noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-07-07 21:50:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: noah:legacy
Branches Tags
noah:master noah:platform noah:home-manager-fix noah:immich-proxy noah:microcode noah:nixd noah:eblume-mole noah:language-checks noah:keyd-2.4.3 noah:sway noah:nixosmodules noah:unfree-predicate-by-pkgs noah:darwin-ssl
noah:pre-platform noah:begin-nixos noah:begin-nix noah:neovim-lua noah:pre-nix noah:legacy
...
compare: noah:b06b6490f4b5a99b22d2f7b256cff3e7d4fc36e3
Branches Tags
noah:master noah:platform noah:home-manager-fix noah:immich-proxy noah:microcode noah:nixd noah:eblume-mole noah:language-checks noah:keyd-2.4.3 noah:sway noah:nixosmodules noah:unfree-predicate-by-pkgs noah:darwin-ssl
noah:pre-platform noah:begin-nixos noah:begin-nix noah:neovim-lua noah:pre-nix noah:legacy

93 Commits
legacy ... b06b6490f4

Author SHA1 Message Date
Noah Masur
b06b6490f4 start working on readme table 
fill out readme table

more readme links and move installation

clean up

add more flake comments

hosts and modules readmes

fix: macos readme link

switch links to relative file
 2023-03-22 21:38:39 -04:00
Noah Masur
514244476d adjust rofi themes 2023-03-22 21:33:06 -04:00
Noah Masur
47590abc3a lazy evaluated let for rofi 2023-03-22 21:17:15 -04:00
Noah Masur
f69d233c39 switch audio with rofi and add extraLib 2023-03-22 21:15:41 -04:00
Noah Masur
9b97c9ac84 update lockfile, fix darwin 2023-03-22 16:20:38 -04:00
Noah Masur
bda59eeb4a enable num lock on login 2023-03-21 18:37:22 -04:00
Noah Masur
e7468ecc46 fix: swan globals not included 2023-03-20 03:36:15 +00:00
Noah Masur
1b798f5af0 grant permissions to service directories 2023-03-20 03:35:54 +00:00
Noah Masur
4406116203 adjust fan curve 2023-03-19 23:35:06 -04:00
Noah Masur
c53f1470ee allow rofi-systemd to use kitty terminal 2023-03-19 12:49:41 -04:00
Noah Masur
da89732001 switch to nsxiv and set media for aerc 2023-03-19 10:45:52 -04:00
Noah Masur
2176a53c4a setup amd gpu fancontrol curve 2023-03-18 09:29:20 -04:00
Noah Masur
28576c1b8f update lockfile 2023-03-16 14:52:20 -04:00
Noah Masur
64590c539b reorder utilities alphabetically 
also add bc
 2023-03-12 20:09:56 -04:00
Noah Masur
78b364afd7 launch aerc with super+E 2023-03-12 20:09:41 -04:00
Noah Masur
f219ce45c8 enable actual bash support 2023-03-12 19:00:59 -04:00
Noah Masur
5002c881f7 fix: mail not syncing read and deleted 2023-03-12 17:08:21 -04:00
Noah Masur
5859377802 fix: arr options when not used 2023-03-12 17:08:21 -04:00
Noah Masur
e6dbed2e17 enable caddy logfile 2023-03-12 13:24:25 +00:00
Noah Masur
86076f0844 add arr services 2023-03-12 13:24:16 +00:00
Noah Masur
2aea76c0e3 switch mpv to managed settings 2023-03-11 14:14:45 -05:00
Noah Masur
42a5ad40de add heroic game launcher 2023-03-11 14:14:25 -05:00
Noah Masur
d4fa322fb1 fix: neovim xdg mimeapps don't work in macos 2023-03-09 10:45:11 -05:00
Noah Masur
3d73f8cab4 switch to nixpkgs slack instead of homebrew 2023-03-09 10:45:00 -05:00
Noah Masur
0df8af607d associate media applications as defaults 2023-03-08 22:58:49 -05:00
Noah Masur
61d9b103b0 set local network hosts file 2023-03-08 22:57:48 -05:00
Noah Masur
71d0d3ca14 move yt-dlp to separate file 2023-03-08 22:57:30 -05:00
Noah Masur
d5b0405b99 fix: default nvim desktop mime-apps 2023-03-08 22:55:34 -05:00
Noah Masur
3cad3d2fb0 bring back tabularize to neovim config 2023-03-08 18:14:52 -05:00
Noah Masur
2acd9b3478 add yt-dlp to media packages 2023-03-08 18:14:30 -05:00
Noah Masur
bf4be11718 don't garbage collect direnv flakes 2023-03-08 17:43:30 -05:00
Noah Masur
4d38d1094f limit number of configurations 
not really a big problem, but worth adding just in case
 2023-03-08 17:42:25 -05:00
Noah Masur
183babd2f0 disable community cachix on macos 
ssl at work prevents connection
 2023-03-08 10:30:47 -05:00
Noah Masur
12682a57e1 macos: don't recreate canvas on app switcher 2023-03-08 10:30:25 -05:00
Noah Masur
31170a616f client samba cleanup 2023-03-05 23:47:52 -05:00
Noah Masur
4502c5ff62 enhancements for samba server 2023-03-06 04:46:12 +00:00
Noah Masur
59bd3590a4 turn on fstrim for ssds 2023-03-05 23:07:03 -05:00
Noah Masur
ebacff7250 remove unnecessary trash in darwin 2023-03-05 23:04:28 -05:00
Noah Masur
763f0bbdda enable trash on linux 2023-03-05 23:04:06 -05:00
Noah Masur
18505d4cbb enable steam remote play 2023-03-05 23:03:34 -05:00
Noah Masur
a7c04b59ed use entire data dir for samba 2023-03-05 20:44:55 +00:00
Noah Masur
d46e6dad6b open firewall for samba connection 2023-03-05 19:59:58 +00:00
Noah Masur
5e4642b92e fix: mail pass file set incorrectly 2023-03-05 09:05:45 -05:00
Noah Masur
7ab78767d4 move calibre books to zfs directory 2023-03-04 01:04:02 +00:00
Noah Masur
366a7f6157 move nextcloud data directory 2023-03-03 20:54:27 +00:00
Noah Masur
fb47302f3b add cachix community binary cache 2023-03-03 09:39:42 -05:00
Noah Masur
cda3ee0a4c credit attribution to LaunchBar for applescript 2023-03-02 15:15:07 -05:00
Noah Masur
0ed11de174 move gvfs outside of common 
nixos-only option
 2023-03-02 14:49:20 -05:00
Noah Masur
ab6f80fc18 overlay for age no longer needed 2023-03-02 14:48:49 -05:00
Noah Masur
d1f21ec874 fix: dismiss notifications with hammerspoon in ventura 2023-03-02 14:47:51 -05:00
Noah Masur
cdcc90f85d docs: restore litestream nextcloud backups 2023-02-28 23:55:21 -05:00
Noah Masur
f5674134fc add nextcloud to swan 2023-03-01 04:54:48 +00:00
Noah Masur
d37cabfd9a fix: don't age encrypt password hash 2023-02-28 00:12:19 -05:00
Noah Masur
6e117769c6 fix: gvfs not in home-manager 2023-02-28 00:11:59 -05:00
Noah Masur
f648e92c28 samba initial setup 2023-02-28 05:05:04 +00:00
Noah Masur
43343b2824 add jellyfin to swan 2023-02-28 04:27:10 +00:00
Noah Masur
ab9136af2c enable backups without any specific 2023-02-28 02:02:45 +00:00
Noah Masur
a7fe90b236 add swan public key 2023-02-26 22:04:45 -05:00
Noah Masur
5557065c8b rearrange swan settings 2023-02-27 02:50:24 +00:00
Noah Masur
de1fae2baf setup but don't use generic zfs config 2023-02-27 01:49:46 +00:00
Noah Masur
2c310fd2f2 fix: disko doesn't have disks attribute 2023-02-26 20:28:10 -05:00
Noah Masur
aa4dc4a0c2 fix: disko root now takes one disk 2023-02-26 20:24:12 -05:00
Noah Masur
44821ea344 fix disko partition for single disk 2023-02-26 20:03:39 -05:00
Noah Masur
cb60542980 refactor apps and separate disko disks 
format-root app still not working
 2023-02-26 19:53:51 -05:00
Noah Masur
3fe6911e2d add separate root nix disko config 2023-02-26 10:55:36 -05:00
Noah Masur
afa62c5510 fix: diskoConfigurations using nixos module 2023-02-26 10:42:11 -05:00
Noah Masur
fea0396dce get neovim added to install-iso 2023-02-26 10:11:33 -05:00
Noah Masur
13014e6cc1 fix: fully enable zfs 2023-02-26 13:23:31 +00:00
Noah Masur
640e447006 replace sumneko_lua with lua_ls 
still the same program, but moved to new repository
 2023-02-25 13:21:50 -05:00
Noah Masur
595a02383e use multiple env variables to force git https 2023-02-25 11:45:40 -05:00
Noah Masur
3689f8ef52 try to force https in single command 2023-02-25 11:40:24 -05:00
Noah Masur
ab6a339c34 try to force https for dotfiles clone 
git seems to fail with ssh, at least to github
 2023-02-25 11:30:41 -05:00
Noah Masur
e6456d7f02 ssh settings for sshd 2023-02-25 11:25:20 -05:00
Noah Masur
fb74122458 fix hardware-configuration for swan 2023-02-25 11:23:26 -05:00
Noah Masur
d56a48cf65 add zfs module with options 2023-02-25 11:22:31 -05:00
Noah Masur
30fe7c2d18 disable disko enforcement 2023-02-25 10:53:45 -05:00
Noah Masur
08716d1c98 fix: label syntax 2023-02-25 10:37:28 -05:00
Noah Masur
60b68785a9 fix: types 2023-02-25 10:35:56 -05:00
Noah Masur
c360460d80 add filesystem labels to disko config 2023-02-25 10:32:54 -05:00
Noah Masur
b1b5e77f47 back to disko module once again 2023-02-25 10:22:24 -05:00
Noah Masur
67af160088 back to plain attrset for disko 2023-02-25 10:02:54 -05:00
Noah Masur
80d0451ff3 Revert "don't make disks.nix proper nixos module" 
This reverts commit 3dd7fa12b0.
 2023-02-25 09:57:58 -05:00
Noah Masur
0ba2492c61 don't import disks.nix as function 2023-02-25 09:57:06 -05:00
Noah Masur
3dd7fa12b0 don't make disks.nix proper nixos module 2023-02-25 09:55:57 -05:00
Noah Masur
741692e6f1 fix: typo in disko config 2023-02-25 09:49:40 -05:00
Noah Masur
7a547f99c0 add disko input and hardware module for swan 2023-02-25 09:45:49 -05:00
Noah Masur
18c9e1efc8 ssh settings for staff usb 2023-02-25 09:22:16 -05:00
Noah Masur
ac3d5e495c temp: start disk setup for swan 2023-02-23 00:13:16 -05:00
Noah Masur
252b3d5dac temp: broken sleep attempt 2023-02-22 23:46:24 -05:00
Noah Masur
6d0b0e3560 enable feral gamemode wrapper 2023-02-22 23:45:47 -05:00
Noah Masur
48d33a9ef5 update to kernel 6.2 2023-02-21 20:28:43 -05:00
Noah Masur
c08f08692b enable charm 2023-02-20 22:42:22 -05:00
Noah Masur
a8d1369c49 remove legacy scripts and configs 2023-02-20 22:34:16 -05:00
115 changed files with 1316 additions and 1194 deletions
Expand all files Collapse all files

118
README.md
View File

@ -6,21 +6,56 @@ hosts.
They are organized and managed by [Nix](https://nixos.org), so some of the
configuration may be difficult to translate to a non-Nix system.
However, some of the configurations are easier to lift directly:
## System Features
- [Neovim](https://github.com/nmasur/dotfiles/tree/master/modules/common/neovim/config)
- [Fish functions](https://github.com/nmasur/dotfiles/tree/master/modules/common/shell/fish/functions)
- [More fish aliases](https://github.com/nmasur/dotfiles/blob/master/modules/common/shell/fish/default.nix)
- [Git aliases](https://github.com/nmasur/dotfiles/blob/master/modules/common/shell/git.nix)
- [Hammerspoon](https://github.com/nmasur/dotfiles/tree/master/modules/darwin/hammerspoon)
| Feature | Program | Configuration |
| --- | --- | --- |
| OS | [NixOS](https://nixos.org) | [Link](./modules/nixos) |
| Display Server | [X11](https://www.x.org/wiki/) | [Link](./modules/nixos/graphical/xorg.nix) |
| Compositor | [Picom](https://github.com/yshui/picom) | [Link](./modules/nixos/graphical/picom.nix) |
| Window Manager | [i3](https://i3wm.org/) | [Link](./modules/nixos/graphical/i3.nix) |
| Panel | [Polybar](https://polybar.github.io/) | [Link](./modules/nixos/graphical/polybar.nix) |
| Font | [Victor Mono](https://rubjo.github.io/victor-mono/) | [Link](./modules/nixos/graphical/fonts.nix) |
| Launcher | [Rofi](https://github.com/davatorium/rofi) | [Link](./modules/nixos/graphical/rofi.nix) |
Try out my Neovim config (requires [nix](https://nixos.org/download.html)):
## User Features
| Feature | Program | Configuration |
| --- | --- | --- |
| Dotfiles | [Home-Manager](https://github.com/nix-community/home-manager) | [Link](./modules/common) |
| Terminal | [Kitty](https://sw.kovidgoyal.net/kitty/) | [Link](./modules/common/applications/kitty.nix) |
| Shell | [Fish](https://fishshell.com/) | [Link](./modules/common/shell/fish) |
| Shell Prompt | [Starship](https://starship.rs/) | [Link](./modules/common/shell/starhip.nix) |
| Colorscheme | [Gruvbox](https://github.com/morhetz/gruvbox) | [Link](./colorscheme/gruvbox) |
| Wallpaper | [Road](https://gitlab.com/exorcist365/wallpapers/-/blob/master/gruvbox/road.jpg) | [Link](./hosts/tempest/default.nix)
| Text Editor | [Neovim](https://neovim.io/) | [Link](./modules/common/neovim/config) |
| Browser | [Firefox](https://www.mozilla.org/en-US/firefox/new/) | [Link](./modules/common/applications/firefox.nix) |
| E-Mail | [Aerc](https://aerc-mail.org/) | [Link](./modules/common/mail/aerc.nix) |
| File Manager | [Nautilus](https://wiki.gnome.org/action/show/Apps/Files) | [Link](./modules/common/applications/nautilus.nix) |
| PDF Reader | [Zathura](https://pwmt.org/projects/zathura/) | [Link](./modules/common/applications/media.nix) |
| Video Player | [mpv](https://mpv.io/) | [Link](./modules/common/applications/media.nix) |
## macOS Features
| Feature | Program | Configuration |
| --- | --- | --- |
| Keybinds | [Hammerspoon](https://www.hammerspoon.org/) | [Link](./modules/darwin/hammerspoon) |
---
# Installation
Click [here](./docs/installation.md) for detailed installation instructions.
