lytedev/nix
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Format
Some checks failed
/ check (push) Failing after 9s
Details

Browse source
This commit is contained in:
Daniel Flanagan 2025-02-14 13:31:18 -06:00
parent 8e8a483e97
commit d21df887fe
51 changed files with 4363 additions and 3873 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.helix/languages.toml
View file

@ -3,6 +3,7 @@ auto-format = true
file-types = ["nix"] file-types = ["nix"]
name = "nix" name = "nix"
scope = "source.nix" scope = "source.nix"
language-servers = ["nixd", "nil"]
[language.formatter] [language.formatter]
args = ["-"] args = ["-"]

21
lib/colors.nix
View file

@ -1,6 +1,9 @@
{lib, ...}: { { lib, ... }:
schemes = let {
mkColorScheme = scheme @ { schemes =
let
mkColorScheme =
scheme@{
scheme-name, scheme-name,
bg, bg,
bg2, bg2,
@ -19,9 +22,9 @@
green, green,
# teal, # teal,
blue, blue,
}: let }:
base = let
{ base = {
text = fg; text = fg;
primary = blue; primary = blue;
urgent = red; urgent = red;
@ -46,14 +49,14 @@
# whites # whites
"7" = fg2; "7" = fg2;
"15" = fg3; "15" = fg3;
} } // scheme;
// scheme;
in in
base base
// { // {
withHashPrefix = lib.mapAttrs (_: value: "#${value}") base; withHashPrefix = lib.mapAttrs (_: value: "#${value}") base;
}; };
in { in
{
donokai = mkColorScheme { donokai = mkColorScheme {
scheme-name = "donokai"; scheme-name = "donokai";
bg = "110f0a"; bg = "110f0a";

20
lib/default.nix
View file

@ -1,10 +1,18 @@
{self, ...}: let { self, ... }:
let
forSelfOverlay = forSelfOverlay =
if builtins.hasAttr "overlays" self && builtins.hasAttr "forSelf" self.overlays if builtins.hasAttr "overlays" self && builtins.hasAttr "forSelf" self.overlays then
then self.overlays.forSelf self.overlays.forSelf
else (_: p: p); else
in rec { (_: p: p);
systems = ["aarch64-linux" "aarch64-darwin" "x86_64-darwin" "x86_64-linux"]; in
rec {
systems = [
"aarch64-linux"
"aarch64-darwin"
"x86_64-darwin"
"x86_64-linux"
];
forSystems = nixpkgs: nixpkgs.lib.genAttrs systems; forSystems = nixpkgs: nixpkgs.lib.genAttrs systems;
pkgsFor = nixpkgs: system: (import nixpkgs { inherit system; }).extend forSelfOverlay; pkgsFor = nixpkgs: system: (import nixpkgs { inherit system; }).extend forSelfOverlay;
genPkgs = nixpkgs: func: (forSystems nixpkgs (system: func (pkgsFor nixpkgs system))); genPkgs = nixpkgs: func: (forSystems nixpkgs (system: func (pkgsFor nixpkgs system)));

66
lib/disko/default.nix
View file

@ -1,8 +1,10 @@
{nixpkgs-unstable, ...}: let { nixpkgs-unstable, ... }:
let
# TODO: This file needs some serious cleaning up. # TODO: This file needs some serious cleaning up.
lib = nixpkgs-unstable.lib; lib = nixpkgs-unstable.lib;
inherit (lib.attrsets) mapAttrs' filterAttrs; inherit (lib.attrsets) mapAttrs' filterAttrs;
ESP = inputs @ { ESP =
inputs@{
size ? "4G", size ? "4G",
label ? "ESP", label ? "ESP",
name ? "ESP", name ? "ESP",
@ -24,8 +26,10 @@
}; };
} }
// inputs; // inputs;
in rec { in
standardWithHibernateSwap = { rec {
standardWithHibernateSwap =
{
esp ? { esp ? {
label = "ESP"; label = "ESP";
size = "4G"; size = "4G";
@ -36,7 +40,8 @@ in rec {
disk, disk,
swapSize, swapSize,
... ...
}: { }:
{
/* /*
this is my standard partitioning scheme for my machines which probably want hibernation capabilities this is my standard partitioning scheme for my machines which probably want hibernation capabilities
a UEFI-compatible boot partition a UEFI-compatible boot partition
@ -85,7 +90,10 @@ in rec {
}; };
"/nix" = { "/nix" = {
mountpoint = "/nix"; mountpoint = "/nix";
mountOptions = ["compress=zstd" "noatime"]; mountOptions = [
"compress=zstd"
"noatime"
];
}; };
}; };
}; };
@ -109,7 +117,8 @@ in rec {
}; };
}; };
standard = { standard =
{
esp ? { esp ? {
label = "ESP"; label = "ESP";
size = "4G"; size = "4G";
@ -117,7 +126,8 @@ in rec {
}, },
disk, disk,
... ...
}: { }:
{
# this is my standard partitioning scheme for my machines: an LUKS-encrypted # this is my standard partitioning scheme for my machines: an LUKS-encrypted
# btrfs volume # btrfs volume
disko.devices = { disko.devices = {
@ -153,7 +163,10 @@ in rec {
}; };
"/nix" = { "/nix" = {
mountpoint = "/nix"; mountpoint = "/nix";
mountOptions = ["compress=zstd" "noatime"]; mountOptions = [
"compress=zstd"
"noatime"
];
}; };
}; };
}; };
@ -175,7 +188,9 @@ in rec {
}; };
}; };
unencrypted = {disk, ...}: { unencrypted =
{ disk, ... }:
{
disko.devices = { disko.devices = {
disk = { disk = {
primary = { primary = {
@ -202,7 +217,10 @@ in rec {
}; };
"/nix" = { "/nix" = {
mountpoint = "/nix"; mountpoint = "/nix";
mountOptions = ["compress=zstd" "noatime"]; mountOptions = [
"compress=zstd"
"noatime"
];
}; };
}; };
}; };
@ -214,7 +232,8 @@ in rec {
}; };
}; };
beefcake = let beefcake =
let
zpools = { zpools = {
zroot = { zroot = {
/* /*
@ -385,24 +404,33 @@ in rec {
}; };
}; };
diskoBoot = mapAttrs' (device: {name, ...}: { diskoBoot = mapAttrs' (
device:
{ name, ... }:
{
name = "boot-${name}"; name = "boot-${name}";
value = { value = {
inherit device; inherit device;
type = "disk"; type = "disk";
content = diskClass.boot.content; content = diskClass.boot.content;
}; };
}) (filterAttrs (_: {enable, ...}: enable) bootDisks); }
) (filterAttrs (_: { enable, ... }: enable) bootDisks);
diskoStorage = mapAttrs' (device: {name, ...}: { diskoStorage = mapAttrs' (
device:
{ name, ... }:
{
name = "storage-${name}"; name = "storage-${name}";
value = { value = {
inherit device; inherit device;
type = "disk"; type = "disk";
content = diskClass.storage.content; content = diskClass.storage.content;
}; };
}) (filterAttrs (_: {enable, ...}: enable) storageDisks); }
in { ) (filterAttrs (_: { enable, ... }: enable) storageDisks);
in
{
disko.devices = { disko.devices = {
disk = diskoBoot // diskoStorage; disk = diskoBoot // diskoStorage;
zpool = { zpool = {
@ -411,7 +439,9 @@ in rec {
}; };
}; };
legacy = {disks, ...}: { legacy =
{ disks, ... }:
{
disko.devices = { disko.devices = {
disk = { disk = {
primary = { primary = {

5
lib/modules/home/eww/scripts/workspaces/default.nix
View file

@ -1,4 +1,7 @@
{pkgs ? import <nixpkgs> {}}: let {
pkgs ? import <nixpkgs> { },
}:
let
# lock = builtins.fromJSON (builtins.readFile ../../../../../flake.lock); # lock = builtins.fromJSON (builtins.readFile ../../../../../flake.lock);
# nixpkgsRev = lock.nodes.nixpkgs.locked.rev; # nixpkgsRev = lock.nodes.nixpkgs.locked.rev;
# pkgs = import (fetchTarball "https://github.com/NixOS/nixpkgs/archive/${nixpkgsRev}.tar.gz") {}; # pkgs = import (fetchTarball "https://github.com/NixOS/nixpkgs/archive/${nixpkgsRev}.tar.gz") {};

17
lib/modules/home/hyprland.nix
View file

@ -5,9 +5,11 @@
lib, lib,
# font, # font,
... ...
}: let }:
let
inherit (style) colors; inherit (style) colors;
in { in
{
# TODO: Hyprland seems to sometimes use a ton of CPU? # TODO: Hyprland seems to sometimes use a ton of CPU?
home.packages = with pkgs; [ home.packages = with pkgs; [
@ -217,7 +219,10 @@ in {
]; ];
# Move/resize windows with mod + LMB/RMB and dragging # Move/resize windows with mod + LMB/RMB and dragging
bindm = ["$mod, mouse:272, movewindow" "$mod, mouse:273, resizewindow"]; bindm = [
"$mod, mouse:272, movewindow"
"$mod, mouse:273, resizewindow"
];
}; };
extraConfig = '' extraConfig = ''
@ -376,10 +381,12 @@ in {
}; };
}; };
services.hypridle = let services.hypridle =
let
secondsPerMinute = 60; secondsPerMinute = 60;
lockSeconds = 10 * secondsPerMinute; lockSeconds = 10 * secondsPerMinute;
in { in
{
enable = true; enable = true;
settings = { settings = {
general = { general = {

3
lib/modules/home/kitty.nix
View file

@ -2,7 +2,8 @@
colors, colors,
font, font,
... ...
}: { }:
{
programs.kitty = { programs.kitty = {
enable = true; enable = true;
darwinLaunchOptions = [ "--single-instance" ]; darwinLaunchOptions = [ "--single-instance" ];

