Compare commits
100 commits
Author | SHA1 | Date | |
---|---|---|---|
5374402dde | |||
5bd06edb5d | |||
1ed220cbb0 | |||
a2dc4931ce | |||
3d56dde874 | |||
5b18f0bbf6 | |||
ae3b8d2c4a | |||
fbf713321c | |||
c248f8b3c5 | |||
9ccbf41324 | |||
8c35cb9f61 | |||
d70a737bc2 | |||
47c2a10ee7 | |||
cca6d259a7 | |||
51312397b5 | |||
59b58faeb5 | |||
14e269c02c | |||
87153f15be | |||
3e3f589e4f | |||
a58aa96a60 | |||
d3684cdd1f | |||
02108d60ae | |||
f27055e57a | |||
e42a6ceacf | |||
4cb90679a2 | |||
0d6ad4b9c1 | |||
41785ece70 | |||
d427be6e4a | |||
5b92ddde89 | |||
cb6849ccd0 | |||
573a8cc407 | |||
db14de3471 | |||
08b0fbcd0c | |||
61640c0580 | |||
ebfff58648 | |||
ed259d06cf | |||
778208078c | |||
a7e1fcd0d9 | |||
cd66409759 | |||
ebe6523622 | |||
c6a6b22c5c | |||
f115729b24 | |||
5d675cbaad | |||
e692a80d1c | |||
d754476865 | |||
ca6d704524 | |||
17433101a5 | |||
1f70f75ca7 | |||
aa7c2bac3b | |||
d40bbc417c | |||
f933a38b7d | |||
03164646a5 | |||
ebc3ad8204 | |||
95f36524e2 | |||
46cf4907cb | |||
93104ed7e0 | |||
0cecc75e3d | |||
5d752cb279 | |||
03608f96d7 | |||
80530d6290 | |||
62265a466c | |||
b6b5d5901c | |||
9c83729db0 | |||
d11fc9ba6d | |||
5bfab60b73 | |||
867912a676 | |||
c3bddc6c44 | |||
afcc583dcf | |||
ed1e654706 | |||
235efa07e8 | |||
a3ed1136f1 | |||
3d33b0c7a5 | |||
955f9e3a07 | |||
e069bd25a2 | |||
b6b5d8344c | |||
db7238afe3 | |||
1d3125a5b4 | |||
3d4ac7c7e1 | |||
dbe5349bae | |||
f03c7117bb | |||
acdf4f02af | |||
9f678ee151 | |||
07538a39d1 | |||
2ac437d742 | |||
6bfdf579c5 | |||
e0825def24 | |||
60e417e003 | |||
1a11f3af42 | |||
5dfe47a4a0 | |||
351fc8384c | |||
260fd7d573 | |||
fed5e8010d | |||
cad90372d4 | |||
9765e72a99 | |||
8251863999 | |||
adf2f1e7cb | |||
9e639175fd | |||
48e3ccc742 | |||
f1f9432f3e | |||
c2f9f4a83a |
2
.envrc
|
@ -1 +1 @@
|
||||||
PATH_add .
|
use flake
|
||||||
|
|
1
.gitignore
vendored
|
@ -1,2 +1,3 @@
|
||||||
result
|
result
|
||||||
.direnv
|
.direnv
|
||||||
|
.pre-commit-config.yaml
|
||||||
|
|
2
.sops.yaml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
creation_rules:
|
||||||
|
- age: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw
|
29
README.md
|
@ -1,20 +1,17 @@
|
||||||
# nixos-laptop
|
# nixos-laptop
|
||||||
|
|
||||||
NixOS configuration for my laptop.
|
NixOS configurations for my personal machines (contrary to the repo's name, it contains a desktop).
|
||||||
My configuration is simple: I have one personal laptop with one user.
|
|
||||||
|
|
||||||
## Features
|
Currently managed systems:
|
||||||
|
- **sue**: My current laptop, a Dell XPS 9315. It has two flavours:
|
||||||
|
- Default running GNOME
|
||||||
|
- Specialisation running Cosmic
|
||||||
|
- **gamepc**: My gaming PC running Cinnamon
|
||||||
|
|
||||||
- Nixpkgs 23.11
|
## Deployment
|
||||||
- Flakes!
|
|
||||||
- [Nix User Repository (NUR)](https://github.com/nix-community/NUR)
|
- **sue**: `colmena apply-local --sudo --impure`
|
||||||
- Currently only used for Firefox Plugins
|
- **gamepc**: `colmena apply --on gamepc --impure`
|
||||||
- [Home Manager](https://github.com/nix-community/home-manager)
|
|
||||||
- For managing my configuration for my user
|
> [!NOTE]
|
||||||
- [Agenix](https://github.com/ryantm/agenix)
|
> Currently the `--impure` is necessary until I upgrade to NixOS 24.11. See [this PR](https://github.com/zhaofengli/colmena/pull/228).
|
||||||
- To deploy global system secrets, like:
|
|
||||||
- Wireguard private key and shared secret
|
|
||||||
- [Homeage](https://github.com/jordanisaacs/homeage)
|
|
||||||
- To deploy secrets in my home directory, like:
|
|
||||||
- SSH keys
|
|
||||||
- Syncthing private key
|
|
||||||
|
|
15
checks.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
{
|
||||||
|
self,
|
||||||
|
flake-utils,
|
||||||
|
git-hooks,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
flake-utils.lib.eachDefaultSystem (system: {
|
||||||
|
checks.pre-commit-check = git-hooks.lib.${system}.run {
|
||||||
|
src = self;
|
||||||
|
hooks.treefmt = {
|
||||||
|
enable = true;
|
||||||
|
package = self.packages.${system}.formatter;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
41
colmena.nix
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
inputs @ {
|
||||||
|
self,
|
||||||
|
nixpkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
colmena = {
|
||||||
|
meta = {
|
||||||
|
nixpkgs = import nixpkgs {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
};
|
||||||
|
|
||||||
|
specialArgs = {
|
||||||
|
inherit inputs self;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
sue = {
|
||||||
|
deployment = {
|
||||||
|
allowLocalDeployment = true;
|
||||||
|
targetHost = null;
|
||||||
|
};
|
||||||
|
|
||||||
|
imports = [
|
||||||
|
(import ./machines).sue.module
|
||||||
|
./nixos
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
gamepc = {
|
||||||
|
deployment = {
|
||||||
|
targetHost = "gamepc";
|
||||||
|
targetUser = "root";
|
||||||
|
};
|
||||||
|
|
||||||
|
imports = [
|
||||||
|
(import ./machines).gamepc.module
|
||||||
|
./nixos
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
818
flake.lock
|
@ -1,49 +1,389 @@
|
||||||
{
|
{
|
||||||
"nodes": {
|
"nodes": {
|
||||||
"agenix": {
|
"base16": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"darwin": "darwin",
|
"fromYaml": "fromYaml"
|
||||||
"home-manager": [
|
|
||||||
"home-manager"
|
|
||||||
],
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs"
|
|
||||||
],
|
|
||||||
"systems": "systems"
|
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1703433843,
|
"lastModified": 1708890466,
|
||||||
"narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=",
|
"narHash": "sha256-LlrC09LoPi8OPYOGPXegD72v+//VapgAqhbOFS3i8sc=",
|
||||||
"owner": "ryantm",
|
"owner": "SenchoPens",
|
||||||
"repo": "agenix",
|
"repo": "base16.nix",
|
||||||
"rev": "417caa847f9383e111d1397039c9d4337d024bf0",
|
"rev": "665b3c6748534eb766c777298721cece9453fdae",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "ryantm",
|
"owner": "SenchoPens",
|
||||||
"repo": "agenix",
|
"repo": "base16.nix",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"darwin": {
|
"base16-fish": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1622559957,
|
||||||
|
"narHash": "sha256-PebymhVYbL8trDVVXxCvZgc0S5VxI7I1Hv4RMSquTpA=",
|
||||||
|
"owner": "tomyun",
|
||||||
|
"repo": "base16-fish",
|
||||||
|
"rev": "2f6dd973a9075dabccd26f1cded09508180bf5fe",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "tomyun",
|
||||||
|
"repo": "base16-fish",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"base16-foot": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696725948,
|
||||||
|
"narHash": "sha256-65bz2bUL/yzZ1c8/GQASnoiGwaF8DczlxJtzik1c0AU=",
|
||||||
|
"owner": "tinted-theming",
|
||||||
|
"repo": "base16-foot",
|
||||||
|
"rev": "eedbcfa30de0a4baa03e99f5e3ceb5535c2755ce",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "tinted-theming",
|
||||||
|
"repo": "base16-foot",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"base16-helix": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696727917,
|
||||||
|
"narHash": "sha256-FVrbPk+NtMra0jtlC5oxyNchbm8FosmvXIatkRbYy1g=",
|
||||||
|
"owner": "tinted-theming",
|
||||||
|
"repo": "base16-helix",
|
||||||
|
"rev": "dbe1480d99fe80f08df7970e471fac24c05f2ddb",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "tinted-theming",
|
||||||
|
"repo": "base16-helix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"base16-kitty": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1665001328,
|
||||||
|
"narHash": "sha256-aRaizTYPpuWEcvoYE9U+YRX+Wsc8+iG0guQJbvxEdJY=",
|
||||||
|
"owner": "kdrag0n",
|
||||||
|
"repo": "base16-kitty",
|
||||||
|
"rev": "06bb401fa9a0ffb84365905ffbb959ae5bf40805",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "kdrag0n",
|
||||||
|
"repo": "base16-kitty",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"base16-tmux": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696725902,
|
||||||
|
"narHash": "sha256-wDPg5elZPcQpu7Df0lI5O8Jv4A3T6jUQIVg63KDU+3Q=",
|
||||||
|
"owner": "tinted-theming",
|
||||||
|
"repo": "base16-tmux",
|
||||||
|
"rev": "c02050bebb60dbb20cb433cd4d8ce668ecc11ba7",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "tinted-theming",
|
||||||
|
"repo": "base16-tmux",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"base16-vim": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1663659192,
|
||||||
|
"narHash": "sha256-uJvaYYDMXvoo0fhBZUhN8WBXeJ87SRgof6GEK2efFT0=",
|
||||||
|
"owner": "chriskempson",
|
||||||
|
"repo": "base16-vim",
|
||||||
|
"rev": "3be3cd82cd31acfcab9a41bad853d9c68d30478d",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "chriskempson",
|
||||||
|
"repo": "base16-vim",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"crane": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-compat": [
|
||||||
|
"lanzaboote",
|
||||||
|
"flake-compat"
|
||||||
|
],
|
||||||
|
"flake-utils": [
|
||||||
|
"lanzaboote",
|
||||||
|
"flake-utils"
|
||||||
|
],
|
||||||
|
"nixpkgs": [
|
||||||
|
"lanzaboote",
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"rust-overlay": [
|
||||||
|
"lanzaboote",
|
||||||
|
"rust-overlay"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681177078,
|
||||||
|
"narHash": "sha256-ZNIjBDou2GOabcpctiQykEQVkI8BDwk7TyvlWlI4myE=",
|
||||||
|
"owner": "ipetkov",
|
||||||
|
"repo": "crane",
|
||||||
|
"rev": "0c9f468ff00576577d83f5019a66c557ede5acf6",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "ipetkov",
|
||||||
|
"repo": "crane",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"disko": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"agenix",
|
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1700795494,
|
"lastModified": 1731274291,
|
||||||
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
|
"narHash": "sha256-cZ0QMpv5p2a6WEE+o9uu0a4ma6RzQDOQTbm7PbixWz8=",
|
||||||
"owner": "lnl7",
|
"owner": "nix-community",
|
||||||
"repo": "nix-darwin",
|
"repo": "disko",
|
||||||
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
|
"rev": "486250f404f4a4f4f33f8f669d83ca5f6e6b7dfc",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "lnl7",
|
"owner": "nix-community",
|
||||||
"ref": "master",
|
"repo": "disko",
|
||||||
"repo": "nix-darwin",
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-compat": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696426674,
|
||||||
|
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-compat_2": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1673956053,
|
||||||
|
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-compat_3": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1717312683,
|
||||||
|
"narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-compat_4": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1673956053,
|
||||||
|
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-parts": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs-lib": [
|
||||||
|
"lanzaboote",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1680392223,
|
||||||
|
"narHash": "sha256-n3g7QFr85lDODKt250rkZj2IFS3i4/8HBU2yKHO3tqw=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "flake-parts",
|
||||||
|
"rev": "dcc36e45d054d7bb554c9cdab69093debd91a0b5",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "flake-parts",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-utils": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1726560853,
|
||||||
|
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-utils_2": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_2"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681202837,
|
||||||
|
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"fromYaml": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1689549921,
|
||||||
|
"narHash": "sha256-iX0pk/uB019TdBGlaJEWvBCfydT6sRq+eDcGPifVsCM=",
|
||||||
|
"owner": "SenchoPens",
|
||||||
|
"repo": "fromYaml",
|
||||||
|
"rev": "11fbbbfb32e3289d3c631e0134a23854e7865c84",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "SenchoPens",
|
||||||
|
"repo": "fromYaml",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"git-hooks": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-compat": "flake-compat",
|
||||||
|
"gitignore": "gitignore",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs-unstable"
|
||||||
|
],
|
||||||
|
"nixpkgs-stable": "nixpkgs-stable"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1730814269,
|
||||||
|
"narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=",
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "git-hooks.nix",
|
||||||
|
"rev": "d70155fdc00df4628446352fc58adc640cd705c2",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "git-hooks.nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"gitignore": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"git-hooks",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1709087332,
|
||||||
|
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "gitignore.nix",
|
||||||
|
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "gitignore.nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"gitignore_2": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"lanzaboote",
|
||||||
|
"pre-commit-hooks-nix",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1660459072,
|
||||||
|
"narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "gitignore.nix",
|
||||||
|
"rev": "a20de23b925fd8264fd7fad6454652e142fd7f73",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "gitignore.nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"gnome-shell": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1713702291,
|
||||||
|
"narHash": "sha256-zYP1ehjtcV8fo+c+JFfkAqktZ384Y+y779fzmR9lQAU=",
|
||||||
|
"owner": "GNOME",
|
||||||
|
"repo": "gnome-shell",
|
||||||
|
"rev": "0d0aadf013f78a7f7f1dc984d0d812971864b934",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "GNOME",
|
||||||
|
"ref": "46.1",
|
||||||
|
"repo": "gnome-shell",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -54,79 +394,213 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1703367386,
|
"lastModified": 1726989464,
|
||||||
"narHash": "sha256-FMbm48UGrBfOWGt8+opuS+uLBLQlRfhiYXhHNcYMS5k=",
|
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "d5824a76bc6bb93d1dce9ebbbcb09a9b6abcc224",
|
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"ref": "release-23.11",
|
"ref": "release-24.05",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"homeage": {
|
