noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-07-06 17:50:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: noah:platform
Branches Tags
noah:master noah:platform noah:home-manager-fix noah:immich-proxy noah:microcode noah:nixd noah:eblume-mole noah:language-checks noah:keyd-2.4.3 noah:sway noah:nixosmodules noah:unfree-predicate-by-pkgs noah:darwin-ssl
noah:pre-platform noah:begin-nixos noah:begin-nix noah:neovim-lua noah:pre-nix noah:legacy
..
compare: noah:language-checks
Branches Tags
noah:master noah:platform noah:home-manager-fix noah:immich-proxy noah:microcode noah:nixd noah:eblume-mole noah:language-checks noah:keyd-2.4.3 noah:sway noah:nixosmodules noah:unfree-predicate-by-pkgs noah:darwin-ssl
noah:pre-platform noah:begin-nixos noah:begin-nix noah:neovim-lua noah:pre-nix noah:legacy

1 Commits
platform ... language-c

Author SHA1 Message Date
Noah Masur
f85a008741 set checks on individual languages 2024-02-07 23:04:08 -05:00
512 changed files with 13114 additions and 17457 deletions
Expand all files Collapse all files

166
.github/workflows/arrow-aws.yml vendored
View File

@ -1,166 +0,0 @@
name: Arrow (AWS)
run-name: Arrow (AWS) - ${{ inputs.rebuild && 'Rebuild and ' || '' }}${{ inputs.action == 'create' && 'Create' || ( inputs.action == 'destroy' && 'Destroy' || 'No Action' ) }}
env:
TERRAFORM_DIRECTORY: hosts/arrow/aws
DEPLOY_IDENTITY_BASE64: ${{ secrets.DEPLOY_IDENTITY_BASE64 }}
ARROW_IDENTITY_BASE64: ${{ secrets.ARROW_IDENTITY_BASE64 }}
ZONE_NAME: masu.rs
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
CLOUDFLARE_ZONE_ID: ${{ secrets.CLOUDFLARE_ZONE_ID }}
on:
workflow_dispatch:
inputs:
rebuild:
type: boolean
default: false
action:
type: choice
required: true
default: create
options:
- create
- destroy
- nothing
size:
type: choice
required: false
options:
- t3a.small # 2 GB RAM / $10
permissions:
id-token: write
contents: write
jobs:
build-deploy:
name: Build and Deploy
runs-on: ubuntu-latest
steps:
- name: Checkout Repo Code
uses: actions/checkout@v4
- name: Free Disk Space (Ubuntu)
if: inputs.rebuild && inputs.action != 'destroy'
uses: jlumbroso/free-disk-space@main
with:
tool-cache: true
# Enable access to KVM, required to build an image
- name: Enable KVM group perms
if: inputs.rebuild && inputs.action != 'destroy'
run: |
echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules
sudo udevadm control --reload-rules
sudo udevadm trigger --name-match=kvm
# Login to AWS
- name: AWS Assume Role
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::286370965832:role/github_actions_admin
aws-region: us-east-1
# Install Nix
- name: Install Nix
if: inputs.rebuild && inputs.action != 'destroy'
uses: cachix/install-nix-action@v20
# Build the image
- name: Build Image
if: inputs.rebuild && inputs.action != 'destroy'
run: nix build .#arrow-aws
- name: Upload Image to S3
if: inputs.rebuild && inputs.action != 'destroy'
run: |
aws s3 cp \
result/nixos-amazon-image-*.vhd \
s3://${{ secrets.IMAGES_BUCKET }}/arrow.vhd \
# Installs the Terraform binary and some other accessory functions.
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
# Checks whether Terraform is formatted properly. If this fails, you
# should install the pre-commit hook.
- name: Check Formatting
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
terraform fmt -no-color -check -diff -recursive
# Connects to remote state backend and download providers.
- name: Terraform Init
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
terraform init \
-backend-config="bucket=${{ secrets.TERRAFORM_STATE_BUCKET }}" \
-backend-config="key=arrow.tfstate"
# Deploys infrastructure or changes to infrastructure.
- name: Terraform Apply
if: inputs.action == 'create'
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
env:
TF_VAR_ec2_size: ${{ inputs.size }}
TF_VAR_images_bucket: ${{ secrets.IMAGES_BUCKET }}
run: |
terraform apply \
-auto-approve \
-input=false
# Removes infrastructure.
- name: Terraform Destroy
if: inputs.action == 'destroy'
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
env:
TF_VAR_ec2_size: ${{ inputs.size }}
TF_VAR_images_bucket: ${{ secrets.IMAGES_BUCKET }}
run: |
terraform destroy \
-auto-approve \
-input=false
- name: Get Host IP
if: inputs.action == 'create'
id: host
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: terraform output -raw host_ip
- name: Wait on SSH
if: inputs.action == 'create'
run: |
for i in $(seq 1 15); do
if $(nc -z -w 3 ${{ steps.host.outputs.stdout }} 22); then
exit 0
fi
sleep 10
done
- name: Write Identity Keys to Files
if: inputs.action == 'create'
run: |
echo "${{ env.DEPLOY_IDENTITY_BASE64 }}" | base64 -d > deploy_ed25519
chmod 0600 deploy_ed25519
echo "${{ env.ARROW_IDENTITY_BASE64 }}" | base64 -d > arrow_ed25519
chmod 0600 arrow_ed25519
- name: Copy Identity File to Host
if: inputs.action == 'create'
run: |
ssh -i deploy_ed25519 -o StrictHostKeyChecking=accept-new noah@${{ steps.host.outputs.stdout }} 'mkdir -pv .ssh'
scp -i deploy_ed25519 arrow_ed25519 noah@${{ steps.host.outputs.stdout }}:~/.ssh/id_ed25519
- name: Wipe Records
if: ${{ inputs.action == 'destroy' }}
run: |
RECORD_ID=$(curl --request GET \
--url https://api.cloudflare.com/client/v4/zones/${{ env.CLOUDFLARE_ZONE_ID }}/dns_records \
--header 'Content-Type: application/json' \
--header "Authorization: Bearer ${{ env.CLOUDFLARE_API_TOKEN }}" | jq -r '.result[] | select(.name == "n8n2.${{ env.ZONE_NAME }}") | .id')
curl --request DELETE \
--url https://api.cloudflare.com/client/v4/zones/${{ env.CLOUDFLARE_ZONE_ID }}/dns_records/${RECORD_ID} \
--header 'Content-Type: application/json' \
--header "Authorization: Bearer ${{ env.CLOUDFLARE_API_TOKEN }}"

154
.github/workflows/arrow.yml vendored
View File

@ -1,154 +0,0 @@
name: Arrow
run-name: Arrow - ${{ inputs.rebuild && 'Rebuild and ' || '' }}${{ inputs.action == 'create' && 'Create' || ( inputs.action == 'destroy' && 'Destroy' || 'No Action' ) }}
env:
TERRAFORM_DIRECTORY: hosts/arrow/vultr
DEPLOY_IDENTITY_BASE64: ${{ secrets.DEPLOY_IDENTITY_BASE64 }}
ARROW_IDENTITY_BASE64: ${{ secrets.ARROW_IDENTITY_BASE64 }}
CLOUDFLARE_R2_ENDPOINT: "${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com"
AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_KEY }}
AWS_DEFAULT_REGION: auto
AWS_ENDPOINT_URL_S3: "https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com"
TF_VAR_vultr_api_key: ${{ secrets.VULTR_API_KEY }}
ZONE_NAME: masu.rs
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
CLOUDFLARE_ZONE_ID: ${{ secrets.CLOUDFLARE_ZONE_ID }}
on:
workflow_dispatch:
inputs:
rebuild:
type: boolean
default: false
action:
type: choice
required: true
default: create
options:
- create
- destroy
- nothing
plan:
type: choice
required: false
options:
- vc2-1c-1gb # 25 GB / $5
- vc2-1c-2gb # 55 GB / $10 (default)
- vc2-2c-2gb # 65 GB / $15
- vc2-2c-4gb # 80 GB / $20
- vc2-4c-8gb # 160 GB / $40
- vc2-6c-16gb # 320 GB / $80
jobs:
build-deploy:
name: Build and Deploy
runs-on: ubuntu-latest
steps:
- name: Checkout Repo Code
uses: actions/checkout@v4
# Enable access to KVM, required to build an image
- name: Enable KVM group perms
if: inputs.rebuild && inputs.action != 'destroy'
run: |
echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules
sudo udevadm control --reload-rules
sudo udevadm trigger --name-match=kvm
# Install Nix
- name: Install Nix
if: inputs.rebuild && inputs.action != 'destroy'
uses: cachix/install-nix-action@v17
# Build the image
- name: Build Image
if: inputs.rebuild && inputs.action != 'destroy'
run: nix build .#arrow
- name: Upload Image to S3
if: inputs.rebuild && inputs.action != 'destroy'
run: |
aws s3 cp \
result/iso/nixos.iso \
s3://noahmasur-arrow-images/arrow.iso \
--endpoint-url "https://${{ env.CLOUDFLARE_R2_ENDPOINT }}"
# Installs the Terraform binary and some other accessory functions.
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
# Checks whether Terraform is formatted properly. If this fails, you
# should install the pre-commit hook.
- name: Check Formatting
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
terraform fmt -no-color -check -diff -recursive
# Connects to remote state backend and download providers.
- name: Terraform Init
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: terraform init
# Deploys infrastructure or changes to infrastructure.
- name: Terraform Apply
if: inputs.action == 'create'
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
env:
TF_VAR_vultr_plan: ${{ inputs.plan }}
run: |
terraform apply \
-auto-approve \
-input=false
# Removes infrastructure.
- name: Terraform Destroy
if: inputs.action == 'destroy'
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
terraform destroy \
-auto-approve \
-input=false
- name: Get Host IP
if: inputs.action == 'create'
id: host
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: terraform output -raw host_ip
- name: Wait on SSH
if: inputs.action == 'create'
run: |
for i in $(seq 1 15); do
if $(nc -z -w 3 ${{ steps.host.outputs.stdout }} 22); then
exit 0
fi
sleep 10
done
- name: Write Identity Keys to Files
if: inputs.action == 'create'
run: |
echo "${{ env.DEPLOY_IDENTITY_BASE64 }}" | base64 -d > deploy_ed25519
chmod 0600 deploy_ed25519
echo "${{ env.ARROW_IDENTITY_BASE64 }}" | base64 -d > arrow_ed25519
chmod 0600 arrow_ed25519
- name: Copy Identity File to Host
if: inputs.action == 'create'
run: |
ssh -i deploy_ed25519 -o StrictHostKeyChecking=accept-new noah@${{ steps.host.outputs.stdout }} 'mkdir -pv .ssh'
scp -i deploy_ed25519 arrow_ed25519 noah@${{ steps.host.outputs.stdout }}:~/.ssh/id_ed25519
- name: Wipe Records
if: ${{ inputs.action == 'destroy' }}
run: |
RECORD_ID=$(curl --request GET \
--url https://api.cloudflare.com/client/v4/zones/${{ env.CLOUDFLARE_ZONE_ID }}/dns_records \
--header 'Content-Type: application/json' \
--header "Authorization: Bearer ${{ env.CLOUDFLARE_API_TOKEN }}" | jq -r '.result[] | select(.name == "n8n2.${{ env.ZONE_NAME }}") | .id')
curl --request DELETE \
--url https://api.cloudflare.com/client/v4/zones/${{ env.CLOUDFLARE_ZONE_ID }}/dns_records/${RECORD_ID} \
--header 'Content-Type: application/json' \
--header "Authorization: Bearer ${{ env.CLOUDFLARE_API_TOKEN }}"

6
.github/workflows/check.yml vendored
View File

@ -11,10 +11,10 @@ jobs:
- name: Checkout Repository - name: Checkout Repository
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Install Nix - name: Install Nix
uses: DeterminateSystems/nix-installer-action@v11 uses: DeterminateSystems/nix-installer-action@v4
- name: Check Nixpkgs Inputs - name: Check Nixpkgs Inputs
uses: DeterminateSystems/flake-checker-action@v7 uses: DeterminateSystems/flake-checker-action@v5
- name: Add Nix Cache - name: Add Nix Cache
uses: DeterminateSystems/magic-nix-cache-action@v6 uses: DeterminateSystems/magic-nix-cache-action@v2
- name: Check the Flake - name: Check the Flake
run: nix flake check run: nix flake check

12
.github/workflows/update.yml vendored
View File

@ -3,7 +3,7 @@ name: Update Flake
on: on:
workflow_dispatch: # allows manual triggering workflow_dispatch: # allows manual triggering
schedule: schedule:
- cron: '33 3 * * 6' # runs weekly on Saturday at 03:33 - cron: '33 3 * * 0' # runs weekly on Sunday at 03:33
permissions: permissions:
contents: write contents: write
@ -18,15 +18,13 @@ jobs:
- name: Checkout Repository - name: Checkout Repository
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Install Nix - name: Install Nix
uses: DeterminateSystems/nix-installer-action@v11 uses: DeterminateSystems/nix-installer-action@v4
with:
nix-package-url: https://releases.nixos.org/nix/nix-2.18.4/nix-2.18.4-x86_64-linux.tar.xz
- name: Check Nixpkgs Inputs - name: Check Nixpkgs Inputs
uses: DeterminateSystems/flake-checker-action@v7 uses: DeterminateSystems/flake-checker-action@v5
- name: Add Nix Cache - name: Add Nix Cache
uses: DeterminateSystems/magic-nix-cache-action@v6 uses: DeterminateSystems/magic-nix-cache-action@v2
- name: Update flake.lock - name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@v23 uses: DeterminateSystems/update-flake-lock@v19
id: update id: update
with: with:
pr-title: "Update flake.lock" # Title of PR to be created pr-title: "Update flake.lock" # Title of PR to be created

1
.gitignore vendored
View File

@ -1,7 +1,6 @@
.DS_Store .DS_Store
*.bak *.bak
*.db *.db
*.qcow2
**/.direnv/** **/.direnv/**
result result
private/** private/**

75
README.md
View File

@ -8,42 +8,46 @@ configuration may be difficult to translate to a non-Nix system.
## System Features ## System Features
| Feature | Program | Configuration | | Feature | Program | Configuration |
|----------------|-----------------------------------------------------|-----------------------------------------------------------------------------------| | --- | --- | --- |
| OS | [NixOS](https://nixos.org) | [Link](./platforms/nixos) | | OS | [NixOS](https://nixos.org) | [Link](./modules/nixos) |
| Display Server | [X11](https://www.x.org/wiki/) | [Link](./platforms/nixos/modules/nmasur/profiles/gui.nix) | | Display Server | [X11](https://www.x.org/wiki/) | [Link](./modules/nixos/graphical/xorg.nix) |
| Compositor | [Picom](https://github.com/yshui/picom) | [Link](./platforms/home-manager/modules/nmasur/presets/services/picom.nix) | | Compositor | [Picom](https://github.com/yshui/picom) | [Link](./modules/nixos/graphical/picom.nix) |
| Window Manager | [i3](https://i3wm.org/) | [Link](./platforms/home-manager/modules/nmasur/presets/services/i3.nix) | | Window Manager | [i3](https://i3wm.org/) | [Link](./modules/nixos/graphical/i3.nix) |
| Panel | [Polybar](https://polybar.github.io/) | [Link](./platforms/home-manager/modules/nmasur/presets/services/polybar.nix) | | Panel | [Polybar](https://polybar.github.io/) | [Link](./modules/nixos/graphical/polybar.nix) |
| Font | [Victor Mono](https://rubjo.github.io/victor-mono/) | [Link](./platforms/home-manager/modules/nmasur/presets/fonts.nix) | | Font | [Victor Mono](https://rubjo.github.io/victor-mono/) | [Link](./modules/nixos/graphical/fonts.nix) |
| Launcher | [Rofi](https://github.com/davatorium/rofi) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/rofi/default.nix) | | Launcher | [Rofi](https://github.com/davatorium/rofi) | [Link](./modules/nixos/graphical/rofi.nix) |
## User Features ## User Features
| Feature | Program | Configuration | | Feature | Program | Configuration |
|--------------|----------------------------------------------------------------------------------|-------------------------------------------------------------------------------| | --- | --- | --- |
| Dotfiles | [Home-Manager](https://github.com/nix-community/home-manager) | [Link](./platforms/home-manager) | | Dotfiles | [Home-Manager](https://github.com/nix-community/home-manager) | [Link](./modules/common) |
| Terminal | [Ghostty](https://sw.kovidgoyal.net/kitty/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/ghostty.nix) | | Terminal | [Kitty](https://sw.kovidgoyal.net/kitty/) | [Link](./modules/common/applications/kitty.nix) |
| Shell | [Fish](https://fishshell.com/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/fish.nix) | | Shell | [Fish](https://fishshell.com/) | [Link](./modules/common/shell/fish) |
| Shell Prompt | [Starship](https://starship.rs/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/starship.nix) | | Shell Prompt | [Starship](https://starship.rs/) | [Link](./modules/common/shell/starhip.nix) |
| Colorscheme | [Gruvbox](https://github.com/morhetz/gruvbox) | [Link](./colorscheme/gruvbox/default.nix) | | Colorscheme | [Gruvbox](https://github.com/morhetz/gruvbox) | [Link](./colorscheme/gruvbox/default.nix) |
| Wallpaper | [Road](https://gitlab.com/exorcist365/wallpapers/-/blob/master/gruvbox/road.jpg) | [Link](./hosts/x86_64-linux/tempest/default.nix) | | Wallpaper | [Road](https://gitlab.com/exorcist365/wallpapers/-/blob/master/gruvbox/road.jpg) | [Link](./hosts/tempest/default.nix) |
| Text Editor | [Neovim](https://neovim.io/) | [Link](./pkgs/applications/editors/neovim/nmasur/neovim/package.nix) | | Text Editor | [Neovim](https://neovim.io/) | [Link](./modules/common/neovim/config) |
| Browser | [Firefox](https://www.mozilla.org/en-US/firefox/new/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/firefox.nix) | | Browser | [Firefox](https://www.mozilla.org/en-US/firefox/new/) | [Link](./modules/common/applications/firefox.nix) |
| E-Mail | [Aerc](https://aerc-mail.org/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/aerc.nix) | | E-Mail | [Aerc](https://aerc-mail.org/) | [Link](./modules/common/mail/aerc.nix) |
| File Manager | [Nautilus](https://wiki.gnome.org/action/show/Apps/Files) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/nautilus.nix) | | File Manager | [Nautilus](https://wiki.gnome.org/action/show/Apps/Files) | [Link](./modules/common/applications/nautilus.nix) |
| PDF Reader | [Zathura](https://pwmt.org/projects/zathura/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/zathura.nix) | | PDF Reader | [Zathura](https://pwmt.org/projects/zathura/) | [Link](./modules/common/applications/media.nix) |
| Video Player | [mpv](https://mpv.io/) | [Link](./platforms/home-manager/modules/nmasur/presets/programs/mpv.nix) | | Video Player | [mpv](https://mpv.io/) | [Link](./modules/common/applications/media.nix) |
## macOS Features ## macOS Features
| Feature | Program | Configuration | | Feature | Program | Configuration |
|----------|---------------------------------------------|--------------------------------------| | --- | --- | --- |
| Keybinds | [Hammerspoon](https://www.hammerspoon.org/) | [Link](./platforms/home-manager/modules/nmasur/presets/services/hammerspoon/) | | Keybinds | [Hammerspoon](https://www.hammerspoon.org/) | [Link](./modules/darwin/hammerspoon) |
# Diagram # Diagram
![Diagram](https://github.com/nmasur/dotfiles/assets/7386960/4cc22285-cea1-4831-b387-a82241184381) ![Diagram](https://github.com/nmasur/dotfiles/assets/7386960/ed3e7202-09c4-4a9c-9b14-0272c01647f6)
- [flake.nix](./flake.nix)
- [hosts](./hosts/)
- [modules](./modules/)
--- ---
@ -51,16 +55,15 @@ configuration may be difficult to translate to a non-Nix system.
This repo contains a few more elaborate elements of configuration. This repo contains a few more elaborate elements of configuration.
- [Neovim config](./pkgs/applications/editors/neovim/nmasur/neovim/package.nix) - [Neovim config](./modules/common/neovim/default.nix) generated with Nix2Vim
generated with Nix2Vim and source-controlled plugins, and source-controlled plugins, differing based on installed LSPs, for example.
differing based on installed LSPs, for example. - [Caddy - [Caddy JSON](./modules/nixos/services/caddy.nix) file (routes, etc.) based
JSON](./platforms/nixos/modules/nmasur/presets/services/caddy.nix) file (routes, dynamically on enabled services rendered with Nix.
etc.) based dynamically on enabled services rendered with Nix. - [Grafana - [Grafana config](./modules/nixos/services/grafana.nix) rendered with Nix.
config](./platforms/nixos/modules/nmasur/presets/services/grafana/grafana.nix) - Custom [secrets deployment](./modules/nixos/services/secrets.nix) similar to
rendered with Nix. - Custom [secrets agenix.
deployment](./platforms/nixos/modules/secrets.nix) similar to agenix. - Base16 - Base16 [colorschemes](./colorscheme/) applied to multiple applications,
[colorschemes](./colorscheme/) applied to multiple applications, including including Firefox userChrome.
Firefox userChrome.
--- ---

9
apps/README.md Normal file
View File

@ -0,0 +1,9 @@
# Apps
These are all my miscellaneous utilies and scripts to accompany this project.
They can be run with:
```
nix run github:nmasur/dotfiles#appname
```

34
apps/default.nix Normal file
View File

@ -0,0 +1,34 @@
{ pkgs, ... }: rec {
# Show quick helper
default = import ./help.nix { inherit pkgs; };
# Format primary disk
format-root = import ./format-root.nix { inherit pkgs; };
# Format and install from nothing (deprecated)
installer = import ./installer.nix { inherit pkgs; };
# Display the readme for this repository
readme = import ./readme.nix { inherit pkgs; };
# Rebuild
rebuild = import ./rebuild.nix { inherit pkgs; };
# Load the SSH key for this machine
loadkey = import ./loadkey.nix { inherit pkgs; };
# Encrypt secret for all machines
encrypt-secret = import ./encrypt-secret.nix { inherit pkgs; };
# Re-encrypt secrets for all machines
reencrypt-secrets = import ./reencrypt-secrets.nix { inherit pkgs; };
# Connect machine metrics to Netdata Cloud
netdata = import ./netdata-cloud.nix { inherit pkgs; };
# Run neovim as an app
neovim = import ./neovim.nix { inherit pkgs; };
nvim = neovim;
}

19
apps/encrypt-secret.nix Normal file
View File

@ -0,0 +1,19 @@
{ pkgs, ... }: {
# nix run github:nmasur/dotfiles#encrypt-secret > private/mysecret.age
type = "app";
program = builtins.toString (pkgs.writeShellScript "encrypt-secret" ''
printf "\nEnter the secret data to encrypt for all hosts...\n\n" 1>&2
read -p "Secret: " secret
printf "\nEncrypting...\n\n" 1>&2
tmpfile=$(mktemp)
echo "''${secret}" > ''${tmpfile}
${pkgs.age}/bin/age --encrypt --armor --recipients-file ${
builtins.toString ../misc/public-keys
} $tmpfile
rm $tmpfile
'');
}

39
apps/format-root.nix Normal file
View File

@ -0,0 +1,39 @@
{ pkgs, ... }: {
# This script will partition and format drives; use at your own risk!
type = "app";
program = builtins.toString (pkgs.writeShellScript "format-root" ''
set -e
DISK=$1
if [ -z "''${DISK}" ]; then
${pkgs.gum}/bin/gum style --width 50 --margin "1 2" --padding "2 4" \
--foreground "#fb4934" \
"Missing required parameter." \
"Usage: format-root -- <disk>" \
"Flake example: nix run github:nmasur/dotfiles#format-root -- nvme0n1"
echo "(exiting)"
exit 1
fi
${pkgs.disko-packaged}/bin/disko \
--mode create \
--dry-run \
--flake "path:$(pwd)#root" \
--arg disk \""/dev/''${DISK}"\"
${pkgs.gum}/bin/gum confirm \
"This will ERASE ALL DATA on the disk /dev/''${DISK}. Are you sure you want to continue?" \
--default=false
${pkgs.disko-packaged}/bin/disko \
--mode create \
--flake "path:$(pwd)#root" \
--arg disk "/dev/''${DISK}"
'');
}

23
apps/help.nix Normal file
View File

@ -0,0 +1,23 @@
{ pkgs, ... }: {
type = "app";
program = builtins.toString (pkgs.writeShellScript "default" ''
${pkgs.gum}/bin/gum style --margin "1 2" --padding "0 2" --foreground "15" --background "55" "Options"
${pkgs.gum}/bin/gum format --type=template -- ' {{ Italic "Run with" }} {{ Color "15" "69" " nix run github:nmasur/dotfiles#" }}{{ Color "15" "62" "someoption" }}{{ Color "15" "69" " " }}.'
echo ""
echo ""
${pkgs.gum}/bin/gum format --type=template -- \
' {{ Color "15" "57" " readme " }} {{ Italic "Documentation for this repository." }}' \
' {{ Color "15" "57" " rebuild " }} {{ Italic "Switch to this configuration." }}' \
' {{ Color "15" "57" " installer " }} {{ Italic "Format and install from nothing." }}' \
' {{ Color "15" "57" " neovim " }} {{ Italic "Test out the Neovim package." }}' \
' {{ Color "15" "57" " loadkey " }} {{ Italic "Load an ssh key for this machine using melt." }}' \
' {{ Color "15" "57" " encrypt-secret " }} {{ Italic "Encrypt a secret for all machines." }}' \
' {{ Color "15" "57" " reencrypt-secrets " }} {{ Italic "Reencrypt all secrets when new machine is added." }}' \
' {{ Color "15" "57" " netdata " }} {{ Italic "Connect a machine to Netdata cloud." }}'
echo ""
echo ""
'');
}

