karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: karaolidis:34034a3550c6ece1bea0e3ee2c05371e7e6baaec
Branches Tags
karaolidis:main karaolidis:wireguard karaolidis:kubernetes
..
compare: karaolidis:main
Branches Tags
karaolidis:main karaolidis:wireguard karaolidis:kubernetes

35 Commits
34034a3550 ... main

Author SHA1 Message Date
Nikolaos Karaolidis
4f3bf154c0 Fix substituter settings 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-05 12:31:41 +01:00
Nikolaos Karaolidis
6ac95006cf Remove sish idle timeout 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-05 10:21:32 +00:00
Nikolaos Karaolidis
987ecc4935 Fix duplicate trusted nix user 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-05 10:19:43 +00:00
Nikolaos Karaolidis
0ceab452be Add attic 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-03 15:03:30 +01:00
Nikolaos Karaolidis
dd34a05ee8 Silence uwsm 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-03 10:49:17 +00:00
Nikolaos Karaolidis
35b9dd0cfc Remove elara sudo password 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-03 10:49:05 +00:00
Nikolaos Karaolidis
cf0d77b4d9 Update nvf 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-03 07:53:08 +00:00
Nikolaos Karaolidis
20b38b0467 Add sish tcp forwarding 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-01 16:33:35 +01:00
Nikolaos Karaolidis
f7112f73d7 Fix installer completions 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-01 14:37:59 +01:00
Nikolaos Karaolidis
8975de670a Update elara, jupiter 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-01 14:21:21 +01:00
Nikolaos Karaolidis
77baa2640f Add git host cli tools 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-01 12:55:05 +01:00
Nikolaos Karaolidis
8a21f9bbc7 Fix pinentry 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-31 18:16:41 +03:00
Nikolaos Karaolidis
02fce06e94 Update 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-31 13:06:33 +03:00
Nikolaos Karaolidis
10ae9082ba Add nvf persistence 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-29 14:00:43 +00:00
Nikolaos Karaolidis
85a62a84da Add hyprsunset 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-29 13:54:28 +00:00
Nikolaos Karaolidis
6883541678 Update gpg pinentry 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-29 13:54:07 +00:00
Nikolaos Karaolidis
2292c5663c Update nvf 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-29 13:32:11 +00:00
Nikolaos Karaolidis
56b53752bd Disable toggleterm winbar 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-28 12:58:48 +00:00
Nikolaos Karaolidis
ac06ba4fc6 Disable kitty window management 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-28 11:38:48 +00:00
Nikolaos Karaolidis
332b981f9b Fix neovim wsl 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-28 11:38:30 +00:00
Nikolaos Karaolidis
0ffc3e6df2 Update nvf 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-28 10:00:19 +00:00
Nikolaos Karaolidis
641d97f793 Add nvf 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-27 10:29:05 +00:00
Nikolaos Karaolidis
afe0298b1c Add zellij 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-26 11:41:55 +00:00
Nikolaos Karaolidis
deb460989e Update nixos-wsl 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-26 07:11:49 +00:00
Nikolaos Karaolidis
26fb9785b8 Update gitmodules 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-23 11:45:18 +03:00
Nikolaos Karaolidis
1877efac1d Add some GUI tools on elara 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-20 14:45:53 +00:00
Nikolaos Karaolidis
a3f6127cf8 Add cgroup v2 note 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-19 11:08:41 +00:00
Nikolaos Karaolidis
af53af5630 Let's hope WSL is not against company policy 
If you are looking at this, you know who you are

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-19 11:00:12 +00:00
Nikolaos Karaolidis
cd4976e22d Disable hyprland animations on elara 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-18 21:14:01 +03:00
Nikolaos Karaolidis
1550d6cdd4 Remove personal obsidian vault from elara 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-18 14:03:34 -04:00
Nikolaos Karaolidis
334778287d Update elara drive 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-18 13:46:02 -04:00
Nikolaos Karaolidis
dedbe814d5 Add hyper-v modules to installer 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-18 13:35:08 -04:00
Nikolaos Karaolidis
9b9c38c265 Update install script 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-18 13:32:46 -04:00
Nikolaos Karaolidis
fd78a2b3a2 Virtualize elara 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-18 13:07:20 -04:00
Nikolaos Karaolidis
063d3e57b3 Update sas flake 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-18 12:15:02 +03:00
106 changed files with 26738 additions and 857 deletions
Expand all files Collapse all files

2
.gitmodules vendored
View File

@@ -4,6 +4,6 @@
[submodule "sas"]
path = submodules/sas
url = git@karaolidis.com:karaolidis/nix-sas.git
[submodule "submodules/lib"]
[submodule "lib"]
path = submodules/lib
url = git@karaolidis.com:karaolidis/nix-lib.git

11
README.md
View File

@@ -20,11 +20,12 @@ NixOS dotfiles and configuration for various hosts and users.
- [`packages/`](./packages/): Custom packages.
- [`scripts/`](./lib/scripts): Utility scripts for managing the repository.
- [`add-host.sh`](./lib/scripts/add-host.sh): Instantiate the keys for a new host configuration.
- [`remove-host.sh`](./lib/scripts/remove-host.sh): Remove references to a host.
- [`update-keys.sh`](./lib/scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations.
- [`update.sh`](./lib/scripts/update.sh): Update flake and all packages.
- [`scripts/`](./scripts): Utility scripts for managing the repository.
- [`add-host.sh`](./scripts/add-host.sh): Instantiate the keys for a new host configuration.
- [`remove-host.sh`](./scripts/remove-host.sh): Remove references to a host.
- [`update-keys.sh`](./scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations.
- [`update.sh`](./scripts/update.sh): Update flake and all packages.
- [`cache.sh`](./scripts/cache.sh): Build all `nixosConfiguration`s and push them to `attic`.
Any `options.nix` files create custom option definitions when present.

158
flake.lock generated
View File

@@ -10,11 +10,11 @@
]
},
"locked": {
"lastModified": 1754932414,
"narHash": "sha256-V8c+68Axn5AGDCaG9Zv+EqNU4D6xWPHNXLIapq6AGiM=",
"lastModified": 1756487002,
"narHash": "sha256-hN9RfNXy53qAkT68T+IYZpl68uE1uPOVMkw0MqC43KA=",
"owner": "aylur",
"repo": "ags",
"rev": "9e6912b51d7bc58f35d10b11be1a126b926b56d3",
"rev": "8ff792dba6cc82eed10e760f551075564dd0a407",
"type": "github"
},
"original": {
@@ -30,11 +30,11 @@
]
},
"locked": {
"lastModified": 1754893912,
"narHash": "sha256-kzU/3A4k+d3PsgMLohzSh4KJybTqvzqibUVqV2yXCGY=",
"lastModified": 1756474652,
"narHash": "sha256-iiBU6itpEqE0spXeNJ3uJTfioSyKYjt5bNepykpDXTE=",
"owner": "aylur",
"repo": "astal",
"rev": "5d4eef66392b0dff99a63a4f39ff886624bd69dd",
"rev": "20bd8318e4136fbd3d4eb2d64dbabc3acbc915dd",
"type": "github"
},
"original": {
@@ -80,19 +80,17 @@
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"revCount": 69,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
"type": "tarball",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
}
},
"flake-input-patcher": {
@@ -185,11 +183,11 @@
]
},
"locked": {
"lastModified": 1755442500,
"narHash": "sha256-RHK4H6SWzkAtW/5WBHsyugaXJX25yr5y7FAZznxcBJs=",
"lastModified": 1756579987,
"narHash": "sha256-duCce8zGsaMsrqqOmLOsuaV1PVIw/vXWnKuLKZClsGg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "d2ffdedfc39c591367b1ddf22b4ce107f029dcc3",
"rev": "99a69bdf8a3c6bf038c4121e9c4b6e99706a187a",
"type": "github"
},
"original": {
@@ -201,7 +199,9 @@
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-compat": [
"flake-compat"
],
"flake-parts": [
"flake-parts"
],
@@ -248,13 +248,52 @@
"url": "https://git.karaolidis.com/karaolidis/nix-lib.git"
}
},
"mnw": {
"locked": {
"lastModified": 1748710831,
"narHash": "sha256-eZu2yH3Y2eA9DD3naKWy/sTxYS5rPK2hO7vj8tvUCSU=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "cff958a4e050f8d917a6ff3a5624bc4681c6187d",
"type": "github"
},
"original": {
"owner": "Gerg-L",
"repo": "mnw",
"type": "github"
}
},
"nixos-wsl": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1755774185,
"narHash": "sha256-XjKqiTA19mkoBkja0VOy90qp2gC1f2fGgsLb9m1lg5Q=",
"owner": "karaolidis",
"repo": "NixOS-WSL",
"rev": "b1f426697f62006b99fac0cc25a106626c78f874",
"type": "github"
},
"original": {
"owner": "karaolidis",
"ref": "extra-files",
"repo": "NixOS-WSL",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1755186698,
"narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=",
"lastModified": 1756542300,
"narHash": "sha256-tlOn88coG5fzdyqz6R93SQL5Gpq+m/DsWpekNFhqPQk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c",
"rev": "d7600c775f877cd87b4f5a831c28aa94137377aa",
"type": "github"
},
"original": {
@@ -289,11 +328,11 @@
]
},
"locked": {
"lastModified": 1755452770,
"narHash": "sha256-oc8xrqvVIoDxbfTlbkE1XQ7O88TgNZn5FOZKLiuIEmg=",
"lastModified": 1756630008,
"narHash": "sha256-weZiVKbiWQzTifm6qCxzhxghEu5mbh9mWNUdkzOLCR0=",
"owner": "nix-community",
"repo": "NUR",
"rev": "eab62298402c7cdfdefda647a4046befa3a84051",
"rev": "f6a5a7b60dd6065e78ef06390767e689ffa3c23f",
"type": "github"
},
"original": {
@@ -302,6 +341,36 @@
"type": "github"
}
},
"nvf": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"flake-parts": [
"flake-parts"
],
"mnw": "mnw",
"nixpkgs": [
"nixpkgs"
],
"systems": [
"systems"
]
},
"locked": {
"lastModified": 1755463179,
"narHash": "sha256-5Ggb1Mhf7ZlRgGi2puCa2PvWs6KbMnWBlW6KW7Vf79Y=",
"owner": "NotAShelf",
"repo": "nvf",
"rev": "03833118267ad32226b014b360692bdce9d6e082",
"type": "github"
},
"original": {
"owner": "NotAShelf",
"repo": "nvf",
"type": "github"
}
},
"nvidia-patch": {
"inputs": {
"nixpkgs": [
@@ -312,11 +381,11 @@
]
},
"locked": {
"lastModified": 1755069017,
"narHash": "sha256-cTD5WfZRK2mwrSktlYcrk6DOEEkQbE1z78O16TF293c=",
"lastModified": 1756052001,
"narHash": "sha256-dlLqyHxqiFAoIwshKe9X3PzXcJ+up88Qb2JVQswFaNE=",
"owner": "icewind1991",
"repo": "nvidia-patch-nixos",
"rev": "d187885c14bdd8520d40f527134d536168f8d92b",
"rev": "780af7357d942fad2ddd9f325615a5f6ea7e37ee",
"type": "github"
},
"original": {
@@ -371,14 +440,17 @@
"ags": "ags",
"astal": "astal",
"disko": "disko",
"flake-compat": "flake-compat",
"flake-input-patcher": "flake-input-patcher",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"home-manager": "home-manager",
"lanzaboote": "lanzaboote",
"lib": "lib",
"nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs",
"nur": "nur",
"nvf": "nvf",
"nvidia-patch": "nvidia-patch",
"quadlet-nix": "quadlet-nix",
"sas": "sas",
@@ -423,11 +495,11 @@
]
},
"locked": {
"lastModified": 1755506147,
"narHash": "sha256-B4e60+9j1cMEhAjpvgcNSSJbzPe2CUpAo2av15xd/0M=",
"lastModified": 1755532656,
"narHash": "sha256-xYb5dJej3emyr4oWWAhkMP8rPc3kdVOXGZcIbAx1Y/I=",
"ref": "refs/heads/main",
"rev": "ebe2f986fc82df849d879f5b0af403c78ead2002",
"revCount": 10,
"rev": "b01f3f8456903cb1bde9637cc23b456b47354138",
"revCount": 11,
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git"
},
@@ -439,11 +511,11 @@
"secrets": {
"flake": false,
"locked": {
"lastModified": 1755454846,
"narHash": "sha256-tbI+AcQGvtucMKKr+VHM53ZI6upPBjD9kR5PCyF4K60=",
"lastModified": 1756900832,
"narHash": "sha256-sMne4dvYzcdbDVcMPY6NLVHiZbgjtDrxttKG0Vig8WQ=",
"ref": "refs/heads/main",
"rev": "c1a835c4f9ba9915671c79b3241f4d4863f11323",
"revCount": 33,
"rev": "adac63f6daffb4e14ce0fb94e93eb987e2460064",
"revCount": 38,
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git"
},
@@ -482,11 +554,11 @@
]
},
"locked": {
"lastModified": 1755405549,
"narHash": "sha256-0vJD6WhL1jfXbnpH6r8yr1RgzB8mGFWIWokKHaJMJ/4=",
"lastModified": 1756614537,
"narHash": "sha256-qyszmZO9CEKAlj5NBQo1AIIADm5Fgqs5ZggW1sU1TVo=",
"owner": "Gerg-L",
"repo": "spicetify-nix",
"rev": "df1f5d4c0633040937358755defff9f07e9c0a73",
"rev": "374eb5d97092b97f7aaafd58a2012943b388c0df",
"type": "github"
},
"original": {
@@ -517,11 +589,11 @@
]
},
"locked": {
"lastModified": 1754847726,
"narHash": "sha256-2vX8QjO5lRsDbNYvN9hVHXLU6oMl+V/PsmIiJREG4rE=",
"lastModified": 1755934250,
"narHash": "sha256-CsDojnMgYsfshQw3t4zjRUkmMmUdZGthl16bXVWgRYU=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "7d81f6fb2e19bf84f1c65135d1060d829fae2408",
"rev": "74e1a52d5bd9430312f8d1b8b0354c92c17453e5",
"type": "github"
},
"original": {

114
flake.nix
View File

@@ -1,5 +1,6 @@
{
inputs = {
# Configuration
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = {
@@ -7,49 +8,7 @@
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko/latest";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
lanzaboote = {
url = "github:nix-community/lanzaboote";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-parts.follows = "flake-parts";
};
};
# FIXME: https://github.com/NixOS/nix/issues/12281
lib = {
url = "git+https://git.karaolidis.com/karaolidis/nix-lib.git";
inputs = {
nixpkgs.follows = "nixpkgs";
treefmt-nix.follows = "treefmt-nix";
};
};
# FIXME: https://github.com/NixOS/nix/issues/12281
sas = {
url = "git+ssh://git@karaolidis.com/karaolidis/nix-sas.git";
inputs = {
nixpkgs.follows = "nixpkgs";
lib.follows = "lib";
treefmt-nix.follows = "treefmt-nix";
};
};
# FIXME: https://github.com/NixOS/nix/issues/12281
secrets = {
url = "git+ssh://git@karaolidis.com/karaolidis/nix-secrets.git";
flake = false;
};
# Packages
nur = {
url = "github:nix-community/NUR";
inputs = {
@@ -58,6 +17,12 @@
};
};
# DevOps
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
treefmt-nix = {
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
@@ -71,6 +36,66 @@
};
};
# Personal
lib = {
# FIXME: https://github.com/NixOS/nix/issues/12281
url = "git+https://git.karaolidis.com/karaolidis/nix-lib.git";
inputs = {
nixpkgs.follows = "nixpkgs";
treefmt-nix.follows = "treefmt-nix";
};
};
sas = {
# FIXME: https://github.com/NixOS/nix/issues/12281
url = "git+ssh://git@karaolidis.com/karaolidis/nix-sas.git";
inputs = {
nixpkgs.follows = "nixpkgs";
lib.follows = "lib";
treefmt-nix.follows = "treefmt-nix";
};
};
secrets = {
# FIXME: https://github.com/NixOS/nix/issues/12281
url = "git+ssh://git@karaolidis.com/karaolidis/nix-secrets.git";
flake = false;
};
# Hardware
disko = {
url = "github:nix-community/disko/latest";
inputs.nixpkgs.follows = "nixpkgs";
};
lanzaboote = {
url = "github:nix-community/lanzaboote";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
flake-parts.follows = "flake-parts";
};
};
nixos-wsl = {
url = "github:karaolidis/NixOS-WSL/extra-files";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
};
};
# Applications
nvf = {
url = "github:NotAShelf/nvf";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
flake-parts.follows = "flake-parts";
systems.follows = "systems";
};
};
quadlet-nix.url = "github:SEIAROTg/quadlet-nix";
nvidia-patch = {
@@ -102,6 +127,7 @@
};
};
# Transitive Dependencies
systems.url = "github:nix-systems/default";
flake-parts.url = "github:hercules-ci/flake-parts";
@@ -110,6 +136,8 @@
url = "github:numtide/flake-utils";
inputs.systems.follows = "systems";
};
flake-compat.url = "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz";
};
outputs =

