daylin/oizys
1
0
Fork 0
mirror of https://github.com/daylinmorgan/oizys.git synced 2024-11-04 21:43:15 -06:00
Code Issues Projects Releases Packages Wiki Activity

not initial commit

Browse source
This commit is contained in:
Daylin Morgan 2024-01-23 11:51:13 -06:00
parent 7640a51d4f
commit 6d7b8cdc09
Signed by: daylin
GPG key ID: C1E52E7DD81DF79F
54 changed files with 2032 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
.github/workflows/build.yml vendored Normal file
View file

@ -0,0 +1,28 @@
name: Build & Push
on:
push:
branches:
- main
jobs:
build:
strategy:
matrix:
host: ["othalan", "algiz"]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v25 # v25
with:
nix_path: nixpkgs=channel:nixos-unstable
- uses: DeterminateSystems/magic-nix-cache-action@v2
- uses: cachix/cachix-action@v14
with:
name: daylin
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
- name: Build
run: nix build '.#nixosConfigurations.${{ matrix.host }}.config.system.build.toplevel'
- name: Push
env:
CACHIX_ACTIVATE_TOKEN: "${{ secrets.CACHIX_ACTIVATE_TOKEN }}"
run: cachix push daylin ./result

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
result*
.task.mk

3
README.md Normal file
View file

@ -0,0 +1,3 @@
# daylin's nixcfg

605
flake.lock Normal file
View file

@ -0,0 +1,605 @@
{
"nodes": {
"flake-compat": {
"locked": {
"lastModified": 1688025799,
"narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nixpkgs-wayland",
"nix-eval-jobs",
"nixpkgs"
]
},
"locked": {
"lastModified": 1701473968,
"narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1705309234,
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1705309234,
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"freetype2": {
"flake": false,
"locked": {
"lastModified": 1675923892,
"narHash": "sha256-dOm8VKYdclTLLkqWMLv7DQI0Qyjit7S4SOCszKEkG3o=",
"owner": "wez",
"repo": "freetype2",
"rev": "de8b92dd7ec634e9e2b25ef534c54a3537555c11",
"type": "github"
},
"original": {
"owner": "wez",
"repo": "freetype2",
"rev": "de8b92dd7ec634e9e2b25ef534c54a3537555c11",
"type": "github"
}
},
"harfbuzz": {
"flake": false,
"locked": {
"lastModified": 1677798343,
"narHash": "sha256-Lsd0Vrkrv67CMyV0ZveShfjUvqh/jDhI8rAK9ps+SZQ=",
"owner": "harfbuzz",
"repo": "harfbuzz",
"rev": "60841e26187576bff477c1a09ee2ffe544844abc",
"type": "github"
},
"original": {
"owner": "harfbuzz",
"repo": "harfbuzz",
"rev": "60841e26187576bff477c1a09ee2ffe544844abc",
"type": "github"
}
},
"hyprland": {
"inputs": {
"hyprland-protocols": "hyprland-protocols",
"nixpkgs": "nixpkgs",
"systems": "systems",
"wlroots": "wlroots",
"xdph": "xdph"
},
"locked": {
"lastModified": 1705913207,
"narHash": "sha256-donM5hUaCylML0xwRZtH3SBSTBfdo7Ea3hJ+eiGZ/cI=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "02b4a9bdede8ab0336e2e7ac52b39cab36208bb4",
"type": "github"
},
"original": {
"owner": "hyprwm",
"ref": "main",
"repo": "Hyprland",
"type": "github"
}
},
"hyprland-contrib": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1705671586,
"narHash": "sha256-JOwVlSgwo2nqQRcArelrx/lK9OUoUxaXUQThQw1q8oA=",
"owner": "hyprwm",
"repo": "contrib",
"rev": "72a67d0f58d0ed44a20341fddb2bdfa33c2a2558",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "contrib",
"type": "github"
}
},
"hyprland-protocols": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1691753796,
"narHash": "sha256-zOEwiWoXk3j3+EoF3ySUJmberFewWlagvewDRuWYAso=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "0c2ce70625cb30aef199cb388f99e19a61a6ce03",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-protocols",
"type": "github"
}
},
"hyprlang": {
"inputs": {
"nixpkgs": [
"hyprland",
"xdph",
"nixpkgs"
]
},
"locked": {
"lastModified": 1704287638,
"narHash": "sha256-TuRXJGwtK440AXQNl5eiqmQqY4LZ/9+z/R7xC0ie3iA=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "6624f2bb66d4d27975766e81f77174adbe58ec97",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprlang",
"type": "github"
}
},
"lib-aggregate": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1705838953,
"narHash": "sha256-bu00HScTFCapBq6r1U5QXPO7yDZhzNkGCbGfYKOHRDM=",
"owner": "nix-community",
"repo": "lib-aggregate",
"rev": "aca52761b7d82325fadfec11ea78e01fff8f06e8",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "lib-aggregate",
"type": "github"
}
},
"libpng": {
"flake": false,
"locked": {
"lastModified": 1549245649,
"narHash": "sha256-1+cRp0Ungme/OGfc9kGJbklYIWAFxk8Il1M+NV4KSgw=",
"owner": "glennrp",
"repo": "libpng",
"rev": "8439534daa1d3a5705ba92e653eda9251246dd61",
"type": "github"
},
"original": {
"owner": "glennrp",
"repo": "libpng",
"rev": "8439534daa1d3a5705ba92e653eda9251246dd61",
"type": "github"
}
},
"nix-eval-jobs": {
"inputs": {
"flake-parts": "flake-parts",
"nix-github-actions": "nix-github-actions",
"nixpkgs": "nixpkgs_4",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1705242886,
"narHash": "sha256-TLj334vRwFtSym3m+NnKcNCnKKPNoTC/TDZL40vmOso=",
"owner": "nix-community",
"repo": "nix-eval-jobs",
