lytedev/nix
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: lytedev:main
Branches Tags
lytedev:main
lytedev:booting
lytedev:zelllij
lytedev:logo
lytedev:pinephone
lytedev:beefcake-revival
lytedev:wezterm
lytedev:fix-api-lyte-dev
lytedev:tear-it-up
lytedev:wip-no-special-args
lytedev:kde
lytedev:reorg
lytedev:reduce-common
lytedev:template
..
compare: lytedev:beefcake-revival
Branches Tags
lytedev:main
lytedev:booting
lytedev:zelllij
lytedev:logo
lytedev:pinephone
lytedev:beefcake-revival
lytedev:wezterm
lytedev:fix-api-lyte-dev
lytedev:tear-it-up
lytedev:wip-no-special-args
lytedev:kde
lytedev:reorg
lytedev:reduce-common
lytedev:template

No commits in common. "main" and "beefcake-revival" have entirely different histories.
main ... beefcake-r

227 changed files with 9694 additions and 12270 deletions
Show stats Expand all files Collapse all files

4
.forgejo/workflows/nix-build.yaml
View file

@ -30,10 +30,6 @@ jobs:
run: |
nix shell nixpkgs#nixos-rebuild -c nixos-rebuild build --flake .#foxtrot
- name: Build default devShell
run: |
nix develop . --build
# - name: Save nix store
# uses: actions/cache/save@v4
# with:

10
.helix/languages.toml
View file

@ -1,10 +0,0 @@
[[language]]
auto-format = true
file-types = ["nix"]
name = "nix"
scope = "source.nix"
language-servers = ["nixd", "nil"]
[language.formatter]
args = ["-"]
command = "nixfmt"

34
.sops.yaml
View file

@ -1,20 +1,7 @@
keys:
# list any public keys here
# if you need the private key, refer to the readme
# pass age-key | rg '# pub'
- &daniel age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45
# per-host keys can be derived from a target host's ssh keys like so:
# ssh host "nix shell nixpkgs#ssh-to-age -c $SHELL -c 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'"
- &sshd-at-beefcake age1etv56f7kf78a55lxqtydrdd32dpmsjnxndf4u28qezxn6p7xt9esqvqdq7
- &sshd-at-router age1zd7c3g5d20shdftq8ghqm0r92488dg4pdp4gulur7ex3zx2yq35ssxawpn
- &sshd-at-dragon age14ewl97x5g52ajf269cmmwzrgf22m9dsr7mw7czfa356qugvf4gvq5dttfv
- &ssh-foxtrot age1njnet9ltjuxasqv3ckn67r5natke6xgd8wlx8psf64pyc4duvurqhedw80
# after updating this file, you may need to update the keys for any associated files like so:
# sops updatekeys secrets.file
# after updating this, you will need to `sops updatekeys secrets.file` for any files that need the new key(s)
- &daniel age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45 # pass age-key | rg '# pub'
- &sshd-at-beefcake age1etv56f7kf78a55lxqtydrdd32dpmsjnxndf4u28qezxn6p7xt9esqvqdq7 # ssh beefcake "nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'"
creation_rules:
- path_regex: secrets/[^/]+\.(ya?ml|json|env|ini)$
key_groups:
@ -25,18 +12,3 @@ creation_rules:
- age:
- *daniel
- *sshd-at-beefcake
- path_regex: secrets/router/[^/]+\.(ya?ml|json|env|ini)$
key_groups:
- age:
- *daniel
- *sshd-at-router
- path_regex: secrets/dragon/[^/]+\.(ya?ml|json|env|ini)$
key_groups:
- age:
- *daniel
- *sshd-at-dragon
- path_regex: secrets/foxtrot/[^/]+\.(ya?ml|json|env|ini)$
key_groups:
- age:
- *daniel
- *ssh-foxtrot

424
disko/default.nix Normal file
View file

@ -0,0 +1,424 @@
{lib, ...}: let
inherit (lib.attrsets) mapAttrs' filterAttrs;
in {
standardWithHibernateSwap = {
disks ? ["/dev/sda"],
swapSize,
...
}: {
# this is my standard partitioning scheme for my machines which probably want hibernation capabilities
# a UEFI-compatible boot partition
# it includes an LUKS-encrypted btrfs volume
# a swap partition big enough to dump all the machine's RAM into
disko.devices = {
disk = {
primary = {
type = "disk";
device = builtins.elemAt disks 0;
content = {
type = "gpt";
partitions = {
ESP = {
label = "EFI";
name = "ESP";
size = "4G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
swap = {
size = swapSize;
content = {
type = "swap";
discardPolicy = "both";
resumeDevice = true; # resume from hiberation from this device
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
extraOpenArgs = ["--allow-discards"];
# if you want to use the key for interactive login be sure there is no trailing newline
# for example use `echo -n "password" > /tmp/secret.key`
keyFile = "/tmp/secret.key"; # Interactive
# settings.keyFile = "/tmp/password.key";
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/nixos" = {
mountpoint = "/";
mountOptions = ["compress=zstd" "noatime"];
};
"/home" = {
mountpoint = "/home";
mountOptions = ["compress=zstd" "noatime"];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = ["compress=zstd" "noatime"];
};
};
};
};
};
};
};
};
};
};
};
standard = {disks ? ["/dev/vda"], ...}: {
# this is my standard partitioning scheme for my machines: an LUKS-encrypted
# btrfs volume
disko.devices = {
disk = {
primary = {
type = "disk";
device = builtins.elemAt disks 0;
content = {
type = "gpt";
partitions = {
ESP = {
label = "EFI";
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
extraOpenArgs = ["--allow-discards"];
# if you want to use the key for interactive login be sure there is no trailing newline
# for example use `echo -n "password" > /tmp/secret.key`
keyFile = "/tmp/secret.key"; # Interactive
# settings.keyFile = "/tmp/password.key";
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = ["compress=zstd" "noatime"];
};
"/home" = {
mountpoint = "/home";
mountOptions = ["compress=zstd" "noatime"];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = ["compress=zstd" "noatime"];
};
};
};
};
};
};
};
};
};
};
};
unencrypted = {disks ? ["/dev/vda"], ...}: {
disko.devices = {
disk = {
primary = {
type = "disk";
device = builtins.elemAt disks 0;
content = {
type = "gpt";
partitions = {
ESP = {
label = "EFI";
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [];
};
"/home" = {
mountpoint = "/home";
mountOptions = ["compress=zstd"];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = ["compress=zstd" "noatime"];
};
};
};
};
};
};
};
};
};
};
beefcake = let
zpools = {
zroot = {
# TODO: at the time of writing, disko does not support draid6
# so I'm building/managing the array manually for the time being
# the root pool is just a single disk right now
name = "zroot";
config = {
type = "zpool";
# mode = "draid6";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "false";
};
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
datasets = {
zfs_fs = {
type = "zfs_fs";
mountpoint = "/zfs_fs";
options."com.sun:auto-snapshot" = "true";
};
zfs_unmounted_fs = {
type = "zfs_fs";
options.mountpoint = "none";
};
zfs_legacy_fs = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/zfs_legacy_fs";
};
zfs_testvolume = {
type = "zfs_volume";
size = "10M";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/ext4onzfs";
};
};
encrypted = {
type = "zfs_fs";
options = {
mountpoint = "none";
encryption = "aes-256-gcm";
keyformat = "passphrase";
keylocation = "file:///tmp/secret.key";
};
# use this to read the key during boot
# postCreateHook = ''
# zfs set keylocation="prompt" "zroot/$name";
# '';
};
"encrypted/test" = {
type = "zfs_fs";
mountpoint = "/zfs_crypted";
};
};
};
};
zstorage = {
# PARITY_COUNT=3 NUM_DRIVES=8 HOT_SPARES=2 sudo -E zpool create -f -O mountpoint=none -O compression=on -O xattr=sa -O acltype=posixacl -o ashift=12 -O atime=off -O recordsize=64K zstorage draid{$PARITY_COUNT}:{$NUM_DRIVES}c:{$HOT_SPARES}s /dev/disk/by-id/scsi-35000039548cb637c /dev/disk/by-id/scsi-35000039548cb7c8c /dev/disk/by-id/scsi-35000039548cb85c8 /dev/disk/by-id/scsi-35000039548d9b504 /dev/disk/by-id/scsi-35000039548da2b08 /dev/disk/by-id/scsi-35000039548dad2fc /dev/disk/by-id/scsi-350000399384be921 /dev/disk/by-id/scsi-35000039548db096c
# sudo zfs create -o mountpoint=legacy zstorage/nix
# sudo zfs create -o canmount=on -o mountpoint=/storage zstorage/storage
name = "zstorage";
config = {};
};
};
diskClass = {
storage = {
type = "zfs";
pool = zpools.zroot.name;
};
boot = {
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = zpools.zroot.name;
};
};
};
};
};
};
bootDisks = {
"/dev/sdi" = {
name = "i";
enable = true;
};
"/dev/sdj" = {
name = "j";
enable = true;
}; # TODO: join current boot drive to new boot pool
};
storageDisks = {
"/dev/sda" = {
enable = true;
name = "a";
};
"/dev/sdb" = {
enable = true;
name = "b";
};
"/dev/sdc" = {
enable = true;
name = "c";
};
"/dev/sdd" = {
enable = true;
name = "d";
};
# TODO: start small
"/dev/sde" = {
enable = false;
name = "e";
};
"/dev/sdf" = {
enable = false;
name = "f";
};
"/dev/sdg" = {
enable = false;
name = "g";
};
"/dev/sdh" = {
enable = false;
name = "h";
};
# gap for two boot drives
"/dev/sdk" = {
enable = false;
name = "k";
};
"/dev/sdl" = {
enable = false;
name = "l";
};
"/dev/sdm" = {
enable = false;
name = "m";
};
"/dev/sdn" = {
# TODO: this is my holding cell for random stuff right now
enable = false;
name = "n";
};
};
diskoBoot = mapAttrs' (device: {name, ...}: {
name = "boot-${name}";
value = {
inherit device;
type = "disk";
content = diskClass.boot.content;
};
}) (filterAttrs (_: {enable, ...}: enable) bootDisks);
diskoStorage = mapAttrs' (device: {name, ...}: {
name = "storage-${name}";
value = {
inherit device;
type = "disk";
content = diskClass.storage.content;
};
}) (filterAttrs (_: {enable, ...}: enable) storageDisks);
in {
disko.devices = {
disk = diskoBoot // diskoStorage;
zpool = {
zroot = zpools.zroot.config;
};
};
};
legacy = {disks ? ["/dev/vda"], ...}: {
disko.devices = {
disk = {
primary = {
device = builtins.elemAt disks 0;
type = "disk";
content = {
type = "table";
format = "gpt";
partitions = [
{
label = "EFI";
name = "ESP";
size = "512M";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
}
{
name = "root";
start = "500M";
end = "100%";
part-type = "primary";
bootable = true;
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
}
];
};
};
};
};
};
}

645
flake.lock generated
View file

@ -1,28 +1,56 @@
{
"nodes": {
"colmena": {
"aquamarine": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"nixpkgs-unstable"
"hyprutils": [
"hyprland",
"hyprutils"
],
"stable": [
"hyprwayland-scanner": [
"hyprland",
"hyprwayland-scanner"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1724850097,
"narHash": "sha256-3BHxvFb3NJzch1X8puRMkVZujOoarQ1llu3ZcwuvsKU=",
"owner": "hyprwm",
"repo": "aquamarine",
"rev": "23c7925dd31e79e8c06086ace3edb129a070ac01",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "aquamarine",
"type": "github"
}
},
"crane": {
"inputs": {
"nixpkgs": [
"helix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1739900653,
"narHash": "sha256-hPSLvw6AZQYrZyGI6Uq4XgST7benF/0zcCpugn/P0yM=",
"owner": "zhaofengli",
"repo": "colmena",
"rev": "2370d4336eda2a9ef29fce10fa7076ae011983ab",
"lastModified": 1709610799,
"narHash": "sha256-5jfLQx0U9hXbi2skYMGodDJkIgffrjIOgMRjZqms2QE=",
"owner": "ipetkov",
"repo": "crane",
"rev": "81c393c776d5379c030607866afef6406ca1be57",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"repo": "colmena",
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
@ -33,11 +61,11 @@
]
},
"locked": {
"lastModified": 1741684000,
"narHash": "sha256-NQykaWIrn5zilncefIvW4jPQ76YMXVK/dMTzkSVDmdk=",
"lastModified": 1724895876,
"narHash": "sha256-GSqAwa00+vRuHbq9O/yRv7Ov7W/pcMLis3HmeHv8a+Q=",
"owner": "nix-community",
"repo": "disko",
"rev": "2db1d64fc084b1d15e3871dffc02c62a94ed6ed7",
"rev": "511388d837178979de66d14ca4a2ebd5f7991cd3",
"type": "github"
},
"original": {
@ -48,38 +76,6 @@
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1650374568,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1696426674,
@ -95,7 +91,7 @@
"type": "github"
}
},
"flake-compat_4": {
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
@ -112,12 +108,15 @@
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"lastModified": 1709126324,
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
"type": "github"
},
"original": {
@ -128,14 +127,14 @@
},
"flake-utils_2": {
"inputs": {
"systems": "systems"
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
@ -144,65 +143,38 @@
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_2"
},
"freetype2": {
"flake": false,
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"lastModified": 1687587065,
"narHash": "sha256-+Fh+/k+NWL5Ow9sDLtp8Cv/8rLNA1oByQQCIQS/bysY=",
"owner": "wez",
"repo": "freetype2",
"rev": "e4586d960f339cf75e2e0b34aee30a0ed8353c0d",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"ghostty": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_2",
"nixpkgs-stable": [
"nixpkgs"
],
"nixpkgs-unstable": [
"nixpkgs-unstable"
],
"zig": "zig",
"zig2nix": "zig2nix"
},
"locked": {
"lastModified": 1741594465,
"narHash": "sha256-8a/QIgNwV8VGn8JIiACmVVEdue+U3juiMSAO1DEUTC4=",
"owner": "ghostty-org",
"repo": "ghostty",
"rev": "95daca616db5c24d7bb37fd5a3ac2f8762bb4ead",
"type": "github"
},
"original": {
"owner": "ghostty-org",
"repo": "ghostty",
"owner": "wez",
"repo": "freetype2",
"rev": "e4586d960f339cf75e2e0b34aee30a0ed8353c0d",
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": "flake-compat_3",
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"nixpkgs-unstable"
]
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1741379162,
"narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=",
"lastModified": 1724857454,
"narHash": "sha256-Qyl9Q4QMTLZnnBb/8OuQ9LSkzWjBU1T5l5zIzTxkkhk=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc",
"rev": "4509ca64f1084e73bc7a721b20c669a8d4c5ebe6",
"type": "github"
},
"original": {
@ -213,13 +185,13 @@
},
"git-hooks_2": {
"inputs": {
"flake-compat": "flake-compat_4",
"flake-compat": "flake-compat_2",
"gitignore": "gitignore_2",
"nixpkgs": [
"slippi",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1721042469,
@ -280,33 +252,49 @@
},
"hardware": {
"locked": {
"lastModified": 1741325094,
"narHash": "sha256-RUAdT8dZ6k/486vnu3tiNRrNW6+Q8uSD2Mq7gTX4jlo=",
"owner": "NixOS",
"lastModified": 1724878143,
"narHash": "sha256-UjpKo92iZ25M05kgSOw/Ti6VZwpgdlOa73zHj8OcaDk=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "b48cc4dab0f9711af296fc367b6108cf7b8ccb16",
"rev": "95c3dfe6ef2e96ddc1ccdd7194e3cda02ca9a8ef",
"type": "github"
},
"original": {
"owner": "NixOS",
"owner": "nixos",
"repo": "nixos-hardware",
"type": "github"
}
},
"harfbuzz": {
"flake": false,
"locked": {
"lastModified": 1711722720,
"narHash": "sha256-GdxcAPx5QyniSHPAN1ih28AD9JLUPR0ItqW9JEsl3pU=",
"owner": "harfbuzz",
"repo": "harfbuzz",
"rev": "63973005bc07aba599b47fdd4cf788647b601ccd",
"type": "github"
},
"original": {
"owner": "harfbuzz",
"ref": "8.4.0",
"repo": "harfbuzz",
"type": "github"
}
},
"helix": {
"inputs": {
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs-unstable"
],
"crane": "crane",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1741724933,
"narHash": "sha256-o1LCu4YYruUQc6yd8wwbQ/DyrTCoAD4lDfujykLn9NU=",
"lastModified": 1724856988,
"narHash": "sha256-JBLe2CxAhG+J8+x8qmbzkGHNYmGcSiuY2QO4Zhb72lI=",
"owner": "helix-editor",
"repo": "helix",
"rev": "8df58b2e1779dcf0046fb51ae1893c1eebf01e7c",
"rev": "1b5295a3f3d7cccd96eed5bfd394807a4dae87fc",
"type": "github"
},
"original": {
@ -323,16 +311,16 @@
]
},
"locked": {
"lastModified": 1739757849,
"narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=",
"lastModified": 1720042825,
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe",
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.11",
"ref": "release-24.05",
"repo": "home-manager",
"type": "github"
}
@ -344,11 +332,11 @@
]
},
"locked": {
"lastModified": 1741701235,
"narHash": "sha256-gBlb8R9gnjUAT5XabJeel3C2iEUiBHx3+91651y3Sqo=",
"lastModified": 1724435763,
"narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "c630dfa8abcc65984cc1e47fb25d4552c81dd37e",
"rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be",
"type": "github"
},
"original": {
@ -357,55 +345,195 @@
"type": "github"
}
},
"mobile-nixos": {
"flake": false,
"locked": {
"lastModified": 1728423157,
"narHash": "sha256-pJaC+Aef6oixhV6HdWPS2Pq/TgHxEN+MPLYUjighWYI=",
"owner": "lytedev",
"repo": "mobile-nixos",
"rev": "b2c496bbcebc85a28d1d939b56bd331536bd1ac4",
"type": "github"
},
"original": {
"owner": "lytedev",
"repo": "mobile-nixos",
"type": "github"
}
},
"nix-github-actions": {
"hyprcursor": {
"inputs": {
"hyprlang": [
"hyprland",
"hyprlang"
],
"nixpkgs": [
"colmena",
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1729742964,
"narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
"lastModified": 1722623071,
"narHash": "sha256-sLADpVgebpCBFXkA1FlCXtvEPu1tdEsTfqK1hfeHySE=",
"owner": "hyprwm",
"repo": "hyprcursor",
"rev": "912d56025f03d41b1ad29510c423757b4379eb1c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"owner": "hyprwm",
"repo": "hyprcursor",
"type": "github"
}
},
"hyprland": {
"inputs": {
"aquamarine": "aquamarine",
"hyprcursor": "hyprcursor",
"hyprlang": "hyprlang",
"hyprutils": "hyprutils",
"hyprwayland-scanner": "hyprwayland-scanner",
"nixpkgs": "nixpkgs_2",
"systems": "systems_2",
"xdph": "xdph"
},
"locked": {
"lastModified": 1724938863,
"narHash": "sha256-CxVxeKpXWm5Jl5wkJFwDnmU/EhJ95/NPiTGKdjrpaLM=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "92a0dd164e9cc74060b63abae67b0204b6b6074c",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "Hyprland",
"type": "github"
}
},
"hyprland-protocols": {
"inputs": {
"nixpkgs": [
"hyprland",
"xdph",
"nixpkgs"
],
"systems": [
"hyprland",
"xdph",
"systems"
]
},
"locked": {
"lastModified": 1721326555,
"narHash": "sha256-zCu4R0CSHEactW9JqYki26gy8h9f6rHmSwj4XJmlHgg=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "5a11232266bf1a1f5952d5b179c3f4b2facaaa84",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-protocols",
"type": "github"
}
},
"hyprlang": {
"inputs": {
"hyprutils": [
"hyprland",
"hyprutils"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1724174162,
"narHash": "sha256-fOOBLwil6M9QWMCiSULwjMQzrXhHXUnEqmjHX5ZHeVI=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "16e5c9465f04477d8a3dd48a0a26bf437986336c",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprlang",
"type": "github"
}
},
"hyprutils": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1724863980,
"narHash": "sha256-7Ke9wFRYPUIXwm5ZndGHkWBKj6BsFTkSEXUNXQRHE54=",
"owner": "hyprwm",
"repo": "hyprutils",
"rev": "aadf9a27dddd2272ca354ba5a22a0c2d1f919039",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprutils",
"type": "github"
}
},
"hyprwayland-scanner": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1721324119,
"narHash": "sha256-SOOqIT27/X792+vsLSeFdrNTF+OSRp5qXv6Te+fb2Qg=",
"owner": "hyprwm",
"repo": "hyprwayland-scanner",
"rev": "a048a6cb015340bd82f97c1f40a4b595ca85cc30",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprwayland-scanner",
"type": "github"
}
},
"libpng": {
"flake": false,
"locked": {
"lastModified": 1549245649,
"narHash": "sha256-1+cRp0Ungme/OGfc9kGJbklYIWAFxk8Il1M+NV4KSgw=",
"owner": "glennrp",
"repo": "libpng",
"rev": "8439534daa1d3a5705ba92e653eda9251246dd61",
"type": "github"
},
"original": {
"owner": "glennrp",
"repo": "libpng",
"rev": "8439534daa1d3a5705ba92e653eda9251246dd61",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1741600792,
"narHash": "sha256-yfDy6chHcM7pXpMF4wycuuV+ILSTG486Z/vLx/Bdi6Y=",
"owner": "NixOS",
"lastModified": 1709479366,
"narHash": "sha256-n6F0n8UV6lnTZbYPl1A9q1BS0p4hduAv1mGAP17CVd0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ebe2788eafd539477f83775ef93c3c7e244421d3",
"rev": "b8697e57f10292a6165a20f03d2f42920dfaf973",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
@ -426,52 +554,124 @@
"type": "github"
}
},
"nixpkgs-unstable": {
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1741708242,
"narHash": "sha256-cNRqdQD4sZpN7JLqxVOze4+WsWTmv2DGH0wNCOVwrWc=",
"lastModified": 1720386169,
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b62d2a95c72fb068aecd374a7262b37ed92df82b",
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1724999960,
"narHash": "sha256-LB3jqSGW5u1ZcUcX6vO/qBOq5oXHlmOCxsTXGMEitp4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "b96f849e725333eb2b1c7f1cb84ff102062468ba",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1724819573,
"narHash": "sha256-GnR7/ibgIH1vhoy8cYdmXE6iyZqKqFxQSVkFgosBh6w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "71e91c409d1e654808b2621f28a327acfdad8dc2",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1724727824,
"narHash": "sha256-0XH9MJk54imJm+RHOLTUJ7e+ponLW00tw5ke4MTVa1Y=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "36bae45077667aff5720e5b3f1a5458f51cf0776",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"colmena": "colmena",
"disko": "disko",
"ghostty": "ghostty",
"git-hooks": "git-hooks",
"hardware": "hardware",
"helix": "helix",
"home-manager": "home-manager",
"home-manager-unstable": "home-manager-unstable",
"mobile-nixos": "mobile-nixos",
"nixpkgs": "nixpkgs",
"hyprland": "hyprland",
"nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable",
"slippi": "slippi",
"sops-nix": "sops-nix"
"sops-nix": "sops-nix",
"wezterm": "wezterm"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": [
"helix",
"flake-utils"
],
"nixpkgs": [
"helix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1740623427,
"narHash": "sha256-3SdPQrZoa4odlScFDUHd4CUPQ/R1gtH4Mq9u8CBiK8M=",
"lastModified": 1709604635,
"narHash": "sha256-le4fwmWmjGRYWwkho0Gr7mnnZndOOe4XGbLw68OvF40=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "d342e8b5fd88421ff982f383c853f0fc78a847ab",
"rev": "e86c0fb5d3a22a5f30d7f64ecad88643fe26449d",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_2": {
"inputs": {
"nixpkgs": [
"wezterm",
"nixpkgs"
]
},
"locked": {
"lastModified": 1721441897,
"narHash": "sha256-gYGX9/22tPNeF7dR6bWN5rsrpU4d06GnQNNgZ6ZiXz0=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "b7996075da11a2d441cfbf4e77c2939ce51506fd",
"type": "github"
},
"original": {
@ -491,11 +691,11 @@
]
},
"locked": {
"lastModified": 1741743479,
"narHash": "sha256-vmWFSTV5NIgRX3lYXEmtTRPe19HZFj3+CQ9RdnB2hLs=",
"lastModified": 1722375582,
"narHash": "sha256-NKUQoYIr+982vUXwlDGbBFY4259CX/mngVHYH4sjL8Y=",
"owner": "lytedev",
"repo": "slippi-nix",
"rev": "33f57a434794f896dbb246366063b53d749502a8",
"rev": "ec418c0b7ed1191e227b2d821c02ee5b5fbe68f1",
"type": "github"
},
"original": {
@ -508,14 +708,17 @@
"inputs": {
"nixpkgs": [
"nixpkgs-unstable"
],
"nixpkgs-stable": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1741644481,
"narHash": "sha256-E0RrMykMtEv15V3QhpsFutgoSKhL1JBhidn+iZajOyg=",
"lastModified": 1723501126,
"narHash": "sha256-N9IcHgj/p1+2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "e653d71e82575a43fe9d228def8eddb73887b866",
"rev": "be0eec2d27563590194a9206f551a6f73d52fa34",
"type": "github"
},
"original": {
@ -540,6 +743,21 @@
}
},
"systems_2": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@ -554,57 +772,78 @@
"type": "github"
}
},
"zig": {
"wezterm": {
"inputs": {
"flake-compat": [
"ghostty"
],
"flake-utils": [
"ghostty",
"flake-utils"
],
"flake-utils": "flake-utils_2",
"freetype2": "freetype2",
"harfbuzz": "harfbuzz",
"libpng": "libpng",
"nixpkgs": [
"ghostty",
"nixpkgs-stable"
]
"nixpkgs-unstable"
],
"rust-overlay": "rust-overlay_2",
"zlib": "zlib"
},
"locked": {
"lastModified": 1738239110,
"narHash": "sha256-Y5i9mQ++dyIQr+zEPNy+KIbc5wjPmfllBrag3cHZgcE=",
"owner": "mitchellh",
"repo": "zig-overlay",
"rev": "1a8fb6f3a04724519436355564b95fce5e272504",
"dir": "nix",
"lastModified": 1723525023,
"narHash": "sha256-ZsDJQSUokodwFMP4FIZm2dYojf5iC4F/EeKC5VuQlqY=",
"owner": "wez",
"repo": "wezterm",
"rev": "30345b36d8a00fed347e4df5dadd83915a7693fb",
"type": "github"
},
"original": {
"owner": "mitchellh",
"repo": "zig-overlay",
"dir": "nix",
"owner": "wez",
"repo": "wezterm",
"type": "github"
}
},
"zig2nix": {
"xdph": {
"inputs": {
"flake-utils": [
"ghostty",
"flake-utils"
"hyprland-protocols": "hyprland-protocols",
"hyprlang": [
"hyprland",
"hyprlang"
],
"nixpkgs": [
"ghostty",
"nixpkgs-stable"
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1741368279,
"narHash": "sha256-WTaC8HmnIq6O71iK0g9as404BbmS+YyEP5qS85m2JBY=",
"owner": "jcollie",
"repo": "zig2nix",
"rev": "672971b5b6911de21446ad4fc76dee677922eda0",
"lastModified": 1724073926,
"narHash": "sha256-nWlUL43jOFHf+KW6Hqrx+W/r1XdXuDyb0wC/SrHsOu4=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "a08ecbbf33598924e93542f737fc6169a26b481e",
"type": "github"
},
"original": {
"owner": "jcollie",
"ref": "672971b5b6911de21446ad4fc76dee677922eda0",
"repo": "zig2nix",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"type": "github"
}
},
"zlib": {
"flake": false,
"locked": {
"lastModified": 1484501380,
"narHash": "sha256-j5b6aki1ztrzfCqu8y729sPar8GpyQWIrajdzpJC+ww=",
"owner": "madler",
"repo": "zlib",
"rev": "cacf7f1d4e3d44d871b605da3b647f07d718623f",
"type": "github"
},
"original": {
"owner": "madler",
"ref": "v1.2.11",
"repo": "zlib",
"type": "github"
}
}