5
hosts/common/configs/system/cloudflared/default.nix
View File

@@ -1,5 +0,0 @@
{ ... }:
{
# https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-local-tunnel/
services.cloudflared.enable = true;
}

22
hosts/common/configs/system/dnsmasq/default.nix
View File

@@ -1,22 +0,0 @@
{ lib, pkgs, ... }:
{
networking.networkmanager.dns = "dnsmasq";
environment.etc."NetworkManager/dnsmasq.d/10-bind-interfaces.conf".source =
(pkgs.formats.keyValue {
mkKeyValue =
name: value:
if value == true then
name
else if value == false then
""
else
lib.generators.mkKeyValueDefault { } "=" name value;
listsAsDuplicateKeys = true;
}).generate
"10-bind-interfaces.conf"
{
bind-interfaces = true;
listen-address = [ "127.0.0.1" ];
};
}

4
hosts/common/configs/system/gpg-agent/default.nix
View File

@@ -1,4 +0,0 @@
{ ... }:
{
programs.gnupg.agent.enable = true;
}

7
hosts/common/configs/system/libvirt/default.nix
View File

@@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, pkgs, ... }:
{
virtualisation = {
libvirtd = {

4
hosts/common/configs/system/nix-install/install.completion.zsh
View File

@@ -18,8 +18,8 @@ _nix-install_completion() {
_list_keys() {
local flake="$(realpath ${words[2]})"
if [[ -d "$flake/secrets" ]]; then
find "$flake/secrets" -type f -name 'key.txt' | sed -E 's|^.*/secrets/([^/]+)/key.txt$|\1|' | sort -u
if [[ -d "$flake/submodules/secrets/domains" ]]; then
find "$flake/submodules/secrets/domains" -type f -name 'key.txt' | sed -E 's|^.*/submodules/secrets/domains/([^/]+)/key.txt$|\1|' | sort -u
fi
}

26
hosts/common/configs/system/nix-install/install.sh
View File

@@ -43,17 +43,17 @@ check_host() {
}
check_key() {
if [[ -n "$key" ]] && [[ ! -f "$flake/secrets/$key/key.txt" ]]; then
if [[ -n "$key" ]] && [[ ! -f "$flake/submodules/secrets/domains/$key/key.txt" ]]; then
echo "Key '$key' not found."
exit 1
fi
}
set_password_file() {
SOPS_AGE_KEY_FILE="$flake/secrets/$key/key.txt"
SOPS_AGE_KEY_FILE="$flake/submodules/secrets/domains/$key/key.txt"
export SOPS_AGE_KEY_FILE
install -m 600 /dev/null /tmp/keyfile
sops --decrypt --extract "['luks']" "$flake/secrets/hosts/$host/secrets.yaml" > /tmp/keyfile
sops --decrypt --extract "['luks']" "$flake/submodules/secrets/hosts/$host/secrets.yaml" > /tmp/keyfile
unset SOPS_AGE_KEY_FILE
}
@@ -66,7 +66,7 @@ prepare_disk() {
copy_sops_keys() {
mkdir -p "$root/persist/state/etc/ssh"
cp -f "$flake/secrets/hosts/$host/ssh_host_ed25519_key" "$root/persist/state/etc/ssh/ssh_host_ed25519_key"
cp -f "$flake/submodules/secrets/hosts/$host/ssh_host_ed25519_key" "$root/persist/state/etc/ssh/ssh_host_ed25519_key"
for path in "$flake/hosts/$host/users"/*; do
if [[ -z "$key" ]]; then
@@ -77,7 +77,7 @@ copy_sops_keys() {
user=$(basename "$path")
mkdir -p "$root/persist/state/home/$user/.config/sops-nix"
cp -f "$flake/secrets/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt"
cp -f "$flake/submodules/secrets/domains/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt"
owner=$(cat "$flake/hosts/$host/users/$user/uid")
group=100
@@ -92,16 +92,16 @@ copy_sops_keys() {
copy_secure_boot_keys() {
mkdir -p "$root/persist/state/var/lib/sbctl/keys"/{db,KEK,PK}
SOPS_AGE_KEY_FILE="$flake/secrets/$key/key.txt"
SOPS_AGE_KEY_FILE="$flake/submodules/secrets/domains/$key/key.txt"
export SOPS_AGE_KEY_FILE
sops --decrypt --extract "['guid']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/GUID"
sops --decrypt --extract "['keys']['kek']['key']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.key"
sops --decrypt --extract "['keys']['kek']['pem']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.pem"
sops --decrypt --extract "['keys']['pk']['key']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.key"
sops --decrypt --extract "['keys']['pk']['pem']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.pem"
sops --decrypt --extract "['keys']['db']['key']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.key"
sops --decrypt --extract "['keys']['db']['pem']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.pem"
sops --decrypt --extract "['guid']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/GUID"
sops --decrypt --extract "['keys']['kek']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.key"
sops --decrypt --extract "['keys']['kek']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.pem"
sops --decrypt --extract "['keys']['pk']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.key"
sops --decrypt --extract "['keys']['pk']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.pem"
sops --decrypt --extract "['keys']['db']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.key"
sops --decrypt --extract "['keys']['db']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.pem"
chmod 400 "$root/persist/state/var/lib/sbctl/keys"/*/*

40
hosts/common/configs/system/nix/default.nix
View File

@@ -1,29 +1,51 @@
{ config, inputs, ... }:
{
config,
inputs,
lib,
...
}:
{
sops = {
secrets = {
"git/credentials/github.com/public/username".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/github.com/public/password".sopsFile =
"git/credentials/github.com/tokens/public".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"nix/cache/nix.karaolidis.com".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
};
templates.nix-access-tokens = {
content = ''
access-tokens = github.com=${config.sops.placeholder."git/credentials/github.com/public/password"}
'';
group = "users";
templates = {
nix-access-tokens = {
content = ''
access-tokens = github.com=${config.sops.placeholder."git/credentials/github.com/tokens/public"}
'';
group = "users";
mode = "0440";
};
nix-netrc = {
content = ''
machine nix.karaolidis.com
password ${config.sops.placeholder."nix/cache/nix.karaolidis.com"}
'';
group = "users";
mode = "0440";
};
};
};
nix = {
settings = {
trusted-users = lib.mkAfter [ "@wheel" ];
use-xdg-base-directories = true;
experimental-features = [
"nix-command"
"flakes"
];
download-buffer-size = 524288000;
substituters = lib.mkBefore [ "https://nix.karaolidis.com/main" ];
trusted-substituters = config.nix.settings.substituters;
trusted-public-keys = lib.mkBefore [ "main:nJVRBnv73MDkwuV5sgm52m4E2ImOhWHvY12qzjPegAk=" ];
netrc-file = config.sops.templates.nix-netrc.path;
};
channel.enable = false;

2
hosts/common/configs/system/ssh/default.nix
View File

@@ -12,7 +12,7 @@
jupiter-sish = {
publicKeyFile = "${inputs.secrets}/hosts/jupiter/ssh_sish_ed25519_key.pub";
extraHostNames = [ "karaolidis.com" ];
extraHostNames = [ "tunnel.karaolidis.com" ];
};
jupiter-vps = {

5
hosts/common/configs/system/sshd/default.nix
View File

@@ -1,9 +1,6 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
kitty.terminfo
tmux.terminfo
];
environment.systemPackages = with pkgs; [ kitty.terminfo ];
services.openssh = {
enable = true;

10
hosts/common/configs/system/tmux/default.nix
View File

@@ -1,10 +0,0 @@
{ ... }:
{
programs.tmux = {
enable = true;
clock24 = true;
historyLimit = 10000;
keyMode = "vi";
newSession = true;
};
}

33
hosts/common/configs/user/console/attic/default.nix Normal file
View File

@@ -0,0 +1,33 @@
{ user, home }:
{
config,
inputs,
pkgs,
...
}:
let
hmConfig = config.home-manager.users.${user};
in
{
home-manager.users.${user} = {
sops = {
secrets."nix/cache/nix.karaolidis.com".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
templates."attic" = {
content = builtins.readFile (
(pkgs.formats.toml { }).generate "config.toml" {
default-server = "main";
servers."main" = {
endpoint = "https://nix.karaolidis.com/";
token = hmConfig.sops.placeholder."nix/cache/nix.karaolidis.com";
};
}
);
path = "${home}/.config/attic/config.toml";
};
};
home.packages = with pkgs; [ attic-client ];
};
}

41
hosts/common/configs/user/console/btop/default.nix
View File

@@ -1,17 +1,34 @@
{ user, home }:
{ ... }:
{ lib, pkgs, ... }:
{
home-manager.users.${user}.programs.btop = {
enable = true;
settings = {
theme_background = false;
presets = "";
vim_keys = true;
shown_boxes = "cpu mem net proc gpu0 gpu1";
update_ms = 1000;
proc_tree = true;
cpu_single_graph = true;
disks_filter = "/ /nix /persist";
home-manager.users.${user} = {
programs.btop = {
enable = true;
settings = {
color_theme = "matugen";
theme_background = false;
presets = "";
vim_keys = true;
shown_boxes = "cpu mem net proc gpu0 gpu1";
update_ms = 1000;
proc_tree = true;
cpu_single_graph = true;
disks_filter = "/ /nix /persist";
};
};
theme = {
template.".config/btop/themes/matugen.theme".source = ./theme.theme;
reloadExtraConfig = "${
lib.meta.getExe (
pkgs.writeShellApplication {
name = "reload-btop";
runtimeInputs = with pkgs; [ procps ];
text = "exec pkill btop -SIGUSR2";
}
)
} &";
};
};
}

0
hosts/common/configs/user/gui/btop/theme.theme → hosts/common/configs/user/console/btop/theme.theme
View File

36
hosts/common/configs/user/console/git/default.nix
View File

@@ -41,5 +41,41 @@ in
);
};
};
home = {
packages = with pkgs; [
(pkgs.writeShellApplication {
name = "gh";
runtimeInputs = with pkgs; [ gh ];
text = builtins.readFile ./gh.sh;
})
(pkgs.writeShellApplication {
name = "glab";
runtimeInputs = with pkgs; [ glab ];
text = builtins.readFile ./glab.sh;
})
(pkgs.writeShellApplication {
name = "tea";
runtimeInputs = with pkgs; [ tea ];
text = builtins.readFile ./tea.sh;
})
];
sessionVariables = {
GITEA_HOST = "git.karaolidis.com";
GITEA_SSH_HOST = "karaolidis.com";
};
};
xdg.configFile = {
"gh/config.yml".source = (pkgs.formats.yaml { }).generate "config.yml" {
version = 1;
git_protocol = "ssh";
};
"glab-cli/config.yml".source = (pkgs.formats.yaml { }).generate "config.yml" {
git_protocol = "ssh";
};
};
};
}

8
hosts/common/configs/user/console/git/gh.sh Normal file
View File

@@ -0,0 +1,8 @@
# shellcheck shell=bash
GH_HOST="${GH_HOST:-github.com}"
GH_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GH_HOST}#\1#p" "$HOME/.config/git/credentials")
export GH_TOKEN
exec gh "$@"

8
hosts/common/configs/user/console/git/glab.sh Normal file
View File

@@ -0,0 +1,8 @@
# shellcheck shell=bash
GITLAB_HOST="${GITLAB_HOST:-gitlab.com}"
GITLAB_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GITLAB_HOST}#\1#p" "$HOME/.config/git/credentials")
export GITLAB_TOKEN
exec glab "$@"

13
hosts/common/configs/user/console/git/tea.sh Normal file
View File

@@ -0,0 +1,13 @@
# shellcheck shell=bash
GITEA_HOST="${GITEA_HOST:-gitea.com}"
GITEA_SSH_HOST="${GITEA_SSH_HOST:-gitea.com}"
GITEA_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GITEA_HOST}#\1#p" "$HOME/.config/git/credentials")
GITEA_INSTANCE_URL="https://${GITEA_HOST}"
GITEA_INSTANCE_SSH_HOST="$GITEA_SSH_HOST"
export GITEA_TOKEN
export GITEA_INSTANCE_URL
export GITEA_INSTANCE_SSH_HOST
exec tea "$@"

4
hosts/common/configs/user/console/gpg-agent/default.nix
View File

@@ -20,6 +20,10 @@
enable = true;
defaultCacheTtl = 31536000;
maxCacheTtl = 31536000;
pinentry = {
package = pkgs.pinentry-all;
program = "pinentry-tty";
};
};
systemd.user = {

22
hosts/common/configs/user/console/home-manager/default.nix
View File

@@ -1,5 +1,10 @@
{ user, home }:
{ config, inputs, ... }:
{
config,
inputs,
lib,
...
}:
{
imports = [ inputs.home-manager.nixosModules.default ];
@@ -15,10 +20,17 @@
home.stateVersion = "24.11";
systemd.user.startServices = true;
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nix.settings = {
inherit (config.nix.settings)
use-xdg-base-directories
experimental-features
download-buffer-size
substituters
trusted-substituters
trusted-public-keys
netrc-file
;
};
};
};
}

