Compare commits

1 Commits

Author SHA1 Message Date
84a5ff6fd4 Add jupiter wireguard server
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-06-26 09:16:24 +01:00
436 changed files with 10663 additions and 40683 deletions

7
.gitignore vendored
View File

@@ -1,7 +0,0 @@
# ---> Nix
# Ignore build outputs from performing a nix-build or `nix build` command
result
result-*
# Ignore automatically generated direnv output
.direnv

27
.gitlab-ci.yml Normal file
View File

@@ -0,0 +1,27 @@
stages:
- build
- test
variables:
GIT_SUBMODULE_STRATEGY: recursive
cache: &global_cache
key:
files:
- flake.lock
- flake.nix
paths:
- /nix/store
policy: pull-push
build:
image: nixos/nix
stage: build
timeout: 48h
cache:
<<: *global_cache
script:
- nix --experimental-features 'nix-command flakes' flake check --show-trace
include:
- template: Jobs/Secret-Detection.gitlab-ci.yml

17
.gitmodules vendored
View File

@@ -1,9 +1,8 @@
[submodule "secrets"]
path = submodules/secrets
url = git@karaolidis.com:karaolidis/nix-secrets.git
[submodule "sas"]
path = submodules/sas
url = git@karaolidis.com:karaolidis/nix-sas.git
[submodule "lib"]
path = submodules/lib
url = git@karaolidis.com:karaolidis/nix-lib.git
[submodule "submodules/nixpkgs"]
path = submodules/nixpkgs
url = git@github.com:karaolidis/nixpkgs.git
branch = integration
[submodule "submodules/home-manager"]
path = submodules/home-manager
url = git@github.com:karaolidis/home-manager.git
branch = integration

3
.vscode/settings.json vendored Normal file
View File

@@ -0,0 +1,3 @@
{
"sops.defaults.ageKeyFile": "./secrets/personal/key.txt"
}

View File

@@ -7,6 +7,7 @@ NixOS dotfiles and configuration for various hosts and users.
- [`flake.lock`](./flake.lock) and [`flake.nix`](./flake.nix): Core Nix flake files defining the repository's dependencies and entry points.
- [`hosts/`](./hosts): All host-specific configurations.
- [`common/`](./hosts/common): Shared configuration definitions.
- [`shells/`](./hosts/common/shells): Nix dev shells.
- [`configs/`](./hosts/common/configs): System configurations applicable to all hosts.
@@ -16,16 +17,19 @@ NixOS dotfiles and configuration for various hosts and users.
- [`gui/`](./hosts/common/configs/user/gui): GUI-related settings.
- `<name>/`: Individual host configurations.
- [`overlays/`](./overlays/): Custom patches.
- [`packages/`](./packages/): Custom packages.
- [`scripts/`](./scripts): Utility scripts for managing the repository.
- [`add-host.sh`](./scripts/add-host.sh): Instantiate the keys for a new host configuration.
- [`remove-host.sh`](./scripts/remove-host.sh): Remove references to a host.
- [`update-keys.sh`](./scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations.
- [`update.sh`](./scripts/update.sh): Update flake and all packages.
- [`cache.sh`](./scripts/cache.sh): Build all `nixosConfiguration`s and push them to `attic`.
- `secrets/<namespace>/`: Global secrets for individual namespaces that apply across all hosts.
- [`lib/`](./lib): Nix library function definitions and utilities.
- [`scripts/`](./lib/scripts): Utility scripts for managing the repository.
- [`add-host.sh`](./lib/scripts/add-host.sh): Instantiate the keys for a new host configuration.
- [`remove-host.sh`](./lib/scripts/remove-host.sh): Remove references to a host.
- [`update-keys.sh`](./lib/scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations.
- [`update.sh`](./lib/scripts/update.sh): Update flake and all git submodules.
- [`submodules/`](./submodules): Flake forks used in the repository, such as [`nixpkgs`](https://github.com/NixOS/nixpkgs) and [`home-manager`](https://github.com/nix-community/home-manager).
Any `options.nix` files create custom option definitions when present.