"home-manager_2": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"stylix",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1714981474,
|
||||||
|
"narHash": "sha256-b3/U21CJjCjJKmA9WqUbZGZgCvospO3ArOUTgJugkOY=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"rev": "6ebe7be2e67be7b9b54d61ce5704f6fb466c536f",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"lanzaboote": {
|
||||||
|
"inputs": {
|
||||||
|
"crane": "crane",
|
||||||
|
"flake-compat": "flake-compat_2",
|
||||||
|
"flake-parts": "flake-parts",
|
||||||
|
"flake-utils": "flake-utils_2",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
||||||
|
"rust-overlay": "rust-overlay"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1682802423,
|
||||||
|
"narHash": "sha256-Fb5TeRTdvUlo/5Yi2d+FC8a6KoRLk2h1VE0/peMhWPs=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "lanzaboote",
|
||||||
|
"rev": "64b903ca87d18cef2752c19c098af275c6e51d63",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"ref": "v0.3.0",
|
||||||
|
"repo": "lanzaboote",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nix-index-database": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1669234151,
|
"lastModified": 1731209121,
|
||||||
"narHash": "sha256-TwT87E3m2TZLgwYJESlype14HxUOrRGojPM5C2akrMg=",
|
"narHash": "sha256-BF7FBh1hIYPDihdUlImHGsQzaJZVLLfYqfDx41wjuF0=",
|
||||||
"owner": "jordanisaacs",
|
"owner": "nix-community",
|
||||||
"repo": "homeage",
|
"repo": "nix-index-database",
|
||||||
"rev": "02bfe4ca06962d222e522fff0240c93946b20278",
|
"rev": "896019f04b22ce5db4c0ee4f89978694f44345c3",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "jordanisaacs",
|
"owner": "nix-community",
|
||||||
"repo": "homeage",
|
"repo": "nix-index-database",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-artwork": {
|
||||||
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1702453208,
|
"lastModified": 1727557872,
|
||||||
"narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=",
|
"narHash": "sha256-JHbMSIIrHDkbAHO6vSsDRBiwuQcxLoIilbxptrTrXB4=",
|
||||||
"owner": "NixOS",
|
"ref": "refs/heads/master",
|
||||||
"repo": "nixos-hardware",
|
"rev": "ea1384e183f556a94df85c7aa1dcd411f5a69646",
|
||||||
"rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6",
|
"revCount": 212,
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/NixOS/nixos-artwork.git"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/NixOS/nixos-artwork.git"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixos-cosmic": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-compat": "flake-compat_3",
|
||||||
|
"nixpkgs": "nixpkgs",
|
||||||
|
"nixpkgs-stable": [
|
||||||
|
"nixpkgs-unstable"
|
||||||
|
],
|
||||||
|
"rust-overlay": "rust-overlay_2"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1731289077,
|
||||||
|
"narHash": "sha256-8Waya6WKqgWkYqbr1zkuyd1vNKgQb/QxfHLSMzp/LqU=",
|
||||||
|
"owner": "lilyinstarlight",
|
||||||
|
"repo": "nixos-cosmic",
|
||||||
|
"rev": "274f08b587d403940cd8d8da13a89ee094d3bc96",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "lilyinstarlight",
|
||||||
"ref": "master",
|
"repo": "nixos-cosmic",
|
||||||
"repo": "nixos-hardware",
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixos-facter-modules": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1730798058,
|
||||||
|
"narHash": "sha256-2KexAe17KRg2191SdBxVXqJKwV6MxKzlE35DDcAX+Ds=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "nixos-facter-modules",
|
||||||
|
"rev": "d0e205eafca7091caad3925ff82a46fea08351e1",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "nixos-facter-modules",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1703200384,
|
"lastModified": 1731139594,
|
||||||
"narHash": "sha256-q5j06XOsy0qHOarsYPfZYJPWbTbc8sryRxianlEPJN0=",
|
"narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
|
||||||
"owner": "nixos",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "0b3d618173114c64ab666f557504d6982665d328",
|
"rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nixos",
|
"owner": "NixOS",
|
||||||
"ref": "nixos-23.11",
|
"ref": "nixos-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs-stable": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1730741070,
|
||||||
|
"narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "d063c1dd113c91ab27959ba540c0d9753409edf3",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-24.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs-stable_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1678872516,
|
||||||
|
"narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-22.11",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs-stable_3": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1730602179,
|
||||||
|
"narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "release-24.05",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1703134684,
|
"lastModified": 1730958623,
|
||||||
"narHash": "sha256-SQmng1EnBFLzS7WSRyPM9HgmZP2kLJcPAz+Ug/nug6o=",
|
"narHash": "sha256-JwQZIGSYnRNOgDDoIgqKITrPVil+RMWHsZH1eE1VGN0=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "d6863cbcbbb80e71cecfc03356db1cda38919523",
|
"rev": "85f7e662eda4fa3a995556527c87b2524b691933",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -136,13 +610,61 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixpkgs_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1731239293,
|
||||||
|
"narHash": "sha256-q2yjIWFFcTzp5REWQUOU9L6kHdCDmFDpqeix86SOvDc=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "9256f7c71a195ebe7a218043d9f93390d49e6884",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"ref": "nixos-24.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs_3": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1714912032,
|
||||||
|
"narHash": "sha256-clkcOIkg8G4xuJh+1onLG4HPMpbtzdLv4rHxFzgsH9c=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "ee4a6e0f566fe5ec79968c57a9c2c3c25f2cf41d",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixpkgs-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs_4": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1726871744,
|
||||||
|
"narHash": "sha256-V5LpfdHyQkUF7RfOaDPrZDP+oqz88lTJrMT1+stXNwo=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "a1d92660c6b3b7c26fb883500a80ea9d33321be2",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"ref": "nixpkgs-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nur": {
|
"nur": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1703528695,
|
"lastModified": 1731361079,
|
||||||
"narHash": "sha256-vHC5auhnV5JZLaERNpYu0A2+zX0eiwzsT0iIuT40Dmo=",
|
"narHash": "sha256-pDgguZxBXKxLkZljiYCmJpWM341Cj52A41IdbNqlEWU=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "NUR",
|
"repo": "NUR",
|
||||||
"rev": "747c0cbbecc987e67f49680b6753cc0e8ab355c5",
|
"rev": "2fa8be0cf07b2ddcca3615f19e8d07e831bf4d40",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -151,15 +673,150 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"pre-commit-hooks-nix": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-compat": [
|
||||||
|
"lanzaboote",
|
||||||
|
"flake-compat"
|
||||||
|
],
|
||||||
|
"flake-utils": [
|
||||||
|
"lanzaboote",
|
||||||
|
"flake-utils"
|
||||||
|
],
|
||||||
|
"gitignore": "gitignore_2",
|
||||||
|
"nixpkgs": [
|
||||||
|
"lanzaboote",
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681413034,
|
||||||
|
"narHash": "sha256-/t7OjNQcNkeWeSq/CFLYVBfm+IEnkjoSm9iKvArnUUI=",
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "pre-commit-hooks.nix",
|
||||||
|
"rev": "d3de8f69ca88fb6f8b09e5b598be5ac98d28ede5",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "pre-commit-hooks.nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"agenix": "agenix",
|
"disko": "disko",
|
||||||
|
"flake-utils": "flake-utils",
|
||||||
|
"git-hooks": "git-hooks",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"homeage": "homeage",
|
"lanzaboote": "lanzaboote",
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nix-index-database": "nix-index-database",
|
||||||
"nixpkgs": "nixpkgs",
|
"nixos-artwork": "nixos-artwork",
|
||||||
|
"nixos-cosmic": "nixos-cosmic",
|
||||||
|
"nixos-facter-modules": "nixos-facter-modules",
|
||||||
|
"nixpkgs": "nixpkgs_2",
|
||||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||||
"nur": "nur"
|
"nur": "nur",
|
||||||
|
"sops-nix": "sops-nix",
|
||||||
|
"stylix": "stylix",
|
||||||
|
"treefmt-nix": "treefmt-nix"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"rust-overlay": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-utils": [
|
||||||
|
"lanzaboote",
|
||||||
|
"flake-utils"
|
||||||
|
],
|
||||||
|
"nixpkgs": [
|
||||||
|
"lanzaboote",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1682129965,
|
||||||
|
"narHash": "sha256-1KRPIorEL6pLpJR04FwAqqnt4Tzcm4MqD84yhlD+XSk=",
|
||||||
|
"owner": "oxalica",
|
||||||
|
"repo": "rust-overlay",
|
||||||
|
"rev": "2c417c0460b788328220120c698630947547ee83",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "oxalica",
|
||||||
|
"repo": "rust-overlay",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"rust-overlay_2": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixos-cosmic",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1731119076,
|
||||||
|
"narHash": "sha256-2eVhmocCZHJlFAz6Mt3EwPdFFVAtGgIySJc1EHQVxcc=",
|
||||||
|
"owner": "oxalica",
|
||||||
|
"repo": "rust-overlay",
|
||||||
|
"rev": "23c4b3ba5f806fcf25d5a3b6b54fa0d07854c032",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "oxalica",
|
||||||
|
"repo": "rust-overlay",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"sops-nix": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"nixpkgs-stable": "nixpkgs-stable_3"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1731213149,
|
||||||
|
"narHash": "sha256-jR8i6nFLmSmm0cIoeRQ8Q4EBARa3oGaAtEER/OMMxus=",
|
||||||
|
"owner": "Mic92",
|
||||||
|
"repo": "sops-nix",
|
||||||
|
"rev": "f1675e3b0e1e663a4af49be67ecbc9e749f85eb7",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "Mic92",
|
||||||
|
"repo": "sops-nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"stylix": {
|
||||||
|
"inputs": {
|
||||||
|
"base16": "base16",
|
||||||
|
"base16-fish": "base16-fish",
|
||||||
|
"base16-foot": "base16-foot",
|
||||||
|
"base16-helix": "base16-helix",
|
||||||
|
"base16-kitty": "base16-kitty",
|
||||||
|
"base16-tmux": "base16-tmux",
|
||||||
|
"base16-vim": "base16-vim",
|
||||||
|
"flake-compat": "flake-compat_4",
|
||||||
|
"gnome-shell": "gnome-shell",
|
||||||
|
"home-manager": "home-manager_2",
|
||||||
|
"nixpkgs": "nixpkgs_3"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1726776484,
|
||||||
|
"narHash": "sha256-SPnk08RnllF8CD9Ndbe828Z1OmlviJ+ZJLsiT7V/+4A=",
|
||||||
|
"owner": "pizzapim",
|
||||||
|
"repo": "stylix",
|
||||||
|
"rev": "d444b97c5e691a2a468000c939119798e42b4f0f",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "pizzapim",
|
||||||
|
"ref": "release-24.05",
|
||||||
|
"repo": "stylix",
|
||||||
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"systems": {
|
"systems": {
|
||||||
|
@ -176,6 +833,39 @@
|
||||||
"repo": "default",
|
"repo": "default",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"systems_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"treefmt-nix": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": "nixpkgs_4"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1730321837,
|
||||||
|
"narHash": "sha256-vK+a09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/+maI=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "treefmt-nix",
|
||||||
|
"rev": "746901bb8dba96d154b66492a29f5db0693dbfcc",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "treefmt-nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"root": "root",
|
"root": "root",
|
||||||
|
|
114
flake.nix
|
@ -2,63 +2,75 @@
|
||||||
description = "My NixOS configuration";
|
description = "My NixOS configuration";
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
|
||||||
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
||||||
nur.url = "github:nix-community/NUR";
|
nur.url = "github:nix-community/NUR";
|
||||||
|
stylix.url = "github:pizzapim/stylix/release-24.05";
|
||||||
|
treefmt-nix.url = "github:numtide/treefmt-nix";
|
||||||
|
nixos-facter-modules.url = "github:numtide/nixos-facter-modules";
|
||||||
|
flake-utils.url = "github:numtide/flake-utils";
|
||||||
|
|
||||||
|
git-hooks = {
|
||||||
|
url = "github:cachix/git-hooks.nix";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||||
|
};
|
||||||
|
|
||||||
|
nix-index-database = {
|
||||||
|
url = "github:nix-community/nix-index-database";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
url = "github:nix-community/home-manager?ref=release-23.11";
|
url = "github:nix-community/home-manager?ref=release-24.05";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
homeage = {
|
|
||||||
url = "github:jordanisaacs/homeage";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
agenix = {
|
|
||||||
url = "github:ryantm/agenix";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
inputs.home-manager.follows = "home-manager";
|
|
||||||
};
|
|
||||||
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
|
||||||
};
|
|
||||||
|
|
||||||
outputs =
|
lanzaboote = {
|
||||||
{ nixpkgs
|
url = "github:nix-community/lanzaboote/v0.3.0";
|
||||||
, nixpkgs-unstable
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
, home-manager
|
};
|
||||||
, homeage
|
|
||||||
, agenix
|
|
||||||
, nur
|
|
||||||
, nixos-hardware
|
|
||||||
, ...
|
|
||||||
}: {
|
|
||||||
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt;
|
|
||||||
|
|
||||||
nixosConfigurations.pim = nixpkgs.lib.nixosSystem rec {
|
disko = {
|
||||||
system = "x86_64-linux";
|
url = "github:nix-community/disko";
|
||||||
modules = [
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
{
|
|
||||||
nixpkgs.overlays = [
|
|
||||||
nur.overlay
|
|
||||||
(final: _prev: {
|
|
||||||
unstable = import nixpkgs-unstable {
|
|
||||||
inherit system;
|
|
||||||
config.allowUnfree = true;
|
|
||||||
};
|
|
||||||
})
|
|
||||||
];
|
|
||||||
}
|
|
||||||
./nixos
|
|
||||||
agenix.nixosModules.default
|
|
||||||
nixos-hardware.nixosModules.lenovo-thinkpad-x260
|
|
||||||
home-manager.nixosModules.home-manager
|
|
||||||
{
|
|
||||||
home-manager.useGlobalPkgs = true;
|
|
||||||
home-manager.useUserPackages = true;
|
|
||||||
home-manager.users.pim = {
|
|
||||||
imports = [ ./home-manager homeage.homeManagerModules.homeage ];
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nixos-artwork = {
|