645
flake.nix
View file

@ -1,116 +1,603 @@
{
outputs =
inputs:
let
lib = import ./lib inputs;
uGenPkgs = lib.genPkgs inputs.nixpkgs-unstable;
in
{
packages = uGenPkgs (import ./packages);
nixosConfigurations = import ./packages/hosts inputs;
# homeConfigurations = import ./packages/home inputs;
templates = import ./lib/templates;
diskoConfigurations = import ./lib/disko inputs;
checks = uGenPkgs (import ./packages/checks inputs);
devShells = uGenPkgs (import ./packages/shells inputs);
nixosModules = import ./lib/modules/nixos inputs;
homeManagerModules = import ./lib/modules/home inputs;
overlays = import ./lib/overlays inputs;
formatter = uGenPkgs (p: p.nixfmt-rfc-style);
colmena = import ./lib/colmena inputs;
colmenaHive = inputs.colmena.lib.makeHive inputs.self.outputs.colmena;
/*
TODO: nix-on-droid for phone terminal usage? mobile-nixos?
TODO: nix-darwin for work?
TODO: nixos ISO?
*/
}
// (import ./lib/constants.nix inputs)
// {
flakeLib = lib;
};
inputs = {
# stable inputs
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";
home-manager.url = "github:nix-community/home-manager/release-24.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
# "unstable" inputs
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
hardware.url = "github:NixOS/nixos-hardware";
disko.url = "github:nix-community/disko/master";
disko.inputs.nixpkgs.follows = "nixpkgs";
sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs-unstable";
sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs";
git-hooks.url = "github:cachix/git-hooks.nix";
git-hooks.inputs.nixpkgs.follows = "nixpkgs-unstable";
git-hooks.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager/release-24.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
home-manager-unstable.url = "github:nix-community/home-manager";
home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs-unstable";
helix.url = "github:helix-editor/helix/master";
helix.inputs.nixpkgs.follows = "nixpkgs-unstable";
hardware.url = "github:nixos/nixos-hardware";
hyprland.url = "github:hyprwm/Hyprland";
wezterm.url = "github:wez/wezterm?dir=nix";
wezterm.inputs.nixpkgs.follows = "nixpkgs-unstable";
slippi.url = "github:lytedev/slippi-nix";
# slippi.url = "git+file:///home/daniel/code/open-source/slippi-nix"; # used during flake development
# slippi.url = "git+file:///home/daniel/code/open-source/slippi-nix";
slippi.inputs.nixpkgs.follows = "nixpkgs-unstable";
slippi.inputs.home-manager.follows = "home-manager-unstable";
# jovian.url = "github:Jovian-Experiments/Jovian-NixOS/development";
# jovian.inputs.nixpkgs.follows = "nixpkgs-unstable";
ghostty.url = "github:ghostty-org/ghostty";
ghostty.inputs.nixpkgs-unstable.follows = "nixpkgs-unstable";
ghostty.inputs.nixpkgs-stable.follows = "nixpkgs";
colmena.url = "github:zhaofengli/colmena";
colmena.inputs.nixpkgs.follows = "nixpkgs-unstable";
colmena.inputs.stable.follows = "nixpkgs";
# nnf.url = "github:thelegy/nixos-nftables-firewall?rev=71fc2b79358d0dbacde83c806a0f008ece567b7b";
mobile-nixos = {
url = "github:lytedev/mobile-nixos";
flake = false;
};
};
nixConfig = {
extra-experimental-features = [
"nix-command"
"flakes"
];
extra-experimental-features = ["nix-command" "flakes"];
extra-substituters = [
"https://cache.nixos.org/"
"https://helix.cachix.org"
"https://nix-community.cachix.org"
"https://nix.h.lyte.dev"
# since we are forcing most inputs to follow our nixpkgs, we don't bother settings up caches and just use our own
# "https://helix.cachix.org"
# "https://ghostty.cachix.org"
# "https://nix.h.lyte.dev"
"https://hyprland.cachix.org"
];
extra-trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"h.lyte.dev-2:te9xK/GcWPA/5aXav8+e5RHImKYMug8hIIbhHsKPN0M="
# "helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
# "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
# "ghostty.cachix.org-1:QB389yTa6gTyneehvqG58y0WnHjQOqgnA+wBnpWWxns="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
};
outputs = {
self,
nixpkgs,
nixpkgs-unstable,
disko,
sops-nix,
git-hooks,
wezterm,
home-manager,
home-manager-unstable,
helix,
hardware,
# nnf,
# hyprland,
slippi,
...
}: let
inherit (self) outputs;
inherit (outputs) nixosModules homeManagerModules overlays;
# TODO: make @ inputs unnecessary by making arguments explicit in all modules?
systems = ["aarch64-linux" "aarch64-darwin" "x86_64-darwin" "x86_64-linux"];
forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: (import nixpkgs {inherit system;}).extend overlays.default;
genPkgs = func: (forSystems (system: func (pkgsFor system)));
pkg = callee: overrides: genPkgs (pkgs: pkgs.callPackage callee overrides);
unstable = {
forSystems = nixpkgs-unstable.lib.genAttrs systems;
pkgsFor = system: (import nixpkgs-unstable {inherit system;}).extend overlays.default;
genPkgs = func: (forSystems (system: func (pkgsFor system)));
pkg = callee: overrides: genPkgs (pkgs: pkgs.callPackage callee overrides);
};
colors = (import ./lib/colors.nix {inherit (nixpkgs) lib;}).schemes.catppuccin-mocha-sapphire;
# font = {
# name = "IosevkaLyteTerm";
# size = 12;
# };
# moduleArgs = {
# # inherit colors font;
# inherit helix slippi hyprland hardware disko home-manager;
# inherit (outputs) nixosModules homeManagerModules diskoConfigurations overlays;
# };
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev";
in {
# kind of a quirk, but package definitions are actually in the "additions"
# overlay I did this to work around some recursion problems
# TODO: https://discourse.nixos.org/t/infinite-recursion-getting-started-with-overlays/48880
packages = genPkgs (pkgs: {inherit (pkgs) iosevkaLyteTerm iosevkaLyteTermSubset nix-base-container-image;});
diskoConfigurations = import ./disko {inherit (nixpkgs) lib;};
templates = import ./templates;
formatter = genPkgs (p: p.alejandra);
checks = genPkgs ({system, ...}: {
git-hooks = git-hooks.lib.${system}.run {
src = ./.;
hooks = {
alejandra.enable = true;
};
};
});
devShells = genPkgs ({
system,
pkgs,
mkShell,
...
}: {
default = mkShell {
inherit (outputs.checks.${system}.git-hooks) shellHook;
packages = with pkgs; [
lua-language-server
nodePackages.bash-language-server
];
};
});
overlays = {
# the default overlay composes all the other overlays together
default = final: prev: {
overlays = with overlays; [
additions
modifications
unstable-packages
];
};
additions = final: prev: let
iosevkaLyteTerm = prev.callPackage ./packages/iosevkaLyteTerm.nix {};
in {
inherit iosevkaLyteTerm;
iosevkaLyteTermSubset = prev.callPackage ./packages/iosevkaLyteTermSubset.nix {
inherit iosevkaLyteTerm;
};
nix-base-container-image = final.dockerTools.buildImageWithNixDb {
name = "git.lyte.dev/lytedev/nix";
tag = "latest";
copyToRoot = with final; [
bash
coreutils
curl
gawk
gitFull
git-lfs
gnused
nodejs
wget
sudo
nixFlakes
cacert
gnutar
gzip
openssh
xz
(pkgs.writeTextFile {
name = "nix.conf";
destination = "/etc/nix/nix.conf";
text = ''
accept-flake-config = true
experimental-features = nix-command flakes
build-users-group =
substituters = https://nix.h.lyte.dev https://cache.nixos.org/
trusted-substituters = https://nix.h.lyte.dev https://cache.nixos.org/
trusted-public-keys = h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
'';
})
];
extraCommands = ''
# enable /usr/bin/env for scripts
mkdir -p usr
ln -s ../bin usr/bin
# create /tmp
mkdir -p tmp
# create HOME
mkdir -vp root
'';
config = {
Cmd = ["/bin/bash"];
Env = [
"LANG=en_GB.UTF-8"
"ENV=/etc/profile.d/nix.sh"
"BASH_ENV=/etc/profile.d/nix.sh"
"NIX_BUILD_SHELL=/bin/bash"
"PAGER=cat"
"PATH=/usr/bin:/bin"
"SSL_CERT_FILE=${final.cacert}/etc/ssl/certs/ca-bundle.crt"
"USER=root"
];
};
};
};
modifications = final: prev: let
wezterm-input = wezterm;
in rec {
helix = helix.outputs.packages.${prev.system}.helix;
final.helix = helix;
# TODO: would love to use a current wezterm build so I can make use of ssh/mux functionality without breakage
# source: https://github.com/wez/wezterm/issues/3771
# not-yet-merged (abandoned?): https://github.com/wez/wezterm/pull/4737
# I did try using the latest code via the flake, but alas it did not resolve my issues with mux'ing
wezterm = wezterm-input.outputs.packages.${prev.system}.default;
final.wezterm = wezterm;
};
unstable-packages = final: _prev: {
unstable-packages = import nixpkgs-unstable {
system = final.system;
config.allowUnfree = true;
};
};
};
nixosModules = import ./modules/nixos {
inherit home-manager home-manager-unstable helix nixosModules homeManagerModules pubkey overlays colors sops-nix disko;
flakeInputs = self.inputs;
};
homeManagerModules = import ./modules/home-manager {
inherit home-manager home-manager-unstable helix nixosModules homeManagerModules pubkey overlays colors;
inherit (nixpkgs) lib;
flakeInputs = self.inputs;
};
nixosConfigurations = {
beefcake = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-defaults
# TODO: disko?
hardware.nixosModules.common-cpu-intel
outputs.nixosModules.deno-netlify-ddns-client
{
services.deno-netlify-ddns-client = {
enable = true;
username = "beefcake.h";
# TODO: router doesn't even do ipv6 yet...
ipv6 = false;
};
}
common
podman
troubleshooting-tools
linux
fonts
./nixos/beefcake.nix
];
};
dragon = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-unstable-defaults
outputs.diskoConfigurations.standard
hardware.nixosModules.common-cpu-amd
hardware.nixosModules.common-pc-ssd
common
password-manager
wifi
graphical-workstation
music-production
gaming
slippi.nixosModules.default
./nixos/dragon.nix
{
home-manager.users.daniel = {
imports = with homeManagerModules; [
senpai
iex
cargo
firefox-no-tabs
linux-desktop-environment-config
slippi.homeManagerModules.default
];
};
}
];
};
bigtower = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-unstable-defaults
outputs.diskoConfigurations.unencrypted
hardware.nixosModules.common-cpu-amd
hardware.nixosModules.common-pc-ssd
common
# wifi
graphical-workstation
music-production
gaming
./nixos/bigtower.nix
{
home-manager.users.daniel = {
imports = with homeManagerModules; [
firefox-no-tabs
linux-desktop-environment-config
];
};
}
];
};
htpc = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-defaults
hardware.nixosModules.common-pc-ssd
common
gaming
graphical-workstation
./nixos/htpc.nix
{
home-manager.users.daniel = {
imports = with homeManagerModules; [
linux-desktop-environment-config
];
};
}
];
};
foxtrot = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-unstable-defaults
outputs.diskoConfigurations.standard
hardware.nixosModules.framework-13-7040-amd
common
password-manager
graphical-workstation
laptop
gaming
./nixos/foxtrot.nix
({pkgs, ...}: {
home-manager.users.daniel = {
imports = with homeManagerModules; [
senpai
iex
cargo
firefox-no-tabs
linux-desktop-environment-config
];
};
environment.systemPackages = with pkgs; [
fw-ectool
(writeShellApplication
{
name = "reset-wifi-module";
runtimeInputs = with pkgs; [kmod];
text = ''
modprobe -rv mt7921e
modprobe -v mt7921e
'';
})
];
})
];
};
thablet = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-unstable-defaults
outputs.diskoConfigurations.standard
hardware.nixosModules.lenovo-thinkpad-x1-yoga
common
password-manager
graphical-workstation
music-production
laptop
gaming
./nixos/thablet.nix
{
home-manager.users.daniel = {
imports = with homeManagerModules; [
senpai
iex
cargo
firefox-no-tabs
linux-desktop-environment-config
# slippi.homeManagerModules.default
];
};
}
];
};
# grablet = nixpkgs.lib.nixosSystem {
# system = "x86_64-linux";
# modules = with nixosModules; [
# common
# outputs.diskoConfigurations.standard
# hardware.nixosModules.common-cpu-intel-kaby-lake
# hardware.nixosModules.common-pc-laptopp-ssd
# graphical-workstation
# laptop
# gaming
# ./nixos/thablet.nix
# {
# home-manager.users.daniel = {
# imports = with homeManagerModules; [
# iex
# cargo
# linux-desktop-environment-config
# ];
# };
# powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
# }
# ];
# };
thinker = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-unstable-defaults
{
_module.args = {
disks = ["/dev/nvme0n1"];
swapSize = "32G";
};
}
outputs.diskoConfigurations.standardWithHibernateSwap
hardware.nixosModules.lenovo-thinkpad-t480
hardware.nixosModules.common-pc-laptop-ssd
music-production
common
password-manager
graphical-workstation
laptop
gaming
./nixos/thinker.nix
{
home-manager.users.daniel = {
imports = with homeManagerModules; [
senpai
iex
cargo
firefox-no-tabs
linux-desktop-environment-config
slippi.homeManagerModules.default
];
};
}
];
};
musicbox = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-defaults
{
_module.args = {
disks = ["/dev/sda"];
# swapSize = "8G";
};
}
outputs.diskoConfigurations.unencrypted
hardware.nixosModules.common-pc-laptop-ssd
music-production
common
graphical-workstation
wifi
# ./nixos/musicbox.nix
{
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
hardware.bluetooth.enable = true;
networking.networkmanager.enable = true;
home-manager.users.daniel = {
imports = with homeManagerModules; [
firefox-no-tabs
linux-desktop-environment-config
];
};
}
];
};
rascal = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-defaults
hardware.nixosModules.common-cpu-amd
common
linux
./nixos/rascal.nix
];
};
router = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = with nixosModules; [
home-manager-defaults
outputs.diskoConfigurations.unencrypted
common
linux
troubleshooting-tools
# NOTE: maybe use this someday, but I think I need more concrete
# networking knowledge before I know how to use it well. Additionally,
# I can use my existing firewall configuration more easily if I manage
# it directly.
# nnf.nixosModules.default
./nixos/router.nix
];
};
};
homeConfigurations = {
"deck" = let
system = "x86_64-linux";
pkgs = unstable.pkgsFor system;
in
home-manager-unstable.lib.homeManagerConfiguration {
inherit pkgs;
modules = with homeManagerModules; [
common
{
home = {
homeDirectory = "/home/deck";
username = "deck";
stateVersion = "24.11";
};
}
{
home.packages = with pkgs; [
ludusavi
rclone
];
}
linux
];
};
};
# TODO: nix-on-droid for phone terminal usage?
# TODO: nix-darwin for work?
# TODO: nixos ISO?
};
}

70
lib/colmena/default.nix
View file

@ -1,70 +0,0 @@
{
home-manager,
nixpkgs-unstable,
self,
...
}@inputs:
{
meta =
let
nixpkgsSet =
nixpkgs:
(import nixpkgs {
system = "x86_64-linux";
overlays = [ self.outputs.flakeLib.forSelfOverlay ];
});
nixpkgs = nixpkgsSet nixpkgs-unstable;
stable = nixpkgsSet nixpkgs;
in
{
inherit nixpkgs;
nodeNixpkgs = {
# router = stable;
beefcake = stable;
};
specialArgs = {
inherit home-manager;
hardware = inputs.hardware.outputs.nixosModules;
diskoConfigurations = inputs.self.outputs.diskoConfigurations;
};
};
# TODO: setup builders?
foxtrot =
{
# name,
# nodes,
# pkgs,
...
}:
{
deployment = {
# Allow local deployment with `colmena apply-local`
allowLocalDeployment = true;
# Disable SSH deployment. This node will be skipped in a
# normal`colmena apply`.
targetHost = null;
};
imports = [
inputs.self.outputs.nixosModules.default
(import ./../../packages/hosts/foxtrot.nix)
];
# boot.isContainer = true;
# time.timeZone = nodes.host-b.config.time.timeZone;
};
beefcake =
{ ... }:
{
deployment = {
buildOnTarget = true;
};
imports = [
inputs.self.outputs.nixosModules.default
(import ./../../packages/hosts/beefcake.nix)
];
};
}