311
hosts/common/configs/user/console/neovim/default.nix
View File

@@ -1,22 +1,299 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user}.programs = {
neovim = {
enable = true;
defaultEditor = true;
viAlias = true;
vimAlias = true;
vimdiffAlias = true;
extraConfig = ''
set tabstop=2
set shiftwidth=2
set expandtab
set smartindent
set mouse=
'';
};
inputs,
lib,
pkgs,
...
}:
{
environment.persistence = {
"/persist/state"."${home}/.local/share/nvf" = { };
"/persist/cache"."${home}/.cache/nvf" = { };
};
zsh.p10k.extraRightPromptElements = [ "vim_shell" ];
home-manager.users.${user} = {
imports = [ inputs.nvf.homeManagerModules.default ];
programs = {
nvf = {
enable = true;
defaultEditor = true;
settings = {
vim = {
enableLuaLoader = true;
viAlias = true;
vimAlias = true;
autocomplete = {
blink-cmp.enable = true;
};
binds = {
# hardtime-nvim.enable = true;
whichKey.enable = true;
};
clipboard = {
enable = true;
providers.wl-copy.enable = true;
registers = "unnamedplus";
};
comments = {
comment-nvim.enable = true;
};
# dashboard = {
# alpha.enable = true;
# };
filetree = {
neo-tree = {
enable = true;
setupOpts = {
git_status_async = true;
window.mappings = lib.generators.mkLuaInline ''
{
["<space>"] = "noop",
}
'';
};
};
};
# formatter = {
# conform-nvim.enable = true;
# };
git = {
enable = true;
# git-conflict.enable = true;
gitsigns.enable = true;
# neogit.enable = true;
};
languages = {
enableDAP = true;
enableFormat = true;
enableTreesitter = true;
enableExtraDiagnostics = true;
assembly.enable = true;
bash.enable = true;
clang.enable = true;
csharp.enable = true;
css.enable = true;
go.enable = true;
html.enable = true;
java.enable = true;
lua.enable = true;
markdown.enable = true;
nix = {
enable = true;
format.type = "nixfmt";
lsp.options.nil = {
nix = {
maxMemoryMB = null;
flake = {
autoArchive = true;
autoEvalInputs = true;
};
};
};
};
php.enable = true;
python.enable = true;
rust.enable = true;
sql.enable = true;
svelte.enable = true;
ts.enable = true;
yaml.enable = true;
};
lsp = {
enable = true;
formatOnSave = true;
# nvim-docs-view.enable = true;
# otter-nvim.enable = true;
# trouble.enable = true;
};
# minimap = {
# codewindow.enable = true;
# };
notify = {
nvim-notify.enable = true;
};
options = {
tabstop = 2;
shiftwidth = 2;
expandtab = true;
smartindent = true;
};
# projects = {
# project-nvim.enable = true;
# };
searchCase = "smart";
# snippets = {
# luasnip.enable = true;
# };
tabline = {
nvimBufferline = {
enable = true;
mappings.closeCurrent = "<leader>bd";
setupOpts.options = {
indicator.style = "icon";
show_close_icon = false;
show_buffer_close_icons = false;
};
};
};
telescope = {
enable = true;
setupOpts.defaults.file_ignore_patterns = [
"node_modules"
"%.venv/"
"%.git/"
"dist/"
"build/"
"target/"
"result/"
];
};
terminal = {
toggleterm = {
enable = true;
setupOpts.winbar.enabled = false;
};
};
treesitter = {
enable = true;
context.enable = true;
fold = true;
textobjects.enable = true;
};
ui = {
# breadcrumbs = {
# enable = true;
# navbuddy.enable = true;
# };
colorizer.enable = true;
# fastaction.enable = true;
# illuminate.enable = true;
};
undoFile.enable = true;
utility = {
# diffview-nvim.enable = true;
# icon-picker.enable = true;
# images = {
# img-clip.enable = true;
# };
# mkdir.enable = true;
motion = {
precognition.enable = true;
};
# nvim-biscuits.enable = true;
# smart-splits.enable = true;
surround.enable = true;
# undotree.enable = true;
# yazi-nvim.enable = true;
};
visuals = {
# cinnamon-nvim.enable = true;
# fidget-nvim.enable = true;
# highlight-undo.enable = true;
indent-blankline.enable = true;
nvim-cursorline.enable = true;
# nvim-scrollbar.enable = true;
nvim-web-devicons.enable = true;
};
keymaps = [
{
mode = [ "n" ];
key = "<C-b>";
action = "<C-b>zz";
silent = true;
noremap = true;
desc = "Page up and center";
}
{
mode = [ "n" ];
key = "<C-u>";
action = "<C-u>zz";
silent = true;
noremap = true;
desc = "Half-page up and center";
}
{
mode = [ "n" ];
key = "<C-d>";
action = "<C-d>zz";
silent = true;
noremap = true;
desc = "Half-page down and center";
}
{
mode = [ "n" ];
key = "<C-f>";
action = "<C-f>zz";
silent = true;
noremap = true;
desc = "Page down and center";
}
{
mode = [ "n" ];
key = "<leader>ww";
action = "<cmd>w<CR>";
silent = true;
desc = "Save";
}
{
mode = [ "n" ];
key = "<leader>wq";
action = "<cmd>wq<CR>";
silent = true;
desc = "Save & Quit";
}
{
mode = [ "n" ];
key = "<leader>ee";
action = "<cmd>Neotree toggle<CR>";
silent = true;
desc = "Toggle Neo-tree";
}
{
mode = [ "n" ];
key = "<leader>ef";
action = "<cmd>Neotree reveal<CR>";
silent = true;
desc = "Reveal file in Neo-tree";
}
];
};
};
};
zsh = {
p10k.extraRightPromptElements = [ "vim_shell" ];
shellAliases.v = "nvim";
};
};
};
}

20
hosts/common/configs/user/console/sops/default.nix
View File

@@ -3,12 +3,18 @@
{
environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt" = { };
home-manager.users.${user} = {
imports = [ inputs.sops-nix.homeManagerModules.sops ];
home-manager.users.${user} =
let
sopsKeyFile =
if config.environment.impermanence.enable then
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source
else
"${home}/.config/sops-nix/key.txt";
in
{
imports = [ inputs.sops-nix.homeManagerModules.sops ];
sops.age.keyFile =
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source;
home.sessionVariables.SOPS_AGE_KEY_FILE =
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source;
};
sops.age.keyFile = sopsKeyFile;
home.sessionVariables.SOPS_AGE_KEY_FILE = sopsKeyFile;
};
}

2
hosts/common/configs/user/console/ssh-agent/default.nix
View File

@@ -3,6 +3,6 @@
{
home-manager.users.${user} = {
services.ssh-agent.enable = true;
programs.ssh.addKeysToAgent = "yes";
programs.ssh.matchBlocks."*".addKeysToAgent = "yes";
};
}

6
hosts/common/configs/user/console/ssh/default.nix
View File

@@ -1,5 +1,9 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user}.programs.ssh.enable = true;
home-manager.users.${user}.programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks."*".identitiesOnly = true;
};
}

2
hosts/common/configs/user/console/syncthing/default.nix
View File

@@ -14,11 +14,13 @@
"syncthing/key" = {
owner = user;
group = "users";
mode = "0440";
};
# openssl req -new -x509 -key key.pem -out cert.pem -days 9999 -subj "/CN=syncthing"
"syncthing/cert" = {
owner = user;
group = "users";
mode = "0440";
};
};

5
hosts/common/configs/user/console/tmux/default.nix
View File

@@ -1,5 +0,0 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user}.programs.tmux.enable = true;
}

2
hosts/common/configs/user/console/yazi/default.nix
View File

@@ -23,7 +23,7 @@ in
opener = {
edit = [
{
run = "${hmConfig.programs.neovim.finalPackage}/bin/nvim \"$@\"";
run = "${hmConfig.programs.nvf.finalPackage}/bin/nvim \"$@\"";
desc = "nvim";
block = true;
}

26
hosts/common/configs/user/console/zellij/default.nix Normal file
View File

@@ -0,0 +1,26 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user} = {
programs.zellij = {
enable = true;
settings = {
theme = "matugen";
pane_frames = false;
copy_command = "wl-copy";
ui.pane_frames.hide_session_name = true;
pane_viewport_serialization = true;
scrollback_lines_to_serialize = 0;
show_startup_tips = false;
show_release_notes = false;
};
};
theme.template.".config/zellij/themes/matugen.kdl".source = ./theme.kdl;
};
}

128
hosts/common/configs/user/console/zellij/theme.kdl Normal file
View File

@@ -0,0 +1,128 @@
themes {
matugen {
text_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
}
text_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
ribbon_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface_container.default.red}} {{colors.surface_container.default.green}} {{colors.surface_container.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
ribbon_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
table_title {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
table_cell_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
table_cell_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
list_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
list_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
frame_unselected {
base {{colors.outline_variant.default.red}} {{colors.outline_variant.default.green}} {{colors.outline_variant.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
frame_selected {
base {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
frame_highlight {
base {{colors.error.default.red}} {{colors.error.default.green}} {{colors.error.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
exit_code_success {
base {{colors.success.default.red}} {{colors.success.default.green}} {{colors.success.default.blue}}
background 0
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
exit_code_error {
base {{colors.error.default.red}} {{colors.error.default.green}} {{colors.error.default.blue}}
background 0
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
multiplayer_user_colors {
player_1 0
player_2 0
player_3 0
player_4 0
player_5 0
player_6 0
player_7 0
player_8 0
player_9 0
player_10 0
}
}
}

26
hosts/common/configs/user/gui/btop/default.nix
View File

@@ -1,26 +0,0 @@
{ user, home }:
{
config,
lib,
pkgs,
...
}:
{
home-manager.users.${user} = {
programs.btop.settings.color_theme = "matugen";
theme = {
template.".config/btop/themes/matugen.theme".source = ./theme.theme;
reloadExtraConfig = "${
lib.meta.getExe (
pkgs.writeShellApplication {
name = "reload-btop";
runtimeInputs = with pkgs; [ procps ];
text = "exec pkill btop -SIGUSR2";
}
)
} &";
};
};
}

2
hosts/common/configs/user/gui/hyprland/default.nix
View File

@@ -154,7 +154,7 @@
programs.zsh = {
loginExtra = lib.mkAfter ''
if uwsm check may-start; then
if uwsm check may-start > /dev/null; then
exec uwsm start hyprland-uwsm.desktop
fi
'';

5
hosts/common/configs/user/gui/hyprsunset/default.nix Normal file
View File

@@ -0,0 +1,5 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user}.services.hyprsunset.enable = true;
}

50
hosts/common/configs/user/gui/kitty/default.nix
View File

@@ -26,6 +26,56 @@ in
enable_audio_bell = false;
};
keybindings =
{ }
// builtins.listToAttrs (
builtins.map
(k: {
name = k;
value = "no_op";
})
[
# Window management
"kitty_mod+enter"
"kitty_mod+n"
"kitty_mod+w"
"kitty_mod+]"
"kitty_mod+["
"kitty_mod+f"
"kitty_mod+b"
"kitty_mod+`"
"kitty_mod+r"
"kitty_mod+1"
"kitty_mod+2"
"kitty_mod+3"
"kitty_mod+4"
"kitty_mod+5"
"kitty_mod+6"
"kitty_mod+7"
"kitty_mod+8"
"kitty_mod+9"
"kitty_mod+0"
"kitty_mod+f7"
"kitty_mod+f8"
# Tab management
"kitty_mod+right"
"shift+cmd+]"
"ctrl+tab"
"kitty_mod+left"
"shift+cmd+["
"ctrl+shift+tab"
"kitty_mod+t"
"kitty_mod+q"
"kitty_mod+."
"kitty_mod+,"
"kitty_mod+alt+t"
# Layout management
"kitty_mod+l"
]
);
extraConfig = ''
include theme.conf
'';

11
hosts/elara/README.md
View File

@@ -4,7 +4,12 @@
This host uses private SAS repositories. You can find the imports for these in:
- [./default.nix](./default.nix)
- [./users/nikara/default.nix](./users/nikara/default.nix)
You must build the system once with `sas.build.private = false;`. Then, connect to the SAS VPN, and rebuild the system.
You must build the system once with these imports commented out. Then, connect to the SAS VPN, uncomment them, and rebuild the system.
## Installation Instructions
1. Using a separate Nix system, run `hosts/elara/build-tarball.sh`
2. Copy the generated tarball to the Elara host
3. On the Elara host, run `wsl --import NixOS $env:USERPROFILE\NixOS nixos.wsl --version 2` in PowerShell
4. Enable `cgroup v2` support by setting `kernelCommandLine=cgroup_no_v1=all` in `.wslconfig` in your Windows home directory
5. Optionally, run `wsl --set-default nixos` to make NixOS the default WSL distribution

23
hosts/elara/build-tarball.sh Executable file
View File

@@ -0,0 +1,23 @@
#!/usr/bin/env bash
set -o errexit
set -o nounset
set -o pipefail
temp=$(mktemp -d)
cleanup() {
rm -rf "$temp"
}
trap cleanup EXIT
install -d -m 755 "$temp/etc/ssh"
cp ./submodules/secrets/hosts/elara/ssh_host_ed25519_key "$temp/etc/ssh/ssh_host_ed25519_key"
install -d -m 700 "$temp/home/nikara"
install -d -m 755 "$temp/home/nikara/.config/sops-nix"
cp ./submodules/secrets/domains/sas/key.txt "$temp/home/nikara/.config/sops-nix/key.txt"
sudo nix run .#nixosConfigurations.elara.config.system.build.tarballBuilder -- \
--extra-files "$temp" \
--chown /home/nikara 1000:100

29
hosts/elara/configs/globalprotect/default.nix
View File

@@ -1,29 +0,0 @@
{ config, inputs, ... }:
{
sops.secrets = {
"globalprotect/email".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"globalprotect/gateway".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"globalprotect/ssh/key".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"ntfy/username".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"ntfy/password".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
};
sas.globalprotect = {
enable = true;
email.file = config.sops.secrets."globalprotect/email".path;
gateway.file = config.sops.secrets."globalprotect/gateway".path;
sish = {
host = "karaolidis.com";
port = "2222";
keyFile = config.sops.secrets."globalprotect/ssh/key".path;
};
ntfy = {
url = "https://ntfy.karaolidis.com/sas";
username.file = config.sops.secrets."ntfy/username".path;
password.file = config.sops.secrets."ntfy/password".path;
};
};
}

4
hosts/elara/configs/podman/default.nix Normal file
View File

@@ -0,0 +1,4 @@
{ lib, ... }:
{
virtualisation.containers.storage.settings.storage.driver = lib.mkForce "overlay";
}

6
hosts/elara/configs/ssh/default.nix
View File

@@ -33,16 +33,14 @@
HostName github.com
IdentityFile /root/.ssh/ssh_sas_ed25519_key
IdentitiesOnly yes
UserKnownHostsFile ${pkgs.sshKnownHosts.github}
Host gitlab.sas.com
User git
HostName gitlab.sas.com
IdentityFile /root/.ssh/ssh_sas_ed25519_key
IdentitiesOnly yes
${lib.strings.optionalString config.sas.build.private "UserKnownHostsFile ${pkgs.sshKnownHosts.sas-gitlab}"}
'';
knownHostsFiles =
with pkgs.sshKnownHosts;
([ github ] ++ lib.lists.optionals config.sas.build.private [ sas-gitlab ]);
};
}

42
hosts/elara/default.nix
View File

@@ -1,4 +1,4 @@
{ config, inputs, ... }:
{ inputs, lib, ... }:
{
nixpkgs.overlays = [
inputs.lib.overlays.default
@@ -8,57 +8,34 @@
];
imports = [
./options.nix
inputs.disko.nixosModules.disko
./format.nix
./hardware
inputs.nixos-wsl.nixosModules.default
inputs.sas.nixosModules.default
./hardware
./options.nix
../common/configs/system
../common/configs/system/bluetooth
../common/configs/system/boot
../common/configs/system/brightnessctl
../common/configs/system/btrbk
../common/configs/system/btrfs
../common/configs/system/cloudflared
../common/configs/system/dnsmasq
../common/configs/system/documentation
../common/configs/system/getty
../common/configs/system/git
../common/configs/system/gpg-agent
../common/configs/system/impermanence
../common/configs/system/lanzaboote
../common/configs/system/libvirt
../common/configs/system/neovim
../common/configs/system/networkmanager
../common/configs/system/nix
../common/configs/system/nix-cleanup
../common/configs/system/nix-install
../common/configs/system/nix-ld
../common/configs/system/nix-update
../common/configs/system/nixpkgs
../common/configs/system/ntp
../common/configs/system/pipewire
../common/configs/system/podman
../common/configs/system/power
../common/configs/system/printing
../common/configs/system/smartmontools
../common/configs/system/sops
../common/configs/system/ssh
../common/configs/system/sshd
../common/configs/system/sudo
../common/configs/system/system
../common/configs/system/timezone
../common/configs/system/tmux
../common/configs/system/upower
../common/configs/system/users
../common/configs/system/zsh
./configs/globalprotect
./configs/nix
./configs/pki
./configs/podman
./configs/ssh
./users/nikara
@@ -66,8 +43,7 @@
networking.hostName = "elara";
sas.build.private = true;
sas.build.private = false;
environment.impermanence.device =
config.disko.devices.disk.usb.content.partitions.root.content.content.device;
environment.impermanence.enable = lib.mkForce false;
}

87
hosts/elara/format.nix
View File

@@ -1,87 +0,0 @@
{
disko.devices = {
disk.usb = {
device = "/dev/disk/by-id/ata-Samsung_SSD_990_EVO_1TB_S7GCNL0XA04998F";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
esp = {
name = "esp";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
swap = {
name = "swap";
size = "32G";
content = {
type = "swap";
resumeDevice = true;
};
};
root = {
name = "root";
size = "100%";
content = {
name = "usb";
type = "luks";
passwordFile = "/tmp/keyfile";
settings = {
allowDiscards = true;
};
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes =
let
mountOptions = [
"compress=zstd:3"
"noatime"
"user_subvol_rm_allowed"
];
in
{
"@" = {
mountpoint = "/";
inherit mountOptions;
};
"@persist" = {
mountpoint = "/persist";
inherit mountOptions;
};
"@persist/user" = {
mountpoint = "/persist/user";
inherit mountOptions;
};
"@persist/state" = {
mountpoint = "/persist/state";
inherit mountOptions;
};
"@persist/cache" = {
mountpoint = "/persist/cache";
inherit mountOptions;
};
"@nix" = {
mountpoint = "/nix";
inherit mountOptions;
};
};
};
};
};
};
};
};
};
}

