lytedev/nix
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: lytedev:main
Branches Tags
lytedev:main
lytedev:booting
lytedev:zelllij
lytedev:logo
lytedev:pinephone
lytedev:beefcake-revival
lytedev:wezterm
lytedev:fix-api-lyte-dev
lytedev:tear-it-up
lytedev:wip-no-special-args
lytedev:kde
lytedev:reorg
lytedev:reduce-common
lytedev:template
..
compare: lytedev:tear-it-up
Branches Tags
lytedev:main
lytedev:booting
lytedev:zelllij
lytedev:logo
lytedev:pinephone
lytedev:beefcake-revival
lytedev:wezterm
lytedev:fix-api-lyte-dev
lytedev:tear-it-up
lytedev:wip-no-special-args
lytedev:kde
lytedev:reorg
lytedev:reduce-common
lytedev:template

1 commit
main ... tear-it-up

Author SHA1 Message Date
Daniel Flanagan
97fcd6a9e5
Tearin' it up 2024-02-20 17:19:08 -06:00
283 changed files with 7615 additions and 13236 deletions
Show stats Expand all files Collapse all files

2
.envrc
View file

@ -1,2 +0,0 @@
nix_direnv_manual_reload
use flake

41
.forgejo/workflows/nix-build.yaml
View file

@ -1,41 +0,0 @@
on: [push]
jobs:
check:
runs-on: nixos-host
steps:
- name: Checkout
uses: actions/checkout@v3
# cache not needed since we now run on the host directly
# - name: Load cached nix store
# id: cache-nix-store
# uses: actions/cache/restore@v4
# with:
# path: /nix/store
# key: ${{ runner.os }}-nix-store
- name: Build server
run: |
nix shell nixpkgs#nixos-rebuild -c nixos-rebuild build --flake .#beefcake
- name: Build router
run: |
nix shell nixpkgs#nixos-rebuild -c nixos-rebuild build --flake .#router
- name: Build desktop
run: |
nix shell nixpkgs#nixos-rebuild -c nixos-rebuild build --flake .#dragon
- name: Build laptop
run: |
nix shell nixpkgs#nixos-rebuild -c nixos-rebuild build --flake .#foxtrot
- name: Build default devShell
run: |
nix develop . --build
# - name: Save nix store
# uses: actions/cache/save@v4
# with:
# path: /nix/store
# key: ${{ steps.cache-nix-store.outputs.cache-primary-key }}

25
.forgejo/workflows/nix-flake-check.yaml
View file

@ -1,25 +0,0 @@
on: [push]
jobs:
check:
runs-on: nixos-host
steps:
- name: Checkout
uses: actions/checkout@v3
# cache not needed since we now run on the host directly
# - name: Load cached nix store
# id: cache-nix-store
# uses: actions/cache/restore@v4
# with:
# path: /nix/store
# key: ${{ runner.os }}-nix-store
- name: Check nix flake
run: |
nix flake check
# - name: Save nix store
# uses: actions/cache/save@v4
# with:
# path: /nix/store
# key: ${{ steps.cache-nix-store.outputs.cache-primary-key }}

6
.gitignore vendored
View file

@ -1,7 +1,3 @@
/.direnv
result
.pre-commit-config.yaml
*.log
result
*.qcow2

10
.helix/languages.toml
View file

@ -1,10 +0,0 @@
[[language]]
auto-format = true
file-types = ["nix"]
name = "nix"
scope = "source.nix"
language-servers = ["nixd", "nil"]
[language.formatter]
args = ["-"]
command = "nixfmt"

33
.sops.yaml
View file

@ -1,20 +1,6 @@
keys:
# list any public keys here
# if you need the private key, refer to the readme
# pass age-key | rg '# pub'
- &daniel age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45
# per-host keys can be derived from a target host's ssh keys like so:
# ssh host "nix shell nixpkgs#ssh-to-age -c $SHELL -c 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'"
- &sshd-at-beefcake age1etv56f7kf78a55lxqtydrdd32dpmsjnxndf4u28qezxn6p7xt9esqvqdq7
- &sshd-at-router age1zd7c3g5d20shdftq8ghqm0r92488dg4pdp4gulur7ex3zx2yq35ssxawpn
- &sshd-at-dragon age14ewl97x5g52ajf269cmmwzrgf22m9dsr7mw7czfa356qugvf4gvq5dttfv
- &ssh-foxtrot age1njnet9ltjuxasqv3ckn67r5natke6xgd8wlx8psf64pyc4duvurqhedw80
# after updating this file, you may need to update the keys for any associated files like so:
# sops updatekeys secrets.file
- &daniel age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45 # pass age-key | rg '# pub'
- &sshd-at-beefcake age1k8s590x34ghz7yrjyrgzkd24j252srf0mhfy34halp4frwr065csrlt2ev # ssh beefcake "nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'"
creation_rules:
- path_regex: secrets/[^/]+\.(ya?ml|json|env|ini)$
key_groups:
@ -25,18 +11,3 @@ creation_rules:
- age:
- *daniel
- *sshd-at-beefcake
- path_regex: secrets/router/[^/]+\.(ya?ml|json|env|ini)$
key_groups:
- age:
- *daniel
- *sshd-at-router
- path_regex: secrets/dragon/[^/]+\.(ya?ml|json|env|ini)$
key_groups:
- age:
- *daniel
- *sshd-at-dragon
- path_regex: secrets/foxtrot/[^/]+\.(ya?ml|json|env|ini)$
key_groups:
- age:
- *daniel
- *ssh-foxtrot

214
disko/default.nix Normal file
View file

@ -0,0 +1,214 @@
{
standard = {disks ? ["/dev/vda"], ...}: {
# this is my standard partitioning scheme for my machines: an LUKS-encrypted
# btrfs volume
disko.devices = {
disk = {
primary = {
type = "disk";
device = builtins.elemAt disks 0;
content = {
type = "gpt";
partitions = {
ESP = {
label = "EFI";
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
extraOpenArgs = ["--allow-discards"];
# if you want to use the key for interactive login be sure there is no trailing newline
# for example use `echo -n "password" > /tmp/secret.key`
keyFile = "/tmp/secret.key"; # Interactive
# settings.keyFile = "/tmp/password.key";
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = ["compress=zstd" "noatime"];
};
"/home" = {
mountpoint = "/home";
mountOptions = ["compress=zstd" "noatime"];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = ["compress=zstd" "noatime"];
};
};
};
};
};
};
};
};
};
};
};
# TODO: figure out what I can't have an optiona/default 'name' attribute here so I can DRY with "standard"
thinker = {disks ? ["/dev/vda"], ...}: {
disko.devices = {
disk = {
vdb = {
type = "disk";
device = builtins.elemAt disks 0;
content = {
type = "gpt";
partitions = {
ESP = {
label = "EFI";
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
extraOpenArgs = ["--allow-discards"];
# if you want to use the key for interactive login be sure there is no trailing newline
# for example use `echo -n "password" > /tmp/secret.key`
keyFile = "/tmp/secret.key"; # Interactive
# settings.keyFile = "/tmp/password.key";
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = ["compress=zstd" "noatime"];
};
"/home" = {
mountpoint = "/home";
mountOptions = ["compress=zstd" "noatime"];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = ["compress=zstd" "noatime"];
};
};
};
};
};
};
};
};
};
};
};
unencrypted = {disks ? ["/dev/vda"], ...}: {
disko.devices = {
disk = {
primary = {
type = "disk";
device = builtins.elemAt disks 0;
content = {
type = "gpt";
partitions = {
ESP = {
label = "EFI";
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [];
};
"/home" = {
mountpoint = "/home";
mountOptions = ["compress=zstd"];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = ["compress=zstd" "noatime"];
};
};
};
};
};
};
};
};
};
};
legacy = {disks ? ["/dev/vda"], ...}: {
disko.devices = {
disk = {
primary = {
device = builtins.elemAt disks 0;
type = "disk";
content = {
type = "table";
format = "gpt";
partitions = [
{
label = "EFI";
name = "ESP";
size = "512M";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
}
{
name = "root";
start = "500M";
end = "100%";
part-type = "primary";
bootable = true;
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
}
];
};
};
};
};
};
}

508
flake.lock generated
View file

@ -1,28 +1,45 @@
{
"nodes": {
"colmena": {
"api-lyte-dev": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nix-github-actions": "nix-github-actions",
"lexical": "lexical",
"nixpkgs": [
"nixpkgs-unstable"
],
"stable": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1739900653,
"narHash": "sha256-hPSLvw6AZQYrZyGI6Uq4XgST7benF/0zcCpugn/P0yM=",
"owner": "zhaofengli",
"repo": "colmena",
"rev": "2370d4336eda2a9ef29fce10fa7076ae011983ab",
"lastModified": 1699311919,
"narHash": "sha256-TvctRO/lO+lvjN6LbxJaj+jizFK+PoZqC1ZAYY2+GTo=",
"ref": "refs/heads/master",
"rev": "5096ec7e3a7f9ba4ea661d089e6b0fc4f7ab2992",
"revCount": 78,
"type": "git",
"url": "ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git"
},
"original": {
"type": "git",
"url": "ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git"
}
},
"crane": {
"inputs": {
"nixpkgs": [
"helix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1701025348,
"narHash": "sha256-42GHmYH+GF7VjwGSt+fVT1CQuNpGanJbNgVHTAZppUM=",
"owner": "ipetkov",
"repo": "crane",
"rev": "42afaeb1a0325194a7cdb526332d2cb92fddd07b",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"repo": "colmena",
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
@ -33,11 +50,11 @@
]
},
"locked": {
"lastModified": 1740485968,
"narHash": "sha256-WK+PZHbfDjLyveXAxpnrfagiFgZWaTJglewBWniTn2Y=",
"lastModified": 1708305517,
"narHash": "sha256-WYnEspeTTksC21obnnxWOGOAQbnBD0GES0S0XOLsJjs=",
"owner": "nix-community",
"repo": "disko",
"rev": "19c1140419c4f1cdf88ad4c1cfb6605597628940",
"rev": "1ae1f57dad13595600dd57b6a55fcbaef6673804",
"type": "github"
},
"original": {
@ -47,77 +64,16 @@
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1650374568,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_4": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"lastModified": 1689068808,
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
"type": "github"
},
"original": {
@ -128,14 +84,14 @@
},
"flake-utils_2": {
"inputs": {
"systems": "systems"
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"lastModified": 1692799911,
"narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44",
"type": "github"
},
"original": {
@ -146,14 +102,14 @@
},
"flake-utils_3": {
"inputs": {
"systems": "systems_2"
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
@ -162,151 +118,34 @@
"type": "github"
}
},
"ghostty": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_2",
"nixpkgs-stable": [
"nixpkgs"
],
"nixpkgs-unstable": [
"nixpkgs-unstable"
],
"zig": "zig",
"zig2nix": "zig2nix"
},
"locked": {
"lastModified": 1741367989,
"narHash": "sha256-dmj/WSHXb8S8dNOtDV+NoaCnPGzGGvaI0zeSenzFLDY=",
"owner": "ghostty-org",
"repo": "ghostty",
"rev": "77e16770cc97bc69d9678d1f340dc5be5859a1d8",
"type": "github"
},
"original": {
"owner": "ghostty-org",
"repo": "ghostty",
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": "flake-compat_3",
"gitignore": "gitignore",
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1741360107,
"narHash": "sha256-QKp83UTH0hGc7TYkQdX5JdagvBnP5169WyxXkMrkPqY=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "fcea91603f24a41113c1b9e4043510b1b96e10bb",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"git-hooks_2": {
"inputs": {
"flake-compat": "flake-compat_4",
"gitignore": "gitignore_2",
"nixpkgs": [
"slippi",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1721042469,
"narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "f451c19376071a90d8c58ab1a953c6e9840527fd",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_2": {
"inputs": {
"nixpkgs": [
"slippi",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"hardware": {
"locked": {
"lastModified": 1741325094,
"narHash": "sha256-RUAdT8dZ6k/486vnu3tiNRrNW6+Q8uSD2Mq7gTX4jlo=",
"owner": "NixOS",
"lastModified": 1708091350,
"narHash": "sha256-o28BJYi68qqvHipT7V2jkWxDiMS1LF9nxUsou+eFUPQ=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "b48cc4dab0f9711af296fc367b6108cf7b8ccb16",
"rev": "106d3fec43bcea19cb2e061ca02531d54b542ce3",
"type": "github"
},
"original": {
"owner": "NixOS",
"owner": "nixos",
"repo": "nixos-hardware",
"type": "github"
}
},
"helix": {
"inputs": {
"crane": "crane",
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs-unstable"
],
"nixpkgs": "nixpkgs",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1741367193,
"narHash": "sha256-UWB5MFIZiTbC4G+hBqbjU6v18D6/bPWOImQ8oWL2NWc=",
"lastModified": 1708348106,
"narHash": "sha256-CWmdEWqzPYYGqPJcrGJHMTXo+b4oMp/QGzKGKnvwDB0=",
"owner": "helix-editor",
"repo": "helix",
"rev": "8da226f0b4297ca8f8b0ce8fdba4363b6bdb2aee",
"rev": "cdef4f8a701f921c29fdfe66f104a2edac7fe05c",
"type": "github"
},
"original": {
@ -323,155 +162,119 @@
]
},
"locked": {
"lastModified": 1739757849,
"narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=",
"lastModified": 1708294481,
"narHash": "sha256-DZtxmeb4OR7iCaKUUuq05ADV2rX8WReZEF7Tq//W0+Y=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe",
"rev": "a54e05bc12d88ff2df941d0dc1183cb5235fa438",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.11",
"ref": "master",
"repo": "home-manager",
"type": "github"
}
},
"home-manager-unstable": {
"lexical": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1741345870,
"narHash": "sha256-KTpoO4oaucdFr3oJJBYpGK+aWVVrLvtiT17EQE7Cf4Y=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "04c915bcf1a1eac3519372ff3185beef053fba7c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"mobile-nixos": {
"flake": false,
"locked": {
"lastModified": 1728423157,
"narHash": "sha256-pJaC+Aef6oixhV6HdWPS2Pq/TgHxEN+MPLYUjighWYI=",
"owner": "lytedev",
"repo": "mobile-nixos",
"rev": "b2c496bbcebc85a28d1d939b56bd331536bd1ac4",
"type": "github"
},
"original": {
"owner": "lytedev",
"repo": "mobile-nixos",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"colmena",
"api-lyte-dev",
"nixpkgs"
]
},
"locked": {
"lastModified": 1729742964,
"narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
"lastModified": 1699016103,
"narHash": "sha256-8uMDgg/YnyaSn8IvlG14PVSCHQl6ZHdgB8CWNDnYd5s=",
"owner": "lexical-lsp",
"repo": "lexical",
"rev": "059bbbe516a4dff66bc3febc953ac2eddabc78a4",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"owner": "lexical-lsp",
"repo": "lexical",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1741196730,
"narHash": "sha256-0Sj6ZKjCpQMfWnN0NURqRCQn2ob7YtXTAOTwCuz7fkA=",
"owner": "NixOS",
"lastModified": 1700794826,
"narHash": "sha256-RyJTnTNKhO0yqRpDISk03I/4A67/dp96YRxc86YOPgU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "48913d8f9127ea6530a2a2f1bd4daa1b8685d8a3",
"rev": "5a09cb4b393d58f9ed0d9ca1555016a8543c2ac8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"nixpkgs_2": {
"locked": {
"lastModified": 1720386169,
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
"owner": "NixOS",
"lastModified": 1708118438,
"narHash": "sha256-kk9/0nuVgA220FcqH/D2xaN6uGyHp/zoxPNUmPCMmEE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
"rev": "5863c27340ba4de8f83e7e3c023b9599c3cb3c80",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"nixpkgs_3": {
"locked": {
"lastModified": 1741310760,
"narHash": "sha256-aizILFrPgq/W53Jw8i0a1h1GZAAKtlYOrG/A5r46gVM=",
"lastModified": 1708296515,
"narHash": "sha256-FyF489fYNAUy7b6dkYV6rGPyzp+4tThhr80KNAaF/yY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "de0fe301211c267807afd11b12613f5511ff7433",
"rev": "b98a4e1746acceb92c509bc496ef3d0e5ad8d4aa",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"colmena": "colmena",
"api-lyte-dev": "api-lyte-dev",
"disko": "disko",
"ghostty": "ghostty",
"git-hooks": "git-hooks",
"hardware": "hardware",
"helix": "helix",
"home-manager": "home-manager",
"home-manager-unstable": "home-manager-unstable",
"mobile-nixos": "mobile-nixos",
"nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable",
"slippi": "slippi",
"sops-nix": "sops-nix"
"nixpkgs": "nixpkgs_2",
"sops-nix": "sops-nix",
"ssbm": "ssbm"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": [
"helix",
"flake-utils"
],
"nixpkgs": [
"helix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1740623427,
"narHash": "sha256-3SdPQrZoa4odlScFDUHd4CUPQ/R1gtH4Mq9u8CBiK8M=",
"lastModified": 1701137803,
"narHash": "sha256-0LcPAdql5IhQSUXJx3Zna0dYTgdIoYO7zUrsKgiBd04=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "d342e8b5fd88421ff982f383c853f0fc78a847ab",
"rev": "9dd940c967502f844eacea52a61e9596268d4f70",
"type": "github"
},
"original": {
@ -480,42 +283,37 @@
"type": "github"
}
},
"slippi": {
"inputs": {
"git-hooks": "git-hooks_2",
"home-manager": [
"home-manager-unstable"
],
"nixpkgs": [
"nixpkgs-unstable"
]
},
"slippi-desktop": {
"flake": false,
"locked": {
"lastModified": 1740447190,
"narHash": "sha256-zEba7ZbPwpYxdVo9bMwWx2ba55H+X59hB0qChqn2R0M=",
"owner": "lytedev",
"repo": "slippi-nix",
"rev": "44a27a202d43e6cf05e8ed32bf69c35d3aca647e",
"lastModified": 1707981080,
"narHash": "sha256-Qd1jLAXWvxA5SHcafgHFRs1+XYz8yXLdQ27+qZ8MYxk=",
"owner": "project-slippi",
"repo": "slippi-desktop-app",
"rev": "16ab255406f7ab86846a7786ff15e3543501397c",
"type": "github"
},
"original": {
"owner": "lytedev",
"repo": "slippi-nix",
"owner": "project-slippi",
"repo": "slippi-desktop-app",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs-unstable"
"nixpkgs"
],
"nixpkgs-stable": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1741043164,
"narHash": "sha256-9lfmSZLz6eq9Ygr6cCmvQiiBEaPb54pUBcjvbEMPORc=",
"lastModified": 1708225343,
"narHash": "sha256-Q0uVUOfumc1DcKsIJIfMCHph08MjkOvZxvPb/Vi8hWw=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "3f2412536eeece783f0d0ad3861417f347219f4d",
"rev": "ffed177a9d2c685901781c3c6c9024ae0ffc252b",
"type": "github"
},
"original": {
@ -524,6 +322,25 @@
"type": "github"
}
},
"ssbm": {
"inputs": {
"nixpkgs": "nixpkgs_3",
"slippi-desktop": "slippi-desktop"
},
"locked": {
"lastModified": 1708119120,
"narHash": "sha256-SuZbD4eGwS9OYeGL0V9uPVsW2SyL7MbLXBd5rngZB4c=",
"owner": "lytedev",
"repo": "ssbm-nix",
"rev": "041f495ab6446e6edd22c1a5fbd48dd704c5b9a6",
"type": "github"
},
"original": {
"owner": "lytedev",
"repo": "ssbm-nix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
@ -554,57 +371,18 @@
"type": "github"
}
},
"zig": {
"inputs": {
"flake-compat": [
"ghostty"
],
"flake-utils": [
"ghostty",
"flake-utils"
],
"nixpkgs": [
"ghostty",
"nixpkgs-stable"
]
},
"systems_3": {
"locked": {
"lastModified": 1738239110,
"narHash": "sha256-Y5i9mQ++dyIQr+zEPNy+KIbc5wjPmfllBrag3cHZgcE=",
"owner": "mitchellh",
"repo": "zig-overlay",
"rev": "1a8fb6f3a04724519436355564b95fce5e272504",
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "mitchellh",
"repo": "zig-overlay",
"type": "github"
}
},
"zig2nix": {
"inputs": {
"flake-utils": [
"ghostty",
"flake-utils"
],
"nixpkgs": [
"ghostty",
"nixpkgs-stable"
]
},
"locked": {
"lastModified": 1738263917,
"narHash": "sha256-j/3fwe2pEOquHabP/puljOKwAZFjIE9gXZqA91sC48M=",
"owner": "jcollie",
"repo": "zig2nix",
"rev": "c311d8e77a6ee0d995f40a6e10a89a3a4ab04f9a",
"type": "github"
},
"original": {
"owner": "jcollie",
"ref": "c311d8e77a6ee0d995f40a6e10a89a3a4ab04f9a",
"repo": "zig2nix",
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}