48
apps/installer.nix Normal file
View File

@ -0,0 +1,48 @@
{ pkgs, ... }: {
# Inspired by https://github.com/cleverca22/nix-tests/blob/master/kexec/justdoit.nix
# This script will partition and format drives; use at your own risk!
type = "app";
program = builtins.toString (pkgs.writeShellScript "installer" ''
set -e
DISK=$1
FLAKE=$2
PARTITION_PREFIX=""
if [ -z "$DISK" ] || [ -z "$FLAKE" ]; then
${pkgs.gum}/bin/gum style --width 50 --margin "1 2" --padding "2 4" \
--foreground "#fb4934" \
"Missing required parameter." \
"Usage: installer -- <disk> <host>" \
"Example: installer -- nvme0n1 tempest" \
"Flake example: nix run github:nmasur/dotfiles#installer -- nvme0n1 tempest"
echo "(exiting)"
exit 1
fi
case "$DISK" in nvme*)
PARTITION_PREFIX="p"
esac
${pkgs.gum}/bin/gum confirm \
"This will ERASE ALL DATA on the disk /dev/''${DISK}. Are you sure you want to continue?" \
--default=false
${pkgs.parted}/bin/parted /dev/''${DISK} -- mklabel gpt
${pkgs.parted}/bin/parted /dev/''${DISK} -- mkpart primary 512MiB 100%
${pkgs.parted}/bin/parted /dev/''${DISK} -- mkpart ESP fat32 1MiB 512MiB
${pkgs.parted}/bin/parted /dev/''${DISK} -- set 3 esp on
mkfs.ext4 -L nixos /dev/''${DISK}''${PARTITION_PREFIX}1
mkfs.fat -F 32 -n boot /dev/''${DISK}''${PARTITION_PREFIX}2
mount /dev/disk/by-label/nixos /mnt
mkdir --parents /mnt/boot
mount /dev/disk/by-label/boot /mnt/boot
${pkgs.nixos-install-tools}/bin/nixos-install --flake github:nmasur/dotfiles#''${FLAKE}
'');
}

13
apps/loadkey.nix Normal file
View File

@ -0,0 +1,13 @@
{ pkgs, ... }: {
type = "app";
program = builtins.toString (pkgs.writeShellScript "loadkey" ''
printf "\nEnter the seed phrase for your SSH key...\n"
printf "\nThen press ^D when complete.\n\n"
mkdir -p ~/.ssh/
${pkgs.melt}/bin/melt restore ~/.ssh/id_ed25519
printf "\n\nContinuing activation.\n\n"
'');
}

12
apps/neovim.nix Normal file
View File

@ -0,0 +1,12 @@
{ pkgs, ... }: {
type = "app";
program = "${
(import ../modules/common/neovim/package {
inherit pkgs;
colors = (import ../colorscheme/nord).dark;
})
}/bin/nvim";
}

19
apps/netdata-cloud.nix Normal file
View File

@ -0,0 +1,19 @@
{ pkgs, ... }: {
type = "app";
program = builtins.toString (pkgs.writeShellScript "netdata-cloud" ''
if [ "$EUID" -ne 0 ]; then
echo "Please run as root"
exit 1
fi
mkdir --parents --mode 0750 /var/lib/netdata/cloud.d
printf "\nEnter the claim token for netdata cloud...\n\n"
read -p "Token: " token
echo "''${token}" > /var/lib/netdata/cloud.d/token
chown -R netdata:netdata /var/lib/netdata
${pkgs.netdata}/bin/netdata-claim.sh -id=$(uuidgen)
printf "\n\nNow restart netdata service.\n\n"
'');
}

9
apps/readme.nix Normal file
View File

@ -0,0 +1,9 @@
{ pkgs, ... }: {
type = "app";
program = builtins.toString (pkgs.writeShellScript "readme" ''
${pkgs.glow}/bin/glow --pager ${builtins.toString ../README.md}
'');
}

15
apps/rebuild.nix Normal file
View File

@ -0,0 +1,15 @@
{ pkgs, ... }: {
type = "app";
program = builtins.toString (pkgs.writeShellScript "rebuild" ''
echo ${pkgs.system}
SYSTEM=${if pkgs.stdenv.isDarwin then "darwin" else "linux"}
if [ "$SYSTEM" == "darwin" ]; then
sudo darwin-rebuild switch --flake ${builtins.toString ../.}
else
doas nixos-rebuild switch --flake ${builtins.toString ../.}
fi
'');
}

27
apps/reencrypt-secrets.nix Normal file
View File

@ -0,0 +1,27 @@
{ pkgs, ... }: {
# nix run github:nmasur/dotfiles#reencrypt-secrets ./private
type = "app";
program = builtins.toString (pkgs.writeShellScript "reencrypt-secrets" ''
if [ $# -eq 0 ]; then
echo "Must provide directory to reencrypt."
exit 1
fi
encrypted=$1
for encryptedfile in ''${1}/*; do
tmpfile=$(mktemp)
echo "Decrypting ''${encryptedfile}..."
${pkgs.age}/bin/age --decrypt \
--identity ~/.ssh/id_ed25519 $encryptedfile > $tmpfile
echo "Encrypting ''${encryptedfile}..."
${pkgs.age}/bin/age --encrypt --armor --recipients-file ${
builtins.toString ../misc/public-keys
} $tmpfile > $encryptedfile
rm $tmpfile
done
echo "Finished."
'');
}

6
colorscheme/everforest/default.nix
View File

@ -16,7 +16,9 @@
base0B = "#dbbc7f"; # Strings, Inherited Class, Markup Code, Diff Inserted base0B = "#dbbc7f"; # Strings, Inherited Class, Markup Code, Diff Inserted
base0C = "#e69875"; # Support, Regular Expressions, Escape Characters, ... base0C = "#e69875"; # Support, Regular Expressions, Escape Characters, ...
base0D = "#a7c080"; # Functions, Methods, Attribute IDs, Headings base0D = "#a7c080"; # Functions, Methods, Attribute IDs, Headings
base0E = "#e67e80"; # Keywords, Storage, Selector, Markup Italic, Diff Changed base0E =
base0F = "#d699b6"; # Deprecated, Opening/Closing Embedded Language Tags, ... "#e67e80"; # Keywords, Storage, Selector, Markup Italic, Diff Changed
base0F =
"#d699b6"; # Deprecated, Opening/Closing Embedded Language Tags, ...
}; };
} }

3
colorscheme/gruvbox-dark/default.nix
View File

@ -2,7 +2,8 @@
{ {
name = "gruvbox-dark"; # Dark, Medium name = "gruvbox-dark"; # Dark, Medium
author = "Dawid Kurek (dawikur@gmail.com), morhetz (https://github.com/morhetz/gruvbox), ElRastaOk (https://www.reddit.com/user/ElRastaOk)"; author =
"Dawid Kurek (dawikur@gmail.com), morhetz (https://github.com/morhetz/gruvbox), ElRastaOk (https://www.reddit.com/user/ElRastaOk)";
dark = { dark = {
base00 = "#1D2122"; # ---- This is the change from normal gruvbox base00 = "#1D2122"; # ---- This is the change from normal gruvbox
base01 = "#3c3836"; # --- base01 = "#3c3836"; # ---

3
colorscheme/gruvbox/default.nix
View File

@ -1,6 +1,7 @@
{ {
name = "gruvbox"; # Dark, Medium name = "gruvbox"; # Dark, Medium
author = "Dawid Kurek (dawikur@gmail.com), morhetz (https://github.com/morhetz/gruvbox)"; author =
"Dawid Kurek (dawikur@gmail.com), morhetz (https://github.com/morhetz/gruvbox)";
dark = { dark = {
base00 = "#282828"; # ---- base00 = "#282828"; # ----
base01 = "#3c3836"; # --- base01 = "#3c3836"; # ---

98
deploy/aws/ec2.tf
View File

@ -1,98 +0,0 @@
resource "aws_instance" "instance" {
ami = aws_ami.image.id
iam_instance_profile = aws_iam_instance_profile.instance.name
instance_type = var.ec2_size
vpc_security_group_ids = [aws_security_group.instance.id]
tags = {
Name = "aws-nixos"
}
lifecycle {
create_before_destroy = true
}
}
resource "aws_ec2_instance_state" "instance" {
instance_id = aws_instance.instance.id
state = "running"
}
data "aws_vpc" "vpc" {
default = true
}
resource "aws_security_group" "instance" {
name = "aws-nixos"
description = "Allow SSH and HTTPS"
vpc_id = data.aws_vpc.vpc.id
ingress {
description = "Ping"
from_port = -1
to_port = -1
protocol = "icmp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "HTTPS"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
}
# Setup IAM for the instance to use SSM
data "aws_iam_policy_document" "ec2_assume_role" {
statement {
actions = ["sts:AssumeRole"]
principals {
type = "Service"
identifiers = ["ec2.amazonaws.com"]
}
}
}
data "aws_iam_policy_document" "instance_profile" {
statement {
actions = [
"s3:ListAllMyBuckets",
]
resources = ["*"]
}
}
resource "aws_iam_role" "instance_profile" {
name = "nixos"
assume_role_policy = data.aws_iam_policy_document.ec2_assume_role.json
inline_policy {
name = "instance-profile"
policy = data.aws_iam_policy_document.instance_profile.json
}
}
resource "aws_iam_role_policy_attachment" "instance_ssm" {
role = aws_iam_role.instance_profile.name
policy_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
}
resource "aws_iam_instance_profile" "instance" {
name = "nixos"
role = aws_iam_role.instance_profile.name
}

13
deploy/aws/main.tf
View File

@ -1,13 +0,0 @@
terraform {
backend "s3" {
region = "us-east-1"
dynamodb_table = "terraform-state-lock"
}
required_version = ">= 1.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "5.42.0"
}
}
}

3
deploy/aws/outputs.tf
View File

@ -1,3 +0,0 @@
output "host_ip" {
value = aws_instance.instance.public_ip
}

10
deploy/aws/variables.tf
View File

@ -1,10 +0,0 @@
variable "ec2_size" {
type = string
description = "Size of instance to launch"
default = "t3a.small" # 2 GB RAM ($14/mo)
}
variable "images_bucket" {
description = "Name of the bucket in which to store the NixOS VM images."
type = string
}

78
deploy/vultr/main.tf
View File

@ -1,78 +0,0 @@
terraform {
backend "s3" {
bucket = "noahmasur-terraform"
key = "arrow.tfstate"
region = "auto"
skip_credentials_validation = true
skip_metadata_api_check = true
skip_region_validation = true
skip_requesting_account_id = true
skip_s3_checksum = true
use_path_style = true
/*
ENVIRONMENT VARIABLES
---------------------
AWS_ACCESS_KEY_ID - R2 token
AWS_SECRET_ACCESS_KEY - R2 secret
AWS_ENDPOINT_URL_S3 - R2 location: https://ACCOUNT_ID.r2.cloudflarestorage.com
*/
}
required_version = ">= 1.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "5.42.0"
}
vultr = {
source = "vultr/vultr"
version = "2.19.0"
}
}
}
variable "vultr_api_key" {
type = string
description = "API key for Vultr management"
sensitive = true
}
# https://api.vultr.com/v2/plans
variable "vultr_plan" {
type = string
description = "Size of instance to launch"
default = "vc2-1c-2gb" # 55 GB SSD ($10/mo)
}
provider "aws" {
region = "auto"
skip_credentials_validation = true
skip_metadata_api_check = true
skip_region_validation = true
skip_requesting_account_id = true
}
provider "vultr" {
api_key = var.vultr_api_key
}
resource "vultr_iso_private" "image" {
# url = "https://${var.cloudflare_account_id}.r2.cloudflarestorage.com/${data.aws_s3_bucket.images.id}/${aws_s3_object.image.key}"
url = "https://arrow-images.masu.rs/arrow.iso"
}
resource "vultr_instance" "arrow" {
plan = var.vultr_plan
region = "ewr"
iso_id = vultr_iso_private.image.id
label = "arrow"
tags = ["arrow"]
enable_ipv6 = false
disable_public_ipv4 = false
backups = "disabled"
ddos_protection = false
activation_email = false
}
output "host_ip" {
value = vultr_instance.arrow.main_ip
}

5
disks/README.md Normal file
View File

@ -0,0 +1,5 @@
# Disks
These are my [disko](https://github.com/nix-community/disko) configurations,
which allow me to save desired disk formatting layouts as a declarative file so
I don't have to remember how to format my disks later on.

42
disks/root.nix Normal file
View File

@ -0,0 +1,42 @@
{ disk, ... }: {
disk = {
boot = {
type = "disk";
device = disk;
content = {
type = "table";
format = "gpt";
partitions = [
# Boot partition
{
name = "ESP";
start = "0";
end = "512MiB";
fs-type = "fat32";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
extraArgs = [ "-n boot" ];
};
}
# Root partition ext4
{
name = "root";
start = "512MiB";
end = "100%";
part-type = "primary";
bootable = true;
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
extraArgs = [ "-L nixos" ];
};
}
];
};
};
};
}

95
disks/zfs.nix Normal file
View File

@ -0,0 +1,95 @@
{ pool, disks, ... }: {
disk = lib.genAttrs disks (disk: {
"${disk}" = {
type = "disk";
device = "/dev/${disk}";
content = {
type = "table";
format = "gpt";
partitions = [{
type = "partition";
name = "zfs";
start = "128MiB";
end = "100%";
content = {
type = "zfs";
pool = pool;
};
}];
};
};
});
zpool = {
"${pool}" = {
type = "zpool";
mode = "raidz1";
rootFsOptions = {
compression = "on"; # lz4 by default
"com.sun:auto-snapshot" = "false";
ashift = "12";
};
# mountpoint = "/";
datasets = {
root = {
zfs_type = "filesystem";
mountpoint = null;
options."com.sun:auto-snapshot" = "false";
};
# "media/movies" = {
# zfs_type = "filesystem";
# mountpoint = "/media/movies";
# options.recordsize = "1M";
# };
# "media/tv" = {
# zfs_type = "filesystem";
# mountpoint = "/media/tv";
# options.recordsize = "1M";
# };
# "media/books" = {
# zfs_type = "filesystem";
# mountpoint = "/media/books";
# };
# archive = {
# zfs_type = "filesystem";
# mountpoint = "/archive";
# options.compression = "zstd";
# options."com.sun:auto-snapshot" = "true";
# };
# zfs_unmounted_fs = {
# zfs_type = "filesystem";
# options.mountpoint = "none";
# };
# zfs_legacy_fs = {
# zfs_type = "filesystem";
# options.mountpoint = "legacy";
# mountpoint = "/zfs_legacy_fs";
# };
# zfs_testvolume = {
# zfs_type = "volume";
# size = "10M";
# content = {
# type = "filesystem";
# format = "ext4";
# mountpoint = "/ext4onzfs";
# };
# };
# encrypted = {
# zfs_type = "filesystem";
# size = "20M";
# options = {
# mountpoint = "none";
# encryption = "aes-256-gcm";
# keyformat = "passphrase";
# keylocation = "file:///tmp/secret.key";
# };
# };
# "encrypted/test" = {
# zfs_type = "filesystem";
# size = "2M";
# mountpoint = "/zfs_crypted";
# };
};
};
};
}

1
docs/installation.md
View File

@ -57,7 +57,6 @@ Launch a new shell. Then use Nix to switch to the macOS configuration:
```bash ```bash
sudo rm /etc/bashrc sudo rm /etc/bashrc
sudo rm /etc/nix/nix.conf sudo rm /etc/nix/nix.conf
export NIX_SSL_CERT_FILE="$HOME/Documents/t2-ca-bundle.pem"
nix \ nix \
--extra-experimental-features flakes \ --extra-experimental-features flakes \
--extra-experimental-features nix-command \ --extra-experimental-features nix-command \

17
docs/repair-nextcloud.md
View File

@ -63,20 +63,3 @@ Use this mysqldump command:
sudo -u nextcloud mysqldump -S /run/mysqld/mysqld.sock --default-character-set=utf8mb4 nextcloud > backup.sql sudo -u nextcloud mysqldump -S /run/mysqld/mysqld.sock --default-character-set=utf8mb4 nextcloud > backup.sql
``` ```
## Converting to Postgres
Same as MySQL, but run this command instead:
```
sudo -u nextcloud nextcloud-occ db:convert-type pgsql nextcloud /run/postgresql/ nextcloud
```
Then set the `dbtype` to `pgsql`.
## Backing Up Postgres Database
Use this pg_dump command:
```
sudo -u nextcloud pg_dump nextcloud > backup.sql
```