187
lib/colors.nix
View file

@ -1,104 +1,101 @@
{ lib, ... }:
{
schemes =
let
mkColorScheme =
scheme@{
scheme-name,
bg,
bg2,
bg3,
bg4,
bg5,
fg,
fg2,
fg3,
fgdim,
# pink,
purple,
red,
orange,
yellow,
green,
# teal,
blue,
}:
let
base = {
text = fg;
primary = blue;
urgent = red;
{lib, ...}: {
schemes = let
mkColorScheme = scheme @ {
scheme-name,
bg,
bg2,
bg3,
bg4,
bg5,
fg,
fg2,
fg3,
fgdim,
# pink,
purple,
red,
orange,
yellow,
green,
# teal,
blue,
}: let
base =
{
text = fg;
primary = blue;
urgent = red;
# blacks
"0" = bg4;
"8" = bg5;
# blacks
"0" = bg4;
"8" = bg5;
"1" = red;
"9" = red;
"2" = green;
"10" = green;
"3" = orange;
"11" = orange;
"4" = blue;
"12" = blue;
"5" = purple;
"13" = purple;
"6" = yellow;
"14" = yellow;
"1" = red;
"9" = red;
"2" = green;
"10" = green;
"3" = orange;
"11" = orange;
"4" = blue;
"12" = blue;
"5" = purple;
"13" = purple;
"6" = yellow;
"14" = yellow;
# whites
"7" = fg2;
"15" = fg3;
} // scheme;
in
base
// {
withHashPrefix = lib.mapAttrs (_: value: "#${value}") base;
};
# whites
"7" = fg2;
"15" = fg3;
}
// scheme;
in
{
donokai = mkColorScheme {
scheme-name = "donokai";
bg = "110f0a";
bg2 = "181818";
bg3 = "222222";
bg4 = "292929";
bg5 = "333333";
fg = "f8f8f8";
fg2 = "d8d8d8";
fg3 = "c8c8c8";
fgdim = "666666";
red = "f92672";
green = "a6e22e";
yellow = "f4bf75";
blue = "66d9ef";
purple = "ae81ff";
# teal = "a1efe4";
orange = "fab387";
base
// {
withHashPrefix = lib.mapAttrs (_: value: "#${value}") base;
};
catppuccin-mocha-sapphire = mkColorScheme {
scheme-name = "catppuccin-mocha-sapphire";
bg = "1e1e2e";
bg2 = "181825";
bg3 = "313244";
bg4 = "45475a";
bg5 = "585b70";
in {
donokai = mkColorScheme {
scheme-name = "donokai";
bg = "110f0a";
bg2 = "181818";
bg3 = "222222";
bg4 = "292929";
bg5 = "333333";
fg = "cdd6f4";
fg2 = "bac2de";
fg3 = "a6adc8";
fgdim = "6c7086";
fg = "f8f8f8";
fg2 = "d8d8d8";
fg3 = "c8c8c8";
fgdim = "666666";
# pink = "f5e0dc";
purple = "cba6f7";
red = "f38ba8";
orange = "fab387";
yellow = "f9e2af";
green = "a6e3a1";
# teal = "94e2d5";
blue = "74c7ec";
};
red = "f92672";
green = "a6e22e";
yellow = "f4bf75";
blue = "66d9ef";
purple = "ae81ff";
# teal = "a1efe4";
orange = "fab387";
};
catppuccin-mocha-sapphire = mkColorScheme {
scheme-name = "catppuccin-mocha-sapphire";
bg = "1e1e2e";
bg2 = "181825";
bg3 = "313244";
bg4 = "45475a";
bg5 = "585b70";
fg = "cdd6f4";
fg2 = "bac2de";
fg3 = "a6adc8";
fgdim = "6c7086";
# pink = "f5e0dc";
purple = "cba6f7";
red = "f38ba8";
orange = "fab387";
yellow = "f9e2af";
green = "a6e3a1";
# teal = "94e2d5";
blue = "74c7ec";
};
};
}

21
lib/constants.nix
View file

@ -1,21 +0,0 @@
{ nixpkgs, ... }:
{
style = {
colors = (import ./colors.nix { inherit (nixpkgs) lib; }).schemes.catppuccin-mocha-sapphire;
font = {
name = "IosevkaLyteTerm";
size = 12;
};
};
/*
moduleArgs = {
# inherit style;
inherit helix slippi hyprland hardware disko home-manager;
inherit (outputs) nixosModules homeManagerModules diskoConfigurations overlays;
};
*/
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev";
}

22
lib/default.nix
View file

@ -1,22 +0,0 @@
{ self, ... }@inputs:
let
forSelfOverlay =
if builtins.hasAttr "overlays" self && builtins.hasAttr "forSelf" self.overlays then
self.overlays.forSelf
else
(_: p: p);
in
rec {
inherit forSelfOverlay;
systems = [
"aarch64-linux"
"aarch64-darwin"
"x86_64-darwin"
"x86_64-linux"
];
forSystems = nixpkgs: nixpkgs.lib.genAttrs systems;
pkgsFor = nixpkgs: system: (import nixpkgs { inherit system; }).extend forSelfOverlay;
genPkgs = nixpkgs: func: (forSystems nixpkgs (system: func (pkgsFor nixpkgs system)));
inherit (import ./host.nix inputs) host stableHost;
}

498
lib/disko/default.nix
View file

@ -1,498 +0,0 @@
{ nixpkgs-unstable, ... }:
let
# TODO: This file needs some serious cleaning up.
lib = nixpkgs-unstable.lib;
inherit (lib.attrsets) mapAttrs' filterAttrs;
ESP =
inputs@{
size ? "4G",
label ? "ESP",
name ? "ESP",
}:
{
priority = 1;
start = "1M";
label = label;
name = name;
end = size;
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"umask=0077"
];
};
}
// inputs;
in
rec {
standardWithHibernateSwap =
{
esp ? {
label = "ESP";
size = "4G";
name = "ESP";
},
rootfsName ? "/rootfs",
homeName ? "/home",
disk,
swapSize,
...
}:
{
/*
this is my standard partitioning scheme for my machines which probably want hibernation capabilities
a UEFI-compatible boot partition
it includes an LUKS-encrypted btrfs volume
a swap partition big enough to dump all the machine's RAM into
*/
disko.devices = {
disk = {
primary = {
type = "disk";
device = disk;
content = {
type = "gpt";
partitions = {
ESP = ESP esp;
swap = {
size = swapSize;
content = {
type = "swap";
discardPolicy = "both";
resumeDevice = true; # resume from hiberation from this device
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
# if you want to use the key for interactive login be sure there is no trailing newline
# for example use `echo -n "password" > /tmp/secret.key`
keyFile = "/tmp/secret.key"; # Interactive
# settings.keyFile = "/tmp/password.key";
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
${rootfsName} = {
mountpoint = "/";
mountOptions = [ "compress=zstd" ];
};
${homeName} = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
};
};
};
};
};
};
foxtrot = standardWithHibernateSwap {
disk = "nvme0n1";
swapSize = "32G";
rootfsName = "/nixos-rootfs";
homeName = "/nixos-home";
esp = {
label = "disk-primary-ESP";
name = "disk-primary-ESP";
};
};
standardEncrypted =
{
disk,
espSize ? "4G",
...
}:
standard {
inherit disk;
esp = {
label = "ESP";
size = espSize;
name = "ESP";
};
};
standard =
{
esp ? {
label = "ESP";
size = "4G";
name = "ESP";
},
disk,
...
}:
{
# this is my standard partitioning scheme for my machines: an LUKS-encrypted
# btrfs volume
disko.devices = {
disk = {
primary = {
type = "disk";
device = disk;
content = {
type = "gpt";
partitions = {
ESP = ESP esp;
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
# if you want to use the key for interactive login be sure there is no trailing newline
# for example use `echo -n "password" > /tmp/secret.key`
keyFile = "/tmp/secret.key"; # Interactive
# settings.keyFile = "/tmp/password.key";
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" ];
};
"/home" = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
};
};
};
};
};
};
thablet = standard {
disk = "nvme0n1";
esp = {
label = "EFI";
size = "4G";
name = "EFI";
};
};
unencrypted =
{ disk, ... }:
{
disko.devices = {
disk = {
primary = {
type = "disk";
device = disk;
content = {
type = "gpt";
partitions = {
ESP = ESP { size = "5G"; };
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
mountpoint = "/partition-root";
subvolumes = {
"/rootfs" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" ];
};
"/home" = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
};
};
};
};
};
beefcake =
let
zpools = {
zroot = {
/*
TODO: at the time of writing, disko does not support draid6
so I'm building/managing the array manually for the time being
the root pool is just a single disk right now
*/
name = "zroot";
config = {
type = "zpool";
# mode = "draid6";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "false";
};
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
datasets = {
zfs_fs = {
type = "zfs_fs";
mountpoint = "/zfs_fs";
options."com.sun:auto-snapshot" = "true";
};
zfs_unmounted_fs = {
type = "zfs_fs";
options.mountpoint = "none";
};
zfs_legacy_fs = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/zfs_legacy_fs";
};
zfs_testvolume = {
type = "zfs_volume";
size = "10M";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/ext4onzfs";
};
};
encrypted = {
type = "zfs_fs";
options = {
mountpoint = "none";
encryption = "aes-256-gcm";
keyformat = "passphrase";
keylocation = "file:///tmp/secret.key";
};
# use this to read the key during boot
/*
postCreateHook = ''
zfs set keylocation="prompt" "zroot/$name";
'';
*/
};
"encrypted/test" = {
type = "zfs_fs";
mountpoint = "/zfs_crypted";
};
};
};
};
zstorage = {
/*
PARITY_COUNT=3 NUM_DRIVES=8 HOT_SPARES=2 sudo -E zpool create -f -O mountpoint=none -O compression=on -O xattr=sa -O acltype=posixacl -o ashift=12 -O atime=off -O recordsize=64K zstorage draid{$PARITY_COUNT}:{$NUM_DRIVES}c:{$HOT_SPARES}s /dev/disk/by-id/scsi-35000039548cb637c /dev/disk/by-id/scsi-35000039548cb7c8c /dev/disk/by-id/scsi-35000039548cb85c8 /dev/disk/by-id/scsi-35000039548d9b504 /dev/disk/by-id/scsi-35000039548da2b08 /dev/disk/by-id/scsi-35000039548dad2fc /dev/disk/by-id/scsi-350000399384be921 /dev/disk/by-id/scsi-35000039548db096c
sudo zfs create -o mountpoint=legacy zstorage/nix
sudo zfs create -o canmount=on -o mountpoint=/storage zstorage/storage
*/
name = "zstorage";
config = { };
};
};
diskClass = {
storage = {
type = "zfs";
pool = zpools.zroot.name;
};
boot = {
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = zpools.zroot.name;
};
};
};
};
};
};
bootDisks = {
"/dev/sdi" = {
name = "i";
enable = true;
};
"/dev/sdj" = {
name = "j";
enable = true;
}; # TODO: join current boot drive to new boot pool
};
storageDisks = {
"/dev/sda" = {
enable = true;
name = "a";
};
"/dev/sdb" = {
enable = true;
name = "b";
};
"/dev/sdc" = {
enable = true;
name = "c";
};
"/dev/sdd" = {
enable = true;
name = "d";
};
# TODO: start small
"/dev/sde" = {
enable = false;
name = "e";
};
"/dev/sdf" = {
enable = false;
name = "f";
};
"/dev/sdg" = {
enable = false;
name = "g";
};
"/dev/sdh" = {
enable = false;
name = "h";
};
# gap for two boot drives
"/dev/sdk" = {
enable = false;
name = "k";
};
"/dev/sdl" = {
enable = false;
name = "l";
};
"/dev/sdm" = {
enable = false;
name = "m";
};
"/dev/sdn" = {
# TODO: this is my holding cell for random stuff right now
enable = false;
name = "n";
};
};
diskoBoot = mapAttrs' (
device:
{ name, ... }:
{
name = "boot-${name}";
value = {
inherit device;
type = "disk";
content = diskClass.boot.content;
};
}
) (filterAttrs (_: { enable, ... }: enable) bootDisks);
diskoStorage = mapAttrs' (
device:
{ name, ... }:
{
name = "storage-${name}";
value = {
inherit device;
type = "disk";
content = diskClass.storage.content;
};
}
) (filterAttrs (_: { enable, ... }: enable) storageDisks);
in
{
disko.devices = {
disk = diskoBoot // diskoStorage;
zpool = {
zroot = zpools.zroot.config;
};
};
};
legacy =
{ disks, ... }:
{
disko.devices = {
disk = {
primary = {
device = builtins.elemAt disks 0;
type = "disk";
content = {
type = "table";
format = "gpt";
partitions = [
{
label = "EFI";
name = "ESP";
size = "512M";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
}
{
name = "root";
start = "500M";
end = "100%";
part-type = "primary";
bootable = true;
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
}
];
};
};
};
};
};
}

36
lib/host.nix
View file

@ -1,36 +0,0 @@
inputs:
let
baseHost =
{
nixpkgs,
home-manager,
...
}:
(
path:
(
{
system ? "x86_64-linux",
}:
(nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {
inherit home-manager;
hardware = inputs.hardware.outputs.nixosModules;
diskoConfigurations = inputs.self.outputs.diskoConfigurations;
};
modules = [
inputs.self.outputs.nixosModules.default
(import path)
];
})
)
);
in
{
stableHost = baseHost { inherit (inputs) nixpkgs home-manager; };
host = baseHost {
nixpkgs = inputs.nixpkgs-unstable;
home-manager = inputs.home-manager-unstable;
};
}

BIN
lib/images/Nix_snowflake_lytedev.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 28 KiB

380
lib/images/Nix_snowflake_lytedev.svg
View file

@ -1,380 +0,0 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
width="141.5919mm"
height="122.80626mm"
viewBox="0 0 501.70361 435.14028"
id="svg2"
version="1.1"
inkscape:version="1.3.2 (091e20ef0f, 2023-11-25)"
sodipodi:docname="Nix_snowflake_lytedev.svg"
inkscape:export-filename="Nix_snowflake_lytedev.png"
inkscape:export-xdpi="96"
inkscape:export-ydpi="96"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<defs
id="defs4">
<linearGradient
inkscape:collect="always"
id="linearGradient5562">
<stop
style="stop-color:#699ad7;stop-opacity:1"
offset="0"
id="stop5564" />
<stop
id="stop5566"
offset="0.24345198"
style="stop-color:#7eb1dd;stop-opacity:1" />
<stop
style="stop-color:#7ebae4;stop-opacity:1"
offset="1"
id="stop5568" />
</linearGradient>
<linearGradient
inkscape:collect="always"
id="linearGradient5053">
<stop
style="stop-color:#415e9a;stop-opacity:1"
offset="0"
id="stop5055" />
<stop
id="stop5057"
offset="0.23168644"
style="stop-color:#4a6baf;stop-opacity:1" />
<stop
style="stop-color:#5277c3;stop-opacity:1"
offset="1"
id="stop5059" />
</linearGradient>
<linearGradient
id="linearGradient5960"
inkscape:collect="always">
<stop
id="stop5962"
offset="0"
style="stop-color:#637ddf;stop-opacity:1" />
<stop
style="stop-color:#649afa;stop-opacity:1"
offset="0.23168644"
id="stop5964" />
<stop
id="stop5966"
offset="1"
style="stop-color:#719efa;stop-opacity:1" />
</linearGradient>
<linearGradient
inkscape:collect="always"
id="linearGradient5867">
<stop
style="stop-color:#7363df;stop-opacity:1"
offset="0"
id="stop5869" />
<stop
id="stop5871"
offset="0.23168644"
style="stop-color:#6478fa;stop-opacity:1" />
<stop
style="stop-color:#719efa;stop-opacity:1"
offset="1"
id="stop5873" />
</linearGradient>
<linearGradient
y2="515.97058"
x2="282.26105"
y1="338.62445"
x1="213.95642"
gradientTransform="translate(983.36076,601.38885)"
gradientUnits="userSpaceOnUse"
id="linearGradient5855"
xlink:href="#linearGradient5960"
inkscape:collect="always" />
<linearGradient
y2="515.97058"
x2="282.26105"
y1="338.62445"
x1="213.95642"
gradientTransform="translate(-197.75174,-337.1451)"
gradientUnits="userSpaceOnUse"
id="linearGradient5855-8"
xlink:href="#linearGradient5867"
inkscape:collect="always" />
<linearGradient
y2="247.58188"
x2="-702.75317"
y1="102.74675"
x1="-775.20807"
gradientTransform="translate(983.36076,601.38885)"
gradientUnits="userSpaceOnUse"
id="linearGradient4544"
xlink:href="#linearGradient5960"
inkscape:collect="always" />
<clipPath
id="clipPath4501"
clipPathUnits="userSpaceOnUse">
<circle
r="241.06563"
cy="686.09473"
cx="335.13995"
id="circle4503"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#adadad;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
</clipPath>
<clipPath
id="clipPath5410"
clipPathUnits="userSpaceOnUse">
<circle
r="241.13741"
cy="340.98975"
cx="335.98114"
id="circle5412"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
</clipPath>
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5053"
id="linearGradient5137"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(864.55062,-2197.497)"
x1="-584.19934"
y1="782.33563"
x2="-496.29703"
y2="937.71399" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5053"
id="linearGradient5147"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(864.55062,-2197.497)"
x1="-584.19934"
y1="782.33563"
x2="-496.29703"
y2="937.71399" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5562"
id="linearGradient5162"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(70.505061,-1761.3076)"
x1="200.59668"
y1="351.41116"
x2="290.08701"
y2="506.18814" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5562"
id="linearGradient5172"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(70.505061,-1761.3076)"
x1="200.59668"
y1="351.41116"
x2="290.08701"
y2="506.18814" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5562"
id="linearGradient5182"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(70.505061,-1761.3076)"
x1="200.59668"
y1="351.41116"
x2="290.08701"
y2="506.18814" />
<linearGradient
y2="506.18814"
x2="290.08701"
y1="351.41116"
x1="200.59668"
gradientTransform="translate(70.505061,-1761.3076)"
gradientUnits="userSpaceOnUse"
id="linearGradient5201"
xlink:href="#linearGradient5562"
inkscape:collect="always" />
<linearGradient
y2="937.71399"
x2="-496.29703"
y1="782.33563"
x1="-584.19934"
gradientTransform="translate(864.55062,-2197.497)"
gradientUnits="userSpaceOnUse"
id="linearGradient5205"
xlink:href="#linearGradient5053"
inkscape:collect="always" />
</defs>
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="0.98318225"
inkscape:cx="112.8987"
inkscape:cy="191.21582"
inkscape:document-units="px"
inkscape:current-layer="layer1"
showgrid="false"
inkscape:window-width="2059"
inkscape:window-height="1588"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="0"
inkscape:snap-global="true"
fit-margin-top="0"
fit-margin-left="0"
fit-margin-right="0"
fit-margin-bottom="0"
inkscape:showpageshadow="0"
inkscape:pagecheckerboard="0"
inkscape:deskcolor="#505050" />
<metadata
id="metadata7">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="print-logo"
inkscape:groupmode="layer"
id="layer1"
style="display:inline"
transform="translate(-156.33871,933.1905)">
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#5277c3;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 309.40365,-710.2521 122.19683,211.6751 -56.15706,0.5268 -32.6236,-56.8692 -32.85645,56.5653 -27.90237,-0.011 -14.29086,-24.6896 46.81047,-80.4902 -33.22946,-57.8256 z"
id="path4861"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccccccc" />
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#df3c59;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 353.50926,-797.4433 -122.21756,211.6631 -28.53477,-48.37 32.93839,-56.6875 -65.41521,-0.1719 -13.9414,-24.1698 14.23637,-24.721 93.11177,0.2939 33.46371,-57.6903 z"
id="use4863"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccccccc" />
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#df3c59;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 362.88537,-628.243 244.41439,0.012 -27.62229,48.8968 -65.56199,-0.1817 32.55876,56.7371 -13.96098,24.1585 -28.52722,0.032 -46.3013,-80.7841 -66.69317,-0.1353 z"
id="use4865"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccccccc" />
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#df3c59;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 505.14318,-720.9886 -122.19683,-211.6751 56.15706,-0.5268 32.6236,56.8692 32.85645,-56.5653 27.90237,0.011 14.29086,24.6896 -46.81047,80.4902 33.22946,57.8256 z"
id="use4867"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccccccc" />
<path
sodipodi:nodetypes="cccccccccc"
inkscape:connector-curvature="0"
id="path4873"
d="m 309.40365,-710.2521 122.19683,211.6751 -56.15706,0.5268 -32.6236,-56.8692 -32.85645,56.5653 -27.90237,-0.011 -14.29086,-24.6896 46.81047,-80.4902 -33.22946,-57.8256 z"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#8e293b;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
<path
sodipodi:nodetypes="cccccccccc"
inkscape:connector-curvature="0"
id="use4875"
d="m 451.3364,-803.53264 -244.4144,-0.012 27.62229,-48.89685 65.56199,0.18175 -32.55875,-56.73717 13.96097,-24.15851 28.52722,-0.0315 46.3013,80.78414 66.69317,0.13524 z"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#8e293b;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
<path
sodipodi:nodetypes="cccccccccc"
inkscape:connector-curvature="0"
id="use4877"
d="m 460.87178,-633.8425 122.21757,-211.66304 28.53477,48.37003 -32.93839,56.68751 65.4152,0.1718 13.9414,24.1698 -14.23636,24.7211 -93.11177,-0.294 -33.46371,57.6904 z"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#8e293b;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
<g
id="layer2"
inkscape:label="guides"
style="display:none"
transform="translate(72.039038,-1799.4476)">
<path
d="M 460.60629,594.72881 209.74183,594.7288 84.309616,377.4738 209.74185,160.21882 l 250.86446,1e-5 125.43222,217.255 z"
inkscape:randomized="0"
inkscape:rounded="0"
inkscape:flatsided="true"
sodipodi:arg2="1.5707963"
sodipodi:arg1="1.0471976"
sodipodi:r2="217.25499"
sodipodi:r1="250.86446"
sodipodi:cy="377.47382"
sodipodi:cx="335.17407"
sodipodi:sides="6"
id="path6032"
style="color:#000000;display:inline;overflow:visible;visibility:visible;opacity:0.236;fill:#4e4d52;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;enable-background:accumulate"
sodipodi:type="star" />
<path
transform="translate(0,-308.26772)"
sodipodi:type="star"
style="color:#000000;display:inline;overflow:visible;visibility:visible;opacity:1;fill:#4e4d52;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;enable-background:accumulate"
id="path5875"
sodipodi:sides="6"
sodipodi:cx="335.17407"
sodipodi:cy="685.74158"
sodipodi:r1="100.83495"
sodipodi:r2="87.32563"
sodipodi:arg1="1.0471976"
sodipodi:arg2="1.5707963"
inkscape:flatsided="true"
inkscape:rounded="0"
inkscape:randomized="0"
d="m 385.59154,773.06721 -100.83495,0 -50.41747,-87.32564 50.41748,-87.32563 100.83495,10e-6 50.41748,87.32563 z" />
<path
transform="translate(0,-308.26772)"
sodipodi:nodetypes="ccccccccc"
inkscape:connector-curvature="0"
id="path5851"
d="m 1216.5591,938.53395 123.0545,228.14035 -42.6807,-1.2616 -43.4823,-79.7725 -39.6506,80.3267 -32.6875,-19.7984 53.4737,-100.2848 -37.1157,-73.88955 z"
style="fill:url(#linearGradient5855);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
<rect
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:0.415;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#c53a3a;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
id="rect5884"
width="48.834862"
height="226.22897"
x="-34.74221"
y="446.17056"
transform="rotate(-30)" />
<path
transform="translate(0,-308.26772)"
sodipodi:type="star"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:0.509;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
id="path3428"
sodipodi:sides="6"
sodipodi:cx="223.93674"
sodipodi:cy="878.63831"
sodipodi:r1="28.048939"
sodipodi:r2="24.291094"
sodipodi:arg1="0"
sodipodi:arg2="0.52359878"
inkscape:flatsided="true"
inkscape:rounded="0"
inkscape:randomized="0"
d="m 251.98568,878.63831 -14.02447,24.29109 h -28.04894 l -14.02447,-24.29109 14.02447,-24.2911 h 28.04894 z" />
<use
x="0"
y="0"
xlink:href="#rect5884"
id="use4252"
transform="rotate(60,268.29786,489.4515)"
width="100%"
height="100%" />
<rect
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#000000;fill-opacity:0.650794;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
id="rect4254"
width="5.3947482"
height="115.12564"
x="545.71014"
y="467.07007"
transform="rotate(30,575.23539,-154.13386)" />
</g>
</g>
</svg>
Side by side