19
hosts/elara/hardware/default.nix
View File

@@ -1,19 +1,10 @@
{ ... }:
{
boot.initrd.kernelModules = [
"xhci_pci"
"uas"
"sd_mod"
];
imports = [ ./display.nix ];
services.tlp.settings.DISK_DEVICES = "sda";
# By default, this host runs on an external SSD attached to himalia...
imports = [ ../../himalia/hardware ];
# ...but it can also run attached to a SAS-provided laptop.
specialisation.sas.configuration = {
disabledModules = [ ../../himalia/hardware ];
imports = [ ./sas ];
wsl = {
enable = true;
tarball.configPath = ../../../.;
startMenuLaunchers = true;
};
}

6
hosts/elara/hardware/display.nix Normal file
View File

@@ -0,0 +1,6 @@
{ ... }:
{
home-manager.sharedModules = [
{ programs.vscode.profiles.default.userSettings."window.zoomLevel" = (1.25 - 1) / 0.2; }
];
}

28
hosts/elara/hardware/sas/default.nix
View File

@@ -1,28 +0,0 @@
{ ... }:
{
imports = [
./display.nix
./keybinds.nix
];
hardware = {
enableAllFirmware = true;
cpu = {
cores = 8;
threads = 12;
intel.updateMicrocode = true;
};
};
boot = {
kernelModules = [ "kvm-intel" ];
initrd.kernelModules = [
"thunderbolt"
"vmd"
"nvme"
];
};
services.fstrim.enable = true;
}

30
hosts/elara/hardware/sas/display.nix
View File

@@ -1,30 +0,0 @@
{ ... }:
{
boot.kernelParams = [ "video=eDP-1:1920x1200@60" ];
home-manager.sharedModules = [
{
wayland.windowManager.hyprland.settings = {
monitor = [
"eDP-1, preferred, 0x0, 1"
", maxwidth, auto-center-up, 1"
];
workspace = [
"1, monitor:eDP-1, layoutopt:orientation:left"
"2, monitor:eDP-1, layoutopt:orientation:left"
"3, monitor:eDP-1, layoutopt:orientation:left"
"4, monitor:eDP-1, layoutopt:orientation:left"
"5, monitor:eDP-1, layoutopt:orientation:left"
"6, monitor:eDP-1, layoutopt:orientation:left"
"7, monitor:eDP-1, layoutopt:orientation:left"
"8, monitor:eDP-1, layoutopt:orientation:left"
"9, monitor:eDP-1, layoutopt:orientation:left"
"10, monitor:eDP-1, layoutopt:orientation:left"
];
};
programs.vscode.profiles.default.userSettings."window.zoomLevel" = (1.25 - 1) / 0.2;
}
];
}

15
hosts/elara/hardware/sas/keybinds.nix
View File

@@ -1,15 +0,0 @@
{ lib, pkgs, ... }:
{
home-manager.sharedModules = [
{
wayland.windowManager.hyprland.settings.bindle =
let
brightnessctl = lib.meta.getExe pkgs.brightnessctl;
in
[
", XF86MonBrightnessUp, exec, ${brightnessctl} -q s 5%+"
", XF86MonBrightnessDown, exec, ${brightnessctl} -q s 5%-"
];
}
];
}

7
hosts/elara/users/nikara/configs/console/gpg/default.nix
View File

@@ -1,5 +1,10 @@
{ user, home }:
{ config, inputs, ... }:
{
config,
inputs,
pkgs,
...
}:
let
hmConfig = config.home-manager.users.${user};
in

6
hosts/elara/users/nikara/configs/console/neovim/default.nix Normal file
View File

@@ -0,0 +1,6 @@
{ user, home }:
{ pkgs, ... }:
{
home-manager.users.${user}.programs.nvf.settings.vim.clipboard.providers.wl-copy.package =
pkgs.wsl-wl-clipboard;
}

66
hosts/elara/users/nikara/configs/console/podman/default.nix
View File

@@ -10,41 +10,45 @@ let
hmConfig = config.home-manager.users.${user};
in
{
home-manager.users.${user}.sops = {
secrets = {
"registry/personal/git.karaolidis.com" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "registry/git.karaolidis.com";
home-manager.users.${user} = {
sops = {
secrets = {
"registry/personal/git.karaolidis.com" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "registry/git.karaolidis.com";
};
"registry/personal/docker.io" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "registry/docker.io";
};
"registry/sas/cr.sas.com" = {
sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
key = "registry/cr.sas.com";
};
};
"registry/personal/docker.io" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "registry/docker.io";
};
"registry/sas/cr.sas.com" = {
sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
key = "registry/cr.sas.com";
templates.containers-auth = {
content = builtins.readFile (
(pkgs.formats.json { }).generate "auth.json" {
auths = {
"git.karaolidis.com" = {
auth = hmConfig.sops.placeholder."registry/personal/git.karaolidis.com";
};
"docker.io" = {
auth = hmConfig.sops.placeholder."registry/personal/docker.io";
};
"cr.sas.com" = {
auth = hmConfig.sops.placeholder."registry/sas/cr.sas.com";
};
};
}
);
path = "${home}/.config/containers/auth.json";
};
};
templates.containers-auth = {
content = builtins.readFile (
(pkgs.formats.json { }).generate "auth.json" {
auths = {
"git.karaolidis.com" = {
auth = hmConfig.sops.placeholder."registry/personal/git.karaolidis.com";
};
"docker.io" = {
auth = hmConfig.sops.placeholder."registry/personal/docker.io";
};
"cr.sas.com" = {
auth = hmConfig.sops.placeholder."registry/sas/cr.sas.com";
};
};
}
);
path = "${home}/.config/containers/auth.json";
};
services.podman.settings.storage.storage.driver = lib.mkForce "overlay";
};
}

2
hosts/elara/users/nikara/configs/console/sas/default.nix
View File

@@ -54,8 +54,10 @@ in
packages =
with pkgs;
[
gcc
gopls
go-tools
delve
golangci-lint
golangci-lint-langserver
]

214
hosts/elara/users/nikara/configs/console/ssh/default.nix
View File

@@ -46,118 +46,158 @@ in
key = "ssh/rsa/pass";
};
"git/credentials/personal/git.karaolidis.com/admin/username" = {
"git/credentials/personal/git.karaolidis.com/username" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/git.karaolidis.com/admin/username";
key = "git/credentials/git.karaolidis.com/username";
};
"git/credentials/personal/git.karaolidis.com/admin/password" = {
"git/credentials/personal/git.karaolidis.com/tokens/admin" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/git.karaolidis.com/admin/password";
key = "git/credentials/git.karaolidis.com/tokens/admin";
};
"git/credentials/sas/github.com/admin/username" = {
"git/credentials/sas/github.com/username" = {
sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
key = "git/credentials/github.com/admin/username";
key = "git/credentials/github.com/username";
};
"git/credentials/sas/github.com/admin/password" = {
"git/credentials/sas/github.com/tokens/admin" = {
sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
key = "git/credentials/github.com/admin/password";
key = "git/credentials/github.com/tokens/admin";
};
"git/credentials/personal/github.com/username" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/github.com/username";
};
"git/credentials/personal/github.com/tokens/admin" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/github.com/tokens/admin";
};
"git/credentials/personal/gitlab.com/username" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/gitlab.com/username";
};
"git/credentials/personal/gitlab.com/tokens/admin" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/gitlab.com/tokens/admin";
};
"git/credentials/personal/gitea.com/username" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/gitea.com/username";
};
"git/credentials/personal/gitea.com/tokens/admin" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/gitea.com/tokens/admin";
};
};
templates."git/credentials" = {
content = ''
https://${hmConfig.sops.placeholder."git/credentials/personal/git.karaolidis.com/admin/username"}:${
hmConfig.sops.placeholder."git/credentials/personal/git.karaolidis.com/admin/password"
https://${hmConfig.sops.placeholder."git/credentials/personal/git.karaolidis.com/username"}:${
hmConfig.sops.placeholder."git/credentials/personal/git.karaolidis.com/tokens/admin"
}@git.karaolidis.com
https://${hmConfig.sops.placeholder."git/credentials/sas/github.com/admin/username"}:${
hmConfig.sops.placeholder."git/credentials/sas/github.com/admin/password"
https://${hmConfig.sops.placeholder."git/credentials/sas/github.com/username"}:${
hmConfig.sops.placeholder."git/credentials/sas/github.com/tokens/admin"
}@github.com
https://${hmConfig.sops.placeholder."git/credentials/personal/gitlab.com/username"}:${
hmConfig.sops.placeholder."git/credentials/personal/gitlab.com/tokens/admin"
}@gitlab.com
https://${hmConfig.sops.placeholder."git/credentials/personal/gitea.com/username"}:${
hmConfig.sops.placeholder."git/credentials/personal/gitea.com/tokens/admin"
}@gitea.com
'';
path = "${home}/.config/git/credentials";
};
};
programs = {
ssh = {
matchBlocks = {
"karaolidis.com" = {
hostname = "karaolidis.com";
user = "nick";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
identitiesOnly = true;
};
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = [ "${home}/.ssh/ssh_personal_ed25519_key" ];
identitiesOnly = true;
};
"gitlab.com" = {
hostname = "gitlab.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
identitiesOnly = true;
};
"github.sas.com" = {
hostname = "github.com";
user = "git";
identityFile = [ "${home}/.ssh/ssh_sas_ed25519_key" ];
identitiesOnly = true;
};
"cldlgn.fyi.sas.com" = {
inherit user;
hostname = "cldlgn.fyi.sas.com";
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
identitiesOnly = true;
};
"gitlab.sas.com" = {
hostname = "gitlab.sas.com";
user = "git";
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
identitiesOnly = true;
};
"gerrit-svi.unx.sas.com" = {
hostname = "gerrit-svi.unx.sas.com";
user = "nikara";
port = 29418;
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
identitiesOnly = true;
};
"artifactlfs.unx.sas.com" = {
hostname = "artifactlfs.unx.sas.com";
user = "nikara";
port = 1339;
identityFile = "${home}/.ssh/ssh_sas_rsa_key";
identitiesOnly = true;
};
ssh.matchBlocks = {
"karaolidis.com" = {
hostname = "karaolidis.com";
user = "nick";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
};
userKnownHostsFile = builtins.concatStringsSep " " (
with pkgs.sshKnownHosts;
(
[
"${home}/.ssh/known_hosts"
github
gitlab
]
++ lib.lists.optionals config.sas.build.private [
sas-cldlgn
sas-gitlab
sas-gerrit
sas-artifact
]
)
);
"tunnel.karaolidis.com" = {
hostname = "tunnel.karaolidis.com";
user = "nick";
port = 2222;
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
};
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = [ "${home}/.ssh/ssh_personal_ed25519_key" ];
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.github;
};
"gitlab.com" = {
hostname = "gitlab.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.gitlab;
};
"gitea.com" = {
hostname = "gitea.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.gitea;
};
"github.sas.com" = {
hostname = "github.com";
user = "git";
identityFile = [ "${home}/.ssh/ssh_sas_ed25519_key" ];
userKnownHostsFile = lib.mkIf config.sas.build.private (
builtins.toString pkgs.sshKnownHosts.github
);
};
"cldlgn.fyi.sas.com" = {
inherit user;
hostname = "cldlgn.fyi.sas.com";
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
userKnownHostsFile = lib.mkIf config.sas.build.private (
builtins.toString pkgs.sshKnownHosts.sas-cldlgn
);
};
"gitlab.sas.com" = {
hostname = "gitlab.sas.com";
user = "git";
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
userKnownHostsFile = lib.mkIf config.sas.build.private (
builtins.toString pkgs.sshKnownHosts.sas-gitlab
);
};
"gerrit-svi.unx.sas.com" = {
hostname = "gerrit-svi.unx.sas.com";
user = "nikara";
port = 29418;
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
userKnownHostsFile = lib.mkIf config.sas.build.private (
builtins.toString pkgs.sshKnownHosts.sas-gerrit
);
};
"artifactlfs.unx.sas.com" = {
hostname = "artifactlfs.unx.sas.com";
user = "nikara";
port = 1339;
identityFile = "${home}/.ssh/ssh_sas_rsa_key";
userKnownHostsFile = lib.mkIf config.sas.build.private (
builtins.toString pkgs.sshKnownHosts.sas-artifact
);
};
};
git.extraConfig.url = {

5
hosts/elara/users/nikara/configs/console/wsl/default.nix Normal file
View File

@@ -0,0 +1,5 @@
{ user, home }:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [ wsl-wl-clipboard ];
}

5
hosts/elara/users/nikara/configs/gui/kitty/default.nix Normal file
View File

@@ -0,0 +1,5 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user}.programs.kitty.settings.hide_window_decorations = true;
}

20
hosts/elara/users/nikara/configs/gui/obsidian/default.nix
View File

@@ -1,23 +1,5 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user} = {
programs.obsidian.vaults = {
"Documents/Obsidian/personal/master".enable = true;
"Documents/Obsidian/sas/master".enable = true;
};
services.syncthing.settings.folders.obsidian = {
label = "Obsidian";
path = "${home}/Documents/Obsidian/personal";
devices = [
"amalthea"
"ganymede"
];
maxConflicts = 0;
};
home.file."Documents/Obsidian/personal/.stignore".source =
../../../../../../common/configs/user/gui/obsidian/.stignore;
};
home-manager.users.${user}.programs.obsidian.vaults."Documents/Obsidian/master".enable = true;
}

44
hosts/elara/users/nikara/configs/gui/vscode/default.nix
View File

@@ -1,26 +1,30 @@
{ user, home }:
{ ... }:
{ lib, ... }:
{
home-manager.users.${user}.programs.vscode = {
languages = {
c.enable = true;
go.enable = true;
hugo.enable = true;
java.enable = true;
jinja.enable = true;
lua.enable = true;
markdown.enable = true;
nix.enable = true;
podman.enable = true;
python.enable = true;
rest.enable = true;
rust.enable = true;
sas.enable = true;
sops.enable = true;
typescript.enable = true;
yaml.enable = true;
home-manager.users.${user} = {
programs.vscode = {
languages = {
c.enable = true;
go.enable = true;
hugo.enable = true;
java.enable = true;
jinja.enable = true;
lua.enable = true;
markdown.enable = true;
nix.enable = true;
podman.enable = true;
python.enable = true;
rest.enable = true;
rust.enable = true;
sas.enable = true;
sops.enable = true;
typescript.enable = true;
yaml.enable = true;
};
copilot.enable = true;
};
copilot.enable = true;
home.sessionVariables.DONT_PROMPT_WSL_INSTALL = "1";
};
}