52
lib/modules/home/plasma-manager.nix
View file

@ -15,10 +15,19 @@
"kmix"."increase_microphone_volume" = "Microphone Volume Up"; "kmix"."increase_microphone_volume" = "Microphone Volume Up";
"kmix"."increase_volume" = "Volume Up"; "kmix"."increase_volume" = "Volume Up";
"kmix"."increase_volume_small" = "Shift+Volume Up"; "kmix"."increase_volume_small" = "Shift+Volume Up";
"kmix"."mic_mute" = ["Microphone Mute" "Meta+Volume Mute,Microphone Mute" "Meta+Shift+V" "Meta+Volume Mute,Mute Microphone"]; "kmix"."mic_mute" = [
"Microphone Mute"
"Meta+Volume Mute,Microphone Mute"
"Meta+Shift+V"
"Meta+Volume Mute,Mute Microphone"
];
"kmix"."mute" = "Volume Mute"; "kmix"."mute" = "Volume Mute";
# "ksmserver"."Halt Without Confirmation" = "none,,Shut Down Without Confirmation"; # "ksmserver"."Halt Without Confirmation" = "none,,Shut Down Without Confirmation";
"ksmserver"."Lock Session" = ["Meta+Ctrl+Shift+L" "Screensaver,Meta+L" "Screensaver,Lock Session"]; "ksmserver"."Lock Session" = [
"Meta+Ctrl+Shift+L"
"Screensaver,Meta+L"
"Screensaver,Lock Session"
];
# "ksmserver"."Log Out" = "Ctrl+Alt+Del"; # "ksmserver"."Log Out" = "Ctrl+Alt+Del";
# "ksmserver"."Log Out Without Confirmation" = "none,,Log Out Without Confirmation"; # "ksmserver"."Log Out Without Confirmation" = "none,,Log Out Without Confirmation";
# "ksmserver"."LogOut" = "none,,Log Out"; # "ksmserver"."LogOut" = "none,,Log Out";
@ -31,7 +40,11 @@
# "kwin"."Decrease Opacity" = "none,,Decrease Opacity of Active Window by 5%"; # "kwin"."Decrease Opacity" = "none,,Decrease Opacity of Active Window by 5%";
# "kwin"."Edit Tiles" = "Meta+T"; # "kwin"."Edit Tiles" = "Meta+T";
"kwin"."Expose" = "Ctrl+F9"; "kwin"."Expose" = "Ctrl+F9";
"kwin"."ExposeAll" = ["Ctrl+F10" "Launch (C),Ctrl+F10" "Launch (C),Toggle Present Windows (All desktops)"]; "kwin"."ExposeAll" = [
"Ctrl+F10"
"Launch (C),Ctrl+F10"
"Launch (C),Toggle Present Windows (All desktops)"
];
"kwin"."ExposeClass" = "Ctrl+F7"; "kwin"."ExposeClass" = "Ctrl+F7";
"kwin"."ExposeClassCurrentDesktop" = [ ]; "kwin"."ExposeClassCurrentDesktop" = [ ];
"kwin"."Grid View" = "Meta+G"; "kwin"."Grid View" = "Meta+G";
@ -96,11 +109,14 @@
"kwin"."Walk Through Windows" = "Alt+Tab"; "kwin"."Walk Through Windows" = "Alt+Tab";
"kwin"."Walk Through Windows (Reverse)" = "Alt+Shift+Tab"; "kwin"."Walk Through Windows (Reverse)" = "Alt+Shift+Tab";
"kwin"."Walk Through Windows Alternative" = "none,,Walk Through Windows Alternative"; "kwin"."Walk Through Windows Alternative" = "none,,Walk Through Windows Alternative";
"kwin"."Walk Through Windows Alternative (Reverse)" = "none,,Walk Through Windows Alternative (Reverse)"; "kwin"."Walk Through Windows Alternative (Reverse)" =
"none,,Walk Through Windows Alternative (Reverse)";
"kwin"."Walk Through Windows of Current Application" = "Alt+`"; "kwin"."Walk Through Windows of Current Application" = "Alt+`";
"kwin"."Walk Through Windows of Current Application (Reverse)" = "Alt+~"; "kwin"."Walk Through Windows of Current Application (Reverse)" = "Alt+~";
"kwin"."Walk Through Windows of Current Application Alternative" = "none,,Walk Through Windows of Current Application Alternative"; "kwin"."Walk Through Windows of Current Application Alternative" =
"kwin"."Walk Through Windows of Current Application Alternative (Reverse)" = "none,,Walk Through Windows of Current Application Alternative (Reverse)"; "none,,Walk Through Windows of Current Application Alternative";
"kwin"."Walk Through Windows of Current Application Alternative (Reverse)" =
"none,,Walk Through Windows of Current Application Alternative (Reverse)";
"kwin"."Window Above Other Windows" = "none,,Keep Window Above Others"; "kwin"."Window Above Other Windows" = "none,,Keep Window Above Others";
"kwin"."Window Below Other Windows" = "none,,Keep Window Below Others"; "kwin"."Window Below Other Windows" = "none,,Keep Window Below Others";
"kwin"."Window Close" = "Alt+F4"; "kwin"."Window Close" = "Alt+F4";
@ -175,7 +191,11 @@
"kwin"."Window to Screen 6" = "none,,Move Window to Screen 6"; "kwin"."Window to Screen 6" = "none,,Move Window to Screen 6";
"kwin"."Window to Screen 7" = "none,,Move Window to Screen 7"; "kwin"."Window to Screen 7" = "none,,Move Window to Screen 7";
"kwin"."view_actual_size" = "Meta+0"; "kwin"."view_actual_size" = "Meta+0";
"kwin"."view_zoom_in" = ["Meta++" "Meta+=,Meta++" "Meta+=,Zoom In"]; "kwin"."view_zoom_in" = [
"Meta++"
"Meta+=,Meta++"
"Meta+=,Zoom In"
];
"kwin"."view_zoom_out" = "Meta+-"; "kwin"."view_zoom_out" = "Meta+-";
"mediacontrol"."mediavolumedown" = "none,,Media volume down"; "mediacontrol"."mediavolumedown" = "none,,Media volume down";
"mediacontrol"."mediavolumeup" = "none,,Media volume up"; "mediacontrol"."mediavolumeup" = "none,,Media volume up";
@ -197,8 +217,16 @@
"org_kde_powerdevil"."Sleep" = "Sleep"; "org_kde_powerdevil"."Sleep" = "Sleep";
"org_kde_powerdevil"."Toggle Keyboard Backlight" = "Keyboard Light On/Off"; "org_kde_powerdevil"."Toggle Keyboard Backlight" = "Keyboard Light On/Off";
"org_kde_powerdevil"."Turn Off Screen" = [ ]; "org_kde_powerdevil"."Turn Off Screen" = [ ];
"org_kde_powerdevil"."powerProfile" = ["Battery" "Meta+B,Battery" "Meta+B,Switch Power Profile"]; "org_kde_powerdevil"."powerProfile" = [
"plasmashell"."activate application launcher" = ["Meta" "Alt+F1,Meta" "Alt+F1,Activate Application Launcher"]; "Battery"
"Meta+B,Battery"
"Meta+B,Switch Power Profile"
];
"plasmashell"."activate application launcher" = [
"Meta"
"Alt+F1,Meta"
"Alt+F1,Activate Application Launcher"
];
"plasmashell"."activate task manager entry 1" = "Meta+1"; "plasmashell"."activate task manager entry 1" = "Meta+1";
"plasmashell"."activate task manager entry 10" = "none,Meta+0,Activate Task Manager Entry 10"; "plasmashell"."activate task manager entry 10" = "none,Meta+0,Activate Task Manager Entry 10";
"plasmashell"."activate task manager entry 2" = "Meta+2"; "plasmashell"."activate task manager entry 2" = "Meta+2";
@ -228,7 +256,8 @@
}; };
configFile = { configFile = {
"baloofilerc"."General"."dbVersion" = 2; "baloofilerc"."General"."dbVersion" = 2;
"baloofilerc"."General"."exclude filters" = "*~,*.part,*.o,*.la,*.lo,*.loT,*.moc,moc_*.cpp,qrc_*.cpp,ui_*.h,cmake_install.cmake,CMakeCache.txt,CTestTestfile.cmake,libtool,config.status,confdefs.h,autom4te,conftest,confstat,Makefile.am,*.gcode,.ninja_deps,.ninja_log,build.ninja,*.csproj,*.m4,*.rej,*.gmo,*.pc,*.omf,*.aux,*.tmp,*.po,*.vm*,*.nvram,*.rcore,*.swp,*.swap,lzo,litmain.sh,*.orig,.histfile.*,.xsession-errors*,*.map,*.so,*.a,*.db,*.qrc,*.ini,*.init,*.img,*.vdi,*.vbox*,vbox.log,*.qcow2,*.vmdk,*.vhd,*.vhdx,*.sql,*.sql.gz,*.ytdl,*.tfstate*,*.class,*.pyc,*.pyo,*.elc,*.qmlc,*.jsc,*.fastq,*.fq,*.gb,*.fasta,*.fna,*.gbff,*.faa,po,CVS,.svn,.git,_darcs,.bzr,.hg,CMakeFiles,CMakeTmp,CMakeTmpQmake,.moc,.obj,.pch,.uic,.npm,.yarn,.yarn-cache,__pycache__,node_modules,node_packages,nbproject,.terraform,.venv,venv,core-dumps,lost+found"; "baloofilerc"."General"."exclude filters" =
"*~,*.part,*.o,*.la,*.lo,*.loT,*.moc,moc_*.cpp,qrc_*.cpp,ui_*.h,cmake_install.cmake,CMakeCache.txt,CTestTestfile.cmake,libtool,config.status,confdefs.h,autom4te,conftest,confstat,Makefile.am,*.gcode,.ninja_deps,.ninja_log,build.ninja,*.csproj,*.m4,*.rej,*.gmo,*.pc,*.omf,*.aux,*.tmp,*.po,*.vm*,*.nvram,*.rcore,*.swp,*.swap,lzo,litmain.sh,*.orig,.histfile.*,.xsession-errors*,*.map,*.so,*.a,*.db,*.qrc,*.ini,*.init,*.img,*.vdi,*.vbox*,vbox.log,*.qcow2,*.vmdk,*.vhd,*.vhdx,*.sql,*.sql.gz,*.ytdl,*.tfstate*,*.class,*.pyc,*.pyo,*.elc,*.qmlc,*.jsc,*.fastq,*.fq,*.gb,*.fasta,*.fna,*.gbff,*.faa,po,CVS,.svn,.git,_darcs,.bzr,.hg,CMakeFiles,CMakeTmp,CMakeTmpQmake,.moc,.obj,.pch,.uic,.npm,.yarn,.yarn-cache,__pycache__,node_modules,node_packages,nbproject,.terraform,.venv,venv,core-dumps,lost+found";
"baloofilerc"."General"."exclude filters version" = 9; "baloofilerc"."General"."exclude filters version" = 9;
"dolphinrc"."General"."ViewPropsTimestamp" = "2025,1,11,13,50,1.5779999999999998"; "dolphinrc"."General"."ViewPropsTimestamp" = "2025,1,11,13,50,1.5779999999999998";
"dolphinrc"."KFileDialog Settings"."Places Icons Auto-resize" = false; "dolphinrc"."KFileDialog Settings"."Places Icons Auto-resize" = false;
@ -247,7 +276,8 @@
"kwinrc"."Desktops"."Number" = 1; "kwinrc"."Desktops"."Number" = 1;
"kwinrc"."Desktops"."Rows" = 1; "kwinrc"."Desktops"."Rows" = 1;
"kwinrc"."Tiling"."padding" = 4; "kwinrc"."Tiling"."padding" = 4;
"kwinrc"."Tiling/f18ce12b-2106-508f-9542-e4e6c6fbf75f"."tiles" = "{\"layoutDirection\":\"horizontal\",\"tiles\":[{\"width\":0.25},{\"width\":0.5},{\"width\":0.25}]}"; "kwinrc"."Tiling/f18ce12b-2106-508f-9542-e4e6c6fbf75f"."tiles" =
"{\"layoutDirection\":\"horizontal\",\"tiles\":[{\"width\":0.25},{\"width\":0.5},{\"width\":0.25}]}";
"kwinrc"."Xwayland"."Scale" = 1.75; "kwinrc"."Xwayland"."Scale" = 1.75;
"plasma-localerc"."Formats"."LANG" = "en_US.UTF-8"; "plasma-localerc"."Formats"."LANG" = "en_US.UTF-8";
}; };

9
lib/modules/home/sway.nix
View file

@ -3,7 +3,8 @@
lib, lib,
config, config,
... ...
}: { }:
{
programs.foot = { programs.foot = {
enable = true; enable = true;
}; };
@ -175,10 +176,12 @@
# pointer_accel # pointer_accel
}; };
}; };
keybindings = let keybindings =
let
mod = config.wayland.windowManager.sway.config.modifier; mod = config.wayland.windowManager.sway.config.modifier;
menu = "tofi-run | xargs swaymsg exec --"; menu = "tofi-run | xargs swaymsg exec --";
in { in
{
"${mod}+control+space" = "exec makoctl dismiss"; "${mod}+control+space" = "exec makoctl dismiss";
"${mod}+shift+space" = "exec makoctl invoke"; "${mod}+shift+space" = "exec makoctl invoke";
# "${mod}+return" = "exec kitty --single-instance"; # "${mod}+return" = "exec kitty --single-instance";

3
lib/modules/home/swaylock.nix
View file

@ -1,4 +1,5 @@
{style, ...}: { { style, ... }:
{
programs.swaylock = { programs.swaylock = {
enable = true; enable = true;
settings = { settings = {

