "/var/lib/actualbudget" ];
};
}

17
platforms/nixos/modules/nmasur/presets/services/actualbudget/actualbudget-budget-id.age Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyA0VjJk
a2c0Q1pVcEVCdjd3OE1xZ2s2a29YdjdWTUZkK1hnMFNwVTRVMVFVCkhpY2tjQmFz
K3dzVEgrcnBuRlgyZzYwWGtiQzh6RjNtNmNUb2FSVCsxMTAKLT4gc3NoLWVkMjU1
MTkgWXlTVU1RIFM3cVpTaVFYK1NEYitaSEtLUE5yVDhXTGNHSnN3UjdROTVDeXND
VjFUQjAKYnF6RWtjaFZNM1cxSTJUV0p4UExoenhicGpESEk0R2Q0VncrUldwSndi
UQotPiBzc2gtZWQyNTUxOSBuanZYNUEgOTltRmlNNFQzTWpsVVdHUXBqS1lKRldJ
dW9kVHJqZFRrQWFTK2ZDMi8zZwpTUlRqZUkzSWlibGhMVzRwQmdldVREeGpsRTRr
L1FUZHowdVprNlEvVVJ3Ci0+IHNzaC1lZDI1NTE5IENxSU9VQSBjeUZRdmtENUQw
Ukoxb3NNYU5JeE1OSVBGcWhPZS9mY1BEb0tVbnB3bVdNCnRHRXhpd0dEbWZuNEg0
a1BMdk5yc2x6Y0EzQXo1U1hwZnJuUzJ1ckt1VDAKLT4gc3NoLWVkMjU1MTkgejFP
Y1p3IExJeHhnTlgrSXpVYkxWdnZldlR4Q1JzZE9PWFowbWJSQ1pTbkp3YWFoUzgK
L1ErSnZ3cWVXeVU0TThPaFVsVjBTdHh1YlQ3cTduQ2xIejZScEJSZGp6MAotLS0g
SFJpT2JlSktBaFZhdjlyOWRhLzJiT21OditjczZJcU9iMFJMUzhNdzVZMAp0yAab
89wcmBqmuQLoFYRs/Tj+UvWa4UaXvNFGZM9zIH8WEJDxO+QviDL1NETOuI4T9X1q
JYa7c4PAwV8KgMkdKpHVJ3sN1+Kg82UXXSCTjpRHa33OBZTC
-----END AGE ENCRYPTED FILE-----

17
platforms/nixos/modules/nmasur/presets/services/actualbudget/actualbudget-password.age Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBQY3lv
SG9kNkN1S3RZdE80cWJTd0k0UkdiNmZXT085Um9Vd0FGYWpObHc0CnQvVjF4L0xu
ajNvQkFueVREaWxLWFhyNGkvL2ZlOHdEYXdTRkowbk9WUUUKLT4gc3NoLWVkMjU1
MTkgWXlTVU1RIE5aT3ZlMDJjNkJaZmFDV3ZKSHo5UEhnTlM5dHk1R0dYSXFNOWxJ
OThEaGcKcmNsMVUxaTI1b0FtbFdtMzlVYVZxcnllVmlwaDRuUkR4d3BNbm12eU5x
OAotPiBzc2gtZWQyNTUxOSBuanZYNUEgR3BmQk5Nd0E3RC9UQ1ZoWmxTNlhubjVZ
Vi8xL3V3YTNqUVh2ZVZrRkNtawpLaWhxY1FQajJZeGJzakd3ZDhrbmd4T2JNVlUy
dzFOMGcwRmJML3hPTzRBCi0+IHNzaC1lZDI1NTE5IENxSU9VQSBDNTQzZ0syVHNS
TTJPUm9OMUcyNTY5VGZkNEVESmt2eVQrSzJlUEgwS0E4ClRqbk9FTGZNRG9zSHlC
UXQyN0N1WDN4MHNrNFgrUjdQQUc4aU8xajRVdkEKLT4gc3NoLWVkMjU1MTkgejFP
Y1p3IHpiaEsvbCtwMlkyMWpJMS9XWExudDRpaE4xMmQ4eXIzU2RaTGd3TUg3eHMK
anpIV01KVDdvZGI5M1dmME1KaC9jcFkrVlN4TmlXN21tUnhIYnlEMEdHcwotLS0g
dy9LeGpiNkowQkNwOFNFeHUveGRveDRhajVtNEU3SWE0MEhOYTl6ZHM0QQq/Dg+2
OrqL8yCAai3J8djSktSmhAc/jdbEnHVdl3943Enyrn+Zz2HcUe96RySrleCt+QxL
Dezprhehi7jK7KmIAGOspicA0e/4GQ8txsb2fQ==
-----END AGE ENCRYPTED FILE-----

132
platforms/nixos/modules/nmasur/presets/services/actualbudget/actualbudget.nix Normal file
View File