222
flake.nix
View file

@ -1,116 +1,166 @@
{
outputs =
inputs:
let
lib = import ./lib inputs;
uGenPkgs = lib.genPkgs inputs.nixpkgs-unstable;
in
{
packages = uGenPkgs (import ./packages);
nixosConfigurations = import ./packages/hosts inputs;
# homeConfigurations = import ./packages/home inputs;
templates = import ./lib/templates;
diskoConfigurations = import ./lib/disko inputs;
checks = uGenPkgs (import ./packages/checks inputs);
devShells = uGenPkgs (import ./packages/shells inputs);
nixosModules = import ./lib/modules/nixos inputs;
homeManagerModules = import ./lib/modules/home inputs;
overlays = import ./lib/overlays inputs;
formatter = uGenPkgs (p: p.nixfmt-rfc-style);
colmena = import ./lib/colmena inputs;
colmenaHive = inputs.colmena.lib.makeHive inputs.self.outputs.colmena;
/*
TODO: nix-on-droid for phone terminal usage? mobile-nixos?
TODO: nix-darwin for work?
TODO: nixos ISO?
*/
}
// (import ./lib/constants.nix inputs)
// {
flakeLib = lib;
};
inputs = {
# stable inputs
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
home-manager.url = "github:nix-community/home-manager/release-24.11";
home-manager.url = "github:nix-community/home-manager/master";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
# "unstable" inputs
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
hardware.url = "github:NixOS/nixos-hardware";
helix.url = "github:helix-editor/helix/master";
# I think if I force this to follow nixpkgs, I won't get caching benefits?
# helix.inputs.nixpkgs.follows = "nixpkgs";
disko.url = "github:nix-community/disko/master";
disko.inputs.nixpkgs.follows = "nixpkgs";
sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs-unstable";
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs";
git-hooks.url = "github:cachix/git-hooks.nix";
git-hooks.inputs.nixpkgs.follows = "nixpkgs-unstable";
hardware.url = "github:nixos/nixos-hardware";
# hardware.inputs.nixpkgs.follows = "nixpkgs";
home-manager-unstable.url = "github:nix-community/home-manager";
home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs-unstable";
# hyprland.url = "github:hyprwm/Hyprland";
# hyprland.inputs.nixpkgs.follows = "nixpkgs";
helix.url = "github:helix-editor/helix/master";
helix.inputs.nixpkgs.follows = "nixpkgs-unstable";
api-lyte-dev.url = "git+ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git";
api-lyte-dev.inputs.nixpkgs.follows = "nixpkgs";
slippi.url = "github:lytedev/slippi-nix";
# slippi.url = "git+file:///home/daniel/code/open-source/slippi-nix"; # used during flake development
slippi.inputs.nixpkgs.follows = "nixpkgs-unstable";
slippi.inputs.home-manager.follows = "home-manager-unstable";
ssbm.url = "github:lytedev/ssbm-nix";
# ssbm.inputs.nixpkgs.follows = "nixpkgs";
# jovian.url = "github:Jovian-Experiments/Jovian-NixOS/development";
# jovian.inputs.nixpkgs.follows = "nixpkgs-unstable";
ghostty.url = "github:ghostty-org/ghostty";
ghostty.inputs.nixpkgs-unstable.follows = "nixpkgs-unstable";
ghostty.inputs.nixpkgs-stable.follows = "nixpkgs";
colmena.url = "github:zhaofengli/colmena";
colmena.inputs.nixpkgs.follows = "nixpkgs-unstable";
colmena.inputs.stable.follows = "nixpkgs";
# nnf.url = "github:thelegy/nixos-nftables-firewall?rev=71fc2b79358d0dbacde83c806a0f008ece567b7b";
mobile-nixos = {
url = "github:lytedev/mobile-nixos";
flake = false;
};
# TODO: doesn't (can't?) support the forge mod loader yet
# nix-minecraft.url = "github:Infinidoge/nix-minecraft";
};
nixConfig = {
extra-experimental-features = [
"nix-command"
"flakes"
];
extra-experimental-features = ["nix-command" "flakes"];
extra-substituters = [
"https://cache.nixos.org/"
"https://helix.cachix.org"
# "https://ssbm-nix.cachix.org"
"https://nix-community.cachix.org"
"https://nix.h.lyte.dev"
# since we are forcing most inputs to follow our nixpkgs, we don't bother settings up caches and just use our own
# "https://helix.cachix.org"
# "https://ghostty.cachix.org"
];
extra-trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
# "ssbm-nix.cachix.org-1:YN104LKAWaKQIecOphkftXgXlYZVK/IRHM1UD7WAIew="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"h.lyte.dev-2:te9xK/GcWPA/5aXav8+e5RHImKYMug8hIIbhHsKPN0M="
# "helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
# "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
# "ghostty.cachix.org-1:QB389yTa6gTyneehvqG58y0WnHjQOqgnA+wBnpWWxns="
"h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0="
];
};
outputs = {
self,
nixpkgs,
home-manager,
sops-nix,
disko,
...
}: let
inherit (self) outputs;
systems = [
"aarch64-linux"
"aarch64-darwin"
"x86_64-darwin"
"x86_64-linux"
];
forAllSystems = nixpkgs.lib.genAttrs systems;
in {
colors = (import ./lib/colors.nix {inherit (nixpkgs) lib;}).schemes.catppuccin-mocha-sapphire;
# colors = (import ./lib/colors.nix inputs).color-schemes.donokai;
font = {
name = "IosevkaLyteTerm";
size = 12;
};
# Your custom packages
# Acessible through 'nix build', 'nix shell', etc
packages = forAllSystems (system: import ./pkgs {pkgs = nixpkgs.legacyPackages.${system};});
# Formatter for your nix files, available through 'nix fmt'
# Other options beside 'alejandra' include 'nixpkgs-fmt'
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
# Your custom packages and modifications, exported as overlays
overlays = import ./overlays;
# Reusable nixos modules you might want to export
# These are usually stuff you would upstream into nixpkgs
nixosModules = import ./modules/nixos;
# Reusable home-manager modules you might want to export
# These are usually stuff you would upstream into home-manager
homeManagerModules = import ./modules/home-manager;
# TODO: nix-on-droid for phone terminal usage?
# TODO: nix-darwin for work?
# TODO: nixos ISO?
# Disk partition schemes and functions
diskoConfigurations = import ./disko;
# Flake templates for easily setting up Nix in a project using common patterns I like
templates = import ./templates/all.nix;
# NixOS configuration entrypoint
# Available through 'nixos-rebuild --flake .#your-hostname'
nixosConfigurations = builtins.mapAttrs (name: {
system,
modules,
...
}:
nixpkgs.lib.nixosSystem {
inherit system;
modules =
[
sops-nix.nixosModules.sops
disko.nixosModules.disko
home-manager.nixosModules.home-manager
self.nixosModules.common
]
++ modules;
}) (import ./nixos);
# Standalone home-manager configuration entrypoint
# Available through 'home-manager --flake .#your-username@your-hostname'
homeConfigurations = {
# TODO: non-system-specific home configurations?
"deck" = let
system = "x86_64-linux";
in
home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.${system};
modules = with outputs.homeManagerModules; [
common
{
home.homeDirectory = "/home/deck";
home.username = "deck";
home.stateVersion = "24.05";
}
linux
];
};
workm1 = let
system = "aarch64-darwin";
in
home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.${system};
modules = with outputs.homeManagerModules; [
common
{
home.homeDirectory = "/Users/daniel.flanagan";
home.username = "daniel.flanagan";
home.stateVersion = "24.05";
}
macos
];
};
};
};
}

70
lib/colmena/default.nix
View file

@ -1,70 +0,0 @@
{
home-manager,
nixpkgs-unstable,
self,
...
}@inputs:
{
meta =
let
nixpkgsSet =
nixpkgs:
(import nixpkgs {
system = "x86_64-linux";
overlays = [ self.outputs.flakeLib.forSelfOverlay ];
});
nixpkgs = nixpkgsSet nixpkgs-unstable;
stable = nixpkgsSet nixpkgs;
in
{
inherit nixpkgs;
nodeNixpkgs = {
# router = stable;
beefcake = stable;
};
specialArgs = {
inherit home-manager;
hardware = inputs.hardware.outputs.nixosModules;
diskoConfigurations = inputs.self.outputs.diskoConfigurations;
};
};
# TODO: setup builders?
foxtrot =
{
# name,
# nodes,
# pkgs,
...
}:
{
deployment = {
# Allow local deployment with `colmena apply-local`
allowLocalDeployment = true;
# Disable SSH deployment. This node will be skipped in a
# normal`colmena apply`.
targetHost = null;
};
imports = [
inputs.self.outputs.nixosModules.default
(import ./../../packages/hosts/foxtrot.nix)
];
# boot.isContainer = true;
# time.timeZone = nodes.host-b.config.time.timeZone;
};
beefcake =
{ ... }:
{
deployment = {
buildOnTarget = true;
};
imports = [
inputs.self.outputs.nixosModules.default
(import ./../../packages/hosts/beefcake.nix)
];
};
}

190
lib/colors.nix
View file

@ -1,104 +1,102 @@
{ lib, ... }:
{
schemes =
let
mkColorScheme =
scheme@{
scheme-name,
bg,
bg2,
bg3,
bg4,
bg5,
fg,
fg2,
fg3,
fgdim,
# pink,
purple,
red,
orange,
yellow,
green,
# teal,
blue,
}:
let
base = {
text = fg;
primary = blue;
urgent = red;
{lib, ...}: {
schemes = let
mkColorScheme = scheme @ {
scheme-name,
bg,
bg2,
bg3,
bg4,
bg5,
fg,
fg2,
fg3,
fgdim,
# pink,
purple,
red,
orange,
yellow,
green,
# teal,
blue,
}: let
base =
{
# aliases?
text = fg;
primary = blue;
urgent = red;
# blacks
"0" = bg4;
"8" = bg5;
# blacks
"0" = bg4;
"8" = bg5;
"1" = red;
"9" = red;
"2" = green;
"10" = green;
"3" = orange;
"11" = orange;
"4" = blue;
"12" = blue;
"5" = purple;
"13" = purple;
"6" = yellow;
"14" = yellow;
"1" = red;
"9" = red;
"2" = green;
"10" = green;
"3" = orange;
"11" = orange;
"4" = blue;
"12" = blue;
"5" = purple;
"13" = purple;
"6" = yellow;
"14" = yellow;
# whites
"7" = fg2;
"15" = fg3;
} // scheme;
in
base
// {
withHashPrefix = lib.mapAttrs (_: value: "#${value}") base;
};
# whites
"7" = fg2;
"15" = fg3;
}
// scheme;
in
{
donokai = mkColorScheme {
scheme-name = "donokai";
bg = "110f0a";
bg2 = "181818";
bg3 = "222222";
bg4 = "292929";
bg5 = "333333";
{
withHashPrefix = lib.mapAttrs (_: value: "#${value}") base;
}
// base;
in {
donokai = mkColorScheme {
scheme-name = "donokai";
bg = "111111";
bg2 = "181818";
bg3 = "222222";
bg4 = "292929";
bg5 = "333333";
fg = "f8f8f8";
fg2 = "d8d8d8";
fg3 = "c8c8c8";
fgdim = "666666";
fg = "f8f8f8";
fg2 = "d8d8d8";
fg3 = "c8c8c8";
fgdim = "666666";
red = "f92672";
green = "a6e22e";
yellow = "f4bf75";
blue = "66d9ef";
purple = "ae81ff";
# teal = "a1efe4";
orange = "fab387";
};
catppuccin-mocha-sapphire = mkColorScheme {
scheme-name = "catppuccin-mocha-sapphire";
bg = "1e1e2e";
bg2 = "181825";
bg3 = "313244";
bg4 = "45475a";
bg5 = "585b70";
fg = "cdd6f4";
fg2 = "bac2de";
fg3 = "a6adc8";
fgdim = "6c7086";
# pink = "f5e0dc";
purple = "cba6f7";
red = "f38ba8";
orange = "fab387";
yellow = "f9e2af";
green = "a6e3a1";
# teal = "94e2d5";
blue = "74c7ec";
};
red = "f92672";
green = "a6e22e";
yellow = "f4bf75";
blue = "66d9ef";
purple = "ae81ff";
# teal = "a1efe4";
orange = "fab387";
};
catppuccin-mocha-sapphire = mkColorScheme {
scheme-name = "catppuccin-mocha-sapphire";
bg = "1e1e2e";
bg2 = "181825";
bg3 = "313244";
bg4 = "45475a";
bg5 = "585b70";
fg = "cdd6f4";
fg2 = "bac2de";
fg3 = "a6adc8";
fgdim = "6c7086";
# pink = "f5e0dc";
purple = "cba6f7";
red = "f38ba8";
orange = "fab387";
yellow = "f9e2af";
green = "a6e3a1";
# teal = "94e2d5";
blue = "74c7ec";
};
};
}

21
lib/constants.nix
View file

@ -1,21 +0,0 @@
{ nixpkgs, ... }:
{
style = {
colors = (import ./colors.nix { inherit (nixpkgs) lib; }).schemes.catppuccin-mocha-sapphire;
font = {
name = "IosevkaLyteTerm";
size = 12;
};
};
/*
moduleArgs = {
# inherit style;
inherit helix slippi hyprland hardware disko home-manager;
inherit (outputs) nixosModules homeManagerModules diskoConfigurations overlays;
};
*/
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev";
}

22
lib/default.nix
View file

@ -1,22 +0,0 @@
{ self, ... }@inputs:
let
forSelfOverlay =
if builtins.hasAttr "overlays" self && builtins.hasAttr "forSelf" self.overlays then
self.overlays.forSelf
else
(_: p: p);
in
rec {
inherit forSelfOverlay;
systems = [
"aarch64-linux"
"aarch64-darwin"
"x86_64-darwin"
"x86_64-linux"
];
forSystems = nixpkgs: nixpkgs.lib.genAttrs systems;
pkgsFor = nixpkgs: system: (import nixpkgs { inherit system; }).extend forSelfOverlay;
genPkgs = nixpkgs: func: (forSystems nixpkgs (system: func (pkgsFor nixpkgs system)));
inherit (import ./host.nix inputs) host stableHost;
}

498
lib/disko/default.nix
View file

@ -1,498 +0,0 @@
{ nixpkgs-unstable, ... }:
let
# TODO: This file needs some serious cleaning up.
lib = nixpkgs-unstable.lib;
inherit (lib.attrsets) mapAttrs' filterAttrs;
ESP =
inputs@{
size ? "4G",
label ? "ESP",
name ? "ESP",
}:
{
priority = 1;
start = "1M";
label = label;
name = name;
end = size;
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"umask=0077"
];
};
}
// inputs;
in
rec {
standardWithHibernateSwap =
{
esp ? {
label = "ESP";
size = "4G";
name = "ESP";
},
rootfsName ? "/rootfs",
homeName ? "/home",
disk,
swapSize,
...
}:
{
/*
this is my standard partitioning scheme for my machines which probably want hibernation capabilities
a UEFI-compatible boot partition
it includes an LUKS-encrypted btrfs volume
a swap partition big enough to dump all the machine's RAM into
*/
disko.devices = {
disk = {
primary = {
type = "disk";
device = disk;
content = {
type = "gpt";
partitions = {
ESP = ESP esp;
swap = {
size = swapSize;
content = {
type = "swap";
discardPolicy = "both";
resumeDevice = true; # resume from hiberation from this device
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
# if you want to use the key for interactive login be sure there is no trailing newline
# for example use `echo -n "password" > /tmp/secret.key`
keyFile = "/tmp/secret.key"; # Interactive
# settings.keyFile = "/tmp/password.key";
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
${rootfsName} = {
mountpoint = "/";
mountOptions = [ "compress=zstd" ];
};
${homeName} = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
};
};
};
};
};
};
foxtrot = standardWithHibernateSwap {
disk = "nvme0n1";
swapSize = "32G";
rootfsName = "/nixos-rootfs";
homeName = "/nixos-home";
esp = {
label = "disk-primary-ESP";
name = "disk-primary-ESP";
};
};
standardEncrypted =
{
disk,
espSize ? "4G",
...
}:
standard {
inherit disk;
esp = {
label = "ESP";
size = espSize;
name = "ESP";
};
};
standard =
{
esp ? {
label = "ESP";
size = "4G";
name = "ESP";
},
disk,
...
}:
{
# this is my standard partitioning scheme for my machines: an LUKS-encrypted
# btrfs volume
disko.devices = {
disk = {
primary = {
type = "disk";
device = disk;
content = {
type = "gpt";
partitions = {
ESP = ESP esp;
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
# if you want to use the key for interactive login be sure there is no trailing newline
# for example use `echo -n "password" > /tmp/secret.key`
keyFile = "/tmp/secret.key"; # Interactive
# settings.keyFile = "/tmp/password.key";
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" ];
};
"/home" = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
};
};
};
};
};
};
thablet = standard {
disk = "nvme0n1";
esp = {
label = "EFI";
size = "4G";
name = "EFI";
};
};
unencrypted =
{ disk, ... }:
{
disko.devices = {
disk = {
primary = {
type = "disk";
device = disk;
content = {
type = "gpt";
partitions = {
ESP = ESP { size = "5G"; };
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
mountpoint = "/partition-root";
subvolumes = {
"/rootfs" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" ];
};
"/home" = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
};
};
};
};
};
beefcake =
let
zpools = {
zroot = {
/*
TODO: at the time of writing, disko does not support draid6
so I'm building/managing the array manually for the time being
the root pool is just a single disk right now
*/
name = "zroot";
config = {
type = "zpool";
# mode = "draid6";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "false";
};
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
datasets = {
zfs_fs = {
type = "zfs_fs";
mountpoint = "/zfs_fs";
options."com.sun:auto-snapshot" = "true";
};
zfs_unmounted_fs = {
type = "zfs_fs";
options.mountpoint = "none";
};
zfs_legacy_fs = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/zfs_legacy_fs";
};
zfs_testvolume = {
type = "zfs_volume";
size = "10M";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/ext4onzfs";
};
};
encrypted = {
type = "zfs_fs";
options = {
mountpoint = "none";
encryption = "aes-256-gcm";
keyformat = "passphrase";
keylocation = "file:///tmp/secret.key";
};
# use this to read the key during boot
/*
postCreateHook = ''
zfs set keylocation="prompt" "zroot/$name";
'';
*/
};
"encrypted/test" = {
type = "zfs_fs";
mountpoint = "/zfs_crypted";
};
};
};
};
zstorage = {
/*
PARITY_COUNT=3 NUM_DRIVES=8 HOT_SPARES=2 sudo -E zpool create -f -O mountpoint=none -O compression=on -O xattr=sa -O acltype=posixacl -o ashift=12 -O atime=off -O recordsize=64K zstorage draid{$PARITY_COUNT}:{$NUM_DRIVES}c:{$HOT_SPARES}s /dev/disk/by-id/scsi-35000039548cb637c /dev/disk/by-id/scsi-35000039548cb7c8c /dev/disk/by-id/scsi-35000039548cb85c8 /dev/disk/by-id/scsi-35000039548d9b504 /dev/disk/by-id/scsi-35000039548da2b08 /dev/disk/by-id/scsi-35000039548dad2fc /dev/disk/by-id/scsi-350000399384be921 /dev/disk/by-id/scsi-35000039548db096c
sudo zfs create -o mountpoint=legacy zstorage/nix
sudo zfs create -o canmount=on -o mountpoint=/storage zstorage/storage
*/
name = "zstorage";
config = { };
};
};
diskClass = {
storage = {
type = "zfs";
pool = zpools.zroot.name;
};
boot = {
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = zpools.zroot.name;
};
};
};
};
};
};
bootDisks = {
"/dev/sdi" = {
name = "i";
enable = true;
};
"/dev/sdj" = {
name = "j";
enable = true;
}; # TODO: join current boot drive to new boot pool
};
storageDisks = {
"/dev/sda" = {
enable = true;
name = "a";
};
"/dev/sdb" = {
enable = true;
name = "b";
};
"/dev/sdc" = {
enable = true;
name = "c";
};
"/dev/sdd" = {
enable = true;
name = "d";
};
# TODO: start small
"/dev/sde" = {
enable = false;
name = "e";
};
"/dev/sdf" = {
enable = false;
name = "f";
};
"/dev/sdg" = {
enable = false;
name = "g";
};
"/dev/sdh" = {
enable = false;
name = "h";
};
# gap for two boot drives
"/dev/sdk" = {
enable = false;
name = "k";
};
"/dev/sdl" = {
enable = false;
name = "l";
};
"/dev/sdm" = {
enable = false;
name = "m";
};
"/dev/sdn" = {
# TODO: this is my holding cell for random stuff right now
enable = false;
name = "n";
};
};
diskoBoot = mapAttrs' (
device:
{ name, ... }:
{
name = "boot-${name}";
value = {
inherit device;
type = "disk";
content = diskClass.boot.content;
};
}
) (filterAttrs (_: { enable, ... }: enable) bootDisks);
diskoStorage = mapAttrs' (
device:
{ name, ... }:
{
name = "storage-${name}";
value = {
inherit device;
type = "disk";
content = diskClass.storage.content;
};
}
) (filterAttrs (_: { enable, ... }: enable) storageDisks);
in
{
disko.devices = {
disk = diskoBoot // diskoStorage;
zpool = {
zroot = zpools.zroot.config;
};
};
};
legacy =
{ disks, ... }:
{
disko.devices = {
disk = {
primary = {
device = builtins.elemAt disks 0;
type = "disk";
content = {
type = "table";
format = "gpt";
partitions = [
{
label = "EFI";
name = "ESP";
size = "512M";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
}
{
name = "root";
start = "500M";
end = "100%";
part-type = "primary";
bootable = true;
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
}
];
};
};
};
};
};
}