"rev": "6b03a93296faf174b97546fd573c8b379f523a8d",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-eval-jobs",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"nixpkgs-wayland",
"nix-eval-jobs",
"nixpkgs"
]
},
"locked": {
"lastModified": 1701208414,
"narHash": "sha256-xrQ0FyhwTZK6BwKhahIkUVZhMNk21IEI1nUcWSONtpo=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "93e39cc1a087d65bcf7a132e75a650c44dd2b734",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1705856552,
"narHash": "sha256-JXfnuEf5Yd6bhMs/uvM67/joxYKoysyE3M2k6T3eWbg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "612f97239e2cc474c13c9dafa0df378058c5ad8d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1705798119,
"narHash": "sha256-WPVKxYMcvGW/2X16pfF1ef05EQ0Ql5XPCxqoCDlQSrY=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "a26fc04e3d43acfa1dc52065a4ce39ca7a2ec91c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-wayland": {
"inputs": {
"flake-compat": "flake-compat",
"lib-aggregate": "lib-aggregate",
"nix-eval-jobs": "nix-eval-jobs",
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1705947648,
"narHash": "sha256-evBiSypfVvyHSXLfXy621h1gfeQqk5ivnySK5VvvrcA=",
"owner": "nix-community",
"repo": "nixpkgs-wayland",
"rev": "01875294cf54755038d15ed61e3b657fdbede781",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs-wayland",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1705856552,
"narHash": "sha256-JXfnuEf5Yd6bhMs/uvM67/joxYKoysyE3M2k6T3eWbg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "612f97239e2cc474c13c9dafa0df378058c5ad8d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1705856552,
"narHash": "sha256-JXfnuEf5Yd6bhMs/uvM67/joxYKoysyE3M2k6T3eWbg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "612f97239e2cc474c13c9dafa0df378058c5ad8d",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1703134684,
"narHash": "sha256-SQmng1EnBFLzS7WSRyPM9HgmZP2kLJcPAz+Ug/nug6o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d6863cbcbbb80e71cecfc03356db1cda38919523",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1705856552,
"narHash": "sha256-JXfnuEf5Yd6bhMs/uvM67/joxYKoysyE3M2k6T3eWbg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "612f97239e2cc474c13c9dafa0df378058c5ad8d",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1705883077,
"narHash": "sha256-ByzHHX3KxpU1+V0erFy8jpujTufimh6KaS/Iv3AciHk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5f5210aa20e343b7e35f40c033000db0ef80d7b9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"hyprland": "hyprland",
"hyprland-contrib": "hyprland-contrib",
"nixpkgs": "nixpkgs_3",
"nixpkgs-wayland": "nixpkgs-wayland",
"wezterm": "wezterm"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": [
"wezterm",
"flake-utils"
],
"nixpkgs": [
"wezterm",
"nixpkgs"
]
},
"locked": {
"lastModified": 1705457855,
"narHash": "sha256-5cCHQtP/PEHK1YNTQyZN9v8ehpLTjc723ZSKAP3Tva8=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "a854609265af0e9f48c92e497679edf8fab9e690",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs-wayland",
"nix-eval-jobs",
"nixpkgs"
]
},
"locked": {
"lastModified": 1702979157,
"narHash": "sha256-RnFBbLbpqtn4AoJGXKevQMCGhra4h6G2MPcuTSZZQ+g=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "2961375283668d867e64129c22af532de8e77734",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"wezterm": {
"inputs": {
"flake-utils": "flake-utils_2",
"freetype2": "freetype2",
"harfbuzz": "harfbuzz",
"libpng": "libpng",
"nixpkgs": "nixpkgs_6",
"rust-overlay": "rust-overlay",
"zlib": "zlib"
},
"locked": {
"dir": "nix",
"lastModified": 1705885335,
"narHash": "sha256-fH/fb+Bprm0SUhb0Z4An/3CykI3CUwxjqG0u3g9clnI=",
"owner": "wez",
"repo": "wezterm",
"rev": "76028ca15404c049866692b06411f654d544ce2b",
"type": "github"
},
"original": {
"dir": "nix",
"owner": "wez",
"repo": "wezterm",
"type": "github"
}
},
"wlroots": {
"flake": false,
"locked": {
"host": "gitlab.freedesktop.org",
"lastModified": 1703963193,
"narHash": "sha256-ke8drv6PTrdQDruWbajrRJffP9A9PU6FRyjJGNZRTs4=",
"owner": "wlroots",
"repo": "wlroots",
"rev": "f81c3d93cd6f61b20ae784297679283438def8df",
"type": "gitlab"
},
"original": {
"host": "gitlab.freedesktop.org",
"owner": "wlroots",
"repo": "wlroots",
"rev": "f81c3d93cd6f61b20ae784297679283438def8df",
"type": "gitlab"
}
},
"xdph": {
"inputs": {
"hyprland-protocols": [
"hyprland",
"hyprland-protocols"
],
"hyprlang": "hyprlang",
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1704659450,
"narHash": "sha256-3lyoUVtUWz1LuxbltAtkJSK2IlVXmKhxCRU2/0PYCms=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "6a5de92769d5b7038134044053f90e7458f6a197",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"type": "github"
}
},
"zlib": {
"flake": false,
"locked": {
"lastModified": 1484501380,
"narHash": "sha256-j5b6aki1ztrzfCqu8y729sPar8GpyQWIrajdzpJC+ww=",
"owner": "madler",
"repo": "zlib",
"rev": "cacf7f1d4e3d44d871b605da3b647f07d718623f",
"type": "github"
},
"original": {
"owner": "madler",
"repo": "zlib",
"rev": "cacf7f1d4e3d44d871b605da3b647f07d718623f",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