# Neovim
Try out my Neovim config with nix:
```bash
nix run github:nmasur/dotfiles#neovim
```
Or build it as a package (requires [nix](https://nixos.org/download.html)):
Or build it as a package:
```bash
nix build github:nmasur/dotfiles#neovim
@ -30,73 +65,6 @@ If you already have a Neovim configuration, you may need to move it out of
`~/.config/nvim` or set `XDG_CONFIG_HOME` to another value; otherwise both
configs might conflict with each other.
---
# Full Installation
## NixOS - From Live Disk
Format drives and build system from any NixOS host, including the live
installer disk:
**This will erase your drives; use at your own risk!**
```bash
lsblk # Choose the disk you want to wipe
nix-shell -p nixVersions.stable
nix run github:nmasur/dotfiles#installer -- nvme0n1 tempest
```
## NixOS - From Existing System
If you're already running NixOS, you can switch to this configuration with the
following command:
```bash
nix-shell -p nixVersions.stable
sudo nixos-rebuild switch --flake github:nmasur/dotfiles#tempest
```
## Windows - From NixOS WSL
After [installing NixOS on
WSL](https://xeiaso.net/blog/nix-flakes-4-wsl-2022-05-01), you can switch to
the WSL configuration:
```
nix-shell -p nixVersions.stable
sudo nixos-rebuild switch --flake github:nmasur/dotfiles#hydra
```
You should also download the
[FiraCode](https://github.com/ryanoasis/nerd-fonts/releases/download/v2.2.2/FiraCode.zip)
font and install it on Windows. Install [Alacritty](https://alacritty.org/) and
move the `windows/alacritty.yml` file to
`C:\Users\<user>\AppData\Roaming\alacritty`.
## macOS
To get started on a bare macOS installation, first install Nix:
```bash
sh -c "$(curl -L https://nixos.org/nix/install)"
```
Then use Nix to build nix-darwin:
```bash
nix-build https://github.com/LnL7/nix-darwin/archive/master.tar.gz -A installer
./result/bin/darwin-installer
```
Then switch to the macOS configuration:
```bash
darwin-rebuild switch --flake github:nmasur/dotfiles#lookingglass
```
---
# Flake Templates
You can also use the [templates](./templates/) as flakes for starting new

52
apps/default.nix
View File

@ -1,45 +1,19 @@
{ pkgs, ... }: rec {
default = {
type = "app";
program = builtins.toString (pkgs.writeShellScript "default" ''
${pkgs.gum}/bin/gum style --margin "1 2" --padding "0 2" --foreground "15" --background "55" "Options"
${pkgs.gum}/bin/gum format --type=template -- ' {{ Italic "Run with" }} {{ Color "15" "69" " nix run github:nmasur/dotfiles#" }}{{ Color "15" "62" "someoption" }}{{ Color "15" "69" " " }}.'
echo ""
echo ""
${pkgs.gum}/bin/gum format --type=template -- \
' {{ Color "15" "57" " readme " }} {{ Italic "Documentation for this repository." }}' \
' {{ Color "15" "57" " rebuild " }} {{ Italic "Switch to this configuration." }}' \
' {{ Color "15" "57" " installer " }} {{ Italic "Format and install from nothing." }}' \
' {{ Color "15" "57" " neovim " }} {{ Italic "Test out the Neovim package." }}' \
' {{ Color "15" "57" " loadkey " }} {{ Italic "Load an ssh key for this machine using melt." }}' \
' {{ Color "15" "57" " encrypt-secret " }} {{ Italic "Encrypt a secret for all machines." }}' \
' {{ Color "15" "57" " reencrypt-secrets " }} {{ Italic "Reencrypt all secrets when new machine is added." }}' \
' {{ Color "15" "57" " netdata " }} {{ Italic "Connect a machine to Netdata cloud." }}'
echo ""
echo ""
'');
};
# Show quick helper
default = import ./help.nix { inherit pkgs; };
# Format and install from nothing
# Format primary disk
format-root = import ./format-root.nix { inherit pkgs; };
# Format and install from nothing (deprecated)
installer = import ./installer.nix { inherit pkgs; };
# Display the readme for this repository
readme = import ./readme.nix { inherit pkgs; };
# Rebuild
rebuild = {
type = "app";
program = builtins.toString (pkgs.writeShellScript "rebuild" ''
echo ${pkgs.system}
SYSTEM=${if pkgs.stdenv.isDarwin then "darwin" else "linux"}
if [ "$SYSTEM" == "darwin" ]; then
darwin-rebuild switch --flake github:nmasur/dotfiles#lookingglass
else
nixos-rebuild switch --flake github:nmasur/dotfiles
fi
'');
};
rebuild = import ./rebuild.nix { inherit pkgs; };
# Load the SSH key for this machine
loadkey = import ./loadkey.nix { inherit pkgs; };
@ -54,17 +28,7 @@
netdata = import ./netdata-cloud.nix { inherit pkgs; };
# Run neovim as an app
neovim = {
type = "app";
program = "${
(import ../modules/common/neovim/package {
inherit pkgs;
colors =
import ../colorscheme/gruvbox/neovim-gruvbox.nix { inherit pkgs; };
})
}/bin/nvim";
};
neovim = import ./neovim.nix { inherit pkgs; };
nvim = neovim;
}

39
apps/format-root.nix Normal file
View File

@ -0,0 +1,39 @@
{ pkgs, ... }: {
# This script will partition and format drives; use at your own risk!
type = "app";
program = builtins.toString (pkgs.writeShellScript "format-root" ''
set -e
DISK=$1
if [ -z "''${DISK}" ]; then
${pkgs.gum}/bin/gum style --width 50 --margin "1 2" --padding "2 4" \
--foreground "#fb4934" \
"Missing required parameter." \
"Usage: format-root -- <disk>" \
"Flake example: nix run github:nmasur/dotfiles#format-root -- nvme0n1"
echo "(exiting)"
exit 1
fi
${pkgs.disko-packaged}/bin/disko \
--mode create \
--dry-run \
--flake "path:$(pwd)#root" \
--arg disk \""/dev/''${DISK}"\"
${pkgs.gum}/bin/gum confirm \
"This will ERASE ALL DATA on the disk /dev/''${DISK}. Are you sure you want to continue?" \
--default=false
${pkgs.disko-packaged}/bin/disko \
--mode create \
--flake "path:$(pwd)#root" \
--arg disk "/dev/''${DISK}"
'');
}

23
apps/help.nix Normal file
View File

@ -0,0 +1,23 @@
{ pkgs, ... }: {
type = "app";
program = builtins.toString (pkgs.writeShellScript "default" ''
${pkgs.gum}/bin/gum style --margin "1 2" --padding "0 2" --foreground "15" --background "55" "Options"
${pkgs.gum}/bin/gum format --type=template -- ' {{ Italic "Run with" }} {{ Color "15" "69" " nix run github:nmasur/dotfiles#" }}{{ Color "15" "62" "someoption" }}{{ Color "15" "69" " " }}.'
echo ""
echo ""
${pkgs.gum}/bin/gum format --type=template -- \
' {{ Color "15" "57" " readme " }} {{ Italic "Documentation for this repository." }}' \
' {{ Color "15" "57" " rebuild " }} {{ Italic "Switch to this configuration." }}' \
' {{ Color "15" "57" " installer " }} {{ Italic "Format and install from nothing." }}' \
' {{ Color "15" "57" " neovim " }} {{ Italic "Test out the Neovim package." }}' \
' {{ Color "15" "57" " loadkey " }} {{ Italic "Load an ssh key for this machine using melt." }}' \
' {{ Color "15" "57" " encrypt-secret " }} {{ Italic "Encrypt a secret for all machines." }}' \
' {{ Color "15" "57" " reencrypt-secrets " }} {{ Italic "Reencrypt all secrets when new machine is added." }}' \
' {{ Color "15" "57" " netdata " }} {{ Italic "Connect a machine to Netdata cloud." }}'
echo ""
echo ""
'');
}

13
apps/neovim.nix Normal file
View File

@ -0,0 +1,13 @@
{ pkgs, ... }: {
type = "app";
program = "${
(import ../modules/common/neovim/package {
inherit pkgs;
colors =
import ../colorscheme/gruvbox/neovim-gruvbox.nix { inherit pkgs; };
})
}/bin/nvim";
}

15
apps/rebuild.nix Normal file
View File

@ -0,0 +1,15 @@
{ pkgs, ... }: {
type = "app";
program = builtins.toString (pkgs.writeShellScript "rebuild" ''
echo ${pkgs.system}
SYSTEM=${if pkgs.stdenv.isDarwin then "darwin" else "linux"}
if [ "$SYSTEM" == "darwin" ]; then
darwin-rebuild switch --flake github:nmasur/dotfiles#lookingglass
else
nixos-rebuild switch --flake github:nmasur/dotfiles
fi
'');
}

44
disks/root.nix Normal file
View File

@ -0,0 +1,44 @@
{ disk, ... }: {
disk = {
boot = {
type = "disk";
device = disk;
content = {
type = "table";
format = "gpt";
partitions = [
# Boot partition
{
type = "partition";
name = "ESP";
start = "0";
end = "512MiB";
fs-type = "fat32";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
extraArgs = [ "-n boot" ];
};
}
# Root partition ext4
{
type = "partition";
name = "root";
start = "512MiB";
end = "100%";
part-type = "primary";
bootable = true;
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
extraArgs = [ "-L nixos" ];
};
}
];
};
};
};
}

95
disks/zfs.nix Normal file
View File

@ -0,0 +1,95 @@
{ pool, disks, ... }: {
disk = lib.genAttrs disks (disk: {
"${disk}" = {
type = "disk";
device = "/dev/${disk}";
content = {
type = "table";
format = "gpt";
partitions = [{
type = "partition";
name = "zfs";
start = "128MiB";
end = "100%";
content = {
type = "zfs";
pool = pool;
};
}];
};
};
});
zpool = {
"${pool}" = {
type = "zpool";
mode = "raidz1";
rootFsOptions = {
compression = "on"; # lz4 by default
"com.sun:auto-snapshot" = "false";
ashift = "12";
};
# mountpoint = "/";
datasets = {
root = {
zfs_type = "filesystem";
mountpoint = null;
options."com.sun:auto-snapshot" = "false";
};
# "media/movies" = {
# zfs_type = "filesystem";
# mountpoint = "/media/movies";
# options.recordsize = "1M";
# };
# "media/tv" = {
# zfs_type = "filesystem";
# mountpoint = "/media/tv";
# options.recordsize = "1M";
# };
# "media/books" = {
# zfs_type = "filesystem";
# mountpoint = "/media/books";
# };
# archive = {
# zfs_type = "filesystem";
# mountpoint = "/archive";
# options.compression = "zstd";
# options."com.sun:auto-snapshot" = "true";
# };
# zfs_unmounted_fs = {
# zfs_type = "filesystem";
# options.mountpoint = "none";
# };
# zfs_legacy_fs = {
# zfs_type = "filesystem";
# options.mountpoint = "legacy";
# mountpoint = "/zfs_legacy_fs";
# };
# zfs_testvolume = {
# zfs_type = "volume";
# size = "10M";
# content = {
# type = "filesystem";
# format = "ext4";
# mountpoint = "/ext4onzfs";
# };
# };
# encrypted = {
# zfs_type = "filesystem";
# size = "20M";
# options = {
# mountpoint = "none";
# encryption = "aes-256-gcm";
# keyformat = "passphrase";
# keylocation = "file:///tmp/secret.key";
# };
# };
# "encrypted/test" = {
# zfs_type = "filesystem";
# size = "2M";
# mountpoint = "/zfs_crypted";
# };
};
};
};
}

67
docs/installation.md Normal file
View File

@ -0,0 +1,67 @@
[Back to README](../README.md)
---
# Installation
## NixOS - From Live Disk
Format drives and build system from any NixOS host, including the live
installer disk:
**This will erase your drives; use at your own risk!**
```bash
lsblk # Choose the disk you want to wipe
nix-shell -p nixVersions.stable
nix run github:nmasur/dotfiles#installer -- nvme0n1 tempest
```
## NixOS - From Existing System
If you're already running NixOS, you can switch to this configuration with the
following command:
```bash
nix-shell -p nixVersions.stable
sudo nixos-rebuild switch --flake github:nmasur/dotfiles#tempest
```
## Windows - From NixOS WSL
After [installing NixOS on
WSL](https://xeiaso.net/blog/nix-flakes-4-wsl-2022-05-01), you can switch to
the WSL configuration:
```
nix-shell -p nixVersions.stable
sudo nixos-rebuild switch --flake github:nmasur/dotfiles#hydra
```
You should also download the
[FiraCode](https://github.com/ryanoasis/nerd-fonts/releases/download/v2.2.2/FiraCode.zip)
font and install it on Windows. Install [Alacritty](https://alacritty.org/) and
move the `windows/alacritty.yml` file to
`C:\Users\<user>\AppData\Roaming\alacritty`.
## macOS
To get started on a bare macOS installation, first install Nix:
```bash
sh -c "$(curl -L https://nixos.org/nix/install)"
```
Then use Nix to build nix-darwin:
```bash
nix-build https://github.com/LnL7/nix-darwin/archive/master.tar.gz -A installer
./result/bin/darwin-installer
```
Then switch to the macOS configuration:
```bash
darwin-rebuild switch --flake github:nmasur/dotfiles#lookingglass
```

23
docs/restore-calibre.md Normal file
View File

@ -0,0 +1,23 @@
# Restoring Calibre From Backup
The `metadata.db` holds the library and `app.db` and `gdrive.db` contain the
web/account information.