36
lib/host.nix
View file

@ -1,36 +0,0 @@
inputs:
let
baseHost =
{
nixpkgs,
home-manager,
...
}:
(
path:
(
{
system ? "x86_64-linux",
}:
(nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {
inherit home-manager;
hardware = inputs.hardware.outputs.nixosModules;
diskoConfigurations = inputs.self.outputs.diskoConfigurations;
};
modules = [
inputs.self.outputs.nixosModules.default
(import path)
];
})
)
);
in
{
stableHost = baseHost { inherit (inputs) nixpkgs home-manager; };
host = baseHost {
nixpkgs = inputs.nixpkgs-unstable;
home-manager = inputs.home-manager-unstable;
};
}

BIN
lib/images/Nix_snowflake_lytedev.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 28 KiB

380
lib/images/Nix_snowflake_lytedev.svg
View file

@ -1,380 +0,0 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
width="141.5919mm"
height="122.80626mm"
viewBox="0 0 501.70361 435.14028"
id="svg2"
version="1.1"
inkscape:version="1.3.2 (091e20ef0f, 2023-11-25)"
sodipodi:docname="Nix_snowflake_lytedev.svg"
inkscape:export-filename="Nix_snowflake_lytedev.png"
inkscape:export-xdpi="96"
inkscape:export-ydpi="96"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<defs
id="defs4">
<linearGradient
inkscape:collect="always"
id="linearGradient5562">
<stop
style="stop-color:#699ad7;stop-opacity:1"
offset="0"
id="stop5564" />
<stop
id="stop5566"
offset="0.24345198"
style="stop-color:#7eb1dd;stop-opacity:1" />
<stop
style="stop-color:#7ebae4;stop-opacity:1"
offset="1"
id="stop5568" />
</linearGradient>
<linearGradient
inkscape:collect="always"
id="linearGradient5053">
<stop
style="stop-color:#415e9a;stop-opacity:1"
offset="0"
id="stop5055" />
<stop
id="stop5057"
offset="0.23168644"
style="stop-color:#4a6baf;stop-opacity:1" />
<stop
style="stop-color:#5277c3;stop-opacity:1"
offset="1"
id="stop5059" />
</linearGradient>
<linearGradient
id="linearGradient5960"
inkscape:collect="always">
<stop
id="stop5962"
offset="0"
style="stop-color:#637ddf;stop-opacity:1" />
<stop
style="stop-color:#649afa;stop-opacity:1"
offset="0.23168644"
id="stop5964" />
<stop
id="stop5966"
offset="1"
style="stop-color:#719efa;stop-opacity:1" />
</linearGradient>
<linearGradient
inkscape:collect="always"
id="linearGradient5867">
<stop
style="stop-color:#7363df;stop-opacity:1"
offset="0"
id="stop5869" />
<stop
id="stop5871"
offset="0.23168644"
style="stop-color:#6478fa;stop-opacity:1" />
<stop
style="stop-color:#719efa;stop-opacity:1"
offset="1"
id="stop5873" />
</linearGradient>
<linearGradient
y2="515.97058"
x2="282.26105"
y1="338.62445"
x1="213.95642"
gradientTransform="translate(983.36076,601.38885)"
gradientUnits="userSpaceOnUse"
id="linearGradient5855"
xlink:href="#linearGradient5960"
inkscape:collect="always" />
<linearGradient
y2="515.97058"
x2="282.26105"
y1="338.62445"
x1="213.95642"
gradientTransform="translate(-197.75174,-337.1451)"
gradientUnits="userSpaceOnUse"
id="linearGradient5855-8"
xlink:href="#linearGradient5867"
inkscape:collect="always" />
<linearGradient
y2="247.58188"
x2="-702.75317"
y1="102.74675"
x1="-775.20807"
gradientTransform="translate(983.36076,601.38885)"
gradientUnits="userSpaceOnUse"
id="linearGradient4544"
xlink:href="#linearGradient5960"
inkscape:collect="always" />
<clipPath
id="clipPath4501"
clipPathUnits="userSpaceOnUse">
<circle
r="241.06563"
cy="686.09473"
cx="335.13995"
id="circle4503"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#adadad;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
</clipPath>
<clipPath
id="clipPath5410"
clipPathUnits="userSpaceOnUse">
<circle
r="241.13741"
cy="340.98975"
cx="335.98114"
id="circle5412"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
</clipPath>
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5053"
id="linearGradient5137"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(864.55062,-2197.497)"
x1="-584.19934"
y1="782.33563"
x2="-496.29703"
y2="937.71399" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5053"
id="linearGradient5147"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(864.55062,-2197.497)"
x1="-584.19934"
y1="782.33563"
x2="-496.29703"
y2="937.71399" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5562"
id="linearGradient5162"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(70.505061,-1761.3076)"
x1="200.59668"
y1="351.41116"
x2="290.08701"
y2="506.18814" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5562"
id="linearGradient5172"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(70.505061,-1761.3076)"
x1="200.59668"
y1="351.41116"
x2="290.08701"
y2="506.18814" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5562"
id="linearGradient5182"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(70.505061,-1761.3076)"
x1="200.59668"
y1="351.41116"
x2="290.08701"
y2="506.18814" />
<linearGradient
y2="506.18814"
x2="290.08701"
y1="351.41116"
x1="200.59668"
gradientTransform="translate(70.505061,-1761.3076)"
gradientUnits="userSpaceOnUse"
id="linearGradient5201"
xlink:href="#linearGradient5562"
inkscape:collect="always" />
<linearGradient
y2="937.71399"
x2="-496.29703"
y1="782.33563"
x1="-584.19934"
gradientTransform="translate(864.55062,-2197.497)"
gradientUnits="userSpaceOnUse"
id="linearGradient5205"
xlink:href="#linearGradient5053"
inkscape:collect="always" />
</defs>
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="0.98318225"
inkscape:cx="112.8987"
inkscape:cy="191.21582"
inkscape:document-units="px"
inkscape:current-layer="layer1"
showgrid="false"
inkscape:window-width="2059"
inkscape:window-height="1588"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="0"
inkscape:snap-global="true"
fit-margin-top="0"
fit-margin-left="0"
fit-margin-right="0"
fit-margin-bottom="0"
inkscape:showpageshadow="0"
inkscape:pagecheckerboard="0"
inkscape:deskcolor="#505050" />
<metadata
id="metadata7">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="print-logo"
inkscape:groupmode="layer"
id="layer1"
style="display:inline"
transform="translate(-156.33871,933.1905)">
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#5277c3;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 309.40365,-710.2521 122.19683,211.6751 -56.15706,0.5268 -32.6236,-56.8692 -32.85645,56.5653 -27.90237,-0.011 -14.29086,-24.6896 46.81047,-80.4902 -33.22946,-57.8256 z"
id="path4861"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccccccc" />
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#df3c59;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 353.50926,-797.4433 -122.21756,211.6631 -28.53477,-48.37 32.93839,-56.6875 -65.41521,-0.1719 -13.9414,-24.1698 14.23637,-24.721 93.11177,0.2939 33.46371,-57.6903 z"
id="use4863"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccccccc" />
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#df3c59;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 362.88537,-628.243 244.41439,0.012 -27.62229,48.8968 -65.56199,-0.1817 32.55876,56.7371 -13.96098,24.1585 -28.52722,0.032 -46.3013,-80.7841 -66.69317,-0.1353 z"
id="use4865"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccccccc" />
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#df3c59;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 505.14318,-720.9886 -122.19683,-211.6751 56.15706,-0.5268 32.6236,56.8692 32.85645,-56.5653 27.90237,0.011 14.29086,24.6896 -46.81047,80.4902 33.22946,57.8256 z"
id="use4867"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccccccc" />
<path
sodipodi:nodetypes="cccccccccc"
inkscape:connector-curvature="0"
id="path4873"
d="m 309.40365,-710.2521 122.19683,211.6751 -56.15706,0.5268 -32.6236,-56.8692 -32.85645,56.5653 -27.90237,-0.011 -14.29086,-24.6896 46.81047,-80.4902 -33.22946,-57.8256 z"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#8e293b;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
<path
sodipodi:nodetypes="cccccccccc"
inkscape:connector-curvature="0"
id="use4875"
d="m 451.3364,-803.53264 -244.4144,-0.012 27.62229,-48.89685 65.56199,0.18175 -32.55875,-56.73717 13.96097,-24.15851 28.52722,-0.0315 46.3013,80.78414 66.69317,0.13524 z"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#8e293b;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
<path
sodipodi:nodetypes="cccccccccc"
inkscape:connector-curvature="0"
id="use4877"
d="m 460.87178,-633.8425 122.21757,-211.66304 28.53477,48.37003 -32.93839,56.68751 65.4152,0.1718 13.9414,24.1698 -14.23636,24.7211 -93.11177,-0.294 -33.46371,57.6904 z"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#8e293b;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
<g
id="layer2"
inkscape:label="guides"
style="display:none"
transform="translate(72.039038,-1799.4476)">
<path
d="M 460.60629,594.72881 209.74183,594.7288 84.309616,377.4738 209.74185,160.21882 l 250.86446,1e-5 125.43222,217.255 z"
inkscape:randomized="0"
inkscape:rounded="0"
inkscape:flatsided="true"
sodipodi:arg2="1.5707963"
sodipodi:arg1="1.0471976"
sodipodi:r2="217.25499"
sodipodi:r1="250.86446"
sodipodi:cy="377.47382"
sodipodi:cx="335.17407"
sodipodi:sides="6"
id="path6032"
style="color:#000000;display:inline;overflow:visible;visibility:visible;opacity:0.236;fill:#4e4d52;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;enable-background:accumulate"
sodipodi:type="star" />
<path
transform="translate(0,-308.26772)"
sodipodi:type="star"
style="color:#000000;display:inline;overflow:visible;visibility:visible;opacity:1;fill:#4e4d52;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;enable-background:accumulate"
id="path5875"
sodipodi:sides="6"
sodipodi:cx="335.17407"
sodipodi:cy="685.74158"
sodipodi:r1="100.83495"
sodipodi:r2="87.32563"
sodipodi:arg1="1.0471976"
sodipodi:arg2="1.5707963"
inkscape:flatsided="true"
inkscape:rounded="0"
inkscape:randomized="0"
d="m 385.59154,773.06721 -100.83495,0 -50.41747,-87.32564 50.41748,-87.32563 100.83495,10e-6 50.41748,87.32563 z" />
<path
transform="translate(0,-308.26772)"
sodipodi:nodetypes="ccccccccc"
inkscape:connector-curvature="0"
id="path5851"
d="m 1216.5591,938.53395 123.0545,228.14035 -42.6807,-1.2616 -43.4823,-79.7725 -39.6506,80.3267 -32.6875,-19.7984 53.4737,-100.2848 -37.1157,-73.88955 z"
style="fill:url(#linearGradient5855);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
<rect
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:0.415;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#c53a3a;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
id="rect5884"
width="48.834862"
height="226.22897"
x="-34.74221"
y="446.17056"
transform="rotate(-30)" />
<path
transform="translate(0,-308.26772)"
sodipodi:type="star"
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:0.509;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
id="path3428"
sodipodi:sides="6"
sodipodi:cx="223.93674"
sodipodi:cy="878.63831"
sodipodi:r1="28.048939"
sodipodi:r2="24.291094"
sodipodi:arg1="0"
sodipodi:arg2="0.52359878"
inkscape:flatsided="true"
inkscape:rounded="0"
inkscape:randomized="0"
d="m 251.98568,878.63831 -14.02447,24.29109 h -28.04894 l -14.02447,-24.29109 14.02447,-24.2911 h 28.04894 z" />
<use
x="0"
y="0"
xlink:href="#rect5884"
id="use4252"
transform="rotate(60,268.29786,489.4515)"
width="100%"
height="100%" />
<rect
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#000000;fill-opacity:0.650794;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
id="rect4254"
width="5.3947482"
height="115.12564"
x="545.71014"
y="467.07007"
transform="rotate(30,575.23539,-154.13386)" />
</g>
</g>
</svg>
Side by side

Before

Width:  |  Height:  |  Size: 19 KiB

22
lib/internal.md
View file

@ -4,10 +4,6 @@
**NOTE**: I want to establish a solid way to do this without `root@`.
**TODO**: This could easily be wrapped up in a `nix run github:lytedev/nix#install` or something with fuzzy-finders for the variable options.
**TODO**: could also probably get some helpers baked into an ISO?
```fish
g a; set host beefcake; nix run nixpkgs#nixos-rebuild -- --flake ".#$host" \
--target-host "root@$host" --build-host "root@$host" \
@ -55,12 +51,8 @@ ssh "root@$host" nixos-rebuild --rollback switch
## Provisioning New NixOS Hosts
```shell
nix run --extra-experimental-features 'nix-command flakes' \
--accept-flake-config git+https://git.lyte.dev/lytedev/nix#installer
```
Or you can install manually with the process below:
Note that for best results the target flake attribute should first be built and
cached to the binary cache at `nix.h.lyte.dev`.
```bash
# establish network access
@ -83,12 +75,11 @@ nix-shell --packages git --run "sudo nix run \
github:nix-community/disko -- \
--flake 'git+https://git.lyte.dev/lytedev/nix#${PARTITION_SCHEME}' \
--mode disko \
--arg disk '\"/dev/${DISK}\"'"
--arg disks '[ \"/dev/${DISK}\" ]'"
# install
nix-shell --packages git \
--run "sudo nixos-install \
--no-write-lock-file \
--flake 'git+https://git.lyte.dev/lytedev/nix#${FLAKE_ATTR}' \
--option trusted-substituters 'https://cache.nixos.org https://nix.h.lyte.dev' \
--option trusted-public-keys 'cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0='"
@ -96,9 +87,7 @@ nix-shell --packages git \
Then:
1. Tailscale connection and roles.
2. Setup/copy any GPG/SSH keys.
1. Setup/copy any GPG/SSH keys.
```shell
# from a machine with the key
@ -110,12 +99,13 @@ $ gpg --import ~/p.key && rm ~/p.key
$ gpg --edit-key daniel@lyte.dev # trust ultimately
```
3. Setup/copy any password stores.
2. Setup/copy any password stores.
```shell
$ rsync -r ~/.local/share/password-store $host:~/.local/share/password-store
```
3. Tailscale connection and roles.
4. Firefox sync configured.
# Temporary Firewall Changes

1319
lib/modules/home/default.nix
View file

File diff suppressed because it is too large Load diff

71
lib/modules/home/firefox.nix
View file

@ -1,71 +0,0 @@
{
lib,
config,
pkgs,
...
}:
{
config = lib.mkIf config.programs.firefox.enable {
home = {
sessionVariables = {
MOZ_ENABLE_WAYLAND = "1";
BROWSER = "firefox";
};
};
programs.firefox = {
# enable = true;
profileVersion = null;
package = pkgs.firefox.override {
nativeMessagingHosts = with pkgs; [ bitwarden ];
};
/*
TODO: this should be able to work on macos, no?
TODO: enable color scheme/theme by default
TODO: extensions and their config/sync?
*/
profiles = {
primary = {
id = 0;
settings = {
"alerts.useSystemBackend" = true;
"widget.gtk.rounded-bottom-corners.enabled" = true;
"general.smoothScroll" = true;
"browser.zoom.siteSpecific" = true;
};
extraConfig = ''
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
// user_pref("full-screen-api.ignore-widgets", true);
user_pref("media.ffmpeg.vaapi.enabled", true);
user_pref("media.rdd-vpx.enabled", true);
'';
userChrome = ''
#TabsToolbar {
visibility: collapse;
}
#main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar>.toolbar-items {
opacity: 0;
pointer-events: none;
}
#main-window:not([tabsintitlebar="true"]) #TabsToolbar {
visibility: collapse !important;
}
#webrtcIndicator {
display: none;
}
'';
/*
userContent = ''
'';
*/
};
};
};
};
}

94
lib/modules/home/fish.nix
View file

@ -1,94 +0,0 @@
{
lib,
config,
pkgs,
...
}:
{
config = lib.mkIf config.programs.fish.enable {
home = {
packages = [
pkgs.gawk # used in prompt
];
};
programs.fish = {
# enable = true;
# I load long scripts from files for a better editing experience
shellInit = builtins.readFile ./fish/shellInit.fish;
interactiveShellInit = builtins.readFile ./fish/interactiveShellInit.fish;
loginShellInit = "";
functions = {
# TODO: I think these should be loaded from fish files too for better editor experience?
d = ''
# --wraps=cd --description "Quickly jump to NICE_HOME (or given relative or absolute path) and list files."
if count $argv > /dev/null
cd $argv
else
cd $NICE_HOME
end
la
'';
c = ''
if count $argv > /dev/null
cd $NICE_HOME && d $argv
else
d $NICE_HOME
end
'';
ltl = ''
set d $argv[1] .
set -l l ""
for f in $d[1]/*
if test -z $l; set l $f; continue; end
if command test $f -nt $l; and test ! -d $f
set l $f
end
end
echo $l
'';
has_command = "command --quiet --search $argv[1]";
};
shellAbbrs = { };
shellAliases = {
# TODO: an alias that wraps `rm` such that if we run it without git committing first (when in a git repo)
ls = "eza --group-directories-first --classify";
l = "ls";
ll = "ls --long --group";
la = "ll --all";
lA = "la --all"; # --all twice to show . and ..
tree = "ls --tree --level=3";
lt = "ll --sort=modified";
lat = "la --sort=modified";
lc = "lt --sort=accessed";
lT = "lt --reverse";
lC = "lc --reverse";
lD = "la --only-dirs";
"cd.." = "d ..";
"cdc" = "d $XDG_CONFIG_HOME";
"cdn" = "d $NOTES_PATH";
"cdl" = "d $XDG_DOWNLOAD_DIR";
"cdg" = "d $XDG_GAMES_DIR";
".." = "d ..";
"..." = "d ../..";
"...." = "d ../../..";
"....." = "d ../../../..";
"......" = "d ../../../../..";
"......." = "d ../../../../../..";
"........" = "d ../../../../../../..";
"........." = "d ../../../../../../../..";
p = "ping";
dc = "docker compose";
pc = "podman-compose";
k = "kubectl";
kg = "kubectl get";
v = "$EDITOR";
sv = "sudo $EDITOR";
kssh = "kitty +kitten ssh";
};
};
};
}

