diff --git a/.gitignore b/.gitignore old mode 100755 new mode 100644 index 6f2994e..31f728a --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ ISSUES/ secrets/ result +rebuild*.log diff --git a/DEVDOC.md b/DEVDOC.md deleted file mode 100644 index 4b8567e..0000000 --- a/DEVDOC.md +++ /dev/null @@ -1,25 +0,0 @@ -## Users - -#### me -My main personal account, used on my PC and laptop. -Contains a hyprland graphical environment by default. - -#### ae -Primary account on my servers. Contains the bare -essentials for my work, no graphical environment. - - -#### friends -A simple account I let me friends connect to. -Limited functionality, mostly just for letting -them test small things or for giving them files. - - -## Setup Guide -##### Adding a New Server -Enable an ssh server on the remote host, then on the -local machine set `.ssh/config` to have a profile for -your desired host and have a key pair that's authorised -to your desired user. - -NOTE: these keys must have permission 600 (only readable/writable by you) diff --git a/DEV_ENV b/DEV_ENV deleted file mode 100644 index bf545ce..0000000 --- a/DEV_ENV +++ /dev/null @@ -1,3 +0,0 @@ -- [ ] Stop colmena adding inputs for unmanaged nodes -- [ ] Use latest commit for colmena -- [ ] Program colmena to have an option that adds `--no-check-sigs` to `nix copy` diff --git a/INSPIRATION b/INSPIRATION deleted file mode 100755 index 2c5adf0..0000000 --- a/INSPIRATION +++ /dev/null @@ -1,8 +0,0 @@ -Godlike - https://github.com/end-4/dots-hyprland - -Gorgeous - https://github.com/prasanthrangan/hyprdots - -Very nice - https://github.com/linuxmobile/hyprland-dots diff --git a/README.md b/README.md old mode 100755 new mode 100644 index ce2a13b..36d887e --- a/README.md +++ b/README.md @@ -1,11 +1,8 @@ +## My NixOS Flake ### Philosophy -I try to use Home Manager as little as possible. When I first started with NixOS I found -it distracting and confusing. NixOS already handles system wide and user packages, so having -another user level package management method was baffling. Obviously I understand now how -it can be useful (so I do use it). But where possible I will instead use the functionality -of Nix rather than Home Manager. +> [!TODO] My philosophy has kinda changed since the beginning -###### Structuring Modules +### Repo Structure Modules are organised into groups (ie "Core"), from here a module is structured as either: 1. a single `.nix` file (ie bluetooth.nix). I do this when I won't implement an alternative 2. a directory (ie `sound`) containing a set of alternative implementations and a `default.nix` @@ -13,15 +10,19 @@ that simply imports one of the implementations. For the `sound` example I curren to default to `pipewire.nix`. I haven't made alternatives yet but the idea is that it is HIGHLY likely I do in future. +### Security Considerations +###### Hashing +For services where password hashing is done infrequently (ie my forgejo instance with signups disabled) +use argon2 (argon2id) with default `argon2$2$65536$8$50` (typically). Otherwise bcrypt is preferred. ### TODO -There are a lot of `TODO` items in this repository. To improve these dotfiles -I should run a command to find files containing "TODO" and then implement the -recommendation I left behind :) +There are a lot of commented `# TODO: ...` items in this repository. +All (most) of my commented directives can be found via this pattern: +```sh +grep -rnE '^\s*(//|#)\s*[A-Z]*:\s*.+$' --exclude-dir=.git 2>/dev/null +``` - - -##### Small Explanation of Fonts +### Random Explanation of Fonts There are four types of fonts (to my knowledge at least): 1. serif (funny squigles / small elegant strokes included) 2. sans-serif (meaning "without serifs") @@ -33,19 +34,9 @@ Fun fact: on Android, the emojis you are seeing are part of the noto-emoji font For finding a font for programming I highly recommend trying https://www.codingfont.com/ -### My config - -Font: -Iosevka nerd font set as default/prefered font -Terminal uses IosevkaTerm nerd font - -Home-Manager: -I just to use home-manager standalone and not as a NixOS module, thus allowing -my dotfiles to also work on non-NixOS systems. - - - -### Explaining my Vision with r/unixporn posts +### Links +#### Inspiration +##### Explaining my Vision with r/unixporn posts I want the side panel from https://www.reddit.com/r/unixporn/comments/12wpvyf/hyprland_eww_is_all_i_need/ but not the colour scheme and I'm 50/50 on the bar being on th eleft side lol. Also I love the volume bar on the right! @@ -64,22 +55,29 @@ Their window decorations and bar are great, also being able to hide everything u https://www.reddit.com/r/unixporn/comments/vkcasz/i3gaps_i_prefer_light_mode/ If their colour scheme was a little less white I'd love it but overall one of my favourites every +##### Other Inspiring Shtuff +1. https://github.com/sabrehagen/desktop-environment -### Wallpaper Sources +#### Wallpaper Sources 1. https://www.wallpaperflare.com/ 2. https://alphacoders.com especially this one person: https://alphacoders.com/users/profile/69089/robokoboto and also the lofi category: https://alphacoders.com/lofi +#### Teach Yourself Nix +1. https://github.com/XNM1/linux-nixos-hyprland-config-dotfiles) + Really good security oriented NixOS stuff +2. https://jade.fyi/blog/flakes-arent-real/ + Interesting blog post on using flakes -### Credits +#### Credits 1. https://github.com/XNM1/linux-nixos-hyprland-config-dotfiles -The simplicity of their layout is amazing, was really good to pick out small modules and learn how something works / is configured. + The simplicity of their layout is amazing, was really good to pick out small modules and learn how something works / is configured. 2. https://github.com/Misterio77/nix-starter-configs -Really great starter config for learning how parts interact and how to generally structure flakes + Really great starter config for learning how parts interact and how to generally structure flakes 3. https://nixos.wiki/wiki/Fonts -Wiki page explaining how to install fonts and nerd fonts on NixOS + Wiki page explaining how to install fonts and nerd fonts on NixOS 4. https://github.com/adi1090x/rofi -For the Rofi theme + For the Rofi theme 5. https://github.com/zDyanTB/HyprNova -For the really cool hyprlock theme + For the really cool hyprlock theme diff --git a/TODO b/TODO deleted file mode 100755 index f498088..0000000 --- a/TODO +++ /dev/null @@ -1,91 +0,0 @@ -Get Utilities: -1. httpie -2. curlie -3. zoxide -4. doggo - -1. Get helix editor -2. Custom helix -3. Complete helix tutorial - -Get nixcord working -Get thunar working -Set a GTK theme & icon theme -Get better wallpapers -Get hyprcursor working with Bibata-Modern-Ice - -Get a GRUB theme working -Get SDDM and a theme working - -Make a custom hyprlock screen - -Get AGS working -Make an applauncher in AGS -Remove hyprland splash screen on init -Made lolcathost home modular - -Overtime just install more programs that I need regularly: ie -- btop/htop/etc - -Get GTK Bibata Cursors to be the same size as my system cursor (NOT SURE WHAT I DID...) - - -Get waybar (or another bar) working - -Get a QT theme - -Fix pipewire audio sometimes working and sometimes not :( - -Bind new terminal to SUPER+Enter instead of SUPER+Q - -Join Rio Terminal's discord and ask if they support nerdfonts or if I'm doing something wrong - - - -Change Dell loading screen (Boot Graphics Resource Table, aka BGRT) - - - - -Fix: your 131072x1 screen size is bogus. expect trouble - - - -Search for all "TODO" items in my nix dotfiles - -Push nixdots to github - - - - -Check out the Ekala Project (I joined their discord server) - - -Create a program that enables/disables passwordless sudo access - (add to github too) - -Learn to package my own home-manager modules - - - - -Ideal Features: -1. AI assistant -2. searching can also be used to calculate stuff (like I do on my iPad) - - - - -Fork nixcord and fix documentation (the installation is confusing) -But firstly the first code snippet is wrong... -```nix -inputs.nixcord = { - url = "github:kaylorben/nixcord" -}; -``` -Should actually be -```nix -inputs.nixcord = { - url = "github:kaylorben/nixcord"; # dont forget the semicolon -}; -``` diff --git a/TODO.md b/TODO.md new file mode 100644 index 0000000..52635fc --- /dev/null +++ b/TODO.md @@ -0,0 +1,10 @@ +- [ ] Update the README.md +- [ ] switch ssh keys to ECC (fuck RSA) + +- [ ] migrate forge.dobutterfliescry.net -> tearforge.net +- [ ] rename forgejo user to git +- [ ] setup my own VPN +- [ ] connect match to my VPN +- [ ] use matcha to build stuff instead of using my laptop + +- [ ] make `ceru` do local and remote deployments diff --git a/TODO_UI b/TODO_UI deleted file mode 100755 index 34b5246..0000000 --- a/TODO_UI +++ /dev/null @@ -1,3 +0,0 @@ -1. Create more themes for my applauncher -2. Create more themes for hyprlock - check out: https://github.com/MrVivekRajan/Hyprlock-Styles diff --git a/deploy b/deploy deleted file mode 100755 index 4dc0576..0000000 --- a/deploy +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env bash -set -e - -usage="Usage: $(basename $0) [OPTIONS] - -Options: - -f, --fresh Remove old content in the nixstore (good for debugging) - -b, --bootloader Reinstall the bootloader - -h, --help Show this message (^_^)" - -# delete all cached entries -# to make the system from scratch -collect_garbage () { - sudo nix-collect-garbage --delete-old -} - -rebuild_flake () { - # make sure all changes are visible to nixos - git add . --verbose - if [ "$1" = "reinstall-bootloader" ]; then - sudo nixos-rebuild switch --flake . --install-bootloader - else - sudo nixos-rebuild switch --flake . - #nixos-rebuild build --flake .