Place books directories in `/data/books/`.
Place `metadata.db` in `/var/lib/calibre-web-db/`.
Symlink `metadata.db` to the library:
```
sudo ln -s /var/lib/calibre-web-db/metadata.db /data/books/metadata.db
```
Place `app.db` and `gdrive.db` in `/var/lib/calibre-web/`.
Restart Calibre:
```
sudo systemctl restart calibre-web.service
```

43
docs/restore-nextcloud.md Normal file
View File

@ -0,0 +1,43 @@
# Restoring Nextcloud From Backup
Install the `litestream` package.
```
nix-shell --run fish -p litestream
```
Set the S3 credentials:
```
set -x AWS_ACCESS_KEY_ID (read)
set -x AWS_SECRET_ACCESS_KEY (read)
```
Restore from S3:
```
litestream restore -o nextcloud.db s3://noahmasur-backup.s3.us-west-002.backblazeb2.com/nextcloud
```
Install Nextcloud. Then copy DB:
```
sudo rm /data/nextcloud/data/nextcloud.db*
sudo mv nextcloud.db /data/nextcloud/data/
sudo chown nextcloud:nextcloud /data/nextcloud/data/nextcloud.db
sudo chmod 770 /data/nextcloud/data/nextcloud.db
```
Restart Nextcloud:
```
sudo systemctl restart phpfpm-nextcloud.service
```
Adjust Permissions and Directories:
```
sudo mkdir /data/nextcloud/data/noah/files
sudo chown nextcloud:nextcloud /data/nextcloud/data/noah/files
```

153
flake.lock generated
View File

@ -3,11 +3,11 @@
"Comment-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1674040818,
"narHash": "sha256-7UtZAE9tPlnpeHS2LLol/LGVOxptDXNKWXHNHvFBNk4=",
"lastModified": 1678452935,
"narHash": "sha256-mVJJJ9fUJYgVyGZnW8e6P5QWB0K8nuhTwSWzlBvxv2M=",
"owner": "numToStr",
"repo": "Comment.nvim",
"rev": "eab2c83a0207369900e92783f56990808082eac2",
"rev": "8d3aa5c22c2d45e788c7a5fe13ad77368b783c20",
"type": "github"
},
"original": {
@ -19,11 +19,11 @@
"bufferline-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1676130961,
"narHash": "sha256-3LT45i0eSMfUV9EBrtdtzHxFKRATIhRy/faDd3lI3mA=",
"lastModified": 1677796018,
"narHash": "sha256-tuGitJQ2eXB9/SIHAyPrEVgy2n++GOlBOPLvFv3Ds4E=",
"owner": "akinsho",
"repo": "bufferline.nvim",
"rev": "84b0822b2af478d0b4f7b0f9249ca218855331db",
"rev": "3677aceb9a72630b0613e56516c8f7151b86f95c",
"type": "github"
},
"original": {
@ -69,16 +69,36 @@
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1678912468,
"narHash": "sha256-oUo6ZrsuqymuMLLvGfgnQ464OMKnUONv+ryea07iGrE=",
"owner": "nix-community",
"repo": "disko",
"rev": "e8650fc36bf9d2acb411ba0047f863b8e481e3bb",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"firefox-darwin": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1675471726,
"narHash": "sha256-526iHwidfdtZZ7aAU9od1/zbyfSFBEailBTet+Gvfqg=",
"lastModified": 1679446046,
"narHash": "sha256-CBjVE3Sj7Ls1pffxGavqPXRkaLYy1+O88NzBwNdgNcY=",
"owner": "bandithedoge",
"repo": "nixpkgs-firefox-darwin",
"rev": "813d55a3e3b3c0423eb5d1fcb4bf82197c9f7796",
"rev": "1531f1477881e76c67b123a55f3d44ed7f83a4ba",
"type": "github"
},
"original": {
@ -105,11 +125,11 @@
},
"flake-utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
@ -135,11 +155,11 @@
},
"flake-utils_3": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
@ -156,11 +176,11 @@
"utils": "utils"
},
"locked": {
"lastModified": 1675935446,
"narHash": "sha256-WajulTn7QdwC7QuXRBavrANuIXE5z+08EdxdRw1qsNs=",
"lastModified": 1679067095,
"narHash": "sha256-G2dJQURL/CCi+8RP6jNJG8VqgtzEMCA+6mNodd3VR6E=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "2dce7f1a55e785a22d61668516df62899278c9e4",
"rev": "3239e0b40f242f47bf6c0c37b2fd35ab3e76e370",
"type": "github"
},
"original": {
@ -177,11 +197,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1676110678,
"narHash": "sha256-hemg8rMKS2me2Wua9ZG/0aQ8fEOfytjyKB+WYcXfEKE=",
"lastModified": 1678728829,
"narHash": "sha256-KbA8uakGfjfvRH+Td/VegiLdHrnqIZHkMTQ5XBjL2dE=",
"owner": "oxalica",
"repo": "nil",
"rev": "ce2e0b5d60fe497134050796f7d12ffb6b50eb28",
"rev": "e7045f1779fd202a3316f84b864c304f339cccea",
"type": "github"
},
"original": {
@ -213,11 +233,11 @@
},
"nixlib": {
"locked": {
"lastModified": 1636849918,
"narHash": "sha256-nzUK6dPcTmNVrgTAC1EOybSMsrcx+QrVPyqRdyKLkjA=",
"lastModified": 1677373009,
"narHash": "sha256-kxhz4QUP8tXa/yVSpEzDDZSEp9FvhzRqZzb+SeUaekw=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "28a5b0557f14124608db68d3ee1f77e9329e9dd5",
"rev": "c9d4f2476046c6a7a2ce3c2118c48455bf0272ea",
"type": "github"
},
"original": {
@ -234,11 +254,11 @@
]
},
"locked": {
"lastModified": 1674666581,
"narHash": "sha256-KNI2s/xrL7WOYaPJAWKBtb7cCH3335rLfsL+B+ssuGY=",
"lastModified": 1678351966,
"narHash": "sha256-tRFEU0lu3imZb3dtELBY+UbEhWXbb0xlBrsIlpICb+A=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "6a5dc1d3d557ea7b5c19b15ff91955124d0400fa",
"rev": "0c043999b16caba6fb571af2d228775729829943",
"type": "github"
},
"original": {
@ -265,11 +285,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1675309347,
"narHash": "sha256-D3CQ6HRDT2m3XJlrzb5jKq4vNFR5xFTEFKC7iSjlFpM=",
"lastModified": 1678298120,
"narHash": "sha256-iaV5xqgn29xy765Js3EoZePQyZIlLZA3pTYtTnKkejg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "006c3bd4dd2f5d1d2094047f307cbf9e2b73d9c5",
"rev": "1e383aada51b416c6c27d4884d2e258df201bc11",
"type": "github"
},
"original": {
@ -281,11 +301,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1676110339,
"narHash": "sha256-kOS/L8OOL2odpCOM11IevfHxcUeE0vnZUQ74EOiwXcs=",
"lastModified": 1679262748,
"narHash": "sha256-DQCrrAFrkxijC6haUzOC5ZoFqpcv/tg2WxnyW3np1Cc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e5530aba13caff5a4f41713f1265b754dc2abfd8",
"rev": "60c1d71f2ba4c80178ec84523c2ca0801522e0a6",
"type": "github"
},
"original": {
@ -297,11 +317,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1674868155,
"narHash": "sha256-eFNm2h6fNbgD7ZpO4MHikCB5pSnCJ7DTmwPisjetmwc=",
"lastModified": 1677779205,
"narHash": "sha256-6DBjL9wjq86p2GczmwnHtFRnWPBPItc67gapWENBgX8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ce20e9ebe1903ea2ba1ab006ec63093020c761cb",
"rev": "96e18717904dfedcd884541e5a92bf9ff632cf39",
"type": "github"
},
"original": {
@ -314,11 +334,11 @@
"null-ls-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1676246878,
"narHash": "sha256-hAUEa2zNsYXQ+TsHYHBzcW67lCxhiD7x+uPbdOZwY8o=",
"lastModified": 1679325581,
"narHash": "sha256-ixhy8qgP2GEPqrMdI+GsHzeHxESwhRw6cjf5hcpwP1w=",
"owner": "jose-elias-alvarez",
"repo": "null-ls.nvim",
"rev": "d4594231a06cecce73a78a256b0d7c7ab51f7dd5",
"rev": "13dd1fc13063681ca7e039436c88f6eca7e3e937",
"type": "github"
},
"original": {
@ -329,11 +349,11 @@
},
"nur": {
"locked": {
"lastModified": 1676251563,
"narHash": "sha256-itLKR2Haeh5wQ6dxkuZ8L5gwp3+CAggpN+w2e7cLQPg=",
"lastModified": 1679482366,
"narHash": "sha256-88K2ABCsdsVwq6Go/uEn/fds1fUeeeoixOALjrrUI0Q=",
"owner": "nix-community",
"repo": "nur",
"rev": "9a8b28a9d6611f6af9f7abb3e690fc755d6906fe",
"rev": "e9088dc6f9f289fbff984744ad04dccbd5c1f8ac",
"type": "github"
},
"original": {
@ -345,11 +365,11 @@
"nvim-lspconfig-src": {
"flake": false,
"locked": {
"lastModified": 1676175675,
"narHash": "sha256-Wg3NatT4DRBMF6hCxK4C2DC+geFMpfFUFogPbqeMt6E=",
"lastModified": 1679319980,
"narHash": "sha256-UQ/Zng1/9rXRnQeAjemA21qfCltmZRq9QekQ0vGYlX8=",
"owner": "neovim",
"repo": "nvim-lspconfig",
"rev": "1712672e4da3003a0dd9f771d30389600b360f42",
"rev": "0f94c5fded29c0024254259f3d8a0284bfb507ea",
"type": "github"
},
"original": {
@ -361,11 +381,11 @@
"nvim-tree-lua-src": {
"flake": false,
"locked": {
"lastModified": 1676244722,
"narHash": "sha256-xoSekdZhWr59qTOM0/ihYiuKiwHiKYb42Ep5JHn65UM=",
"lastModified": 1678748807,
"narHash": "sha256-u9ZLBL4FY/bkvl4+ofKifyEHM9+KhqeYovhr9VQYG7c=",
"owner": "kyazdani42",
"repo": "nvim-tree.lua",
"rev": "ba1778e061f25814bc5940be886a7f41d7d7736e",
"rev": "1d79a64a88af47ddbb55f4805ab537d11d5b908e",
"type": "github"
},
"original": {
@ -377,11 +397,11 @@
"nvim-treesitter-src": {
"flake": false,
"locked": {
"lastModified": 1676240774,
"narHash": "sha256-eRSU/9ysSvTyYxBrp9Whg0eXgAOsCdmIHMlYZK7bjRg=",
"lastModified": 1679482116,
"narHash": "sha256-SofmIKv/zGsocOBEbmzOraTE0GuLDjrJB2gZhKCz8ok=",
"owner": "nvim-treesitter",
"repo": "nvim-treesitter",
"rev": "7eb5f1a2e3949496f26c4084b521b30f2d08137a",
"rev": "dbdbd71b41a3627e0f2784eff746ad4366e2a21c",
"type": "github"
},
"original": {
@ -396,6 +416,7 @@
"bufferline-nvim-src": "bufferline-nvim-src",
"cmp-nvim-lsp-src": "cmp-nvim-lsp-src",
"darwin": "darwin",
"disko": "disko",
"firefox-darwin": "firefox-darwin",
"home-manager": "home-manager",
"nil": "nil",
@ -426,11 +447,11 @@
]
},
"locked": {
"lastModified": 1675391458,
"narHash": "sha256-ukDKZw922BnK5ohL9LhwtaDAdCsJL7L6ScNEyF1lO9w=",
"lastModified": 1678415622,
"narHash": "sha256-tems1jHETCYEen8QrW61yVVX0F4zOGy4ImB43iDc7bY=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "383a4acfd11d778d5c2efcf28376cbd845eeaedf",
"rev": "9f687941160108f89dd8bd2c650d32c15a35c7c7",
"type": "github"
},
"original": {
@ -442,11 +463,11 @@
"telescope-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1675149856,
"narHash": "sha256-L4Kw94CUy6N7zcyy9INuR/O0fxQ7sp0IvGd/u7fHxMA=",
"lastModified": 1677414372,
"narHash": "sha256-QmyVJ/LZFtb/qqD5Q5fHsqAGgqaOT9XkVoLyOcqM14w=",
"owner": "nvim-telescope",
"repo": "telescope.nvim",
"rev": "203bf5609137600d73e8ed82703d6b0e320a5f36",
"rev": "a3f17d3baf70df58b9d3544ea30abe52a7a832c2",
"type": "github"
},
"original": {
@ -474,11 +495,11 @@
"toggleterm-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1675358836,
"narHash": "sha256-9O7p/7tRStg51OFhMc88M5ewYquiYC9x9CV4s5veVP8=",
"lastModified": 1678645191,
"narHash": "sha256-nK9eUHeFjZtUPC4cOCILg7J54rDHGI52AIXX5j7E4rE=",
"owner": "akinsho",
"repo": "toggleterm.nvim",
"rev": "19aad0f41f47affbba1274f05e3c067e6d718e1e",
"rev": "c8e982ad2739eeb0b13d0fecb14820c9bf5e3da0",
"type": "github"
},
"original": {
@ -489,11 +510,11 @@
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
@ -525,11 +546,11 @@
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1676126384,
"narHash": "sha256-3aAnN891Cb1pizewAgaHIo3W1WbAjXtoWuX8n3j8YoI=",
"lastModified": 1678648312,