22
flake.nix Normal file
View file

@ -0,0 +1,22 @@
{
description = "daylinmorgan-nixcfg";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland";
hyprland.url = "github:hyprwm/Hyprland/main";
hyprland-contrib.url = "github:hyprwm/contrib";
wezterm.url = "github:wez/wezterm?dir=nix";
};
outputs = inputs @ {
self,
nixpkgs,
...
}: let
lib = import ./lib {inherit inputs nixpkgs;};
in {
nixosModules = builtins.listToAttrs (lib.findModules ./modules);
nixosConfigurations = lib.mapHosts ./hosts;
};
}

21
hosts/algiz/README.md Normal file
View file

@ -0,0 +1,21 @@
sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"
sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys
sudo -u git chmod 600 /home/git/.ssh/authorized_keys
Should Look like this
```
# SSH pubkey from git user
ssh-rsa <Gitea Host Key>
# other keys from users
command="/usr/local/bin/gitea --config=/data/gitea/conf/app.ini serv key-1",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty <user pubkey>
```
Nixify this step....
cat <<"EOF" | sudo tee /usr/local/bin/gitea
#!/bin/sh
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
EOF
sudo chmod +x /usr/local/bin/gitea

48
hosts/algiz/default.nix Normal file
View file

@ -0,0 +1,48 @@
{
inputs,
pkgs,
...
}: {
imports = with inputs.self.nixosModules; [
common
docker
# langs
nim
python
];
environment.systemPackages = with pkgs; [
rclone
];
# https://francis.begyn.be/blog/nixos-restic-backups
# TODO: parameterize to use on algiz AND othalan ...
services.restic.backups.gdrive = {
# directories created by gitea and soft-serve aren't world readable
user = "root";
rcloneConfigFile = "/home/daylin/.config/rclone/rclone.conf";
repository = "rclone:g:archives/algiz";
passwordFile = "/home/daylin/.config/restic/algiz-pass";
paths = ["/home/daylin/services/git/" "/home/daylin/services/gotosocial/" "home/daylin/services/caddy"];
};
security.sudo.wheelNeedsPassword = false;
users.extraUsers = {
daylin = {
shell = pkgs.zsh;
isNormalUser = true;
extraGroups = ["wheel" "docker"];
useDefaultShell = true;
initialPassword = "nix";
};
git = {
isNormalUser = true;
};
};
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
}

35
hosts/algiz/hardware-configuration.nix Normal file
View file

@ -0,0 +1,35 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/eb6cbf1e-e4a7-4312-a1af-4f78ad9cf138";
fsType = "btrfs";
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
virtualisation.hypervGuest.enable = true;
}

16
hosts/algiz/rune Normal file
View file

@ -0,0 +1,16 @@

⠀⠀⠀⢠⣾⣦⡀⠀⠀⠀⣶⣶⠀⠀⠀⢀⣴⣷⡄⠀⠀⠀
⠀⠀⠀⠀⠙⢿⣷⣄⠀⠀⣿⣿⠀⠀⣠⣾⡿⠋⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠙⢿⣷⣄⣿⣿⣠⣾⡿⠋⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠙⢿⣿⣿⡿⠋⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀


47
hosts/algiz/system.nix Normal file
View file

@ -0,0 +1,47 @@
{...}: {
users.motd = builtins.readFile ./rune;
swapDevices = [
{
device = "/var/lib/swapfile";
size = 2 * 1024;
}
];
services.resolved.enable = true;
services.fail2ban = {
enable = true;
maxretry = 5;
bantime = "24h";
};
time.timeZone = "America/Chicago";
networking.hostName = "algiz";
# # added to make using `pip install` work in docker build
# networking.nameservers = [ "8.8.8.8"];
# allow tcp connections for revsere proxy
networking.firewall = {
enable = true;
allowedTCPPorts = [80 443];
};
services.openssh.enable = true;
services.openssh.settings.PasswordAuthentication = false;
users.mutableUsers = false;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

0
hosts/mannaz/README.md Normal file
View file

43
hosts/mannaz/default.nix Normal file
View file

@ -0,0 +1,43 @@
{
inputs,
lib,
config,
pkgs,
...
}: {
imports = with inputs.self.nixosModules; [
./hardware-configuration.nix
./system.nix
./motd.nix
cli
desktop
dev
gui
nix
nix-ld
nvim
virtualization
];
environment.systemPackages = with pkgs; [
nix-output-monitor
(vivaldi.override {
proprietaryCodecs = true;
# enableWidevine = true;
})
];
users = {
defaultUserShell = pkgs.zsh;
extraUsers = {
daylin = {
isNormalUser = true;
extraGroups = ["wheel" "docker" "networkmanager"];
useDefaultShell = true;
initialPassword = "nix";
};
};
};
}