190
lib/modules/home/fish/interactiveShellInit.fish
View file

@ -1,190 +0,0 @@
set this_shell_should_notify 1
# prompt
function get_hostname
if test (uname) = Linux || test (uname) = Darwin
has_command hostname && hostname | cut -d. -f1 || cat /etc/hostname
else
# assume bsd
hostname | head -n 1 | cut -d. -f1
end
end
function fish_greeting
_prompt_prefix
printf "%s\n" (date)
end
function preprocess_pwd
test (pwd) = / && echo / && return 1
test (pwd) = $NICE_HOME && echo "~" && return 0
pwd \
| cut -c2- \
| gawk '{n=split($0,p,"/");for(i=1;i<=n;i++){if(i==n){printf "/%s",p[i]}else{printf "/%.3s",p[i]}}}'
end
function _maybe_elevated_access_prefix
if set -q SUDO_USER
set_color -b yellow black
printf " SUDO "
set_color -b normal normal
printf " "
else if test $USER = root
set_color -b red black
printf " ROOT "
set_color -b normal normal
printf " "
end
end
function _maybe_aws_profile
if set -q AWS_PROFILE && test $AWS_PROFILE = prd
printf " "
set_color -b yellow black
printf " AWS_PROFILE=prd "
set_color -b normal normal
end
end
function _user_and_host
if test $argv[1] -eq 0
set_color -b normal blue
else
set_color -b normal red
end
printf "%s@%s" $USER (get_hostname)
end
function _cur_work_dir
set_color -b normal magenta
printf " %s" (preprocess_pwd)
end
function _last_cmd_duration
set_color -b normal green
set -q CMD_DURATION && printf " %dms" $CMD_DURATION
if test $CMD_DURATION -gt 5000 && test $this_shell_should_notify = 1
printf "\e]777;notify;%s;%s\e\\" "Terminal Command Finished" (history --max 1)
set this_shell_should_notify 0
end
end
function _maybe_jobs_summary
if jobs -q
set_color -b normal cyan
printf " &%d" (jobs -p | wc -l)
end
end
function _user_prompt
printf "\n"
set_color brblack
if test (id -u) -eq 0
printf '# '
else
printf '$ '
end
set_color -b normal normal
end
function _maybe_git_summary
set_color -b normal yellow
set cur_sha (git rev-parse --short HEAD 2>/dev/null)
if test $status = 0
set num_changes (git status --porcelain | wc -l | string trim)
if test $num_changes = 0
set num_changes "✔"
else
set num_changes "+$num_changes"
end
printf " %s %s %s" (git branch --show-current) $cur_sha $num_changes
end
end
function _prompt_marker
# printf "%b133;A%b" "\x1b\x5d" "\x1b\x5c"
end
function _prompt_continuation_marker
# printf "%b133;A;k=s%b" "\x1b\x5d" "\x1b\x5c"
end
function cmd_marker --on-variable _
# printf "%b133;C%b" "\x1b\x5d" "\x1b\x5c"
end
function _prompt_prefix
set_color -b normal brblack
printf "# "
end
function preexec --on-event fish_preexec
set this_shell_should_notify 1
end
function fish_prompt
set last_cmd_status $status
_prompt_marker
_prompt_prefix
_maybe_elevated_access_prefix
_user_and_host $last_cmd_status
_cur_work_dir
_maybe_git_summary
_maybe_aws_profile
_last_cmd_duration
_maybe_jobs_summary
_user_prompt
end
function fish_mode_prompt
end
function fish_right_prompt
end
# key bindings
fish_vi_key_bindings
set --universal fish_cursor_default block
set --universal fish_cursor_insert line
set --universal fish_cursor_block block
fish_vi_cursor
set --universal fish_vi_force_cursor 1
bind --mode insert --sets-mode default jk repaint
bind --mode insert --sets-mode default jK repaint
bind --mode insert --sets-mode default Jk repaint
bind --mode insert --sets-mode default JK repaint
# bind --mode insert --sets-mode default jj repaint
# bind --mode insert --sets-mode default jJ repaint
# bind --mode insert --sets-mode default Jj repaint
# bind --mode insert --sets-mode default JJ repaint
if has_command skim
bind -M insert \cg skim-cd-widget
end
if has_command fzf
bind -M insert \cg fzf-cd-widget
end
bind -M insert \cp up-or-search
bind -M insert \cn down-or-search
bind -M insert \ce end-of-line
bind -M insert \ca beginning-of-line
bind -M insert \cv edit_command_buffer
bind -M default \cv edit_command_buffer
test $PWD = $HOME && begin
cd $NICE_HOME || cd
end
# tmux has issues when pasting sometimes where it seems to interpret a newline
# as C-j and jumps a pane and screws up the previous pane somehow
# I think a tput reset can fix it, but it's just annoying and I don't think I
# currently make heavy enough use of sessions and detaching and tmux-resurrect for
# it to be worth it
# if has_command tmux && ! set -q DO_NOT_AUTOSTART_TMUX && ! set -q TMUX
# tmux new-session -D -s "default" &>/dev/null || tmux attach -t "default"
# end

2123
lib/modules/home/ghostty/config
View file

File diff suppressed because it is too large Load diff

25
lib/modules/home/ghostty/themes/catppuccin-mocha-sapphire-custom
View file

@ -1,25 +0,0 @@
palette = 0=#45475a
palette = 1=#f38ba8
palette = 2=#a6e3a1
palette = 3=#fab387
palette = 4=#74c7ec
palette = 5=#cba6f7
palette = 6=#f9e2af
palette = 7=#bac2de
palette = 8=#585b70
palette = 9=#f38ba8
palette = 10=#a6e3a1
palette = 11=#fab387
palette = 12=#74c7ec
palette = 13=#cba6f7
palette = 14=#f9e2af
palette = 15=#a6adc8
background = #1e1e2e
foreground = #cdd6f4
cursor-color = #cdd6f4
cursor-text = #cdd6f4
selection-background = #f9e2af
selection-foreground = #1e1e2e

588
lib/modules/home/helix.nix
View file

@ -1,588 +0,0 @@
{ self, ... }:
let
inherit (self.outputs) style;
in
{
lib,
config,
...
}:
{
config = lib.mkIf config.programs.helix.enable {
# helix rust debugger stuff
# https://github.com/helix-editor/helix/wiki/Debugger-Configurations
home.file."${config.xdg.configHome}/lldb_vscode_rustc_primer.py" = {
text = ''
import subprocess
import pathlib
import lldb
# Determine the sysroot for the active Rust interpreter
rustlib_etc = pathlib.Path(subprocess.getoutput('rustc --print sysroot')) / 'lib' / 'rustlib' / 'etc'
if not rustlib_etc.exists():
raise RuntimeError('Unable to determine rustc sysroot')
# Load lldb_lookup.py and execute lldb_commands with the correct path
lldb.debugger.HandleCommand(f"""command script import "{rustlib_etc / 'lldb_lookup.py'}" """)
lldb.debugger.HandleCommand(f"""command source -s 0 "{rustlib_etc / 'lldb_commands'}" """)
'';
};
/*
NOTE: Currently, helix crashes when editing markdown in certain scenarios,
presumably due to an old markdown treesitter grammar
https://github.com/helix-editor/helix/issues/9011
https://github.com/helix-editor/helix/issues/8821
https://github.com/tree-sitter-grammars/tree-sitter-markdown/issues/114
*/
programs.helix = {
languages = {
language-server = {
lexical = {
command = "lexical";
args = [ "start" ];
};
/*
next-ls = {
command = "next-ls";
args = ["--stdout"];
};
deno = {
command = "deno";
args = ["lsp"];
config = {
enable = true;
lint = true;
unstable = true;
};
};
*/
};
language = [
/*
{
name = "heex";
scope = "source.heex";
injection-regex = "heex";
language-servers = ["lexical"]; # "lexical" "next-ls" ?
auto-format = true;
file-types = ["heex"];
roots = ["mix.exs" "mix.lock"];
indent = {
tab-width = 2;
unit = " ";
};
}
{
name = "elixir";
language-servers = ["lexical"]; # "lexical" "next-ls" ?
auto-format = true;
}
*/
{
name = "rust";
debugger = {
name = "lldb-vscode";
transport = "stdio";
command = "lldb-vscode";
templates = [
{
name = "binary";
request = "launch";
completion = [
{
name = "binary";
completion = "filename";
}
];
args = {
program = "{0}";
initCommands = [ "command script import ${config.xdg.configHome}/lldb_vscode_rustc_primer.py" ];
};
}
];
};
}
{
name = "html";
file-types = [ "html" ];
scope = "source.html";
auto-format = false;
}
{
name = "nix";
file-types = [ "nix" ];
scope = "source.nix";
auto-format = true;
formatter = {
command = "nixfmt";
args = [ "-" ];
};
}
{
name = "fish";
file-types = [ "fish" ];
scope = "source.fish";
auto-format = true;
indent = {
tab-width = 2;
unit = "\t";
};
}
{
name = "toml";
file-types = [ "toml" ];
scope = "source.toml";
auto-format = true;
}
/*
{
name = "javascript";
language-id = "javascript";
grammar = "javascript";
scope = "source.js";
injection-regex = "^(js|javascript)$";
file-types = ["js" "mjs"];
shebangs = ["deno"];
language-servers = ["deno"];
roots = ["deno.jsonc" "deno.json"];
formatter = {
command = "deno";
args = ["fmt"];
};
auto-format = true;
comment-token = "//";
indent = {
tab-width = 2;
unit = "\t";
};
}
{
name = "typescript";
language-id = "typescript";
grammar = "typescript";
scope = "source.ts";
injection-regex = "^(ts|typescript)$";
file-types = ["ts"];
shebangs = ["deno"];
language-servers = ["deno"];
roots = ["deno.jsonc" "deno.json"];
formatter = {
command = "deno";
args = ["fmt"];
};
auto-format = true;
comment-token = "//";
indent = {
tab-width = 2;
unit = "\t";
};
}
{
name = "jsonc";
language-id = "json";
grammar = "jsonc";
scope = "source.jsonc";
injection-regex = "^(jsonc)$";
roots = ["deno.jsonc" "deno.json"];
file-types = ["jsonc"];
language-servers = ["deno"];
indent = {
tab-width = 2;
unit = " ";
};
auto-format = true;
}
*/
];
};
settings = {
theme = "custom";
editor = {
soft-wrap.enable = true;
auto-pairs = false;
bufferline = "multiple";
rulers = [
81
121
];
cursorline = true;
/*
auto-save = false;
completion-trigger-len = 1;
color-modes = false;
scrolloff = 8;
*/
inline-diagnostics = {
cursor-line = "hint";
other-lines = "error";
};
cursor-shape = {
normal = "block";
insert = "bar";
select = "underline";
};
file-picker.hidden = false;
indent-guides = {
render = true;
character = "";
};
lsp = {
display-messages = true;
# display-inlay-hints = true;
};
statusline = {
separator = " ";
mode = {
"normal" = "N";
"insert" = "I";
"select" = "S";
};
left = [
"file-name"
"mode"
/*
"selections"
"primary-selection-length"
"position"
"position-percentage"
*/
"spinner"
"diagnostics"
"workspace-diagnostics"
];
/*
center = ["file-name"];
right = ["version-control" "total-line-numbers" "file-encoding"];
*/
};
};
keys = {
insert = {
j = {
k = "normal_mode";
j = "normal_mode";
K = "normal_mode";
J = "normal_mode";
};
};
normal = {
"C-k" = "jump_view_up";
"C-j" = "jump_view_down";
"C-h" = "jump_view_left";
"C-l" = "jump_view_right";
"C-q" = ":quit-all!";
# "L" = "repeat_last_motion";
space = {
q = ":reflow 80";
Q = ":reflow 120";
C = ":bc!";
h = ":toggle lsp.display-inlay-hints";
# O = ["select_textobject_inner WORD", ":pipe-to xargs xdg-open"];
};
};
select = {
space = {
q = ":reflow 80";
Q = ":reflow 120";
};
# "L" = "repeat_last_motion";
};
};
};
themes = with style.colors.withHashPrefix; {
custom = {
"type" = orange;
"constructor" = blue;
"constant" = orange;
"constant.builtin" = orange;
"constant.character" = yellow;
"constant.character.escape" = orange;
"string" = green;
"string.regexp" = orange;
"string.special" = blue;
"comment" = {
fg = fgdim;
modifiers = [ "italic" ];
};
"variable" = text;
"variable.parameter" = {
fg = red;
modifiers = [ "italic" ];
};
"variable.builtin" = red;
"variable.other.member" = text;
"label" = blue;
"punctuation" = fgdim;
"punctuation.special" = blue;
"keyword" = purple;
"keyword.storage.modifier.ref" = yellow;
"keyword.control.conditional" = {
fg = purple;
modifiers = [ "italic" ];
};
"operator" = blue;
"function" = blue;
"function.macro" = purple;
"tag" = purple;
"attribute" = blue;
"namespace" = {
fg = blue;
modifiers = [ "italic" ];
};
"special" = blue;
"markup.heading.marker" = {
fg = orange;
modifiers = [ "bold" ];
};
"markup.heading.1" = blue;
"markup.heading.2" = yellow;
"markup.heading.3" = green;
"markup.heading.4" = orange;
"markup.heading.5" = red;
"markup.heading.6" = fg3;
"markup.list" = purple;
"markup.bold" = {
modifiers = [ "bold" ];
};
"markup.italic" = {
modifiers = [ "italic" ];
};
"markup.strikethrough" = {
modifiers = [ "crossed_out" ];
};
"markup.link.url" = {
fg = red;
modifiers = [ "underlined" ];
};
"markup.link.text" = blue;
"markup.raw" = red;
"diff.plus" = green;
"diff.minus" = red;
"diff.delta" = blue;
"ui.linenr" = {
fg = fgdim;
};
"ui.linenr.selected" = {
fg = fg2;
};
"ui.statusline" = {
fg = fgdim;
bg = bg;
};
"ui.statusline.inactive" = {
fg = fg3;
bg = bg2;
};
"ui.statusline.normal" = {
fg = bg;
bg = purple;
modifiers = [ "bold" ];
};
"ui.statusline.insert" = {
fg = bg;
bg = green;
modifiers = [ "bold" ];
};
"ui.statusline.select" = {
fg = bg;
bg = red;
modifiers = [ "bold" ];
};
"ui.popup" = {
fg = text;
bg = bg2;
};
"ui.window" = {
fg = fgdim;
};
"ui.help" = {
fg = fg2;
bg = bg2;
};
"ui.bufferline" = {
fg = fgdim;
bg = bg2;
};
"ui.bufferline.background" = {
bg = bg2;
};
"ui.text" = text;
"ui.text.focus" = {
fg = text;
bg = bg3;
modifiers = [ "bold" ];
};
"ui.text.inactive" = {
fg = fg2;
};
"ui.virtual" = fg2;
"ui.virtual.ruler" = {
bg = bg3;
};
"ui.virtual.indent-guide" = bg3;
"ui.virtual.inlay-hint" = {
fg = bg3;
bg = bg;
};
"ui.selection" = {
bg = bg5;
};
"ui.cursor" = {
fg = bg;
bg = text;
};
"ui.cursor.primary" = {
fg = bg;
bg = red;
};
"ui.cursor.match" = {
fg = orange;
modifiers = [ "bold" ];
};
"ui.cursor.primary.normal" = {
fg = bg;
bg = text;
};
"ui.cursor.primary.insert" = {
fg = bg;
bg = text;
};
"ui.cursor.primary.select" = {
fg = bg;
bg = text;
};
"ui.cursor.normal" = {
fg = bg;
bg = fg;
};
"ui.cursor.insert" = {
fg = bg;
bg = fg;
};
"ui.cursor.select" = {
fg = bg;
bg = fg;
};
"ui.cursorline.primary" = {
bg = bg3;
};
"ui.highlight" = {
bg = bg3;
fg = bg;
modifiers = [ "bold" ];
};
"ui.menu" = {
fg = fg3;
bg = bg2;
};
"ui.menu.selected" = {
fg = text;
bg = bg3;
modifiers = [ "bold" ];
};
"diagnostic.error" = {
underline = {
color = red;
style = "curl";
};
};
"diagnostic.warning" = {
underline = {
color = orange;
style = "curl";
};
};
"diagnostic.info" = {
underline = {
color = blue;
style = "curl";
};
};
"diagnostic.hint" = {
underline = {
color = blue;
style = "curl";
};
};
error = red;
warning = orange;
info = blue;
hint = yellow;
"ui.background" = {
bg = bg;
fg = fgdim;
};
/*
"ui.cursorline.primary" = { bg = "default" }
"ui.cursorline.secondary" = { bg = "default" }
*/
"ui.cursorcolumn.primary" = {
bg = bg3;
};
"ui.cursorcolumn.secondary" = {
bg = bg3;
};
"ui.bufferline.active" = {
fg = primary;
bg = bg3;
underline = {
color = primary;
style = "";
};
};
};
};
};
};
}

25
lib/modules/home/scripts/common/bin/at
View file

@ -1,25 +0,0 @@
#!/usr/bin/env bash
usage() {
echo "at - exit after the specified datetime"
echo "Usage:"
echo " at <DATETIME> && command..."
echo
echo "Examples:"
echo " at 15:00:00 && echo \"it is 3 o'clock\""
}
[[ -z "$1" ]] && { echo "error: no DATE argument provided" >&2; usage; exit 1; }
d="$(date -d "${@}" +%s)"
_dt=$((d - $(date +%s)))
days=$((_dt / 86400))
printf 'Started at %s (with duration %sd %s)\n' "$(date)" "$days" "$(date -u --date @$((_dt)) +%H:%M:%S)"
while [[ "$d" -ge "$(date +%s)" ]]; do
_dt=$((d - $(date +%s)))
days=$((_dt / 86400))
printf "\r%sd %s " "$days" "$(date -u --date @$((_dt)) +%H:%M:%S)";
sleep 0.1
done
exit 0

41
lib/modules/home/scripts/common/bin/countdown
View file

@ -1,41 +0,0 @@
#!/usr/bin/env bash
function usage {
echo "countdown - exit after a certain amount of time has passed"
echo " Usage:"
echo " countdown <TIME> && command..."
echo
echo " Examples:"
echo ' countdown 120 && echo "Two minutes have elapsed!"'
echo ' countdown 5m && echo "Five minutes have elapsed!"'
echo ' countdown 10h && echo "Ten hours have elapsed!"'
echo ' countdown 9d && echo "Nine days have elapsed!"'
}
[[ $# -lt 1 ]] && { printf "error: no SECONDS argument provided\n" >&2; usage; exit 1; }
t="$1"
seconds="$(echo "$t" | tr -d -c 0-9)"
if [[ $t =~ ^.*m$ ]]; then
seconds=$((seconds * 60))
fi
if [[ $t =~ ^.*h$ ]]; then
seconds=$((seconds * 60 * 60))
fi
if [[ $t =~ ^.*d$ ]]; then
seconds=$((seconds * 60 * 60 * 24))
fi
d=$(($(date +%s) + seconds));
printf 'Started at %s\n' "$(date)"
while [[ "$d" -ge "$(date +%s)" ]]; do
_dt=$((d - $(date +%s)))
days=$((_dt / 86400))
printf "\r%sd %s " "$days" "$(date -u --date @$((_dt)) +%H:%M:%S)";
sleep 0.1
done
printf "\rCountdown finished %s\n" "$(date)"

3
lib/modules/home/scripts/common/bin/j
View file

@ -1,3 +0,0 @@
#!/usr/bin/env bash
N journal

127
lib/modules/home/scripts/common/bin/spark
View file

@ -1,127 +0,0 @@
#!/usr/bin/env bash
#
# spark
# https://github.com/holman/spark
#
# Generates sparklines for a set of data.
#
# Here's a good web-based sparkline generator that was a bit of inspiration
# for spark:
#
# https://datacollective.org/sparkblocks
#
# spark takes a comma-separated or space-separated list of data and then prints
# a sparkline out of it.
#
# Examples:
#
# spark 1 5 22 13 53
# # => ▁▁▃▂▇
#
# spark 0 30 55 80 33 150
# # => ▁▂▃▅▂▇
#
# spark -h
# # => Prints the spark help text.
# Generates sparklines.
#
# $1 - The data we'd like to graph.
_echo()
{
if [ "X$1" = "X-n" ]; then
shift
printf "%s" "$*"
else
printf "%s\n" "$*"
fi
}
spark()
{
local n numbers=
# find min/max values
local min=0xffffffff max=0
for n in ${@//,/ }
do
# on Linux (or with bash4) we could use `printf %.0f $n` here to
# round the number but that doesn't work on OS X (bash3) nor does
# `awk '{printf "%.0f",$1}' <<< $n` work, so just cut it off
n=${n%.*}
(( n < min )) && min=$n
(( n > max )) && max=$n
numbers=$numbers${numbers:+ }$n
done
# print ticks
local ticks=(▁ ▂ ▃ ▄ ▅ ▆ ▇ █)
# use a high tick if data is constant
(( min == max )) && ticks=(▅ ▆)
local f=$(( (($max-$min)<<8)/(${#ticks[@]}-1) ))
(( f < 1 )) && f=1
for n in $numbers
do
_echo -n ${ticks[$(( ((($n-$min)<<8)/$f) ))]}
done
_echo
}
# If we're being sourced, don't worry about such things
if [ "$BASH_SOURCE" == "$0" ]; then
# Prints the help text for spark.
help()
{
local spark=$(basename $0)
cat <<EOF
USAGE:
$spark [-h|--help] VALUE,...
EXAMPLES:
$spark 1 5 22 13 53
▁▁▃▂█
$spark 0,30,55,80,33,150
▁▂▃▄▂█
echo 9 13 5 17 1 | $spark
▄▆▂█▁
EOF
}
# show help for no arguments if stdin is a terminal
if { [ -z "$1" ] && [ -t 0 ] ; } || [ "$1" == '-h' ] || [ "$1" == '--help' ]
then
help
exit 0
fi
spark ${@:-`cat`}
fi
# source: https://github.com/holman/spark/commit/ab88ac6f8f33698f39ece2f109b1117ef39a68eb
# The MIT License
#
# Copyright (c) Zach Holman, https://zachholman.com
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.

