karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: karaolidis:main
Branches Tags
karaolidis:main karaolidis:wireguard karaolidis:kubernetes
..
compare: karaolidis:b49f9f5c8ef656bb55d87b22a6d249e608384d88
Branches Tags
karaolidis:main karaolidis:wireguard karaolidis:kubernetes

1 Commits
main ... b49f9f5c8e

Author SHA1 Message Date
Nikolaos Karaolidis
b49f9f5c8e Add sas input 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-08-15 10:47:35 +03:00
298 changed files with 4789 additions and 34669 deletions
Expand all files Collapse all files

7
.gitignore vendored
View File

@@ -1,7 +0,0 @@
# ---> Nix
# Ignore build outputs from performing a nix-build or `nix build` command
result
result-*
# Ignore automatically generated direnv output
.direnv

3
.gitmodules vendored
View File

@@ -4,6 +4,3 @@
[submodule "sas"] [submodule "sas"]
path = submodules/sas path = submodules/sas
url = git@karaolidis.com:karaolidis/nix-sas.git url = git@karaolidis.com:karaolidis/nix-sas.git
[submodule "lib"]
path = submodules/lib
url = git@karaolidis.com:karaolidis/nix-lib.git

13
README.md
View File

@@ -16,15 +16,14 @@ NixOS dotfiles and configuration for various hosts and users.
- [`gui/`](./hosts/common/configs/user/gui): GUI-related settings. - [`gui/`](./hosts/common/configs/user/gui): GUI-related settings.
- `<name>/`: Individual host configurations. - `<name>/`: Individual host configurations.
- [`overlays/`](./overlays/): Custom patches.
- [`packages/`](./packages/): Custom packages. - [`packages/`](./packages/): Custom packages.
- [`scripts/`](./scripts): Utility scripts for managing the repository. - [`lib/`](./lib): Nix library function definitions and utilities.
- [`add-host.sh`](./scripts/add-host.sh): Instantiate the keys for a new host configuration. - [`scripts/`](./lib/scripts): Utility scripts for managing the repository.
- [`remove-host.sh`](./scripts/remove-host.sh): Remove references to a host. - [`add-host.sh`](./lib/scripts/add-host.sh): Instantiate the keys for a new host configuration.
- [`update-keys.sh`](./scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations. - [`remove-host.sh`](./lib/scripts/remove-host.sh): Remove references to a host.
- [`update.sh`](./scripts/update.sh): Update flake and all packages. - [`update-keys.sh`](./lib/scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations.
- [`update.sh`](./lib/scripts/update.sh): Update flake and all packages.
Any `options.nix` files create custom option definitions when present. Any `options.nix` files create custom option definitions when present.

224
flake.lock generated
View File

@@ -10,11 +10,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759227262, "lastModified": 1754932414,
"narHash": "sha256-ibKJckw+KWH6n+pscOA7DWImanr988zKB7R2Z6ZEMLM=", "narHash": "sha256-V8c+68Axn5AGDCaG9Zv+EqNU4D6xWPHNXLIapq6AGiM=",
"owner": "aylur", "owner": "aylur",
"repo": "ags", "repo": "ags",
"rev": "f68a0d03fbb94f4beacedd922ffaa0bf0f10397a", "rev": "9e6912b51d7bc58f35d10b11be1a126b926b56d3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -30,11 +30,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759688436, "lastModified": 1754893912,
"narHash": "sha256-EfTrJse33t3RP//DqESkTMCpMSdIi/wxxfa12+eP5jo=", "narHash": "sha256-kzU/3A4k+d3PsgMLohzSh4KJybTqvzqibUVqV2yXCGY=",
"owner": "aylur", "owner": "aylur",
"repo": "astal", "repo": "astal",
"rev": "12c15b44608422e494c387aba6adc1ab6315d925", "rev": "5d4eef66392b0dff99a63a4f39ff886624bd69dd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -80,17 +80,19 @@
} }
}, },
"flake-compat": { "flake-compat": {
"flake": false,
"locked": { "locked": {
"lastModified": 1733328505, "lastModified": 1747046372,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", "owner": "edolstra",
"revCount": 69, "repo": "flake-compat",
"type": "tarball", "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz" "type": "github"
}, },
"original": { "original": {
"type": "tarball", "owner": "edolstra",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" "repo": "flake-compat",
"type": "github"
} }
}, },
"flake-input-patcher": { "flake-input-patcher": {
@@ -121,11 +123,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1759362264, "lastModified": 1754487366,
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=", "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881", "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -183,11 +185,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759711004, "lastModified": 1754974548,
"narHash": "sha256-B39NxeKCnK3DJlmJKIts6njcXcVVASLUChDNmRl4dxQ=", "narHash": "sha256-XMjUjKD/QRPcqUnmSDczSYdw46SilnG0+wkho654DFM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "6f4021da5d2bb5ea7cb782ff413ecb7062066820", "rev": "27a26be51ff0162a8f67660239f9407dba68d7c5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -199,9 +201,7 @@
"lanzaboote": { "lanzaboote": {
"inputs": { "inputs": {
"crane": "crane", "crane": "crane",
"flake-compat": [ "flake-compat": "flake-compat",
"flake-compat"
],
"flake-parts": [ "flake-parts": [
"flake-parts" "flake-parts"
], ],
@@ -212,11 +212,11 @@
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1756744479, "lastModified": 1754297745,
"narHash": "sha256-EyZXusK/wRD3V9vDh00W2Re3Eg8UQ+LjVBQrrH9dq1U=", "narHash": "sha256-aD6/scLN3L4ZszmNbhhd3JQ9Pzv1ScYFphz14wHinfs=",
"owner": "nix-community", "owner": "nix-community",
"repo": "lanzaboote", "repo": "lanzaboote",
"rev": "747b7912f49e2885090c83364d88cf853a020ac1", "rev": "892cbdca865d6b42f9c0d222fe309f7720259855",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -225,75 +225,13 @@
"type": "github" "type": "github"
} }
}, },
"lib": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": [
"treefmt-nix"
]
},
"locked": {
"lastModified": 1758632667,
"narHash": "sha256-C0aBPv8vqTI1QNVhygZxL0f49UERx2UejVdtyz67jhs=",
"ref": "refs/heads/main",
"rev": "5e0737c20f3c265dbff604170a6433cc1e1a4b41",
"revCount": 8,
"type": "git",
"url": "https://git.karaolidis.com/karaolidis/nix-lib.git"
},
"original": {
"type": "git",
"url": "https://git.karaolidis.com/karaolidis/nix-lib.git"
}
},
"mnw": {
"locked": {
"lastModified": 1758834834,
"narHash": "sha256-Y7IvY4F8vajZyp3WGf+KaiIVwondEkMFkt92Cr9NZmg=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "cfbc7d1cc832e318d0863a5fc91d940a96034001",
"type": "github"
},
"original": {
"owner": "Gerg-L",
"repo": "mnw",
"type": "github"
}
},
"nixos-wsl": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1755774185,
"narHash": "sha256-XjKqiTA19mkoBkja0VOy90qp2gC1f2fGgsLb9m1lg5Q=",
"owner": "karaolidis",
"repo": "NixOS-WSL",
"rev": "b1f426697f62006b99fac0cc25a106626c78f874",
"type": "github"
},
"original": {
"owner": "karaolidis",
"ref": "extra-files",
"repo": "NixOS-WSL",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1759381078, "lastModified": 1754725699,
"narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -305,11 +243,11 @@
}, },
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1754788789, "lastModified": 1753579242,
"narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=", "narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "a73b9c743612e4244d865a2fdee11865283c04e6", "rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -328,11 +266,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759742968, "lastModified": 1755067854,
"narHash": "sha256-yk56xZpanCPlhowzIEdS2GfPDG0yQ4kE/j85lJbAX1Y=", "narHash": "sha256-VP+2GVREkB7tg8vGBJ2yOlfwng+TEv45vZGvb4eV17E=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "9ea4f672c7138273a4131dd25038da49306685b8", "rev": "3352304d8f256bb67b5f9662b3493b069b3cac25",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -341,36 +279,6 @@
"type": "github" "type": "github"
} }
}, },
"nvf": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"flake-parts": [
"flake-parts"
],
"mnw": "mnw",
"nixpkgs": [
"nixpkgs"
],
"systems": [
"systems"
]
},
"locked": {
"lastModified": 1759469269,
"narHash": "sha256-DP833ejGUNRRHsJOB3WRTaWWXLNucaDga2ju/fGe+sc=",
"owner": "NotAShelf",
"repo": "nvf",
"rev": "e48638aef3a95377689de0ef940443c64f870a09",
"type": "github"
},
"original": {
"owner": "NotAShelf",
"repo": "nvf",
"type": "github"
}
},
"nvidia-patch": { "nvidia-patch": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -381,11 +289,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1758268943, "lastModified": 1755069017,
"narHash": "sha256-ufkrvMWvS+tgzs5H5iRZn/okuvmSzRLeBf+zUxES6YE=", "narHash": "sha256-cTD5WfZRK2mwrSktlYcrk6DOEEkQbE1z78O16TF293c=",
"owner": "icewind1991", "owner": "icewind1991",
"repo": "nvidia-patch-nixos", "repo": "nvidia-patch-nixos",
"rev": "e7358911c8f611eb1eb8e0758aa668d4d2d55cd9", "rev": "d187885c14bdd8520d40f527134d536168f8d92b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -422,11 +330,11 @@
}, },
"quadlet-nix": { "quadlet-nix": {
"locked": { "locked": {
"lastModified": 1758631655, "lastModified": 1754008153,
"narHash": "sha256-EGeZ963L7xsNAY7snvP1JHQe7LWLVCM6f49+PzWjhEE=", "narHash": "sha256-MYT1mDtSkiVg343agxgBFsnuNU3xS8vRy399JXX1Vw0=",
"owner": "SEIAROTg", "owner": "SEIAROTg",
"repo": "quadlet-nix", "repo": "quadlet-nix",
"rev": "2ebe01b175e2e1e6de3f172d23f0c3b88713eec9", "rev": "1b2d27d460d8c7e4da5ba44ede463b427160b5c4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -440,17 +348,13 @@
"ags": "ags", "ags": "ags",
"astal": "astal", "astal": "astal",
"disko": "disko", "disko": "disko",
"flake-compat": "flake-compat",
"flake-input-patcher": "flake-input-patcher", "flake-input-patcher": "flake-input-patcher",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"home-manager": "home-manager", "home-manager": "home-manager",
"lanzaboote": "lanzaboote", "lanzaboote": "lanzaboote",
"lib": "lib",
"nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nur": "nur", "nur": "nur",
"nvf": "nvf",
"nvidia-patch": "nvidia-patch", "nvidia-patch": "nvidia-patch",
"quadlet-nix": "quadlet-nix", "quadlet-nix": "quadlet-nix",
"sas": "sas", "sas": "sas",
@@ -483,23 +387,13 @@
} }
}, },
"sas": { "sas": {
"inputs": { "flake": false,
"lib": [
"lib"
],
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": [
"treefmt-nix"
]
},
"locked": { "locked": {
"lastModified": 1759752146, "lastModified": 1755243359,
"narHash": "sha256-g30leL+8jLxkYWiM5W2RjnhGyqBtErmeOX3ELK5CRAQ=", "narHash": "sha256-R8Tt700YWn/AEIfqG3n4mklFqmtYGsqKnj+kV+Sq6u8=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "bc1564ea3eb472f7b843e3237da0d1cd2f6f8e37", "rev": "7bf093db0a30e4b0d8867c1b21e461f0bf08d866",
"revCount": 14, "revCount": 4,
"type": "git", "type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git" "url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git"
}, },
@@ -511,11 +405,11 @@
"secrets": { "secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1759165833, "lastModified": 1755243351,
"narHash": "sha256-EYAVKr7gGY7MDmgPIYsW3yk96q51UT1vtzlupR8paKg=", "narHash": "sha256-Oa7ASrkHUcNHMf/rXnVokLytKEqiM4X2C7R8gBSy/AM=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "a5c1c552628492281e05e99458f1ca3ec272b448", "rev": "13b3145cbabcf1d042abdab931cec9042bccc771",
"revCount": 48, "revCount": 32,
"type": "git", "type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git" "url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git"
}, },
@@ -531,11 +425,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759635238, "lastModified": 1754988908,
"narHash": "sha256-UvzKi02LMFP74csFfwLPAZ0mrE7k6EiYaKecplyX9Qk=", "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "6e5a38e08a2c31ae687504196a230ae00ea95133", "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -554,11 +448,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759638324, "lastModified": 1754801101,
"narHash": "sha256-bj0L3n2UWE/DjqFjsydWsSzO74+dqUA4tiOX4At6LbM=", "narHash": "sha256-oxWjZ/SfhCvHFNePZcUu+LcE5j4xxuIt/yaoaSvMZk0=",
"owner": "Gerg-L", "owner": "Gerg-L",
"repo": "spicetify-nix", "repo": "spicetify-nix",
"rev": "c39a58510e55c4970e57176ab14b722a978e5f01", "rev": "fcbfc21572518c68317df992929b28df9a1d8468",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -589,11 +483,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1758728421, "lastModified": 1754847726,
"narHash": "sha256-ySNJ008muQAds2JemiyrWYbwbG+V7S5wg3ZVKGHSFu8=", "narHash": "sha256-2vX8QjO5lRsDbNYvN9hVHXLU6oMl+V/PsmIiJREG4rE=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "5eda4ee8121f97b218f7cc73f5172098d458f1d1", "rev": "7d81f6fb2e19bf84f1c65135d1060d829fae2408",
"type": "github" "type": "github"
}, },
"original": { "original": {