43
hosts/mannaz/hardware-configuration.nix Normal file
View file

@ -0,0 +1,43 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd" "wl"];
boot.extraModulePackages = [config.boot.kernelPackages.broadcom_sta];
fileSystems."/" = {
device = "/dev/disk/by-uuid/47108030-bad4-431a-8fe3-0063accca466";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/3CD0-E384";
fsType = "vfat";
};
swapDevices = [
{device = "/dev/disk/by-uuid/115bc13a-9b09-4790-986c-ab3b434cde69";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp37s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

19
hosts/mannaz/motd.nix Normal file
View file

@ -0,0 +1,19 @@
{...}: {
users.motd = ''


'';
}

96
hosts/mannaz/system.nix Normal file
View file

@ -0,0 +1,96 @@
{
inputs,
lib,
config,
pkgs,
...
}: {
# Use the systemd-boot EFI boot loader.
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
# boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
# this device doesn't have enough ram :/
swapDevices = [
{
device = "/var/lib/swapfile";
size = 24 * 1024;
}
];
hardware.opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [
libGL
];
setLdLibraryPath = true;
};
# Load nvidia driver for Xorg and Wayland
services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia = {
# Modesetting is required.
modesetting.enable = true;
# Nvidia power management. Experimental, and can cause sleep/suspend to fail.
powerManagement.enable = false;
# Fine-grained power management. Turns off GPU when not in use.
# Experimental and only works on modern Nvidia GPUs (Turing or newer).
powerManagement.finegrained = false;
# Use the NVidia open source kernel module (not to be confused with the
# independent third-party "nouveau" open source driver).
# Support is limited to the Turing and later architectures. Full list of
# supported GPUs is at:
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# Only available from driver 515.43.04+
# Currently alpha-quality/buggy, so false is currently the recommended setting.
open = false;
# Enable the Nvidia settings menu,
# accessible via `nvidia-settings`.
nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.stable;
};
programs.nix-ld.enable = true;
services.openssh.enable = true;
networking.hostName = "mannaz";
# networking.wireless.enable = true;
# networking.networkmanager.enable = true;
networking.firewall.allowedTCPPorts = [
7865
7860
];
time.timeZone = "America/Chicago";
security.sudo.wheelNeedsPassword = false;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
}

56
hosts/othalan/default.nix Normal file
View file

@ -0,0 +1,56 @@
{
inputs,
lib,
pkgs,
...
}: {
imports = with inputs.self.nixosModules; [
common
desktop
hyprland
nix-ld
virtualization
restic
# langs
misc
nim
node
tex
];
services.restic.backups.gdrive = {
user = "daylin";
repository = "rclone:g:archives/othalan";
passwordFile = "/home/daylin/.config/restic/othalan-pass";
paths = ["/home/daylin/stuff/" "/home/daylin/dev/"];
};
environment.systemPackages = with pkgs; [
zk
rclone
quarto
expect
openconnect
];
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
programs.zsh.enable = true;
users.users.daylin = {
isNormalUser = true;
shell = pkgs.zsh;
extraGroups = [
"wheel" # sudo
"video" # backlight control via light
"audio"
];
};
}

43
hosts/othalan/hardware-configuration.nix Normal file
View file

@ -0,0 +1,43 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/00587bf0-9f7f-4d96-9b8b-cf5024157e2c";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/FF65-E2AC";
fsType = "vfat";
};
swapDevices = [
{device = "/dev/disk/by-uuid/bd64a1ba-f259-4b64-88cd-5585b9345f5a";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

16
hosts/othalan/rune Normal file
View file

@ -0,0 +1,16 @@

.+.
.*@@@*.
.+@@- -%@*.
.+@@= -%@*.
.+@%= -%@+.
+@@- :@@*
.*@%- :#@*:
.#@%: :#@#:
:#@#-*@#:
=@@@+
.*@#-#@#:
.*@%- :#@#:
.*@%- :%@*.
+@%- -%@+
:- -:

66
hosts/othalan/system.nix Normal file
View file

@ -0,0 +1,66 @@
{
config,
pkgs,
...
}
: {
networking.networkmanager.enable = true;
programs.light.enable = true;
services.printing.enable = true;
services.fwupd.enable = true;
hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = true;
# https://github.com/NixOS/nixos-hardware/blob/c478b3d56969006e015e55aaece4931f3600c1b2/lenovo/thinkpad/x1/9th-gen/default.nix
# https://github.com/NixOS/nixos-hardware/blob/c478b3d56969006e015e55aaece4931f3600c1b2/common/pc/ssd/default.nix
services.fstrim.enable = true;
# rtkit is optional but recommended
security.rtkit.enable = true;
services.pipewire = {
enable = true;
audio.enable = true;
pulse.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
};
environment.systemPackages = with pkgs; [
pamixer
];
services.getty.greetingLine =
''<<< Welcome to NixOS ${config.system.nixos.label} (\m) - \l >>>''
+ (builtins.readFile ./rune);
# catppuccin/tty
boot.kernelParams = [
"vt.default_red=30,243,166,249,137,245,148,186,88,243,166,249,137,245,148,166"
"vt.default_grn=30,139,227,226,180,194,226,194,91,139,227,226,180,194,226,173"
"vt.default_blu=46,168,161,175,250,231,213,222,112,168,161,175,250,231,213,200"
];
networking.hostName = "othalan";
time.timeZone = "US/Central";
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
}