# --cores 8 -j 1 - fi -} - -# check which flags were given -flag_fresh=false -flag_bootloader=false -for flag in "$@"; do - case "$flag" in - -f|--fresh) - flag_fresh=true ;; - -b|--bootloader) - flag_bootloader=true ;; - -h|--help) - echo "$usage" - exit 0 ;; - *) - echo "[!] Unknown flag \"$flag\"" - exit 1 ;; - esac -done - -# delete cached items in nixstore -if [ "$flag_fresh" = true ]; then - collect_garbage - exit 0 -fi - -# nixos-rebuild switch ... -if [ "$flag_bootloader" = true ]; then - collect_garbage - rebuild_flake "reinstall-bootloader" -else - rebuild_flake -fi diff --git a/deploy-remote b/deploy-remote deleted file mode 100755 index be09c7d..0000000 --- a/deploy-remote +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/env bash - -set -e # terminate if any command fails - -echo "[+] Adding keys to ssh-agent" -ssh-add ~/.ssh/id_hyrule -printf "\n" - -git add . -# Deploy to all Colmena hives -colmena build --experimental-flake-eval -colmena apply --experimental-flake-eval -# colmena apply --on hyrule --experimental-flake-eval diff --git a/flake.lock b/flake.lock old mode 100755 new mode 100644 index 4e31fa3..26fea2d --- a/flake.lock +++ b/flake.lock @@ -1,107 +1,91 @@ { "nodes": { - "ags": { + "cerulean": { "inputs": { - "nixpkgs": "nixpkgs", - "systems": "systems" - }, - "locked": { - "lastModified": 1728326430, - "narHash": "sha256-tV1ABHuA1HItMdCTuNdA8fMB+qw7LpjvI945VwMSABI=", - "owner": "Aylur", - "repo": "ags", - "rev": "60180a184cfb32b61a1d871c058b31a3b9b0743d", - "type": "github" - }, - "original": { - "owner": "Aylur", - "repo": "ags", - "type": "github" - } - }, - "ags_2": { - "inputs": { - "nixpkgs": "nixpkgs_5", - "systems": "systems_3" - }, - "locked": { - "lastModified": 1728326430, - "narHash": "sha256-tV1ABHuA1HItMdCTuNdA8fMB+qw7LpjvI945VwMSABI=", - "owner": "Aylur", - "repo": "ags", - "rev": "60180a184cfb32b61a1d871c058b31a3b9b0743d", - "type": "github" - }, - "original": { - "owner": "Aylur", - "repo": "ags", - "type": "github" - } - }, - "aquamarine": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "hyprwayland-scanner": [ - "hyprland", - "hyprwayland-scanner" - ], + "deploy-rs": "deploy-rs", + "home-manager": "home-manager", + "microvm": "microvm", "nixpkgs": [ - "hyprland", "nixpkgs" ], + "nt": [ + "nt" + ], "systems": [ - "hyprland", "systems" ] }, "locked": { - "lastModified": 1730968822, - "narHash": "sha256-NocDjINsh6ismkhb0Xr6xPRksmhuB2WGf8ZmXMhxu7Y=", - "owner": "hyprwm", - "repo": "aquamarine", - "rev": "a49bc3583ff223f426cb3526fdaa4bcaa247ec14", + "lastModified": 1771194110, + "narHash": "sha256-x6rijGWmPL5FTpkr+8vpcKKCOT33QHEV8bP6ibEAXFE=", + "owner": "cry128", + "repo": "Cerulean", + "rev": "d527937829dec0f410f126a2f85e374cb99a2fbb", "type": "github" }, "original": { - "owner": "hyprwm", - "repo": "aquamarine", + "owner": "cry128", + "repo": "Cerulean", "type": "github" } }, - "colmena": { + "deploy-rs": { "inputs": { "flake-compat": "flake-compat", - "flake-utils": "flake-utils", - "nix-github-actions": "nix-github-actions", - "nixpkgs": "nixpkgs_2", - "stable": "stable" + "nixpkgs": [ + "cerulean", + "nixpkgs" + ], + "utils": "utils" }, "locked": { - "lastModified": 1734374287, - "narHash": "sha256-rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc=", - "owner": "zhaofengli", - "repo": "colmena", - "rev": "47b6414d800c8471e98ca072bc0835345741a56a", + "lastModified": 1766051518, + "narHash": "sha256-znKOwPXQnt3o7lDb3hdf19oDo0BLP4MfBOYiWkEHoik=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "d5eff7f948535b9c723d60cd8239f8f11ddc90fa", "type": "github" }, "original": { - "owner": "zhaofengli", - "repo": "colmena", - "rev": "47b6414d800c8471e98ca072bc0835345741a56a", + "owner": "serokell", + "repo": "deploy-rs", "type": "github" } }, + "dobutterfliescry-net": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-unstable": [ + "nixpkgs-unstable" + ], + "systems": [ + "systems" + ] + }, + "locked": { + "lastModified": 1770947070, + "narHash": "sha256-g/l/iUET/M+nSrXlwYF2e0KeKqgGpjy3qhwQY4tG62A=", + "ref": "refs/heads/main", + "rev": "4fc28bfb4f95071d34184c7ba3153eaff87eba41", + "revCount": 121, + "type": "git", + "url": "https://forge.dobutterfliescry.net/cry/site" + }, + "original": { + "type": "git", + "url": "https://forge.dobutterfliescry.net/cry/site" + } + }, "flake-compat": { "flake": false, "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", "type": "github" }, "original": { @@ -111,114 +95,71 @@ } }, "flake-compat_2": { - "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_3": { - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "revCount": 57, + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "revCount": 69, "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz" + "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz" }, "original": { "type": "tarball", "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" } }, - "flake-compat_4": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_5": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-utils": { - "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "gitignore": { + "flake-parts": { "inputs": { - "nixpkgs": [ - "hyprland", - "pre-commit-hooks", + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1769996383, + "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "57928607ea566b5db3ad13af0e57e921e6b12381", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "nt", + "nix-unit", "nixpkgs" ] }, "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "lastModified": 1762440070, + "narHash": "sha256-xxdepIcb39UJ94+YydGP221rjnpkDZUlykKuF54PsqI=", "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "repo": "flake-parts", + "rev": "26d05891e14c88eb4a5d5bee659c0db5afb609d8", "type": "github" }, "original": { "owner": "hercules-ci", - "repo": "gitignore.nix", + "repo": "flake-parts", "type": "github" } }, "grub2-themes": { "inputs": { - "nixpkgs": "nixpkgs_3" + "nixpkgs": [ + "nixpkgs" + ] }, "locked": { - "lastModified": 1730004881, - "narHash": "sha256-8xVIqIW25o2uCL0fxAmP4Sj9sdebarQXmd1+64yMe8o=", + "lastModified": 1757136219, + "narHash": "sha256-tKU+vq34KHu/A2wD7WdgP5A4/RCmSD8hB0TyQAUlixA=", "owner": "vinceliuice", "repo": "grub2-themes", - "rev": "42c232dfb46bf93c17506cbc1a574e5e89b5e09f", + "rev": "80dd04ddf3ba7b284a7b1a5df2b1e95ee2aad606", "type": "github" }, "original": { @@ -227,197 +168,83 @@ "type": "github" } }, - "hyprcursor": { + "home-manager": { "inputs": { - "hyprlang": [ - "hyprland", - "hyprlang" - ], "nixpkgs": [ - "hyprland", + "cerulean", "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" ] }, "locked": { - "lastModified": 1728669738, - "narHash": "sha256-EDNAU9AYcx8OupUzbTbWE1d3HYdeG0wO6Msg3iL1muk=", - "owner": "hyprwm", - "repo": "hyprcursor", - "rev": "0264e698149fcb857a66a53018157b41f8d97bb0", + "lastModified": 1770260404, + "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", "type": "github" }, "original": { - "owner": "hyprwm", - "repo": "hyprcursor", + "owner": "nix-community", + "ref": "release-25.11", + "repo": "home-manager", "type": "github" } }, - "hyprland": { - "inputs": { - "aquamarine": "aquamarine", - "hyprcursor": "hyprcursor", - "hyprland-protocols": "hyprland-protocols", - "hyprlang": "hyprlang", - "hyprutils": "hyprutils", - "hyprwayland-scanner": "hyprwayland-scanner", - "nixpkgs": "nixpkgs_4", - "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems_2", - "xdph": "xdph" - }, - "locked": { - "lastModified": 1730969692, - "narHash": "sha256-4Ly9zkqnRB6qLjMeddfUyd4iRLvq+RDspBWABS8DGN4=", - "owner": "hyprwm", - "repo": "Hyprland", - "rev": "e58e97b0a38b8ccc87a4304c9e4e2b37c9966875", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "Hyprland", - "type": "github" - } - }, - "hyprland-protocols": { + "home-manager_2": { "inputs": { "nixpkgs": [ - "hyprland", "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" ] }, "locked": { - "lastModified": 1728345020, - "narHash": "sha256-xGbkc7U/Roe0/Cv3iKlzijIaFBNguasI31ynL2IlEoM=", - "owner": "hyprwm", - "repo": "hyprland-protocols", - "rev": "a7c183800e74f337753de186522b9017a07a8cee", + "lastModified": 1770260404, + "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", "type": "github" }, "original": { - "owner": "hyprwm", - "repo": "hyprland-protocols", + "owner": "nix-community", + "ref": "release-25.11", + "repo": "home-manager", "type": "github" } }, - "hyprlang": { - "inputs": { - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1728168612, - "narHash": "sha256-AnB1KfiXINmuiW7BALYrKqcjCnsLZPifhb/7BsfPbns=", - "owner": "hyprwm", - "repo": "hyprlang", - "rev": "f054f2e44d6a0b74607a6bc0f52dba337a3db38e", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprlang", - "type": "github" - } - }, - "hyprpanel": { - "inputs": { - "ags": "ags_2", - "nixpkgs": "nixpkgs_6" - }, - "locked": { - "lastModified": 1731270736, - "narHash": "sha256-N0unlLf/7BqkrYx3BO9svv1+oLzKpArgiqLzkmNpD3Q=", - "owner": "Jas-SinghFSU", - "repo": "HyprPanel", - "rev": "a7855baf13c6abdd0b0e988e4390112cd7deda67", - "type": "github" - }, - "original": { - "owner": "Jas-SinghFSU", - "repo": "HyprPanel", - "type": "github" - } - }, - "hyprutils": { + "microvm": { "inputs": { "nixpkgs": [ - "hyprland", + "cerulean", "nixpkgs" ], - "systems": [ - "hyprland", - "systems" - ] + "spectrum": "spectrum" }, "locked": { - "lastModified": 1730968903, - "narHash": "sha256-zFvzLXcSm0Ia4XI1SE4FQ9KE63hlGrRWhLtwMolWuR8=", - "owner": "hyprwm", - "repo": "hyprutils", - "rev": "3ce0cde8709cdacbfba471f8e828433b58a561e9", + "lastModified": 1770310890, + "narHash": "sha256-lyWAs4XKg3kLYaf4gm5qc5WJrDkYy3/qeV5G733fJww=", + "owner": "microvm-nix", + "repo": "microvm.nix", + "rev": "68c9f9c6ca91841f04f726a298c385411b7bfcd5", "type": "github" }, "original": { - "owner": "hyprwm", - "repo": "hyprutils", - "type": "github" - } - }, - "hyprwayland-scanner": { - "inputs": { - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, - "locked": { - "lastModified": 1726874836, - "narHash": "sha256-VKR0sf0PSNCB0wPHVKSAn41mCNVCnegWmgkrneKDhHM=", - "owner": "hyprwm", - "repo": "hyprwayland-scanner", - "rev": "500c81a9e1a76760371049a8d99e008ea77aa59e", - "type": "github" - }, - "original": { - "owner": "hyprwm", - "repo": "hyprwayland-scanner", + "owner": "microvm-nix", + "repo": "microvm.nix", "type": "github" } }, "nix-flatpak": { "locked": { - "lastModified": 1711997201, - "narHash": "sha256-J71xzQlVYsjagA4AsVwRazhBh2rZrPpKvxTgs6UzL7c=", + "lastModified": 1767983141, + "narHash": "sha256-7ZCulYUD9RmJIDULTRkGLSW1faMpDlPKcbWJLYHoXcs=", "owner": "gmodena", "repo": "nix-flatpak", - "rev": "b76fa31346db7fc958a9898f3c594696ca71c4fd", + "rev": "440818969ac2cbd77bfe025e884d0aa528991374", "type": "github" }, "original": { "owner": "gmodena", - "ref": "v0.4.1", + "ref": "latest", "repo": "nix-flatpak", "type": "github" } @@ -425,16 +252,17 @@ "nix-github-actions": { "inputs": { "nixpkgs": [ - "colmena", + "nt", + "nix-unit", "nixpkgs" ] }, "locked": { - "lastModified": 1729742964, - "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", + "lastModified": 1737420293, + "narHash": "sha256-F1G5ifvqTpJq7fdkT34e/Jy9VCyzd5XfJ9TO8fHhJWE=", "owner": "nix-community", "repo": "nix-github-actions", - "rev": "e04df33f62cdcf93d73e9a04142464753a16db67", + "rev": "f4158fa080ef4503c8f4c820967d946c2af31ec9", "type": "github" }, "original": { @@ -443,32 +271,90 @@ "type": "github" } }, - "nixcord": { + "nix-unit": { "inputs": { - "flake-compat": "flake-compat_3", - "nixpkgs": "nixpkgs_7" + "flake-parts": "flake-parts_2", + "nix-github-actions": "nix-github-actions", + "nixpkgs": [ + "nt", + "nixpkgs" + ], + "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1730720546, - "narHash": "sha256-5147A6X0MH6u/YDxLe+Nnva3oxfLQanC716LarG/uoo=", - "owner": "kaylorben", - "repo": "nixcord", - "rev": "e3e27c77316f7526b1a846778ae9c759c9377611", + "lastModified": 1762774186, + "narHash": "sha256-hRADkHjNt41+JUHw2EiSkMaL4owL83g5ZppjYUdF/Dc=", + "owner": "nix-community", + "repo": "nix-unit", + "rev": "1c9ab50554eed0b768f9e5b6f646d63c9673f0f7", "type": "github" }, "original": { - "owner": "kaylorben", + "owner": "nix-community", + "repo": "nix-unit", + "type": "github" + } + }, + "nixcord": { + "inputs": { + "flake-compat": "flake-compat_2", + "flake-parts": "flake-parts", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1770943752, + "narHash": "sha256-3vWAy2BCP5liaCEKmeqeVWbTCF/JnukgMOg8qf8mCcg=", + "owner": "FlameFlag", + "repo": "nixcord", + "rev": "aa1626057e57eca3686fbc1c3e2ddfde884c6b2a", + "type": "github" + }, + "original": { + "owner": "FlameFlag", "repo": "nixcord", "type": "github" } }, "nixpkgs": { "locked": { - "lastModified": 