150
flake.nix
View File

@@ -1,6 +1,5 @@
{ {
inputs = { inputs = {
# Configuration
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = { home-manager = {
@@ -8,19 +7,40 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# Packages disko = {
nur = { url = "github:nix-community/disko/latest";
url = "github:nix-community/NUR"; inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
lanzaboote = {
url = "github:nix-community/lanzaboote";
inputs = { inputs = {
nixpkgs.follows = "nixpkgs"; nixpkgs.follows = "nixpkgs";
flake-parts.follows = "flake-parts"; flake-parts.follows = "flake-parts";
}; };
}; };
# DevOps secrets = {
sops-nix = { url = "git+ssh://git@karaolidis.com/karaolidis/nix-secrets.git";
url = "github:Mic92/sops-nix"; flake = false;
inputs.nixpkgs.follows = "nixpkgs"; };
sas = {
url = "git+ssh://git@karaolidis.com/karaolidis/nix-sas.git";
flake = false;
};
nur = {
url = "github:nix-community/NUR";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-parts.follows = "flake-parts";
};
}; };
treefmt-nix = { treefmt-nix = {
@@ -36,66 +56,6 @@
}; };
}; };
# Personal
lib = {
# FIXME: https://github.com/NixOS/nix/issues/12281
url = "git+https://git.karaolidis.com/karaolidis/nix-lib.git";
inputs = {
nixpkgs.follows = "nixpkgs";
treefmt-nix.follows = "treefmt-nix";
};
};
sas = {
# FIXME: https://github.com/NixOS/nix/issues/12281
url = "git+ssh://git@karaolidis.com/karaolidis/nix-sas.git";
inputs = {
nixpkgs.follows = "nixpkgs";
lib.follows = "lib";
treefmt-nix.follows = "treefmt-nix";
};
};
secrets = {
# FIXME: https://github.com/NixOS/nix/issues/12281
url = "git+ssh://git@karaolidis.com/karaolidis/nix-secrets.git";
flake = false;
};
# Hardware
disko = {
url = "github:nix-community/disko/latest";
inputs.nixpkgs.follows = "nixpkgs";
};
lanzaboote = {
url = "github:nix-community/lanzaboote";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
flake-parts.follows = "flake-parts";
};
};
nixos-wsl = {
url = "github:karaolidis/NixOS-WSL/extra-files";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
};
};
# Applications
nvf = {
url = "github:NotAShelf/nvf";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
flake-parts.follows = "flake-parts";
systems.follows = "systems";
};
};
quadlet-nix.url = "github:SEIAROTg/quadlet-nix"; quadlet-nix.url = "github:SEIAROTg/quadlet-nix";
nvidia-patch = { nvidia-patch = {
@@ -127,7 +87,6 @@
}; };
}; };
# Transitive Dependencies
systems.url = "github:nix-systems/default"; systems.url = "github:nix-systems/default";
flake-parts.url = "github:hercules-ci/flake-parts"; flake-parts.url = "github:hercules-ci/flake-parts";
@@ -136,20 +95,17 @@
url = "github:numtide/flake-utils"; url = "github:numtide/flake-utils";
inputs.systems.follows = "systems"; inputs.systems.follows = "systems";
}; };
flake-compat.url = "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz";
}; };
outputs = outputs =
unpatchedInputs: inputs:
let let
patchInputs = mkInputs =
system: system:
let let
patcher = unpatchedInputs.flake-input-patcher.lib.${system}; patcher = inputs.flake-input-patcher.lib.${system};
patches = import ./patches.nix { inherit patcher; };
in in
if patches != { } then patcher.patch unpatchedInputs patches else unpatchedInputs; patcher.patch inputs (import ./patches.nix { inherit patcher; });
mkNixosConfiguration = mkNixosConfiguration =
inputs: system: modules: inputs: system: modules:
@@ -158,21 +114,14 @@
specialArgs = { inherit inputs system; }; specialArgs = { inherit inputs system; };
}; };
in in
{ (
overlays.default = import ./overlays;
}
// (
let let
system = "x86_64-linux"; system = "x86_64-linux";
inputs = patchInputs system; inputs = mkInputs system;
pkgs = import inputs.nixpkgs { pkgs = import inputs.nixpkgs {
inherit system; inherit system;
config.allowUnfree = true; config.allowUnfree = true;
overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
];
}; };
treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix; treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
@@ -187,34 +136,11 @@
}; };
devShells.${system} = import ./hosts/common/shells { inherit pkgs; }; devShells.${system} = import ./hosts/common/shells { inherit pkgs; };
packages.${system} = import ./packages { inherit pkgs; }; lib.${system} = import ./lib { inherit pkgs; };
packages.${system} = import ./packages { inherit pkgs inputs system; };
formatter.${system} = treefmt.config.build.wrapper; formatter.${system} = treefmt.config.build.wrapper;
checks.formatting.${system} = treefmt.config.build.check inputs.self;
checks.${system} =
let
nixosConfigurations =
pkgs.lib.mapAttrs'
(
name: config:
pkgs.lib.nameValuePair "nixosConfiguration-${name}" config.config.system.build.toplevel
)
((pkgs.lib.filterAttrs (_: config: config.pkgs.system == system)) inputs.self.nixosConfigurations);
packages = pkgs.lib.mapAttrs' (
name: pkgs.lib.nameValuePair "package-${name}"
) inputs.self.packages.${system};
overlayPackages = pkgs.lib.mapAttrs' (n: pkgs.lib.nameValuePair "overlayPackage-${n}") (
import ./overlays/packages.nix { inherit pkgs; }
);
devShells = pkgs.lib.mapAttrs' (
name: pkgs.lib.nameValuePair "devShell-${name}"
) inputs.self.devShells.${system};
formatter.formatting = treefmt.config.build.check inputs.self;
in
nixosConfigurations // packages // overlayPackages // devShells // formatter;
} }
); );
} }

5
hosts/common/configs/system/cloudflared/default.nix Normal file
View File

@@ -0,0 +1,5 @@
{ ... }:
{
# https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-local-tunnel/
services.cloudflared.enable = true;
}

1
hosts/common/configs/system/default.nix
View File

@@ -3,6 +3,5 @@
imports = [ imports = [
./cpu/options.nix ./cpu/options.nix
./impermanence/options.nix ./impermanence/options.nix
./networking/options.nix
]; ];
} }

22
hosts/common/configs/system/dnsmasq/default.nix Normal file
View File

@@ -0,0 +1,22 @@
{ lib, pkgs, ... }:
{
networking.networkmanager.dns = "dnsmasq";
environment.etc."NetworkManager/dnsmasq.d/10-bind-interfaces.conf".source =
(pkgs.formats.keyValue {
mkKeyValue =
name: value:
if value == true then
name
else if value == false then
""
else
lib.generators.mkKeyValueDefault { } "=" name value;
listsAsDuplicateKeys = true;
}).generate
"10-bind-interfaces.conf"
{
bind-interfaces = true;
listen-address = [ "127.0.0.1" ];
};
}

14
hosts/common/configs/system/fail2ban/default.nix
View File

@@ -1,14 +0,0 @@
{ ... }:
{
environment.persistence."/persist/state"."/var/lib/fail2ban" = { };
services.fail2ban = {
enable = true;
bantime = "24h";
bantime-increment = {
enable = true;
maxtime = "720h";
overalljails = true;
};
};
}

4
hosts/common/configs/system/gpg-agent/default.nix Normal file
View File

@@ -0,0 +1,4 @@
{ ... }:
{
programs.gnupg.agent.enable = true;
}

7
hosts/common/configs/system/libvirt/default.nix
View File

@@ -1,4 +1,9 @@
{ config, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
{ {
virtualisation = { virtualisation = {
libvirtd = { libvirtd = {

17
hosts/common/configs/system/networking/options.nix
View File

@@ -1,17 +0,0 @@
{ lib, ... }:
{
options.networking =
with lib;
with types;
{
publicIPv4 = mkOption {
type = nullOr str;
description = "The public IPv4 address of this device.";
};
publicIPv6 = mkOption {
type = nullOr str;
description = "The public IPv6 address of this device.";
};
};
}

4
hosts/common/configs/system/nix-install/install.completion.zsh
View File

@@ -18,8 +18,8 @@ _nix-install_completion() {
_list_keys() { _list_keys() {
local flake="$(realpath ${words[2]})" local flake="$(realpath ${words[2]})"
if [[ -d "$flake/submodules/secrets/domains" ]]; then if [[ -d "$flake/secrets" ]]; then
find "$flake/submodules/secrets/domains" -type f -name 'key.txt' | sed -E 's|^.*/submodules/secrets/domains/([^/]+)/key.txt$|\1|' | sort -u find "$flake/secrets" -type f -name 'key.txt' | sed -E 's|^.*/secrets/([^/]+)/key.txt$|\1|' | sort -u
fi fi
} }

26
hosts/common/configs/system/nix-install/install.sh
View File

@@ -43,17 +43,17 @@ check_host() {
} }
check_key() { check_key() {
if [[ -n "$key" ]] && [[ ! -f "$flake/submodules/secrets/domains/$key/key.txt" ]]; then if [[ -n "$key" ]] && [[ ! -f "$flake/secrets/$key/key.txt" ]]; then
echo "Key '$key' not found." echo "Key '$key' not found."
exit 1 exit 1
fi fi
} }
set_password_file() { set_password_file() {
SOPS_AGE_KEY_FILE="$flake/submodules/secrets/domains/$key/key.txt" SOPS_AGE_KEY_FILE="$flake/secrets/$key/key.txt"
export SOPS_AGE_KEY_FILE export SOPS_AGE_KEY_FILE
install -m 600 /dev/null /tmp/keyfile install -m 600 /dev/null /tmp/keyfile
sops --decrypt --extract "['luks']" "$flake/submodules/secrets/hosts/$host/secrets.yaml" > /tmp/keyfile sops --decrypt --extract "['luks']" "$flake/secrets/hosts/$host/secrets.yaml" > /tmp/keyfile
unset SOPS_AGE_KEY_FILE unset SOPS_AGE_KEY_FILE
} }
@@ -66,7 +66,7 @@ prepare_disk() {
copy_sops_keys() { copy_sops_keys() {
mkdir -p "$root/persist/state/etc/ssh" mkdir -p "$root/persist/state/etc/ssh"
cp -f "$flake/submodules/secrets/hosts/$host/ssh_host_ed25519_key" "$root/persist/state/etc/ssh/ssh_host_ed25519_key" cp -f "$flake/secrets/hosts/$host/ssh_host_ed25519_key" "$root/persist/state/etc/ssh/ssh_host_ed25519_key"
for path in "$flake/hosts/$host/users"/*; do for path in "$flake/hosts/$host/users"/*; do
if [[ -z "$key" ]]; then if [[ -z "$key" ]]; then
@@ -77,7 +77,7 @@ copy_sops_keys() {
user=$(basename "$path") user=$(basename "$path")
mkdir -p "$root/persist/state/home/$user/.config/sops-nix" mkdir -p "$root/persist/state/home/$user/.config/sops-nix"
cp -f "$flake/submodules/secrets/domains/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt" cp -f "$flake/secrets/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt"
owner=$(cat "$flake/hosts/$host/users/$user/uid") owner=$(cat "$flake/hosts/$host/users/$user/uid")
group=100 group=100
@@ -92,16 +92,16 @@ copy_sops_keys() {
copy_secure_boot_keys() { copy_secure_boot_keys() {
mkdir -p "$root/persist/state/var/lib/sbctl/keys"/{db,KEK,PK} mkdir -p "$root/persist/state/var/lib/sbctl/keys"/{db,KEK,PK}
SOPS_AGE_KEY_FILE="$flake/submodules/secrets/domains/$key/key.txt" SOPS_AGE_KEY_FILE="$flake/secrets/$key/key.txt"
export SOPS_AGE_KEY_FILE export SOPS_AGE_KEY_FILE
sops --decrypt --extract "['guid']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/GUID" sops --decrypt --extract "['guid']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/GUID"
sops --decrypt --extract "['keys']['kek']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.key" sops --decrypt --extract "['keys']['kek']['key']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.key"
sops --decrypt --extract "['keys']['kek']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.pem" sops --decrypt --extract "['keys']['kek']['pem']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.pem"
sops --decrypt --extract "['keys']['pk']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.key" sops --decrypt --extract "['keys']['pk']['key']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.key"
sops --decrypt --extract "['keys']['pk']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.pem" sops --decrypt --extract "['keys']['pk']['pem']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.pem"
sops --decrypt --extract "['keys']['db']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.key" sops --decrypt --extract "['keys']['db']['key']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.key"
sops --decrypt --extract "['keys']['db']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.pem" sops --decrypt --extract "['keys']['db']['pem']" "$flake/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.pem"
chmod 400 "$root/persist/state/var/lib/sbctl/keys"/*/* chmod 400 "$root/persist/state/var/lib/sbctl/keys"/*/*

