diff --git a/flake.nix b/flake.nix index 9e528c1..87056ff 100644 --- a/flake.nix +++ b/flake.nix @@ -20,7 +20,7 @@ nixosModules = import ./lib/modules/nixos inputs; homeManagerModules = import ./lib/modules/home inputs; - # overlays = import ./lib/overlays inputs; + overlays = import ./lib/overlays inputs; formatter = uGenPkgs (p: p.nixfmt-rfc-style); @@ -30,7 +30,7 @@ TODO: nixos ISO? */ } - // (import ./nix/constants.nix inputs) + // (import ./lib/constants.nix inputs) // { flakeLib = lib; }; diff --git a/nix/constants.nix b/lib/constants.nix similarity index 81% rename from nix/constants.nix rename to lib/constants.nix index b02be68..e724058 100644 --- a/nix/constants.nix +++ b/lib/constants.nix @@ -1,7 +1,7 @@ { nixpkgs, ... }: { style = { - colors = (import ./lib/colors.nix { inherit (nixpkgs) lib; }).schemes.catppuccin-mocha-sapphire; + colors = (import ./colors.nix { inherit (nixpkgs) lib; }).schemes.catppuccin-mocha-sapphire; font = { name = "IosevkaLyteTerm"; diff --git a/lib/default.nix b/lib/default.nix index 0b8cee5..35ed4f1 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -7,6 +7,7 @@ let (_: p: p); in rec { + inherit forSelfOverlay; systems = [ "aarch64-linux" "aarch64-darwin" @@ -14,6 +15,8 @@ rec { "x86_64-linux" ]; forSystems = nixpkgs: nixpkgs.lib.genAttrs systems; - pkgsFor = nixpkgs: system: (import nixpkgs { inherit system; }).extend forSelfOverlay; + pkgsFor = + nixpkgs: system: + (import nixpkgs { inherit system; }).extend (builtins.trace forSelfOverlay forSelfOverlay); genPkgs = nixpkgs: func: (forSystems nixpkgs (system: func (pkgsFor nixpkgs system))); } diff --git a/images/Nix_snowflake_lytedev.png b/lib/images/Nix_snowflake_lytedev.png similarity index 100% rename from images/Nix_snowflake_lytedev.png rename to lib/images/Nix_snowflake_lytedev.png diff --git a/images/Nix_snowflake_lytedev.svg b/lib/images/Nix_snowflake_lytedev.svg similarity index 100% rename from images/Nix_snowflake_lytedev.svg rename to lib/images/Nix_snowflake_lytedev.svg diff --git a/lib/modules/home/default.nix b/lib/modules/home/default.nix index 758377a..fcac5b3 100644 --- a/lib/modules/home/default.nix +++ b/lib/modules/home/default.nix @@ -1,34 +1,177 @@ -{ self, ... }: +{ self, slippi, ... }: let inherit (self) outputs; - inherit (outputs) homeManagerModules constants; - inherit (constants) style; + inherit (outputs) homeManagerModules style; in { - bat = { - programs.bat = { - enable = true; - config = { - theme = "ansi"; - }; - /* - themes = { - "Catppuccin-mocha" = builtins.readFile (pkgs.fetchFromGitHub - { - owner = "catppuccin"; - repo = "bat"; - rev = "477622171ec0529505b0ca3cada68fc9433648c6"; - sha256 = "6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw="; - } - + "/Catppuccin-mocha.tmTheme"); - }; - */ - }; + common = + { + pkgs, + lib, + config, + ... + }: + { + imports = with homeManagerModules; [ + slippi.homeManagerModules.default + # nix-colors.homeManagerModules.default + fish + homeManagerModules.helix + git + jujutsu + zellij + htop + sshconfig + senpai + iex + cargo - home.shellAliases = { - cat = "bat"; + /* + broot + nnn + tmux + */ + ]; + + programs.bat = { + enable = true; + config = { + theme = "ansi"; + }; + /* + themes = { + "Catppuccin-mocha" = builtins.readFile (pkgs.fetchFromGitHub + { + owner = "catppuccin"; + repo = "bat"; + rev = "477622171ec0529505b0ca3cada68fc9433648c6"; + sha256 = "6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw="; + } + + "/Catppuccin-mocha.tmTheme"); + }; + */ + }; + + home.shellAliases = { + cat = "bat"; + }; + + programs.home-manager.enable = true; + + programs.direnv.mise = { + enable = true; + }; + + programs.mise = { + enable = true; + enableFishIntegration = true; + enableBashIntegration = true; + enableZshIntegration = true; + }; + + programs.jujutsu = { + enable = true; + }; + + programs.jq = { + enable = true; + }; + + programs.btop = { + enable = true; + package = pkgs.btop.override { + rocmSupport = true; + }; + }; + + # services.ssh-agent.enable = true; + + home = { + sessionVariables = { + TERMINAL = "ghostty"; + EDITOR = "hx"; + VISUAL = "hx"; + PAGER = "less"; + MANPAGER = "less"; + }; + + packages = with pkgs; [ + # tools I use when editing nix code + # kanidm + alejandra + gnupg + (pkgs.buildEnv { + name = "my-common-scripts"; + paths = [ ./scripts/common ]; + }) + ]; + }; + + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + + programs.skim = { + # https://github.com/lotabout/skim/issues/494 + enable = false; + enableFishIntegration = true; + defaultOptions = [ + "--no-clear-start" + "--color=16" + "--height=20" + ]; + }; + + programs.atuin = { + enable = true; + enableBashIntegration = config.programs.bash.enable; + enableFishIntegration = config.programs.fish.enable; + enableZshIntegration = config.programs.zsh.enable; + enableNushellIntegration = config.programs.nushell.enable; + + flags = [ + "--disable-up-arrow" + ]; + + settings = { + auto_sync = true; + sync_frequency = "1m"; + sync_address = "https://atuin.h.lyte.dev"; + keymap_mode = "vim-insert"; + inline_height = 20; + show_preview = true; + + sync = { + records = true; + }; + + dotfiles = { + enabled = true; + }; + }; + }; + + programs.fzf = { + # using good ol' fzf until skim sucks less out of the box I guess + enable = true; + /* + enableFishIntegration = true; + defaultCommand = "fd --type f"; + defaultOptions = ["--height 40%"]; + fileWidgetOptions = ["--preview 'head {}'"]; + */ + }; + + # TODO: regular cron or something? + programs.nix-index = { + enable = true; + + enableBashIntegration = config.programs.bash.enable; + enableFishIntegration = config.programs.fish.enable; + enableZshIntegration = config.programs.zsh.enable; + }; }; - }; eww = { config, ... }: @@ -150,305 +293,28 @@ in */ }; - common = - { - pkgs, - lib, - config, - ... - }: - { - imports = with homeManagerModules; [ - # nix-colors.homeManagerModules.default - fish - bat - homeManagerModules.helix - git - jujutsu - zellij - htop - sshconfig - - /* - broot - nnn - tmux - */ - ]; - - programs.home-manager.enable = true; - - # services.ssh-agent.enable = true; - - home = { - username = lib.mkDefault "lytedev"; - homeDirectory = lib.mkDefault "/home/lytedev"; - stateVersion = lib.mkDefault "24.05"; - - sessionVariables = { - TERMINAL = "ghostty"; - EDITOR = "hx"; - VISUAL = "hx"; - PAGER = "less"; - MANPAGER = "less"; - }; - - packages = with pkgs; [ - # tools I use when editing nix code - # kanidm - alejandra - gnupg - (pkgs.buildEnv { - name = "my-common-scripts"; - paths = [ ./scripts/common ]; - }) - ]; - }; - - programs.direnv = { - enable = true; - nix-direnv.enable = true; - }; - - programs.skim = { - # https://github.com/lotabout/skim/issues/494 - enable = false; - enableFishIntegration = true; - defaultOptions = [ - "--no-clear-start" - "--color=16" - "--height=20" - ]; - }; - - programs.atuin = { - enable = true; - enableBashIntegration = config.programs.bash.enable; - enableFishIntegration = config.programs.fish.enable; - enableZshIntegration = config.programs.zsh.enable; - enableNushellIntegration = config.programs.nushell.enable; - - flags = [ - "--disable-up-arrow" - ]; - - settings = { - auto_sync = true; - sync_frequency = "1m"; - sync_address = "https://atuin.h.lyte.dev"; - keymap_mode = "vim-insert"; - inline_height = 20; - show_preview = true; - - sync = { - records = true; - }; - - dotfiles = { - enabled = true; - }; - }; - }; - - programs.fzf = { - # using good ol' fzf until skim sucks less out of the box I guess - enable = true; - /* - enableFishIntegration = true; - defaultCommand = "fd --type f"; - defaultOptions = ["--height 40%"]; - fileWidgetOptions = ["--preview 'head {}'"]; - */ - }; - - # TODO: regular cron or something? - programs.nix-index = { - enable = true; - - enableBashIntegration = config.programs.bash.enable; - enableFishIntegration = config.programs.fish.enable; - enableZshIntegration = config.programs.zsh.enable; - }; - }; - desktop = { imports = with homeManagerModules; [ - wezterm ghostty ]; }; # ewwbar = {}; - firefox = - { pkgs, ... }: - { - programs.firefox = { - /* - TODO: this should be able to work on macos, no? - TODO: enable color scheme/theme by default - */ - enable = true; - profiles = { - daniel = { - id = 0; - settings = { - "general.smoothScroll" = true; - "browser.zoom.siteSpecific" = true; - }; - - extraConfig = '' - user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true); - // user_pref("full-screen-api.ignore-widgets", true); - user_pref("media.ffmpeg.vaapi.enabled", true); - user_pref("media.rdd-vpx.enabled", true); - ''; - - userChrome = '' - #webrtcIndicator { - display: none; - } - ''; - - /* - userContent = '' - ''; - */ - }; - }; - }; - }; - - firefox-no-tabs = { - programs.firefox = { - profileVersion = null; - profiles = { - daniel = { - settings = { - "alerts.useSystemBackend" = true; - "widget.gtk.rounded-bottom-corners.enabled" = true; - }; - userChrome = '' - #TabsToolbar { - visibility: collapse; - } - - #main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar>.toolbar-items { - opacity: 0; - pointer-events: none; - } - - #main-window:not([tabsintitlebar="true"]) #TabsToolbar { - visibility: collapse !important; - } - ''; - }; - }; - }; - }; - - fish = - { pkgs, ... }: - { - home = { - packages = [ - pkgs.gawk # used in prompt - ]; - }; - - programs.eza = { - enable = true; - }; - - programs.fish = { - enable = true; - # I load long scripts from files for a better editing experience - shellInit = builtins.readFile ./fish/shellInit.fish; - interactiveShellInit = builtins.readFile ./fish/interactiveShellInit.fish; - loginShellInit = ""; - functions = { - # TODO: I think these should be loaded from fish files too for better editor experience? - d = '' - # --wraps=cd --description "Quickly jump to NICE_HOME (or given relative or absolute path) and list files." - if count $argv > /dev/null - cd $argv - else - cd $NICE_HOME - end - la - ''; - - c = '' - if count $argv > /dev/null - cd $NICE_HOME && d $argv - else - d $NICE_HOME - end - ''; - - ltl = '' - set d $argv[1] . - set -l l "" - for f in $d[1]/* - if test -z $l; set l $f; continue; end - if command test $f -nt $l; and test ! -d $f - set l $f - end - end - echo $l - ''; - - has_command = "command --quiet --search $argv[1]"; - }; - shellAbbrs = { }; - shellAliases = { - # TODO: an alias that wraps `rm` such that if we run it without git committing first (when in a git repo) - ls = "eza --group-directories-first --classify"; - l = "ls"; - ll = "ls --long --group"; - la = "ll --all"; - lA = "la --all"; # --all twice