724
flake.lock generated
View File

@ -1,17 +1,84 @@
{ {
"nodes": { "nodes": {
"cl-nix-lite": { "Comment-nvim-src": {
"flake": false,
"locked": { "locked": {
"lastModified": 1728174978, "lastModified": 1681214440,
"narHash": "sha256-Grqqg+xuicANB85j0gNEXxi9SBKY7bzGeTuyi95eGcY=", "narHash": "sha256-48hy+hiaDJLlgWqC7IeZI3dT+VwWkRo4atQbyPxu/ys=",
"owner": "hraban", "owner": "numToStr",
"repo": "cl-nix-lite", "repo": "Comment.nvim",
"rev": "31cfe6275c341eb3120a99f4b1c8516c49a29d87", "rev": "e51f2b142d88bb666dcaa77d93a07f4b419aca70",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "hraban", "owner": "numToStr",
"repo": "cl-nix-lite", "ref": "v0.8.0",
"repo": "Comment.nvim",
"type": "github"
}
},
"baleia-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1704551058,
"narHash": "sha256-0NmiGzMFvL1awYOVtiaSd+O4sAR524x68xwWLgArlqs=",
"owner": "m00qek",
"repo": "baleia.nvim",
"rev": "6d9cbdaca3a428bc7296f838fdfce3ad01ee7495",
"type": "github"
},
"original": {
"owner": "m00qek",
"repo": "baleia.nvim",
"type": "github"
}
},
"bufferline-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1706180994,
"narHash": "sha256-/iGzUDJaodkUyWpwim8UtwaRuarfu/Nk6wxVApk+QxY=",
"owner": "akinsho",
"repo": "bufferline.nvim",
"rev": "d6cb9b7cac52887bcac65f8698e67479553c0748",
"type": "github"
},
"original": {
"owner": "akinsho",
"ref": "v4.5.0",
"repo": "bufferline.nvim",
"type": "github"
}
},
"bypass-paywalls-clean": {
"flake": false,
"locked": {
"lastModified": 1706880406,
"narHash": "sha256-8z2Gc3ITluXXbDij4Ltahpkxs7zdnMITvIAjotab/QU=",
"owner": "magnolia1234",
"repo": "bpc-uploads",
"rev": "c91cfd510390ab5a138f412ad2890b2cb2a2eafd",
"type": "gitlab"
},
"original": {
"owner": "magnolia1234",
"repo": "bpc-uploads",
"type": "gitlab"
}
},
"cmp-nvim-lsp-src": {
"flake": false,
"locked": {
"lastModified": 1702205473,
"narHash": "sha256-/0sh9vJBD9pUuD7q3tNSQ1YLvxFMNykdg5eG+LjZAA8=",
"owner": "hrsh7th",
"repo": "cmp-nvim-lsp",
"rev": "5af77f54de1b16c34b23cba810150689a3a90312",
"type": "github"
},
"original": {
"owner": "hrsh7th",
"repo": "cmp-nvim-lsp",
"type": "github" "type": "github"
} }
}, },
@ -22,11 +89,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1742013980, "lastModified": 1706833576,
"narHash": "sha256-34YbfwABU5nb0F5eaaJE3ujldaNDhmyxw7CWqhXJV08=", "narHash": "sha256-w7BL0EWRts+nD1lbLECIuz6fRzmmV+z8oWwoY7womR0=",
"owner": "lnl7", "owner": "lnl7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "9175b4bb5f127fb7b5784b14f7e01abff24c378f", "rev": "bdbae6ecff8fcc322bf6b9053c0b984912378af7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -43,11 +110,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1741786315, "lastModified": 1706491084,
"narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=", "narHash": "sha256-eaEv+orTmr2arXpoE4aFZQMVPOYXCBEbLgK22kOtkhs=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de", "rev": "f67ba6552845ea5d7f596a24d57c33a8a9dc8de9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -56,31 +123,51 @@
"type": "github" "type": "github"
} }
}, },
"fidget-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1704696337,
"narHash": "sha256-uAX/RGfOmsUIUaDepNwUpK8MBaTMBJ4rLZ69y0MwpNE=",
"owner": "j-hui",
"repo": "fidget.nvim",
"rev": "3a93300c076109d86c7ce35ec67a8034ae6ba9db",
"type": "github"
},
"original": {
"owner": "j-hui",
"ref": "v1.2.0",
"repo": "fidget.nvim",
"type": "github"
}
},
"firefox-darwin": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1707007453,
"narHash": "sha256-vs7uACn2/8GOApZJv52gAVsLfpjQWFgkHN2QJ7aVkl8=",
"owner": "bandithedoge",
"repo": "nixpkgs-firefox-darwin",
"rev": "d839feb516758ad28bc1cef43008d55e749c1d6a",
"type": "github"
},
"original": {
"owner": "bandithedoge",
"repo": "nixpkgs-firefox-darwin",
"type": "github"
}
},
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1730663653, "lastModified": 1696426674,
"narHash": "sha256-kFCUWettiFHDIqxCWWQ9qY8pVh+Lj+XL0Giyy/kdomg=", "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "hraban",
"repo": "flake-compat",
"rev": "e5b16676185cb7548581c852f51ce7f3a49bba5e",
"type": "github"
},
"original": {
"owner": "hraban",
"ref": "fixed-output",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -89,45 +176,22 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": { "flake-utils": {
"inputs": { "inputs": {
"systems": [ "systems": "systems"
"mac-app-util",
"systems"
]
}, },
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1705309234,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"type": "github" "type": "github"
}, },
"original": { "original": {
"id": "flake-utils", "owner": "numtide",
"type": "indirect" "repo": "flake-utils",
"type": "github"
} }
}, },
"flake-utils_2": { "flake-utils_2": {
@ -148,6 +212,22 @@
"type": "github" "type": "github"
} }
}, },
"hmts-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1706900289,
"narHash": "sha256-kw3YJ21nhs/x9Jp7kvnL+9FuiSgLB1hO/ON3QeeZx9g=",
"owner": "calops",
"repo": "hmts.nvim",
"rev": "ba1239972a1f56b94252d4f85a43e777ac419662",
"type": "github"
},
"original": {
"owner": "calops",
"repo": "hmts.nvim",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -155,11 +235,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1741955947, "lastModified": 1706985585,
"narHash": "sha256-2lbURKclgKqBNm7hVRtWh0A7NrdsibD0EaWhahUVhhY=", "narHash": "sha256-ptshv4qXiC6V0GCfpABz88UGGPNwqs5tAxaRUKbk1Qo=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "4e12151c9e014e2449e0beca2c0e9534b96a26b4", "rev": "1ca210648a6ca9b957efde5da957f3de6b1f0c45",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -169,95 +249,87 @@
"type": "github" "type": "github"
} }
}, },
"mac-app-util": { "kitty-scrollback-nvim-src": {
"inputs": { "flake": false,
"cl-nix-lite": "cl-nix-lite",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems"
},
"locked": { "locked": {
"lastModified": 1739821351, "lastModified": 1706891759,
"narHash": "sha256-QlVtMzAhECs9Esq3txqVW7/vM78ipB5IcI8uyCbTP7A=", "narHash": "sha256-p7RPqLHO6D5CCTDQzUrEqTu9+jg+V7wtYfGbY4qjE9A=",
"owner": "hraban", "owner": "mikesmithgh",
"repo": "mac-app-util", "repo": "kitty-scrollback.nvim",
"rev": "c00d5b21ca1fdab8acef65e696795f0f15ec1158", "rev": "12f7687ac049d46a987c39b2b4f657fdf540fa4e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "hraban", "owner": "mikesmithgh",
"repo": "mac-app-util", "repo": "kitty-scrollback.nvim",
"type": "github" "type": "github"
} }
}, },
"nextcloud-cookbook": { "nextcloud-cookbook": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1726214817, "lastModified": 1702545935,
"narHash": "sha256-Pfa+Xbopg20os+pnGgg+wpEX1MI5fz5JMb0K4a8rBhs=", "narHash": "sha256-19LN1nYJJ0RMWj6DrYPvHzocTyhMfYdpdhBFch3fpHE=",
"type": "tarball", "type": "tarball",
"url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.2/cookbook-0.11.2.tar.gz" "url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.0/cookbook-0.11.0.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
"url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.2/cookbook-0.11.2.tar.gz" "url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.0/cookbook-0.11.0.tar.gz"
} }
}, },
"nextcloud-external": { "nextcloud-external": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1729501365, "lastModified": 1699624334,
"narHash": "sha256-OV6HhFBzmnQBO5btGEnqmKlaUMY7/t2Qm3XebclpBlM=", "narHash": "sha256-RCL2RP5twRDLxI/KfAX6QLYQOzqZmSWsfrC5ZQIwTD4=",
"type": "tarball", "type": "tarball",
"url": "https://github.com/nextcloud-releases/external/releases/download/v5.5.2/external-v5.5.2.tar.gz" "url": "https://github.com/nextcloud-releases/external/releases/download/v5.3.1/external-v5.3.1.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
"url": "https://github.com/nextcloud-releases/external/releases/download/v5.5.2/external-v5.5.2.tar.gz" "url": "https://github.com/nextcloud-releases/external/releases/download/v5.3.1/external-v5.3.1.tar.gz"
} }
}, },
"nextcloud-news": { "nextcloud-news": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1729667622, "lastModified": 1703426420,
"narHash": "sha256-pnvyMZQ+NYMgH0Unfh5S19HdZSjnghgoUDAoi2KIXNI=", "narHash": "sha256-AENBJH/bEob5JQvw4WEi864mdLYJ5Mqe78HJH6ceCpI=",
"type": "tarball", "type": "tarball",
"url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha12/news.tar.gz" "url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha3/news.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
"url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha12/news.tar.gz" "url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha3/news.tar.gz"
} }
}, },
"nextcloud-snappymail": { "nextcloud-snappymail": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1728502660, "lastModified": 1707018069,
"narHash": "sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E=", "narHash": "sha256-UeZXoZFEPJj7zEVNTXJ3IYNt/wI7VFq3Pjh1ubMHCBo=",
"type": "tarball", "type": "tarball",
"url": "https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz" "url": "https://snappymail.eu/repository/nextcloud/snappymail-2.32.0-nextcloud.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
"url": "https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz" "url": "https://snappymail.eu/repository/nextcloud/snappymail-2.32.0-nextcloud.tar.gz"
} }
}, },
"nix2vim": { "nix2vim": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1740943170, "lastModified": 1706886721,
"narHash": "sha256-A0F7T/euSMen004cVQN/ZkMpLkgLXDs+mq/merhd+0Y=", "narHash": "sha256-iDYxsE5xYoK8Ww2TYZDmgRQNIZl+QHJfChOxWh45g0k=",
"owner": "gytis-ivaskevicius", "owner": "gytis-ivaskevicius",
"repo": "nix2vim", "repo": "nix2vim",
"rev": "a562f32ff2393d0ed198103c65a3035bcdf83d4d", "rev": "29253dcf0f645a44847006d436b096369ef42fd8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -268,11 +340,11 @@
}, },
"nixlib": { "nixlib": {
"locked": { "locked": {
"lastModified": 1736643958, "lastModified": 1693701915,
"narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=", "narHash": "sha256-waHPLdDYUOHSEtMKKabcKIMhlUOHPOOPQ9UyFeEoovs=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181", "rev": "f5af57d3ef9947a70ac86e42695231ac1ad00c25",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -289,11 +361,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1740947705, "lastModified": 1706085261,
"narHash": "sha256-Co2kAD2SZalOm+5zoxmzEVZNvZ17TyafuFsD46BwSdY=", "narHash": "sha256-7PgpHRHyShINcqgevPP1fJ6N8kM5ZSOJnk3QZBrOCQ0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-generators", "repo": "nixos-generators",
"rev": "507911df8c35939050ae324caccc7cf4ffb76565", "rev": "896f6589db5b25023b812bbb6c1f5d3a499b1132",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -304,11 +376,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1742069588, "lastModified": 1706732774,
"narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=", "narHash": "sha256-hqJlyJk4MRpcItGYMF+3uHe8HvxNETWvlGtLuVpqLU0=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "c80f6a7e10b39afcc1894e02ef785b1ad0b0d7e5", "rev": "b8b232ae7b8b144397fdb12d20f592e5e7c1a64d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -318,52 +390,29 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable": { "null-ls-nvim-src": {
"flake": false,
"locked": { "locked": {
"lastModified": 1735563628, "lastModified": 1691810493,
"narHash": "sha256-OnSAY7XDSx7CtDoqNh8jwVwh4xNL/2HaJxGjryLWzX8=", "narHash": "sha256-cWA0rzkOp/ekVKaFee7iea1lhnqKtWUIU+fW5M950wI=",
"owner": "nixos", "owner": "jose-elias-alvarez",
"repo": "nixpkgs", "repo": "null-ls.nvim",
"rev": "b134951a4c9f3c995fd7be05f3243f8ecd65d798", "rev": "0010ea927ab7c09ef0ce9bf28c2b573fc302f5a7",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "jose-elias-alvarez",
"ref": "nixos-24.05", "repo": "null-ls.nvim",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1728538411,
"narHash": "sha256-f0SBJz1eZ2yOuKUr5CA9BHULGXVSn6miBuUWdTyhUhU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b69de56fac8c2b6f8fd27f2eca01dcda8e0a4221",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nur": { "nur": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": { "locked": {
"lastModified": 1742145955, "lastModified": 1707013032,
"narHash": "sha256-ju1J45e22ebpLH3eSm0ZZYg7WHkN01ryTFv+4UNwCOA=", "narHash": "sha256-9kEY/D0Q6sF+p6vJRefVXDK4QQdwK4Q0lSQdsYICad0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nur", "repo": "nur",
"rev": "d6ba59dd58ebe6c184f955e1d3a4bbca9484c018", "rev": "ab432acea15134873882610c0e936a882319bc8a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -372,12 +421,115 @@
"type": "github" "type": "github"
} }
}, },
"nvim-lspconfig-src": {
"flake": false,
"locked": {
"lastModified": 1701687137,
"narHash": "sha256-qFjFofA2LoD4yRfx4KGfSCpR3mDkpFaagcm+TVNPqco=",
"owner": "neovim",
"repo": "nvim-lspconfig",
"rev": "cf3dd4a290084a868fac0e2e876039321d57111c",
"type": "github"
},
"original": {
"owner": "neovim",
"ref": "v0.1.7",
"repo": "nvim-lspconfig",
"type": "github"
}
},
"nvim-tree-lua-src": {
"flake": false,
"locked": {
"lastModified": 1706571452,
"narHash": "sha256-b0LIqLC8cCRX1NyJx4eH5c4v5Fqqw5mMleAnQ2VRctM=",
"owner": "kyazdani42",
"repo": "nvim-tree.lua",
"rev": "f39f7b6fcd3865ac2146de4cb4045286308f2935",
"type": "github"
},
"original": {
"owner": "kyazdani42",
"repo": "nvim-tree.lua",
"type": "github"
}
},
"nvim-treesitter-src": {
"flake": false,
"locked": {
"lastModified": 1706952848,
"narHash": "sha256-pNjEODR+QJPDL58O4NM7SjzZEN8D3bXDHbKLNOS3fL8=",
"owner": "nvim-treesitter",
"repo": "nvim-treesitter",
"rev": "4fbf150a1621d52f17b099506e1a32f107079210",
"type": "github"
},
"original": {
"owner": "nvim-treesitter",
"ref": "master",
"repo": "nvim-treesitter",
"type": "github"
}
},
"proton-ge": {
"flake": false,
"locked": {
"lastModified": 1700610476,
"narHash": "sha256-IoClZ6hl2lsz9OGfFgnz7vEAGlSY2+1K2lDEEsJQOfU=",
"type": "tarball",
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-25/GE-Proton8-25.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-25/GE-Proton8-25.tar.gz"
}
},
"ren": {
"flake": false,
"locked": {
"lastModified": 1704996573,
"narHash": "sha256-zVIt6Xp+Mvym6gySvHIZJt1QgzKVP/wbTGTubWk6kzI=",
"owner": "robenkleene",
"repo": "ren-find",
"rev": "50c40172e354caffee48932266edd7c7a76a20fd",
"type": "github"
},
"original": {
"owner": "robenkleene",
"repo": "ren-find",
"type": "github"
}
},
"rep": {
"flake": false,
"locked": {
"lastModified": 1705833236,
"narHash": "sha256-hm+v+b97z1HnY/7QHZxc0GygCq9W0mJauyjnz48ddaM=",
"owner": "robenkleene",
"repo": "rep-grep",
"rev": "365acc5d599934e94dc066eb85b7ddd684ba508b",
"type": "github"
},
"original": {
"owner": "robenkleene",
"repo": "rep-grep",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"Comment-nvim-src": "Comment-nvim-src",
"baleia-nvim-src": "baleia-nvim-src",
"bufferline-nvim-src": "bufferline-nvim-src",
"bypass-paywalls-clean": "bypass-paywalls-clean",
"cmp-nvim-lsp-src": "cmp-nvim-lsp-src",
"darwin": "darwin", "darwin": "darwin",
"disko": "disko", "disko": "disko",
"fidget-nvim-src": "fidget-nvim-src",
"firefox-darwin": "firefox-darwin",
"hmts-nvim-src": "hmts-nvim-src",
"home-manager": "home-manager", "home-manager": "home-manager",
"mac-app-util": "mac-app-util", "kitty-scrollback-nvim-src": "kitty-scrollback-nvim-src",
"nextcloud-cookbook": "nextcloud-cookbook", "nextcloud-cookbook": "nextcloud-cookbook",
"nextcloud-external": "nextcloud-external", "nextcloud-external": "nextcloud-external",
"nextcloud-news": "nextcloud-news", "nextcloud-news": "nextcloud-news",
@ -385,43 +537,41 @@
"nix2vim": "nix2vim", "nix2vim": "nix2vim",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable", "null-ls-nvim-src": "null-ls-nvim-src",
"nur": "nur", "nur": "nur",
"nvim-lspconfig-src": "nvim-lspconfig-src",
"nvim-tree-lua-src": "nvim-tree-lua-src",
"nvim-treesitter-src": "nvim-treesitter-src",
"proton-ge": "proton-ge",
"ren": "ren",
"rep": "rep",
"telescope-nvim-src": "telescope-nvim-src",
"telescope-project-nvim-src": "telescope-project-nvim-src",
"toggleterm-nvim-src": "toggleterm-nvim-src",
"tree-sitter-bash": "tree-sitter-bash",
"tree-sitter-ini": "tree-sitter-ini",
"tree-sitter-lua": "tree-sitter-lua",
"tree-sitter-puppet": "tree-sitter-puppet",
"tree-sitter-python": "tree-sitter-python",
"tree-sitter-rasi": "tree-sitter-rasi",
"tree-sitter-vimdoc": "tree-sitter-vimdoc",
"wallpapers": "wallpapers",
"wsl": "wsl", "wsl": "wsl",
"zellij-switch": "zellij-switch",
"zenyd-mpv-scripts": "zenyd-mpv-scripts" "zenyd-mpv-scripts": "zenyd-mpv-scripts"
} }
}, },
"rust-overlay": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1736476219,
"narHash": "sha256-+qyv3QqdZCdZ3cSO/cbpEY6tntyYjfe1bB12mdpNFaY=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "de30cc5963da22e9742bbbbb9a3344570ed237b9",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1689347925, "lastModified": 1681028828,
"narHash": "sha256-ozenz5bFe1UUqOn7f60HRmgc01BgTGIKZ4Xl+HbocGQ=", "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default-darwin", "repo": "default",
"rev": "2235d7e6cc29ae99878133c95e9fe5e157661ffb", "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default-darwin", "repo": "default",
"type": "github" "type": "github"
} }
}, },
@ -440,55 +590,201 @@
"type": "github" "type": "github"
} }
}, },
"systems_3": { "telescope-nvim-src": {
"flake": false,
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1701167040,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-H5RpyWMluE+Yxg7xFX43AZTVW+Yg70DF3FmEGXBUSNg=",
"owner": "nix-systems", "owner": "nvim-telescope",
"repo": "default", "repo": "telescope.nvim",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "rev": "d90956833d7c27e73c621a61f20b29fdb7122709",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "owner": "nvim-telescope",
"repo": "default", "ref": "0.1.5",
"repo": "telescope.nvim",
"type": "github" "type": "github"
} }
}, },
"treefmt-nix": { "telescope-project-nvim-src": {
"inputs": { "flake": false,
"nixpkgs": [
"nur",
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1733222881, "lastModified": 1701464478,
"narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", "narHash": "sha256-touMCltcnqkrQYV1NtNeWLQeFVGt+WM3aIWIdKilA7w=",
"owner": "numtide", "owner": "nvim-telescope",
"repo": "treefmt-nix", "repo": "telescope-project.nvim",
"rev": "49717b5af6f80172275d47a418c9719a31a78b53", "rev": "1aaf16580a614601a7f7077d9639aeb457dc5559",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "numtide", "owner": "nvim-telescope",
"repo": "treefmt-nix", "repo": "telescope-project.nvim",
"type": "github" "type": "github"
} }
}, },
"toggleterm-nvim-src": {
"flake": false,
"locked": {
"lastModified": 1701858874,
"narHash": "sha256-vJApw7XY2wOX9InfWcah+hkNxBfS1+kQUWr4ITxRmgA=",
"owner": "akinsho",
"repo": "toggleterm.nvim",
"rev": "cbd041d91b90cd3c02df03fe6133208888f8e008",
"type": "github"
},
"original": {
"owner": "akinsho",
"ref": "v2.9.0",
"repo": "toggleterm.nvim",
"type": "github"
}
},
"tree-sitter-bash": {
"flake": false,
"locked": {
"lastModified": 1705686017,
"narHash": "sha256-+Mpks0FyQLl26TX63J6WhaAl/QDUR1k9wSUY5SFwL+w=",
"owner": "tree-sitter",
"repo": "tree-sitter-bash",
"rev": "f7239f638d3dc16762563a9027faeee518ce1bd9",
"type": "github"
},
"original": {
"owner": "tree-sitter",
"ref": "master",
"repo": "tree-sitter-bash",
"type": "github"
}
},
"tree-sitter-ini": {
"flake": false,
"locked": {
"lastModified": 1699877527,
"narHash": "sha256-dYPeVTNWO4apY5dsjsKViavU7YtLeGTp6BzEemXhsEU=",
"owner": "justinmk",
"repo": "tree-sitter-ini",
"rev": "bcb84a2d4bcd6f55b911c42deade75c8f90cb0c5",
"type": "github"
},
"original": {
"owner": "justinmk",
"repo": "tree-sitter-ini",
"type": "github"
}
},
"tree-sitter-lua": {
"flake": false,
"locked": {
"lastModified": 1694072484,
"narHash": "sha256-5t5w8KqbefInNbA12/jpNzmky/uOUhsLjKdEqpl1GEc=",
"owner": "MunifTanjim",
"repo": "tree-sitter-lua",
"rev": "9668709211b2e683f27f414454a8b51bf0a6bda1",
"type": "github"
},
"original": {
"owner": "MunifTanjim",
"ref": "main",
"repo": "tree-sitter-lua",
"type": "github"
}
},
"tree-sitter-puppet": {
"flake": false,
"locked": {
"lastModified": 1690231696,
"narHash": "sha256-YEjjy9WLwITERYqoeSVrRYnwVBIAwdc4o0lvAK9wizw=",
"owner": "amaanq",
"repo": "tree-sitter-puppet",
"rev": "9ce9a5f7d64528572aaa8d59459ba869e634086b",
"type": "github"
},
"original": {
"owner": "amaanq",
"repo": "tree-sitter-puppet",
"type": "github"
}
},
"tree-sitter-python": {
"flake": false,
"locked": {
"lastModified": 1700218345,
"narHash": "sha256-hXNxa895SyNOG7PH2vAIkWbcMjZDjWYDsCafBZuvnT0=",
"owner": "tree-sitter",
"repo": "tree-sitter-python",
"rev": "4bfdd9033a2225cc95032ce77066b7aeca9e2efc",
"type": "github"
},
"original": {
"owner": "tree-sitter",
"ref": "master",
"repo": "tree-sitter-python",
"type": "github"
}
},
"tree-sitter-rasi": {
"flake": false,
"locked": {
"lastModified": 1678701563,
"narHash": "sha256-2nYZoLcrxxxiOJEySwHUm93lzMg8mU+V7LIP63ntFdA=",
"owner": "Fymyte",
"repo": "tree-sitter-rasi",
"rev": "371dac6bcce0df5566c1cfebde69d90ecbeefd2d",
"type": "github"
},
"original": {
"owner": "Fymyte",
"repo": "tree-sitter-rasi",
"type": "github"
}
},
"tree-sitter-vimdoc": {
"flake": false,
"locked": {
"lastModified": 1705491128,
"narHash": "sha256-q5Ln8WPFrtKBfZnaAAlMh3Q/eczEt6wCMZAtx+ISCKg=",
"owner": "neovim",
"repo": "tree-sitter-vimdoc",
"rev": "ed8695ad8de39c3f073da130156f00b1148e2891",
"type": "github"
},
"original": {
"owner": "neovim",
"repo": "tree-sitter-vimdoc",
"type": "github"
}
},
"wallpapers": {
"flake": false,
"locked": {
"lastModified": 1657544922,
"narHash": "sha256-1c1uDz37MhksWC75myv6jao5q2mIzD8X8I+TykXXmWg=",
"owner": "exorcist365",
"repo": "wallpapers",
"rev": "8d2860ac6c05cec0f78d5c9d07510f4ff5da90dc",
"type": "gitlab"
},
"original": {
"owner": "exorcist365",
"repo": "wallpapers",
"type": "gitlab"
}
},
"wsl": { "wsl": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat",
"flake-utils": "flake-utils_2",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1741870048, "lastModified": 1706867893,
"narHash": "sha256-odXRdNZGdXg1LmwlAeWL85kgy/FVHsgKlDwrvbR2BsU=", "narHash": "sha256-c5bADvtL35S3vsJaXR5YWTXe08W0gSwOrTOXfpJB4Ac=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NixOS-WSL", "repo": "NixOS-WSL",
"rev": "5d76001e33ee19644a598ad80e7318ab0957b122", "rev": "bcae8dc73b931b7f0fc65f1f1ef93dc379dfd66b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -497,36 +793,14 @@
"type": "github" "type": "github"
} }
}, },
"zellij-switch": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay",
"systems": "systems_3"
},
"locked": {
"lastModified": 1737011317,
"narHash": "sha256-A8VGuw/jIw+NCo5aCYy8MFrWpKzZLf77RApGGMzHxCY=",
"owner": "mostafaqanbaryan",
"repo": "zellij-switch",
"rev": "15b02834c8be735fca0d9fb41f48709f97cc9afc",
"type": "github"
},
"original": {
"owner": "mostafaqanbaryan",
"repo": "zellij-switch",
"type": "github"
}
},
"zenyd-mpv-scripts": { "zenyd-mpv-scripts": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1707704915, "lastModified": 1706283438,
"narHash": "sha256-9P/8q/OZXfaJMS08acQP4h3/zUA5mKRQee0JmkXcz1w=", "narHash": "sha256-hpLZDtt5q18aZ8d9LHfT852wtBosKUTJ7Bx+cbjBLcg=",
"owner": "zenyd", "owner": "zenyd",
"repo": "mpv-scripts", "repo": "mpv-scripts",
"rev": "9bdce0050144cb24f92475f7bdd77180e0e4c26b", "rev": "7100d19d18d111ce77fc9e6e8947c0d542a86397",
"type": "github" "type": "github"
}, },
"original": { "original": {