19
lib/modules/home/waybar.nix
View file

@ -2,14 +2,18 @@
pkgs, pkgs,
style, style,
... ...
}: { }:
{
programs.waybar = { programs.waybar = {
enable = true; enable = true;
settings = { settings = {
mainBar = { mainBar = {
"layer" = "top"; "layer" = "top";
"position" = "bottom"; "position" = "bottom";
"output" = ["eDP-1" "DP-3"]; "output" = [
"eDP-1"
"DP-3"
];
"height" = 50; "height" = 50;
"modules-left" = [ "modules-left" = [
"idle_inhibitor" "idle_inhibitor"
@ -94,7 +98,10 @@
"backlight" = { "backlight" = {
# "device" = "acpi_video1"; # "device" = "acpi_video1";
"format" = "{percent}%\n{icon}"; "format" = "{percent}%\n{icon}";
"format-icons" = ["" ""]; "format-icons" = [
""
""
];
"justify" = "center"; "justify" = "center";
}; };
"battery" = { "battery" = {
@ -145,10 +152,12 @@
}; };
}; };
}; };
style = let style =
let
border-width = "0px"; border-width = "0px";
in in
with style.colors.withHashPrefix; '' with style.colors.withHashPrefix;
''
* { * {
border-radius: 0; border-radius: 0;
font-family: "${style.font.name}", "Symbols Nerd Font Mono", sans-serif; font-family: "${style.font.name}", "Symbols Nerd Font Mono", sans-serif;

6
lib/modules/nixos/conduwuit.nix
View file

@ -4,13 +4,15 @@
lib, lib,
pkgs, pkgs,
... ...
}: let }:
let
cfg = config.services.conduwuit; cfg = config.services.conduwuit;
defaultUser = "conduwuit"; defaultUser = "conduwuit";
defaultGroup = "conduwuit"; defaultGroup = "conduwuit";
format = pkgs.formats.toml { }; format = pkgs.formats.toml { };
configFile = format.generate "conduwuit.toml" cfg.settings; configFile = format.generate "conduwuit.toml" cfg.settings;
in { in
{
meta.maintainers = with lib.maintainers; [ niklaskorz ]; meta.maintainers = with lib.maintainers; [ niklaskorz ];
options.services.conduwuit = { options.services.conduwuit = {
enable = lib.mkEnableOption "conduwuit"; enable = lib.mkEnableOption "conduwuit";

235
lib/modules/nixos/default.nix
View file

@ -1,8 +1,15 @@
{self, ...}: let { self, ... }:
let
inherit (self) outputs; inherit (self) outputs;
inherit (outputs) nixosModules homeManagerModules overlays constants; inherit (outputs)
nixosModules
homeManagerModules
overlays
constants
;
inherit (constants) pubkey; inherit (constants) pubkey;
in { in
{
shell-defaults-and-applications = import ./shell-config.nix; shell-defaults-and-applications = import ./shell-config.nix;
deno-netlify-ddns-client = import ./deno-netlify-ddns-client.nix; deno-netlify-ddns-client = import ./deno-netlify-ddns-client.nix;
@ -48,14 +55,22 @@ in {
# }; # };
# }; # };
ewwbar = {pkgs, ...}: { ewwbar =
{ pkgs, ... }:
{
# imports = with nixosModules; []; # imports = with nixosModules; [];
environment.systemPackages = with pkgs; [eww upower jq]; environment.systemPackages = with pkgs; [
eww
upower
jq
];
# TODO: include the home-manager modules for daniel? # TODO: include the home-manager modules for daniel?
}; };
niri = {pkgs, ...}: { niri =
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ niri ]; environment.systemPackages = with pkgs; [ niri ];
systemd.user.services.polkit = { systemd.user.services.polkit = {
@ -79,7 +94,9 @@ in {
services.gnome.gnome-keyring.enable = true; services.gnome.gnome-keyring.enable = true;
}; };
hyprland = {pkgs, ...}: { hyprland =
{ pkgs, ... }:
{
imports = with nixosModules; [ imports = with nixosModules; [
ewwbar ewwbar
pipewire pipewire
@ -88,7 +105,11 @@ in {
programs.hyprland = { programs.hyprland = {
enable = true; enable = true;
}; };
environment.systemPackages = with pkgs; [hyprpaper xwaylandvideobridge netcat-openbsd]; environment.systemPackages = with pkgs; [
hyprpaper
xwaylandvideobridge
netcat-openbsd
];
home-manager.users.daniel = { home-manager.users.daniel = {
imports = with homeManagerModules; [ imports = with homeManagerModules; [
@ -99,7 +120,9 @@ in {
# TODO: include the home-manager modules for daniel? # TODO: include the home-manager modules for daniel?
}; };
sway = {pkgs, ...}: { sway =
{ pkgs, ... }:
{
imports = with nixosModules; [ imports = with nixosModules; [
pipewire pipewire
]; ];
@ -108,7 +131,11 @@ in {
description = "wait for systemd units to have full PATH"; description = "wait for systemd units to have full PATH";
wantedBy = [ "xdg-desktop-portal.service" ]; wantedBy = [ "xdg-desktop-portal.service" ];
before = [ "xdg-desktop-portal.service" ]; before = [ "xdg-desktop-portal.service" ];
path = with pkgs; [systemd coreutils gnugrep]; path = with pkgs; [
systemd
coreutils
gnugrep
];
script = '' script = ''
ispresent () { ispresent () {
systemctl --user show-environment | grep -E '^PATH=.*/.nix-profile/bin' systemctl --user show-environment | grep -E '^PATH=.*/.nix-profile/bin'
@ -156,7 +183,10 @@ in {
programs.thunar = { programs.thunar = {
enable = true; enable = true;
plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman]; plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
}; };
services.gvfs = { services.gvfs = {
@ -211,11 +241,13 @@ in {
}; };
}; };
remote-disk-key-entry-on-boot = { remote-disk-key-entry-on-boot =
{
lib, lib,
pkgs, pkgs,
... ...
}: { }:
{
/* /*
https://nixos.wiki/wiki/Remote_disk_unlocking https://nixos.wiki/wiki/Remote_disk_unlocking
"When using DHCP, make sure your computer is always attached to the network and is able to get an IP adress, or the boot process will hang." "When using DHCP, make sure your computer is always attached to the network and is able to get an IP adress, or the boot process will hang."
@ -237,7 +269,9 @@ in {
}; };
}; };
laptop = {pkgs, ...}: { laptop =
{ pkgs, ... }:
{
imports = with nixosModules; [ imports = with nixosModules; [
family-users family-users
wifi wifi
@ -277,7 +311,9 @@ in {
}; };
}; };
touchscreen = {pkgs, ...}: { touchscreen =
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
wvkbd # on-screen keyboard wvkbd # on-screen keyboard
flakeInputs.iio-hyprland.outputs.packages.${system}.default # auto-rotate hyprland displays flakeInputs.iio-hyprland.outputs.packages.${system}.default # auto-rotate hyprland displays
@ -285,7 +321,9 @@ in {
]; ];
}; };
emacs = {pkgs, ...}: { emacs =
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
emacs emacs
]; ];
@ -297,11 +335,13 @@ in {
}; };
}; };
development-tools = { development-tools =
{
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
imports = with nixosModules; [ imports = with nixosModules; [
postgres postgres
podman podman
@ -385,7 +425,9 @@ in {
}; };
}; };
troubleshooting-tools = {pkgs, ...}: { troubleshooting-tools =
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
iftop iftop
bottom bottom
@ -403,7 +445,9 @@ in {
]; ];
}; };
music-consumption = {pkgs, ...}: { music-consumption =
{ pkgs, ... }:
{
environment = { environment = {
systemPackages = with pkgs; [ systemPackages = with pkgs; [
spotube spotube
@ -412,7 +456,9 @@ in {
}; };
}; };
video-tools = {pkgs, ...}: { video-tools =
{ pkgs, ... }:
{
environment = { environment = {
systemPackages = with pkgs; [ systemPackages = with pkgs; [
ffmpeg-full ffmpeg-full
@ -428,13 +474,15 @@ in {
# environment.systemPackages = [pkgs.android-studio]; # environment.systemPackages = [pkgs.android-studio];
# }; # };
graphical-workstation = { graphical-workstation =
{
pkgs, pkgs,
lib, lib,
options, options,
config, config,
... ...
}: { }:
{
imports = with nixosModules; [ imports = with nixosModules; [
sway sway
# hyprland # hyprland
@ -454,8 +502,8 @@ in {
xdg.portal.enable = true; xdg.portal.enable = true;
hardware = hardware =
if builtins.hasAttr "graphics" options.hardware if builtins.hasAttr "graphics" options.hardware then
then { {
graphics = { graphics = {
enable = true; enable = true;
enable32Bit = true; enable32Bit = true;
@ -465,7 +513,8 @@ in {
*/ */
}; };
} }
else { else
{
opengl = { opengl = {
enable = true; enable = true;
driSupport32Bit = true; driSupport32Bit = true;
@ -490,11 +539,13 @@ in {
}; };
}; };
gnome = { gnome =
{
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
imports = with nixosModules; [ pipewire ]; imports = with nixosModules; [ pipewire ];
services = { services = {
@ -548,7 +599,9 @@ in {
}; };
}; };
radio-tools = {pkgs, ...}: { radio-tools =
{ pkgs, ... }:
{
environment = { environment = {
systemPackages = with pkgs; [ systemPackages = with pkgs; [
chirp chirp
@ -568,23 +621,28 @@ in {
*/ */
}; };
fonts = {pkgs, ...}: { fonts =
{ pkgs, ... }:
{
fonts.packages = [ fonts.packages = [
( (
# allow nixpkgs 24.11 and unstable to both work # allow nixpkgs 24.11 and unstable to both work
if builtins.hasAttr "nerd-fonts" pkgs if builtins.hasAttr "nerd-fonts" pkgs then
then (pkgs.nerd-fonts.symbols-only) (pkgs.nerd-fonts.symbols-only)
else (pkgs.nerdfonts.override {fonts = ["NerdFontsSymbolsOnly"];}) else
(pkgs.nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
) )
pkgs.iosevkaLyteTerm pkgs.iosevkaLyteTerm
]; ];
}; };
plasma6 = { plasma6 =
{
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
imports = with nixosModules; [ imports = with nixosModules; [
kde-connect kde-connect
pipewire pipewire
@ -647,7 +705,9 @@ in {
programs.gnupg.agent.pinentryPackage = lib.mkForce pkgs.pinentry-qt; programs.gnupg.agent.pinentryPackage = lib.mkForce pkgs.pinentry-qt;
}; };
lutris = {pkgs, ...}: { lutris =
{ pkgs, ... }:
{
environment = { environment = {
systemPackages = with pkgs; [ systemPackages = with pkgs; [
wineWowPackages.waylandFull wineWowPackages.waylandFull
@ -657,7 +717,9 @@ in {
}; };
}; };
gaming = {pkgs, ...}: { gaming =
{ pkgs, ... }:
{
imports = with nixosModules; [ imports = with nixosModules; [
# lutris # use the flatpak # lutris # use the flatpak
steam # TODO: use the flatpak? steam # TODO: use the flatpak?
@ -685,7 +747,12 @@ in {
"bluez5.enable-sbc-xq" = true; "bluez5.enable-sbc-xq" = true;
"bluez5.enable-msbc" = true; "bluez5.enable-msbc" = true;
"bluez5.enable-hw-volume" = true; "bluez5.enable-hw-volume" = true;
"bluez5.roles" = ["hsp_hs" "hsp_ag" "hfp_hf" "hfp_ag"]; "bluez5.roles" = [
"hsp_hs"
"hsp_ag"
"hfp_hf"
"hfp_ag"
];
}; };
}; };
extraConfig.pipewire."91-null-sinks" = { extraConfig.pipewire."91-null-sinks" = {
@ -767,12 +834,14 @@ in {
*/ */
}; };
podman = { podman =
{
pkgs, pkgs,
config, config,
lib, lib,
... ...
}: { }:
{
config = lib.mkIf config.virtualisation.podman.enable { config = lib.mkIf config.virtualisation.podman.enable {
environment = { environment = {
systemPackages = with pkgs; [ systemPackages = with pkgs; [
@ -803,23 +872,27 @@ in {
}; };
}; };
virtual-machines = { virtual-machines =
{
pkgs, pkgs,
lib, lib,
config, config,
... ...
}: { }:
{
config = lib.mkIf config.virtualisation.libvirtd.enable { config = lib.mkIf config.virtualisation.libvirtd.enable {
users.users.daniel.extraGroups = [ "libvirtd" ]; users.users.daniel.extraGroups = [ "libvirtd" ];
}; };
}; };
postgres = { postgres =
{
pkgs, pkgs,
lib, lib,
config, config,
... ...
}: { }:
{
config = lib.mkIf config.services.postgresql.enable { config = lib.mkIf config.services.postgresql.enable {
# this is really just for development usage # this is really just for development usage
services.postgresql = { services.postgresql = {
@ -863,14 +936,17 @@ in {
}; };
}; };
desktop = { desktop =
{
pkgs, pkgs,
lib, lib,
config, config,
... ...
}: let }:
let
cfg = config.lyte.desktop; cfg = config.lyte.desktop;
in { in
{
options = { options = {
lyte = { lyte = {
desktop = { desktop = {
@ -892,12 +968,14 @@ in {
}; };
}; };
printing = { printing =
{
pkgs, pkgs,
lib, lib,
config, config,
... ...
}: { }:
{
config = lib.mkIf config.services.printing.enable { config = lib.mkIf config.services.printing.enable {
services.printing.browsing = true; services.printing.browsing = true;
services.printing.browsedConf = '' services.printing.browsedConf = ''
@ -912,14 +990,17 @@ in {
}; };
}; };
wifi = { wifi =
{
lib, lib,
config, config,
... ...
}: let }:
let
inherit (lib) mkDefault; inherit (lib) mkDefault;
cfg = config.networking.wifi; cfg = config.networking.wifi;
in { in
{
options = { options = {
networking.wifi.enable = lib.mkEnableOption "Enable wifi via NetworkManager"; networking.wifi.enable = lib.mkEnableOption "Enable wifi via NetworkManager";
}; };
@ -958,7 +1039,9 @@ in {
}; };
}; };
steam = {pkgs, ...}: { steam =
{ pkgs, ... }:
{
programs.gamescope.enable = true; programs.gamescope.enable = true;
programs.steam = { programs.steam = {
@ -993,11 +1076,13 @@ in {
*/ */
}; };
root = { root =
{
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
users.users.root = { users.users.root = {
home = "/root"; home = "/root";
createHome = true; createHome = true;
@ -1015,14 +1100,17 @@ in {
}; };
}; };
daniel = { daniel =
{
pkgs, pkgs,
lib, lib,
config, config,
... ...
}: let }:
let
username = "daniel"; username = "daniel";
in { in
{
imports = [ imports = [
{ {
config = lib.mkIf config.lyte.shell.enable { config = lib.mkIf config.lyte.shell.enable {
@ -1043,7 +1131,14 @@ in {
createHome = true; createHome = true;
openssh.authorizedKeys.keys = [ pubkey ]; openssh.authorizedKeys.keys = [ pubkey ];
group = username; group = username;
extraGroups = ["users" "wheel" "video" "dialout" "uucp" "kvm"]; extraGroups = [
"users"
"wheel"
"video"
"dialout"
"uucp"
"kvm"
];
packages = [ ]; packages = [ ];
}; };
home-manager.users.daniel = { home-manager.users.daniel = {
@ -1071,9 +1166,11 @@ in {
}; };
}; };
valerie = let valerie =
let
username = "valerie"; username = "valerie";
in { in
{
users.groups.${username} = { }; users.groups.${username} = { };
users.users.${username} = { users.users.${username} = {
isNormalUser = true; isNormalUser = true;
@ -1081,14 +1178,19 @@ in {
createHome = true; createHome = true;
openssh.authorizedKeys.keys = [ pubkey ]; openssh.authorizedKeys.keys = [ pubkey ];
group = username; group = username;
extraGroups = ["users" "video"]; extraGroups = [
"users"
"video"
];
packages = [ ]; packages = [ ];
}; };
}; };
flanfam = let flanfam =
let
username = "flanfam"; username = "flanfam";
in { in
{
users.groups.${username} = { }; users.groups.${username} = { };
users.users.${username} = { users.users.${username} = {
isNormalUser = true; isNormalUser = true;
@ -1096,7 +1198,10 @@ in {
createHome = true; createHome = true;
openssh.authorizedKeys.keys = [ pubkey ]; openssh.authorizedKeys.keys = [ pubkey ];
group = username; group = username;
extraGroups = ["users" "video"]; extraGroups = [
"users"
"video"
];
packages = [ ]; packages = [ ];
}; };
}; };