45
hosts/common/configs/system/nix/default.nix
View File

@@ -1,56 +1,29 @@
{ { config, inputs, ... }:
config,
inputs,
lib,
...
}:
{ {
sops = { sops = {
secrets = { secrets = {
"git/credentials/github.com/tokens/public".sopsFile = "git/credentials/github.com/public/username".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/github.com/public/password".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml"; "${inputs.secrets}/domains/personal/secrets.yaml";
"nix/cache/nix.karaolidis.com".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
}; };
templates = { templates.nix-access-tokens = {
nix-access-tokens = { content = ''
content = '' access-tokens = github.com=${config.sops.placeholder."git/credentials/github.com/public/password"}
access-tokens = github.com=${config.sops.placeholder."git/credentials/github.com/tokens/public"} '';
''; group = "users";
group = "users";
mode = "0440";
};
nix-netrc = {
content = ''
machine nix.karaolidis.com
password ${config.sops.placeholder."nix/cache/nix.karaolidis.com"}
'';
group = "users";
mode = "0440";
};
}; };
}; };
nix = { nix = {
settings = { settings = {
trusted-users = lib.mkAfter [ "@wheel" ];
use-xdg-base-directories = true; use-xdg-base-directories = true;
experimental-features = [ experimental-features = [
"nix-command" "nix-command"
"flakes" "flakes"
]; ];
download-buffer-size = 524288000; download-buffer-size = 524288000;
substituters = lib.mkMerge [
(lib.mkBefore [ "https://nix.karaolidis.com/main" ])
(lib.mkAfter [ "https://nix-community.cachix.org/" ])
];
trusted-public-keys = lib.mkBefore [
"nix.karaolidis.com:1yz1tIVLGDEOFC1p/uYtR4Sx+nIbdYDqsDv4kkV0uyk="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
netrc-file = config.sops.templates.nix-netrc.path;
}; };
channel.enable = false; channel.enable = false;

4
hosts/common/configs/system/nixpkgs/default.nix
View File

@@ -1,5 +1,7 @@
{ system, ... }: { inputs, system, ... }:
{ {
imports = [ inputs.nur.modules.nixos.default ];
nixpkgs = { nixpkgs = {
hostPlatform = system; hostPlatform = system;
config.allowUnfree = true; config.allowUnfree = true;

4
hosts/common/configs/system/ssh-agent/default.nix Normal file
View File

@@ -0,0 +1,4 @@
{ ... }:
{
programs.ssh.startAgent = true;
}

2
hosts/common/configs/system/ssh/default.nix
View File

@@ -12,7 +12,7 @@
jupiter-sish = { jupiter-sish = {
publicKeyFile = "${inputs.secrets}/hosts/jupiter/ssh_sish_ed25519_key.pub"; publicKeyFile = "${inputs.secrets}/hosts/jupiter/ssh_sish_ed25519_key.pub";
extraHostNames = [ "tunnel.karaolidis.com" ]; extraHostNames = [ "karaolidis.com" ];
}; };
jupiter-vps = { jupiter-vps = {

31
hosts/common/configs/system/sshd/default.nix
View File

@@ -1,12 +1,31 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
environment.systemPackages = with pkgs; [ kitty.terminfo ]; environment = {
systemPackages = with pkgs; [
kitty.terminfo
tmux.terminfo
];
services.openssh = { persistence."/persist/state"."/var/lib/fail2ban" = { };
enable = true; };
settings = {
PasswordAuthentication = false; services = {
PrintMotd = false; openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PrintMotd = false;
};
};
fail2ban = {
enable = true;
bantime = "24h";
bantime-increment = {
enable = true;
maxtime = "720h";
overalljails = true;
};
}; };
}; };
} }

10
hosts/common/configs/system/tmux/default.nix Normal file
View File

@@ -0,0 +1,10 @@
{ ... }:
{
programs.tmux = {
enable = true;
clock24 = true;
historyLimit = 10000;
keyMode = "vi";
newSession = true;
};
}

4
hosts/common/configs/system/usb/default.nix
View File

@@ -1,4 +0,0 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ usbutils ];
}

8
hosts/common/configs/user/console/android/default.nix
View File

@@ -1,6 +1,14 @@
{ user, home }: { user, home }:
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
nixpkgs.overlays = [
(final: prev: {
android-tools = prev.android-tools.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./env-var-user-home.patch ];
});
})
];
programs.adb.enable = true; programs.adb.enable = true;
services.gvfs.enable = true; services.gvfs.enable = true;

0
overlays/android-tools/env-var-user-home.patch → hosts/common/configs/user/console/android/env-var-user-home.patch
View File

33
hosts/common/configs/user/console/attic/default.nix
View File

@@ -1,33 +0,0 @@
{ user, home }:
{
config,
inputs,
pkgs,
...
}:
let
hmConfig = config.home-manager.users.${user};
in
{
home-manager.users.${user} = {
sops = {
secrets."nix/cache/nix.karaolidis.com".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
templates.attic = {
content = builtins.readFile (
(pkgs.formats.toml { }).generate "config.toml" {
default-server = "main";
servers."main" = {
endpoint = "https://nix.karaolidis.com/";
token = hmConfig.sops.placeholder."nix/cache/nix.karaolidis.com";
};
}
);
path = "${home}/.config/attic/config.toml";
};
};
home.packages = with pkgs; [ attic-client ];
};
}

41
hosts/common/configs/user/console/btop/default.nix
View File

@@ -1,34 +1,17 @@
{ user, home }: { user, home }:
{ lib, pkgs, ... }: { ... }:
{ {
home-manager.users.${user} = { home-manager.users.${user}.programs.btop = {
programs.btop = { enable = true;
enable = true; settings = {
settings = { theme_background = false;
color_theme = "matugen"; presets = "";
theme_background = false; vim_keys = true;
presets = ""; shown_boxes = "cpu mem net proc gpu0 gpu1";
vim_keys = true; update_ms = 1000;
shown_boxes = "cpu mem net proc gpu0 gpu1"; proc_tree = true;
update_ms = 1000; cpu_single_graph = true;
proc_tree = true; disks_filter = "/ /nix /persist";
cpu_single_graph = true;
disks_filter = "/ /nix /persist";
};
};
theme = {
template.".config/btop/themes/matugen.theme".source = ./theme.theme;
reloadExtraConfig = "${
lib.meta.getExe (
pkgs.writeShellApplication {
name = "reload-btop";
runtimeInputs = with pkgs; [ procps ];
text = "exec pkill btop -SIGUSR2";
}
)
} &";
}; };
}; };
} }

45
hosts/common/configs/user/console/git/default.nix
View File

@@ -26,10 +26,7 @@ in
push.autoSetupRemote = true; push.autoSetupRemote = true;
core.fsmonitor = true; core.fsmonitor = true;
feature.manyFiles = true; feature.manyFiles = true;
fetch = { fetch.writeCommitGraph = true;
prune = true;
writeCommitGraph = true;
};
http.cookiefile = "${home}/.config/git/cookies"; http.cookiefile = "${home}/.config/git/cookies";
advice.detachedHead = false; advice.detachedHead = false;
}; };
@@ -43,46 +40,6 @@ in
} }
); );
}; };
aliases = {
adog = "log --all --decorate --oneline --graph";
};
};
home = {
packages = with pkgs; [
(pkgs.writeShellApplication {
name = "gh";
runtimeInputs = with pkgs; [ gh ];
text = builtins.readFile ./gh.sh;
})
(pkgs.writeShellApplication {
name = "glab";
runtimeInputs = with pkgs; [ glab ];
text = builtins.readFile ./glab.sh;
})
(pkgs.writeShellApplication {
name = "tea";
runtimeInputs = with pkgs; [ tea ];
text = builtins.readFile ./tea.sh;
})
];
sessionVariables = {
GITEA_HOST = "git.karaolidis.com";
GITEA_SSH_HOST = "karaolidis.com";
};
};
xdg.configFile = {
"gh/config.yml".source = (pkgs.formats.yaml { }).generate "config.yml" {
version = 1;
git_protocol = "ssh";
};
"glab-cli/config.yml".source = (pkgs.formats.yaml { }).generate "config.yml" {
git_protocol = "ssh";
};
}; };
}; };
} }

8
hosts/common/configs/user/console/git/gh.sh
View File

@@ -1,8 +0,0 @@
# shellcheck shell=bash
GH_HOST="${GH_HOST:-github.com}"
GH_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GH_HOST}#\1#p" "$HOME/.config/git/credentials")
export GH_TOKEN
exec gh "$@"

8
hosts/common/configs/user/console/git/glab.sh
View File

@@ -1,8 +0,0 @@
# shellcheck shell=bash
GITLAB_HOST="${GITLAB_HOST:-gitlab.com}"
GITLAB_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GITLAB_HOST}#\1#p" "$HOME/.config/git/credentials")
export GITLAB_TOKEN
exec glab "$@"

13
hosts/common/configs/user/console/git/tea.sh
View File

@@ -1,13 +0,0 @@
# shellcheck shell=bash
GITEA_HOST="${GITEA_HOST:-gitea.com}"
GITEA_SSH_HOST="${GITEA_SSH_HOST:-gitea.com}"
GITEA_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GITEA_HOST}#\1#p" "$HOME/.config/git/credentials")
GITEA_INSTANCE_URL="https://${GITEA_HOST}"
GITEA_INSTANCE_SSH_HOST="$GITEA_SSH_HOST"
export GITEA_TOKEN
export GITEA_INSTANCE_URL
export GITEA_INSTANCE_SSH_HOST
exec tea "$@"

4
hosts/common/configs/user/console/gpg-agent/default.nix
View File

@@ -20,10 +20,6 @@
enable = true; enable = true;
defaultCacheTtl = 31536000; defaultCacheTtl = 31536000;
maxCacheTtl = 31536000; maxCacheTtl = 31536000;
pinentry = {
package = pkgs.pinentry-all;
program = "pinentry-tty";
};
}; };
systemd.user = { systemd.user = {

21
hosts/common/configs/user/console/home-manager/default.nix
View File

@@ -1,10 +1,5 @@
{ user, home }: { user, home }:
{ { config, inputs, ... }:
config,
inputs,
lib,
...
}:
{ {
imports = [ inputs.home-manager.nixosModules.default ]; imports = [ inputs.home-manager.nixosModules.default ];
@@ -20,16 +15,10 @@
home.stateVersion = "24.11"; home.stateVersion = "24.11";
systemd.user.startServices = true; systemd.user.startServices = true;
nix.settings = { nix.settings.experimental-features = [
inherit (config.nix.settings) "nix-command"
use-xdg-base-directories "flakes"
experimental-features ];
download-buffer-size
substituters
trusted-public-keys
netrc-file
;
};
}; };
}; };
} }

1
hosts/common/configs/user/console/ip/default.nix
View File

@@ -7,7 +7,6 @@
ipset ipset
ethtool ethtool
tcpdump tcpdump
dig
ipcalc ipcalc
]; ];
} }

20
hosts/common/configs/user/console/lazygit/default.nix
View File

@@ -1,20 +0,0 @@
{ user, home }:
{ ... }:
{
environment.persistence."/persist/state"."${home}/.local/state/lazygit" = { };
home-manager.users.${user}.programs.lazygit = {
enable = true;
settings = {
gui = {
showBottomLine = false;
nerdFontsVersion = "3";
animateExplosion = false;
};
disableStartupPopups = true;
};
};
}

5
hosts/common/configs/user/console/ncspot/default.nix
View File

@@ -6,6 +6,11 @@
"/persist/cache"."${home}/.cache/ncspot" = { }; "/persist/cache"."${home}/.cache/ncspot" = { };
}; };
# FIXME: https://github.com/hrkfdn/ncspot/issues/1676
networking.extraHosts = ''
0.0.0.0 apresolve.spotify.com
'';
home-manager.users.${user} = { home-manager.users.${user} = {
programs.ncspot.enable = true; programs.ncspot.enable = true;

288
hosts/common/configs/user/console/neovim/default.nix
View File

@@ -1,276 +1,22 @@
{ user, home }: { user, home }:
{ ... }:
{ {
inputs, home-manager.users.${user}.programs = {
lib, neovim = {
pkgs, enable = true;
... defaultEditor = true;
}: viAlias = true;
{ vimAlias = true;
environment.persistence = { vimdiffAlias = true;
"/persist/state"."${home}/.local/share/nvf" = { }; extraConfig = ''
"/persist/cache"."${home}/.cache/nvf" = { }; set tabstop=2
}; set shiftwidth=2
set expandtab
home-manager.users.${user} = { set smartindent
imports = [ inputs.nvf.homeManagerModules.default ]; set mouse=
'';
programs = {
nvf = {
enable = true;
defaultEditor = true;
settings = {
vim = {
enableLuaLoader = true;
viAlias = true;
vimAlias = true;
autocomplete = {
blink-cmp = {
enable = true;
setupOpts = {
signature.enabled = true;
};
};
};
binds = {
whichKey.enable = true;
};
clipboard = {
enable = true;
providers.wl-copy.enable = true;
registers = "unnamedplus";
};
comments = {
comment-nvim.enable = true;
};
dashboard = {
alpha.enable = true;
};
diagnostics = {
enable = true;
config = {
virtual_text = true;
signs = true;
};
};
git = {
enable = true;
git-conflict.enable = true;
gitsigns.enable = true;
vim-fugitive.enable = true;
};
languages = {
enableDAP = true;
enableFormat = true;
enableTreesitter = true;
enableExtraDiagnostics = true;
assembly.enable = true;
bash.enable = true;
clang.enable = true;
csharp.enable = true;
css.enable = true;
go.enable = true;
html.enable = true;
java.enable = true;
lua.enable = true;
markdown.enable = true;
nix = {
enable = true;
format.type = "nixfmt";
lsp.options.nil = {
nix = {
maxMemoryMB = null;
flake = {
autoArchive = true;
autoEvalInputs = true;
};
};
};
};
php.enable = true;
python.enable = true;
rust.enable = true;
sql.enable = true;
svelte.enable = true;
ts.enable = true;
yaml.enable = true;
};
lsp = {
enable = true;
formatOnSave = true;
otter-nvim = {
enable = true;
setupOpts.handle_leading_whitespace = true;
};
};
notify = {
nvim-notify.enable = true;
};
options = {
tabstop = 2;
shiftwidth = 2;
expandtab = true;
smartindent = true;
};
searchCase = "smart";
tabline = {
nvimBufferline = {
enable = true;
mappings.closeCurrent = "<leader>bd";
setupOpts.options = {
indicator.style = "icon";
show_close_icon = false;
show_buffer_close_icons = false;
};
};
};
telescope = {
enable = true;
setupOpts.defaults = {
wrap_results = true;
file_ignore_patterns = [
"node_modules"
"%.venv/"
"%.git/"
"dist/"
"build/"
"target/"
"result/"
];
};
};
terminal = {
toggleterm = {
enable = true;
lazygit.enable = true;
setupOpts.winbar.enabled = false;
};
};
treesitter = {
enable = true;
context.enable = true;
fold = true;
textobjects.enable = true;
};
ui = {
colorizer.enable = true;
illuminate.enable = true;
};
undoFile.enable = true;
utility = {
images = {
img-clip = {
enable = true;
setupOpts.default.verbose = false;
};
};
mkdir.enable = true;
motion = {
precognition.enable = true;
};
surround.enable = true;
undotree.enable = true;
yazi-nvim = {
enable = true;
setupOpts.open_for_directories = true;
};
};
visuals = {
highlight-undo = {
enable = true;
setupOpts.duration = 250;
};
indent-blankline.enable = true;
nvim-cursorline.enable = true;
nvim-scrollbar.enable = true;
nvim-web-devicons.enable = true;
};
keymaps = [
{
mode = [ "n" ];
key = "<C-b>";
action = "<C-b>zz";
silent = true;
noremap = true;
desc = "Page up and center";
}
{
mode = [ "n" ];
key = "<C-u>";
action = "<C-u>zz";
silent = true;
noremap = true;
desc = "Half-page up and center";
}
{
mode = [ "n" ];
key = "<C-d>";
action = "<C-d>zz";
silent = true;
noremap = true;
desc = "Half-page down and center";
}
{
mode = [ "n" ];
key = "<C-f>";
action = "<C-f>zz";
silent = true;
noremap = true;
desc = "Page down and center";
}
{
mode = [ "n" ];
key = "<leader>ww";
action = "<cmd>w<CR>";
silent = true;
desc = "Save";
}
{
mode = [ "n" ];
key = "<leader>wq";
action = "<cmd>x<CR>";
silent = true;
desc = "Save & Quit";
}
{
mode = [ "n" ];
key = "<leader>be";
action = "<cmd>enew<CR>";
silent = true;
desc = "New buffer";
}
];
};
};
};
zsh = {
p10k.extraRightPromptElements = [ "vim_shell" ];
shellAliases.v = "nvim";
};
}; };
zsh.p10k.extraRightPromptElements = [ "vim_shell" ];
}; };
} }