445
flake.nix
View File

@ -1,5 +1,5 @@
{ {
description = "An opinionated flake containing the NixOS, nix-darwin, and home-manager configurations for multiple systems."; description = "My system";
# Other flakes that we want to pull from # Other flakes that we want to pull from
inputs = { inputs = {
@ -7,9 +7,6 @@
# Used for system packages # Used for system packages
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
# Used for specific stable packages
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.05";
# Used for MacOS system config # Used for MacOS system config
darwin = { darwin = {
url = "github:lnl7/nix-darwin/master"; url = "github:lnl7/nix-darwin/master";
@ -25,19 +22,17 @@
# Used for user packages and dotfiles # Used for user packages and dotfiles
home-manager = { home-manager = {
url = "github:nix-community/home-manager/master"; url = "github:nix-community/home-manager/master";
inputs.nixpkgs.follows = "nixpkgs"; # Use system packages list for their inputs inputs.nixpkgs.follows =
"nixpkgs"; # Use system packages list for their inputs
}; };
# Community packages; used for Firefox extensions # Community packages; used for Firefox extensions
nur = { nur.url = "github:nix-community/nur";
url = "github:nix-community/nur";
inputs.nixpkgs.follows = "nixpkgs";
};
# Better App install management in macOS # Use official Firefox binary for macOS
mac-app-util = { firefox-darwin = {
url = "github:hraban/mac-app-util"; url = "github:bandithedoge/nixpkgs-firefox-darwin";
inputs.nixpkgs.follows = "nixpkgs"; # Use system packages list for their inputs inputs.nixpkgs.follows = "nixpkgs";
}; };
# Manage disk format and partitioning # Manage disk format and partitioning
@ -46,6 +41,12 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# Wallpapers
wallpapers = {
url = "gitlab:exorcist365/wallpapers";
flake = false;
};
# Used to generate NixOS images for other platforms # Used to generate NixOS images for other platforms
nixos-generators = { nixos-generators = {
url = "github:nix-community/nixos-generators"; url = "github:nix-community/nixos-generators";
@ -58,199 +59,323 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# Neovim plugins
nvim-lspconfig-src = {
# https://github.com/neovim/nvim-lspconfig/tags
url = "github:neovim/nvim-lspconfig/v0.1.7";
flake = false;
};
cmp-nvim-lsp-src = {
url = "github:hrsh7th/cmp-nvim-lsp";
flake = false;
};
null-ls-nvim-src = {
url = "github:jose-elias-alvarez/null-ls.nvim";
flake = false;
};
baleia-nvim-src = {
# https://github.com/m00qek/baleia.nvim/tags
url = "github:m00qek/baleia.nvim";
flake = false;
};
Comment-nvim-src = {
# https://github.com/numToStr/Comment.nvim/releases
url = "github:numToStr/Comment.nvim/v0.8.0";
flake = false;
};
nvim-treesitter-src = {
# https://github.com/nvim-treesitter/nvim-treesitter/tags
url = "github:nvim-treesitter/nvim-treesitter/master";
flake = false;
};
telescope-nvim-src = {
# https://github.com/nvim-telescope/telescope.nvim/releases
url = "github:nvim-telescope/telescope.nvim/0.1.5";
flake = false;
};
telescope-project-nvim-src = {
url = "github:nvim-telescope/telescope-project.nvim";
flake = false;
};
toggleterm-nvim-src = {
# https://github.com/akinsho/toggleterm.nvim/tags
url = "github:akinsho/toggleterm.nvim/v2.9.0";
flake = false;
};
bufferline-nvim-src = {
# https://github.com/akinsho/bufferline.nvim/releases
url = "github:akinsho/bufferline.nvim/v4.5.0";
flake = false;
};
nvim-tree-lua-src = {
url = "github:kyazdani42/nvim-tree.lua";
flake = false;
};
hmts-nvim-src = {
url = "github:calops/hmts.nvim";
flake = false;
};
fidget-nvim-src = {
# https://github.com/j-hui/fidget.nvim/tags
url = "github:j-hui/fidget.nvim/v1.2.0";
flake = false;
};
kitty-scrollback-nvim-src = {
url = "github:mikesmithgh/kitty-scrollback.nvim";
flake = false;
};
# Tree-Sitter Grammars
tree-sitter-bash = {
url = "github:tree-sitter/tree-sitter-bash/master";
flake = false;
};
tree-sitter-python = {
url = "github:tree-sitter/tree-sitter-python/master";
flake = false;
};
tree-sitter-lua = {
url = "github:MunifTanjim/tree-sitter-lua/main";
flake = false;
};
tree-sitter-ini = {
url = "github:justinmk/tree-sitter-ini";
flake = false;
};
tree-sitter-puppet = {
url = "github:amaanq/tree-sitter-puppet";
flake = false;
};
tree-sitter-rasi = {
url = "github:Fymyte/tree-sitter-rasi";
flake = false;
};
tree-sitter-vimdoc = {
url = "github:neovim/tree-sitter-vimdoc";
flake = false;
};
# MPV Scripts # MPV Scripts
zenyd-mpv-scripts = { zenyd-mpv-scripts = {
url = "github:zenyd/mpv-scripts"; url = "github:zenyd/mpv-scripts";
flake = false; flake = false;
}; };
# Zellij Switcher # Ren and rep - CLI find and replace
zellij-switch = { rep = {
url = "github:mostafaqanbaryan/zellij-switch"; url = "github:robenkleene/rep-grep";
inputs.nixpkgs.follows = "nixpkgs"; flake = false;
};
ren = {
url = "github:robenkleene/ren-find";
flake = false;
};
# GE version of Proton for game compatibility
# Alternatively, could consider using https://github.com/fufexan/nix-gaming
proton-ge = {
# https://github.com/GloriousEggroll/proton-ge-custom/releases
url =
"https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-25/GE-Proton8-25.tar.gz";
flake = false;
};
# Firefox addon from outside the extension store
bypass-paywalls-clean = {
# https://gitlab.com/magnolia1234/bpc-uploads/-/commits/master/?ref_type=HEADS
url = "gitlab:magnolia1234/bpc-uploads";
flake = false;
}; };
# Nextcloud Apps # Nextcloud Apps
nextcloud-news = { nextcloud-news = {
# https://github.com/nextcloud/news/releases # https://github.com/nextcloud/news/releases
url = "https://github.com/nextcloud/news/releases/download/25.0.0-alpha12/news.tar.gz"; url =
"https://github.com/nextcloud/news/releases/download/25.0.0-alpha3/news.tar.gz";
flake = false; flake = false;
}; };
nextcloud-external = { nextcloud-external = {
# https://github.com/nextcloud-releases/external/releases # https://github.com/nextcloud-releases/external/releases
url = "https://github.com/nextcloud-releases/external/releases/download/v5.5.2/external-v5.5.2.tar.gz"; url =
"https://github.com/nextcloud-releases/external/releases/download/v5.3.1/external-v5.3.1.tar.gz";
flake = false; flake = false;
}; };
nextcloud-cookbook = { nextcloud-cookbook = {
# https://github.com/christianlupus-nextcloud/cookbook-releases/releases/ # https://github.com/christianlupus-nextcloud/cookbook-releases/releases/
url = "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.2/cookbook-0.11.2.tar.gz"; url =
"https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.0/cookbook-0.11.0.tar.gz";
flake = false; flake = false;
}; };
nextcloud-snappymail = { nextcloud-snappymail = {
# https://github.com/the-djmaze/snappymail/releases # https://github.com/the-djmaze/snappymail/releases
# https://snappymail.eu/repository/nextcloud url =
url = "https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz"; "https://snappymail.eu/repository/nextcloud/snappymail-2.32.0-nextcloud.tar.gz";
# url = "https://github.com/nmasur/snappymail-nextcloud/releases/download/v2.36.3/snappymail-2.36.3-nextcloud.tar.gz";
flake = false; flake = false;
}; };
}; };
outputs = outputs = { nixpkgs, ... }@inputs:
{ nixpkgs, ... }@inputs:
let let
hostnames =
let # Global configuration for my systems
baseName = "masu.rs"; globals = let baseName = "masu.rs";
in in rec {
{ user = "noah";
audiobooks = "read.${baseName}"; fullName = "Noah Masur";
books = "books.${baseName}"; gitName = fullName;
budget = "money.${baseName}"; gitEmail = "7386960+nmasur@users.noreply.github.com";
content = "cloud.${baseName}"; mail.server = "noahmasur.com";
download = "download.${baseName}"; mail.imapHost = "imap.purelymail.com";
files = "files.${baseName}"; mail.smtpHost = "smtp.purelymail.com";
dotfilesRepo = "https://github.com/nmasur/dotfiles";
hostnames = {
git = "git.${baseName}"; git = "git.${baseName}";
imap = "imap.purelymail.com";
influxdb = "influxdb.${baseName}"; influxdb = "influxdb.${baseName}";
irc = "irc.${baseName}";
mail = "noahmasur.com";
metrics = "metrics.${baseName}"; metrics = "metrics.${baseName}";
minecraft = "minecraft.${baseName}";
n8n = "n8n.${baseName}";
notifications = "ntfy.${baseName}";
paperless = "paper.${baseName}";
photos = "photos.${baseName}";
prometheus = "prom.${baseName}"; prometheus = "prom.${baseName}";
paperless = "paper.${baseName}";
secrets = "vault.${baseName}"; secrets = "vault.${baseName}";
smtp = "smtp.purelymail.com";
status = "status.${baseName}";
stream = "stream.${baseName}"; stream = "stream.${baseName}";
transmission = "transmission.${baseName}"; content = "cloud.${baseName}";
books = "books.${baseName}";
download = "download.${baseName}";
}; };
in
rec {
lib = import ./lib inputs;
nixosConfigurations = builtins.mapAttrs (
system: hosts:
builtins.mapAttrs (
name: module:
lib.buildNixos {
inherit system module;
specialArgs = { inherit hostnames; };
}
) hosts
) lib.linuxHosts;
darwinConfigurations = builtins.mapAttrs (
system: hosts:
builtins.mapAttrs (
name: module:
lib.buildDarwin {
inherit system module;
specialArgs = { inherit hostnames; };
}
) hosts
) lib.darwinHosts;
homeModules = builtins.mapAttrs (
system: hosts:
builtins.mapAttrs (
name: module: (builtins.head (lib.attrsToList module.home-manager.users)).value
) hosts
) lib.hosts;
homeConfigurations = builtins.mapAttrs (
system: hosts:
builtins.mapAttrs (
name: module:
lib.buildHome {
inherit system module;
specialArgs = { inherit hostnames; };
}
) hosts
) homeModules;
# Disk formatting, only used once
diskoConfigurations = {
root = import ./hosts/x86_64-linux/swan/root.nix;
}; };
generators = builtins.mapAttrs ( # Common overlays to always use
system: hosts: overlays = [
builtins.mapAttrs (name: module: { inputs.nur.overlay
aws = lib.generateImage { inputs.nix2vim.overlay
inherit system module; (import ./overlays/neovim-plugins.nix inputs)
format = "amazon"; (import ./overlays/calibre-web.nix)
specialArgs = { inherit hostnames; }; (import ./overlays/disko.nix inputs)
}; (import ./overlays/tree-sitter.nix inputs)
iso = lib.generateImage { (import ./overlays/caddy.nix inputs)
inherit system module; (import ./overlays/mpv-scripts.nix inputs)
format = "iso"; (import ./overlays/nextcloud-apps.nix inputs)
specialArgs = { inherit hostnames; }; (import ./overlays/betterlockscreen.nix)
}; (import ./overlays/proton-ge.nix inputs)
}) hosts (import ./overlays/gh-collaborators.nix)
) lib.linuxHosts; (import ./overlays/bypass-paywalls-clean.nix inputs)
(import ./overlays/ren-rep.nix inputs)
];
packages = lib.forAllSystems ( # System types to support.
system: supportedSystems =
# Get the configurations that we normally use [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ];
{
nixosConfigurations = nixosConfigurations.${system}; # Helper function to generate an attrset '{ x86_64-linux = f "x86_64-linux"; ... }'.
darwinConfigurations = darwinConfigurations.${system}; forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
homeConfigurations = homeConfigurations.${system};
generators = generators.${system}; in rec {
}
// # Contains my full system builds, including home-manager
# Get the custom packages that I have placed under the nmasur namespace # nixos-rebuild switch --flake .#tempest
lib.pkgsBySystem.${system}.nmasur nixosConfigurations = {
); tempest = import ./hosts/tempest { inherit inputs globals overlays; };
hydra = import ./hosts/hydra { inherit inputs globals overlays; };
flame = import ./hosts/flame { inherit inputs globals overlays; };
swan = import ./hosts/swan { inherit inputs globals overlays; };
};
# Contains my full Mac system builds, including home-manager
# darwin-rebuild switch --flake .#lookingglass
darwinConfigurations = {
lookingglass =
import ./hosts/lookingglass { inherit inputs globals overlays; };
};
# For quickly applying home-manager settings with:
# home-manager switch --flake .#tempest
homeConfigurations = {
tempest =
nixosConfigurations.tempest.config.home-manager.users.${globals.user}.home;
lookingglass =
darwinConfigurations.lookingglass.config.home-manager.users."Noah.Masur".home;
};
# Disk formatting, only used once
diskoConfigurations = { root = import ./disks/root.nix; };
packages = let
aws = system:
import ./hosts/aws { inherit inputs globals overlays system; };
staff = system:
import ./hosts/staff { inherit inputs globals overlays system; };
neovim = system:
let pkgs = import nixpkgs { inherit system overlays; };
in import ./modules/common/neovim/package {
inherit pkgs;
colors = (import ./colorscheme/gruvbox-dark).dark;
};
in {
x86_64-linux.aws = aws "x86_64-linux";
x86_64-linux.staff = staff "x86_64-linux";
# Package Neovim config into standalone package
x86_64-linux.neovim = neovim "x86_64-linux";
x86_64-darwin.neovim = neovim "x86_64-darwin";
aarch64-linux.neovim = neovim "aarch64-linux";
aarch64-darwin.neovim = neovim "aarch64-darwin";
};
# Programs that can be run by calling this flake
apps = forAllSystems (system:
let pkgs = import nixpkgs { inherit system overlays; };
in import ./apps { inherit pkgs; });
# Development environments # Development environments
devShells = lib.forAllSystems (system: { devShells = forAllSystems (system:
default = lib.pkgsBySystem.${system}.nmasur.dotfiles-devshell; let pkgs = import nixpkgs { inherit system overlays; };
}); in {
checks = lib.forAllSystems ( # Used to run commands and edit files in this repo
system: default = pkgs.mkShell {
let buildInputs = with pkgs; [ git stylua nixfmt shfmt shellcheck ];
pkgs = import nixpkgs {
inherit system;
overlays = lib.overlays;
}; };
in
{
neovim =
pkgs.runCommand "neovim-check-health" { buildInputs = [ inputs.self.packages.${system}.neovim ]; }
''
mkdir -p $out
export HOME=$TMPDIR
nvim -c "checkhealth" -c "write $out/health.log" -c "quitall"
# Check for errors inside the health log });
if $(grep "ERROR" $out/health.log); then
cat $out/health.log
exit 1
fi
'';
}
);
formatter = lib.forAllSystems ( checks = forAllSystems (system:
system: let pkgs = import nixpkgs { inherit system overlays; };
let in {
pkgs = import nixpkgs { neovim = pkgs.runCommand "neovim-check-health" {
inherit system; buildInputs = [ inputs.self.packages.${system}.neovim ];
inherit (lib) overlays; } ''
}; mkdir -p $out
in export HOME=$TMPDIR
pkgs.nixfmt-rfc-style nvim -c "checkhealth" -c "write $out/health.log" -c "quitall"
);
# Check for errors inside the health log
if $(grep "ERROR" $out/health.log); then
cat $out/health.log
exit 1
fi
'';
});
# Templates for starting other projects quickly # Templates for starting other projects quickly
templates = (import ./templates nixpkgs.lib); templates = rec {
default = basic;
basic = {
path = ./templates/basic;
description = "Basic program template";
};
poetry = {
path = ./templates/poetry;
description = "Poetry template";
};
python = {
path = ./templates/python;
description = "Legacy Python template";
};
haskell = {
path = ./templates/haskell;
description = "Haskell template";
};
};
}; };
} }

26
hosts/README.md Normal file
View File

@ -0,0 +1,26 @@
# Hosts
These are the individual machines managed by this flake.
| Host | Purpose |
| --- | --- |
| [aws](./aws/default.nix) | AWS AMI |
| [staff](./staff/default.nix) | Live USB stick |
| [flame](./flame/default.nix) | Oracle cloud server |
| [hydra](./hydra/default.nix) | WSL config |
| [lookingglass](./lookingglass/default.nix) | Work MacBook |
| [swan](./swan/default.nix) | Home server |
| [tempest](./tempest/default.nix) | Linux desktop |
## NixOS Workflow
Each hosts file is imported into [nixosConfigurations](../flake.nix) and passed
the arguments from the flake (inputs, globals, overlays). The `nixosSystem`
function in that hosts file will be called by the NixOS module system during a
nixos-rebuild.
Each module in the each host's `modules` list is either a function or an
attrset. The attrsets will simply apply values to options that have been
declared in the config by other modules. Meanwhile, the functions will be
passed various arguments, several of which you will see listed at the top of
each of their files.

40
hosts/aarch64-darwin/lookingglass/default.nix
View File

@ -1,40 +0,0 @@
# The Looking Glass
# System configuration for my work Macbook
rec {
networking.hostName = "NYCM-NMASUR2";
networking.computerName = "NYCM-NMASUR2";
nmasur.settings = {
username = "Noah.Masur";
fullName = "Noah Masur";
};
nmasur.profiles = {
base.enable = true;
work.enable = true;
extra.enable = true;
gaming.enable = true;
};
home-manager.users."Noah.Masur" = {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
};
nmasur.profiles = {
common.enable = true;
darwin-base.enable = true;
power-user.enable = true;
work.enable = true;
experimental.enable = true;
};
nmasur.presets.programs.git-work.work = {
name = "Noah-Masur_1701";
email = "${nmasur.settings.username}@take2games.com";
};
home.stateVersion = "23.05";
};
system.stateVersion = 5;
}

19
hosts/aarch64-linux/flame/cloudflared-flame.age
View File

@ -1,19 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBYY0c1
bldPMVdwRGhia0xzNm1mSGQ0eVVZZzFLMWVUdFhYVW1KY3QwTERJCm1UUDBqN1Jr
VjRlSjROTFZEQ3UrME81Y2FyRkxjZHFvUFN1eEZNa2cwWkUKLT4gc3NoLWVkMjU1
MTkgWXlTVU1RIFM4ZURETk0yQ1NKN3owaDB5S3djeThtWkphS0xUaVd2MnBlS244
d0V5bUUKKzE5UzZYUlpwTy9ydFQ3L2NmWFZBMEZCWWppYlFZQzhTVFhUc3BBRlpR
dwotPiBzc2gtZWQyNTUxOSBuanZYNUEgbS9HaVFFRjU4VzMvSVZ1SlExZ1BBNWxK
RVRESEVmeWxyMW5Pclk5UU4xOApaZ0hHMnlsb1BuMThsTG82d1k1Rm94VEFMcTBH
TFoxRWpRSXJWQUJVWGN3Ci0+IHNzaC1lZDI1NTE5IENxSU9VQSBOK1AvRW5nNUlK
NnB1UDhKdmFibTEwV2JhOGxKRGg1SnlMdytXaVQ1eW1NCnVIcjNnclVMSEJ3eDVk
eExnY1EvbWg1OW4xR3FydDlzeUdLQW11UGRmclkKLT4gc3NoLWVkMjU1MTkgejFP
Y1p3IHNxbDlpSkpPdEZVRGhwV3NKdTNJV0NTeUZoVVg3b0ZlRWdqelNaTDRWamMK
N1czMXlEcWZzQ1g0dkxBTnNUQjdTdnZMUE9VRGphTjB4SjJyemJiU2w5NAotLS0g
VlgyN24vMGl3a2N6ZGs1SjhOZmttWEl3WEFOK29EOUlkZ0N3blBBcHZQOArP/uJx
SBFvBV0rLzRbo/8nhhizuT2TtKsJSJDIsFJxAOtF8ZwIbYwauBt1tJudtJaXgbv5
JIk53sS3lelOwH11yx0aGcBNCR2UwpuYn1IwoW0qrt3ugi8rmQPRG8c8gSyNn2u7
PnAj/NdAjieLGGLltwdq2wJhkbv800WmKx5sGgPNT1AdBS1b84h5ipQFnFf3Fi0N
FJa9/j5qc7JtWEy4ecU6D03zcZD+CTCoN8SIW4+fldos1u7N2v2X5/YUw7T6jQ==
-----END AGE ENCRYPTED FILE-----

59
hosts/aarch64-linux/flame/default.nix
View File

@ -1,59 +0,0 @@
# The Flame
# System configuration for an Oracle free server
# How to install:
# https://blog.korfuri.fr/posts/2022/08/nixos-on-an-oracle-free-tier-ampere-machine/
# These days, probably use nixos-anywhere instead.
rec {
networking.hostName = "flame";
nmasur.settings = {
username = "noah";
fullName = "Noah Masur";
};
nmasur.profiles = {
base.enable = true;
server.enable = true;
communications.enable = true;
};
home-manager.users."noah" = {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
};
nmasur.profiles = {
common.enable = true;
linux-base.enable = true;
power-user.enable = true;
};
home.stateVersion = "23.05";
};
system.stateVersion = "23.05";
# File systems must be declared in order to boot
# This is the root filesystem containing NixOS
# I forgot to set a clean label for it
fileSystems."/" = {
device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
fsType = "ext4";
};
# This is the boot filesystem for systemd-boot
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/D5CA-237A";
fsType = "vfat";
};
# Allows private remote access over the internet
nmasur.presets.services.cloudflared = {
tunnel = {
id = "bd250ee1-ed2e-42d2-b627-039f1eb5a4d2";
credentialsFile = ./cloudflared-flame.age;
ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org";
};
};
}

27
hosts/aws/default.nix Normal file
View File

@ -0,0 +1,27 @@
{ inputs, system, globals, overlays, ... }:
inputs.nixos-generators.nixosGenerate {
inherit system;
format = "amazon";
modules = [
globals
inputs.home-manager.nixosModules.home-manager
{
nixpkgs.overlays = overlays;
networking.hostName = "sheep";
gui.enable = false;
theme.colors = (import ../../colorscheme/gruvbox).dark;
passwordHash = null;
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
# AWS settings require this
permitRootLogin = "prohibit-password";
}
../../modules/common
../../modules/nixos
../../modules/nixos/services/sshd.nix
] ++ [
# Required to fix diskSize errors during build
({ ... }: { amazonImage.sizeMB = 16 * 1024; })
];
}

45
deploy/aws/image.tf → hosts/aws/main.tf
View File

@ -1,23 +1,13 @@
# locals { locals {
# image_file = one(fileset(path.root, "../../../result/nixos-amazon-image-*.vhd")) image_file = one(fileset(path.root, "result/nixos-amazon-image-*.vhd"))
# }
#
# # Upload image to S3
# resource "aws_s3_object" "image" {
# bucket = var.images_bucket
# key = basename(local.image_file)
# source = local.image_file
# etag = filemd5(local.image_file)
# }
# Use existing image in S3
data "aws_s3_object" "image" {
bucket = var.images_bucket
key = "arrow.vhd"
} }
resource "terraform_data" "image_replacement" { # Upload to S3
input = data.aws_s3_object.image.etag resource "aws_s3_object" "image" {
bucket = "your_bucket_name"
key = basename(local.image_file)
source = local.image_file
etag = filemd5(local.image_file)
} }
# Setup IAM access for the VM Importer # Setup IAM access for the VM Importer
@ -36,11 +26,11 @@ data "aws_iam_policy_document" "vmimport" {
actions = [ actions = [
"s3:GetBucketLocation", "s3:GetBucketLocation",
"s3:GetObject", "s3:GetObject",
"s3:ListBucket", "s3:ListBucket",
] ]
resources = [ resources = [
"arn:aws:s3:::${data.aws_s3_object.image.bucket}", "arn:aws:s3:::${aws_s3_object.image.bucket}",
"arn:aws:s3:::${data.aws_s3_object.image.bucket}/*", "arn:aws:s3:::${aws_s3_object.image.bucket}/*",
] ]
} }
statement { statement {
@ -68,28 +58,23 @@ resource "aws_ebs_snapshot_import" "image" {
disk_container { disk_container {
format = "VHD" format = "VHD"
user_bucket { user_bucket {
s3_bucket = data.aws_s3_object.image.bucket s3_bucket = aws_s3_object.image.bucket
s3_key = data.aws_s3_object.image.key s3_key = aws_s3_object.image.key
} }
} }
role_name = aws_iam_role.vmimport.name role_name = aws_iam_role.vmimport.name
lifecycle {
replace_triggered_by = [terraform_data.image_replacement]
}
} }
# Convert to AMI # Convert to AMI
resource "aws_ami" "image" { resource "aws_ami" "image" {
description = "Created with NixOS." description = "Created with NixOS."
name = replace(basename(data.aws_s3_object.image.key), "/\\.vhd$/", "") name = replace(basename(local.image_file), "/\\.vhd$/", "")
virtualization_type = "hvm" virtualization_type = "hvm"
root_device_name = "/dev/xvda"
ena_support = true
ebs_block_device { ebs_block_device {
device_name = "/dev/xvda" device_name = "/dev/xvda"
snapshot_id = aws_ebs_snapshot_import.image.id snapshot_id = aws_ebs_snapshot_import.image.id
volume_size = 17 volume_size = 8
} }
} }

280
hosts/aws/workflow.yml Normal file
View File

@ -0,0 +1,280 @@
name: 'Terraform'
env:
AWS_ACCOUNT_NUMBER: ''
AWS_PLAN_ROLE_NAME: github_actions_plan
AWS_APPLY_ROLE_NAME: github_actions_admin
# Always required. Used for authenticating to AWS, but can also act as your
# default region if you don't want to specify in the provider configuration.
AWS_REGION: us-east-1
# You must change these to fit your project.
TF_VAR_project: change-me
TF_VAR_label: change-me
TF_VAR_owner: Your Name Here
# If storing Terraform in a subdirectory, specify it here.
TERRAFORM_DIRECTORY: .
# Pinned versions of tools to use.
# Check for new releases:
# - https://github.com/hashicorp/terraform/releases
# - https://github.com/fugue/regula/releases
# - https://github.com/terraform-linters/tflint/releases
TERRAFORM_VERSION: 1.2.6
REGULA_VERSION: 2.9.0
TFLINT_VERSION: 0.39.1
# Terraform configuration options
TERRAFORM_PARALLELISM: 10
# These variables are passed to Terraform based on GitHub information.
TF_VAR_repo: ${{ github.repository }}
# This workflow is triggered in the following ways.
on:
# Any push or merge to these branches.
push:
branches:
- dev
- prod
# Any pull request targeting these branches (plan only).
pull_request:
branches:
- dev
- prod
# Any manual trigger on these branches.
workflow_dispatch:
branches:
- dev
- prod
# -------------------------------------------------------------------
# The rest of this workflow can operate without adjustments. Edit the
# below content at your own risk!
# -------------------------------------------------------------------
# Used to connect to AWS IAM
permissions:
id-token: write
contents: read
pull-requests: write
# Only run one workflow at a time for each Terraform state. This prevents
# lockfile conflicts, especially during PR vs push.
concurrency: terraform-${{ github.base_ref || github.ref }}
jobs:
terraform:
name: 'Terraform'
# Change this if you need to run your deployment on-prem.
runs-on: ubuntu-latest
steps:
# Downloads the current repo code to the runner.
- name: Checkout Repo Code
uses: actions/checkout@v3
# Enable access to KVM, required to build an image
- name: Enable KVM group perms
run: |
echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules
sudo udevadm control --reload-rules
sudo udevadm trigger --name-match=kvm
# Login to AWS
- name: AWS Assume Role
uses: aws-actions/configure-aws-credentials@v1.6.1
with:
role-to-assume: ${{ env.AWS_ROLE_ARN }}
aws-region: ${{ env.AWS_REGION }}
# Install Nix
- name: Install Nix
uses: cachix/install-nix-action@v17
with:
extra_nix_config: |
substituters = s3://insert-cache-bucket https://cache.nixos.org/
trusted-public-keys = insert-cache-bucket:M6PsZjHXcLvbQyPUBLICKEYGVoNwI84g1FBQzouRU= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
# Build the image
- name: Build Image
run: nix build .#aws
# Copy the image to S3
- name: Upload Image to Cache
env:
NIX_CACHE_PRIVATE_KEY: ${{ secrets.NIX_CACHE_PRIVATE_KEY }}
run: |
echo "$NIX_CACHE_PRIVATE_KEY" > cache.key
nix store sign --key-file cache.key $(readlink result)
nix copy --to s3://t2-aws-nixos-test $(readlink result)
rm cache.key
# Exports all GitHub Secrets as environment variables prefixed by
# "TF_VAR_", which exposes them to Terraform. The name of each GitHub
# Secret must match its Terraform variable name exactly.
- name: Export Secrets to Terraform Variables
env:
ALL_SECRETS: ${{ toJson(secrets) }}
run: |
echo "$ALL_SECRETS" \
| jq "to_entries | .[] | \"TF_VAR_\" + ( .key | ascii_downcase ) + \"=\" + .value" \
| tr -d \" >> $GITHUB_ENV
# Installs the Terraform binary and some other accessory functions.
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: ${{ env.TERRAFORM_VERSION }}
# Checks whether Terraform is formatted properly. If this fails, you
# should install the pre-commit hook.
- name: Check Formatting
run: |
terraform fmt -no-color -check -diff -recursive
# Downloads a Terraform code lint test.
- uses: terraform-linters/setup-tflint@v1
name: Setup TFLint
with:
tflint_version: v${{ env.TFLINT_VERSION }}
# Sets up linting with this codebase.
- name: Init TFLint
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: tflint --init
# Lints the current code.
- name: Run TFLint
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
tflint -f compact
find ./modules/* -type d -maxdepth 0 | xargs -I __ tflint -f compact --disable-rule=terraform_required_providers --disable-rule=terraform_required_version __
# Connects to remote state backend and download providers.
- name: Terraform Init
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
terraform init \
-backend-config="role_arn=${{ env.AWS_STATE_ROLE_ARN }}" \
-backend-config="region=us-east-1" \
-backend-config="workspace_key_prefix=accounts/${{ env.AWS_ACCOUNT_NUMBER }}/${{ github.repository }}" \
-backend-config="key=state.tfstate" \
-backend-config="dynamodb_table=global-tf-state-lock"
# Set the Terraform Workspace to the current branch name.
- name: Set Terraform Workspace
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
shell: bash
run: |
export WORKSPACE=${{ github.base_ref || github.ref_name }}
terraform workspace select ${WORKSPACE} || terraform workspace new $WORKSPACE
echo "TF_WORKSPACE=$(echo ${WORKSPACE} | sed 's/\//_/g')" >> $GITHUB_ENV
# Checks differences between current code and infrastructure state.
- name: Terraform Plan
id: plan
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
terraform plan \
-input=false \
-no-color \
-out=tfplan \
-parallelism=${TERRAFORM_PARALLELISM} \
-var-file=variables-${TF_WORKSPACE}.tfvars
# Gets the results of the plan for pull requests.
- name: Terraform Show Plan
id: show
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: terraform show -no-color tfplan
# Adds the results of the plan to the pull request.
- name: Comment Plan
uses: actions/github-script@v6
if: github.event_name == 'pull_request'
env:
STDOUT: "```terraform\n${{ steps.show.outputs.stdout }}```"
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
// 1. Retrieve existing bot comments for the PR
const { data: comments } = await github.rest.issues.listComments({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
})
const botComment = comments.find(comment => {
return comment.user.type === 'Bot' && comment.body.includes('Terraform Format and Style')
})
// 2. Prepare format of the comment
const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\`
#### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
#### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
<details><summary>Validation Output</summary>
\`\`\`\n
${{ steps.validate.outputs.stdout }}
\`\`\`
</details>
#### Terraform Plan 📖\`${{ steps.plan.outcome }}\`
<details><summary>Show Plan</summary>
\`\`\`\n
${process.env.PLAN}
\`\`\`
</details>
*Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Working Directory: \`${{ env.tf_actions_working_dir }}\`, Workflow: \`${{ github.workflow }}\`*`;
// 3. If we have a comment, update it, otherwise create a new one
if (botComment) {
github.rest.issues.updateComment({
owner: context.repo.owner,
repo: context.repo.repo,
comment_id: botComment.id,
body: output
})
} else {
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: output
})
}
# Downloads Regula and checks whether the plan meets compliance requirements.
- name: Regula Compliance Check
shell: bash
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
REGULA_URL="https://github.com/fugue/regula/releases/download/v${REGULA_VERSION}/regula_${REGULA_VERSION}_Linux_x86_64.tar.gz"
curl -sL "$REGULA_URL" -o regula.tar.gz
tar xzf regula.tar.gz
terraform show -json tfplan | ./regula run
# Deploys infrastructure or changes to infrastructure.
- name: Terraform Apply
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
run: |
terraform apply \
-auto-approve \
-input=false \
-parallelism=${TERRAFORM_PARALLELISM} \
tfplan