Before

Width:  |  Height:  |  Size: 19 KiB

21
lib/internal.md
View file

@ -4,10 +4,6 @@
**NOTE**: I want to establish a solid way to do this without `root@`.
**TODO**: This could easily be wrapped up in a `nix run github:lytedev/nix#install` or something with fuzzy-finders for the variable options.
**TODO**: could also probably get some helpers baked into an ISO?
```fish
g a; set host beefcake; nix run nixpkgs#nixos-rebuild -- --flake ".#$host" \
--target-host "root@$host" --build-host "root@$host" \
@ -55,12 +51,8 @@ ssh "root@$host" nixos-rebuild --rollback switch
## Provisioning New NixOS Hosts
```shell
nix run --extra-experimental-features 'nix-command flakes' \
--accept-flake-config git+https://git.lyte.dev/lytedev/nix#installer
```
Or you can install manually with the process below:
Note that for best results the target flake attribute should first be built and
cached to the binary cache at `nix.h.lyte.dev`.
```bash
# establish network access
@ -83,7 +75,7 @@ nix-shell --packages git --run "sudo nix run \
github:nix-community/disko -- \
--flake 'git+https://git.lyte.dev/lytedev/nix#${PARTITION_SCHEME}' \
--mode disko \
--arg disk '\"/dev/${DISK}\"'"
--arg disks '[ \"/dev/${DISK}\" ]'"
# install
nix-shell --packages git \
@ -96,9 +88,7 @@ nix-shell --packages git \
Then:
1. Tailscale connection and roles.
2. Setup/copy any GPG/SSH keys.
1. Setup/copy any GPG/SSH keys.
```shell
# from a machine with the key
@ -110,12 +100,13 @@ $ gpg --import ~/p.key && rm ~/p.key
$ gpg --edit-key daniel@lyte.dev # trust ultimately
```
3. Setup/copy any password stores.
2. Setup/copy any password stores.
```shell
$ rsync -r ~/.local/share/password-store $host:~/.local/share/password-store
```
3. Tailscale connection and roles.
4. Firefox sync configured.
# Temporary Firewall Changes

1319
lib/modules/home/default.nix
View file

File diff suppressed because it is too large Load diff

71
lib/modules/home/firefox.nix
View file

@ -1,71 +0,0 @@
{
lib,
config,
pkgs,
...
}:
{
config = lib.mkIf config.programs.firefox.enable {
home = {
sessionVariables = {
MOZ_ENABLE_WAYLAND = "1";
BROWSER = "firefox";
};
};
programs.firefox = {
# enable = true;
profileVersion = null;
package = pkgs.firefox.override {
nativeMessagingHosts = with pkgs; [ bitwarden ];
};
/*
TODO: this should be able to work on macos, no?
TODO: enable color scheme/theme by default
TODO: extensions and their config/sync?
*/
profiles = {
primary = {
id = 0;
settings = {
"alerts.useSystemBackend" = true;
"widget.gtk.rounded-bottom-corners.enabled" = true;
"general.smoothScroll" = true;
"browser.zoom.siteSpecific" = true;
};
extraConfig = ''
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
// user_pref("full-screen-api.ignore-widgets", true);
user_pref("media.ffmpeg.vaapi.enabled", true);
user_pref("media.rdd-vpx.enabled", true);
'';
userChrome = ''
#TabsToolbar {
visibility: collapse;
}
#main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar>.toolbar-items {
opacity: 0;
pointer-events: none;
}
#main-window:not([tabsintitlebar="true"]) #TabsToolbar {
visibility: collapse !important;
}
#webrtcIndicator {
display: none;
}
'';
/*
userContent = ''
'';
*/
};
};
};
};
}

94
lib/modules/home/fish.nix
View file

@ -1,94 +0,0 @@
{
lib,
config,
pkgs,
...
}:
{
config = lib.mkIf config.programs.fish.enable {
home = {
packages = [
pkgs.gawk # used in prompt
];
};
programs.fish = {
# enable = true;
# I load long scripts from files for a better editing experience
shellInit = builtins.readFile ./fish/shellInit.fish;
interactiveShellInit = builtins.readFile ./fish/interactiveShellInit.fish;
loginShellInit = "";
functions = {
# TODO: I think these should be loaded from fish files too for better editor experience?
d = ''
# --wraps=cd --description "Quickly jump to NICE_HOME (or given relative or absolute path) and list files."
if count $argv > /dev/null
cd $argv
else
cd $NICE_HOME
end
la
'';
c = ''
if count $argv > /dev/null
cd $NICE_HOME && d $argv
else
d $NICE_HOME
end
'';
ltl = ''
set d $argv[1] .
set -l l ""
for f in $d[1]/*
if test -z $l; set l $f; continue; end
if command test $f -nt $l; and test ! -d $f
set l $f
end
end
echo $l
'';
has_command = "command --quiet --search $argv[1]";
};
shellAbbrs = { };
shellAliases = {
# TODO: an alias that wraps `rm` such that if we run it without git committing first (when in a git repo)
ls = "eza --group-directories-first --classify";
l = "ls";
ll = "ls --long --group";
la = "ll --all";
lA = "la --all"; # --all twice to show . and ..
tree = "ls --tree --level=3";
lt = "ll --sort=modified";
lat = "la --sort=modified";
lc = "lt --sort=accessed";
lT = "lt --reverse";
lC = "lc --reverse";
lD = "la --only-dirs";
"cd.." = "d ..";
"cdc" = "d $XDG_CONFIG_HOME";
"cdn" = "d $NOTES_PATH";
"cdl" = "d $XDG_DOWNLOAD_DIR";
"cdg" = "d $XDG_GAMES_DIR";
".." = "d ..";
"..." = "d ../..";
"...." = "d ../../..";
"....." = "d ../../../..";
"......" = "d ../../../../..";
"......." = "d ../../../../../..";
"........" = "d ../../../../../../..";
"........." = "d ../../../../../../../..";
p = "ping";
dc = "docker compose";
pc = "podman-compose";
k = "kubectl";
kg = "kubectl get";
v = "$EDITOR";
sv = "sudo $EDITOR";
kssh = "kitty +kitten ssh";
};
};
};
}

2123
lib/modules/home/ghostty/config
View file

File diff suppressed because it is too large Load diff

25
lib/modules/home/ghostty/themes/catppuccin-mocha-sapphire-custom
View file

@ -1,25 +0,0 @@
palette = 0=#45475a
palette = 1=#f38ba8
palette = 2=#a6e3a1
palette = 3=#fab387
palette = 4=#74c7ec
palette = 5=#cba6f7
palette = 6=#f9e2af
palette = 7=#bac2de
palette = 8=#585b70
palette = 9=#f38ba8
palette = 10=#a6e3a1
palette = 11=#fab387
palette = 12=#74c7ec
palette = 13=#cba6f7
palette = 14=#f9e2af
palette = 15=#a6adc8
background = #1e1e2e
foreground = #cdd6f4
cursor-color = #cdd6f4
cursor-text = #cdd6f4
selection-background = #f9e2af
selection-foreground = #1e1e2e

588
lib/modules/home/helix.nix
View file

@ -1,588 +0,0 @@
{ self, ... }:
let
inherit (self.outputs) style;
in
{
lib,
config,
...
}:
{
config = lib.mkIf config.programs.helix.enable {
# helix rust debugger stuff
# https://github.com/helix-editor/helix/wiki/Debugger-Configurations
home.file."${config.xdg.configHome}/lldb_vscode_rustc_primer.py" = {
text = ''
import subprocess
import pathlib
import lldb
# Determine the sysroot for the active Rust interpreter
rustlib_etc = pathlib.Path(subprocess.getoutput('rustc --print sysroot')) / 'lib' / 'rustlib' / 'etc'
if not rustlib_etc.exists():
raise RuntimeError('Unable to determine rustc sysroot')
# Load lldb_lookup.py and execute lldb_commands with the correct path
lldb.debugger.HandleCommand(f"""command script import "{rustlib_etc / 'lldb_lookup.py'}" """)
lldb.debugger.HandleCommand(f"""command source -s 0 "{rustlib_etc / 'lldb_commands'}" """)
'';
};
/*
NOTE: Currently, helix crashes when editing markdown in certain scenarios,
presumably due to an old markdown treesitter grammar
https://github.com/helix-editor/helix/issues/9011
https://github.com/helix-editor/helix/issues/8821
https://github.com/tree-sitter-grammars/tree-sitter-markdown/issues/114
*/
programs.helix = {
languages = {
language-server = {
lexical = {
command = "lexical";
args = [ "start" ];
};
/*
next-ls = {
command = "next-ls";
args = ["--stdout"];
};
deno = {
command = "deno";
args = ["lsp"];
config = {
enable = true;
lint = true;
unstable = true;
};
};
*/
};
language = [
/*
{
name = "heex";
scope = "source.heex";
injection-regex = "heex";
language-servers = ["lexical"]; # "lexical" "next-ls" ?
auto-format = true;
file-types = ["heex"];
roots = ["mix.exs" "mix.lock"];
indent = {
tab-width = 2;
unit = " ";
};
}
{
name = "elixir";
language-servers = ["lexical"]; # "lexical" "next-ls" ?
auto-format = true;
}
*/
{
name = "rust";
debugger = {
name = "lldb-vscode";
transport = "stdio";
command = "lldb-vscode";
templates = [
{
name = "binary";
request = "launch";
completion = [
{
name = "binary";
completion = "filename";
}
];
args = {
program = "{0}";
initCommands = [ "command script import ${config.xdg.configHome}/lldb_vscode_rustc_primer.py" ];
};
}
];
};
}
{
name = "html";
file-types = [ "html" ];
scope = "source.html";
auto-format = false;
}
{
name = "nix";
file-types = [ "nix" ];
scope = "source.nix";
auto-format = true;
formatter = {
command = "nixfmt";
args = [ "-" ];
};
}
{
name = "fish";
file-types = [ "fish" ];
scope = "source.fish";
auto-format = true;
indent = {
tab-width = 2;
unit = "\t";
};
}
{
name = "toml";
file-types = [ "toml" ];
scope = "source.toml";
auto-format = true;
}
/*
{
name = "javascript";
language-id = "javascript";
grammar = "javascript";
scope = "source.js";
injection-regex = "^(js|javascript)$";
file-types = ["js" "mjs"];
shebangs = ["deno"];
language-servers = ["deno"];
roots = ["deno.jsonc" "deno.json"];
formatter = {
command = "deno";
args = ["fmt"];
};
auto-format = true;
comment-token = "//";
indent = {
tab-width = 2;
unit = "\t";
};
}
{
name = "typescript";
language-id = "typescript";
grammar = "typescript";
scope = "source.ts";
injection-regex = "^(ts|typescript)$";
file-types = ["ts"];
shebangs = ["deno"];
language-servers = ["deno"];
roots = ["deno.jsonc" "deno.json"];
formatter = {
command = "deno";
args = ["fmt"];
};
auto-format = true;
comment-token = "//";
indent = {
tab-width = 2;
unit = "\t";
};
}
{
name = "jsonc";
language-id = "json";
grammar = "jsonc";
scope = "source.jsonc";
injection-regex = "^(jsonc)$";
roots = ["deno.jsonc" "deno.json"];
file-types = ["jsonc"];
language-servers = ["deno"];
indent = {
tab-width = 2;
unit = " ";
};
auto-format = true;
}
*/
];
};
settings = {
theme = "custom";
editor = {
soft-wrap.enable = true;
auto-pairs = false;
bufferline = "multiple";
rulers = [
81
121
];
cursorline = true;
/*
auto-save = false;
completion-trigger-len = 1;
color-modes = false;
scrolloff = 8;
*/
inline-diagnostics = {
cursor-line = "hint";
other-lines = "error";
};
cursor-shape = {
normal = "block";
insert = "bar";
select = "underline";
};
file-picker.hidden = false;
indent-guides = {
render = true;
character = "";
};
lsp = {
display-messages = true;
# display-inlay-hints = true;
};
statusline = {
separator = " ";
mode = {
"normal" = "N";
"insert" = "I";
"select" = "S";
};
left = [
"file-name"
"mode"
/*
"selections"
"primary-selection-length"
"position"
"position-percentage"
*/
"spinner"
"diagnostics"
"workspace-diagnostics"
];
/*
center = ["file-name"];
right = ["version-control" "total-line-numbers" "file-encoding"];
*/
};
};
keys = {
insert = {
j = {
k = "normal_mode";
j = "normal_mode";
K = "normal_mode";
J = "normal_mode";
};
};
normal = {
"C-k" = "jump_view_up";
"C-j" = "jump_view_down";
"C-h" = "jump_view_left";
"C-l" = "jump_view_right";
"C-q" = ":quit-all!";
# "L" = "repeat_last_motion";
space = {
q = ":reflow 80";
Q = ":reflow 120";
C = ":bc!";
h = ":toggle lsp.display-inlay-hints";
# O = ["select_textobject_inner WORD", ":pipe-to xargs xdg-open"];
};
};
select = {
space = {
q = ":reflow 80";
Q = ":reflow 120";
};
# "L" = "repeat_last_motion";
};
};
};
themes = with style.colors.withHashPrefix; {
custom = {
"type" = orange;
"constructor" = blue;
"constant" = orange;
"constant.builtin" = orange;
"constant.character" = yellow;
"constant.character.escape" = orange;
"string" = green;
"string.regexp" = orange;
"string.special" = blue;
"comment" = {
fg = fgdim;
modifiers = [ "italic" ];
};
"variable" = text;
"variable.parameter" = {
fg = red;
modifiers = [ "italic" ];
};
"variable.builtin" = red;
"variable.other.member" = text;
"label" = blue;
"punctuation" = fgdim;
"punctuation.special" = blue;
"keyword" = purple;
"keyword.storage.modifier.ref" = yellow;
"keyword.control.conditional" = {
fg = purple;
modifiers = [ "italic" ];
};
"operator" = blue;
"function" = blue;
"function.macro" = purple;
"tag" = purple;
"attribute" = blue;
"namespace" = {
fg = blue;
modifiers = [ "italic" ];
};
"special" = blue;
"markup.heading.marker" = {
fg = orange;
modifiers = [ "bold" ];
};
"markup.heading.1" = blue;
"markup.heading.2" = yellow;
"markup.heading.3" = green;
"markup.heading.4" = orange;
"markup.heading.5" = red;
"markup.heading.6" = fg3;
"markup.list" = purple;
"markup.bold" = {
modifiers = [ "bold" ];
};
"markup.italic" = {
modifiers = [ "italic" ];
};
"markup.strikethrough" = {
modifiers = [ "crossed_out" ];
};
"markup.link.url" = {
fg = red;
modifiers = [ "underlined" ];
};
"markup.link.text" = blue;
"markup.raw" = red;
"diff.plus" = green;
"diff.minus" = red;
"diff.delta" = blue;
"ui.linenr" = {
fg = fgdim;
};
"ui.linenr.selected" = {
fg = fg2;
};
"ui.statusline" = {
fg = fgdim;
bg = bg;
};
"ui.statusline.inactive" = {
fg = fg3;
bg = bg2;
};
"ui.statusline.normal" = {
fg = bg;
bg = purple;
modifiers = [ "bold" ];
};
"ui.statusline.insert" = {
fg = bg;
bg = green;
modifiers = [ "bold" ];
};
"ui.statusline.select" = {
fg = bg;
bg = red;
modifiers = [ "bold" ];
};
"ui.popup" = {
fg = text;
bg = bg2;
};
"ui.window" = {
fg = fgdim;
};
"ui.help" = {
fg = fg2;
bg = bg2;
};
"ui.bufferline" = {
fg = fgdim;
bg = bg2;
};
"ui.bufferline.background" = {
bg = bg2;
};
"ui.text" = text;
"ui.text.focus" = {
fg = text;
bg = bg3;
modifiers = [ "bold" ];
};
"ui.text.inactive" = {
fg = fg2;
};
"ui.virtual" = fg2;
"ui.virtual.ruler" = {
bg = bg3;
};
"ui.virtual.indent-guide" = bg3;
"ui.virtual.inlay-hint" = {
fg = bg3;
bg = bg;
};
"ui.selection" = {
bg = bg5;
};
"ui.cursor" = {
fg = bg;
bg = text;
};
"ui.cursor.primary" = {
fg = bg;
bg = red;
};
"ui.cursor.match" = {
fg = orange;
modifiers = [ "bold" ];
};
"ui.cursor.primary.normal" = {
fg = bg;
bg = text;
};
"ui.cursor.primary.insert" = {
fg = bg;
bg = text;
};
"ui.cursor.primary.select" = {
fg = bg;
bg = text;
};
"ui.cursor.normal" = {
fg = bg;
bg = fg;
};
"ui.cursor.insert" = {
fg = bg;
bg = fg;
};
"ui.cursor.select" = {
fg = bg;
bg = fg;
};
"ui.cursorline.primary" = {
bg = bg3;
};
"ui.highlight" = {
bg = bg3;
fg = bg;
modifiers = [ "bold" ];
};
"ui.menu" = {
fg = fg3;
bg = bg2;
};
"ui.menu.selected" = {
fg = text;
bg = bg3;
modifiers = [ "bold" ];
};
"diagnostic.error" = {
underline = {
color = red;
style = "curl";
};
};
"diagnostic.warning" = {
underline = {
color = orange;
style = "curl";
};
};
"diagnostic.info" = {
underline = {
color = blue;
style = "curl";
};
};
"diagnostic.hint" = {
underline = {
color = blue;
style = "curl";
};
};
error = red;
warning = orange;
info = blue;
hint = yellow;
"ui.background" = {
bg = bg;
fg = fgdim;
};
/*
"ui.cursorline.primary" = { bg = "default" }
"ui.cursorline.secondary" = { bg = "default" }
*/
"ui.cursorcolumn.primary" = {
bg = bg3;
};
"ui.cursorcolumn.secondary" = {
bg = bg3;
};
"ui.bufferline.active" = {
fg = primary;
bg = bg3;
underline = {
color = primary;
style = "";
};
};
};
};
};
};
}

41
lib/modules/home/scripts/common/bin/countdown
View file

@ -1,41 +0,0 @@
#!/usr/bin/env bash
function usage {
echo "countdown - exit after a certain amount of time has passed"
echo " Usage:"
echo " countdown <TIME> && command..."
echo
echo " Examples:"
echo ' countdown 120 && echo "Two minutes have elapsed!"'
echo ' countdown 5m && echo "Five minutes have elapsed!"'
echo ' countdown 10h && echo "Ten hours have elapsed!"'
echo ' countdown 9d && echo "Nine days have elapsed!"'
}
[[ $# -lt 1 ]] && { printf "error: no SECONDS argument provided\n" >&2; usage; exit 1; }
t="$1"
seconds="$(echo "$t" | tr -d -c 0-9)"
if [[ $t =~ ^.*m$ ]]; then
seconds=$((seconds * 60))
fi
if [[ $t =~ ^.*h$ ]]; then
seconds=$((seconds * 60 * 60))
fi
if [[ $t =~ ^.*d$ ]]; then
seconds=$((seconds * 60 * 60 * 24))
fi
d=$(($(date +%s) + seconds));
printf 'Started at %s\n' "$(date)"
while [[ "$d" -ge "$(date +%s)" ]]; do
_dt=$((d - $(date +%s)))
days=$((_dt / 86400))
printf "\r%sd %s " "$days" "$(date -u --date @$((_dt)) +%H:%M:%S)";
sleep 0.1
done
printf "\rCountdown finished %s\n" "$(date)"

127
lib/modules/home/scripts/common/bin/spark
View file

@ -1,127 +0,0 @@
#!/usr/bin/env bash
#
# spark
# https://github.com/holman/spark
#
# Generates sparklines for a set of data.
#
# Here's a good web-based sparkline generator that was a bit of inspiration
# for spark:
#
# https://datacollective.org/sparkblocks
#
# spark takes a comma-separated or space-separated list of data and then prints
# a sparkline out of it.
#
# Examples:
#
# spark 1 5 22 13 53
# # => ▁▁▃▂▇
#
# spark 0 30 55 80 33 150
# # => ▁▂▃▅▂▇
#
# spark -h
# # => Prints the spark help text.
# Generates sparklines.
#
# $1 - The data we'd like to graph.
_echo()
{
if [ "X$1" = "X-n" ]; then
shift
printf "%s" "$*"
else
printf "%s\n" "$*"
fi
}
spark()
{
local n numbers=
# find min/max values
local min=0xffffffff max=0
for n in ${@//,/ }
do
# on Linux (or with bash4) we could use `printf %.0f $n` here to
# round the number but that doesn't work on OS X (bash3) nor does
# `awk '{printf "%.0f",$1}' <<< $n` work, so just cut it off
n=${n%.*}
(( n < min )) && min=$n
(( n > max )) && max=$n
numbers=$numbers${numbers:+ }$n
done
# print ticks
local ticks=(▁ ▂ ▃ ▄ ▅ ▆ ▇ █)
# use a high tick if data is constant
(( min == max )) && ticks=(▅ ▆)
local f=$(( (($max-$min)<<8)/(${#ticks[@]}-1) ))
(( f < 1 )) && f=1
for n in $numbers
do
_echo -n ${ticks[$(( ((($n-$min)<<8)/$f) ))]}
done
_echo
}
# If we're being sourced, don't worry about such things
if [ "$BASH_SOURCE" == "$0" ]; then
# Prints the help text for spark.
help()
{
local spark=$(basename $0)
cat <<EOF
USAGE:
$spark [-h|--help] VALUE,...
EXAMPLES:
$spark 1 5 22 13 53
▁▁▃▂█
$spark 0,30,55,80,33,150
▁▂▃▄▂█
echo 9 13 5 17 1 | $spark
▄▆▂█▁
EOF
}
# show help for no arguments if stdin is a terminal
if { [ -z "$1" ] && [ -t 0 ] ; } || [ "$1" == '-h' ] || [ "$1" == '--help' ]
then
help
exit 0
fi
spark ${@:-`cat`}
fi
# source: https://github.com/holman/spark/commit/ab88ac6f8f33698f39ece2f109b1117ef39a68eb
# The MIT License
#
# Copyright (c) Zach Holman, https://zachholman.com
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.

