Compare commits

184 Commits

Author SHA1 Message Date
516dd11e69 Remove transmission seed limit
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-23 10:44:00 +01:00
3dba5ed833 Silence shellcheck
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-23 00:10:35 +01:00
e41e8c2078 Add plex
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-22 23:53:30 +01:00
248432b132 Refactor public ip handling
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-22 10:54:59 +01:00
3bf23f860a Update comentario
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-22 09:58:06 +01:00
fc8e2db679 Add beta media endpoint
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-19 21:13:11 +01:00
183b5e334f Add vps ssh config
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-19 14:14:37 +01:00
496027b505 Update recyclarr profiles
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-16 11:25:33 +01:00
35fd86138d Add systemd unit alerts
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-16 09:36:21 +01:00
88eead5aa4 Fix grafana notifications
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 22:26:25 +01:00
8e21efdc53 Fix inverted grafana panel
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 17:48:44 +01:00
71e13f1408 Update VPN
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 17:42:55 +01:00
f72943c905 Add media notifications
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 16:36:49 +01:00
4cd670bb27 Add grafana alerts
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 15:34:52 +01:00
310950de42 Update littlelink
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 12:08:07 +01:00
d418acb16a Make gitea two-factor
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 12:08:07 +01:00
8f2cea6abf Add blog
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 12:08:07 +01:00
43b6159feb Add gitea runner image
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 12:08:07 +01:00
6b38429bac 80TiB
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 12:08:07 +01:00
615524070b Update grafana dashboards
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 12:08:06 +01:00
1727785180 Add declarative attic cache
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 12:08:06 +01:00
ffafc81ed1 Add authelia consent duration
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 12:07:54 +01:00
367d65e1ba Add comentario
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-15 12:07:53 +01:00
bab9115537 Add nix-fast-build
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-10 20:19:11 +01:00
f960808cc7 Add workaround for wsl systemd bus issue
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-10 09:49:43 +00:00
24d31f6881 Add steam on jupiter
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-07 14:12:17 +01:00
1d3a3cc805 Lobotomize jupiter cpu
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-07 00:28:07 +01:00
2c3abfa403 Add grafana system & traefik dashboards
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-06 17:22:56 +01:00
4f3bf154c0 Fix substituter settings
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-05 12:31:41 +01:00
6ac95006cf Remove sish idle timeout
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-05 10:21:32 +00:00
987ecc4935 Fix duplicate trusted nix user
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-05 10:19:43 +00:00
0ceab452be Add attic
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-03 15:03:30 +01:00
dd34a05ee8 Silence uwsm
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-03 10:49:17 +00:00
35b9dd0cfc Remove elara sudo password
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-03 10:49:05 +00:00
cf0d77b4d9 Update nvf
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-03 07:53:08 +00:00
20b38b0467 Add sish tcp forwarding
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-01 16:33:35 +01:00
f7112f73d7 Fix installer completions
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-01 14:37:59 +01:00
8975de670a Update elara, jupiter
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-01 14:21:21 +01:00
77baa2640f Add git host cli tools
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-09-01 12:55:05 +01:00
8a21f9bbc7 Fix pinentry
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-31 18:16:41 +03:00
02fce06e94 Update
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-31 13:06:33 +03:00
10ae9082ba Add nvf persistence
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-29 14:00:43 +00:00
85a62a84da Add hyprsunset
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-29 13:54:28 +00:00
6883541678 Update gpg pinentry
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-29 13:54:07 +00:00
2292c5663c Update nvf
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-29 13:32:11 +00:00
56b53752bd Disable toggleterm winbar
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-28 12:58:48 +00:00
ac06ba4fc6 Disable kitty window management
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-28 11:38:48 +00:00
332b981f9b Fix neovim wsl
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-28 11:38:30 +00:00
0ffc3e6df2 Update nvf
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-28 10:00:19 +00:00
641d97f793 Add nvf
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-27 10:29:05 +00:00
afe0298b1c Add zellij
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-26 11:41:55 +00:00
deb460989e Update nixos-wsl
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-26 07:11:49 +00:00
26fb9785b8 Update gitmodules
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-23 11:45:18 +03:00
1877efac1d Add some GUI tools on elara
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-20 14:45:53 +00:00
a3f6127cf8 Add cgroup v2 note
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-19 11:08:41 +00:00
af53af5630 Let's hope WSL is not against company policy
If you are looking at this, you know who you are

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-19 11:00:12 +00:00
cd4976e22d Disable hyprland animations on elara
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-18 21:14:01 +03:00
1550d6cdd4 Remove personal obsidian vault from elara
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-18 14:03:34 -04:00
334778287d Update elara drive
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-18 13:46:02 -04:00
dedbe814d5 Add hyper-v modules to installer
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-18 13:35:08 -04:00
9b9c38c265 Update install script
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-18 13:32:46 -04:00
fd78a2b3a2 Virtualize elara
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-18 13:07:20 -04:00
063d3e57b3 Update sas flake
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-18 12:15:02 +03:00
12c7181490 Optimize patching
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-18 11:46:33 +03:00
adf022169e Use docker base image pkg
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-18 11:11:12 +03:00
09fbf7150c Use overlay
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-17 21:24:31 +03:00
795ea28583 Flakify lib, sas
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-17 16:47:20 +03:00
4129589665 Disable fail2ban
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-17 10:59:13 +03:00
62bd6e557b Add klog
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-16 14:00:12 +03:00
bbe3219985 Add sonder
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-16 13:21:47 +03:00
f0554a6a61 Disable system-wide ssh agent
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-16 12:59:07 +03:00
197bfc447b Fix SSH identities bug
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-16 12:38:09 +03:00
37888fd991 Commit submodules
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-15 22:07:52 +03:00
7b93b1ac5b Add ncspot
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-15 14:33:36 +03:00
9792e6b05b Add elara keybinds
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-15 14:33:11 +03:00
a039938333 Add sas input
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-15 14:32:44 +03:00
573d3dccc2 Remove GitLab CI
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-15 14:30:55 +03:00
0665ded197 Reorganize secrets
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-15 09:58:03 +03:00
2da836953b Enable copilot on elara
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-13 10:45:19 +03:00
ca575c9a4c Add vscode smooth scrolling
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-13 10:21:40 +03:00
9159756011 Add spicetify
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-13 10:21:30 +03:00
1a1fe30c96 Switch secrets to SSH
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-11 17:12:03 +02:00
a9875aa0e0 Update
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-11 17:10:45 +02:00
b18dba83a4 Fix steam-ln
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-09 20:24:18 +02:00
1234d7d455 Add lanzaboote
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-09 18:09:43 +02:00
6873ecc0df Add hugo vscode extension
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-04 11:56:50 +02:00
96da7fdb0c Update flake template
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-04 10:51:21 +02:00
027ecdf887 Edit Jellyfin library order
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-01 12:52:50 +01:00
300f2ff34f Add SAS ssh aliases
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-01 11:50:35 +01:00
d8f143db13 Update SAS tunnel implementation
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-01 11:37:16 +01:00
98dae8cb02 Update ssh keys
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-08-01 09:43:52 +01:00
9126dfed0d Fix gitea runner images
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-31 12:27:59 +01:00
4512cce3d4 Fix gitea runner registration
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-31 11:19:16 +01:00
f1593c2c56 Update
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-31 00:42:01 +01:00
a11dd05dba Skip shader cache cleanup
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-30 16:02:31 +01:00
a430f1ddd8 Add personal ssh key on jupiter
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-30 11:38:33 +01:00
ab8feea39c Add hypridle
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-30 10:59:07 +01:00
ece2150e10 Increase oidcwarden stack size
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-30 10:26:43 +01:00
0c829b0bfb Fix nextcloud override
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-30 09:56:06 +01:00
cbb908a968 Increase transmission limits
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-30 09:39:23 +01:00
f1f1cf39b0 Add comentario
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-29 13:27:41 +01:00
bff2fca2eb Use makeWrapper
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-29 10:45:08 +01:00
7f9a1dcb66 Add gitlab known hosts
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-28 15:38:14 +01:00
084fda4ba6 Add traefik security headers, short url
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-28 11:59:19 +01:00
4e80c1a890 Soft update
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-28 11:03:50 +01:00
3ba9ee6249 Add gaming performance tuning
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-27 02:49:08 +01:00
c4fafe3043 Clean up wivrn
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-26 20:46:35 +01:00
077ceb3c69 Add nginx-receiver
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-26 20:29:06 +01:00
095f1d063a Add proton-launch
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-26 15:29:16 +01:00
db63042d16 Use callPackage
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-26 15:00:32 +01:00
fe95d3271a Update jellyfin packages
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-26 14:53:07 +01:00
db6da46727 Add wivrn
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-26 14:25:58 +01:00
573037d2ef Add prismlauncher symlink
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-26 11:19:44 +01:00
b4640f8218 Add prismlauncher
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-26 11:01:08 +01:00
ce2f51e914 Fix steam-ln script
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-26 10:54:39 +01:00
d663b05527 Move steam config
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-26 10:30:39 +01:00
aaca09300e Add gamescope fixes
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-25 23:52:01 +01:00
453c8ecc65 Add gitea act runner
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-25 17:41:58 +01:00
d38be7625c Add gitea admin
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-25 15:24:27 +01:00
1f89f09159 Update
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-25 15:24:15 +01:00
cec17c9bbf Format
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-25 11:56:16 +01:00
91187d92df Remove .vscode settings
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 17:07:57 +01:00
fca7206764 Cycle GPG Keys
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 16:59:00 +01:00
fa09a70b65 Remove SAS globalprotect
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 16:59:00 +01:00
b7c7023ff0 Use keyfiles
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 15:16:29 +01:00
247897643c Fix vps install script
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 13:35:52 +01:00
f691ed9bb9 Cycle app secrets
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 13:24:27 +01:00
b7161495a0 Cycle SMTP keys
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 11:50:23 +01:00
ce12d650d2 Cycle wireguard keys
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 11:37:38 +01:00
a8f05267bd Fix build
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 11:04:56 +01:00
9c48849e68 Revert "Update"
This reverts commit 13f24c6880.
2025-07-24 11:02:13 +01:00
15bf209e8c Refactor secrets
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 11:01:47 +01:00
ba55a766ec Add ghost archive
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-23 19:46:27 +01:00
0649e4f9df Add docker-mysql
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-23 18:54:45 +01:00
53e2f3106b Format
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-23 15:53:46 +01:00
13f24c6880 Update
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-23 14:29:27 +01:00
bebe478a7b Allow RlsGroups
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-23 10:19:44 +01:00
f3ca552897 Soft update
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-23 08:48:51 +01:00
129c59dd63 Fix himalia brightness
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-22 19:49:17 +01:00
18daa8bd89 Add iwlwifi patch
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-21 18:39:51 +01:00
4a2d99957b Fix jupiter bugs
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-20 20:21:06 +01:00
1587967488 Refactor flake patching/recursion
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-19 12:51:28 +01:00
a3d44b8b26 Fix prowlarr bug
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-18 00:14:01 +01:00
718ccc506f Fix atomic media moves
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-17 22:28:24 +01:00
3a110af1ec Add lore
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-17 21:49:47 +01:00
dca420751a Add jellyfin box set plugin
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-17 17:46:53 +01:00
752caa0321 Update transmission peer limit
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-17 17:10:02 +01:00
390602f562 Fix nvidia-patch TODO
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-17 09:15:10 +01:00
bb3b6856d6 Add littlelink
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-16 23:58:03 +01:00
453cde2a4b Add jellyfin opensubtitles
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-16 16:11:26 +01:00
03e53accae Add jellyseerr
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-16 12:26:27 +01:00
e087cdb630 Refactor docker shadowSetup
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-15 16:32:24 +01:00
31e7d625cf Make jellyfin script idempotent
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-15 11:01:34 +01:00
72ea51e1d9 Make arr scripts idempotent
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-15 00:20:09 +01:00
e2ee815d58 Add user-agent-string-switcher
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-14 16:46:27 +01:00
184aa4da8f Update
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-13 23:33:27 +01:00
8f965bbede Increase transmission download limit
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-10 20:43:12 +01:00
41b173c3d2 Add FIXME note
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-10 20:15:55 +01:00
3272063a43 Add recyclarr
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-10 19:38:19 +01:00
249f6fcac0 Clean up media names
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-10 12:20:48 +01:00
479af0caf5 Add radarr, sonarr volume mounts
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-10 10:28:21 +01:00
384f1b222f Add radarr, sonarr
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-09 21:36:43 +01:00
cb187f3518 Add tv app whitelist
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-09 20:00:57 +01:00
d60050c5d1 Update adguard tv whitelist
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-09 11:06:59 +01:00
a18ce54dc4 Add adguardhome
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-08 13:29:40 +01:00
4f3b71e2a0 Add temporary crun fix
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-07 09:23:01 +01:00
bf1c84c057 Add prowlarr
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-06 18:59:59 +01:00
5c098a8aa9 Remove init containers
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-06 12:20:45 +01:00
48d3ba5092 Refactor container working dirs
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-06 11:36:13 +01:00
bf49eac272 Add jellyfin
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-05 16:41:54 +01:00
e24997677d Update
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-04 18:12:51 +01:00
ad7ef2705d Add vscode remote dev extension
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-04 16:09:26 +01:00
6a029b66c3 Fix jupiter storage ACLs
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-04 11:26:03 +01:00
e5c699fcb0 Add jupiter transmission container
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-03 12:10:22 +01:00
33cd3bece9 Minor grep improvements
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-02 22:53:23 +01:00
7289e685ab Add transmission container
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-02 22:46:47 +01:00
48dce9157c Update ncspot keybind
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-02 15:54:52 +01:00
94d0f4e984 Move jupiter containers to mass storage
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-01 11:13:13 +01:00
f315e11ba1 Add jupiter btop config
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-01 10:08:22 +01:00
94500f51cd Add smartd
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-01 09:51:34 +01:00
88ef04def8 Add jupiter storage
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-01 01:30:15 +01:00
68e6eddd22 Update astal
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-06-30 00:39:34 +01:00
b8c43dc5d8 Update
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-06-29 23:04:34 +01:00
ea2ab2101a Add shlink
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-06-29 12:56:19 +01:00
428 changed files with 40451 additions and 10689 deletions