13
lib/modules/nixos/deno-netlify-ddns-client.nix
View file

@ -3,11 +3,18 @@
config, config,
pkgs, pkgs,
... ...
}: let }:
inherit (lib) mkEnableOption mkOption types mkIf; let
inherit (lib)
mkEnableOption
mkOption
types
mkIf
;
inherit (lib.strings) optionalString; inherit (lib.strings) optionalString;
cfg = config.services.deno-netlify-ddns-client; cfg = config.services.deno-netlify-ddns-client;
in { in
{
options.services.deno-netlify-ddns-client = { options.services.deno-netlify-ddns-client = {
enable = mkEnableOption "Enable the deno-netlify-ddns client."; enable = mkEnableOption "Enable the deno-netlify-ddns client.";
username = mkOption { username = mkOption {

3
lib/modules/nixos/gnome.nix
View file

@ -2,7 +2,8 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
imports = [ ./pipewire.nix ]; imports = [ ./pipewire.nix ];
# mkForce is used liberally to take precedence over KDE Plasma # mkForce is used liberally to take precedence over KDE Plasma

6
lib/modules/nixos/shell-config.nix
View file

@ -3,9 +3,11 @@
pkgs, pkgs,
config, config,
... ...
}: let }:
let
cfg = config.lyte.shell; cfg = config.lyte.shell;
in { in
{
options = { options = {
lyte = { lyte = {
shell = { shell = {

10
lib/overlays/default.nix
View file

@ -3,7 +3,8 @@
nixpkgs, nixpkgs,
nixpkgs-unstable, nixpkgs-unstable,
... ...
} @ inputs: { }@inputs:
{
default = final: _prev: { default = final: _prev: {
overlays = with self.overlays; [ overlays = with self.overlays; [
additions additions
@ -14,9 +15,12 @@
additions = final: prev: (prev // self.outputs.packages.${prev.system}); additions = final: prev: (prev // self.outputs.packages.${prev.system});
modifications = final: prev: let modifications =
final: prev:
let
inherit (inputs) helix ghostty; inherit (inputs) helix ghostty;
in { in
{
ghostty = ghostty.outputs.packages.${prev.system}.default; ghostty = ghostty.outputs.packages.${prev.system}.default;
helix = helix.outputs.packages.${prev.system}.default; helix = helix.outputs.packages.${prev.system}.default;
bitwarden = self.outputs.packages.${prev.system}.bitwarden; bitwarden = self.outputs.packages.${prev.system}.bitwarden;

19
lib/templates/deno/flake.nix
View file

@ -1,10 +1,12 @@
{ {
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
outputs = { outputs =
{
self, self,
nixpkgs, nixpkgs,
}: let }:
let
inherit (self) outputs; inherit (self) outputs;
supportedSystems = [ supportedSystems = [
"x86_64-linux" "x86_64-linux"
@ -14,10 +16,14 @@
"aarch64-darwin" "aarch64-darwin"
]; ];
forEachSupportedSystem = nixpkgs.lib.genAttrs supportedSystems; forEachSupportedSystem = nixpkgs.lib.genAttrs supportedSystems;
in { in
devShells = forEachSupportedSystem (system: let {
devShells = forEachSupportedSystem (
system:
let
pkgs = import nixpkgs { inherit system; }; pkgs = import nixpkgs { inherit system; };
in { in
{
deno-dev = pkgs.mkShell { deno-dev = pkgs.mkShell {
buildInputs = with pkgs; [ buildInputs = with pkgs; [
vscode-langservers-extracted vscode-langservers-extracted
@ -29,6 +35,7 @@
}; };
default = outputs.devShells.${system}.deno-dev; default = outputs.devShells.${system}.deno-dev;
}); }
);
}; };
} }

7
lib/templates/elixir/flake.nix
View file

@ -5,9 +5,12 @@
git-hooks.inputs.nixpkgs.follows = "nixpkgs"; git-hooks.inputs.nixpkgs.follows = "nixpkgs";
}; };
outputs = inputs: let outputs =
inputs:
let
inherit (import nix/boilerplate.nix inputs) call; inherit (import nix/boilerplate.nix inputs) call;
in { in
{
overlays = import nix/overlays.nix; overlays = import nix/overlays.nix;
packages = call (import nix/packages.nix); packages = call (import nix/packages.nix);
checks = call (import nix/checks.nix); checks = call (import nix/checks.nix);

17
lib/templates/elixir/nix/boilerplate.nix
View file

@ -2,13 +2,18 @@ inputs @ {
nixpkgs, nixpkgs,
self, self,
... ...
}: let }:
let
forSelfOverlay = forSelfOverlay =
if builtins.hasAttr "forSelf" self.overlays if builtins.hasAttr "forSelf" self.overlays then self.overlays.forSelf else (_: p: p);
then self.overlays.forSelf in
else (_: p: p); rec {
in rec { systems = [
systems = ["aarch64-linux" "x86_64-linux" "x86_64-darwin" "aarch64-darwin"]; "aarch64-linux"
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forSystems = nixpkgs.lib.genAttrs systems; forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: ((import nixpkgs { inherit system; }).extend forSelfOverlay); pkgsFor = system: ((import nixpkgs { inherit system; }).extend forSelfOverlay);
genPkgs = func: (forSystems (system: func (pkgsFor system))); genPkgs = func: (forSystems (system: func (pkgsFor system)));

12
lib/templates/elixir/nix/checks.nix
View file

@ -2,19 +2,23 @@
git-hooks, git-hooks,
pkgs, pkgs,
... ...
}: let }:
hook = { let
hook =
{
command, command,
stages ? [ "pre-commit" ], stages ? [ "pre-commit" ],
... ...
}: { }:
{
inherit stages; inherit stages;
enable = true; enable = true;
name = command; name = command;
entry = command; entry = command;
pass_filenames = false; pass_filenames = false;
}; };
in { in
{
git-hooks = git-hooks.lib.${pkgs.system}.run { git-hooks = git-hooks.lib.${pkgs.system}.run {
src = ./..; src = ./..;
hooks = { hooks = {

6
lib/templates/elixir/nix/packages.nix
View file

@ -2,11 +2,13 @@
pkgs, pkgs,
self, self,
... ...
}: let }:
let
version = "1.0.0"; version = "1.0.0";
src = ../.; src = ../.;
pname = "my-package"; pname = "my-package";
in { in
{
${pname} = pkgs.mixRelease { ${pname} = pkgs.mixRelease {
inherit pname version src; inherit pname version src;
mixFodDeps = pkgs.fetchMixDeps { mixFodDeps = pkgs.fetchMixDeps {

3
lib/templates/elixir/nix/shells.nix
View file

@ -2,7 +2,8 @@
pkgs, pkgs,
self, self,
... ...
}: { }:
{
elixir-dev = pkgs.mkShell { elixir-dev = pkgs.mkShell {
shellHook = '' shellHook = ''
${self.checks.${pkgs.system}.git-hooks.shellHook} ${self.checks.${pkgs.system}.git-hooks.shellHook}

16
lib/templates/gleam/flake.nix
View file

@ -1,15 +1,23 @@
{ {
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; inputs.nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
outputs = { outputs =
{
self, self,
nixpkgs, nixpkgs,
... ...
}: let }:
systems = ["aarch64-linux" "x86_64-linux" "x86_64-darwin" "aarch64-darwin"]; let
systems = [
"aarch64-linux"
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forSystems = nixpkgs.lib.genAttrs systems; forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: (import nixpkgs { inherit system; }).extend self.outputs.overlays.default; pkgsFor = system: (import nixpkgs { inherit system; }).extend self.outputs.overlays.default;
genPkgs = func: (forSystems (system: func (pkgsFor system))); genPkgs = func: (forSystems (system: func (pkgsFor system)));
in { in
{
overlays.default = final: prev: { overlays.default = final: prev: {
erlangPackages = prev.beam.packagesWith prev.erlang_27; erlangPackages = prev.beam.packagesWith prev.erlang_27;
erlang = final.erlangPackages.erlang; erlang = final.erlangPackages.erlang;