5
hosts/common/configs/user/console/nix/default.nix
View File

@@ -4,10 +4,7 @@
environment.persistence."/persist/cache"."${home}/.cache/nix" = { }; environment.persistence."/persist/cache"."${home}/.cache/nix" = { };
home-manager.users.${user} = { home-manager.users.${user} = {
home.packages = with pkgs; [ home.packages = with pkgs; [ nurl ];
nix-fast-build
nurl
];
programs.zsh.shellAliases = { programs.zsh.shellAliases = {
nrs = "sudo nixos-rebuild switch --flake .#$(hostname) --show-trace"; nrs = "sudo nixos-rebuild switch --flake .#$(hostname) --show-trace";

20
hosts/common/configs/user/console/sops/default.nix
View File

@@ -3,18 +3,12 @@
{ {
environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt" = { }; environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt" = { };
home-manager.users.${user} = home-manager.users.${user} = {
let imports = [ inputs.sops-nix.homeManagerModules.sops ];
sopsKeyFile =
if config.environment.impermanence.enable then
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source
else
"${home}/.config/sops-nix/key.txt";
in
{
imports = [ inputs.sops-nix.homeManagerModules.sops ];
sops.age.keyFile = sopsKeyFile; sops.age.keyFile =
home.sessionVariables.SOPS_AGE_KEY_FILE = sopsKeyFile; config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source;
}; home.sessionVariables.SOPS_AGE_KEY_FILE =
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source;
};
} }

2
hosts/common/configs/user/console/ssh-agent/default.nix
View File

@@ -3,6 +3,6 @@
{ {
home-manager.users.${user} = { home-manager.users.${user} = {
services.ssh-agent.enable = true; services.ssh-agent.enable = true;
programs.ssh.matchBlocks."*".addKeysToAgent = "yes"; programs.ssh.addKeysToAgent = "yes";
}; };
} }

6
hosts/common/configs/user/console/ssh/default.nix
View File

@@ -1,9 +1,5 @@
{ user, home }: { user, home }:
{ ... }: { ... }:
{ {
home-manager.users.${user}.programs.ssh = { home-manager.users.${user}.programs.ssh.enable = true;
enable = true;
enableDefaultConfig = false;
matchBlocks."*".identitiesOnly = true;
};
} }

3
hosts/common/configs/user/console/syncthing/default.nix
View File

@@ -14,13 +14,11 @@
"syncthing/key" = { "syncthing/key" = {
owner = user; owner = user;
group = "users"; group = "users";
mode = "0440";
}; };
# openssl req -new -x509 -key key.pem -out cert.pem -days 9999 -subj "/CN=syncthing" # openssl req -new -x509 -key key.pem -out cert.pem -days 9999 -subj "/CN=syncthing"
"syncthing/cert" = { "syncthing/cert" = {
owner = user; owner = user;
group = "users"; group = "users";
mode = "0440";
}; };
}; };
@@ -29,6 +27,7 @@
enable = true; enable = true;
key = config.sops.secrets."syncthing/key".path; key = config.sops.secrets."syncthing/key".path;
cert = config.sops.secrets."syncthing/cert".path; cert = config.sops.secrets."syncthing/cert".path;
extraOptions = [ "-no-default-folder" ];
settings = { settings = {
options.urAccepted = -1; options.urAccepted = -1;

5
hosts/common/configs/user/console/tmux/default.nix Normal file
View File

@@ -0,0 +1,5 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user}.programs.tmux.enable = true;
}

8
hosts/common/configs/user/console/yazi/default.nix
View File

@@ -3,10 +3,13 @@
config, config,
lib, lib,
pkgs, pkgs,
inputs,
system,
... ...
}: }:
let let
hmConfig = config.home-manager.users.${user}; hmConfig = config.home-manager.users.${user};
selfPkgs = inputs.self.packages.${system};
in in
{ {
home-manager.users.${user} = { home-manager.users.${user} = {
@@ -23,7 +26,7 @@ in
opener = { opener = {
edit = [ edit = [
{ {
run = "${hmConfig.programs.nvf.finalPackage}/bin/nvim \"$@\""; run = "${hmConfig.programs.neovim.finalPackage}/bin/nvim \"$@\"";
desc = "nvim"; desc = "nvim";
block = true; block = true;
} }
@@ -184,8 +187,9 @@ in
ouch ouch
mount mount
mediainfo mediainfo
custom-shell
; ;
custom-shell = selfPkgs.yazi-plugin-custom-shell;
}; };
}; };

28
hosts/common/configs/user/console/zellij/default.nix
View File

@@ -1,28 +0,0 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user} = {
programs.zellij = {
enable = true;
settings = {
theme = "matugen";
default_mode = "locked";
pane_frames = false;
copy_command = "wl-copy";
ui.pane_frames.hide_session_name = true;
pane_viewport_serialization = true;
scrollback_lines_to_serialize = 0;
show_startup_tips = false;
show_release_notes = false;
};
};
theme.template.".config/zellij/themes/matugen.kdl".source = ./theme.kdl;
};
}

128
hosts/common/configs/user/console/zellij/theme.kdl
View File

@@ -1,128 +0,0 @@
themes {
matugen {
text_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
}
text_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
ribbon_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface_container.default.red}} {{colors.surface_container.default.green}} {{colors.surface_container.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
ribbon_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
table_title {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
table_cell_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
table_cell_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
list_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
list_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
frame_unselected {
base {{colors.outline_variant.default.red}} {{colors.outline_variant.default.green}} {{colors.outline_variant.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
frame_selected {
base {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
frame_highlight {
base {{colors.error.default.red}} {{colors.error.default.green}} {{colors.error.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
exit_code_success {
base {{colors.success.default.red}} {{colors.success.default.green}} {{colors.success.default.blue}}
background 0
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
exit_code_error {
base {{colors.error.default.red}} {{colors.error.default.green}} {{colors.error.default.blue}}
background 0
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
multiplayer_user_colors {
player_1 0
player_2 0
player_3 0
player_4 0
player_5 0
player_6 0
player_7 0
player_8 0
player_9 0
player_10 0
}
}
}

26
hosts/common/configs/user/gui/btop/default.nix Normal file
View File

@@ -0,0 +1,26 @@
{ user, home }:
{
config,
lib,
pkgs,
...
}:
{
home-manager.users.${user} = {
programs.btop.settings.color_theme = "matugen";
theme = {
template.".config/btop/themes/matugen.theme".source = ./theme.theme;
reloadExtraConfig = "${
lib.meta.getExe (
pkgs.writeShellApplication {
name = "reload-btop";
runtimeInputs = with pkgs; [ procps ];
text = "exec pkill btop -SIGUSR2";
}
)
} &";
};
};
}

0
hosts/common/configs/user/console/btop/theme.theme → hosts/common/configs/user/gui/btop/theme.theme
View File

0
overlays/darktable/better-copy-and-import.patch → hosts/common/configs/user/gui/darktable/better-copy-and-import.patch
View File

51
hosts/common/configs/user/gui/darktable/default.nix
View File

@@ -1,6 +1,24 @@
{ user, home }: { user, home }:
{ pkgs, ... }:
{ {
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
in
{
nixpkgs.overlays = [
(final: prev: {
darktable = prev.darktable.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./better-copy-and-import.patch ];
});
})
];
environment.persistence = { environment.persistence = {
"/persist/state" = { "/persist/state" = {
"${home}/.config/darktable/data.db" = { }; "${home}/.config/darktable/data.db" = { };
@@ -10,10 +28,21 @@
}; };
home-manager.users.${user} = { home-manager.users.${user} = {
home.packages = with pkgs; [ home = {
darktable packages =
exiftool with pkgs;
]; with selfPkgs;
[
darktable
exiftool
darktable-ghost-cms-publish
];
sessionVariables = {
GHOST_URL = "https://photos.karaolidis.com";
GHOST_ADMIN_API_KEY_PATH = hmConfig.sops.secrets."jupiter/photos.karaolidis.com/admin".path;
};
};
xdg.configFile = { xdg.configFile = {
"darktable/darktablerc".source = (pkgs.formats.keyValue { }).generate "darktablerc" { "darktable/darktablerc".source = (pkgs.formats.keyValue { }).generate "darktablerc" {
@@ -40,13 +69,19 @@
"darktable/luarc".text = '' "darktable/luarc".text = ''
require "tools/script_manager" require "tools/script_manager"
require "tools/publish"
''; '';
"darktable/lua/lib".source = "${pkgs.darktable-lua-scripts}/lib"; "darktable/lua/lib".source = "${selfPkgs.darktable-lua-scripts}/lib";
"darktable/lua/tools/script_manager.lua".source = "darktable/lua/tools/script_manager.lua".source =
"${pkgs.darktable-lua-scripts}/tools/script_manager.lua"; "${selfPkgs.darktable-lua-scripts}/tools/script_manager.lua";
"darktable/lua/tools/publish.lua".source =
"${selfPkgs.darktable-ghost-cms-publish}/lib/darktable-ghost-cms-publish/publish.lua";
"darktable/luts".source = pkgs.darktable-hald-clut; "darktable/luts".source = selfPkgs.darktable-hald-clut;
}; };
sops.secrets."jupiter/photos.karaolidis.com/admin".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
}; };
} }

2
hosts/common/configs/user/gui/emoji/default.nix
View File

@@ -10,7 +10,7 @@ let
in in
{ {
home-manager.users.${user} = { home-manager.users.${user} = {
programs.rofi.plugins = with pkgs; [ rofi-emoji ]; programs.rofi.plugins = with pkgs; [ rofi-emoji-wayland ];
wayland.windowManager.hyprland.settings.bind = [ wayland.windowManager.hyprland.settings.bind = [
# Super + Shift + : # Super + Shift + :

1
hosts/common/configs/user/gui/gaming/gamescope/default.nix
View File

@@ -3,7 +3,6 @@
{ {
programs.gamescope = { programs.gamescope = {
enable = true; enable = true;
capSysNice = true;
args = [ args = [
"--rt" "--rt"
"-f" "-f"

30
hosts/common/configs/user/gui/gaming/performance/default.nix Normal file
View File

@@ -0,0 +1,30 @@
{ user, home }:
{
config,
lib,
pkgs,
...
}:
# https://bonkmaykr.xyz/content/discovery_lin.htm
{
boot.kernel.sysctl."vm.max_map_count" = 1048576;
security.pam.loginLimits = [
{
domain = user;
item = "nofile";
type = "soft";
value = 200000;
}
{
domain = user;
item = "nofile";
type = "hard";
value = 200000;
}
];
home-manager.users.${user}.wayland.windowManager.hyprland.settings.env = [
"__GL_SHADER_DISK_CACHE_SKIP_CLEANUP,1"
];
}

7
hosts/common/configs/user/gui/ghidra/default.nix
View File

@@ -1,7 +0,0 @@
{ user, home }:
{ ... }:
{
programs.ghidra.enable = true;
environment.persistence."/persist/state"."${home}/.config/ghidra" = { };
}