7
.gitignore vendored Normal file
View File

@@ -0,0 +1,7 @@
# ---> Nix
# Ignore build outputs from performing a nix-build or `nix build` command
result
result-*
# Ignore automatically generated direnv output
.direnv

View File

@@ -1,27 +0,0 @@
stages:
- build
- test
variables:
GIT_SUBMODULE_STRATEGY: recursive
cache: &global_cache
key:
files:
- flake.lock
- flake.nix
paths:
- /nix/store
policy: pull-push
build:
image: nixos/nix
stage: build
timeout: 48h
cache:
<<: *global_cache
script:
- nix --experimental-features 'nix-command flakes' flake check --show-trace
include:
- template: Jobs/Secret-Detection.gitlab-ci.yml

17
.gitmodules vendored
View File

@@ -1,8 +1,9 @@
[submodule "submodules/nixpkgs"] [submodule "secrets"]
path = submodules/nixpkgs path = submodules/secrets
url = git@github.com:karaolidis/nixpkgs.git url = git@karaolidis.com:karaolidis/nix-secrets.git
branch = integration [submodule "sas"]
[submodule "submodules/home-manager"] path = submodules/sas
path = submodules/home-manager url = git@karaolidis.com:karaolidis/nix-sas.git
url = git@github.com:karaolidis/home-manager.git [submodule "lib"]
branch = integration path = submodules/lib
url = git@karaolidis.com:karaolidis/nix-lib.git

View File

@@ -1,3 +0,0 @@
{
"sops.defaults.ageKeyFile": "./secrets/personal/key.txt"
}

View File

@@ -7,7 +7,6 @@ NixOS dotfiles and configuration for various hosts and users.
- [`flake.lock`](./flake.lock) and [`flake.nix`](./flake.nix): Core Nix flake files defining the repository's dependencies and entry points. - [`flake.lock`](./flake.lock) and [`flake.nix`](./flake.nix): Core Nix flake files defining the repository's dependencies and entry points.
- [`hosts/`](./hosts): All host-specific configurations. - [`hosts/`](./hosts): All host-specific configurations.
- [`common/`](./hosts/common): Shared configuration definitions. - [`common/`](./hosts/common): Shared configuration definitions.
- [`shells/`](./hosts/common/shells): Nix dev shells. - [`shells/`](./hosts/common/shells): Nix dev shells.
- [`configs/`](./hosts/common/configs): System configurations applicable to all hosts. - [`configs/`](./hosts/common/configs): System configurations applicable to all hosts.
@@ -17,19 +16,16 @@ NixOS dotfiles and configuration for various hosts and users.
- [`gui/`](./hosts/common/configs/user/gui): GUI-related settings. - [`gui/`](./hosts/common/configs/user/gui): GUI-related settings.
- `<name>/`: Individual host configurations. - `<name>/`: Individual host configurations.
- [`overlays/`](./overlays/): Custom patches.
- [`packages/`](./packages/): Custom packages. - [`packages/`](./packages/): Custom packages.
- `secrets/<namespace>/`: Global secrets for individual namespaces that apply across all hosts. - [`scripts/`](./scripts): Utility scripts for managing the repository.
- [`add-host.sh`](./scripts/add-host.sh): Instantiate the keys for a new host configuration.
- [`lib/`](./lib): Nix library function definitions and utilities. - [`remove-host.sh`](./scripts/remove-host.sh): Remove references to a host.
- [`update-keys.sh`](./scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations.
- [`scripts/`](./lib/scripts): Utility scripts for managing the repository. - [`update.sh`](./scripts/update.sh): Update flake and all packages.
- [`add-host.sh`](./lib/scripts/add-host.sh): Instantiate the keys for a new host configuration. - [`cache.sh`](./scripts/cache.sh): Build all `nixosConfiguration`s and push them to `attic`.
- [`remove-host.sh`](./lib/scripts/remove-host.sh): Remove references to a host.
- [`update-keys.sh`](./lib/scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations.
- [`update.sh`](./lib/scripts/update.sh): Update flake and all git submodules.
- [`submodules/`](./submodules): Flake forks used in the repository, such as [`nixpkgs`](https://github.com/NixOS/nixpkgs) and [`home-manager`](https://github.com/nix-community/home-manager).
Any `options.nix` files create custom option definitions when present. Any `options.nix` files create custom option definitions when present.

450
flake.lock generated
View File

@@ -10,16 +10,15 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1744557573, "lastModified": 1756487002,
"narHash": "sha256-XAyj0iDuI51BytJ1PwN53uLpzTDdznPDQFG4RwihlTQ=", "narHash": "sha256-hN9RfNXy53qAkT68T+IYZpl68uE1uPOVMkw0MqC43KA=",
"owner": "aylur", "owner": "aylur",
"repo": "ags", "repo": "ags",
"rev": "3ed9737bdbc8fc7a7c7ceef2165c9109f336bff6", "rev": "8ff792dba6cc82eed10e760f551075564dd0a407",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "aylur", "owner": "aylur",
"ref": "main",
"repo": "ags", "repo": "ags",
"type": "github" "type": "github"
} }
@@ -31,20 +30,34 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1749559749, "lastModified": 1756474652,
"narHash": "sha256-TM95tg1G7S6rVBBoMwurXMz8Il4xlnuZ2TI4h6lfZzg=", "narHash": "sha256-iiBU6itpEqE0spXeNJ3uJTfioSyKYjt5bNepykpDXTE=",
"owner": "aylur", "owner": "aylur",
"repo": "astal", "repo": "astal",
"rev": "dd8a4662f2f17fb4326a7bd0fb2d054f5d477ba3", "rev": "20bd8318e4136fbd3d4eb2d64dbabc3acbc915dd",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "aylur", "owner": "aylur",
"ref": "main",
"repo": "astal", "repo": "astal",
"type": "github" "type": "github"
} }
}, },
"crane": {
"locked": {
"lastModified": 1754269165,
"narHash": "sha256-0tcS8FHd4QjbCVoxN9jI+PjHgA4vc/IjkUSp+N3zy0U=",
"owner": "ipetkov",
"repo": "crane",
"rev": "444e81206df3f7d92780680e45858e31d2f07a08",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -52,33 +65,67 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1749436314, "lastModified": 1746728054,
"narHash": "sha256-CqmqU5FRg5AadtIkxwu8ulDSOSoIisUMZRLlcED3Q5w=", "narHash": "sha256-eDoSOhxGEm2PykZFa/x9QG5eTH0MJdiJ9aR00VAofXE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "dfa4d1b9c39c0342ef133795127a3af14598017a", "rev": "ff442f5d1425feb86344c028298548024f21256d",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "master", "ref": "latest",
"repo": "disko", "repo": "disko",
"type": "github" "type": "github"
} }
}, },
"flake-compat": {
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"revCount": 69,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
}
},
"flake-input-patcher": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"systems": [
"systems"
]
},
"locked": {
"lastModified": 1751871600,
"narHash": "sha256-I4/2ekJrbRMhOpKfzgnlrN45nQj9YQmZnoSeAaRa1SU=",
"owner": "jfly",
"repo": "flake-input-patcher",
"rev": "4ff068126d49829b106280738944bde91951d59d",
"type": "github"
},
"original": {
"owner": "jfly",
"repo": "flake-input-patcher",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": "nixpkgs-lib"
"nur",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1733312601, "lastModified": 1754487366,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -103,11 +150,32 @@
}, },
"original": { "original": {
"owner": "numtide", "owner": "numtide",
"ref": "main",
"repo": "flake-utils", "repo": "flake-utils",
"type": "github" "type": "github"
} }
}, },
"gitignore": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"pre-commit-hooks-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -115,39 +183,50 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1749678254, "lastModified": 1756579987,
"narHash": "sha256-6I+qez0MnHu9M2spLj3LsGA/cUGgfx17/hMPvmrUMoU=", "narHash": "sha256-duCce8zGsaMsrqqOmLOsuaV1PVIw/vXWnKuLKZClsGg=",
"owner": "karaolidis", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "e248f54290b483a47c7550f69faecb8ed97e4831", "rev": "99a69bdf8a3c6bf038c4121e9c4b6e99706a187a",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "karaolidis", "owner": "nix-community",
"ref": "integration",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
}, },
"nixpkgs": { "lanzaboote": {
"locked": { "inputs": {
"lastModified": 1749678247, "crane": "crane",
"narHash": "sha256-K83Q3c/o5CdMB3Npk3P1kCIz6FcUuJV8E4k6z1YN8AQ=", "flake-compat": [
"owner": "karaolidis", "flake-compat"
"repo": "nixpkgs", ],
"rev": "4d408c92fe165ab68f012a3fa36d4c58d84e83bd", "flake-parts": [
"type": "github" "flake-parts"
}, ],
"original": { "nixpkgs": [
"owner": "karaolidis", "nixpkgs"
"ref": "integration", ],
"repo": "nixpkgs", "pre-commit-hooks-nix": "pre-commit-hooks-nix",
"type": "github" "rust-overlay": "rust-overlay"
} },
}, "locked": {
"nur": { "lastModified": 1754297745,
"narHash": "sha256-aD6/scLN3L4ZszmNbhhd3JQ9Pzv1ScYFphz14wHinfs=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "892cbdca865d6b42f9c0d222fe309f7720259855",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "lanzaboote",
"type": "github"
}
},
"lib": {
"inputs": { "inputs": {
"flake-parts": "flake-parts",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
@@ -156,32 +235,202 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1749675110, "lastModified": 1757531256,
"narHash": "sha256-NkDE/JyeQJmLtpXjyFZK2wKs5K7isap7MBIzoYMC9nk=", "narHash": "sha256-aOqrRvKmHoPKVhEYgV/RbsMXYXy6W9Tt1uhGK3dWMlE=",
"ref": "refs/heads/main",
"rev": "be7b39f41a1137a68944fc73db5a24544e015eb6",
"revCount": 7,
"type": "git",
"url": "https://git.karaolidis.com/karaolidis/nix-lib.git"
},
"original": {
"type": "git",
"url": "https://git.karaolidis.com/karaolidis/nix-lib.git"
}
},
"mnw": {
"locked": {
"lastModified": 1748710831,
"narHash": "sha256-eZu2yH3Y2eA9DD3naKWy/sTxYS5rPK2hO7vj8tvUCSU=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "cff958a4e050f8d917a6ff3a5624bc4681c6187d",
"type": "github"
},
"original": {
"owner": "Gerg-L",
"repo": "mnw",
"type": "github"
}
},
"nixos-wsl": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1755774185,
"narHash": "sha256-XjKqiTA19mkoBkja0VOy90qp2gC1f2fGgsLb9m1lg5Q=",
"owner": "karaolidis",
"repo": "NixOS-WSL",
"rev": "b1f426697f62006b99fac0cc25a106626c78f874",
"type": "github"
},
"original": {
"owner": "karaolidis",
"ref": "extra-files",
"repo": "NixOS-WSL",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1756542300,
"narHash": "sha256-tlOn88coG5fzdyqz6R93SQL5Gpq+m/DsWpekNFhqPQk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d7600c775f877cd87b4f5a831c28aa94137377aa",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1753579242,
"narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "nixpkgs.lib",
"rev": "0e8328c18d801a253ed5dfd17bd78254d9669d06", "rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "main", "repo": "nixpkgs.lib",
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": [
"flake-parts"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1756630008,
"narHash": "sha256-weZiVKbiWQzTifm6qCxzhxghEu5mbh9mWNUdkzOLCR0=",
"owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "f6a5a7b60dd6065e78ef06390767e689ffa3c23f",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"nvf": {
"inputs": {
"flake-compat": [
"flake-compat"
],
"flake-parts": [
"flake-parts"
],
"mnw": "mnw",
"nixpkgs": [
"nixpkgs"
],
"systems": [
"systems"
]
},
"locked": {
"lastModified": 1755463179,
"narHash": "sha256-5Ggb1Mhf7ZlRgGi2puCa2PvWs6KbMnWBlW6KW7Vf79Y=",
"owner": "NotAShelf",
"repo": "nvf",
"rev": "03833118267ad32226b014b360692bdce9d6e082",
"type": "github"
},
"original": {
"owner": "NotAShelf",
"repo": "nvf",
"type": "github"
}
},
"nvidia-patch": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"utils": [
"flake-utils"
]
},
"locked": {
"lastModified": 1756052001,
"narHash": "sha256-dlLqyHxqiFAoIwshKe9X3PzXcJ+up88Qb2JVQswFaNE=",
"owner": "icewind1991",
"repo": "nvidia-patch-nixos",
"rev": "780af7357d942fad2ddd9f325615a5f6ea7e37ee",
"type": "github"
},
"original": {
"owner": "icewind1991",
"repo": "nvidia-patch-nixos",
"type": "github"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1750779888,
"narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github" "type": "github"
} }
}, },
"quadlet-nix": { "quadlet-nix": {
"locked": { "locked": {
"lastModified": 1749099346, "lastModified": 1754008153,
"narHash": "sha256-5gi/YaLVsFztGvVH45eB6jsBmZf+HnvDeSA9RXUqbcY=", "narHash": "sha256-MYT1mDtSkiVg343agxgBFsnuNU3xS8vRy399JXX1Vw0=",
"owner": "SEIAROTg", "owner": "SEIAROTg",
"repo": "quadlet-nix", "repo": "quadlet-nix",
"rev": "d4119a3423f938427252ba8bbdbe8ce040751864", "rev": "1b2d27d460d8c7e4da5ba44ede463b427160b5c4",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "SEIAROTg", "owner": "SEIAROTg",
"ref": "main",
"repo": "quadlet-nix", "repo": "quadlet-nix",
"type": "github" "type": "github"
} }
@@ -191,17 +440,90 @@
"ags": "ags", "ags": "ags",
"astal": "astal", "astal": "astal",
"disko": "disko", "disko": "disko",
"flake-compat": "flake-compat",
"flake-input-patcher": "flake-input-patcher",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"home-manager": "home-manager", "home-manager": "home-manager",
"lanzaboote": "lanzaboote",
"lib": "lib",
"nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nur": "nur", "nur": "nur",
"nvf": "nvf",
"nvidia-patch": "nvidia-patch",
"quadlet-nix": "quadlet-nix", "quadlet-nix": "quadlet-nix",
"sas": "sas",
"secrets": "secrets",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"spicetify-nix": "spicetify-nix", "spicetify-nix": "spicetify-nix",
"systems": "systems", "systems": "systems",
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
} }
}, },
"rust-overlay": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754189623,
"narHash": "sha256-fstu5eb30UYwsxow0aQqkzxNxGn80UZjyehQVNVHuBk=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "c582ff7f0d8a7ea689ae836dfb1773f1814f472a",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"sas": {
"inputs": {
"lib": [
"lib"
],
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": [
"treefmt-nix"
]
},
"locked": {
"lastModified": 1757531894,
"narHash": "sha256-GwV3ES7n/2mwPeu8FGfViI6QfzbTrvNob3OZOsPQId0=",
"ref": "refs/heads/main",
"rev": "3d069983345ea83549c641dd3f8875e54aaf1c2b",
"revCount": 12,
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git"
},
"original": {
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git"
}
},
"secrets": {
"flake": false,
"locked": {
"lastModified": 1758576944,
"narHash": "sha256-P6fvi2mjyJEUg19BTZ6eb+fRM8V6s2xY1SWQ8gb49U0=",
"ref": "refs/heads/main",
"rev": "a9d956a20fc4534fcc7d3da7f0994c499c4ea405",
"revCount": 47,
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git"
},
"original": {
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git"
}
},
"sops-nix": { "sops-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -209,16 +531,15 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1749592509, "lastModified": 1754988908,
"narHash": "sha256-VunQzfZFA+Y6x3wYi2UE4DEQ8qKoAZZCnZPUlSoqC+A=", "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "50754dfaa0e24e313c626900d44ef431f3210138", "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "Mic92", "owner": "Mic92",
"ref": "master",
"repo": "sops-nix", "repo": "sops-nix",
"type": "github" "type": "github"
} }
@@ -233,16 +554,15 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1749357231, "lastModified": 1756614537,
"narHash": "sha256-AbrPgGFVYR45TlYLHYTppayG0xzOG9XXhi+1j3Klbw8=", "narHash": "sha256-qyszmZO9CEKAlj5NBQo1AIIADm5Fgqs5ZggW1sU1TVo=",
"owner": "Gerg-L", "owner": "Gerg-L",
"repo": "spicetify-nix", "repo": "spicetify-nix",
"rev": "03783416f7416715c52166d4e8ba0492a7149397", "rev": "374eb5d97092b97f7aaafd58a2012943b388c0df",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "Gerg-L", "owner": "Gerg-L",
"ref": "master",
"repo": "spicetify-nix", "repo": "spicetify-nix",
"type": "github" "type": "github"
} }
@@ -258,7 +578,6 @@
}, },
"original": { "original": {
"owner": "nix-systems", "owner": "nix-systems",
"ref": "main",
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
@@ -270,16 +589,15 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1749194973, "lastModified": 1755934250,
"narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=", "narHash": "sha256-CsDojnMgYsfshQw3t4zjRUkmMmUdZGthl16bXVWgRYU=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5", "rev": "74e1a52d5bd9430312f8d1b8b0354c92c17453e5",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "numtide", "owner": "numtide",
"ref": "main",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"type": "github" "type": "github"
} }