||||||
|
type = "git";
|
||||||
|
url = "https://github.com/NixOS/nixos-artwork.git";
|
||||||
|
flake = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
sops-nix = {
|
||||||
|
url = "github:Mic92/sops-nix";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
|
nixos-cosmic = {
|
||||||
|
url = "github:lilyinstarlight/nixos-cosmic";
|
||||||
|
inputs.nixpkgs-stable.follows = "nixpkgs-unstable";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
outputs = inputs @ {
|
||||||
|
self,
|
||||||
|
nixpkgs,
|
||||||
|
flake-utils,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
(flake-utils.lib.meld inputs [
|
||||||
|
./packages.nix
|
||||||
|
./formatter.nix
|
||||||
|
./nixos-configurations.nix
|
||||||
|
./checks.nix
|
||||||
|
./colmena.nix
|
||||||
|
])
|
||||||
|
// flake-utils.lib.eachDefaultSystem (system: {
|
||||||
|
devShells.default = nixpkgs.legacyPackages.${system}.mkShell {
|
||||||
|
inherit (self.checks.${system}.pre-commit-check) shellHook;
|
||||||
|
buildInputs =
|
||||||
|
self.checks.${system}.pre-commit-check.enabledPackages
|
||||||
|
++ (with nixpkgs.legacyPackages.${system}; [colmena]);
|
||||||
|
};
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
8
formatter.nix
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
{
|
||||||
|
self,
|
||||||
|
flake-utils,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
flake-utils.lib.eachDefaultSystem (system: {
|
||||||
|
formatter = self.packages.${system}.formatter;
|
||||||
|
})
|
|
@ -1,20 +0,0 @@
|
||||||
{
|
|
||||||
config = {
|
|
||||||
programs.bash = {
|
|
||||||
enable = true;
|
|
||||||
shellAliases = {
|
|
||||||
htop = "btop";
|
|
||||||
gp = "git push";
|
|
||||||
gco = "git checkout";
|
|
||||||
gd = "git diff";
|
|
||||||
gc = "git commit";
|
|
||||||
gpl = "git pull";
|
|
||||||
gb = "git branch";
|
|
||||||
ga = "git add";
|
|
||||||
gl = "git log";
|
|
||||||
gs = "git status";
|
|
||||||
tf = "tofu";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,8 +0,0 @@
|
||||||
{
|
|
||||||
config = {
|
|
||||||
programs.bat = {
|
|
||||||
enable = true;
|
|
||||||
config.theme = "gruvbox-dark";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,135 +1,249 @@
|
||||||
{ pkgs, lib, config, ... }: {
|
{
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
self,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
./bash
|
|
||||||
./neovim
|
./neovim
|
||||||
./firefox
|
./firefox
|
||||||
./ssh
|
./tidal.nix
|
||||||
./syncthing
|
./gnome.nix
|
||||||
./keepassxc
|
./syncthing.nix
|
||||||
./git
|
./vscode.nix
|
||||||
./direnv
|
./sops.nix
|
||||||
./thunderbird
|
inputs.nix-index-database.hmModules.nix-index
|
||||||
./fzf
|
|
||||||
./bat
|
|
||||||
];
|
];
|
||||||
|
|
||||||
|
xsession.enable = true;
|
||||||
|
|
||||||
|
xdg = {
|
||||||
|
userDirs.enable = true;
|
||||||
|
|
||||||
|
mimeApps = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
defaultApplications = let
|
||||||
|
applications = {
|
||||||
|
telegram = {
|
||||||
|
mimeApp = "org.telegram.desktop.desktop";
|
||||||
|
mimeTypes = ["x-scheme-handler/tg"];
|
||||||
|
};
|
||||||
|
|
||||||
|
librewolf = {
|
||||||
|
mimeApp = "librewolf.desktop";
|
||||||
|
|
||||||
|
mimeTypes = [
|
||||||
|
"x-scheme-handler/http"
|
||||||
|
"text/html"
|
||||||
|
"application/xhtml+xml"
|
||||||
|
"x-scheme-handler/https"
|
||||||
|
"application/pdf"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
gnomeTextEditor = {
|
||||||
|
mimeApp = "org.gnome.TextEditor.desktop";
|
||||||
|
mimeTypes = ["text/plain"];
|
||||||
|
};
|
||||||
|
|
||||||
|
loupe = {
|
||||||
|
mimeApp = "org.gnome.Loupe.desktop";
|
||||||
|
mimeTypes = [
|
||||||
|
"image/jpeg"
|
||||||
|
"image/png"
|
||||||
|
"image/gif"
|
||||||
|
"image/webp"
|
||||||
|
"image/tiff"
|
||||||
|
"image/x-tga"
|
||||||
|
"image/vnd-ms.dds"
|
||||||
|
"image/x-dds"
|
||||||
|
"image/bmp"
|
||||||
|
"image/vnd.microsoft.icon"
|
||||||
|
"image/vnd.radiance"
|
||||||
|
"image/x-exr"
|
||||||
|
"image/x-portable-bitmap"
|
||||||
|
"image/x-portable-graymap"
|
||||||
|
"image/x-portable-pixmap"
|
||||||
|
"image/x-portable-anymap"
|
||||||
|
"image/x-qoi"
|
||||||
|
"image/svg+xml"
|
||||||
|
"image/svg+xml-compressed"
|
||||||
|
"image/avif"
|
||||||
|
"image/heic"
|
||||||
|
"image/jxl"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
mimeTypesForApp = {
|
||||||
|
mimeApp,
|
||||||
|
mimeTypes,
|
||||||
|
}:
|
||||||
|
map
|
||||||
|
(
|
||||||
|
mimeType: {"${mimeType}" = mimeApp;}
|
||||||
|
)
|
||||||
|
mimeTypes;
|
||||||
|
in
|
||||||
|
lib.zipAttrs (lib.flatten (map mimeTypesForApp (builtins.attrValues applications)));
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
home = {
|
home = {
|
||||||
username = "pim";
|
username = "pim";
|
||||||
homeDirectory = "/home/pim";
|
homeDirectory = "/home/pim";
|
||||||
stateVersion = "23.05";
|
stateVersion = "23.05";
|
||||||
|
|
||||||
packages = with pkgs; [
|
|
||||||
moonlight-qt
|
|
||||||
vlc
|
|
||||||
nicotine-plus
|
|
||||||
logseq
|
|
||||||
signal-desktop
|
|
||||||
telegram-desktop
|
|
||||||
strawberry
|
|
||||||
gimp
|
|
||||||
libreoffice
|
|
||||||
(pkgs.nerdfonts.override { fonts = [ "Hack" ]; })
|
|
||||||
virt-manager
|
|
||||||
gnome.gnome-tweaks
|
|
||||||
impression
|
|
||||||
poppler_utils # For pdfunite
|
|
||||||
silicon
|
|
||||||
];
|
|
||||||
|
|
||||||
file.k3s-pim-privkey = {
|
|
||||||
target = ".kube/config";
|
|
||||||
source = ./kubeconfig.yml;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
programs = {
|
programs = {
|
||||||
home-manager.enable = true;
|
home-manager.enable = true;
|
||||||
chromium.enable = true;
|
chromium.enable = true;
|
||||||
|
bat.enable = true;
|
||||||
|
|
||||||
terminator = {
|
fzf = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = {
|
enableZshIntegration = true;
|
||||||
profiles.default = {
|
|
||||||
# Gruvbox theme: https://github.com/egel/terminator-gruvbox
|
|
||||||
background_color = "#282828";
|
|
||||||
cursor_color = "#7c6f64";
|
|
||||||
foreground_color = "#ebdbb2";
|
|
||||||
palette =
|
|
||||||
"#181818:#cc241d:#98971a:#d79921:#458588:#b16286:#689d6a:#a89984:#928374:#fb4934:#b8bb26:#fabd2f:#83a598:#d3869b:#8ec07c:#ebdbb2";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
keybindings = {
|
alacritty = {
|
||||||
zoom_in = "<Ctrl>plus";
|
enable = true;
|
||||||
zoom_out = "<Ctrl>minus";
|
settings.shell = {
|
||||||
new_tab = "<Ctrl><Shift>T";
|
program = lib.getExe config.programs.tmux.package;
|
||||||
cycle_next = "<Ctrl>Tab";
|
args = ["attach"];
|
||||||
cycle_prev = "<Ctrl><Shift>Tab";
|
|
||||||
split_horiz = "<Alt>C";
|
|
||||||
split_vert = "<Alt>V";
|
|
||||||
|
|
||||||
go_left = "<Alt>H";
|
|
||||||
go_right = "<Alt>L";
|
|
||||||
go_up = "<Alt>K";
|
|
||||||
go_down = "<Alt>J";
|
|
||||||
|
|
||||||
copy = "<Ctrl><Shift>C";
|
|
||||||
paste = "<Ctrl><Shift>V";
|
|
||||||
|
|
||||||
layout_launcher = ""; # Default <Alt>L
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Let home-manager manage the X session
|
direnv = {
|
||||||
xsession = { enable = true; };
|
enable = true;
|
||||||
|
enableBashIntegration = true;
|
||||||
xdg = {
|
nix-direnv.enable = true;
|
||||||
userDirs.enable = true;
|
|
||||||
configFile."home/postgresql_server.crt".source = ./postgresql_server.crt;
|
|
||||||
configFile."home/postgresql_client.crt".source = ./postgresql_client.crt;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
homeage = {
|
atuin = {
|
||||||
identityPaths = [ "/home/pim/.ssh/age_ed25519" ];
|
enable = true;
|
||||||
installationType = "systemd";
|
flags = ["--disable-up-arrow"];
|
||||||
|
enableFishIntegration = true;
|
||||||
|
|
||||||
file."common-pg-tfbackend" = {
|
settings = {
|
||||||
source = ../secrets/common-pg-tfbackend.age;
|
auto_sync = true;
|
||||||
symlinks = [ "${config.xdg.configHome}/home/common.pg.tfbackend" ];
|
sync_frequency = "5m";
|
||||||
};
|
sync_address = "https://atuin.kun.is";
|
||||||
|
|
||||||
file."ansible-vault-secret" = {
|
|
||||||
source = ../secrets/ansible-vault-secret.age;
|
|
||||||
symlinks = [ "${config.xdg.configHome}/home/ansible-vault-secret" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
file."powerdns-api-key" = {
|
|
||||||
source = ../secrets/powerdns-api-key.json.age;
|
|
||||||
symlinks = [ "${config.xdg.configHome}/home/powerdns-api-key.json" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
file."postgresql_client.key" = {
|
|
||||||
source = ../secrets/postgresql_client.key.age;
|
|
||||||
symlinks = [ "${config.xdg.configHome}/home/postgresql_client.key" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
file."k3s-pim-privkey" = {
|
|
||||||
source = ../secrets/k3s-pim-privkey.age;
|
|
||||||
symlinks = [ "${config.home.homeDirectory}/.kube/k3s-pim-privkey" ];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
fonts.fontconfig.enable = true;
|
fish = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
dconf.settings = with lib.hm.gvariant; {
|
interactiveShellInit = ''
|
||||||
"org/gnome/desktop/input-sources" = {
|
set -U fish_greeting
|
||||||
sources = [ (mkTuple [ "xkb" "us" ]) ];
|
'';
|
||||||
xkb-options = [ "terminate:ctrl_alt_bksp" "caps:escape" ];
|
|
||||||
|
shellAbbrs = {
|
||||||
|
htop = "btop";
|
||||||
|
gp = "git push";
|
||||||
|
gpf = "git push --force";
|
||||||
|
gco = "git checkout";
|
||||||
|
gd = "git diff";
|
||||||
|
gc = "git commit";
|
||||||
|
gca = "git commit --amend";
|
||||||
|
gpl = "git pull";
|
||||||
|
gb = "git branch";
|
||||||
|
ga = "git add";
|
||||||
|
gl = "git log";
|
||||||
|
gs = "git status";
|
||||||
|
tf = "tofu";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
"org/gnome/desktop/interface" = {
|
starship = {
|
||||||
monospace-font-name = "Hack Nerd Font Mono 10";
|
enable = true;
|
||||||
|
enableFishIntegration = true;
|
||||||
|
enableTransience = true;
|
||||||
|
settings.nix_shell.heuristic = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
nix-index = {
|
||||||
|
enable = true;
|
||||||
|
enableFishIntegration = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
tmux = {
|
||||||
|
enable = true;
|
||||||
|
shell = lib.getExe config.programs.fish.package;
|
||||||
|
shortcut = "a";
|
||||||
|
clock24 = true;
|
||||||
|
newSession = true;
|
||||||
|
mouse = true;
|
||||||
|
escapeTime = 10;
|
||||||
|
terminal = "screen-256color";
|
||||||
|
|
||||||
|
extraConfig = ''
|
||||||
|
unbind _
|
||||||
|
bind _ split-window -h
|
||||||
|
unbind -
|
||||||
|
bind - split-window -v
|
||||||
|
unbind h
|
||||||
|
bind h select-pane -L
|
||||||
|
unbind j
|
||||||
|
bind j select-pane -D
|
||||||
|
unbind k
|
||||||
|
bind k select-pane -U
|
||||||
|
unbind l
|
||||||
|
bind l select-pane -R
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
ssh = {
|
||||||
|
enable = true;
|
||||||
|
extraConfig = "User root";
|
||||||
|
|
||||||
|
matchBlocks.github = lib.hm.dag.entryBefore ["*"] {
|
||||||
|
hostname = "github.com";
|
||||||
|
user = "pizzapim";
|
||||||
|
identitiesOnly = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
git = {
|
||||||
|
enable = true;
|
||||||
|
userName = "Pim Kunis";
|
||||||
|
userEmail = "pim@kunis.nl";
|
||||||
|
|
||||||
|
extraConfig = {
|
||||||
|
push.autoSetupRemote = true;
|
||||||
|
commit.verbose = true;
|
||||||
|
pull.rebase = true;
|
||||||
|
init.defaultBranch = "master";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# Currently, it is not possible to have Home Manager manage Liberwolf extensions.
|
||||||
|
# There is a draft PR which addresses this:
|
||||||
|
# https://github.com/nix-community/home-manager/pull/3339
|
||||||
|
# The extensions I currently use are:
|
||||||
|
# - ublock-origin (already installed by librewolf)
|
||||||
|
# - cookie-autodelete
|
||||||
|
# - clearurls
|
||||||
|
# - istilldontcareaboutcookies
|
||||||
|
# - keepassxc-browser
|
||||||
|
# - redirector
|
||||||
|
# - violentmonkey
|
||||||
|
# - boring-rss
|
||||||
|
# - kagi-search
|
||||||
|
# - refined-github
|
||||||
|
librewolf = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
"identity.fxaccounts.enabled" = true;
|
||||||
|
"privacy.clearOnShutdown.history" = false;
|
||||||
|
"privacy.clearOnShutdown.downloads" = false;
|
||||||
|
"browser.translations.automaticallyPopup" = false;
|
||||||
|
"browser.aboutConfig.showWarning" = false;
|
||||||
|
"privacy.clearOnShutdown.cookies" = false;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +0,0 @@
|
||||||
{
|
|
||||||
config = {
|
|
||||||
programs.direnv = {
|
|
||||||
enable = true;
|
|
||||||
enableBashIntegration = true;
|
|
||||||
nix-direnv.enable = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,28 +1,10 @@
|
||||||
pkgs: lib:
|
pkgs: lib: let
|
||||||
let
|
|
||||||
rycee-addons = pkgs.nur.repos.rycee.firefox-addons;
|
rycee-addons = pkgs.nur.repos.rycee.firefox-addons;
|
||||||
custom-addons = import ./custom-addons.nix pkgs lib;
|
custom-addons = import ./custom-addons.nix pkgs lib;
|
||||||
in {
|
in
|
||||||
default = lib.concatLists [
|
with rycee-addons; [
|
||||||
(with rycee-addons; [
|
|
||||||
ublock-origin
|
|
||||||
clearurls
|
|
||||||
cookie-autodelete
|
|
||||||
istilldontcareaboutcookies
|
|
||||||
keepassxc-browser
|
|
||||||
redirector
|
|
||||||
ublacklist
|
|
||||||
umatrix
|
|
||||||
violentmonkey
|
|
||||||
boring-rss
|
|
||||||
# rycee.bypass-paywalls-clean
|
|
||||||
])
|
|
||||||
(with custom-addons; [ http-version-indicator indicatetls sixindicator ])
|
|
||||||
];
|
|
||||||
sue = with rycee-addons; [
|
|
||||||
ublock-origin
|
ublock-origin
|
||||||
istilldontcareaboutcookies
|
istilldontcareaboutcookies
|
||||||
keepassxc-browser
|
keepassxc-browser
|
||||||
custom-addons.simple-style-fox-2
|
custom-addons.simple-style-fox-2
|
||||||
];
|
]
|
||||||
}
|
|
||||||
|
|
|
@ -1,8 +1,15 @@
|
||||||
pkgs: lib:
|
pkgs: lib: let
|
||||||
let
|
|
||||||
# Stolen from: https://github.com/nix-community/nur-combined/blob/master/repos/rycee/pkgs/firefox-addons/default.nix
|
# Stolen from: https://github.com/nix-community/nur-combined/blob/master/repos/rycee/pkgs/firefox-addons/default.nix
|
||||||
buildFirefoxXpiAddon = lib.makeOverridable ({ stdenv ? pkgs.stdenv
|
buildFirefoxXpiAddon = lib.makeOverridable ({
|
||||||
, fetchurl ? pkgs.fetchurl, pname, version, addonId, url, sha256, meta, ...
|
stdenv ? pkgs.stdenv,
|
||||||
|
fetchurl ? pkgs.fetchurl,
|
||||||
|
pname,
|
||||||
|
version,
|
||||||
|
addonId,
|
||||||
|
url,
|
||||||
|
sha256,
|
||||||
|
meta,
|
||||||
|
...