45
hosts/elara/users/nikara/default.nix
View File

@@ -14,8 +14,7 @@ in
imports = [
(import ../../../common/configs/user { inherit user home; })
(import ../../../common/configs/user/console/android { inherit user home; })
(import ../../../common/configs/user/console/brightnessctl { inherit user home; })
(import ../../../common/configs/user/console/attic { inherit user home; })
(import ../../../common/configs/user/console/btop { inherit user home; })
(import ../../../common/configs/user/console/dive { inherit user home; })
(import ../../../common/configs/user/console/fastfetch { inherit user home; })
@@ -27,69 +26,41 @@ in
(import ../../../common/configs/user/console/ip { inherit user home; })
(import ../../../common/configs/user/console/jq { inherit user home; })
(import ../../../common/configs/user/console/kubernetes { inherit user home; })
(import ../../../common/configs/user/console/libvirt { inherit user home; })
(import ../../../common/configs/user/console/lsof { inherit user home; })
(import ../../../common/configs/user/console/mprocs { inherit user home; })
(import ../../../common/configs/user/console/ncdu { inherit user home; })
(import ../../../common/configs/user/console/ncspot { inherit user home; })
(import ../../../common/configs/user/console/neovim { inherit user home; })
(import ../../../common/configs/user/console/nix { inherit user home; })
(import ../../../common/configs/user/console/nix-cleanup { inherit user home; })
(import ../../../common/configs/user/console/nix-develop { inherit user home; })
(import ../../../common/configs/user/console/nix-direnv { inherit user home; })
(import ../../../common/configs/user/console/ouch { inherit user home; })
(import ../../../common/configs/user/console/pipewire { inherit user home; })
(import ../../../common/configs/user/console/podman { inherit user home; })
(import ../../../common/configs/user/console/sops { inherit user home; })
(import ../../../common/configs/user/console/ssh { inherit user home; })
(import ../../../common/configs/user/console/ssh-agent { inherit user home; })
(import ../../../common/configs/user/console/syncthing { inherit user home; })
(import ../../../common/configs/user/console/tmux { inherit user home; })
(import ../../../common/configs/user/console/tree { inherit user home; })
(import ../../../common/configs/user/console/wget { inherit user home; })
(import ../../../common/configs/user/console/xdg { inherit user home; })
(import ../../../common/configs/user/console/yazi { inherit user home; })
(import ../../../common/configs/user/console/yt-dlp { inherit user home; })
(import ../../../common/configs/user/console/zellij { inherit user home; })
(import ../../../common/configs/user/console/zoxide { inherit user home; })
(import ../../../common/configs/user/console/zsh { inherit user home; })
(import ../../../common/configs/user/gui/astal { inherit user home; })
(import ../../../common/configs/user/gui/bluetooth { inherit user home; })
(import ../../../common/configs/user/gui/btop { inherit user home; })
(import ../../../common/configs/user/gui/clipbook { inherit user home; })
(import ../../../common/configs/user/gui/cliphist { inherit user home; })
(import ../../../common/configs/user/gui/emoji { inherit user home; })
(import ../../../common/configs/user/gui/feh { inherit user home; })
(import ../../../common/configs/user/gui/firefox { inherit user home; })
(import ../../../common/configs/user/gui/gtk { inherit user home; })
(import ../../../common/configs/user/gui/hypridle { inherit user home; })
(import ../../../common/configs/user/gui/hyprland { inherit user home; })
(import ../../../common/configs/user/gui/hyprpicker { inherit user home; })
(import ../../../common/configs/user/gui/hyprshot { inherit user home; })
(import ../../../common/configs/user/gui/kitty { inherit user home; })
(import ../../../common/configs/user/gui/libreoffice { inherit user home; })
(import ../../../common/configs/user/gui/mpv { inherit user home; })
(import ../../../common/configs/user/gui/networkmanager { inherit user home; })
(import ../../../common/configs/user/gui/obs { inherit user home; })
(import ../../../common/configs/user/gui/obsidian { inherit user home; })
(import ../../../common/configs/user/gui/pipewire { inherit user home; })
(import ../../../common/configs/user/gui/qalculate { inherit user home; })
(import ../../../common/configs/user/gui/qt { inherit user home; })
(import ../../../common/configs/user/gui/rofi { inherit user home; })
(import ../../../common/configs/user/gui/rquickshare { inherit user home; })
(import ../../../common/configs/user/gui/swww { inherit user home; })
(import ../../../common/configs/user/gui/theme { inherit user home; })
(import ../../../common/configs/user/gui/vscode { inherit user home; })
(import ../../../common/configs/user/gui/wev { inherit user home; })
(import ../../../common/configs/user/gui/wl-clipboard { inherit user home; })
(import ../../../common/configs/user/gui/x11 { inherit user home; })
(import ../../../common/configs/user/gui/xdg { inherit user home; })
(import ./configs/console/gpg { inherit user home; })
(import ./configs/console/neovim { inherit user home; })
(import ./configs/console/podman { inherit user home; })
(import ./configs/console/sas { inherit user home; })
(import ./configs/console/ssh { inherit user home; })
(import ./configs/console/wsl { inherit user home; })
(import ./configs/gui/kitty { inherit user home; })
(import ./configs/gui/obsidian { inherit user home; })
(import ./configs/gui/vscode { inherit user home; })
];
@@ -114,9 +85,13 @@ in
];
linger = true;
uid = lib.strings.toInt (builtins.readFile ./uid);
openssh.authorizedKeys.keyFiles = [
"${inputs.secrets}/domains/personal/id_ed25519.pub"
"${inputs.secrets}/domains/sas/id_ed25519.pub"
];
};
services.getty.autologinUser = user;
wsl.defaultUser = user;
home-manager.users.${user}.home = {
username = user;

3
hosts/himalia/default.nix
View File

@@ -21,7 +21,6 @@
../common/configs/system/documentation
../common/configs/system/getty
../common/configs/system/git
../common/configs/system/gpg-agent
../common/configs/system/impermanence
../common/configs/system/lanzaboote
../common/configs/system/libvirt
@@ -41,10 +40,10 @@
../common/configs/system/smartmontools
../common/configs/system/sops
../common/configs/system/ssh
../common/configs/system/sshd
../common/configs/system/sudo
../common/configs/system/system
../common/configs/system/timezone
../common/configs/system/tmux
../common/configs/system/upower
../common/configs/system/users
../common/configs/system/zsh

12
hosts/himalia/hardware/keybinds.nix
View File

@@ -29,18 +29,6 @@
", XF86Launch4, exec, ${asusctl} profile -n"
", XF86TouchpadToggle, exec, ${touchpadHelper} asuf1209:00-2808:0219-touchpad"
];
bind =
let
farmAura = lib.meta.getExe (
pkgs.writeShellApplication {
name = "farm-aura";
runtimeInputs = with pkgs; [ genact ];
text = builtins.readFile ./scripts/farm-aura.sh;
}
);
in
[ ", XF86Launch3, exec, uwsm app -- $term ${farmAura}" ];
};
}
];

13
hosts/himalia/hardware/scripts/farm-aura.sh
View File

@@ -1,13 +0,0 @@
# shellcheck shell=bash
SESSION_NAME="aura-farm-$$"
tmux new-session -d -s "$SESSION_NAME" "genact -s 25"
tmux set-hook -t "$SESSION_NAME" pane-exited "run-shell 'tmux kill-session -t $SESSION_NAME'"
for _ in {1..4}; do
tmux split-window -t "$SESSION_NAME" -h "genact -s 25"
done
tmux select-layout -t "$SESSION_NAME" tiled
tmux attach-session -t "$SESSION_NAME"

94
hosts/himalia/users/nick/configs/console/ssh/default.nix
View File

@@ -19,56 +19,82 @@ in
"ssh/pass".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/git.karaolidis.com/admin/username".sopsFile =
"git/credentials/git.karaolidis.com/username".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/git.karaolidis.com/admin/password".sopsFile =
"git/credentials/git.karaolidis.com/tokens/admin".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/github.com/username".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/github.com/tokens/admin".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/gitlab.com/username".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/gitlab.com/tokens/admin".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/gitea.com/username".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/gitea.com/tokens/admin".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
};
templates."git/credentials" = {
content = ''
https://${hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/admin/username"}:${
hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/admin/password"
https://${hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/username"}:${
hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/tokens/admin"
}@git.karaolidis.com
https://${hmConfig.sops.placeholder."git/credentials/github.com/username"}:${
hmConfig.sops.placeholder."git/credentials/github.com/tokens/admin"
}@github.com
https://${hmConfig.sops.placeholder."git/credentials/gitlab.com/username"}:${
hmConfig.sops.placeholder."git/credentials/gitlab.com/tokens/admin"
}@gitlab.com
https://${hmConfig.sops.placeholder."git/credentials/gitea.com/username"}:${
hmConfig.sops.placeholder."git/credentials/gitea.com/tokens/admin"
}@gitea.com
'';
path = "${home}/.config/git/credentials";
};
};
programs = {
ssh = {
matchBlocks = {
"karaolidis.com" = {
hostname = "karaolidis.com";
user = "nick";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
identitiesOnly = true;
};
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
identitiesOnly = true;
};
"gitlab.com" = {
hostname = "gitlab.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
identitiesOnly = true;
};
ssh.matchBlocks = {
"karaolidis.com" = {
hostname = "karaolidis.com";
user = "nick";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
};
userKnownHostsFile = builtins.concatStringsSep " " (
with pkgs.sshKnownHosts;
[
"${home}/.ssh/known_hosts"
github
gitlab
]
);
"tunnel.karaolidis.com" = {
hostname = "tunnel.karaolidis.com";
user = "nick";
port = 2222;
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
};
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.github;
};
"gitlab.com" = {
hostname = "gitlab.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.gitlab;
};
"gitea.com" = {
hostname = "gitea.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.gitea;
};
};
clipbook.bookmarks."SSH Key Passphrase".source = hmConfig.sops.secrets."ssh/pass".path;

6
hosts/himalia/users/nick/default.nix
View File

@@ -15,6 +15,7 @@ in
(import ../../../common/configs/user { inherit user home; })
(import ../../../common/configs/user/console/android { inherit user home; })
(import ../../../common/configs/user/console/attic { inherit user home; })
(import ../../../common/configs/user/console/brightnessctl { inherit user home; })
(import ../../../common/configs/user/console/btop { inherit user home; })
(import ../../../common/configs/user/console/dive { inherit user home; })
@@ -43,18 +44,17 @@ in
(import ../../../common/configs/user/console/ssh { inherit user home; })
(import ../../../common/configs/user/console/ssh-agent { inherit user home; })
(import ../../../common/configs/user/console/syncthing { inherit user home; })
(import ../../../common/configs/user/console/tmux { inherit user home; })
(import ../../../common/configs/user/console/tree { inherit user home; })
(import ../../../common/configs/user/console/wget { inherit user home; })
(import ../../../common/configs/user/console/xdg { inherit user home; })
(import ../../../common/configs/user/console/yazi { inherit user home; })
(import ../../../common/configs/user/console/yt-dlp { inherit user home; })
(import ../../../common/configs/user/console/zellij { inherit user home; })
(import ../../../common/configs/user/console/zoxide { inherit user home; })
(import ../../../common/configs/user/console/zsh { inherit user home; })
(import ../../../common/configs/user/gui/astal { inherit user home; })
(import ../../../common/configs/user/gui/bluetooth { inherit user home; })
(import ../../../common/configs/user/gui/btop { inherit user home; })
(import ../../../common/configs/user/gui/clipbook { inherit user home; })
(import ../../../common/configs/user/gui/cliphist { inherit user home; })
(import ../../../common/configs/user/gui/darktable { inherit user home; })
@@ -74,6 +74,7 @@ in
(import ../../../common/configs/user/gui/hyprland { inherit user home; })
(import ../../../common/configs/user/gui/hyprpicker { inherit user home; })
(import ../../../common/configs/user/gui/hyprshot { inherit user home; })
(import ../../../common/configs/user/gui/hyprsunset { inherit user home; })
(import ../../../common/configs/user/gui/kitty { inherit user home; })
(import ../../../common/configs/user/gui/libreoffice { inherit user home; })
(import ../../../common/configs/user/gui/mpv { inherit user home; })
@@ -123,6 +124,7 @@ in
];
linger = true;
uid = lib.strings.toInt (builtins.readFile ./uid);
openssh.authorizedKeys.keyFiles = [ "${inputs.secrets}/domains/personal/id_ed25519.pub" ];
};
services.getty.autologinUser = user;

3
hosts/installer/default.nix
View File

@@ -19,7 +19,6 @@
../common/configs/system/documentation
../common/configs/system/getty
../common/configs/system/git
../common/configs/system/gpg-agent
../common/configs/system/impermanence
../common/configs/system/lanzaboote
../common/configs/system/neovim
@@ -34,10 +33,10 @@
../common/configs/system/power
../common/configs/system/sops
../common/configs/system/ssh
../common/configs/system/sshd
../common/configs/system/sudo
../common/configs/system/system
../common/configs/system/timezone
../common/configs/system/tmux
../common/configs/system/users
../common/configs/system/zsh

3
hosts/installer/hardware/default.nix
View File

@@ -9,6 +9,9 @@
"xhci_pci"
"usb_storage"
"sd_mod"
"hv_vmbus"
"hv_storvsc"
"hyperv_keyboard"
];
services.fstrim.enable = true;

94
hosts/installer/users/nick/configs/console/ssh/default.nix
View File

@@ -19,55 +19,81 @@ in
"ssh/pass".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/git.karaolidis.com/admin/username".sopsFile =
"git/credentials/git.karaolidis.com/username".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/git.karaolidis.com/admin/password".sopsFile =
"git/credentials/git.karaolidis.com/tokens/admin".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/github.com/username".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/github.com/tokens/admin".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/gitlab.com/username".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/gitlab.com/tokens/admin".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/gitea.com/username".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/gitea.com/tokens/admin".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
};
templates."git/credentials" = {
content = ''
https://${hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/admin/username"}:${
hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/admin/password"
https://${hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/username"}:${
hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/tokens/admin"
}@git.karaolidis.com
https://${hmConfig.sops.placeholder."git/credentials/github.com/username"}:${
hmConfig.sops.placeholder."git/credentials/github.com/tokens/admin"
}@github.com
https://${hmConfig.sops.placeholder."git/credentials/gitlab.com/username"}:${
hmConfig.sops.placeholder."git/credentials/gitlab.com/tokens/admin"
}@gitlab.com
https://${hmConfig.sops.placeholder."git/credentials/gitea.com/username"}:${
hmConfig.sops.placeholder."git/credentials/gitea.com/tokens/admin"
}@gitea.com
'';
path = "${home}/.config/git/credentials";
};
};
programs.ssh = {
matchBlocks = {
"karaolidis.com" = {
hostname = "karaolidis.com";
user = "nick";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
identitiesOnly = true;
};
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
identitiesOnly = true;
};
"gitlab.com" = {
hostname = "gitlab.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
identitiesOnly = true;
};
programs.ssh.matchBlocks = {
"karaolidis.com" = {
hostname = "karaolidis.com";
user = "nick";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
};
userKnownHostsFile = builtins.concatStringsSep " " (
with pkgs.sshKnownHosts;
[
"${home}/.ssh/known_hosts"
github
gitlab
]
);
"tunnel.karaolidis.com" = {
hostname = "tunnel.karaolidis.com";
user = "nick";
port = 2222;
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
};
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.github;
};
"gitlab.com" = {
hostname = "gitlab.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.gitlab;
};
"gitea.com" = {
hostname = "gitea.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.gitea;
};
};
};
}

4
hosts/installer/users/nick/default.nix
View File

@@ -14,6 +14,7 @@ in
imports = [
(import ../../../common/configs/user { inherit user home; })
(import ../../../common/configs/user/console/attic { inherit user home; })
(import ../../../common/configs/user/console/brightnessctl { inherit user home; })
(import ../../../common/configs/user/console/btop { inherit user home; })
(import ../../../common/configs/user/console/fastfetch { inherit user home; })
@@ -31,11 +32,11 @@ in
(import ../../../common/configs/user/console/sops { inherit user home; })
(import ../../../common/configs/user/console/ssh { inherit user home; })
(import ../../../common/configs/user/console/ssh-agent { inherit user home; })
(import ../../../common/configs/user/console/tmux { inherit user home; })
(import ../../../common/configs/user/console/tree { inherit user home; })
(import ../../../common/configs/user/console/wget { inherit user home; })
(import ../../../common/configs/user/console/xdg { inherit user home; })
(import ../../../common/configs/user/console/yazi { inherit user home; })
(import ../../../common/configs/user/console/zellij { inherit user home; })
(import ../../../common/configs/user/console/zoxide { inherit user home; })
(import ../../../common/configs/user/console/zsh { inherit user home; })
@@ -63,6 +64,7 @@ in
];
linger = true;
uid = lib.strings.toInt (builtins.readFile ./uid);
openssh.authorizedKeys.keyFiles = [ "${inputs.secrets}/domains/personal/id_ed25519.pub" ];
};
services.getty.autologinUser = user;