"narHash": "sha256-aY3CBNyenTUkStQhwigm30+BjXQyA8rCChGD+Z98qqE=",
"owner": "nix-community",
"repo": "NixOS-WSL",
"rev": "a1c7e8bebac32cfac7aa8498bdfc60cbff13eb50",
"rev": "c6f663e8583912059605b55c07583b6e96b5e690",
"type": "github"
},
"original": {

37
flake.nix
View File

@ -16,7 +16,7 @@
# Used for Windows Subsystem for Linux compatibility
wsl.url = "github:nix-community/NixOS-WSL";
# Used for user packages
# Used for user packages and dotfiles
home-manager = {
url = "github:nix-community/home-manager/master";
inputs.nixpkgs.follows =
@ -29,6 +29,12 @@
# Use official Firefox binary for macOS
firefox-darwin.url = "github:bandithedoge/nixpkgs-firefox-darwin";
# Manage disk format and partitioning
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
# Wallpapers
wallpapers = {
url = "gitlab:exorcist365/wallpapers";
@ -105,6 +111,8 @@
gitName = fullName;
gitEmail = "7386960+nmasur@users.noreply.github.com";
mail.server = "noahmasur.com";
mail.imapHost = "imap.purelymail.com";
mail.smtpHost = "smtp.purelymail.com";
dotfilesRepo = "git@github.com:nmasur/dotfiles";
};
@ -113,6 +121,7 @@
inputs.nur.overlay
inputs.nix2vim.overlay
(import ./overlays/neovim-plugins.nix inputs)
(import ./overlays/lib.nix)
(import ./overlays/calibre-web.nix)
];
@ -125,6 +134,8 @@
in rec {
# Contains my full system builds, including home-manager
# nixos-rebuild switch --flake .#tempest
nixosConfigurations = {
tempest = import ./hosts/tempest { inherit inputs globals overlays; };
hydra = import ./hosts/hydra { inherit inputs globals overlays; };
@ -132,6 +143,8 @@
swan = import ./hosts/swan { inherit inputs globals overlays; };
};
# Contains my full Mac system builds, including home-manager
# darwin-rebuild switch --flake .#lookingglass
darwinConfigurations = {
lookingglass =
import ./hosts/lookingglass { inherit inputs globals overlays; };
@ -146,20 +159,24 @@
darwinConfigurations.lookingglass.config.home-manager.users."Noah.Masur".home;
};
# Package servers into images with a generator
# Disk formatting, only used once
diskoConfigurations = { root = import ./disks/root.nix; };
# Other packages, such as system images or programs
packages = forAllSystems (system: {
# Package servers into images with a generator
aws = {
"${system}" =
import ./generators/aws { inherit inputs globals system overlays; };
};
staff = {
"${system}" = import ./generators/staff {
inherit inputs globals system overlays;
};
};
# Package Neovim config into standalone package
neovim = let pkgs = import nixpkgs { inherit system overlays; };
in import ./modules/common/neovim/package {
inherit pkgs;
@ -169,10 +186,20 @@
});
# Programs that can be run by calling this flake
apps = forAllSystems (system:
let pkgs = import nixpkgs { inherit system overlays; };
let
pkgs = import nixpkgs {
inherit system;
overlays = overlays ++ [
(final: prev: {
disko-packaged = inputs.disko.packages.${system}.disko;
})
];
};
in import ./apps { inherit pkgs; });
# Development environments
devShells = forAllSystems (system:
let pkgs = import nixpkgs { inherit system overlays; };
in {
@ -182,6 +209,8 @@
buildInputs = with pkgs; [ git stylua nixfmt shfmt shellcheck ];
};
test = pkgs.mkShell { buildInputs = with pkgs; [ age ]; };
# Used for cloud and systems development and administration
devops = pkgs.mkShell {
buildInputs = with pkgs; [

32
generators/staff/default.nix
View File

@ -1,7 +1,7 @@
# The Staff
# ISO configuration for my USB drive
{ inputs, system, ... }:
{ inputs, system, overlays, ... }:
with inputs;
@ -9,9 +9,39 @@ nixos-generators.nixosGenerate {
inherit system;
format = "install-iso";
modules = [{
nixpkgs.overlays = overlays;
networking.hostName = "staff";
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"
];
services.openssh = {
enable = true;
ports = [ 22 ];
allowSFTP = true;
settings = {
GatewayPorts = "no";
X11Forwarding = false;
PasswordAuthentication = false;
PermitRootLogin = "yes";
};
};
environment.systemPackages =
let pkgs = import inputs.nixpkgs { inherit system overlays; };
in with pkgs; [
git
vim
wget
curl
(import ../../modules/common/neovim/package {
inherit pkgs;
# colors = import ../../colorscheme/gruvbox.dark.neovimConfig {
# inherit pkgs;
# };
})
];
nix.extraOptions = ''
experimental-features = nix-command flakes
warn-dirty = false
'';
}];
}

10
hosts/README.md Normal file
View File

@ -0,0 +1,10 @@
# Hosts
| Host | Purpose |
| --- | --- |
| [flame](./flame/default.nix) | Oracle cloud server |
| [hydra](./hydra/default.nix) | WSL config |
| [lookingglass](./lookingglass/default.nix) | Work macOS |
| [swan](./swan/default.nix) | Home NAS and server |
| [tempest](./tempest/default.nix) | Desktop |

2
hosts/flame/default.nix
View File

@ -29,7 +29,7 @@ nixpkgs.lib.nixosSystem {
# FQDNs for various services
networking.hostName = "flame";
bookServer = "books.masu.rs";
streamServer = "stream.masu.rs";
# streamServer = "stream.masu.rs";
nextcloudServer = "cloud.masu.rs";
transmissionServer = "download.masu.rs";
metricsServer = "metrics.masu.rs";

2
hosts/hydra/default.nix
View File

@ -25,7 +25,7 @@ nixpkgs.lib.nixosSystem {
colors = (import ../../colorscheme/gruvbox).dark;
dark = true;
};
passwordHash = nixpkgs.lib.fileContents ../../private/password.sha512;
passwordHash = nixpkgs.lib.fileContents ../../password.sha512;
wsl = {
enable = true;
wslConf.automount.root = "/mnt";

4
hosts/lookingglass/default.nix
View File

@ -29,6 +29,7 @@ darwin.lib.darwinSystem {
nixpkgs.overlays = [ firefox-darwin.overlay ] ++ overlays;
# Set registry to flake packages, used for nix X commands
nix.registry.nixpkgs.flake = nixpkgs;
charm.enable = true;
neovim.enable = true;
mail.enable = true;
mail.aerc.enable = true;
@ -42,7 +43,8 @@ darwin.lib.darwinSystem {
python.enable = true;
lua.enable = true;
kubernetes.enable = true;
"1password".enable = true;
_1password.enable = true;
slack.enable = true;
}
];
}

43
hosts/swan/default.nix
View File

@ -12,18 +12,44 @@ nixpkgs.lib.nixosSystem {
./hardware-configuration.nix
../../modules/common
../../modules/nixos
(removeAttrs globals [ "mail.server" ])
globals
wsl.nixosModules.wsl
home-manager.nixosModules.home-manager
disko.nixosModules.disko
{
server = true;
networking.hostName = "swan";
# head -c 8 /etc/machine-id
networking.hostId = "600279f4"; # Random ID required for ZFS
zfs.enable = true;
disko = {
enableConfig = true;
devices = (import ../../disks/root.nix { disk = "/dev/nvme0n1"; });
# // (import ../../disks/zfs.nix {
# pool = "tank";
# disks = [ "/dev/sda" "/dev/sdb" "/dev/sdc" ];
# });
};
boot.zfs.extraPools = [ "tank" ];
gui.enable = false;
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
nixpkgs.overlays = overlays;
wsl.enable = false;
neovim.enable = true;
caddy.enable = true;
streamServer = "stream.masu.rs";
nextcloudServer = "cloud.masu.rs";
bookServer = "books.masu.rs";
arrServer = "download.masu.rs";
samba.enable = true;
networking.hostName = "swan";
backup.s3 = {
endpoint = "s3.us-west-002.backblazeb2.com";
bucket = "noahmasur-backup";
accessKeyId = "0026b0e73b2e2c80000000005";
};
# Disable passwords, only use SSH key
publicKey =
@ -32,16 +58,7 @@ nixpkgs.lib.nixosSystem {
# Clone dotfiles
dotfiles.enable = true;
neovim.enable = true;
boot.zfs.enabled = true;
boot.kernelPackages =
config.boot.zfs.package.latestCompatibleLinuxPackages;
boot.zfs.extraPools = [ "mypool" ];
services.zfs.autoScrub.enable = true;
services.zfs.autoScrub.interval = "daily";
services.nfs.server.enable = true;
# services.nfs.server.enable = true;
}
];

39
hosts/swan/hardware-configuration.nix Normal file
View File

@ -0,0 +1,39 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
# fileSystems."/" = {
# device = "/dev/disk/by-label/nixos";
# fsType = "ext4";
# };
#
# fileSystems."/boot" = {
# device = "/dev/disk/by-label/boot";
# fsType = "vfat";
# };
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

4
hosts/tempest/default.nix
View File

@ -29,10 +29,11 @@ nixpkgs.lib.nixosSystem {
};
wallpaper = "${wallpapers}/gruvbox/road.jpg";
gtk.theme.name = nixpkgs.lib.mkDefault "Adwaita-dark";
passwordHash = nixpkgs.lib.fileContents ../../private/password.sha512;
passwordHash = nixpkgs.lib.fileContents ../../password.sha512;
wsl.enable = false;
publicKey = null;
charm.enable = true;
neovim.enable = true;
media.enable = true;
firefox.enable = true;
@ -48,6 +49,7 @@ nixpkgs.lib.nixosSystem {
# mullvad.enable = true;
nixlang.enable = true;
dotfiles.enable = true;
yt-dlp.enable = true;
gaming = {
enable = true;

16
hosts/tempest/hardware-configuration.nix
View File

@ -37,4 +37,20 @@
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.fancontrol.enable = true;
hardware.fancontrol.config = ''
# Configuration file generated by pwmconfig, changes will be lost
INTERVAL=10
DEVPATH=hwmon0=devices/pci0000:00/0000:00:03.1/0000:06:00.0/0000:07:00.0/0000:08:00.0
DEVNAME=hwmon0=amdgpu
FCTEMPS=hwmon0/pwm1=hwmon0/temp1_input
FCFANS= hwmon0/pwm1=hwmon0/fan1_input
MINTEMP=hwmon0/pwm1=50
MAXTEMP=hwmon0/pwm1=70
MINSTART=hwmon0/pwm1=100
MINSTOP=hwmon0/pwm1=10
MINPWM=hwmon0/pwm1=10
MAXPWM=hwmon0/pwm1=240
'';
}

4
legacy/bin/biggest
View File

@ -1,4 +0,0 @@
#!/usr/local/bin/nu
ls | sort-by size | reverse | keep 10

3
legacy/bin/biggest-files
View File

@ -1,3 +0,0 @@
#!/usr/local/bin/nu
ls **/* | where type == File | sort-by size | reverse | keep 10

26
legacy/bin/docker_cleanup
View File

@ -1,26 +0,0 @@
#!/bin/sh
# Stop all containers
if [ "$(docker ps -a -q)" ]; then
echo "Stopping docker containers..."
docker stop "$(docker ps -a -q)"
else
echo "No running docker containers."
fi
# Remove all stopped containers
if [ "$(docker ps -a -q)" ]; then
echo "Removing docker containers..."
docker rm "$(docker ps -a -q)"
else
echo "No stopped docker containers."
fi
# Remove all untagged images
if [[ $(docker images | grep "^<none>") ]]; then
docker rmi "$(docker images | grep "^<none>" | awk '{print $3}')"
else
echo "No untagged docker images."
fi
echo "Cleaned up docker."