3
lib/modules/home/scripts/common/bin/t
View file

@ -1,3 +0,0 @@
#!/usr/bin/env bash
N todo

270
lib/modules/nixos/default-module.nix
View file

@ -1,270 +0,0 @@
{
sops-nix,
disko,
slippi,
self,
...
}:
{
home-manager,
modulesPath,
lib,
config,
pkgs,
...
}:
{
imports = with self.outputs.nixosModules; [
(modulesPath + "/installer/scan/not-detected.nix")
home-manager.nixosModules.home-manager
sops-nix.nixosModules.sops
disko.nixosModules.disko
slippi.nixosModules.default
deno-netlify-ddns-client
shell-defaults-and-applications
desktop
gnome
wifi
printing
podman
virtual-machines
postgres
gaming
restic
router
(
{ config, ... }:
lib.mkIf config.family-account.enable {
users.groups.flanfam = { };
users.users.flanfam = {
isNormalUser = true;
home = "/home/flanfam";
description = "Flanagan Family";
createHome = true;
openssh.authorizedKeys.keys = [ self.outputs.pubkey ];
group = "flanfam";
shell = lib.mkIf config.lyte.shell.enable pkgs.fish;
extraGroups = [
"users"
"power"
"video"
];
};
home-manager.users.flanfam = {
# TODO: .face
accounts.email.accounts.primary = {
primary = true;
address = "home@lyte.dev";
};
home = {
username = "flanfam";
homeDirectory = "/home/flanfam";
stateVersion = lib.mkDefault config.system.stateVersion;
file.".face" = {
enable = config.home-manager.users.daniel.lyte.desktop.enable;
source = builtins.fetchurl {
url = "https://lyte.dev/icon.png";
sha256 = "sha256:0nf22gwasc64yc5317d0k0api0fwyrf4g3wxljdi2p3ki079ky53";
};
};
};
imports = with self.outputs.homeManagerModules; [
{
_module.args.fullName = config.users.users.flanfam.description;
}
default
];
};
}
)
];
options = {
family-account = {
enable = lib.mkEnableOption "Enable a user account for family members";
};
};
config = {
system.configurationRevision = toString (
self.shortRev or self.dirtyShortRev or self.lastModified or "unknown"
);
environment.etc = {
"lytedev/rev".text = config.system.configurationRevision;
"lytedev/lastModified".text = toString (self.lastModified or "unknown");
};
lyte.shell.enable = lib.mkDefault true;
nixpkgs = {
config.allowUnfree = lib.mkDefault true;
overlays = [ self.flakeLib.forSelfOverlay ];
};
nix = {
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
# registry = lib.mapAttrs (_: value: { flake = value; }) self.inputs;
settings = {
trusted-users = lib.mkDefault [ "@wheel" ];
extra-experimental-features = lib.mkDefault [
"nix-command"
"flakes"
];
auto-optimise-store = lib.mkDefault true;
extra-substituters = [
"https://cache.nixos.org/"
"https://nix-community.cachix.org"
"https://nix.h.lyte.dev"
];
extra-trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"h.lyte.dev-2:te9xK/GcWPA/5aXav8+e5RHImKYMug8hIIbhHsKPN0M="
];
};
};
sops = {
age = {
sshKeyPaths = lib.mkDefault [ "/etc/ssh/ssh_host_ed25519_key" ];
keyFile = lib.mkDefault "/var/lib/sops-nix/key.txt";
generateKey = lib.mkDefault true;
};
};
# TODO: for each non-system user on the machine?
home-manager = {
useGlobalPkgs = lib.mkDefault true;
useUserPackages = lib.mkDefault true;
backupFileExtension = lib.mkDefault "hm-backup";
};
systemd.services.nix-daemon.environment.TMPDIR = lib.mkDefault "/var/tmp"; # TODO: why did I do this again?
boot.tmp.cleanOnBoot = lib.mkDefault true;
programs.gnupg.agent.enable = lib.mkDefault true;
time.timeZone = lib.mkDefault "America/Chicago";
i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
hardware.enableRedistributableFirmware = lib.mkDefault true;
users.users.root = {
openssh.authorizedKeys.keys = lib.mkDefault [ self.outputs.pubkey ];
shell = lib.mkIf config.lyte.shell.enable pkgs.fish;
};
services = {
openssh = {
enable = lib.mkDefault true;
settings = {
PasswordAuthentication = lib.mkDefault false;
KbdInteractiveAuthentication = lib.mkDefault false;
PermitRootLogin = lib.mkForce "prohibit-password";
};
openFirewall = lib.mkDefault true;
/*
listenAddresses = [
{ addr = "0.0.0.0"; port = 22; }
];
*/
};
avahi = {
enable = lib.mkDefault true;
reflector = lib.mkDefault true;
openFirewall = lib.mkDefault true;
nssmdns4 = lib.mkDefault true;
};
tailscale = {
enable = lib.mkDefault true;
useRoutingFeatures = lib.mkDefault "client";
};
journald.extraConfig = lib.mkDefault "SystemMaxUse=1G";
xserver.xkb = {
layout = lib.mkDefault "us";
# have the caps-lock key instead be a ctrl key
options = lib.mkDefault "ctrl:nocaps";
};
smartd.enable = lib.mkDefault true;
fwupd.enable = lib.mkDefault true;
};
console = {
useXkbConfig = lib.mkDefault true;
earlySetup = lib.mkDefault true;
colors =
with self.outputs.style.colors;
lib.mkDefault [
bg
red
green
orange
blue
purple
yellow
fg3
fgdim
red
green
orange
blue
purple
yellow
fg
];
};
networking = {
hostName = lib.mkDefault "set-a-hostname-dingus";
useDHCP = lib.mkDefault true;
firewall = {
enable = lib.mkDefault true;
allowPing = lib.mkDefault true;
};
};
users.groups.daniel = { };
users.users.daniel = {
isNormalUser = true;
home = "/home/daniel/.home";
# TODO: chown /home/daniel
description = "Daniel Flanagan";
createHome = true;
openssh.authorizedKeys.keys = [ self.outputs.pubkey ];
group = "daniel";
shell = lib.mkIf config.lyte.shell.enable pkgs.fish;
extraGroups = [
"users"
"wheel"
"video"
"dialout"
"uucp"
"power"
"kvm"
];
packages = [ ];
};
home-manager.users.daniel = {
home = {
stateVersion = lib.mkDefault config.system.stateVersion;
file.".face" = {
enable = config.home-manager.users.daniel.lyte.desktop.enable;
source = builtins.fetchurl {
url = "https://lyte.dev/img/avatar3-square-512.png";
sha256 = "sha256:15zwbwisrc01m7ad684rsyq19wl4s33ry9xmgzmi88k1myxhs93x";
};
};
};
imports = with self.outputs.homeManagerModules; [
{
_module.args.fullName = config.users.users.daniel.description;
}
default
daniel
];
};
};
}

52
lib/modules/nixos/default.nix
View file

@ -1,52 +0,0 @@
inputs: {
# boot.tmp.useTmpfs = true;
# boot.uki.tries = 3;
# services.irqbalance.enable = true;
nix-config = (import ../../../flake.nix).nixConfig;
default = import ./default-module.nix inputs;
shell-defaults-and-applications = import ./shell-config.nix;
deno-netlify-ddns-client = import ./deno-netlify-ddns-client.nix;
gnome = import ./gnome.nix;
laptop = import ./laptop.nix;
plasma6 = import ./plasma.nix;
gaming = import ./gaming.nix;
pipewire = import ./pipewire.nix;
podman = import ./podman.nix;
virtual-machines = import ./virtual-machines.nix;
postgres = import ./postgres.nix;
desktop = import ./desktop.nix;
printing = import ./printing.nix;
wifi = import ./wifi.nix;
restic = import ./restic.nix;
router = import ./router.nix;
remote-disk-key-entry-on-boot =
{
# lib,
# pkgs,
...
}:
{
/*
https://nixos.wiki/wiki/Remote_disk_unlocking
"When using DHCP, make sure your computer is always attached to the network and is able to get an IP adress, or the boot process will hang."
^ seems less than ideal
*/
boot.kernelParams = [ "ip=dhcp" ];
boot.initrd = {
# availableKernelModules = ["r8169"]; # ethernet drivers
systemd.users.root.shell = "/bin/cryptsetup-askpass";
network = {
enable = true;
ssh = {
enable = true;
port = 22;
authorizedKeys = [ inputs.self.outputs.pubkey ];
hostKeys = [ "/etc/secrets/initrd/ssh_host_rsa_key" ];
};
};
};
};
}

62
lib/modules/nixos/desktop.nix
View file

@ -1,62 +0,0 @@
{
pkgs,
lib,
config,
options,
...
}:
let
cfg = config.lyte.desktop;
in
{
options = {
lyte = {
desktop = {
enable = lib.mkEnableOption "Enable my default desktop configuration and applications";
};
};
};
config = lib.mkIf cfg.enable {
services.xserver.desktopManager.gnome.enable = true;
environment.systemPackages = [ pkgs.wl-clipboard ];
fonts.packages = [
(
# allow nixpkgs 24.11 and unstable to both work
if builtins.hasAttr "nerd-fonts" pkgs then
(pkgs.nerd-fonts.symbols-only)
else
(pkgs.nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
)
pkgs.iosevkaLyteTerm
];
xdg.portal.enable = true;
hardware =
if builtins.hasAttr "graphics" options.hardware then
{
graphics = {
enable = true;
# enable32Bit = true;
/*
driSupport32Bit = true;
driSupport = true;
*/
};
}
else
{
opengl = {
enable = true;
# driSupport32Bit = true;
driSupport = true;
};
};
services.flatpak.enable = true;
programs.appimage.binfmt = true;
services.printing.enable = true;
programs.virt-manager.enable = config.virtualisation.libvirtd.enable;
};
}

72
lib/modules/nixos/gaming.nix
View file

@ -1,72 +0,0 @@
{
lib,
config,
options,
pkgs,
...
}:
{
config = lib.mkIf config.programs.steam.enable {
programs.gamescope.enable = true;
services.pipewire = {
alsa.support32Bit = true;
};
programs.steam = {
extest.enable = true;
gamescopeSession.enable = true;
extraPackages = with pkgs; [
gamescope
];
extraCompatPackages = with pkgs; [
proton-ge-bin
];
localNetworkGameTransfers.openFirewall = true;
remotePlay.openFirewall = true;
};
hardware =
(
if builtins.hasAttr "graphics" options.hardware then
{
graphics = {
enable = true;
enable32Bit = true;
};
}
else
{
opengl = {
enable = true;
driSupport32Bit = true;
};
}
)
// {
steam-hardware.enable = true;
};
services.udev.packages = with pkgs; [ steam ];
environment = {
systemPackages = with pkgs; [
dualsensectl # for interfacing with dualsense controllers programmatically
wineWowPackages.waylandFull
lutris
winetricks
ludusavi
# ludusavi uses rclone
rclone
];
};
# remote play ports - should be unnecessary due to programs.steam.remotePlay.openFirewall = true;
/*
networking.firewall.allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
networking.firewall.allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
*/
};
}

46
lib/modules/nixos/gnome.nix
View file

@ -1,46 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.services.xserver.desktopManager.gnome.enable {
services = {
xserver = {
enable = true;
displayManager.gdm.enable = true;
# desktopManager.gnome.enable = true;
};
udev.packages = [ pkgs.gnome-settings-daemon ];
};
environment = {
variables.GSK_RENDERER = "gl";
systemPackages = with pkgs; [
bitwarden
# adwaita-gtk-theme
papirus-icon-theme
adwaita-icon-theme
adwaita-icon-theme-legacy
hydrapaper
];
};
programs.kdeconnect = {
enable = true;
package = pkgs.gnomeExtensions.gsconnect;
};
networking.firewall = rec {
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = allowedTCPPortRanges;
};
};
}

39
lib/modules/nixos/kanidm.nix
View file

@ -1,39 +0,0 @@
{
# this is not ready for primetime yet
# services.kanidm = {
# enableClient = true;
# enablePam = true;
# package = pkgs.kanidm;
# clientSettings.uri = "https://idm.h.lyte.dev";
# unixSettings = {
# # hsm_pin_path = "/somewhere/else";
# pam_allowed_login_groups = [];
# };
# };
# systemd.tmpfiles.rules = [
# "d /etc/kanidm 1755 nobody users -"
# ];
# module has the incorrect file permissions out of the box
# environment.etc = {
/*
"kanidm" = {
enable = true;
user = "nobody";
group = "users";
mode = "0755";
};
*/
# "kanidm/unixd" = {
# user = "kanidm-unixd";
# group = "kanidm-unixd";
# mode = "0700";
# };
# "kanidm/config" = {
# user = "nobody";
# group = "users";
# mode = "0755";
# };
# };
}

42
lib/modules/nixos/laptop.nix
View file

@ -1,42 +0,0 @@
{
lib,
config,
pkgs,
...
}:
{
config = lib.mkIf config.lyte.laptop.enable {
environment.systemPackages = with pkgs; [
acpi
];
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness"
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chmod g+w /sys/class/backlight/%k/brightness"
'';
services.upower.enable = true;
# NOTE: I previously let plasma settings handle this
services.logind = {
lidSwitch = "suspend-then-hibernate";
extraConfig = ''
KillUserProcesses=no
HandlePowerKey=suspend
HandlePowerKeyLongPress=poweroff
HandleRebootKey=reboot
HandleRebootKeyLongPress=poweroff
HandleSuspendKey=suspend
HandleSuspendKeyLongPress=hibernate
HandleHibernateKey=hibernate
HandleHibernateKeyLongPress=ignore
HandleLidSwitch=suspend
HandleLidSwitchExternalPower=suspend
HandleLidSwitchDocked=suspend
HandleLidSwitchDocked=suspend
IdleActionSec=11m
IdleAction=ignore
'';
};
};
}

10
lib/modules/nixos/lutris.nix
View file

@ -1,10 +0,0 @@
{ pkgs, ... }:
{
environment = {
systemPackages = with pkgs; [
wineWowPackages.waylandFull
lutris
winetricks
];
};
}

99
lib/modules/nixos/pipewire.nix
View file

@ -1,99 +0,0 @@
{
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
# wireplumber.enable = true; # this is default now
wireplumber.extraConfig = {
"monitor.bluez.properties" = {
"bluez5.enable-sbc-xq" = true;
"bluez5.enable-msbc" = true;
"bluez5.enable-hw-volume" = true;
"bluez5.roles" = [
"hsp_hs"
"hsp_ag"
"hfp_hf"
"hfp_ag"
];
};
};
extraConfig.pipewire."91-null-sinks" = {
"context.objects" = [
{
# A default dummy driver. This handles nodes marked with the "node.always-driver"
# properyty when no other driver is currently active. JACK clients need this.
factory = "spa-node-factory";
args = {
"factory.name" = "support.node.driver";
"node.name" = "Dummy-Driver";
"priority.driver" = 8000;
};
}
{
factory = "adapter";
args = {
"factory.name" = "support.null-audio-sink";
"node.name" = "Microphone-Proxy";
"node.description" = "Microphone";
"media.class" = "Audio/Source/Virtual";
"audio.position" = "MONO";
};
}
{
factory = "adapter";
args = {
"factory.name" = "support.null-audio-sink";
"node.name" = "Main-Output-Proxy";
"node.description" = "Main Output";
"media.class" = "Audio/Sink";
"audio.position" = "FL,FR";
};
}
];
};
/*
extraConfig.pipewire."92-low-latency" = {
context.properties = {
default.clock.rate = 48000;
default.clock.quantum = 32;
default.clock.min-quantum = 32;
default.clock.max-quantum = 32;
};
};
*/
};
# recommended by https://nixos.wiki/wiki/PipeWire
security.rtkit.enable = true;
/*
services.pipewire = {
enable = true;
wireplumber.enable = true;
pulse.enable = true;
jack.enable = true;
alsa = {
enable = true;
support32Bit = true;
};
};
hardware = {
pulseaudio = {
enable = false;
support32Bit = true;
};
};
security = {
# I forget why I need these exactly...
polkit.enable = true;
rtkit.enable = true;
};
*/
}

68
lib/modules/nixos/plasma.nix
View file

@ -1,68 +0,0 @@
{
self,
pkgs,
lib,
...
}:
{
imports = with self.outputs.nixosModules; [
pipewire
];
programs.kdeconnect.enable = true;
services.xserver.enable = true;
services.displayManager.sddm = {
enable = true;
# package = lib.mkForce pkgs.kdePackages.sddm;
settings = { };
# theme = "";
enableHidpi = true;
wayland = {
enable = true;
compositor = "weston";
};
};
services.desktopManager.plasma6.enable = true;
programs.dconf.enable = true;
services.xrdp.enable = false;
services.xrdp.defaultWindowManager = "plasma";
services.xrdp.openFirewall = false;
environment.systemPackages = with pkgs; [
wl-clipboard
inkscape
krita
noto-fonts
vlc
wl-clipboard
kdePackages.qtvirtualkeyboard
maliit-keyboard
maliit-framework
kdePackages.kate
kdePackages.kcalc
kdePackages.filelight
kdePackages.krdc
kdePackages.krfb
kdePackages.kclock
kdePackages.kweather
kdePackages.ktorrent
kdePackages.kdeplasma-addons
unstable-packages.kdePackages.krdp
/*
kdePackages.kdenlive
kdePackages.merkuro
kdePackages.neochat
kdePackages.kdevelop
kdePackages.kdialog
*/
];
programs.gnupg.agent.pinentryPackage = lib.mkForce pkgs.pinentry-qt;
}

36
lib/modules/nixos/podman.nix
View file

@ -1,36 +0,0 @@
{
pkgs,
config,
lib,
...
}:
{
config = lib.mkIf (config.virtualisation.oci-containers.backend == "podman") {
environment = {
systemPackages = with pkgs; [
podman-compose
];
};
virtualisation = {
podman = {
dockerCompat = true;
dockerSocket.enable = true;
defaultNetwork.settings.dns_enabled = true;
};
oci-containers = {
# backend = "podman";
};
};
networking = {
extraHosts = ''
127.0.0.1 host.docker.internal
::1 host.docker.internal
127.0.0.1 host.containers.internal
::1 host.containers.internal
'';
};
};
}

51
lib/modules/nixos/postgres.nix
View file

@ -1,51 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.services.postgresql.enable {
# this is really just for development usage
services.postgresql = {
# enable = true;
ensureDatabases = [ "daniel" ];
ensureUsers = [
{
name = "daniel";
ensureDBOwnership = true;
}
];
# enableTCPIP = true;
package = pkgs.postgresql_15;
authentication = pkgs.lib.mkOverride 10 ''
#type database DBuser auth-method
local all postgres peer map=superuser_map
local all daniel peer map=superuser_map
local sameuser all peer map=superuser_map
# lan ipv4
host all all 10.0.0.0/24 trust
host all all 127.0.0.1/32 trust
# tailnet ipv4
host all all 100.64.0.0/10 trust
'';
identMap = ''
# ArbitraryMapName systemUser DBUser
superuser_map root postgres
superuser_map postgres postgres
superuser_map daniel postgres
superuser_map /^(.*)$ \1 # Let other names login as themselves
'';
};
environment.systemPackages = with pkgs; [
pgcli
];
};
}

20
lib/modules/nixos/printing.nix
View file

@ -1,20 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.services.printing.enable {
services.printing.browsing = true;
services.printing.browsedConf = ''
BrowseDNSSDSubTypes _cups,_print
BrowseLocalProtocols all
BrowseRemoteProtocols all
CreateIPPPrinterQueues All
BrowseProtocols all
'';
services.printing.drivers = [ pkgs.gutenprint ];
};
}

25
lib/modules/nixos/restic.nix
View file

@ -1,25 +0,0 @@
{
lib,
# options,
# config,
...
}:
let
inherit (lib) mkOption types;
in
{
options.services.restic.commonPaths = mkOption {
type = types.nullOr (types.listOf types.str);
default = [ ];
description = ''
Which paths to backup, in addition to ones specified via
`dynamicFilesFrom`. If null or an empty array and
`dynamicFilesFrom` is also null, no backup command will be run.
This can be used to create a prune-only job.
'';
example = [
"/var/lib/postgresql"
"/home/user/backup"
];
};
}