2
hosts/jupiter-vps/README.md
View File

@@ -2,7 +2,7 @@
## Installation Instructions
1. Provision an OVHcloud VPS (ideally running Ubuntu).
1. Provision an OVHcloud VPS (ideally running Ubuntu)
2. Add personal public key
3. Add a CNAME entry for `vps.karaolidis.com` pointing to the VPS IP/host
4. Run `hosts/jupiter-vps/install.sh`

2
hosts/jupiter-vps/install.sh
View File

@@ -12,6 +12,6 @@ cleanup() {
trap cleanup EXIT
install -d -m 755 "$temp/etc/ssh"
cp ./secrets/hosts/jupiter-vps/ssh_host_ed25519_key "$temp/etc/ssh/ssh_host_ed25519_key"
cp ./submodules/secrets/hosts/jupiter-vps/ssh_host_ed25519_key "$temp/etc/ssh/ssh_host_ed25519_key"
nix run github:nix-community/nixos-anywhere -- --flake .#jupiter-vps --extra-files "$temp" --target-host ubuntu@vps.karaolidis.com -i ~/.ssh/ssh_personal_ed25519_key

2
hosts/jupiter/hardware/default.nix
View File

@@ -93,6 +93,6 @@
xserver.videoDrivers = [ "nvidia" ];
fstrim.enable = true;
tlp.settings.DISK_DEVICES = lib.mkDefault "nvme0n1 nvme1n1";
logind.lidSwitch = "ignore";
logind.settings.Login.HandleLidSwitch = "ignore";
};
}

3
hosts/jupiter/users/nick/default.nix
View File

@@ -14,6 +14,7 @@ in
imports = [
(import ../../../common/configs/user { inherit user home; })
(import ../../../common/configs/user/console/attic { inherit user home; })
(import ../../../common/configs/user/console/brightnessctl { inherit user home; })
(import ../../../common/configs/user/console/btop { inherit user home; })
(import ../../../common/configs/user/console/fastfetch { inherit user home; })
@@ -30,11 +31,11 @@ in
(import ../../../common/configs/user/console/ouch { inherit user home; })
(import ../../../common/configs/user/console/podman { inherit user home; })
(import ../../../common/configs/user/console/sops { inherit user home; })
(import ../../../common/configs/user/console/tmux { inherit user home; })
(import ../../../common/configs/user/console/tree { inherit user home; })
(import ../../../common/configs/user/console/wget { inherit user home; })
(import ../../../common/configs/user/console/xdg { inherit user home; })
(import ../../../common/configs/user/console/yazi { inherit user home; })
(import ../../../common/configs/user/console/zellij { inherit user home; })
(import ../../../common/configs/user/console/zoxide { inherit user home; })
(import ../../../common/configs/user/console/zsh { inherit user home; })

127
hosts/jupiter/users/storm/configs/console/podman/attic/default.nix Normal file
View File

@@ -0,0 +1,127 @@
{ user, home }:
{
config,
inputs,
pkgs,
...
}:
let
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) containers volumes networks;
in
{
home-manager.users.${user} = {
sops = {
secrets = {
"attic/postgresql".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"attic/rs256".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"attic/admin".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
};
templates = {
attic-postgresql-env.content = ''
POSTGRES_PASSWORD=${hmConfig.sops.placeholder."attic/postgresql"}
'';
attic-env.content = ''
ATTIC_TOKEN=${hmConfig.sops.placeholder."attic/admin"}
'';
attic.content = builtins.readFile (
(pkgs.formats.toml { }).generate "server.toml" {
listen = "[::]:8080";
allowed-hosts = [ "nix.karaolidis.com" ];
api-endpoint = "https://nix.karaolidis.com/";
database.url = "postgres://attic:${
hmConfig.sops.placeholder."attic/postgresql"
}@attic-postgresql:5432/attic";
storage = {
type = "local";
path = "/var/lib/attic";
};
chunking = {
nar-size-threshold = 65536;
min-size = 16384;
avg-size = 65536;
max-size = 262144;
};
compression = {
type = "zstd";
level = 8;
};
garbage-collection = {
interval = "12 hours";
default-retention-period = "1 month";
};
jwt.signing.token-rs256-secret-base64 = hmConfig.sops.placeholder."attic/rs256";
}
);
};
};
systemd.user.tmpfiles.rules = [
"d /mnt/storage/private/storm/containers/storage/volumes/attic/_data 700 storm storm"
];
virtualisation.quadlet = {
networks.attic = { };
volumes.attic-postgresql = { };
containers = {
attic = {
containerConfig = {
image = "docker-archive:${pkgs.dockerImages.attic}";
networks = [
networks.attic.ref
networks.traefik.ref
];
volumes = [
"/mnt/storage/private/storm/containers/storage/volumes/attic/_data:/var/lib/attic"
"${hmConfig.sops.templates.attic.path}:/etc/attic/server.toml"
];
environmentFiles = [ hmConfig.sops.templates.attic-env.path ];
exec = [
"--config"
"/etc/attic/server.toml"
];
labels = [
"traefik.enable=true"
"traefik.http.routers.attic.rule=Host(`nix.karaolidis.com`)"
];
};
unitConfig = {
After = [
"${containers.attic-postgresql._serviceName}.service"
"sops-nix.service"
];
Requires = [ "${containers.attic-postgresql._serviceName}.service" ];
};
};
attic-postgresql = {
containerConfig = {
image = "docker-archive:${pkgs.dockerImages.postgresql}";
networks = [ networks.attic.ref ];
volumes = [ "${volumes.attic-postgresql.ref}:/var/lib/postgresql/data" ];
environments = {
POSTGRES_DB = "attic";
POSTGRES_USER = "attic";
};
environmentFiles = [ hmConfig.sops.templates.attic-postgresql-env.path ];
};
unitConfig.After = [ "sops-nix.service" ];
};
};
};
};
}

22
hosts/jupiter/users/storm/configs/console/podman/attic/post-start.sh Normal file
View File

@@ -0,0 +1,22 @@
# shellcheck shell=sh
attic login main https://nix.karaolidis.com/ "$ATTIC_TOKEN"
CACHE_NAME="main"
while true; do
out=$(attic cache info "$CACHE_NAME" 2>&1)
status=$?
if [ $status -eq 0 ]; then
break
elif echo "$out" | grep -q "NoSuchCache"; then
attic cache create "$CACHE_NAME"
elif echo "$out" | grep -q "404"; then
sleep 0.1
else
echo "Unexpected error:"
echo "$out"
break
fi
done

1
hosts/jupiter/users/storm/configs/console/podman/default.nix
View File

@@ -10,6 +10,7 @@ let
in
{
imports = [
(import ./attic { inherit user home; })
(import ./authelia { inherit user home; })
(import ./gitea { inherit user home; })
(import ./grafana { inherit user home; })

18
hosts/jupiter/users/storm/configs/console/podman/sish/default.nix
View File

@@ -11,7 +11,15 @@ let
inherit (hmConfig.virtualisation.quadlet) networks;
in
{
networking.firewall.allowedTCPPorts = [ 2222 ];
networking.firewall = {
allowedTCPPorts = [ 2222 ];
allowedTCPPortRanges = [
{
from = 61000;
to = 61999;
}
];
};
home-manager.users.${user} = {
sops.secrets."sish/ssh/key".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
@@ -32,7 +40,6 @@ in
name = "authorized_keys";
text = lib.strings.concatStringsSep "\n" [
(builtins.readFile "${inputs.secrets}/domains/personal/id_ed25519.pub")
(builtins.readFile "${inputs.secrets}/domains/sas/id_globalprotect_ed25519.pub")
];
};
in
@@ -45,7 +52,10 @@ in
"traefik.http.routers.sish.rule=HostRegexp(`^(.+\.)?tunnel\.karaolidis\.com$`)"
"traefik.http.services.sish.loadbalancer.server.port=80"
];
publishPorts = [ "2222:2222/tcp" ];
publishPorts = [
"2222:2222/tcp"
"61000-61999:61000-61999/tcp"
];
exec = [
"--ssh-address=0.0.0.0:2222"
"--http-address=0.0.0.0:80"
@@ -56,9 +66,11 @@ in
"--bind-random-ports=false"
"--bind-random-aliases=false"
"--bind-random-subdomains=false"
"--port-bind-range=61000-61999"
"--welcome-message=\"\""
"--domain=tunnel.karaolidis.com"
"--proxy-ssl-termination=true"
"--idle-connection=false"
];
};

3
hosts/jupiter/users/storm/default.nix
View File

@@ -14,15 +14,16 @@ in
imports = [
(import ../../../common/configs/user { inherit user home; })
(import ../../../common/configs/user/console/attic { inherit user home; })
(import ../../../common/configs/user/console/brightnessctl { inherit user home; })
(import ../../../common/configs/user/console/btop { inherit user home; })
(import ../../../common/configs/user/console/home-manager { inherit user home; })
(import ../../../common/configs/user/console/neovim { inherit user home; })
(import ../../../common/configs/user/console/podman { inherit user home; })
(import ../../../common/configs/user/console/sops { inherit user home; })
(import ../../../common/configs/user/console/tmux { inherit user home; })
(import ../../../common/configs/user/console/tree { inherit user home; })
(import ../../../common/configs/user/console/yazi { inherit user home; })
(import ../../../common/configs/user/console/zellij { inherit user home; })
(import ../../../common/configs/user/console/zoxide { inherit user home; })
(import ../../../common/configs/user/console/zsh { inherit user home; })

5
overlays/attic-client/default.nix Normal file
View File

@@ -0,0 +1,5 @@
final: prev:
# FIXME: https://github.com/zhaofengli/attic/pull/280
prev.attic-client.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./stdout-logging.patch ];
})

321
overlays/attic-client/stdout-logging.patch Normal file
View File

@@ -0,0 +1,321 @@
diff --git a/client/src/command/cache.rs b/client/src/command/cache.rs
index af01378..0602b3b 100644
--- a/client/src/command/cache.rs
+++ b/client/src/command/cache.rs
@@ -189,7 +189,7 @@ async fn create_cache(sub: Create) -> Result<()> {
};
api.create_cache(cache, request).await?;
- eprintln!(
+ println!(
"✨ Created cache \"{}\" on \"{}\"",
cache.as_str(),
server_name.as_str()
@@ -239,7 +239,7 @@ async fn configure_cache(sub: Configure) -> Result<()> {
let api = ApiClient::from_server_config(server.clone())?;
api.configure_cache(cache, &patch).await?;
- eprintln!(
+ println!(
"✅ Configured \"{}\" on \"{}\"",
cache.as_str(),
server_name.as_str()
@@ -254,12 +254,12 @@ async fn destroy_cache(sub: Destroy) -> Result<()> {
let (server_name, server, cache) = config.resolve_cache(&sub.cache)?;
if !sub.no_confirm {
- eprintln!("When you destory a cache:");
- eprintln!();
- eprintln!("1. Everyone will lose access.");
- eprintln!("2. The underlying data won't be deleted immediately.");
- eprintln!("3. You may not be able to create a cache of the same name.");
- eprintln!();
+ println!("When you destory a cache:");
+ println!();
+ println!("1. Everyone will lose access.");
+ println!("2. The underlying data won't be deleted immediately.");
+ println!("3. You may not be able to create a cache of the same name.");
+ println!();
let answer: String = Input::new()
.with_prompt(format!(
@@ -278,7 +278,7 @@ async fn destroy_cache(sub: Destroy) -> Result<()> {
let api = ApiClient::from_server_config(server.clone())?;
api.destroy_cache(cache).await?;
- eprintln!("🗑️ The cache was destroyed.");
+ println!("🗑️ The cache was destroyed.");
Ok(())
}
@@ -291,40 +291,40 @@ async fn show_cache_config(sub: Info) -> Result<()> {
let cache_config = api.get_cache_config(cache).await?;
if let Some(is_public) = cache_config.is_public {
- eprintln!(" Public: {}", is_public);
+ println!(" Public: {}", is_public);
}
if let Some(public_key) = cache_config.public_key {
- eprintln!(" Public Key: {}", public_key);
+ println!(" Public Key: {}", public_key);
}
if let Some(substituter_endpoint) = cache_config.substituter_endpoint {
- eprintln!("Binary Cache Endpoint: {}", substituter_endpoint);
+ println!("Binary Cache Endpoint: {}", substituter_endpoint);
}
if let Some(api_endpoint) = cache_config.api_endpoint {
- eprintln!(" API Endpoint: {}", api_endpoint);
+ println!(" API Endpoint: {}", api_endpoint);
}
if let Some(store_dir) = cache_config.store_dir {
- eprintln!(" Store Directory: {}", store_dir);
+ println!(" Store Directory: {}", store_dir);
}
if let Some(priority) = cache_config.priority {
- eprintln!(" Priority: {}", priority);
+ println!(" Priority: {}", priority);
}
if let Some(upstream_cache_key_names) = cache_config.upstream_cache_key_names {
- eprintln!(" Upstream Cache Keys: {:?}", upstream_cache_key_names);
+ println!(" Upstream Cache Keys: {:?}", upstream_cache_key_names);
}
if let Some(retention_period) = cache_config.retention_period {
match retention_period {
RetentionPeriodConfig::Period(period) => {
- eprintln!(" Retention Period: {:?}", period);
+ println!(" Retention Period: {:?}", period);
}
RetentionPeriodConfig::Global => {
- eprintln!(" Retention Period: Global Default");
+ println!(" Retention Period: Global Default");
}
}
}
diff --git a/client/src/command/login.rs b/client/src/command/login.rs
index 9abcea7..6cadd59 100644
--- a/client/src/command/login.rs
+++ b/client/src/command/login.rs
@@ -28,7 +28,7 @@ pub async fn run(opts: Opts) -> Result<()> {
let mut config_m = config.as_mut();
if let Some(server) = config_m.servers.get_mut(&sub.name) {
- eprintln!("✍️ Overwriting server \"{}\"", sub.name.as_str());
+ println!("✍️ Overwriting server \"{}\"", sub.name.as_str());
server.endpoint = sub.endpoint.to_owned();
@@ -38,7 +38,7 @@ pub async fn run(opts: Opts) -> Result<()> {
});
}
} else {
- eprintln!("✍️ Configuring server \"{}\"", sub.name.as_str());
+ println!("✍️ Configuring server \"{}\"", sub.name.as_str());
config_m.servers.insert(
sub.name.to_owned(),
diff --git a/client/src/command/push.rs b/client/src/command/push.rs
index b2bb661..5d39549 100644
--- a/client/src/command/push.rs
+++ b/client/src/command/push.rs
@@ -91,7 +91,7 @@ impl PushContext {
return Ok(());
} else {
- eprintln!("⚙️ Pushing {num_missing_paths} paths to \"{cache}\" on \"{server}\" ({num_already_cached} already cached, {num_upstream} in upstream)...",
+ println!("⚙️ Pushing {num_missing_paths} paths to \"{cache}\" on \"{server}\" ({num_already_cached} already cached, {num_upstream} in upstream)...",
cache = self.cache_name.as_str(),
server = self.server_name.as_str(),
num_missing_paths = plan.store_path_map.len(),
diff --git a/client/src/command/use.rs b/client/src/command/use.rs
index 37d8cd6..d87f65e 100644
--- a/client/src/command/use.rs
+++ b/client/src/command/use.rs
@@ -34,15 +34,15 @@ pub async fn run(opts: Opts) -> Result<()> {
let public_key = cache_config.public_key
.ok_or_else(|| anyhow!("The server did not tell us which public key it uses. Is signing managed by the client?"))?;
- eprintln!(
+ println!(
"Configuring Nix to use \"{cache}\" on \"{server_name}\":",
cache = cache.as_str(),
server_name = server_name.as_str(),
);
// Modify nix.conf
- eprintln!("+ Substituter: {}", substituter);
- eprintln!("+ Trusted Public Key: {}", public_key);
+ println!("+ Substituter: {}", substituter);
+ println!("+ Trusted Public Key: {}", public_key);
let mut nix_config = NixConfig::load().await?;
nix_config.add_substituter(&substituter);
@@ -50,7 +50,7 @@ pub async fn run(opts: Opts) -> Result<()> {
// Modify netrc
if let Some(token) = server.token()? {
- eprintln!("+ Access Token");
+ println!("+ Access Token");
let mut nix_netrc = NixNetrc::load().await?;
let host = Url::parse(&substituter)?
diff --git a/client/src/command/watch_store.rs b/client/src/command/watch_store.rs
index 24eaf7a..aec0c33 100644
--- a/client/src/command/watch_store.rs
+++ b/client/src/command/watch_store.rs
@@ -91,7 +91,7 @@ pub async fn run(opts: Opts) -> Result<()> {
watcher.watch(&store_dir, RecursiveMode::NonRecursive)?;
- eprintln!(
+ println!(
"👀 Pushing new store paths to \"{cache}\" on \"{server}\"",
cache = cache.as_str(),
server = server_name.as_str(),
diff --git a/client/src/push.rs b/client/src/push.rs
index 309bd4b..2fea414 100644
--- a/client/src/push.rs
+++ b/client/src/push.rs
@@ -595,7 +595,7 @@ pub async fn upload_path(
};
mp.suspend(|| {
- eprintln!(
+ println!(
"✅ {} ({})",
path.as_os_str().to_string_lossy(),
info_string
diff --git a/server/src/database/migration/m20230112_000004_migrate_nar_remote_files_to_chunks.rs b/server/src/database/migration/m20230112_000004_migrate_nar_remote_files_to_chunks.rs
index 42d70a6..6bbe585 100644
--- a/server/src/database/migration/m20230112_000004_migrate_nar_remote_files_to_chunks.rs
+++ b/server/src/database/migration/m20230112_000004_migrate_nar_remote_files_to_chunks.rs
@@ -24,7 +24,7 @@ impl MigrationTrait for Migration {
// When this migration is run, we assume that there are no
// preexisting chunks.
- eprintln!("* Migrating NARs to chunks...");
+ println!("* Migrating NARs to chunks...");
// Add a temporary column into `chunk` to store the related `nar_id`.
manager
diff --git a/server/src/database/migration/m20230112_000005_drop_old_nar_columns.rs b/server/src/database/migration/m20230112_000005_drop_old_nar_columns.rs
index 9d29b66..7436b4a 100644
--- a/server/src/database/migration/m20230112_000005_drop_old_nar_columns.rs
+++ b/server/src/database/migration/m20230112_000005_drop_old_nar_columns.rs
@@ -16,7 +16,7 @@ impl MigrationName for Migration {
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
- eprintln!("* Migrating NAR schema...");
+ println!("* Migrating NAR schema...");
if manager.get_database_backend() == DatabaseBackend::Sqlite {
// Just copy all data to a new table
diff --git a/server/src/lib.rs b/server/src/lib.rs
index 0314e69..89644e1 100644
--- a/server/src/lib.rs
+++ b/server/src/lib.rs
@@ -217,7 +217,7 @@ async fn fallback(_: Uri) -> ServerResult<()> {
/// Runs the API server.
pub async fn run_api_server(cli_listen: Option<SocketAddr>, config: Config) -> Result<()> {
- eprintln!("Starting API server...");
+ println!("Starting API server...");
let state = StateInner::new(config).await;
@@ -239,7 +239,7 @@ pub async fn run_api_server(cli_listen: Option<SocketAddr>, config: Config) -> R
.layer(TraceLayer::new_for_http())
.layer(CatchPanicLayer::new());
- eprintln!("Listening on {:?}...", listen);
+ println!("Listening on {:?}...", listen);
let listener = TcpListener::bind(&listen).await?;
@@ -256,7 +256,7 @@ pub async fn run_api_server(cli_listen: Option<SocketAddr>, config: Config) -> R
/// Runs database migrations.
pub async fn run_migrations(config: Config) -> Result<()> {
- eprintln!("Running migrations...");
+ println!("Running migrations...");
let state = StateInner::new(config).await;
let db = state.database().await?;
diff --git a/server/src/main.rs b/server/src/main.rs
index c5f08df..3a37c23 100644
--- a/server/src/main.rs
+++ b/server/src/main.rs
@@ -121,14 +121,14 @@ fn init_logging(tokio_console: bool) {
.init();
if tokio_console {
- eprintln!("Note: tokio-console is enabled");
+ println!("Note: tokio-console is enabled");
}
}
fn dump_version() {
#[cfg(debug_assertions)]
- eprintln!("Attic Server {} (debug)", env!("CARGO_PKG_VERSION"));
+ println!("Attic Server {} (debug)", env!("CARGO_PKG_VERSION"));
#[cfg(not(debug_assertions))]
- eprintln!("Attic Server {} (release)", env!("CARGO_PKG_VERSION"));
+ println!("Attic Server {} (release)", env!("CARGO_PKG_VERSION"));
}
diff --git a/server/src/oobe.rs b/server/src/oobe.rs
index d3d912d..98ef88c 100644
--- a/server/src/oobe.rs
+++ b/server/src/oobe.rs
@@ -77,25 +77,25 @@ pub async fn run_oobe() -> Result<()> {
token.encode(&SignatureType::RS256(key), &None, &None)?
};
- eprintln!();
- eprintln!("-----------------");
- eprintln!("Welcome to Attic!");
- eprintln!();
- eprintln!("A simple setup using SQLite and local storage has been configured for you in:");
- eprintln!();
- eprintln!(" {}", config_path.to_str().unwrap());
- eprintln!();
- eprintln!("Run the following command to log into this server:");
- eprintln!();
- eprintln!(" attic login local http://localhost:8080 {root_token}");
- eprintln!();
- eprintln!("Documentations and guides:");
- eprintln!();
- eprintln!(" https://docs.attic.rs");
- eprintln!();
- eprintln!("Enjoy!");
- eprintln!("-----------------");
- eprintln!();
+ println!();
+ println!("-----------------");
+ println!("Welcome to Attic!");
+ println!();
+ println!("A simple setup using SQLite and local storage has been configured for you in:");
+ println!();
+ println!(" {}", config_path.to_str().unwrap());
+ println!();
+ println!("Run the following command to log into this server:");
+ println!();
+ println!(" attic login local http://localhost:8080 {root_token}");
+ println!();
+ println!("Documentations and guides:");
+ println!();
+ println!(" https://docs.attic.rs");
+ println!();
+ println!("Enjoy!");
+ println!("-----------------");
+ println!();
Ok(())
}