290
flake.nix
View File

@@ -1,113 +1,118 @@
{ {
inputs = { inputs = {
nixpkgs = { # Configuration
# --- Official nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
# type = "github";
# owner = "NixOS";
# repo = "nixpkgs";
# ref = "master";
# --- Fork
type = "github";
owner = "karaolidis";
repo = "nixpkgs";
ref = "integration";
# --- Local
# url = "git+file:./submodules/nixpkgs";
};
home-manager = { home-manager = {
# --- Official url = "github:nix-community/home-manager";
# type = "github";
# owner = "nix-community"
# repo = "home-manager";
# --- Fork
type = "github";
owner = "karaolidis";
repo = "home-manager";
ref = "integration";
# --- Local
# url = "git+file:./submodules/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
disko = { # Packages
type = "github";
owner = "nix-community";
repo = "disko";
ref = "master";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
type = "github";
owner = "Mic92";
repo = "sops-nix";
ref = "master";
inputs.nixpkgs.follows = "nixpkgs";
};
systems = {
type = "github";
owner = "nix-systems";
repo = "default";
ref = "main";
};
nur = { nur = {
type = "github"; url = "github:nix-community/NUR";
owner = "nix-community"; inputs = {
repo = "NUR"; nixpkgs.follows = "nixpkgs";
ref = "main"; flake-parts.follows = "flake-parts";
};
};
# DevOps
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
treefmt-nix = {
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
flake-input-patcher = {
url = "github:jfly/flake-input-patcher";
inputs = {
nixpkgs.follows = "nixpkgs";
systems.follows = "systems";
};
};
# Personal
lib = {
# FIXME: https://github.com/NixOS/nix/issues/12281
url = "git+https://git.karaolidis.com/karaolidis/nix-lib.git";
inputs = { inputs = {
nixpkgs.follows = "nixpkgs"; nixpkgs.follows = "nixpkgs";
treefmt-nix.follows = "treefmt-nix"; treefmt-nix.follows = "treefmt-nix";
}; };
}; };
flake-utils = { sas = {
type = "github"; # FIXME: https://github.com/NixOS/nix/issues/12281
owner = "numtide"; url = "git+ssh://git@karaolidis.com/karaolidis/nix-sas.git";
repo = "flake-utils"; inputs = {
ref = "main"; nixpkgs.follows = "nixpkgs";
lib.follows = "lib";
inputs.systems.follows = "systems"; treefmt-nix.follows = "treefmt-nix";
};
}; };
treefmt-nix = { secrets = {
type = "github"; # FIXME: https://github.com/NixOS/nix/issues/12281
owner = "numtide"; url = "git+ssh://git@karaolidis.com/karaolidis/nix-secrets.git";
repo = "treefmt-nix"; flake = false;
ref = "main"; };
# Hardware
disko = {
url = "github:nix-community/disko/latest";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
quadlet-nix = { lanzaboote = {
type = "github"; url = "github:nix-community/lanzaboote";
owner = "SEIAROTg"; inputs = {
repo = "quadlet-nix"; nixpkgs.follows = "nixpkgs";
ref = "main"; flake-compat.follows = "flake-compat";
flake-parts.follows = "flake-parts";
};
};
nixos-wsl = {
url = "github:karaolidis/NixOS-WSL/extra-files";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
};
};
# Applications
nvf = {
url = "github:NotAShelf/nvf";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-compat.follows = "flake-compat";
flake-parts.follows = "flake-parts";
systems.follows = "systems";
};
};
quadlet-nix.url = "github:SEIAROTg/quadlet-nix";
nvidia-patch = {
url = "github:icewind1991/nvidia-patch-nixos";
inputs = {
nixpkgs.follows = "nixpkgs";
utils.follows = "flake-utils";
};
}; };
astal = { astal = {
type = "github"; url = "github:aylur/astal";
owner = "aylur";
repo = "astal";
ref = "main";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
ags = { ags = {
type = "github"; url = "github:aylur/ags";
owner = "aylur";
repo = "ags";
ref = "main";
inputs = { inputs = {
nixpkgs.follows = "nixpkgs"; nixpkgs.follows = "nixpkgs";
astal.follows = "astal"; astal.follows = "astal";
@@ -115,70 +120,101 @@
}; };
spicetify-nix = { spicetify-nix = {
type = "github"; url = "github:Gerg-L/spicetify-nix";
owner = "Gerg-L";
repo = "spicetify-nix";
ref = "master";
inputs = { inputs = {
nixpkgs.follows = "nixpkgs"; nixpkgs.follows = "nixpkgs";
systems.follows = "systems"; systems.follows = "systems";
}; };
}; };
# Transitive Dependencies
systems.url = "github:nix-systems/default";
flake-parts.url = "github:hercules-ci/flake-parts";
flake-utils = {
url = "github:numtide/flake-utils";
inputs.systems.follows = "systems";
};
flake-compat.url = "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz";
}; };
outputs = outputs =
{ self, nixpkgs, ... }@inputs: unpatchedInputs:
let
patchInputs =
system:
let
patcher = unpatchedInputs.flake-input-patcher.lib.${system};
patches = import ./patches.nix { inherit patcher; };
in
if patches != { } then patcher.patch unpatchedInputs patches else unpatchedInputs;
mkNixosConfiguration =
inputs: system: modules:
inputs.nixpkgs.lib.nixosSystem {
inherit system modules;
specialArgs = { inherit inputs system; };
};
in
{ {
nixosConfigurations = { overlays.default = import ./overlays;
installer = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [ ./hosts/installer ];
specialArgs = { inherit inputs system; };
};
himalia = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [ ./hosts/himalia ];
specialArgs = { inherit inputs system; };
};
elara = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [ ./hosts/elara ];
specialArgs = { inherit inputs system; };
};
jupiter = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [ ./hosts/jupiter ];
specialArgs = { inherit inputs system; };
};
jupiter-vps = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [ ./hosts/jupiter-vps ];
specialArgs = { inherit inputs system; };
};
};
} }
// inputs.flake-utils.lib.eachSystem [ "x86_64-linux" ] ( // (
system:
let let
pkgs = import nixpkgs { system = "x86_64-linux";
inputs = patchInputs system;
pkgs = import inputs.nixpkgs {
inherit system; inherit system;
config.allowUnfree = true; config.allowUnfree = true;
overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
];
}; };
treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix; treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
in in
{ {
devShells = import ./hosts/common/shells { inherit pkgs; }; nixosConfigurations = {
lib = import ./lib { inherit pkgs; }; installer = mkNixosConfiguration inputs system [ ./hosts/installer ];
packages = import ./packages { inherit pkgs inputs system; }; himalia = mkNixosConfiguration inputs system [ ./hosts/himalia ];
elara = mkNixosConfiguration inputs system [ ./hosts/elara ];
jupiter = mkNixosConfiguration inputs system [ ./hosts/jupiter ];
jupiter-vps = mkNixosConfiguration inputs system [ ./hosts/jupiter-vps ];
};
formatter = treefmt.config.build.wrapper; devShells.${system} = import ./hosts/common/shells { inherit pkgs; };
checks.formatting = treefmt.config.build.check self; packages.${system} = import ./packages { inherit pkgs; };
formatter.${system} = treefmt.config.build.wrapper;
checks.${system} =
let
nixosConfigurations =
pkgs.lib.mapAttrs'
(
name: config:
pkgs.lib.nameValuePair "nixosConfiguration-${name}" config.config.system.build.toplevel
)
((pkgs.lib.filterAttrs (_: config: config.pkgs.system == system)) inputs.self.nixosConfigurations);
packages = pkgs.lib.mapAttrs' (
name: pkgs.lib.nameValuePair "package-${name}"
) inputs.self.packages.${system};
overlayPackages = pkgs.lib.mapAttrs' (n: pkgs.lib.nameValuePair "overlayPackage-${n}") (
import ./overlays/packages.nix { inherit pkgs; }
);
devShells = pkgs.lib.mapAttrs' (
name: pkgs.lib.nameValuePair "devShell-${name}"
) inputs.self.devShells.${system};
formatter.formatting = treefmt.config.build.check inputs.self;
in
nixosConfigurations // packages // overlayPackages // devShells // formatter;
} }
); );
} }

View File

@@ -1,5 +0,0 @@
{ ... }:
{
# https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-local-tunnel/
services.cloudflared.enable = true;
}

View File

@@ -3,5 +3,6 @@
imports = [ imports = [
./cpu/options.nix ./cpu/options.nix
./impermanence/options.nix ./impermanence/options.nix
./networking/options.nix
]; ];
} }

View File

@@ -1,22 +0,0 @@
{ lib, pkgs, ... }:
{
networking.networkmanager.dns = "dnsmasq";
environment.etc."NetworkManager/dnsmasq.d/10-bind-interfaces.conf".source =
(pkgs.formats.keyValue {
mkKeyValue =
name: value:
if value == true then
name
else if value == false then
""
else
lib.generators.mkKeyValueDefault { } "=" name value;
listsAsDuplicateKeys = true;
}).generate
"10-bind-interfaces.conf"
{
bind-interfaces = true;
listen-address = [ "127.0.0.1" ];
};
}