3
lib/modules/home/scripts/common/bin/t
View file

@ -1,3 +0,0 @@
#!/usr/bin/env bash
N todo

2
lib/modules/home/scripts/common/bin/td
View file

@ -1,2 +0,0 @@
#!/usr/bin/env bash
N todo

270
lib/modules/nixos/default-module.nix
View file

@ -1,270 +0,0 @@
{
sops-nix,
disko,
slippi,
self,
...
}:
{
home-manager,
modulesPath,
lib,
config,
pkgs,
...
}:
{
imports = with self.outputs.nixosModules; [
(modulesPath + "/installer/scan/not-detected.nix")
home-manager.nixosModules.home-manager
sops-nix.nixosModules.sops
disko.nixosModules.disko
slippi.nixosModules.default
deno-netlify-ddns-client
shell-defaults-and-applications
desktop
gnome
wifi
printing
podman
virtual-machines
postgres
gaming
restic
router
(
{ config, ... }:
lib.mkIf config.family-account.enable {
users.groups.flanfam = { };
users.users.flanfam = {
isNormalUser = true;
home = "/home/flanfam";
description = "Flanagan Family";
createHome = true;
openssh.authorizedKeys.keys = [ self.outputs.pubkey ];
group = "flanfam";
shell = lib.mkIf config.lyte.shell.enable pkgs.fish;
extraGroups = [
"users"
"power"
"video"
];
};
home-manager.users.flanfam = {
# TODO: .face
accounts.email.accounts.primary = {
primary = true;
address = "home@lyte.dev";
};
home = {
username = "flanfam";
homeDirectory = "/home/flanfam";
stateVersion = lib.mkDefault config.system.stateVersion;
file.".face" = {
enable = config.home-manager.users.daniel.lyte.desktop.enable;
source = builtins.fetchurl {
url = "https://lyte.dev/icon.png";
sha256 = "sha256:0nf22gwasc64yc5317d0k0api0fwyrf4g3wxljdi2p3ki079ky53";
};
};
};
imports = with self.outputs.homeManagerModules; [
{
_module.args.fullName = config.users.users.flanfam.description;
}
default
];
};
}
)
];
options = {
family-account = {
enable = lib.mkEnableOption "Enable a user account for family members";
};
};
config = {
system.configurationRevision = toString (
self.shortRev or self.dirtyShortRev or self.lastModified or "unknown"
);
environment.etc = {
"lytedev/rev".text = config.system.configurationRevision;
"lytedev/lastModified".text = toString (self.lastModified or "unknown");
};
lyte.shell.enable = lib.mkDefault true;
nixpkgs = {
config.allowUnfree = lib.mkDefault true;
overlays = [ self.flakeLib.forSelfOverlay ];
};
nix = {
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
# registry = lib.mapAttrs (_: value: { flake = value; }) self.inputs;
settings = {
trusted-users = lib.mkDefault [ "@wheel" ];
extra-experimental-features = lib.mkDefault [
"nix-command"
"flakes"
];
auto-optimise-store = lib.mkDefault true;
extra-substituters = [
"https://cache.nixos.org/"
"https://nix-community.cachix.org"
"https://nix.h.lyte.dev"
];
extra-trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"h.lyte.dev-2:te9xK/GcWPA/5aXav8+e5RHImKYMug8hIIbhHsKPN0M="
];
};
};
sops = {
age = {
sshKeyPaths = lib.mkDefault [ "/etc/ssh/ssh_host_ed25519_key" ];
keyFile = lib.mkDefault "/var/lib/sops-nix/key.txt";
generateKey = lib.mkDefault true;
};
};
# TODO: for each non-system user on the machine?
home-manager = {
useGlobalPkgs = lib.mkDefault true;
useUserPackages = lib.mkDefault true;
backupFileExtension = lib.mkDefault "hm-backup";
};
systemd.services.nix-daemon.environment.TMPDIR = lib.mkDefault "/var/tmp"; # TODO: why did I do this again?
boot.tmp.cleanOnBoot = lib.mkDefault true;
programs.gnupg.agent.enable = lib.mkDefault true;
time.timeZone = lib.mkDefault "America/Chicago";
i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
hardware.enableRedistributableFirmware = lib.mkDefault true;
users.users.root = {
openssh.authorizedKeys.keys = lib.mkDefault [ self.outputs.pubkey ];
shell = lib.mkIf config.lyte.shell.enable pkgs.fish;
};
services = {
openssh = {
enable = lib.mkDefault true;
settings = {
PasswordAuthentication = lib.mkDefault false;
KbdInteractiveAuthentication = lib.mkDefault false;
PermitRootLogin = lib.mkForce "prohibit-password";
};
openFirewall = lib.mkDefault true;
/*
listenAddresses = [
{ addr = "0.0.0.0"; port = 22; }
];
*/
};
avahi = {
enable = lib.mkDefault true;
reflector = lib.mkDefault true;
openFirewall = lib.mkDefault true;
nssmdns4 = lib.mkDefault true;
};
tailscale = {
enable = lib.mkDefault true;
useRoutingFeatures = lib.mkDefault "client";
};
journald.extraConfig = lib.mkDefault "SystemMaxUse=1G";
xserver.xkb = {
layout = lib.mkDefault "us";
# have the caps-lock key instead be a ctrl key
options = lib.mkDefault "ctrl:nocaps";
};
smartd.enable = lib.mkDefault true;
fwupd.enable = lib.mkDefault true;
};
console = {
useXkbConfig = lib.mkDefault true;
earlySetup = lib.mkDefault true;
colors =
with self.outputs.style.colors;
lib.mkDefault [
bg
red
green
orange
blue
purple
yellow
fg3
fgdim
red
green
orange
blue
purple
yellow
fg
];
};
networking = {
hostName = lib.mkDefault "set-a-hostname-dingus";
useDHCP = lib.mkDefault true;
firewall = {
enable = lib.mkDefault true;
allowPing = lib.mkDefault true;
};
};
users.groups.daniel = { };
users.users.daniel = {
isNormalUser = true;
home = "/home/daniel/.home";
# TODO: chown /home/daniel
description = "Daniel Flanagan";
createHome = true;
openssh.authorizedKeys.keys = [ self.outputs.pubkey ];
group = "daniel";
shell = lib.mkIf config.lyte.shell.enable pkgs.fish;
extraGroups = [
"users"
"wheel"
"video"
"dialout"
"uucp"
"power"
"kvm"
];
packages = [ ];
};
home-manager.users.daniel = {
home = {
stateVersion = lib.mkDefault config.system.stateVersion;
file.".face" = {
enable = config.home-manager.users.daniel.lyte.desktop.enable;
source = builtins.fetchurl {
url = "https://lyte.dev/img/avatar3-square-512.png";
sha256 = "sha256:15zwbwisrc01m7ad684rsyq19wl4s33ry9xmgzmi88k1myxhs93x";
};
};
};
imports = with self.outputs.homeManagerModules; [
{
_module.args.fullName = config.users.users.daniel.description;
}
default
daniel
];
};
};
}

52
lib/modules/nixos/default.nix
View file

@ -1,52 +0,0 @@
inputs: {
# boot.tmp.useTmpfs = true;
# boot.uki.tries = 3;
# services.irqbalance.enable = true;
nix-config = (import ../../../flake.nix).nixConfig;
default = import ./default-module.nix inputs;
shell-defaults-and-applications = import ./shell-config.nix;
deno-netlify-ddns-client = import ./deno-netlify-ddns-client.nix;
gnome = import ./gnome.nix;
laptop = import ./laptop.nix;
plasma6 = import ./plasma.nix;
gaming = import ./gaming.nix;
pipewire = import ./pipewire.nix;
podman = import ./podman.nix;
virtual-machines = import ./virtual-machines.nix;
postgres = import ./postgres.nix;
desktop = import ./desktop.nix;
printing = import ./printing.nix;
wifi = import ./wifi.nix;
restic = import ./restic.nix;
router = import ./router.nix;
remote-disk-key-entry-on-boot =
{
# lib,
# pkgs,
...
}:
{
/*
https://nixos.wiki/wiki/Remote_disk_unlocking
"When using DHCP, make sure your computer is always attached to the network and is able to get an IP adress, or the boot process will hang."
^ seems less than ideal
*/
boot.kernelParams = [ "ip=dhcp" ];
boot.initrd = {
# availableKernelModules = ["r8169"]; # ethernet drivers
systemd.users.root.shell = "/bin/cryptsetup-askpass";
network = {
enable = true;
ssh = {
enable = true;
port = 22;
authorizedKeys = [ inputs.self.outputs.pubkey ];
hostKeys = [ "/etc/secrets/initrd/ssh_host_rsa_key" ];
};
};
};
};
}

101
lib/modules/nixos/deno-netlify-ddns-client.nix
View file

@ -1,101 +0,0 @@
{
lib,
config,
pkgs,
...
}:
let
inherit (lib)
mkEnableOption
mkOption
types
mkIf
;
inherit (lib.strings) optionalString;
cfg = config.services.deno-netlify-ddns-client;
in
{
options.services.deno-netlify-ddns-client = {
enable = mkEnableOption "Enable the deno-netlify-ddns client.";
username = mkOption {
type = types.str;
};
passwordFile = mkOption {
type = types.str;
};
endpoint = mkOption {
type = types.str;
default = "https://netlify-ddns.deno.dev";
};
ipv4 = mkOption {
type = types.bool;
default = true;
};
ipv6 = mkOption {
type = types.bool;
# TODO: router doesn't support ipv6 yet
default = false;
};
requestTimeout = mkOption {
type = types.int;
description = "The maximum number of seconds before the HTTP request times out.";
default = 180;
};
afterBootTime = mkOption {
type = types.str;
description = "A systemd.timers timespan. This option corresponds to the OnBootSec field in the timerConfig.";
default = "5m";
};
every = mkOption {
type = types.str;
description = "A systemd.timers timespan. This option corresponds to the OnUnitActiveSec field in the timerConfig.";
default = "5m";
};
};
config = mkIf cfg.enable {
systemd.timers.deno-netlify-ddns-client = {
enable = true;
after = [ "network.target" ];
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = cfg.afterBootTime;
OnUnitActiveSec = cfg.every;
Unit = "deno-netlify-ddns-client.service";
};
};
systemd.services.deno-netlify-ddns-client = {
enable = true;
after = [ "network.target" ];
script = ''
set -eu
password="$(cat "${cfg.passwordFile}")"
${optionalString cfg.ipv4 ''
"${pkgs.curl}/bin/curl" -4 -s \
-vvv \
-X POST \
--max-time ${toString cfg.requestTimeout} \
-u "${cfg.username}:''${password}" \
-L "${cfg.endpoint}/v1/netlify-ddns/replace-all-relevant-user-dns-records" 2>&1 \
| "${pkgs.sd}/bin/sd" --fixed-strings "''${password}" "[REDACTED]" \
| "${pkgs.sd}/bin/sd" -f i "Authorization: .*" "Authorization: [REST OF LINE REDACTED]"
''}
${optionalString cfg.ipv6 ''
${pkgs.curl}/bin/curl -6 -s \
-vvv \
-X POST \
--max-time ${toString cfg.requestTimeout} \
-u "${cfg.username}:''${password}" \
-L "${cfg.endpoint}/v1/netlify-ddns/replace-all-relevant-user-dns-records" 2>&1 \
| "${pkgs.sd}/bin/sd" --fixed-strings "''${password}" "[REDACTED]" \
| "${pkgs.sd}/bin/sd" -f i "Authorization: .*" "Authorization: [REST OF LINE REDACTED]"
''}
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
};
}

62
lib/modules/nixos/desktop.nix
View file

@ -1,62 +0,0 @@
{
pkgs,
lib,
config,
options,
...
}:
let
cfg = config.lyte.desktop;
in
{
options = {
lyte = {
desktop = {
enable = lib.mkEnableOption "Enable my default desktop configuration and applications";
};
};
};
config = lib.mkIf cfg.enable {
services.xserver.desktopManager.gnome.enable = true;
environment.systemPackages = [ pkgs.wl-clipboard ];
fonts.packages = [
(
# allow nixpkgs 24.11 and unstable to both work
if builtins.hasAttr "nerd-fonts" pkgs then
(pkgs.nerd-fonts.symbols-only)
else
(pkgs.nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
)
pkgs.iosevkaLyteTerm
];
xdg.portal.enable = true;
hardware =
if builtins.hasAttr "graphics" options.hardware then
{
graphics = {
enable = true;
# enable32Bit = true;
/*
driSupport32Bit = true;
driSupport = true;
*/
};
}
else
{
opengl = {
enable = true;
# driSupport32Bit = true;
driSupport = true;
};
};
services.flatpak.enable = true;
programs.appimage.binfmt = true;
services.printing.enable = true;
programs.virt-manager.enable = config.virtualisation.libvirtd.enable;
};
}

72
lib/modules/nixos/gaming.nix
View file

@ -1,72 +0,0 @@
{
lib,
config,
options,
pkgs,
...
}:
{
config = lib.mkIf config.programs.steam.enable {
programs.gamescope.enable = true;
services.pipewire = {
alsa.support32Bit = true;
};
programs.steam = {
extest.enable = true;
gamescopeSession.enable = true;
extraPackages = with pkgs; [
gamescope
];
extraCompatPackages = with pkgs; [
proton-ge-bin
];
localNetworkGameTransfers.openFirewall = true;
remotePlay.openFirewall = true;
};
hardware =
(
if builtins.hasAttr "graphics" options.hardware then
{
graphics = {
enable = true;
enable32Bit = true;
};
}
else
{
opengl = {
enable = true;
driSupport32Bit = true;
};
}
)
// {
steam-hardware.enable = true;
};
services.udev.packages = with pkgs; [ steam ];
environment = {
systemPackages = with pkgs; [
dualsensectl # for interfacing with dualsense controllers programmatically
wineWowPackages.waylandFull
lutris
winetricks
ludusavi
# ludusavi uses rclone
rclone
];
};
# remote play ports - should be unnecessary due to programs.steam.remotePlay.openFirewall = true;
/*
networking.firewall.allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
networking.firewall.allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
*/
};
}

46
lib/modules/nixos/gnome.nix
View file

@ -1,46 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.services.xserver.desktopManager.gnome.enable {
services = {
xserver = {
enable = true;
displayManager.gdm.enable = true;
# desktopManager.gnome.enable = true;
};
udev.packages = [ pkgs.gnome-settings-daemon ];
};
environment = {
variables.GSK_RENDERER = "gl";
systemPackages = with pkgs; [
bitwarden
# adwaita-gtk-theme
papirus-icon-theme
adwaita-icon-theme
adwaita-icon-theme-legacy
hydrapaper
];
};
programs.kdeconnect = {
enable = true;
package = pkgs.gnomeExtensions.gsconnect;
};
networking.firewall = rec {
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = allowedTCPPortRanges;
};
};
}

39
lib/modules/nixos/kanidm.nix
View file

@ -1,39 +0,0 @@
{
# this is not ready for primetime yet
# services.kanidm = {
# enableClient = true;
# enablePam = true;
# package = pkgs.kanidm;
# clientSettings.uri = "https://idm.h.lyte.dev";
# unixSettings = {
# # hsm_pin_path = "/somewhere/else";
# pam_allowed_login_groups = [];
# };
# };
# systemd.tmpfiles.rules = [
# "d /etc/kanidm 1755 nobody users -"
# ];
# module has the incorrect file permissions out of the box
# environment.etc = {
/*
"kanidm" = {
enable = true;
user = "nobody";
group = "users";
mode = "0755";
};
*/
# "kanidm/unixd" = {
# user = "kanidm-unixd";
# group = "kanidm-unixd";
# mode = "0700";
# };
# "kanidm/config" = {
# user = "nobody";
# group = "users";
# mode = "0755";
# };
# };
}

42
lib/modules/nixos/laptop.nix
View file

@ -1,42 +0,0 @@
{
lib,
config,
pkgs,
...
}:
{
config = lib.mkIf config.lyte.laptop.enable {
environment.systemPackages = with pkgs; [
acpi
];
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness"
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chmod g+w /sys/class/backlight/%k/brightness"
'';
services.upower.enable = true;
# NOTE: I previously let plasma settings handle this
services.logind = {
lidSwitch = "suspend-then-hibernate";
extraConfig = ''
KillUserProcesses=no
HandlePowerKey=suspend
HandlePowerKeyLongPress=poweroff
HandleRebootKey=reboot
HandleRebootKeyLongPress=poweroff
HandleSuspendKey=suspend
HandleSuspendKeyLongPress=hibernate
HandleHibernateKey=hibernate
HandleHibernateKeyLongPress=ignore
HandleLidSwitch=suspend
HandleLidSwitchExternalPower=suspend
HandleLidSwitchDocked=suspend
HandleLidSwitchDocked=suspend
IdleActionSec=11m
IdleAction=ignore
'';
};
};
}

10
lib/modules/nixos/lutris.nix
View file

@ -1,10 +0,0 @@
{ pkgs, ... }:
{
environment = {
systemPackages = with pkgs; [
wineWowPackages.waylandFull
lutris
winetricks
];
};
}

99
lib/modules/nixos/pipewire.nix
View file

@ -1,99 +0,0 @@
{
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
# wireplumber.enable = true; # this is default now
wireplumber.extraConfig = {
"monitor.bluez.properties" = {
"bluez5.enable-sbc-xq" = true;
"bluez5.enable-msbc" = true;
"bluez5.enable-hw-volume" = true;
"bluez5.roles" = [
"hsp_hs"
"hsp_ag"
"hfp_hf"
"hfp_ag"
];
};
};
extraConfig.pipewire."91-null-sinks" = {
"context.objects" = [
{
# A default dummy driver. This handles nodes marked with the "node.always-driver"
# properyty when no other driver is currently active. JACK clients need this.
factory = "spa-node-factory";
args = {
"factory.name" = "support.node.driver";
"node.name" = "Dummy-Driver";
"priority.driver" = 8000;
};
}
{
factory = "adapter";
args = {
"factory.name" = "support.null-audio-sink";
"node.name" = "Microphone-Proxy";
"node.description" = "Microphone";
"media.class" = "Audio/Source/Virtual";
"audio.position" = "MONO";
};
}
{
factory = "adapter";
args = {
"factory.name" = "support.null-audio-sink";
"node.name" = "Main-Output-Proxy";
"node.description" = "Main Output";
"media.class" = "Audio/Sink";
"audio.position" = "FL,FR";
};
}
];
};
/*
extraConfig.pipewire."92-low-latency" = {
context.properties = {
default.clock.rate = 48000;
default.clock.quantum = 32;
default.clock.min-quantum = 32;
default.clock.max-quantum = 32;
};
};
*/
};
# recommended by https://nixos.wiki/wiki/PipeWire
security.rtkit.enable = true;
/*
services.pipewire = {
enable = true;
wireplumber.enable = true;
pulse.enable = true;
jack.enable = true;
alsa = {
enable = true;
support32Bit = true;
};
};
hardware = {
pulseaudio = {
enable = false;
support32Bit = true;
};
};
security = {
# I forget why I need these exactly...
polkit.enable = true;
rtkit.enable = true;
};
*/
}

68
lib/modules/nixos/plasma.nix
View file

@ -1,68 +0,0 @@
{
self,
pkgs,
lib,
...
}:
{
imports = with self.outputs.nixosModules; [
pipewire
];
programs.kdeconnect.enable = true;
services.xserver.enable = true;
services.displayManager.sddm = {
enable = true;
# package = lib.mkForce pkgs.kdePackages.sddm;
settings = { };
# theme = "";
enableHidpi = true;
wayland = {
enable = true;
compositor = "weston";
};
};
services.desktopManager.plasma6.enable = true;
programs.dconf.enable = true;
services.xrdp.enable = false;
services.xrdp.defaultWindowManager = "plasma";
services.xrdp.openFirewall = false;
environment.systemPackages = with pkgs; [
wl-clipboard
inkscape
krita
noto-fonts
vlc
wl-clipboard
kdePackages.qtvirtualkeyboard
maliit-keyboard
maliit-framework
kdePackages.kate
kdePackages.kcalc
kdePackages.filelight
kdePackages.krdc
kdePackages.krfb
kdePackages.kclock
kdePackages.kweather
kdePackages.ktorrent
kdePackages.kdeplasma-addons
unstable-packages.kdePackages.krdp
/*
kdePackages.kdenlive
kdePackages.merkuro
kdePackages.neochat
kdePackages.kdevelop
kdePackages.kdialog
*/
];
programs.gnupg.agent.pinentryPackage = lib.mkForce pkgs.pinentry-qt;
}

36
lib/modules/nixos/podman.nix
View file

@ -1,36 +0,0 @@
{
pkgs,
config,
lib,
...
}:
{
config = lib.mkIf (config.virtualisation.oci-containers.backend == "podman") {
environment = {
systemPackages = with pkgs; [
podman-compose
];
};
virtualisation = {
podman = {
dockerCompat = true;
dockerSocket.enable = true;
defaultNetwork.settings.dns_enabled = true;
};
oci-containers = {
# backend = "podman";
};
};
networking = {
extraHosts = ''
127.0.0.1 host.docker.internal
::1 host.docker.internal
127.0.0.1 host.containers.internal
::1 host.containers.internal
'';
};
};
}