804
lib/modules/nixos/router.nix
View file

@ -1,804 +0,0 @@
{
config,
lib,
...
}:
let
cfg = config.lyte.router;
inherit (builtins) mapAttrs concatStringsSep toString;
inherit (lib)
mkEnableOption
mkOption
types
mkIf
mkDefault
defaultTo
;
inherit (lib.attrsets) foldlAttrs mapAttrsToList mapAttrs';
inherit (lib.lists) flatten toList;
in
{
options.lyte.router = {
enable = mkEnableOption "Enable home router functionality";
hostname = mkOption {
default = "router";
description = "The hostname of the router. NOT the FQDN. This value concatenated with the domain will form the FQDN of this router host.";
type = types.str;
example = "my-home-router";
};
domain = mkOption {
# default = null;
description = "The domain of the router.";
type = types.str;
example = "lan";
};
openPorts = mkOption { };
hosts = mkOption { };
interfaces = {
wan = {
name = mkOption {
default = "wan";
type = types.str;
};
mac = mkOption {
type = types.str;
};
};
lan = {
name = mkOption {
default = "lan";
type = types.str;
};
mac = mkOption {
type = types.str;
};
};
};
# TODO: would be nice to support multiple VLANs?
ipv4 = {
address = mkOption {
default = "192.168.0.1";
description = "The IPv4 address of the router.";
type = types.str;
example = "10.0.0.1";
};
cidr = mkOption {
# TODO: derive IPv4 from CIDR?
description = ''The CIDR to route. If null, will use "''${config.lyte.router.ipv4}/16".'';
default = null;
example = "10.0.0.0/8";
# type = types.str;
defaultText = ''''${config.lyte.router.ipv4}/16'';
};
netmask = mkOption {
# TODO: derive from CIDR?
default = "255.255.255.0";
type = types.str;
};
dhcp-lease-space = {
min = mkOption {
default = "192.168.0.30";
type = types.str;
};
max = mkOption {
default = "192.168.0.250";
type = types.str;
};
};
};
};
config = mkIf cfg.enable (
let
cidr = defaultTo "${cfg.ipv4.address}/16" cfg.ipv4.cidr;
wan = cfg.interfaces.wan.name;
lan = cfg.interfaces.lan.name;
in
{
boot.kernel.sysctl = {
"net.ipv4.conf.all.forwarding" = true;
"net.ipv6.conf.all.forwarding" = true;
"net.ipv4.conf.default.rp_filter" = 1;
"net.ipv4.conf.${cfg.interfaces.wan.name}.rp_filter" = 1;
"net.ipv4.conf.${cfg.interfaces.lan.name}.rp_filter" = 0;
"net.ipv6.conf.${cfg.interfaces.wan.name}.accept_ra" = 2;
"net.ipv6.conf.${cfg.interfaces.wan.name}.autoconf" = 1;
"net.ipv6.conf.all.use_tempaddr" = 2;
"net.ipv6.conf.default.use_tempaddr" = lib.mkForce 2;
"net.ipv6.conf.${cfg.interfaces.wan.name}.use_tempaddr" = 2;
# "net.ipv6.conf.${interfaces.wan.name}.addr_gen_mode" = 2;
};
networking = {
hostName = cfg.hostname;
# disable some of the sane defaults
# TODO: detect conflicts with NixOS firewall options? this may be done for us?
useDHCP = false;
firewall.enable = false;
# use systemd.network for network interface configuration
useNetworkd = true;
# maybe we need this?
nat.enable = true;
extraHosts = ''
127.0.0.1 localhost
127.0.0.2 ${cfg.hostname}.${cfg.domain} ${cfg.hostname}
${cfg.ipv4.address} ${cfg.hostname}.${cfg.domain} ${cfg.hostname}
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
'';
# tcp dport 2201 accept comment "Accept SSH on port 2201"
# tcp dport 53 accept comment "Accept DNS"
# udp dport 53 accept comment "Accept DNS"
# tcp dport { 80, 443 } accept comment "Allow HTTP/HTTPS to server (see nat prerouting)"
# udp dport { 80, 443 } accept comment "Allow QUIC to server (see nat prerouting)"
nftables =
let
mkOpenPortRule =
protocol: rules:
mapAttrsToList (
name: ports:
''${protocol} dport {${concatStringsSep ", " (map toString (toList ports))}} accept comment "${name}"''
) rules;
tcpRulesString = mkOpenPortRule "tcp" cfg.openPorts.tcp;
udpRulesString = mkOpenPortRule "udp" cfg.openPorts.udp;
hostRules = flatten (
mapAttrsToList (
hostname:
{
nat ? { },
...
}:
mapAttrsToList (
protocol: rules:
mkOpenPortRule protocol (
mapAttrs' (name: value: {
name = "NAT ${name} to ${hostname}";
value = value;
}) rules
)
) nat
) cfg.hosts
);
acceptPorts = flatten [
tcpRulesString
udpRulesString
hostRules
];
# iifname ${wan} tcp dport {22} dnat to ${cfg.hosts.beefcake.ip}
# iifname ${wan} tcp dport {80, 443} dnat to ${cfg.hosts.beefcake.ip}
# iifname ${wan} udp dport {80, 443} dnat to ${cfg.hosts.beefcake.ip}
# iifname ${wan} tcp dport {26966} dnat to ${cfg.hosts.beefcake.ip}
# iifname ${wan} tcp dport {25565} dnat to ${cfg.hosts.bald.ip}
# iifname ${wan} udp dport {25565} dnat to ${cfg.hosts.bald.ip}
# iifname ${wan} udp dport {34197} dnat to ${cfg.hosts.beefcake.ip}
#
mkNatRule =
protocol: ports: address:
''iifname ${wan} ${protocol} dport {${concatStringsSep ", " (map toString (toList ports))}} dnat to ${address}'';
natPorts = flatten (
mapAttrsToList (
hostname:
{
ip,
nat ? { },
...
}:
mapAttrsToList (protocol: rules: mkNatRule protocol (mapAttrsToList (_: ports: ports)) ip) nat
) cfg.hosts
);
in
{
enable = true;
checkRuleset = true;
flushRuleset = true;
/*
set LANv4 {
type ipv4_addr
flags interval
elements = { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 }
}
set LANv6 {
type ipv6_addr
flags interval
elements = { fd00::/8, fe80::/10 }
}
TODO: maybe tailnet?
chain my_input_lan {
udp sport 1900 udp dport >= 1024 meta pkttype unicast limit rate 4/second burst 20 packets accept comment "Accept UPnP IGD port mapping reply"
udp sport netbios-ns udp dport >= 1024 meta pkttype unicast accept comment "Accept Samba Workgroup browsing replies"
}
chain forward {
type filter hook forward priority filter; policy drop;
iifname { "${lan}" } oifname { "${wan}" } accept comment "Allow trusted LAN to WAN"
iifname { "tailscale0" } oifname { "${wan}" } accept comment "Allow trusted LAN to WAN"
iifname { "${wan}" } oifname { "${lan}" } ct state { established, related } accept comment "Allow established back to LAN"
}
*/
ruleset = ''
table inet filter {
chain input {
type filter hook input priority 0; policy drop;
iif lo accept comment "Accept any localhost traffic"
ct state invalid drop comment "Drop invalid connections"
ct state established,related accept comment "Accept traffic originated from us"
meta l4proto ipv6-icmp accept comment "Accept ICMPv6"
meta l4proto icmp accept comment "Accept ICMP"
ip protocol igmp accept comment "Accept IGMP"
ip6 nexthdr icmpv6 icmpv6 type nd-router-solicit accept
ip6 nexthdr icmpv6 icmpv6 type nd-router-advert accept comment "Accept IPv6 router advertisements"
udp dport dhcpv6-client accept comment "IPv6 DHCP"
ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } accept comment "Accept IPv6 ICMP and meta stuff"
ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } accept comment "Accept IPv4 ICMP and meta stuff"
ip protocol icmpv6 accept
ip protocol icmp accept
meta l4proto ipv6-icmp counter accept
udp dport dhcpv6-client counter accept
udp dport mdns ip6 daddr ff02::fb accept comment "Accept mDNS"
udp dport mdns ip daddr 224.0.0.251 accept comment "Accept mDNS"
${concatStringsSep "\n " acceptPorts}
iifname "${lan}" accept comment "Allow local network to access the router"
iifname "tailscale0" accept comment "Allow local network to access the router"
## ip6 saddr @LANv6 jump my_input_lan comment "Connections from private IP address ranges"
## ip saddr @LANv4 jump my_input_lan comment "Connections from private IP address ranges"
iifname "${wan}" counter drop comment "Drop all other unsolicited traffic from wan"
}
chain output {
type filter hook output priority 0;
accept
}
chain forward {
type filter hook forward priority 0;
accept
}
}
table ip nat {
chain prerouting {
type nat hook prerouting priority dstnat;
iifname ${lan} accept
iifname tailscale0 accept
iifname ${wan} tcp dport {22} dnat to ${cfg.hosts.beefcake.ip}
iifname ${wan} tcp dport {80, 443} dnat to ${cfg.hosts.beefcake.ip}
iifname ${wan} udp dport {80, 443} dnat to ${cfg.hosts.beefcake.ip}
iifname ${wan} tcp dport {26966} dnat to ${cfg.hosts.beefcake.ip}
iifname ${wan} tcp dport {25565} dnat to ${cfg.hosts.bald.ip}
iifname ${wan} udp dport {25565} dnat to ${cfg.hosts.bald.ip}
iifname ${wan} udp dport {34197} dnat to ${cfg.hosts.beefcake.ip}
}
chain postrouting {
type nat hook postrouting priority 100; policy accept;
oifname "${wan}" masquerade
}
}
'';
};
};
systemd.network = {
enable = true;
# wait-online.anyInterface = true;
# configure known names for the network interfaces by their mac addresses
links = {
"20-${wan}" = {
enable = true;
matchConfig = {
MACAddress = cfg.interfaces.wan.mac;
};
linkConfig = {
Name = cfg.interfaces.wan.name;
};
};
"30-${lan}" = {
enable = true;
matchConfig = {
MACAddress = cfg.interfaces.lan.mac;
};
linkConfig = {
Name = cfg.interfaces.lan.name;
};
};
};
# configure networks for the interfaces
networks = {
# LAN configuration is very simple and mostly forwarded between
# TODO: IPv6
"50-${lan}" = {
matchConfig.Name = "${lan}";
linkConfig = {
RequiredForOnline = "enslaved";
};
address = [
cidr
];
networkConfig = {
ConfigureWithoutCarrier = true;
IPv6SendRA = true;
DHCPPrefixDelegation = true;
};
};
/*
WAN configuration requires DHCP to get addresses
we also disable some options to be certain we retain as much networking
control as we reasonably can, such as not letting the ISP determine our
hostname or DNS configuration
*/
# TODO: IPv6 (prefix delegation)
"40-${wan}" = {
matchConfig.Name = "${wan}";
networkConfig = {
DHCP = true;
/*
IPv6AcceptRA = true;
IPv6PrivacyExtensions = true;
IPForward = true;
*/
};
dhcpV6Config = {
/*
ForceDHCPv6PDOtherInformation = true;
UseHostname = false;
UseDNS = false;
UseNTP = false;
*/
# PrefixDelegationHint = "::/56";
};
dhcpV4Config = {
Hostname = cfg.hostname;
# ignore many things our ISP may suggest
UseHostname = false;
UseDNS = false;
UseNTP = false;
UseSIP = false;
UseRoutes = false;
UseGateway = true;
};
linkConfig = {
RequiredForOnline = "routable";
# Name = interfaces.wan.name;
};
ipv6AcceptRAConfig = {
DHCPv6Client = "always";
UseDNS = false;
};
};
};
};
services.resolved.enable = false;
services.fail2ban.enable = true;
services.dnsmasq = {
enable = true;
settings = {
listen-address = "::,127.0.0.1,${cfg.ipv4.address}";
port = 53;
/*
dhcp-authoritative = true;
dnssec = true;
*/
enable-ra = true;
server = [
"1.1.1.1"
"9.9.9.9"
"8.8.8.8"
];
domain-needed = true;
bogus-priv = true;
no-resolv = true;
cache-size = "10000";
dhcp-range = with cfg.ipv4.dhcp-lease-space; [
"${lan},${min},${max},${cfg.ipv4.netmask},24h"
"::,constructor:${lan},ra-stateless,ra-names,4h"
];
except-interface = wan;
interface = lan;
dhcp-host =
[
]
++ (mapAttrsToList (
name:
{
ip,
identifier ? name,
time ? "12h",
...
}:
"${name},${ip},${identifier},${time}"
) cfg.hosts);
address =
[
"/${cfg.hostname}.${cfg.domain}/${cfg.ipv4.address}"
]
++ (flatten (
mapAttrsToList (
name:
{
ip,
additionalHosts ? [ ],
# identifier ? name,
# time ? "12h",
...
}:
[
"/${name}.${cfg.domain}/${ip}"
(lib.lists.forEach additionalHosts (h: "/${h}/${ip}"))
]
) cfg.hosts
));
# local domains
local = "/lan/";
domain = "lan";
expand-hosts = true;
# don't use /etc/hosts as this would advertise surfer as localhost
no-hosts = true;
};
};
}
);
# NOTE: see flake.nix 'nnf.nixosModules.default'
/*
nftables.firewall = let
me = config.networking.nftables.firewall.localZoneName;
in {
enable = true;
snippets.nnf-common.enable = true;
zones = {
${interfaces.wan.name} = {
interfaces = [interfaces.wan.name interfaces.lan.name];
};
${interfaces.lan.name} = {
parent = interfaces.wan.name;
ipv4Addresses = [cidr];
};
## banned = {
## ingressExpression = [
## "ip saddr @banlist"
## "ip6 saddr @banlist6"
## ];
## egressExpression = [
## "ip daddr @banlist"
## "ip6 daddr @banlist6"
## ];
## };
};
rules = {
dhcp = {
from = "all";
to = [hosts.beefcake.ip];
allowedTCPPorts = [67];
allowedUDPPorts = [67];
};
http = {
from = "all";
to = [me];
allowedTCPPorts = [80 443];
};
router-ssh = {
from = "all";
to = [me];
allowedTCPPorts = [2201];
};
server-ssh = {
from = "all";
to = [hosts.beefcake.ip];
allowedTCPPorts = [22];
};
};
};
*/
/*
dnsmasq serves as our DHCP and DNS server
almost all the configuration should be derived from the values at the top of
this file
*/
/*
since the home network reserves port 22 for ssh to the big server and to
gitea, the router uses port 2201 for ssh
*/
/*
NOTE: everything from here on is deprecated or old stuff
TODO: may not be strictly necessary for IPv6?
TODO: also may not even be the best implementation?
services.radvd = {
enable = false;
## NOTE: this config is just the default arch linux config I think and may
## need tweaking? this is what I had on the arch linux router, though :shrug:
config = ''
interface lo
{
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
AdvDefaultPreference low;
AdvHomeAgentFlag off;
prefix 2001:db8:1:0::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
};
prefix 0:0:0:1234::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
Base6to4Interface ppp0;
AdvPreferredLifetime 120;
AdvValidLifetime 300;
};
route 2001:db0:fff::/48
{
AdvRoutePreference high;
AdvRouteLifetime 3600;
};
RDNSS 2001:db8::1 2001:db8::2
{
AdvRDNSSLifetime 30;
};
DNSSL branch.example.com example.com
{
AdvDNSSLLifetime 30;
};
};
'';
};
TODO: old config, should be deleted ASAP
services.dnsmasq = {
enable = false;
settings = {
# server endpoints
listen-address = "::1,127.0.0.1,${ip}";
port = "53";
# DNS cache entries
cache-size = "10000";
# local domain entries
local = "/lan/";
domain = "lan";
expand-hosts = true;
dhcp-authoritative = true;
conf-file = "/usr/share/dnsmasq/trust-anchors.conf";
dnssec = true;
except-interface = "${wan_if}";
interface = "${lan_if}";
enable-ra = true;
# dhcp-option = "121,${cidr},${ip}";
dhcp-range = [
"lan,${dhcp_lease_space.min},${dhcp_lease_space.max},${netmask},10m"
"tag:${lan_if},::1,constructor:${lan_if},ra-names,12h"
];
dhcp-host = [
"${hosts.dragon.host},${hosts.dragon.ip},12h"
"${hosts.beefcake.host},${hosts.beefcake.ip},12h"
];
# may need to go in /etc/hosts (networking.extraHosts), too?
address = [
"/video.lyte.dev/192.168.0.9"
"/git.lyte.dev/192.168.0.9"
"/bw.lyte.dev/192.168.0.9"
"/files.lyte.dev/192.168.0.9"
"/vpn.h.lyte.dev/192.168.0.9"
"/.h.lyte.dev/192.168.0.9"
];
server = [
"${ip}"
"8.8.8.8"
"8.8.4.4"
"1.1.1.1"
"1.0.0.1"
];
};
};
TODO: old config, should be deleted ASAP
nftables = {
enable = false;
flushRuleset = true;
tables = {
filter = {
family = "inet";
content = ''
chain input {
# type filter hook input priority filter; policy accept;
type filter hook input priority 0;
# anything from loopback interface
iifname "lo" accept
# accept traffic we originated
ct state { established, related } counter accept
ct state invalid counter drop
# ICMP
ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } counter accept
ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } counter accept
ip protocol icmpv6 counter accept
ip protocol icmp counter accept
meta l4proto ipv6-icmp counter accept
udp dport dhcpv6-client counter accept
tcp dport { 64022, 22, 53, 67, 25565 } counter accept
udp dport { 64020, 22, 53, 67 } counter accept
## iifname "iot" ip saddr $iot-ip tcp dport { llmnr } counter accept
## iifname "iot" ip saddr $iot-ip udp dport { mdns, llmnr } counter accept
iifname "${lan_if}" tcp dport { llmnr } counter accept
iifname "${lan_if}" udp dport { mdns, llmnr } counter accept
counter drop
}
# allow all outgoing
chain output {
type filter hook output priority 0;
accept
}
chain forward {
type filter hook forward priority 0;
accept
}
'';
};
nat = {
family = "ip";
content = ''
set masq_saddr {
type ipv4_addr
flags interval
elements = { ${cidr} }
}
map map_port_ipport {
type inet_proto . inet_service : ipv4_addr . inet_service
}
chain prerouting {
iifname ${lan_if} accept
type nat hook prerouting priority dstnat + 1; policy accept;
fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
iifname ${wan_if} tcp dport { 22, 80, 443, 25565, 64022 } dnat to ${hosts.beefcake.ip}
iifname ${wan_if} udp dport { 64020 } dnat to ${hosts.beefcake.ip}
## iifname ${wan_if} tcp dport { 25565 } dnat to 192.168.0.244
## iifname ${wan_if} udp dport { 25565 } dnat to 192.168.0.244
## router
iifname ${wan_if} tcp dport { 2201 } dnat to ${ip}
}
chain output {
type nat hook output priority -99; policy accept;
ip daddr != 127.0.0.0/8 oif "lo" dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
}
chain postrouting {
type nat hook postrouting priority srcnat + 1; policy accept;
oifname ${lan_if} masquerade
ip saddr @masq_saddr masquerade
}
'';
};
};
};
TODO: also want to try to avoid using dhcpcd for IPv6 since systemd-networkd
should be sufficient?
dhcpcd = {
enable = false;
extraConfig = ''
duid
## No way.... https://github.com/NetworkConfiguration/dhcpcd/issues/36#issuecomment-954777644
## issues caused by guests with oneplus devices
noarp
persistent
vendorclassid
option domain_name_servers, domain_name, domain_search
option classless_static_routes
option interface_mtu
option host_name
#option ntp_servers
require dhcp_server_identifier
slaac private
noipv4ll
noipv6rs
static domain_name_servers=${ip}
interface ${wan_if}
gateway
ipv6rs
iaid 1
## option rapid_commit
## ia_na 1
ia_pd 1 ${lan_if}
interface ${lan_if}
static ip_address=${cidr}
static routers=${ip}
static domain_name_servers=${ip}
'';
};
*/
}

76
lib/modules/nixos/shell-config.nix
View file

@ -1,76 +0,0 @@
{
lib,
pkgs,
config,
...
}:
let
cfg = config.lyte.shell;
in
{
options = {
lyte = {
shell = {
enable = lib.mkEnableOption "Enable my default shell configuration and applications";
};
};
};
config = lib.mkIf cfg.enable {
programs.nix-index.enable = true;
programs.command-not-found.enable = false;
users = {
defaultUserShell = pkgs.fish;
};
programs = {
fish.enable = true;
traceroute.enable = true;
git = {
enable = true;
package = pkgs.gitFull;
lfs.enable = true;
};
};
environment = {
variables = {
EDITOR = "hx";
SYSTEMD_EDITOR = "hx";
VISUAL = "hx";
PAGER = "bat --style=plain";
MANPAGER = "bat --style=plain";
};
systemPackages = with pkgs; [
aria2
bat
bottom
btop
comma
curl
dnsutils
dogdns
dua
eza
fd
file
helix
hexyl
htop
iftop
inetutils
iputils
killall
nettools
nmap
pciutils
unixtools.xxd
ripgrep
rsync
sd
usbutils
xh
zellij
];
};
};
}

10
lib/modules/nixos/steam.nix
View file

@ -1,10 +0,0 @@
{
config,
lib,
pkgs,
options,
...
}:
{
config = lib.mkIf config.programs.steam.enable { };
}

10
lib/modules/nixos/virtual-machines.nix
View file

@ -1,10 +0,0 @@
{
lib,
config,
...
}:
{
config = lib.mkIf config.virtualisation.libvirtd.enable {
users.users.daniel.extraGroups = [ "libvirtd" ];
};
}

47
lib/modules/nixos/wifi.nix
View file

@ -1,47 +0,0 @@
{
lib,
config,
...
}:
let
inherit (lib) mkDefault;
cfg = config.networking.wifi;
in
{
options = {
networking.wifi.enable = lib.mkEnableOption "Enable wifi via NetworkManager";
};
config = lib.mkIf cfg.enable {
networking.networkmanager = {
enable = true;
# ensureProfiles = {
# profiles = {
# home-wifi = {
# id="home-wifi";
# permissions = "";
# type = "wifi";
# };
# wifi = {
# ssid = "";
# };
# wifi-security = {
# # auth-alg = "";
# # key-mgmt = "";
# psk = "";
# };
# };
# };
};
systemd.services.NetworkManager-wait-online.enable = mkDefault false;
/*
TODO: networking.networkmanager.wifi.backend = "iwd"; ?
TODO: powersave?
TODO: can I pre-configure my usual wifi networks with SSIDs and PSKs loaded from secrets?
*/
hardware.wirelessRegulatoryDatabase = true;
boot.extraModprobeConfig = ''
options cfg80211 ieee80211_regdom="US"
'';
};
}