View File

@@ -0,0 +1,14 @@
{ ... }:
{
environment.persistence."/persist/state"."/var/lib/fail2ban" = { };
services.fail2ban = {
enable = true;
bantime = "24h";
bantime-increment = {
enable = true;
maxtime = "720h";
overalljails = true;
};
};
}

View File

@@ -1,4 +0,0 @@
{ ... }:
{
programs.gnupg.agent.enable = true;
}

View File

@@ -233,11 +233,11 @@ in
unitConfig.ConditionPathExists = [ (lib.strings.escape [ " " ] c.source) ]; unitConfig.ConditionPathExists = [ (lib.strings.escape [ " " ] c.source) ];
what = c.source; what = c.source;
where = c.target; where = c.target;
options = lib.strings.concatStringsSep "," ([ options = lib.strings.concatStringsSep "," [
"bind" "bind"
"X-fstrim.notrim" "X-fstrim.notrim"
"x-gvfs-hide" "x-gvfs-hide"
]); ];
}) all; }) all;
services = builtins.listToAttrs ( services = builtins.listToAttrs (

View File

@@ -0,0 +1,22 @@
{
inputs,
lib,
pkgs,
...
}:
{
imports = [ inputs.lanzaboote.nixosModules.lanzaboote ];
environment = {
persistence."/persist/state"."/var/lib/sbctl" = { };
systemPackages = with pkgs; [ sbctl ];
};
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
};
}

View File

@@ -1,9 +1,4 @@
{ { config, pkgs, ... }:
config,
lib,
pkgs,
...
}:
{ {
virtualisation = { virtualisation = {
libvirtd = { libvirtd = {

View File

@@ -0,0 +1,17 @@
{ lib, ... }:
{
options.networking =
with lib;
with types;
{
publicIPv4 = mkOption {
type = nullOr str;
description = "The public IPv4 address of this device.";
};
publicIPv6 = mkOption {
type = nullOr str;
description = "The public IPv6 address of this device.";
};
};
}

View File

@@ -4,6 +4,7 @@ _nix-install_completion() {
'-m[Mode: 'install' or 'repair']:mode:(install repair)' '-m[Mode: 'install' or 'repair']:mode:(install repair)'
'-h[Host to configure]:host:($(_list_hosts))' '-h[Host to configure]:host:($(_list_hosts))'
'-k[Key file to copy to user config]:key:($(_list_keys))' '-k[Key file to copy to user config]:key:($(_list_keys))'
'-s[Enroll secure boot keys on current device]'
'-c[Copy configuration to target]' '-c[Copy configuration to target]'
'-r[Reboot after completion]' '-r[Reboot after completion]'
) )
@@ -17,8 +18,8 @@ _nix-install_completion() {
_list_keys() { _list_keys() {
local flake="$(realpath ${words[2]})" local flake="$(realpath ${words[2]})"
if [[ -d "$flake/secrets" ]]; then if [[ -d "$flake/submodules/secrets/domains" ]]; then
find "$flake/secrets" -type f -name 'key.txt' | sed -E 's|^.*/secrets/([^/]+)/key.txt$|\1|' | sort -u find "$flake/submodules/secrets/domains" -type f -name 'key.txt' | sed -E 's|^.*/submodules/secrets/domains/([^/]+)/key.txt$|\1|' | sort -u
fi fi
} }

View File

@@ -1,13 +1,14 @@
# shellcheck shell=bash # shellcheck shell=bash
usage() { usage() {
echo "Usage: $0 flake -m install|repair -h host [-k key] [-p password_file] [-c] [-r]" echo "Usage: $0 flake -m install|repair -h host [-k key] [-p password_file] [-s] [-c] [-r]"
echo echo
echo "Options:" echo "Options:"
echo " flake Directory containing the flake.nix file." echo " flake Directory containing the flake.nix file."
echo " -m mode Mode: 'install' or 'repair'." echo " -m mode Mode: 'install' or 'repair'."
echo " -h host Host to configure." echo " -h host Host to configure."
echo " -k key Key file to copy to user config." echo " -k key Key file to copy to user config."
echo " -s Enroll secure boot keys on current device."
echo " -c Copy configuration to target." echo " -c Copy configuration to target."
echo " -r Reboot after completion." echo " -r Reboot after completion."
exit 1 exit 1
@@ -35,23 +36,24 @@ check_flake() {
} }
check_host() { check_host() {
if ! nix flake show --quiet --json "$flake" 2>/dev/null | jq -e ".nixosConfigurations[\"$host\"]" &>/dev/null; then if ! nix flake show --allow-import-from-derivation --quiet --json "$flake" 2>/dev/null | jq -e ".nixosConfigurations[\"$host\"]" &>/dev/null; then
echo "Host '$host' not found in flake." echo "Host '$host' not found in flake."
exit 1 exit 1
fi fi
} }
check_key() { check_key() {
if [[ -n "$key" ]] && [[ ! -f "$flake/secrets/$key/key.txt" ]]; then if [[ -n "$key" ]] && [[ ! -f "$flake/submodules/secrets/domains/$key/key.txt" ]]; then
echo "Key '$key' not found." echo "Key '$key' not found."
exit 1 exit 1
fi fi
} }
set_password_file() { set_password_file() {
SOPS_AGE_KEY_FILE="$flake/secrets/$key/key.txt" SOPS_AGE_KEY_FILE="$flake/submodules/secrets/domains/$key/key.txt"
export SOPS_AGE_KEY_FILE export SOPS_AGE_KEY_FILE
sops --decrypt --extract "['luks']" "$flake/hosts/$host/secrets/secrets.yaml" > /tmp/keyfile install -m 600 /dev/null /tmp/keyfile
sops --decrypt --extract "['luks']" "$flake/submodules/secrets/hosts/$host/secrets.yaml" > /tmp/keyfile
unset SOPS_AGE_KEY_FILE unset SOPS_AGE_KEY_FILE
} }
@@ -62,9 +64,9 @@ prepare_disk() {
disko -m "$disko_mode" --yes-wipe-all-disks --root-mountpoint "$root" "$flake/hosts/$host/format.nix" disko -m "$disko_mode" --yes-wipe-all-disks --root-mountpoint "$root" "$flake/hosts/$host/format.nix"
} }
copy_keys() { copy_sops_keys() {
mkdir -p "$root/persist/state/etc/ssh" mkdir -p "$root/persist/state/etc/ssh"
cp -f "$flake/hosts/$host/secrets/ssh_host_ed25519_key" "$root/persist/state/etc/ssh/ssh_host_ed25519_key" cp -f "$flake/submodules/secrets/hosts/$host/ssh_host_ed25519_key" "$root/persist/state/etc/ssh/ssh_host_ed25519_key"
for path in "$flake/hosts/$host/users"/*; do for path in "$flake/hosts/$host/users"/*; do
if [[ -z "$key" ]]; then if [[ -z "$key" ]]; then
@@ -75,7 +77,7 @@ copy_keys() {
user=$(basename "$path") user=$(basename "$path")
mkdir -p "$root/persist/state/home/$user/.config/sops-nix" mkdir -p "$root/persist/state/home/$user/.config/sops-nix"
cp -f "$flake/secrets/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt" cp -f "$flake/submodules/secrets/domains/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt"
owner=$(cat "$flake/hosts/$host/users/$user/uid") owner=$(cat "$flake/hosts/$host/users/$user/uid")
group=100 group=100
@@ -87,26 +89,46 @@ copy_keys() {
done done
} }
install() { copy_secure_boot_keys() {
mkdir -p "$root/persist/state/var/lib/sbctl/keys"/{db,KEK,PK}
SOPS_AGE_KEY_FILE="$flake/submodules/secrets/domains/$key/key.txt"
export SOPS_AGE_KEY_FILE
sops --decrypt --extract "['guid']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/GUID"
sops --decrypt --extract "['keys']['kek']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.key"
sops --decrypt --extract "['keys']['kek']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/KEK/KEK.pem"
sops --decrypt --extract "['keys']['pk']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.key"
sops --decrypt --extract "['keys']['pk']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/PK/PK.pem"
sops --decrypt --extract "['keys']['db']['key']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.key"
sops --decrypt --extract "['keys']['db']['pem']" "$flake/submodules/secrets/domains/lanzaboote/secrets.yaml" > "$root/persist/state/var/lib/sbctl/keys/db/db.pem"
chmod 400 "$root/persist/state/var/lib/sbctl/keys"/*/*
unset SOPS_AGE_KEY_FILE
mkdir -p "$root/var/lib/sbctl"
mount --bind -o X-fstrim.notrim,x-gvfs-hide "$root/persist/state/var/lib/sbctl" "$root/var/lib/sbctl"
}
install_nixos() {
nixos-install --root "$root" --flake "$flake#$host" --no-root-passwd nixos-install --root "$root" --flake "$flake#$host" --no-root-passwd
} }
enroll_secure_boot() {
sbctl enroll-keys --microsoft
}
copy_config() { copy_config() {
echo "Copying configuration..." echo "Copying configuration..."
mkdir -p "$root/persist/user/etc/nixos" mkdir -p "$root/persist/user/etc"
rm -rf "$root/persist/user/etc/nixos" rm -rf "$root/persist/user/etc/nixos"
cp -r "$flake" "$root/persist/user/etc/nixos" cp -r "$flake" "$root/persist/user/etc/nixos"
} }
finish() {
echo "Rebooting system..."
trap - EXIT
cleanup
reboot
}
cleanup() { cleanup() {
rm -f /tmp/keyfile rm -f /tmp/keyfile
if [[ -d "$root" ]]; then umount "$root/var/lib/sbctl"; fi
if [[ -n "$host" ]]; then disko -m "unmount" "$flake/hosts/$host/format.nix"; fi if [[ -n "$host" ]]; then disko -m "unmount" "$flake/hosts/$host/format.nix"; fi
if [[ -d "$root" ]]; then rmdir "$root"; fi if [[ -d "$root" ]]; then rmdir "$root"; fi
} }
@@ -124,14 +146,16 @@ main() {
mode="" mode=""
host="" host=""
key="" key=""
enroll_secure_boot_flag="false"
copy_config_flag="false" copy_config_flag="false"
reboot_flag="false" reboot_flag="false"
while getopts "m:h:k:cr" opt; do while getopts "m:h:k:scr" opt; do
case "$opt" in case "$opt" in
m) mode="$OPTARG" ;; m) mode="$OPTARG" ;;
h) host="$OPTARG" ;; h) host="$OPTARG" ;;
k) key="$OPTARG" ;; k) key="$OPTARG" ;;
s) enroll_secure_boot_flag="true" ;;
c) copy_config_flag="true" ;; c) copy_config_flag="true" ;;
r) reboot_flag="true" ;; r) reboot_flag="true" ;;
*) usage ;; *) usage ;;
@@ -153,10 +177,17 @@ main() {
;; ;;
esac esac
copy_keys copy_sops_keys
install copy_secure_boot_keys
install_nixos
[[ "$enroll_secure_boot_flag" == "true" ]] && enroll_secure_boot
[[ "$copy_config_flag" == "true" ]] && copy_config [[ "$copy_config_flag" == "true" ]] && copy_config
[[ "$reboot_flag" == "true" ]] && finish
cleanup
[[ "$reboot_flag" == "true" ]] && reboot
} }
main "$@" main "$@"

View File

@@ -1,12 +1,4 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
nixpkgs.overlays = [
(final: prev: {
nix-update = prev.nix-update.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./source-attribute.patch ];
});
})
];
environment.systemPackages = with pkgs; [ nix-update ]; environment.systemPackages = with pkgs; [ nix-update ];
} }