37
legacy/bin/jira-checkout
View File

@ -1,37 +0,0 @@
#!/bin/sh
# Adapted from: https://seb.jambor.dev/posts/improving-shell-workflows-with-fzf/
# Requires the following variables to be set:
# - ATLASSIAN_EMAIL
# - ATLASSIAN_API_TOKEN
# - JIRA_HOSTNAME
# - JIRA_PROJECT
choose_issue() {
jq_template='"\(.key): \(.fields.summary)"'
query="project=$JIRA_PROJECT AND status not in (\"Done\") AND assignee=currentUser()"
branch_name=$(
curl \
--data-urlencode "jql=$query" \
--get \
--user "$ATLASSIAN_EMAIL:$ATLASSIAN_API_TOKEN" \
--silent \
--compressed \
"https://$JIRA_HOSTNAME/rest/api/2/search" |
jq ".issues[] | $jq_template" |
sed -e 's/"\(.*\)"/\1/' |
fzf \
--preview='jira-details {1}' \
--preview-window=top:wrap |
sed -e 's/: /:/' -e 's/[^a-zA-Z0-9:]/-/g' |
awk -F ":" '{printf "%s/%s", $1, tolower($2)}'
)
echo "$branch_name"
}
issue_branch=$(choose_issue)
if [ -n "$issue_branch" ]; then
echo "git checkout -b \"$issue_branch\""
fi

38
legacy/bin/jira-details
View File

@ -1,38 +0,0 @@
#!/bin/sh
# Adapted from: https://seb.jambor.dev/posts/improving-shell-workflows-with-fzf/
# Requires the following variables to be set:
# - ATLASSIAN_EMAIL
# - ATLASSIAN_API_TOKEN
# - JIRA_HOSTNAME
# - JIRA_PROJECT (for other script)
issue_details() {
jira_key=$(echo "$1" | cut -d":" -f1)
jq_template='"'\
'# \(.key): \(.fields.summary)\n'\
'\n'\
'*Created*: \(.fields.created)\n'\
'*Status*: \(.fields.status.statusCategory.name)\n'\
'*Reporter*: \(.fields.reporter.displayName)\n'\
'*Priority*: \(.fields.priority.name)\n'\
"*Epic*: https://$JIRA_HOSTNAME/browse/\(.fields.customfield_10014)\n"\
'\n'\
'## Link\n\n'\
"https://$JIRA_HOSTNAME/browse/\(.key)\n"\
'\n'\
'## Description\n\n'\
'\(.fields.description)'\
'"'
curl \
--get \
--user "$ATLASSIAN_EMAIL:$ATLASSIAN_API_TOKEN" \
--silent \
--compressed \
"https://$JIRA_HOSTNAME/rest/api/2/issue/$jira_key" |
jq "$jq_template" |
xargs printf |
bat -l md --color always --style plain
}
issue_details "$1"

14
legacy/bin/kube-dashboard
View File

@ -1,14 +0,0 @@
#!/bin/sh
kubectl -n kube-system get secret "$(
kubectl -n kube-system get secret |
grep dashboard-admin |
awk '{print $1}'
)" -o json |
jq -j --raw-output '.data.token' |
base64 --decode |
pbcopy
open http://localhost:8001/api/v1/namespaces/default/services/https:kubernetes-dashboard:https/proxy/#!/login
kubectl proxy

3
legacy/bin/newest
View File

@ -1,3 +0,0 @@
#!/usr/local/bin/nu
ls | sort-by modified | reverse | keep 5

3
legacy/bin/oldest
View File

@ -1,3 +0,0 @@
#!/usr/local/bin/nu
ls | sort-by modified | keep 5

16
legacy/bin/pod
View File

@ -1,16 +0,0 @@
#!/usr/bin/env bash
# Credit: https://github.com/junegunn/fzf/blob/master/ADVANCED.md
read -ra tokens < <(
kubectl get pods --all-namespaces |
fzf --info=inline --layout=reverse --header-lines=1 --border \
--prompt "$(kubectl config current-context | sed 's/-context$//')> " \
--header $'Press CTRL-O to open log in editor\n\n' \
--bind ctrl-/:toggle-preview \
--bind "ctrl-o:execute:${EDITOR:-vim} <(kubectl logs --namespace {1} {2}) > /dev/tty" \
--preview-window up,follow \
--preview 'kubectl logs --follow --tail=100000 --namespace {1} {2}' "$@"
)
[ ${#tokens} -gt 1 ] &&
kubectl exec -it --namespace "${tokens[0]}" "${tokens[1]}" -- /bin/sh

3
legacy/bin/symlinks
View File

@ -1,3 +0,0 @@
#!/usr/local/bin/nu
ls -al | where type == Symlink | select name target

5
legacy/bin/url-decode
View File

@ -1,5 +0,0 @@
#!/bin/bash
function urldecode() { : "${*//+/ }"; echo -e "${_//%/\\x}"; }
urldecode "$@"

28
legacy/newsboat/com.noah.newsboat.plist
View File

@ -1,28 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.noah.newsboat</string>
<key>ProgramArguments</key>
<array>
<string>/usr/local/bin/newsboat -x reload</string>
</array>
<key>Nice</key>
<integer>1</integer>
<key>StartInterval</key>
<integer>1800</integer>
<key>RunAtLoad</key>
<false/>
<key>StandardErrorPath</key>
<string>/tmp/newsboat.err</string>
<key>StandardOutPath</key>
<string>/tmp/newsboat.out</string>
</dict>
</plist>

40
legacy/newsboat/config
View File

@ -1,40 +0,0 @@
browser "$BROWSER %u"
prepopulate-query-feeds yes
feed-sort-order lastupdated
reload-only-visible-feeds yes
text-width 72
bind-key j down
bind-key k up
bind-key j next articlelist
bind-key k prev articlelist
bind-key G end
bind-key g home
bind-key d pagedown
bind-key u pageup
bind-key n next-unread
bind-key p prev-unread
bind-key ; macro-prefix
bind-key B bookmark
bind-key f edit-flags
macro v set browser "mpv %u"; open-in-browser; set browser "$BROWSER %u"
macro p set browser "echo %u"; one; set browser "$BROWSER %u"
macro H set browser "clx view $(echo %u | cut -d '=' -f2)"; one; set browser "$BROWSER %u"
macro h set browser "clx view $(echo %u | cut -d '=' -f2)"; two; set browser "$BROWSER %u"
macro w set browser "w3m -o confirm_qq=false %u"; open-in-browser; set browser "$BROWSER %u"
macro r set browser "url-markdown %u | glow -p -w 72 -"; open-in-browser; set browser "$BROWSER %u"
macro d set browser "youtube-dl -o ~/Downloads/%(title)s.%(ext)s %u &"; open-in-browser-noninteractively; set browser "$BROWSER %u"
macro n set-tag News; reload-all
macro a set-tag All
macro e set-tag Reddit; reload-all
macro y set-tag YouTube; reload-all
bookmark-cmd "bookmark"
highlight article "^(Feed|Title|Author|Link|Date):.*" color243 default
highlight article "^(Links):.*" color243 default
highlight article "^(\\[[0-9]+\\]):.*" color243 default
highlight article "^(\\[[0-9]+\\])" color243 default
highlight article "^\\[.*\\]$" color243 default
highlight article "^(Title:).*" color249 default

137
legacy/nix-env.fish
View File

@ -1,137 +0,0 @@
# Setup Nix
# We need to distinguish between single-user and multi-user installs.
# This is difficult because there's no official way to do this.
# We could look for the presence of /nix/var/nix/daemon-socket/socket but this will fail if the
# daemon hasn't started yet. /nix/var/nix/daemon-socket will exist if the daemon has ever run, but
# I don't think there's any protection against accidentally running `nix-daemon` as a user.
# We also can't just look for /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh because
# older single-user installs used the default profile instead of a per-user profile.
# We can still check for it first, because all multi-user installs should have it, and so if it's
# not present that's a pretty big indicator that this is a single-user install. If it does exist,
# we still need to verify the install type. To that end we'll look for a root owner and sticky bit
# on /nix/store. Multi-user installs set both, single-user installs don't. It's certainly possible
# someone could do a single-user install as root and then manually set the sticky bit but that
# would be extremely unusual.
set -l nix_profile_path /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh
set -l single_user_profile_path ~/.nix-profile/etc/profile.d/nix.sh
if test -e $nix_profile_path
# The path exists. Double-check that this is a multi-user install.
# We can't just check for ~/.nix-profile/… because this may be a single-user install running as
# the wrong user.
# stat is not portable. Splitting the output of ls -nd is reliable on most platforms.
set -l owner (string split -n ' ' (command ls -nd /nix/store 2>/dev/null))[3]
if not test -k /nix/store -a $owner -eq 0
# /nix/store is either not owned by root or not sticky. Assume single-user.
set nix_profile_path $single_user_profile_path
end
else
# The path doesn't exist. Assume single-user
set nix_profile_path $single_user_profile_path
end
if test -e $nix_profile_path
# Source the nix setup script
# We're going to run the regular Nix profile under bash and then print out a few variables
for line in (command env -u BASH_ENV bash -c '. "$0"; for name in PATH "${!NIX_@}"; do printf "%s=%s\0" "$name" "${!name}"; done' $nix_profile_path | string split0)
set -xg (string split -m 1 = $line)
end
# Insert Nix's fish share directories into fish's special variables.
# nixpkgs-installed fish tries to set these up already if NIX_PROFILES is defined, which won't
# be the case when sourcing $__fish_data_dir/share/config.fish normally, but might be for a
# recursive invocation. To guard against that, we'll only insert paths that don't already exit.
# Furthermore, for the vendor_conf.d sourcing, we'll use the pre-existing presence of a path in
# $fish_function_path to determine whether we want to source the relevant vendor_conf.d folder.
# To start, let's locally define NIX_PROFILES if it doesn't already exist.
set -al NIX_PROFILES
if test (count $NIX_PROFILES) -eq 0
set -a NIX_PROFILES $HOME/.nix-profile
end
# Replicate the logic from nixpkgs version of $__fish_data_dir/__fish_build_paths.fish.
set -l __nix_profile_paths (string split ' ' -- $NIX_PROFILES)[-1..1]
set -l __extra_completionsdir \
$__nix_profile_paths/etc/fish/completions \
$__nix_profile_paths/share/fish/vendor_completions.d
set -l __extra_functionsdir \
$__nix_profile_paths/etc/fish/functions \
$__nix_profile_paths/share/fish/vendor_functions.d
set -l __extra_confdir \
$__nix_profile_paths/etc/fish/conf.d \
$__nix_profile_paths/share/fish/vendor_conf.d
### Configure fish_function_path ###
# Remove any of our extra paths that may already exist.
# Record the equivalent __extra_confdir path for any function path that exists.
set -l existing_conf_paths
for path in $__extra_functionsdir
if set -l idx (contains --index -- $path $fish_function_path)
set -e fish_function_path[$idx]
set -a existing_conf_paths $__extra_confdir[(contains --index -- $path $__extra_functionsdir)]
end
end
# Insert the paths before $__fish_data_dir.
if set -l idx (contains --index -- $__fish_data_dir/functions $fish_function_path)
# Fish has no way to simply insert into the middle of an array.
set -l new_path $fish_function_path[1..$idx]
set -e new_path[$idx]
set -a new_path $__extra_functionsdir
set fish_function_path $new_path $fish_function_path[$idx..-1]
else
set -a fish_function_path $__extra_functionsdir
end
### Configure fish_complete_path ###
# Remove any of our extra paths that may already exist.
for path in $__extra_completionsdir
if set -l idx (contains --index -- $path $fish_complete_path)
set -e fish_complete_path[$idx]
end
end
# Insert the paths before $__fish_data_dir.
if set -l idx (contains --index -- $__fish_data_dir/completions $fish_complete_path)
set -l new_path $fish_complete_path[1..$idx]
set -e new_path[$idx]
set -a new_path $__extra_completionsdir
set fish_complete_path $new_path $fish_complete_path[$idx..-1]