434
flake.lock generated
View File

@@ -10,15 +10,16 @@
]
},
"locked": {
"lastModified": 1756487002,
"narHash": "sha256-hN9RfNXy53qAkT68T+IYZpl68uE1uPOVMkw0MqC43KA=",
"lastModified": 1744557573,
"narHash": "sha256-XAyj0iDuI51BytJ1PwN53uLpzTDdznPDQFG4RwihlTQ=",
"owner": "aylur",
"repo": "ags",
"rev": "8ff792dba6cc82eed10e760f551075564dd0a407",
"rev": "3ed9737bdbc8fc7a7c7ceef2165c9109f336bff6",
"type": "github"
},
"original": {
"owner": "aylur",
"ref": "main",
"repo": "ags",
"type": "github"
}
@@ -30,34 +31,20 @@
]
},
"locked": {
"lastModified": 1756474652,
"narHash": "sha256-iiBU6itpEqE0spXeNJ3uJTfioSyKYjt5bNepykpDXTE=",
"lastModified": 1749559749,
"narHash": "sha256-TM95tg1G7S6rVBBoMwurXMz8Il4xlnuZ2TI4h6lfZzg=",
"owner": "aylur",
"repo": "astal",
"rev": "20bd8318e4136fbd3d4eb2d64dbabc3acbc915dd",
"rev": "dd8a4662f2f17fb4326a7bd0fb2d054f5d477ba3",
"type": "github"
},
"original": {
"owner": "aylur",
"ref": "main",
"repo": "astal",
"type": "github"
}
},
"crane": {
"locked": {
"lastModified": 1754269165,
"narHash": "sha256-0tcS8FHd4QjbCVoxN9jI+PjHgA4vc/IjkUSp+N3zy0U=",
"owner": "ipetkov",
"repo": "crane",
"rev": "444e81206df3f7d92780680e45858e31d2f07a08",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
@@ -65,67 +52,33 @@
]
},
"locked": {
"lastModified": 1746728054,
"narHash": "sha256-eDoSOhxGEm2PykZFa/x9QG5eTH0MJdiJ9aR00VAofXE=",
"lastModified": 1749436314,
"narHash": "sha256-CqmqU5FRg5AadtIkxwu8ulDSOSoIisUMZRLlcED3Q5w=",
"owner": "nix-community",
"repo": "disko",
"rev": "ff442f5d1425feb86344c028298548024f21256d",
"rev": "dfa4d1b9c39c0342ef133795127a3af14598017a",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "latest",
"ref": "master",
"repo": "disko",
"type": "github"
}
},
"flake-compat": {
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"revCount": 69,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
}
},
"flake-input-patcher": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"systems": [
"systems"
]
},
"locked": {
"lastModified": 1751871600,
"narHash": "sha256-I4/2ekJrbRMhOpKfzgnlrN45nQj9YQmZnoSeAaRa1SU=",
"owner": "jfly",
"repo": "flake-input-patcher",
"rev": "4ff068126d49829b106280738944bde91951d59d",
"type": "github"
},
"original": {
"owner": "jfly",
"repo": "flake-input-patcher",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
"nixpkgs-lib": [
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754487366,
"narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=",
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "github"
},
"original": {
@@ -150,32 +103,11 @@
},
"original": {
"owner": "numtide",
"ref": "main",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"pre-commit-hooks-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -183,50 +115,39 @@
]
},
"locked": {
"lastModified": 1756579987,
"narHash": "sha256-duCce8zGsaMsrqqOmLOsuaV1PVIw/vXWnKuLKZClsGg=",
"owner": "nix-community",
"lastModified": 1749678254,
"narHash": "sha256-6I+qez0MnHu9M2spLj3LsGA/cUGgfx17/hMPvmrUMoU=",
"owner": "karaolidis",
"repo": "home-manager",
"rev": "99a69bdf8a3c6bf038c4121e9c4b6e99706a187a",
"rev": "e248f54290b483a47c7550f69faecb8ed97e4831",
"type": "github"
},
"original": {
"owner": "nix-community",
"owner": "karaolidis",
"ref": "integration",
"repo": "home-manager",
"type": "github"
}
},
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": [
"flake-compat"
],
"flake-parts": [
"flake-parts"
],
"nixpkgs": [
"nixpkgs"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay"
},
"nixpkgs": {
"locked": {
"lastModified": 1754297745,
"narHash": "sha256-aD6/scLN3L4ZszmNbhhd3JQ9Pzv1ScYFphz14wHinfs=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "892cbdca865d6b42f9c0d222fe309f7720259855",
"lastModified": 1749678247,
"narHash": "sha256-K83Q3c/o5CdMB3Npk3P1kCIz6FcUuJV8E4k6z1YN8AQ=",
"owner": "karaolidis",
"repo": "nixpkgs",
"rev": "4d408c92fe165ab68f012a3fa36d4c58d84e83bd",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "lanzaboote",
"owner": "karaolidis",
"ref": "integration",
"repo": "nixpkgs",
"type": "github"
}
},
"lib": {
"nur": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
],
@@ -235,202 +156,32 @@
]
},
"locked": {
"lastModified": 1757531256,
"narHash": "sha256-aOqrRvKmHoPKVhEYgV/RbsMXYXy6W9Tt1uhGK3dWMlE=",
"ref": "refs/heads/main",
"rev": "be7b39f41a1137a68944fc73db5a24544e015eb6",
"revCount": 7,
"type": "git",
"url": "https://git.karaolidis.com/karaolidis/nix-lib.git"
},
"original": {
"type": "git",
"url": "https://git.karaolidis.com/karaolidis/nix-lib.git"
}
},
"mnw": {
"locked": {
"lastModified": 1748710831,
"narHash": "sha256-eZu2yH3Y2eA9DD3naKWy/sTxYS5rPK2hO7vj8tvUCSU=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "cff958a4e050f8d917a6ff3a5624bc4681c6187d",
"type": "github"
},
"original": {
"owner": "Gerg-L",
"repo": "mnw",
"type": "github"
}
},
"nixos-wsl": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1755774185,
"narHash": "sha256-XjKqiTA19mkoBkja0VOy90qp2gC1f2fGgsLb9m1lg5Q=",
"owner": "karaolidis",
"repo": "NixOS-WSL",
"rev": "b1f426697f62006b99fac0cc25a106626c78f874",
"type": "github"
},
"original": {
"owner": "karaolidis",
"ref": "extra-files",
"repo": "NixOS-WSL",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1756542300,
"narHash": "sha256-tlOn88coG5fzdyqz6R93SQL5Gpq+m/DsWpekNFhqPQk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d7600c775f877cd87b4f5a831c28aa94137377aa",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1753579242,
"narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": [
"flake-parts"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1756630008,
"narHash": "sha256-weZiVKbiWQzTifm6qCxzhxghEu5mbh9mWNUdkzOLCR0=",
"lastModified": 1749675110,
"narHash": "sha256-NkDE/JyeQJmLtpXjyFZK2wKs5K7isap7MBIzoYMC9nk=",
"owner": "nix-community",
"repo": "NUR",
"rev": "f6a5a7b60dd6065e78ef06390767e689ffa3c23f",
"rev": "0e8328c18d801a253ed5dfd17bd78254d9669d06",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "main",
"repo": "NUR",
"type": "github"
}
},
"nvf": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"flake-parts": [
"flake-parts"
],
"mnw": "mnw",
"nixpkgs": [
"nixpkgs"
],
"systems": [
"systems"
]
},
"locked": {
"lastModified": 1755463179,
"narHash": "sha256-5Ggb1Mhf7ZlRgGi2puCa2PvWs6KbMnWBlW6KW7Vf79Y=",
"owner": "NotAShelf",
"repo": "nvf",
"rev": "03833118267ad32226b014b360692bdce9d6e082",
"type": "github"
},
"original": {
"owner": "NotAShelf",
"repo": "nvf",
"type": "github"
}
},
"nvidia-patch": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"utils": [
"flake-utils"
]
},
"locked": {
"lastModified": 1756052001,
"narHash": "sha256-dlLqyHxqiFAoIwshKe9X3PzXcJ+up88Qb2JVQswFaNE=",
"owner": "icewind1991",
"repo": "nvidia-patch-nixos",
"rev": "780af7357d942fad2ddd9f325615a5f6ea7e37ee",
"type": "github"
},
"original": {
"owner": "icewind1991",
"repo": "nvidia-patch-nixos",
"type": "github"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1750779888,
"narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"quadlet-nix": {
"locked": {
"lastModified": 1754008153,
"narHash": "sha256-MYT1mDtSkiVg343agxgBFsnuNU3xS8vRy399JXX1Vw0=",
"lastModified": 1749099346,
"narHash": "sha256-5gi/YaLVsFztGvVH45eB6jsBmZf+HnvDeSA9RXUqbcY=",
"owner": "SEIAROTg",
"repo": "quadlet-nix",
"rev": "1b2d27d460d8c7e4da5ba44ede463b427160b5c4",
"rev": "d4119a3423f938427252ba8bbdbe8ce040751864",
"type": "github"
},
"original": {
"owner": "SEIAROTg",
"ref": "main",
"repo": "quadlet-nix",
"type": "github"
}
@@ -440,90 +191,17 @@
"ags": "ags",
"astal": "astal",
"disko": "disko",
"flake-compat": "flake-compat",
"flake-input-patcher": "flake-input-patcher",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"home-manager": "home-manager",
"lanzaboote": "lanzaboote",
"lib": "lib",
"nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs",
"nur": "nur",
"nvf": "nvf",
"nvidia-patch": "nvidia-patch",
"quadlet-nix": "quadlet-nix",
"sas": "sas",
"secrets": "secrets",
"sops-nix": "sops-nix",
"spicetify-nix": "spicetify-nix",
"systems": "systems",
"treefmt-nix": "treefmt-nix"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754189623,
"narHash": "sha256-fstu5eb30UYwsxow0aQqkzxNxGn80UZjyehQVNVHuBk=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "c582ff7f0d8a7ea689ae836dfb1773f1814f472a",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"sas": {
"inputs": {
"lib": [
"lib"
],
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": [
"treefmt-nix"
]
},
"locked": {
"lastModified": 1757531894,
"narHash": "sha256-GwV3ES7n/2mwPeu8FGfViI6QfzbTrvNob3OZOsPQId0=",
"ref": "refs/heads/main",
"rev": "3d069983345ea83549c641dd3f8875e54aaf1c2b",
"revCount": 12,
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git"
},
"original": {
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git"
}
},
"secrets": {
"flake": false,
"locked": {
"lastModified": 1757873556,
"narHash": "sha256-WYrV46if1XsiQKOQEMNtHdAPeFDeu7YBdcoNSXc3sf8=",
"ref": "refs/heads/main",
"rev": "21ab0b0a59264b1da501f90725bf2c03e07ae941",
"revCount": 43,
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git"
},
"original": {
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
@@ -531,15 +209,16 @@
]
},
"locked": {
"lastModified": 1754988908,
"narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
"lastModified": 1749592509,
"narHash": "sha256-VunQzfZFA+Y6x3wYi2UE4DEQ8qKoAZZCnZPUlSoqC+A=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
"rev": "50754dfaa0e24e313c626900d44ef431f3210138",
"type": "github"
},
"original": {
"owner": "Mic92",
"ref": "master",
"repo": "sops-nix",
"type": "github"
}
@@ -554,15 +233,16 @@
]
},
"locked": {
"lastModified": 1756614537,
"narHash": "sha256-qyszmZO9CEKAlj5NBQo1AIIADm5Fgqs5ZggW1sU1TVo=",
"lastModified": 1749357231,
"narHash": "sha256-AbrPgGFVYR45TlYLHYTppayG0xzOG9XXhi+1j3Klbw8=",
"owner": "Gerg-L",
"repo": "spicetify-nix",
"rev": "374eb5d97092b97f7aaafd58a2012943b388c0df",
"rev": "03783416f7416715c52166d4e8ba0492a7149397",
"type": "github"
},
"original": {
"owner": "Gerg-L",
"ref": "master",
"repo": "spicetify-nix",
"type": "github"
}
@@ -578,6 +258,7 @@
},
"original": {
"owner": "nix-systems",
"ref": "main",
"repo": "default",
"type": "github"
}
@@ -589,15 +270,16 @@
]
},
"locked": {
"lastModified": 1755934250,
"narHash": "sha256-CsDojnMgYsfshQw3t4zjRUkmMmUdZGthl16bXVWgRYU=",
"lastModified": 1749194973,
"narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "74e1a52d5bd9430312f8d1b8b0354c92c17453e5",
"rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5",
"type": "github"
},
"original": {
"owner": "numtide",
"ref": "main",
"repo": "treefmt-nix",
"type": "github"
}