View File

@@ -1,127 +0,0 @@
diff --git a/nix_update/__init__.py b/nix_update/__init__.py
index 89bbe45..93f9322 100644
--- a/nix_update/__init__.py
+++ b/nix_update/__init__.py
@@ -124,6 +124,12 @@ def parse_args(args: list[str]) -> Options:
default=[],
)
+ parser.add_argument(
+ "--src-attr",
+ help="Src attribute",
+ default="src",
+ )
+
a = parser.parse_args(args)
extra_flags = ["--extra-experimental-features", "flakes nix-command"]
if a.system:
@@ -146,6 +152,7 @@ def parse_args(args: list[str]) -> Options:
version=a.version,
version_preference=VersionPreference.from_str(a.version),
attribute=a.attribute,
+ source_attribute=a.src_attr,
test=a.test,
version_regex=a.version_regex,
review=a.review,
diff --git a/nix_update/eval.py b/nix_update/eval.py
index 1767056..f85ea69 100644
--- a/nix_update/eval.py
+++ b/nix_update/eval.py
@@ -105,12 +105,19 @@ class Package:
def eval_expression(
escaped_import_path: str,
attr: str,
+ source_attr: str,
flake: bool,
system: str | None,
override_filename: str | None,
) -> str:
system = f'"{system}"' if system else "builtins.currentSystem"
+ source_attrs = source_attr.rpartition(".")
+ source_attr_last = source_attrs[-1] or source_attr
+ source_attr_all_but_last = (
+ f".{source_attrs[0]}" if source_attr_last != source_attr else ""
+ )
+
if flake:
sanitize_position = (
f"""
@@ -164,8 +171,8 @@ let
raw_version_position
else if pkg ? isPhpExtension then
raw_version_position
- else if (builtins.unsafeGetAttrPos "src" pkg) != null then
- sanitizePosition (builtins.unsafeGetAttrPos "src" pkg)
+ else if (builtins.unsafeGetAttrPos "{source_attr_last}" pkg) != null then
+ sanitizePosition (builtins.unsafeGetAttrPos "{source_attr_last}" pkg{source_attr_all_but_last})
else
sanitizePosition (positionFromMeta pkg);
in {{
@@ -174,11 +181,11 @@ in {{
inherit raw_version_position;
filename = position.file;
line = position.line;
- urls = pkg.src.urls or null;
- url = pkg.src.url or null;
- rev = pkg.src.rev or null;
- tag = pkg.src.tag or null;
- hash = pkg.src.outputHash or null;
+ urls = pkg.{source_attr}.urls or null;
+ url = pkg.{source_attr}.url or null;
+ rev = pkg.{source_attr}.rev or null;
+ tag = pkg.{source_attr}.tag or null;
+ hash = pkg.{source_attr}.outputHash or null;
go_modules = pkg.goModules.outputHash or null;
go_modules_old = pkg.go-modules.outputHash or null;
cargo_deps = pkg.cargoDeps.outputHash or null;
@@ -205,7 +212,7 @@ in {{
mix_deps = pkg.mixFodDeps.outputHash or null;
tests = builtins.attrNames (pkg.passthru.tests or {{}});
has_update_script = {has_update_script};
- src_homepage = pkg.src.meta.homepage or null;
+ src_homepage = pkg.{source_attr}.meta.homepage or null;
changelog = pkg.meta.changelog or null;
maintainers = pkg.meta.maintainers or null;
}}"""
@@ -215,6 +222,7 @@ def eval_attr(opts: Options) -> Package:
expr = eval_expression(
opts.escaped_import_path,
opts.escaped_attribute,
+ opts.source_attribute,
opts.flake,
opts.system,
opts.override_filename,
diff --git a/nix_update/options.py b/nix_update/options.py
index 2d07b77..ab5c305 100644
--- a/nix_update/options.py
+++ b/nix_update/options.py
@@ -8,6 +8,7 @@ from .version.version import VersionPreference
@dataclass
class Options:
attribute: str
+ source_attribute: str = "src"
flake: bool = False
version: str = "stable"
version_preference: VersionPreference = VersionPreference.STABLE
@@ -33,4 +34,7 @@ class Options:
def __post_init__(self) -> None:
self.escaped_attribute = ".".join(map(json.dumps, self.attribute.split(".")))
+ self.escaped_source_attribute = ".".join(
+ map(json.dumps, self.source_attribute.split("."))
+ )
self.escaped_import_path = json.dumps(self.import_path)
diff --git a/nix_update/update.py b/nix_update/update.py
index 82b7bc5..464bf3d 100644
--- a/nix_update/update.py
+++ b/nix_update/update.py
@@ -155,7 +155,7 @@ def git_prefetch(x: tuple[str, tuple[str, str]]) -> tuple[str, str]:
def update_src_hash(opts: Options, filename: str, current_hash: str) -> None:
- target_hash = nix_prefetch(opts, "src")
+ target_hash = nix_prefetch(opts, opts.source_attribute)
replace_hash(filename, current_hash, target_hash)

View File

@@ -1,29 +1,52 @@
{ config, inputs, ... }: {
config,
inputs,
lib,
...
}:
{ {
sops = { sops = {
secrets = { secrets = {
"git/credentials/github.com/public/username".sopsFile = "git/credentials/github.com/tokens/public".sopsFile =
../../../../../secrets/personal/secrets.yaml; "${inputs.secrets}/domains/personal/secrets.yaml";
"git/credentials/github.com/public/password".sopsFile =
../../../../../secrets/personal/secrets.yaml; "nix/cache/nix.karaolidis.com".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
}; };
templates.nix-access-tokens = { templates = {
content = '' nix-access-tokens = {
access-tokens = github.com=${config.sops.placeholder."git/credentials/github.com/public/password"} content = ''
''; access-tokens = github.com=${config.sops.placeholder."git/credentials/github.com/tokens/public"}
group = "users"; '';
group = "users";
mode = "0440";
};
nix-netrc = {
content = ''
machine nix.karaolidis.com
password ${config.sops.placeholder."nix/cache/nix.karaolidis.com"}
'';
group = "users";
mode = "0440";
};
}; };
}; };
nix = { nix = {
settings = { settings = {
trusted-users = lib.mkAfter [ "@wheel" ];
use-xdg-base-directories = true; use-xdg-base-directories = true;
experimental-features = [ experimental-features = [
"nix-command" "nix-command"
"flakes" "flakes"
]; ];
download-buffer-size = 524288000; download-buffer-size = 524288000;
substituters = lib.mkBefore [ "https://nix.karaolidis.com/main" ];
trusted-public-keys = lib.mkBefore [
"nix.karaolidis.com:1yz1tIVLGDEOFC1p/uYtR4Sx+nIbdYDqsDv4kkV0uyk="
];
netrc-file = config.sops.templates.nix-netrc.path;
}; };
channel.enable = false; channel.enable = false;

View File

@@ -1,7 +1,5 @@
{ inputs, system, ... }: { system, ... }:
{ {
imports = [ inputs.nur.modules.nixos.default ];
nixpkgs = { nixpkgs = {
hostPlatform = system; hostPlatform = system;
config.allowUnfree = true; config.allowUnfree = true;

View File

@@ -10,7 +10,10 @@
storage.settings.storage.driver = "btrfs"; storage.settings.storage.driver = "btrfs";
}; };
quadlet.autoEscape = true; quadlet = {
enable = true;
autoEscape = true;
};
}; };
environment = { environment = {

View File

@@ -4,4 +4,9 @@
smartmontools smartmontools
nvme-cli nvme-cli
]; ];
services.smartd = {
enable = true;
defaults.autodetected = "-a -o on -n idle,10 -s (S/../.././02|L/../../7/04)";
};
} }

View File

@@ -18,7 +18,7 @@
}; };
sops = { sops = {
defaultSopsFile = ../../../../. + "/${config.networking.hostName}/secrets/secrets.yaml"; defaultSopsFile = "${inputs.secrets}/hosts/${config.networking.hostName}/secrets.yaml";
age = { age = {
generateKey = true; generateKey = true;

View File

@@ -1,4 +0,0 @@
{ ... }:
{
programs.ssh.startAgent = true;
}

View File

@@ -1,22 +1,22 @@
{ ... }: { inputs, ... }:
{ {
programs.ssh.knownHosts = { programs.ssh.knownHosts = {
installer.publicKeyFile = ../../../../installer/secrets/ssh_host_ed25519_key.pub; installer.publicKeyFile = "${inputs.secrets}/hosts/installer/ssh_host_ed25519_key.pub";
elara.publicKeyFile = ../../../../elara/secrets/ssh_host_ed25519_key.pub; elara.publicKeyFile = "${inputs.secrets}/hosts/elara/ssh_host_ed25519_key.pub";
himalia.publicKeyFile = ../../../../himalia/secrets/ssh_host_ed25519_key.pub; himalia.publicKeyFile = "${inputs.secrets}/hosts/himalia/ssh_host_ed25519_key.pub";
jupiter = { jupiter = {
publicKeyFile = ../../../../jupiter/secrets/ssh_host_ed25519_key.pub; publicKeyFile = "${inputs.secrets}/hosts/jupiter/ssh_host_ed25519_key.pub";
extraHostNames = [ "karaolidis.com" ]; extraHostNames = [ "karaolidis.com" ];
}; };
jupiter-sish = { jupiter-sish = {
publicKeyFile = ../../../../jupiter/users/storm/configs/console/podman/sish/ssh_host_ed25519_key.pub; publicKeyFile = "${inputs.secrets}/hosts/jupiter/ssh_sish_ed25519_key.pub";
extraHostNames = [ "karaolidis.com" ]; extraHostNames = [ "tunnel.karaolidis.com" ];
}; };
jupiter-vps = { jupiter-vps = {
publicKeyFile = ../../../../jupiter-vps/secrets/ssh_host_ed25519_key.pub; publicKeyFile = "${inputs.secrets}/hosts/jupiter-vps/ssh_host_ed25519_key.pub";
extraHostNames = [ "vps.karaolidis.com" ]; extraHostNames = [ "vps.karaolidis.com" ];
}; };
}; };

View File

@@ -1,27 +1,12 @@
{ ... }: { pkgs, ... }:
{ {
environment = { environment.systemPackages = with pkgs; [ kitty.terminfo ];
enableAllTerminfo = true;
persistence."/persist/state"."/var/lib/fail2ban" = { };
};
services = { services.openssh = {
openssh = { enable = true;
enable = true; settings = {
settings = { PasswordAuthentication = false;
PasswordAuthentication = false; PrintMotd = false;
PrintMotd = false;
};
};
fail2ban = {
enable = true;
bantime = "24h";
bantime-increment = {
enable = true;
maxtime = "720h";
overalljails = true;
};
}; };
}; };
} }

View File

@@ -1,10 +0,0 @@
{ ... }:
{
programs.tmux = {
enable = true;
clock24 = true;
historyLimit = 10000;
keyMode = "vi";
newSession = true;
};
}

View File

@@ -1,17 +1,6 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
nixpkgs.overlays = [
(final: prev: {
android-tools = prev.android-tools.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./env-var-user-home.patch ];
});
})
];
programs.adb.enable = true; programs.adb.enable = true;
services.gvfs.enable = true; services.gvfs.enable = true;

View File

@@ -0,0 +1,33 @@
{ user, home }:
{
config,
inputs,
pkgs,
...
}:
let
hmConfig = config.home-manager.users.${user};
in
{
home-manager.users.${user} = {
sops = {
secrets."nix/cache/nix.karaolidis.com".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
templates.attic = {
content = builtins.readFile (
(pkgs.formats.toml { }).generate "config.toml" {
default-server = "main";
servers."main" = {
endpoint = "https://nix.karaolidis.com/";
token = hmConfig.sops.placeholder."nix/cache/nix.karaolidis.com";
};
}
);
path = "${home}/.config/attic/config.toml";
};
};
home.packages = with pkgs; [ attic-client ];
};
}

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ lib, pkgs, ... }: { lib, pkgs, ... }:
{ {
users.users.${user}.extraGroups = [ users.users.${user}.extraGroups = [

View File

@@ -1,20 +1,34 @@
{ user, home }:
{ lib, pkgs, ... }:
{ {
user ? throw "user argument is required", home-manager.users.${user} = {
home ? throw "home argument is required", programs.btop = {
}: enable = true;
{ ... }: settings = {
{ color_theme = "matugen";
home-manager.users.${user}.programs.btop = { theme_background = false;
enable = true; presets = "";
settings = { vim_keys = true;
theme_background = false; shown_boxes = "cpu mem net proc gpu0 gpu1";
presets = ""; update_ms = 1000;
vim_keys = true; proc_tree = true;
shown_boxes = "cpu mem net proc gpu0 gpu1"; cpu_single_graph = true;
update_ms = 1000; disks_filter = "/ /nix /persist";
proc_tree = true; };
cpu_single_graph = true; };
disks_filter = "/ /nix /persist";
theme = {
template.".config/btop/themes/matugen.theme".source = ./theme.theme;
reloadExtraConfig = "${
lib.meta.getExe (
pkgs.writeShellApplication {
name = "reload-btop";
runtimeInputs = with pkgs; [ procps ];
text = "exec pkill btop -SIGUSR2";
}
)
} &";
}; };
}; };
} }

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
config, config,
lib, lib,

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }: { ... }:
{ {
home-manager.users.${user}.programs.fastfetch.enable = true; home-manager.users.${user}.programs.fastfetch.enable = true;

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user}.home.packages = with pkgs; [ home-manager.users.${user}.home.packages = with pkgs; [

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
config, config,
lib, lib,
@@ -44,5 +41,41 @@ in
); );
}; };
}; };
home = {
packages = with pkgs; [
(pkgs.writeShellApplication {
name = "gh";
runtimeInputs = with pkgs; [ gh ];
text = builtins.readFile ./gh.sh;
})
(pkgs.writeShellApplication {
name = "glab";
runtimeInputs = with pkgs; [ glab ];
text = builtins.readFile ./glab.sh;
})
(pkgs.writeShellApplication {
name = "tea";
runtimeInputs = with pkgs; [ tea ];
text = builtins.readFile ./tea.sh;
})
];
sessionVariables = {
GITEA_HOST = "git.karaolidis.com";
GITEA_SSH_HOST = "karaolidis.com";
};
};
xdg.configFile = {
"gh/config.yml".source = (pkgs.formats.yaml { }).generate "config.yml" {
version = 1;
git_protocol = "ssh";
};
"glab-cli/config.yml".source = (pkgs.formats.yaml { }).generate "config.yml" {
git_protocol = "ssh";
};
};
}; };
} }

View File

@@ -0,0 +1,8 @@
# shellcheck shell=bash
GH_HOST="${GH_HOST:-github.com}"
GH_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GH_HOST}#\1#p" "$HOME/.config/git/credentials")
export GH_TOKEN
exec gh "$@"

View File

@@ -0,0 +1,8 @@
# shellcheck shell=bash
GITLAB_HOST="${GITLAB_HOST:-gitlab.com}"
GITLAB_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GITLAB_HOST}#\1#p" "$HOME/.config/git/credentials")
export GITLAB_TOKEN
exec glab "$@"