60
lib/overlays/default.nix
View file

@ -1,60 +0,0 @@
{
nixpkgs,
nixpkgs-unstable,
...
}@inputs:
rec {
default = final: _prev: {
overlays = [
additions
modifications
unstable-packages
stable-packages
];
};
forSelf = default;
additions = final: prev: (import ../../packages { pkgs = prev; });
modifications =
final: prev:
let
inherit (inputs) helix ghostty colmena;
in
{
ghostty = ghostty.outputs.packages.${prev.system}.default;
helix = helix.outputs.packages.${prev.system}.default;
colmena = colmena.outputs.packages.${prev.system}.colmena;
bitwarden = prev.bitwarden.overrideAttrs (old: {
preBuild = ''
${old.preBuild}
pushd apps/desktop/desktop_native/proxy
cargo build --bin desktop_proxy --release
popd
'';
postInstall = ''
mkdir -p $out/bin
cp -r apps/desktop/desktop_native/target/release/desktop_proxy $out/bin
mkdir -p $out/lib/mozilla/native-messaging-hosts
substituteAll ${../../packages/bitwarden.json} $out/lib/mozilla/native-messaging-hosts/com.8bit.bitwarden.json
'';
});
};
unstable-packages = final: _prev: {
unstable-packages = import nixpkgs-unstable {
system = final.system;
config.allowUnfree = true;
};
};
stable-packages = final: _prev: {
stable-packages = import nixpkgs {
system = final.system;
config.allowUnfree = true;
};
};
}

1
lib/templates/.gitignore vendored
View file

@ -1 +0,0 @@
flake.lock

41
lib/templates/deno/flake.nix
View file

@ -1,41 +0,0 @@
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
outputs =
{
self,
nixpkgs,
}:
let
inherit (self) outputs;
supportedSystems = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forEachSupportedSystem = nixpkgs.lib.genAttrs supportedSystems;
in
{
devShells = forEachSupportedSystem (
system:
let
pkgs = import nixpkgs { inherit system; };
in
{
deno-dev = pkgs.mkShell {
buildInputs = with pkgs; [
vscode-langservers-extracted
deno
curl
xh
sqlite
];
};
default = outputs.devShells.${system}.deno-dev;
}
);
};
}

19
lib/templates/elixir/flake.nix
View file

@ -1,19 +0,0 @@
{
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
git-hooks.url = "github:cachix/git-hooks.nix";
git-hooks.inputs.nixpkgs.follows = "nixpkgs";
};
outputs =
inputs:
let
inherit (import nix/boilerplate.nix inputs) call;
in
{
overlays = import nix/overlays.nix;
packages = call (import nix/packages.nix);
checks = call (import nix/checks.nix);
devShells = call (import nix/shells.nix);
};
}

21
lib/templates/elixir/nix/boilerplate.nix
View file

@ -1,21 +0,0 @@
inputs@{
nixpkgs,
self,
...
}:
let
forSelfOverlay =
if builtins.hasAttr "forSelf" self.overlays then self.overlays.forSelf else (_: p: p);
in
rec {
systems = [
"aarch64-linux"
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: ((import nixpkgs { inherit system; }).extend forSelfOverlay);
genPkgs = func: (forSystems (system: func (pkgsFor system)));
call = imported: genPkgs (pkgs: imported (inputs // { inherit pkgs; }));
}

33
lib/templates/elixir/nix/checks.nix
View file

@ -1,33 +0,0 @@
{
git-hooks,
pkgs,
...
}:
let
hook =
{
command,
stages ? [ "pre-commit" ],
...
}:
{
inherit stages;
enable = true;
name = command;
entry = command;
pass_filenames = false;
};
in
{
git-hooks = git-hooks.lib.${pkgs.system}.run {
src = ./..;
hooks = {
alejandra.enable = true;
convco.enable = true;
credo = hook { command = "mix credo --strict"; };
formatting = hook { command = "mix format --check-formatted"; };
dialyzer = hook { command = "mix dialyzer"; };
test = hook { command = "mix test"; };
};
};
}

9
lib/templates/elixir/nix/overlays.nix
View file

@ -1,9 +0,0 @@
{
forSelf = final: prev: {
erlang = prev.beam.packagesWith prev.beam.interpreters.erlang_27;
elixir = final.erlang.elixir_1_17;
mixRelease = final.erlang.mixRelease.override { elixir = final.elixir; };
fetchMixDeps = final.erlang.fetchMixDeps.override { elixir = final.elixir; };
elixir-ls = prev.elixir-ls.override { elixir = final.elixir; };
};
}

27
lib/templates/elixir/nix/packages.nix
View file

@ -1,27 +0,0 @@
{
pkgs,
self,
...
}:
let
version = "1.0.0";
src = ../.;
pname = "my-package";
in
{
${pname} = pkgs.mixRelease {
inherit pname version src;
mixFodDeps = pkgs.fetchMixDeps {
inherit version src;
pname = "mix-deps-${pname}";
sha256 = pkgs.lib.fakeSha256;
};
LANG = "C.UTF-8";
# buildInputs = with pkgs; [];
# HOME = "$(pwd)";
# MIX_XDG = "$HOME";
# RELEASE_COOKIE = "test-cookie";
};
default = self.packages.${pkgs.system}.${pname};
}

21
lib/templates/elixir/nix/shells.nix
View file

@ -1,21 +0,0 @@
{
pkgs,
self,
...
}:
{
elixir-dev = pkgs.mkShell {
shellHook = ''
${self.checks.${pkgs.system}.git-hooks.shellHook}
export LOCALE_ARCHIVE=/usr/lib/locale/locale-archive
'';
# inputsFrom = [self.packages.${pkgs.system}.my-package];
buildInputs = with pkgs; [
elixir
elixir-ls
inotify-tools
];
MIX_ENV = "dev";
};
default = self.outputs.devShells.${pkgs.system}.elixir-dev;
}

35
lib/templates/gleam/flake.nix
View file

@ -1,35 +0,0 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
outputs =
{
self,
nixpkgs,
...
}:
let
systems = [
"aarch64-linux"
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: (import nixpkgs { inherit system; }).extend self.outputs.overlays.default;
genPkgs = func: (forSystems (system: func (pkgsFor system)));
in
{
overlays.default = final: prev: {
erlangPackages = prev.beam.packagesWith prev.erlang_27;
erlang = final.erlangPackages.erlang;
};
devShells = genPkgs (pkgs: {
default = pkgs.mkShell {
buildInputs = with pkgs; [
erlang
gleam
rebar3
];
};
});
};
}

42
lib/templates/godot/flake.nix
View file

@ -1,42 +0,0 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
outputs =
{
self,
nixpkgs,
...
}:
let
inherit (self) outputs;
supportedSystems = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
in
{
devShells = forAllSystems (
system:
let
pkgs = import nixpkgs { inherit system; };
in
{
default = outputs.devShells.${system}.godot;
godot = pkgs.mkShell {
buildInputs = with pkgs; [
godot_4
gdtoolkit
];
shellHook = ''
echo -e "\e[0;30m\e[43m Use 'godot4 -e' to run the editor for this project. \e[0;30m\e[0m"
'';
};
}
);
};
}

38
lib/templates/nim/flake.nix
View file

@ -1,38 +0,0 @@
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
outputs =
{
self,
nixpkgs,
}:
let
inherit (self) outputs;
supportedSystems = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forEachSupportedSystem = nixpkgs.lib.genAttrs supportedSystems;
in
{
devShells = forEachSupportedSystem (
system:
let
pkgs = import nixpkgs { inherit system; };
in
{
nim-dev = pkgs.mkShell {
buildInputs = with pkgs; [
nim
nimble
nimlangserver
];
};
default = outputs.devShells.${system}.nim-dev;
}
);
};
}

59
lib/templates/nix-flake/flake.nix
View file

@ -1,59 +0,0 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
inputs.pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";
inputs.pre-commit-hooks.inputs.nixpkgs.follows = "nixpkgs";
outputs =
{
self,
nixpkgs,
pre-commit-hooks,
...
}:
let
systems = [
"aarch64-linux"
"aarch64-darwin"
"x86_64-darwin"
"x86_64-linux"
];
forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: (import nixpkgs { inherit system; });
genPkgs = func: (forSystems (system: func (pkgsFor system)));
in
{
formatter = genPkgs (pkgs: pkgs.nixfmt-rfc-style);
checks = genPkgs (pkgs: {
pre-commit-check = pre-commit-hooks.lib.${pkgs.system}.run {
src = ./.;
hooks = {
nixfmt-rfc-style.enable = true;
};
};
});
devShells = genPkgs (pkgs: {
nix = pkgs.mkShell {
packages = with pkgs; [
nixd
nixfmt-rfc-style
];
inherit (self.outputs.checks.${pkgs.system}.pre-commit-check) shellHook;
};
default = self.outputs.devShells.${pkgs.system}.nix;
});
/*
packages = genPkgs (pkgs: import ./pkgs {inherit pkgs;});
overlays = import ./overlays self;
nixosModules = import ./modules/nixos;
homeManagerModules = import ./modules/home-manager;
nixosConfigurations = import ./nixos;
homeConfigurations = import ./home
templates = import ./templates;
*/
};
}

17
lib/templates/rust/flake.nix
View file

@ -1,17 +0,0 @@
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
inputs.git-hooks.url = "github:cachix/git-hooks.nix";
inputs.git-hooks.inputs.nixpkgs.follows = "nixpkgs";
outputs =
inputs:
let
inherit (import nix/boilerplate.nix inputs) call genPkgs;
in
{
# overlays = import nix/overlays.nix;
checks = call (import nix/checks.nix);
packages = call (import nix/packages.nix);
devShells = call (import nix/shells.nix);
formatter = genPkgs (p: p.alejandra);
};
}

24
lib/templates/rust/nix/boilerplate.nix
View file

@ -1,24 +0,0 @@
inputs@{
nixpkgs,
self,
...
}:
let
forSelfOverlay =
if builtins.hasAttr "overlays" self && builtins.hasAttr "forSelf" self.overlays then
self.overlays.forSelf
else
(_: p: p);
in
rec {
systems = [
"aarch64-linux"
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: ((import nixpkgs { inherit system; }).extend forSelfOverlay);
genPkgs = func: (forSystems (system: func (pkgsFor system)));
call = imported: genPkgs (pkgs: imported (inputs // { inherit pkgs; }));
}

26
lib/templates/rust/nix/checks.nix
View file

@ -1,26 +0,0 @@
{
pkgs,
git-hooks,
...
}:
{
git-hooks = git-hooks.lib.${pkgs.system}.run {
src = ./..;
hooks = {
alejandra.enable = true;
cargo-check.enable = true;
convco.enable = true;
cargo-test = {
enable = true;
name = "cargo-test";
entry = "cargo test";
# types = ["rust"];
# language = "rust";
pass_filenames = false;
stages = [ "pre-commit" ];
};
clippy.enable = true;
rustfmt.enable = true;
};
};
}

28
lib/templates/rust/nix/packages.nix
View file

@ -1,28 +0,0 @@
{ pkgs, ... }:
let
inherit (builtins) fromTOML readFile;
pname = "my-package";
src = ./..;
main-package = pkgs.rustPlatform.buildRustPackage {
inherit pname src;
version = (fromTOML (readFile "${src}/Cargo.toml")).package.version;
# or for workspaces: version = (fromTOML (readFile "${src}/${pname}/Cargo.toml")).package.version;
/*
nativeBuildInputs = with pkgs; [
pkg-config
clang
];
buildInputs = with pkgs; [
];
*/
cargoHash = pkgs.lib.fakeHash;
useFetchCargoVendor = true;
};
in
{
${pname} = main-package;
default = main-package;
}

23
lib/templates/rust/nix/shells.nix
View file

@ -1,23 +0,0 @@
{
self,
pkgs,
...
}:
let
inherit (pkgs) system;
in
{
default = pkgs.mkShell {
inherit (self.checks.${system}.git-hooks) shellHook;
inputsFrom = [ self.packages.${system}.default ];
packages = with pkgs; [
convco
rustPackages.clippy
typescript-language-server
rust-analyzer
rustfmt
nixd
lldb
];
};
}

1830
modules/home-manager/default.nix Normal file
View file

File diff suppressed because it is too large Load diff

107
modules/home-manager/eww/eww.scss Normal file
View file

@ -0,0 +1,107 @@
$base: #1e1e2e;
$mantle: #181825;
$crust: #11111b;
$text: #cdd6f4;
$subtext0: #a6adc8;
$subtext1: #bac2de;
$surface0: #313244;
$surface1: #45475a;
$surface2: #585b70;
$overlay0: #6c7086;
$overlay1: #7f849c;
$overlay2: #9399b2;
$blue: #89b4fa;
$lavender: #b4befe;
$sapphire: #74c7ec;
$sky: #89dceb;
$teal: #94e2d5;
$green: #a6e3a1;
$yellow: #f9e2af;
$peach: #fab387;
$maroon: #eba0ac;
$red: #f38ba8;
$mauve: #cba6f7;
$pink: #f5c2e7;
$flamingo: #f2cdcd;
$rosewater: #f5e0dc;
* {
all: unset;
}
.bar0,
.bar1,
.bar {
background-color: $base;
color: $text;
font-family: IosevkaLyteTerm;
font-size: 12.0pt;
}
.sidestuff slider {
color: $sapphire;
}
.metric {}
.metric label {
padding-right: 5px;
}
.metric scale {
/*background-color: #ff00ff;*/
}
.metric scale trough {
background-color: $surface1;
color: $mantle;
border-radius: 50px;
min-height: 5px;
min-width: 50px;
}
.metric scale trough highlight {
background-color: $flamingo;
color: $base;
border-radius: 10px;
}
.bar0>*,
.bar1>*,
.bar>* {
padding-left: 10px;
padding-right: 10px;
}
.vol .muted,
.mic .live {
color: $red;
}
.vol .live,
.mic .muted {
color: $sapphire;
}
.workspace {
padding-left: 10px;
padding-right: 10px;
color: #666666;
}
.workspace.occupied {
color: $text;
}
.workspace.occupied.active,
.workspace.active {
color: $base;
background-color: $subtext1;
}
.workspace.occupied.focused.active,
.workspace.occupied.focused,
.workspace.focused {
color: $base;
background-color: $sapphire;
}

102
modules/home-manager/eww/eww.yuck Normal file
View file

@ -0,0 +1,102 @@
(defwidget bar []
(centerbox :orientation "h"
(sidestuff)
(box)
(music)))
(defwindow bar0
:monitor 0
:stacking "fg"
:exclusive true
:geometry
(geometry
:x "0%"
:y "0%"
:width "100%"
:height "32px"
:anchor "bottom center")
(bar))
(defwindow bar1
:monitor 1
:stacking "fg"
:exclusive true
:geometry
(geometry
:x "0%"
:y "0%"
:width "100%"
:height "32px"
:anchor "bottom center")
(bar))
(defwidget sidestuff []
(box :class "sidestuff" :orientation "h" :space-evenly false :halign "start" :valign "center" :spacing 10
time
; TODO: indicator/tray/taskbar/toolbar icons and management? (probably should use something standalone?)
; https://github.com/elkowar/eww/issues/111
; TODO: idle inhibitor?
; TODO: hyprland workspaces?
; TODO: get these to align properly? icons seem lower than they should be?
(box :class "mic" (
box :class {micMuted == "false" ? "live" : "muted"} {micMuted == "false" ? " " : " "}
) {"${micVolume}%"}
)
(box :class "vol" (
box :class {muted == "false" ? "live" : "muted"} {muted == "false" ? "󰕾 " : "󰖁 "}
) {"${volume}%"}
)
{" ${round(EWW_CPU["avg"], 0)}%"}
{" ${round(EWW_RAM["used_mem_perc"], 0)}%"}
; TODO: have these "widgets" be omitted entirely instead of just empty strings
{(showBrightness == "true") ? (" ${brightness}%") : ""}
{(showBattery == "true") ? ("󱊣 ${EWW_BATTERY["BAT1"]["capacity"]}% (${batteryTime})") : ""}
(box :orientation "h" :space-evenly false :halign "start" :valign "center" (workspaces))
))
(defwidget music []
(box :class "music"
:orientation "h"
:halign "end"
:space-evenly false
{music != "" ? "${music}" : ""}))
(deflisten music :initial ""
"playerctl --follow metadata --format '{{ title }} by {{ artist }}' || true")
(deflisten volume :initial "0"
"pamixer --get-volume; pactl subscribe | grep sink --line-buffered | while read i; do pamixer --get-volume; done")
(deflisten muted :initial "false"
"pamixer --get-mute; pactl subscribe | grep sink --line-buffered | while read i; do pamixer --get-mute; done")
(deflisten micVolume :initial "0"
"pamixer --default-source --get-volume; pactl subscribe | grep source --line-buffered | while read i; do pamixer --default-source --get-volume; done")
(deflisten micMuted :initial "false"
"pamixer --default-source --get-mute; pactl subscribe | grep source --line-buffered | while read i; do pamixer --default-source --get-mute; done")
; "upower -d | rg '\\s*(time to empty|time to full):\\s*(\\d.*)\$' -r '\$2'; upower --monitor-detail | rg '\\s*(time to empty|time to full):\\s*(\\d.*)\$' -r '\$2'")
; (deflisten batteryTime :initial "unknown"
; "upower -d | rg '\s*time to empty:\s*(\d.*)\$' -r '\$1'; upower --monitor-detail | rg '\\s*time to empty:\\s*(\\d.*)\$' -r '\$1'")
(defpoll time :interval "1s"
"date '+%a %b %d %H:%M:%S'")
(defpoll showBrightness :interval "24h"
; if we have at least one file in /sys/class/backlight, we should try and show brightness
"if [ \"$(find /sys/class/backlight -mindepth 1 -maxdepth 1 | head -n 1 | wc -l)\" == \"1\" ]; then echo true; else echo false; fi")
(defpoll showBattery :interval "24h"
; if we have at least one battery in /sys/class/power_supply, we should try and show battery levels
"if find /sys/class/power_supply -mindepth 1 -maxdepth 1 2>&1 | rg '\/sys\/class\/power_supply\/BAT' 2>&1 > /dev/null; then echo true; else echo false; fi")
(defpoll brightness :interval "10s"
"echo $(((100 * $(brightnessctl get)) / $(brightnessctl max)))")
(deflisten batteryTime :initial "unknown" "scripts/battery-time.bash")
(deflisten workspace "scripts/hypr-workspaces.bash")
(defwidget workspaces [] (literal :content workspace))

3
modules/home-manager/eww/scripts/battery-time.bash Executable file
View file

@ -0,0 +1,3 @@
#!/usr/bin/env bash
{ upower -d; upower --monitor-detail; } \
| rg '\s*time to.*:\s*(\d.*)\s*$' -r '$1'

70
modules/home-manager/eww/scripts/hypr-workspaces.bash Executable file
View file

@ -0,0 +1,70 @@
#!/usr/bin/env bash
# TODO: we're mixing bash arrays and not-arrays - get it together
#define icons for workspaces 1-9
ic=(1 2 3 4 5 6 7 8 9)
occ() { export o"$1"="occupied"; }
unocc() { unset -v o"$1"; }
active() { export a"$1"="active"; }
unactive() { unset -v a"$1"; }
focus() { export f"$1"="focused"; }
unfocus() { unset -v f"$1"; }
workspaces() {
for num in 1 2 3 4 5 6 7 8 9; do
unfocus $num
unactive $num
unocc $num
done
# TODO: avoid recomputing these each time and actually listen to the events?
mons_json=$(hyprctl monitors -j)
for num in $(hyprctl workspaces -j | jq -r '.[] | select(.windows > 0) | .id'); do
occ "$num"
done
for num in $(echo "$mons_json" | jq -r '.[].activeWorkspace.id'); do
active "$num"
done
for num in $(echo "$mons_json" | jq -r '.[] | select(.focused) | .activeWorkspace.id'); do
focus "$num"
done
# TODO: would be nice to have monitors' workspaces show up in left-to-right
# order as laid out in physical/pixel space
# this would make glancing at the workspace indicator more intuitive
# TODO: might be nice to exclude certain windows as counting towards "occupation" such as xwaylandvideobridge or w/e
# NOTE: maybe I can group workspaces by their monitor with some mechanism for "unassigned" workspace to show up by a "primary" monitor
# render eww widget
echo "(eventbox :onscroll \"echo {} | sed -e 's/up/-1/g' -e 's/down/+1/g' | xargs hyprctl dispatch workspace\" \
(box :class \"workspaces\" :orientation \"h\" :spacing 0 :space-evenly \"true\" \
(button :onclick \"hyprctl dispatch workspace 1\" :onrightclick \"hyprctl dispatch workspace 1\" :class \"workspace $a1 $o1 $f1\" \"${ic[0]}\") \
(button :onclick \"hyprctl dispatch workspace 2\" :onrightclick \"hyprctl dispatch workspace 2\" :class \"workspace $a2 $o2 $f2\" \"${ic[1]}\") \
(button :onclick \"hyprctl dispatch workspace 3\" :onrightclick \"hyprctl dispatch workspace 3\" :class \"workspace $a3 $o3 $f3\" \"${ic[2]}\") \
(button :onclick \"hyprctl dispatch workspace 4\" :onrightclick \"hyprctl dispatch workspace 4\" :class \"workspace $a4 $o4 $f4\" \"${ic[3]}\") \
(button :onclick \"hyprctl dispatch workspace 5\" :onrightclick \"hyprctl dispatch workspace 5\" :class \"workspace $a5 $o5 $f5\" \"${ic[4]}\") \
(button :onclick \"hyprctl dispatch workspace 6\" :onrightclick \"hyprctl dispatch workspace 6\" :class \"workspace $a6 $o6 $f6\" \"${ic[5]}\") \
(button :onclick \"hyprctl dispatch workspace 7\" :onrightclick \"hyprctl dispatch workspace 7\" :class \"workspace $a7 $o7 $f7\" \"${ic[6]}\") \
(button :onclick \"hyprctl dispatch workspace 8\" :onrightclick \"hyprctl dispatch workspace 8\" :class \"workspace $a8 $o8 $f8\" \"${ic[7]}\") \
(button :onclick \"hyprctl dispatch workspace 9\" :onrightclick \"hyprctl dispatch workspace 9\" :class \"workspace $a9 $o9 $f9\" \"${ic[8]}\") \
) \
)"
}
# initial render
workspaces
# listen to events and re-render
while true; do
# TODO: not sure why this socat | read invocation seems to stop?
socat - "UNIX-CONNECT:/tmp/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock" | while read -r line; do
workspaces "$line"
done
done
echo '(box "DONE")'