14
hosts/common/configs/user/gui/hyprland/default.nix
View File

@@ -6,6 +6,14 @@
... ...
}: }:
{ {
nixpkgs.overlays = [
(final: prev: {
hyprland = prev.hyprland.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./fix-maxwidth-resolution-mode.patch ];
});
})
];
programs.hyprland = { programs.hyprland = {
enable = true; enable = true;
withUWSM = true; withUWSM = true;
@@ -99,8 +107,6 @@
"$mod, mouse:273, resizewindow" "$mod, mouse:273, resizewindow"
]; ];
gesture = [ "3, horizontal, workspace" ];
input = { input = {
accel_profile = "flat"; accel_profile = "flat";
kb_layout = "us,gr"; kb_layout = "us,gr";
@@ -116,6 +122,8 @@
}; };
gestures = { gestures = {
workspace_swipe = true;
workspace_swipe_min_fingers = true;
workspace_swipe_forever = true; workspace_swipe_forever = true;
workspace_swipe_cancel_ratio = 0.2; workspace_swipe_cancel_ratio = 0.2;
}; };
@@ -154,7 +162,7 @@
programs.zsh = { programs.zsh = {
loginExtra = lib.mkAfter '' loginExtra = lib.mkAfter ''
if uwsm check may-start > /dev/null; then if uwsm check may-start; then
exec uwsm start hyprland-uwsm.desktop exec uwsm start hyprland-uwsm.desktop
fi fi
''; '';

13
hosts/common/configs/user/gui/hyprland/fix-maxwidth-resolution-mode.patch Normal file
View File

@@ -0,0 +1,13 @@
diff --git a/src/config/ConfigManager.cpp b/src/config/ConfigManager.cpp
index 635c7977..80093c0d 100644
--- a/src/config/ConfigManager.cpp
+++ b/src/config/ConfigManager.cpp
@@ -2091,6 +2091,8 @@ bool CMonitorRuleParser::parseMode(const std::string& value) {
m_rule.resolution = Vector2D(-1, -1);
else if (value.starts_with("highres"))
m_rule.resolution = Vector2D(-1, -2);
+ else if (value.starts_with("maxwidth"))
+ m_rule.resolution = Vector2D(-1, -3);
else if (parseModeLine(value, m_rule.drmMode)) {
m_rule.resolution = Vector2D(m_rule.drmMode.hdisplay, m_rule.drmMode.vdisplay);
m_rule.refreshRate = float(m_rule.drmMode.vrefresh) / 1000;

5
hosts/common/configs/user/gui/hyprsunset/default.nix
View File

@@ -1,5 +0,0 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user}.services.hyprsunset.enable = true;
}

50
hosts/common/configs/user/gui/kitty/default.nix
View File

@@ -26,56 +26,6 @@ in
enable_audio_bell = false; enable_audio_bell = false;
}; };
keybindings =
{ }
// builtins.listToAttrs (
builtins.map
(k: {
name = k;
value = "no_op";
})
[
# Window management
"kitty_mod+enter"
"kitty_mod+n"
"kitty_mod+w"
"kitty_mod+]"
"kitty_mod+["
"kitty_mod+f"
"kitty_mod+b"
"kitty_mod+`"
"kitty_mod+r"
"kitty_mod+1"
"kitty_mod+2"
"kitty_mod+3"
"kitty_mod+4"
"kitty_mod+5"
"kitty_mod+6"
"kitty_mod+7"
"kitty_mod+8"
"kitty_mod+9"
"kitty_mod+0"
"kitty_mod+f7"
"kitty_mod+f8"
# Tab management
"kitty_mod+right"
"shift+cmd+]"
"ctrl+tab"
"kitty_mod+left"
"shift+cmd+["
"ctrl+shift+tab"
"kitty_mod+t"
"kitty_mod+q"
"kitty_mod+."
"kitty_mod+,"
"kitty_mod+alt+t"
# Layout management
"kitty_mod+l"
]
);
extraConfig = '' extraConfig = ''
include theme.conf include theme.conf
''; '';

6
hosts/common/configs/user/gui/mpv/default.nix
View File

@@ -1,6 +1,12 @@
{ user, home }: { user, home }:
{ pkgs, ... }: { pkgs, ... }:
{ {
nixpkgs.overlays = [
(final: prev: {
mpv = pkgs.mpv-unwrapped.wrapper { mpv = pkgs.mpv-unwrapped.override { cddaSupport = true; }; };
})
];
home-manager.users.${user} = { home-manager.users.${user} = {
programs.mpv = { programs.mpv = {
enable = true; enable = true;

30
hosts/common/configs/user/gui/obsidian/default.nix
View File

@@ -4,9 +4,11 @@
lib, lib,
pkgs, pkgs,
inputs, inputs,
system,
... ...
}: }:
let let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user}; hmConfig = config.home-manager.users.${user};
in in
{ {
@@ -76,9 +78,9 @@ in
} }
]; ];
communityPlugins = with pkgs; [ communityPlugins = [
{ {
pkg = obsidianPlugins.better-word-count; pkg = selfPkgs.obsidian-plugin-better-word-count;
settings = { settings = {
statusBar = [ statusBar = [
{ {
@@ -104,7 +106,7 @@ in
}; };
} }
{ {
pkg = obsidianPlugins.dataview; pkg = selfPkgs.obsidian-plugin-dataview;
settings = { settings = {
enableDataviewJs = true; enableDataviewJs = true;
enableInlineDataviewJs = true; enableInlineDataviewJs = true;
@@ -114,7 +116,7 @@ in
}; };
} }
{ {
pkg = obsidianPlugins.excalidraw; pkg = selfPkgs.obsidian-plugin-excalidraw;
settings = { settings = {
folder = "Inbox"; folder = "Inbox";
templateFilePath = "Templates"; templateFilePath = "Templates";
@@ -137,7 +139,7 @@ in
}; };
} }
{ {
pkg = obsidianPlugins.kanban; pkg = selfPkgs.obsidian-plugin-kanban;
settings = { settings = {
move-tags = true; move-tags = true;
move-dates = true; move-dates = true;
@@ -151,7 +153,7 @@ in
}; };
} }
{ {
pkg = obsidianPlugins.languagetool; pkg = selfPkgs.obsidian-plugin-languagetool;
settings = { settings = {
shouldAutoCheck = true; shouldAutoCheck = true;
pickyMode = true; pickyMode = true;
@@ -160,7 +162,7 @@ in
}; };
} }
{ {
pkg = obsidianPlugins.linter; pkg = selfPkgs.obsidian-plugin-linter;
settings = { settings = {
lintOnSave = true; lintOnSave = true;
displayChanged = false; displayChanged = false;
@@ -300,7 +302,7 @@ in
}; };
} }
{ {
pkg = obsidianPlugins.map-view; pkg = selfPkgs.obsidian-plugin-map-view;
settings = { settings = {
"markerIconRules" = [ "markerIconRules" = [
{ {
@@ -386,21 +388,21 @@ in
}; };
} }
{ {
pkg = obsidianPlugins.minimal-settings; pkg = selfPkgs.obsidian-plugin-minimal-settings;
settings = { settings = {
editorFont = "var(--font-monospace)"; editorFont = "var(--font-monospace)";
}; };
} }
{ {
pkg = obsidianPlugins.outliner; pkg = selfPkgs.obsidian-plugin-outliner;
settings = { settings = {
styleLists = false; styleLists = false;
stickCursor = "never"; stickCursor = "never";
}; };
} }
(obsidianPlugins.style-settings) (selfPkgs.obsidian-plugin-style-settings)
{ {
pkg = obsidianPlugins.tasks; pkg = selfPkgs.obsidian-plugin-tasks;
settings = { settings = {
globalQuery = "short mode"; globalQuery = "short mode";
globalFilter = "#todo"; globalFilter = "#todo";
@@ -546,10 +548,10 @@ in
}; };
}; };
} }
(obsidianPlugins.url-into-selection) (selfPkgs.obsidian-plugin-url-into-selection)
]; ];
themes = with pkgs; [ obsidianThemes.minimal ]; themes = [ selfPkgs.obsidian-theme-minimal ];
hotkeys = { hotkeys = {
"command-palette:open" = [ { key = "F1"; } ]; "command-palette:open" = [ { key = "F1"; } ];

2
hosts/common/configs/user/gui/rofi/default.nix
View File

@@ -14,7 +14,7 @@ in
home-manager.users.${user} = { home-manager.users.${user} = {
programs.rofi = { programs.rofi = {
enable = true; enable = true;
package = pkgs.rofi; package = pkgs.rofi-wayland;
}; };
home.file.${hmConfig.programs.rofi.configPath}.enable = false; home.file.${hmConfig.programs.rofi.configPath}.enable = false;

7
hosts/common/configs/user/gui/signal/default.nix
View File

@@ -1,7 +0,0 @@
{ user, home }:
{ pkgs, ... }:
{
environment.persistence."/persist/state"."${home}/.config/Signal" = { };
home-manager.users.${user}.home.packages = with pkgs; [ signal-desktop ];
}

13
hosts/common/configs/user/gui/spicetify/default.nix
View File

@@ -7,9 +7,18 @@
... ...
}: }:
let let
selfLib = inputs.self.lib.${system};
hmConfig = config.home-manager.users.${user}; hmConfig = config.home-manager.users.${user};
in in
{ {
nixpkgs.overlays = [
(final: prev: {
spicetify-cli = prev.spicetify-cli.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./user-colors.patch ];
});
})
];
networking.firewall = { networking.firewall = {
allowedTCPPorts = [ 57621 ]; allowedTCPPorts = [ 57621 ];
allowedUDPPorts = [ 5353 ]; allowedUDPPorts = [ 5353 ];
@@ -61,7 +70,7 @@ in
"spotify/prefs.init" = { "spotify/prefs.init" = {
source = ./config/prefs; source = ./config/prefs;
onChange = '' onChange = ''
${lib.runtime.merge.keyValue} "${home}/.config/spotify/prefs.init" "${home}/.config/spotify/prefs" ${selfLib.runtime.merge.keyValue} "${home}/.config/spotify/prefs.init" "${home}/.config/spotify/prefs"
''; '';
}; };
@@ -69,7 +78,7 @@ in
source = ./config/prefs-user; source = ./config/prefs-user;
onChange = '' onChange = ''
user=$(cat "${hmConfig.sops.secrets."spotify/username".path}") user=$(cat "${hmConfig.sops.secrets."spotify/username".path}")
${lib.runtime.merge.keyValue} "${home}/.config/spotify/prefs-user.init" "${home}/.config/spotify/Users/''${user}-user/prefs" ${selfLib.runtime.merge.keyValue} "${home}/.config/spotify/prefs-user.init" "${home}/.config/spotify/Users/''${user}-user/prefs"
''; '';
}; };
}; };

0
overlays/spicetify-cli/user-colors.patch → hosts/common/configs/user/gui/spicetify/user-colors.patch
View File

17
hosts/common/configs/user/gui/wireshark/default.nix
View File

@@ -1,17 +0,0 @@
{ user, home }:
{ pkgs, ... }:
{
programs.wireshark = {
enable = true;
dumpcap.enable = true;
usbmon.enable = true;
};
boot.kernelModules = [ "usbmon" ];
users.users.${user}.extraGroups = [ "wireshark" ];
environment.persistence."/persist/state"."${home}/.config/wireshark" = { };
home-manager.users.${user}.home.packages = with pkgs; [ wireshark ];
}

11
hosts/elara/README.md
View File

@@ -4,12 +4,7 @@
This host uses private SAS repositories. You can find the imports for these in: This host uses private SAS repositories. You can find the imports for these in:
You must build the system once with `sas.build.private = false;`. Then, connect to the SAS VPN, and rebuild the system. - [./default.nix](./default.nix)
- [./users/nikara/default.nix](./users/nikara/default.nix)
## Installation Instructions You must build the system once with these imports commented out. Then, connect to the SAS VPN, uncomment them, and rebuild the system.
1. Using a separate Nix system, run `hosts/elara/build-tarball.sh`
2. Copy the generated tarball to the Elara host
3. On the Elara host, run `wsl --import NixOS $env:USERPROFILE\NixOS nixos.wsl --version 2` in PowerShell
4. Enable `cgroup v2` support by setting `kernelCommandLine=cgroup_no_v1=all` in `.wslconfig` in your Windows home directory
5. Optionally, run `wsl --set-default nixos` to make NixOS the default WSL distribution

23
hosts/elara/build-tarball.sh
View File

@@ -1,23 +0,0 @@
#!/usr/bin/env bash
set -o errexit
set -o nounset
set -o pipefail
temp=$(mktemp -d)
cleanup() {
rm -rf "$temp"
}
trap cleanup EXIT
install -d -m 755 "$temp/etc/ssh"
cp ./submodules/secrets/hosts/elara/ssh_host_ed25519_key "$temp/etc/ssh/ssh_host_ed25519_key"
install -d -m 700 "$temp/home/nikara"
install -d -m 755 "$temp/home/nikara/.config/sops-nix"
cp ./submodules/secrets/domains/sas/key.txt "$temp/home/nikara/.config/sops-nix/key.txt"
sudo nix run .#nixosConfigurations.elara.config.system.build.tarballBuilder -- \
--extra-files "$temp" \
--chown /home/nikara 1000:100

4
hosts/elara/configs/nix/default.nix
View File

@@ -1,4 +0,0 @@
{ inputs, ... }:
{
nix.registry.sas.flake = inputs.sas;
}

12
hosts/elara/configs/pki/default.nix
View File

@@ -1,11 +1,15 @@
{ {
config, config,
inputs,
system,
lib, lib,
pkgs,
... ...
}: }:
let
selfPkgs = inputs.self.packages.${system};
in
{ {
security.pki.certificateFiles = security.pki.certificateFiles = lib.lists.optionals config.sas.build.private [
with pkgs; "${selfPkgs.sas-cacert}/etc/ssl/certs/ca-bundle.crt"
lib.lists.optionals config.sas.build.private [ "${sas-cacert}/etc/ssl/certs/ca-bundle.crt" ]; ];
} }