|
||||||
}:
|
}:
|
||||||
stdenv.mkDerivation {
|
stdenv.mkDerivation {
|
||||||
name = "${pname}-${version}";
|
name = "${pname}-${version}";
|
||||||
|
@ -25,13 +32,11 @@ in {
|
||||||
pname = "http-version-indicator";
|
pname = "http-version-indicator";
|
||||||
version = "3.2.1";
|
version = "3.2.1";
|
||||||
addonId = "spdyindicator@chengsun.github.com";
|
addonId = "spdyindicator@chengsun.github.com";
|
||||||
url =
|
url = "https://addons.mozilla.org/firefox/downloads/file/3767224/http2_indicator-3.2.1.xpi";
|
||||||
"https://addons.mozilla.org/firefox/downloads/file/3767224/http2_indicator-3.2.1.xpi";
|
|
||||||
sha256 = "be9518017334ce502a1da514542c2ca4f974217d0c8e6c7c31d518aba57c09a8";
|
sha256 = "be9518017334ce502a1da514542c2ca4f974217d0c8e6c7c31d518aba57c09a8";
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
homepage = "https://github.com/bsiegel/http-version-indicator";
|
homepage = "https://github.com/bsiegel/http-version-indicator";
|
||||||
description =
|
description = "An indicator showing the HTTP version used to load the page in the address bar.";
|
||||||
"An indicator showing the HTTP version used to load the page in the address bar.";
|
|
||||||
mozPermissions = ["<all_urls>" "tabs" "webNavigation" "webRequest"];
|
mozPermissions = ["<all_urls>" "tabs" "webNavigation" "webRequest"];
|
||||||
platforms = platforms.all;
|
platforms = platforms.all;
|
||||||
};
|
};
|
||||||
|
@ -40,13 +45,11 @@ in {
|
||||||
pname = "indicatetls";
|
pname = "indicatetls";
|
||||||
version = "0.3.0";
|
version = "0.3.0";
|
||||||
addonId = "{252ee273-8c8d-4609-b54d-62ae345be0a1}";
|
addonId = "{252ee273-8c8d-4609-b54d-62ae345be0a1}";
|
||||||
url =
|
url = "https://addons.mozilla.org/firefox/downloads/file/3608595/indicatetls-0.3.0.xpi";
|
||||||
"https://addons.mozilla.org/firefox/downloads/file/3608595/indicatetls-0.3.0.xpi";
|
|
||||||
sha256 = "7a3b7edb1085f7b15d279c1013fac1d68f5247cfd6312d5275cb053e24a79465";
|
sha256 = "7a3b7edb1085f7b15d279c1013fac1d68f5247cfd6312d5275cb053e24a79465";
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
homepage = "https://github.com/jannispinter/indicatetls";
|
homepage = "https://github.com/jannispinter/indicatetls";
|
||||||
description =
|
description = "Displays negotiated SSL/TLS protocol version and additional security information in the address bar";
|
||||||
"Displays negotiated SSL/TLS protocol version and additional security information in the address bar";
|
|
||||||
license = licenses.mpl20;
|
license = licenses.mpl20;
|
||||||
mozPermissions = [
|
mozPermissions = [
|
||||||
"tabs"
|
"tabs"
|
||||||
|
@ -63,13 +66,11 @@ in {
|
||||||
pname = "sixindicator";
|
pname = "sixindicator";
|
||||||
version = "1.3.0";
|
version = "1.3.0";
|
||||||
addonId = "{8c9cad02-c069-4e93-909d-d874da819c49}";
|
addonId = "{8c9cad02-c069-4e93-909d-d874da819c49}";
|
||||||
url =
|
url = "https://addons.mozilla.org/firefox/downloads/file/3493442/sixindicator-1.3.0.xpi";
|
||||||
"https://addons.mozilla.org/firefox/downloads/file/3493442/sixindicator-1.3.0.xpi";
|
|
||||||
sha256 = "415ab83ed4ac94d1efe114752a09df29536d1bd54cc9b7e5ce5d9ee55a84226d";
|
sha256 = "415ab83ed4ac94d1efe114752a09df29536d1bd54cc9b7e5ce5d9ee55a84226d";
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
homepage = "https://github.com/HostedDinner/SixIndicator";
|
homepage = "https://github.com/HostedDinner/SixIndicator";
|
||||||
description =
|
description = "Shows a simple icon, if IPv6 or IPv4 was used for the request of the site. When clicking on the icon, more information is shown, like the number of requests per domain and if these requests were made via IPv6 or IPv4.";
|
||||||
"Shows a simple icon, if IPv6 or IPv4 was used for the request of the site. When clicking on the icon, more information is shown, like the number of requests per domain and if these requests were made via IPv6 or IPv4.";
|
|
||||||
license = licenses.mit;
|
license = licenses.mit;
|
||||||
mozPermissions = ["tabs" "webRequest" "<all_urls>"];
|
mozPermissions = ["tabs" "webRequest" "<all_urls>"];
|
||||||
platforms = platforms.all;
|
platforms = platforms.all;
|
||||||
|
@ -79,8 +80,7 @@ in {
|
||||||
pname = "simple-style-fox-2";
|
pname = "simple-style-fox-2";
|
||||||
version = "10.0";
|
version = "10.0";
|
||||||
addonId = "{317526c6-ff2b-49c9-822e-d77b4a3da1d1}";
|
addonId = "{317526c6-ff2b-49c9-822e-d77b4a3da1d1}";
|
||||||
url =
|
url = "https://addons.mozilla.org/firefox/downloads/file/3934220/simple_style_fox_2-10.0.xpi";
|
||||||
"https://addons.mozilla.org/firefox/downloads/file/3934220/simple_style_fox_2-10.0.xpi";
|
|
||||||
sha256 = "1aaac3ba08d21086d7087015f92a27661940df45a97bf5680588c883f799a97d";
|
sha256 = "1aaac3ba08d21086d7087015f92a27661940df45a97bf5680588c883f799a97d";
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
description = "Simple style fox 2";
|
description = "Simple style fox 2";
|
||||||
|
|
|
@ -1,5 +1,9 @@
|
||||||
{ pkgs, lib, ... }:
|
{
|
||||||
let
|
pkgs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
firefoxAddons = import ./addons.nix pkgs lib;
|
firefoxAddons = import ./addons.nix pkgs lib;
|
||||||
firefoxSettings = {
|
firefoxSettings = {
|
||||||
"browser.aboutConfig.showWarning" = false;
|
"browser.aboutConfig.showWarning" = false;
|
||||||
|
@ -11,9 +15,14 @@ let
|
||||||
"media.webspeech.synth.dont_notify_on_error" = true;
|
"media.webspeech.synth.dont_notify_on_error" = true;
|
||||||
"browser.gesture.swipe.left" = false;
|
"browser.gesture.swipe.left" = false;
|
||||||
"browser.gesture.swipe.right" = false;
|
"browser.gesture.swipe.right" = false;
|
||||||
|
"browser.newtabpage.activity-stream.showSponsored" = false;
|
||||||
|
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
|
||||||
};
|
};
|
||||||
|
cfg = config.pim.firefox;
|
||||||
in {
|
in {
|
||||||
config = {
|
options.pim.firefox.enable = lib.mkEnableOption "firefox";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
programs.firefox = {
|
programs.firefox = {
|
||||||
enable = true;
|
enable = true;
|
||||||
profiles = {
|
profiles = {
|
||||||
|
@ -21,52 +30,9 @@ in {
|
||||||
id = 0;
|
id = 0;
|
||||||
isDefault = true;
|
isDefault = true;
|
||||||
settings = firefoxSettings;
|
settings = firefoxSettings;
|
||||||
extensions = firefoxAddons.default;
|
extensions = firefoxAddons;
|
||||||
};
|
|
||||||
sue = {
|
|
||||||
id = 1;
|
|
||||||
settings = firefoxSettings;
|
|
||||||
extensions = firefoxAddons.sue;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
xdg.desktopEntries.firefox-sue = {
|
|
||||||
categories = [ "Network" "WebBrowser" ];
|
|
||||||
exec = "firefox -P sue --name firefox %U";
|
|
||||||
genericName = "Web Browser";
|
|
||||||
icon = "firefox";
|
|
||||||
mimeType = [
|
|
||||||
"text/html"
|
|
||||||
"text/xml"
|
|
||||||
"application/xhtml+xml"
|
|
||||||
"application/vnd.mozilla.xul+xml"
|
|
||||||
"x-scheme-handler/http"
|
|
||||||
"x-scheme-handler/https"
|
|
||||||
];
|
|
||||||
name = "Firefox | Sue";
|
|
||||||
startupNotify = true;
|
|
||||||
terminal = false;
|
|
||||||
type = "Application";
|
|
||||||
};
|
|
||||||
|
|
||||||
xdg.desktopEntries.firefox = lib.mkForce {
|
|
||||||
categories = [ "Network" "WebBrowser" ];
|
|
||||||
exec = "firefox --new-window --name firefox %U";
|
|
||||||
genericName = "Web Browser";
|
|
||||||
icon = "firefox";
|
|
||||||
mimeType = [
|
|
||||||
"text/html"
|
|
||||||
"text/xml"
|
|
||||||
"application/xhtml+xml"
|
|
||||||
"application/vnd.mozilla.xul+xml"
|
|
||||||
"x-scheme-handler/http"
|
|
||||||
"x-scheme-handler/https"
|
|
||||||
];
|
|
||||||
name = "Firefox";
|
|
||||||
startupNotify = true;
|
|
||||||
terminal = false;
|
|
||||||
type = "Application";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
{
|
|
||||||
config = {
|
|
||||||
programs.fzf = {
|
|
||||||
enable = true;
|
|
||||||
enableBashIntegration = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,18 +0,0 @@
|
||||||
{
|
|
||||||
config = {
|
|
||||||
programs.git = {
|
|
||||||
enable = true;
|
|
||||||
userName = "Pim Kunis";
|
|
||||||
userEmail = "pim@kunis.nl";
|
|
||||||
extraConfig = {
|
|
||||||
push.autoSetupRemote = true;
|
|
||||||
commit.verbose = true;
|
|
||||||
pull.rebase = true;
|
|
||||||
};
|
|
||||||
includes = [{
|
|
||||||
path = "~/git/suecode/.gitconfig";
|
|
||||||
condition = "gitdir:~/git/suecode/**";
|
|
||||||
}];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
94
home-manager/gnome.nix
Normal file
|
@ -0,0 +1,94 @@
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
self,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.gnome;
|
||||||
|
in {
|
||||||
|
options.pim.gnome.enable = lib.mkEnableOption "gnome";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
home.packages = with pkgs; [gnome.gnome-tweaks];
|
||||||
|
|
||||||
|
dconf.settings = with lib.hm.gvariant; {
|
||||||
|
"org/gnome/desktop/sound".allow-volume-above-100-percent = true;
|
||||||
|
"org/gnome/desktop/wm.preferences".num-workspaces = 4;
|
||||||
|
"org/gnome/mutter".edge-tiling = true;
|
||||||
|
|
||||||
|
"org/gnome/shell" = {
|
||||||
|
disable-extension-version-validation = true;
|
||||||
|
|
||||||
|
enabled-extensions = [
|
||||||
|
"workspaces-by-open-apps@favo02.github.com"
|
||||||
|
"pop-shell@system76.com"
|
||||||
|
"windowIsReady_Remover@nunofarruca@gmail.com"
|
||||||
|
"randomwallpaper@iflow.space"
|
||||||
|
"Vitals@CoreCoding.com"
|
||||||
|
"tailscale-status@maxgallup.github.com"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"org/gnome/desktop/input-sources" = {
|
||||||
|
sources = [(mkTuple ["xkb" "us"])];
|
||||||
|
xkb-options = ["terminate:ctrl_alt_bksp" "caps:escape"];
|
||||||
|
};
|
||||||
|
|
||||||
|
"org/gnome/shell/extensions/pop-shell" = {
|
||||||
|
active-hint = true;
|
||||||
|
fullscreen-launcher = false;
|
||||||
|
mouse-cursor-focus-location = mkUint32 4;
|
||||||
|
mouse-cursor-follows-active-window = true;
|
||||||
|
show-skip-taskbar = false;
|
||||||
|
show-title = true;
|
||||||
|
smart-gaps = false;
|
||||||
|
snap-to-grid = false;
|
||||||
|
stacking-with-mouse = true;
|
||||||
|
tile-by-default = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0" = {
|
||||||
|
binding = "<Super>t";
|
||||||
|
command = lib.getExe config.programs.alacritty.package;
|
||||||
|
name = "Terminal";
|
||||||
|
};
|
||||||
|
|
||||||
|
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom1" = {
|
||||||
|
binding = "<Super>e";
|
||||||
|
command = "${lib.getExe config.programs.librewolf.package} --browser";
|
||||||
|
name = "Browser";
|
||||||
|
};
|
||||||
|
|
||||||
|
"org/gnome/desktop/wm/keybindings" = {
|
||||||
|
close = ["<Shift><Super>q"];
|
||||||
|
minimize = mkEmptyArray type.string;
|
||||||
|
move-to-workspace-1 = ["<Shift><Super>1"];
|
||||||
|
move-to-workspace-2 = ["<Shift><Super>2"];
|
||||||
|
move-to-workspace-3 = ["<Shift><Super>3"];
|
||||||
|
move-to-workspace-4 = ["<Shift><Super>4"];
|
||||||
|
switch-applications = mkEmptyArray type.string;
|
||||||
|
switch-applications-backward = mkEmptyArray type.string;
|
||||||
|
switch-to-workspace-1 = ["<Super>1"];
|
||||||
|
switch-to-workspace-2 = ["<Super>2"];
|
||||||
|
switch-to-workspace-3 = ["<Super>3"];
|
||||||
|
switch-to-workspace-4 = ["<Super>4"];
|
||||||
|
toggle-fullscreen = ["<Super>f"];
|
||||||
|
};
|
||||||
|
|
||||||
|
"org/gnome/shell/extensions/space-iflow-randomwallpaper" = {
|
||||||
|
auto-fetch = true;
|
||||||
|
change-type = 2;
|
||||||
|
hide-panel-icon = true;
|
||||||
|
history-length = 1;
|
||||||
|
hours = 0;
|
||||||
|
minutes = 30;
|
||||||
|
sources = ["42"];
|
||||||
|
fetch-on-startup = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
"org/gnome/shell/extensions/space-iflow-randomwallpaper/sources/general/42".type = 4;
|
||||||
|
"org/gnome/shell/extensions/space-iflow-randomwallpaper/sources/localFolder/42".folder = "${self}/wallpapers";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,9 +0,0 @@
|
||||||
{ pkgs, config, ... }: {
|
|
||||||
config = {
|
|
||||||
home.packages = [ pkgs.keepassxc ];
|
|
||||||
homeage.file."keepassxc.ini" = {
|
|
||||||
source = ../../secrets/keepassxc.ini.age;
|
|
||||||
symlinks = [ "${config.xdg.configHome}/keepassxc/keepassxc.ini" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,19 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
clusters:
|
|
||||||
- cluster:
|
|
||||||
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUzTURJMU56UXlOVGt3SGhjTk1qTXhNakUwTVRjeE56TTVXaGNOTXpNeE1qRXhNVGN4TnpNNQpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUzTURJMU56UXlOVGt3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFUMzdYdlBzUG9DeTk3Nm1zWm9qTHBlUklieVB5NWFPV0NJWXpyZVpUcVYKUlo4cDVyME1RdVViV0crNTJqQ1ZjNCtrZGN3WVkwRXRDaUpkZ21LSU5RcTRvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWx1ZGcvZWd0bUMvWkNiaTZMRkNnClhIaXFtL2t3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUloQUlTbHJ2TmVTc3RtVlFLVWp2STF3UlZPb0RMWEJjWDEKelpZOURUNW9WM214QWlBT2JKRThOaldOSUdSZE1FcWpXZXhUd1M5RUlGbGs2eUEwOXNjS0FmRUNXUT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
|
|
||||||
server: https://jefke.hyp:6443
|
|
||||||
name: default
|
|
||||||
contexts:
|
|
||||||
- context:
|
|
||||||
cluster: default
|
|
||||||
user: pim
|
|
||||||
name: default
|
|
||||||
current-context: default
|
|
||||||
kind: Config
|
|
||||||
preferences: {}
|
|
||||||
users:
|
|
||||||
- name: pim
|
|
||||||
user:
|
|
||||||
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJWVENCL0tBREFnRUNBaEFWemhyQ3QwZzFQMWJXZW1IUGx2SUZNQW9HQ0NxR1NNNDlCQU1DTUNNeElUQWYKQmdOVkJBTU1HR3N6Y3kxamJHbGxiblF0WTJGQU1UY3dNalUzTkRJMU9UQWVGdzB5TXpFeU1UUXhPVEl3TURCYQpGdzB5TkRFeU1UTXhPVEl3TURCYU1BNHhEREFLQmdOVkJBTVRBM0JwYlRBcU1BVUdBeXRsY0FNaEFDYWxxaUdFCjdvcVo0SFNvLy95RGhqZXJrVVA5WWg4QXdFbHFnMXI4NGpvbG8xWXdWREFPQmdOVkhROEJBZjhFQkFNQ0JhQXcKRXdZRFZSMGxCQXd3Q2dZSUt3WUJCUVVIQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JTZQpkenA2TzVhajU4NGtML2FJM0pvTHhkOUtQakFLQmdncWhrak9QUVFEQWdOSUFEQkZBaUF3eDJISGNOcVd4bkhyCmkvRVg2SmJRVlRZYThmTzhpYTdMOXRYWS84OXlQQUloQVBSanlmMU0waWtCZU95VUVUODVLS1dNaDFhbWRNZVUKSUFBZTM2WDVUSVRDCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