24
lib/templates/godot/flake.nix
View file

@ -1,11 +1,13 @@
{ {
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
outputs = { outputs =
{
self, self,
nixpkgs, nixpkgs,
... ...
}: let }:
let
inherit (self) outputs; inherit (self) outputs;
supportedSystems = [ supportedSystems = [
"x86_64-linux" "x86_64-linux"
@ -16,17 +18,25 @@
]; ];
forAllSystems = nixpkgs.lib.genAttrs supportedSystems; forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
in { in
devShells = forAllSystems (system: let {
devShells = forAllSystems (
system:
let
pkgs = import nixpkgs { inherit system; }; pkgs = import nixpkgs { inherit system; };
in { in
{
default = outputs.devShells.${system}.godot; default = outputs.devShells.${system}.godot;
godot = pkgs.mkShell { godot = pkgs.mkShell {
buildInputs = with pkgs; [godot_4 gdtoolkit]; buildInputs = with pkgs; [
godot_4
gdtoolkit
];
shellHook = '' shellHook = ''
echo -e "\e[0;30m\e[43m Use 'godot4 -e' to run the editor for this project. \e[0;30m\e[0m" echo -e "\e[0;30m\e[43m Use 'godot4 -e' to run the editor for this project. \e[0;30m\e[0m"
''; '';
}; };
}); }
);
}; };
} }

19
lib/templates/nim/flake.nix
View file

@ -1,9 +1,11 @@
{ {
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
outputs = { outputs =
{
self, self,
nixpkgs, nixpkgs,
}: let }:
let
inherit (self) outputs; inherit (self) outputs;
supportedSystems = [ supportedSystems = [
"x86_64-linux" "x86_64-linux"
@ -13,10 +15,14 @@
"aarch64-darwin" "aarch64-darwin"
]; ];
forEachSupportedSystem = nixpkgs.lib.genAttrs supportedSystems; forEachSupportedSystem = nixpkgs.lib.genAttrs supportedSystems;
in { in
devShells = forEachSupportedSystem (system: let {
devShells = forEachSupportedSystem (
system:
let
pkgs = import nixpkgs { inherit system; }; pkgs = import nixpkgs { inherit system; };
in { in
{
nim-dev = pkgs.mkShell { nim-dev = pkgs.mkShell {
buildInputs = with pkgs; [ buildInputs = with pkgs; [
nim nim
@ -26,6 +32,7 @@
}; };
default = outputs.devShells.${system}.nim-dev; default = outputs.devShells.${system}.nim-dev;
}); }
);
}; };
} }

7
lib/templates/rust/flake.nix
View file

@ -2,9 +2,12 @@
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
inputs.git-hooks.url = "github:cachix/git-hooks.nix"; inputs.git-hooks.url = "github:cachix/git-hooks.nix";
inputs.git-hooks.inputs.nixpkgs.follows = "nixpkgs"; inputs.git-hooks.inputs.nixpkgs.follows = "nixpkgs";
outputs = inputs: let outputs =
inputs:
let
inherit (import nix/boilerplate.nix inputs) call genPkgs; inherit (import nix/boilerplate.nix inputs) call genPkgs;
in { in
{
# overlays = import nix/overlays.nix; # overlays = import nix/overlays.nix;
checks = call (import nix/checks.nix); checks = call (import nix/checks.nix);
packages = call (import nix/packages.nix); packages = call (import nix/packages.nix);

20
lib/templates/rust/nix/boilerplate.nix
View file

@ -2,13 +2,21 @@ inputs @ {
nixpkgs, nixpkgs,
self, self,
... ...
}: let }:
let
forSelfOverlay = forSelfOverlay =
if builtins.hasAttr "overlays" self && builtins.hasAttr "forSelf" self.overlays if builtins.hasAttr "overlays" self && builtins.hasAttr "forSelf" self.overlays then
then self.overlays.forSelf self.overlays.forSelf
else (_: p: p); else
in rec { (_: p: p);
systems = ["aarch64-linux" "x86_64-linux" "x86_64-darwin" "aarch64-darwin"]; in
rec {
systems = [
"aarch64-linux"
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forSystems = nixpkgs.lib.genAttrs systems; forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: ((import nixpkgs { inherit system; }).extend forSelfOverlay); pkgsFor = system: ((import nixpkgs { inherit system; }).extend forSelfOverlay);
genPkgs = func: (forSystems (system: func (pkgsFor system))); genPkgs = func: (forSystems (system: func (pkgsFor system)));

3
lib/templates/rust/nix/checks.nix
View file

@ -2,7 +2,8 @@
pkgs, pkgs,
git-hooks, git-hooks,
... ...
}: { }:
{
git-hooks = git-hooks.lib.${pkgs.system}.run { git-hooks = git-hooks.lib.${pkgs.system}.run {
src = ./..; src = ./..;
hooks = { hooks = {

6
lib/templates/rust/nix/packages.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: let { pkgs, ... }:
let
inherit (builtins) fromTOML readFile; inherit (builtins) fromTOML readFile;
pname = "my-package"; pname = "my-package";
src = ./..; src = ./..;
@ -20,7 +21,8 @@
cargoHash = pkgs.lib.fakeHash; cargoHash = pkgs.lib.fakeHash;
useFetchCargoVendor = true; useFetchCargoVendor = true;
}; };
in { in
{
${pname} = main-package; ${pname} = main-package;
default = main-package; default = main-package;
} }

6
lib/templates/rust/nix/shells.nix
View file

@ -2,9 +2,11 @@
self, self,
pkgs, pkgs,
... ...
}: let }:
let
inherit (pkgs) system; inherit (pkgs) system;
in { in
{
default = pkgs.mkShell { default = pkgs.mkShell {
inherit (self.checks.${system}.git-hooks) shellHook; inherit (self.checks.${system}.git-hooks) shellHook;
inputsFrom = [ self.packages.${system}.default ]; inputsFrom = [ self.packages.${system}.default ];

1
nix/boilerplate.nix
View file

@ -1 +0,0 @@

3
nix/constants.nix
View file

@ -1,4 +1,5 @@
{nixpkgs, ...}: { { nixpkgs, ... }:
{
style = { style = {
colors = (import ./lib/colors.nix { inherit (nixpkgs) lib; }).schemes.catppuccin-mocha-sapphire; colors = (import ./lib/colors.nix { inherit (nixpkgs) lib; }).schemes.catppuccin-mocha-sapphire;

28
nix/machines.nix
View file

@ -1,5 +1,6 @@
{
beefcake = let beefcake =
let
system = "x86_64-linux"; system = "x86_64-linux";
in in
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
@ -38,7 +39,6 @@
]; ];
}; };
htpc = nixpkgs.lib.nixosSystem { htpc = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = with nixosModules; [ modules = with nixosModules; [
@ -113,7 +113,9 @@
./nixos/foxtrot.nix ./nixos/foxtrot.nix
({pkgs, ...}: { (
{ pkgs, ... }:
{
home-manager.users.daniel = { home-manager.users.daniel = {
imports = with homeManagerModules; [ imports = with homeManagerModules; [
senpai senpai
@ -126,8 +128,7 @@
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
fw-ectool fw-ectool
(writeShellApplication (writeShellApplication {
{
name = "reset-wifi-module"; name = "reset-wifi-module";
runtimeInputs = with pkgs; [ kmod ]; runtimeInputs = with pkgs; [ kmod ];
text = '' text = ''
@ -135,8 +136,7 @@
modprobe -v mt7921e modprobe -v mt7921e
''; '';
}) })
(writeShellApplication (writeShellApplication {
{
name = "perfmode"; name = "perfmode";
# we use command -v $cmd here because we only want to invoke these calls _if_ the related package is installed on the system # we use command -v $cmd here because we only want to invoke these calls _if_ the related package is installed on the system
# otherwise, they will likely have no effect anyways # otherwise, they will likely have no effect anyways
@ -145,8 +145,7 @@
command -v swaymsg &>/dev/null && bash -x -c 'swaymsg output eDP-1 mode 2880x1920@120Hz' command -v swaymsg &>/dev/null && bash -x -c 'swaymsg output eDP-1 mode 2880x1920@120Hz'
''; '';
}) })
(writeShellApplication (writeShellApplication {
{
name = "battmode"; name = "battmode";
text = '' text = ''
command -v powerprofilesctl &>/dev/null && bash -x -c 'powerprofilesctl set power-saver' command -v powerprofilesctl &>/dev/null && bash -x -c 'powerprofilesctl set power-saver'
@ -154,7 +153,8 @@
''; '';
}) })
]; ];
}) }
)
]; ];
}; };
@ -372,7 +372,8 @@
# .outputs # .outputs
# .disk-image; # .disk-image;
pinephone = let pinephone =
let
inherit (nixpkgs-unstable) lib; inherit (nixpkgs-unstable) lib;
in in
lib.nixosSystem { lib.nixosSystem {
@ -434,5 +435,4 @@
} }
]; ];
}; };
}; }

3
nix/users.nix
View file

@ -1,5 +1,6 @@
{ {
"deck" = let "deck" =
let
system = "x86_64-linux"; system = "x86_64-linux";
pkgs = unstable.pkgsFor system; pkgs = unstable.pkgsFor system;
in in

6
packages/default.nix
View file

@ -1,6 +1,8 @@
{pkgs, ...}: let { pkgs, ... }:
let
iosevkaLyteTerm = pkgs.callPackage ./iosevkaLyteTerm.nix { }; iosevkaLyteTerm = pkgs.callPackage ./iosevkaLyteTerm.nix { };
in { in
{
inherit iosevkaLyteTerm; inherit iosevkaLyteTerm;
iosevkaLyteTermSubset = pkgs.callPackage ./iosevkaLyteTermSubset.nix { iosevkaLyteTermSubset = pkgs.callPackage ./iosevkaLyteTermSubset.nix {

3
packages/hosts/base.nix
View file

@ -2,7 +2,8 @@
config, config,
outputs, outputs,
... ...
}: { }:
{
# a minimal, familiar setup that I can bootstrap atop # a minimal, familiar setup that I can bootstrap atop
imports = with outputs.nixosModules; [ imports = with outputs.nixosModules; [
# may need to be tweaked based on the machine's paritioning scheme # may need to be tweaked based on the machine's paritioning scheme