View File

@@ -0,0 +1,13 @@
# shellcheck shell=bash
GITEA_HOST="${GITEA_HOST:-gitea.com}"
GITEA_SSH_HOST="${GITEA_SSH_HOST:-gitea.com}"
GITEA_TOKEN=$(sed -n "s#https://[^:]*:\([^@]*\)@${GITEA_HOST}#\1#p" "$HOME/.config/git/credentials")
GITEA_INSTANCE_URL="https://${GITEA_HOST}"
GITEA_INSTANCE_SSH_HOST="$GITEA_SSH_HOST"
export GITEA_TOKEN
export GITEA_INSTANCE_URL
export GITEA_INSTANCE_SSH_HOST
exec tea "$@"

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
config, config,
lib, lib,
@@ -23,6 +20,10 @@
enable = true; enable = true;
defaultCacheTtl = 31536000; defaultCacheTtl = 31536000;
maxCacheTtl = 31536000; maxCacheTtl = 31536000;
pinentry = {
package = pkgs.pinentry-all;
program = "pinentry-tty";
};
}; };
systemd.user = { systemd.user = {

View File

@@ -1,8 +1,10 @@
{ user, home }:
{ {
user ? throw "user argument is required", config,
home ? throw "home argument is required", inputs,
lib,
...
}: }:
{ config, inputs, ... }:
{ {
imports = [ inputs.home-manager.nixosModules.default ]; imports = [ inputs.home-manager.nixosModules.default ];
@@ -18,10 +20,16 @@
home.stateVersion = "24.11"; home.stateVersion = "24.11";
systemd.user.startServices = true; systemd.user.startServices = true;
nix.settings.experimental-features = [ nix.settings = {
"nix-command" inherit (config.nix.settings)
"flakes" use-xdg-base-directories
]; experimental-features
download-buffer-size
substituters
trusted-public-keys
netrc-file
;
};
}; };
}; };
} }

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user}.home.packages = with pkgs; [ imagemagick ]; home-manager.users.${user}.home.packages = with pkgs; [ imagemagick ];

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user}.home.packages = with pkgs; [ home-manager.users.${user}.home.packages = with pkgs; [

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }: { ... }:
{ {
home-manager.users.${user}.programs.jq.enable = true; home-manager.users.${user}.programs.jq.enable = true;

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
config, config,
lib, lib,

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user}.dconf.settings = { home-manager.users.${user}.dconf.settings = {

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user}.home.packages = with pkgs; [ lsof ]; home-manager.users.${user}.home.packages = with pkgs; [ lsof ];

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user}.home.packages = with pkgs; [ mprocs ]; home-manager.users.${user}.home.packages = with pkgs; [ mprocs ];

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user} = { home-manager.users.${user} = {

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ lib, pkgs, ... }: { lib, pkgs, ... }:
{ {
environment.persistence = { environment.persistence = {

View File

@@ -3,6 +3,9 @@ volnorm = true
default_keybindings = true default_keybindings = true
library_tabs = [ "albums", "artists", "playlists", "browse" ] library_tabs = [ "albums", "artists", "playlists", "browse" ]
[keybindings]
"Esc" = "back"
[theme] [theme]
background = "{{colors.surface.default.hex}}" background = "{{colors.surface.default.hex}}"
primary = "{{colors.on_surface.default.hex}}" primary = "{{colors.on_surface.default.hex}}"

View File

@@ -1,25 +1,299 @@
{ user, home }:
{ {
user ? throw "user argument is required", inputs,
home ? throw "home argument is required", lib,
pkgs,
...
}: }:
{ ... }:
{ {
home-manager.users.${user}.programs = { environment.persistence = {
neovim = { "/persist/state"."${home}/.local/share/nvf" = { };
enable = true; "/persist/cache"."${home}/.cache/nvf" = { };
defaultEditor = true; };
viAlias = true;
vimAlias = true;
vimdiffAlias = true;
extraConfig = ''
set tabstop=2
set shiftwidth=2
set expandtab
set smartindent
set mouse=
'';
};
zsh.p10k.extraRightPromptElements = [ "vim_shell" ]; home-manager.users.${user} = {
imports = [ inputs.nvf.homeManagerModules.default ];
programs = {
nvf = {
enable = true;
defaultEditor = true;
settings = {
vim = {
enableLuaLoader = true;
viAlias = true;
vimAlias = true;
autocomplete = {
blink-cmp.enable = true;
};
binds = {
# hardtime-nvim.enable = true;
whichKey.enable = true;
};
clipboard = {
enable = true;
providers.wl-copy.enable = true;
registers = "unnamedplus";
};
comments = {
comment-nvim.enable = true;
};
# dashboard = {
# alpha.enable = true;
# };
filetree = {
neo-tree = {
enable = true;
setupOpts = {
git_status_async = true;
window.mappings = lib.generators.mkLuaInline ''
{
["<space>"] = "noop",
}
'';
};
};
};
# formatter = {
# conform-nvim.enable = true;
# };
git = {
enable = true;
# git-conflict.enable = true;
gitsigns.enable = true;
# neogit.enable = true;
};
languages = {
enableDAP = true;
enableFormat = true;
enableTreesitter = true;
enableExtraDiagnostics = true;
assembly.enable = true;
bash.enable = true;
clang.enable = true;
csharp.enable = true;
css.enable = true;
go.enable = true;
html.enable = true;
java.enable = true;
lua.enable = true;
markdown.enable = true;
nix = {
enable = true;
format.type = "nixfmt";
lsp.options.nil = {
nix = {
maxMemoryMB = null;
flake = {
autoArchive = true;
autoEvalInputs = true;
};
};
};
};
php.enable = true;
python.enable = true;
rust.enable = true;
sql.enable = true;
svelte.enable = true;
ts.enable = true;
yaml.enable = true;
};
lsp = {
enable = true;
formatOnSave = true;
# nvim-docs-view.enable = true;
# otter-nvim.enable = true;
# trouble.enable = true;
};
# minimap = {
# codewindow.enable = true;
# };
notify = {
nvim-notify.enable = true;
};
options = {
tabstop = 2;
shiftwidth = 2;
expandtab = true;
smartindent = true;
};
# projects = {
# project-nvim.enable = true;
# };
searchCase = "smart";
# snippets = {
# luasnip.enable = true;
# };
tabline = {
nvimBufferline = {
enable = true;
mappings.closeCurrent = "<leader>bd";
setupOpts.options = {
indicator.style = "icon";
show_close_icon = false;
show_buffer_close_icons = false;
};
};
};
telescope = {
enable = true;
setupOpts.defaults.file_ignore_patterns = [
"node_modules"
"%.venv/"
"%.git/"
"dist/"
"build/"
"target/"
"result/"
];
};
terminal = {
toggleterm = {
enable = true;
setupOpts.winbar.enabled = false;
};
};
treesitter = {
enable = true;
context.enable = true;
fold = true;
textobjects.enable = true;
};
ui = {
# breadcrumbs = {
# enable = true;
# navbuddy.enable = true;
# };
colorizer.enable = true;
# fastaction.enable = true;
# illuminate.enable = true;
};
undoFile.enable = true;
utility = {
# diffview-nvim.enable = true;
# icon-picker.enable = true;
# images = {
# img-clip.enable = true;
# };
# mkdir.enable = true;
motion = {
precognition.enable = true;
};
# nvim-biscuits.enable = true;
# smart-splits.enable = true;
surround.enable = true;
# undotree.enable = true;
# yazi-nvim.enable = true;
};
visuals = {
# cinnamon-nvim.enable = true;
# fidget-nvim.enable = true;
# highlight-undo.enable = true;
indent-blankline.enable = true;
nvim-cursorline.enable = true;
# nvim-scrollbar.enable = true;
nvim-web-devicons.enable = true;
};
keymaps = [
{
mode = [ "n" ];
key = "<C-b>";
action = "<C-b>zz";
silent = true;
noremap = true;
desc = "Page up and center";
}
{
mode = [ "n" ];
key = "<C-u>";
action = "<C-u>zz";
silent = true;
noremap = true;
desc = "Half-page up and center";
}
{
mode = [ "n" ];
key = "<C-d>";
action = "<C-d>zz";
silent = true;
noremap = true;
desc = "Half-page down and center";
}
{
mode = [ "n" ];
key = "<C-f>";
action = "<C-f>zz";
silent = true;
noremap = true;
desc = "Page down and center";
}
{
mode = [ "n" ];
key = "<leader>ww";
action = "<cmd>w<CR>";
silent = true;
desc = "Save";
}
{
mode = [ "n" ];
key = "<leader>wq";
action = "<cmd>wq<CR>";
silent = true;
desc = "Save & Quit";
}
{
mode = [ "n" ];
key = "<leader>ee";
action = "<cmd>Neotree toggle<CR>";
silent = true;
desc = "Toggle Neo-tree";
}
{
mode = [ "n" ];
key = "<leader>ef";
action = "<cmd>Neotree reveal<CR>";
silent = true;
desc = "Reveal file in Neo-tree";
}
];
};
};
};
zsh = {
p10k.extraRightPromptElements = [ "vim_shell" ];
shellAliases.v = "nvim";
};
};
}; };
} }

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }: { ... }:
{ {
home-manager.users.${user}.programs.zsh.shellAliases.ncl = "sudo nix-cleanup"; home-manager.users.${user}.programs.zsh.shellAliases.ncl = "sudo nix-cleanup";

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
lib, lib,
inputs, inputs,

View File

@@ -1,42 +1,31 @@
{ {
inputs = { inputs = {
nixpkgs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
type = "github";
owner = "karaolidis";
repo = "nixpkgs";
ref = "integration";
};
flake-utils = {
type = "github";
owner = "numtide";
repo = "flake-utils";
ref = "main";
};
treefmt-nix = { treefmt-nix = {
type = "github"; url = "github:numtide/treefmt-nix";
owner = "numtide";
repo = "treefmt-nix";
ref = "main";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
outputs = outputs =
{ self, nixpkgs, ... }@inputs: inputs:
inputs.flake-utils.lib.eachDefaultSystem ( (
system:
let let
pkgs = nixpkgs.legacyPackages.${system}; system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
config.allowUnfree = true;
};
treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix; treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
in in
{ {
devShells.default = pkgs.mkShell { packages = with pkgs; [ ]; }; devShells.${system}.default = pkgs.mkShell { packages = with pkgs; [ ]; };
formatter = treefmt.config.build.wrapper; formatter.${system} = treefmt.config.build.wrapper;
checks.formatting = treefmt.config.build.check self; checks.formatting.${system} = treefmt.config.build.check inputs.self;
} }
); );
} }

View File

@@ -9,9 +9,5 @@
}; };
}; };
settings = { settings.global.excludes = [ ".envrc" ];
global = {
excludes = [ ".envrc" ];
};
};
} }

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
lib, lib,
pkgs, pkgs,

View File

@@ -1,13 +1,13 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
environment.persistence."/persist/cache"."${home}/.cache/nix" = { }; environment.persistence."/persist/cache"."${home}/.cache/nix" = { };
home-manager.users.${user} = { home-manager.users.${user} = {
home.packages = with pkgs; [ nurl ]; home.packages = with pkgs; [
nix-fast-build
nurl
];
programs.zsh.shellAliases = { programs.zsh.shellAliases = {
nrs = "sudo nixos-rebuild switch --flake .#$(hostname) --show-trace"; nrs = "sudo nixos-rebuild switch --flake .#$(hostname) --show-trace";

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user}.home.packages = with pkgs; [ ouch ]; home-manager.users.${user}.home.packages = with pkgs; [ ouch ];

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
environment.persistence."/persist/state"."${home}/.local/state/wireplumber" = { }; environment.persistence."/persist/state"."${home}/.local/state/wireplumber" = { };

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
lib, lib,
pkgs, pkgs,
@@ -19,7 +16,10 @@
settings.storage.storage.driver = "btrfs"; settings.storage.storage.driver = "btrfs";
}; };
virtualisation.quadlet.autoEscape = true; virtualisation.quadlet = {
enable = true;
autoEscape = true;
};
home = { home = {
packages = with pkgs; [ packages = with pkgs; [

View File

@@ -1,17 +1,20 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, inputs, ... }: { config, inputs, ... }:
{ {
environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt" = { }; environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt" = { };
home-manager.users.${user} = { home-manager.users.${user} =
imports = [ inputs.sops-nix.homeManagerModules.sops ]; let
sopsKeyFile =
if config.environment.impermanence.enable then
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source
else
"${home}/.config/sops-nix/key.txt";
in
{
imports = [ inputs.sops-nix.homeManagerModules.sops ];
sops.age.keyFile = sops.age.keyFile = sopsKeyFile;
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source; home.sessionVariables.SOPS_AGE_KEY_FILE = sopsKeyFile;
home.sessionVariables.SOPS_AGE_KEY_FILE = };
config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source;
};
} }

View File

@@ -1,11 +1,8 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }: { ... }:
{ {
home-manager.users.${user} = { home-manager.users.${user} = {
services.ssh-agent.enable = true; services.ssh-agent.enable = true;
programs.ssh.addKeysToAgent = "yes"; programs.ssh.matchBlocks."*".addKeysToAgent = "yes";
}; };
} }

View File

@@ -1,8 +1,9 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }: { ... }:
{ {
home-manager.users.${user}.programs.ssh.enable = true; home-manager.users.${user}.programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks."*".identitiesOnly = true;
};
} }