to show . and .. - tree = "ls --tree --level=3"; - lt = "ll --sort=modified"; - lat = "la --sort=modified"; - lc = "lt --sort=accessed"; - lT = "lt --reverse"; - lC = "lc --reverse"; - lD = "la --only-dirs"; - "cd.." = "d .."; - "cdc" = "d $XDG_CONFIG_HOME"; - "cdn" = "d $NOTES_PATH"; - "cdl" = "d $XDG_DOWNLOAD_DIR"; - "cdg" = "d $XDG_GAMES_DIR"; - ".." = "d .."; - "..." = "d ../.."; - "...." = "d ../../.."; - "....." = "d ../../../.."; - "......" = "d ../../../../.."; - "......." = "d ../../../../../.."; - "........" = "d ../../../../../../.."; - "........." = "d ../../../../../../../.."; - p = "ping"; - dc = "docker compose"; - pc = "podman-compose"; - k = "kubectl"; - kg = "kubectl get"; - v = "$EDITOR"; - sv = "sudo $EDITOR"; - kssh = "kitty +kitten ssh"; - }; - }; - }; + firefox = import ./firefox.nix; + fish = import ./fish.nix; jujutsu = - { ... }: + { config, lib, ... }: { - programs.jujutsu = { - enable = true; - settings = { - user = { - email = "daniel@lyte.dev"; - name = "Daniel Flanagan"; + config = lib.mkIf (builtins.hasAttr "primary" config.accounts.email.accounts) { + programs.jujutsu = { + enable = true; + settings = { + user = { + email = config.accounts.email.accounts.primary.address; + name = "Daniel Flanagan"; + }; }; }; }; @@ -640,20 +506,26 @@ in }; }; - home.packages = with pkgs.gnomeExtensions; [ - tiling-shell - blur-my-shell - appindicator - ]; + home = { + packages = with pkgs.gnomeExtensions; [ + tiling-shell + blur-my-shell + appindicator + ]; + + file.".face" = { + enable = true; + source = builtins.fetchurl { + url = "https://lyte.dev/img/avatar3-square-512.png"; + sha256 = "sha256:15zwbwisrc01m7ad684rsyq19wl4s33ry9xmgzmi88k1myxhs93x"; + }; + }; + }; programs.gnome-shell = { enable = true; extensions = [ { package = pkgs.gnomeExtensions.gsconnect; } ]; }; - - programs.firefox.package = pkgs.firefox.override { - nativeMessagingHosts = with pkgs; [ bitwarden ]; - }; }; helix = @@ -2147,4 +2019,28 @@ in ''; }; }; + + daniel = + { config, ... }: + { + + home = { + username = "daniel"; + homeDirectory = "/home/daniel/.home"; + }; + + accounts.email.accounts = { + primary = { + primary = true; + address = "daniel@lyte.dev"; + }; + legacy = { + address = "wraithx2@gmail.com"; + }; + io = { + # TODO: finalize deprecation + address = "daniel@lytedev.io"; + }; + }; + }; } diff --git a/lib/modules/home/firefox.nix b/lib/modules/home/firefox.nix new file mode 100644 index 0000000..7721c05 --- /dev/null +++ b/lib/modules/home/firefox.nix @@ -0,0 +1,56 @@ +{ pkgs, ... }: +{ + enable = true; + programs.firefox = { + profileVersion = null; + package = pkgs.firefox.override { + nativeMessagingHosts = with pkgs; [ bitwarden ]; + }; + /* + TODO: this should be able to work on macos, no? + TODO: enable color scheme/theme by default + */ + profiles = { + daniel = { + id = 0; + settings = { + "alerts.useSystemBackend" = true; + "widget.gtk.rounded-bottom-corners.enabled" = true; + "general.smoothScroll" = true; + "browser.zoom.siteSpecific" = true; + }; + + extraConfig = '' + user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true); + // user_pref("full-screen-api.ignore-widgets", true); + user_pref("media.ffmpeg.vaapi.enabled", true); + user_pref("media.rdd-vpx.enabled", true); + ''; + + userChrome = '' + #TabsToolbar { + visibility: collapse; + } + + #main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar>.toolbar-items { + opacity: 0; + pointer-events: none; + } + + #main-window:not([tabsintitlebar="true"]) #TabsToolbar { + visibility: collapse !important; + } + + #webrtcIndicator { + display: none; + } + ''; + + /* + userContent = '' + ''; + */ + }; + }; + }; +} diff --git a/lib/modules/home/fish.nix b/lib/modules/home/fish.nix new file mode 100644 index 0000000..0239890 --- /dev/null +++ b/lib/modules/home/fish.nix @@ -0,0 +1,91 @@ +{ pkgs, ... }: +{ + home = { + packages = [ + pkgs.gawk # used in prompt + ]; + }; + + programs.eza = { + enable = true; + }; + + programs.fish = { + enable = true; + # I load long scripts from files for a better editing experience + shellInit = builtins.readFile ./fish/shellInit.fish; + interactiveShellInit = builtins.readFile ./fish/interactiveShellInit.fish; + loginShellInit = ""; + functions = { + # TODO: I think these should be loaded from fish files too for better editor experience? + d = '' + # --wraps=cd --description "Quickly jump to NICE_HOME (or given relative or absolute path) and list files." + if count $argv > /dev/null + cd $argv + else + cd $NICE_HOME + end + la + ''; + + c = '' + if count $argv > /dev/null + cd $NICE_HOME && d $argv + else + d $NICE_HOME + end + ''; + + ltl = '' + set d $argv[1] . + set -l l "" + for f in $d[1]/* + if test -z $l; set l $f; continue; end + if command test $f -nt $l; and test ! -d $f + set l $f + end + end + echo $l + ''; + + has_command = "command --quiet --search $argv[1]"; + }; + shellAbbrs = { }; + shellAliases = { + # TODO: an alias that wraps `rm` such that if we run it without git committing first (when in a git repo) + ls = "eza --group-directories-first --classify"; + l = "ls"; + ll = "ls --long --group"; + la = "ll --all"; + lA = "la --all"; # --all twice to show . and .. + tree = "ls --tree --level=3"; + lt = "ll --sort=modified"; + lat = "la --sort=modified"; + lc = "lt --sort=accessed"; + lT = "lt --reverse"; + lC = "lc --reverse"; + lD = "la --only-dirs"; + "cd.." = "d .."; + "cdc" = "d $XDG_CONFIG_HOME"; + "cdn" = "d $NOTES_PATH"; + "cdl" = "d $XDG_DOWNLOAD_DIR"; + "cdg" = "d $XDG_GAMES_DIR"; + ".." = "d .."; + "..." = "d ../.."; + "...." = "d ../../.."; + "....." = "d ../../../.."; + "......" = "d ../../../../.."; + "......." = "d ../../../../../.."; + "........" = "d ../../../../../../.."; + "........." = "d ../../../../../../../.."; + p = "ping"; + dc = "docker compose"; + pc = "podman-compose"; + k = "kubectl"; + kg = "kubectl get"; + v = "$EDITOR"; + sv = "sudo $EDITOR"; + kssh = "kitty +kitten ssh"; + }; + }; +} diff --git a/lib/modules/nixos/default.nix b/lib/modules/nixos/default.nix index 9cc13c5..e792a5a 100644 --- a/lib/modules/nixos/default.nix +++ b/lib/modules/nixos/default.nix @@ -3,13 +3,29 @@ let inherit (self) outputs; inherit (outputs) nixosModules - homeManagerModules - overlays - constants + # overlays + pubkey ; - inherit (constants) pubkey; in { + common = { + imports = with nixosModules; [ + deno-netlify-ddns-client + shell-defaults-and-applications + desktop + wifi + printing + podman + virtual-machines + postgres + gaming + gnome + daniel + root + ]; + }; + + nix-config = (import ../../../flake.nix).nixConfig; shell-defaults-and-applications = import ./shell-config.nix; deno-netlify-ddns-client = import ./deno-netlify-ddns-client.nix; @@ -17,230 +33,6 @@ in # boot.uki.tries = 3; # services.irqbalance.enable = true; - # this is not ready for primetime yet - # services.kanidm = { - # enableClient = true; - # enablePam = true; - # package = pkgs.kanidm; - - # clientSettings.uri = "https://idm.h.lyte.dev"; - # unixSettings = { - # # hsm_pin_path = "/somewhere/else"; - # pam_allowed_login_groups = []; - # }; - # }; - # systemd.tmpfiles.rules = [ - # "d /etc/kanidm 1755 nobody users -" - # ]; - - # module has the incorrect file permissions out of the box - # environment.etc = { - /* - "kanidm" = { - enable = true; - user = "nobody"; - group = "users"; - mode = "0755"; - }; - */ - # "kanidm/unixd" = { - # user = "kanidm-unixd"; - # group = "kanidm-unixd"; - # mode = "0700"; - # }; - # "kanidm/config" = { - # user = "nobody"; - # group = "users"; - # mode = "0755"; - # }; - # }; - - ewwbar = - { pkgs, ... }: - { - # imports = with nixosModules; []; - environment.systemPackages = with pkgs; [ - eww - upower - jq - ]; - - # TODO: include the home-manager modules for daniel? - }; - - niri = - { pkgs, ... }: - { - environment.systemPackages = with pkgs; [ niri ]; - - systemd.user.services.polkit = { - description = "PolicyKit Authentication Agent"; - wantedBy = [ "niri.service" ]; - after = [ "graphical-session.target" ]; - partOf = [ "graphical-session.target" ]; - serviceConfig = { - Type = "simple"; - ExecStart = "${pkgs.libsForQt5.polkit-kde-agent}/libexec/polkit-kde-authentication-agent-1"; - Restart = "on-failure"; - RestartSec = 1; - TimeoutStopSec = 10; - }; - }; - - # security.pam.services.swaylock = {}; - programs.dconf.enable = pkgs.lib.mkDefault true; - fonts.enableDefaultPackages = pkgs.lib.mkDefault true; - security.polkit.enable = true; - services.gnome.gnome-keyring.enable = true; - }; - - hyprland = - { pkgs, ... }: - { - imports = with nixosModules; [ - ewwbar - pipewire - ]; - - programs.hyprland = { - enable = true; - }; - environment.systemPackages = with pkgs; [ - hyprpaper - xwaylandvideobridge - netcat-openbsd - ]; - - home-manager.users.daniel = { - imports = with homeManagerModules; [ - hyprland - ]; - }; - - # TODO: include the home-manager modules for daniel? - }; - - sway = - { pkgs, ... }: - { - imports = with nixosModules; [ - pipewire - ]; - - systemd.user.services."wait-for-full-path" = { - description = "wait for systemd units to have full PATH"; - wantedBy = [ "xdg-desktop-portal.service" ]; - before = [ "xdg-desktop-portal.service" ]; - path = with pkgs; [ - systemd - coreutils - gnugrep - ]; - script = '' - ispresent () { - systemctl --user show-environment | grep -E '^PATH=.*/.nix-profile/bin' - } - while ! ispresent; do - sleep 0.1; - done - ''; - serviceConfig = { - Type = "oneshot"; - TimeoutStartSec = "60"; - }; - }; - - home-manager.users.daniel = { - imports = with homeManagerModules; [ - sway - ]; - }; - - programs.sway = { - enable = true; - wrapperFeatures.gtk = true; - }; - - # services.xserver.libinput.enable = true; - - # TODO: a lot of this probably needs de-duping with hyprland? - - services.gnome.gnome-keyring.enable = true; - - xdg.portal = { - enable = true; - wlr.enable = true; - # gtk.enable = true; - - extraPortals = with pkgs; [ - xdg-desktop-portal-wlr - xdg-desktop-portal-gtk - ]; - }; - - services.dbus.enable = true; - security.polkit.enable = true; # needed for home-manager integration - - programs.thunar = { - enable = true; - plugins = with pkgs.xfce; [ - thunar-archive-plugin - thunar-volman - ]; - }; - - services.gvfs = { - enable = true; - }; - - environment = { - variables = { - VISUAL = "hx"; - }; - - systemPackages = with pkgs; [ - brightnessctl - feh - grim - libinput - libinput-gestures - libnotify - mako - noto-fonts - pamixer - playerctl - pulseaudio - pulsemixer - slurp - swaybg - swayidle - swaylock - swayosd - tofi - waybar - wl-clipboard - zathura - - /* - gimp - inkscape - krita - lutris - nil - nixpkgs-fmt - pavucontrol - rclone - restic - steam - vlc - vulkan-tools - weechat - wine - */ - ]; - }; - }; - remote-disk-key-entry-on-boot = { lib, @@ -270,6 +62,7 @@ in }; laptop = + # TODO: modularize { pkgs, ... }: { imports = with nixosModules; [ @@ -311,290 +104,50 @@ in }; }; - touchscreen = - { pkgs, ... }: - { - environment.systemPackages = with pkgs; [ - wvkbd # on-screen keyboard - flakeInputs.iio-hyprland.outputs.packages.