|
|
||||||
client-key: k3s-pim-privkey
|
|
|
@ -1,5 +1,14 @@
|
||||||
{ pkgs, ... }: {
|
{
|
||||||
config = {
|
pkgs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.neovim;
|
||||||
|
in {
|
||||||
|
options.pim.neovim.enable = lib.mkEnableOption "neovim";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
programs.neovim = {
|
programs.neovim = {
|
||||||
enable = true;
|
enable = true;
|
||||||
viAlias = true;
|
viAlias = true;
|
||||||
|
@ -11,10 +20,9 @@
|
||||||
extraPackages = with pkgs; [
|
extraPackages = with pkgs; [
|
||||||
nil
|
nil
|
||||||
nodePackages.pyright
|
nodePackages.pyright
|
||||||
neofetch
|
|
||||||
gopls
|
gopls
|
||||||
terraform-ls
|
terraform-ls
|
||||||
nixfmt
|
nixfmt-classic
|
||||||
stylua
|
stylua
|
||||||
black
|
black
|
||||||
nixpkgs-fmt
|
nixpkgs-fmt
|
||||||
|
@ -71,7 +79,7 @@
|
||||||
nvim-web-devicons
|
nvim-web-devicons
|
||||||
lsp-format-nvim
|
lsp-format-nvim
|
||||||
{
|
{
|
||||||
plugin = pkgs.unstable.vimPlugins.none-ls-nvim;
|
plugin = pkgs.vimPlugins.none-ls-nvim;
|
||||||
type = "lua";
|
type = "lua";
|
||||||
config = builtins.readFile ./none-ls.lua;
|
config = builtins.readFile ./none-ls.lua;
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,14 +45,21 @@ require("lspconfig").terraformls.setup({
|
||||||
capabilities = capabilities,
|
capabilities = capabilities,
|
||||||
})
|
})
|
||||||
|
|
||||||
-- require'lspconfig'.efm.setup {
|
local function has_treefmt()
|
||||||
-- on_attach = require("lsp-format").on_attach,
|
local git_root = vim.fn.systemlist("git rev-parse --show-toplevel")[1]
|
||||||
-- init_options = {documentFormatting = true},
|
if vim.v.shell_error ~= 0 then
|
||||||
-- settings = {
|
return false
|
||||||
-- languages = {
|
end
|
||||||
-- lua = {{formatCommand = "lua-format -i", formatStdin = true}},
|
local treefmt_path = git_root .. "/treefmt.nix"
|
||||||
-- nix = {{formatCommand = "nixfmt", formatStdin = true}}
|
return vim.fn.filereadable(treefmt_path) == 1
|
||||||
-- }
|
end
|
||||||
-- },
|
|
||||||
-- filetypes = {"lua", "nix"}
|
vim.api.nvim_create_autocmd("BufWritePost", {
|
||||||
-- }
|
pattern = "*",
|
||||||
|
callback = function()
|
||||||
|
if vim.fn.expand("%:p") ~= vim.fn.getcwd() .. "/.git/COMMIT_EDITMSG" and has_treefmt() then
|
||||||
|
vim.cmd("silent !treefmt > /dev/null 2>&1")
|
||||||
|
end
|
||||||
|
end,
|
||||||
|
group = vim.api.nvim_create_augroup("TreefmtAutoformat", { clear = true }),
|
||||||
|
})
|
||||||
|
|
|
@ -20,24 +20,24 @@ require("null-ls").setup({
|
||||||
},
|
},
|
||||||
|
|
||||||
-- configure format on save
|
-- configure format on save
|
||||||
on_attach = function(current_client, bufnr)
|
-- on_attach = function(current_client, bufnr)
|
||||||
if current_client.supports_method("textDocument/formatting") then
|
-- if current_client.supports_method("textDocument/formatting") then
|
||||||
vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
|
-- vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
|
||||||
vim.api.nvim_create_autocmd("BufWritePre", {
|
-- vim.api.nvim_create_autocmd("BufWritePre", {
|
||||||
group = augroup,
|
-- group = augroup,
|
||||||
buffer = bufnr,
|
-- buffer = bufnr,
|
||||||
callback = function()
|
-- callback = function()
|
||||||
vim.lsp.buf.format({
|
-- vim.lsp.buf.format({
|
||||||
filter = function(client)
|
-- filter = function(client)
|
||||||
-- only use null-ls for formatting instead of lsp server
|
-- -- only use null-ls for formatting instead of lsp server
|
||||||
return client.name == "null-ls"
|
-- return client.name == "null-ls"
|
||||||
end,
|
-- end,
|
||||||
bufnr = bufnr,
|
-- bufnr = bufnr,
|
||||||
})
|
-- })
|
||||||
end,
|
-- end,
|
||||||
})
|
-- })
|
||||||
end
|
-- end
|
||||||
end,
|
-- end,
|
||||||
})
|
})
|
||||||
|
|
||||||
-- formatting command
|
-- formatting command
|
||||||
|
|
|
@ -1,17 +0,0 @@
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIICrzCCAZcCFApupXAa2tPytpi3av47+az0Ggb4MA0GCSqGSIb3DQEBCwUAMBQx
|
|
||||||
EjAQBgNVBAMMCWplZmtlLmh5cDAeFw0yMzExMjQyMjAzMjhaFw0yNDExMjMyMjAz
|
|
||||||
MjhaMBQxEjAQBgNVBAMMCXRlcnJhZm9ybTCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
|
||||||
ADCCAQoCggEBALeJ/fYUCmwislUw4XcCxivCUuWuUWI+t/nke9/hWEWTmDG4Z7/a
|
|
||||||
IAKqsGk0zNATQViAXmYZwdYK70AKQhxat3OJcuZarsurOXVjVJdT4Wr5SxHGHjd0
|
|
||||||
bwd8JzFZPIfgYCILCISFjCIfpD58kBq2bkvI4rpn4tb2iPunXp0+S8iHDMB5wAOb
|
|
||||||
FgT0muuz9ua4R76nq79O9wLbAVf38CDR9bMGcPcKknz0sl37jr7A/pDvQzpFWO33
|
|
||||||
eJb64b7Qe4CHslWFj1tdEkXaMpMNWHhc2TmtLtlt6a+RY1R9KdX5x0lQTyJnEwJZ
|
|
||||||
8YTKnlMoNvkfBznuARFmNNmUYPoHE6WgonMCAwEAATANBgkqhkiG9w0BAQsFAAOC
|
|
||||||
AQEAaH1HVPThhAkrXE4Zmh49D1zvq5uy6moV326/ovnPQfco2jYBYO5mYxBF32mx
|
|
||||||
ShEanbJJKkFjWkQHmsWt7nrkeloz6q8sD19nLyyWmMj0Pd6wcLv017Zdo902fh27
|
|
||||||
Rl8qZS44vEc+N/5gc2eINMfXm/JOdXYntOVpFO/I+6b9Q2iWFX3YUAXiIDiEYBvS
|
|
||||||
BBqyXC2nVg6Lp1KVg+EaYW27sj8b5HHXnpEGdXduVmOWttdaQVjYslqmH7mUKi9f
|
|
||||||
2U9FicMvw6KvkRki+SLKeZr2yIP1QQOnWg0BPbeCpMfdMSu/AtLkAtugZeT8p1Ko
|
|
||||||
3hMMyKKzyyhiwpzvk21QFNZ5LA==
|
|
||||||
-----END CERTIFICATE-----
|
|
|
@ -1,67 +0,0 @@
|
||||||
Certificate:
|
|
||||||
Data:
|
|
||||||
Version: 1 (0x0)
|
|
||||||
Serial Number:
|
|
||||||
ef:2f:4d:d4:26:7e:33:1b
|
|
||||||
Signature Algorithm: sha256WithRSAEncryption
|
|
||||||
Issuer: CN=jefke.hyp
|
|
||||||
Validity
|
|
||||||
Not Before: Nov 22 19:12:03 2023 GMT
|
|
||||||
Not After : Oct 29 19:12:03 2123 GMT
|
|
||||||
Subject: CN=jefke.hyp
|
|
||||||
Subject Public Key Info:
|
|
||||||
Public Key Algorithm: rsaEncryption
|
|
||||||
RSA Public-Key: (2048 bit)
|
|
||||||
Modulus:
|
|
||||||
00:c7:ab:eb:9c:d0:7f:4f:f1:ba:65:0a:8b:07:7b:
|
|
||||||
2e:5b:f0:26:82:33:c9:73:e6:91:cc:11:94:05:1c:
|
|
||||||
8d:67:29:cb:5e:67:35:02:80:54:af:99:4b:aa:ce:
|
|
||||||
e8:56:62:be:63:cb:b2:4a:b0:a9:28:12:e2:77:50:
|
|
||||||
7d:d5:d2:3b:48:d8:32:59:25:26:ff:a6:5c:f6:eb:
|
|
||||||
ae:5b:3d:7a:14:10:ba:90:9c:6f:1f:b9:d8:99:0e:
|
|
||||||
b7:09:5e:62:69:c4:c0:c6:27:b0:d3:60:0d:47:4c:
|
|
||||||
a5:11:53:f2:f1:4a:f9:a6:bc:d6:a3:35:a2:e8:e5:
|
|
||||||
a9:d1:60:e8:e5:18:ce:d2:60:80:4e:dc:48:ae:7f:
|
|
||||||
b7:ea:76:51:28:39:a4:b0:95:82:95:93:98:b2:9f:
|
|
||||||
23:c9:81:69:59:a3:e4:f7:5a:1c:01:31:96:c1:4b:
|
|
||||||
59:21:f8:a2:e6:9e:21:78:0e:6b:c1:68:c7:5c:16:
|
|
||||||
9a:06:54:df:b6:77:1d:2d:89:d0:c8:9e:db:b5:d4:
|
|
||||||
8c:fb:b9:4f:b7:6e:39:5f:39:8e:48:73:76:7d:46:
|
|
||||||
6e:1f:8d:14:cb:40:b5:ff:c6:f0:c0:44:3c:ed:52:
|
|
||||||
3f:4f:7b:69:63:93:c6:41:e6:5e:ed:33:50:20:46:
|
|
||||||
db:93:bf:e8:52:51:95:f1:81:73:58:da:67:21:7b:
|
|
||||||
12:bd
|
|
||||||
Exponent: 65537 (0x10001)
|
|
||||||
Signature Algorithm: sha256WithRSAEncryption
|
|
||||||
aa:5c:89:41:a6:b7:3d:65:87:ca:50:c4:f3:58:aa:d3:b4:55:
|
|
||||||
b1:a7:8d:18:26:17:e5:8a:21:24:a1:49:53:77:31:5b:55:63:
|
|
||||||
be:01:d8:fe:b7:06:7c:da:07:1f:94:6a:de:96:ad:ca:3b:20:
|
|
||||||
2a:e1:35:90:19:83:6d:37:d1:15:12:de:3c:0e:46:be:66:a1:
|
|
||||||
6a:1d:ec:72:dc:46:79:69:e4:af:77:c8:ff:cd:d6:7d:16:88:
|
|
||||||
ab:44:fd:70:fc:40:47:ff:43:95:11:5a:9a:56:0c:d2:dd:7c:
|
|
||||||
3b:87:aa:10:26:fa:25:a3:a0:43:8a:1b:ec:54:11:7e:65:67:
|
|
||||||
d2:06:e1:3e:3b:e1:0e:b0:80:ef:4b:35:3f:fc:34:1d:95:2e:
|
|
||||||
ee:c1:67:38:da:b3:74:86:4b:95:8c:0c:1d:51:28:c1:42:e9:
|
|
||||||
77:68:d7:ec:3b:66:30:c6:e5:2a:62:ea:15:fb:24:56:cf:02:
|
|
||||||
d0:25:54:a7:58:15:b5:2a:71:93:56:c0:69:7a:36:18:6c:31:
|
|
||||||
b1:8e:3c:77:d7:77:ac:fc:e1:94:c5:08:bb:35:ac:48:5f:6b:
|
|
||||||
8b:c8:c8:78:f4:a9:ca:4f:9d:51:54:89:97:c9:af:a1:fa:71:
|
|
||||||
df:58:f6:ff:04:7c:c8:1c:95:6b:1a:e3:a7:f6:43:1c:27:94:
|
|
||||||
10:03:ce:ec
|
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIICpjCCAY4CCQDvL03UJn4zGzANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAlq
|
|
||||||
ZWZrZS5oeXAwIBcNMjMxMTIyMTkxMjAzWhgPMjEyMzEwMjkxOTEyMDNaMBQxEjAQ
|
|
||||||
BgNVBAMMCWplZmtlLmh5cDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
|
|
||||||
AMer65zQf0/xumUKiwd7LlvwJoIzyXPmkcwRlAUcjWcpy15nNQKAVK+ZS6rO6FZi
|
|
||||||
vmPLskqwqSgS4ndQfdXSO0jYMlklJv+mXPbrrls9ehQQupCcbx+52JkOtwleYmnE
|
|
||||||
wMYnsNNgDUdMpRFT8vFK+aa81qM1oujlqdFg6OUYztJggE7cSK5/t+p2USg5pLCV
|
|
||||||
gpWTmLKfI8mBaVmj5PdaHAExlsFLWSH4ouaeIXgOa8Fox1wWmgZU37Z3HS2J0Mie
|
|
||||||
27XUjPu5T7duOV85jkhzdn1Gbh+NFMtAtf/G8MBEPO1SP097aWOTxkHmXu0zUCBG
|
|
||||||
25O/6FJRlfGBc1jaZyF7Er0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAqlyJQaa3
|
|
||||||
PWWHylDE81iq07RVsaeNGCYX5YohJKFJU3cxW1VjvgHY/rcGfNoHH5Rq3patyjsg
|
|
||||||
KuE1kBmDbTfRFRLePA5Gvmahah3sctxGeWnkr3fI/83WfRaIq0T9cPxAR/9DlRFa
|
|
||||||
mlYM0t18O4eqECb6JaOgQ4ob7FQRfmVn0gbhPjvhDrCA70s1P/w0HZUu7sFnONqz
|
|
||||||
dIZLlYwMHVEowULpd2jX7DtmMMblKmLqFfskVs8C0CVUp1gVtSpxk1bAaXo2GGwx
|
|
||||||
sY48d9d3rPzhlMUIuzWsSF9ri8jIePSpyk+dUVSJl8mvofpx31j2/wR8yByVaxrj
|
|
||||||
p/ZDHCeUEAPO7A==
|
|
||||||
-----END CERTIFICATE-----
|
|
23
home-manager/sops.nix
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
{
|
||||||
|
self,
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.sops;
|
||||||
|
in {
|
||||||
|
imports = [inputs.sops-nix.homeManagerModules.sops];
|
||||||
|
options.pim.sops.enable = lib.mkEnableOption "sops";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
sops = {
|
||||||
|
age.keyFile = "${config.xdg.configHome}/sops/age/keys.txt";
|
||||||
|
defaultSopsFile = "${self}/secrets/pim.yaml";
|
||||||
|
|
||||||
|
secrets = {
|
||||||
|
"keepassxc".path = "${config.xdg.configHome}/keepassxc/keepassxc.ini";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,35 +0,0 @@
|
||||||
{ config, lib, ... }: {
|
|
||||||
config = {
|
|
||||||
programs.ssh = {
|
|
||||||
enable = true;
|
|
||||||
extraConfig = "User root";
|
|
||||||
|
|
||||||
matchBlocks = {
|
|
||||||
github = lib.hm.dag.entryBefore [ "*" ] {
|
|
||||||
hostname = "github.com";
|
|
||||||
user = "pizzapim";
|
|
||||||
identitiesOnly = true;
|
|
||||||
};
|
|
||||||
lewis = lib.hm.dag.entryBefore [ "*" ] { hostname = "lewis.hyp"; };
|
|
||||||
atlas = lib.hm.dag.entryBefore [ "*" ] { hostname = "atlas.hyp"; };
|
|
||||||
jefke = lib.hm.dag.entryBefore [ "*" ] { hostname = "jefke.hyp"; };
|
|
||||||
hermes = lib.hm.dag.entryBefore [ "*" ] { hostname = "hermes.dmz"; };
|
|
||||||
maestro = lib.hm.dag.entryBefore [ "*" ] { hostname = "maestro.dmz"; };
|
|
||||||
bancomart =
|
|
||||||
lib.hm.dag.entryBefore [ "*" ] { hostname = "bancomart.dmz"; };
|
|
||||||
handjecontantje =
|
|
||||||
lib.hm.dag.entryBefore [ "*" ] { hostname = "handjecontantje.dmz"; };
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
homeage.file."sue_ed25519" = {
|
|
||||||
source = ../../secrets/sue_ed25519.age;
|
|
||||||
symlinks = [ "${config.home.homeDirectory}/.ssh/sue_ed25519" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
homeage.file."sue_azure_rsa" = {
|
|
||||||
source = ../../secrets/sue_azure_rsa.age;
|
|
||||||
symlinks = [ "${config.home.homeDirectory}/.ssh/sue_azure_rsa" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
18
home-manager/syncthing.nix
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.syncthing;
|
||||||
|
in {
|
||||||
|
options.pim.syncthing.enable = lib.mkEnableOption "syncthing";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
services.syncthing.enable = true;
|
||||||
|
|
||||||
|
sops.secrets = {
|
||||||
|
"syncthing/key".path = "${config.xdg.configHome}/syncthing/key.pem";
|
||||||
|
"syncthing/cert".path = "${config.xdg.configHome}/syncthing/cert.pem";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,17 +0,0 @@
|
||||||
{ config, ... }: {
|
|
||||||
config = {
|
|
||||||
services.syncthing.enable = true;
|
|
||||||
xdg.configFile."syncthing/config.xml".source = ./syncthing.xml;
|
|
||||||
xdg.userDirs.music = "${config.home.homeDirectory}/sync/Music";
|
|
||||||
|
|
||||||
homeage.file."syncthing-key.pem" = {
|
|
||||||
source = ../../secrets/syncthing-key.pem.age;
|
|
||||||
symlinks = [ "${config.xdg.configHome}/syncthing/key.pem" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
homeage.file."syncthing-cert.pem" = {
|
|
||||||
source = ../../secrets/syncthing-cert.pem.age;
|
|
||||||
symlinks = [ "${config.xdg.configHome}/syncthing/cert.pem" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,175 +0,0 @@
|
||||||
<configuration version="37">
|
|
||||||
<folder id="nncij-isaoe" label="Nextcloud" path="/home/pim/sync" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
|
|
||||||
<filesystemType>basic</filesystemType>
|
|
||||||
<device id="IGS4TYV-TQ6X2CG-OE3M2RE-DKZWKQZ-HEKIGHT-C6EIGHL-CBP2ULE-M3WZ7QC" introducedBy="">
|
|
||||||
<encryptionPassword></encryptionPassword>
|
|
||||||
</device>
|
|
||||||
<device id="LX5I2N3-WXPGTGV-ZMYTG3X-SZXJGKQ-KDGUBIA-KVFXMXX-2U2I3BX-M3H53Q2" introducedBy="">
|
|
||||||
<encryptionPassword></encryptionPassword>
|
|
||||||
</device>
|
|
||||||
<minDiskFree unit="%">1</minDiskFree>
|
|
||||||
<versioning>
|
|
||||||
<cleanupIntervalS>3600</cleanupIntervalS>
|
|
||||||
<fsPath></fsPath>
|
|
||||||
<fsType>basic</fsType>
|
|
||||||
</versioning>
|
|
||||||
<copiers>0</copiers>
|
|
||||||
<pullerMaxPendingKiB>0</pullerMaxPendingKiB>
|
|
||||||
<hashers>0</hashers>
|
|
||||||
<order>random</order>
|
|
||||||
<ignoreDelete>false</ignoreDelete>
|
|
||||||
<scanProgressIntervalS>0</scanProgressIntervalS>
|
|
||||||
<pullerPauseS>0</pullerPauseS>
|
|
||||||
<maxConflicts>10</maxConflicts>
|
|
||||||
<disableSparseFiles>false</disableSparseFiles>
|
|
||||||
<disableTempIndexes>false</disableTempIndexes>