@ -0,0 +1,132 @@
{
config,
pkgs,
lib,
...
}:
let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.actualbudget;
in
{
options.nmasur.presets.services.actualbudget = {
enable = lib.mkEnableOption "ActualBudget budgeting service";
port = lib.mkOption {
type = lib.types.port;
description = "Port to use for the localhost";
default = 5006;
};
prometheusPort = lib.mkOption {
type = lib.types.port;
description = "Port to use for prometheus actual exporter";
default = 5007;
};
};
config = lib.mkIf cfg.enable {
services.actual = {
enable = true;
settings = {
port = cfg.port;
};
};
# systemd.services.prometheus-actual-exporter = {
# enable = true;
# description = "Prometheus exporter for Actual budget";
# serviceConfig = {
# DynamicUser = true;
# Environment = [
# "ACTUAL_SERVER_URL=https://${hostnames.budget}:443"
# "PORT=${builtins.toString cfg.prometheusPort}"
# ];
# EnvironmentFile = [
# config.secrets.actualbudget-password.dest
# config.secrets.actualbudget-budget-id.dest
# ];
# ExecStart = lib.getExe pkgs.nmasur.prometheus-actual-exporter;
# };
# wantedBy = [
# "multi-user.target"
# ];
# };
# Used for prometheus exporter
virtualisation.podman.enable = true;
# Create a shared group for generic services
users.groups.shared = { };
users.users.actualbudget = {
isSystemUser = true;
group = "shared";
uid = 980;
};
virtualisation.oci-containers.containers.actualbudget-prometheus-exporter = {
workdir = null;
user = builtins.toString config.users.users.actualbudget.uid;
pull = "missing";
privileged = false;
ports = [ "127.0.0.1:5007:3001" ];
networks = [ ];
log-driver = "journald";
labels = {
app = "actualbudget-prometheus-exporter";
};
image = "docker.io/sakowicz/actual-budget-prometheus-exporter:1.1.5";
hostname = null;
environmentFiles = [
config.secrets.actualbudget-password.dest
config.secrets.actualbudget-budget-id.dest
];
environment = {
ACTUAL_SERVER_URL = "https://${hostnames.budget}:443";
};
# dependsOn = [ "actualbudget" ];
autoStart = true;
};
nmasur.presets.services.prometheus-exporters.scrapeTargets = [
"127.0.0.1:${builtins.toString cfg.prometheusPort}"
];
secrets.actualbudget-password = {
source = ./actualbudget-password.age;
dest = "${config.secretsDirectory}/actualbudget-password";
owner = builtins.toString config.users.users.actualbudget.uid;
group = builtins.toString config.users.users.actualbudget.uid;
};
secrets.actualbudget-budget-id = {
source = ./actualbudget-budget-id.age;
dest = "${config.secretsDirectory}/actualbudget-budget-id";
owner = builtins.toString config.users.users.actualbudget.uid;
group = builtins.toString config.users.users.actualbudget.uid;
};
# Allow web traffic to Caddy
nmasur.presets.services.caddy.routes = [
{
match = [ { host = [ hostnames.budget ]; } ];
handle = [
{
handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${builtins.toString cfg.port}"; } ];
}
];
}
];
# Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.budget ];
# Backups
services.restic.backups.default.paths = [ "/var/lib/actual" ];
};
}

14
platforms/nixos/modules/nmasur/presets/services/arr/arr.nix
View File

@ -60,28 +60,23 @@ in
services = {
bazarr = {
enable = true;
group = lib.mkIf config.nmasur.profiles.shared-media.enable "shared";
};
jellyseerr.enable = true;
prowlarr.enable = true;
sabnzbd = {
enable = true;
group = lib.mkIf config.nmasur.profiles.shared-media.enable "shared";
# The config file must be editable within the application
# It contains server configs and credentials
configFile = "/data/downloads/sabnzbd/sabnzbd.ini";
};
sonarr = {
enable = true;
group = lib.mkIf config.nmasur.profiles.shared-media.enable "shared";
};
radarr = {
enable = true;
group = lib.mkIf config.nmasur.profiles.shared-media.enable "shared";
};
readarr = {
enable = true;
group = lib.mkIf config.nmasur.profiles.shared-media.enable "shared";
};
};
@ -96,7 +91,6 @@ in
{
# Group means that routes with the same name are mutually exclusive,
# so they are split between the appropriate services.
group = "download";
match = [
{
host = [ hostnames.download ];
@ -112,7 +106,6 @@ in
];
}
{
group = "download";
match = [
{
host = [ hostnames.download ];
@ -127,7 +120,6 @@ in
];
}
{
group = "download";
match = [
{
host = [ hostnames.download ];
@ -142,7 +134,6 @@ in
];
}
{
group = "download";
match = [
{
host = [ hostnames.download ];
@ -158,7 +149,6 @@ in
];
}
{
group = "download";
match = [
{
host = [ hostnames.download ];
@ -178,7 +168,6 @@ in
];
}
{
group = "download";
match = [
{
host = [ hostnames.download ];
@ -193,7 +182,6 @@ in
];
}
{
group = "download";
match = [ { host = [ hostnames.download ]; } ];
handle = [
{
@ -255,7 +243,7 @@ in
prefix = "API_KEY=";
};
secrets.readarrApiKey = {
source = ./radarr-api-key.age;
source = ./readarr-api-key.age;
dest = "/var/private/readarr-api";
prefix = "API_KEY=";
};

Some files were not shown because too many files have changed in this diff Show More