${system}.default # auto-rotate hyprland displays - flakeInputs.hyprgrass.outputs.packages.${system}.hyprgrass # hyprland touch gestures - ]; - }; - - emacs = - { pkgs, ... }: - { - environment.systemPackages = with pkgs; [ - emacs - ]; - - home-manager.users.daniel = { - imports = with homeManagerModules; [ - emacs - ]; - }; - }; - - development-tools = - { - pkgs, - lib, - ... - }: - { - imports = with nixosModules; [ - postgres - podman - troubleshooting-tools - emacs - ]; - - environment.sessionVariables.NIXOS_OZONE_WL = "1"; - programs.neovim = { - enable = true; - /* - plugins = [ - pkgs.vimPlugins.nvim-treesitter.withAllGrammars - ]; - */ - }; - - hardware.gpgSmartcards.enable = true; - - # services.udev.packages = with pkgs; [ - # # TODO: I think these get the whole package pulled in... should find out - # # if there's a way to get just the rules and not 4 chromes - # platformio - # openocd - # pkgs.yubikey-personalization - # via - # ]; - - # programs.adb.enable = true; - # users.users.daniel.extraGroups = ["adbusers"]; - - home-manager.users.daniel = { - programs.direnv.mise = { - enable = true; - }; - - programs.mise = { - enable = true; - enableFishIntegration = true; - enableBashIntegration = true; - enableZshIntegration = true; - }; - - programs.thunderbird = { - enable = false; - - profiles = { - daniel = { - isDefault = true; - # name = "daniel"; - }; - }; - }; - - programs.nushell = { - enable = false; - }; - - programs.jujutsu = { - enable = lib.mkDefault true; - }; - - programs.k9s = { - enable = false; - }; - - programs.vscode = { - enable = false; - }; - - programs.jq = { - enable = false; - }; - - programs.btop = { - enable = true; - package = pkgs.btop.override { - rocmSupport = true; - }; - }; - }; - }; - - troubleshooting-tools = - { pkgs, ... }: - { - environment.systemPackages = with pkgs; [ - iftop - bottom - btop - dnsutils - dogdns - htop - inetutils - nmap - pciutils - hexyl - pkgs.unixtools.xxd - usbutils - comma - ]; - }; - - music-consumption = - { pkgs, ... }: - { - environment = { - systemPackages = with pkgs; [ - spotube - spotdl - ]; - }; - }; - - video-tools = - { pkgs, ... }: - { - environment = { - systemPackages = with pkgs; [ - ffmpeg-full - obs-studio - ]; - }; - }; - - # android-dev = {pkgs, ...}: { - # services.udev.packages = [ - # pkgs.android-udev-rules - # ]; - # environment.systemPackages = [pkgs.android-studio]; - # }; - - graphical-workstation = - { - pkgs, - lib, - options, - config, - ... - }: - { - imports = with nixosModules; [ - sway - # hyprland - enable-flatpaks-and-appimages - fonts - development-tools - printing - music-consumption - kde-connect - # plasma6 - gnome - video-tools - radio-tools - # android-dev - ]; - - xdg.portal.enable = true; - - hardware = - if builtins.hasAttr "graphics" options.hardware then - { - graphics = { - enable = true; - enable32Bit = true; - /* - driSupport32Bit = true; - driSupport = true; - */ - }; - } - else - { - opengl = { - enable = true; - driSupport32Bit = true; - driSupport = true; - }; - }; - environment = { - systemPackages = with pkgs; [ - firefox - google-chrome - libnotify - slides - slack - discord - ]; - variables = { - /* - GTK_THEME = "Catppuccin-Mocha-Compact-Sapphire-Dark"; - GTK_USE_PORTAL = "1"; - */ - }; - }; - }; - gnome = { pkgs, lib, + config, ... }: { - imports = with nixosModules; [ pipewire ]; + config = lib.mkIf config.services.xserver.desktopManager.gnome.enable { - services = { - xserver = { - enable = true; - displayManager.gdm.enable = true; - desktopManager.gnome.enable = true; - }; - udev.packages = [ pkgs.gnome-settings-daemon ]; - }; - - environment = { - variables.GSK_RENDERER = "gl"; - systemPackages = with pkgs; [ - bitwarden - # adwaita-gtk-theme - papirus-icon-theme - adwaita-icon-theme - adwaita-icon-theme-legacy - hydrapaper - ]; - }; - - programs.kdeconnect = { - enable = true; - package = pkgs.gnomeExtensions.gsconnect; - }; - - networking.firewall = rec { - allowedTCPPortRanges = [ - { - from = 1714; - to = 1764; - } - ]; - allowedUDPPortRanges = allowedTCPPortRanges; - }; - - home-manager.users.daniel = { - imports = with homeManagerModules; [ - gnome - ]; - - home.file.".face" = { - enable = true; - source = builtins.fetchurl { - url = "https://lyte.dev/img/avatar3-square-512.png"; - sha256 = "sha256:15zwbwisrc01m7ad684rsyq19wl4s33ry9xmgzmi88k1myxhs93x"; + services = { + xserver = { + enable = true; + displayManager.gdm.enable = true; + # desktopManager.gnome.enable = true; }; + udev.packages = [ pkgs.gnome-settings-daemon ]; + }; + + environment = { + variables.GSK_RENDERER = "gl"; + systemPackages = with pkgs; [ + bitwarden + # adwaita-gtk-theme + papirus-icon-theme + adwaita-icon-theme + adwaita-icon-theme-legacy + hydrapaper + ]; + }; + + programs.kdeconnect = { + enable = true; + package = pkgs.gnomeExtensions.gsconnect; + }; + + networking.firewall = rec { + allowedTCPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + allowedUDPPortRanges = allowedTCPPortRanges; }; }; }; @@ -874,7 +427,6 @@ in virtual-machines = { - pkgs, lib, config, ... @@ -941,6 +493,7 @@ in pkgs, lib, config, + options, ... }: let @@ -955,16 +508,44 @@ in }; }; config = lib.mkIf cfg.enable { - home-manager.users.daniel = { - imports = with homeManagerModules; [ - firefox-no-tabs - linux-desktop-environment-config - ]; - }; + services.xserver.desktopManager.gnome.enable = true; + + xdg.portal.enable = true; + + hardware = + if builtins.hasAttr "graphics" options.hardware then + { + graphics = { + enable = true; + # enable32Bit = true; + /* + driSupport32Bit = true; + driSupport = true; + */ + }; + } + else + { + opengl = { + enable = true; + # driSupport32Bit = true; + driSupport = true; + }; + }; + fonts.packages = [ + ( + # allow nixpkgs 24.11 and unstable to both work + if builtins.hasAttr "nerd-fonts" pkgs then + (pkgs.nerd-fonts.symbols-only) + else + (pkgs.nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; }) + ) + pkgs.iosevkaLyteTerm + ]; services.flatpak.enable = true; programs.appimage.binfmt = true; services.printing.enable = true; - programs.virt-manager.enable = config.virtualization.libvirtd.enable; + programs.virt-manager.enable = config.virtualisation.libvirtd.enable; }; }; @@ -1040,10 +621,14 @@ in }; steam = - { pkgs, ... }: + { pkgs, options, ... }: { programs.gamescope.enable = true; + services.pipewire = { + alsa.support32Bit = true; + }; + programs.steam = { enable = true; @@ -1062,7 +647,27 @@ in remotePlay.openFirewall = true; }; - hardware.steam-hardware.enable = true; + hardware = + ( + if builtins.hasAttr "graphics" options.hardware then + { + graphics = { + enable = true; + enable32Bit = true; + }; + } + else + { + opengl = { + enable = true; + driSupport32Bit = true; + }; + } + ) + // { + steam-hardware.enable = true; + }; + services.udev.packages = with pkgs; [ steam ]; environment.systemPackages = with pkgs; [ @@ -1089,15 +694,6 @@ in openssh.authorizedKeys.keys = [ pubkey ]; shell = lib.mkForce pkgs.fish; }; - home-manager.users.root = { - imports = [ homeManagerModules.common ]; - - home = { - username = "root"; - homeDirectory = "/root"; - stateVersion = pkgs.lib.mkDefault "24.05"; - }; - }; }; daniel = @@ -1107,30 +703,15 @@ in config, ... }: - let - username = "daniel"; - in { - imports = [ - { - config = lib.mkIf config.lyte.shell.enable { - home-manager.users.${username} = { - imports = with homeManagerModules; [ - senpai - iex - cargo - ]; - }; - }; - } - ]; - users.groups.${username} = { }; - users.users.${username} = { + users.groups.daniel = { }; + users.users.daniel = { isNormalUser = true; - home = "/home/${username}/.home"; + home = "/home/daniel/.home"; + description = "Daniel Flanagan"; createHome = true; openssh.authorizedKeys.keys = [ pubkey ]; - group = username; + group = "daniel"; extraGroups = [ "users" "wheel" @@ -1141,81 +722,5 @@ in ]; packages = [ ]; }; - home-manager.users.daniel = { - imports = [ homeManagerModules.common ]; - - home = { - username = "daniel"; - homeDirectory = "/home/daniel/.home"; - stateVersion = config.system.stateVersion; - }; - - accounts.email.accounts = { - primary = { - primary = true; - address = "daniel@lyte.dev"; - }; - legacy = { - address = "wraithx2@gmail.com"; - }; - io = { - # TODO: finalize deprecation - address = "daniel@lytedev.io"; - }; - }; - }; }; - - valerie = - let - username = "valerie"; - in - { - users.groups.${username} = { }; - users.users.${username} = { - isNormalUser = true; - home = "/home/${username}"; - createHome = true; - openssh.authorizedKeys.keys = [ pubkey ]; - group = username; - extraGroups = [ - "users" - "video" - ]; - packages = [ ]; - }; - }; - - flanfam = - let - username = "flanfam"; - in - { - users.groups.${username} = { }; - users.users.${username} = { - isNormalUser = true; - home = "/home/${username}"; - createHome = true; - openssh.authorizedKeys.keys = [ pubkey ]; - group = username; - extraGroups = [ - "users" - "video" - ]; - packages = [ ]; - }; - }; - - family-users = { - imports = with nixosModules; [ - # daniel # part of common - valerie - flanfam - ]; - }; - - # a common module that is intended to be imported by all NixOS systems - - # intended to be auto-logged in and only run a certain application - # flanfamkiosk = {}; } diff --git a/lib/modules/nixos/gnome.nix b/lib/modules/nixos/gnome.nix deleted file mode 100644 index e2174ff..0000000 --- a/lib/modules/nixos/gnome.nix +++ /dev/null @@ -1,84 +0,0 @@ -{ - pkgs, - lib, - ... -}: -{ - imports = [ ./pipewire.nix ]; - - # mkForce is used liberally to take precedence over KDE Plasma - # so I can have both "usable" at once - - services.xserver.enable = lib.mkDefault true; - services.xserver.displayManager.gdm = { - enable = lib.mkForce true; # take precedence over KDE's SDDM - }; - services.displayManager.execCmd = lib.mkForce "exec ${pkgs.gnome.gdm}/bin/gdm"; - services.displayManager.defaultSession = lib.mkForce "gnome"; - programs.ssh.askPassword = "${pkgs.gnome.seahorse}/libexec/seahorse/ssh-askpass"; - - hardware.pulseaudio.enable = false; - - services.xserver.desktopManager.gnome = { - enable = lib.mkDefault true; - - extraGSettingsOverridePackages = [ pkgs.gnome.mutter ]; - extraGSettingsOverrides = '' - [org.gnome.mutter] - experimental-features=['scale-monitor-framebuffer'] - ''; - }; - - xdg.portal = { - enable = true; - }; - - services.dbus.enable = true; - - services.gvfs = { - enable = true; - }; - - environment = { - variables = { - VISUAL = "hx"; - PAGER = "less"; - MANPAGER = "less"; - }; - - systemPackages = with pkgs; [ - gnome.gnome-power-manager - brightnessctl - feh - grim - libinput - libinput-gestures - libnotify - noto-fonts - pamixer - playerctl - pulsemixer - slurp - swaybg - swayidle - swaylock - waybar - wl-clipboard - zathura - /* - gimp - inkscape - krita - pavucontrol - pulseaudio - rclone - restic - steam - vlc - vulkan-tools - weechat - wine - */ - ]; - }; -} diff --git a/lib/modules/nixos/kanidm.nix b/lib/modules/nixos/kanidm.nix new file mode 100644 index 0000000..bff17ed --- /dev/null +++ b/lib/modules/nixos/kanidm.nix @@ -0,0 +1,39 @@ +{ + # this is not ready for primetime yet + # services.kanidm = { + # enableClient = true; + # enablePam = true; + # package = pkgs.kanidm; + + # clientSettings.uri = "https://idm.h.lyte.dev"; + # unixSettings = { + # # hsm_pin_path = "/somewhere/else"; + # pam_allowed_login_groups = []; + # }; + # }; + # systemd.tmpfiles.rules = [ + # "d /etc/kanidm 1755 nobody users -" + # ]; + + # module has the incorrect file permissions out of the box + # environment.etc = { + /* + "kanidm" = { + enable = true; + user = "nobody"; + group = "users"; + mode = "0755"; + }; + */ + # "kanidm/unixd" = { + # user = "kanidm-unixd"; + # group = "kanidm-unixd"; + # mode = "0700"; + # }; + # "kanidm/config" = { + # user = "nobody"; + # group = "users"; + # mode = "0755"; + # }; + # }; +} diff --git a/lib/modules/nixos/shell-config.nix b/lib/modules/nixos/shell-config.nix index 0d916f2..ee007b1 100644 --- a/lib/modules/nixos/shell-config.nix +++ b/lib/modules/nixos/shell-config.nix @@ -15,13 +15,12 @@ in }; }; }; + config = lib.mkIf cfg.enable { - nix-index = { - enable = true; - enableBashIntegration = true; - enableFishIntegration = true; - enableZshIntegration = true; - }; + home-manager.users.daniel = { }; + + programs.nix-index.enable = true; + programs.command-not-found.enable = false; users = { defaultUserShell = pkgs.fish; }; @@ -34,12 +33,6 @@ in lfs.enable = true; }; }; - programs.btop = { - enable = true; - package = pkgs.btop.override { - rocmSupport = true; - }; - }; environment = { variables = { EDITOR = "hx"; @@ -49,25 +42,37 @@ in MANPAGER = "bat --style=plain"; }; systemPackages = with pkgs; [ - zellij - helix aria2 bat + bottom + btop + comma curl + dnsutils + dogdns dua eza fd file + helix + hexyl + htop + iftop inetutils iputils - iputils killall nettools + nmap + pciutils + unixtools.xxd ripgrep rsync sd + usbutils xh + zellij ]; }; + }; } diff --git a/lib/overlays/default.nix b/lib/overlays/default.nix index 88c2aec..15cf358 100644 --- a/lib/overlays/default.nix +++ b/lib/overlays/default.nix @@ -4,16 +4,19 @@ nixpkgs-unstable, ... }@inputs: -{ +rec { default = final: _prev: { - overlays = with self.overlays; [ + overlays = [ additions modifications unstable-packages + stable-packages ]; }; - additions = final: prev: (prev // self.outputs.packages.${prev.system}); + forSelf = default; + + additions = final: prev: (import ../../packages { pkgs = prev; }); modifications = final: prev: @@ -23,7 +26,22 @@ { ghostty = ghostty.outputs.packages.${prev.system}.default; helix = helix.outputs.packages.${prev.system}.default; - bitwarden = self.outputs.packages.${prev.system}.bitwarden; + + bitwarden = prev.bitwarden.overrideAttrs (old: { + preBuild = '' + ${old.preBuild} + pushd apps/desktop/desktop_native/proxy + cargo build --bin desktop_proxy --release + popd + ''; + + postInstall = '' + mkdir -p $out/bin + cp -r apps/desktop/desktop_native/target/release/desktop_proxy $out/bin + mkdir -p $out/lib/mozilla/native-messaging-hosts + substituteAll ${../../packages/bitwarden.json} $out/lib/mozilla/native-messaging-hosts/com.8bit.bitwarden.json + ''; + }); }; unstable-packages = final: _prev: { diff --git a/packages/default.nix b/packages/default.nix index f0c820c..150686f 100644 --- a/packages/default.nix +++ b/packages/default.nix @@ -8,20 +8,4 @@ in iosevkaLyteTermSubset = pkgs.callPackage ./iosevkaLyteTermSubset.nix { inherit iosevkaLyteTerm; }; - - bitwarden = pkgs.bitwarden.overrideAttrs (old: { - preBuild = '' - ${old.preBuild} - pushd apps/desktop/desktop_native/proxy - cargo build --bin desktop_proxy --release - popd - ''; - - postInstall = '' - mkdir -p $out/bin - cp -r apps/desktop/desktop_native/target/release/desktop_proxy $out/bin - mkdir -p $out/lib/mozilla/native-messaging-hosts - substituteAll ${./bitwarden.json} $out/lib/mozilla/native-messaging-hosts/com.8bit.bitwarden.json - ''; - }); } diff --git a/packages/hosts/default.nix b/packages/hosts/default.nix index c3df17b..f15c50d 100644 --- a/packages/hosts/default.nix +++ b/packages/hosts/default.nix @@ -4,6 +4,7 @@ nixpkgs, sops-nix, disko, + slippi, home-manager, nixpkgs-unstable, home-manager-unstable, @@ -24,6 +25,10 @@ let }: (nixpkgs.lib.nixosSystem { inherit system; + specialArgs = { + hardware = hardware.outputs.nixosModules; + diskoConfigurations = self.outputs.diskoConfigurations; + }; modules = [ ( { @@ -34,27 +39,23 @@ let ... }: { - imports = with self.outputs.nixosModules; [ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") home-manager.nixosModules.home-manager sops-nix.nixosModules.sops disko.nixosModules.disko - deno-netlify-ddns-client - shell-defaults-and-applications - wifi - printing - podman - virtual-machines - postgres - gaming - gnome - daniel - root + slippi.nixosModules.default + self.outputs.nixosModules.common ]; config = { lyte.shell.enable = lib.mkDefault true; - nixpkgs.config.allowUnfree = lib.mkDefault true; + lyte.desktop.enable = lib.mkDefault false; + + nixpkgs = { + config.allowUnfree = lib.mkDefault true; + overlays = [ self.flakeLib.forSelfOverlay ]; + }; sops = { age = { @@ -64,9 +65,24 @@ let }; }; + # TODO: for each non-system user on the machine? + home-manager.users.root = { + home.stateVersion = lib.mkDefault config.system.stateVersion; + imports = with self.outputs.homeManagerModules; [ + common + ]; + }; + home-manager.users.daniel = { + home.stateVersion = lib.mkDefault config.system.stateVersion; + imports = with self.outputs.homeManagerModules; [ + daniel + common + ]; + }; + nix = { nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; - registry = lib.mapAttrs (_: value: { flake = value; }) self.inputs; + # registry = lib.mapAttrs (_: value: { flake = value; }) self.inputs; settings = { trusted-users = lib.mkDefault [ "@wheel" ]; @@ -75,7 +91,7 @@ let "flakes" ]; auto-optimise-store = lib.mkDefault true; - } // self.nixConfig; + }; }; systemd.services.nix-daemon.environment.TMPDIR = lib.mkDefault "/var/tmp"; # TODO: why did I do this again? @@ -89,7 +105,7 @@ let home-manager.backupFileExtension = lib.mkDefault "hm-backup"; users.users.root = { - openssh.authorizedKeys.keys = lib.mkDefault [ self.constants.pubkey ]; + openssh.authorizedKeys.keys = lib.mkDefault [ self.outputs.pubkey ]; }; services = { @@ -136,7 +152,7 @@ let earlySetup = lib.mkDefault true; colors = - with self.constants.style.colors; + with self.outputs.style.colors; lib.mkDefault [ bg red @@ -170,12 +186,6 @@ let } ) - { - _module.args = { - hardware = hardware.outputs.nixosModules; - diskoConfigurations = self.outputs.diskoConfigurations; - }; - } (import path) ]; }) @@ -188,7 +198,7 @@ let }; in { - beefcake = stableHost ./beefcake.nix { }; + # beefcake = stableHost ./beefcake.nix { }; dragon = host ./dragon.nix { }; - arm-dragon = host ./dragon.nix { system = "aarch64-linux"; }; + # arm-dragon = host ./dragon.nix { system = "aarch64-linux"; }; } diff --git a/packages/hosts/dragon.nix b/packages/hosts/dragon.nix index 4d416d1..c5542c2 100644 --- a/packages/hosts/dragon.nix +++ b/packages/hosts/dragon.nix @@ -1,16 +1,16 @@ { pkgs, - lib, config, hardware, diskoConfigurations, ... }: { + # nix boilerplate system.stateVersion = "24.11"; - home-manager.users.daniel.home.stateVersion = "24.11"; networking.hostName = "dragon"; + # kernel and bootloader configuration boot = { kernelPackages = pkgs.linuxPackages_latest; loader.efi.canTouchEfiVariables = true; @@ -25,15 +25,24 @@ supportedFilesystems = [ "ntfs" ]; }; + # hardware configuration imports = with hardware; [ (diskoConfigurations.unencrypted { disk = "/dev/nvme0n1"; }) common-cpu-amd common-gpu-amd common-pc-ssd ]; + hardware.bluetooth.enable = true; + networking.wifi.enable = true; + powerManagement.cpuFreqGovernor = "performance"; - sops.secrets.ddns-pass = { - mode = "0400"; + # application and services configuration + + lyte.desktop.enable = true; + + sops = { + defaultSopsFile = ../../secrets/dragon/secrets.yml; + secrets.ddns-pass.mode = "0400"; }; services.deno-netlify-ddns-client = { passwordFile = config.sops.secrets.ddns-pass.path; @@ -43,14 +52,10 @@ ipv6 = false; }; - hardware.bluetooth.enable = true; - networking.wifi.enable = true; - powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; - home-manager.users.daniel = { slippi-launcher = { enable = true; - isoPath = "${config.home-manager.users.daniel.home.homeDirectory}/../games/roms/dolphin/melee.iso"; + isoPath = "${config.users.users.daniel.home}/../games/roms/dolphin/melee.iso"; launchMeleeOnPlay = false; }; }; diff --git a/nix/machines.nix b/packages/machines.nix similarity index 98% rename from nix/machines.nix rename to packages/machines.nix index 6120f5b..0643ffd 100644 --- a/nix/machines.nix +++ b/packages/machines.nix @@ -84,7 +84,6 @@ home-manager.users.daniel = { imports = with homeManagerModules; [ - firefox-no-tabs linux-desktop-environment-config ]; }; @@ -122,7 +121,6 @@ iex niri cargo - firefox-no-tabs linux-desktop-environment-config ]; }; @@ -192,7 +190,6 @@ senpai iex cargo - firefox-no-tabs linux-desktop-environment-config # slippi.homeManagerModules.default ]; @@ -262,7 +259,6 @@ senpai iex cargo - firefox-no-tabs linux-desktop-environment-config slippi.homeManagerModules.default ]; @@ -301,7 +297,6 @@ home-manager.users.daniel = { imports = with homeManagerModules; [ - firefox-no-tabs linux-desktop-environment-config ]; }; diff --git a/nix/users.nix b/packages/users.nix similarity index 100% rename from nix/users.nix rename to packages/users.nix diff --git a/readme.md b/readme.md index 64bda63..7e03ca0 100644 --- a/readme.md +++ b/readme.md @@ -1,7 +1,7 @@

-
+
Nix for lytedev