|
|
||||||
<paused>false</paused>
|
|
||||||
<weakHashThresholdPct>25</weakHashThresholdPct>
|
|
||||||
<markerName>.stfolder</markerName>
|
|
||||||
<copyOwnershipFromParent>false</copyOwnershipFromParent>
|
|
||||||
<modTimeWindowS>0</modTimeWindowS>
|
|
||||||
<maxConcurrentWrites>2</maxConcurrentWrites>
|
|
||||||
<disableFsync>false</disableFsync>
|
|
||||||
<blockPullOrder>standard</blockPullOrder>
|
|
||||||
<copyRangeMethod>standard</copyRangeMethod>
|
|
||||||
<caseSensitiveFS>false</caseSensitiveFS>
|
|
||||||
<junctionsAsDirs>false</junctionsAsDirs>
|
|
||||||
<syncOwnership>false</syncOwnership>
|
|
||||||
<sendOwnership>false</sendOwnership>
|
|
||||||
<syncXattrs>false</syncXattrs>
|
|
||||||
<sendXattrs>false</sendXattrs>
|
|
||||||
<xattrFilter>
|
|
||||||
<maxSingleEntrySize>1024</maxSingleEntrySize>
|
|
||||||
<maxTotalSize>4096</maxTotalSize>
|
|
||||||
</xattrFilter>
|
|
||||||
</folder>
|
|
||||||
<device id="IGS4TYV-TQ6X2CG-OE3M2RE-DKZWKQZ-HEKIGHT-C6EIGHL-CBP2ULE-M3WZ7QC" name="Home" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
|
|
||||||
<address>dynamic</address>
|
|
||||||
<paused>false</paused>
|
|
||||||
<autoAcceptFolders>false</autoAcceptFolders>
|
|
||||||
<maxSendKbps>0</maxSendKbps>
|
|
||||||
<maxRecvKbps>0</maxRecvKbps>
|
|
||||||
<maxRequestKiB>0</maxRequestKiB>
|
|
||||||
<untrusted>false</untrusted>
|
|
||||||
<remoteGUIPort>0</remoteGUIPort>
|
|
||||||
</device>
|
|
||||||
<device id="LX5I2N3-WXPGTGV-ZMYTG3X-SZXJGKQ-KDGUBIA-KVFXMXX-2U2I3BX-M3H53Q2" name="x260" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
|
|
||||||
<address>dynamic</address>
|
|
||||||
<paused>false</paused>
|
|
||||||
<autoAcceptFolders>false</autoAcceptFolders>
|
|
||||||
<maxSendKbps>0</maxSendKbps>
|
|
||||||
<maxRecvKbps>0</maxRecvKbps>
|
|
||||||
<maxRequestKiB>0</maxRequestKiB>
|
|
||||||
<untrusted>false</untrusted>
|
|
||||||
<remoteGUIPort>0</remoteGUIPort>
|
|
||||||
</device>
|
|
||||||
<gui enabled="true" tls="false" debugging="false">
|
|
||||||
<address>127.0.0.1:8384</address>
|
|
||||||
<apikey></apikey>
|
|
||||||
<theme>default</theme>
|
|
||||||
</gui>
|
|
||||||
<ldap></ldap>
|
|
||||||
<options>
|
|
||||||
<listenAddress>default</listenAddress>
|
|
||||||
<globalAnnounceServer>default</globalAnnounceServer>
|
|
||||||
<globalAnnounceEnabled>true</globalAnnounceEnabled>
|
|
||||||
<localAnnounceEnabled>true</localAnnounceEnabled>
|
|
||||||
<localAnnouncePort>21027</localAnnouncePort>
|
|
||||||
<localAnnounceMCAddr>[ff12::8384]:21027</localAnnounceMCAddr>
|
|
||||||
<maxSendKbps>0</maxSendKbps>
|
|
||||||
<maxRecvKbps>0</maxRecvKbps>
|
|
||||||
<reconnectionIntervalS>60</reconnectionIntervalS>
|
|
||||||
<relaysEnabled>true</relaysEnabled>
|
|
||||||
<relayReconnectIntervalM>10</relayReconnectIntervalM>
|
|
||||||
<startBrowser>true</startBrowser>
|
|
||||||
<natEnabled>true</natEnabled>
|
|
||||||
<natLeaseMinutes>60</natLeaseMinutes>
|
|
||||||
<natRenewalMinutes>30</natRenewalMinutes>
|
|
||||||
<natTimeoutSeconds>10</natTimeoutSeconds>
|
|
||||||
<urAccepted>-1</urAccepted>
|
|
||||||
<urSeen>3</urSeen>
|
|
||||||
<urUniqueID></urUniqueID>
|
|
||||||
<urURL>https://data.syncthing.net/newdata</urURL>
|
|
||||||
<urPostInsecurely>false</urPostInsecurely>
|
|
||||||
<urInitialDelayS>1800</urInitialDelayS>
|
|
||||||
<autoUpgradeIntervalH>12</autoUpgradeIntervalH>
|
|
||||||
<upgradeToPreReleases>false</upgradeToPreReleases>
|
|
||||||
<keepTemporariesH>24</keepTemporariesH>
|
|
||||||
<cacheIgnoredFiles>false</cacheIgnoredFiles>
|
|
||||||
<progressUpdateIntervalS>5</progressUpdateIntervalS>
|
|
||||||
<limitBandwidthInLan>false</limitBandwidthInLan>
|
|
||||||
<minHomeDiskFree unit="%">1</minHomeDiskFree>
|
|
||||||
<releasesURL>https://upgrades.syncthing.net/meta.json</releasesURL>
|
|
||||||
<overwriteRemoteDeviceNamesOnConnect>false</overwriteRemoteDeviceNamesOnConnect>
|
|
||||||
<tempIndexMinBlocks>10</tempIndexMinBlocks>
|
|
||||||
<trafficClass>0</trafficClass>
|
|
||||||
<setLowPriority>true</setLowPriority>
|
|
||||||
<maxFolderConcurrency>0</maxFolderConcurrency>
|
|
||||||
<crashReportingURL>https://crash.syncthing.net/newcrash</crashReportingURL>
|
|
||||||
<crashReportingEnabled>true</crashReportingEnabled>
|
|
||||||
<stunKeepaliveStartS>180</stunKeepaliveStartS>
|
|
||||||
<stunKeepaliveMinS>20</stunKeepaliveMinS>
|
|
||||||
<stunServer>default</stunServer>
|
|
||||||
<databaseTuning>auto</databaseTuning>
|
|
||||||
<maxConcurrentIncomingRequestKiB>0</maxConcurrentIncomingRequestKiB>
|
|
||||||
<announceLANAddresses>true</announceLANAddresses>
|
|
||||||
<sendFullIndexOnUpgrade>false</sendFullIndexOnUpgrade>
|
|
||||||
<connectionLimitEnough>0</connectionLimitEnough>
|
|
||||||
<connectionLimitMax>0</connectionLimitMax>
|
|
||||||
<insecureAllowOldTLSVersions>false</insecureAllowOldTLSVersions>
|
|
||||||
</options>
|
|
||||||
<defaults>
|
|
||||||
<folder id="" label="" path="~" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
|
|
||||||
<filesystemType>basic</filesystemType>
|
|
||||||
<device id="LX5I2N3-WXPGTGV-ZMYTG3X-SZXJGKQ-KDGUBIA-KVFXMXX-2U2I3BX-M3H53Q2" introducedBy="">
|
|
||||||
<encryptionPassword></encryptionPassword>
|
|
||||||
</device>
|
|
||||||
<minDiskFree unit="%">1</minDiskFree>
|
|
||||||
<versioning>
|
|
||||||
<cleanupIntervalS>3600</cleanupIntervalS>
|
|
||||||
<fsPath></fsPath>
|
|
||||||
<fsType>basic</fsType>
|
|
||||||
</versioning>
|
|
||||||
<copiers>0</copiers>
|
|
||||||
<pullerMaxPendingKiB>0</pullerMaxPendingKiB>
|
|
||||||
<hashers>0</hashers>
|
|
||||||
<order>random</order>
|
|
||||||
<ignoreDelete>false</ignoreDelete>
|
|
||||||
<scanProgressIntervalS>0</scanProgressIntervalS>
|
|
||||||
<pullerPauseS>0</pullerPauseS>
|
|
||||||
<maxConflicts>10</maxConflicts>
|
|
||||||
<disableSparseFiles>false</disableSparseFiles>
|
|
||||||
<disableTempIndexes>false</disableTempIndexes>
|
|
||||||
<paused>false</paused>
|
|
||||||
<weakHashThresholdPct>25</weakHashThresholdPct>
|
|
||||||
<markerName>.stfolder</markerName>
|
|
||||||
<copyOwnershipFromParent>false</copyOwnershipFromParent>
|
|
||||||
<modTimeWindowS>0</modTimeWindowS>
|
|
||||||
<maxConcurrentWrites>2</maxConcurrentWrites>
|
|
||||||
<disableFsync>false</disableFsync>
|
|
||||||
<blockPullOrder>standard</blockPullOrder>
|
|
||||||
<copyRangeMethod>standard</copyRangeMethod>
|
|
||||||
<caseSensitiveFS>false</caseSensitiveFS>
|
|
||||||
<junctionsAsDirs>false</junctionsAsDirs>
|
|
||||||
<syncOwnership>false</syncOwnership>
|
|
||||||
<sendOwnership>false</sendOwnership>
|
|
||||||
<syncXattrs>false</syncXattrs>
|
|
||||||
<sendXattrs>false</sendXattrs>
|
|
||||||
<xattrFilter>
|
|
||||||
<maxSingleEntrySize>1024</maxSingleEntrySize>
|
|
||||||
<maxTotalSize>4096</maxTotalSize>
|
|
||||||
</xattrFilter>
|
|
||||||
</folder>
|
|
||||||
<device id="" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
|
|
||||||
<address>dynamic</address>
|
|
||||||
<paused>false</paused>
|
|
||||||
<autoAcceptFolders>false</autoAcceptFolders>
|
|
||||||
<maxSendKbps>0</maxSendKbps>
|
|
||||||
<maxRecvKbps>0</maxRecvKbps>
|
|
||||||
<maxRequestKiB>0</maxRequestKiB>
|
|
||||||
<untrusted>false</untrusted>
|
|
||||||
<remoteGUIPort>0</remoteGUIPort>
|
|
||||||
</device>
|
|
||||||
<ignores></ignores>
|
|
||||||
</defaults>
|
|
||||||
</configuration>
|
|
|
@ -1,8 +0,0 @@
|
||||||
{
|
|
||||||
config = {
|
|
||||||
programs.thunderbird = {
|
|
||||||
enable = true;
|
|
||||||
profiles.default = { isDefault = true; };
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
16
home-manager/tidal.nix
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.tidal;
|
||||||
|
in {
|
||||||
|
options.pim.tidal.enable = lib.mkEnableOption "tidal";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
supercollider-with-sc3-plugins
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
32
home-manager/vscode.nix
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.vscode;
|
||||||
|
in {
|
||||||
|
options.pim.vscode.enable = lib.mkEnableOption "vscode";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
programs.vscode = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.vscodium;
|
||||||
|
extensions = with pkgs.vscode-extensions; [
|
||||||
|
vscodevim.vim
|
||||||
|
marp-team.marp-vscode
|
||||||
|
jnoortheen.nix-ide
|
||||||
|
mkhl.direnv
|
||||||
|
];
|
||||||
|
|
||||||
|
userSettings = {
|
||||||
|
"nix.enableLanguageServer" = true;
|
||||||
|
"nix.serverPath" = lib.getExe pkgs.nil;
|
||||||
|
"terminal.integrated.defaultProfile.linux" = "fish";
|
||||||
|
"explorer.confirmDragAndDrop" = false;
|
||||||
|
"explorer.confirmPasteNative" = false;
|
||||||
|
"explorer.confirmDelete" = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
11
machines/default.nix
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
{
|
||||||
|
sue = {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
module = import ./sue;
|
||||||
|
};
|
||||||
|
|
||||||
|
gamepc = {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
module = import ./gamepc;
|
||||||
|
};
|
||||||
|
}
|
97
machines/gamepc/default.nix
Normal file
|
@ -0,0 +1,97 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
config = {
|
||||||
|
pim = {
|
||||||
|
cinnamon.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
facter.reportPath = ./facter.json;
|
||||||
|
networking.hostName = "gamepc";
|
||||||
|
home-manager.users.pim.imports = [./home.nix];
|
||||||
|
programs.steam.enable = true;
|
||||||
|
|
||||||
|
services = {
|
||||||
|
openssh.enable = true;
|
||||||
|
tailscale.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users = {
|
||||||
|
root.openssh.authorizedKeys.keys = config.pim.ssh.keys.pim;
|
||||||
|
pim.openssh.authorizedKeys.keys = config.pim.ssh.keys.pim;
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.loader.grub = {
|
||||||
|
enable = true;
|
||||||
|
efiSupport = true;
|
||||||
|
efiInstallAsRemovable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
disko.devices.disk = lib.genAttrs ["0" "1"] (name: {
|
||||||
|
type = "disk";
|
||||||
|
device = "/dev/nvme${name}n1";
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
boot = {
|
||||||
|
size = "1M";
|
||||||
|
type = "EF02"; # for grub MBR
|
||||||
|
};
|
||||||
|
ESP = {
|
||||||
|
size = "500M";
|
||||||
|
type = "EF00";
|
||||||
|
content = {
|
||||||
|
type = "mdraid";
|
||||||
|
name = "boot";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
mdadm = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "mdraid";
|
||||||
|
name = "raid0";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
});
|
||||||
|
|
||||||
|
disko.devices.mdadm = {
|
||||||
|
boot = {
|
||||||
|
type = "mdadm";
|
||||||
|
level = 1;
|
||||||
|
metadata = "1.0";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "vfat";
|
||||||
|
mountpoint = "/boot";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
raid0 = {
|
||||||
|
type = "mdadm";
|
||||||
|
level = 0;
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
primary = {
|
||||||
|
end = "-4G";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "ext4";
|
||||||
|
mountpoint = "/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
swap = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "swap";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
4606
machines/gamepc/facter.json
Normal file
8
machines/gamepc/home.nix
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
{pkgs, ...}: {
|
||||||
|
home.packages = with pkgs.unstable; [
|
||||||
|
devenv
|
||||||
|
vlc
|
||||||
|
handbrake
|
||||||
|
lutris
|
||||||
|
];
|
||||||
|
}
|
50
machines/sue/default.nix
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
{inputs, ...}: {
|
||||||
|
config = {
|
||||||
|
pim = {
|
||||||
|
lanzaboote.enable = true;
|
||||||
|
tidal.enable = true;
|
||||||
|
gnome.enable = true;
|
||||||
|
stylix.enable = true;
|
||||||
|
wireguard.enable = true;
|
||||||
|
compliance.enable = true;
|
||||||
|
sops.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.tailscale.enable = true;
|
||||||
|
facter.reportPath = ./facter.json;
|
||||||
|
home-manager.users.pim.imports = [./home.nix];
|
||||||
|
|
||||||
|
networking.hostName = "sue";
|
||||||
|
swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}];
|
||||||
|
fileSystems = {
|
||||||
|
"/" = {
|
||||||
|
device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-uuid/560E-F8A2";
|
||||||
|
fsType = "vfat";
|
||||||
|
options = ["fmask=0022" "dmask=0022"];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
nix.settings = {
|
||||||
|
substituters = ["https://cosmic.cachix.org/"];
|
||||||
|
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494";
|
||||||
|
|
||||||
|
# specialisation.cosmic.configuration = {
|
||||||
|
# imports = [
|
||||||
|
# inputs.nixos-cosmic.nixosModules.default
|
||||||
|
# ];
|
||||||
|
|
||||||
|
# services = {
|
||||||
|
# desktopManager.cosmic.enable = true;
|
||||||
|
# displayManager.cosmic-greeter.enable = true;
|
||||||
|
# };
|
||||||
|
# };
|
||||||
|
};
|
||||||
|
}
|
3817
machines/sue/facter.json
Normal file
45
machines/sue/home.nix
Normal file
|
@ -0,0 +1,45 @@
|
||||||
|
{pkgs, ...}: {
|
||||||
|
config = {
|
||||||
|
pim = {
|
||||||
|
tidal.enable = true;
|
||||||
|
gnome.enable = true;
|
||||||
|
vscode.enable = true;
|
||||||
|
syncthing.enable = true;
|
||||||
|
neovim.enable = true;
|
||||||
|
firefox.enable = true;
|
||||||
|
sops.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
home.packages =
|
||||||
|
(with pkgs; [
|
||||||
|
jellyfin-media-player
|
||||||
|
virt-manager
|
||||||
|
])
|
||||||
|
++ (with pkgs.unstable; [
|
||||||
|
attic-client
|
||||||
|
dbeaver-bin
|
||||||
|
devenv
|
||||||
|
bottles-unwrapped
|
||||||
|
gimp
|
||||||
|
hexchat
|
||||||
|
impression
|
||||||
|
insomnia
|
||||||
|