51
lib/modules/nixos/postgres.nix
View file

@ -1,51 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.services.postgresql.enable {
# this is really just for development usage
services.postgresql = {
# enable = true;
ensureDatabases = [ "daniel" ];
ensureUsers = [
{
name = "daniel";
ensureDBOwnership = true;
}
];
# enableTCPIP = true;
package = pkgs.postgresql_15;
authentication = pkgs.lib.mkOverride 10 ''
#type database DBuser auth-method
local all postgres peer map=superuser_map
local all daniel peer map=superuser_map
local sameuser all peer map=superuser_map
# lan ipv4
host all all 10.0.0.0/24 trust
host all all 127.0.0.1/32 trust
# tailnet ipv4
host all all 100.64.0.0/10 trust
'';
identMap = ''
# ArbitraryMapName systemUser DBUser
superuser_map root postgres
superuser_map postgres postgres
superuser_map daniel postgres
superuser_map /^(.*)$ \1 # Let other names login as themselves
'';
};
environment.systemPackages = with pkgs; [
pgcli
];
};
}

20
lib/modules/nixos/printing.nix
View file

@ -1,20 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.services.printing.enable {
services.printing.browsing = true;
services.printing.browsedConf = ''
BrowseDNSSDSubTypes _cups,_print
BrowseLocalProtocols all
BrowseRemoteProtocols all
CreateIPPPrinterQueues All
BrowseProtocols all
'';
services.printing.drivers = [ pkgs.gutenprint ];
};
}

25
lib/modules/nixos/restic.nix
View file

@ -1,25 +0,0 @@
{
lib,
# options,
# config,
...
}:
let
inherit (lib) mkOption types;
in
{
options.services.restic.commonPaths = mkOption {
type = types.nullOr (types.listOf types.str);
default = [ ];
description = ''
Which paths to backup, in addition to ones specified via
`dynamicFilesFrom`. If null or an empty array and
`dynamicFilesFrom` is also null, no backup command will be run.
This can be used to create a prune-only job.
'';
example = [
"/var/lib/postgresql"
"/home/user/backup"
];
};
}

804
lib/modules/nixos/router.nix
View file

@ -1,804 +0,0 @@
{
config,
lib,
...
}:
let
cfg = config.lyte.router;
inherit (builtins) mapAttrs concatStringsSep toString;
inherit (lib)
mkEnableOption
mkOption
types
mkIf
mkDefault
defaultTo
;
inherit (lib.attrsets) foldlAttrs mapAttrsToList mapAttrs';
inherit (lib.lists) flatten toList;
in
{
options.lyte.router = {
enable = mkEnableOption "Enable home router functionality";
hostname = mkOption {
default = "router";
description = "The hostname of the router. NOT the FQDN. This value concatenated with the domain will form the FQDN of this router host.";
type = types.str;
example = "my-home-router";
};
domain = mkOption {
# default = null;
description = "The domain of the router.";
type = types.str;
example = "lan";
};
openPorts = mkOption { };
hosts = mkOption { };
interfaces = {
wan = {
name = mkOption {
default = "wan";
type = types.str;
};
mac = mkOption {
type = types.str;
};
};
lan = {
name = mkOption {
default = "lan";
type = types.str;
};
mac = mkOption {
type = types.str;
};
};
};
# TODO: would be nice to support multiple VLANs?
ipv4 = {
address = mkOption {
default = "192.168.0.1";
description = "The IPv4 address of the router.";
type = types.str;
example = "10.0.0.1";
};
cidr = mkOption {
# TODO: derive IPv4 from CIDR?
description = ''The CIDR to route. If null, will use "''${config.lyte.router.ipv4}/16".'';
default = null;
example = "10.0.0.0/8";
# type = types.str;
defaultText = ''''${config.lyte.router.ipv4}/16'';
};
netmask = mkOption {
# TODO: derive from CIDR?
default = "255.255.255.0";
type = types.str;
};
dhcp-lease-space = {
min = mkOption {
default = "192.168.0.30";
type = types.str;
};
max = mkOption {
default = "192.168.0.250";
type = types.str;
};
};
};
};
config = mkIf cfg.enable (
let
cidr = defaultTo "${cfg.ipv4.address}/16" cfg.ipv4.cidr;
wan = cfg.interfaces.wan.name;
lan = cfg.interfaces.lan.name;
in
{
boot.kernel.sysctl = {
"net.ipv4.conf.all.forwarding" = true;
"net.ipv6.conf.all.forwarding" = true;
"net.ipv4.conf.default.rp_filter" = 1;
"net.ipv4.conf.${cfg.interfaces.wan.name}.rp_filter" = 1;
"net.ipv4.conf.${cfg.interfaces.lan.name}.rp_filter" = 0;
"net.ipv6.conf.${cfg.interfaces.wan.name}.accept_ra" = 2;
"net.ipv6.conf.${cfg.interfaces.wan.name}.autoconf" = 1;
"net.ipv6.conf.all.use_tempaddr" = 2;
"net.ipv6.conf.default.use_tempaddr" = lib.mkForce 2;
"net.ipv6.conf.${cfg.interfaces.wan.name}.use_tempaddr" = 2;
# "net.ipv6.conf.${interfaces.wan.name}.addr_gen_mode" = 2;
};
networking = {
hostName = cfg.hostname;
# disable some of the sane defaults
# TODO: detect conflicts with NixOS firewall options? this may be done for us?
useDHCP = false;
firewall.enable = false;
# use systemd.network for network interface configuration
useNetworkd = true;
# maybe we need this?
nat.enable = true;
extraHosts = ''
127.0.0.1 localhost
127.0.0.2 ${cfg.hostname}.${cfg.domain} ${cfg.hostname}
${cfg.ipv4.address} ${cfg.hostname}.${cfg.domain} ${cfg.hostname}
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
'';
# tcp dport 2201 accept comment "Accept SSH on port 2201"
# tcp dport 53 accept comment "Accept DNS"
# udp dport 53 accept comment "Accept DNS"
# tcp dport { 80, 443 } accept comment "Allow HTTP/HTTPS to server (see nat prerouting)"
# udp dport { 80, 443 } accept comment "Allow QUIC to server (see nat prerouting)"
nftables =
let
mkOpenPortRule =
protocol: rules:
mapAttrsToList (
name: ports:
''${protocol} dport {${concatStringsSep ", " (map toString (toList ports))}} accept comment "${name}"''
) rules;
tcpRulesString = mkOpenPortRule "tcp" cfg.openPorts.tcp;
udpRulesString = mkOpenPortRule "udp" cfg.openPorts.udp;
hostRules = flatten (
mapAttrsToList (
hostname:
{
nat ? { },
...
}:
mapAttrsToList (
protocol: rules:
mkOpenPortRule protocol (
mapAttrs' (name: value: {
name = "NAT ${name} to ${hostname}";
value = value;
}) rules
)
) nat
) cfg.hosts
);
acceptPorts = flatten [
tcpRulesString
udpRulesString
hostRules
];
# iifname ${wan} tcp dport {22} dnat to ${cfg.hosts.beefcake.ip}
# iifname ${wan} tcp dport {80, 443} dnat to ${cfg.hosts.beefcake.ip}
# iifname ${wan} udp dport {80, 443} dnat to ${cfg.hosts.beefcake.ip}
# iifname ${wan} tcp dport {26966} dnat to ${cfg.hosts.beefcake.ip}
# iifname ${wan} tcp dport {25565} dnat to ${cfg.hosts.bald.ip}
# iifname ${wan} udp dport {25565} dnat to ${cfg.hosts.bald.ip}
# iifname ${wan} udp dport {34197} dnat to ${cfg.hosts.beefcake.ip}
#
mkNatRule =
protocol: ports: address:
''iifname ${wan} ${protocol} dport {${concatStringsSep ", " (map toString (toList ports))}} dnat to ${address}'';
natPorts = flatten (
mapAttrsToList (
hostname:
{
ip,
nat ? { },
...
}:
mapAttrsToList (protocol: rules: mkNatRule protocol (mapAttrsToList (_: ports: ports)) ip) nat
) cfg.hosts
);
in
{
enable = true;
checkRuleset = true;
flushRuleset = true;
/*
set LANv4 {
type ipv4_addr
flags interval
elements = { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 }
}
set LANv6 {
type ipv6_addr
flags interval
elements = { fd00::/8, fe80::/10 }
}
TODO: maybe tailnet?
chain my_input_lan {
udp sport 1900 udp dport >= 1024 meta pkttype unicast limit rate 4/second burst 20 packets accept comment "Accept UPnP IGD port mapping reply"
udp sport netbios-ns udp dport >= 1024 meta pkttype unicast accept comment "Accept Samba Workgroup browsing replies"
}
chain forward {
type filter hook forward priority filter; policy drop;
iifname { "${lan}" } oifname { "${wan}" } accept comment "Allow trusted LAN to WAN"
iifname { "tailscale0" } oifname { "${wan}" } accept comment "Allow trusted LAN to WAN"
iifname { "${wan}" } oifname { "${lan}" } ct state { established, related } accept comment "Allow established back to LAN"
}
*/
ruleset = ''
table inet filter {
chain input {
type filter hook input priority 0; policy drop;
iif lo accept comment "Accept any localhost traffic"
ct state invalid drop comment "Drop invalid connections"
ct state established,related accept comment "Accept traffic originated from us"
meta l4proto ipv6-icmp accept comment "Accept ICMPv6"
meta l4proto icmp accept comment "Accept ICMP"
ip protocol igmp accept comment "Accept IGMP"
ip6 nexthdr icmpv6 icmpv6 type nd-router-solicit accept
ip6 nexthdr icmpv6 icmpv6 type nd-router-advert accept comment "Accept IPv6 router advertisements"
udp dport dhcpv6-client accept comment "IPv6 DHCP"
ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } accept comment "Accept IPv6 ICMP and meta stuff"
ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } accept comment "Accept IPv4 ICMP and meta stuff"
ip protocol icmpv6 accept
ip protocol icmp accept
meta l4proto ipv6-icmp counter accept
udp dport dhcpv6-client counter accept
udp dport mdns ip6 daddr ff02::fb accept comment "Accept mDNS"
udp dport mdns ip daddr 224.0.0.251 accept comment "Accept mDNS"
${concatStringsSep "\n " acceptPorts}
iifname "${lan}" accept comment "Allow local network to access the router"
iifname "tailscale0" accept comment "Allow local network to access the router"
## ip6 saddr @LANv6 jump my_input_lan comment "Connections from private IP address ranges"
## ip saddr @LANv4 jump my_input_lan comment "Connections from private IP address ranges"
iifname "${wan}" counter drop comment "Drop all other unsolicited traffic from wan"
}
chain output {
type filter hook output priority 0;
accept
}
chain forward {
type filter hook forward priority 0;
accept
}
}
table ip nat {
chain prerouting {
type nat hook prerouting priority dstnat;
iifname ${lan} accept
iifname tailscale0 accept
iifname ${wan} tcp dport {22} dnat to ${cfg.hosts.beefcake.ip}
iifname ${wan} tcp dport {80, 443} dnat to ${cfg.hosts.beefcake.ip}
iifname ${wan} udp dport {80, 443} dnat to ${cfg.hosts.beefcake.ip}
iifname ${wan} tcp dport {26966} dnat to ${cfg.hosts.beefcake.ip}
iifname ${wan} tcp dport {25565} dnat to ${cfg.hosts.bald.ip}
iifname ${wan} udp dport {25565} dnat to ${cfg.hosts.bald.ip}
iifname ${wan} udp dport {34197} dnat to ${cfg.hosts.beefcake.ip}
}
chain postrouting {
type nat hook postrouting priority 100; policy accept;
oifname "${wan}" masquerade
}
}
'';
};
};
systemd.network = {
enable = true;
# wait-online.anyInterface = true;
# configure known names for the network interfaces by their mac addresses
links = {
"20-${wan}" = {
enable = true;
matchConfig = {
MACAddress = cfg.interfaces.wan.mac;
};
linkConfig = {
Name = cfg.interfaces.wan.name;
};
};
"30-${lan}" = {
enable = true;
matchConfig = {
MACAddress = cfg.interfaces.lan.mac;
};
linkConfig = {
Name = cfg.interfaces.lan.name;
};
};
};
# configure networks for the interfaces
networks = {
# LAN configuration is very simple and mostly forwarded between
# TODO: IPv6
"50-${lan}" = {
matchConfig.Name = "${lan}";
linkConfig = {
RequiredForOnline = "enslaved";
};
address = [
cidr
];
networkConfig = {
ConfigureWithoutCarrier = true;
IPv6SendRA = true;
DHCPPrefixDelegation = true;
};
};
/*
WAN configuration requires DHCP to get addresses
we also disable some options to be certain we retain as much networking
control as we reasonably can, such as not letting the ISP determine our
hostname or DNS configuration
*/
# TODO: IPv6 (prefix delegation)
"40-${wan}" = {
matchConfig.Name = "${wan}";
networkConfig = {
DHCP = true;
/*
IPv6AcceptRA = true;
IPv6PrivacyExtensions = true;
IPForward = true;
*/
};
dhcpV6Config = {
/*
ForceDHCPv6PDOtherInformation = true;
UseHostname = false;
UseDNS = false;
UseNTP = false;
*/
# PrefixDelegationHint = "::/56";
};
dhcpV4Config = {
Hostname = cfg.hostname;
# ignore many things our ISP may suggest
UseHostname = false;
UseDNS = false;
UseNTP = false;
UseSIP = false;
UseRoutes = false;
UseGateway = true;
};
linkConfig = {
RequiredForOnline = "routable";
# Name = interfaces.wan.name;
};
ipv6AcceptRAConfig = {
DHCPv6Client = "always";
UseDNS = false;
};
};
};
};
services.resolved.enable = false;
services.fail2ban.enable = true;
services.dnsmasq = {
enable = true;
settings = {
listen-address = "::,127.0.0.1,${cfg.ipv4.address}";
port = 53;
/*
dhcp-authoritative = true;
dnssec = true;
*/
enable-ra = true;
server = [
"1.1.1.1"
"9.9.9.9"
"8.8.8.8"
];
domain-needed = true;
bogus-priv = true;
no-resolv = true;
cache-size = "10000";
dhcp-range = with cfg.ipv4.dhcp-lease-space; [
"${lan},${min},${max},${cfg.ipv4.netmask},24h"
"::,constructor:${lan},ra-stateless,ra-names,4h"
];
except-interface = wan;
interface = lan;
dhcp-host =
[
]
++ (mapAttrsToList (
name:
{
ip,
identifier ? name,
time ? "12h",
...
}:
"${name},${ip},${identifier},${time}"
) cfg.hosts);
address =
[
"/${cfg.hostname}.${cfg.domain}/${cfg.ipv4.address}"
]
++ (flatten (
mapAttrsToList (
name:
{
ip,
additionalHosts ? [ ],
# identifier ? name,
# time ? "12h",
...
}:
[
"/${name}.${cfg.domain}/${ip}"
(lib.lists.forEach additionalHosts (h: "/${h}/${ip}"))
]
) cfg.hosts
));
# local domains
local = "/lan/";
domain = "lan";
expand-hosts = true;
# don't use /etc/hosts as this would advertise surfer as localhost
no-hosts = true;
};
};
}
);
# NOTE: see flake.nix 'nnf.nixosModules.default'
/*
nftables.firewall = let
me = config.networking.nftables.firewall.localZoneName;
in {
enable = true;
snippets.nnf-common.enable = true;
zones = {
${interfaces.wan.name} = {
interfaces = [interfaces.wan.name interfaces.lan.name];
};
${interfaces.lan.name} = {
parent = interfaces.wan.name;
ipv4Addresses = [cidr];
};
## banned = {
## ingressExpression = [
## "ip saddr @banlist"
## "ip6 saddr @banlist6"
## ];
## egressExpression = [
## "ip daddr @banlist"
## "ip6 daddr @banlist6"
## ];
## };
};
rules = {
dhcp = {
from = "all";
to = [hosts.beefcake.ip];
allowedTCPPorts = [67];
allowedUDPPorts = [67];
};
http = {
from = "all";
to = [me];
allowedTCPPorts = [80 443];
};
router-ssh = {
from = "all";
to = [me];
allowedTCPPorts = [2201];
};
server-ssh = {
from = "all";
to = [hosts.beefcake.ip];
allowedTCPPorts = [22];
};
};
};
*/
/*
dnsmasq serves as our DHCP and DNS server
almost all the configuration should be derived from the values at the top of
this file
*/
/*
since the home network reserves port 22 for ssh to the big server and to
gitea, the router uses port 2201 for ssh
*/
/*
NOTE: everything from here on is deprecated or old stuff
TODO: may not be strictly necessary for IPv6?
TODO: also may not even be the best implementation?
services.radvd = {
enable = false;
## NOTE: this config is just the default arch linux config I think and may
## need tweaking? this is what I had on the arch linux router, though :shrug:
config = ''
interface lo
{
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
AdvDefaultPreference low;
AdvHomeAgentFlag off;
prefix 2001:db8:1:0::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
};
prefix 0:0:0:1234::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
Base6to4Interface ppp0;
AdvPreferredLifetime 120;
AdvValidLifetime 300;
};
route 2001:db0:fff::/48
{
AdvRoutePreference high;
AdvRouteLifetime 3600;
};
RDNSS 2001:db8::1 2001:db8::2
{
AdvRDNSSLifetime 30;
};
DNSSL branch.example.com example.com
{
AdvDNSSLLifetime 30;
};
};
'';
};
TODO: old config, should be deleted ASAP
services.dnsmasq = {
enable = false;
settings = {
# server endpoints
listen-address = "::1,127.0.0.1,${ip}";
port = "53";
# DNS cache entries
cache-size = "10000";
# local domain entries
local = "/lan/";
domain = "lan";
expand-hosts = true;
dhcp-authoritative = true;
conf-file = "/usr/share/dnsmasq/trust-anchors.conf";
dnssec = true;
except-interface = "${wan_if}";
interface = "${lan_if}";
enable-ra = true;
# dhcp-option = "121,${cidr},${ip}";
dhcp-range = [
"lan,${dhcp_lease_space.min},${dhcp_lease_space.max},${netmask},10m"
"tag:${lan_if},::1,constructor:${lan_if},ra-names,12h"
];
dhcp-host = [
"${hosts.dragon.host},${hosts.dragon.ip},12h"
"${hosts.beefcake.host},${hosts.beefcake.ip},12h"
];
# may need to go in /etc/hosts (networking.extraHosts), too?
address = [
"/video.lyte.dev/192.168.0.9"
"/git.lyte.dev/192.168.0.9"
"/bw.lyte.dev/192.168.0.9"
"/files.lyte.dev/192.168.0.9"
"/vpn.h.lyte.dev/192.168.0.9"
"/.h.lyte.dev/192.168.0.9"
];
server = [
"${ip}"
"8.8.8.8"
"8.8.4.4"
"1.1.1.1"
"1.0.0.1"
];
};
};
TODO: old config, should be deleted ASAP
nftables = {
enable = false;
flushRuleset = true;
tables = {
filter = {
family = "inet";
content = ''
chain input {
# type filter hook input priority filter; policy accept;
type filter hook input priority 0;
# anything from loopback interface
iifname "lo" accept
# accept traffic we originated
ct state { established, related } counter accept
ct state invalid counter drop
# ICMP
ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } counter accept
ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } counter accept
ip protocol icmpv6 counter accept
ip protocol icmp counter accept
meta l4proto ipv6-icmp counter accept
udp dport dhcpv6-client counter accept
tcp dport { 64022, 22, 53, 67, 25565 } counter accept
udp dport { 64020, 22, 53, 67 } counter accept
## iifname "iot" ip saddr $iot-ip tcp dport { llmnr } counter accept
## iifname "iot" ip saddr $iot-ip udp dport { mdns, llmnr } counter accept
iifname "${lan_if}" tcp dport { llmnr } counter accept
iifname "${lan_if}" udp dport { mdns, llmnr } counter accept
counter drop
}
# allow all outgoing
chain output {
type filter hook output priority 0;
accept
}
chain forward {
type filter hook forward priority 0;
accept
}
'';
};
nat = {
family = "ip";
content = ''
set masq_saddr {
type ipv4_addr
flags interval
elements = { ${cidr} }
}
map map_port_ipport {
type inet_proto . inet_service : ipv4_addr . inet_service
}
chain prerouting {
iifname ${lan_if} accept
type nat hook prerouting priority dstnat + 1; policy accept;
fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
iifname ${wan_if} tcp dport { 22, 80, 443, 25565, 64022 } dnat to ${hosts.beefcake.ip}
iifname ${wan_if} udp dport { 64020 } dnat to ${hosts.beefcake.ip}
## iifname ${wan_if} tcp dport { 25565 } dnat to 192.168.0.244
## iifname ${wan_if} udp dport { 25565 } dnat to 192.168.0.244
## router
iifname ${wan_if} tcp dport { 2201 } dnat to ${ip}
}
chain output {
type nat hook output priority -99; policy accept;
ip daddr != 127.0.0.0/8 oif "lo" dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
}
chain postrouting {
type nat hook postrouting priority srcnat + 1; policy accept;
oifname ${lan_if} masquerade
ip saddr @masq_saddr masquerade
}
'';
};
};
};
TODO: also want to try to avoid using dhcpcd for IPv6 since systemd-networkd
should be sufficient?
dhcpcd = {
enable = false;
extraConfig = ''
duid
## No way.... https://github.com/NetworkConfiguration/dhcpcd/issues/36#issuecomment-954777644
## issues caused by guests with oneplus devices
noarp
persistent
vendorclassid
option domain_name_servers, domain_name, domain_search
option classless_static_routes
option interface_mtu
option host_name
#option ntp_servers
require dhcp_server_identifier
slaac private
noipv4ll
noipv6rs
static domain_name_servers=${ip}
interface ${wan_if}
gateway
ipv6rs
iaid 1
## option rapid_commit
## ia_na 1
ia_pd 1 ${lan_if}
interface ${lan_if}
static ip_address=${cidr}
static routers=${ip}
static domain_name_servers=${ip}
'';
};
*/
}