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, utils, ... }: { config, utils, ... }:
{ {
networking.firewall = { networking.firewall = {
@@ -17,11 +14,13 @@
"syncthing/key" = { "syncthing/key" = {
owner = user; owner = user;
group = "users"; group = "users";
mode = "0440";
}; };
# openssl req -new -x509 -key key.pem -out cert.pem -days 9999 -subj "/CN=syncthing" # openssl req -new -x509 -key key.pem -out cert.pem -days 9999 -subj "/CN=syncthing"
"syncthing/cert" = { "syncthing/cert" = {
owner = user; owner = user;
group = "users"; group = "users";
mode = "0440";
}; };
}; };

View File

@@ -1,8 +0,0 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }:
{
home-manager.users.${user}.programs.tmux.enable = true;
}

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user}.home.packages = with pkgs; [ tree ]; home-manager.users.${user}.home.packages = with pkgs; [ tree ];

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.${user}.home.packages = with pkgs; [ wget ]; home-manager.users.${user}.home.packages = with pkgs; [ wget ];

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
environment.persistence."/persist/user" = { environment.persistence."/persist/user" = {

View File

@@ -1,18 +1,12 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
config, config,
lib, lib,
pkgs, pkgs,
inputs,
system,
... ...
}: }:
let let
hmConfig = config.home-manager.users.${user}; hmConfig = config.home-manager.users.${user};
selfPkgs = inputs.self.packages.${system};
in in
{ {
home-manager.users.${user} = { home-manager.users.${user} = {
@@ -27,19 +21,18 @@ in
}; };
opener = { opener = {
edit = edit = [
[ {
{ run = "${hmConfig.programs.nvf.finalPackage}/bin/nvim \"$@\"";
run = "${hmConfig.programs.neovim.finalPackage}/bin/nvim \"$@\""; desc = "nvim";
desc = "nvim"; block = true;
block = true; }
} ]
] ++ lib.lists.optional hmConfig.programs.vscode.enable {
++ lib.lists.optional hmConfig.programs.vscode.enable { run = "${hmConfig.programs.vscode.package}/bin/code \"$@\"";
run = "${hmConfig.programs.vscode.package}/bin/code \"$@\""; desc = "code";
desc = "code"; orphan = true;
orphan = true; };
};
open = [ open = [
{ {
run = "uwsm app -- xdg-open \"$1\""; run = "uwsm app -- xdg-open \"$1\"";
@@ -191,9 +184,8 @@ in
ouch ouch
mount mount
mediainfo mediainfo
custom-shell
; ;
custom-shell = selfPkgs.yazi-plugin-custom-shell;
}; };
}; };

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, ... }: { config, ... }:
{ {
home-manager.users.${user}.programs.yt-dlp = { home-manager.users.${user}.programs.yt-dlp = {

View File

@@ -0,0 +1,26 @@
{ user, home }:
{ ... }:
{
home-manager.users.${user} = {
programs.zellij = {
enable = true;
settings = {
theme = "matugen";
pane_frames = false;
copy_command = "wl-copy";
ui.pane_frames.hide_session_name = true;
pane_viewport_serialization = true;
scrollback_lines_to_serialize = 0;
show_startup_tips = false;
show_release_notes = false;
};
};
theme.template.".config/zellij/themes/matugen.kdl".source = ./theme.kdl;
};
}

View File

@@ -0,0 +1,128 @@
themes {
matugen {
text_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
}
text_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
ribbon_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface_container.default.red}} {{colors.surface_container.default.green}} {{colors.surface_container.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
ribbon_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
table_title {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
table_cell_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
table_cell_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
list_unselected {
base {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_1 {{colors.secondary.default.red}} {{colors.secondary.default.green}} {{colors.secondary.default.blue}}
emphasis_2 {{colors.tertiary.default.red}} {{colors.tertiary.default.green}} {{colors.tertiary.default.blue}}
emphasis_3 {{colors.on_surface.default.red}} {{colors.on_surface.default.green}} {{colors.on_surface.default.blue}}
}
list_selected {
base {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
background {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
emphasis_0 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_1 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_2 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
emphasis_3 {{colors.on_primary.default.red}} {{colors.on_primary.default.green}} {{colors.on_primary.default.blue}}
}
frame_unselected {
base {{colors.outline_variant.default.red}} {{colors.outline_variant.default.green}} {{colors.outline_variant.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
frame_selected {
base {{colors.primary.default.red}} {{colors.primary.default.green}} {{colors.primary.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
frame_highlight {
base {{colors.error.default.red}} {{colors.error.default.green}} {{colors.error.default.blue}}
background {{colors.surface.default.red}} {{colors.surface.default.green}} {{colors.surface.default.blue}}
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
exit_code_success {
base {{colors.success.default.red}} {{colors.success.default.green}} {{colors.success.default.blue}}
background 0
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
exit_code_error {
base {{colors.error.default.red}} {{colors.error.default.green}} {{colors.error.default.blue}}
background 0
emphasis_0 0
emphasis_1 0
emphasis_2 0
emphasis_3 0
}
multiplayer_user_colors {
player_1 0
player_2 0
player_3 0
player_4 0
player_5 0
player_6 0
player_7 0
player_8 0
player_9 0
player_10 0
}
}
}

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }: { ... }:
{ {
environment.persistence."/persist/state"."${home}/.local/share/zoxide" = { }; environment.persistence."/persist/state"."${home}/.local/share/zoxide" = { };

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
environment = { environment = {
@@ -14,7 +11,7 @@
home-manager.users.${user} = { home-manager.users.${user} = {
programs.zsh = { programs.zsh = {
enable = true; enable = true;
dotDir = ".config/zsh"; dotDir = "${home}/.config/zsh";
autocd = true; autocd = true;
history = { history = {
path = "${home}/.local/share/zsh/history"; path = "${home}/.local/share/zsh/history";

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ ... }: { ... }:
{ {
imports = [ ./options.nix ]; imports = [ ./options.nix ];

View File

@@ -1,6 +1,6 @@
import { App } from "astal/gtk3"; import app from "ags/gtk3/app";
import { monitorFile } from "astal/file"; import { exec } from "ags/process";
import { exec } from "astal/process"; import { monitorFile } from "ags/file";
import GLib from "gi://GLib"; import GLib from "gi://GLib";
import Left from "./widget/Left"; import Left from "./widget/Left";
import Center from "./widget/Center"; import Center from "./widget/Center";
@@ -12,15 +12,15 @@ const scss = `${HOME}/.config/astal/theme.sass`;
monitorFile(scss, () => { monitorFile(scss, () => {
exec(`sassc ${scss} ${css}`); exec(`sassc ${scss} ${css}`);
App.apply_css(css, true); app.apply_css(css, true);
}); });
exec(`sassc ${scss} ${css}`); exec(`sassc ${scss} ${css}`);
App.start({ app.start({
css, css,
main() { main() {
App.get_monitors().map((monitor) => { app.get_monitors().map((monitor) => {
Left(monitor); Left(monitor);
Center(monitor); Center(monitor);
Right(monitor); Right(monitor);

View File

@@ -1,8 +1,8 @@
import { Gdk } from "astal/gtk3"; import { Gdk } from "ags/gtk3";
import Hyprland from "gi://AstalHyprland"; import Hyprland from "gi://AstalHyprland";
export const range = (length: number, start = 1) => { export const range = (length: number, start = 1) => {
return Array.from({ length }, (n, i) => i + start); return Array.from({ length }, (_, i) => i + start);
}; };
export const getHyprlandMonitor = (gdkmonitor: Gdk.Monitor) => { export const getHyprlandMonitor = (gdkmonitor: Gdk.Monitor) => {

View File

@@ -1,6 +1,5 @@
{ {
"name": "astal-shell",
"dependencies": { "dependencies": {
"astal": "~/.local/share/ags" "ags": "*"
} }
} }

View File

@@ -1,12 +1,12 @@
{ {
"$schema": "https://json.schemastore.org/tsconfig", "$schema": "https://json.schemastore.org/tsconfig",
"compilerOptions": { "compilerOptions": {
"experimentalDecorators": true, "jsx": "react-jsx",
"strict": true, "jsxImportSource": "ags/gtk3",
"target": "ES2022", "lib": ["ES2023"],
"module": "ES2022", "module": "ES2022",
"moduleResolution": "Bundler", "moduleResolution": "Bundler",
"jsx": "react-jsx", "strict": true,
"jsxImportSource": "astal/gtk3" "target": "ES2020"
} }
} }

View File

@@ -1,17 +1,19 @@
import { App, Astal, Gtk, Gdk } from "astal/gtk3"; import { Astal, Gtk, Gdk } from "ags/gtk3";
import Date from "./components/Date"; import Date from "./components/Date";
import Hidden from "./components/Hidden"; import Hidden from "./components/Hidden";
import app from "ags/gtk3/app";
export default (monitor: Gdk.Monitor) => ( export default (monitor: Gdk.Monitor) => (
<window <window
className="root" visible
class="root"
gdkmonitor={monitor} gdkmonitor={monitor}
exclusivity={Astal.Exclusivity.IGNORE} exclusivity={Astal.Exclusivity.IGNORE}
anchor={Astal.WindowAnchor.TOP} anchor={Astal.WindowAnchor.TOP}
application={App} application={app}
> >
<Hidden> <Hidden>
<box className="widgets" hexpand halign={Gtk.Align.CENTER}> <box class="widgets" hexpand halign={Gtk.Align.CENTER}>
<Date /> <Date />
</box> </box>
</Hidden> </Hidden>

View File

@@ -1,21 +1,22 @@
import { App, Astal, Gtk, Gdk } from "astal/gtk3"; import { Astal, Gtk, Gdk } from "ags/gtk3";
import app from "ags/gtk3/app";
import Launcher from "./components/Launcher"; import Launcher from "./components/Launcher";
import Workspace from "./components/Workspaces"; import Workspace from "./components/Workspaces";
import Hidden from "./components/Hidden"; import Hidden from "./components/Hidden";
import { getHyprlandMonitor } from "../lib";
export default (monitor: Gdk.Monitor) => ( export default (monitor: Gdk.Monitor) => (
<window <window
className="root" visible
class="root"
gdkmonitor={monitor} gdkmonitor={monitor}
exclusivity={Astal.Exclusivity.IGNORE} exclusivity={Astal.Exclusivity.IGNORE}
anchor={Astal.WindowAnchor.TOP | Astal.WindowAnchor.LEFT} anchor={Astal.WindowAnchor.TOP | Astal.WindowAnchor.LEFT}
application={App} application={app}
> >
<Hidden> <Hidden>
<box className="widgets" hexpand halign={Gtk.Align.START}> <box class="widgets" hexpand halign={Gtk.Align.START}>
<Launcher /> <Launcher />
<Workspace monitor={getHyprlandMonitor(monitor)!} /> <Workspace gdkmonitor={monitor} />
</box> </box>
</Hidden> </Hidden>
</window> </window>

View File

@@ -1,18 +1,21 @@
import { App, Astal, Gtk, Gdk } from "astal/gtk3"; import { Astal, Gtk } from "ags/gtk3";
import app from "ags/gtk3/app";
import Gdk from "gi://Gdk";
import Systray from "./components/Tray"; import Systray from "./components/Tray";
import Hidden from "./components/Hidden"; import Hidden from "./components/Hidden";
import Battery from "./components/Battery"; import Battery from "./components/Battery";
export default (monitor: Gdk.Monitor) => ( export default (monitor: Gdk.Monitor) => (
<window <window
className="root" visible
class="root"
gdkmonitor={monitor} gdkmonitor={monitor}
exclusivity={Astal.Exclusivity.IGNORE} exclusivity={Astal.Exclusivity.IGNORE}
anchor={Astal.WindowAnchor.TOP | Astal.WindowAnchor.RIGHT} anchor={Astal.WindowAnchor.TOP | Astal.WindowAnchor.RIGHT}
application={App} application={app}
> >
<Hidden> <Hidden>
<box className="widgets" hexpand halign={Gtk.Align.END}> <box class="widgets" hexpand halign={Gtk.Align.END}>
<Systray /> <Systray />
<Battery /> <Battery />
</box> </box>

View File

@@ -1,4 +1,4 @@
import { bind, Variable } from "astal"; import { createBinding, createComputed } from "ags";
import AstalBattery from "gi://AstalBattery"; import AstalBattery from "gi://AstalBattery";
const battery = AstalBattery.get_default(); const battery = AstalBattery.get_default();
@@ -9,19 +9,19 @@ const formatTime = (seconds: number) =>
: "--:--"; : "--:--";
export default () => { export default () => {
const percentage = bind(battery, "percentage").as( const percentage = createBinding(battery, "percentage").as(
(p) => Math.round(p * 100) + "%", (p) => Math.round(p * 100) + "%",
); );
const charging = bind(battery, "charging"); const charging = createBinding(battery, "charging");
const timeToFull = bind(battery, "timeToFull"); const timeToFull = createBinding(battery, "timeToFull");
const timeToEmpty = bind(battery, "timeToEmpty"); const timeToEmpty = createBinding(battery, "timeToEmpty");
const time = Variable.derive( const time = createComputed(
[charging, timeToFull, timeToEmpty], [charging, timeToFull, timeToEmpty],
(charging, full, empty) => formatTime(charging ? full : empty), (charging, full, empty) => formatTime(charging ? full : empty),
); );
const label = Variable.derive( const label = createComputed(
[percentage, charging, time], [percentage, charging, time],
(percentage, charging, time) => { (percentage, charging, time) => {
const arrow = charging ? "▲" : "▼"; const arrow = charging ? "▲" : "▼";
@@ -30,8 +30,8 @@ export default () => {
); );
return ( return (
<button className="battery"> <button class="battery">
<label className="label" label={bind(label)} /> <label class="label" label={label} />
</button> </button>
); );
}; };