6
modules/home-manager/ewwbar.nix Normal file
View file

@ -0,0 +1,6 @@
{...}: {
programs.eww = {
enable = true;
configDir = ./eww;
};
}

10
lib/modules/home/fish/interactiveShellInit.fish → modules/home-manager/fish/interactiveShellInit.fish
View file

@ -1,5 +1,3 @@
set this_shell_should_notify 1
# prompt
function get_hostname
if test (uname) = Linux || test (uname) = Darwin
@ -63,10 +61,6 @@ end
function _last_cmd_duration
set_color -b normal green
set -q CMD_DURATION && printf " %dms" $CMD_DURATION
if test $CMD_DURATION -gt 5000 && test $this_shell_should_notify = 1
printf "\e]777;notify;%s;%s\e\\" "Terminal Command Finished" (history --max 1)
set this_shell_should_notify 0
end
end
function _maybe_jobs_summary
@ -118,10 +112,6 @@ function _prompt_prefix
printf "# "
end
function preexec --on-event fish_preexec
set this_shell_should_notify 1
end
function fish_prompt
set last_cmd_status $status
_prompt_marker

4
lib/modules/home/fish/shellInit.fish → modules/home-manager/fish/shellInit.fish
View file

@ -33,6 +33,8 @@ set --export --universal EXA_COLORS '*=0'
set --export --universal ERL_AFLAGS "-kernel shell_history enabled -kernel shell_history_file_bytes 1024000"
set --export --universal BROWSER firefox
set --export --universal SOPS_AGE_KEY_FILE "$XDG_CONFIG_HOME/sops/age/keys.txt"
if has_command skim
@ -40,8 +42,6 @@ if has_command skim
set --export --universal SKIM_CTRL_T_COMMAND "fd --hidden"
end
set --export --universal NEWT_COLORS "root=black,black:border=black,blue"
# colors
set -U fish_color_normal normal # default color
set -U fish_color_command white # base command being run (>ls< -la)

285
modules/home-manager/hyprland.nix Normal file
View file

@ -0,0 +1,285 @@
{
pkgs,
colors,
config,
lib,
# font,
...
}: {
imports = [
./ewwbar.nix
# ./mako.nix
./swaylock.nix
# TODO: figure out how to import this for this module _and_ for the sway module?
./linux-desktop.nix
];
# TODO: Hyprland seems to have issues with resuming from hibernation on my
# laptop where it uses a ton of CPU.
home.packages = with pkgs; [
# TODO: integrate osd
swayosd
];
home.file."${config.xdg.configHome}/hypr/hyprpaper.conf" = {
enable = true;
text = ''
preload = ~/.wallpaper
wallpaper = ,~/.wallpaper
'';
};
wayland.windowManager.hyprland = {
enable = true;
settings = {
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
monitor = [
# See https://wiki.hyprland.org/Configuring/Monitors/
",preferred,auto,auto"
];
xwayland = {
force_zero_scaling = true;
};
exec-once = [
"hyprpaper"
# "mako"
"swayosd-server"
"eww daemon && eww open bar$EWW_BAR_MON"
"firefox"
"wezterm"
"xwaylandvideobridge"
"dbus-update-activation-environment --systemd --all"
"systemctl --user import-environment QT_QPA_PLATFORMTHEME"
# "wezterm"
# NOTE: maybe check out hypridle?
(lib.concatStringsSep " " [
"swayidle -w"
"timeout 300 'notify-send \"Idling in 300 seconds\"' resume 'notify-send \"Idling cancelled.\"'"
"timeout 480 'notify-send -u critical \"Idling in 120 seconds\"'"
"timeout 510 'notify-send -u critical \"Idling in 90 seconds\"'"
"timeout 540 'notify-send -u critical \"Idling in 60 seconds!\"'"
"timeout 570 'notify-send -u critical \"Idling in 30 seconds!\"'"
"timeout 590 'notify-send -u critical \"Idling in 10 seconds!\"'"
"timeout 591 'notify-send -u critical \"Idling in 9 seconds!\"'"
"timeout 592 'notify-send -u critical \"Idling in 8 seconds!\"'"
"timeout 593 'notify-send -u critical \"Idling in 7 seconds!\"'"
"timeout 594 'notify-send -u critical \"Idling in 6 seconds!\"'"
"timeout 595 'notify-send -u critical \"Idling in 5 seconds!\"'"
"timeout 596 'notify-send -u critical \"Idling in 4 seconds!\"'"
"timeout 597 'notify-send -u critical \"Idling in 3 seconds!\"'"
"timeout 598 'notify-send -u critical \"Idling in 2 seconds!\"'"
"timeout 599 'notify-send -u critical \"Idling in 1 second!\"'"
"timeout 600 'swaylock --daemonize'"
"timeout 600 'hyprctl dispatch dpms off' resume 'hyprctl dispatch dpms on'"
"after-resume 'maybe-good-morning'"
"before-sleep 'swaylock --daemonize'"
])
''swayidle -w timeout 600 'notify-send "Locking in 30 seconds..."' timeout 630 'swaylock -f' timeout 660 'hyprctl dispatch dpms off' resume 'hyprctl dispatch dpms on && maybe-good-morning' before-sleep 'swaylock -f'"''
"dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP"
];
env = [
"XCURSOR_SIZE,24"
];
input = {
kb_layout = "us";
kb_options = "ctrl:nocaps";
# kb_variant =
# kb_model =
# kb_rules =
follow_mouse = 2;
repeat_delay = 200;
repeat_rate = 60;
touchpad = {
natural_scroll = "yes";
tap-to-click = true;
middle_button_emulation = true;
disable_while_typing = false;
};
};
misc = {
disable_hyprland_logo = true;
disable_splash_rendering = true;
};
binds = {
allow_workspace_cycles = true;
};
general = {
# See https://wiki.hyprland.org/Configuring/Variables/ for more
"col.active_border" = "0xff${colors.primary} 0xff${colors.green} 45deg";
"col.inactive_border" = "0xff${colors.fgdim}";
gaps_in = 3;
gaps_out = 6;
border_size = 2;
no_cursor_warps = true;
resize_on_border = true;
no_focus_fallback = true;
layout = "dwindle";
};
decoration = {
rounding = 3;
# blur = "no";
# blur_size = 3
# blur_passes = 1
# blur_new_optimizations = on
drop_shadow = "yes";
shadow_range = 4;
shadow_render_power = 3;
"col.shadow" = "rgba(1a1a1aee)";
dim_inactive = false;
};
"$mod" = "SUPER";
bind = [
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
# "$mod, return, exec, wezterm"
# "$mod SHIFT, return, exec, wezterm"
"$mod, return, exec, wezterm"
"$mod SHIFT, return, exec, kitty"
"$mod, U, exec, firefox"
"$mod, space, exec, tofi-run | xargs hyprctl dispatch exec --"
"$mod, C, killactive,"
"$mod SHIFT, E, exit,"
"$mod, E, exec, dolphin"
"$mod, F, togglefloating,"
"$mod SHIFT, F, fullscreen,"
"$mod, R, exec, anyrun"
"$mod, S, pseudo, # dwindle"
"$mod, P, togglesplit, # dwindle"
# Move focus with mod + arrow keys
"$mod, left, movefocus, l"
"$mod, right, movefocus, r"
"$mod, up, movefocus, u"
"$mod, down, movefocus, d"
"$mod, h, movefocus, l"
"$mod, l, movefocus, r"
"$mod, k, movefocus, u"
"$mod, j, movefocus, d"
"$mod SHIFT, H, swapwindow, l"
"$mod SHIFT, L, swapwindow, r"
"$mod SHIFT, K, swapwindow, u"
"$mod SHIFT, J, swapwindow, d"
"$mod SHIFT, V, exec, swayosd-client --input-volume mute-toggle"
", XF86AudioMicMute, exec, swayosd-client --input-volume mute-toggle"
", XF86AudioMute, exec, swayosd-client --output-volume mute-toggle"
", XF86AudioRaiseVolume, exec, swayosd-client --output-volume raise"
", XF86AudioLowerVolume, exec, swayosd-client --output-volume lower"
", XF86MonBrightnessUp, exec, swayosd-client --brightness raise"
", XF86MonBrightnessDown, exec, swayosd-client --brightness lower"
", XF86AudioPlay, exec, playerctl play-pause"
", XF86AudioNext, exec, playerctl next"
", XF86AudioPrev, exec, playerctl previous"
"$mod, tab, workspace, previous"
"ALT, tab, workspace, previous"
# Switch workspaces with mod + [0-9]
"$mod, 1, workspace, 1"
"$mod, 2, workspace, 2"
"$mod, 3, workspace, 3"
"$mod, 4, workspace, 4"
"$mod, 5, workspace, 5"
"$mod, 6, workspace, 6"
"$mod, 7, workspace, 7"
"$mod, 8, workspace, 8"
"$mod, 9, workspace, 9"
"$mod, 0, workspace, 10"
# Move active window to a workspace with mod + SHIFT + [0-9]
"$mod SHIFT, 1, movetoworkspace, 1"
"$mod SHIFT, 2, movetoworkspace, 2"
"$mod SHIFT, 3, movetoworkspace, 3"
"$mod SHIFT, 4, movetoworkspace, 4"
"$mod SHIFT, 5, movetoworkspace, 5"
"$mod SHIFT, 6, movetoworkspace, 6"
"$mod SHIFT, 7, movetoworkspace, 7"
"$mod SHIFT, 8, movetoworkspace, 8"
"$mod SHIFT, 9, movetoworkspace, 9"
"$mod SHIFT, 0, movetoworkspace, 10"
"$mod SHIFT, S, exec, clipshot"
# Scroll through existing workspaces with mod + scroll
"$mod, mouse_down, workspace, e+1"
"$mod, mouse_up, workspace, e-1"
"CTRL SHIFT $mod, L, exec, swaylock"
"$mod CTRL, space, exec, makoctl dismiss"
"$mod SHIFT CTRL, space, exec, makoctl restore"
"$mod SHIFT, space, exec, makoctl invoke"
"$mod, E, exec, thunar"
];
# Move/resize windows with mod + LMB/RMB and dragging
bindm = ["$mod, mouse:272, movewindow" "$mod, mouse:273, resizewindow"];
};
extraConfig = ''
animations {
enabled = yes
# Some default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more
bezier = myBezier, 0.05, 0.9, 0.1, 1.05
bezier = overshot, 0.05, 0.9, 0.1, 1.1
# name, onoff, speed, curve, style
animation = global, 1, 2, default
animation = fadeDim, 1, 2, default
animation = windowsOut, 1, 2, default, popin 80%
}
dwindle {
# See https://wiki.hyprland.org/Configuring/Dwindle-Layout/ for more
# master switch for pseudotiling. Enabling is bound to mod + P in the keybinds section below
pseudotile = yes
preserve_split = 1
no_gaps_when_only = true
}
master {
# See https://wiki.hyprland.org/Configuring/Master-Layout/ for more
new_is_master = true
}
gestures {
# See https://wiki.hyprland.org/Configuring/Variables/ for more
workspace_swipe = on
}
# Example per-device config
# See https://wiki.hyprland.org/Configuring/Keywords/#executing for more
# device:epic-mouse-v1 {
# sensitivity = -0.5
# }
# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
windowrulev2 = idleinhibit,class:^.*([Ss]lippi).*$
windowrulev2 = float,class:^.*([Kk]itty|[Ff]irefox|[Ww]ezterm|[Dd]iscord|[Ss]potify|[Ss]lack).*$
windowrulev2 = opacity 1.0 0.9,floating:1
windowrulev2 = opacity 0.0 override 0.0 override,class:^(xwaylandvideobridge)$
windowrulev2 = noanim,class:^(xwaylandvideobridge)$
windowrulev2 = noinitialfocus,class:^(xwaylandvideobridge)$
windowrulev2 = maxsize 1 1,class:^(xwaylandvideobridge)$
windowrulev2 = noblur,class:^(xwaylandvideobridge)$
'';
};
}

177
modules/home-manager/kitty.nix Normal file
View file

@ -0,0 +1,177 @@
{
colors,
font,
...
}: {
programs.kitty = {
enable = true;
darwinLaunchOptions = ["--single-instance"];
shellIntegration = {
enableFishIntegration = true;
};
settings = with colors.withHashPrefix; {
font_family = font.name;
bold_font = "${font.name} Heavy";
italic_font = "${font.name} Italic";
bold_italic_font = "${font.name} Heavy Italic";
font_size = toString font.size;
inactive_text_alpha = "0.5";
copy_on_select = true;
hide_window_decorations = "yes";
scrollback_lines = 500000;
symbol_map = "U+23FB-U+23FE,U+2665,U+26A1,U+2B58,U+E000-U+E00A,U+E0A0-U+E0A3,U+E0B0-U+E0D4,U+E200-U+E2A9,U+E300-U+E3E3,U+E5FA-U+E6AA,U+E700-U+E7C5,U+EA60-U+EBEB,U+F000-U+F2E0,U+F300-U+F32F,U+F400-U+F4A9,U+F500-U+F8FF,U+F0001-U+F1AF0 Symbols Nerd Font Mono";
# use `kitty + list-fonts --psnames` to get the font's PostScript name
allow_remote_control = true;
listen_on = "unix:/tmp/kitty";
repaint_delay = 3;
input_delay = 3;
sync_to_monitor = true;
adjust_line_height = 0;
window_padding_width = "10.0";
window_margin_width = "0.0";
confirm_os_window_close = 0;
enabled_layouts = "splits:split_axis=vertical,stack";
shell_integration = "disabled";
enable_audio_bell = true;
visual_bell_duration = "0.25";
visual_bell_color = bg3;
url_style = "single";
strip_trailing_spaces = "smart";
# open_url_modifiers ctrl
tab_bar_align = "left";
tab_bar_style = "separator";
tab_separator = ''""'';
tab_bar_edge = "bottom";
tab_title_template = ''"{fmt.fg.tab}{fmt.bg.tab} {activity_symbol}{title} "'';
active_tab_font_style = "normal";
## name: Catppuccin Kitty Mocha
## author: Catppuccin Org
## license: MIT
## upstream: https://github.com/catppuccin/kitty/blob/main/mocha.conf
## blurb: Soothing pastel theme for the high-spirited!
# The basic colors
foreground = text;
background = bg;
selection_foreground = bg;
selection_background = text;
# Cursor colors
cursor = text;
cursor_text_color = bg;
# URL underline color when hovering with mouse
url_color = primary;
# Kitty window border colors
active_border_color = primary;
inactive_border_color = bg3;
bell_border_color = urgent;
# OS Window titlebar colors
wayland_titlebar_color = "system";
macos_titlebar_color = "system";
# Tab bar colors
active_tab_foreground = bg;
active_tab_background = primary;
inactive_tab_foreground = fgdim;
inactive_tab_background = bg2;
tab_bar_background = bg;
# Colors for marks (marked text in the terminal)
mark1_foreground = bg;
mark1_background = blue;
mark2_foreground = bg;
mark2_background = purple;
mark3_foreground = bg;
mark3_background = blue;
# The 16 terminal colors
# black
color0 = colors.withHashPrefix."0";
color8 = colors.withHashPrefix."8";
# red
color1 = colors.withHashPrefix."1";
color9 = colors.withHashPrefix."9";
# green
color2 = colors.withHashPrefix."2";
color10 = colors.withHashPrefix."10";
# yellow
color3 = colors.withHashPrefix."3";
color11 = colors.withHashPrefix."11";
# blue
color4 = colors.withHashPrefix."4";
color12 = colors.withHashPrefix."12";
# magenta
color5 = colors.withHashPrefix."5";
color13 = colors.withHashPrefix."13";
# cyan
color6 = colors.withHashPrefix."6";
color14 = colors.withHashPrefix."14";
# white
color7 = colors.withHashPrefix."7";
color15 = colors.withHashPrefix."15";
};
keybindings = {
"ctrl+shift+1" = "change_font_size all 12.5";
"ctrl+shift+2" = "change_font_size all 18.5";
"ctrl+shift+3" = "change_font_size all 26";
"ctrl+shift+4" = "change_font_size all 32";
"ctrl+shift+5" = "change_font_size all 48";
"ctrl+shift+o" = "launch --type=tab --stdin-source=@screen_scrollback $EDITOR";
"ctrl+shift+equal" = "change_font_size all +0.5";
"ctrl+shift+minus" = "change_font_size all -0.5";
"shift+insert" = "paste_from_clipboard";
"ctrl+shift+v" = "paste_from_selection";
"ctrl+shift+c" = "copy_to_clipboard";
# kill pane
"ctrl+shift+q" = "close_window";
# kill tab
"ctrl+alt+shift+q" = "close_tab";
"ctrl+shift+j" = "launch --location=hsplit --cwd=current";
"ctrl+shift+l" = "launch --location=vsplit --cwd=current";
"ctrl+alt+shift+k" = "move_window up";
"ctrl+alt+shift+h" = "move_window left";
"ctrl+alt+shift+l" = "move_window right";
"ctrl+alt+shift+j" = "move_window down";
"ctrl+h" = "neighboring_window left";
"ctrl+l" = "neighboring_window right";
"ctrl+k" = "neighboring_window up";
"ctrl+j" = "neighboring_window down";
"ctrl+shift+h" = "nth_window -1";
"ctrl+shift+space>u" = "kitten hints --type=url --program @";
"ctrl+shift+z" = "toggle_layout stack";
};
};
}

32
modules/home-manager/mako.nix Normal file
View file

@ -0,0 +1,32 @@
{
colors,
font,
...
}: {
services.mako = with colors.withHashPrefix; {
enable = false;
anchor = "top-right";
extraConfig = ''
border-size=1
max-visible=5
default-timeout=15000
font=Symbols Nerd Font ${toString font.size},${font.name} ${toString font.size}
anchor=top-right
background-color=${colors.bg}
text-color=${colors.text}
border-color=${colors.primary}
progress-color=${colors.primary}
[urgency=high]
border-color=${urgent}
[urgency=high]
background-color=${urgent}
border-color=${urgent}
text-color=${bg}
'';
};
}

0
lib/modules/home/scripts/common/bin/? → modules/home-manager/scripts/common/bin/?
View file

0
lib/modules/home/scripts/common/bin/N → modules/home-manager/scripts/common/bin/N
View file

0
lib/modules/home/scripts/common/bin/archive → modules/home-manager/scripts/common/bin/archive
View file

0
lib/modules/home/scripts/common/bin/at → modules/home-manager/scripts/common/bin/at
View file

0
lib/modules/home/scripts/common/bin/bp → modules/home-manager/scripts/common/bin/bp
View file

0
lib/modules/home/scripts/common/bin/check-domain-availability → modules/home-manager/scripts/common/bin/check-domain-availability
View file

0
lib/modules/home/scripts/common/bin/check-port → modules/home-manager/scripts/common/bin/check-port
View file

0
lib/modules/home/scripts/common/bin/clip → modules/home-manager/scripts/common/bin/clip
View file

0
lib/modules/home/scripts/common/bin/clipshot → modules/home-manager/scripts/common/bin/clipshot
View file

0
lib/modules/home/scripts/common/bin/copy-git-forge-url → modules/home-manager/scripts/common/bin/copy-git-forge-url
View file

24
modules/home-manager/scripts/common/bin/countdown Executable file
View file

@ -0,0 +1,24 @@
#!/usr/bin/env bash
function usage {
echo "countdown - exit after a certain amount of time has passed"
echo " Usage:"
echo " countdown <SECONDS> && command..."
echo
echo " Examples:"
echo ' countdown 120 && echo "Two minutes has elapsed!"'
}
[[ $# -lt 1 ]] && { printf "error: no SECONDS argument provided\n" >&2; usage; exit 1; }
d=$(($(date +%s) + $1));
printf 'Started at %s\n' "$(date)"
while [[ "$d" -ge "$(date +%s)" ]]; do
_dt=$((d - $(date +%s)))
days=$((_dt / 86400))
printf "\r%sd %s " "$days" "$(date -u --date @$((_dt)) +%H:%M:%S)";
sleep 0.1
done
printf "\rCountdown finished %s\n" "$(date)"

0
lib/modules/home/scripts/common/bin/dns → modules/home-manager/scripts/common/bin/dns
View file

0
lib/modules/home/scripts/common/bin/dns-cleaner → modules/home-manager/scripts/common/bin/dns-cleaner
View file

0
lib/modules/home/scripts/common/bin/dns-deleter → modules/home-manager/scripts/common/bin/dns-deleter
View file

0
lib/modules/home/scripts/common/bin/dns-deleter-matching → modules/home-manager/scripts/common/bin/dns-deleter-matching
View file

0
lib/modules/home/scripts/common/bin/docker-compose → modules/home-manager/scripts/common/bin/docker-compose
View file

0
lib/modules/home/scripts/common/bin/editscrot → modules/home-manager/scripts/common/bin/editscrot
View file

0
lib/modules/home/scripts/common/bin/email-via-mailgun-smtp → modules/home-manager/scripts/common/bin/email-via-mailgun-smtp
View file

0
lib/modules/home/scripts/common/bin/emoji → modules/home-manager/scripts/common/bin/emoji
View file

0
lib/modules/home/scripts/common/bin/ezln → modules/home-manager/scripts/common/bin/ezln
View file

0
lib/modules/home/scripts/common/bin/field → modules/home-manager/scripts/common/bin/field
View file

0
lib/modules/home/scripts/common/bin/getip → modules/home-manager/scripts/common/bin/getip
View file

0
lib/modules/home/scripts/common/bin/git-authors → modules/home-manager/scripts/common/bin/git-authors
View file

0
lib/modules/home/scripts/common/bin/gitforge-url.ts → modules/home-manager/scripts/common/bin/gitforge-url.ts
View file

0
lib/modules/home/scripts/common/bin/glancepath → modules/home-manager/scripts/common/bin/glancepath
View file

0
lib/modules/home/scripts/common/bin/good-morning → modules/home-manager/scripts/common/bin/good-morning
View file

0
lib/modules/home/scripts/common/bin/has_command → modules/home-manager/scripts/common/bin/has_command
View file

0
lib/modules/home/scripts/common/bin/is_wayland → modules/home-manager/scripts/common/bin/is_wayland
View file

Some files were not shown because too many files have changed in this diff Show more