190
packages/hosts/beefcake.nix
View file

@ -16,7 +16,8 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
config, config,
pkgs, pkgs,
... ...
}: { }:
{
system.stateVersion = "24.05"; system.stateVersion = "24.05";
home-manager.users.daniel.home.stateVersion = "24.05"; home-manager.users.daniel.home.stateVersion = "24.05";
networking.hostName = "beefcake"; networking.hostName = "beefcake";
@ -36,7 +37,12 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
zfs = true; zfs = true;
}; };
# kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; # kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
initrd.availableKernelModules = ["ehci_pci" "mpt3sas" "usbhid" "sd_mod"]; initrd.availableKernelModules = [
"ehci_pci"
"mpt3sas"
"usbhid"
"sd_mod"
];
kernelModules = [ "kvm-intel" ]; kernelModules = [ "kvm-intel" ];
kernelParams = [ "nohibernate" ]; kernelParams = [ "nohibernate" ];
loader.systemd-boot.enable = true; loader.systemd-boot.enable = true;
@ -51,7 +57,10 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/B6C4-7CF4"; device = "/dev/disk/by-uuid/B6C4-7CF4";
fsType = "vfat"; fsType = "vfat";
options = ["fmask=0022" "dmask=0022"]; options = [
"fmask=0022"
"dmask=0022"
];
}; };
/* /*
@ -73,13 +82,16 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
# TODO: nfs with zfs? # TODO: nfs with zfs?
# services.nfs.server.enable = true; # services.nfs.server.enable = true;
} }
({ (
{
options, options,
config, config,
... ...
}: let }:
let
inherit (lib) mkOption types; inherit (lib) mkOption types;
in { in
{
options.services.restic.commonPaths = mkOption { options.services.restic.commonPaths = mkOption {
type = types.nullOr (types.listOf types.str); type = types.nullOr (types.listOf types.str);
default = [ ]; default = [ ];
@ -94,7 +106,8 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
"/home/user/backup" "/home/user/backup"
]; ];
}; };
}) }
)
{ {
# sops secrets config # sops secrets config
sops = { sops = {
@ -108,7 +121,9 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
} }
{ {
sops.secrets = { sops.secrets = {
netlify-ddns-password = {mode = "0400";}; netlify-ddns-password = {
mode = "0400";
};
}; };
services.deno-netlify-ddns-client = { services.deno-netlify-ddns-client = {
passwordFile = config.sops.secrets.netlify-ddns-password.path; passwordFile = config.sops.secrets.netlify-ddns-password.path;
@ -117,7 +132,9 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
{ {
# nix binary cache # nix binary cache
sops.secrets = { sops.secrets = {
nix-cache-priv-key = {mode = "0400";}; nix-cache-priv-key = {
mode = "0400";
};
}; };
services.nix-serve = { services.nix-serve = {
enable = true; # TODO: true enable = true; # TODO: true
@ -166,7 +183,11 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
# build main laptop configuration # build main laptop configuration
nixos-rebuild build --flake git+https://git.lyte.dev/lytedev/nix.git#foxtrot --accept-flake-config nixos-rebuild build --flake git+https://git.lyte.dev/lytedev/nix.git#foxtrot --accept-flake-config
''; '';
path = with pkgs; [openssh git nixos-rebuild]; path = with pkgs; [
openssh
git
nixos-rebuild
];
serviceConfig = { serviceConfig = {
# TODO: mkdir -p...? # TODO: mkdir -p...?
WorkingDirectory = "/home/daniel/.home/.cache/nightly-flake-builds"; WorkingDirectory = "/home/daniel/.home/.cache/nightly-flake-builds";
@ -220,7 +241,10 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
networking.firewall.allowedUDPPorts = lib.mkIf config.services.headscale.enable [ 3478 ]; networking.firewall.allowedUDPPorts = lib.mkIf config.services.headscale.enable [ 3478 ];
} }
{ {
services.restic.commonPaths = ["/var/lib/soju" "/var/lib/private/soju"]; services.restic.commonPaths = [
"/var/lib/soju"
"/var/lib/private/soju"
];
services.soju = { services.soju = {
enable = true; enable = true;
listen = [ "irc+insecure://:6667" ]; listen = [ "irc+insecure://:6667" ];
@ -274,7 +298,13 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
extraAppsEnable = true; extraAppsEnable = true;
autoUpdateApps.enable = true; autoUpdateApps.enable = true;
extraApps = with config.services.nextcloud.package.packages.apps; { extraApps = with config.services.nextcloud.package.packages.apps; {
inherit calendar contacts notes onlyoffice tasks; inherit
calendar
contacts
notes
onlyoffice
tasks
;
}; };
package = pkgs.nextcloud28; package = pkgs.nextcloud28;
home = "/storage/nextcloud"; home = "/storage/nextcloud";
@ -311,7 +341,8 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
}; };
}; };
services.caddy.virtualHosts."nextcloud.h.lyte.dev" = let services.caddy.virtualHosts."nextcloud.h.lyte.dev" =
let
fpm-nextcloud-pool = config.services.phpfpm.pools.nextcloud; fpm-nextcloud-pool = config.services.phpfpm.pools.nextcloud;
root = config.services.nginx.virtualHosts.${config.services.nextcloud.hostName}.root; root = config.services.nginx.virtualHosts.${config.services.nextcloud.hostName}.root;
in in
@ -695,7 +726,9 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
{ {
# restic backups # restic backups
sops.secrets = { sops.secrets = {
restic-ssh-priv-key-benland = {mode = "0400";}; restic-ssh-priv-key-benland = {
mode = "0400";
};
restic-rascal-passphrase = { restic-rascal-passphrase = {
mode = "0400"; mode = "0400";
}; };
@ -730,38 +763,35 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
}; };
}; };
}; };
services.restic.backups = let services.restic.backups =
let
# TODO: How do I set things up so that a compromised server doesn't have access to my backups so that it can corrupt or ransomware them? # TODO: How do I set things up so that a compromised server doesn't have access to my backups so that it can corrupt or ransomware them?
defaults = { defaults = {
passwordFile = config.sops.secrets.restic-rascal-passphrase.path; passwordFile = config.sops.secrets.restic-rascal-passphrase.path;
paths = paths = config.services.restic.commonPaths ++ [
config.services.restic.commonPaths
++ [
]; ];
initialize = true; initialize = true;
exclude = [ ]; exclude = [ ];
timerConfig = { timerConfig = {
OnCalendar = ["04:45" "17:45"]; OnCalendar = [
"04:45"
"17:45"
];
}; };
}; };
in { in
local = {
defaults local = defaults // {
// {
repository = "/storage/backups/local"; repository = "/storage/backups/local";
}; };
rascal = rascal = defaults // {
defaults
// {
extraOptions = [ extraOptions = [
''sftp.command="ssh beefcake@rascal.hare-cod.ts.net -i ${config.sops.secrets.restic-rascal-ssh-private-key.path} -s sftp"'' ''sftp.command="ssh beefcake@rascal.hare-cod.ts.net -i ${config.sops.secrets.restic-rascal-ssh-private-key.path} -s sftp"''
]; ];
repository = "sftp://beefcake@rascal.hare-cod.ts.net://storage/backups/beefcake"; repository = "sftp://beefcake@rascal.hare-cod.ts.net://storage/backups/beefcake";
}; };
# TODO: add ruby? # TODO: add ruby?
benland = benland = defaults // {
defaults
// {
extraOptions = [ extraOptions = [
''sftp.command="ssh daniel@n.benhaney.com -p 10022 -i ${config.sops.secrets.restic-ssh-priv-key-benland.path} -s sftp"'' ''sftp.command="ssh daniel@n.benhaney.com -p 10022 -i ${config.sops.secrets.restic-ssh-priv-key-benland.path} -s sftp"''
]; ];
@ -813,7 +843,9 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
# acmeCA = "https://acme-staging-v02.api.letsencrypt.org/directory"; # acmeCA = "https://acme-staging-v02.api.letsencrypt.org/directory";
}; };
} }
({...}: let (
{ ... }:
let
theme = pkgs.fetchzip { theme = pkgs.fetchzip {
url = "https://github.com/catppuccin/gitea/releases/download/v1.0.1/catppuccin-gitea.tar.gz"; url = "https://github.com/catppuccin/gitea/releases/download/v1.0.1/catppuccin-gitea.tar.gz";
sha256 = "sha256-et5luA3SI7iOcEIQ3CVIu0+eiLs8C/8mOitYlWQa/uI="; sha256 = "sha256-et5luA3SI7iOcEIQ3CVIu0+eiLs8C/8mOitYlWQa/uI=";
@ -832,9 +864,7 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
sha256 = "sha256-CdMTRXoQ3AI76aHW/sTqvZo1q/0XQdnQs9V1vGmiffY="; sha256 = "sha256-CdMTRXoQ3AI76aHW/sTqvZo1q/0XQdnQs9V1vGmiffY=";
}; };
}; };
forgejoCustomCss = forgejoCustomCss = pkgs.writeText "iosevkalyte.css" ''
pkgs.writeText "iosevkalyte.css"
''
@font-face { @font-face {
font-family: ldiosevka; font-family: ldiosevka;
font-style: normal; font-style: normal;
@ -862,15 +892,11 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
--fonts-monospace: ldiosevka, ui-monospace, SFMono-Regular, "SF Mono", Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace, var(--fonts-emoji); --fonts-monospace: ldiosevka, ui-monospace, SFMono-Regular, "SF Mono", Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace, var(--fonts-emoji);
} }
''; '';
forgejoCustomHeaderTmpl = forgejoCustomHeaderTmpl = pkgs.writeText "header.tmpl" ''
pkgs.writeText "header.tmpl"
''
<link rel="stylesheet" href="/assets/css/iosevkalyte.css" /> <link rel="stylesheet" href="/assets/css/iosevkalyte.css" />
<script async="" defer="" data-domain="git.lyte.dev" src="https://a.lyte.dev/js/script.js"></script> <script async="" defer="" data-domain="git.lyte.dev" src="https://a.lyte.dev/js/script.js"></script>
''; '';
forgejoCustomHomeTmpl = forgejoCustomHomeTmpl = pkgs.writeText "home.tmpl" ''
pkgs.writeText "home.tmpl"
''
{{template "base/head" .}} {{template "base/head" .}}
<div role="main" aria-label="{{if .IsSigned}}{{ctx.Locale.Tr "dashboard"}}{{else}}{{ctx.Locale.Tr "home"}}{{end}}" class="page-content home"> <div role="main" aria-label="{{if .IsSigned}}{{ctx.Locale.Tr "dashboard"}}{{else}}{{ctx.Locale.Tr "home"}}{{end}}" class="page-content home">
<div class="tw-mb-8 tw-px-8"> <div class="tw-mb-8 tw-px-8">
@ -923,7 +949,8 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
</div> </div>
{{template "base/footer" .}} {{template "base/footer" .}}
''; '';
in { in
{
# systemd.tmpfiles.settings = { # systemd.tmpfiles.settings = {
# "10-forgejo" = { # "10-forgejo" = {
# "/storage/forgejo" = { # "/storage/forgejo" = {
@ -998,7 +1025,9 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
config.services.forgejo.stateDir config.services.forgejo.stateDir
]; ];
sops.secrets = { sops.secrets = {
"forgejo-runner.env" = {mode = "0400";}; "forgejo-runner.env" = {
mode = "0400";
};
}; };
systemd.services.gitea-runner-beefcake.after = [ "sops-nix.service" ]; systemd.services.gitea-runner-beefcake.after = [ "sops-nix.service" ];
@ -1069,7 +1098,8 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
reverse_proxy :${toString config.services.forgejo.settings.server.HTTP_PORT} reverse_proxy :${toString config.services.forgejo.settings.server.HTTP_PORT}
''; '';
}; };
}) }
)
{ {
services.restic.commonPaths = [ services.restic.commonPaths = [
config.services.vaultwarden.backupDir config.services.vaultwarden.backupDir
@ -1246,13 +1276,16 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
]; ];
*/ */
} }
({...}: let (
{ ... }:
let
port = 26969; port = 26969;
dir = "/storage/flanilla"; dir = "/storage/flanilla";
user = "flanilla"; user = "flanilla";
in
# uid = config.users.users.flanilla.uid; # uid = config.users.users.flanilla.uid;
# gid = config.users.groups.flanilla.gid; # gid = config.users.groups.flanilla.gid;
in { {
# flanilla family minecraft server # flanilla family minecraft server
users.groups.${user} = { }; users.groups.${user} = { };
users.users.${user} = { users.users.${user} = {
@ -1269,7 +1302,10 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
]; ];
image = "docker.io/itzg/minecraft-server"; image = "docker.io/itzg/minecraft-server";
# user = "${toString uid}:${toString gid}"; # user = "${toString uid}:${toString gid}";
extraOptions = ["--tty" "--interactive"]; extraOptions = [
"--tty"
"--interactive"
];
environment = { environment = {
EULA = "true"; EULA = "true";
MOTD = "Flanilla Survival! Happy hunting!"; MOTD = "Flanilla Survival! Happy hunting!";
@ -1321,14 +1357,18 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
port port
]; ];
}) }
({...}: let )
(
{ ... }:
let
port = 26968; port = 26968;
dir = "/storage/flanilla-creative"; dir = "/storage/flanilla-creative";
user = "flanilla"; user = "flanilla";
in
# uid = config.users.users.flanilla.uid; # uid = config.users.users.flanilla.uid;
# gid = config.users.groups.flanilla.gid; # gid = config.users.groups.flanilla.gid;
in { {
# flanilla family minecraft server # flanilla family minecraft server
users.groups.${user} = { }; users.groups.${user} = { };
users.users.${user} = { users.users.${user} = {
@ -1341,7 +1381,10 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
autoStart = true; autoStart = true;
image = "docker.io/itzg/minecraft-server"; image = "docker.io/itzg/minecraft-server";
# user = "${toString uid}:${toString gid}"; # user = "${toString uid}:${toString gid}";
extraOptions = ["--tty" "--interactive"]; extraOptions = [
"--tty"
"--interactive"
];
environment = { environment = {
EULA = "true"; EULA = "true";
MOTD = "Flanilla Creative! Have fun building!"; MOTD = "Flanilla Creative! Have fun building!";
@ -1393,18 +1436,22 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
port port
]; ];
}) }
({ )
(
{
config, config,
options, options,
... ...
}: let }:
let
domain = "idm.h.lyte.dev"; domain = "idm.h.lyte.dev";
name = "kanidm"; name = "kanidm";
user = name; user = name;
group = name; group = name;
storage = "/storage/${name}"; storage = "/storage/${name}";
in { in
{
# kanidm # kanidm
config = { config = {
# reload certs from caddy every 5 minutes # reload certs from caddy every 5 minutes
@ -1521,7 +1568,8 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
''; '';
}; };
}; };
}) }
)
{ {
systemd.tmpfiles.settings = { systemd.tmpfiles.settings = {
"10-audiobookshelf" = { "10-audiobookshelf" = {
@ -1584,13 +1632,25 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
job_name = "beefcake"; job_name = "beefcake";
static_configs = [ static_configs = [
{ {
targets = let inherit (config.services.prometheus.exporters.node) port listenAddress; in ["${listenAddress}:${toString port}"]; targets =
let
inherit (config.services.prometheus.exporters.node) port listenAddress;
in
[ "${listenAddress}:${toString port}" ];
} }
{ {
targets = let inherit (config.services.prometheus.exporters.zfs) port listenAddress; in ["${listenAddress}:${toString port}"]; targets =
let
inherit (config.services.prometheus.exporters.zfs) port listenAddress;
in
[ "${listenAddress}:${toString port}" ];
} }
{ {
targets = let inherit (config.services.prometheus.exporters.postgres) port listenAddress; in ["${listenAddress}:${toString port}"]; targets =
let
inherit (config.services.prometheus.exporters.postgres) port listenAddress;
in
[ "${listenAddress}:${toString port}" ];
} }
]; ];
} }
@ -1783,17 +1843,22 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
extraSettingsFile = config.sops.secrets.factorio-server-settings.path; extraSettingsFile = config.sops.secrets.factorio-server-settings.path;
}; };
sops.secrets = { sops.secrets = {
factorio-server-settings = {mode = "0777";}; factorio-server-settings = {
mode = "0777";
};
}; };
} }
({ (
{
pkgs, pkgs,
config, config,
... ...
}: let }:
let
port = builtins.head config.services.conduwuit.settings.global.port; port = builtins.head config.services.conduwuit.settings.global.port;
sPort = toString port; sPort = toString port;
in { in
{
sops.secrets.matrix-registration-token-file.mode = "0400"; sops.secrets.matrix-registration-token-file.mode = "0400";
services.conduwuit = { services.conduwuit = {
enable = true; enable = true;
@ -1815,7 +1880,8 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
''; '';
# TODO: backups # TODO: backups
# TODO: reverse proxy # TODO: reverse proxy
}) }
)
]; ];
/* /*