76
lib/modules/nixos/shell-config.nix
View file

@ -1,76 +0,0 @@
{
lib,
pkgs,
config,
...
}:
let
cfg = config.lyte.shell;
in
{
options = {
lyte = {
shell = {
enable = lib.mkEnableOption "Enable my default shell configuration and applications";
};
};
};
config = lib.mkIf cfg.enable {
programs.nix-index.enable = true;
programs.command-not-found.enable = false;
users = {
defaultUserShell = pkgs.fish;
};
programs = {
fish.enable = true;
traceroute.enable = true;
git = {
enable = true;
package = pkgs.gitFull;
lfs.enable = true;
};
};
environment = {
variables = {
EDITOR = "hx";
SYSTEMD_EDITOR = "hx";
VISUAL = "hx";
PAGER = "bat --style=plain";
MANPAGER = "bat --style=plain";
};
systemPackages = with pkgs; [
aria2
bat
bottom
btop
comma
curl
dnsutils
dogdns
dua
eza
fd
file
helix
hexyl
htop
iftop
inetutils
iputils
killall
nettools
nmap
pciutils
unixtools.xxd
ripgrep
rsync
sd
usbutils
xh
zellij
];
};
};
}

10
lib/modules/nixos/steam.nix
View file

@ -1,10 +0,0 @@
{
config,
lib,
pkgs,
options,
...
}:
{
config = lib.mkIf config.programs.steam.enable { };
}

10
lib/modules/nixos/virtual-machines.nix
View file

@ -1,10 +0,0 @@
{
lib,
config,
...
}:
{
config = lib.mkIf config.virtualisation.libvirtd.enable {
users.users.daniel.extraGroups = [ "libvirtd" ];
};
}

47
lib/modules/nixos/wifi.nix
View file

@ -1,47 +0,0 @@
{
lib,
config,
...
}:
let
inherit (lib) mkDefault;
cfg = config.networking.wifi;
in
{
options = {
networking.wifi.enable = lib.mkEnableOption "Enable wifi via NetworkManager";
};
config = lib.mkIf cfg.enable {
networking.networkmanager = {
enable = true;
# ensureProfiles = {
# profiles = {
# home-wifi = {
# id="home-wifi";
# permissions = "";
# type = "wifi";
# };
# wifi = {
# ssid = "";
# };
# wifi-security = {
# # auth-alg = "";
# # key-mgmt = "";
# psk = "";
# };
# };
# };
};
systemd.services.NetworkManager-wait-online.enable = mkDefault false;
/*
TODO: networking.networkmanager.wifi.backend = "iwd"; ?
TODO: powersave?
TODO: can I pre-configure my usual wifi networks with SSIDs and PSKs loaded from secrets?
*/
hardware.wirelessRegulatoryDatabase = true;
boot.extraModprobeConfig = ''
options cfg80211 ieee80211_regdom="US"
'';
};
}

60
lib/overlays/default.nix
View file

@ -1,60 +0,0 @@
{
nixpkgs,
nixpkgs-unstable,
...
}@inputs:
rec {
default = final: _prev: {
overlays = [
additions
modifications
unstable-packages
stable-packages
];
};
forSelf = default;
additions = final: prev: (import ../../packages { pkgs = prev; });
modifications =
final: prev:
let
inherit (inputs) helix ghostty colmena;
in
{
ghostty = ghostty.outputs.packages.${prev.system}.default;
helix = helix.outputs.packages.${prev.system}.default;
colmena = colmena.outputs.packages.${prev.system}.colmena;
bitwarden = prev.bitwarden.overrideAttrs (old: {
preBuild = ''
${old.preBuild}
pushd apps/desktop/desktop_native/proxy
cargo build --bin desktop_proxy --release
popd
'';
postInstall = ''
mkdir -p $out/bin
cp -r apps/desktop/desktop_native/target/release/desktop_proxy $out/bin
mkdir -p $out/lib/mozilla/native-messaging-hosts
substituteAll ${../../packages/bitwarden.json} $out/lib/mozilla/native-messaging-hosts/com.8bit.bitwarden.json
'';
});
};
unstable-packages = final: _prev: {
unstable-packages = import nixpkgs-unstable {
system = final.system;
config.allowUnfree = true;
};
};
stable-packages = final: _prev: {
stable-packages = import nixpkgs {
system = final.system;
config.allowUnfree = true;
};
};
}

1
lib/templates/.gitignore vendored
View file

@ -1 +0,0 @@
flake.lock

30
lib/templates/default.nix
View file

@ -1,30 +0,0 @@
{
rust = {
path = ./rust;
description = "A template for working on a Rust project";
};
nix-flake = {
path = ./nix-flake;
description = "A template for working on a Nix flake";
};
deno = {
path = ./deno;
description = "A template for working on a TypeScript and Deno project";
};
elixir = {
path = ./elixir;
description = "A template for working on an Elixir project";
};
godot = {
path = ./godot;
description = "A template for working on a Godot game or project";
};
nim = {
path = ./nim;
description = "A template for working on a Nim project";
};
gleam = {
path = ./gleam;
description = "A template for working on a Gleam project";
};
}

5
lib/templates/deno/.gitignore vendored
View file

@ -1,5 +0,0 @@
# nix build results
/result
# direnv cache
/.direnv

10
lib/templates/deno/deno.json
View file

@ -1,10 +0,0 @@
{
"tasks": {
"dev": "deno run -A --watch=src,mod.ts mod.ts"
},
"fmt": {
"useTabs": true,
"semiColons": false,
"singleQuote": true
}
}

41
lib/templates/deno/flake.nix
View file

@ -1,41 +0,0 @@
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
outputs =
{
self,
nixpkgs,
}:
let
inherit (self) outputs;
supportedSystems = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forEachSupportedSystem = nixpkgs.lib.genAttrs supportedSystems;
in
{
devShells = forEachSupportedSystem (
system:
let
pkgs = import nixpkgs { inherit system; };
in
{
deno-dev = pkgs.mkShell {
buildInputs = with pkgs; [
vscode-langservers-extracted
deno
curl
xh
sqlite
];
};
default = outputs.devShells.${system}.deno-dev;
}
);
};
}

25
lib/templates/elixir/.gitignore vendored
View file

@ -1,25 +0,0 @@
# secret files
*.secret.*
# build output
/_build
# elixir dependencies
/deps
# crash dumps
erl_crash.dump
# sqlite databases
*.db
*.db-shm
*.db-wal
# nix build output
/result
# direnv cache
/.direnv
# nix-generated pre commit hooks
.pre-commit-config.yaml

19
lib/templates/elixir/flake.nix
View file

@ -1,19 +0,0 @@
{
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
git-hooks.url = "github:cachix/git-hooks.nix";
git-hooks.inputs.nixpkgs.follows = "nixpkgs";
};
outputs =
inputs:
let
inherit (import nix/boilerplate.nix inputs) call;
in
{
overlays = import nix/overlays.nix;
packages = call (import nix/packages.nix);
checks = call (import nix/checks.nix);
devShells = call (import nix/shells.nix);
};
}

21
lib/templates/elixir/nix/boilerplate.nix
View file

@ -1,21 +0,0 @@
inputs@{
nixpkgs,
self,
...
}:
let
forSelfOverlay =
if builtins.hasAttr "forSelf" self.overlays then self.overlays.forSelf else (_: p: p);
in
rec {
systems = [
"aarch64-linux"
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: ((import nixpkgs { inherit system; }).extend forSelfOverlay);
genPkgs = func: (forSystems (system: func (pkgsFor system)));
call = imported: genPkgs (pkgs: imported (inputs // { inherit pkgs; }));
}

33
lib/templates/elixir/nix/checks.nix
View file

@ -1,33 +0,0 @@
{
git-hooks,
pkgs,
...
}:
let
hook =
{
command,
stages ? [ "pre-commit" ],
...
}:
{
inherit stages;
enable = true;
name = command;
entry = command;
pass_filenames = false;
};
in
{
git-hooks = git-hooks.lib.${pkgs.system}.run {
src = ./..;
hooks = {
alejandra.enable = true;
convco.enable = true;
credo = hook { command = "mix credo --strict"; };
formatting = hook { command = "mix format --check-formatted"; };
dialyzer = hook { command = "mix dialyzer"; };
test = hook { command = "mix test"; };
};
};
}

9
lib/templates/elixir/nix/overlays.nix
View file

@ -1,9 +0,0 @@
{
forSelf = final: prev: {
erlang = prev.beam.packagesWith prev.beam.interpreters.erlang_27;
elixir = final.erlang.elixir_1_17;
mixRelease = final.erlang.mixRelease.override { elixir = final.elixir; };
fetchMixDeps = final.erlang.fetchMixDeps.override { elixir = final.elixir; };
elixir-ls = prev.elixir-ls.override { elixir = final.elixir; };
};
}

27
lib/templates/elixir/nix/packages.nix
View file

@ -1,27 +0,0 @@
{
pkgs,
self,
...
}:
let
version = "1.0.0";
src = ../.;
pname = "my-package";
in
{
${pname} = pkgs.mixRelease {
inherit pname version src;
mixFodDeps = pkgs.fetchMixDeps {
inherit version src;
pname = "mix-deps-${pname}";
sha256 = pkgs.lib.fakeSha256;
};
LANG = "C.UTF-8";
# buildInputs = with pkgs; [];
# HOME = "$(pwd)";
# MIX_XDG = "$HOME";
# RELEASE_COOKIE = "test-cookie";
};
default = self.packages.${pkgs.system}.${pname};
}

21
lib/templates/elixir/nix/shells.nix
View file

@ -1,21 +0,0 @@
{
pkgs,
self,
...
}:
{
elixir-dev = pkgs.mkShell {
shellHook = ''
${self.checks.${pkgs.system}.git-hooks.shellHook}
export LOCALE_ARCHIVE=/usr/lib/locale/locale-archive
'';
# inputsFrom = [self.packages.${pkgs.system}.my-package];
buildInputs = with pkgs; [
elixir
elixir-ls
inotify-tools
];
MIX_ENV = "dev";
};
default = self.outputs.devShells.${pkgs.system}.elixir-dev;
}

1
lib/templates/gleam/.envrc
View file

@ -1 +0,0 @@
use flake

13
lib/templates/gleam/.gitignore.flake
View file

@ -1,13 +0,0 @@
# secret files
*.secret.*
# sqlite databases
*.db
*.db-shm
*.db-wal
# nix build output
/result
# direnv cache
/.direnv

35
lib/templates/gleam/flake.nix
View file

@ -1,35 +0,0 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
outputs =
{
self,
nixpkgs,
...
}:
let
systems = [
"aarch64-linux"
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: (import nixpkgs { inherit system; }).extend self.outputs.overlays.default;
genPkgs = func: (forSystems (system: func (pkgsFor system)));
in
{
overlays.default = final: prev: {
erlangPackages = prev.beam.packagesWith prev.erlang_27;
erlang = final.erlangPackages.erlang;
};
devShells = genPkgs (pkgs: {
default = pkgs.mkShell {
buildInputs = with pkgs; [
erlang
gleam
rebar3
];
};
});
};
}

1
lib/templates/godot/.envrc
View file

@ -1 +0,0 @@
use flake

17
lib/templates/godot/.gitignore vendored
View file

@ -1,17 +0,0 @@
/.direnv
/result
build/
# Godot-specific ignores
/.godot/
.import/
export.cfg
# export_presets.cfg
# Imported translations (automatically generated from CSV files)
*.translation
# Mono-specific ignores
.mono/
data_*/

7
lib/templates/godot/.helix/languages.toml
View file

@ -1,7 +0,0 @@
[language-server.godot]
command = "nc"
args = ["127.0.0.1", "6005"]
[[language]]
name = "gdscript"
language-servers = ["godot"]

42
lib/templates/godot/flake.nix
View file

@ -1,42 +0,0 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
outputs =
{
self,
nixpkgs,
...
}:
let
inherit (self) outputs;
supportedSystems = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
in
{
devShells = forAllSystems (
system:
let
pkgs = import nixpkgs { inherit system; };
in
{
default = outputs.devShells.${system}.godot;
godot = pkgs.mkShell {
buildInputs = with pkgs; [
godot_4
gdtoolkit
];
shellHook = ''
echo -e "\e[0;30m\e[43m Use 'godot4 -e' to run the editor for this project. \e[0;30m\e[0m"
'';
};
}
);
};
}

1
lib/templates/nim/.envrc
View file

@ -1 +0,0 @@
use flake

38
lib/templates/nim/flake.nix
View file

@ -1,38 +0,0 @@
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
outputs =
{
self,
nixpkgs,
}:
let
inherit (self) outputs;
supportedSystems = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forEachSupportedSystem = nixpkgs.lib.genAttrs supportedSystems;
in
{
devShells = forEachSupportedSystem (
system:
let
pkgs = import nixpkgs { inherit system; };
in
{
nim-dev = pkgs.mkShell {
buildInputs = with pkgs; [
nim
nimble
nimlangserver
];
};
default = outputs.devShells.${system}.nim-dev;
}
);
};
}

1
lib/templates/nix-flake/.envrc
View file

@ -1 +0,0 @@
use flake

8
lib/templates/nix-flake/.gitignore vendored
View file

@ -1,8 +0,0 @@
# ignore `nix build` output
/result
# ignore direnv cache stuff
/.direnv
# ignore pre-commit hooks as installed by direnv
/.pre-commit-config.yaml

9
lib/templates/nix-flake/.helix/languages.toml
View file

@ -1,9 +0,0 @@
[[language]]
auto-format = true
file-types = ["nix"]
name = "nix"
scope = "source.nix"
[language.formatter]
args = ["-"]
command = "nixfmt"

59
lib/templates/nix-flake/flake.nix
View file

@ -1,59 +0,0 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
inputs.pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";
inputs.pre-commit-hooks.inputs.nixpkgs.follows = "nixpkgs";
outputs =
{
self,
nixpkgs,
pre-commit-hooks,
...
}:
let
systems = [
"aarch64-linux"
"aarch64-darwin"
"x86_64-darwin"
"x86_64-linux"
];
forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: (import nixpkgs { inherit system; });
genPkgs = func: (forSystems (system: func (pkgsFor system)));
in
{
formatter = genPkgs (pkgs: pkgs.nixfmt-rfc-style);
checks = genPkgs (pkgs: {
pre-commit-check = pre-commit-hooks.lib.${pkgs.system}.run {
src = ./.;
hooks = {
nixfmt-rfc-style.enable = true;
};
};
});
devShells = genPkgs (pkgs: {
nix = pkgs.mkShell {
packages = with pkgs; [
nixd
nixfmt-rfc-style
];
inherit (self.outputs.checks.${pkgs.system}.pre-commit-check) shellHook;
};
default = self.outputs.devShells.${pkgs.system}.nix;
});
/*
packages = genPkgs (pkgs: import ./pkgs {inherit pkgs;});
overlays = import ./overlays self;
nixosModules = import ./modules/nixos;
homeManagerModules = import ./modules/home-manager;
nixosConfigurations = import ./nixos;
homeConfigurations = import ./home
templates = import ./templates;
*/
};
}

1
lib/templates/rust/.envrc
View file

@ -1 +0,0 @@
use flake

4
lib/templates/rust/.gitignore vendored
View file

@ -1,4 +0,0 @@
/target
/result
/.direnv
/.pre-commit-config.yaml

17
lib/templates/rust/flake.nix
View file

@ -1,17 +0,0 @@
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
inputs.git-hooks.url = "github:cachix/git-hooks.nix";
inputs.git-hooks.inputs.nixpkgs.follows = "nixpkgs";
outputs =
inputs:
let
inherit (import nix/boilerplate.nix inputs) call genPkgs;
in
{
# overlays = import nix/overlays.nix;
checks = call (import nix/checks.nix);
packages = call (import nix/packages.nix);
devShells = call (import nix/shells.nix);
formatter = genPkgs (p: p.alejandra);
};
}

24
lib/templates/rust/nix/boilerplate.nix
View file

@ -1,24 +0,0 @@
inputs@{
nixpkgs,
self,
...
}:
let
forSelfOverlay =
if builtins.hasAttr "overlays" self && builtins.hasAttr "forSelf" self.overlays then
self.overlays.forSelf
else
(_: p: p);
in
rec {
systems = [
"aarch64-linux"
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
forSystems = nixpkgs.lib.genAttrs systems;
pkgsFor = system: ((import nixpkgs { inherit system; }).extend forSelfOverlay);
genPkgs = func: (forSystems (system: func (pkgsFor system)));
call = imported: genPkgs (pkgs: imported (inputs // { inherit pkgs; }));
}

26
lib/templates/rust/nix/checks.nix
View file

@ -1,26 +0,0 @@
{
pkgs,
git-hooks,
...
}:
{
git-hooks = git-hooks.lib.${pkgs.system}.run {
src = ./..;
hooks = {
alejandra.enable = true;
cargo-check.enable = true;
convco.enable = true;
cargo-test = {
enable = true;
name = "cargo-test";
entry = "cargo test";
# types = ["rust"];
# language = "rust";
pass_filenames = false;
stages = [ "pre-commit" ];
};
clippy.enable = true;
rustfmt.enable = true;
};
};
}

28
lib/templates/rust/nix/packages.nix
View file

@ -1,28 +0,0 @@
{ pkgs, ... }:
let
inherit (builtins) fromTOML readFile;
pname = "my-package";
src = ./..;
main-package = pkgs.rustPlatform.buildRustPackage {
inherit pname src;
version = (fromTOML (readFile "${src}/Cargo.toml")).package.version;
# or for workspaces: version = (fromTOML (readFile "${src}/${pname}/Cargo.toml")).package.version;
/*
nativeBuildInputs = with pkgs; [
pkg-config
clang
];
buildInputs = with pkgs; [
];
*/
cargoHash = pkgs.lib.fakeHash;
useFetchCargoVendor = true;
};
in
{
${pname} = main-package;
default = main-package;
}

23
lib/templates/rust/nix/shells.nix
View file

@ -1,23 +0,0 @@
{
self,
pkgs,
...
}:
let
inherit (pkgs) system;
in
{
default = pkgs.mkShell {
inherit (self.checks.${system}.git-hooks) shellHook;
inputsFrom = [ self.packages.${system}.default ];
packages = with pkgs; [
convco
rustPackages.clippy
typescript-language-server
rust-analyzer
rustfmt
nixd
lldb
];
};
}

5
modules/home-manager/base.nix Normal file
View file

@ -0,0 +1,5 @@
{outputs, ...}: {
imports = with outputs.homeManagerModules; [
sway
];
}

26
modules/home-manager/bat.nix Normal file
View file

@ -0,0 +1,26 @@
{
# pkgs,
# colors,
...
}: {
programs.bat = {
enable = true;
config = {
theme = "ansi";
};
# themes = {
# "Catppuccin-mocha" = builtins.readFile (pkgs.fetchFromGitHub
# {
# owner = "catppuccin";
# repo = "bat";
# rev = "477622171ec0529505b0ca3cada68fc9433648c6";
# sha256 = "6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=";
# }
# + "/Catppuccin-mocha.tmTheme");
# };
};
home.shellAliases = {
cat = "bat";
};
}

34
modules/home-manager/broot.nix Normal file
View file

@ -0,0 +1,34 @@
{colors, ...}: {
programs.broot = {
enable = true;
enableFishIntegration = true;
settings = {
modal = true; # vim mode?
verbs = [
{
invocation = "edit";
shortcut = "e";
execution = "$EDITOR {file}";
}
];
skin = with colors.withHashPrefix; {
status_normal_fg = fg;
status_normal_bg = bg;
status_error_fg = red;
status_error_bg = yellow;
tree_fg = red;
selected_line_bg = bg2;
permissions_fg = purple;
size_bar_full_bg = red;
size_bar_void_bg = bg;
directory_fg = yellow;
input_fg = blue;
flag_value_fg = yellow;
table_border_fg = red;
code_fg = yellow;
};
};
};
}

9
modules/home-manager/cargo.nix Normal file
View file

@ -0,0 +1,9 @@
{config, ...}: {
home.file."${config.xdg.configHome}/cargo/config.toml" = {
enable = true;
text = ''
[build]
rustdocflags = ["--default-theme=ayu"];
'';
};
}