1725634671, - "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=", + "lastModified": 1770770419, + "narHash": "sha256-iKZMkr6Cm9JzWlRYW/VPoL0A9jVKtZYiU4zSrVeetIs=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "6c5e707c6b5339359a9a9e215c5e66d6d802fd7a", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1769909678, + "narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "72716169fe93074c333e8d0173151350670b824c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1770841267, + "narHash": "sha256-9xejG0KoqsoKEGp2kVbXRlEYtFFcDTHjidiuX8hGO44=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c", + "rev": "ec7c70d12ce2fc37cb92aff673dcdca89d187bae", "type": "github" }, "original": { @@ -478,291 +364,73 @@ "type": "github" } }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1730741070, - "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { "locked": { - "lastModified": 1734119587, - "narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=", + "lastModified": 1767313136, + "narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5", + "rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs_3": { - "locked": { - "lastModified": 1730808093, - "narHash": "sha256-oOenwoxpzQsBNi7KltgnXqq6e0+CxlfNXKn3k27w6cQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "c1a390f74b2c93f69a6805142f11a215a689cec1", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "master", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1730785428, - "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { - "locked": { - "lastModified": 1725634671, - "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_6": { - "locked": { - "lastModified": 1729880355, - "narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "18536bf04cd71abd345f9579158841376fdd0c5a", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_7": { - "locked": { - "lastModified": 1730768919, - "narHash": "sha256-8AKquNnnSaJRXZxc5YmF/WfmxiHX6MMZZasRP6RRQkE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "a04d33c0c3f1a59a2c1cb0c6e34cd24500e5a1dc", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_8": { - "locked": { - "lastModified": 1739357830, - "narHash": "sha256-9xim3nJJUFbVbJCz48UP4fGRStVW5nv4VdbimbKxJ3I=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "0ff09db9d034a04acd4e8908820ba0b410d7a33a", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-24.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_9": { - "locked": { - "lastModified": 1730200266, - "narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "pre-commit-hooks": { + "nt": { "inputs": { - "flake-compat": "flake-compat_2", - "gitignore": "gitignore", - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable" + "nix-unit": "nix-unit", + "nixpkgs": "nixpkgs_2", + "systems": "systems_2" }, "locked": { - "lastModified": 1730814269, - "narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "d70155fdc00df4628446352fc58adc640cd705c2", + "lastModified": 1770975056, + "narHash": "sha256-ZXTz/P3zUbbM6lNXzt91u8EwfNqhXpYMu8+wvFZqQHE=", + "owner": "cry128", + "repo": "nt", + "rev": "f42dcdd49a7921a7f433512e83d5f93696632412", "type": "github" }, "original": { - "owner": "cachix", - "repo": "git-hooks.nix", + "owner": "cry128", + "repo": "nt", "type": "github" } }, "root": { "inputs": { - "ags": "ags", - "colmena": "colmena", + "cerulean": "cerulean", + "dobutterfliescry-net": "dobutterfliescry-net", "grub2-themes": "grub2-themes", - "hyprland": "hyprland", - "hyprpanel": "hyprpanel", + "home-manager": "home-manager_2", "nix-flatpak": "nix-flatpak", "nixcord": "nixcord", - "nixpkgs": "nixpkgs_8", - "spicetify-nix": "spicetify-nix", - "swww": "swww" + "nixpkgs": "nixpkgs", + "nixpkgs-unstable": "nixpkgs-unstable", + "nt": "nt", + "systems": "systems_3" } }, - "spicetify-nix": { - "inputs": { - "flake-compat": "flake-compat_4", - "nixpkgs": [ - "nixpkgs" - ] - }, + "spectrum": { + "flake": false, "locked": { - "lastModified": 1730780158, - "narHash": "sha256-ZJkCFn4PL49rINz7xrjlBqw9nF8wWJE7fSVqbHlCWSA=", - "owner": "Gerg-L", - "repo": "spicetify-nix", - "rev": "2791c6662002731d3dfc00312307aef547e1c8be", - "type": "github" + "lastModified": 1759482047, + "narHash": "sha256-H1wiXRQHxxPyMMlP39ce3ROKCwI5/tUn36P8x6dFiiQ=", + "ref": "refs/heads/main", + "rev": "c5d5786d3dc938af0b279c542d1e43bce381b4b9", + "revCount": 996, + "type": "git", + "url": "https://spectrum-os.org/git/spectrum" }, "original": { - "owner": "Gerg-L", - "repo": "spicetify-nix", - "type": "github" - } - }, - "stable": { - "locked": { - "lastModified": 1730883749, - "narHash": "sha256-mwrFF0vElHJP8X3pFCByJR365Q2463ATp2qGIrDUdlE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "dba414932936fde69f0606b4f1d87c5bc0003ede", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "swww": { - "inputs": { - "flake-compat": "flake-compat_5", - "nixpkgs": "nixpkgs_9", - "utils": "utils" - }, - "locked": { - "lastModified": 1730424990, - "narHash": "sha256-+8YUJsNzvgAeZYLfbHYfYlad/iS+6Eec/LWzL1ZIGfY=", - "owner": "LGFae", - "repo": "swww", - "rev": "0db3f4eb192f1c9bf914efcc1d2aba809da5d78a", - "type": "github" - }, - "original": { - "owner": "LGFae", - "repo": "swww", - "type": "github" + "type": "git", + "url": "https://spectrum-os.org/git/spectrum" } }, "systems": { - "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", - "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default-linux", - "type": "github" - } - }, - "systems_2": { - "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", - "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default-linux", - "type": "github" - } - }, - "systems_3": { - "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", - "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default-linux", - "type": "github" - } - }, - "systems_4": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -777,62 +445,73 @@ "type": "github" } }, - "utils": { - "inputs": { - "systems": "systems_4" - }, + "systems_2": { "locked": { - "lastModified": 1726560853, - "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { - "owner": "numtide", - "repo": "flake-utils", + "owner": "nix-systems", + "repo": "default", "type": "github" } }, - "xdph": { - "inputs": { - "hyprland-protocols": [ - "hyprland", - "hyprland-protocols" - ], - "hyprlang": [ - "hyprland", - "hyprlang" - ], - "hyprutils": [ - "hyprland", - "hyprutils" - ], - "hyprwayland-scanner": [ - "hyprland", - "hyprwayland-scanner" - ], - "nixpkgs": [ - "hyprland", - "nixpkgs" - ], - "systems": [ - "hyprland", - "systems" - ] - }, + "systems_3": { "locked": { - "lastModified": 1730743262, - "narHash": "sha256-iTLqj3lU8kFehPm5tXpctzkD274t/k1nwSSq3qCWXeg=", - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", - "rev": "09b23cef06fe248e61cec8862c04b9bcb62f4b6d", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { - "owner": "hyprwm", - "repo": "xdg-desktop-portal-hyprland", + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nt", + "nix-unit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1762410071, + "narHash": "sha256-aF5fvoZeoXNPxT0bejFUBXeUjXfHLSL7g+mjR/p5TEg=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "97a30861b13c3731a84e09405414398fbf3e109f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", "type": "github" } } diff --git a/flake.nix b/flake.nix old mode 100755 new mode 100644 index 861295a..2e7b315 --- a/flake.nix +++ b/flake.nix @@ -1,147 +1,55 @@ { - description = "Emile's Nix Dotfiles"; + description = "im gonna cry again ;-;"; inputs = { - # nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; - nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; - #nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + systems.url = "github:nix-systems/default"; - #home-manager = { - # url = "github:nix-community/home-manager"; - # inputs.nixpkgs.follows = "nixpkgs"; - #}; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; - spicetify-nix = { - url = "github:Gerg-L/spicetify-nix"; + home-manager = { + url = "github:nix-community/home-manager/release-25.11"; inputs.nixpkgs.follows = "nixpkgs"; }; - nixcord.url = "github:kaylorben/nixcord"; + nt.url = "github:cry128/nt"; + # nt.url = "/home/me/cry/mk/nt"; - grub2-themes.url = "github:vinceliuice/grub2-themes"; + cerulean = { + url = "github:cry128/Cerulean"; + # url = "/home/me/cry/mk/Cerulean"; + inputs = { + systems.follows = "systems"; + nixpkgs.follows = "nixpkgs"; + nt.follows = "nt"; + }; + }; - # is this necessary? (aren't I enabling it in `configuration.nix` anyways?) - hyprland.url = "github:hyprwm/Hyprland"; + nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; + grub2-themes = { + url = "github:vinceliuice/grub2-themes"; + inputs.nixpkgs.follows = "nixpkgs"; + }; - swww.url = "github:LGFae/swww"; + nixcord = { + url = "github:FlameFlag/nixcord"; + inputs.nixpkgs.follows = "nixpkgs"; + }; - # TODO: declarative flatpak management - nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=v0.4.1"; - - ags.url = "github:Aylur/ags"; - - hyprpanel.url = "github:Jas-SinghFSU/HyprPanel"; - - # colmena.url = "github:zhaofengli/colmena"; - colmena.url = "github:zhaofengli/colmena/?rev=47b6414d800c8471e98ca072bc0835345741a56a"; - # alternative to colmena (currently in testing) - #deploy-rs.url = "github:serokell/deploy-rs"; - - #wishlist.url = "path:/home/me/nixdots/flakes/wishlist"; + dobutterfliescry-net = { + url = "git+https://forge.dobutterfliescry.net/cry/site"; + inputs = { + nixpkgs.follows = "nixpkgs"; + nixpkgs-unstable.follows = "nixpkgs-unstable"; + systems.follows = "systems"; + }; + }; }; - outputs = { - self, - nixpkgs, - #home-manager, - hyprland, - grub2-themes, - nixcord, - colmena, - #deploy-rs, - ... - } @ inputs: let - system = "x86_64-linux"; - - pkgs = import nixpkgs { - inherit system; - - config = { - allowUnfree = true; - }; - }; - - # TODO: come back to this its really cool - # this is just something I'm experimenting with - PROJECT_ROOT = builtins.toString ./.; - in { - # `nix develop` shell - devShells."x86_64-linux".default = pkgs.mkShell { - buildInputs = [ - #colmena-new - ]; - }; - - nixosConfigurations = { - # i be on my puter fr - myputer = nixpkgs.lib.nixosSystem { - # nix passes these to every single module - specialArgs = {inherit inputs pkgs;}; - - modules = [ - ./hosts/myputer - grub2-themes.nixosModules.default - ]; - }; - - # my laptop 0w0 - lolcathost = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - - modules = [ - ./hosts/lolcathost - grub2-themes.nixosModules.default - ]; - }; - - # meine vps - # hyrule = nixpkgs.lib.nixosSystem { - # # manually set system architecture since - # # this is for a remote deployment - # system = "x86_64-linux"; - # specialargs = {inherit inputs pkgs;}; - # - # modules = [ - # ./hosts/hyrule - # ]; - # }; - }; - - # remote deployment with deploy-rs - # deploy.nodes.hyrule = { - # hostname = "imbored.dev"; - # # create a primary profile called "system" - # profiles.system = { - # user = "root"; # user to deploy to - # path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.hyrule; - # - # # ssh configuration for reaching the server - # sshUser = "ae"; - # #interactiveSudo = true; # TODO: use this and revoke passwordless sudo for ae - # sshOpts = ["-i" "/home/me/.ssh/id_hyrule"]; - # remoteBuild = false; # build locally then deploy to remote host - # }; - # }; - - # remote deployment to my servers!! - colmenaHive = colmena.lib.makeHive { - meta = { - # set nixpkgs global - nixpkgs = pkgs; - # set nixpkgs per server - nodeNixpkgs = { - hyrule = import nixpkgs { - system = "x86_64-linux"; - config.allowUnfree = false; - }; - }; - - # we can use `specialArgs.inputs` to inject wishlist into hyrule's module - #specialArgs.inputs = with inputs; {inherit wishlist;}; - }; - - # meine vps - hyrule = import ./hosts/hyrule; - }; + nixConfig = { + extra-experimental-features = "pipe-operators"; }; + + outputs = inputs: + import ./snow.nix inputs; } diff --git a/flakes/wishlist/README b/flakes/wishlist/README deleted file mode 100644 index 5c662bb..0000000 --- a/flakes/wishlist/README +++ /dev/null @@ -1,31 +0,0 @@ -#### wishlist.nix -This is a simple Nix flake defining a service from which -wishlist can run automatically. This flake runs wishlist-0.15.1 -and lacks configurability unfortunately. However this was an -intentional choice, allowing wishlist to read from the user's -`~/.ssh/config` file, which can be configured seperately using -the something akin to the follow home-manager snippet: -```nix -programs.ssh = { - enable = true; - addKeysToAgent = "yes"; # always add keys to ssh-agent - - matchBlocks = { - hyrule = { - hostname = "imbored.dev"; - user = "ae"; - port = 22; - identityFile = "/home/me/.ssh/id_hyrule"; - }; - }; -}; - -``` - -This decision was mostly selfish as it was easiest... -But it comes at the cost of not being able to set the -port wishlist listens on. So for now you're stuck with `2222`. - -###### The Future!! (woooowwww) -Create an option for wishlist that is used to construct -the `config.yaml` file diff --git a/flakes/wishlist/flake.nix b/flakes/wishlist/flake.nix deleted file mode 100644 index a98561a..0000000 --- a/flakes/wishlist/flake.nix +++ /dev/null @@ -1,93 +0,0 @@ -{ - inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; - flake-utils.url = "github:numtide/flake-utils"; - }; - - outputs = { - self, - config, - nixpkgs, - lib, - flake-utils, - }: let - cfg = config.services.wishlist; - supportedSystems = ["x86_64-linux" "i686-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin"]; - in { - # TODO: 1. add options (ie one to set whether the server should be enabled), - # 2. create a systemd service - # 3. create a main program - # 4. celibrate - - # TODO: do I need to make this a home-manager option and set the yaml config? - - # define what settings a user can change - options = { - services.wishlist = with lib; { - enable = mkEnableOption "wishlist"; - - port = mkOption { - type = types.port; - default = 2222; - description = "Port to listen on"; - }; - - package = mkOption { - type = types.package; - default = self.packages.${nixpkgs.system}.default; - description = "Package to use"; - }; - }; - }; - - # define a systemd service for wishlist ^_^ - config = lib.mkIf cfg.enable { - systemd.services.wishlist = { - description = "Single entrypoint for multiple SSH endpoints"; - wantedBy = ["multi-user.target"]; - - serviceConfig = { - DynamicUser = "yes"; - ExecStart = "${cfg.package}/bin/wishlist serve"; - Restart = "always"; - RestartSec = "2s"; - }; - }; - }; - - packages = flake-utils.lib.eachSystem supportedSystems ( - system: let - version = "0.15.1"; - #pkgs = nixpkgs.legacyPackages.${system}; - pkgs = import nixpkgs { - inherit system; - config.allowUnfree = false; - }; - #lib = pkgs.lib; - in rec { - defaultPackage = self.packages.${system}.wishlist; - wishlist = pkgs.buildGoModule { - pname = "wishlist"; - inherit version; - meta = with lib; { - description = "Single entrypoint for multiple SSH endpoints"; - homepage = "https://github.com/charmbracelet/wishlist"; - changelog = "https://github.com/charmbracelet/wishlist/releases/tag/v${version}"; - license = licenses.mit; - maintainers = with maintainers; [caarlos0 penguwin]; - mainProgram = "wishlist"; - }; - - src = pkgs.fetchFromGitHub { - owner = "charmbracelet"; - repo = "wishlist"; - rev = "v${version}"; - # rev = "d7f058e115a8b4a4131406d01dde84fb4a8e93c4"; - hash = "53fojA+gdvpSVNjx6QncH16F8/x+lpY5SkNs7obW2XQ="; - }; - vendorSha256 = "0x6rss3fwv2398wrd5kyzkrqaphzvh4ykwfqai9glxm01y6fhxz7"; - }; - } - ); - }; -} diff --git a/flakes/wishlist/wishlist.nix b/flakes/wishlist/wishlist.nix deleted file mode 100644 index 1bdb24b..0000000 --- a/flakes/wishlist/wishlist.nix +++ /dev/null @@ -1,99 +0,0 @@ -# NOTE: Wishlist service fails on nix because of readonly file system -# and it can't find a config file for itself, it needs to write that -# itself I suppose :( -# So: -# 1. Get it to write that file, and -# 2. Allow it to inherit profiles from configured ssh -{ - self, - config, - pkgs, - lib, -}: let - cfg = config.services.wishlist; -in { - options = { - services.wishlist = with lib; { - enable = mkEnableOption "wishlist"; - - name = mkOption { - type = types.str; - default = - }; - - port = mkOption { - type = types.port; - default = 2222; - description = "Port to listen on"; - }; - - #configPath = mkOption { - # type = types.path; - # default = ; - # description = "Path to config file"; - #}; - - package = mkOption { - type = types.package; - default = self.packages.${nixpkgs.system}.default; - description = "Package to use"; - }; - }; - }; - - # define a systemd service for wishlist ^_^ - config = lib.mkIf cfg.enable { - systemd.services.wishlist = { - description = "Single entrypoint for multiple SSH endpoints"; - wantedBy = ["multi-user.target"]; - - serviceConfig = let - wishlistServiceConfig = pkgs.writeText "config.yaml" '' - hello world! - ''; - in { - DynamicUser = "yes"; - ExecStart = "${pkgs.wishlist}/bin/wishlist serve --config ${wishlistServiceConfig}"; - Restart = "always"; - RestartSec = "2s"; - }; - }; - }; - - /* - packages = flake-utils.lib.eachSystem supportedSystems ( - system: let - version = "0.15.1"; - #pkgs = nixpkgs.legacyPackages.${system}; - pkgs = import nixpkgs { - inherit system; - config.allowUnfree = false; - }; - #lib = pkgs.lib; - in rec { - defaultPackage = self.packages.${system}.wishlist; - wishlist = pkgs.buildGoModule { - pname = "wishlist"; - inherit version; - meta = with lib; { - description = "Single entrypoint for multiple SSH endpoints"; - homepage = "https://github.com/charmbracelet/wishlist"; - changelog = "https://github.com/charmbracelet/wishlist/releases/tag/v${version}"; - license = licenses.mit; - maintainers = with maintainers; [caarlos0 penguwin]; - mainProgram = "wishlist"; - }; - - src = pkgs.fetchFromGitHub { - owner = "charmbracelet"; - repo = "wishlist"; - rev = "v${version}"; - # rev = "d7f058e115a8b4a4131406d01dde84fb4a8e93c4"; - hash = "53fojA+gdvpSVNjx6QncH16F8/x+lpY5SkNs7obW2XQ="; - }; - vendorSha256 = "0x6rss3fwv2398wrd5kyzkrqaphzvh4ykwfqai9glxm01y6fhxz7"; - }; - } - ); - */ -} diff --git a/groups/all/default.nix b/groups/all/default.nix new file mode 100644 index 0000000..a636196 --- /dev/null +++ b/groups/all/default.nix @@ -0,0 +1,63 @@ +{ + pkgs, + lib, + ... +}: { + imports = [ + ./modules/flatpak.nix + ]; + + # NOTE: mkDefault is 1000 and mkForce is 50 + # NOTE: so this is like a second mkDefault + security.sudo.wheelNeedsPassword = lib.mkDefault true; + + networking = { + networkmanager.enable = true; + + nftables.enable = true; + firewall.enable = lib.mkDefault true; + + # Use CloudFlare's WARP+ 1.1.1.1 DNS service + nameservers = [ + "1.1.1.1" + "1.0.0.1" + ]; + }; + + programs.nh = { + enable = true; + clean.enable = true; + clean.extraArgs = "--keep-since 7d --keep 3"; + flake = "/home/me/flake"; # sets NH_OS_FLAKE variable for you + }; + + nix.settings = { + # make wheel group trusted users allows my "ae" user + # to import packages not signed by a trusted key + # (aka super duper easier to remote deploy) + trusted-users = ["root" "@wheel"]; + experimental-features = [ + "nix-command" + "flakes" + "pipe-operators" + ]; + download-buffer-size = 524288000; # 500 MiB + }; + + time.timeZone = lib.mkDefault "Australia/Brisbane"; + + i18n.defaultLocale = lib.mkDefault "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + users.defaultUserShell = pkgs.bash; + + environment.systemPackages = with pkgs; [ + git + vim + wget + tree + ]; +} diff --git a/groups/all/modules/flatpak.nix b/groups/all/modules/flatpak.nix new file mode 100644 index 0000000..fbc2b38 --- /dev/null +++ b/groups/all/modules/flatpak.nix @@ -0,0 +1,12 @@ +{...}: { + services.flatpak = { + # DEBUG: remotes = [ + # DEBUG: { + # DEBUG: location = "https://dl.flathub.org/repo/flathub.flatpakrepo"; + # DEBUG: name = "flathub"; + # DEBUG: } + # DEBUG: ]; + + # DEBUG: uninstallUnmanaged = true; + }; +} diff --git a/groups/cryde/default.nix b/groups/cryde/default.nix new file mode 100644 index 0000000..02c1be0 --- /dev/null +++ b/groups/cryde/default.nix @@ -0,0 +1,133 @@ +{ + pkgs, + upkgs, + config, + ... +}: { + imports = [ + ./programs.nix + + ../../hosts/modules/bashistrans.nix + ../../hosts/modules/wm/hyprland.nix + ../../hosts/modules/steam.nix + ../../hosts/modules/obsidian.nix + ]; + + boot.loader.grub2-theme = { + enable = true; + # GitHub: vinceliuice/grub2-themes + theme = "whitesur"; # stylish, vimix, or whitesur + footer = true; + customResolution = "1920x1080"; + }; + + services = { + # Set display manager (login screen) + displayManager = { + # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects + sddm = { + enable = true; + wayland.enable = true; # experimental + theme = "corners"; + }; + defaultSession = + "hyprland" + + ( + if config.programs.hyprland.withUWSM == true + then "-uwsm" + else null + ); + }; + + tumbler.enable = true; # Thunar image thumbnail support + gvfs.enable = true; # Thunar mount, trash, and other functionality + }; + + programs = { + zsh.enable = true; + fish.enable = true; + + nix-ld.enable = true; + + neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + configure = { + customRC = '' + set number + set tabstop=4 + set shiftwidth=4 + ''; + }; + }; + + # Thunar also uses: `services.tumbler` & `services.gvfs` + thunar = { + enable = true; + plugins = with pkgs.xfce; [ + thunar-volman # for removable drives (ie USBs) + thunar-archive-plugin # create and extract archives + thunar-media-tags-plugin # change metadata for media files + ]; + }; + + # mozilla's email client + thunderbird.enable = true; + }; + + # ----- FONTS ----- + fonts = { + enableDefaultPackages = true; # no clue what this line does tbh + packages = with pkgs; + [ + geist-font # for my hyprlock theme + # texlive maintains a noto-emoji flake + texlivePackages.noto-emoji + ] + ++ builtins.filter lib.attrsets.isDerivation ( + builtins.attrValues pkgs.nerd-fonts + ); + + # TODO: change my default fonts + fontconfig = { + defaultFonts = { + serif = ["Geist"]; # TODO: package Iosevka Etoile since Iosevka isn't a serif font + sansSerif = ["Geist"]; + monospace = ["Cousine"]; + emoji = ["Noto Emoji"]; + }; + }; + }; + + # ---- ENVIRONMENT VARIABLES ---- + environment = { + sessionVariables = { + # Hint Electrons apps to use Wayland + NIXOS_OZONE_WL = "1"; + }; + systemPackages = with pkgs; [ + sddm-theme-corners + ]; + }; + + # ------- USERS ------- + users = { + users = { + # literally me fr (personal account) + me = { + isNormalUser = true; + extraGroups = ["wheel" "netdev" "docker"]; + shell = pkgs.bash; + packages = with pkgs; [ + firefox + nitch + starfetch + + gitkraken + ]; + }; + }; + }; +} diff --git a/groups/cryde/programs.nix b/groups/cryde/programs.nix new file mode 100644 index 0000000..09c0a67 --- /dev/null +++ b/groups/cryde/programs.nix @@ -0,0 +1,32 @@ +{ + pkgs, + upkgs, + ... +}: { + # ---- SYSTEM PACKAGES ----- + environment.systemPackages = with pkgs; [ + # User Environment + swww + helvum + easyeffects + pavucontrol + ani-cli + bluetui + wl-clipboard # clipboard for wayland + hyprpicker # color picker + hyprshot # screenshot utility + wl-screenrec # screen recording utility + qbittorrent # torrenting + signal-desktop + kdePackages.gwenview # image viewer + video-trimmer + element-desktop + + # Games + prismlauncher # minecraft + upkgs.olympus # celeste + discord + discordo + upkgs.ekphos + ]; +} diff --git a/groups/cryos/default.nix b/groups/cryos/default.nix new file mode 100644 index 0000000..82699d6 --- /dev/null +++ b/groups/cryos/default.nix @@ -0,0 +1,140 @@ +{ + pkgs, + lib, + ... +}: { + imports = [ + ./programs.nix + ]; + + nixpkgs.config.allowUnfreePredicate = let + whitelist = with pkgs; + map lib.getName [ + discord + steam + steamcmd + steam-unwrapped + + winbox + + obsidian + gitkraken + ]; + in + pkg: builtins.elem (lib.getName pkg) whitelist; + + boot.loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot/efi"; + }; + grub = { + efiSupport = true; + device = "nodev"; + # useOSProber = true; + }; + }; + + # Enable initrd hook for virtual console customisation + # aka cool colours when bootting yay!! + console = { + enable = true; + earlySetup = true; # initrd pre hook + keyMap = "us"; + font = "Lat2-Terminus16"; + # ANSI 24-bit color definitions (theme: dracula) + colors = [ + "21222c" + "ff5555" + "50fa7b" + "f1fa8c" + "bd93f9" + "ff79c6" + "8be9fd" + "f8f8f2" + "6272a4" + "ff6e6e" + "69ff94" + "ffffa5" + "d6acff" + "ff92df" + "a4ffff" + "ffffff" + ]; + }; + + hardware = { + graphics = { + enable = true; + enable32Bit = true; + }; + + bluetooth = { + enable = true; + powerOnBoot = true; + }; + }; + + virtualisation.docker.enable = true; + + services = { + # systemd-resolved provides network name resolution + # to local processes via a D-Bus interface. + resolved = { + enable = true; + dnssec = "true"; + domains = ["~."]; + # Use CloudFlare's WARP+ 1.1.1.1 DNS service + fallbackDns = [ + "1.1.1.1#one.one.one.one" + "1.0.0.1#one.one.one.one" + ]; + dnsovertls = "true"; + }; + + # Multimedia Framework + # With backwards compatability for alsa/pulseaudio/jack + pipewire = { + enable = true; + audio.enable = true; + wireplumber.enable = true; + + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; + }; + + security = { + rtkit.enable = true; # I *think* this is for pipewire + sudo.wheelNeedsPassword = lib.mkDefault true; + }; + + # ---- ENVIRONMENT VARIABLES ---- + environment = { + # always install "dev" derivation outputs + extraOutputsToInstall = ["dev" "man"]; + + sessionVariables = { + # folder names with capitalisation look awful! + XDG_DOWNLOAD_DIR = "$HOME/downloads"; + }; + }; + + documentation = { + enable = true; + doc.enable = true; # install /share/doc packages + man = { + enable = true; # install manpages + generateCaches = false; + }; + info.enable = true; # install GNU info + dev.enable = true; # install docs intended for developers + nixos = { + enable = true; # install NixOS documentation (ie man -k nix, & nixos-help) + options.splitBuild = true; + includeAllModules = false; + }; + }; +} diff --git a/groups/cryos/programs.nix b/groups/cryos/programs.nix new file mode 100644 index 0000000..3e58545 --- /dev/null +++ b/groups/cryos/programs.nix @@ -0,0 +1,121 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + # Shell + bash + fish + shellcheck + grc # colorise command outputs + moreutils + + # Systems Emulation + qemu # Fellice Bellard's Quick Emulator + # Binaries + binutils + strace + ltrace + perf-tools # ftrace + perf + radare2 + gdb + hexyl + # ASM + nasm + x86-manpages + # C Family + gcc + clang + clang-tools + gnumake + cmake + + # Rust + cargo + rustc + rustfmt + # Go + go + # Nim + nim + nimble + # Haskell + ghc + ghcid + ormolu + + # Nix + nix-prefetch-git + nix-index + nix-unit + + # Python + python312 # I use 3.12 since it's in a pretty stable state now + python314 # also 3.14 for latest features + poetry + # Sage + sageWithDoc # SageMath + HTML Documentation + + # .NET + dotnetCorePackages.dotnet_9.sdk + dotnetCorePackages.dotnet_9.aspnetcore + dotnetCorePackages.dotnet_9.runtime + + openvpn + inetutils + wireguard-tools + + # security tools + rustscan + nmap + dig + gobuster + nth + zap + + httpie + curlie + zoxide + doggo + tldr + btop + eza + yazi + lazygit + ripgrep + viddy # modern `watch` command + timg # terminal image (sixel) viewer + + # Pretty necessary + git + git-filter-repo + brightnessctl + acpi + # upower + vim + powertop + imagemagick + + # "Standard" Unix Commands + file + wget + tree + pstree + zip + unzip + unrar-free + lz4 + man-pages + man-pages-posix + + # Cryptography + gnupg + openssl + libargon2 + ]; + + programs = { + gnupg.agent = { + enable = true; + pinentryPackage = pkgs.pinentry-curses; + enableSSHSupport = true; + }; + }; +} diff --git a/groups/server/default.nix b/groups/server/default.nix new file mode 100644 index 0000000..32fe569 --- /dev/null +++ b/groups/server/default.nix @@ -0,0 +1,71 @@ +{lib, ...}: { + networking.firewall = { + allowedTCPPorts = [ + 42069 # ssh + ]; + }; + + security = { + # accept Lets Encrypt's security policy + acme = { + acceptTerms = true; + defaults.email = "eclarkboman@gmail.com"; + }; + + sudo = { + enable = true; + wheelNeedsPassword = true; + }; + # allow SSH keys for passwordless auth + pam = { + sshAgentAuth.enable = true; + services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module + }; + }; + + services = { + openssh = { + enable = true; + ports = [42069]; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + AllowUsers = ["cry"]; # DO NOT ALLOW ALL + UseDns = true; + X11Forwarding = false; + }; + }; + }; + + # simple fail2ban config (not production ready or anything though) + # refer to: https://nixos.wiki/wiki/Fail2Ban + services.fail2ban = { + enable = true; + + maxretry = 5; + bantime = "10m"; # 10 minute ban + bantime-increment = { + enable = true; + formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)"; + # multipliers = "1 2 4 8 16 32 64"; + maxtime = "168h"; # dont ban for more than 1 week + overalljails = true; + }; + }; + + users = { + users = { + # primary user + cry = { + isNormalUser = true; + home = "/home/cry"; + extraGroups = ["wheel"]; + openssh.authorizedKeys.keys = lib.mkDefault [ + (throw '' + Hosts in the `server` group must set `users.users.cry.openssh.authorizedKeys.keys = [ ... ]`. + '') + ]; + }; + }; + }; +} diff --git a/homes/ae/default.nix b/homes/ae/default.nix index b92f739..3c33619 100644 --- a/homes/ae/default.nix +++ b/homes/ae/default.nix @@ -11,6 +11,9 @@ }; imports = [ + ../modules/fish.nix + ../modules/bat.nix + ../modules/btop.nix ]; home = { @@ -18,39 +21,8 @@ homeDirectory = "/home/ae"; }; - programs = { - }; - # Nicely reload system units when changing configs systemd.user.startServices = "sd-switch"; - # ssh = { - # enable = true; - # forwardAgent = true; - # addKeysToAgent = "yes"; - - # matchBlocks = { - # hyrule = { - # hostname = "imbored.dev"; - # user = "ae"; - # port = 22; - # identityFile = "/home/ae/.ssh/id_hyrule"; - # }; - # }; - # }; - - # SERVICE: webfishing (example for wishlist) - #systemd.user.services.webfishing = { - # Unit.Description = "I be out here webfishing frfr"; - - # Install.WantedBy = ["default.target"]; - - # Service = { - # Type = "exec"; - # ExecStart = "echo $HOME; cat $HOME/.ssh/config"; - # Restart = "always"; - # }; - #}; - home.stateVersion = "24.11"; # DO NOT MODIFY } diff --git a/homes/me/default.nix b/homes/me/default.nix index b858211..169219f 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -1,53 +1,43 @@ { - inputs, - outputs, lib, - config, pkgs, ... }: { - nixpkgs = { - config.allowUnfree = true; - }; - imports = [ + ../modules/fish.nix + ../modules/btop.nix + ../modules/tmux.nix + ../modules/term/foot.nix ../modules/git.nix ../modules/bat.nix - ../modules/fish.nix + ../modules/editor/helix.nix - ../modules/btop.nix - ../modules/rio.nix ../modules/firefox.nix - ../modules/nixcord.nix - - #../modules/hypr/hypridle.nix - #../modules/hypr/hyprlock.nix + ../modules/apps/thunderbird.nix + ../modules/wm/hypr/hyprlock.nix ../modules/kanshi.nix - ../modules/ags + ../modules/mako.nix ]; - /* - programs.spicetify = - let - spicePkgs = inputs.spicetify-nix.legacyPackages.