else
set -a fish_complete_path $__extra_completionsdir
end
### Source conf directories ###
# The built-in directories were already sourced during shell initialization.
# Any __extra_confdir that came from $__fish_data_dir/__fish_build_paths.fish was also sourced.
# As explained above, we're using the presence of pre-existing paths in $fish_function_path as a
# signal that the corresponding conf dir has also already been sourced.
# In order to simulate this, we'll run through the same algorithm as found in
# $__fish_data_dir/config.fish except we'll avoid sourcing the file if it comes from an
# already-sourced location.
# Caveats:
# * Files will be sourced in a different order than we'd ideally do (because we're coming in
# after the fact to source them).
# * If there are existing extra conf paths, files in them may have been sourced that should have
# been suppressed by paths we're inserting in front.
# * Similarly any files in $__fish_data_dir/vendor_conf.d that should have been suppressed won't
# have been.
set -l sourcelist
for file in $__fish_config_dir/conf.d/*.fish $__fish_sysconf_dir/conf.d/*.fish
# We know these paths were sourced already. Just record them.
set -l basename (string replace -r '^.*/' '' -- $file)
contains -- $basename $sourcelist
or set -a sourcelist $basename
end
for root in $__extra_confdir
for file in $root/*.fish
set -l basename (string replace -r '^.*/' '' -- $file)
contains -- $basename $sourcelist
and continue
set -a sourcelist $basename
contains -- $root $existing_conf_paths
and continue # this is a pre-existing path, it will have been sourced already
[ -f $file -a -r $file ]
and source $file
end
end
end

168
legacy/scripts/configure_macos
View File

@ -1,168 +0,0 @@
#!/bin/sh
echo "Enable full keyboard access for all controls (e.g. enable Tab in modal dialogs)"
defaults write NSGlobalDomain AppleKeyboardUIMode -int 3
echo "Automatically show and hide the dock"
defaults write com.apple.dock autohide -bool true
echo "Automatically show and hide the menu bar"
defaults write NSGlobalDomain _HIHideMenuBar -bool true
echo "Make Dock icons of hidden applications translucent"
defaults write com.apple.dock showhidden -bool true
echo "Use current directory as default search scope in Finder"
defaults write com.apple.finder FXDefaultSearchScope -string "SCcf"
echo "Expand save panel by default"
defaults write NSGlobalDomain NSNavPanelExpandedStateForSaveMode -bool true
echo "Expand print panel by default"
defaults write NSGlobalDomain PMPrintingExpandedStateForPrint -bool true
echo "Disable the \"Are you sure you want to open this application?\" dialog"
defaults write com.apple.LaunchServices LSQuarantine -bool false
echo "Enable highlight hover effect for the grid view of a stack (Dock)"
defaults write com.apple.dock mouse-over-hilte-stack -bool true
echo "Enable spring loading for all Dock items"
defaults write enable-spring-load-actions-on-all-items -bool true
echo "Disable press-and-hold for keys in favor of key repeat"
defaults write NSGlobalDomain ApplePressAndHoldEnabled -bool false
defaults write -g ApplePressAndHoldEnabled -bool false
echo "Set a blazingly fast keyboard repeat rate"
defaults write NSGlobalDomain KeyRepeat -int 2
echo "Set a shorter Delay until key repeat"
defaults write NSGlobalDomain InitialKeyRepeat -int 12
echo "Disable disk image verification"
defaults write com.apple.frameworks.diskimages skip-verify -bool true
defaults write com.apple.frameworks.diskimages skip-verify-locked -bool true
defaults write com.apple.frameworks.diskimages skip-verify-remote -bool true
echo "Avoid creating .DS_Store files on network volumes"
defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool true
echo "Disable the warning when changing a file extension"
defaults write com.apple.finder FXEnableExtensionChangeWarning -bool false
# echo "Enable snap-to-grid for desktop icons"
# /usr/libexec/PlistBuddy -c "Set :DesktopViewSettings:IconViewSettings:arrangeBy grid" ~/Library/Preferences/com.apple.finder.plist
echo "Disable the warning before emptying the Trash"
defaults write com.apple.finder WarnOnEmptyTrash -bool false
echo "Disable tap to click (Trackpad)"
defaults write com.apple.driver.AppleBluetoothMultitouch.trackpad Clicking -bool false
echo "Enable Safaris debug menu"
defaults write com.apple.Safari IncludeInternalDebugMenu -bool true
echo "Make Safaris search banners default to Contains instead of Starts With"
defaults write com.apple.Safari FindOnPageMatchesWordStartsOnly -bool false
echo "Add a context menu item for showing the Web Inspector in web views"
defaults write NSGlobalDomain WebKitDeveloperExtras -bool true
echo "Save to disk (not to iCloud) by default"
defaults write NSGlobalDomain NSDocumentSaveNewDocumentsToCloud -bool false
echo "Disable automatic capitalization as its annoying when typing code"
defaults write NSGlobalDomain NSAutomaticCapitalizationEnabled -bool false
echo "Disable smart dashes as theyre annoying when typing code"
defaults write NSGlobalDomain NSAutomaticDashSubstitutionEnabled -bool false
echo "Disable automatic period substitution as its annoying when typing code"
defaults write NSGlobalDomain NSAutomaticPeriodSubstitutionEnabled -bool false
echo "Disable smart quotes as theyre annoying when typing code"
defaults write NSGlobalDomain NSAutomaticQuoteSubstitutionEnabled -bool false
echo "Disable auto-correct"
defaults write NSGlobalDomain NSAutomaticSpellingCorrectionEnabled -bool false
echo "Use scroll gesture with the Ctrl (^) modifier key to zoom"
defaults write com.apple.universalaccess closeViewScrollWheelToggle -bool true
defaults write com.apple.universalaccess HIDScrollZoomModifierMask -int 262144
echo "Follow the keyboard focus while zoomed in"
defaults write com.apple.universalaccess closeViewZoomFollowsFocus -bool true
echo "Require password immediately after sleep or screen saver begins"
defaults write com.apple.screensaver askForPassword -int 1
defaults write com.apple.screensaver askForPasswordDelay -int 0
echo "Save screenshots to downloads"
defaults write com.apple.screencapture location -string "${HOME}/Downloads"
echo "Finder: allow quitting via ⌘ + Q; doing so will also hide desktop icons"
defaults write com.apple.finder QuitMenuItem -bool true
echo "Show the ~/Library folder"
chflags nohidden ~/Library && xattr -d com.apple.FinderInfo ~/Library
# Noah Prefs
echo "Enable dock magnification"
defaults write com.apple.dock magnification -bool true
echo "Set dock size"
defaults write com.apple.dock largesize -int 48
defaults write com.apple.dock tilesize -int 44
echo "Choose and order dock icons"
__dock_item() {
printf '%s%s%s%s%s' \
'<dict><key>tile-data</key><dict><key>file-data</key><dict>' \
'<key>_CFURLString</key><string>' \
"$1" \
'</string><key>_CFURLStringType</key><integer>0</integer>' \
'</dict></dict></dict>'
}
defaults write com.apple.dock persistent-apps -array \
"$(__dock_item /Applications/1Password\ 7.app)" \
"$(__dock_item /Applications/Slack.app)" \
"$(__dock_item /System/Applications/Calendar.app)" \
"$(__dock_item /Applications/Firefox.app)" \
"$(__dock_item /System/Applications/Messages.app)" \
"$(__dock_item /System/Applications/Mail.app)" \
"$(__dock_item /Applications/Mimestream.app)" \
"$(__dock_item /Applications/zoom.us.app)" \
"$(__dock_item /Applications/Obsidian.app)" \
"$(__dock_item /Applications/Alacritty.app)" \
"$(__dock_item /System/Applications/System\ Preferences.app)"
echo "No recent items in dock"
defaults write com.apple.dock show-recents -bool FALSE
echo "Switch to dark mode"
defaults write "Apple Global Domain" "AppleInterfaceStyle" "Dark"
echo "Turn on Scroll Reverser"
open /Applications/Scroll\ Reverser.app
osascript -e 'tell application "System Events" to make login item at end with properties {path:"/Applications/Scroll Reverser.app", hidden:false}'
echo "Allow apps from anywhere"
SPCTL=$(spctl --status)
if ! [ "$SPCTL" = "assessments disabled" ]
then
sudo spctl --master-disable
fi
# ---
echo "Reset Launchpad"
# [ -e ~/Library/Application\ Support/Dock/*.db ] && rm ~/Library/Application\ Support/Dock/*.db
rm ~/Library/Application\ Support/Dock/*.db
echo "Show the ~/Library folder"
chflags nohidden ~/Library
# Clean up
echo "Kill affected applications"
for app in Safari Finder Dock Mail SystemUIServer; do killall "$app" >/dev/null 2>&1; done

5
legacy/scripts/npm
View File

@ -1,5 +0,0 @@
#!/bin/sh
npm update -g
npm install -g pyright
npm install -g diagnostic-languageserver

48
legacy/scripts/rust
View File

@ -1,48 +0,0 @@
#!/bin/sh
install_rust() {
if ! (which ~/.cargo/bin/rustup > /dev/null)
then
echo "installing rustup"
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
fi
echo "rustup ✓"
}
update_rust() {
~/.cargo/bin/rustup update > /dev/null 2>&1
rust_version=$(~/.cargo/bin/rustc --version | awk '{print $2}')
echo "latest rust: $rust_version ✓"
}
download_rust_analyzer() {
if ! (which rust-analyzer > /dev/null)
then
echo "downloading rust analyzer"
rust_analyzer_bin=/usr/local/bin/rust-analyzer
curl -s -L https://github.com/rust-analyzer/rust-analyzer/releases/latest/download/rust-analyzer-mac -o $rust_analyzer_bin
chmod +x $rust_analyzer_bin
fi
echo "rust-analyzer ✓"
}
# cargo-edit: quickly add and remove packages
# whatfeatures: see optional features for a package
install_cargos() {
set -- \
'cargo-edit' \
'cargo-whatfeatures'
for program do
cargo install "$program"
done
echo "cargos ✓"
}
install_rust
update_rust
download_rust_analyzer
install_cargos

6
legacy/scripts/setup_cheatsheet
View File

@ -1,6 +0,0 @@
#!/bin/sh
echo "downloading cheatsheet"
curl https://cht.sh/:cht.sh > ~/.local/bin/cheat
chmod 755 ~/.local/bin/cheat
echo "cheatsheet ✓"

46
legacy/scripts/setup_fish
View File

@ -1,46 +0,0 @@
#!/usr/bin/env fish
set -U FISH_DIR (readlink ~/.config/fish) # Used for getting to this repo
set -Ux DOTS (dirname $FISH_DIR) # Directory of this config repo
set -U CDPATH . $HOME # Directories available for immediate cd
set -Ux EDITOR nvim # Preferred text editor
set -U PROJ $HOME/dev/work # Projects directory
set -Ux NOTES_PATH "$HOME/dev/personal/notes" # Notes directory
set -Ux MANPAGER "nvim +Man!" # Used for reading man pages
set -Ux DIRENV_LOG_FORMAT "" # Disable direnv output
set -Ux BROWSER "/Applications/Firefox.app/Contents/MacOS/firefox"
# Load abbreviations
abbrs
# Turn off greeting
set -U fish_greeting ""
# Set colors (Base16 Eighties)
set -U fish_color_normal normal
set -U fish_color_command 99cc99
set -U fish_color_quote ffcc66
set -U fish_color_redirection d3d0c8
set -U fish_color_end cc99cc
set -U fish_color_error f2777a
set -U fish_color_selection white --bold --background=brblack
set -U fish_color_search_match bryellow --background=brblack
set -U fish_color_history_current --bold
set -U fish_color_operator 6699cc
set -U fish_color_escape 66cccc
set -U fish_color_cwd green
set -U fish_color_cwd_root red
set -U fish_color_valid_path --underline
set -U fish_color_autosuggestion 747369
set -U fish_color_user brgreen
set -U fish_color_host normal
set -U fish_color_cancel -r
set -U fish_pager_color_completion normal
set -U fish_pager_color_description B3A06D yellow
set -U fish_pager_color_prefix white --bold --underline
set -U fish_pager_color_progress brwhite --background=cyan
set -U fish_color_comment ffcc66
set -U fish_color_param d3d0c8
set -U fish_color_match 6699cc
echo "fish setup ✓"

7
legacy/scripts/setup_ytfzf
View File

@ -1,7 +0,0 @@
#!/bin/sh
echo "downloading ytfzf"
mkdir -p ~/.local/bin
curl -sL "https://raw.githubusercontent.com/pystardust/ytfzf/master/ytfzf" >~/.local/bin/ytfzf
chmod 755 ~/.local/bin/ytfzf
echo "ytfzf ✓"

8
legacy/templates/kubernetes/clusterrole.yaml
View File

@ -1,8 +0,0 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name:
rules:
- apiGroups: [""]
resources:
verbs: []

12
legacy/templates/kubernetes/clusterrolebinding.yaml
View File

@ -1,12 +0,0 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name:
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name:
subjects:
- kind: ServiceAccount
name:
namespace: default

8
legacy/templates/kubernetes/configmap.yaml
View File

@ -1,8 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name:
namespace: default
annotations:
replicator.v1.mittwald.de/replicate-to: ".*"
data:

33
legacy/templates/kubernetes/deployment.yaml
View File

@ -1,33 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name:
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app:
template:
metadata:
labels:
app:
spec:
serviceAccountName:
containers:
- name:
image:
imagePullPolicy: Always
envFrom:
- configMapRef:
name:
- secretRef:
name:
ports:
- containerPort:
protocol: TCP
resources:
limits:
cpu:
requests:
cpu:

21
legacy/templates/kubernetes/ingress.yaml
View File

@ -1,21 +0,0 @@
apiVersion: networking.k8s.io/v1beta1 # must be beta until k8s 1.19
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/group.name:
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/security-groups:
alb.ingress.kubernetes.io/tags: Project=
alb.ingress.kubernetes.io/target-type: instance
name:
namespace:
spec:
rules:
- host:
http:
paths:
- backend:
serviceName:
servicePort:

10
legacy/templates/kubernetes/role.yaml
View File

@ -1,10 +0,0 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name:
namespace: default
rules:
- apiGroups: [""]
resourceNames:
resources:
verbs:

13
legacy/templates/kubernetes/rolebinding.yaml
View File

@ -1,13 +0,0 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name:
namespace: default
roleRef:
kind:
name:
apiGroup: rbac.authorization.k8s.io
subjects:
- kind:
name:
apiGroup: rbac.authorization.k8s.io