View File

@@ -1,21 +1,16 @@
import { bind, Variable } from "astal"; import { createPoll } from "ags/time";
import { GLib } from "astal"; import GLib from "gi://GLib?version=2.0";
export default () => { export default () => {
const time = Variable( const time = createPoll(
GLib.DateTime.new_now_local().format("%H:%M - %A, %d %B %Y")!, GLib.DateTime.new_now_local().format("%H:%M - %A, %d %B %Y")!,
).poll(
1000, 1000,
() => GLib.DateTime.new_now_local().format("%H:%M - %A, %d %B %Y")!, () => GLib.DateTime.new_now_local().format("%H:%M - %A, %d %B %Y")!,
); );
return ( return (
<button className="date"> <button class="date">
<label <label class="label" label={time} />
className="label"
onDestroy={() => time.drop()}
label={bind(time)}
/>
</button> </button>
); );
}; };

View File

@@ -1,5 +1,6 @@
import { Gtk } from "astal/gtk3"; import { createState } from "ags";
import { Variable, bind, timeout } from "astal"; import { Gtk } from "ags/gtk3";
import { timeout } from "ags/time";
export default function Hidden({ export default function Hidden({
child, child,
@@ -12,24 +13,20 @@ export default function Hidden({
orientation?: Gtk.Orientation; orientation?: Gtk.Orientation;
transitionType?: Gtk.RevealerTransitionType; transitionType?: Gtk.RevealerTransitionType;
}) { }) {
const show = Variable(true); const [show, setShow] = createState(true);
const contents = child ?? children; const contents = child ?? children;
return ( return (
<eventbox <eventbox onHover={() => setShow(true)} onHoverLost={() => setShow(false)}>
clickThrough
onHover={() => show.set(true)}
onHoverLost={() => show.set(false)}
>
<box orientation={orientation}> <box orientation={orientation}>
<revealer <revealer
setup={(self) => timeout(2000, () => (self.revealChild = false))} onRealize={() => timeout(2000, () => setShow(false))}
revealChild={bind(show)} revealChild={show}
transitionType={transitionType} transitionType={transitionType}
> >
{Array.isArray(contents) ? <>{contents}</> : contents} {Array.isArray(contents) ? <>{contents}</> : contents}
</revealer> </revealer>
<box clickThrough className="trigger-guard" /> <box class="trigger-guard" />
</box> </box>
</eventbox> </eventbox>
); );

View File

@@ -1,14 +1,14 @@
import { execAsync } from "astal/process"; import { execAsync } from "ags/process";
export default () => ( export default () => (
<button <button
className="launcher" class="launcher"
onClickRelease={() => onClicked={() =>
execAsync( execAsync(
'rofi -modes drun -show drun -run-command \"uwsm app -- {cmd}\"', 'rofi -modes drun -show drun -run-command \"uwsm app -- {cmd}\"',
) )
} }
> >
<icon className="icon" icon="nix-snowflake-symbolic" />; <icon class="icon" icon="nix-snowflake-symbolic" />;
</button> </button>
); );

View File

@@ -1,28 +1,37 @@
import { App } from "astal/gtk3"; import { createBinding, For } from "ags";
import { bind } from "astal"; import app from "ags/gtk3/app";
import Tray from "gi://AstalTray"; import Tray from "gi://AstalTray";
const tray = Tray.get_default(); const tray = Tray.get_default();
const TrayButton = ({ item }: { item: Tray.TrayItem }) => ( const TrayButton = ({ item }: { item: Tray.TrayItem }) => (
<menubutton <menubutton
className="item" class="item"
tooltipMarkup={bind(item, "tooltipMarkup")} tooltipMarkup={createBinding(item, "tooltipMarkup")}
usePopover={false} usePopover={false}
menuModel={bind(item, "menuModel")} menuModel={createBinding(item, "menuModel")}
actionGroup={bind(item, "actionGroup").as((ag) => ["dbusmenu", ag])} onRealize={(self) => {
createBinding(item, "action_group").as((action_group) =>
self.insert_action_group("dbusmenu", action_group),
);
self.insert_action_group("dbusmenu", item.action_group);
}}
> >
<icon gicon={bind(item, "gicon")} /> <icon gicon={createBinding(item, "gicon")} />
</menubutton> </menubutton>
); );
export default () => ( export default () => {
<box className="systray"> let items = createBinding(tray, "items");
{bind(tray, "items").as((items) =>
items.map((item) => { return (
if (item.iconThemePath) App.add_icons(item.iconThemePath); <box class="systray">
return <TrayButton item={item} />; <For each={items}>
}), {(item, _) => {
)} if (item.iconThemePath) app.add_icons(item.iconThemePath);
</box> return <TrayButton item={item} />;
); }}
</For>
</box>
);
};

View File

@@ -1,74 +1,83 @@
import { bind, Variable } from "astal";
import Hyprland from "gi://AstalHyprland"; import Hyprland from "gi://AstalHyprland";
import { range } from "../../lib"; import { getHyprlandMonitor, range } from "../../lib";
import {
Accessor,
createBinding,
createComputed,
createState,
Setter,
} from "ags";
import { Gdk, Gtk } from "ags/gtk3";
const hyprland = Hyprland.get_default(); const hyprland = Hyprland.get_default();
const BLOCK_SIZE = 10; const BLOCK_SIZE = 10;
const Workspace = ({ id }: { id: number }) => { const Workspace = ({ id }: { id: number }) => {
let clients: Variable<string[]>; let clients: Accessor<string[]>;
let setClients: Setter<string[]>;
try { try {
const workspace = hyprland.get_workspace(id); const workspace = hyprland.get_workspace(id);
clients = Variable(workspace.clients.map((client) => client.address)); [clients, setClients] = createState(
workspace.clients.map((client) => client.address),
);
} catch (_) { } catch (_) {
clients = Variable([]); [clients, setClients] = createState<string[]>([]);
} }
const active = Variable.derive( const active = createComputed(
[bind(hyprland, "focusedWorkspace")], [createBinding(hyprland, "focusedWorkspace")],
(focused) => focused.id == id, (focused) => focused.id == id,
); );
hyprland.connect("workspace-added", (_, workspace) => { hyprland.connect("workspace-added", (_, workspace) => {
if (workspace.id != id) return; if (workspace.id != id) return;
clients.set(workspace.clients.map((client) => client.address)); setClients(workspace.clients.map((client) => client.address));
}); });
hyprland.connect("workspace-removed", (_, workspaceId) => { hyprland.connect("workspace-removed", (_, workspaceId) => {
if (workspaceId != id) return; if (workspaceId != id) return;
clients.set([]); setClients([]);
}); });
hyprland.connect("client-added", (_hyprland, client) => { hyprland.connect("client-added", (_hyprland, client) => {
if (client.workspace.id != id) return; if (client.workspace.id != id) return;
clients.set([...clients.get(), client.address]); setClients([...clients.get(), client.address]);
}); });
// Explicit separate event handling instead of Variable.derive(workspaces, clients)
// because client-moved events appear to be broken if done that way.
hyprland.connect("client-moved", (_hyprland, client, workspace) => { hyprland.connect("client-moved", (_hyprland, client, workspace) => {
if (workspace.id == id) { if (workspace.id == id) {
clients.set([...clients.get(), client.address]); setClients([...clients.get(), client.address]);
} else { } else {
clients.set( setClients(
clients.get().filter((oldClient) => oldClient != client.address), clients.get().filter((oldClient) => oldClient != client.address),
); );
} }
}); });
hyprland.connect("client-removed", (_hyprland, address) => { hyprland.connect("client-removed", (_hyprland, address) => {
clients.set(clients.get().filter((oldClient) => oldClient != address)); setClients(clients.get().filter((oldClient) => oldClient != address));
}); });
const className = Variable.derive([active, clients], (active, clients) => { const className = createComputed([active, clients], (active, clients) => {
if (active) return "button active"; if (active) return "button active";
if (clients.length > 0) return "button occupied"; if (clients.length > 0) return "button occupied";
return "button"; return "button";
}); });
return ( return (
<box vertical> <box orientation={Gtk.Orientation.VERTICAL}>
<box vexpand /> <box vexpand />
<eventbox onClickRelease={() => hyprland.dispatch("workspace", `${id}`)}> <eventbox onClickRelease={() => hyprland.dispatch("workspace", `${id}`)}>
<label className={className()} /> <label class={className} />
</eventbox> </eventbox>
<box vexpand /> <box vexpand />
</box> </box>
); );
}; };
export default ({ monitor }: { monitor: Hyprland.Monitor }) => { export default ({ gdkmonitor }: { gdkmonitor: Gdk.Monitor }) => {
const monitor = getHyprlandMonitor(gdkmonitor)!;
const workspaces = hyprland.get_workspaces(); const workspaces = hyprland.get_workspaces();
const displayWorkspaces = workspaces.filter( const displayWorkspaces = workspaces.filter(
(w) => w.monitor.id === monitor.id, (w) => w.monitor.id === monitor.id,
@@ -78,7 +87,7 @@ export default ({ monitor }: { monitor: Hyprland.Monitor }) => {
return ( return (
<eventbox <eventbox
className="workspaces" class="workspaces"
onScroll={(_, e) => { onScroll={(_, e) => {
hyprland.dispatch("workspace", e.delta_y > 0 ? "m+1" : "m-1"); hyprland.dispatch("workspace", e.delta_y > 0 ? "m+1" : "m-1");
}} }}

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
config, config,
lib, lib,

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
config, config,
lib, lib,

View File

@@ -1,20 +0,0 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ lib, pkgs, ... }:
{
users.users.${user}.extraGroups = [
"video"
"inputs"
];
home-manager.users.${user}.wayland.windowManager.hyprland.settings.bindle =
let
brightnessctl = lib.meta.getExe pkgs.brightnessctl;
in
[
", XF86MonBrightnessUp, exec, ${brightnessctl} -q s 5%+"
", XF86MonBrightnessDown, exec, ${brightnessctl} -q s 5%-"
];
}

View File

@@ -1,29 +0,0 @@
{
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
lib,
pkgs,
...
}:
{
home-manager.users.${user} = {
programs.btop.settings.color_theme = "matugen";
theme = {
template.".config/btop/themes/matugen.theme".source = ./theme.theme;
reloadExtraConfig = "${
lib.meta.getExe (
pkgs.writeShellApplication {
name = "reload-btop";
runtimeInputs = with pkgs; [ procps ];
text = "exec pkill btop -SIGUSR2";
}
)
} &";
};
};
}

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
config, config,
lib, lib,

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
config, config,
lib, lib,

View File

@@ -1,27 +1,6 @@
{ user, home }:
{ pkgs, ... }:
{ {
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
in
{
nixpkgs.overlays = [
(final: prev: {
darktable = prev.darktable.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./better-copy-and-import.patch ];
});
})
];
environment.persistence = { environment.persistence = {
"/persist/state" = { "/persist/state" = {
"${home}/.config/darktable/data.db" = { }; "${home}/.config/darktable/data.db" = { };
@@ -31,21 +10,10 @@ in
}; };
home-manager.users.${user} = { home-manager.users.${user} = {
home = { home.packages = with pkgs; [
packages = darktable
with pkgs; exiftool
with selfPkgs; ];
[
darktable
exiftool
darktable-ghost-cms-publish
];
sessionVariables = {
GHOST_URL = "https://photos.karaolidis.com";
GHOST_ADMIN_API_KEY_PATH = hmConfig.sops.secrets."jupiter/photos.karaolidis.com/admin".path;
};
};
xdg.configFile = { xdg.configFile = {
"darktable/darktablerc".source = (pkgs.formats.keyValue { }).generate "darktablerc" { "darktable/darktablerc".source = (pkgs.formats.keyValue { }).generate "darktablerc" {
@@ -72,19 +40,13 @@ in
"darktable/luarc".text = '' "darktable/luarc".text = ''
require "tools/script_manager" require "tools/script_manager"
require "tools/publish"
''; '';
"darktable/lua/lib".source = "${selfPkgs.darktable-lua-scripts}/lib"; "darktable/lua/lib".source = "${pkgs.darktable-lua-scripts}/lib";
"darktable/lua/tools/script_manager.lua".source = "darktable/lua/tools/script_manager.lua".source =
"${selfPkgs.darktable-lua-scripts}/tools/script_manager.lua"; "${pkgs.darktable-lua-scripts}/tools/script_manager.lua";
"darktable/lua/tools/publish.lua".source =
"${selfPkgs.darktable-ghost-cms-publish}/lib/darktable-ghost-cms-publish/publish.lua";
"darktable/luts".source = selfPkgs.darktable-hald-clut; "darktable/luts".source = pkgs.darktable-hald-clut;
}; };
sops.secrets."jupiter/photos.karaolidis.com/admin".sopsFile =
../../../../../../secrets/personal/secrets.yaml;
}; };
} }

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ lib, pkgs, ... }: { lib, pkgs, ... }:
{ {
environment.persistence."/persist/state"."${home}/.config/vesktop" = { }; environment.persistence."/persist/state"."${home}/.config/vesktop" = { };

View File

@@ -1,7 +1,4 @@
{ { user, home }:
user ? throw "user argument is required",
home ? throw "home argument is required",
}:
{ {
config, config,
lib, lib,

Some files were not shown because too many files have changed in this diff Show More