${pkgs.system}; - in - { - enable = true; - enabledExtensions = with spicePkgs.extensions; [ - adblock - hidePodcasts - shuffle # shuffle+ (special characters are sanitized out of extension names) - ]; - theme = spicePkgs.themes.catppuccin; - colorScheme = "mocha"; - }; - */ + nixpkgs.config.allowUnfreePredicate = pkg: + builtins.elem (lib.GetName pkg) [ + "vscode-extension-ms-dotnettools-csharp" + ]; home = { username = "me"; homeDirectory = "/home/me"; + shellAliases = { + brip = "batgrep"; # bat + ripgrep + man = "batman"; # bat + man + }; + + sessionVariables = { + NIX_SHELL_PRESERVE_PROMPT = 1; + }; + pointerCursor = { gtk.enable = true; # x11.enable = true # dont enable since im on hyprland @@ -55,6 +45,18 @@ name = "Bibata-Modern-Ice"; size = 16; }; + + packages = with pkgs; [ + # for services.gnome-keyring + pkgs.gcr # provides org.gnome.keyring.SystemPrompter + seahorse # gui + + tor-browser + + fuzzel + + speedtest-cli + ]; }; gtk = { @@ -71,15 +73,12 @@ # TODO: use a variable to mirror this cursor size # with the `home.pointerCurser.size` cursorTheme = { - # dont set the theme (use system default instead) - # only set size to match the system package = pkgs.bibata-cursors; name = "Bibata-Modern-Ice"; size = 16; }; }; - # TODO: this lowkey doesnt work... (maybe the name "Dracula" is wrong?) qt = { enable = true; platformTheme.name = "gtk2"; @@ -90,78 +89,70 @@ # these are both required for home-manager to work home-manager.enable = true; - # DEBUG: testing if my xdg-desktop-portal-hyprland is working or not - obs-studio = { + zsh = { enable = true; - plugins = with pkgs.obs-studio-plugins; [ - wlrobs - obs-backgroundremoval - obs-pipewire-audio-capture - ]; - }; + enableCompletion = true; + autosuggestion.enable = true; + syntaxHighlighting.enable = true; - # set ssh profiles - # (all we need is hyrule, everything else is through wishlist) - # NOTE: (IMPORTANT) this DOES NOT start the ssh-agent - # for that you need to use `services.ssh-agent.enable` - ssh = { - enable = true; - forwardAgent = true; - addKeysToAgent = "yes"; # always add keys to ssh-agent - - matchBlocks = { - hyrule = { - hostname = "imbored.dev"; - user = "ae"; - port = 22; - identityFile = "~/.ssh/id_hyrule"; - }; - subspace = { - hostname = "imbored.dev"; - user = "subspace"; - port = 22; - identityFile = "~/.ssh/id_subspace"; - }; + history = { + size = 10000; + ignoreAllDups = true; + path = "$HOME/.zsh_history"; + ignorePatterns = [ + "rm *" + ]; }; }; - # I want to use fish as my login shell but it always - # goes terrible cause it isn't POSIX compliant, so - # instead Bash is my login and it will just exec fish - #bash = { - # interactiveShellInit = '' - # if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] - # then - # shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - # exec ${pkgs.fish}/bin/fish $LOGIN_OPTION - # fi - # ''; - #}; + # set ssh profiles + # WARNING: this DOES NOT start the ssh-agent + # WARNING: for that you need to use `services.ssh-agent.enable` + ssh = { + enable = true; + forwardAgent = false; + addKeysToAgent = "yes"; - /* - spicetify = - let - spicePkgs = inputs.spicetify-nix.legacyPackages.${pkgs.system}; - in - { - enable = true; - enabledExtensions = with spicePkgs.extensions; [ - adblock - hidePodcasts - #shuffle - ]; - theme = spicePkgs.themes.catppuccin; - colorScheme = "mocha"; - }; - */ + matchBlocks = { + butterfly = { + hostname = "dobutterfliescry.net"; + user = "cry"; + port = 42069; + identityFile = "~/.ssh/id_butterfly"; + setEnv = { + TERM = "linux"; + }; + }; + clocktown = { + hostname = "hyrule.dobutterfliescry.net"; + user = "cry"; + port = 42069; + identityFile = "~/.ssh/id_hyrule"; + setEnv = { + TERM = "linux"; + }; + }; + youcue = { + hostname = "moss.labs.eait.uq.edu.au"; + user = "s4740056"; + port = 22; + identityFile = "~/.ssh/id_youcue"; + setEnv = { + TERM = "xterm-256color"; + }; + }; + }; + }; }; - # enable OpenSSH private key agent - services.ssh-agent.enable = true; + services = { + # enable OpenSSH private key agent + ssh-agent.enable = true; + + gnome-keyring.enable = true; + }; # the ssh-agent won't set this for itself... systemd.user.sessionVariables.SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/ssh-agent"; - #home.sessionVariables.SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/ssh-agent"; - # Nicely reload system units when changing configs systemd.user.startServices = "sd-switch"; diff --git a/homes/modules/ags/config.js b/homes/modules/ags/config.js index 904ba9e..5a11efc 100755 --- a/homes/modules/ags/config.js +++ b/homes/modules/ags/config.js @@ -1,24 +1,28 @@ import { AppLauncher } from "./widgets/applauncher.js" -import { Notifications } from "./widgets/notifications.js" +//import { Notifications } from "./widgets/notifications.js" +/* const date = Variable('', { poll: [1000, 'date'], }) +*/ +/* const Bar = (monitor = 0) => Widget.Window({ monitor, name: 'bar${monitor}', anchor: ['top', 'left', 'right'], child: Widget.Label({ label: date.bind() }), }) +*/ App.config({ style: "./style.css", // icons: "./assets", windows: [ - Bar(), + //Bar(), AppLauncher, - Notifications() + //Notifications() ] // gtkTheme: "Adwaita-dark", // cursorTheme: "Qogir", diff --git a/homes/modules/ags/widgets/fullscreen.js b/homes/modules/ags/widgets/fullscreen.js index a6c60f0..72682f2 100755 --- a/homes/modules/ags/widgets/fullscreen.js +++ b/homes/modules/ags/widgets/fullscreen.js @@ -2,10 +2,10 @@ const WINDOW_NAME = "fullscreen"; const Fullscreen = (children) => Widget.Box({ vertical: true, - css: "background-image: url('https://images2.alphacoders.com/135/1351579.png');" - + "background-size: cover;" - + "background-position: center;" - + "background-repeat: no-repeat;", + css: "background-image: url('~/downloads/wallpaper/kill-my-firstborn/astronaut-pink-blue.png');", + //+ "background-size: cover;" + //+ "background-position: center;" + //+ "background-repeat: no-repeat;", children: children, }) diff --git a/homes/modules/apps/thunderbird.nix b/homes/modules/apps/thunderbird.nix new file mode 100644 index 0000000..dd4f861 --- /dev/null +++ b/homes/modules/apps/thunderbird.nix @@ -0,0 +1,10 @@ +{...}: { + programs.thunderbird = { + enable = true; + profiles = { + "me" = { + isDefault = true; + }; + }; + }; +} diff --git a/homes/modules/bat.nix b/homes/modules/bat.nix index f29f49b..fca2231 100755 --- a/homes/modules/bat.nix +++ b/homes/modules/bat.nix @@ -12,4 +12,13 @@ theme = "Dracula"; }; }; + + # other commands that make normal utils prettier + home.packages = with pkgs.bat-extras; [ + batdiff + batgrep + batman + batwatch + prettybat + ]; } diff --git a/homes/modules/btop.nix b/homes/modules/btop.nix index 119da4f..918eb25 100644 --- a/homes/modules/btop.nix +++ b/homes/modules/btop.nix @@ -18,7 +18,7 @@ background_update = true; update_ms = 2000; rounded_corners = false; - graph_symbol = "braille"; # braille/block/tty + graph_symbol = "block"; # braille/block/tty graph_symbol_cpu = "default"; graph_symbol_mem = "default"; graph_symbol_net = "default"; diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index 4a66841..bccdc13 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -1,13 +1,69 @@ { - config, pkgs, + # upkgs, ... -}: { - # read https://docs.helix-editor.com/editor.html +}: let + lsps = { + bash-language-server = { + pkg = pkgs.bash-language-server; + cmd = "bash-language-server"; + }; + + clangd = { + pkg = pkgs.clang-tools; + cmd = "clangd"; + }; + + glsl_analyzer = { + pkg = pkgs.glsl_analyzer; + cmd = "glsl_analyzer"; + }; + + haskell-language-server = { + pkg = pkgs.haskell-language-server; + cmd = "haskell-language-server-wrapper"; + }; + + # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) + # helix will support nixd by default + # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix + nixd = { + pkg = pkgs.nixd; + cmd = "nixd"; + }; + + OmniSharp = { + pkg = pkgs.omnisharp-roslyn; + cmd = "OmniSharp"; + }; + + rust-analyzer = { + pkg = pkgs.rust-analyzer; + cmd = "rust-analyzer"; + }; + + ty = { + pkg = pkgs.ty; # DEBUG: upkgs.ty; + cmd = "ty"; + }; + + typescript-language-server = { + pkg = pkgs.typescript-language-server; + cmd = "typescript-language-server"; + }; + }; +in { + home.packages = + lsps + |> builtins.attrValues + |> map (lsp: lsp.pkg); + + # REF: https://docs.helix-editor.com/editor.html programs.helix = { enable = true; settings = { theme = "dracula"; + editor = { line-number = "absolute"; popup-border = "all"; @@ -107,29 +163,103 @@ }; }; - languages.language = [ - { - name = "nix"; - indent = { - tab-width = 2; - unit = " "; - }; - block-comment-tokens = { - start = "/*"; - end = "*/"; - }; - auto-format = true; - formatter.command = "${pkgs.alejandra}/bin/alejandra"; - } - { - name = "python"; - indent = { - tab-width = 4; - unit = " "; - }; - auto-format = false; # my python is beautiful ^_^ - rulers = [80]; - } - ]; + languages = { + language = [ + { + name = "nix"; + indent = { + tab-width = 2; + unit = " "; + }; + block-comment-tokens = { + start = "/*"; + end = "*/"; + }; + auto-format = true; + formatter.command = "${pkgs.alejandra}/bin/alejandra"; + language-servers = ["nixd"]; + } + { + name = "python"; + indent = { + tab-width = 4; + unit = " "; + }; + auto-format = false; # my python is beautiful ^_^ + rulers = [80]; + language-servers = ["ty"]; + } + { + name = "c"; + file-types = ["c" "h"]; # use .hpp for C++ + auto-format = true; + formatter.command = "${pkgs.clang-tools}/bin/clang-format"; + language-servers = ["clangd"]; + } + { + name = "haskell"; + auto-format = true; + formatter.command = "${pkgs.ormolu}/bin/ormolu"; + language-servers = ["haskell-language-server"]; + } + { + name = "rust"; + indent = { + tab-width = 2; + unit = " "; + }; + auto-format = true; + formatter.command = "${pkgs.rustfmt}/bin/rustfmt"; + language-servers = ["rust-analyzer"]; + } + { + name = "c-sharp"; + file-types = ["cs"]; + indent = { + tab-width = 4; + unit = " "; + }; + block-comment-tokens = { + start = "/*"; + end = "*/"; + }; + # auto-format = true; + # formatter.command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp"; + # language-servers = ["OmniSharp"]; + } + { + name = "javascript"; + file-types = ["js"]; + indent = { + tab-width = 2; + unit = " "; + }; + block-comment-tokens = { + start = "/*"; + end = "*/"; + }; + auto-format = true; + language-servers = ["typescript-language-server"]; + } + { + name = "glsl"; + file-types = ["glsl"]; + indent = { + tab-width = 2; + unit = " "; + }; + block-comment-tokens = { + start = "/*"; + end = "*/"; + }; + auto-format = false; + language-servers = ["glsl_analyzer"]; + } + ]; + + language-server = + lsps + |> builtins.mapAttrs (_: lsp: {command = "${lsp.pkg}/bin/${lsp.cmd}";}); + }; }; } diff --git a/homes/modules/editor/vscode.nix b/homes/modules/editor/vscode.nix new file mode 100644 index 0000000..f824b1c --- /dev/null +++ b/homes/modules/editor/vscode.nix @@ -0,0 +1,134 @@ +{ + config, + lib, + pkgs, + vscodium ? false, + secret-service ? "gnome-libsecret", + vscode-argv ? ".vscode/argv.json", + ... +}: { + nixpkgs.overlays = [ + ( + self: super: { + vscode-extensions = super.vscode-extensions.overrideAttrs (prev: let + mkVscMarketplaceExtension = { + publisher, + name, + version, + hash, + description ? "", + homepage ? null, + changelog ? null, + license ? null, + maintainers ? [lib.maintainers.emileclarkb], + }: + with pkgs.vscode-utils.buildVscodeMarketplaceExtension; { + ${publisher}.${name} = buildVscodeMarketplaceExtension { + mktplcRef = { + inherit + publisher + name + version + hash + ; + }; + + meta = { + inherit + ( + if license != null + then {license = license;} + else {} + ) + description + homepage + maintainers + ; + downloadPage = "https://marketplace.visualstudio.com/items?itemName=${publisher}.${name}"; + changelog = + if changelog != null + then changelog + else "https://marketplace.visualstudio.com/items/${publisher}.