45
lib/default.nix Normal file
View file

@ -0,0 +1,45 @@
{
inputs,
nixpkgs,
...
}: let
inherit (builtins) concatLists attrValues mapAttrs elemAt match readDir filter;
inherit (nixpkgs.lib) hasSuffix nixosSystem;
inherit (nixpkgs.lib.filesystem) listFilesRecursive;
in rec {
mkSystem = hostname:
nixosSystem {
system = "x86_64-linux";
modules =
builtins.filter
(path: hasSuffix ".nix" path) (listFilesRecursive (../. + "/hosts/${hostname}"));
specialArgs = {inherit inputs;};
};
mapHosts = dir:
mapAttrs
(name: _: mkSystem name)
(readDir dir);
# https://github.com/balsoft/nixos-config/blob/73cc2c3a8bb62a9c3980a16ae70b2e97af6e1abd/flake.nix#L109-L120
findModules = dir:
concatLists (attrValues (mapAttrs
(name: type:
if type == "regular"
then [
{
name = elemAt (match "(.*)\\.nix" name) 0;
value = dir + "/${name}";
}
]
else if
(readDir (dir + "/${name}"))
? "default.nix"
then [
{
inherit name;
value = dir + "/${name}";
}
]
else findModules (dir + "/${name}")) (readDir dir)));
}

21
modules/cli.nix Normal file
View file

@ -0,0 +1,21 @@
{
inputs,
pkgs,
...
}: {
programs.direnv.enable = true;
environment.systemPackages = with pkgs; [
chezmoi
zoxide
lsd
fzf
# utils
fd
bat
delta
ripgrep
btop
];
}

25
modules/dev.nix Normal file
View file

@ -0,0 +1,25 @@
{
inputs,
pkgs,
...
}: {
imports = with inputs.self.nixosModules; [
git
];
programs.zsh.enable = true;
environment.systemPackages = with pkgs; [
tmux
unzip
less
gnumake
gcc
jq
wget
curl
htop
comma
];
}

6
modules/docker.nix Normal file
View file

@ -0,0 +1,6 @@
{pkgs, ...}: {
virtualisation.docker.enable = true;
environment.systemPackages = with pkgs; [
lazydocker
];
}

13
modules/editors/nvim.nix Normal file
View file

@ -0,0 +1,13 @@
{
input,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
vim
neovim
nixd
tree-sitter
];
}

10
modules/editors/vscode.nix Normal file
View file

@ -0,0 +1,10 @@
{
input,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
# vscode
vscode-fhs
];
}

13
modules/git.nix Normal file
View file

@ -0,0 +1,13 @@
{
input,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
git
git-lfs
gh
lazygit
];
}

23
modules/gui.nix Normal file
View file

@ -0,0 +1,23 @@
{
inputs,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
inputs.wezterm.packages.${pkgs.system}.default
alacritty
inkscape
gimp
libreoffice-qt
hunspell # spell check for libreoffice
(vivaldi.override {
commandLineArgs = [
"--force-dark-mode"
];
proprietaryCodecs = true;
})
];
}

50
modules/hyprland.nix Normal file
View file

@ -0,0 +1,50 @@
{
inputs,
pkgs,
...
}: {
fonts.fontconfig.enable = true;
fonts.packages = with pkgs; [
(nerdfonts.override {fonts = ["FiraCode"];})
];
security.pam.services.swaylock = {};
programs.hyprland.enable = true;
programs.hyprland.package = inputs.hyprland.packages.${pkgs.system}.default;
# Optional, hint electron apps to use wayland:
environment.sessionVariables.NIXOS_OZONE_WL = "1";
environment.systemPackages = with pkgs; [
swaylock
brightnessctl
# notifications
libnotify
dunst
# screenshots
inputs.hyprland-contrib.packages.${pkgs.system}.grimblast
grim
slurp
eww-wayland
rofi-wayland
hyprpaper
catppuccin-cursors.mochaDark
pavucontrol
];
nixpkgs.overlays = [ inputs.nixpkgs-wayland.overlay ];
# wayland extras
nix.settings = {
# add binary caches
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
substituters = [
"https://cache.nixos.org"
"https://nixpkgs-wayland.cachix.org"
"https://hyprland.cachix.org"
];
};
}

12
modules/langs/misc.nix Normal file
View file

@ -0,0 +1,12 @@
{
inputs,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
# language supports
nodejs
go
rustup
];
}

19
modules/langs/nim.nix Normal file
View file

@ -0,0 +1,19 @@
{
pkgs,
nixpkgs,
...
}: {
nixpkgs.overlays = [
# (import ../../overlays/nim {})
(import ../../overlays/nimlsp {})
(import ../../overlays/nimble {})
(import ../../overlays/nim-atlas {})
];
environment.systemPackages = with pkgs; [
nim-atlas
nim
nimble
nimlsp
];
}

6
modules/langs/node.nix Normal file
View file

@ -0,0 +1,6 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
nodejs
nodePackages.pnpm
];
}