15
packages/hosts/bigtower.nix
View file

@ -3,7 +3,8 @@
lib, lib,
config, config,
... ...
}: { }:
{
system.stateVersion = "24.05"; system.stateVersion = "24.05";
home-manager.users.daniel.home.stateVersion = "24.05"; home-manager.users.daniel.home.stateVersion = "24.05";
networking.hostName = "bigtower"; networking.hostName = "bigtower";
@ -29,7 +30,10 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/CE80-4623"; device = "/dev/disk/by-uuid/CE80-4623";
fsType = "vfat"; fsType = "vfat";
options = ["fmask=0022" "dmask=0022"]; options = [
"fmask=0022"
"dmask=0022"
];
}; };
} }
]; ];
@ -43,7 +47,12 @@
# kernelPackages = pkgs.linuxPackages_zen; # kernelPackages = pkgs.linuxPackages_zen;
loader.efi.canTouchEfiVariables = true; loader.efi.canTouchEfiVariables = true;
loader.systemd-boot.enable = true; loader.systemd-boot.enable = true;
initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci" "usbhid"]; initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"ahci"
"usbhid"
];
kernelModules = [ "kvm-amd" ]; kernelModules = [ "kvm-amd" ];
supportedFilesystems = [ "ntfs" ]; supportedFilesystems = [ "ntfs" ];
}; };

45
packages/hosts/default.nix
View file

@ -8,21 +8,32 @@
nixpkgs-unstable, nixpkgs-unstable,
home-manager-unstable, home-manager-unstable,
... ...
}: let }:
baseHost = { let
baseHost =
{
nixpkgs, nixpkgs,
home-manager, home-manager,
... ...
}: (path: ({system ? "x86_64-linux"}: (nixpkgs.lib.nixosSystem { }:
(
path:
(
{
system ? "x86_64-linux",
}:
(nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
({ (
{
config, config,
lib, lib,
pkgs, pkgs,
modulesPath, modulesPath,
... ...
}: { }:
{
imports = with self.outputs.nixosModules; [ imports = with self.outputs.nixosModules; [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
@ -57,13 +68,14 @@
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
registry = lib.mapAttrs (_: value: { flake = value; }) self.inputs; registry = lib.mapAttrs (_: value: { flake = value; }) self.inputs;
settings = settings = {
{
trusted-users = lib.mkDefault [ "@wheel" ]; trusted-users = lib.mkDefault [ "@wheel" ];
extra-experimental-features = lib.mkDefault ["nix-command" "flakes"]; extra-experimental-features = lib.mkDefault [
"nix-command"
"flakes"
];
auto-optimise-store = lib.mkDefault true; auto-optimise-store = lib.mkDefault true;
} } // self.nixConfig;
// self.nixConfig;
}; };
systemd.services.nix-daemon.environment.TMPDIR = lib.mkDefault "/var/tmp"; # TODO: why did I do this again? systemd.services.nix-daemon.environment.TMPDIR = lib.mkDefault "/var/tmp"; # TODO: why did I do this again?
@ -123,7 +135,8 @@
useXkbConfig = lib.mkDefault true; useXkbConfig = lib.mkDefault true;
earlySetup = lib.mkDefault true; earlySetup = lib.mkDefault true;
colors = with self.constants.style.colors; colors =
with self.constants.style.colors;
lib.mkDefault [ lib.mkDefault [
bg bg
red red
@ -154,7 +167,8 @@
}; };
}; };
}; };
}) }
)
{ {
_module.args = { _module.args = {
@ -164,13 +178,16 @@
} }
(import path) (import path)
]; ];
}))); })
)
);
stableHost = baseHost { inherit nixpkgs home-manager; }; stableHost = baseHost { inherit nixpkgs home-manager; };
host = baseHost { host = baseHost {
nixpkgs = nixpkgs-unstable; nixpkgs = nixpkgs-unstable;
home-manager = home-manager-unstable; home-manager = home-manager-unstable;
}; };
in { in
{
beefcake = stableHost ./beefcake.nix { }; beefcake = stableHost ./beefcake.nix { };
dragon = host ./dragon.nix { }; dragon = host ./dragon.nix { };
arm-dragon = host ./dragon.nix { system = "aarch64-linux"; }; arm-dragon = host ./dragon.nix { system = "aarch64-linux"; };

14
packages/hosts/dragon.nix
View file

@ -5,7 +5,8 @@
hardware, hardware,
diskoConfigurations, diskoConfigurations,
... ...
}: { }:
{
system.stateVersion = "24.11"; system.stateVersion = "24.11";
home-manager.users.daniel.home.stateVersion = "24.11"; home-manager.users.daniel.home.stateVersion = "24.11";
networking.hostName = "dragon"; networking.hostName = "dragon";
@ -14,7 +15,12 @@
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
loader.efi.canTouchEfiVariables = true; loader.efi.canTouchEfiVariables = true;
loader.systemd-boot.enable = true; loader.systemd-boot.enable = true;
initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci" "usbhid"]; initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"ahci"
"usbhid"
];
kernelModules = [ "kvm-amd" ]; kernelModules = [ "kvm-amd" ];
supportedFilesystems = [ "ntfs" ]; supportedFilesystems = [ "ntfs" ];
}; };
@ -26,7 +32,9 @@
common-pc-ssd common-pc-ssd
]; ];
sops.secrets.ddns-pass = {mode = "0400";}; sops.secrets.ddns-pass = {
mode = "0400";
};
services.deno-netlify-ddns-client = { services.deno-netlify-ddns-client = {
passwordFile = config.sops.secrets.ddns-pass.path; passwordFile = config.sops.secrets.ddns-pass.path;
enable = true; enable = true;

37
packages/hosts/foxtrot.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
imports = [ imports = [
{ {
system.stateVersion = "24.11"; system.stateVersion = "24.11";
@ -75,10 +76,12 @@
} }
]; ];
}; };
services.hypridle = let services.hypridle =
let
secondsPerMinute = 60; secondsPerMinute = 60;
lockSeconds = 10 * secondsPerMinute; lockSeconds = 10 * secondsPerMinute;
in { in
{
settings = { settings = {
listener = [ listener = [
{ {
@ -205,7 +208,11 @@
# NOTE(oninstall): # NOTE(oninstall):
"resume_offset=3421665" "resume_offset=3421665"
]; ];
initrd.availableKernelModules = ["xhci_pci" "nvme" "thunderbolt"]; initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"thunderbolt"
];
kernelModules = [ "kvm-amd" ]; kernelModules = [ "kvm-amd" ];
}; };
hardware.bluetooth = { hardware.bluetooth = {
@ -214,19 +221,19 @@
# simply resume the power state at the time of hibernation # simply resume the power state at the time of hibernation
powerOnBoot = false; powerOnBoot = false;
package = pkgs.bluez.overrideAttrs (finalAttrs: previousAttrs: rec { package = pkgs.bluez.overrideAttrs (
finalAttrs: previousAttrs: rec {
version = "5.78"; version = "5.78";
src = pkgs.fetchurl { src = pkgs.fetchurl {
url = "mirror://kernel/linux/bluetooth/bluez-${version}.tar.xz"; url = "mirror://kernel/linux/bluetooth/bluez-${version}.tar.xz";
sha256 = "sha256-gw/tGRXF03W43g9eb0X83qDcxf9f+z0x227Q8A1zxeM="; sha256 = "sha256-gw/tGRXF03W43g9eb0X83qDcxf9f+z0x227Q8A1zxeM=";
}; };
patches = [ ]; patches = [ ];
buildInputs = buildInputs = previousAttrs.buildInputs ++ [
previousAttrs.buildInputs
++ [
pkgs.python3Packages.pygments pkgs.python3Packages.pygments
]; ];
}); }
);
}; };
powerManagement.cpuFreqGovernor = "ondemand"; powerManagement.cpuFreqGovernor = "ondemand";
/* /*
@ -269,19 +276,23 @@
}; };
*/ */
networking.firewall.allowedTCPPorts = let networking.firewall.allowedTCPPorts =
let
stardewValley = 24642; stardewValley = 24642;
factorio = 34197; factorio = 34197;
in [ in
[
8000 # dev stuff 8000 # dev stuff
factorio factorio
stardewValley stardewValley
7777 7777
]; ];
networking.firewall.allowedUDPPorts = let networking.firewall.allowedUDPPorts =
let
stardewValley = 24642; stardewValley = 24642;
factorio = 34197; factorio = 34197;
in [ in
[
8000 # dev stuff 8000 # dev stuff
factorio factorio
stardewValley stardewValley