47
hosts/default.nix
View File

@ -1,47 +0,0 @@
# Return a list of all hosts
nixpkgs:
let
inherit (nixpkgs) lib;
in
{
# darwin-hosts = import ./darwin;
aarch64-darwin-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./aarch64-darwin) [
# Get only files ending in default.nix
(builtins.filter (name: lib.hasSuffix "default.nix" name))
# Import each host function
(map (file: {
name = builtins.baseNameOf (builtins.dirOf file);
value = import file;
}))
# Convert to an attrset of hostname -> host function
(builtins.listToAttrs)
];
aarch64-linux-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./aarch64-linux) [
# Get only files ending in default.nix
(builtins.filter (name: lib.hasSuffix "default.nix" name))
# Remove the first file
(builtins.filter (name: name != ./aarch64-linux/default.nix))
# Import each host function
(map (file: {
name = builtins.baseNameOf (builtins.dirOf file);
value = import file;
}))
# Convert to an attrset of hostname -> host function
(builtins.listToAttrs)
];
x86_64-linux-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./x86_64-linux) [
# Get only files ending in default.nix
(builtins.filter (name: lib.hasSuffix "default.nix" name))
# Import each host function
(map (file: {
# name = lib.removeSuffix ".nix" (builtins.baseNameOf file);
name = builtins.baseNameOf (builtins.dirOf file);
value = import file;
}))
# Convert to an attrset of hostname -> host function
(builtins.listToAttrs)
];
}

120
hosts/flame/default.nix Normal file
View File

@ -0,0 +1,120 @@
# The Flame
# System configuration for an Oracle free server
# See [readme](../README.md) to explain how this file works.
# How to install:
# https://blog.korfuri.fr/posts/2022/08/nixos-on-an-oracle-free-tier-ampere-machine/
# These days, probably use nixos-anywhere instead.
{ inputs, globals, overlays, ... }:
inputs.nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
specialArgs = { };
modules = [
globals
inputs.home-manager.nixosModules.home-manager
../../modules/common
../../modules/nixos
{
nixpkgs.overlays = overlays;
# Hardware
server = true;
networking.hostName = "flame";
# Not sure what's necessary but too afraid to remove anything
imports = [ (inputs.nixpkgs + "/nixos/modules/profiles/qemu-guest.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" "usbhid" ];
# File systems must be declared in order to boot
# This is the root filesystem containing NixOS
# I forgot to set a clean label for it
fileSystems."/" = {
device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
fsType = "ext4";
};
# This is the boot filesystem for systemd-boot
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/D5CA-237A";
fsType = "vfat";
};
# Theming
# Server doesn't require GUI
gui.enable = false;
# Still require colors for programs like Neovim, K9S
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
# Programs and services
atuin.enable = true;
cloudflare.enable = true; # Proxy traffic with Cloudflare
dotfiles.enable = true; # Clone dotfiles
neovim.enable = true;
giteaRunner.enable = true;
services.caddy.enable = true;
services.grafana.enable = true;
services.openssh.enable = true;
services.victoriametrics.enable = true;
services.influxdb2.enable = true;
services.gitea.enable = true;
services.vaultwarden.enable = true;
services.minecraft-server.enable = true; # Setup Minecraft server
# Allows private remote access over the internet
cloudflareTunnel = {
enable = true;
id = "bd250ee1-ed2e-42d2-b627-039f1eb5a4d2";
credentialsFile = ../../private/cloudflared-flame.age;
ca =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org";
};
# Nextcloud backup config
backup.s3 = {
endpoint = "s3.us-west-002.backblazeb2.com";
bucket = "noahmasur-backup";
accessKeyId = "0026b0e73b2e2c80000000005";
};
# Disable passwords, only use SSH key
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
# # Wireguard config for Transmission
# wireguard.enable = true;
# networking.wireguard.interfaces.wg0 = {
#
# # The local IPs for this machine within the Wireguard network
# # Any inbound traffic bound for these IPs should be kept on localhost
# ips = [ "10.66.13.200/32" "fc00:bbbb:bbbb:bb01::3:dc7/128" ];
#
# peers = [{
#
# # Identity of Wireguard target peer (VPN)
# publicKey = "bOOP5lIjqCdDx5t+mP/kEcSbHS4cZqE0rMlBI178lyY=";
#
# # The public internet address of the target peer
# endpoint = "86.106.143.132:51820";
#
# # Which outgoing IP ranges should be sent through Wireguard
# allowedIPs = [ "0.0.0.0/0" "::0/0" ];
#
# # Send heartbeat signal within the network
# persistentKeepalive = 25;
#
# }];
#
# };
# # VPN port forwarding
# services.transmission.settings.peer-port = 57599;
}
];
}

48
hosts/hydra/default.nix Normal file
View File

@ -0,0 +1,48 @@
# The Hydra
# System configuration for WSL
# See [readme](../README.md) to explain how this file works.
{ inputs, globals, overlays, ... }:
inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { };
modules = [
../../modules/common
../../modules/nixos
../../modules/wsl
globals
inputs.wsl.nixosModules.wsl
inputs.home-manager.nixosModules.home-manager
{
networking.hostName = "hydra";
nixpkgs.overlays = overlays;
identityFile = "/home/${globals.user}/.ssh/id_ed25519";
gui.enable = false;
theme = {
colors = (import ../../colorscheme/gruvbox).dark;
dark = true;
};
passwordHash = inputs.nixpkgs.lib.fileContents ../../misc/password.sha512;
wsl = {
enable = true;
wslConf.automount.root = "/mnt";
defaultUser = globals.user;
startMenuLaunchers = true;
nativeSystemd = true;
wslConf.network.generateResolvConf = true; # Turn off if it breaks VPN
interop.includePath =
false; # Including Windows PATH will slow down Neovim command mode
};
neovim.enable = true;
mail.enable = true;
mail.aerc.enable = true;
mail.himalaya.enable = true;
dotfiles.enable = true;
nixlang.enable = true;
lua.enable = true;
}
];
}

49
hosts/lookingglass/default.nix Normal file
View File

@ -0,0 +1,49 @@
# The Looking Glass
# System configuration for my work Macbook
{ inputs, globals, overlays, ... }:
inputs.darwin.lib.darwinSystem {
system = "aarch64-darwin";
specialArgs = { };
modules = [
../../modules/common
../../modules/darwin
(globals // rec {
user = "Noah.Masur";
gitName = "Noah-Masur_1701";
gitEmail = "${user}@take2games.com";
})
inputs.home-manager.darwinModules.home-manager
{
nixpkgs.overlays = [ inputs.firefox-darwin.overlay ] ++ overlays;
networking.hostName = "lookingglass";
identityFile = "/Users/Noah.Masur/.ssh/id_ed25519";
gui.enable = true;
theme = {
colors = (import ../../colorscheme/gruvbox-dark).dark;
dark = true;
};
mail.user = globals.user;
atuin.enable = true;
charm.enable = true;
neovim.enable = true;
mail.enable = true;
mail.aerc.enable = true;
mail.himalaya.enable = false;
kitty.enable = true;
discord.enable = true;
firefox.enable = true;
dotfiles.enable = true;
nixlang.enable = true;
terraform.enable = true;
python.enable = true;
rust.enable = true;
lua.enable = true;
obsidian.enable = true;
kubernetes.enable = true;
_1password.enable = true;
slack.enable = true;
}
];
}

43
hosts/staff/default.nix Normal file
View File

@ -0,0 +1,43 @@
# The Staff
# ISO configuration for my USB drive
{ inputs, system, overlays, ... }:
inputs.nixos-generators.nixosGenerate {
inherit system;
format = "install-iso";
modules = [{
nixpkgs.overlays = overlays;
networking.hostName = "staff";
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"
];
services.openssh = {
enable = true;
ports = [ 22 ];
allowSFTP = true;
settings = {
GatewayPorts = "no";
X11Forwarding = false;
PasswordAuthentication = false;
PermitRootLogin = "yes";
};
};
environment.systemPackages =
let pkgs = import inputs.nixpkgs { inherit system overlays; };
in with pkgs; [
git
vim
wget
curl
(import ../../modules/common/neovim/package {
inherit pkgs;
colors = (import ../../colorscheme/gruvbox).dark;
})
];
nix.extraOptions = ''
experimental-features = nix-command flakes
warn-dirty = false
'';
}];
}

109
hosts/swan/default.nix Normal file
View File

@ -0,0 +1,109 @@
# The Swan
# System configuration for my home NAS server
# See [readme](../README.md) to explain how this file works.
{ inputs, globals, overlays, ... }:
inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { };
modules = [
globals
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
../../modules/common
../../modules/nixos
{
nixpkgs.overlays = overlays;
# Hardware
server = true;
physical = true;
networking.hostName = "swan";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ];
# Required for transcoding
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelParams = [
"radeon.si_support=0"
"amdgpu.si_support=1"
"radeon.cik_support=0"
"amdgpu.cik_support=1"
"amdgpu.dc=1"
];
# Required binary blobs to boot on this machine
hardware.enableRedistributableFirmware = true;
# Prioritize efficiency over performance
powerManagement.cpuFreqGovernor = "powersave";
# Allow firmware updates
hardware.cpu.intel.updateMicrocode = true;
# ZFS
zfs.enable = true;
# Generated with: head -c 8 /etc/machine-id
networking.hostId = "600279f4"; # Random ID required for ZFS
# Sets root ext4 filesystem instead of declaring it manually
disko = {
enableConfig = true;
devices = (import ../../disks/root.nix { disk = "/dev/nvme0n1"; });
};
# Automatically load the ZFS pool on boot
boot.zfs.extraPools = [ "tank" ];
# Theming
# Server doesn't require GUI
gui.enable = false;
# Still require colors for programs like Neovim, K9S
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
# Programs and services
atuin.enable = true;
neovim.enable = true;
cloudflare.enable = true;
dotfiles.enable = true;
arrs.enable = true;
services.bind.enable = true;
services.caddy.enable = true;
services.jellyfin.enable = true;
services.nextcloud.enable = true;
services.calibre-web.enable = true;
services.openssh.enable = true;
services.prometheus.enable = false;
services.vmagent.enable = true;
services.samba.enable = true;
services.paperless.enable = true;
services.postgresql.enable = true;
# Allows private remote access over the internet
cloudflareTunnel = {
enable = true;
id = "646754ac-2149-4a58-b51a-e1d0a1f3ade2";
credentialsFile = ../../private/cloudflared-swan.age;
ca =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCHF/UMtJqPFrf6f6GRY0ZFnkCW7b6sYgUTjTtNfRj1RdmNic1NoJZql7y6BrqQinZvy7nsr1UFDNWoHn6ah3tg= open-ssh-ca@cloudflareaccess.org";
};
# Send regular backups and litestream for DBs to an S3-like bucket
backup.s3 = {
endpoint = "s3.us-west-002.backblazeb2.com";
bucket = "noahmasur-backup";
accessKeyId = "0026b0e73b2e2c80000000005";
};
# Disable passwords, only use SSH key
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
}
];
}

136
hosts/tempest/default.nix Normal file
View File

@ -0,0 +1,136 @@
# The Tempest
# System configuration for my desktop
# See [readme](../README.md) to explain how this file works.
{ inputs, globals, overlays, ... }:
inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
globals
inputs.home-manager.nixosModules.home-manager
../../modules/common
../../modules/nixos
{
nixpkgs.overlays = overlays;
# Hardware
physical = true;
networking.hostName = "tempest";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
# Graphics and VMs
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [ "kvm-amd" ];
services.xserver.videoDrivers = [ "amdgpu" ];
# Required binary blobs to boot on this machine
hardware.enableRedistributableFirmware = true;
# Prioritize performance over efficiency
powerManagement.cpuFreqGovernor = "performance";
# Allow firmware updates
hardware.cpu.amd.updateMicrocode = true;
# Helps reduce GPU fan noise under idle loads
hardware.fancontrol.enable = true;
hardware.fancontrol.config = ''
# Configuration file generated by pwmconfig, changes will be lost
INTERVAL=10
DEVPATH=hwmon0=devices/pci0000:00/0000:00:03.1/0000:06:00.0/0000:07:00.0/0000:08:00.0
DEVNAME=hwmon0=amdgpu
FCTEMPS=hwmon0/pwm1=hwmon0/temp1_input
FCFANS= hwmon0/pwm1=hwmon0/fan1_input
MINTEMP=hwmon0/pwm1=50
MAXTEMP=hwmon0/pwm1=70
MINSTART=hwmon0/pwm1=100
MINSTOP=hwmon0/pwm1=10
MINPWM=hwmon0/pwm1=10
MAXPWM=hwmon0/pwm1=240
'';
# File systems must be declared in order to boot
# This is the root filesystem containing NixOS
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
# This is the boot filesystem for Grub
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
# Secrets must be prepared ahead before deploying
passwordHash = inputs.nixpkgs.lib.fileContents ../../misc/password.sha512;
# Theming
# Turn on all features related to desktop and graphical applications
gui.enable = true;
# Set the system-wide theme, also used for non-graphical programs
theme = {
colors = (import ../../colorscheme/gruvbox-dark).dark;
dark = true;
};
wallpaper = "${inputs.wallpapers}/gruvbox/road.jpg";
gtk.theme.name = inputs.nixpkgs.lib.mkDefault "Adwaita-dark";
# Programs and services
atuin.enable = true;
charm.enable = true;
neovim.enable = true;
media.enable = true;
dotfiles.enable = true;
firefox.enable = true;
kitty.enable = true;
_1password.enable = true;
discord.enable = true;
nautilus.enable = true;
obsidian.enable = true;
mail.enable = true;
mail.aerc.enable = true;
mail.himalaya.enable = true;
keybase.enable = true;
mullvad.enable = false;
nixlang.enable = true;
rust.enable = true;
yt-dlp.enable = true;
gaming = {
dwarf-fortress.enable = true;
enable = true;
steam.enable = true;
legendary.enable = true;
lutris.enable = true;
leagueoflegends.enable = true;
ryujinx.enable = true;
};
services.vmagent.enable = true; # Enables Prometheus metrics
services.openssh.enable =
true; # Required for Cloudflare tunnel and identity file
# Allows private remote access over the internet
cloudflareTunnel = {
enable = true;
id = "ac133a82-31fb-480c-942a-cdbcd4c58173";
credentialsFile = ../../private/cloudflared-tempest.age;
ca =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";
};
# Allows requests to force machine to wake up
# This network interface might change, needs to be set specifically for each machine.
# Or set usePredictableInterfaceNames = false
networking.interfaces.enp5s0.wakeOnLan.enable = true;
}
];
}

32
hosts/x86_64-linux/arrow/default.nix
View File

@ -1,32 +0,0 @@
# The Arrow
# System configuration for temporary VM
rec {
# Hardware
networking.hostName = "arrow";
nmasur.settings = {
username = "noah";
fullName = "Noah Masur";
};
nmasur.profiles = {
base.enable = true;
server.enable = true;
};
home-manager.users."noah" = {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
};
nmasur.profiles = {
common.enable = true;
linux-base.enable = true;
};
home.stateVersion = "23.05";
};
system.stateVersion = "23.05";
}

33
hosts/x86_64-linux/hydra/default.nix
View File

@ -1,33 +0,0 @@
# The Hydra
# System configuration for WSL
rec {
# Hardware
networking.hostName = "hydra";
nmasur.settings = {
username = "noah";
fullName = "Noah Masur";
};
nmasur.profiles = {
base.enable = true;
wsl.enable = true;
};
home-manager.users."noah" = {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
};
nmasur.profiles = {
common.enable = true;
linux-base.enable = true;
power-user.enable = true;
};
home.stateVersion = "23.05";
};
system.stateVersion = "23.05";
}

64
hosts/x86_64-linux/staff/default.nix
View File

@ -1,64 +0,0 @@
# The Staff
# System configuration test
rec {
# Hardware
networking.hostName = "staff";
nmasur.settings = {
username = "noah";
fullName = "Noah Masur";
};
nmasur.profiles = {
base.enable = true;
home.enable = true;
gui.enable = true;
};
nmasur.presets.services.cloudflared.enable = false;
nmasur.presets.services.kanata.enable = false;
nmasur.presets.services.openssh.enable = true;
home-manager.users."noah" = {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
};
nmasur.profiles = {
common.enable = true;
linux-base.enable = true;
linux-gui.enable = true;
power-user.enable = true;
};
nmasur.presets.services.mbsync = {
user = nmasur.settings.username;
server = "noahmasur.com";
};
home.stateVersion = "23.05";
};
system.stateVersion = "23.05";
# Not sure what's necessary but too afraid to remove anything
# File systems must be declared in order to boot
# This is the root filesystem containing NixOS
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
# This is the boot filesystem for Grub
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
# Allows private remote access over the internet
# nmasur.presets.services.cloudflared = {
# tunnel = {
# id = "ac133a82-31fb-480c-942a-cdbcd4c58173";
# credentialsFile = ../../private/cloudflared-tempest.age;
# ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";
# };
# };
}

19
hosts/x86_64-linux/swan/cloudflared-swan.age
View File

@ -1,19 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBuU1BO
ZGdOVFRTekN3SFRhQWYwcWt6OHpLZXM0aENsQ3d1VWpxYUhXN3k4CnNwNWpQcU90
elR0eWVyMWFUUkhORFRQeVdsdTErWUgzNW9mN1BWS2szbUUKLT4gc3NoLWVkMjU1
MTkgWXlTVU1RIDRRS0VESG5NNWpxbm1DTjBkY2ExR3I3aE1PUTNVTXBFZ2wwVC9j
WDIrMTgKaXkwWk1xRWp6Z3c3NFZZS0cybHFqcUVRczNMZ05tSmxPNjBlVmRHK2h3
SQotPiBzc2gtZWQyNTUxOSBuanZYNUEgYWI1SkhBZ0Jrb3hzbDRwcnRMeHhGSlpB
aWt5ZmRxaGhmbXFDQWdNamxRbwpXMWo0TjZhbHM3ejFYNVU5WlkxWTJSbVBPOEhr
MUt3akxMU3QzN3Z4M0lFCi0+IHNzaC1lZDI1NTE5IENxSU9VQSA1dmdFRE1QSU55
WUVuOU9OTHJjM0RxVWhmTlEvdk1mNU1iUEwyNlFqRFZvCldleVNGQ1RZdU1tU2J2
dWxGZlVkaDBWNEZRUFNBcEIvTEdkODdDS25GdGsKLT4gc3NoLWVkMjU1MTkgejFP
Y1p3IG5SbVpVZldPSkJXYm9BZ3B6OXZXMlB4T2Z5RHptR1pqbVRVUS9LVEZyUzgK
ZlVTZWlUQ2VoWVNuOGE5Wk5vZGdVVldzbUZKRERyUFN0eVJ4TWpmL2gwcwotLS0g
MlJmTlVkdHhHQ25JWm0xVmdjVDFYM1lHaE9WdnJSVkVMMnNwV0c4eXc0QQpYTchD
DCiEm4rOav4/IwK26gSgi2B4qq4RETyAbF4oa87cvFM8zVXo7W8nF+eWzeWGNZrc
yRFfOYf4gtlNCVLc+UAapvM1rKuw1IOQeJLAwGCHygXKWY7zSXdT2ERACXESvCCz
b7W62NVx0Pc4mAAQB3QU995HFVFuHLa939PPPlkgxqepNWCKrmUFl/qjRpOoVrV6
GwRgIo36PhcfZVCswyVXgcc4M3CCG5ZuWInuuljqTB70OzBVkKCaUeiRaRIZJg==
-----END AGE ENCRYPTED FILE-----

81
hosts/x86_64-linux/swan/default.nix
View File

@ -1,81 +0,0 @@
# The Swan
# System configuration for my home NAS server
rec {
networking.hostName = "swan";
nmasur.settings = {
username = "noah";
fullName = "Noah Masur";
};
nmasur.profiles = {
base.enable = true;
server.enable = true;
home.enable = true;
nas.enable = true;
shared-media.enable = true;
};
home-manager.users."noah" = {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
};
nmasur.profiles = {
common.enable = true;
linux-base.enable = true;
power-user.enable = true;
};
home.stateVersion = "23.05";
};
system.stateVersion = "23.05";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usb_storage"
"sd_mod"
];
# Required for transcoding
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelParams = [
"radeon.si_support=0"
"amdgpu.si_support=1"
"radeon.cik_support=0"
"amdgpu.cik_support=1"
"amdgpu.dc=1"
];
# Required binary blobs to boot on this machine
hardware.enableRedistributableFirmware = true;
# Prioritize efficiency over performance
powerManagement.cpuFreqGovernor = "powersave";
# Allow firmware updates
hardware.cpu.intel.updateMicrocode = true;
# ZFS
# Generated with: head -c 8 /etc/machine-id
networking.hostId = "600279f4"; # Random ID required for ZFS
# Sets root ext4 filesystem instead of declaring it manually
disko = {
enableConfig = true;
devices = (import ./root.nix { disk = "/dev/nvme0n1"; });
};
# Allows private remote access over the internet
nmasur.presets.services.cloudflared = {
tunnel = {
id = "646754ac-2149-4a58-b51a-e1d0a1f3ade2";
credentialsFile = ./cloudflared-swan.age;
ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCHF/UMtJqPFrf6f6GRY0ZFnkCW7b6sYgUTjTtNfRj1RdmNic1NoJZql7y6BrqQinZvy7nsr1UFDNWoHn6ah3tg= open-ssh-ca@cloudflareaccess.org";
};
};
}

39
hosts/x86_64-linux/swan/root.nix
View File

@ -1,39 +0,0 @@
{ disk, ... }:
{
disk = {
boot = {
type = "disk";
device = disk;
content = {
type = "gpt";
partitions = {
# Boot partition
ESP = rec {
size = "512MiB";
type = "EF00";
label = "boot";
device = "/dev/disk/by-label/${label}";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
extraArgs = [ "-n ${label}" ];
};
};
# Root partition ext4
root = rec {
size = "100%";
label = "nixos";
device = "/dev/disk/by-label/${label}";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
extraArgs = [ "-L ${label}" ];
};
};
};
};
};
};
}

19
hosts/x86_64-linux/tempest/cloudflared-tempest.age
View File

@ -1,19 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBMMDZj
dkdOSTc1bHgybjAwcUVHUXFhY0I0NE45K1B5SEh4NGN4T0tpREhjCnViQzVXTVk3
dzB5ZEY5d1hvcHVDSXVubElOdEVQQ0Fja2dnL0ZnVG4wNEUKLT4gc3NoLWVkMjU1
MTkgWXlTVU1RIHRiVkNzRCs4V3EvL2szNG8zSlRYSVloRlVsSTk3a0hnSFMyUzRN
K0lyMzQKWDhIOTVzMGJkaGpVQmNtS0pPQnNTSjRmK1dYck1SUFd5VnVvYnJSWkhs
YwotPiBzc2gtZWQyNTUxOSBuanZYNUEgUy9kWmxsc0p2L0pFWDlPMGlzeVBHNjJ2
a05ycmZtbUJrOXRBVVgxVjVtZwo4RVM3Sms2M2krdjU0K1ZHREhhRkdMcENTbTJr
UEh6cWcvOGNIRUNJZUFvCi0+IHNzaC1lZDI1NTE5IENxSU9VQSA5d0FwTWJzZEpJ
UEJaZi91YXZOOFhGVlVVekEvSVRnK3Y2VFdhL216SVZrCkRURE9OYnIvSGVtMWNl
MWFGSTEwUVBITTlnaWVXc1hpMFpqdFdMcFY2NHMKLT4gc3NoLWVkMjU1MTkgejFP
Y1p3IDhkUk9KTE1UMysvajY3WEx5MFdLeEdlVnBmSUx6TTlnYWdqaWorYm0rRGMK
SlhaRFNLaTZHVkpRR3U5eE5JOTBPWWM3OTFka1ZWSHJMaFFhZG1CSzNVTQotLS0g
THNSTmNzK3JvbVN5S3RaVlQwdDRiOWFkVGZ3WUtyT2IyMWtPSVNtajF5YwoCUWHU
KSe09W6BaVEW2x0ieBXN6KkL4FNPAP8zCom8fNVjyjAZpxd2t0kisJjJ45xg8eG4
x9sj+hG9EsWIFvVpnF7LUIEXcRMjvRlNXED8HmYR0qzUhc89VQ9N4EoQPJYN1dME
kxAzH8p5HBidxfJLpACaG5QHGb97chJXTDrT+ZKt+hPfZ16OhsKBj2s0gvHbcCQH
sdqQT4+FlJshDiRiauTmqF/umnCnzl4+H4Xe8kLVrZxDOAv1iwuTX8zcaNOFNw==
-----END AGE ENCRYPTED FILE-----