keepassxc
|
||||||
|
krita
|
||||||
|
libreoffice
|
||||||
|
# logseq # Has insecure electron dependency
|
||||||
|
moonlight-qt
|
||||||
|
nicotine-plus
|
||||||
|
qFlipper
|
||||||
|
signal-desktop
|
||||||
|
strawberry
|
||||||
|
telegram-desktop
|
||||||
|
vlc
|
||||||
|
vorta
|
||||||
|
wireshark
|
||||||
|
# nheko # Has insecure olm dependency
|
||||||
|
handbrake
|
||||||
|
feishin
|
||||||
|
]);
|
||||||
|
};
|
||||||
|
}
|
18
nixos-configurations.nix
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
inputs @ {
|
||||||
|
nixpkgs,
|
||||||
|
self,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
nixosConfigurations = nixpkgs.lib.mapAttrs (name: {
|
||||||
|
system,
|
||||||
|
module,
|
||||||
|
}:
|
||||||
|
nixpkgs.lib.nixosSystem {
|
||||||
|
inherit system;
|
||||||
|
modules = [./nixos module];
|
||||||
|
|
||||||
|
specialArgs = {
|
||||||
|
inherit inputs system self;
|
||||||
|
};
|
||||||
|
}) (import ./machines);
|
||||||
|
}
|
19
nixos/cinnamon.nix
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.cinnamon;
|
||||||
|
in {
|
||||||
|
options.pim.cinnamon.enable = lib.mkEnableOption "cinnamon";
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
services = {
|
||||||
|
displayManager.defaultSession = "cinnamon";
|
||||||
|
libinput.enable = true;
|
||||||
|
xserver = {
|
||||||
|
desktopManager.cinnamon.enable = true;
|
||||||
|
displayManager.lightdm.enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
14
nixos/compliance.nix
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.compliance;
|
||||||
|
in {
|
||||||
|
options.pim.compliance.enable = lib.mkEnableOption "compliance";
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
services.clamav = {
|
||||||
|
daemon.enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,25 +1,37 @@
|
||||||
{ pkgs, config, lib, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
vuescan = pkgs.callPackage ./vuescan.nix { };
|
|
||||||
in
|
|
||||||
{
|
{
|
||||||
imports = [ ./hardware-configuration.nix ];
|
pkgs,
|
||||||
|
config,
|
||||||
boot = { loader.systemd-boot.enable = true; };
|
lib,
|
||||||
|
inputs,
|
||||||
|
self,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [
|
||||||
|
inputs.home-manager.nixosModules.home-manager
|
||||||
|
inputs.nixos-facter-modules.nixosModules.facter
|
||||||
|
inputs.disko.nixosModules.disko
|
||||||
|
./lanzaboote.nix
|
||||||
|
./tidal.nix
|
||||||
|
./sops.nix
|
||||||
|
./stylix.nix
|
||||||
|
./wireguard.nix
|
||||||
|
./gnome.nix
|
||||||
|
./compliance.nix
|
||||||
|
./cinnamon.nix
|
||||||
|
./ssh.nix
|
||||||
|
];
|
||||||
|
|
||||||
time.timeZone = "Europe/Amsterdam";
|
time.timeZone = "Europe/Amsterdam";
|
||||||
i18n.defaultLocale = "en_US.UTF-8";
|
i18n.defaultLocale = "en_US.UTF-8";
|
||||||
|
programs.ssh.startAgent = true;
|
||||||
|
systemd.services.NetworkManager-wait-online.enable = lib.mkForce false;
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
udev.packages = [ vuescan ];
|
xserver.enable = true;
|
||||||
gnome.gnome-keyring.enable = lib.mkForce false;
|
|
||||||
|
|
||||||
xserver = {
|
tailscale = {
|
||||||
enable = true;
|
useRoutingFeatures = "client";
|
||||||
displayManager.gdm = { enable = true; };
|
extraSetFlags = ["--accept-routes"];
|
||||||
desktopManager.gnome.enable = true;
|
|
||||||
excludePackages = with pkgs; [ xterm ];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
printing = {
|
printing = {
|
||||||
|
@ -27,43 +39,47 @@ in
|
||||||
drivers = [pkgs.hplip pkgs.gutenprint];
|
drivers = [pkgs.hplip pkgs.gutenprint];
|
||||||
};
|
};
|
||||||
|
|
||||||
fprintd = {
|
pipewire = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
alsa.enable = true;
|
||||||
tod = {
|
alsa.support32Bit = true;
|
||||||
enable = true;
|
pulse.enable = true;
|
||||||
driver = pkgs.libfprint-2-tod1-vfs0090;
|
jack.enable = true;
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
users = {
|
users.users.pim = {
|
||||||
users.pim = {
|
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = [ "wheel" "docker" "input" ];
|
extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"];
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
systemPackages = with pkgs; [
|
systemPackages = with pkgs; [
|
||||||
wget
|
age
|
||||||
curl
|
borgbackup
|
||||||
git
|
|
||||||
btop
|
btop
|
||||||
ripgrep
|
btrfs-progs
|
||||||
vim
|
curl
|
||||||
dogdns
|
|
||||||
tree
|
|
||||||
dig
|
dig
|
||||||
vuescan
|
exfat
|
||||||
];
|
f3
|
||||||
gnome.excludePackages = with pkgs; [
|
fastfetch
|
||||||
gnome.totem
|
file
|
||||||
gnome-tour
|
git
|
||||||
gnome.epiphany
|
jq
|
||||||
gnome.geary
|
kubectl
|
||||||
gnome-console
|
nmap
|
||||||
gnome.gnome-music
|
poppler_utils # For pdfunite
|
||||||
|
ripgrep
|
||||||
|
sbctl
|
||||||
|
silicon
|
||||||
|
tree
|
||||||
|
units
|
||||||
|
vim
|
||||||
|
wget
|
||||||
|
yq
|
||||||
|
ncdu
|
||||||
|
lshw
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -77,32 +93,18 @@ in
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.ssh = {
|
security = {
|
||||||
startAgent = true;
|
rtkit.enable = true;
|
||||||
|
|
||||||
knownHosts = {
|
sudo.extraConfig = ''
|
||||||
dmz = {
|
|
||||||
hostNames = [ "*.dmz" ];
|
|
||||||
publicKey =
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAX2IhgHNxC6JTvLu9cej+iWuG+uJFMXn4AiRro9533x";
|
|
||||||
certAuthority = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
hypervisors = {
|
|
||||||
hostNames = [ "*.hyp" ];
|
|
||||||
publicKey =
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFzRkH3d/KVJQouswY/DMpenWbDFVOnI3Vut0xR0e1tb";
|
|
||||||
certAuthority = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
security.sudo.extraConfig = ''
|
|
||||||
Defaults timestamp_timeout=30
|
Defaults timestamp_timeout=30
|
||||||
'';
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
package = pkgs.nixFlakes;
|
package = pkgs.nixFlakes;
|
||||||
|
settings.trusted-users = ["root" "pim"];
|
||||||
|
|
||||||
extraOptions = ''
|
extraOptions = ''
|
||||||
experimental-features = nix-command flakes
|
experimental-features = nix-command flakes
|
||||||
'';
|
'';
|
||||||
|
@ -115,30 +117,12 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
age = {
|
|
||||||
identityPaths = [ "/home/pim/.ssh/age_ed25519" ];
|
|
||||||
|
|
||||||
secrets = {
|
|
||||||
wg-quick-home-privkey.file = ../secrets/wg-quick-home-privkey.age;
|
|
||||||
wg-quick-home-preshared-key.file =
|
|
||||||
../secrets/wg-quick-home-preshared-key.age;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "x260";
|
useDHCP = lib.mkDefault true;
|
||||||
|
networkmanager.unmanaged = lib.mkIf config.services.tailscale.enable ["tailscale0"];
|
||||||
wg-quick.interfaces.home = {
|
wireless.extraConfig = ''
|
||||||
privateKeyFile = config.age.secrets.wg-quick-home-privkey.path;
|
p2p_disabled=1
|
||||||
address = [ "10.225.191.4/24" ];
|
'';
|
||||||
dns = [ "192.168.30.8" ];
|
|
||||||
peers = [{
|
|
||||||
presharedKeyFile = config.age.secrets.wg-quick-home-preshared-key.path;
|
|
||||||
endpoint = "wg.geokunis2.nl:51820";
|
|
||||||
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
|
|
||||||
allowedIPs = [ "0.0.0.0/0" "::0/0" ];
|
|
||||||
}];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
virtualisation.docker = {
|
virtualisation.docker = {
|
||||||
|
@ -149,7 +133,55 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs.config.permittedInsecurePackages = [
|
nixpkgs = {
|
||||||
"electron-25.9.0"
|
hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
|
|
||||||
|
config = {
|
||||||
|
allowUnfreePredicate = pkg:
|
||||||
|
builtins.elem (lib.getName pkg) [
|
||||||
|
"libfprint-2-tod1-goodix"
|
||||||
|
"steam"
|
||||||
|
"steam-original"
|
||||||
|
"steam-run"
|
||||||
];
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
overlays = [
|
||||||
|
inputs.nur.overlay
|
||||||
|
(final: _prev: {
|
||||||
|
unstable = import inputs.nixpkgs-unstable {
|
||||||
|
inherit (pkgs) system;
|
||||||
|
config.allowUnfree = true;
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
boot = {
|
||||||
|
kernelModules = ["kvm-intel" "cdrom"];
|
||||||
|
extraModulePackages = [];
|
||||||
|
|
||||||
|
initrd = {
|
||||||
|
availableKernelModules = ["sd_mod"];
|
||||||
|
kernelModules = [];
|
||||||
|
};
|
||||||
|
|
||||||
|
kernel.sysctl = {
|
||||||
|
"net.core.default_qdisc" = "fq";
|
||||||
|
"net.ipv4.tcp_congestion_control" = "bbr";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
hardware = {
|
||||||
|
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
|
pulseaudio.enable = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
home-manager = {
|
||||||
|
useGlobalPkgs = true;
|
||||||
|
useUserPackages = true;
|
||||||
|
extraSpecialArgs = {inherit self inputs;};
|
||||||
|
|
||||||
|
users.pim.imports = ["${self}/home-manager"];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
58
nixos/gnome.nix
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.gnome;
|
||||||
|
in {
|
||||||
|
options.pim.gnome.enable = lib.mkEnableOption "gnome";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
services = {
|
||||||
|
gnome.gnome-keyring.enable = lib.mkForce false;
|
||||||
|
|
||||||
|
xserver = {
|
||||||
|
desktopManager.gnome.enable = true;
|
||||||
|
displayManager.gdm.enable = true;
|
||||||
|
excludePackages = [pkgs.xterm];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment = {
|
||||||
|
systemPackages =
|
||||||
|
[
|
||||||
|
pkgs.gnome.gnome-shell-extensions
|
||||||
|
]
|
||||||
|
++ (with pkgs.gnomeExtensions; [
|
||||||
|
pop-shell
|
||||||
|
window-is-ready-remover
|
||||||
|
random-wallpaper
|
||||||
|
workspaces-indicator-by-open-apps
|
||||||
|
])
|
||||||
|
++ lib.optional config.services.tailscale.enable pkgs.gnomeExtensions.tailscale-status;
|
||||||
|
|
||||||
|
gnome.excludePackages =
|
||||||
|
(with pkgs; [
|
||||||
|
epiphany
|
||||||
|
gnome-connections
|
||||||
|
gnome-console
|
||||||
|
gnome-tour
|
||||||
|
])
|
||||||
|
++ (with pkgs.gnome; [
|
||||||
|
geary
|
||||||
|
gnome-calendar
|
||||||
|
gnome-clocks
|
||||||
|
gnome-contacts
|
||||||
|
gnome-font-viewer
|
||||||
|
gnome-logs
|
||||||
|
gnome-maps
|
||||||
|
gnome-music
|
||||||
|
seahorse
|
||||||
|
totem
|
||||||
|
yelp
|
||||||
|
gnome-weather
|
||||||
|
]);
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,41 +0,0 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
|
||||||
# and may be overwritten by future invocations. Please make changes
|
|
||||||
# to /etc/nixos/configuration.nix instead.
|
|
||||||
{ config, lib, pkgs, modulesPath, ... }: {
|
|
||||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules =
|
|
||||||
[ "xhci_pci" "ahci" "sd_mod" "rtsx_pci_sdmmc" ];
|
|
||||||
boot.initrd.kernelModules = [ ];
|
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
|
||||||
boot.extraModulePackages = [ ];
|
|
||||||
|
|
||||||
fileSystems."/" = {
|
|
||||||
device = "/dev/disk/by-uuid/33e4587b-fba3-4a9d-82d2-a9e49a8e75fa";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
boot.initrd.luks.devices."luks-cd1139a7-0c1b-4459-b586-29b577825ee9".device =
|
|
||||||
"/dev/disk/by-uuid/cd1139a7-0c1b-4459-b586-29b577825ee9";
|
|
||||||
|
|
||||||
fileSystems."/boot" = {
|
|
||||||
device = "/dev/disk/by-uuid/87DA-B083";
|
|
||||||
fsType = "vfat";
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices =
|
|
||||||
[{ device = "/dev/disk/by-uuid/908399cd-2f4f-4555-8805-80c9faf190aa"; }];
|
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
|
||||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
|
||||||
networking.useDHCP = lib.mkDefault true;
|
|
||||||
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
|
|
||||||
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
|
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
||||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
|
||||||
hardware.cpu.intel.updateMicrocode =
|
|
||||||
lib.mkDefault config.hardware.enableRedistributableFirmware;
|
|
||||||
}
|
|
41
nixos/lanzaboote.nix
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [
|
||||||
|
inputs.lanzaboote.nixosModules.lanzaboote
|
||||||
|
];
|
||||||
|
|
||||||
|
options = {
|
||||||
|
pim.lanzaboote.enable = lib.mkEnableOption {
|
||||||
|
description = ''
|
||||||
|
Whether to enable lanzaboote
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf config.pim.lanzaboote.enable {
|
||||||
|
boot = {
|
||||||
|
# generate keys first with: `sudo nix run nixpkgs#sbctl create-keys`
|
||||||
|
# switch from lzb to bootspec by adding following line to the system configuration:
|
||||||
|
# bootspec.enable = true;
|
||||||
|
|
||||||
|
loader = {
|
||||||
|
systemd-boot.enable = lib.mkForce false;
|
||||||
|
# Use lanzaboote instead see below, default is:
|
||||||
|
# systemd-boot.enable = true;
|
||||||
|
|
||||||
|
efi = {
|
||||||
|
canTouchEfiVariables = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
lanzaboote = {
|
||||||
|
enable = true;
|
||||||
|
pkiBundle = "/etc/secureboot";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
22
nixos/sops.nix
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
{
|
||||||
|
inputs,
|
||||||
|
pkgs,
|
||||||
|
self,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.sops;
|
||||||
|
in {
|
||||||
|
imports = [inputs.sops-nix.nixosModules.sops];
|
||||||
|
options.pim.sops.enable = lib.mkEnableOption "sops";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
environment.systemPackages = [pkgs.sops];
|
||||||
|
|
||||||
|
sops = {
|
||||||
|
age.keyFile = "/home/pim/.config/sops/age/keys.txt";
|
||||||
|
defaultSopsFile = "${self}/secrets/secrets.yaml";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
27
nixos/ssh.nix
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
{lib, ...}: {
|
||||||
|
options = {
|
||||||
|
pim.ssh.keys = lib.mkOption {