294
flake.nix
View File

@@ -1,118 +1,113 @@
{
inputs = {
# Configuration
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs = {
# --- Official
# type = "github";
# owner = "NixOS";
# repo = "nixpkgs";
# ref = "master";
# --- Fork
type = "github";
owner = "karaolidis";
repo = "nixpkgs";
ref = "integration";
# --- Local
# url = "git+file:./submodules/nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
# --- Official
# type = "github";
# owner = "nix-community"
# repo = "home-manager";
# --- Fork
type = "github";
owner = "karaolidis";
repo = "home-manager";
ref = "integration";
# --- Local
# url = "git+file:./submodules/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
# Packages
disko = {
type = "github";
owner = "nix-community";
repo = "disko";
ref = "master";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
type = "github";
owner = "Mic92";
repo = "sops-nix";
ref = "master";
inputs.nixpkgs.follows = "nixpkgs";
};
systems = {
type = "github";
owner = "nix-systems";
repo = "default";
ref = "main";
};
nur = {
url = "github:nix-community/NUR";
type = "github";
owner = "nix-community";
repo = "NUR";
ref = "main";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-parts.follows = "flake-parts";
treefmt-nix.follows = "treefmt-nix";
};
};
# DevOps
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
flake-utils = {
type = "github";
owner = "numtide";
repo = "flake-utils";
ref = "main";
inputs.systems.follows = "systems";
};
treefmt-nix = {
url = "github:numtide/treefmt-nix";
type = "github";
owner = "numtide";
repo = "treefmt-nix";
ref = "main";
inputs.nixpkgs.follows = "nixpkgs";
};
flake-input-patcher = {
url = "github:jfly/flake-input-patcher";
inputs = {
nixpkgs.follows = "nixpkgs";
systems.follows = "systems";
};
};
# Personal
lib = {
# FIXME: https://github.com/NixOS/nix/issues/12281
url = "git+https://git.karaolidis.com/karaolidis/nix-lib.git";
inputs = {
nixpkgs.follows = "nixpkgs";
treefmt-nix.follows = "treefmt-nix";
};
};
sas = {
# FIXME: https://github.com/NixOS/nix/issues/12281
url = "git+ssh://git@karaolidis.com/karaolidis/nix-sas.git";
inputs = {
nixpkgs.follows = "nixpkgs";
lib.follows = "lib";
treefmt-nix.follows = "treefmt-nix";
};
};
secrets = {
# FIXME: https://github.com/NixOS/nix/issues/12281
url = "git+ssh://git@karaolidis.com/karaolidis/nix-secrets.git";
flake = false;
};
# Hardware
disko = {
url = "github:nix-community/disko/latest";
inputs.nixpkgs.follows = "nixpkgs";
};
lanzaboote = {
url = "github:nix-community/lanzaboote";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
flake-parts.follows = "flake-parts";
};
};
nixos-wsl = {
url = "github:karaolidis/NixOS-WSL/extra-files";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
};
};
# Applications
nvf = {
url = "github:NotAShelf/nvf";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
flake-parts.follows = "flake-parts";
systems.follows = "systems";
};
};
quadlet-nix.url = "github:SEIAROTg/quadlet-nix";
nvidia-patch = {
url = "github:icewind1991/nvidia-patch-nixos";
inputs = {
nixpkgs.follows = "nixpkgs";
utils.follows = "flake-utils";
};
quadlet-nix = {
type = "github";
owner = "SEIAROTg";
repo = "quadlet-nix";
ref = "main";
};
astal = {
url = "github:aylur/astal";
type = "github";
owner = "aylur";
repo = "astal";
ref = "main";
inputs.nixpkgs.follows = "nixpkgs";
};
ags = {
url = "github:aylur/ags";
type = "github";
owner = "aylur";
repo = "ags";
ref = "main";
inputs = {
nixpkgs.follows = "nixpkgs";
astal.follows = "astal";
@@ -120,101 +115,70 @@
};
spicetify-nix = {
url = "github:Gerg-L/spicetify-nix";
type = "github";
owner = "Gerg-L";
repo = "spicetify-nix";
ref = "master";
inputs = {
nixpkgs.follows = "nixpkgs";
systems.follows = "systems";
};
};
# Transitive Dependencies
systems.url = "github:nix-systems/default";
flake-parts.url = "github:hercules-ci/flake-parts";
flake-utils = {
url = "github:numtide/flake-utils";
inputs.systems.follows = "systems";
};
flake-compat.url = "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz";
};
outputs =
unpatchedInputs:
let
patchInputs =
system:
let
patcher = unpatchedInputs.flake-input-patcher.lib.${system};
patches = import ./patches.nix { inherit patcher; };
in
if patches != { } then patcher.patch unpatchedInputs patches else unpatchedInputs;
mkNixosConfiguration =
inputs: system: modules:
inputs.nixpkgs.lib.nixosSystem {
inherit system modules;
{ self, nixpkgs, ... }@inputs:
{
nixosConfigurations = {
installer = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [ ./hosts/installer ];
specialArgs = { inherit inputs system; };
};
in
{
overlays.default = import ./overlays;
}
// (
let
system = "x86_64-linux";
inputs = patchInputs system;
pkgs = import inputs.nixpkgs {
himalia = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [ ./hosts/himalia ];
specialArgs = { inherit inputs system; };
};
elara = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [ ./hosts/elara ];
specialArgs = { inherit inputs system; };
};
jupiter = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [ ./hosts/jupiter ];
specialArgs = { inherit inputs system; };
};
jupiter-vps = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [ ./hosts/jupiter-vps ];
specialArgs = { inherit inputs system; };
};
};
}
// inputs.flake-utils.lib.eachSystem [ "x86_64-linux" ] (
system:
let
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
];
};
treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
in
{
nixosConfigurations = {
installer = mkNixosConfiguration inputs system [ ./hosts/installer ];
himalia = mkNixosConfiguration inputs system [ ./hosts/himalia ];
elara = mkNixosConfiguration inputs system [ ./hosts/elara ];
jupiter = mkNixosConfiguration inputs system [ ./hosts/jupiter ];
jupiter-vps = mkNixosConfiguration inputs system [ ./hosts/jupiter-vps ];
};
devShells = import ./hosts/common/shells { inherit pkgs; };
lib = import ./lib { inherit pkgs; };
packages = import ./packages { inherit pkgs inputs system; };
devShells.${system} = import ./hosts/common/shells { inherit pkgs; };
packages.${system} = import ./packages { inherit pkgs; };
formatter.${system} = treefmt.config.build.wrapper;
checks.${system} =
let
nixosConfigurations =
pkgs.lib.mapAttrs'
(
name: config:
pkgs.lib.nameValuePair "nixosConfiguration-${name}" config.config.system.build.toplevel
)
((pkgs.lib.filterAttrs (_: config: config.pkgs.system == system)) inputs.self.nixosConfigurations);
packages = pkgs.lib.mapAttrs' (
name: pkgs.lib.nameValuePair "package-${name}"
) inputs.self.packages.${system};
overlayPackages = pkgs.lib.mapAttrs' (n: pkgs.lib.nameValuePair "overlayPackage-${n}") (
import ./overlays/packages.nix { inherit pkgs; }
);
devShells = pkgs.lib.mapAttrs' (
name: pkgs.lib.nameValuePair "devShell-${name}"
) inputs.self.devShells.${system};
formatter.formatting = treefmt.config.build.check inputs.self;
in
nixosConfigurations // packages // overlayPackages // devShells // formatter;
formatter = treefmt.config.build.wrapper;
checks.formatting = treefmt.config.build.check self;
}
);
}

View File

@@ -0,0 +1,5 @@
{ ... }:
{
# https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-local-tunnel/
services.cloudflared.enable = true;
}

View File

@@ -0,0 +1,22 @@
{ lib, pkgs, ... }:
{
networking.networkmanager.dns = "dnsmasq";
environment.etc."NetworkManager/dnsmasq.d/10-bind-interfaces.conf".source =
(pkgs.formats.keyValue {
mkKeyValue =
name: value:
if value == true then
name
else if value == false then
""
else
lib.generators.mkKeyValueDefault { } "=" name value;
listsAsDuplicateKeys = true;
}).generate
"10-bind-interfaces.conf"
{
bind-interfaces = true;
listen-address = [ "127.0.0.1" ];
};
}

View File

@@ -1,14 +0,0 @@
{ ... }:
{
environment.persistence."/persist/state"."/var/lib/fail2ban" = { };
services.fail2ban = {
enable = true;
bantime = "24h";
bantime-increment = {
enable = true;
maxtime = "720h";
overalljails = true;
};
};
}

View File

@@ -0,0 +1,4 @@
{ ... }:
{
programs.gnupg.agent.enable = true;
}

View File

@@ -233,11 +233,11 @@ in
unitConfig.ConditionPathExists = [ (lib.strings.escape [ " " ] c.source) ];
what = c.source;
where = c.target;
options = lib.strings.concatStringsSep "," [
options = lib.strings.concatStringsSep "," ([
"bind"
"X-fstrim.notrim"
"x-gvfs-hide"
];
]);
}) all;
services = builtins.listToAttrs (

View File

@@ -1,22 +0,0 @@
{
inputs,
lib,
pkgs,
...
}:
{
imports = [ inputs.lanzaboote.nixosModules.lanzaboote ];
environment = {
persistence."/persist/state"."/var/lib/sbctl" = { };
systemPackages = with pkgs; [ sbctl ];
};
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
};
}

View File

@@ -1,4 +1,9 @@
{ config, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
virtualisation = {
libvirtd = {

View File

@@ -4,7 +4,6 @@ _nix-install_completion() {
'-m[Mode: 'install' or 'repair']:mode:(install repair)'
'-h[Host to configure]:host:($(_list_hosts))'
'-k[Key file to copy to user config]:key:($(_list_keys))'
'-s[Enroll secure boot keys on current device]'
'-c[Copy configuration to target]'
'-r[Reboot after completion]'
)
@@ -18,8 +17,8 @@ _nix-install_completion() {
_list_keys() {
local flake="$(realpath ${words[2]})"
if [[ -d "$flake/submodules/secrets/domains" ]]; then
find "$flake/submodules/secrets/domains" -type f -name 'key.txt' | sed -E 's|^.*/submodules/secrets/domains/([^/]+)/key.txt$|\1|' | sort -u
if [[ -d "$flake/secrets" ]]; then
find "$flake/secrets" -type f -name 'key.txt' | sed -E 's|^.*/secrets/([^/]+)/key.txt$|\1|' | sort -u
fi
}