4
hosts/elara/configs/podman/default.nix
View File

@@ -1,4 +0,0 @@
{ lib, ... }:
{
virtualisation.containers.storage.settings.storage.driver = lib.mkForce "overlay";
}

19
hosts/elara/configs/ssh/default.nix
View File

@@ -1,10 +1,13 @@
{ {
config, config,
inputs, inputs,
system,
lib, lib,
pkgs,
... ...
}: }:
let
selfPkgs = inputs.self.packages.${system};
in
{ {
sops.secrets = { sops.secrets = {
"ssh/personal/key" = { "ssh/personal/key" = {
@@ -26,21 +29,23 @@
User git User git
HostName karaolidis.com HostName karaolidis.com
IdentityFile /root/.ssh/ssh_personal_ed25519_key IdentityFile /root/.ssh/ssh_personal_ed25519_key
IdentitiesOnly yes
Host github.sas.com Host github.com
User git User git
HostName github.com HostName github.com
IdentityFile /root/.ssh/ssh_sas_ed25519_key IdentityFile /root/.ssh/ssh_sas_ed25519_key
IdentitiesOnly yes
UserKnownHostsFile ${pkgs.sshKnownHosts.github}
Host gitlab.sas.com Host gitlab.sas.com
User git User git
HostName gitlab.sas.com HostName gitlab.sas.com
IdentityFile /root/.ssh/ssh_sas_ed25519_key IdentityFile /root/.ssh/ssh_sas_ed25519_key
IdentitiesOnly yes
${lib.strings.optionalString config.sas.build.private "UserKnownHostsFile ${pkgs.sshKnownHosts.sas-gitlab}"}
''; '';
knownHostsFiles =
with selfPkgs;
(
[ ssh-known-hosts-github ]
++ lib.lists.optionals config.sas.build.private [ ssh-known-hosts-sas-gitlab ]
);
}; };
} }

49
hosts/elara/default.nix
View File

@@ -1,41 +1,55 @@
{ inputs, lib, ... }: { config, inputs, ... }:
{ {
nixpkgs.overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
inputs.nur.overlays.default
inputs.sas.overlays.default
];
imports = [ imports = [
inputs.nixos-wsl.nixosModules.default
inputs.sas.nixosModules.default
./hardware
./options.nix ./options.nix
inputs.disko.nixosModules.disko
./format.nix
./hardware
../common/configs/system ../common/configs/system
../common/configs/system/bluetooth
../common/configs/system/boot
../common/configs/system/brightnessctl
../common/configs/system/btrbk
../common/configs/system/btrfs
../common/configs/system/cloudflared
../common/configs/system/dnsmasq
../common/configs/system/documentation ../common/configs/system/documentation
../common/configs/system/getty
../common/configs/system/git ../common/configs/system/git
../common/configs/system/gpg-agent
../common/configs/system/impermanence ../common/configs/system/impermanence
../common/configs/system/lanzaboote
../common/configs/system/libvirt
../common/configs/system/neovim ../common/configs/system/neovim
../common/configs/system/networkmanager
../common/configs/system/nix ../common/configs/system/nix
../common/configs/system/nix-cleanup
../common/configs/system/nix-install
../common/configs/system/nix-ld ../common/configs/system/nix-ld
../common/configs/system/nix-update ../common/configs/system/nix-update
../common/configs/system/nixpkgs ../common/configs/system/nixpkgs
../common/configs/system/ntp
../common/configs/system/pipewire
../common/configs/system/podman ../common/configs/system/podman
../common/configs/system/power
../common/configs/system/printing
../common/configs/system/smartmontools
../common/configs/system/sops ../common/configs/system/sops
../common/configs/system/ssh ../common/configs/system/ssh
../common/configs/system/sshd ../common/configs/system/ssh-agent
../common/configs/system/sudo ../common/configs/system/sudo
../common/configs/system/system ../common/configs/system/system
../common/configs/system/timezone
../common/configs/system/tmux
../common/configs/system/upower
../common/configs/system/users ../common/configs/system/users
../common/configs/system/zsh ../common/configs/system/zsh
./configs/nix "${inputs.secrets}/hosts/elara/configs/globalprotect"
./configs/pki ./configs/pki
./configs/podman
./configs/ssh ./configs/ssh
./users/nikara ./users/nikara
@@ -43,7 +57,8 @@
networking.hostName = "elara"; networking.hostName = "elara";
sas.build.private = false; sas.build.private = true;
environment.impermanence.enable = lib.mkForce false; environment.impermanence.device =
config.disko.devices.disk.usb.content.partitions.root.content.content.device;
} }

87
hosts/elara/format.nix Normal file
View File

@@ -0,0 +1,87 @@
{
disko.devices = {
disk.usb = {
device = "/dev/disk/by-id/ata-Samsung_SSD_990_EVO_1TB_S7GCNL0XA04998F";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
esp = {
name = "esp";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
swap = {
name = "swap";
size = "32G";
content = {
type = "swap";
resumeDevice = true;
};
};
root = {
name = "root";
size = "100%";
content = {
name = "usb";
type = "luks";
passwordFile = "/tmp/keyfile";
settings = {
allowDiscards = true;
};
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes =
let
mountOptions = [
"compress=zstd:3"
"noatime"
"user_subvol_rm_allowed"
];
in
{
"@" = {
mountpoint = "/";
inherit mountOptions;
};
"@persist" = {
mountpoint = "/persist";
inherit mountOptions;
};
"@persist/user" = {
mountpoint = "/persist/user";
inherit mountOptions;
};
"@persist/state" = {
mountpoint = "/persist/state";
inherit mountOptions;
};
"@persist/cache" = {
mountpoint = "/persist/cache";
inherit mountOptions;
};
"@nix" = {
mountpoint = "/nix";
inherit mountOptions;
};
};
};
};
};
};
};
};
};
}

19
hosts/elara/hardware/default.nix
View File

@@ -1,10 +1,19 @@
{ ... }: { ... }:
{ {
imports = [ ./display.nix ]; boot.initrd.kernelModules = [
"xhci_pci"
"uas"
"sd_mod"
];
wsl = { services.tlp.settings.DISK_DEVICES = "sda";
enable = true;
tarball.configPath = ../../../.; # By default, this host runs on an external SSD attached to himalia...
startMenuLaunchers = true; imports = [ ../../himalia/hardware ];
# ...but it can also run attached to a SAS-provided laptop.
specialisation.sas.configuration = {
disabledModules = [ ../../himalia/hardware ];
imports = [ ./sas ];
}; };
} }

6
hosts/elara/hardware/display.nix
View File

@@ -1,6 +0,0 @@
{ ... }:
{
home-manager.sharedModules = [
{ programs.vscode.profiles.default.userSettings."window.zoomLevel" = (1.25 - 1) / 0.2; }
];
}

25
hosts/elara/hardware/sas/default.nix Normal file
View File

@@ -0,0 +1,25 @@
{ ... }:
{
imports = [ ./display.nix ];
hardware = {
enableAllFirmware = true;
cpu = {
cores = 8;
threads = 12;
intel.updateMicrocode = true;
};
};
boot = {
kernelModules = [ "kvm-intel" ];
initrd.kernelModules = [
"thunderbolt"
"vmd"
"nvme"
];
};
services.fstrim.enable = true;
}

30
hosts/elara/hardware/sas/display.nix Normal file
View File

@@ -0,0 +1,30 @@
{ ... }:
{
boot.kernelParams = [ "video=eDP-1:1920x1200@60" ];
home-manager.sharedModules = [
{
wayland.windowManager.hyprland.settings = {
monitor = [
"eDP-1, preferred, 0x0, 1"
", maxwidth, auto-center-up, 1"
];
workspace = [
"1, monitor:eDP-1, layoutopt:orientation:left"
"2, monitor:eDP-1, layoutopt:orientation:left"
"3, monitor:eDP-1, layoutopt:orientation:left"
"4, monitor:eDP-1, layoutopt:orientation:left"
"5, monitor:eDP-1, layoutopt:orientation:left"
"6, monitor:eDP-1, layoutopt:orientation:left"
"7, monitor:eDP-1, layoutopt:orientation:left"
"8, monitor:eDP-1, layoutopt:orientation:left"
"9, monitor:eDP-1, layoutopt:orientation:left"
"10, monitor:eDP-1, layoutopt:orientation:left"
];
};
programs.vscode.profiles.default.userSettings."window.zoomLevel" = (1.25 - 1) / 0.2;
}
];
}

8
hosts/elara/users/nikara/configs/console/artifactory/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{ user, home }:
{ inputs, ... }:
{
home-manager.users.${user}.sops.secrets = {
"artifactory/cdp/user".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"artifactory/cdp/password".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
};
}

5
hosts/common/configs/user/console/curl/default.nix → hosts/elara/users/nikara/configs/console/c/default.nix
View File

@@ -2,7 +2,8 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user}.home.packages = with pkgs; [ home-manager.users.${user}.home.packages = with pkgs; [
curl gcc
httpie cmake
gnumake
]; ];
} }

26
hosts/elara/users/nikara/configs/console/go/default.nix Normal file
View File

@@ -0,0 +1,26 @@
{ user, home }:
{ pkgs, ... }:
{
environment.persistence."/persist/cache"."${home}/.local/share/go" = { };
home-manager.users.${user} = {
programs.go = {
enable = true;
goPath = ".local/share/go";
};
home = {
packages = with pkgs; [
gopls
go-tools
golangci-lint
golangci-lint-langserver
];
sessionVariables = {
GOPROXY = "goproxy.unx.sas.com";
GONOSUMDB = "*.sas.com,sassoftware.io";
};
};
};
}

7
hosts/elara/users/nikara/configs/console/gpg/default.nix
View File

@@ -1,10 +1,5 @@
{ user, home }: { user, home }:
{ { config, inputs, ... }:
config,
inputs,
pkgs,
...
}:
let let
hmConfig = config.home-manager.users.${user}; hmConfig = config.home-manager.users.${user};
in in

23
hosts/elara/users/nikara/configs/console/gradle/default.nix Normal file
View File

@@ -0,0 +1,23 @@
{ user, home }:
{ config, pkgs, ... }:
let
hmConfig = config.home-manager.users.${user};
in
{
environment.persistence."/persist/cache"."${home}/.local/share/gradle" = { };
home-manager.users.${user} = {
programs.gradle = {
enable = true;
home = ".local/share/gradle";
};
sops.templates."gradle.properties" = {
content = ''
cdpUser=${hmConfig.sops.placeholder."artifactory/cdp/user"}
cdpPassword=${hmConfig.sops.placeholder."artifactory/cdp/password"}
'';
path = "${home}/.local/share/gradle/gradle.properties";
};
};
}

8
hosts/elara/users/nikara/configs/console/java/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{ user, home }:
{ pkgs, ... }:
{
home-manager.users.${user}.programs.java = {
enable = true;
package = pkgs.jdk17;
};
}

17
hosts/elara/users/nikara/configs/console/kubernetes/default.nix Normal file
View File

@@ -0,0 +1,17 @@
{ user, home }:
{ pkgs, ... }:
{
nixpkgs.overlays = [
(final: prev: {
telepresence = prev.telepresence.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./extend-timeout.patch ];
});
})
];
home-manager.users.${user}.home.packages = with pkgs; [
telepresence
kubeval
calicoctl
];
}

0
overlays/telepresence/extend-timeout.patch → hosts/elara/users/nikara/configs/console/kubernetes/extend-timeout.patch
View File

6
hosts/elara/users/nikara/configs/console/neovim/default.nix
View File

@@ -1,6 +0,0 @@
{ user, home }:
{ pkgs, ... }:
{
home-manager.users.${user}.programs.nvf.settings.vim.clipboard.providers.wl-copy.package =
pkgs.wsl-wl-clipboard;
}

66
hosts/elara/users/nikara/configs/console/podman/default.nix
View File

@@ -10,45 +10,41 @@ let
hmConfig = config.home-manager.users.${user}; hmConfig = config.home-manager.users.${user};
in in
{ {
home-manager.users.${user} = { home-manager.users.${user}.sops = {
sops = { secrets = {
secrets = { "registry/personal/git.karaolidis.com" = {
"registry/personal/git.karaolidis.com" = { sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml"; key = "registry/git.karaolidis.com";
key = "registry/git.karaolidis.com";
};
"registry/personal/docker.io" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "registry/docker.io";
};
"registry/sas/cr.sas.com" = {
sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
key = "registry/cr.sas.com";
};
}; };
templates.containers-auth = { "registry/personal/docker.io" = {
content = builtins.readFile ( sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
(pkgs.formats.json { }).generate "auth.json" { key = "registry/docker.io";
auths = { };
"git.karaolidis.com" = {
auth = hmConfig.sops.placeholder."registry/personal/git.karaolidis.com"; "registry/sas/cr.sas.com" = {
}; sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"docker.io" = { key = "registry/cr.sas.com";
auth = hmConfig.sops.placeholder."registry/personal/docker.io";
};
"cr.sas.com" = {
auth = hmConfig.sops.placeholder."registry/sas/cr.sas.com";
};
};
}
);
path = "${home}/.config/containers/auth.json";
}; };
}; };
services.podman.settings.storage.storage.driver = lib.mkForce "overlay"; templates.containers-auth = {
content = builtins.readFile (
(pkgs.formats.json { }).generate "auth.json" {
auths = {
"git.karaolidis.com" = {
auth = hmConfig.sops.placeholder."registry/personal/git.karaolidis.com";
};
"docker.io" = {
auth = hmConfig.sops.placeholder."registry/personal/docker.io";
};
"cr.sas.com" = {
auth = hmConfig.sops.placeholder."registry/sas/cr.sas.com";
};
};
}
);
path = "${home}/.config/containers/auth.json";
};
}; };
} }