17
modules/langs/python.nix Normal file
View file

@ -0,0 +1,17 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
# https://github.com/Mic92/nix-ld?tab=readme-ov-file#my-pythonnodejsrubyinterpreter-libraries-do-not-find-the-libraries-configured-by-nix-ld
(pkgs.writeShellScriptBin "python" ''
export LD_LIBRARY_PATH=$NIX_LD_LIBRARY_PATH
exec ${pkgs.python3}/bin/python "$@"
'')
(pkgs.writeShellScriptBin "python3" ''
export LD_LIBRARY_PATH=$NIX_LD_LIBRARY_PATH
exec ${pkgs.python3}/bin/python "$@"
'')
(python3.withPackages (ps: with ps; [pip]))
micromamba
];
}

9
modules/langs/tex.nix Normal file
View file

@ -0,0 +1,9 @@
{
inputs,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
texlive.combined.scheme-full
];
}

34
modules/lock/default.nix Normal file
View file

@ -0,0 +1,34 @@
{
input,
pkgs,
...
}: let
lock = pkgs.writeShellApplication {
name = "lock";
runtimeInputs = with pkgs; [i3lock-color figlet procps];
text = builtins.readFile ./lock.sh;
};
in {
environment.systemPackages = with pkgs; [
xss-lock
lock
];
systemd.services.i3lock = {
wantedBy = ["sleep.target"];
description = "Lock the screen using a custom lock script";
before = ["suspend.target"];
serviceConfig = {
User = "daylin";
Type = "forking";
Environment = "DISPLAY=:0";
ExecStart = "${lock}/bin/lock";
};
};
# services.logind.extraConfig = ''
# IdleAction=suspend
# IdleActionSec=1800
# '';
}

80
modules/lock/lock.sh Executable file
View file

@ -0,0 +1,80 @@
#!/usr/bin/env bash
# colors
bg_color=1e1e2ebb
red=f38ba8ff
teal=94e2d5ff
rosewater=f5e0dcff
green=a6e3a1ff
selection=454158ff
# greeter config
font="MonoLisa Nerd Font:style=Bold"
greeter_msg="LOCKED"
ff=(
"big"
"small"
"lean"
"epic"
"fender"
"slant"
"lineblocks"
"marquee"
"avatar"
"contrast"
"amcrazor"
"kban"
)
fig_font=${ff[RANDOM % ${#ff[@]}]}
make_figlet() {
figlet -f "$fig_font" "$greeter_msg"
}
font_size=25
font_to_px=$((font_size * 16 / 12))
greeter_h=$(($(make_figlet | wc -l) * font_to_px))
greeter_w=$(($(make_figlet | wc -L) * font_to_px))
# centered
greeter_pos="x+w/2-${greeter_w}/4:y+h/2-${greeter_h}/4"
# left-aligned
greeter_pos="x+50:y+h/2-${greeter_h}/4"
# do the locking
# suspend message display
pkill -u "$USER" -USR1 dunst
sleep 0.1
# lock the screen
i3lock \
-n \
--screen 1 \
--color $bg_color \
--inside-color ffffff00 \
--ring-color $green \
--ringwrong-color $red \
--ringver-color $teal \
--insidewrong-color $bg_color \
--insidever-color $bg_color \
--line-uses-ring \
--separator-color $selection \
--keyhl-color $teal \
--bshl-color $red \
--wrong-color $red \
--ind-pos x+w-5-r:y+h-10-r \
--ring-width 25 \
--radius 100 \
--verif-text "" \
--greeter-text "$(make_figlet)" \
--greeter-font "${font}" \
--greeter-size $font_size \
--greeter-color $rosewater \
--greeter-pos "${greeter_pos}" \
--greeter-align 1
# resume message display
pkill -u "$USER" -USR2 dunst

63
modules/nix-ld.nix Normal file
View file

@ -0,0 +1,63 @@
{
input,
pkgs,
...
}: {
programs.nix-ld.enable = true;
# Packages that need at least something in this list:
# Geneious Prime
# https://github.com/Mic92/dotfiles/blob/cb180bdd3805b373e556a93ccb275b7f0f902a3b/nixos/modules/nix-ld.nix#L9C3-L60C5
programs.nix-ld.libraries = with pkgs; [
alsa-lib
at-spi2-atk
at-spi2-core
atk
cairo
cups
curl
dbus
expat
fontconfig
freetype
fuse3
gdk-pixbuf
glib
gtk3
icu
libGL
libappindicator-gtk3
libdrm
libglvnd
libnotify
libpulseaudio
libunwind
libusb1
libuuid
libxkbcommon
mesa
nspr
nss
openssl
pango
pipewire
stdenv.cc.cc
systemd
vulkan-loader
xorg.libX11
xorg.libXScrnSaver
xorg.libXcomposite
xorg.libXcursor
xorg.libXdamage
xorg.libXext
xorg.libXfixes
xorg.libXi
xorg.libXrandr
xorg.libXrender
xorg.libXtst
xorg.libxcb
xorg.libxkbfile
xorg.libxshmfence
zlib
];
}

25
modules/nix.nix Normal file
View file

@ -0,0 +1,25 @@
{
input,
pkgs,
...
}: {
imports = [
./styx
];
nixpkgs.config.allowUnfree = true;
nix.package = pkgs.nixUnstable;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
nix.optimise.automatic = true;
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
environment.systemPackages = with pkgs; [
nix-output-monitor
alejandra
];
}