View File

@@ -1,14 +1,13 @@
# shellcheck shell=bash
usage() {
echo "Usage: $0 flake -m install|repair -h host [-k key] [-p password_file] [-s] [-c] [-r]"
echo "Usage: $0 flake -m install|repair -h host [-k key] [-p password_file] [-c] [-r]"
echo
echo "Options:"
echo " flake Directory containing the flake.nix file."
echo " -m mode Mode: 'install' or 'repair'."
echo " -h host Host to configure."
echo " -k key Key file to copy to user config."
echo " -s Enroll secure boot keys on current device."
echo " -c Copy configuration to target."
echo " -r Reboot after completion."
exit 1
@@ -36,24 +35,23 @@ check_flake() {
}
check_host() {
if ! nix flake show --allow-import-from-derivation --quiet --json "$flake" 2>/dev/null | jq -e ".nixosConfigurations[\"$host\"]" &>/dev/null; then
if ! nix flake show --quiet --json "$flake" 2>/dev/null | jq -e ".nixosConfigurations[\"$host\"]" &>/dev/null; then
echo "Host '$host' not found in flake."
exit 1
fi
}
check_key() {
if [[ -n "$key" ]] && [[ ! -f "$flake/submodules/secrets/domains/$key/key.txt" ]]; then
if [[ -n "$key" ]] && [[ ! -f "$flake/secrets/$key/key.txt" ]]; then
echo "Key '$key' not found."
exit 1
fi
}
set_password_file() {
SOPS_AGE_KEY_FILE="$flake/submodules/secrets/domains/$key/key.txt"
SOPS_AGE_KEY_FILE="$flake/secrets/$key/key.txt"
export SOPS_AGE_KEY_FILE
install -m 600 /dev/null /tmp/keyfile
sops --decrypt --extract "['luks']" "$flake/submodules/secrets/hosts/$host/secrets.yaml" > /tmp/keyfile
sops --decrypt --extract "['luks']" "$flake/hosts/$host/secrets/secrets.yaml" > /tmp/keyfile
unset SOPS_AGE_KEY_FILE
}
@@ -64,9 +62,9 @@ prepare_disk() {
disko -m "$disko_mode" --yes-wipe-all-disks --root-mountpoint "$root" "$flake/hosts/$host/format.nix"
}
copy_sops_keys() {
copy_keys() {
mkdir -p "$root/persist/state/etc/ssh"
cp -f "$flake/submodules/secrets/hosts/$host/ssh_host_ed25519_key" "$root/persist/state/etc/ssh/ssh_host_ed25519_key"
cp -f "$flake/hosts/$host/secrets/ssh_host_ed25519_key" "$root/persist/state/etc/ssh/ssh_host_ed25519_key"
for path in "$flake/hosts/$host/users"/*; do
if [[ -z "$key" ]]; then
@@ -77,7 +75,7 @@ copy_sops_keys() {
user=$(basename "$path")
mkdir -p "$root/persist/state/home/$user/.config/sops-nix"
cp -f "$flake/submodules/secrets/domains/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt"
cp -f "$flake/secrets/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt"
owner=$(cat "$flake/hosts/$host/users/$user/uid")
group=100
@@ -89,46 +87,26 @@ copy_sops_keys() {
done
}
copy_secure_boot_keys() {
mkdir -p "$root/persist/state/var/lib/sbctl/keys"/{db,KEK,PK}
SOPS_AGE_KEY_FILE="$flake/submodules/secrets/domains/$key/key.txt"
export SOPS_AGE_KEY_FILE
sops --decrypt --extract "['guid']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/GUID"
sops --decrypt --extract "['keys']['kek']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.key"
sops --decrypt --extract "['keys']['kek']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.pem"
sops --decrypt --extract "['keys']['pk']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.key"
sops --decrypt --extract "['keys']['pk']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.pem"
sops --decrypt --extract "['keys']['db']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.key"
sops --decrypt --extract "['keys']['db']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.pem"
chmod 400 "$root/persist/state/var/lib/sbctl/keys"/*/*
unset SOPS_AGE_KEY_FILE
mkdir -p "$root/var/lib/sbctl"
mount --bind -o X-fstrim.notrim,x-gvfs-hide "$root/persist/state/var/lib/sbctl" "$root/var/lib/sbctl"
}
install_nixos() {
install() {
nixos-install --root "$root" --flake "$flake#$host" --no-root-passwd
}
enroll_secure_boot() {
sbctl enroll-keys --microsoft
}
copy_config() {
echo "Copying configuration..."
mkdir -p "$root/persist/user/etc"
mkdir -p "$root/persist/user/etc/nixos"
rm -rf "$root/persist/user/etc/nixos"
cp -r "$flake" "$root/persist/user/etc/nixos"
}
finish() {
echo "Rebooting system..."
trap - EXIT
cleanup
reboot
}
cleanup() {
rm -f /tmp/keyfile
if [[ -d "$root" ]]; then umount "$root/var/lib/sbctl"; fi
if [[ -n "$host" ]]; then disko -m "unmount" "$flake/hosts/$host/format.nix"; fi
if [[ -d "$root" ]]; then rmdir "$root"; fi
}
@@ -146,16 +124,14 @@ main() {
mode=""
host=""
key=""
enroll_secure_boot_flag="false"
copy_config_flag="false"
reboot_flag="false"
while getopts "m:h:k:scr" opt; do
while getopts "m:h:k:cr" opt; do
case "$opt" in
m) mode="$OPTARG" ;;
h) host="$OPTARG" ;;
k) key="$OPTARG" ;;
s) enroll_secure_boot_flag="true" ;;
c) copy_config_flag="true" ;;
r) reboot_flag="true" ;;
*) usage ;;
@@ -177,17 +153,10 @@ main() {
;;
esac
copy_sops_keys
copy_secure_boot_keys
install_nixos
[[ "$enroll_secure_boot_flag" == "true" ]] && enroll_secure_boot
copy_keys
install
[[ "$copy_config_flag" == "true" ]] && copy_config
cleanup
[[ "$reboot_flag" == "true" ]] && reboot
[[ "$reboot_flag" == "true" ]] && finish
}
main "$@"

View File

@@ -1,4 +1,12 @@
{ pkgs, ... }:
{
nixpkgs.overlays = [
(final: prev: {
nix-update = prev.nix-update.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./source-attribute.patch ];
});
})
];
environment.systemPackages = with pkgs; [ nix-update ];
}

View File

@@ -0,0 +1,127 @@
diff --git a/nix_update/__init__.py b/nix_update/__init__.py
index 89bbe45..93f9322 100644
--- a/nix_update/__init__.py
+++ b/nix_update/__init__.py
@@ -124,6 +124,12 @@ def parse_args(args: list[str]) -> Options:
default=[],
)
+ parser.add_argument(
+ "--src-attr",
+ help="Src attribute",
+ default="src",
+ )
+
a = parser.parse_args(args)
extra_flags = ["--extra-experimental-features", "flakes nix-command"]
if a.system:
@@ -146,6 +152,7 @@ def parse_args(args: list[str]) -> Options:
version=a.version,
version_preference=VersionPreference.from_str(a.version),
attribute=a.attribute,
+ source_attribute=a.src_attr,
test=a.test,
version_regex=a.version_regex,
review=a.review,
diff --git a/nix_update/eval.py b/nix_update/eval.py
index 1767056..f85ea69 100644
--- a/nix_update/eval.py
+++ b/nix_update/eval.py
@@ -105,12 +105,19 @@ class Package:
def eval_expression(
escaped_import_path: str,
attr: str,
+ source_attr: str,
flake: bool,
system: str | None,
override_filename: str | None,
) -> str:
system = f'"{system}"' if system else "builtins.currentSystem"
+ source_attrs = source_attr.rpartition(".")
+ source_attr_last = source_attrs[-1] or source_attr
+ source_attr_all_but_last = (
+ f".{source_attrs[0]}" if source_attr_last != source_attr else ""
+ )
+
if flake:
sanitize_position = (
f"""
@@ -164,8 +171,8 @@ let
raw_version_position
else if pkg ? isPhpExtension then
raw_version_position
- else if (builtins.unsafeGetAttrPos "src" pkg) != null then
- sanitizePosition (builtins.unsafeGetAttrPos "src" pkg)
+ else if (builtins.unsafeGetAttrPos "{source_attr_last}" pkg) != null then
+ sanitizePosition (builtins.unsafeGetAttrPos "{source_attr_last}" pkg{source_attr_all_but_last})
else
sanitizePosition (positionFromMeta pkg);
in {{
@@ -174,11 +181,11 @@ in {{
inherit raw_version_position;
filename = position.file;
line = position.line;
- urls = pkg.src.urls or null;
- url = pkg.src.url or null;
- rev = pkg.src.rev or null;
- tag = pkg.src.tag or null;
- hash = pkg.src.outputHash or null;
+ urls = pkg.{source_attr}.urls or null;
+ url = pkg.{source_attr}.url or null;
+ rev = pkg.{source_attr}.rev or null;
+ tag = pkg.{source_attr}.tag or null;
+ hash = pkg.{source_attr}.outputHash or null;
go_modules = pkg.goModules.outputHash or null;
go_modules_old = pkg.go-modules.outputHash or null;
cargo_deps = pkg.cargoDeps.outputHash or null;
@@ -205,7 +212,7 @@ in {{
mix_deps = pkg.mixFodDeps.outputHash or null;
tests = builtins.attrNames (pkg.passthru.tests or {{}});
has_update_script = {has_update_script};
- src_homepage = pkg.src.meta.homepage or null;
+ src_homepage = pkg.{source_attr}.meta.homepage or null;
changelog = pkg.meta.changelog or null;
maintainers = pkg.meta.maintainers or null;
}}"""
@@ -215,6 +222,7 @@ def eval_attr(opts: Options) -> Package:
expr = eval_expression(
opts.escaped_import_path,
opts.escaped_attribute,
+ opts.source_attribute,
opts.flake,
opts.system,
opts.override_filename,
diff --git a/nix_update/options.py b/nix_update/options.py
index 2d07b77..ab5c305 100644
--- a/nix_update/options.py
+++ b/nix_update/options.py
@@ -8,6 +8,7 @@ from .version.version import VersionPreference
@dataclass
class Options:
attribute: str
+ source_attribute: str = "src"
flake: bool = False
version: str = "stable"
version_preference: VersionPreference = VersionPreference.STABLE
@@ -33,4 +34,7 @@ class Options:
def __post_init__(self) -> None:
self.escaped_attribute = ".".join(map(json.dumps, self.attribute.split(".")))
+ self.escaped_source_attribute = ".".join(
+ map(json.dumps, self.source_attribute.split("."))
+ )
self.escaped_import_path = json.dumps(self.import_path)
diff --git a/nix_update/update.py b/nix_update/update.py
index 82b7bc5..464bf3d 100644
--- a/nix_update/update.py
+++ b/nix_update/update.py
@@ -155,7 +155,7 @@ def git_prefetch(x: tuple[str, tuple[str, str]]) -> tuple[str, str]:
def update_src_hash(opts: Options, filename: str, current_hash: str) -> None:
- target_hash = nix_prefetch(opts, "src")
+ target_hash = nix_prefetch(opts, opts.source_attribute)
replace_hash(filename, current_hash, target_hash)