109
hosts/x86_64-linux/tempest/default.nix
View File

@ -1,109 +0,0 @@
# The Tempest
# System configuration for my desktop
rec {
# Hardware
networking.hostName = "tempest";
nmasur.settings = {
username = "noah";
fullName = "Noah Masur";
};
nmasur.profiles = {
base.enable = true;
home.enable = true;
gui.enable = true;
gaming.enable = true;
};
nmasur.presets.services.grub.enable = true;
home-manager.users."noah" = {
nmasur.settings = {
username = nmasur.settings.username;
fullName = nmasur.settings.fullName;
};
nmasur.profiles = {
common.enable = true;
linux-base.enable = true;
linux-gui.enable = true;
linux-gaming.enable = true;
power-user.enable = true;
developer.enable = true;
experimental.enable = true;
};
home.stateVersion = "23.05";
};
system.stateVersion = "23.05";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
# Graphics and VMs
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [ "kvm-amd" ];
services.xserver.videoDrivers = [ "amdgpu" ];
# Required binary blobs to boot on this machine
hardware.enableRedistributableFirmware = true;
# Prioritize performance over efficiency
powerManagement.cpuFreqGovernor = "performance";
# Allow firmware updates
hardware.cpu.amd.updateMicrocode = true;
# Helps reduce GPU fan noise under idle loads
hardware.fancontrol.enable = true;
hardware.fancontrol.config = ''
# Configuration file generated by pwmconfig, changes will be lost
INTERVAL=10
DEVPATH=hwmon0=devices/pci0000:00/0000:00:03.1/0000:06:00.0/0000:07:00.0/0000:08:00.0
DEVNAME=hwmon0=amdgpu
FCTEMPS=hwmon0/pwm1=hwmon0/temp1_input
FCFANS= hwmon0/pwm1=hwmon0/fan1_input
MINTEMP=hwmon0/pwm1=50
MAXTEMP=hwmon0/pwm1=70
MINSTART=hwmon0/pwm1=100
MINSTOP=hwmon0/pwm1=10
MINPWM=hwmon0/pwm1=10
MAXPWM=hwmon0/pwm1=240
'';
# File systems must be declared in order to boot
# This is the root filesystem containing NixOS
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
# This is the boot filesystem for Grub
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
# Allows private remote access over the internet
nmasur.presets.services.cloudflared = {
tunnel = {
id = "ac133a82-31fb-480c-942a-cdbcd4c58173";
credentialsFile = ./cloudflared-tempest.age;
ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";
};
};
# Allows requests to force machine to wake up
# This network interface might change, needs to be set specifically for each machine.
# Or set usePredictableInterfaceNames = false
networking.interfaces.enp5s0.wakeOnLan.enable = true;
}

223
lib/default.nix
View File

@ -1,223 +0,0 @@
inputs:
let
lib = inputs.nixpkgs.lib;
in
lib
// rec {
# Returns all files in a directory matching a suffix
filesInDirectoryWithSuffix =
directory: suffix:
lib.pipe (lib.filesystem.listFilesRecursive directory) [
# Get only files ending in .nix
(builtins.filter (name: lib.hasSuffix suffix name))
];
# Returns all files ending in .nix for a directory
nixFiles = directory: filesInDirectoryWithSuffix directory ".nix";
# Returns all files ending in default.nix for a directory
defaultFiles = directory: filesInDirectoryWithSuffix directory "default.nix";
# Imports all files in a directory and passes inputs
importOverlays =
directory:
lib.pipe (nixFiles directory) [
# Import each overlay file
(map (file: (import file) inputs))
];
# Import default files as attrset with keys provided by parent directory
defaultFilesToAttrset =
directory:
lib.pipe (defaultFiles directory) [
# Import each file
(map (file: {
name = builtins.baseNameOf (builtins.dirOf file);
value = import file;
}))
# Convert to an attrset of parent dir name -> file
(builtins.listToAttrs)
];
# [ package1/package.nix package2/package.nix package2/hello.sh ]
buildPkgsFromDirectoryAndPkgs =
directory: pkgs:
lib.pipe (filesInDirectoryWithSuffix directory "package.nix") [
# Apply callPackage to create a derivation
# Must use final.callPackage to avoid infinite recursion
# [ package1.drv package2.drv ]
(builtins.map (name: pkgs.callPackage name { }))
# Convert the list to an attrset with keys from pname or name attr
# { package1 = package1.drv, package2 = package2.drv }
(builtins.listToAttrs (
map (v: {
name = v."pname" or v."name";
value = v;
})
))
];
# Common overlays to always use
overlays = [
inputs.nur.overlays.default
inputs.nix2vim.overlay
inputs.zellij-switch.overlays.default
] ++ (importOverlays ../overlays);
# System types to support.
supportedSystems = [
"x86_64-linux"
"x86_64-darwin"
"aarch64-linux"
"aarch64-darwin"
];
# Split system types by operating system
linuxSystems = builtins.filter (lib.hasSuffix "linux") supportedSystems;
darwinSystems = builtins.filter (lib.hasSuffix "darwin") supportedSystems;
# Helper function to generate an attrset '{ x86_64-linux = f "x86_64-linux"; ... }'.
forSystems = systems: lib.genAttrs systems;
forAllSystems = lib.genAttrs supportedSystems;
# { x86_64-linux = { tempest = { settings = ...; }; }; };
hosts = forAllSystems (system: defaultFilesToAttrset ../hosts/${system});
linuxHosts = lib.filterAttrs (name: value: builtins.elem name linuxSystems) hosts;
darwinHosts = lib.filterAttrs (name: value: builtins.elem name darwinSystems) hosts;
# { system -> pkgs }
pkgsBySystem = forAllSystems (
system:
import inputs.nixpkgs {
inherit system overlays;
config.permittedInsecurePackages = [ "litestream-0.3.13" ];
config.allowUnfree = true;
}
);
colorscheme = defaultFilesToAttrset ../colorscheme;
homeModule = {
home-manager = {
# Include home-manager config in NixOS
sharedModules = nixFiles ../platforms/home-manager;
# Use the system-level nixpkgs instead of Home Manager's
useGlobalPkgs = lib.mkDefault true;
# Install packages to /etc/profiles instead of ~/.nix-profile, useful when
# using multiple profiles for one user
useUserPackages = lib.mkDefault true;
};
};
buildHome =
{
system,
module,
specialArgs,
}:
inputs.home-manager.lib.homeManagerConfiguration {
pkgs = pkgsBySystem.${system};
modules = [
{ imports = (nixFiles ../platforms/home-manager); }
module
];
extraSpecialArgs = {
inherit colorscheme;
} // specialArgs;
};
buildNixos =
{
system,
module,
specialArgs,
}:
inputs.nixpkgs.lib.nixosSystem {
inherit specialArgs;
pkgs = pkgsBySystem.${system};
modules = [
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
inputs.wsl.nixosModules.wsl
{ imports = (nixFiles ../platforms/nixos); }
module
{
home-manager = {
extraSpecialArgs = {
inherit colorscheme;
} // specialArgs;
} // homeModule.home-manager;
}
];
};
buildDarwin =
{
system,
module,
specialArgs,
}:
inputs.darwin.lib.darwinSystem {
inherit system specialArgs;
modules = [
inputs.home-manager.darwinModules.home-manager
inputs.mac-app-util.darwinModules.default
{
imports = (nixFiles ../platforms/nix-darwin);
nixpkgs.pkgs = pkgsBySystem.${system};
}
module
{
home-manager = {
extraSpecialArgs = {
inherit colorscheme;
} // specialArgs;
} // homeModule.home-manager;
}
];
};
generatorOptions = {
amazon = {
aws.enable = true;
};
iso = { };
};
generateImage =
{
system,
module,
format,
specialArgs,
}:
inputs.nixos-generators.nixosGenerate {
inherit system format;
modules = [
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
inputs.wsl.nixosModules.wsl
{
imports = (nixFiles ../platforms/nixos) ++ (nixFiles ../platforms/generators);
}
generatorOptions.${format}
module
{
home-manager = {
extraSpecialArgs = {
inherit colorscheme;
} // specialArgs;
} // homeModule.home-manager;
}
];
specialArgs = {
} // specialArgs;
};
}

1
misc/public-keys
View File

@ -4,4 +4,3 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHVknmPi7sG6ES0G0jcsvebzKGWWaMfJTYgvOue6EULI flame ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHVknmPi7sG6ES0G0jcsvebzKGWWaMfJTYgvOue6EULI flame
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ9mwXlZnIALt9SnH3FOZvdgHLM5ZqwYUERXBbM7Rwh6 swan ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ9mwXlZnIALt9SnH3FOZvdgHLM5ZqwYUERXBbM7Rwh6 swan
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC3yHivgEXr2ecwe58h9bkhwTYivf3GwL8xenQKMeiUb tempest ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC3yHivgEXr2ecwe58h9bkhwTYivf3GwL8xenQKMeiUb tempest
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICmGHIWBZzRx35/yFgnPJSHN2+35WJ30G9c5tDhPsCrl arrow

9
modules/README.md Normal file
View File

@ -0,0 +1,9 @@
# Modules
| Module | Purpose |
| --- | --- |
| [common](./common/default.nix) | User programs and OS-agnostic configuration |
| [darwin](./darwin/default.nix) | macOS-specific configuration |
| [nixos](./nixos/default.nix) | NixOS-specific configuration |
| [wsl](./wsl/default.nix) | WSL-specific configuration |

30
modules/common/applications/1password.nix Normal file
View File

@ -0,0 +1,30 @@
{ config, pkgs, lib, ... }: {
options = {
_1password = {
enable = lib.mkEnableOption {
description = "Enable 1Password.";
default = false;
};
};
};
config = lib.mkIf (config.gui.enable && config._1password.enable) {
unfreePackages = [ "1password" "_1password-gui" "1password-cli" ];
home-manager.users.${config.user} = {
home.packages = with pkgs; [ _1password-gui _1password ];
};
# https://1password.community/discussion/135462/firefox-extension-does-not-connect-to-linux-app
# On Mac, does not apply: https://1password.community/discussion/142794/app-and-browser-integration
# However, the button doesn't work either:
# https://1password.community/discussion/140735/extending-support-for-trusted-web-browsers
environment.etc."1password/custom_allowed_browsers".text = ''
${
config.home-manager.users.${config.user}.programs.firefox.package
}/Applications/Firefox.app/Contents/MacOS/firefox
firefox
'';
};
}

99
modules/common/applications/alacritty.nix Normal file
View File

@ -0,0 +1,99 @@
{ config, pkgs, lib, ... }: {
options = {
alacritty = {
enable = lib.mkEnableOption {
description = "Enable Alacritty.";
default = false;
};
};
};
config = lib.mkIf (config.gui.enable && config.alacritty.enable) {
home-manager.users.${config.user} = {
xsession.windowManager.i3.config.terminal = "alacritty";
programs.rofi.terminal = "${pkgs.alacritty}/bin/alacritty";
programs.alacritty = {
enable = true;
settings = {
window = {
dimensions = {
columns = 85;
lines = 30;
};
padding = {
x = 20;
y = 20;
};
opacity = 1.0;
};
scrolling.history = 10000;
font = { size = 14.0; };
key_bindings = [
# Used for word completion in fish_user_key_bindings
{
key = "Return";
mods = "Shift";
chars = "\\x1F";
}
# Used for searching nixpkgs in fish_user_key_bindings
{
key = "N";
mods = "Control|Shift";
chars = "\\x11F";
}
{
key = "H";
mods = "Control|Shift";
mode = "~Vi";
action = "ToggleViMode";
}
{
key = "Return";
mode = "Vi";
action = "ToggleViMode";
}
# Used to enable $ keybind in Vi mode
{
key = 5; # Scancode for key4
mods = "Shift";
mode = "Vi|~Search";
action = "Last";
}
];
colors = {
primary = {
background = config.theme.colors.base00;
foreground = config.theme.colors.base05;
};
cursor = {
text = "#1d2021";
cursor = config.theme.colors.base05;
};
normal = {
black = "#1d2021";
red = config.theme.colors.base08;
green = config.theme.colors.base0B;
yellow = config.theme.colors.base0A;
blue = config.theme.colors.base0D;
magenta = config.theme.colors.base0E;
cyan = config.theme.colors.base0C;
white = config.theme.colors.base05;
};
bright = {
black = config.theme.colors.base03;
red = config.theme.colors.base09;
green = config.theme.colors.base01;
yellow = config.theme.colors.base02;
blue = config.theme.colors.base04;
magenta = config.theme.colors.base06;
cyan = config.theme.colors.base0F;
white = config.theme.colors.base07;
};
};
draw_bold_text_with_bright_colors = false;
};
};
};
};
}

16
modules/common/applications/default.nix Normal file
View File

@ -0,0 +1,16 @@
{ ... }: {
imports = [
./1password.nix
./alacritty.nix
./discord.nix
./firefox.nix
./kitty.nix
./media.nix
./obsidian.nix
./qbittorrent.nix
./slack.nix
./yt-dlp.nix
];
}

28
modules/common/applications/discord.nix Normal file
View File

@ -0,0 +1,28 @@
{ config, pkgs, lib, ... }: {
options = {
discord = {
enable = lib.mkEnableOption {
description = "Enable Discord.";
default = false;
};
};
};
config = lib.mkIf (config.gui.enable && config.discord.enable) {
unfreePackages = [ "discord" ];
environment.systemPackages = [ pkgs.discord ];
home-manager.users.${config.user} = {
xdg.configFile."discord/settings.json".text = ''
{
"BACKGROUND_COLOR": "#202225",
"IS_MAXIMIZED": false,
"IS_MINIMIZED": false,
"OPEN_ON_STARTUP": false,
"MINIMIZE_TO_TRAY": false,
"SKIP_HOST_UPDATE": true
}
'';
};
};
}

190
modules/common/applications/firefox.nix Normal file
View File

@ -0,0 +1,190 @@
{ config, pkgs, lib, ... }:
{
options = {
firefox = {
enable = lib.mkEnableOption {
description = "Enable Firefox.";
default = false;
};
};
};
config = lib.mkIf (config.gui.enable && config.firefox.enable) {
unfreePackages = [
(lib.mkIf config._1password.enable "onepassword-password-manager")
"okta-browser-plugin"
"wappalyzer"
];
home-manager.users.${config.user} = {
programs.firefox = {
enable = true;
package =
if pkgs.stdenv.isDarwin then pkgs.firefox-bin else pkgs.firefox;
profiles.default = {
id = 0;
name = "default";
isDefault = true;
# https://nur.nix-community.org/repos/rycee/
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
(lib.mkIf config._1password.enable onepassword-password-manager)
pkgs.bypass-paywalls-clean
darkreader
don-t-fuck-with-paste
facebook-container
markdownload
multi-account-containers
okta-browser-plugin
reddit-enhancement-suite
return-youtube-dislikes
snowflake
sponsorblock
ublock-origin
ublacklist
vimium
wappalyzer
];
settings = {
"app.update.auto" = false;
"browser.aboutConfig.showWarning" = false;
"browser.warnOnQuit" = false;
"browser.quitShortcut.disabled" =
if pkgs.stdenv.isLinux then true else false;
"browser.theme.dark-private-windows" = true;
"browser.toolbars.bookmarks.visibility" = false;
"browser.startup.page" = 3; # Restore previous session
"browser.newtabpage.enabled" = false; # Make new tabs blank
"trailhead.firstrun.didSeeAboutWelcome" =
true; # Disable welcome splash
"dom.forms.autocomplete.formautofill" = false; # Disable autofill
"extensions.formautofill.creditCards.enabled" =
false; # Disable credit cards
"dom.payments.defaults.saveAddress" = false; # Disable address save
"general.autoScroll" = true; # Drag middle-mouse to scroll
"services.sync.prefs.sync.general.autoScroll" =
false; # Prevent disabling autoscroll
"extensions.pocket.enabled" = false;
"toolkit.legacyUserProfileCustomizations.stylesheets" =
true; # Allow userChrome.css
"layout.css.color-mix.enabled" = true;
"ui.systemUsesDarkTheme" =
if config.theme.dark == true then 1 else 0;
"media.ffmpeg.vaapi.enabled" =
true; # Enable hardware video acceleration
"cookiebanners.ui.desktop.enabled" = true; # Reject cookie popups
"devtools.command-button-screenshot.enabled" =
true; # Scrolling screenshot of entire page
"svg.context-properties.content.enabled" = true; # Sidebery styling
};
userChrome = ''
:root {
--focus-outline-color: ${config.theme.colors.base04} !important;
--toolbar-color: ${config.theme.colors.base07} !important;
--tab-min-height: 30px !important;
}
/* Background of tab bar */
.toolbar-items {
background-color: ${config.theme.colors.base00} !important;
}
/* Extra tab bar sides on macOS */
.titlebar-spacer {
background-color: ${config.theme.colors.base00} !important;
}
.titlebar-buttonbox-container {
background-color: ${config.theme.colors.base00} !important;
}
#tabbrowser-tabs {
border-inline-start: 0 !important;
}
/* Private Browsing indicator on macOS */
#private-browsing-indicator-with-label {
background-color: ${config.theme.colors.base00} !important;
margin-inline: 0 !important;
padding-inline: 7px;
}
/* Tabs themselves */
.tabbrowser-tab .tab-stack {
border-radius: 5px 5px 0 0;
overflow: hidden;
background-color: ${config.theme.colors.base00};
color: ${config.theme.colors.base06} !important;
}
.tab-content {
border-bottom: 2px solid color-mix(in srgb, var(--identity-tab-color) 40%, transparent);
border-radius: 5px 5px 0 0;
background-color: ${config.theme.colors.base00};
color: ${config.theme.colors.base06} !important;
}
.tab-content[selected] {
border-bottom: 2px solid color-mix(in srgb, var(--identity-tab-color) 25%, transparent);
background-color: ${config.theme.colors.base01} !important;
color: ${config.theme.colors.base07} !important;
}
/* Below tab bar */
#nav-bar {
background: ${config.theme.colors.base01} !important;
}
/* URL bar in nav bar */
#urlbar[focused=true] {
color: ${config.theme.colors.base07} !important;
background: ${config.theme.colors.base02} !important;
caret-color: ${config.theme.colors.base05} !important;
}
#urlbar:not([focused=true]) {
color: ${config.theme.colors.base04} !important;
background: ${config.theme.colors.base02} !important;
}
#urlbar ::-moz-selection {
color: ${config.theme.colors.base07} !important;
background: ${config.theme.colors.base02} !important;
}
#urlbar-input-container {
border: 1px solid ${config.theme.colors.base01} !important;
}
#urlbar-background {
background: ${config.theme.colors.base01} !important;
}
/* Text in URL bar */
#urlbar-input, #urlbar-scheme, .searchbar-textbox {
color: ${config.theme.colors.base07} !important;
}
'';
userContent = ''
@-moz-document url-prefix(about:blank) {
* {
background-color:${config.theme.colors.base01} !important;
}
}
'';
extraConfig = "";
};
};
xsession.windowManager.i3.config.keybindings =
lib.mkIf pkgs.stdenv.isLinux {
"${
config.home-manager.users.${config.user}.xsession.windowManager.i3.config.modifier
}+Shift+b" = "exec ${
# Don't name the script `firefox` or it will affect grep
builtins.toString (pkgs.writeShellScript "focus-ff.sh" ''
count=$(ps aux | grep -c firefox)
if [ "$count" -eq 1 ]; then
i3-msg "exec --no-startup-id firefox"
sleep 0.5
fi
i3-msg "[class=firefox] focus"
'')
}";
};
};
};
}

121
modules/common/applications/kitty.nix Normal file
View File

@ -0,0 +1,121 @@
{ config, pkgs, lib, ... }: {
options = {
kitty = {
enable = lib.mkEnableOption {
description = "Enable Kitty.";
default = false;
};
};
};
config = lib.mkIf (config.gui.enable && config.kitty.enable) {
# Set the Rofi-Systemd terminal for viewing logs
# Using optionalAttrs because only available in NixOS
environment = { } // lib.attrsets.optionalAttrs
(builtins.hasAttr "sessionVariables" config.environment) {
sessionVariables.ROFI_SYSTEMD_TERM = "${pkgs.kitty}/bin/kitty";
};
home-manager.users.${config.user} = {
# Set the i3 terminal
xsession.windowManager.i3.config.terminal =
lib.mkIf pkgs.stdenv.isLinux "kitty";
# Set the Rofi terminal for running programs
programs.rofi.terminal =
lib.mkIf pkgs.stdenv.isLinux "${pkgs.kitty}/bin/kitty";
# Display images in the terminal
programs.fish.shellAliases = {
icat = "kitty +kitten icat";
ssh = "kitty +kitten ssh";
};
programs.kitty = {
enable = true;
environment = { };
extraConfig = "";
font.size = 14;
keybindings = {
# Use shift+enter to complete text suggestions in fish
"shift+enter" = "send_text all \\x1F";
# Easy fullscreen toggle (for macOS)
"super+f" = "toggle_fullscreen";
# Kitty scrollback nvim
"kitty_mod+h" = "kitty_scrollback_nvim";
"kitty_mod+g" =
"kitty_scrollback_nvim --config ksb_builtin_last_cmd_output";
};
settings = {
# Required for kitty-scrollback.nvim
allow_remote_control = "socket-only";
listen_on = "unix:/tmp/kitty";
action_alias =
"kitty_scrollback_nvim kitten ${pkgs.kitty-scrollback-nvim}/python/kitty_scrollback_nvim.py";
# Colors (adapted from: https://github.com/kdrag0n/base16-kitty/blob/master/templates/default-256.mustache)
background = config.theme.colors.base00;
foreground = config.theme.colors.base05;
selection_background = config.theme.colors.base05;
selection_foreground = config.theme.colors.base00;
url_color = config.theme.colors.base04;
cursor = config.theme.colors.base05;
active_border_color = config.theme.colors.base03;
inactive_border_color = config.theme.colors.base01;
active_tab_background = config.theme.colors.base00;
active_tab_foreground = config.theme.colors.base05;
inactive_tab_background = config.theme.colors.base01;
inactive_tab_foreground = config.theme.colors.base04;
tab_bar_background = config.theme.colors.base01;
# normal
color0 = config.theme.colors.base00;
color1 = config.theme.colors.base08;
color2 = config.theme.colors.base0B;
color3 = config.theme.colors.base0A;
color4 = config.theme.colors.base0D;
color5 = config.theme.colors.base0E;
color6 = config.theme.colors.base0C;
color7 = config.theme.colors.base05;
# bright
color8 = config.theme.colors.base03;
color9 = config.theme.colors.base08;
color10 = config.theme.colors.base0B;
color11 = config.theme.colors.base0A;
color12 = config.theme.colors.base0D;
color13 = config.theme.colors.base0E;
color14 = config.theme.colors.base0C;
color15 = config.theme.colors.base07;
# extended base16 colors
color16 = config.theme.colors.base09;
color17 = config.theme.colors.base0F;
color18 = config.theme.colors.base01;
color19 = config.theme.colors.base02;
color20 = config.theme.colors.base04;
color21 = config.theme.colors.base06;
# Scrollback
scrolling_lines = 10000;
scrollback_pager_history_size = 10; # MB
# Window
window_padding_width = 6;
tab_bar_edge = "top";
tab_bar_style = "slant";
# Disable audio
enable_audio_bell = false;
};
};
};
};
}

61
modules/common/applications/media.nix Normal file
View File

@ -0,0 +1,61 @@
{ config, pkgs, lib, ... }: {
options = {
media = {
enable = lib.mkEnableOption {
description = "Enable media programs.";
default = false;
};
};
};
config = lib.mkIf (config.gui.enable && config.media.enable) {
home-manager.users.${config.user} = {
home.packages = with pkgs; [
nsxiv # Image viewer
mupdf # PDF viewer
zathura # PDF viewer
];
# Video player
programs.mpv = {
enable = true;
bindings = { };
config = {
image-display-duration = 2; # For cycling through images
hwdec = "auto-safe"; # Attempt to use GPU decoding for video
};
scripts = [
# Automatically load playlist entries before and after current file
pkgs.mpvScripts.autoload
# Delete current file after quitting
pkgs.mpvScripts.mpv-delete-file
];
};
# Set default programs for opening PDFs and other media
xdg.mimeApps = {
associations.added = {
"application/pdf" = [ "pwmt.zathura-cb.desktop" ];
"image/jpeg" = [ "nsxiv.desktop" ];
"image/png" = [ "nsxiv.desktop" ];
"image/*" = [ "nsxiv.desktop" ];
};
associations.removed = {
"application/pdf" = [ "mupdf.desktop" "wine-extension-pdf.desktop" ];
};
defaultApplications = {
"application/pdf" = [ "pwmt.zathura-cb.desktop" ];
"image/jpeg" = [ "nsxiv.desktop" ];
"image/png" = [ "nsxiv.desktop" ];
"image/*" = [ "nsxiv.desktop" ];
};
};
};
};
}

24
modules/common/applications/obsidian.nix Normal file
View File

@ -0,0 +1,24 @@
{ config, pkgs, lib, ... }: {
options = {
obsidian = {
enable = lib.mkEnableOption {
description = "Enable Obsidian.";
default = false;
};
};
};
config = lib.mkIf (config.gui.enable && config.obsidian.enable) {
unfreePackages = [ "obsidian" ];
home-manager.users.${config.user} = {
home.packages = with pkgs; [ obsidian ];
};
# Broken on 2023-12-11
# https://forum.obsidian.md/t/electron-25-is-now-eol-please-upgrade-to-a-newer-version/72878/8
nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ];
};
}