8
hosts/elara/users/nikara/configs/console/sagew/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{ user, home }:
{ inputs, system, ... }:
let
selfPkgs = inputs.self.packages.${system};
in
{
home-manager.users.${user}.home.packages = [ selfPkgs.sagew ];
}

84
hosts/elara/users/nikara/configs/console/sas/default.nix
View File

@@ -1,84 +0,0 @@
{ user, home }:
{
config,
inputs,
pkgs,
lib,
...
}:
let
hmConfig = config.home-manager.users.${user};
in
{
environment.persistence."/persist/cache" = {
"${home}/.local/share/go" = { };
"${home}/.local/share/gradle" = { };
};
home-manager.users.${user} = {
sops = {
secrets = {
"artifactory/cdp/user".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"artifactory/cdp/password".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"viya/orders-api/key".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"viya/orders-api/secret".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
};
templates."gradle.properties" = {
content = ''
cdpUser=${hmConfig.sops.placeholder."artifactory/cdp/user"}
cdpPassword=${hmConfig.sops.placeholder."artifactory/cdp/password"}
'';
path = "${home}/.local/share/gradle/gradle.properties";
};
};
programs = {
go = {
enable = true;
env.GOPATH = "${home}/.local/share/go";
};
gradle = {
enable = true;
home = ".local/share/gradle";
};
java = {
enable = true;
package = pkgs.jdk17;
};
};
home = {
packages =
with pkgs;
[
gcc
gopls
go-tools
delve
golangci-lint
golangci-lint-langserver
]
++ lib.lists.optionals config.sas.build.private [
viya4-orders-cli
sagew
sonder
klog
];
sessionVariables = {
GOPROXY = "goproxy.unx.sas.com";
GONOSUMDB = "*.sas.com,sassoftware.io";
};
};
xdg.configFile."viya4-orders-cli/config.yaml" = lib.mkIf config.sas.build.private {
source = (pkgs.formats.yaml { }).generate "config.yaml" {
clientCredentialsIdFile = hmConfig.sops.secrets."viya/orders-api/key".path;
clientCredentialsSecretFile = hmConfig.sops.secrets."viya/orders-api/secret".path;
};
};
};
}

211
hosts/elara/users/nikara/configs/console/ssh/default.nix
View File

@@ -2,12 +2,13 @@
{ {
config, config,
inputs, inputs,
pkgs, system,
lib, lib,
... ...
}: }:
let let
hmConfig = config.home-manager.users.${user}; hmConfig = config.home-manager.users.${user};
selfPkgs = inputs.self.packages.${system};
in in
{ {
home-manager.users.${user} = { home-manager.users.${user} = {
@@ -46,164 +47,106 @@ in
key = "ssh/rsa/pass"; key = "ssh/rsa/pass";
}; };
"git/credentials/personal/git.karaolidis.com/username" = { "git/credentials/personal/git.karaolidis.com/admin/username" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml"; sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/git.karaolidis.com/username"; key = "git/credentials/git.karaolidis.com/admin/username";
}; };
"git/credentials/personal/git.karaolidis.com/tokens/admin" = { "git/credentials/personal/git.karaolidis.com/admin/password" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml"; sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/git.karaolidis.com/tokens/admin"; key = "git/credentials/git.karaolidis.com/admin/password";
}; };
"git/credentials/sas/github.com/username" = { "git/credentials/sas/github.com/admin/username" = {
sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml"; sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
key = "git/credentials/github.com/username"; key = "git/credentials/github.com/admin/username";
}; };
"git/credentials/sas/github.com/tokens/admin" = { "git/credentials/sas/github.com/admin/password" = {
sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml"; sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
key = "git/credentials/github.com/tokens/admin"; key = "git/credentials/github.com/admin/password";
};
"git/credentials/personal/github.com/username" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/github.com/username";
};
"git/credentials/personal/github.com/tokens/admin" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/github.com/tokens/admin";
};
"git/credentials/personal/gitlab.com/username" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/gitlab.com/username";
};
"git/credentials/personal/gitlab.com/tokens/admin" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/gitlab.com/tokens/admin";
};
"git/credentials/personal/gitea.com/username" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/gitea.com/username";
};
"git/credentials/personal/gitea.com/tokens/admin" = {
sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
key = "git/credentials/gitea.com/tokens/admin";
}; };
}; };
templates."git/credentials" = { templates."git/credentials" = {
content = '' content = ''
https://${hmConfig.sops.placeholder."git/credentials/personal/git.karaolidis.com/username"}:${ https://${hmConfig.sops.placeholder."git/credentials/personal/git.karaolidis.com/admin/username"}:${
hmConfig.sops.placeholder."git/credentials/personal/git.karaolidis.com/tokens/admin" hmConfig.sops.placeholder."git/credentials/personal/git.karaolidis.com/admin/password"
}@git.karaolidis.com }@git.karaolidis.com
https://${hmConfig.sops.placeholder."git/credentials/sas/github.com/username"}:${ https://${hmConfig.sops.placeholder."git/credentials/sas/github.com/admin/username"}:${
hmConfig.sops.placeholder."git/credentials/sas/github.com/tokens/admin" hmConfig.sops.placeholder."git/credentials/sas/github.com/admin/password"
}@github.com }@github.com
https://${hmConfig.sops.placeholder."git/credentials/personal/gitlab.com/username"}:${
hmConfig.sops.placeholder."git/credentials/personal/gitlab.com/tokens/admin"
}@gitlab.com
https://${hmConfig.sops.placeholder."git/credentials/personal/gitea.com/username"}:${
hmConfig.sops.placeholder."git/credentials/personal/gitea.com/tokens/admin"
}@gitea.com
''; '';
path = "${home}/.config/git/credentials"; path = "${home}/.config/git/credentials";
}; };
}; };
programs = { programs = {
ssh.matchBlocks = { ssh = {
"karaolidis.com" = { matchBlocks = {
hostname = "karaolidis.com"; "karaolidis.com" = {
user = "nick"; hostname = "karaolidis.com";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key"; user = "nick";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
};
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = [ "${home}/.ssh/ssh_personal_ed25519_key" ];
};
"gitlab.com" = {
hostname = "gitlab.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
};
"github.sas.com" = {
hostname = "github.com";
user = "git";
identityFile = [ "${home}/.ssh/ssh_sas_ed25519_key" ];
};
"cldlgn.fyi.sas.com" = {
inherit user;
hostname = "cldlgn.fyi.sas.com";
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
};
"gitlab.sas.com" = {
hostname = "gitlab.sas.com";
user = "git";
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
};
"gerrit-svi.unx.sas.com" = {
hostname = "gerrit-svi.unx.sas.com";
user = "nikara";
port = 29418;
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
};
"artifactlfs.unx.sas.com" = {
hostname = "artifactlfs.unx.sas.com";
user = "nikara";
port = 1339;
identityFile = "${home}/.ssh/ssh_sas_rsa_key";
};
}; };
"tunnel.karaolidis.com" = { userKnownHostsFiles =
hostname = "tunnel.karaolidis.com"; with selfPkgs;
user = "nick"; [
port = 2222; ssh-known-hosts-github
identityFile = "${home}/.ssh/ssh_personal_ed25519_key"; ssh-known-hosts-gitlab
}; ]
++ lib.lists.optionals config.sas.build.private [
"vps.karaolidis.com" = { ssh-known-hosts-sas-cldlgn
hostname = "vps.karaolidis.com"; ssh-known-hosts-sas-gitlab
user = "root"; ssh-known-hosts-sas-gerrit
identityFile = "${home}/.ssh/ssh_personal_ed25519_key"; ssh-known-hosts-sas-artifact
}; ];
"github.com" = {
hostname = "github.com";
user = "git";
identityFile = [ "${home}/.ssh/ssh_personal_ed25519_key" ];
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.github;
};
"gitlab.com" = {
hostname = "gitlab.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.gitlab;
};
"gitea.com" = {
hostname = "gitea.com";
user = "git";
identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.gitea;
};
"github.sas.com" = {
hostname = "github.com";
user = "git";
identityFile = [ "${home}/.ssh/ssh_sas_ed25519_key" ];
userKnownHostsFile = lib.mkIf config.sas.build.private (
builtins.toString pkgs.sshKnownHosts.github
);
};
"cldlgn.fyi.sas.com" = {
inherit user;
hostname = "cldlgn.fyi.sas.com";
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
userKnownHostsFile = lib.mkIf config.sas.build.private (
builtins.toString pkgs.sshKnownHosts.sas-cldlgn
);
};
"gitlab.sas.com" = {
hostname = "gitlab.sas.com";
user = "git";
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
userKnownHostsFile = lib.mkIf config.sas.build.private (
builtins.toString pkgs.sshKnownHosts.sas-gitlab
);
};
"gerrit-svi.unx.sas.com" = {
hostname = "gerrit-svi.unx.sas.com";
user = "nikara";
port = 29418;
identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
userKnownHostsFile = lib.mkIf config.sas.build.private (
builtins.toString pkgs.sshKnownHosts.sas-gerrit
);
};
"artifactlfs.unx.sas.com" = {
hostname = "artifactlfs.unx.sas.com";
user = "nikara";
port = 1339;
identityFile = "${home}/.ssh/ssh_sas_rsa_key";
userKnownHostsFile = lib.mkIf config.sas.build.private (
builtins.toString pkgs.sshKnownHosts.sas-artifact
);
};
}; };
git.extraConfig.url = { git.extraConfig.url = {

29
hosts/elara/users/nikara/configs/console/viya4-orders-cli/default.nix Normal file
View File

@@ -0,0 +1,29 @@
{ user, home }:
{
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
in
{
home-manager.users.${user} = {
sops.secrets = {
"viya/orders-api/key".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"viya/orders-api/secret".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
};
home.packages = [ selfPkgs.viya4-orders-cli ];
xdg.configFile."viya4-orders-cli/config.yaml".source =
(pkgs.formats.yaml { }).generate "config.yaml"
{
clientCredentialsIdFile = hmConfig.sops.secrets."viya/orders-api/key".path;
clientCredentialsSecretFile = hmConfig.sops.secrets."viya/orders-api/secret".path;
};
};
}

5
hosts/elara/users/nikara/configs/console/wsl/default.nix
View File

@@ -1,5 +0,0 @@
{ user, home }:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [ wsl-wl-clipboard ];
}

5
hosts/elara/users/nikara/configs/gui/kitty/default.nix
View File

@@ -1,5 +0,0 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user}.programs.kitty.settings.hide_window_decorations = true;
}

20
hosts/elara/users/nikara/configs/gui/obsidian/default.nix
View File

@@ -1,5 +1,23 @@
{ user, home }: { user, home }:
{ ... }: { ... }:
{ {
home-manager.users.${user}.programs.obsidian.vaults."Documents/Obsidian/master".enable = true; home-manager.users.${user} = {
programs.obsidian.vaults = {
"Documents/Obsidian/personal/master".enable = true;
"Documents/Obsidian/sas/master".enable = true;
};
services.syncthing.settings.folders.obsidian = {
label = "Obsidian";
path = "${home}/Documents/Obsidian/personal";
devices = [
"amalthea"
"ganymede"
];
maxConflicts = 0;
};
home.file."Documents/Obsidian/personal/.stignore".source =
../../../../../../common/configs/user/gui/obsidian/.stignore;
};
} }

44
hosts/elara/users/nikara/configs/gui/vscode/default.nix
View File

@@ -1,30 +1,26 @@
{ user, home }: { user, home }:
{ lib, ... }: { ... }:
{ {
home-manager.users.${user} = { home-manager.users.${user}.programs.vscode = {
programs.vscode = { languages = {
languages = { c.enable = true;
c.enable = true; go.enable = true;
go.enable = true; hugo.enable = true;
hugo.enable = true; java.enable = true;
java.enable = true; jinja.enable = true;
jinja.enable = true; lua.enable = true;
lua.enable = true; markdown.enable = true;
markdown.enable = true; nix.enable = true;
nix.enable = true; podman.enable = true;
podman.enable = true; python.enable = true;
python.enable = true; rest.enable = true;
rest.enable = true; rust.enable = true;
rust.enable = true; sas.enable = true;
sas.enable = true; sops.enable = true;
sops.enable = true; typescript.enable = true;
typescript.enable = true; yaml.enable = true;
yaml.enable = true;
};
copilot.enable = true;
}; };
home.sessionVariables.DONT_PROMPT_WSL_INSTALL = "1"; copilot.enable = true;
}; };
} }