View File

@@ -1,52 +1,29 @@
{
config,
inputs,
lib,
...
}:
{ config, inputs, ... }:
{
sops = {
secrets = {
"git/credentials/github.com/tokens/public".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"nix/cache/nix.karaolidis.com".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/github.com/public/username".sopsFile =
../../../../../secrets/personal/secrets.yaml;
"git/credentials/github.com/public/password".sopsFile =
../../../../../secrets/personal/secrets.yaml;
};
templates = {
nix-access-tokens = {
templates.nix-access-tokens = {
content = ''
access-tokens = github.com=${config.sops.placeholder."git/credentials/github.com/tokens/public"}
access-tokens = github.com=${config.sops.placeholder."git/credentials/github.com/public/password"}
'';
group = "users";
mode = "0440";
};
nix-netrc = {
content = ''
machine nix.karaolidis.com
password ${config.sops.placeholder."nix/cache/nix.karaolidis.com"}
'';
group = "users";
mode = "0440";
};
};
};
nix = {
settings = {
trusted-users = lib.mkAfter [ "@wheel" ];
use-xdg-base-directories = true;
experimental-features = [
"nix-command"
"flakes"
];
download-buffer-size = 524288000;
substituters = lib.mkBefore [ "https://nix.karaolidis.com/main" ];
trusted-public-keys = lib.mkBefore [
"nix.karaolidis.com:1yz1tIVLGDEOFC1p/uYtR4Sx+nIbdYDqsDv4kkV0uyk="
];
netrc-file = config.sops.templates.nix-netrc.path;
};
channel.enable = false;

View File

@@ -1,5 +1,7 @@
{ system, ... }:
{ inputs, system, ... }:
{
imports = [ inputs.nur.modules.nixos.default ];
nixpkgs = {
hostPlatform = system;
config.allowUnfree = true;

View File

@@ -10,10 +10,7 @@
storage.settings.storage.driver = "btrfs";
};
quadlet = {
enable = true;
autoEscape = true;
};
quadlet.autoEscape = true;
};
environment = {

View File

@@ -4,9 +4,4 @@
smartmontools
nvme-cli
];
services.smartd = {
enable = true;
defaults.autodetected = "-a -o on -n idle,10 -s (S/../.././02|L/../../7/04)";
};
}

View File

@@ -18,7 +18,7 @@
};
sops = {
defaultSopsFile = "${inputs.secrets}/hosts/${config.networking.hostName}/secrets.yaml";
defaultSopsFile = ../../../../. + "/${config.networking.hostName}/secrets/secrets.yaml";
age = {
generateKey = true;

View File

@@ -0,0 +1,4 @@
{ ... }:
{
programs.ssh.startAgent = true;
}

View File

@@ -1,22 +1,22 @@
{ inputs, ... }:
{ ... }:
{
programs.ssh.knownHosts = {
installer.publicKeyFile = "${inputs.secrets}/hosts/installer/ssh_host_ed25519_key.pub";
elara.publicKeyFile = "${inputs.secrets}/hosts/elara/ssh_host_ed25519_key.pub";
himalia.publicKeyFile = "${inputs.secrets}/hosts/himalia/ssh_host_ed25519_key.pub";
installer.publicKeyFile = ../../../../installer/secrets/ssh_host_ed25519_key.pub;
elara.publicKeyFile = ../../../../elara/secrets/ssh_host_ed25519_key.pub;
himalia.publicKeyFile = ../../../../himalia/secrets/ssh_host_ed25519_key.pub;
jupiter = {
publicKeyFile = "${inputs.secrets}/hosts/jupiter/ssh_host_ed25519_key.pub";
publicKeyFile = ../../../../jupiter/secrets/ssh_host_ed25519_key.pub;
extraHostNames = [ "karaolidis.com" ];
};
jupiter-sish = {
publicKeyFile = "${inputs.secrets}/hosts/jupiter/ssh_sish_ed25519_key.pub";
extraHostNames = [ "tunnel.karaolidis.com" ];
publicKeyFile = ../../../../jupiter/users/storm/configs/console/podman/sish/ssh_host_ed25519_key.pub;
extraHostNames = [ "karaolidis.com" ];
};
jupiter-vps = {
publicKeyFile = "${inputs.secrets}/hosts/jupiter-vps/ssh_host_ed25519_key.pub";
publicKeyFile = ../../../../jupiter-vps/secrets/ssh_host_ed25519_key.pub;
extraHostNames = [ "vps.karaolidis.com" ];
};
};

View File

@@ -1,12 +1,27 @@
{ pkgs, ... }:
{ ... }:
{
environment.systemPackages = with pkgs; [ kitty.terminfo ];
environment = {
enableAllTerminfo = true;
persistence."/persist/state"."/var/lib/fail2ban" = { };
};
services.openssh = {
services = {
openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PrintMotd = false;
};
};
fail2ban = {
enable = true;
bantime = "24h";
bantime-increment = {
enable = true;
maxtime = "720h";
overalljails = true;
};
};
};
}

View File

@@ -0,0 +1,10 @@
{ ... }:
{
programs.tmux = {
enable = true;
clock24 = true;
historyLimit = 10000;
keyMode = "vi";
newSession = true;
};
}

View File

@@ -1,6 +1,17 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, pkgs, ... }:
{
nixpkgs.overlays = [
(final: prev: {
android-tools = prev.android-tools.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./env-var-user-home.patch ];
});
})
];
programs.adb.enable = true;
services.gvfs.enable = true;

View File

@@ -1,33 +0,0 @@
{ user, home }:
{
config,
inputs,
pkgs,
...
}:
let
hmConfig = config.home-manager.users.${user};
in
{
home-manager.users.${user} = {
sops = {
secrets."nix/cache/nix.karaolidis.com".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
templates.attic = {
content = builtins.readFile (
(pkgs.formats.toml { }).generate "config.toml" {
default-server = "main";
servers."main" = {
endpoint = "https://nix.karaolidis.com/";
token = hmConfig.sops.placeholder."nix/cache/nix.karaolidis.com";
};
}
);
path = "${home}/.config/attic/config.toml";
};
};
home.packages = with pkgs; [ attic-client ];
};
}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ lib, pkgs, ... }:
{
users.users.${user}.extraGroups = [

View File

@@ -1,11 +1,12 @@
{ user, home }:
{ lib, pkgs, ... }:
{
home-manager.users.${user} = {
programs.btop = {
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user}.programs.btop = {
enable = true;
settings = {
color_theme = "matugen";
theme_background = false;
presets = "";
vim_keys = true;
@@ -16,19 +17,4 @@
disks_filter = "/ /nix /persist";
};
};
theme = {
template.".config/btop/themes/matugen.theme".source = ./theme.theme;
reloadExtraConfig = "${
lib.meta.getExe (
pkgs.writeShellApplication {
name = "reload-btop";
runtimeInputs = with pkgs; [ procps ];
text = "exec pkill btop -SIGUSR2";
}
)
} &";
};
};
}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user}.programs.fastfetch.enable = true;

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,
@@ -41,41 +44,5 @@ in
);
};
};
home = {
packages = with pkgs; [
(pkgs.writeShellApplication {
name = "gh";
runtimeInputs = with pkgs; [ gh ];
text = builtins.readFile ./gh.sh;
})
(pkgs.writeShellApplication {
name = "glab";
runtimeInputs = with pkgs; [ glab ];
text = builtins.readFile ./glab.sh;
})
(pkgs.writeShellApplication {
name = "tea";
runtimeInputs = with pkgs; [ tea ];
text = builtins.readFile ./tea.sh;
})
];
sessionVariables = {
GITEA_HOST = "git.karaolidis.com";
GITEA_SSH_HOST = "karaolidis.com";
};
};
xdg.configFile = {
"gh/config.yml".source = (pkgs.formats.yaml { }).generate "config.yml" {
version = 1;
git_protocol = "ssh";
};
"glab-cli/config.yml".source = (pkgs.formats.yaml { }).generate "config.yml" {
git_protocol = "ssh";
};
};
};
}

View File

@@ -1,8 +0,0 @@
# shellcheck shell=bash
GH_HOST="${GH_HOST:-github.com}"
GH_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GH_HOST}#\1#p" "$HOME/.config/git/credentials")
export GH_TOKEN
exec gh "$@"

View File

@@ -1,8 +0,0 @@
# shellcheck shell=bash
GITLAB_HOST="${GITLAB_HOST:-gitlab.com}"
GITLAB_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GITLAB_HOST}#\1#p" "$HOME/.config/git/credentials")
export GITLAB_TOKEN
exec glab "$@"

View File

@@ -1,13 +0,0 @@
# shellcheck shell=bash
GITEA_HOST="${GITEA_HOST:-gitea.com}"
GITEA_SSH_HOST="${GITEA_SSH_HOST:-gitea.com}"
GITEA_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GITEA_HOST}#\1#p" "$HOME/.config/git/credentials")
GITEA_INSTANCE_URL="https://${GITEA_HOST}"
GITEA_INSTANCE_SSH_HOST="$GITEA_SSH_HOST"
export GITEA_TOKEN
export GITEA_INSTANCE_URL
export GITEA_INSTANCE_SSH_HOST
exec tea "$@"

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,
@@ -20,10 +23,6 @@
enable = true;
defaultCacheTtl = 31536000;
maxCacheTtl = 31536000;
pinentry = {
package = pkgs.pinentry-all;
program = "pinentry-tty";
};
};
systemd.user = {

View File

@@ -1,10 +1,8 @@
{ user, home }:
{
config,
inputs,
lib,
...
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, inputs, ... }:
{
imports = [ inputs.home-manager.nixosModules.default ];
@@ -20,16 +18,10 @@
home.stateVersion = "24.11";
systemd.user.startServices = true;
nix.settings = {
inherit (config.nix.settings)
use-xdg-base-directories
experimental-features
download-buffer-size
substituters
trusted-public-keys
netrc-file
;
};
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
};
};
}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [ imagemagick ];