5
overlays/default.nix
View File

@@ -1,17 +1,19 @@
final: prev:
{
android-tools = import ./android-tools final prev;
attic-client = import ./attic-client final prev;
darktable = import ./darktable final prev;
hyprland = import ./hyprland final prev;
mpv = import ./mpv final prev;
ncspot = import ./ncspot final prev;
spicetify-cli = import ./spicetify-cli final prev;
tea = import ./tea final prev;
telepresence = import ./telepresence final prev;
}
// (import ../packages { pkgs = final; })
// {
dockerImages = prev.dockerImages or { } // {
adguardhome = final.docker-image-adguardhome;
attic = final.docker-image-attic;
authelia = final.docker-image-authelia;
base = final.docker-image-base;
comentario = final.docker-image-comentario;
@@ -82,6 +84,7 @@ final: prev:
};
sshKnownHosts = prev.sshKnownHosts or { } // {
gitea = final.ssh-known-hosts-gitea;
github = final.ssh-known-hosts-github;
gitlab = final.ssh-known-hosts-gitlab;
};

15
overlays/ncspot/default.nix
View File

@@ -1,15 +0,0 @@
final: prev:
# FIXME: https://github.com/hrkfdn/ncspot/issues/1681#issuecomment-3186274719
prev.ncspot.overrideAttrs (oldAttrs: rec {
src = prev.fetchFromGitHub {
owner = "hrkfdn";
repo = "ncspot";
rev = "aac67d631f25bbc79f509d34aa85e6daff954830";
hash = "sha256-B6BA1ksfDEySZH6gzkU5khOzwXAmeHbMHsx3sXd9lbs=";
};
cargoDeps = prev.rustPlatform.fetchCargoVendor {
inherit src;
hash = "sha256-HrQJiIzSvu/vR03UdnCcU6TGToBDKKDC6XscjvX3KPE=";
};
})

10
overlays/tea/default.nix Normal file
View File

@@ -0,0 +1,10 @@
final: prev:
prev.tea.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [
(builtins.fetchurl {
url = "https://gitea.com/gitea/tea/pulls/639.patch";
sha256 = "sha256:0c5gpi6aajd3h0wp7lrvj5qk9wsqhgbap7ijvl0x117v0g8mgzvs";
})
./instance-ssh-host-env.patch
];
})

174
overlays/tea/instance-ssh-host-env.patch Normal file
View File

@@ -0,0 +1,174 @@
diff --git a/modules/config/login.go b/modules/config/login.go
index 3b77fb9..94de9cd 100644
--- a/modules/config/login.go
+++ b/modules/config/login.go
@@ -13,6 +13,7 @@ import (
"net/http/cookiejar"
"net/url"
"os"
+ "strconv"
"strings"
"time"
@@ -200,6 +201,63 @@ func UpdateLogin(login *Login) error {
return saveConfig()
}
+// CreateLoginFromEnvVars returns a login based on environment variables, or nil if no login can be created
+func CreateLoginFromEnvVars() (*Login, error) {
+ var token string
+
+ giteaToken := os.Getenv("GITEA_TOKEN")
+ githubToken := os.Getenv("GH_TOKEN")
+ giteaInstanceURL := os.Getenv("GITEA_INSTANCE_URL")
+ instanceInsecure := os.Getenv("GITEA_INSTANCE_INSECURE")
+ giteaInstanceSSHHost := os.Getenv("GITEA_INSTANCE_SSH_HOST")
+ insecure := false
+ if len(instanceInsecure) > 0 {
+ insecure, _ = strconv.ParseBool(instanceInsecure)
+ }
+
+ // if no tokens are set, or no instance url for gitea fail fast
+ if len(giteaInstanceURL) == 0 || (len(giteaToken) == 0 && len(githubToken) == 0) {
+ return nil, nil
+ }
+
+ token = giteaToken
+ if len(giteaToken) == 0 {
+ token = githubToken
+ }
+
+ login := &Login{
+ Name: "GITEA_LOGIN_VIA_ENV",
+ URL: giteaInstanceURL,
+ Token: token,
+ SSHHost: giteaInstanceSSHHost,
+ Insecure: insecure,
+ SSHKey: "",
+ SSHCertPrincipal: "",
+ SSHKeyFingerprint: "",
+ SSHAgent: false,
+ VersionCheck: true,
+ Created: time.Now().Unix(),
+ }
+
+ client := login.Client()
+ u, _, err := client.GetMyUserInfo()
+ if err != nil {
+ return nil, fmt.Errorf("failed to validate token: %s", err)
+ }
+
+ login.User = u.UserName
+
+ if login.SSHHost == "" {
+ parsedURL, err := url.Parse(giteaInstanceURL)
+ if err != nil {
+ return nil, err
+ }
+ login.SSHHost = parsedURL.Host
+ }
+
+ return login, nil
+}
+
// Client returns a client to operate Gitea API. You may provide additional modifiers
// for the client like gitea.SetBasicAuth() for customization
func (l *Login) Client(options ...gitea.ClientOption) *gitea.Client {
diff --git a/modules/context/context.go b/modules/context/context.go
index aec5592..636eeec 100644
--- a/modules/context/context.go
+++ b/modules/context/context.go
@@ -9,9 +9,7 @@ import (
"log"
"os"
"path"
- "strconv"
"strings"
- "time"
"code.gitea.io/tea/modules/config"
"code.gitea.io/tea/modules/git"
@@ -108,16 +106,6 @@ func InitCommand(cmd *cli.Command) *TeaContext {
c.RepoSlug = repoFlag
}
- // override config user with env variable
- envLogin := GetLoginByEnvVar()
- if envLogin != nil {
- _, err := utils.ValidateAuthenticationMethod(envLogin.URL, envLogin.Token, "", "", false, "", "")
- if err != nil {
- log.Fatal(err.Error())
- }
- c.Login = envLogin
- }
-
// override login from flag, or use default login if repo based detection failed
if len(loginFlag) != 0 {
c.Login = config.GetLoginByName(loginFlag)
@@ -196,10 +184,25 @@ func contextFromLocalRepo(repoPath, remoteValue string) (*git.TeaRepo, *config.L
return repo, nil, "", fmt.Errorf("Remote '%s' not found in this Git repository", remoteValue)
}
+ envLogin, err := config.CreateLoginFromEnvVars()
+ if err != nil {
+ log.Fatal(err.Error())
+ }
+
logins, err := config.GetLogins()
if err != nil {
return repo, nil, "", err
}
+
+ if envLogin != nil {
+ _, err := utils.ValidateAuthenticationMethod(envLogin.URL, envLogin.Token, "", "", false, "", "")
+ if err != nil {
+ log.Fatal(err.Error())
+ }
+
+ logins = append([]config.Login{*envLogin}, logins...)
+ }
+
for _, l := range logins {
sshHost := l.GetSSHHost()
for _, u := range remoteConfig.URLs {
@@ -223,40 +226,3 @@ func contextFromLocalRepo(repoPath, remoteValue string) (*git.TeaRepo, *config.L
return repo, nil, "", errNotAGiteaRepo
}
-
-// GetLoginByEnvVar returns a login based on environment variables, or nil if no login can be created
-func GetLoginByEnvVar() *config.Login {
- var token string
-
- giteaToken := os.Getenv("GITEA_TOKEN")
- githubToken := os.Getenv("GH_TOKEN")
- giteaInstanceURL := os.Getenv("GITEA_INSTANCE_URL")
- instanceInsecure := os.Getenv("GITEA_INSTANCE_INSECURE")
- insecure := false
- if len(instanceInsecure) > 0 {
- insecure, _ = strconv.ParseBool(instanceInsecure)
- }
-
- // if no tokens are set, or no instance url for gitea fail fast
- if len(giteaInstanceURL) == 0 || (len(giteaToken) == 0 && len(githubToken) == 0) {
- return nil
- }
-
- token = giteaToken
- if len(giteaToken) == 0 {
- token = githubToken
- }
-
- return &config.Login{
- Name: "GITEA_LOGIN_VIA_ENV",
- URL: giteaInstanceURL,
- Token: token,
- Insecure: insecure,
- SSHKey: "",
- SSHCertPrincipal: "",
- SSHKeyFingerprint: "",
- SSHAgent: false,
- Created: time.Now().Unix(),
- VersionCheck: false,
- }
-}

8
packages/comentario/default.nix
View File

@@ -2,14 +2,14 @@
# AUTO-UPDATE: nix-update --flake comentario --version=branch=dev --subpackage frontend
pkgs.buildGoModule (finalAttrs: {
pname = "comentario";
version = "3.14.0-unstable-2025-08-08";
version = "3.14.0-unstable-2025-08-29";
src = pkgs.fetchFromGitLab {
owner = "comentario";
repo = "comentario";
# FIXME: Stable rev once type error is fixed
rev = "7380d55820827db82f9d191ad82cd35cdbf08cfa";
hash = "sha256-uWpHrI4K/VfekW4PDaJXyqjyCGXbYnsGwV0OCSsfw3s=";
rev = "90773f976366318389f9d5aa457e6303e6159740";
hash = "sha256-f0Y+OdbsG8eA2kD17b4QWaL0hAuoF476XtYm/aFOmLY=";
};
patches = [
@@ -37,7 +37,7 @@ pkgs.buildGoModule (finalAttrs: {
missingHashes = ./missing-hashes.json;
offlineCache = pkgs.yarn-berry.fetchYarnBerryDeps {
inherit (finalFrontendAttrs) src patches missingHashes;
hash = "sha256-HGxWvdFDTCPoDD6ry30gfprvpDAMoQJ0RHMkCzOcVRs=";
hash = "sha256-bn/PNgk7ZjCzGSj7BQQCB+5RY+ivJGYZa2/GC4eRjPY=";
};
nativeBuildInputs = with pkgs; [