16
packages/hosts/htpc.nix
View file

@ -3,7 +3,8 @@
config, config,
lib, lib,
... ...
}: { }:
{
networking.hostName = "htpc"; networking.hostName = "htpc";
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
@ -12,8 +13,17 @@
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
boot.loader.grub.useOSProber = true; boot.loader.grub.useOSProber = true;
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"]; boot.initrd.availableKernelModules = [
boot.initrd.kernelModules = ["8821au" "8812au"]; "xhci_pci"
"ahci"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [
"8821au"
"8812au"
];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ boot.extraModulePackages = [
# pkgs.rtl8811au # pkgs.rtl8811au

17
packages/hosts/htpifour.nix
View file

@ -5,7 +5,8 @@
outputs, outputs,
modulesPath, modulesPath,
... ...
}: { }:
{
nixpkgs.hostPlatform = "aarch64-linux"; nixpkgs.hostPlatform = "aarch64-linux";
networking.hostName = "htpifour"; networking.hostName = "htpifour";
@ -31,10 +32,14 @@
console.enable = false; console.enable = false;
home-manager.users.daniel = { home-manager.users.daniel = {
imports = with outputs.homeManagerModules; [linux-desktop wallpaper-manager]; imports = with outputs.homeManagerModules; [
linux-desktop
wallpaper-manager
];
}; };
environment.systemPackages = with pkgs; environment.systemPackages =
with pkgs;
#with pkgs; #with pkgs;
[ [
# libcec # libcec
@ -82,7 +87,11 @@
boot = { boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_rpi4; kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
initrd.availableKernelModules = ["xhci_pci" "usbhid" "usb_storage"]; initrd.availableKernelModules = [
"xhci_pci"
"usbhid"
"usb_storage"
];
loader = { loader = {
grub.enable = false; grub.enable = false;
generic-extlinux-compatible.enable = true; generic-extlinux-compatible.enable = true;

24
packages/hosts/rascal.nix
View file

@ -2,12 +2,20 @@
config, config,
modulesPath, modulesPath,
... ...
}: { }:
{
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "ehci_pci" "usbhid" "uas" "sd_mod"]; boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"ehci_pci"
"usbhid"
"uas"
"sd_mod"
];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = [ "kvm-amd" ];
fileSystems."/" = { fileSystems."/" = {
@ -33,9 +41,7 @@
home = "/storage/backups/beefcake"; home = "/storage/backups/beefcake";
group = "beefcake"; group = "beefcake";
extraGroups = [ "sftponly" ]; extraGroups = [ "sftponly" ];
openssh.authorizedKeys.keys = openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys ++ [
config.users.users.daniel.openssh.authorizedKeys.keys
++ [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7HrojwoyHED+A/FzRjYmIL0hzofwBd9IYHH6yV0oPO root@beefcake" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7HrojwoyHED+A/FzRjYmIL0hzofwBd9IYHH6yV0oPO root@beefcake"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAOEI82VdbyR1RYqSnFtlffHBtHFdXO0v9RmQH7GkfXo restic@beefcake" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAOEI82VdbyR1RYqSnFtlffHBtHFdXO0v9RmQH7GkfXo restic@beefcake"
]; ];
@ -44,7 +50,13 @@
daniel = { daniel = {
# used for restic backups # used for restic backups
isNormalUser = true; isNormalUser = true;
extraGroups = ["users" "wheel" "video" "dialout" "uucp"]; extraGroups = [
"users"
"wheel"
"video"
"dialout"
"uucp"
];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
]; ];

53
packages/hosts/router.nix
View file

@ -4,7 +4,8 @@
# outputs, # outputs,
pkgs, pkgs,
... ...
}: let }:
let
/* /*
NOTE: My goal is to be able to apply most of the common tweaks to the router NOTE: My goal is to be able to apply most of the common tweaks to the router
either live on the system for ad-hoc changes (such as forwarding a port for a either live on the system for ad-hoc changes (such as forwarding a port for a
@ -83,7 +84,8 @@
"net.ipv6.conf.${interfaces.wan.name}.use_tempaddr" = 2; "net.ipv6.conf.${interfaces.wan.name}.use_tempaddr" = 2;
# "net.ipv6.conf.${interfaces.wan.name}.addr_gen_mode" = 2; # "net.ipv6.conf.${interfaces.wan.name}.addr_gen_mode" = 2;
}; };
in { in
{
imports = [ imports = [
{ {
# hardware # hardware
@ -116,7 +118,10 @@ in {
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/7F78-7AE8"; device = "/dev/disk/by-uuid/7F78-7AE8";
fsType = "vfat"; fsType = "vfat";
options = ["fmask=0022" "dmask=0022"]; options = [
"fmask=0022"
"dmask=0022"
];
}; };
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
powerManagement.cpuFreqGovernor = "performance"; powerManagement.cpuFreqGovernor = "performance";
@ -136,16 +141,16 @@ in {
generateKey = true; generateKey = true;
}; };
secrets = { secrets = {
netlify-ddns-password = {mode = "0400";}; netlify-ddns-password = {
mode = "0400";
};
}; };
}; };
services.deno-netlify-ddns-client = { services.deno-netlify-ddns-client = {
passwordFile = config.sops.secrets.netlify-ddns-password.path; passwordFile = config.sops.secrets.netlify-ddns-password.path;
}; };
boot.kernel.sysctl = boot.kernel.sysctl = sysctl-entries // {
sysctl-entries
// {
}; };
networking = { networking = {
@ -174,12 +179,14 @@ in {
# the main meat and potatoes for most routers, the firewall configuration # the main meat and potatoes for most routers, the firewall configuration
# TODO: IPv6 # TODO: IPv6
nftables = let nftables =
let
inf = { inf = {
lan = interfaces.lan.name; lan = interfaces.lan.name;
wan = interfaces.wan.name; wan = interfaces.wan.name;
}; };
in { in
{
enable = true; enable = true;
checkRuleset = true; checkRuleset = true;
flushRuleset = true; flushRuleset = true;
@ -460,7 +467,11 @@ in {
*/ */
enable-ra = true; enable-ra = true;
server = ["1.1.1.1" "9.9.9.9" "8.8.8.8"]; server = [
"1.1.1.1"
"9.9.9.9"
"8.8.8.8"
];
domain-needed = true; domain-needed = true;
bogus-priv = true; bogus-priv = true;
@ -477,28 +488,36 @@ in {
dhcp-host = dhcp-host =
[ [
] ]
++ (lib.attrsets.mapAttrsToList (name: { ++ (lib.attrsets.mapAttrsToList (
name:
{
ip, ip,
identifier ? name, identifier ? name,
time ? "12h", time ? "12h",
... ...
}: "${name},${ip},${identifier},${time}") }:
hosts); "${name},${ip},${identifier},${time}"
) hosts);
address = address =
[ [
"/${hostname}.${domain}/${ip}" "/${hostname}.${domain}/${ip}"
] ]
++ (lib.lists.flatten (lib.attrsets.mapAttrsToList (name: { ++ (lib.lists.flatten (
lib.attrsets.mapAttrsToList (
name:
{
ip, ip,
additionalHosts ? [ ], additionalHosts ? [ ],
identifier ? name, identifier ? name,
time ? "12h", time ? "12h",
}: [ }:
[
"/${name}.${domain}/${ip}" "/${name}.${domain}/${ip}"
(lib.lists.forEach additionalHosts (h: "/${h}/${ip}")) (lib.lists.forEach additionalHosts (h: "/${h}/${ip}"))
]) ]
hosts)); ) hosts
));
# local domains # local domains
local = "/lan/"; local = "/lan/";

51
packages/hosts/thablet.nix
View file

@ -3,7 +3,8 @@
lib, lib,
config, config,
... ...
}: { }:
{
networking.hostName = "thablet"; networking.hostName = "thablet";
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
@ -25,7 +26,12 @@
description = "Touch wake Thinkpad X1 Yoga 3rd gen hack"; description = "Touch wake Thinkpad X1 Yoga 3rd gen hack";
unitConfig = { unitConfig = {
After = ["suspend.target" "hibernate.target" "hybrid-sleep.target" "suspend-then-hibernate.target"]; After = [
"suspend.target"
"hibernate.target"
"hybrid-sleep.target"
"suspend-then-hibernate.target"
];
}; };
serviceConfig = { serviceConfig = {
@ -34,12 +40,25 @@
''; '';
}; };
wantedBy = ["suspend.target" "hibernate.target" "hybrid-sleep.target" "suspend-then-hibernate.target"]; wantedBy = [
"suspend.target"
"hibernate.target"
"hybrid-sleep.target"
"suspend-then-hibernate.target"
];
}; };
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"]; boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel" "acpi_call"]; boot.kernelModules = [
"kvm-intel"
"acpi_call"
];
boot.extraModulePackages = with config.boot.kernelPackages; [ acpi_call ]; boot.extraModulePackages = with config.boot.kernelPackages; [ acpi_call ];
hardware = { hardware = {
@ -65,12 +84,20 @@
}; };
networking = { networking = {
firewall = let firewall =
let
terraria = 7777; terraria = 7777;
stardew-valley = 24642; stardew-valley = 24642;
in { in
allowedTCPPorts = [terraria stardew-valley]; {
allowedUDPPorts = [terraria stardew-valley]; allowedTCPPorts = [
terraria
stardew-valley
];
allowedUDPPorts = [
terraria
stardew-valley
];
}; };
}; };
@ -104,10 +131,12 @@
]; ];
}; };
services.hypridle = let services.hypridle =
let
secondsPerMinute = 60; secondsPerMinute = 60;
lockSeconds = 10 * secondsPerMinute; lockSeconds = 10 * secondsPerMinute;
in { in
{
settings = { settings = {
listener = [ listener = [
{ {

15
packages/hosts/thinker.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
networking.hostName = "thinker"; networking.hostName = "thinker";
boot = { boot = {
@ -13,7 +14,11 @@
https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
*/ */
# kernelParams = ["boot.shell_on_fail"]; # kernelParams = ["boot.shell_on_fail"];
initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci"]; initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"ahci"
];
}; };
home-manager.users.daniel = { home-manager.users.daniel = {
@ -39,10 +44,12 @@
} }
]; ];
}; };
services.hypridle = let services.hypridle =
let
secondsPerMinute = 60; secondsPerMinute = 60;
lockSeconds = 10 * secondsPerMinute; lockSeconds = 10 * secondsPerMinute;
in { in
{
settings = { settings = {
listener = [ listener = [
{ {

14
packages/iosevkaLyteTerm.nix
View file

@ -1,6 +1,9 @@
{iosevka, ...}: let { iosevka, ... }:
let
set = "LyteTerm"; set = "LyteTerm";
in ((iosevka.override { in
(
(iosevka.override {
inherit set; inherit set;
privateBuildPlan = '' privateBuildPlan = ''
@ -122,8 +125,8 @@ in ((iosevka.override {
question = 'smooth' question = 'smooth'
punctuation-dot = 'round' punctuation-dot = 'round'
''; '';
}) }).overrideAttrs
.overrideAttrs { {
buildPhase = '' buildPhase = ''
export HOME=$TMPDIR export HOME=$TMPDIR
runHook preBuild runHook preBuild
@ -142,4 +145,5 @@ in ((iosevka.override {
install "dist/$pname/WOFF2"/* "$wfontdir" install "dist/$pname/WOFF2"/* "$wfontdir"
runHook postInstall runHook postInstall
''; '';
}) }
)

7
packages/iosevkaLyteTermSubset.nix
View file

@ -9,7 +9,12 @@ pkgs.stdenvNoCC.mkDerivation {
inherit (iosevkaLyteTerm) version; inherit (iosevkaLyteTerm) version;
pname = "${iosevkaLyteTerm.pname}Subset"; pname = "${iosevkaLyteTerm.pname}Subset";
buildInputs = [parallel] ++ (with python311Packages; [fonttools brotli]); buildInputs =
[ parallel ]
++ (with python311Packages; [
fonttools
brotli
]);
PYTHONPATH = pkgs.python3.withPackages (pp: with pp; [ brotli ]); PYTHONPATH = pkgs.python3.withPackages (pp: with pp; [ brotli ]);
src = iosevkaLyteTerm; src = iosevkaLyteTerm;