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user}.programs.jq.enable = true;

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.dconf.settings = {

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [ lsof ];

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [ mprocs ];

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user} = {

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ lib, pkgs, ... }:
{
environment.persistence = {

View File

@@ -3,9 +3,6 @@ volnorm = true
default_keybindings = true
library_tabs = [ "albums", "artists", "playlists", "browse" ]
[keybindings]
"Esc" = "back"
[theme]
background = "{{colors.surface.default.hex}}"
primary = "{{colors.on_surface.default.hex}}"

View File

@@ -1,299 +1,25 @@
{ user, home }:
{
inputs,
lib,
pkgs,
...
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
environment.persistence = {
"/persist/state"."${home}/.local/share/nvf" = { };
"/persist/cache"."${home}/.cache/nvf" = { };
};
home-manager.users.${user} = {
imports = [ inputs.nvf.homeManagerModules.default ];
programs = {
nvf = {
home-manager.users.${user}.programs = {
neovim = {
enable = true;
defaultEditor = true;
settings = {
vim = {
enableLuaLoader = true;
viAlias = true;
vimAlias = true;
autocomplete = {
blink-cmp.enable = true;
};
binds = {
# hardtime-nvim.enable = true;
whichKey.enable = true;
};
clipboard = {
enable = true;
providers.wl-copy.enable = true;
registers = "unnamedplus";
};
comments = {
comment-nvim.enable = true;
};
# dashboard = {
# alpha.enable = true;
# };
filetree = {
neo-tree = {
enable = true;
setupOpts = {
git_status_async = true;
window.mappings = lib.generators.mkLuaInline ''
{
["<space>"] = "noop",
}
vimdiffAlias = true;
extraConfig = ''
set tabstop=2
set shiftwidth=2
set expandtab
set smartindent
set mouse=
'';
};
};
};
# formatter = {
# conform-nvim.enable = true;
# };
git = {
enable = true;
# git-conflict.enable = true;
gitsigns.enable = true;
# neogit.enable = true;
};
languages = {
enableDAP = true;
enableFormat = true;
enableTreesitter = true;
enableExtraDiagnostics = true;
assembly.enable = true;
bash.enable = true;
clang.enable = true;
csharp.enable = true;
css.enable = true;
go.enable = true;
html.enable = true;
java.enable = true;
lua.enable = true;
markdown.enable = true;
nix = {
enable = true;
format.type = "nixfmt";
lsp.options.nil = {
nix = {
maxMemoryMB = null;
flake = {
autoArchive = true;
autoEvalInputs = true;
};
};
};
};
php.enable = true;
python.enable = true;
rust.enable = true;
sql.enable = true;
svelte.enable = true;
ts.enable = true;
yaml.enable = true;
};
lsp = {
enable = true;
formatOnSave = true;
# nvim-docs-view.enable = true;
# otter-nvim.enable = true;
# trouble.enable = true;
};
# minimap = {
# codewindow.enable = true;
# };
notify = {
nvim-notify.enable = true;
};
options = {
tabstop = 2;
shiftwidth = 2;
expandtab = true;
smartindent = true;
};
# projects = {
# project-nvim.enable = true;
# };
searchCase = "smart";
# snippets = {
# luasnip.enable = true;
# };
tabline = {
nvimBufferline = {
enable = true;
mappings.closeCurrent = "<leader>bd";
setupOpts.options = {
indicator.style = "icon";
show_close_icon = false;
show_buffer_close_icons = false;
};
};
};
telescope = {
enable = true;
setupOpts.defaults.file_ignore_patterns = [
"node_modules"
"%.venv/"
"%.git/"
"dist/"
"build/"
"target/"
"result/"
];
};
terminal = {
toggleterm = {
enable = true;
setupOpts.winbar.enabled = false;
};
};
treesitter = {
enable = true;
context.enable = true;
fold = true;
textobjects.enable = true;
};
ui = {
# breadcrumbs = {
# enable = true;
# navbuddy.enable = true;
# };
colorizer.enable = true;
# fastaction.enable = true;
# illuminate.enable = true;
};
undoFile.enable = true;
utility = {
# diffview-nvim.enable = true;
# icon-picker.enable = true;
# images = {
# img-clip.enable = true;
# };
# mkdir.enable = true;
motion = {
precognition.enable = true;
};
# nvim-biscuits.enable = true;
# smart-splits.enable = true;
surround.enable = true;
# undotree.enable = true;
# yazi-nvim.enable = true;
};
visuals = {
# cinnamon-nvim.enable = true;
# fidget-nvim.enable = true;
# highlight-undo.enable = true;
indent-blankline.enable = true;
nvim-cursorline.enable = true;
# nvim-scrollbar.enable = true;
nvim-web-devicons.enable = true;
};
keymaps = [
{
mode = [ "n" ];
key = "<C-b>";
action = "<C-b>zz";
silent = true;
noremap = true;
desc = "Page up and center";
}
{
mode = [ "n" ];
key = "<C-u>";
action = "<C-u>zz";
silent = true;
noremap = true;
desc = "Half-page up and center";
}
{
mode = [ "n" ];
key = "<C-d>";
action = "<C-d>zz";
silent = true;
noremap = true;
desc = "Half-page down and center";
}
{
mode = [ "n" ];
key = "<C-f>";
action = "<C-f>zz";
silent = true;
noremap = true;
desc = "Page down and center";
}
{
mode = [ "n" ];
key = "<leader>ww";
action = "<cmd>w<CR>";
silent = true;
desc = "Save";
}
{
mode = [ "n" ];
key = "<leader>wq";
action = "<cmd>wq<CR>";
silent = true;
desc = "Save & Quit";
}
{
mode = [ "n" ];
key = "<leader>ee";
action = "<cmd>Neotree toggle<CR>";
silent = true;
desc = "Toggle Neo-tree";
}
{
mode = [ "n" ];
key = "<leader>ef";
action = "<cmd>Neotree reveal<CR>";
silent = true;
desc = "Reveal file in Neo-tree";
}
];
};
};
};
zsh = {
p10k.extraRightPromptElements = [ "vim_shell" ];
shellAliases.v = "nvim";
};
};
zsh.p10k.extraRightPromptElements = [ "vim_shell" ];
};
}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user}.programs.zsh.shellAliases.ncl = "sudo nix-cleanup";

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
lib,
inputs,

View File

@@ -1,31 +1,42 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs = {
type = "github";
owner = "karaolidis";
repo = "nixpkgs";
ref = "integration";
};
flake-utils = {
type = "github";
owner = "numtide";
repo = "flake-utils";
ref = "main";
};
treefmt-nix = {
url = "github:numtide/treefmt-nix";
type = "github";
owner = "numtide";
repo = "treefmt-nix";
ref = "main";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
inputs:
(
{ self, nixpkgs, ... }@inputs:
inputs.flake-utils.lib.eachDefaultSystem (
system:
let
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
config.allowUnfree = true;
};
pkgs = nixpkgs.legacyPackages.${system};
treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
in
{
devShells.${system}.default = pkgs.mkShell { packages = with pkgs; [ ]; };
devShells.default = pkgs.mkShell { packages = with pkgs; [ ]; };
formatter.${system} = treefmt.config.build.wrapper;
checks.formatting.${system} = treefmt.config.build.check inputs.self;
formatter = treefmt.config.build.wrapper;
checks.formatting = treefmt.config.build.check self;
}
);
}

View File

@@ -9,5 +9,9 @@
};
};
settings.global.excludes = [ ".envrc" ];
settings = {
global = {
excludes = [ ".envrc" ];
};
};
}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
lib,
pkgs,

View File

@@ -1,13 +1,13 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
environment.persistence."/persist/cache"."${home}/.cache/nix" = { };
home-manager.users.${user} = {
home.packages = with pkgs; [
nix-fast-build
nurl
];
home.packages = with pkgs; [ nurl ];
programs.zsh.shellAliases = {
nrs = "sudo nixos-rebuild switch --flake .#$(hostname) --show-trace";

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [ ouch ];

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, pkgs, ... }:
{
environment.persistence."/persist/state"."${home}/.local/state/wireplumber" = { };

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
lib,
pkgs,
@@ -16,10 +19,7 @@
settings.storage.storage.driver = "btrfs";
};
virtualisation.quadlet = {
enable = true;
autoEscape = true;
};
virtualisation.quadlet.autoEscape = true;
home = {
packages = with pkgs; [

View File

@@ -1,20 +1,17 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, inputs, ... }:
{
environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt" = { };
home-manager.users.${user} =
let
sopsKeyFile =
if config.environment.impermanence.enable then
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source
else
"${home}/.config/sops-nix/key.txt";
in
{
home-manager.users.${user} = {
imports = [ inputs.sops-nix.homeManagerModules.sops ];
sops.age.keyFile = sopsKeyFile;
home.sessionVariables.SOPS_AGE_KEY_FILE = sopsKeyFile;
sops.age.keyFile =
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source;
home.sessionVariables.SOPS_AGE_KEY_FILE =
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source;
};
}

View File

@@ -1,8 +1,11 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user} = {
services.ssh-agent.enable = true;
programs.ssh.matchBlocks."*".addKeysToAgent = "yes";
programs.ssh.addKeysToAgent = "yes";
};
}

View File

@@ -1,9 +1,8 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user}.programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks."*".identitiesOnly = true;
};
home-manager.users.${user}.programs.ssh.enable = true;
}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, utils, ... }:
{
networking.firewall = {
@@ -14,13 +17,11 @@
"syncthing/key" = {
owner = user;
group = "users";
mode = "0440";
};
# openssl req -new -x509 -key key.pem -out cert.pem -days 9999 -subj "/CN=syncthing"
"syncthing/cert" = {
owner = user;
group = "users";
mode = "0440";
};
};