8
legacy/templates/kubernetes/secret.yaml
View File

@ -1,8 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name:
namespace: default
annotations:
replicator.v1.mittwald.de/replicate-to: ".*"
data:

15
legacy/templates/kubernetes/service.yaml
View File

@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations:
alb.ingress.kubernetes.io/healthcheck-path:
name:
namespace: default
spec:
ports:
- port: 443
protocol: TCP
targetPort: 80
selector:
app:
type: NodePort

5
legacy/templates/kubernetes/serviceaccount.yaml
View File

@ -1,5 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name:
namespace: default

12
legacy/templates/programs/skeleton.py
View File

@ -1,12 +0,0 @@
#!/usr/bin/env python
"""
Program
"""
def main():
"""Run the program"""
pass
if __name__ == "__main__":
main()

8
legacy/templates/programs/skeleton.sh
View File

@ -1,8 +0,0 @@
#!/bin/sh
if [ "$1" = "--help" ] || [ "$1" = "-h" ]; then
cat <<EOH
Help text
EOH
exit
fi

8
modules/README.md Normal file
View File

@ -0,0 +1,8 @@
# Modules
| Module | Purpose |
| --- | --- |
| [common](./common/default.nix) | User programs and OS-agnostic configuration |
| [darwin](./darwin/default.nix) | macOS-specific configuration |
| [nixos](./nixos/default.nix) | NixOS-specific configuration |

4
modules/common/applications/default.nix
View File

@ -7,9 +7,11 @@
./firefox.nix
./kitty.nix
./media.nix
./nautilus.nix
./obsidian.nix
./qbittorrent.nix
./nautilus.nix
./slack.nix
./yt-dlp.nix
];
}

19
modules/common/applications/kitty.nix
View File

@ -10,9 +10,24 @@
};
config = lib.mkIf (config.gui.enable && config.kitty.enable) {
# Set the Rofi-Systemd terminal for viewing logs
# Using optionalAttrs because only available in NixOS
environment = { } // lib.attrsets.optionalAttrs
(builtins.hasAttr "sessionVariables" config.environment) {
sessionVariables.ROFI_SYSTEMD_TERM = "${pkgs.kitty}/bin/kitty";
};
home-manager.users.${config.user} = {
# xsession.windowManager.i3.config.terminal = "kitty";
# programs.rofi.terminal = "${pkgs.kitty}/bin/kitty";
# Set the i3 terminal
xsession.windowManager.i3.config.terminal =
lib.mkIf pkgs.stdenv.isLinux "kitty";
# Set the Rofi terminal for running programs
programs.rofi.terminal =
lib.mkIf pkgs.stdenv.isLinux "${pkgs.kitty}/bin/kitty";
programs.kitty = {
enable = true;
environment = { };

25
modules/common/applications/media.nix
View File

@ -12,16 +12,31 @@
config = lib.mkIf (config.gui.enable && config.media.enable) {
home-manager.users.${config.user} = {
home.packages = with pkgs; [
mpv # Video viewer
sxiv # Image viewer
nsxiv # Image viewer
mupdf # PDF viewer
zathura # PDF viewer
];
# Video player
programs.mpv = {
enable = true;
bindings = { };
config = { image-display-duration = 2; };
scripts = [ pkgs.mpvScripts.autoload ];
};
# Set default for opening PDFs
xdg.mimeApps.defaultApplications."application/pdf" =
[ "zathura.desktop" ];
xdg.mimeApps.defaultApplications."image/*" = [ "sxiv.desktop" ];
xdg.mimeApps = {
associations.added = {
"application/pdf" = [ "pwmt.zathura-cb.desktop" ];
"image/*" = [ "nsxiv.desktop" ];
};
associations.removed = { "application/pdf" = [ "mupdf.desktop" ]; };
defaultApplications = {
"application/pdf" = [ "pwmt.zathura-cb.desktop" ];
"image/*" = [ "nsxiv.desktop" ];
};
};
};

1
modules/common/applications/nautilus.nix
View File

@ -28,6 +28,7 @@
};
};
};
};
}

19
modules/common/applications/slack.nix Normal file
View File

@ -0,0 +1,19 @@
{ config, pkgs, lib, ... }: {
options = {
slack = {
enable = lib.mkEnableOption {
description = "Enable Slack.";
default = false;
};
};
};
config = lib.mkIf (config.gui.enable && config.slack.enable) {
unfreePackages = [ "slack" ];
home-manager.users.${config.user} = {
home.packages = with pkgs; [ slack ];
};
};
}

35
modules/common/applications/yt-dlp.nix Normal file
View File

@ -0,0 +1,35 @@
{ config, pkgs, lib, ... }: {
options = {
yt-dlp = {
enable = lib.mkEnableOption {
description = "Enable YouTube downloader.";
default = false;
};
};
};
config = lib.mkIf (config.yt-dlp.enable) {
home-manager.users.${config.user} = {
programs.yt-dlp = {
enable = true;
extraConfig = "";
settings = {
no-continue = true; # Always re-download each fragment
no-overwrites = true; # Don't overwrite existing files
download-archive = "archive.log"; # Log of archives
embed-metadata = true;
embed-thumbnail = true;
embed-subs = true;
sub-langs = "en.*";
concurrent-fragments = 4; # Parallel download chunks
};
};
programs.fish.shellAbbrs.yt = "yt-dlp";
};
};
}

27
modules/common/default.nix
View File

@ -44,11 +44,6 @@
default = true;
};
};
# colorscheme = lib.mkOption {
# type = types.attrs;
# description = "Base16 color scheme";
# };
homePath = lib.mkOption {
type = lib.types.path;
description = "Path of user's home directory.";
@ -57,7 +52,6 @@
else
"/home/${config.user}");
};
dotfilesPath = lib.mkOption {
type = lib.types.path;
description = "Path of dotfiles repository.";
@ -77,12 +71,31 @@
config = let stateVersion = "23.05";
in {
nix = {
# Enable features in Nix commands
nix.extraOptions = ''
extraOptions = ''
experimental-features = nix-command flakes
warn-dirty = false
'';
settings = {
# Add community Cachix to binary cache
substituters = lib.mkIf (!pkgs.stdenv.isDarwin)
[ "https://nix-community.cachix.org" ];
trusted-public-keys = lib.mkIf (!pkgs.stdenv.isDarwin) [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
# Scans and hard links identical files in the store
# Not working with macOS: https://github.com/NixOS/nix/issues/7273
auto-optimise-store = lib.mkIf (!pkgs.stdenv.isDarwin) true;
};
};
# Basic common system packages for all devices
environment.systemPackages = with pkgs; [ git vim wget curl ];

13
modules/common/mail/aerc.nix
View File

@ -170,6 +170,8 @@
"${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/colorize";
"application/x-sh" = "${pkgs.bat}/bin/bat -fP -l sh";
"application/pdf" = "${pkgs.zathura}/bin/zathura -";
"audio/*" = "${pkgs.mpv}/bin/mpv -";
"image/*" = "${pkgs.feh}/bin/feh -";
};
};
};
@ -181,6 +183,17 @@
};
};
xdg.desktopEntries.aerc = lib.mkIf pkgs.stdenv.isLinux {
name = "aerc";
exec = "kitty aerc %u";
};
xsession.windowManager.i3.config.keybindings =
lib.mkIf pkgs.stdenv.isLinux {
"${
config.home-manager.users.${config.user}.xsession.windowManager.i3.config.modifier
}+Shift+e" = "exec --no-startup-id kitty aerc";
};
programs.fish.shellAbbrs = { ae = "aerc"; };
};

22
modules/common/mail/default.nix
View File

@ -10,9 +10,17 @@
default = config.user;
};
mail.server = lib.mkOption {
type = lib.types.str;
type = lib.types.nullOr lib.types.str;
description = "Server name for the email address.";
};
mail.imapHost = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "Server host for IMAP (reading mail).";
};
mail.smtpHost = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "Server host for SMTP (sending mail).";
};
};
config = lib.mkIf config.mail.enable {
@ -42,7 +50,7 @@
folders = { };
getmail = { };
imap = {
host = "imap.purelymail.com";
host = config.mail.imapHost;
port = 993;
tls.enable = true;
};
@ -55,9 +63,9 @@
maildir = { path = "main"; };
mbsync = {
enable = true;
create = "maildir";
expunge = "none";
remove = "none";
create = "both";
expunge = "both";
remove = "both";
patterns = [ "*" ];
extraConfig.channel = {
CopyArrivalDate = "yes"; # Sync time of original message
@ -67,10 +75,10 @@
notmuch.enable = false;
passwordCommand =
"${pkgs.age}/bin/age --decrypt --identity ${config.identityFile} ${
builtins.toString ../../private/mailpass.age
builtins.toString ../../../private/mailpass.age
}";
smtp = {
host = "smtp.purelymail.com";
host = config.mail.smtpHost;
port = 465;
tls.enable = true;
};

9
modules/common/neovim/config/align.nix Normal file
View File

@ -0,0 +1,9 @@
{ pkgs, ... }: {
plugins = [ pkgs.vimPlugins.tabular ];
lua = ''
-- Align
vim.keymap.set("", "<Leader>ta", ":Tabularize /")
vim.keymap.set("", "<Leader>t#", ":Tabularize /#<CR>")
vim.keymap.set("", "<Leader>tl", ":Tabularize /---<CR>")
'';
}

4
modules/common/neovim/config/lsp.nix
View File

@ -6,10 +6,10 @@
pkgs.vimPlugins.null-ls-nvim
];
use.lspconfig.sumneko_lua.setup = dsl.callWith {
use.lspconfig.lua_ls.setup = dsl.callWith {
settings = { Lua = { diagnostics = { globals = [ "vim" "hs" ]; }; }; };
capabilities = dsl.rawLua "require('cmp_nvim_lsp').default_capabilities()";
cmd = [ "${pkgs.sumneko-lua-language-server}/bin/lua-language-server" ];
cmd = [ "${pkgs.lua-language-server}/bin/lua-language-server" ];
};
use.lspconfig.nil_ls.setup = dsl.callWith {

8
modules/common/neovim/default.nix
View File

@ -34,6 +34,14 @@ in {
programs.kitty.settings.scrollback_pager = lib.mkForce ''
${neovim}/bin/nvim -c 'setlocal nonumber nolist showtabline=0 foldcolumn=0|Man!' -c "autocmd VimEnter * normal G" -'';
xdg.desktopEntries.nvim = lib.mkIf pkgs.stdenv.isLinux {
name = "Neovim wrapper";
exec = "kitty nvim %F";
};
xdg.mimeApps = lib.mkIf pkgs.stdenv.isLinux {
defaultApplications."text/markdown" = [ "nvim.desktop" ];
};
};
# # Used for icons in Vim

1
modules/common/neovim/package/default.nix
View File

@ -31,6 +31,7 @@
pkgs.neovimBuilder {
package = pkgs.neovim-unwrapped;
imports = [
../config/align.nix
../config/bufferline.nix
../config/completion.nix
../config/gitsigns.nix

8
modules/common/repositories/dotfiles.nix
View File

@ -14,7 +14,13 @@
[ "writeBoundary" ] ''
if [ ! -d "${config.dotfilesPath}" ]; then
$DRY_RUN_CMD mkdir --parents $VERBOSE_ARG $(dirname "${config.dotfilesPath}")
$DRY_RUN_CMD ${pkgs.git}/bin/git clone ${config.dotfilesRepo} "${config.dotfilesPath}"
# Force HTTPS because anonymous SSH doesn't work
GIT_CONFIG_COUNT=1 \
GIT_CONFIG_KEY_0="url.https://github.com/.insteadOf" \
GIT_CONFIG_VALUE_0="git@github.com:" \
$DRY_RUN_CMD \
${pkgs.git}/bin/git clone ${config.dotfilesRepo} "${config.dotfilesPath}"
fi
'';

20
modules/common/shell/bash/default.nix Normal file
View File

@ -0,0 +1,20 @@
{ config, pkgs, lib, ... }: {
config = {
home-manager.users.${config.user} = {
programs.bash = {
enable = true;
shellAliases =
config.home-manager.users.${config.user}.programs.fish.shellAliases;
initExtra = "";
profileExtra = "";
};
programs.starship.enableBashIntegration = false;
programs.zoxide.enableBashIntegration = true;
programs.fzf.enableBashIntegration = true;
};
};
}

1
modules/common/shell/default.nix
View File

@ -1,5 +1,6 @@
{ ... }: {
imports = [
./bash
./charm.nix
./direnv.nix
./fish

6
modules/common/shell/direnv.nix
View File

@ -6,4 +6,10 @@
config = { whitelist = { prefix = [ config.dotfilesPath ]; }; };
};
# Prevent garbage collection
nix.extraOptions = ''
keep-outputs = true
keep-derivations = true
'';
}

9
modules/common/shell/fish/default.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, ... }: {
{ config, pkgs, lib, ... }: {
users.users.${config.user}.shell = pkgs.fish;
programs.fish.enable =
@ -11,7 +11,10 @@
programs.fish = {
enable = true;
shellAliases = { ls = "exa"; };
shellAliases = {
ls = "exa";
trash = lib.mkIf pkgs.stdenv.isLinux "${pkgs.trash-cli}/bin/trash-put";
};
functions = {
commandline-git-commits = {
description = "Insert commit into commandline";
@ -73,7 +76,6 @@
set -g fish_cursor_replace_one underscore
'';
loginShellInit = "";
shellAliases = { };
shellAbbrs = {
# Directory aliases
@ -90,6 +92,7 @@
sc = "systemctl";
scs = "systemctl status";
m = "make";
t = "trash";
# Vim (overwritten by Neovim)
v = "vim";

34
modules/common/shell/utilities.nix
View File

@ -17,37 +17,23 @@ in {
home-manager.users.${config.user} = {
# Fix: age won't build
nixpkgs.overlays = [
(_final: prev: {
age = prev.age.overrideAttrs (_old: {
src = prev.fetchFromGitHub {
owner = "FiloSottile";
repo = "age";
rev = "7354aa0d08a06eac42c635670a55f858bd23c943";
sha256 = "H80mNTgZmExDMgubONIXP7jmLBvNMVqXee6NiZJhPFY=";
};
});
})
];
home.packages = with pkgs; [
unzip # Extract zips
age # Encryption
bc # Calculator
dig # DNS lookup
fd # find
htop # Show system processes
inetutils # Includes telnet, whois
jq # JSON manipulation
lf # File viewer
qrencode # Generate qr codes
rsync # Copy folders
ripgrep # grep
fd # find
sd # sed
jq # JSON manipulation
tealdeer # Cheatsheets
tree # View directory hierarchy
htop # Show system processes
glow # Pretty markdown previews
qrencode # Generate qr codes
vimv-rs # Batch rename files
dig # DNS lookup
lf # File viewer
inetutils # Includes telnet, whois
age # Encryption
unzip # Extract zips
];
programs.zoxide.enable = true; # Shortcut jump command

1
modules/darwin/hammerspoon.nix
View File

@ -16,6 +16,7 @@
firefox = "${pkgs.firefox-bin}/Applications/Firefox.app";
discord = "${pkgs.discord}/Applications/Discord.app";
kitty = "${pkgs.kitty}/Applications/kitty.app";
slack = "${pkgs.slack}/Applications/Slack.app";
};
xdg.configFile."hammerspoon/Spoons/MoveWindow.spoon".source =
./hammerspoon/Spoons/MoveWindow.spoon;

21
modules/darwin/hammerspoon/Spoons/DismissAlerts.spoon/close_notifications.applescript Normal file
View File

@ -0,0 +1,21 @@
# Credit: https://github.com/Ptujec/LaunchBar/blob/f7b5a0dba9919c2fec879513f68a044f78748539/Notifications/Dismiss%20all%20notifications.lbaction/Contents/Scripts/default.applescript
tell application "System Events"
try
set _groups to groups of UI element 1 of scroll area 1 of group 1 of window "Notification Center" of application process "NotificationCenter"
repeat with _group in _groups
set _actions to actions of _group
repeat with _action in _actions
if description of _action is in {"Schlie§en", "Alle entfernen", "Close", "Clear All"} then
perform _action
end if
end repeat
end repeat
end try
end tell

2
modules/darwin/hammerspoon/Spoons/DismissAlerts.spoon/init.lua
View File