21
modules/common/applications/qbittorrent.nix Normal file
View File

@ -0,0 +1,21 @@
{ config, pkgs, lib, ... }: {
options = {
qbittorrent = {
enable = lib.mkEnableOption {
description = "Enable qBittorrent.";
default = false;
};
};
};
config = lib.mkIf (config.gui.enable && config.qbittorrent.enable) {
home-manager.users.${config.user} = {
home.packages = with pkgs; [ qbittorrent ];
};
};
}

19
modules/common/applications/slack.nix Normal file
View File

@ -0,0 +1,19 @@
{ config, pkgs, lib, ... }: {
options = {
slack = {
enable = lib.mkEnableOption {
description = "Enable Slack.";
default = false;
};
};
};
config = lib.mkIf (config.gui.enable && config.slack.enable) {
unfreePackages = [ "slack" ];
home-manager.users.${config.user} = {
home.packages = with pkgs; [ slack ];
};
};
}

35
modules/common/applications/yt-dlp.nix Normal file
View File

@ -0,0 +1,35 @@
{ config, pkgs, lib, ... }: {
options = {
yt-dlp = {
enable = lib.mkEnableOption {
description = "Enable YouTube downloader.";
default = false;
};
};
};
config = lib.mkIf (config.yt-dlp.enable) {
home-manager.users.${config.user} = {
programs.yt-dlp = {
enable = true;
extraConfig = "";
settings = {
no-continue = true; # Always re-download each fragment
no-overwrites = true; # Don't overwrite existing files
download-archive = "archive.log"; # Log of archives
embed-metadata = true;
embed-thumbnail = true;
embed-subs = true;
sub-langs = "en.*";
concurrent-fragments = 4; # Parallel download chunks
};
};
programs.fish.shellAbbrs.yt = "yt-dlp";
};
};
}

169
modules/common/default.nix Normal file
View File

@ -0,0 +1,169 @@
{ config, lib, pkgs, ... }: {
imports =
[ ./applications ./mail ./neovim ./programming ./repositories ./shell ];
options = {
user = lib.mkOption {
type = lib.types.str;
description = "Primary user of the system";
};
fullName = lib.mkOption {
type = lib.types.str;
description = "Human readable name of the user";
};
userDirs = {
# Required to prevent infinite recursion when referenced by himalaya
download = lib.mkOption {
type = lib.types.str;
description = "XDG directory for downloads";
default =
if pkgs.stdenv.isDarwin then "$HOME/Downloads" else "$HOME/downloads";
};
};
identityFile = lib.mkOption {
type = lib.types.str;
description = "Path to existing private key file.";
default = "/etc/ssh/ssh_host_ed25519_key";
};
gui = {
enable = lib.mkEnableOption {
description = "Enable graphics.";
default = false;
};
};
theme = {
colors = lib.mkOption {
type = lib.types.attrs;
description = "Base16 color scheme.";
default = (import ../colorscheme/gruvbox).dark;
};
dark = lib.mkOption {
type = lib.types.bool;
description = "Enable dark mode.";
default = true;
};
};
homePath = lib.mkOption {
type = lib.types.path;
description = "Path of user's home directory.";
default = builtins.toPath (if pkgs.stdenv.isDarwin then
"/Users/${config.user}"
else
"/home/${config.user}");
};
dotfilesPath = lib.mkOption {
type = lib.types.path;
description = "Path of dotfiles repository.";
default = config.homePath + "/dev/personal/dotfiles";
};
dotfilesRepo = lib.mkOption {
type = lib.types.str;
description = "Link to dotfiles repository HTTPS URL.";
};
unfreePackages = lib.mkOption {
type = lib.types.listOf lib.types.str;
description = "List of unfree packages to allow.";
default = [ ];
};
hostnames = {
git = lib.mkOption {
type = lib.types.str;
description = "Hostname for git server (Gitea).";
};
metrics = lib.mkOption {
type = lib.types.str;
description = "Hostname for metrics server.";
};
paperless = lib.mkOption {
type = lib.types.str;
description = "Hostname for document server (paperless-ngx).";
};
prometheus = lib.mkOption {
type = lib.types.str;
description = "Hostname for Prometheus server.";
};
influxdb = lib.mkOption {
type = lib.types.str;
description = "Hostname for InfluxDB2 server.";
};
secrets = lib.mkOption {
type = lib.types.str;
description = "Hostname for passwords and secrets (Vaultwarden).";
};
stream = lib.mkOption {
type = lib.types.str;
description = "Hostname for video/media library (Jellyfin).";
};
content = lib.mkOption {
type = lib.types.str;
description = "Hostname for personal content system (Nextcloud).";
};
books = lib.mkOption {
type = lib.types.str;
description = "Hostname for books library (Calibre-Web).";
};
download = lib.mkOption {
type = lib.types.str;
description = "Hostname for download services.";
};
};
};
config = let stateVersion = "23.05";
in {
nix = {
# Enable features in Nix commands
extraOptions = ''
experimental-features = nix-command flakes
warn-dirty = false
'';
gc = {
automatic = true;
options = "--delete-older-than 7d";
};
settings = {
# Add community Cachix to binary cache
# Don't use with macOS because blocked by corporate firewall
builders-use-substitutes = true;
substituters = lib.mkIf (!pkgs.stdenv.isDarwin)
[ "https://nix-community.cachix.org" ];
trusted-public-keys = lib.mkIf (!pkgs.stdenv.isDarwin) [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
# Scans and hard links identical files in the store
# Not working with macOS: https://github.com/NixOS/nix/issues/7273
auto-optimise-store = lib.mkIf (!pkgs.stdenv.isDarwin) true;
};
};
# Basic common system packages for all devices
environment.systemPackages = with pkgs; [ git vim wget curl ];
# Use the system-level nixpkgs instead of Home Manager's
home-manager.useGlobalPkgs = true;
# Install packages to /etc/profiles instead of ~/.nix-profile, useful when
# using multiple profiles for one user
home-manager.useUserPackages = true;
# Allow specified unfree packages (identified elsewhere)
# Retrieves package object based on string name
nixpkgs.config.allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) config.unfreePackages;
# Pin a state version to prevent warnings
home-manager.users.${config.user}.home.stateVersion = stateVersion;
home-manager.users.root.home.stateVersion = stateVersion;
};
}

208
modules/common/mail/aerc.nix Normal file
View File

@ -0,0 +1,208 @@
{ config, pkgs, lib, ... }: {
options.mail.aerc.enable = lib.mkEnableOption "Aerc email.";
config = lib.mkIf config.mail.aerc.enable {
home-manager.users.${config.user} = {
home.packages = with pkgs; [
w3m # Render HTML
dante # Socksify for rendering HTML
];
programs.aerc = {
enable = true;
extraBinds = {
# Binds are of the form <key sequence> = <command to run>
# To use '=' in a key sequence, substitute it with "Eq": "<Ctrl+Eq>"
# If you wish to bind #, you can wrap the key sequence in quotes: "#" = quit
global = {
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab <Enter>";
"<C-t>" = ":term<Enter>";
"?" = ":help keys<Enter>";
};
messages = {
q = ":quit<Enter>";
j = ":next <Enter>";
"<Down>" = ":next<Enter>";
"<C-d>" = ":next 50%<Enter>";
"<C-f>" = ":next 100%<Enter>";
"<PgDn>" = ":next 100%<Enter>";
k = ":prev <Enter>";
"<Up>" = ":prev<Enter>";
"<C-u>" = ":prev 50%<Enter>";
"<C-b>" = ":prev 100%<Enter>";
"<PgUp>" = ":prev 100%<Enter>";
g = ":select 0 <Enter>";
G = ":select -1<Enter>";
J = ":next-folder <Enter>";
K = ":prev-folder<Enter>";
H = ":collapse-folder<Enter>";
L = ":expand-folder<Enter>";
v = ":mark -t<Enter>";
V = ":mark -v<Enter>";
T = ":toggle-threads<Enter>";
"<Enter>" = ":view<Enter>";
d = ":prompt 'Really delete this message?' 'delete-message'<Enter>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
C = ":compose<Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
c = ":cf<space>";
"$" = ":term<space>";
"!" = ":term<space>";
"|" = ":pipe<space>";
"/" = ":search<space>-a<space>";
"\\" = ":filter <space>";
n = ":next-result<Enter>";
N = ":prev-result<Enter>";
"<Esc>" = ":clear<Enter>";
};
"messages:folder=Drafts" = { "<Enter>" = ":recall<Enter>"; };
view = {
"/" = ":toggle-key-passthrough <Enter> /";
q = ":close<Enter>";
O = ":open<Enter>";
S = ":save<space>";
"|" = ":pipe<space>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
"<C-l>" = ":open-link <space>";
f = ":forward <Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
H = ":toggle-headers<Enter>";
"<C-k>" = ":prev-part<Enter>";
"<C-j>" = ":next-part<Enter>";
J = ":next <Enter>";
K = ":prev<Enter>";
};
"view::passthrough" = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<Esc>" = ":toggle-key-passthrough<Enter>";
};
compose = {
# Keybindings used when the embedded terminal is not selected in the compose
# view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<A-p>" = ":switch-account -p<Enter>";
"<A-n>" = ":switch-account -n<Enter>";
"<tab>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::editor" = {
# Keybindings used when the embedded terminal is selected in the compose view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::review" = {
# Keybindings used when reviewing a message to be sent
y = ":send <Enter>";
n = ":abort<Enter>";
p = ":postpone<Enter>";
q = ":choose -o d discard abort -o p postpone postpone<Enter>";
e = ":edit<Enter>";
a = ":attach<space>";
d = ":detach<space>";
};
terminal = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
};
extraConfig = {
general.unsafe-accounts-conf = true;
viewer = { pager = "${pkgs.less}/bin/less -R"; };
filters = {
"text/plain" = "${pkgs.aerc}/libexec/aerc/filters/colorize";
"text/calendar" =
"${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/libexec/aerc/filters/calendar";
"text/html" =
"${pkgs.aerc}/libexec/aerc/filters/html | ${pkgs.aerc}/libexec/aerc/filters/colorize"; # Requires w3m, dante
# "text/*" =
# ''${pkgs.bat}/bin/bat -fP --file-name="$AERC_FILENAME "'';
"message/delivery-status" =
"${pkgs.aerc}/libexec/aerc/filters/colorize";
"message/rfc822" = "${pkgs.aerc}/libexec/aerc/filters/colorize";
"application/x-sh" = "${pkgs.bat}/bin/bat -fP -l sh";
"application/pdf" = "${pkgs.zathura}/bin/zathura -";
"audio/*" = "${pkgs.mpv}/bin/mpv -";
"image/*" = "${pkgs.feh}/bin/feh -";
};
};
};
accounts.email.accounts.home.aerc = {
enable = true;
extraAccounts = {
check-mail = "5m";
check-mail-cmd = "${pkgs.isync}/bin/mbsync -a";
};
};
xdg.desktopEntries.aerc = lib.mkIf pkgs.stdenv.isLinux {
name = "aerc";
exec = "kitty aerc %u";
};
xsession.windowManager.i3.config.keybindings =
lib.mkIf pkgs.stdenv.isLinux {
"${
config.home-manager.users.${config.user}.xsession.windowManager.i3.config.modifier
}+Shift+e" = "exec ${
# Don't name the script `aerc` or it will affect grep
builtins.toString (pkgs.writeShellScript "focus-mail.sh" ''
count=$(ps aux | grep -c aerc)
if [ "$count" -eq 1 ]; then
i3-msg "exec --no-startup-id kitty --class aerc aerc"
sleep 0.25
fi
i3-msg "[class=aerc] focus"
'')
}";
};
programs.fish.shellAbbrs = { ae = "aerc"; };
};
};
}

125
modules/common/mail/default.nix Normal file
View File

@ -0,0 +1,125 @@
{ config, pkgs, lib, ... }: {
imports = [ ./himalaya.nix ./aerc.nix ./system.nix ];
options = {
mail.enable = lib.mkEnableOption "Mail service.";
mail.user = lib.mkOption {
type = lib.types.str;
description = "User name for the email address.";
default = config.user;
};
mail.server = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "Server name for the email address.";
};
mail.imapHost = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "Server host for IMAP (reading mail).";
};
mail.smtpHost = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "Server host for SMTP (sending mail).";
};
};
config = lib.mkIf config.mail.enable {
home-manager.users.${config.user} = {
programs.mbsync = { enable = true; };
# Automatically check for mail and keep files synced locally
services.mbsync = lib.mkIf pkgs.stdenv.isLinux {
enable = true;
frequency = "*:0/5";
postExec = "${pkgs.notmuch}/bin/notmuch new";
};
# Used to watch for new mail and trigger sync
services.imapnotify.enable = pkgs.stdenv.isLinux;
# Allows sending email from CLI/sendmail
programs.msmtp.enable = true;
# Better local mail search
programs.notmuch = {
enable = true;
new.ignore =
[ ".mbsyncstate.lock" ".mbsyncstate.journal" ".mbsyncstate.new" ];
};
accounts.email = {
# Where email files are stored
maildirBasePath = "${config.homePath}/mail";
accounts = {
home = let address = "${config.mail.user}@${config.mail.server}";
in {
userName = address;
realName = config.fullName;
primary = true;
inherit address;
aliases = map (user: "${user}@${config.mail.server}") [
"me"
"hey"
"admin"
];
# Options for contact completion
alot = { };
imap = {
host = config.mail.imapHost;
port = 993;
tls.enable = true;
};
# Watch for mail and run notifications or sync
imapnotify = {
enable = true;
boxes = [ "Inbox" ];
onNotify = "${pkgs.isync}/bin/mbsync -a";
onNotifyPost = lib.mkIf
config.home-manager.users.${config.user}.services.dunst.enable
"${pkgs.libnotify}/bin/notify-send 'New mail arrived'";
};
# Name of the directory in maildir for this account
maildir = { path = "main"; };
# Bi-directional syncing options for local files
mbsync = {
enable = true;
create = "both";
expunge = "both";
remove = "both";
patterns = [ "*" ];
extraConfig.channel = {
CopyArrivalDate = "yes"; # Sync time of original message
};
};
# Enable indexing
notmuch.enable = true;
# Used to login and send and receive emails
passwordCommand =
"${pkgs.age}/bin/age --decrypt --identity ~/.ssh/id_ed25519 ${
pkgs.writeText "mailpass.age"
(builtins.readFile ../../../private/mailpass.age)
}";
smtp = {
host = config.mail.smtpHost;
port = 465;
tls.enable = true;
};
};
};
};
};
};
}

25
modules/common/mail/himalaya.nix Normal file
View File

@ -0,0 +1,25 @@
{ config, lib, ... }: {
options.mail.himalaya.enable = lib.mkEnableOption "Himalaya email.";
config = lib.mkIf config.mail.himalaya.enable {
home-manager.users.${config.user} = {
programs.himalaya = { enable = true; };
accounts.email.accounts.home.himalaya = {
enable = true;
backend = "imap";
sender = "smtp";
settings = {
downloads-dir = config.userDirs.download;
smtp-insecure = true;
};
};
programs.fish.shellAbbrs = { hi = "himalaya"; };
};
};
}

34
modules/common/mail/system.nix Normal file
View File

@ -0,0 +1,34 @@
{ config, pkgs, lib, ... }: {
config = lib.mkIf (config.mail.enable || config.server) {
home-manager.users.${config.user} = {
programs.msmtp.enable = true;
# The system user for sending automatic notifications
accounts.email.accounts.system =
let address = "system@${config.mail.server}";
in {
userName = address;
realName = "NixOS System";
primary = !config.mail.enable; # Only primary if mail not enabled
inherit address;
passwordCommand =
"${pkgs.age}/bin/age --decrypt --identity ${config.identityFile} ${
pkgs.writeText "mailpass-system.age"
(builtins.readFile ../../../private/mailpass-system.age)
}";
msmtp.enable = true;
smtp = {
host = config.mail.smtpHost;
port = 465;
tls.enable = true;
};
};
};
};
}

3
pkgs/applications/editors/neovim/nmasur/neovim/config/align.nix → modules/common/neovim/config/align.nix
View File

@ -1,5 +1,4 @@
{ pkgs, ... }: { pkgs, ... }: {
{
# Plugin for aligning text programmatically # Plugin for aligning text programmatically

11
pkgs/applications/editors/neovim/nmasur/neovim/config/bufferline.nix → modules/common/neovim/config/bufferline.nix
View File

@ -1,22 +1,19 @@
{ pkgs, ... }: { pkgs, ... }: {
{
# Shows buffers in a VSCode-style tab layout # Shows buffers in a VSCode-style tab layout
plugins = [ plugins = [
pkgs.vimPlugins.bufferline-nvim pkgs.vimPlugins.bufferline-nvim
pkgs.vimPlugins.vim-bbye # Better closing of buffers pkgs.vimPlugins.vim-bbye # Better closing of buffers
pkgs.vimPlugins.snipe-nvim # Jump between open buffers
]; ];
setup.bufferline = { setup.bufferline = {
options = { options = {
diagnostics = "nvim_lsp"; diagnostics = "nvim_lsp";
always_show_bufferline = false; always_show_bufferline = false;
separator_style = "slant"; separator_style = "slant";
offsets = [ { filetype = "NvimTree"; } ]; offsets = [{ filetype = "NvimTree"; }];
}; };
}; };
setup.snipe = { };
lua = '' lua = ''
-- Move buffers -- Move buffers
vim.keymap.set("n", "L", ":BufferLineCycleNext<CR>", { silent = true }) vim.keymap.set("n", "L", ":BufferLineCycleNext<CR>", { silent = true })
@ -24,7 +21,5 @@
-- Kill buffer -- Kill buffer
vim.keymap.set("n", "<Leader>x", " :Bdelete<CR>", { silent = true }) vim.keymap.set("n", "<Leader>x", " :Bdelete<CR>", { silent = true })
'';
-- Jump to buffer
vim.keymap.set("n", "gb", require("snipe").open_buffer_menu, { silent = true }) '';
} }

22
modules/common/neovim/config/colors.nix Normal file
View File

@ -0,0 +1,22 @@
{ pkgs, lib, config, ... }: {
# Sets Neovim colors based on Nix colorscheme
options.colors = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
description = "Attrset of base16 colorscheme key value pairs.";
};
config = {
plugins = [ pkgs.vimPlugins.nvim-base16 ];
setup.base16-colorscheme = config.colors;
# Telescope isn't working, shut off for now
lua = ''
require('base16-colorscheme').with_config {
telescope = false,
}
'';
};
}

76
pkgs/applications/editors/neovim/nmasur/neovim/config/completion.nix → modules/common/neovim/config/completion.nix
View File

@ -1,8 +1,6 @@
{ pkgs, dsl, ... }: { pkgs, dsl, ... }: {
{
plugins = [ plugins = [
pkgs.vimPlugins.nvim-cmp
pkgs.vimPlugins.cmp-nvim-lsp pkgs.vimPlugins.cmp-nvim-lsp
pkgs.vimPlugins.cmp-buffer pkgs.vimPlugins.cmp-buffer
pkgs.vimPlugins.cmp-path pkgs.vimPlugins.cmp-path
@ -27,21 +25,21 @@
# Basic completion keybinds # Basic completion keybinds
mapping = { mapping = {
"['<C-n>']" = "['<C-n>']" = dsl.rawLua
dsl.rawLua "require('cmp').mapping.select_next_item({ behavior = require('cmp').SelectBehavior.Insert }, { 'i', 'c' })"; "require('cmp').mapping.select_next_item({ behavior = require('cmp').SelectBehavior.Insert })";
"['<C-p>']" = "['<C-p>']" = dsl.rawLua
dsl.rawLua "require('cmp').mapping.select_prev_item({ behavior = require('cmp').SelectBehavior.Insert }, { 'i', 'c' })"; "require('cmp').mapping.select_prev_item({ behavior = require('cmp').SelectBehavior.Insert })";
"['<Down>']" = "['<Down>']" = dsl.rawLua
dsl.rawLua "require('cmp').mapping.select_next_item({ behavior = require('cmp').SelectBehavior.Select }, { 'i', 'c' })"; "require('cmp').mapping.select_next_item({ behavior = require('cmp').SelectBehavior.Select })";
"['<Up>']" = "['<Up>']" = dsl.rawLua
dsl.rawLua "require('cmp').mapping.select_prev_item({ behavior = require('cmp').SelectBehavior.Select }, { 'i', 'c' })"; "require('cmp').mapping.select_prev_item({ behavior = require('cmp').SelectBehavior.Select })";
"['<C-d>']" = dsl.rawLua "require('cmp').mapping.scroll_docs(-4)"; "['<C-d>']" = dsl.rawLua "require('cmp').mapping.scroll_docs(-4)";
"['<C-f>']" = dsl.rawLua "require('cmp').mapping.scroll_docs(4)"; "['<C-f>']" = dsl.rawLua "require('cmp').mapping.scroll_docs(4)";
"['<C-e>']" = dsl.rawLua "require('cmp').mapping.abort()"; "['<C-e>']" = dsl.rawLua "require('cmp').mapping.abort()";
"['<C-y>']" = "['<CR>']" = dsl.rawLua
dsl.rawLua "require('cmp').mapping.confirm({ behavior = require('cmp').ConfirmBehavior.Insert, select = true, }, { 'i', 'c' })"; "require('cmp').mapping.confirm({ behavior = require('cmp').ConfirmBehavior.Replace, select = true, })";
"['<C-r>']" = "['<C-r>']" = dsl.rawLua
dsl.rawLua "require('cmp').mapping.confirm({ behavior = require('cmp').ConfirmBehavior.Replace, select = true, }, { 'i', 'c' })"; "require('cmp').mapping.confirm({ behavior = require('cmp').ConfirmBehavior.Replace, select = true, })";
"['<Esc>']" = dsl.rawLua '' "['<Esc>']" = dsl.rawLua ''
function(_) function(_)
cmp.mapping({ cmp.mapping({
@ -51,7 +49,7 @@
vim.cmd("stopinsert") --- Abort and leave insert mode vim.cmd("stopinsert") --- Abort and leave insert mode
end end
''; '';
"['<C-k>']" = dsl.rawLua '' "['<C-l>']" = dsl.rawLua ''
cmp.mapping(function(_) cmp.mapping(function(_)
if require("luasnip").expand_or_jumpable() then if require("luasnip").expand_or_jumpable() then
require("luasnip").expand_or_jump() require("luasnip").expand_or_jump()
@ -74,19 +72,13 @@
name = "rg"; # Grep for text from the current directory name = "rg"; # Grep for text from the current directory
keyword_length = 6; keyword_length = 6;
max_item_count = 10; max_item_count = 10;
option = { option = { additional_arguments = "--ignore-case"; };
additional_arguments = "--ignore-case";
};
} }
]; ];
# Styling of the completion menu # Styling of the completion menu
formatting = { formatting = {
fields = [ fields = [ "kind" "abbr" "menu" ];
"kind"
"abbr"
"menu"
];
format = dsl.rawLua '' format = dsl.rawLua ''
function(entry, vim_item) function(entry, vim_item)
local kind_icons = { local kind_icons = {
@ -133,46 +125,19 @@
native_menu = false; # Use cmp menu instead of Vim menu native_menu = false; # Use cmp menu instead of Vim menu
ghost_text = true; # Show preview auto-completion ghost_text = true; # Show preview auto-completion
}; };
}; };
lua' = '' lua = ''
-- Use buffer source for `/` -- Use buffer source for `/`
require('cmp').setup.cmdline("/", { require('cmp').setup.cmdline("/", {
mapping = { sources = {
['<C-n>'] = {
c = require('cmp').mapping.select_next_item({ behavior = require('cmp').SelectBehavior.Insert }, { 'i', 'c' })
},
['<C-p>'] = {
c = require('cmp').mapping.select_prev_item({ behavior = require('cmp').SelectBehavior.Insert }, { 'i', 'c' })
},
['<C-y>'] = {
c = require('cmp').mapping.confirm({ behavior = require('cmp').ConfirmBehavior.Insert, select = true, }, { 'i', 'c' })
},
['<C-r>'] = {
c = require('cmp').mapping.confirm({ behavior = require('cmp').ConfirmBehavior.Replace, select = true, }, { 'i', 'c' })
},
},
sources = require('cmp').config.sources({
{ name = "buffer", keyword_length = 5 }, { name = "buffer", keyword_length = 5 },
}), },
}) })
-- Use cmdline & path source for ':' -- Use cmdline & path source for ':'
require('cmp').setup.cmdline(":", { require('cmp').setup.cmdline(":", {
mapping = {
['<C-n>'] = {
c = require('cmp').mapping.select_next_item({ behavior = require('cmp').SelectBehavior.Insert }, { 'i', 'c' })
},
['<C-p>'] = {
c = require('cmp').mapping.select_prev_item({ behavior = require('cmp').SelectBehavior.Insert }, { 'i', 'c' })
},
['<C-y>'] = {
c = require('cmp').mapping.confirm({ behavior = require('cmp').ConfirmBehavior.Insert, select = true, }, { 'i', 'c' })
},
['<C-r>'] = {
c = require('cmp').mapping.confirm({ behavior = require('cmp').ConfirmBehavior.Replace, select = true, }, { 'i', 'c' })
},
},
sources = require('cmp').config.sources({ sources = require('cmp').config.sources({
{ name = "path" }, { name = "path" },
}, { }, {
@ -180,4 +145,5 @@
}), }),
}) })
''; '';
} }

9
pkgs/applications/editors/neovim/nmasur/neovim/config/github.lua → modules/common/neovim/config/github.lua
View File