View File

@@ -0,0 +1,8 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user}.programs.tmux.enable = true;
}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [ tree ];

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [ wget ];

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, pkgs, ... }:
{
environment.persistence."/persist/user" = {

View File

@@ -1,12 +1,18 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,
pkgs,
inputs,
system,
...
}:
let
hmConfig = config.home-manager.users.${user};
selfPkgs = inputs.self.packages.${system};
in
{
home-manager.users.${user} = {
@@ -21,9 +27,10 @@ in
};
opener = {
edit = [
edit =
[
{
run = "${hmConfig.programs.nvf.finalPackage}/bin/nvim \"$@\"";
run = "${hmConfig.programs.neovim.finalPackage}/bin/nvim \"$@\"";
desc = "nvim";
block = true;
}
@@ -184,8 +191,9 @@ in
ouch
mount
mediainfo
custom-shell
;
custom-shell = selfPkgs.yazi-plugin-custom-shell;
};
};

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, ... }:
{
home-manager.users.${user}.programs.yt-dlp = {

View File

@@ -1,26 +0,0 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user} = {
programs.zellij = {
enable = true;
settings = {
theme = "matugen";
pane_frames = false;
copy_command = "wl-copy";
ui.pane_frames.hide_session_name = true;
pane_viewport_serialization = true;
scrollback_lines_to_serialize = 0;
show_startup_tips = false;
show_release_notes = false;
};
};
theme.template.".config/zellij/themes/matugen.kdl".source = ./theme.kdl;
};
}

View File

@@ -1,128 +0,0 @@
themes {
matugen {
text_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
}
text_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
ribbon_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface_container.default.red}} {{colors.surface_container.default.green}} {{colors.surface_container.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
ribbon_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
table_title {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
table_cell_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
table_cell_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
list_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
list_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
frame_unselected {
base {{colors.outline_variant.default.red}} {{colors.outline_variant.default.green}} {{colors.outline_variant.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
frame_selected {
base {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
frame_highlight {
base {{colors.error.default.red}} {{colors.error.default.green}} {{colors.error.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
exit_code_success {
base {{colors.success.default.red}} {{colors.success.default.green}} {{colors.success.default.blue}}
background 0
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
exit_code_error {
base {{colors.error.default.red}} {{colors.error.default.green}} {{colors.error.default.blue}}
background 0
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
multiplayer_user_colors {
player_1 0
player_2 0
player_3 0
player_4 0
player_5 0
player_6 0
player_7 0
player_8 0
player_9 0
player_10 0
}
}
}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
environment.persistence."/persist/state"."${home}/.local/share/zoxide" = { };

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, pkgs, ... }:
{
environment = {
@@ -11,7 +14,7 @@
home-manager.users.${user} = {
programs.zsh = {
enable = true;
dotDir = "${home}/.config/zsh";
dotDir = ".config/zsh";
autocd = true;
history = {
path = "${home}/.local/share/zsh/history";

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
imports = [ ./options.nix ];

View File

@@ -1,6 +1,6 @@
import app from "ags/gtk3/app";
import { exec } from "ags/process";
import { monitorFile } from "ags/file";
import { App } from "astal/gtk3";
import { monitorFile } from "astal/file";
import { exec } from "astal/process";
import GLib from "gi://GLib";
import Left from "./widget/Left";
import Center from "./widget/Center";
@@ -12,15 +12,15 @@ const scss = `${HOME}/.config/astal/theme.sass`;
monitorFile(scss, () => {
exec(`sassc ${scss} ${css}`);
app.apply_css(css, true);
App.apply_css(css, true);
});
exec(`sassc ${scss} ${css}`);
app.start({
App.start({
css,
main() {
app.get_monitors().map((monitor) => {
App.get_monitors().map((monitor) => {
Left(monitor);
Center(monitor);
Right(monitor);

View File

@@ -1,8 +1,8 @@
import { Gdk } from "ags/gtk3";
import { Gdk } from "astal/gtk3";
import Hyprland from "gi://AstalHyprland";
export const range = (length: number, start = 1) => {
return Array.from({ length }, (_, i) => i + start);
return Array.from({ length }, (n, i) => i + start);
};
export const getHyprlandMonitor = (gdkmonitor: Gdk.Monitor) => {

View File

@@ -1,5 +1,6 @@
{
"name": "astal-shell",
"dependencies": {
"ags": "*"
"astal": "~/.local/share/ags"
}
}

View File

@@ -1,12 +1,12 @@
{
"$schema": "https://json.schemastore.org/tsconfig",
"compilerOptions": {
"jsx": "react-jsx",
"jsxImportSource": "ags/gtk3",
"lib": ["ES2023"],
"experimentalDecorators": true,
"strict": true,
"target": "ES2022",
"module": "ES2022",
"moduleResolution": "Bundler",
"strict": true,
"target": "ES2020"
"jsx": "react-jsx",
"jsxImportSource": "astal/gtk3"
}
}

View File

@@ -1,19 +1,17 @@
import { Astal, Gtk, Gdk } from "ags/gtk3";
import { App, Astal, Gtk, Gdk } from "astal/gtk3";
import Date from "./components/Date";
import Hidden from "./components/Hidden";
import app from "ags/gtk3/app";
export default (monitor: Gdk.Monitor) => (
<window
visible
class="root"
className="root"
gdkmonitor={monitor}
exclusivity={Astal.Exclusivity.IGNORE}
anchor={Astal.WindowAnchor.TOP}
application={app}
application={App}
>
<Hidden>
<box class="widgets" hexpand halign={Gtk.Align.CENTER}>
<box className="widgets" hexpand halign={Gtk.Align.CENTER}>
<Date />
</box>
</Hidden>

View File

@@ -1,22 +1,21 @@
import { Astal, Gtk, Gdk } from "ags/gtk3";
import app from "ags/gtk3/app";
import { App, Astal, Gtk, Gdk } from "astal/gtk3";
import Launcher from "./components/Launcher";
import Workspace from "./components/Workspaces";
import Hidden from "./components/Hidden";
import { getHyprlandMonitor } from "../lib";
export default (monitor: Gdk.Monitor) => (
<window
visible
class="root"
className="root"
gdkmonitor={monitor}
exclusivity={Astal.Exclusivity.IGNORE}
anchor={Astal.WindowAnchor.TOP | Astal.WindowAnchor.LEFT}
application={app}
application={App}
>
<Hidden>
<box class="widgets" hexpand halign={Gtk.Align.START}>
<box className="widgets" hexpand halign={Gtk.Align.START}>
<Launcher />
<Workspace gdkmonitor={monitor} />
<Workspace monitor={getHyprlandMonitor(monitor)!} />
</box>
</Hidden>
</window>

View File

@@ -1,21 +1,18 @@
import { Astal, Gtk } from "ags/gtk3";
import app from "ags/gtk3/app";
import Gdk from "gi://Gdk";
import { App, Astal, Gtk, Gdk } from "astal/gtk3";
import Systray from "./components/Tray";
import Hidden from "./components/Hidden";
import Battery from "./components/Battery";
export default (monitor: Gdk.Monitor) => (
<window
visible
class="root"
className="root"
gdkmonitor={monitor}
exclusivity={Astal.Exclusivity.IGNORE}
anchor={Astal.WindowAnchor.TOP | Astal.WindowAnchor.RIGHT}
application={app}
application={App}
>
<Hidden>
<box class="widgets" hexpand halign={Gtk.Align.END}>
<box className="widgets" hexpand halign={Gtk.Align.END}>
<Systray />
<Battery />
</box>

View File

@@ -1,4 +1,4 @@
import { createBinding, createComputed } from "ags";
import { bind, Variable } from "astal";
import AstalBattery from "gi://AstalBattery";
const battery = AstalBattery.get_default();
@@ -9,19 +9,19 @@ const formatTime = (seconds: number) =>
: "--:--";
export default () => {
const percentage = createBinding(battery, "percentage").as(
const percentage = bind(battery, "percentage").as(
(p) => Math.round(p * 100) + "%",
);
const charging = createBinding(battery, "charging");
const timeToFull = createBinding(battery, "timeToFull");
const timeToEmpty = createBinding(battery, "timeToEmpty");
const charging = bind(battery, "charging");
const timeToFull = bind(battery, "timeToFull");
const timeToEmpty = bind(battery, "timeToEmpty");
const time = createComputed(
const time = Variable.derive(
[charging, timeToFull, timeToEmpty],
(charging, full, empty) => formatTime(charging ? full : empty),
);
const label = createComputed(
const label = Variable.derive(
[percentage, charging, time],
(percentage, charging, time) => {
const arrow = charging ? "▲" : "▼";
@@ -30,8 +30,8 @@ export default () => {
);
return (
<button class="battery">
<label class="label" label={label} />
<button className="battery">
<label className="label" label={bind(label)} />
</button>
);
};

View File

@@ -1,16 +1,21 @@
import { createPoll } from "ags/time";
import GLib from "gi://GLib?version=2.0";
import { bind, Variable } from "astal";
import { GLib } from "astal";
export default () => {
const time = createPoll(
const time = Variable(
GLib.DateTime.new_now_local().format("%H:%M - %A, %d %B %Y")!,
).poll(
1000,
() => GLib.DateTime.new_now_local().format("%H:%M - %A, %d %B %Y")!,
);
return (
<button class="date">
<label class="label" label={time} />
<button className="date">
<label
className="label"
onDestroy={() => time.drop()}
label={bind(time)}
/>
</button>
);
};