56
hosts/elara/users/nikara/default.nix
View File

@@ -14,9 +14,9 @@ in
imports = [ imports = [
(import ../../../common/configs/user { inherit user home; }) (import ../../../common/configs/user { inherit user home; })
(import ../../../common/configs/user/console/attic { inherit user home; }) (import ../../../common/configs/user/console/android { inherit user home; })
(import ../../../common/configs/user/console/brightnessctl { inherit user home; })
(import ../../../common/configs/user/console/btop { inherit user home; }) (import ../../../common/configs/user/console/btop { inherit user home; })
(import ../../../common/configs/user/console/curl { inherit user home; })
(import ../../../common/configs/user/console/dive { inherit user home; }) (import ../../../common/configs/user/console/dive { inherit user home; })
(import ../../../common/configs/user/console/fastfetch { inherit user home; }) (import ../../../common/configs/user/console/fastfetch { inherit user home; })
(import ../../../common/configs/user/console/ffmpeg { inherit user home; }) (import ../../../common/configs/user/console/ffmpeg { inherit user home; })
@@ -27,42 +27,76 @@ in
(import ../../../common/configs/user/console/ip { inherit user home; }) (import ../../../common/configs/user/console/ip { inherit user home; })
(import ../../../common/configs/user/console/jq { inherit user home; }) (import ../../../common/configs/user/console/jq { inherit user home; })
(import ../../../common/configs/user/console/kubernetes { inherit user home; }) (import ../../../common/configs/user/console/kubernetes { inherit user home; })
(import ../../../common/configs/user/console/lazygit { inherit user home; }) (import ../../../common/configs/user/console/libvirt { inherit user home; })
(import ../../../common/configs/user/console/lsof { inherit user home; }) (import ../../../common/configs/user/console/lsof { inherit user home; })
(import ../../../common/configs/user/console/mprocs { inherit user home; }) (import ../../../common/configs/user/console/mprocs { inherit user home; })
(import ../../../common/configs/user/console/ncdu { inherit user home; }) (import ../../../common/configs/user/console/ncdu { inherit user home; })
(import ../../../common/configs/user/console/neovim { inherit user home; }) (import ../../../common/configs/user/console/neovim { inherit user home; })
(import ../../../common/configs/user/console/nix { inherit user home; }) (import ../../../common/configs/user/console/nix { inherit user home; })
(import ../../../common/configs/user/console/nix-cleanup { inherit user home; })
(import ../../../common/configs/user/console/nix-develop { inherit user home; }) (import ../../../common/configs/user/console/nix-develop { inherit user home; })
(import ../../../common/configs/user/console/nix-direnv { inherit user home; }) (import ../../../common/configs/user/console/nix-direnv { inherit user home; })
(import ../../../common/configs/user/console/ouch { inherit user home; }) (import ../../../common/configs/user/console/ouch { inherit user home; })
(import ../../../common/configs/user/console/pipewire { inherit user home; })
(import ../../../common/configs/user/console/podman { inherit user home; }) (import ../../../common/configs/user/console/podman { inherit user home; })
(import ../../../common/configs/user/console/sops { inherit user home; }) (import ../../../common/configs/user/console/sops { inherit user home; })
(import ../../../common/configs/user/console/ssh { inherit user home; }) (import ../../../common/configs/user/console/ssh { inherit user home; })
(import ../../../common/configs/user/console/ssh-agent { inherit user home; }) (import ../../../common/configs/user/console/ssh-agent { inherit user home; })
(import ../../../common/configs/user/console/syncthing { inherit user home; })
(import ../../../common/configs/user/console/tmux { inherit user home; })
(import ../../../common/configs/user/console/tree { inherit user home; }) (import ../../../common/configs/user/console/tree { inherit user home; })
(import ../../../common/configs/user/console/wget { inherit user home; }) (import ../../../common/configs/user/console/wget { inherit user home; })
(import ../../../common/configs/user/console/xdg { inherit user home; }) (import ../../../common/configs/user/console/xdg { inherit user home; })
(import ../../../common/configs/user/console/yazi { inherit user home; }) (import ../../../common/configs/user/console/yazi { inherit user home; })
(import ../../../common/configs/user/console/zellij { inherit user home; }) (import ../../../common/configs/user/console/yt-dlp { inherit user home; })
(import ../../../common/configs/user/console/zoxide { inherit user home; }) (import ../../../common/configs/user/console/zoxide { inherit user home; })
(import ../../../common/configs/user/console/zsh { inherit user home; }) (import ../../../common/configs/user/console/zsh { inherit user home; })
(import ../../../common/configs/user/gui/astal { inherit user home; })
(import ../../../common/configs/user/gui/bluetooth { inherit user home; })
(import ../../../common/configs/user/gui/btop { inherit user home; })
(import ../../../common/configs/user/gui/clipbook { inherit user home; })
(import ../../../common/configs/user/gui/cliphist { inherit user home; })
(import ../../../common/configs/user/gui/emoji { inherit user home; })
(import ../../../common/configs/user/gui/feh { inherit user home; })
(import ../../../common/configs/user/gui/firefox { inherit user home; })
(import ../../../common/configs/user/gui/gtk { inherit user home; }) (import ../../../common/configs/user/gui/gtk { inherit user home; })
(import ../../../common/configs/user/gui/hypridle { inherit user home; })
(import ../../../common/configs/user/gui/hyprland { inherit user home; })
(import ../../../common/configs/user/gui/hyprpicker { inherit user home; })
(import ../../../common/configs/user/gui/hyprshot { inherit user home; })
(import ../../../common/configs/user/gui/kitty { inherit user home; }) (import ../../../common/configs/user/gui/kitty { inherit user home; })
(import ../../../common/configs/user/gui/libreoffice { inherit user home; })
(import ../../../common/configs/user/gui/mpv { inherit user home; })
(import ../../../common/configs/user/gui/networkmanager { inherit user home; })
(import ../../../common/configs/user/gui/obs { inherit user home; })
(import ../../../common/configs/user/gui/obsidian { inherit user home; }) (import ../../../common/configs/user/gui/obsidian { inherit user home; })
(import ../../../common/configs/user/gui/pipewire { inherit user home; })
(import ../../../common/configs/user/gui/qalculate { inherit user home; })
(import ../../../common/configs/user/gui/qt { inherit user home; }) (import ../../../common/configs/user/gui/qt { inherit user home; })
(import ../../../common/configs/user/gui/rofi { inherit user home; })
(import ../../../common/configs/user/gui/rquickshare { inherit user home; })
(import ../../../common/configs/user/gui/spicetify { inherit user home; })
(import ../../../common/configs/user/gui/swww { inherit user home; })
(import ../../../common/configs/user/gui/theme { inherit user home; }) (import ../../../common/configs/user/gui/theme { inherit user home; })
(import ../../../common/configs/user/gui/vscode { inherit user home; }) (import ../../../common/configs/user/gui/vscode { inherit user home; })
(import ../../../common/configs/user/gui/wev { inherit user home; })
(import ../../../common/configs/user/gui/wl-clipboard { inherit user home; })
(import ../../../common/configs/user/gui/x11 { inherit user home; })
(import ../../../common/configs/user/gui/xdg { inherit user home; })
(import ./configs/console/artifactory { inherit user home; })
(import ./configs/console/c { inherit user home; })
(import ./configs/console/go { inherit user home; })
(import ./configs/console/gpg { inherit user home; }) (import ./configs/console/gpg { inherit user home; })
(import ./configs/console/neovim { inherit user home; }) (import ./configs/console/gradle { inherit user home; })
(import ./configs/console/java { inherit user home; })
(import ./configs/console/kubernetes { inherit user home; })
(import ./configs/console/podman { inherit user home; }) (import ./configs/console/podman { inherit user home; })
(import ./configs/console/sas { inherit user home; }) (import ./configs/console/sagew { inherit user home; })
(import ./configs/console/ssh { inherit user home; }) (import ./configs/console/ssh { inherit user home; })
(import ./configs/console/wsl { inherit user home; }) (import ./configs/console/viya4-orders-cli { inherit user home; })
(import ./configs/gui/kitty { inherit user home; })
(import ./configs/gui/obsidian { inherit user home; }) (import ./configs/gui/obsidian { inherit user home; })
(import ./configs/gui/vscode { inherit user home; }) (import ./configs/gui/vscode { inherit user home; })
]; ];
@@ -87,13 +121,9 @@ in
]; ];
linger = true; linger = true;
uid = lib.strings.toInt (builtins.readFile ./uid); uid = lib.strings.toInt (builtins.readFile ./uid);
openssh.authorizedKeys.keyFiles = [
"${inputs.secrets}/domains/personal/id_ed25519.pub"
"${inputs.secrets}/domains/sas/id_ed25519.pub"
];
}; };
wsl.defaultUser = user; services.getty.autologinUser = user;
home-manager.users.${user}.home = { home-manager.users.${user}.home = {
username = user; username = user;

1
hosts/himalia/configs/ssh/default.nix
View File

@@ -10,6 +10,5 @@
User git User git
HostName karaolidis.com HostName karaolidis.com
IdentityFile /root/.ssh/ssh_personal_ed25519_key IdentityFile /root/.ssh/ssh_personal_ed25519_key
IdentitiesOnly yes
''; '';
} }

11
hosts/himalia/default.nix
View File

@@ -1,11 +1,5 @@
{ inputs, ... }: { inputs, ... }:
{ {
nixpkgs.overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
inputs.nur.overlays.default
];
imports = [ imports = [
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
./format.nix ./format.nix
@@ -21,6 +15,7 @@
../common/configs/system/documentation ../common/configs/system/documentation
../common/configs/system/getty ../common/configs/system/getty
../common/configs/system/git ../common/configs/system/git
../common/configs/system/gpg-agent
../common/configs/system/impermanence ../common/configs/system/impermanence
../common/configs/system/lanzaboote ../common/configs/system/lanzaboote
../common/configs/system/libvirt ../common/configs/system/libvirt
@@ -40,12 +35,12 @@
../common/configs/system/smartmontools ../common/configs/system/smartmontools
../common/configs/system/sops ../common/configs/system/sops
../common/configs/system/ssh ../common/configs/system/ssh
../common/configs/system/sshd ../common/configs/system/ssh-agent
../common/configs/system/sudo ../common/configs/system/sudo
../common/configs/system/system ../common/configs/system/system
../common/configs/system/timezone ../common/configs/system/timezone
../common/configs/system/tmux
../common/configs/system/upower ../common/configs/system/upower
../common/configs/system/usb
../common/configs/system/users ../common/configs/system/users
../common/configs/system/zsh ../common/configs/system/zsh

5
hosts/himalia/hardware/default.nix
View File

@@ -62,6 +62,10 @@
name = "alc285-fixup"; name = "alc285-fixup";
patch = ./gu605c-spi-cs-gpio/alc285-fixup.patch; patch = ./gu605c-spi-cs-gpio/alc285-fixup.patch;
} }
{
name = "iwlwifi-no-disable-all-chans";
patch = ./iwlwifi/iwlwifi-no-disable-all-chans.patch;
}
]; ];
initrd = { initrd = {
@@ -84,6 +88,7 @@
services = { services = {
xserver.videoDrivers = [ "nvidia" ]; xserver.videoDrivers = [ "nvidia" ];
fstrim.enable = true; fstrim.enable = true;
tlp.settings.DISK_DEVICES = lib.mkDefault "nvme0n1 nvme1n1";
asusd = { asusd = {
enable = true; enable = true;

26
hosts/himalia/hardware/iwlwifi/iwlwifi-no-disable-all-chans.patch Normal file
View File

@@ -0,0 +1,26 @@
diff --git a/drivers/net/wireless/intel/iwlwifi/fw/regulatory.c b/drivers/net/wireless/intel/iwlwifi/fw/regulatory.c
index 6adcfa6e214a..4512d846629c 100644
--- a/drivers/net/wireless/intel/iwlwifi/fw/regulatory.c
+++ b/drivers/net/wireless/intel/iwlwifi/fw/regulatory.c
@@ -622,7 +622,7 @@ int iwl_fill_lari_config(struct iwl_fw_runtime *fwrt,
cmd->oem_uhb_allow_bitmap = cpu_to_le32(value);
ret = iwl_bios_get_dsm(fwrt, DSM_FUNC_FORCE_DISABLE_CHANNELS, &value);
- if (!ret)
+ if (!ret && value != 0xFFFFFFFF)
cmd->force_disable_channels_bitmap = cpu_to_le32(value);
ret = iwl_bios_get_dsm(fwrt, DSM_FUNC_ENERGY_DETECTION_THRESHOLD,
diff --git a/drivers/net/wireless/intel/iwlwifi/mld/regulatory.c b/drivers/net/wireless/intel/iwlwifi/mld/regulatory.c
index a75af8c1e8ab..e055a946b9e6 100644
--- a/drivers/net/wireless/intel/iwlwifi/mld/regulatory.c
+++ b/drivers/net/wireless/intel/iwlwifi/mld/regulatory.c
@@ -259,7 +259,7 @@ void iwl_mld_configure_lari(struct iwl_mld *mld)
cmd.oem_uhb_allow_bitmap = cpu_to_le32(value);
ret = iwl_bios_get_dsm(fwrt, DSM_FUNC_FORCE_DISABLE_CHANNELS, &value);
- if (!ret)
+ if (!ret && value != 0xFFFFFFFF)
cmd.force_disable_channels_bitmap = cpu_to_le32(value);
ret = iwl_bios_get_dsm(fwrt, DSM_FUNC_ENERGY_DETECTION_THRESHOLD,

12
hosts/himalia/hardware/keybinds.nix
View File

@@ -29,6 +29,18 @@
", XF86Launch4, exec, ${asusctl} profile -n" ", XF86Launch4, exec, ${asusctl} profile -n"
", XF86TouchpadToggle, exec, ${touchpadHelper} asuf1209:00-2808:0219-touchpad" ", XF86TouchpadToggle, exec, ${touchpadHelper} asuf1209:00-2808:0219-touchpad"
]; ];
bind =
let
farmAura = lib.meta.getExe (
pkgs.writeShellApplication {
name = "farm-aura";
runtimeInputs = with pkgs; [ genact ];
text = builtins.readFile ./scripts/farm-aura.sh;
}
);
in
[ ", XF86Launch3, exec, uwsm app -- $term ${farmAura}" ];
}; };
} }
]; ];

13
hosts/himalia/hardware/scripts/farm-aura.sh Executable file
View File

@@ -0,0 +1,13 @@
# shellcheck shell=bash
SESSION_NAME="aura-farm-$$"
tmux new-session -d -s "$SESSION_NAME" "genact -s 25"
tmux set-hook -t "$SESSION_NAME" pane-exited "run-shell 'tmux kill-session -t $SESSION_NAME'"
for _ in {1..4}; do
tmux split-window -t "$SESSION_NAME" -h "genact -s 25"
done
tmux select-layout -t "$SESSION_NAME" tiled
tmux attach-session -t "$SESSION_NAME"

Some files were not shown because too many files have changed in this diff Show More