11
modules/profiles/common.nix Normal file
View file

@ -0,0 +1,11 @@
{inputs, ...}: {
imports = with inputs.self.nixosModules; [
nix
cli
dev
nvim
# langs
python
];
}

13
modules/profiles/desktop.nix Normal file
View file

@ -0,0 +1,13 @@
{
inputs,
config,
lib,
...
}: {
imports = with inputs.self.nixosModules; [
common
gui
vscode
# qtile
];
}

49
modules/qtile.nix Normal file
View file

@ -0,0 +1,49 @@
{
input,
pkgs,
...
}: {
imports = [
./lock
];
fonts.fontconfig.enable = true;
fonts.packages = with pkgs; [
(nerdfonts.override {fonts = ["FiraCode"];})
];
# Enable the X11 windowing system.
services.xserver = {
enable = true;
displayManager.startx.enable = true;
desktopManager.plasma5.enable = true;
windowManager.qtile.enable = true;
};
environment.systemPackages = with pkgs; [
brightnessctl
picom
# xorg utils
xdotool
xclip
# xrandr friends
autorandr
arandr
# notifications
libnotify
dunst
# qtile & friends
# qtile
eww
feh
rofi
flameshot
catppuccin-cursors.mochaDark
pavucontrol
];
}

25
modules/restic.nix Normal file
View file

@ -0,0 +1,25 @@
{...}:{
services.restic.backups.gdrive = {
extraBackupArgs = [
"--exclude-file /home/daylin/.config/restic/excludes.txt"
"--exclude-file /home/daylin/.conda/environments.txt"
"--verbose"
"--one-file-system"
"--tag systemd.timer"
];
pruneOpts = [
"--verbose"
"--tag systemd.timer"
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 12"
"--keep-yearly 3"
];
timerConfig = {
OnCalendar = "00:05";
Persistent = true;
RandomizedDelaySec = "5h";
};
};
}

5
modules/styx/default.nix Normal file
View file

@ -0,0 +1,5 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
(writeScriptBin "styx" (builtins.readFile ./styx))
];
}

101
modules/styx/styx Executable file
View file

@ -0,0 +1,101 @@
#!/usr/bin/env bash
set -e
# rewrite as python script?
FLAKE_PATH=$HOME/nixcfg
DIM="$(tput dim)"
BOLD="$(tput bold)"
RED="$(tput setaf 1)"
GREEN="$(tput setaf 2)"
YELLOW="$(tput setaf 3)"
CYAN="$(tput setaf 4)"
RESET="$(tput sgr0)"
PREFIX="${CYAN}styx${RESET}"
log() {
printf "%s | %s\n" "$PREFIX" "$*"
}
error() {
printf "%s | %s | %s\n" "$PREFIX" "${RED}error${RESET}" "$*"
}
help() {
cat <<EOF
styx <cmd> [-h]
${DIM}sister moon to nix on pluto
sister software to nix in this repo${RESET}
pass additional args with -- --key value
${BOLD}commands${RESET}:
EOF
printf "${GREEN}%8s${RESET} | ${YELLOW}%s${RESET}\n" \
fmt "format *.nix" \
build "build and monitor with nom" \
boot "evaluate flake for next boot" \
switch "perform nixos rebuild" \
store "run some store cleanup"
exit
}
fmt() {
alejandra . "$@"
}
boot() {
sudo nixos-rebuild boot --flake "$FLAKE_PATH" "$@"
}
switch() {
sudo nixos-rebuild switch --flake "$FLAKE_PATH" "$@"
}
store() {
nix store optimise "$@"
}
build() {
nom build "$FLAKE_PATH#nixosConfigurations.$(hostname).config.system.build.toplevel"
case "$1" in
switch | boot | test ) sudo ./result/bin/switch-to-configuration "$1";;
esac
}
if [[ $# -eq 0 ]]; then
log no command specified see below for help
help
fi
while [[ $# -gt 0 ]]; do
case $1 in
fmt | boot | switch | store | build)
cmd=$1
shift
;;
-h | --help)
help
;;
--)
# stop parsing and foward the rest of the args
shift
break
;;
-*,--*)
error "unknown flag: ${BOLD}$1${RESET}"
exit 1
;;
*)
error "unknown command: ${BOLD}$1${RESET}"
exit 1
;;
esac
done
if [[ $# -gt 0 ]]; then
echo "forwarding args: ${BOLD}$*${RESET}"
fi
$cmd "$@"

8
modules/virtualization.nix Normal file
View file

@ -0,0 +1,8 @@
{
input,
pkgs,
...
}: {
virtualisation.virtualbox.host.enable = true;
users.extraGroups.vboxusers.members = ["daylin"];
}

14
overlays/default.nix Normal file
View file

@ -0,0 +1,14 @@
# import all nix files in the current folder,
# and execute them with args as parameters
# The return value is a list of all execution results,
# which is the list of overlays
args:
# execute and import all overlay files in the current
# directory with the given args
builtins.map
# execute and import the overlay file
(f: (import (./. + "/${f}") args))
# find all overlay files in the current directory
(builtins.filter
(f: f != "default.nix")
(builtins.attrNames (builtins.readDir ./.)))