View File

@@ -1,6 +1,5 @@
import { createState } from "ags";
import { Gtk } from "ags/gtk3";
import { timeout } from "ags/time";
import { Gtk } from "astal/gtk3";
import { Variable, bind, timeout } from "astal";
export default function Hidden({
child,
@@ -13,20 +12,24 @@ export default function Hidden({
orientation?: Gtk.Orientation;
transitionType?: Gtk.RevealerTransitionType;
}) {
const [show, setShow] = createState(true);
const show = Variable(true);
const contents = child ?? children;
return (
<eventbox onHover={() => setShow(true)} onHoverLost={() => setShow(false)}>
<eventbox
clickThrough
onHover={() => show.set(true)}
onHoverLost={() => show.set(false)}
>
<box orientation={orientation}>
<revealer
onRealize={() => timeout(2000, () => setShow(false))}
revealChild={show}
setup={(self) => timeout(2000, () => (self.revealChild = false))}
revealChild={bind(show)}
transitionType={transitionType}
>
{Array.isArray(contents) ? <>{contents}</> : contents}
</revealer>
<box class="trigger-guard" />
<box clickThrough className="trigger-guard" />
</box>
</eventbox>
);

View File

@@ -1,14 +1,14 @@
import { execAsync } from "ags/process";
import { execAsync } from "astal/process";
export default () => (
<button
class="launcher"
onClicked={() =>
className="launcher"
onClickRelease={() =>
execAsync(
'rofi -modes drun -show drun -run-command \"uwsm app -- {cmd}\"',
)
}
>
<icon class="icon" icon="nix-snowflake-symbolic" />;
<icon className="icon" icon="nix-snowflake-symbolic" />;
</button>
);

View File

@@ -1,37 +1,28 @@
import { createBinding, For } from "ags";
import app from "ags/gtk3/app";
import { App } from "astal/gtk3";
import { bind } from "astal";
import Tray from "gi://AstalTray";
const tray = Tray.get_default();
const TrayButton = ({ item }: { item: Tray.TrayItem }) => (
<menubutton
class="item"
tooltipMarkup={createBinding(item, "tooltipMarkup")}
className="item"
tooltipMarkup={bind(item, "tooltipMarkup")}
usePopover={false}
menuModel={createBinding(item, "menuModel")}
onRealize={(self) => {
createBinding(item, "action_group").as((action_group) =>
self.insert_action_group("dbusmenu", action_group),
);
self.insert_action_group("dbusmenu", item.action_group);
}}
menuModel={bind(item, "menuModel")}
actionGroup={bind(item, "actionGroup").as((ag) => ["dbusmenu", ag])}
>
<icon gicon={createBinding(item, "gicon")} />
<icon gicon={bind(item, "gicon")} />
</menubutton>
);
export default () => {
let items = createBinding(tray, "items");
return (
<box class="systray">
<For each={items}>
{(item, _) => {
if (item.iconThemePath) app.add_icons(item.iconThemePath);
export default () => (
<box className="systray">
{bind(tray, "items").as((items) =>
items.map((item) => {
if (item.iconThemePath) App.add_icons(item.iconThemePath);
return <TrayButton item={item} />;
}}
</For>
}),
)}
</box>
);
};
);

View File

@@ -1,83 +1,74 @@
import { bind, Variable } from "astal";
import Hyprland from "gi://AstalHyprland";
import { getHyprlandMonitor, range } from "../../lib";
import {
Accessor,
createBinding,
createComputed,
createState,
Setter,
} from "ags";
import { Gdk, Gtk } from "ags/gtk3";
import { range } from "../../lib";
const hyprland = Hyprland.get_default();
const BLOCK_SIZE = 10;
const Workspace = ({ id }: { id: number }) => {
let clients: Accessor<string[]>;
let setClients: Setter<string[]>;
let clients: Variable<string[]>;
try {
const workspace = hyprland.get_workspace(id);
[clients, setClients] = createState(
workspace.clients.map((client) => client.address),
);
clients = Variable(workspace.clients.map((client) => client.address));
} catch (_) {
[clients, setClients] = createState<string[]>([]);
clients = Variable([]);
}
const active = createComputed(
[createBinding(hyprland, "focusedWorkspace")],
const active = Variable.derive(
[bind(hyprland, "focusedWorkspace")],
(focused) => focused.id == id,
);
hyprland.connect("workspace-added", (_, workspace) => {
if (workspace.id != id) return;
setClients(workspace.clients.map((client) => client.address));
clients.set(workspace.clients.map((client) => client.address));
});
hyprland.connect("workspace-removed", (_, workspaceId) => {
if (workspaceId != id) return;
setClients([]);
clients.set([]);
});
hyprland.connect("client-added", (_hyprland, client) => {
if (client.workspace.id != id) return;
setClients([...clients.get(), client.address]);
clients.set([...clients.get(), client.address]);
});
// Explicit separate event handling instead of Variable.derive(workspaces, clients)
// because client-moved events appear to be broken if done that way.
hyprland.connect("client-moved", (_hyprland, client, workspace) => {
if (workspace.id == id) {
setClients([...clients.get(), client.address]);
clients.set([...clients.get(), client.address]);
} else {
setClients(
clients.set(
clients.get().filter((oldClient) => oldClient != client.address),
);
}
});
hyprland.connect("client-removed", (_hyprland, address) => {
setClients(clients.get().filter((oldClient) => oldClient != address));
clients.set(clients.get().filter((oldClient) => oldClient != address));
});
const className = createComputed([active, clients], (active, clients) => {
const className = Variable.derive([active, clients], (active, clients) => {
if (active) return "button active";
if (clients.length > 0) return "button occupied";
return "button";
});
return (
<box orientation={Gtk.Orientation.VERTICAL}>
<box vertical>
<box vexpand />
<eventbox onClickRelease={() => hyprland.dispatch("workspace", `${id}`)}>
<label class={className} />
<label className={className()} />
</eventbox>
<box vexpand />
</box>
);
};
export default ({ gdkmonitor }: { gdkmonitor: Gdk.Monitor }) => {
const monitor = getHyprlandMonitor(gdkmonitor)!;
export default ({ monitor }: { monitor: Hyprland.Monitor }) => {
const workspaces = hyprland.get_workspaces();
const displayWorkspaces = workspaces.filter(
(w) => w.monitor.id === monitor.id,
@@ -87,7 +78,7 @@ export default ({ gdkmonitor }: { gdkmonitor: Gdk.Monitor }) => {
return (
<eventbox
class="workspaces"
className="workspaces"
onScroll={(_, e) => {
hyprland.dispatch("workspace", e.delta_y > 0 ? "m+1" : "m-1");
}}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,

View File

@@ -0,0 +1,20 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ lib, pkgs, ... }:
{
users.users.${user}.extraGroups = [
"video"
"inputs"
];
home-manager.users.${user}.wayland.windowManager.hyprland.settings.bindle =
let
brightnessctl = lib.meta.getExe pkgs.brightnessctl;
in
[
", XF86MonBrightnessUp, exec, ${brightnessctl} -q s 5%+"
", XF86MonBrightnessDown, exec, ${brightnessctl} -q s 5%-"
];
}

View File

@@ -0,0 +1,29 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,
pkgs,
...
}:
{
home-manager.users.${user} = {
programs.btop.settings.color_theme = "matugen";
theme = {
template.".config/btop/themes/matugen.theme".source = ./theme.theme;
reloadExtraConfig = "${
lib.meta.getExe (
pkgs.writeShellApplication {
name = "reload-btop";
runtimeInputs = with pkgs; [ procps ];
text = "exec pkill btop -SIGUSR2";
}
)
} &";
};
};
}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,

View File

@@ -1,6 +1,27 @@
{ user, home }:
{ pkgs, ... }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
in
{
nixpkgs.overlays = [
(final: prev: {
darktable = prev.darktable.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./better-copy-and-import.patch ];
});
})
];
environment.persistence = {
"/persist/state" = {
"${home}/.config/darktable/data.db" = { };
@@ -10,11 +31,22 @@
};
home-manager.users.${user} = {
home.packages = with pkgs; [
home = {
packages =
with pkgs;
with selfPkgs;
[
darktable
exiftool
darktable-ghost-cms-publish
];
sessionVariables = {
GHOST_URL = "https://photos.karaolidis.com";
GHOST_ADMIN_API_KEY_PATH = hmConfig.sops.secrets."jupiter/photos.karaolidis.com/admin".path;
};
};
xdg.configFile = {
"darktable/darktablerc".source = (pkgs.formats.keyValue { }).generate "darktablerc" {
"compress_xmp_tags" = "never";
@@ -40,13 +72,19 @@
"darktable/luarc".text = ''
require "tools/script_manager"
require "tools/publish"
'';
"darktable/lua/lib".source = "${pkgs.darktable-lua-scripts}/lib";
"darktable/lua/lib".source = "${selfPkgs.darktable-lua-scripts}/lib";
"darktable/lua/tools/script_manager.lua".source =
"${pkgs.darktable-lua-scripts}/tools/script_manager.lua";
"${selfPkgs.darktable-lua-scripts}/tools/script_manager.lua";
"darktable/lua/tools/publish.lua".source =
"${selfPkgs.darktable-ghost-cms-publish}/lib/darktable-ghost-cms-publish/publish.lua";
"darktable/luts".source = pkgs.darktable-hald-clut;
"darktable/luts".source = selfPkgs.darktable-hald-clut;
};
sops.secrets."jupiter/photos.karaolidis.com/admin".sopsFile =
../../../../../../secrets/personal/secrets.yaml;
};
}

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ lib, pkgs, ... }:
{
environment.persistence."/persist/state"."${home}/.config/vesktop" = { };

View File

@@ -1,4 +1,7 @@
{ user, home }:
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,

Some files were not shown because too many files have changed in this diff Show More