96
modules/home-manager/common.nix Normal file
View file

@ -0,0 +1,96 @@
{
pkgs,
lib,
system,
inputs,
outputs,
...
}: {
# TODO: fonts? right now they are only handled at the nixos-level (desktop-usage module)
# TODO: wallpaper?
imports = with outputs.homeManagerModules; [
# nix-colors.homeManagerModules.default
fish
bat
helix
git
zellij
broot
nnn
htop
tmux
];
programs.home-manager.enable = true;
home = {
username = lib.mkDefault "lytedev";
homeDirectory = lib.mkDefault "/home/lytedev";
stateVersion = lib.mkDefault "23.11";
sessionVariables = {
EDITOR = "hx";
VISUAL = "hx";
PAGER = "less";
MANPAGER = "less";
};
packages = [
# tools I use when editing nix code
pkgs.nil
pkgs.alejandra
# common scripts
(pkgs.buildEnv {
name = "my-scripts-common";
paths = [./scripts/common];
})
];
};
# TODO: not common?
# programs.password-store = {
# enable = true;
# package = pkgs.pass.withExtensions (exts: [exts.pass-otp]);
# };
# programs.gitui = {
# enable = true;
# };
programs.direnv = {
enable = true;
nix-direnv.enable = true;
};
programs.eza = {
enable = true;
package = inputs.nixpkgs.legacyPackages.${system}.eza;
};
programs.skim = {
# https://github.com/lotabout/skim/issues/494
enable = false;
enableFishIntegration = true;
defaultOptions = ["--no-clear-start" "--color=16"];
};
programs.fzf = {
# using good ol' fzf until skim sucks less out of the box I guess
enable = true;
enableFishIntegration = true;
# defaultCommand = "fd --type f";
# defaultOptions = ["--height 40%"];
# fileWidgetOptions = ["--preview 'head {}'"];
};
# TODO: regular cron or something?
programs.nix-index = {
enable = true;
enableFishIntegration = true;
};
# maybe we can share somehow so things for nix-y systems and non-nix-y systems alike
# am I going to _have_ non-nix systems anymore?
}

38
modules/home-manager/default.nix Normal file
View file

@ -0,0 +1,38 @@
with builtins;
listToAttrs (map (name: {
name = name;
value = import ./${name}.nix;
}) [
"bat"
"broot"
"cargo"
"common"
"desktop"
"ewwbar"
"firefox"
"firefox-no-tabs"
"fish"
"git"
"gnome"
"helix"
"htop"
"hyprland"
"iex"
"kitty"
"linux"
"linux-desktop"
"macos"
"mako"
"melee"
"nnn"
"pass"
"senpai"
"sway"
"sway-laptop"
"swaylock"
"tmux"
"wallpaper-manager"
"waybar"
"wezterm"
"zellij"
])

10
modules/home-manager/desktop.nix Normal file
View file

@ -0,0 +1,10 @@
{
pkgs,
outputs,
...
}: {
imports = with outputs.homeManagerModules; [
kitty
wezterm
];
}

79
modules/home-manager/eww.nix Normal file
View file

@ -0,0 +1,79 @@
{
programs.eww = {
enable = true;
};
home.file.".config/eww/eww.yuck" = {
enable = true;
text = ''
(defwidget bar []
(centerbox :orientation "h"
(sidestuff)
(box)
(music)))
(defwindow bar
:monitor 0
:stacking "fg"
:exclusive true
:geometry
(geometry
:x "0%"
:y "0%"
:width "100%"
:height "31px"
:anchor "bottom center")
(bar))
(defwidget sidestuff []
(box :class "sidestuff" :orientation "h" :space-evenly false :halign "start" :spacing 20
time
; TODO: idle inhibitor?
; TODO: get these to align properly?
(box :class "mic" (
box :class {micMuted == "false" ? "live" : "muted"} {micMuted == "false" ? " " : " "}
) {micVolume + "%"}
)
(box :class "vol" (
box :class {muted == "false" ? "live" : "muted"} {muted == "false" ? "󰕾 " : "󰖁 "}
) {volume + "%"}
)
{" " + round(EWW_CPU["avg"], 0) + "%"}
{" " + round(EWW_RAM["used_mem_perc"], 0) + "%"}
{isDesktop == "true" ? "" : " " + brightness + "%"}
{isDesktop == "true" ? "" : "󱊣 " + EWW_BATTERY["BAT0"]["capacity"] + "%/" + EWW_BATTERY["BAT1"]["capacity"] + "%"}
))
(defwidget music []
(box :class "music"
:orientation "h"
:halign "end"
:space-evenly false
{music != "" ? "''${music}" : ""}))
(deflisten music :initial ""
"playerctl --follow metadata --format '{{ title }} by {{ artist }}' || true")
(deflisten volume :initial "0"
"pamixer --get-volume; pactl subscribe | grep sink --line-buffered | while read i; do pamixer --get-volume; done")
(deflisten muted :initial "false"
"pamixer --get-mute; pactl subscribe | grep sink --line-buffered | while read i; do pamixer --get-mute; done")
(deflisten micVolume :initial "0"
"pamixer --default-source --get-volume; pactl subscribe | grep source --line-buffered | while read i; do pamixer --default-source --get-volume; done")
(deflisten micMuted :initial "false"
"pamixer --default-source --get-mute; pactl subscribe | grep source --line-buffered | while read i; do pamixer --default-source --get-mute; done")
(defpoll time :interval "1s"
"date '+%a %b %d %H:%M:%S'")
(defpoll isDesktop :interval "24h"
"if [ -d \"$HOME/.config/lytedev-env/host-desktop\" ]; then echo true; else echo false; fi")
(defpoll brightness :interval "10s"
"echo $(((100 * $(brightnessctl get)) / $(brightnessctl max)))")
'';
};
}

84
modules/home-manager/eww/eww.scss Normal file
View file

@ -0,0 +1,84 @@
$base: #1e1e2e;
$mantle: #181825;
$crust: #11111b;
$text: #cdd6f4;
$subtext0: #a6adc8;
$subtext1: #bac2de;
$surface0: #313244;
$surface1: #45475a;
$surface2: #585b70;
$overlay0: #6c7086;
$overlay1: #7f849c;
$overlay2: #9399b2;
$blue: #89b4fa;
$lavender: #b4befe;
$sapphire: #74c7ec;
$sky: #89dceb;
$teal: #94e2d5;
$green: #a6e3a1;
$yellow: #f9e2af;
$peach: #fab387;
$maroon: #eba0ac;
$red: #f38ba8;
$mauve: #cba6f7;
$pink: #f5c2e7;
$flamingo: #f2cdcd;
$rosewater: #f5e0dc;
* {
all: unset;
}
.bar0,
.bar1,
.bar {
background-color: $base;
color: $text;
font-family: IosevkaLyteTerm;
font-size: 12.0pt;
}
.sidestuff slider {
color: #ffd5cd;
}
.metric {}
.metric label {
padding-right: 5px;
}
.metric scale {
/*background-color: #ff00ff;*/
}
.metric scale trough {
background-color: $surface1;
color: $mantle;
border-radius: 50px;
min-height: 5px;
min-width: 50px;
}
.metric scale trough highlight {
background-color: $flamingo;
color: $base;
border-radius: 10px;
}
.bar0>*,
.bar1>*,
.bar>* {
padding-left: 10px;
padding-right: 10px;
}
.vol .muted,
.mic .live {
color: #f38ba8;
}
.vol .live,
.mic .muted {
color: #74c7ec;
}

84
modules/home-manager/eww/eww.yuck Normal file
View file

@ -0,0 +1,84 @@
(defwidget bar []
(centerbox :orientation "h"
(sidestuff)
(box)
(music)))
(defwindow bar0
:monitor 0
:stacking "fg"
:exclusive true
:geometry
(geometry
:x "0%"
:y "0%"
:width "100%"
:height "31px"
:anchor "bottom center")
(bar))
(defwindow bar1
:monitor 1
:stacking "fg"
:exclusive true
:geometry
(geometry
:x "0%"
:y "0%"
:width "100%"
:height "31px"
:anchor "bottom center")
(bar))
(defwidget sidestuff []
(box :class "sidestuff" :orientation "h" :space-evenly false :halign "start" :spacing 20
time
; TODO: idle inhibitor?
; TODO: get these to align properly?
(box :class "mic" (
box :class {micMuted == "false" ? "live" : "muted"} {micMuted == "false" ? " " : " "}
) {micVolume + "%"}
)
(box :class "vol" (
box :class {muted == "false" ? "live" : "muted"} {muted == "false" ? "󰕾 " : "󰖁 "}
) {volume + "%"}
)
{" " + round(EWW_CPU["avg"], 0) + "%"}
{" " + round(EWW_RAM["used_mem_perc"], 0) + "%"}
{isDesktop == "true" ? "" : " " + brightness + "%"}
{isDesktop == "true" ? "" : "󱊣 " + EWW_BATTERY["BAT1"]["capacity"] + "%"}
))
(defwidget music []
(box :class "music"
:orientation "h"
:halign "end"
:space-evenly false
{music != "" ? "${music}" : ""}))
(deflisten music :initial ""
"playerctl --follow metadata --format '{{ title }} by {{ artist }}' || true")
(deflisten volume :initial "0"
"pamixer --get-volume; pactl subscribe | grep sink --line-buffered | while read i; do pamixer --get-volume; done")
(deflisten muted :initial "false"
"pamixer --get-mute; pactl subscribe | grep sink --line-buffered | while read i; do pamixer --get-mute; done")
(deflisten micVolume :initial "0"
"pamixer --default-source --get-volume; pactl subscribe | grep source --line-buffered | while read i; do pamixer --default-source --get-volume; done")
(deflisten micMuted :initial "false"
"pamixer --default-source --get-mute; pactl subscribe | grep source --line-buffered | while read i; do pamixer --default-source --get-mute; done")
(defpoll time :interval "1s"
"date '+%a %b %d %H:%M:%S'")
(defpoll isDesktop :interval "24h"
"if [ -d \"$HOME/.config/lytedev-env/host-desktop\" ]; then echo true; else echo false; fi")
(defpoll brightness :interval "10s"
"echo $(((100 * $(brightnessctl get)) / $(brightnessctl max)))")
(defpoll monitor :interval "60s"
"echo $EWW_BAR_MON")

7
modules/home-manager/ewwbar.nix Normal file
View file

@ -0,0 +1,7 @@
{pkgs, ...}: {
programs.eww = {
enable = true;
package = pkgs.eww-wayland;
configDir = ./eww;
};
}

22
modules/home-manager/firefox-no-tabs.nix Normal file
View file

@ -0,0 +1,22 @@
{...}: {
programs.firefox = {
profiles = {
daniel = {
userChrome = ''
#TabsToolbar {
visibility: collapse;
}
#main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar>.toolbar-items {
opacity: 0;
pointer-events: none;
}
#main-window:not([tabsintitlebar="true"]) #TabsToolbar {
visibility: collapse !important;
}
'';
};
};
};
}

40
modules/home-manager/firefox.nix Normal file
View file

@ -0,0 +1,40 @@
{pkgs, ...}: {
programs.firefox = {
# TODO: this should be able to work on macos, no?
# TODO: enable dark theme by default
enable = true;
# TODO: uses nixpkgs.pass so pass otp doesn't work
package = pkgs.firefox.override {nativeMessagingHosts = [pkgs.passff-host];};
# extensions = with pkgs.nur.repos.rycee.firefox-addons; [
# ublock-origin
# ]; # TODO: would be nice to have _all_ my firefox stuff managed here instead of Firefox Sync maybe?
profiles = {
daniel = {
id = 0;
settings = {
"general.smoothScroll" = true;
"browser.zoom.siteSpecific" = false;
};
extraConfig = ''
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
// user_pref("full-screen-api.ignore-widgets", true);
user_pref("media.ffmpeg.vaapi.enabled", true);
user_pref("media.rdd-vpx.enabled", true);
'';
userChrome = ''
#webrtcIndicator {
display: none;
}
'';
# userContent = ''
# '';
};
};
};
}

84
modules/home-manager/fish.nix Normal file
View file

@ -0,0 +1,84 @@
{pkgs, ...}: {
home = {
packages = [
pkgs.gawk # used in prompt
];
};
programs.fish = {
enable = true;
# I load long scripts from files for a better editing experience
shellInit = builtins.readFile ./fish/shellInit.fish;
interactiveShellInit = builtins.readFile ./fish/interactiveShellInit.fish;
loginShellInit = "";
functions = {
# TODO: I think these should be loaded from fish files too for better editor experience?
d = ''
# --wraps=cd --description "Quickly jump to NICE_HOME (or given relative or absolute path) and list files."
if count $argv > /dev/null
cd $argv
else
cd $NICE_HOME
end
la
'';
c = ''
if count $argv > /dev/null
cd $NICE_HOME && d $argv
else
d $NICE_HOME
end
'';
ltl = ''
set d $argv[1] .
set -l l ""
for f in $d[1]/*
if test -z $l; set l $f; continue; end
if command test $f -nt $l; and test ! -d $f
set l $f
end
end
echo $l
'';
has_command = "command --quiet --search $argv[1]";
};
shellAbbrs = {};
shellAliases = {
l = "br";
ls = "eza --group-directories-first --classify";
la = "eza -la --group-directories-first --classify";
lA = "eza -la --all --group-directories-first --classify";
tree = "eza --tree --level=3";
lt = "eza -l --sort=modified";
lat = "eza -la --sort=modified";
lc = "lt --sort=accessed";
lT = "lt --reverse";
lC = "lc --reverse";
lD = "la --only-dirs";
"cd.." = "d ..";
"cdc" = "d $XDG_CONFIG_HOME";
"cdn" = "d $NOTES_PATH";
"cdl" = "d $XDG_DOWNLOAD_DIR";
"cdg" = "d $XDG_GAMES_DIR";
".." = "d ..";
"..." = "d ../..";
"...." = "d ../../..";
"....." = "d ../../../..";
"......" = "d ../../../../..";
"......." = "d ../../../../../..";
"........" = "d ../../../../../../..";
"........." = "d ../../../../../../../..";
p = "ping";
dc = "docker compose";
pc = "podman-compose";
k = "kubectl";
kg = "kubectl get";
v = "$EDITOR";
sv = "sudo $EDITOR";
kssh = "kitty +kitten ssh";
};
};
}

169
modules/home-manager/fish/interactiveShellInit.fish Normal file
View file

@ -0,0 +1,169 @@
# prompt
function get_hostname
if test (uname) = Linux || test (uname) = Darwin
has_command hostname && hostname | cut -d. -f1 || cat /etc/hostname
else
# assume bsd
hostname | head -n 1 | cut -d. -f1
end
end
function fish_greeting
_prompt_prefix
printf "%s\n" (date)
end
function preprocess_pwd
test (pwd) = / && echo "/" && return 1
test (pwd) = $NICE_HOME && echo "~" && return 0
pwd \
| cut -c2- \
| gawk '{n=split($0,p,"/");for(i=1;i<=n;i++){if(i==n){printf "/%s",p[i]}else{printf "/%.3s",p[i]}}}'
end
function _maybe_sudo_prefix
if set -q SUDO_USER
set_color -b yellow black
printf " SUDO "
set_color -b normal normal
printf " "
end
end
function _maybe_aws_profile
if set -q AWS_PROFILE && test $AWS_PROFILE = prd
printf " "
set_color -b yellow black
printf " AWS_PROFILE=prd "
set_color -b normal normal
end
end
function _user_and_host
if test $argv[1] -eq 0
set_color -b normal blue
else
set_color -b normal red
end
printf "%s@%s" $USER (get_hostname)
end
function _cur_work_dir
set_color -b normal magenta
printf " %s" (preprocess_pwd)
end
function _last_cmd_duration
set_color -b normal green
set -q CMD_DURATION && printf " %dms" $CMD_DURATION
end
function _maybe_jobs_summary
if jobs -q
set_color -b normal cyan
printf " &%d" (jobs -p | wc -l)
end
end
function _user_prompt
printf "\n"
set_color brblack
if test (id -u) -eq 0
printf '# '
else
printf '$ '
end
set_color -b normal normal
end
function _maybe_git_summary
set_color -b normal yellow
set cur_sha (git rev-parse --short HEAD 2>/dev/null)
if test $status = 0
set num_changes (git status --porcelain | wc -l | string trim)
if test $num_changes = 0
set num_changes "✔"
else
set num_changes "+$num_changes"
end
printf " %s %s %s" (git branch --show-current) $cur_sha $num_changes
end
end
function _prompt_marker
# printf "%b133;A%b" "\x1b\x5d" "\x1b\x5c"
end
function _prompt_continuation_marker
# printf "%b133;A;k=s%b" "\x1b\x5d" "\x1b\x5c"
end
function cmd_marker --on-variable _
# printf "%b133;C%b" "\x1b\x5d" "\x1b\x5c"
end
function _prompt_prefix
set_color -b normal brblack
printf "# "
end
function fish_prompt
set last_cmd_status $status
_prompt_marker
_prompt_prefix
_maybe_sudo_prefix
_user_and_host $last_cmd_status
_cur_work_dir
_maybe_git_summary
_maybe_aws_profile
_last_cmd_duration
_maybe_jobs_summary
_user_prompt
end
function fish_mode_prompt; end
function fish_right_prompt; end
# key bindings
fish_vi_key_bindings
set --universal fish_cursor_default block
set --universal fish_cursor_insert line
set --universal fish_cursor_block block
fish_vi_cursor
set --universal fish_vi_force_cursor 1
bind --mode insert --sets-mode default jk repaint
bind --mode insert --sets-mode default jK repaint
bind --mode insert --sets-mode default Jk repaint
bind --mode insert --sets-mode default JK repaint
bind --mode insert --sets-mode default jj repaint
bind --mode insert --sets-mode default jJ repaint
bind --mode insert --sets-mode default Jj repaint
bind --mode insert --sets-mode default JJ repaint
if has_command skim
bind -M insert \cg skim-cd-widget
end
bind -M insert \cp up-or-search
bind -M insert \cn down-or-search
bind -M insert \ce end-of-line
bind -M insert \ca beginning-of-line
bind -M insert \cv edit_command_buffer
bind -M default \cv edit_command_buffer
test $PWD = $HOME && begin
cd $NICE_HOME || cd
end
# tmux has issues when pasting sometimes where it seems to interpret a newline
# as C-j and jumps a pane and screws up the previous pane somehow
# I think a tput reset can fix it, but it's just annoying and I don't think I
# currently make heavy enough use of sessions and detaching and tmux-resurrect for
# it to be worth it
# if has_command tmux && ! set -q DO_NOT_AUTOSTART_TMUX && ! set -q TMUX
# tmux new-session -D -s "default" &>/dev/null || tmux attach -t "default"
# end

27
lib/modules/home/fish/shellInit.fish → modules/home-manager/fish/shellInit.fish
View file

@ -1,10 +1,10 @@
# paths
if not set --query NICE_HOME
set --export --universal NICE_HOME $HOME
set --export --universal NICE_HOME $HOME
# if HOME ends with a dir called .home, assume that NICE_HOME is HOME's parent dir
test (basename $HOME) = .home \
&& set --export --universal NICE_HOME (realpath $HOME/..)
# if HOME ends with a dir called .home, assume that NICE_HOME is HOME's parent dir
test (basename $HOME) = .home \
&& set --export --universal NICE_HOME (realpath $HOME/..)
end
set --export --universal XDG_CONFIG_HOME $HOME/.config
@ -33,15 +33,15 @@ set --export --universal EXA_COLORS '*=0'
set --export --universal ERL_AFLAGS "-kernel shell_history enabled -kernel shell_history_file_bytes 1024000"
set --export --universal BROWSER firefox
set --export --universal SOPS_AGE_KEY_FILE "$XDG_CONFIG_HOME/sops/age/keys.txt"
if has_command skim
set --export --universal SKIM_ALT_C_COMMAND "fd --hidden --type directory"
set --export --universal SKIM_CTRL_T_COMMAND "fd --hidden"
set --export --universal SKIM_ALT_C_COMMAND "fd --hidden --type directory"
set --export --universal SKIM_CTRL_T_COMMAND "fd --hidden"
end
set --export --universal NEWT_COLORS "root=black,black:border=black,blue"
# colors
set -U fish_color_normal normal # default color
set -U fish_color_command white # base command being run (>ls< -la)
@ -67,20 +67,17 @@ set -U fish_pager_color_progress white\x1e\x2d\x2dbackground\x3d333 # status ind
# set -U fish_pager_color_secondary \x2d\x2dbackground\x3d181818 # alternating rows
if test -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish'
source '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish'
source '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish'
end
function has_command --wraps=command --description "Exits non-zero if the given command cannot be found"
command --quiet --search $argv[1]
command --quiet --search $argv[1]
end
if has_command rtx
rtx activate fish | source
rtx activate fish | source
end
for dir in ~/.cargo/bin ~/.nimble/bin ~/.local/bin /opt/homebrew/bin
test -d $dir && fish_add_path $dir
test -d $dir && fish_add_path $dir
end
# don't let other users read my files by default
umask 077

Some files were not shown because too many files have changed in this diff Show more