11
overlays/hyprland/default.nix Normal file
View file

@ -0,0 +1,11 @@
{...}: (final: prev: {
hyprland = prev.hyprland.overrideAttrs {
src = prev.fetchFromGitHub {
version = "main-20240121";
owner = "hyprwm";
repo = "Hyprland";
rev = "3c964a9fdc220250a85b1c498e5b6fad9390272f";
hash = "sha256-oIt4bUVXRR7qnBPizcPA7fTiZl4xz9QaSdzLNukjtkw=";
};
};
})

11
overlays/nim-atlas/default.nix Normal file
View file

@ -0,0 +1,11 @@
{...}: (final: prev: {
nim-atlas = prev.nim-atlas.overrideNimAttrs {
version = "unstable";
src = prev.fetchFromGitHub {
owner = "nim-lang";
repo = "atlas";
rev = "cbba9fa77fa837931bf3c58e20c1f8cb15a22919";
hash = "sha256-TsZ8TriVuKEY9/mV6KR89eFOgYrgTqXmyv/vKu362GU=";
};
};
})

18
overlays/nim/default.nix Normal file
View file

@ -0,0 +1,18 @@
{...}: (final: prev: {
nim-unwrapped-2 = prev.nim-unwrapped-2.overrideAttrs {
patches =
(prev.patches or [])
++ [
./install.patch
];
# installPhase = ''
# runHook preInstall
# install -Dt $out/bin bin/*
# ln -sf $out/nim/bin/nim $out/bin/nim
# ln -sf $out/nim/lib $out/lib
# ./install.sh $out
# cp -a dist tools $out/nim/
# runHook postInstall
# '';
};
})

10
overlays/nim/install.patch Normal file
View file

@ -0,0 +1,10 @@
diff --git a/install.sh b/install.sh
@@ -1113,6 +1113,8 @@
chmod 644 "$nimbleDir/doc/advopt.txt"
cp "doc/nimdoc.css" "$nimbleDir/doc/nimdoc.css"
chmod 644 "$nimbleDir/doc/nimdoc.css"
+ cp "doc/nimdoc.cls" "$nimbleDir/doc/nimdoc.cls"
+ chmod 644 "$nimbleDir/doc/nimdoc.cls"
cp "nim.nimble" "$nimbleDir/nim.nimble"
chmod 644 "$nimbleDir/nim.nimble"

15
overlays/nimble/default.nix Normal file
View file

@ -0,0 +1,15 @@
{...}: (final: prev: {
nimble = prev.nimble.overrideNimAttrs {
version = "0.14.2-f74bf2";
requiredNimVersion = 2;
buildInputs = [prev.pkgs.openssl];
src = prev.fetchFromGitHub {
owner = "nim-lang";
repo = "nimble";
# more recent commit
rev = "f74bf2bc388f7a0154104b4bcaa093a499d3f0f7";
hash = "sha256-8b5yKvEl7c7wA/8cpdaN2CSvawQJzuRce6mULj3z/mI=";
};
};
})

11
overlays/nimlsp/default.nix Normal file
View file

@ -0,0 +1,11 @@
{...}: (final: prev: {
nimlsp = prev.nimlsp.overrideNimAttrs {
requiredNimVersion = 2;
nimFlags = [
"--threads:on"
""
"-d:explicitSourcePath=${final.srcOnly final.pkgs.nim-unwrapped-2}"
"-d:tempDir=/tmp"
];
};
})

11
overlays/wezterm/default.nix Normal file
View file

@ -0,0 +1,11 @@
{...}: (final: prev: {
wezterm = prev.wezterm.overrideAttrs {
src = prev.fetchFromGitHub {
version = "main-20240121";
owner = "wez";
repo = "wezterm";
rev = "b0671294d1c9225096909e12875ada25dd19a35e";
hash = "sha256-oIt4bUVXRR7qnBPizcPA7fTiZl4xz9QaSdzLNukjtkw=";
};
};
})

5
todo.md Normal file
View file

@ -0,0 +1,5 @@
# daylin's nixcfg todo's
<!-- nothing! -->
<!-- generated with <3 by daylinmorgan/todo -->

34
utils/rune.sh Executable file
View file

@ -0,0 +1,34 @@
#! /usr/bin/env nix-shell
#! nix-shell -i bash -p ascii-image-converter
set -e
declare -A IMG_SRC
IMG_SRC=(
[jeran]=https://upload.wikimedia.org/wikipedia/commons/0/01/Runic_letter_jeran.png
[othalan]=https://upload.wikimedia.org/wikipedia/commons/1/16/Runic_letter_othalan.png
[algiz]=https://upload.wikimedia.org/wikipedia/commons/1/14/Runic_letter_algiz.png
[mannaz]=https://upload.wikimedia.org/wikipedia/commons/0/0c/Runic_letter_mannaz.png
[kaunan]=https://upload.wikimedia.org/wikipedia/commons/a/a3/Runic_letter_kauna.png
)
if [[ $# -eq 0 ]]; then
echo please provide rune name
echo options:
for i in "${!IMG_SRC[@]}"; do
echo $i
done
exit 1
fi
rune=$1
color=${36:-$2}
# tmp this?
FILENAME="Runic_letter_${rune}.png"
[[ -f "$FILENAME" ]] || wget -O "$FILENAME" "${IMG_SRC[$rune]}"
printf "\033[1;%dm\n%s\033[0m\n\n" \
"$color" \
"$(ascii-image-converter "$FILENAME" -n -H 15 -b)" \
>"${rune}.txt"