|
||||||
|
type = lib.types.attrsOf (lib.types.listOf lib.types.str);
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
pim.ssh.keys = {
|
||||||
|
pim = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOodpLr+FDRyKyHjucHizNLVFHZ5AQmE9GmxMnOsSoaw pimkunis@thinkpadpim"];
|
||||||
|
niels = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINUZp4BCxf7uLa1QWonx/Crf8tYZ5MKIZ+EuaBa82LrV user@user-laptop"];
|
||||||
|
};
|
||||||
|
|
||||||
|
services = {
|
||||||
|
openssh = {
|
||||||
|
openFirewall = true;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
PasswordAuthentication = false;
|
||||||
|
KbdInteractiveAuthentication = false;
|
||||||
|
GSSAPIAuthentication = false;
|
||||||
|
UseDns = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
47
nixos/stylix.nix
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.stylix;
|
||||||
|
in {
|
||||||
|
imports = [inputs.stylix.nixosModules.stylix];
|
||||||
|
options.pim.stylix.enable = lib.mkEnableOption "stylix";
|
||||||
|
|
||||||
|
config = {
|
||||||
|
stylix = lib.mkMerge [
|
||||||
|
{
|
||||||
|
image = "${inputs.nixos-artwork}/wallpapers/nix-wallpaper-binary-blue.png";
|
||||||
|
}
|
||||||
|
(lib.mkIf cfg.enable {
|
||||||
|
enable = true;
|
||||||
|
base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-medium.yaml";
|
||||||
|
|
||||||
|
cursor = {
|
||||||
|
package = pkgs.bibata-cursors;
|
||||||
|
name = "Bibata-Modern-Classic";
|
||||||
|
size = 28;
|
||||||
|
};
|
||||||
|
|
||||||
|
fonts = {
|
||||||
|
monospace = {
|
||||||
|
package = pkgs.nerdfonts.override {fonts = ["JetBrainsMono"];};
|
||||||
|
name = "JetBrainsMono Nerd Font Mono";
|
||||||
|
};
|
||||||
|
|
||||||
|
sansSerif = {
|
||||||
|
package = pkgs.dejavu_fonts;
|
||||||
|
name = "DejaVu Sans";
|
||||||
|
};
|
||||||
|
|
||||||
|
serif = {
|
||||||
|
package = pkgs.dejavu_fonts;
|
||||||
|
name = "DejaVu Serif";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
13
nixos/tidal.nix
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
{
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.tidal;
|
||||||
|
in {
|
||||||
|
options.pim.tidal.enable = lib.mkEnableOption "tidal";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
users.users.pim.extraGroups = ["audio"];
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,60 +0,0 @@
|
||||||
{ stdenv
|
|
||||||
, fetchurl
|
|
||||||
, gnutar
|
|
||||||
, autoPatchelfHook
|
|
||||||
, glibc
|
|
||||||
, gtk2
|
|
||||||
, xorg
|
|
||||||
, libgudev
|
|
||||||
, makeDesktopItem
|
|
||||||
}:
|
|
||||||
let
|
|
||||||
pname = "vuescan";
|
|
||||||
version = "9.8";
|
|
||||||
desktopItem = makeDesktopItem {
|
|
||||||
name = "VueScan";
|
|
||||||
desktopName = "VueScan";
|
|
||||||
genericName = "Scanning Program";
|
|
||||||
comment = "Scanning Program";
|
|
||||||
icon = "vuescan";
|
|
||||||
terminal = false;
|
|
||||||
type = "Application";
|
|
||||||
startupNotify = true;
|
|
||||||
categories = [ "Graphics" "Utility" ];
|
|
||||||
keywords = [ "scan" "scanner" ];
|
|
||||||
|
|
||||||
exec = "vuescan";
|
|
||||||
};
|
|
||||||
in
|
|
||||||
stdenv.mkDerivation {
|
|
||||||
name = "${pname}-${version}";
|
|
||||||
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://www.hamrick.com/files/vuex6498.tgz";
|
|
||||||
hash = "sha256-qTSZuNPCi+G4e7PfnJEDj8rBMYV/Tw/ye3nDspqIPlE=";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Stripping breaks the program
|
|
||||||
dontStrip = true;
|
|
||||||
|
|
||||||
nativeBuildInputs = [ gnutar autoPatchelfHook ];
|
|
||||||
|
|
||||||
buildInputs = [ glibc gtk2 xorg.libSM libgudev ];
|
|
||||||
|
|
||||||
unpackPhase = ''
|
|
||||||
tar xfz $src
|
|
||||||
'';
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
install -m755 -D VueScan/vuescan $out/bin/vuescan
|
|
||||||
|
|
||||||
mkdir -p $out/share/icons/hicolor/scalable/apps/
|
|
||||||
cp VueScan/vuescan.svg $out/share/icons/hicolor/scalable/apps/vuescan.svg
|
|
||||||
|
|
||||||
mkdir -p $out/lib/udev/rules.d/
|
|
||||||
cp VueScan/vuescan.rul $out/lib/udev/rules.d/60-vuescan.rules
|
|
||||||
|
|
||||||
mkdir -p $out/share/applications/
|
|
||||||
ln -s ${desktopItem}/share/applications/* $out/share/applications
|
|
||||||
'';
|
|
||||||
}
|
|
55
nixos/wireguard.nix
Normal file
|
@ -0,0 +1,55 @@
|
||||||
|
{
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.pim.wireguard;
|
||||||
|
in {
|
||||||
|
options.pim.wireguard.enable = lib.mkEnableOption "wireguard";
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
networking = {
|
||||||
|
useDHCP = lib.mkDefault true;
|
||||||
|
networkmanager.unmanaged = ["tailscale0"];
|
||||||
|
|
||||||
|
wg-quick.interfaces = {
|
||||||
|
home = {
|
||||||
|
privateKeyFile = config.sops.secrets."wireguard/home/privateKey".path;
|
||||||
|
address = ["10.225.191.4/24"];
|
||||||
|
dns = ["192.168.30.131"];
|
||||||
|
autostart = false;
|
||||||
|
mtu = 1412;
|
||||||
|
peers = [
|
||||||
|
{
|
||||||
|
presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path;
|
||||||
|
endpoint = "wg.kun.is:51820";
|
||||||
|
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
|
||||||
|
allowedIPs = ["0.0.0.0/0"];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
home-no-pihole = {
|
||||||
|
privateKeyFile = config.sops.secrets."wireguard/home/privateKey".path;
|
||||||
|
address = ["10.225.191.4/24"];
|
||||||
|
dns = ["192.168.10.1"];
|
||||||
|
autostart = false;
|
||||||
|
mtu = 1412;
|
||||||
|
peers = [
|
||||||
|
{
|
||||||
|
presharedKeyFile = config.sops.secrets."wireguard/home/presharedKey".path;
|
||||||
|
endpoint = "wg.kun.is:51820";
|
||||||
|
publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
|
||||||
|
allowedIPs = ["0.0.0.0/0"];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
sops.secrets = {
|
||||||
|
"wireguard/home/presharedKey" = {};
|
||||||
|
"wireguard/home/privateKey" = {};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
13
packages.nix
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
{
|
||||||
|
nixpkgs,
|
||||||
|
flake-utils,
|
||||||
|
treefmt-nix,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
flake-utils.lib.eachDefaultSystem (system: let
|
||||||
|
pkgs = nixpkgs.legacyPackages.${system};
|
||||||
|
treefmtEval = treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
|
||||||
|
treefmtWrapper = treefmtEval.config.build.wrapper;
|
||||||
|
in {
|
||||||
|
packages.formatter = treefmtWrapper;
|
||||||
|
})
|
|
@ -1,3 +0,0 @@
|
||||||
```bash
|
|
||||||
nix run github:ryantm/agenix# -- -e secret1.age
|
|
||||||
```
|
|
|
@ -1,12 +0,0 @@
|
||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 LAPUww i6BkkMy9gSSVZ+L+EMYSLakp1qA4yOGbEkLrO4Ddbxs
|
|
||||||
FsoRnCiPsJEKQj+2iJaqn+BbU+bFMAkReRotiV+0WCs
|
|
||||||
-> ssh-ed25519 vBZj5g +6YFp3yYXSEzRMXu7WyURkJk/cA87irnW5FpKRYnGSA
|
|
||||||
dJkMmnxyVEv/S9FmCrRkrYDCh+OwXK+UYno3ncr5nOk
|
|
||||||
-> 6gQa-grease Yt+ucm#U |<d\`t
|
|
||||||
SxpuSh2ee/jDNu7mXcn82fTt6/wy7ksA+W1xHQHiShJGvyyr6dTIPEk0qY1oqIPt
|
|
||||||
HkQNvNYLpMwpAqSTvmcmybps4CoWt0x6GJ0aBPOlYEIuwHnJ5Pkvnf4U9wPuwr6Y
|
|
||||||
zQ
|
|
||||||
--- hHweNMiKEIEw/TwSGhElfRiQYqLtmhwylkMWvfthyGY
|
|
||||||
?×%Ö¿H¹§G¤/Pì#’
|
|
||||||
ÚŠÐÛäF±QÙç„lRÊDcNÖЉ
ç$Hs©ŠTæžø<C5BE>C¹ÊÁÏqVf¤àˆÝkëã•ø<E280A2>ï¡×OŒÞÛµæE•êgißžXŒ§sá”)gO¢.·]·æÐCJcè<63>E^EŸq:<3A>qß&™E™#¾ArĪə€ñì
|
|
24
secrets/pim.yaml
Normal file
|
@ -1,11 +0,0 @@
|
||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 LAPUww NnvaPUzk3WjwC3nu7T47DXtNqDuysbgAccdF1kWO5yQ
|
|
||||||
XYX2GfZSHrnhoKutbqVxB9zghbl1kZDyOTphUXvt8oQ
|
|
||||||
-> ssh-ed25519 vBZj5g mpi+OE3ST+mP05IKimQrwOZxOaDgeUUoKujOOSXEljQ
|
|
||||||
kwHkJu14Xpqgd4POeuLLcbech+Kh2XSfBed3M1Cu8DA
|
|
||||||
-> =6-grease C`Yq5 Y2 4
|
|
||||||
8sgSLLYCXkFRy0SFfNH0fhb14HonKVpVfkc1rc7sC7bXVXi8FGri/d/AW42G2J9m
|
|
||||||
W/FfhKnGBAOj1cA/wPw4cqCcQKbux78C7BdN6EfrF+ddzF+n98EwtBJ/cjzRky+A
|
|
||||||
FJJY
|
|
||||||
--- sytjLDBFLb2VqtF3LSiSS1Nxb56oNtx2AGzhYCPItW8
|
|
||||||
.ÚËr-Ò†±–åØè/BD$Õ¬F³Ðó¡FÜЙó‰SÅÙ/MœÎËâò ª¸òi/<2F># ‹šÙqžï%u7ÍŸ6ƒör…W ¸öe?…ƒÉ…i,·ÐÑä[ÁY¤9ÙÿÀÁ
|
|
|
@ -1,23 +0,0 @@
|
||||||
let
|
|
||||||
pkgs = import <nixpkgs> { };
|
|
||||||
publicKeysURL =
|
|
||||||
"https://git.kun.is/pim.keys"; # https://github.com/pizzapim.keys
|
|
||||||
publicKeysFile = builtins.fetchurl { url = publicKeysURL; };
|
|
||||||
publicKeys = pkgs.lib.strings.splitString "\n"
|
|
||||||
(pkgs.lib.strings.fileContents publicKeysFile);
|
|
||||||
in
|
|
||||||
{
|
|
||||||
"wg-quick-home-privkey.age".publicKeys = publicKeys;
|
|
||||||
"wg-quick-home-preshared-key.age".publicKeys = publicKeys;
|
|
||||||
"sue_ed25519.age".publicKeys = publicKeys;
|
|
||||||
"sue_azure_rsa.age".publicKeys = publicKeys;
|
|
||||||
"syncthing-key.pem.age".publicKeys = publicKeys;
|
|
||||||
"syncthing-cert.pem.age".publicKeys = publicKeys;
|
|
||||||
"common-pg-tfbackend.age".publicKeys = publicKeys;
|
|
||||||
"ansible-vault-secret.age".publicKeys = publicKeys;
|
|
||||||
"powerdns-api-key.json.age".publicKeys = publicKeys;
|
|
||||||
"keepassxc.ini.age".publicKeys =
|
|
||||||
publicKeys; # Secret agent causes private keys in config file.
|
|
||||||
"postgresql_client.key.age".publicKeys = publicKeys;
|
|
||||||
"k3s-pim-privkey.age".publicKeys = publicKeys;
|
|
||||||
}
|
|
25
secrets/secrets.yaml
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
testje: ENC[AES256_GCM,data:kMnaocttth1O6g==,iv:mV9gEMdomVhmOTBUWIFz3o23TBb7DLM2rXI/Tb81bSg=,tag:qj6TlvW5sY6Ek9M0GIqB3A==,type:str]
|
||||||
|
wireguard:
|
||||||
|
home:
|
||||||
|
presharedKey: ENC[AES256_GCM,data:H+oCRsg2ikN9KyVacEFasYmx5XE1zrnjBthkL5OitOXHTr4Ls0zwoF5StXs=,iv:N63wO4TKagbweStqf7wL3YZ0njxDNvrISErPao5wf7o=,tag:67kZcNaCzv3RI41XmA+UFQ==,type:str]
|
||||||
|
privateKey: ENC[AES256_GCM,data:WcPVrLiy2JJvzIh7sUpHMnt1MNx5rw5bI+xGmkitC9nEiNytMG71wmlC4d0=,iv:sl8gZgCzaW10UH0GLycvQVHqBlDVq7BUgoIEl41lc20=,tag:7oLlVjulxuEsW+pS8sZ+Ew==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWL1dlTjFNTXRPd0ppbE1i
|
||||||
|
THlsMzB1K041eUdTemRseGk5dkVwUDk2TFIwCnR1WE9iYXhHWHprZCtlSFExakhs
|
||||||
|
R0FtcEc0VTJ4WFBORFluYTdBTFh1NzAKLS0tIGtrYkVPSEVXV1dnb1J4V1pkQktW
|
||||||
|
VjNXUkpmVmxyNDNsT0ZjQjhOYklEbW8KV86AD+8QE14BZxWb7TVolwlcy1eFKxks
|
||||||
|
rOpqcXBqtUPaBC10IhVV434DGFIZMtRuYEQ4G/sdCsc3qiNxO3Cl4A==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-06-15T14:04:18Z"
|
||||||
|
mac: ENC[AES256_GCM,data:6YKdfUk4ltXQ6U7FHs9ehGDUVzfZo1cKnSJMp+zYBEBnhmz7LdCBZycBpJ9syJn4WW1jZ8Bz7+lIxDsXm35AhjI+Mia20BqcWotcCaoHUslK+QV/YRIw8wxP7pvOKNeTa9UMhrcpXBVJxdQvKEBZPWziD4Xk3RGomvGEjB3xXKY=,iv:Tvgo/tlxnNk31C/cqCAKIGRdYEug9DdqeIUdJgQj4yE=,tag:z/tWTyiYmUmc2zVc3mQq0Q==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.8.1
|
|
@ -1,12 +0,0 @@
|
||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 LAPUww 0YS+10yTGhQwLKj5SZkyHLAOMHScnEXuW8H1LJSJJl8
|
|
||||||
fYIEukt41D5s417B6EcCj5DP0JCcqDKIzdUqGeNLguQ
|
|
||||||
-> ssh-ed25519 vBZj5g ufNv/vQfhTj203S9NhLoTs3AK3v1MQC73oPLhj7TJQ8
|
|
||||||
/ExO1bN02B6uJoWiVQDqRQ6yMd4o3qR3sUpN9OHEW50
|
|
||||||
-> 9f-grease p
|
|
||||||
6eUQ4dl855OIlCfN61wQ/7n8
|
|
||||||
--- WTuEDM+CWDqaep0MlbCL1QXXzDumVR4WCXhyA3b7zm8
|
|
||||||
Û,”ùQÎófç¥w—‹>Óœ×ÿ¿g7QÂå×Ú¤2*ð<>„ù0.Ž3zy‹•DØ#ö1ö<31>4™¹ÀE$Nw7îqAÊp¹&g;„®
|
|
||||||
¢VÊ\oø_^èW¼<>-WÞ‚(k\¬ÝRµb£{h<*ìèÒçظ¤11gKÏâk<C3A2>U,Ñ$>p®zoÑlÏ5\dSÌ4OOû\¯+yÿúà(–Ä×Çå+»ñëÿçbãj¼Eº)}ì$ÒŽ¬T?»
|
|
||||||
ÿ%;Ž¿QFiçº4ŽJH®Ÿå<C2AD>™6‹AúSâÑÜЉãˆ<C3A3>k˜Z²?ܸ”MY26ËhÊ]e”µ(¤a¤&[‘ͳ°0‡juSóXKúNd>,Ûçv®ÔŠ¬
|
|
||||||
ѳF¾/BnùšgæO©m}~¦‡z™‚i‰Üx£GàÈöb
|
|
|
@ -1,9 +0,0 @@
|
||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 LAPUww Wlatyvlg6jc+ISAQu1QEA62IUeWnriQJg+ChseMcyFI
|
|
||||||
tRhEc/mkG7FFZO2G5A+0NNCj693Q3dbDhMOBxKmCBjw
|
|
||||||
-> ssh-ed25519 vBZj5g HdeqB71NJkEFgXb0LPefYl+kwQNUYJQAHBEDxKdPqxk
|
|
||||||
6mUCxbBT6PpAf0BwTD6Tv7pDZzWmHxBWw+/IbgLXQZA
|
|
||||||
-> N-grease
|
|
||||||
OKOvPc2zAXju6FzjNzuCZiF9pN2hmmxMMRWxZwXar8MR
|
|
||||||
--- QR9PJv7R2ASeHrsBO7SuZzAB9s5fD0jT/qEFuJx8CNg
|
|
||||||
Š·_AéZñRIWnO†¢'j—̤,ÄØÃ#†ò™ZPjJ©è&Zô˜ôÎÃ…›ÿ°ë…{ÕW…ðÚ˜,°×w›Þˆ %Ó±‰%
|
|
|
@ -1,10 +0,0 @@
|
||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 LAPUww ST/R4vPro6VMrJgRJqMIYkhaQJ0EV0ss/yX94BAxSWE
|
|
||||||
VIWQpIuuf0OS4z1D1QsFRvvWrmbo6LJEdPJ7jmbhv+w
|
|
||||||
-> ssh-ed25519 vBZj5g GAlVKDrXvlR7FqID4Rbpb64QChS8rwUCyJdxg2PXSw0
|
|
||||||
cS8pDXkYvvFsiTt0i6s5r/7cxbf5IcjiNQWQAcgoXFg
|
|
||||||
-> w-grease s,fAjpd YvL[bWVw $h4j|^ >JU
|
|
||||||
EO9ZKdn19mADx6rwhpKftX/QxZ4yNlXgZttyn0rBpSZuVfX8Oj430VppAZ5RYwn9
|
|
||||||
zHqBvBs6VEYUt4jOWOGl/idBNg
|
|
||||||
--- OnaKsFMYoiOP1T2o4GIgME6KQqWqwIQM9WADk28E9qA
|
|
||||||
<<16>˜±n-ã¸þ”iìÙ÷bÖRä¿·â;¢©Ö)¸“[G[Õ–„·FÔX°ä<C2B0>?Hne•®ò&’n¸m#œ$}”¸e]Õ-6ᢾx„
|
|
3
switch
|
@ -1,3 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
sudo nixos-rebuild switch --flake ./#pim
|
|
5
treefmt.nix
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
{...}: {
|
||||||
|
projectRootFile = "flake.nix";
|
||||||
|
programs.alejandra.enable = true;
|
||||||
|
programs.jsonfmt.enable = true;
|
||||||
|
}
|
After Width: | Height: | Size: 1.2 MiB |
After Width: | Height: | Size: 1.1 MiB |
After Width: | Height: | Size: 486 KiB |
After Width: | Height: | Size: 10 MiB |
After Width: | Height: | Size: 2.7 MiB |
After Width: | Height: | Size: 2.5 MiB |
After Width: | Height: | Size: 3.2 MiB |
After Width: | Height: | Size: 2.9 MiB |
After Width: | Height: | Size: 2.7 MiB |
After Width: | Height: | Size: 2.9 MiB |
After Width: | Height: | Size: 3 MiB |
After Width: | Height: | Size: 2.6 MiB |
After Width: | Height: | Size: 2.8 MiB |
After Width: | Height: | Size: 2.6 MiB |
After Width: | Height: | Size: 2.9 MiB |
After Width: | Height: | Size: 2.6 MiB |
After Width: | Height: | Size: 2.7 MiB |
After Width: | Height: | Size: 2.8 MiB |
After Width: | Height: | Size: 3.1 MiB |
After Width: | Height: | Size: 3 MiB |
After Width: | Height: | Size: 2.9 MiB |
After Width: | Height: | Size: 2.9 MiB |