@ -10,7 +10,7 @@ obj.license = "MIT - https://opensource.org/licenses/MIT"
function obj:init()
hs.hotkey.bind({ "cmd", "alt", "ctrl" }, "k", function()
hs.osascript.javascriptFromFile("Spoons/DismissAlerts.spoon/close_notifications_applescript.js")
hs.osascript.applescriptFromFile("Spoons/DismissAlerts.spoon/close_notifications.applescript")
end)
end

34
modules/darwin/hammerspoon/Spoons/Launcher.spoon/init.lua
View File

@ -8,44 +8,44 @@ obj.name = "Launcher"
obj.version = "0.1"
obj.license = "MIT - https://opensource.org/licenses/MIT"
function DrawSwitcher()
-- Drawing
local width = hs.screen.mainScreen():fullFrame().w
local switcherWidth = 500
local canv = hs.canvas.new({
local width = hs.screen.mainScreen():fullFrame().w
local switcherWidth = 500
obj.canvas = hs.canvas.new({
x = width / 2 - switcherWidth / 2,
y = 1,
h = 3,
w = switcherWidth,
})
canv[#canv + 1] = {
})
-- Draw switcher
obj.canvas[#obj.canvas + 1] = {
action = "build",
type = "rectangle",
}
canv[#canv + 1] = {
}
obj.canvas[#obj.canvas + 1] = {
type = "rectangle",
fillColor = { alpha = 1, red = 0.8, green = 0.6, blue = 0.3 },
action = "fill",
}
return canv:show()
end
}
function obj:init()
-- Begin launcher mode
if self.launcher == nil then
self.launcher = hs.hotkey.modal.new("ctrl", "space")
print(self.canvas)
print(obj.canvas)
end
-- Behaviors on enter
function self.launcher:entered()
-- hs.alert("Entered mode")
self.canv = DrawSwitcher()
obj.canvas:show()
end
-- Behaviors on exit
function self.launcher:exited()
-- hs.alert("Exited mode")
self.canv:hide()
obj.canvas:hide()
end
-- Use escape to exit launcher mode
@ -54,7 +54,8 @@ function obj:init()
end)
-- Launcher shortcuts
self.launcher:bind("ctrl", "space", function() end)
self.launcher:bind("ctrl", "space", function()
end)
self.launcher:bind("", "return", function()
self:switch("@kitty@")
end)
@ -89,10 +90,11 @@ function obj:init()
self:switch("System Preferences.app")
end)
self.launcher:bind("", "R", function()
hs.console.clearConsole()
hs.reload()
end)
self.launcher:bind("", "S", function()
self:switch("Slack.app")
self:switch("@slack@")
end)
self.launcher:bind("", "Z", function()
self:switch("zoom.us.app")

6
modules/darwin/homebrew.nix
View File

@ -45,12 +45,6 @@
];
};
home-manager.users.${config.user} = {
programs.fish.shellAbbrs.t = "trash";
};
};
}

2
modules/darwin/system.nix
View File

@ -166,7 +166,7 @@
echo "Choose and order dock icons"
defaults write com.apple.dock persistent-apps -array \
"$(__dock_item /Applications/1Password.app)" \
"$(__dock_item /Applications/Slack.app)" \
"$(__dock_item ${pkgs.slack}/Applications/Slack.app)" \
"$(__dock_item /System/Applications/Calendar.app)" \
"$(__dock_item ${pkgs.firefox-bin}/Applications/Firefox.app)" \
"$(__dock_item /System/Applications/Messages.app)" \

17
modules/darwin/utilities.nix
View File

@ -1,19 +1,6 @@
{ config, pkgs, lib, ... }:
let
# Quickly package shell scripts with their dependencies
# From https://discourse.nixos.org/t/how-to-create-a-script-with-dependencies/7970/6
mkScript = { name, file, env ? [ ] }:
pkgs.writeScriptBin name ''
for i in ${lib.concatStringsSep " " env}; do
export PATH="$i/bin:$PATH"
done
exec ${pkgs.bash}/bin/bash ${file} $@
'';
in {
{
home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin {
@ -32,7 +19,7 @@ in {
consul
noti # Create notifications programmatically
ipcalc # Make IP network calculations
(mkScript {
(pkgs.extraLib.mkScript {
name = "ocr";
file = ../../modules/common/shell/bash/scripts/ocr.sh;
env = [ tesseract ];

1
modules/nixos/gaming/default.nix
View File

@ -16,5 +16,6 @@
driSupport = true;
driSupport32Bit = true;
};
programs.gamemode.enable = true;
};
}

2
modules/nixos/gaming/legendary.nix
View File

@ -10,8 +10,8 @@ in {
config = lib.mkIf config.gaming.legendary.enable {
environment.systemPackages = with pkgs; [
legendary-gl
rare # GUI for Legendary (not working)
wineWowPackages.stable # 32-bit and 64-bit wineWowPackages, see https://nixos.wiki/wiki/Wine
heroic # GUI launcher
];
home-manager.users.${config.user} = {

9
modules/nixos/gaming/steam.nix
View File

@ -5,15 +5,20 @@
config = lib.mkIf (config.gaming.steam.enable && pkgs.stdenv.isLinux) {
hardware.steam-hardware.enable = true;
unfreePackages = [ "steam" "steam-original" "steamcmd" "steam-run" ];
environment.systemPackages = with pkgs; [
steam
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
};
environment.systemPackages = with pkgs; [
# Enable terminal interaction
steamPackages.steamcmd
steam-tui
];
};
}

4
modules/nixos/graphical/default.nix
View File

@ -17,6 +17,10 @@
type = lib.types.str;
description = "Command to use for choosing windows";
};
audioSwitchCommand = lib.mkOption {
type = lib.types.str;
description = "Command to use for switching audio sink";
};
toggleBarCommand = lib.mkOption {
type = lib.types.str;
description = "Command to hide and show the status bar.";

2
modules/nixos/graphical/i3.nix
View File

@ -112,6 +112,8 @@ in {
"exec --no-startup-id ${config.launcherCommand}";
"${modifier}+Shift+s" =
"exec --no-startup-id ${config.systemdSearch}";
"${modifier}+Shift+a" =
"exec --no-startup-id ${config.audioSwitchCommand}";
"Mod1+Tab" = "exec --no-startup-id ${config.altTabCommand}";
"${modifier}+Shift+c" = "reload";
"${modifier}+Shift+r" = "restart";

22
modules/nixos/graphical/rofi.nix
View File

@ -1,9 +1,17 @@
{ config, pkgs, lib, ... }:
{
let
rofi = config.home-manager.users.${config.user}.programs.rofi.finalPackage;
in {
config = lib.mkIf (pkgs.stdenv.isLinux && config.services.xserver.enable) {
# Set the Rofi-Systemd terminal for viewing logs
environment.sessionVariables.ROFI_SYSTEMD_TERM =
lib.mkIf config.kitty.enable "${pkgs.kitty}/bin/kitty";
home-manager.users.${config.user} = {
home.packages = with pkgs;
@ -144,10 +152,16 @@
};
launcherCommand = "${pkgs.rofi}/bin/rofi -show run -modi run";
launcherCommand = "${rofi}/bin/rofi -modes drun -show drun";
systemdSearch = "${pkgs.rofi-systemd}/bin/rofi-systemd";
altTabCommand = "${pkgs.rofi}/bin/rofi -show window -modi window";
altTabCommand = "${rofi}/bin/rofi -show window -modi window";
audioSwitchCommand = "${
(pkgs.extraLib.mkScript {
name = "switch-audio";
file = ./rofi/pulse-sink.sh;
env = [ pkgs.ponymix rofi ];
})
}/bin/switch-audio";
};
}

15
modules/nixos/graphical/rofi/pulse-sink.sh Executable file
View File

@ -0,0 +1,15 @@
#!/usr/bin/env bash
# Credit: https://gist.github.com/Nervengift/844a597104631c36513c
sink=$(
ponymix -t sink list |
awk '/^sink/ {s=$1" "$2;getline;gsub(/^ +/,"",$0);print s" "$0}' |
rofi -dmenu -p 'pulseaudio sink:' -location 6 -width 100 -theme-str 'inputbar { enabled: false; }' |
grep -Po '[0-9]+(?=:)'
) &&
ponymix set-default -d "$sink" &&
for input in $(ponymix list -t sink-input | grep -Po '[0-9]+(?=:)'); do
echo "$input -> $sink"
ponymix -t sink-input -d "$input" move "$sink"
done

6
modules/nixos/hardware/boot.nix
View File

@ -13,6 +13,9 @@
# Attempt to display GRUB on widescreen monitor
gfxmodeEfi = "1920x1080";
# Limit the total number of configurations to rollback
configurationLimit = 25;
# Install GRUB onto the boot disk
# device = config.fileSystems."/boot".device;
@ -40,4 +43,7 @@
boot.supportedFilesystems =
lib.mkIf (config.physical && pkgs.stdenv.isLinux) [ "ntfs" ];
# Use latest released Linux kernel by default
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
}

2
modules/nixos/hardware/default.nix
View File

@ -3,6 +3,7 @@
imports = [
./audio.nix
./boot.nix
./disk.nix
./keyboard.nix
./monitors.nix
./mouse.nix
@ -10,6 +11,7 @@
./server.nix
./sleep.nix
./wifi.nix
./zfs.nix
];
options = {

7
modules/nixos/hardware/disk.nix Normal file
View File

@ -0,0 +1,7 @@
{ config, pkgs, lib, ... }: {
# Enable fstrim, which tracks free space on SSDs for garbage collection
# More info: https://www.reddit.com/r/NixOS/comments/rbzhb1/if_you_have_a_ssd_dont_forget_to_enable_fstrim/
services.fstrim.enable = true;
}

9
modules/nixos/hardware/keyboard.nix
View File

@ -1,4 +1,6 @@
{ ... }: {
{ config, ... }: {
config = {
services.xserver = {
@ -13,4 +15,9 @@
};
# Enable num lock on login
home-manager.users.${config.user}.xsession.numlock.enable = true;
};
}

6
modules/nixos/hardware/networking.nix
View File

@ -9,6 +9,12 @@
networking.interfaces.enp5s0.useDHCP = true;
networking.interfaces.wlp4s0.useDHCP = true;
networking.firewall.allowPing = lib.mkIf config.server true;
networking.hosts = {
"192.168.0.120" = [ "tempest" ];
"192.168.0.218" = [ "swan" ];
};
};
}

10
modules/nixos/hardware/sleep.nix
View File

@ -4,9 +4,17 @@
# Prevent wake from keyboard
powerManagement.powerDownCommands = ''
for wakeup in /sys/bus/usb/devices/1-*/power/wakeup; do echo disabled > $wakeup; done
# for power in /sys/bus/usb/devices/*/power; do echo disabled > ''${power}/wakeup; done
# AMD issue: https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Instantaneous_wakeups_from_suspend
for power in /sys/bus/i2c/devices/i2c-*/device/power; do echo disabled > ''${power}/wakeup; done
'';
# From here: https://www.reddit.com/r/NixOS/comments/wcu34f/how_would_i_do_this_in_nix/
# services.udev.extraRules = ''
# ACTION=="add", SUBSYSTEM=="i2c", ATTRS{idVendor}=="<vendor>", ATTRS{idProduct}=="<product>" RUN+="${pkgs.bash}/bin/bash -c 'echo disabled > /sys/bus/i2c/devices/i2c-*/power/wakeup'"
# '';
};
}

16
modules/nixos/hardware/zfs.nix Normal file
View File

@ -0,0 +1,16 @@
{ config, pkgs, lib, ... }: {
options = { zfs.enable = lib.mkEnableOption "ZFS file system."; };
config =
lib.mkIf (pkgs.stdenv.isLinux && config.server && config.zfs.enable) {
# Only use compatible Linux kernel, since ZFS can be behind
boot.kernelPackages =
config.boot.zfs.package.latestCompatibleLinuxPackages;
boot.kernelParams = [ "nohibernate" ];
boot.supportedFilesystems = [ "zfs" ];
};
}

74
modules/nixos/services/arr.nix Normal file
View File

@ -0,0 +1,74 @@
{ config, lib, ... }: {
options = {
arrServer = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "Hostname for arr services";
default = null;
};
};
config = lib.mkIf (config.arrServer != null) {
services.sonarr.enable = true;
services.radarr.enable = true;
services.bazarr.enable = true;
services.prowlarr.enable = true;
# Grant users access to destination directories
users.users.sonarr.extraGroups = [ "jellyfin" ];
users.users.radarr.extraGroups = [ "jellyfin" ];
users.users.bazarr.extraGroups = [ "jellyfin" ];
# Requires updating the base_url config value in each service
# If you try to rewrite the URL, the service won't redirect properly
caddy.routes = [
{
group = "download";
match = [{
host = [ config.arrServer ];
path = [ "/sonarr*" ];
}];
handle = [{
handler = "reverse_proxy";
upstreams = [{ dial = "localhost:8989"; }];
}];
}
{
group = "download";
match = [{
host = [ config.arrServer ];
path = [ "/radarr*" ];
}];
handle = [{
handler = "reverse_proxy";
upstreams = [{ dial = "localhost:7878"; }];
}];
}
{
group = "download";
match = [{
host = [ config.arrServer ];
path = [ "/prowlarr*" ];
}];
handle = [{
handler = "reverse_proxy";
upstreams = [{ dial = "localhost:9696"; }];
}];
}
{
group = "download";
match = [{
host = [ config.arrServer ];
path = [ "/bazarr*" ];
}];
handle = [{
handler = "reverse_proxy";
upstreams = [{ dial = "localhost:6767"; }];
}];
}
];
};
}

3
modules/nixos/services/backups.nix
View File

@ -27,7 +27,7 @@
users.groups.backup = { };
secrets.backup = {
source = ../../private/backup.age;
source = ../../../private/backup.age;
dest = "${config.secretsDirectory}/backup";
group = "backup";
permissions = "0440";
@ -38,6 +38,7 @@
services.litestream = {
enable = true;
environmentFile = config.secrets.backup.dest;
settings = { };
};
# Wait for secret to exist

10
modules/nixos/services/caddy.nix
View File

@ -24,6 +24,16 @@
listen = [ ":443" ];
routes = config.caddy.routes;
errors.routes = config.caddy.blocks;
# logs = { }; # Uncomment to collect access logs
};
logging.logs.main = {
encoder = { format = "console"; };
writer = {
output = "file";
filename = "${config.services.caddy.logDir}/caddy.log";
roll = true;
};
level = "INFO";
};
});

23
modules/nixos/services/calibre.nix
View File

@ -1,4 +1,10 @@
{ config, pkgs, lib, ... }: {
{ config, pkgs, lib, ... }:
let
libraryPath = "/data/books";
in {
options = {
bookServer = lib.mkOption {
@ -6,6 +12,11 @@
description = "Hostname for Calibre library";
default = null;
};
backups.calibre = lib.mkOption {
type = lib.types.bool;
description = "Whether to backup Calibre library";
default = true;
};
};
config = lib.mkIf (config.bookServer != null) {
@ -17,6 +28,7 @@
reverseProxyAuth.enable = false;
enableBookConversion = true;
enableBookUploading = true;
calibreLibrary = libraryPath;
};
};
@ -29,8 +41,11 @@
}];
}];
# Grant user access to Calibre directories
users.users.${config.user}.extraGroups = [ "calibre-web" ];
# Run a backup on a schedule
systemd.timers.calibre-backup = {
systemd.timers.calibre-backup = lib.mkIf config.backups.calibre {
timerConfig = {
OnCalendar = "*-*-* 00:00:00"; # Once per day
Unit = "calibre-backup.service";
@ -39,9 +54,7 @@
};
# Backup Calibre data to object storage
systemd.services.calibre-backup =
let libraryPath = "/var/lib/calibre-web"; # Default location
in {
systemd.services.calibre-backup = lib.mkIf config.backups.calibre {
description = "Backup Calibre data";
environment.AWS_ACCESS_KEY_ID = config.backup.s3.accessKeyId;
serviceConfig = {

2
modules/nixos/services/default.nix
View File

@ -1,6 +1,7 @@
{ ... }: {
imports = [
./arr.nix
./backups.nix
./caddy.nix
./calibre.nix
@ -15,6 +16,7 @@
./netdata.nix
./nextcloud.nix
./prometheus.nix
./samba.nix
./secrets.nix
./sshd.nix
./transmission.nix

Some files were not shown because too many files have changed in this diff Show More