@ -2,11 +2,8 @@
vim.keymap.set("n", "<Leader>gr", ":!gh browse %<CR><CR>", { silent = true }) vim.keymap.set("n", "<Leader>gr", ":!gh browse %<CR><CR>", { silent = true })
-- Pop a terminal to watch the current run -- Pop a terminal to watch the current run
local gitwatch = require("toggleterm.terminal").Terminal:new({ local gitwatch =
cmd = "fish --interactive --init-command 'gh run watch'", require("toggleterm.terminal").Terminal:new({ cmd = "fish --interactive --init-command 'gh run watch'" })
hidden = true,
direction = "float",
})
-- Set a toggle for this terminal -- Set a toggle for this terminal
function GITWATCH_TOGGLE() function GITWATCH_TOGGLE()
@ -14,4 +11,4 @@ function GITWATCH_TOGGLE()
end end
-- Keymap to toggle the run -- Keymap to toggle the run
vim.keymap.set("n", "<Leader>W", GITWATCH_TOGGLE) vim.keymap.set("n", "<Leader>gw", GITWATCH_TOGGLE)

0
pkgs/applications/editors/neovim/nmasur/neovim/config/gitsigns.lua → modules/common/neovim/config/gitsigns.lua
View File

3
pkgs/applications/editors/neovim/nmasur/neovim/config/gitsigns.nix → modules/common/neovim/config/gitsigns.nix
View File

@ -1,5 +1,4 @@
{ pkgs, ... }: { pkgs, ... }: {
{
plugins = [ pkgs.vimPlugins.gitsigns-nvim ]; plugins = [ pkgs.vimPlugins.gitsigns-nvim ];
setup.gitsigns = { }; setup.gitsigns = { };
lua = builtins.readFile ./gitsigns.lua; lua = builtins.readFile ./gitsigns.lua;

0
pkgs/applications/editors/neovim/nmasur/neovim/config/kubernetes.lua → modules/common/neovim/config/kubernetes.lua
View File

0
pkgs/applications/editors/neovim/nmasur/neovim/config/lsp.lua → modules/common/neovim/config/lsp.lua
View File

120
modules/common/neovim/config/lsp.nix Normal file
View File

@ -0,0 +1,120 @@
{ pkgs, lib, config, dsl, ... }: {
# Terraform optional because non-free
options.github = lib.mkEnableOption "Whether to enable GitHub features";
options.kubernetes =
lib.mkEnableOption "Whether to enable Kubernetes features";
options.python = lib.mkEnableOption "Whether to enable Python LSP";
options.terraform = lib.mkEnableOption "Whether to enable Terraform LSP";
config =
let
terraformFormat = if config.terraform then ''
require("null-ls").builtins.formatting.terraform_fmt.with({
command = "${pkgs.terraform}/bin/terraform",
extra_filetypes = { "hcl" },
}),
'' else
"";
pythonFormat = if config.python then ''
require("null-ls").builtins.formatting.black.with({ command = "${pkgs.black}/bin/black" }),
require("null-ls").builtins.diagnostics.ruff.with({ command = "${pkgs.ruff}/bin/ruff" }),
'' else
"";
in {
plugins = [
pkgs.vimPlugins.nvim-lspconfig
pkgs.vimPlugins.null-ls-nvim
pkgs.vimPlugins.fidget-nvim
];
setup.fidget = { };
use.lspconfig.lua_ls.setup = dsl.callWith {
settings = { Lua = { diagnostics = { globals = [ "vim" "hs" ]; }; }; };
capabilities =
dsl.rawLua "require('cmp_nvim_lsp').default_capabilities()";
cmd = [ "${pkgs.lua-language-server}/bin/lua-language-server" ];
};
use.lspconfig.nil_ls.setup = dsl.callWith {
cmd = [ "${pkgs.nil}/bin/nil" ];
capabilities =
dsl.rawLua "require('cmp_nvim_lsp').default_capabilities()";
};
use.lspconfig.pyright.setup = dsl.callWith {
cmd = if config.python then [
"${pkgs.pyright}/bin/pyright-langserver"
"--stdio"
] else
[ "echo" ];
};
use.lspconfig.terraformls.setup = dsl.callWith {
cmd = if config.terraform then [
"${pkgs.terraform-ls}/bin/terraform-ls"
"serve"
] else
[ "echo" ];
};
use.lspconfig.rust_analyzer.setup = dsl.callWith {
cmd = [ "${pkgs.rust-analyzer}/bin/rust-analyzer" ];
settings = {
"['rust-analyzer']" = { check = { command = "clippy"; }; };
};
};
vim.api.nvim_create_augroup = dsl.callWith [ "LspFormatting" { } ];
lua = ''
${builtins.readFile ./lsp.lua}
-- Prevent infinite log size (change this when debugging)
vim.lsp.set_log_level("off")
require("null-ls").setup({
sources = {
require("null-ls").builtins.formatting.stylua.with({ command = "${pkgs.stylua}/bin/stylua" }),
require("null-ls").builtins.formatting.fish_indent.with({ command = "${pkgs.fish}/bin/fish_indent" }),
require("null-ls").builtins.formatting.nixfmt.with({ command = "${pkgs.nixfmt}/bin/nixfmt" }),
require("null-ls").builtins.formatting.rustfmt.with({ command = "${pkgs.rustfmt}/bin/rustfmt" }),
require("null-ls").builtins.diagnostics.shellcheck.with({ command = "${pkgs.shellcheck}/bin/shellcheck" }),
require("null-ls").builtins.formatting.shfmt.with({
command = "${pkgs.shfmt}/bin/shfmt",
extra_args = { "-i", "4", "-ci" },
}),
${pythonFormat}
${terraformFormat}
},
on_attach = function(client, bufnr)
if client.supports_method("textDocument/formatting") then
-- Auto-format on save
vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
vim.api.nvim_create_autocmd("BufWritePre", {
group = augroup,
buffer = bufnr,
callback = function()
vim.lsp.buf.format({ bufnr = bufnr })
end,
})
-- Use internal formatting for bindings like gq.
vim.api.nvim_create_autocmd("LspAttach", {
callback = function(args)
vim.bo[args.buf].formatexpr = nil
end,
})
end
end,
})
'';
};
}

37
pkgs/applications/editors/neovim/nmasur/neovim/config/misc.nix → modules/common/neovim/config/misc.nix
View File

@ -1,29 +1,22 @@
{ { pkgs, dsl, lib, ... }: {
pkgs,
dsl,
lib,
...
}:
{
plugins = [ plugins = [
pkgs.vimPlugins.vim-surround # Keybinds for surround characters pkgs.vimPlugins.vim-surround # Keybinds for surround characters
pkgs.vimPlugins.vim-eunuch # File manipulation commands pkgs.vimPlugins.vim-eunuch # File manipulation commands
pkgs.vimPlugins.vim-fugitive # Git commands pkgs.vimPlugins.vim-fugitive # Git commands
pkgs.vimPlugins.vim-repeat # Better repeat using . pkgs.vimPlugins.vim-repeat # Better repeat using .
pkgs.vimPlugins.vim-abolish # Keep capitalization in substitute (Subvert) pkgs.vimPlugins.comment-nvim # Smart comment commands
pkgs.vimPlugins.markview-nvim # Markdown preview pkgs.vimPlugins.glow-nvim # Markdown preview popup
pkgs.vimPlugins.nvim-colorizer-lua # Hex color previews pkgs.vimPlugins.nvim-colorizer-lua # Hex color previews
pkgs.vimPlugins.which-key-nvim # Keybind helper pkgs.vimPlugins.which-key-nvim # Keybind helper
pkgs.kitty-scrollback-nvim # Scrollback pager for kitty
]; ];
# Initialize some plugins # Initialize some plugins
setup.colorizer = { setup.Comment = { };
user_default_options = { setup.colorizer = { user_default_options = { names = false; }; };
names = false; setup.glow = { };
};
};
setup.markview = { };
setup.which-key = { }; setup.which-key = { };
setup.kitty-scrollback = { };
vim.o = { vim.o = {
termguicolors = true; # Set to truecolor termguicolors = true; # Set to truecolor
@ -41,6 +34,7 @@
scrolloff = 3; # Margin of lines to see while scrolling scrolloff = 3; # Margin of lines to see while scrolling
splitright = true; # Vertical splits on the right side splitright = true; # Vertical splits on the right side
splitbelow = true; # Horizontal splits on the bottom side splitbelow = true; # Horizontal splits on the bottom side
pastetoggle = "<F3>"; # Use F3 to enter raw paste mode
clipboard = "unnamedplus"; # Uses system clipboard for yanking clipboard = "unnamedplus"; # Uses system clipboard for yanking
updatetime = 300; # Faster diagnostics updatetime = 300; # Faster diagnostics
mouse = "nv"; # Mouse interaction / scrolling mouse = "nv"; # Mouse interaction / scrolling
@ -58,17 +52,14 @@
# Better backup, swap and undo storage # Better backup, swap and undo storage
vim.o.backup = true; # Easier to recover and more secure vim.o.backup = true; # Easier to recover and more secure
vim.opt.undofile = true; # Keeps undos after quit vim.bo.swapfile = false; # Instead of swaps, create backups
vim.opt.swapfile = false; # Instead of swaps, create backups vim.bo.undofile = true; # Keeps undos after quit
vim.o.backupdir = dsl.rawLua ''vim.fn.expand("~/.local/state/nvim/backup//")''; vim.o.backupdir =
dsl.rawLua ''vim.fn.expand("~/.local/state/nvim/backup//")'';
vim.o.undodir = dsl.rawLua ''vim.fn.expand("~/.local/state/nvim/undo//")''; vim.o.undodir = dsl.rawLua ''vim.fn.expand("~/.local/state/nvim/undo//")'';
# Required for nvim-cmp completion # Required for nvim-cmp completion
vim.opt.completeopt = [ vim.opt.completeopt = [ "menu" "menuone" "noselect" ];
"menu"
"menuone"
"noselect"
];
lua = lib.mkBefore '' lua = lib.mkBefore ''
vim.loader.enable() vim.loader.enable()

3
pkgs/applications/editors/neovim/nmasur/neovim/config/statusline.nix → modules/common/neovim/config/statusline.nix
View File

@ -1,5 +1,4 @@
{ pkgs, ... }: { pkgs, ... }: {
{
plugins = [ pkgs.vimPlugins.lualine-nvim ]; plugins = [ pkgs.vimPlugins.lualine-nvim ];
setup.lualine = { setup.lualine = {
options = { options = {

59
pkgs/applications/editors/neovim/nmasur/neovim/config/syntax.nix → modules/common/neovim/config/syntax.nix
View File

@ -1,47 +1,41 @@
{ pkgs, lib, ... }: { pkgs, lib, config, ... }: {
{
plugins = [ plugins = [
(pkgs.vimPlugins.nvim-treesitter.withPlugins (_plugins: [ (pkgs.vimPlugins.nvim-treesitter.withPlugins (_plugins:
pkgs.nmasur.ini-grammar with pkgs.tree-sitter-grammars;
pkgs.nmasur.puppet-grammar [
pkgs.nmasur.rasi-grammar tree-sitter-bash
pkgs.nmasur.vimdoc-grammar tree-sitter-c
pkgs.tree-sitter-grammars.tree-sitter-bash tree-sitter-fish
pkgs.tree-sitter-grammars.tree-sitter-c tree-sitter-ini
pkgs.tree-sitter-grammars.tree-sitter-fish tree-sitter-json
pkgs.tree-sitter-grammars.tree-sitter-hcl tree-sitter-lua
pkgs.tree-sitter-grammars.tree-sitter-json tree-sitter-markdown
pkgs.tree-sitter-grammars.tree-sitter-lua tree-sitter-markdown-inline
pkgs.tree-sitter-grammars.tree-sitter-markdown tree-sitter-nix
pkgs.tree-sitter-grammars.tree-sitter-markdown-inline tree-sitter-puppet
pkgs.tree-sitter-grammars.tree-sitter-nix tree-sitter-rasi
pkgs.tree-sitter-grammars.tree-sitter-python tree-sitter-toml
pkgs.tree-sitter-grammars.tree-sitter-toml tree-sitter-vimdoc
pkgs.tree-sitter-grammars.tree-sitter-yaml tree-sitter-yaml
])) ] ++ (if config.python.enable then [ tree-sitter-python ] else [ ])
++ (if config.terraform.enable then [ tree-sitter-hcl ] else [ ])))
pkgs.vimPlugins.vim-matchup # Better % jumping in languages pkgs.vimPlugins.vim-matchup # Better % jumping in languages
pkgs.vimPlugins.playground # Tree-sitter experimenting pkgs.vimPlugins.playground # Tree-sitter experimenting
pkgs.vimPlugins.nginx-vim pkgs.vimPlugins.nginx-vim
pkgs.vimPlugins.vim-helm pkgs.baleia-nvim # Clean ANSI from kitty scrollback
# pkgs.vimPlugins.hmts-nvim # Tree-sitter injections for home-manager # pkgs.hmts-nvim # Tree-sitter injections for home-manager
(pkgs.vimUtils.buildVimPlugin { (pkgs.vimUtils.buildVimPlugin {
pname = "nmasur"; pname = "nmasur";
version = "0.1"; version = "0.1";
src = ../plugin; src = ../plugin;
}) })
]; ] ++ (if config.kubernetes.enable then [ pkgs.vimPlugins.vim-helm ] else [ ]);
setup."nvim-treesitter.configs" = { setup."nvim-treesitter.configs" = {
highlight = { highlight = { enable = true; };
enable = true; indent = { enable = true; };
}; matchup = { enable = true; }; # Uses vim-matchup
indent = {
enable = true;
};
matchup = {
enable = true;
}; # Uses vim-matchup
textobjects = { textobjects = {
select = { select = {
@ -75,4 +69,5 @@
-- Use HCL parser with .tf files -- Use HCL parser with .tf files
vim.treesitter.language.register('hcl', 'terraform') vim.treesitter.language.register('hcl', 'terraform')
''; '';
} }

0
pkgs/applications/editors/neovim/nmasur/neovim/config/telescope.lua → modules/common/neovim/config/telescope.lua
View File

16
pkgs/applications/editors/neovim/nmasur/neovim/config/telescope.nix → modules/common/neovim/config/telescope.nix
View File

@ -1,5 +1,4 @@
{ pkgs, dsl, ... }: { pkgs, dsl, ... }: {
{
# Telescope is a fuzzy finder that can work with different sub-plugins # Telescope is a fuzzy finder that can work with different sub-plugins
@ -21,15 +20,9 @@
}; };
}; };
pickers = { pickers = {
find_files = { find_files = { theme = "ivy"; };
theme = "ivy"; oldfiles = { theme = "ivy"; };
}; buffers = { theme = "dropdown"; };
oldfiles = {
theme = "ivy";
};
buffers = {
theme = "dropdown";
};
}; };
extensions = { extensions = {
fzy_native = { }; fzy_native = { };
@ -40,4 +33,5 @@
setup.project_nvim = { }; setup.project_nvim = { };
lua = builtins.readFile ./telescope.lua; lua = builtins.readFile ./telescope.lua;
} }

2
pkgs/applications/editors/neovim/nmasur/neovim/config/toggleterm.lua → modules/common/neovim/config/toggleterm.lua
View File

@ -21,7 +21,7 @@ function TERM_TOGGLE()
basicterminal:toggle() basicterminal:toggle()
end end
local nixpkgs = terminal:new({ cmd = "nix repl --expr 'import <nixpkgs>{}'" }) local nixpkgs = terminal:new({ cmd = "nix repl '<nixpkgs>'" })
function NIXPKGS_TOGGLE() function NIXPKGS_TOGGLE()
nixpkgs:toggle() nixpkgs:toggle()
end end

9
pkgs/applications/editors/neovim/nmasur/neovim/config/toggleterm.nix → modules/common/neovim/config/toggleterm.nix
View File

@ -1,10 +1,4 @@
{ { pkgs, dsl, config, ... }: {
pkgs,
dsl,
config,
...
}:
{
# Toggleterm provides a floating terminal inside the editor for quick access # Toggleterm provides a floating terminal inside the editor for quick access
@ -21,4 +15,5 @@
${if config.github then (builtins.readFile ./github.lua) else ""} ${if config.github then (builtins.readFile ./github.lua) else ""}
${if config.kubernetes then (builtins.readFile ./kubernetes.lua) else ""} ${if config.kubernetes then (builtins.readFile ./kubernetes.lua) else ""}
''; '';
} }

21
pkgs/applications/editors/neovim/nmasur/neovim/config/tree.nix → modules/common/neovim/config/tree.nix
View File

@ -1,12 +1,8 @@
{ pkgs, dsl, ... }: { pkgs, dsl, ... }: {
{
# This plugin creates a side drawer for navigating the current project # This plugin creates a side drawer for navigating the current project
plugins = [ plugins = [ pkgs.vimPlugins.nvim-tree-lua pkgs.vimPlugins.nvim-web-devicons ];
pkgs.vimPlugins.nvim-tree-lua
pkgs.vimPlugins.nvim-web-devicons
];
# Disable netrw eagerly # Disable netrw eagerly
# https://github.com/kyazdani42/nvim-tree.lua/commit/fb8735e96cecf004fbefb086ce85371d003c5129 # https://github.com/kyazdani42/nvim-tree.lua/commit/fb8735e96cecf004fbefb086ce85371d003c5129
@ -20,14 +16,12 @@
hijack_netrw = true; # Works as the file manager hijack_netrw = true; # Works as the file manager
sync_root_with_cwd = true; # Change project whenever currend dir changes sync_root_with_cwd = true; # Change project whenever currend dir changes
respect_buf_cwd = true; # Change to exact location of focused buffer respect_buf_cwd = true; # Change to exact location of focused buffer
update_focused_file = { update_focused_file = { # Change project based on the focused buffer
# Change project based on the focused buffer
enable = true; enable = true;
update_root = true; update_root = true;
ignore_list = { }; ignore_list = { };
}; };
diagnostics = { diagnostics = { # Enable LSP and linter integration
# Enable LSP and linter integration
enable = true; enable = true;
icons = { icons = {
hint = ""; hint = "";
@ -36,8 +30,7 @@
error = ""; error = "";
}; };
}; };
renderer = { renderer = { # Show files with changes vs. current commit
# Show files with changes vs. current commit
icons = { icons = {
glyphs = { glyphs = {
git = { git = {
@ -68,8 +61,7 @@
vim.keymap.set('n', 'v', api.node.open.vertical, opts('Open: Vertical Split')) vim.keymap.set('n', 'v', api.node.open.vertical, opts('Open: Vertical Split'))
end end
''; '';
view = { view = { # Set look and feel
# Set look and feel
width = 30; width = 30;
side = "left"; side = "left";
number = false; number = false;
@ -81,4 +73,5 @@
lua = '' lua = ''
vim.keymap.set("n", "<Leader>e", ":NvimTreeFindFileToggle<CR>", { silent = true }) vim.keymap.set("n", "<Leader>e", ":NvimTreeFindFileToggle<CR>", { silent = true })
''; '';
} }

69
modules/common/neovim/default.nix Normal file
View File

@ -0,0 +1,69 @@
{ config, pkgs, lib, ... }:
let
neovim = import ./package {
inherit pkgs;
colors = config.theme.colors;
c = config.c.enable;
github = true;
kubernetes = config.kubernetes.enable;
python = config.python.enable;
terraform = config.terraform.enable;
};
in {
options.neovim.enable = lib.mkEnableOption "Neovim.";
config = lib.mkIf config.neovim.enable {
home-manager.users.${config.user} =
{
home.packages = [ neovim ];
# Use Neovim as the editor for git commit messages
programs.git.extraConfig.core.editor = "nvim";
programs.jujutsu.settings.ui.editor = "nvim";
# Set Neovim as the default app for text editing and manual pages
home.sessionVariables = {
EDITOR = "nvim";
MANPAGER = "nvim +Man!";
};
# Create quick aliases for launching Neovim
programs.fish = {
shellAliases = { vim = "nvim"; };
shellAbbrs = {
v = lib.mkForce "nvim";
vl = lib.mkForce "nvim -c 'normal! `0' -c 'bdelete 1'";
vll = "nvim -c 'Telescope oldfiles'";
};
};
# Set Neovim as the kitty terminal "scrollback" (vi mode) option.
# Requires removing some of the ANSI escape codes that are sent to the
# scrollback using sed and baleia, as well as removing several
# unnecessary features.
programs.kitty.settings.scrollback_pager =
"${neovim}/bin/nvim --headless +'KittyScrollbackGenerateKittens' +'set nonumber' +'set norelativenumber' +'%print' +'quit!' 2>&1";
# Create a desktop option for launching Neovim from a file manager
# (Requires launching the terminal and then executing Neovim)
xdg.desktopEntries.nvim = lib.mkIf pkgs.stdenv.isLinux {
name = "Neovim wrapper";
exec = "kitty nvim %F";
mimeType = [ "text/plain" "text/markdown" ];
};
xdg.mimeApps.defaultApplications = lib.mkIf pkgs.stdenv.isLinux {
"text/plain" = [ "nvim.desktop" ];
"text/markdown" = [ "nvim.desktop" ];
};
};
};
}

8
pkgs/applications/editors/neovim/nmasur/neovim/lua/keybinds.lua → modules/common/neovim/lua/keybinds.lua
View File

@ -71,8 +71,8 @@ key("n", "co", ":copen<CR>")
key("n", "cq", ":cclose<CR>") key("n", "cq", ":cclose<CR>")
-- Other -- Other
key("n", "<A-CR>", ":noh<CR>", { silent = true }) --- Clear search in VimWiki key("n", "<A-CR>", ":noh<CR>", { silent = true }) --- Clear search in VimWiki
key("n", "Y", "y$") --- Copy to end of line key("n", "Y", "y$") --- Copy to end of line
key("v", "<C-r>", "y<Esc>:%s/<C-r>+//gc<left><left><left>") --- Substitute selected key("v", "<C-r>", "y<Esc>:%s/<C-r>+//gc<left><left><left>") --- Substitute selected
key("v", "D", "y'>gp") --- Duplicate selected key("v", "D", "y'>gp") --- Duplicate selected
key("x", "<Leader>p", '"_dP') --- Paste but keep register key("x", "<Leader>p", '"_dP') --- Paste but keep register

14
pkgs/applications/editors/neovim/nmasur/neovim/lua/settings.lua → modules/common/neovim/lua/settings.lua
View File

@ -11,20 +11,8 @@ vim.filetype.add({
}) })
vim.api.nvim_create_autocmd("FileType", { vim.api.nvim_create_autocmd("FileType", {
pattern = "mail", pattern = "*.eml",
callback = function() callback = function()
vim.o.wrapmargin = 79 -- Wrap text automatically vim.o.wrapmargin = 79 -- Wrap text automatically
end, end,
}) })
vim.api.nvim_create_autocmd("FileType", {
pattern = "markdown",
command = "TableModeEnable",
})
vim.api.nvim_create_autocmd("FileType", {
pattern = "terraform",
callback = function()
vim.bo.commentstring = "# %s"
end,
})

40
pkgs/applications/editors/neovim/nmasur/neovim/package.nix → modules/common/neovim/package/default.nix
View File

@ -26,37 +26,25 @@
# ] ++ extraConfig; # ] ++ extraConfig;
# } # }
{ { pkgs, colors, terraform ? false, github ? false, kubernetes ? false, ... }:
pkgs,
colors ? null,
terraform ? false,
github ? false,
kubernetes ? false,
...
}:
# Comes from nix2vim overlay: # Comes from nix2vim overlay:
# https://github.com/gytis-ivaskevicius/nix2vim/blob/master/lib/neovim-builder.nix # https://github.com/gytis-ivaskevicius/nix2vim/blob/master/lib/neovim-builder.nix
pkgs.neovimBuilder { pkgs.neovimBuilder {
package = pkgs.neovim-unwrapped; package = pkgs.neovim-unwrapped;
inherit inherit colors terraform github kubernetes;
colors
terraform
github
kubernetes
;
imports = [ imports = [
./config/align.nix ../config/align.nix
./config/bufferline.nix ../config/bufferline.nix
./config/colors.nix ../config/colors.nix
./config/completion.nix ../config/completion.nix
./config/gitsigns.nix ../config/gitsigns.nix
./config/lsp.nix ../config/lsp.nix
./config/misc.nix ../config/misc.nix
./config/statusline.nix ../config/statusline.nix
./config/syntax.nix ../config/syntax.nix
./config/telescope.nix ../config/telescope.nix
./config/toggleterm.nix ../config/toggleterm.nix
./config/tree.nix ../config/tree.nix
]; ];
} }

0
pkgs/applications/editors/neovim/nmasur/neovim/plugin/after/queries/nix/injections.scm → modules/common/neovim/plugin/after/queries/nix/injections.scm
View File

1
modules/common/programming/c.nix Normal file
View File

@ -0,0 +1 @@
{ lib, ... }: { options.c.enable = lib.mkEnableOption "C language tools."; }

13
modules/common/programming/default.nix Normal file
View File

@ -0,0 +1,13 @@
{ ... }: {
imports = [
./haskell.nix
./kubernetes.nix
./lua.nix
./nix.nix
./python.nix
./rust.nix
./terraform.nix
];
}

14
modules/common/programming/haskell.nix Normal file
View File

@ -0,0 +1,14 @@
{ config, lib, ... }: {
options.haskell.enable = lib.mkEnableOption "Haskell programming language.";
config = lib.mkIf config.haskell.enable {
# Binary Cache for Haskell.nix
nix.settings.trusted-public-keys =
[ "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ];
nix.settings.substituters = [ "https://cache.iog.io" ];
};
}

Some files were not shown because too many files have changed in this diff Show More