6
packages/darktable/lua-scripts/default.nix
View File

@@ -2,13 +2,13 @@
# AUTO-UPDATE: nix-update --flake --version=branch=master darktable-lua-scripts
pkgs.stdenv.mkDerivation {
pname = "lua-scripts";
version = "release-2.0.0-unstable-2025-07-05";
version = "release-2.0.0-unstable-2025-08-18";
src = pkgs.fetchFromGitHub {
owner = "darktable-org";
repo = "lua-scripts";
rev = "aed3275943f218e559c58b98579ceafb02e220da";
hash = "sha256-vRE0kxqbjdjwU+S0Eu44ctYulYPgD0XsrTsz1ESq6t0=";
rev = "c95547caa72f7b136b5192dd19a535da3fbe4e9b";
hash = "sha256-Qt3DkmNH/ZWY3uI8UvhSM4dDt7KDQlJqOnPmsySGGwU=";
};
installPhase = ''

4
packages/default.nix
View File

@@ -6,6 +6,7 @@
darktable-lua-scripts = import ./darktable/lua-scripts { inherit pkgs; };
docker-image-adguardhome = import ./docker/adguardhome { inherit pkgs; };
docker-image-attic = import ./docker/attic { inherit pkgs; };
docker-image-authelia = import ./docker/authelia { inherit pkgs; };
docker-image-base = import ./docker/base { inherit pkgs; };
docker-image-comentario = import ./docker/comentario { inherit pkgs; };
@@ -86,8 +87,11 @@
shlink = import ./shlink { inherit pkgs; };
shlink-web-client = import ./shlink-web-client { inherit pkgs; };
ssh-known-hosts-gitea = import ./ssh/known-hosts/gitea { inherit pkgs; };
ssh-known-hosts-github = import ./ssh/known-hosts/github { inherit pkgs; };
ssh-known-hosts-gitlab = import ./ssh/known-hosts/gitlab { inherit pkgs; };
wsl-wl-clipboard = import ./wsl-wl-clipboard { inherit pkgs; };
yazi-plugin-custom-shell = import ./yazi/plugins/custom-shell { inherit pkgs; };
}

34
packages/docker/attic/default.nix Normal file
View File

@@ -0,0 +1,34 @@
{ pkgs, ... }:
let
entrypoint = pkgs.writeTextFile {
name = "entrypoint";
executable = true;
destination = "/bin/entrypoint";
text = builtins.readFile ./entrypoint.sh;
};
in
pkgs.dockerTools.buildImage {
name = "attic";
fromImage = pkgs.docker-image-base;
copyToRoot = pkgs.buildEnv {
name = "root";
paths = with pkgs; [
entrypoint
attic-server
attic-client
];
pathsToLink = [ "/bin" ];
};
config = {
Entrypoint = [ "entrypoint" ];
ExposedPorts = {
"8080/tcp" = { };
};
WorkingDir = "/var/lib/atticd";
Volumes = {
"/var/lib/atticd" = { };
};
};
}

16
packages/docker/attic/entrypoint.sh Normal file
View File

@@ -0,0 +1,16 @@
#!/usr/bin/env sh
set -o errexit
set -o nounset
atticd "$@" &
PID=$!
if [ -f /etc/attic/post-start.sh ]; then
# shellcheck disable=SC1091
. /etc/attic/post-start.sh
fi
trap 'kill -KILL "$PID"' INT TERM
wait "$PID"
exit $?

8
packages/littlelink-server/default.nix
View File

@@ -2,18 +2,18 @@
# AUTO-UPDATE: nix-update --flake --version=branch=master littlelink-server
pkgs.stdenv.mkDerivation (finalAttrs: {
pname = "littlelink-server";
version = "0-unstable-2025-07-30";
version = "0-unstable-2025-08-25";
src = pkgs.fetchFromGitHub {
owner = "techno-tim";
repo = "littlelink-server";
rev = "bc1b832bfa02bd901d3592820bb9f2eaa6b65b30";
hash = "sha256-5IDwp/mv0mRsLPxbzZfYxV3hE0U2iJEJitj5OlEhVvs=";
rev = "9c65c4f389a92b2bf2ca85e545960ef3be4e72e9";
hash = "sha256-nd3dMWuYz2Af5XokTgMJdF0U2L98EW6CVuDGSXSOlls=";
};
offlineCache = pkgs.fetchYarnDeps {
yarnLock = finalAttrs.src + "/yarn.lock";
hash = "sha256-HbidudAixPNkW3/TAjcDnVZoMyrHein4+sV0QGaZWIo=";
hash = "sha256-Ikd2PUBIPTTv7e08HbANk4chwMtObyZtnd6pyiWKqps=";
};
nativeBuildInputs = with pkgs; [

2
packages/obsidian/plugins/dataview/default.nix
View File

@@ -12,8 +12,8 @@ pkgs.buildNpmPackage (finalAttrs: {
};
patches = [ ./package-lock.patch ];
makeCacheWritable = true;
makeCacheWritable = true;
npmDepsHash = "sha256-9RZCDzY9ETs7DPQfBxig92rhA2iCOOKVqwbUJeTGqrY=";
npmPackFlags = [ "--ignore-scripts" ];

6
packages/obsidian/plugins/excalidraw/default.nix
View File

@@ -2,13 +2,13 @@
# AUTO-UPDATE: nix-update --flake obsidian-plugin-excalidraw --subpackage mathjaxToSVG
pkgs.buildNpmPackage (finalAttrs: {
pname = "obsidian.plugins.excalidraw";
version = "2.14.3";
version = "2.15.1";
pkg = pkgs.fetchFromGitHub {
owner = "zsviczian";
repo = "obsidian-excalidraw-plugin";
rev = finalAttrs.version;
hash = "sha256-cZAxCJFlw+ShO5YQDkzw58Y4W+cqRb9oyjp/xHRX6cE=";
hash = "sha256-EsyR5PTZkR+/+5F9mteZ06smbX0mhxtbagO6ZDloHgs=";
};
mathjaxToSVG = pkgs.buildNpmPackage {
@@ -32,7 +32,7 @@ pkgs.buildNpmPackage (finalAttrs: {
patches = [ ./package-lock.patch ];
npmDepsHash = "sha256-OKIK8zyadoAmX5BciqJzhHM8cl0vRnCywlMrNhcUWHI=";
npmDepsHash = "sha256-QuhHPLjPpZNKZH7qhOr77CCZS9+ls35+ka4WYOEt4zI=";
npmPackFlags = [ "--ignore-scripts" ];
configurePhase = ''

18
packages/obsidian/plugins/excalidraw/package-lock.patch
View File

@@ -1,13 +1,13 @@
diff --git a/package-lock.json b/package-lock.json
index 033dbdd..fcb5477 100644
index 21d66bd..fc0b033 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -11,7 +11,7 @@
"dependencies": {
"@popperjs/core": "^2.11.8",
"@zsviczian/colormaster": "^1.2.2",
- "@zsviczian/excalidraw": "0.18.0-27",
+ "@zsviczian/excalidraw": "0.18.0-30",
- "@zsviczian/excalidraw": "0.18.0-31",
+ "@zsviczian/excalidraw": "0.18.0-37",
"chroma-js": "^3.1.2",
"clsx": "^2.0.0",
"es6-promise-pool": "2.5.0",
@@ -15,12 +15,12 @@ index 033dbdd..fcb5477 100644
"license": "MIT"
},
"node_modules/@zsviczian/excalidraw": {
- "version": "0.18.0-27",
- "resolved": "https://registry.npmjs.org/@zsviczian/excalidraw/-/excalidraw-0.18.0-27.tgz",
- "integrity": "sha512-cigzCO65+EB+Y4G9LYEK/kVf2R3nNqNjEhGWqi5tZ0AcHEKPsMHAn6CtU36V6crRdojZLtyg5RASIdkxy4zZCA==",
+ "version": "0.18.0-30",
+ "resolved": "https://registry.npmjs.org/@zsviczian/excalidraw/-/excalidraw-0.18.0-30.tgz",
+ "integrity": "sha512-jeiejbAqCPq1kg76kxNV2+PpBf8yDCdcgPqZ6O4TOX+2IKpw0/K9Y16VPjGDO7SWGRBCi82WM98Vf09tdl5KaQ==",
- "version": "0.18.0-31",
- "resolved": "https://registry.npmjs.org/@zsviczian/excalidraw/-/excalidraw-0.18.0-31.tgz",
- "integrity": "sha512-A1wyp8EVOhCdoxdX7middc8LoLpjPLtxiSTeBbdMtungl8VQzAcQ2tSGCkncK/8RBcBaUk44Hr6KcWjezHnQew==",
+ "version": "0.18.0-37",
+ "resolved": "https://registry.npmjs.org/@zsviczian/excalidraw/-/excalidraw-0.18.0-37.tgz",
+ "integrity": "sha512-SC4a6wj6IzE9HucxImDoOPcojojW/8FSry1hSA+hXfU350DhY6VlpFQ1DHJMPqVgIkFHB/hbCHt3klV+66+ouw==",
+ "license": "MIT",
"dependencies": {
"@braintree/sanitize-url": "6.0.2",

6
packages/obsidian/plugins/tasks/default.nix
View File

@@ -2,18 +2,18 @@
# AUTO-UPDATE: nix-update --flake obsidian-plugin-tasks
pkgs.stdenv.mkDerivation (finalAttrs: {
pname = "tasks";
version = "7.20.0";
version = "7.21.0";
src = pkgs.fetchFromGitHub {
owner = "obsidian-tasks-group";
repo = "obsidian-tasks";
rev = finalAttrs.version;
hash = "sha256-K9/H2BgruB1O9KwW+xoiCsuXFfu6o4xZDCI40OEmh+o=";
hash = "sha256-/7vTXAsMHWOopscdKldbXpvQvEl4qcnV3HpYClZWUsg=";
};
offlineCache = pkgs.fetchYarnDeps {
yarnLock = finalAttrs.src + "/yarn.lock";
hash = "sha256-ecPZvpMQkL2o0X4qx6h1jwQVZrtTC3+Aj7n/SBLRQbo=";
hash = "sha256-PXMN/05G1FIiR93seJSBilZDzXMv3o3cXDaEOUC71s0=";
};
nativeBuildInputs = with pkgs; [

6
packages/obsidian/plugins/url-into-selection/default.nix
View File

@@ -2,16 +2,16 @@
# AUTO-UPDATE: nix-update --flake obsidian-plugin-url-into-selection
pkgs.buildNpmPackage (finalAttrs: {
pname = "url-into-selection";
version = "1.11.3";
version = "1.11.4";
src = pkgs.fetchFromGitHub {
owner = "denolehov";
repo = "obsidian-url-into-selection";
rev = finalAttrs.version;
hash = "sha256-B793Lpt/3ddj9xvpNSsiHjsa1yP7ZXhQFLBUPfCriAw=";
hash = "sha256-8yzx1ryMf7gRGbdD7zL3I1Q+W1RwcubTo42o6O3zCDY=";
};
npmDepsHash = "sha256-DKjYtQ6KycPEms5BdyOXw6iNb9MgNOyJg8haL+cZHMk=";
npmDepsHash = "sha256-/EVidF6Wn/AFFgqYIJjUErpZyfliNtCSHMMS1n6GBew=";
npmPackFlags = [ "--ignore-scripts" ];
installPhase = ''

4
packages/obsidian/themes/minimal/default.nix
View File

@@ -2,13 +2,13 @@
# AUTO-UPDATE: nix-update --flake obsidian-theme-minimal
pkgs.buildNpmPackage (finalAttrs: {
pname = "minimal";
version = "8.0.3";
version = "8.0.4";
src = pkgs.fetchFromGitHub {
owner = "kepano";
repo = "obsidian-minimal";
rev = finalAttrs.version;
hash = "sha256-pLfmIRY/opTgxYsvyNa9MVN9NziCTrjDTM/oBfhxEc0=";
hash = "sha256-TGToK2k9zpd5LappqlkGgxJliXqE4HzsBq07c4IN+T4=";
};
npmDepsHash = "sha256-R+XeEkDP0MxNQsFCWmHXKtLBcmiOTv9Nw7t2e27kvQg=";

6
packages/oidcwarden/default.nix
View File

@@ -3,16 +3,16 @@
# FIXME: https://github.com/dani-garcia/vaultwarden/pull/3899
pkgs.rustPlatform.buildRustPackage (finalAttrs: {
pname = "oidcwarden";
version = "2025.6.1-3";
version = "2025.8.1-1";
src = pkgs.fetchFromGitHub {
owner = "Timshel";
repo = "OIDCWarden";
rev = "v${finalAttrs.version}";
hash = "sha256-I4zOWIU8iBQeLMMQSVcKc3w+WodiZ6MDYnKR7H/+v0Y=";
hash = "sha256-yH2qewIV79hBDRn0KFj2mULpD2tTm5+8E2kIN8uMWHM=";
};
cargoHash = "sha256-fMePvMnefdcN90Y3BPqcKNXyg7tUd64IOUnOQis/qTU=";
cargoHash = "sha256-ZPCRFBaISCIlPY/x3lTqxuePgZXcOLvgyOrw2XVcAVw=";
env.VW_VERSION = finalAttrs.version;

4
packages/prometheus-podman-exporter/default.nix
View File

@@ -2,13 +2,13 @@
# AUTO-UPDATE: nix-update --flake prometheus-podman-exporter
pkgs.buildGoModule (finalAttrs: {
pname = "prometheus-podman-exporter";
version = "1.17.2";
version = "1.18.0";
src = pkgs.fetchFromGitHub {
owner = "containers";
repo = "prometheus-podman-exporter";
rev = "v${finalAttrs.version}";
hash = "sha256-TlQQbeYcCTZKF6DUKM+UE8iU9KC5tLpCtee62sNbW8s=";
hash = "sha256-hrecxJp78c8LruXTGRDU6zNWnyh+vwgCpVJsm026NYw=";
};
vendorHash = null;

9
packages/shlink-web-client/default.nix
View File

@@ -2,16 +2,19 @@
# AUTO-UPDATE: nix-update --flake shlink-web-client
pkgs.buildNpmPackage (finalAttrs: {
pname = "shlink-web-client";
version = "4.5.0";
version = "4.5.1";
src = pkgs.fetchFromGitHub {
owner = "shlinkio";
repo = finalAttrs.pname;
rev = "v${finalAttrs.version}";
hash = "sha256-pIB1WH5iRyr0yNjqxK+bC7qh5fSzYMdOzlut1ohjSkg=";
hash = "sha256-ieRTXAYlF0IOt/dlXuHUGvvT1J+TYVWaoNQbYZFLOZ4=";
};
npmDepsHash = "sha256-Kn2hVMxQpNi3SwGElymNojaUyc/QMbi+9oIuFEkLeLw=";
patches = [ ./package-lock.patch ];
npmDepsHash = "sha256-q1LUimy7rQe3cKMZEI0SflGeUhthykLpcvJz1oLSkfY=";
npmFlags = [ "--legacy-peer-deps" ];
homepage = "/web";

24553
packages/shlink-web-client/package-lock.patch Normal file
View File

File diff suppressed because it is too large Load Diff

4
packages/shlink/default.nix
View File

@@ -2,11 +2,11 @@
# AUTO-UPDATE: nix-update --flake shlink
pkgs.stdenv.mkDerivation (finalAttrs: {
pname = "shlink";
version = "4.5.0";
version = "4.5.2";
src = pkgs.fetchzip {
url = "https://github.com/shlinkio/shlink/releases/download/v${finalAttrs.version}/shlink${finalAttrs.version}_php8.4_dist.zip";
sha256 = "sha256-IndszqEW3pUaBIHBh4eIkPF2sM/KawANAW1wWx8tRdU=";
sha256 = "sha256-1ZKC/o3IPPfVWxyAIkiaLN70XXLXHKalAvEG63Xrmes=";
};
installPhase = ''

16
packages/ssh/known-hosts/gitea/default.nix Normal file
View File

@@ -0,0 +1,16 @@
{ pkgs, ... }:
pkgs.stdenv.mkDerivation {
pname = "ssh-known-hosts-gitea";
version = "0-unstable-2025-09-01";
src = pkgs.lib.fetchers.sshKnownHosts {
host = "gitea.com";
hash = "sha256-xibPjdZdkUSQS+YLfVsanFfAEnKfAPxgRAz138sNJ6c=";
};
phases = [ "installPhase" ];
installPhase = ''
cp $src $out
'';
}

Some files were not shown because too many files have changed in this diff Show More