${name}/changelog"; + }; + }; + }; + in + lib.mergeAttrsList [ + (mkVscMarketplaceExtension { + publisher = "ms-dotnettools"; + name = "dotnet-maui"; + version = "1.11.14"; + hash = lib.fakeHash; + + description = "Extend C# Dev Kit with tools for building .NET Multi-platform App UI (MAUI) apps"; + homepage = "https://github.com/microsoft/vscode-dotnettools"; + license = lib.licenses.unfree; + }) + ]); + } + ) + ]; + + # REF: https://home-manager-options.extranix.com/?query=vscode&release=release-25.05 + programs.vscode = { + enable = true; + # TODO: clean up + package = + ( + if vscodium + then pkgs.vscodium + else pkgs.vscode + ).overrideAttrs (oldAttrs: { + # runtimeDependencies = oldAttrs.runtimeDependencies ++ [] + }); + + mutableExtensionsDir = true; + + profiles.default = { + enableUpdateCheck = false; + enableExtensionUpdateCheck = false; + # extension format: USER.PACKAGENAME + extensions = with pkgs.vscode-extensions; [ + # .NET + ms-dotnettools.csharp + ms-dotnettools.csdevkit + ms-dotnettools.vscode-dotnet-runtime + # TODO: these extensions aren't packaged :( + # deitry.solution-syntax + # ms-dotnettools.vscode-dotnet-pack + # ms-dotnettools.dotnet-maui + + # Python + ms-python.python + + # GitLens by GitKraken + eamodio.gitlens + ms-azuretools.vscode-docker + + github.copilot + github.copilot-chat + + # Colors & Themes + dracula-theme.theme-dracula + catppuccin.catppuccin-vsc + catppuccin.catppuccin-vsc-icons + mvllow.rose-pine + ]; + + userSettings = { + "workbench.colorTheme" = "Dracula Theme"; + "github.copilot.nextEditSuggestions.enabled" = true; + }; + }; + }; + + # TODO: this is super ugly, make sure the JSON is formatted!! + home.file.${vscode-argv}.text = builtins.toJSON { + password-store = secret-service; + + disable-hardware-acceleration = false; + disable-color-correct-rendering = false; + enable-crash-reporter = false; + # crash-report-id = ...; + }; +} diff --git a/homes/modules/editor/vscodium.nix b/homes/modules/editor/vscodium.nix new file mode 100644 index 0000000..ecde271 --- /dev/null +++ b/homes/modules/editor/vscodium.nix @@ -0,0 +1,37 @@ +{ + lib, + pkgs, + ... +}: { + # REF: https://home-manager-options.extranix.com/?query=vscode&release=release-25.05 + programs.vscode = { + enable = true; + package = pkgs.vscodium; + + mutableExtensionsDir = true; + + profiles.default = { + enableUpdateCheck = false; + enableExtensionUpdateCheck = false; + # extension format: USER.PACKAGENAME + extensions = with pkgs.vscode-extensions; [ + # .NET + ms-dotnettools.csharp + ms-dotnettools.csdevkit + ms-dotnettools.vscode-dotnet-runtime + # ms-dotnettools.vscode-dotnet-pack + # ms-dotnettools.dotnet-maui + + # Colors & Themes + dracula-theme.theme-dracula + catppuccin.catppuccin-vsc + catppuccin.catppuccin-vsc-icons + mvllow.rose-pine + ]; + + userSettings = { + "workbench.colorTheme" = "Dracula Theme"; + }; + }; + }; +} diff --git a/homes/modules/fish.nix b/homes/modules/fish.nix index e46175d..69d82f3 100755 --- a/homes/modules/fish.nix +++ b/homes/modules/fish.nix @@ -1,19 +1,85 @@ { config, + lib, pkgs, ... }: { - programs.fish = { - enable = true; - interactiveShellInit = '' - #set -g fish_greeting "Welcome weary traveler to my shop" - cat ~/banner - ''; - plugins = [ - { - name = "grc"; - src = pkgs.fishPlugins.grc.src; - } - ]; + options = { + morphBashToFish = lib.mkEnableOption "morphBashToFish"; + }; + + # TODO: make the greeting controllable (ie so my VPS can be different) + config = { + programs.fish = { + enable = true; + generateCompletions = true; + + # vendor = { + # config.enable = true; + # functions.enable = true; + # completions.enable = true; + # }; + + interactiveShellInit = let + greetings = + [ + "Welcome weary traveller to my shop" + "It's dangerous to go alone! Take this." + "Do butterflies cry when they're sad?" + "I hope they do" + "I think Alice is lost..." + + "Something wicked this way comes" + "May your L's be many... and your bitches few" + + "What a horrible night to have a curse." + "The ancient spirits of light and dark have been released." + "The god of the stars rejects your offering. The ritual can only be performed at night." + "You should have just died..." + "Supreme Witch, Calamitas has killed every player!" + ] + |> map (x: "\"${x}\"") + |> builtins.concatStringsSep " "; + in '' + # add dotnet completions if it exists (ie we're in a virtual environment) + if type -q dotnet + complete -f -c dotnet -a "(dotnet complete (commandline -cp))" + end + + function rand_greet + set greetings ${greetings} + echo -n $greetings[(random 1 (count $greetings))] + end + + function gitignore -a type + curl -sL "https://www.gitignore.io/api/$type" + end + + # ripgrep on files + function rgf + rg --files | rg $args + end + + set -g fish_greeting (rand_greet) + + + ''; + + shellAliases = { + brip = "batgrep"; # bat + ripgrep + man = "batman"; # bat + man + ls = "eza --color=auto"; + l = "eza -Alh --color=auto --icons=auto"; + ll = "eza -lh --color=auto --icons=auto"; + li = "eza --color=auto --git-ignore"; + }; + + plugins = [ + { + name = "grc"; + src = pkgs.fishPlugins.grc.src; + } + ]; + }; }; } diff --git a/homes/modules/git.nix b/homes/modules/git.nix index c98ab4e..c1e3ed6 100755 --- a/homes/modules/git.nix +++ b/homes/modules/git.nix @@ -5,7 +5,70 @@ }: { programs.git = { enable = true; - userName = "Emile Clark-Boman"; - userEmail = "eclarkboman@gmail.com"; + lfs.enable = true; + + signing = { + # key = "F68745A836CA0412"; + # format = "openpgp"; + # signByDefault = true; + }; + + settings = { + user.name = "_cry64"; + user.email = "them@dobutterfliescry.net"; + + alias = { + s = "status"; + d = "diff"; + l = "log"; + c = "commit"; + p = "push"; + }; + + color.ui = true; + core.editor = "hx"; + github.user = "cry128"; + + init = { + defaultBranch = "main"; + }; + url = { + "git@github.com:" = { + insteadOf = [ + "gh:" + "github:" + ]; + }; + "https://gitlab.com/" = { + insteadOf = [ + "gl:" + "gitlab:" + ]; + }; + "git@codeberg.org:" = { + insteadOf = [ + "cb:" + "codeberg:" + ]; + }; + "git@tearforge.net/" = { + insteadOf = [ + "cry:" + "forge:" + ]; + }; + }; + }; + + includes = [ + { + path = "/home/me/agribit/.gitconfig"; + condition = "gitdir:/home/me/agribit/**"; + } + # { + # path = "/home/me/luminary/.gitconfig"; + # condition = "gitdir:/home/me/luminary/**"; + # } + ]; }; } diff --git a/homes/modules/hypr/hyprland.nix b/homes/modules/hypr/hyprland.nix deleted file mode 100755 index e69de29..0000000 diff --git a/homes/modules/mako.nix b/homes/modules/mako.nix new file mode 100644 index 0000000..762cd96 --- /dev/null +++ b/homes/modules/mako.nix @@ -0,0 +1,54 @@ +{...}: let + dracula = rec { + background = "#282A36"; + border = cyan; + + cyan = "#8BE9FD"; + yellow = "#F1FA8C"; + red = "#FF5555"; + }; + + theme = dracula; +in { + # notification daemon for Wayland + services.mako = { + enable = true; + settings = { + actions = true; + anchor = "top-right"; + layer = "overlay"; + sort = "-time"; + + height = 100; + width = 300; + margin = 50; + background-color = theme.background; + border-color = theme.border; + border-radius = 20; + border-size = 4; + font = "monospace 10"; + + markup = true; + icons = true; + max-icon-size = 64; + + default-timeout = 5000; + ignore-timeout = false; + + "actionable=true" = { + anchor = "top-left"; + }; + + "urgency=low" = { + border-color = theme.border; + }; + "urgency=normal" = { + border-color = theme.yellow; + }; + "urgency=high" = { + default-timeout = 0; + border-color = theme.red; + }; + }; + }; +} diff --git a/homes/modules/nixcord.nix b/homes/modules/nixcord.nix old mode 100755 new mode 100644 index a006c0e..97e6b15 --- a/homes/modules/nixcord.nix +++ b/homes/modules/nixcord.nix @@ -1,16 +1,248 @@ -{ - config, - pkgs, - ... -}: { +{inputs, ...}: { + imports = [ + inputs.nixcord.homeModules.nixcord + ]; + programs.nixcord = { enable = true; + equibop.enable = true; + + discord = { + vencord.enable = false; + equicord.enable = true; + }; + config = { - frameless = true; + enabledThemes = [ + # "aurorastheme.css" + # "base16-colors.css" + ]; plugins = { - # TODO: remove this plugin - hideAttachments.enable = true; + anonymiseFileNames = { + enable = true; + anonymiseByDefault = true; + method = 0; + randomisedLength = 16; + }; + betterSessions = { + backgroundCheck = true; + checkInterval = 1; + }; + biggerStreamPreview.enable = true; + callTimer.enable = true; + fixYoutubeEmbeds.enable = true; + fixSpotifyEmbeds.enable = true; + tidalEmbeds.enable = true; + youtubeAdblock.enable = true; + followVoiceUser.enable = true; + friendsSince.enable = true; + ircColors = { + enable = true; + lightness = 80; + memberListColors = true; + applyColorOnlyInDms = false; + applyColorOnlyToUsersWithoutColor = false; + }; + messageLogger = { + enable = true; + showEditDiffs = true; + separatedDiffs = false; + }; + # fakeNitro.enable = true; + ghosted.enable = true; + noF1.enable = true; + noMaskedUrlPaste.enable = true; + messageLatency = { + enable = false; + latency = -1; + showMillis = true; + }; + openInApp.enable = true; + crashHandler.enable = true; + disableCallIdle.enable = true; + experiments.enable = true; + expressionCloner.enable = true; + favoriteGifSearch.enable = true; + fixImagesQuality.enable = true; + forceOwnerCrown.enable = true; + forwardAnywhere.enable = true; + spotifyCrack.enable = true; + spotifyShareCommands.enable = true; + spotifyControls.enable = true; + fullUserInChatbox.enable = true; + gifPaste.enable = true; + ignoreActivities = { + enable = true; + ignorePlaying = true; + ignoreStreaming = true; + ignoreListening = true; + ignoreWatching = true; + ignoreCompeting = true; + }; + imageLink.enable = true; + imageZoom.enable = true; + memberCount.enable = true; + noDevtoolsWarning.enable = true; + noUnblockToJump.enable = true; + pauseInvitesForever.enable = true; + permissionsViewer.enable = true; + pictureInPicture = { + enable = true; + loop = true; + }; + platformIndicators.enable = true; + previewMessage.enable = true; + relationshipNotifier.enable = true; + revealAllSpoilers.enable = true; + serverInfo.enable = true; + serverListIndicators.enable = true; + showHiddenChannels.enable = true; + showHiddenThings.enable = true; + showTimeoutDuration = { + enable = true; + displayStyle = "tooltip"; + }; + silentTyping = { + enable = true; + enabledGlobally = false; + }; + startupTimings.enable = true; + typingIndicator.enable = true; + unlockedAvatarZoom = { + enable = true; + zoomMultiplier = 4.0; + }; + userMessagesPronouns.enable = true; + validUser.enable = true; + validReply.enable = true; + viewIcons = { + enable = true; + format = "webp"; + imgSize = "4096"; + }; + voiceChatDoubleClick.enable = true; + voiceDownload.enable = true; + voiceMessages = { + enable = true; + noiseSuppression = false; + echoCancellation = true; + }; + volumeBooster.enable = true; + webKeybinds.enable = true; + webScreenShareFixes.enable = true; + whoReacted.enable = true; + whosWatching.enable = true; + quickReply.enable = true; + questCompleter.enable = true; + shikiCodeblocks = { + enable = true; + useDevIcon = "COLOR"; + theme = "https://raw.githubusercontent.com/shikijs/textmate-grammars-themes/2d87559c7601a928b9f7e0f0dda243d2fb6d4499/packages/tm-themes/themes/kanagawa-wave.json"; + }; }; }; }; + + programs.nixcord.config.plugins.PinDMs = { + enable = true; + canCollapseDmSection = true; + # userBasedCategoryList = { + # "1202666382760607774" = [ + # { + # id = "i9dflmraztc"; + # name = "🏳️‍⚧️ girlfriends!!! :3 🏳️‍⚧️"; + # color = 16359423; + # collapsed = false; + # channels = [ + # "1436964273162289185" + # "1436988320474206311" + # "1449837047383855119" + # "1436965652861685891" + # "1436968495190642722" + # "1465424321919975454" + # ]; + # } + # { + # id = "p2v1f5y9zbd"; + # name = "🦋 best frens <3 🦋"; + # color = 10223511; + # collapsed = false; + # channels = [ + # "1436985374286155799" + # "1436965657076826222" + # "1429921297160212681" + # "1394808379381387385" + # "1433593753183977545" + # "1438254055452446881" + # "1436966389549236376" + # "1202678007026819134" + # "1437151552224624660" + # "1441906462094921789" + # "1450340272079769712" + # "1458123717124165764" + # "1436975341129306155" + # "1461885176534794427" + # "1462155159470866443" + # "1468735915076878407" + # ]; + # } + # { + # id = "c0mg5w635j8"; + # name = "🏳️‍🌈 close frens x3 🏳️‍🌈"; + # color = 10780927; + # collapsed = false; + # channels = [ + # "1437077103873888290" + # "1436975346338762823" + # "1437123353101205590" + # "1441516692164575283" + # "1419557866502754334" + # "1436985041203892315" + # "1438071327515742229" + # ]; + # } + # { + # id = "ghjrq5el3b"; + # name = "frens :3"; + # color = 7334399; + # collapsed = false; + # channels = [ + # "1437007154132422701" + # "1437006448948416526" + # "1446781617422209068" + # "1444723474835837103" + # "1437098569483161721" + # "1437237573146771469" + # "1436973705421914123" + # "1437135359359320125" + # "1438010723837022343" + # "1440553969461104740" + # "1437097082887475201" + # "1447222320015085740" + # "1462624704027164824" + # "1449513783893692589" + # "1463737720961634461" + # "1463000874392748249" + # "1461929299727749145" + # "1436984534712451105" + # "1436983282582683813" + # "1437283420312047659" + # "1437089201651847315" + # "1468324280445046824" + # ]; + # } + # { + # id = "zbmj00xw7d8"; + # name = "goop chats"; + # color = 14876549; + # collapsed = false; + # channels = [ + # "1437132769141719040" + # "1445549416516681902" + # "1458849972815663209" + # ]; + # } + # ]; + # }; + }; } diff --git a/homes/modules/obs.nix b/homes/modules/obs.nix new file mode 100755 index 0000000..37db38f --- /dev/null +++ b/homes/modules/obs.nix @@ -0,0 +1,16 @@ +{ + config, + pkgs, + ... +}: { + programs = { + obs-studio = { + enable = true; + plugins = with pkgs.obs-studio-plugins; [ + wlrobs + obs-backgroundremoval + obs-pipewire-audio-capture + ]; + }; + }; +} diff --git a/homes/modules/server/fail2ban.nix b/homes/modules/server/fail2ban.nix deleted file mode 100755 index 0681c68..0000000 --- a/homes/modules/server/fail2ban.nix +++ /dev/null @@ -1,17 +0,0 @@ -{...}: { - # simple fail2ban config (not production ready or anything though) - # refer to: https://nixos.wiki/wiki/Fail2Ban - services.fail2ban = { - enable = true; - - maxretry = 5; - bantime = "10m"; # 10 minute ban - bantime-increment = { - enable = true; - formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)"; - multipliers = "1 2 4 8 16 32 64"; - maxtime = "168h"; # dont ban for more than 1 week - overalljails = true; - }; - }; -} diff --git a/homes/modules/server/nginx.nix b/homes/modules/server/nginx.nix deleted file mode 100755 index a11b65c..0000000 --- a/homes/modules/server/nginx.nix +++ /dev/null @@ -1,35 +0,0 @@ -{...}: { - services = { - # use nginx as the reverse proxy - # (also will use certbot and Let's Encrypt) - # refer to: https://nixos.wiki/wiki/Nginx - nginx = { - enable = true; - - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - - # https://imbored.dev - virtualHosts = { - "imbored.dev" = { - forceSSL = true; - enableACME = true; - # config reverse proxy paths - locations = { - "/" = { - # TODO - proxyPass = "http://127.0.0.1:12345"; - }; - }; - }; - }; - }; - }; - - security.acme = { - acceptTerms = true; - defaults.email = "eclarkboman@gmail.com"; - }; -} diff --git a/homes/modules/server/ssh.nix b/homes/modules/server/ssh.nix deleted file mode 100755 index b898468..0000000 --- a/homes/modules/server/ssh.nix +++ /dev/null @@ -1,13 +0,0 @@ -{...}: { - services.openssh = { - enable = true; - ports = [22]; - settings = { - PasswordAuthentication = true; - PermitRootLogin = "no"; - AllowUsers = null; # allow all users by default - UseDns = true; - X11Forwarding = false; - }; - }; -} diff --git a/homes/modules/term/default.nix b/homes/modules/term/default.nix new file mode 100644 index 0000000..d446b15 --- /dev/null +++ b/homes/modules/term/default.nix @@ -0,0 +1,9 @@ +{ + lib, + ... +}: +{ + options = { + + } +} diff --git a/homes/modules/term/foot.nix b/homes/modules/term/foot.nix new file mode 100644 index 0000000..4fdaad5 --- /dev/null +++ b/homes/modules/term/foot.nix @@ -0,0 +1,328 @@ +# DEBUG: {upkgs, ...}: { +{pkgs, ...}: { + programs.foot = { + enable = true; + package = pkgs.foot; # DEBUG: upkgs.foot; + + server.enable = true; + + settings = let + none = "\"\""; + in { + main = { + term = "foot"; # set $TERM + login-shell = "no"; + title = "foot"; + locked-title = "no"; + + # font = "GeistMono Nerd Font:size=12"; + # font = "Mononoki Nerd Font Mono:size=12"; + # font = "0xProto Nerd Font Mono:size=12"; + font = "JetBrainsMonoNL Nerd Font:size=12"; + # font-bold = ""; + # font-italice = ""; + # font-bold-italice = ""; + # font-size-adjustment = 0.5; + # line-height = ...; + # letter-spacing = 0; + # horizontal-letter-offset = 0; + # vertical-letter-offset = 0; + # underline-offset = ...; + # underline-thickness = ...; + # strikeout-thickness = ...; + box-drawings-uses-font-glyphs = "no"; + dpi-aware = "no"; + gamma-correct-blending = "no"; + + initial-color-theme = "1"; + # initial-window-size-pixels = "700x500"; # pixel COLSxROWS + initial-window-size-chars = "90x26"; # char COLSxROWS + initial-window-mode = "windowed"; + pad = "32x32 center-when-maximized-and-fullscreen"; + resize-by-cells = "yes"; + resize-keep-grid = "yes"; + resize-delay-ms = "100"; + + bold-text-in-bright = "no"; + word-delimiters = ",│`|:\"'()[]{}<>"; + selection-target = "primary"; + # workers = ...; # number of logical CPUs + }; + + # environment = { + # name = "value"; + # } + + security = { + osc52 = "enabled"; + }; + + bell = { + system = "no"; + urgent = "no"; + notify = "no"; + visual = "no"; + # command = ...; + # command-focused = "no"; + }; + + desktop-notifications = { + command = "notify-send --wait --app-name \${app-id} --icon \${app-id} --category \${category} --urgency \${urgency} --expire-time \${expire-time} --hint STRING:image-path:\${icon} --hint BOOLEAN:suppress-sound:\${muted} --hint STRING:sound-name:\${sound-name} --replace-id \${replace-id} \${action-argument} --print-id -- \${title} \${body}"; + command-action-argument = "--action \${action-name=\${action-label}}"; + close = none; + inhibit-when-focused = "no"; + }; + + scrollback = { + lines = 1000; + multiplier = 1.0; + indicator-position = "relative"; + indicator-format = none; + }; + + url = { + launch = "xdg-open \${url}"; + label-letters = "sadfjklewcmpgh"; + osc8-underline = "url-mode"; + regex = "(((https?://|mailto:|ftp://|file:|ssh:|ssh://|git://|tel:|magnet:|ipfs://|ipns://|gemini://|gopher://|news:)|www\\.)([0-9a-zA-Z:/?#@!$&*+,;=.~_%^\\-]+|\\([]\\[\"0-9a-zA-Z:/?#@!$&'*+,;=.~_%^\\-]*\\)|\\[[\\(\\)\"0-9a-zA-Z:/?#@!$&'*+,;=.~_%^\\-]*\\]|\"[]\\[\\(\\)0-9a-zA-Z:/?#@!$&'*+,;=.~_%^\\-]*\"|'[]\\[\\(\\)0-9a-zA-Z:/?#@!$&*+,;=.~_%^\\-]*')+([0-9a-zA-Z/#@$&*+=~_%^\\-]|\\([]\\[\"0-9a-zA-Z:/?#@!$&'*+,;=.~_%^\\-]*\\)|\\[[\\(\\)\"0-9a-zA-Z:/?#@!$&'*+,;=.~_%^\\-]*\\]|\"[]\\[\\(\\)0-9a-zA-Z:/?#@!$&'*+,;=.~_%^\\-]*\"|'[]\\[\\(\\)0-9a-zA-Z:/?#@!$&*+,;=.~_%^\\-]*'))"; + }; + + # "regex:your-fancy-name" = { + # regex = ...; + # launch = "[path to script/application] \${match}" + # }; + # + # key-bindings = { + # regex-launch = "[your-fancy-name] Control+Shift+q"; + # regex-copy = "[your-fancy-name] Control+Alt+shift+q"; + # }; + + cursor = { + style = "block"; + blink = "no"; + # blink-rate = 500; + beam-thickness = 1.0; + # underline-thickness = ...; + }; + + mouse = { + hide-when-typing = "yes"; + alternate-scroll-mode = "yes"; + }; + + touch = { + long-press-delay = 400; + }; + + # Theme: Dracula + # REF: https://github.com/dracula/foot + colors = { + alpha = 1.0; + alpha-mode = "default"; # default/matching/all + + background = "282a36"; + foreground = "f8f8f2"; + + ## Normal/regular colors (color palette 0-7) + regular0 = "21222c"; # black + regular1 = "ff5555"; # red + regular2 = "50fa7b"; # green + regular3 = "f1fa8c"; # yellow + regular4 = "bd93f9"; # blue + regular5 = "ff79c6"; # magenta + regular6 = "8be9fd"; # cyan + regular7 = "f8f8f2"; # white + + ## Bright colors (color palette 8-15) + bright0 = "6272a4"; # bright black + bright1 = "ff6e6e"; # bright red + bright2 = "69ff94"; # bright green + bright3 = "ffffa5"; # bright yellow + bright4 = "d6acff"; # bright blue + bright5 = "ff92df"; # bright magenta + bright6 = "a4ffff"; # bright cyan + bright7 = "ffffff"; # bright white + + ## Misc colors + selection-foreground = "ffffff"; + selection-background = "44475a"; + # jump-labels= # black-on-yellow + # scrollback-indicator= # black-on-bright-blue + # search-box-no-match= # black-on-red + # search-box-match= # black-on-yellow + urls = "8be9fd"; + + flash = "7f7f00"; + flash-alpha = 0.5; + }; + + # Alternative colour palette (see `man 5 foot.ini`) + colors2 = { + alpha = 1.0; + alpha-mode = "default"; + + background = "191724"; + foreground = "e0def4"; + + regular0 = "26233a"; # black (Overlay) + regular1 = "eb6f92"; # red (Love) + regular2 = "9ccfd8"; # green (Foam) + regular3 = "f6c177"; # yellow (Gold) + regular4 = "31748f"; # blue (Pine) + regular5 = "c4a7e7"; # magenta (Iris) + regular6 = "ebbcba"; # cyan (Rose) + regular7 = "e0def4"; # white (Text) + + bright0 = "47435d"; # bright black (lighter Overlay) + bright1 = "ff98ba"; # bright red (lighter Love) + bright2 = "c5f9ff"; # bright green (lighter Foam) + bright3 = "ffeb9e"; # bright yellow (lighter Gold) + bright4 = "5b9ab7"; # bright blue (lighter Pine) + bright5 = "eed0ff"; # bright magenta (lighter Iris) + bright6 = "ffe5e3"; # bright cyan (lighter Rose) + bright7 = "fefcff"; # bright white (lighter Text) + + selection-foreground = "ffffff"; + selection-background = "393553"; + + urls = "ebbcba"; # Rose + + flash = "f6c177"; # yellow (Gold) + flash-alpha = 0.5; + + cursor = "191724 e0def4"; + }; + + # csd = { + # preferred = "server"; + # size = 26; + # font = ...; + # color = ...; # foreground color + # hide-when-maximized = "no"; + # border-width = 0; + # border-color = ...; + # button-width = 26; + # button-color = ...; # background color + # button-minimize-color = ...; + # button-maximize-color = ...; + # button-close-color = ...; + # }; + + key-bindings = { + scrollback-up-page = "Shift+Page_Up Shift+KP_Page_Up"; + # scrollback-up-half-page = "none"; + # scrollback-up-line = "none"; + scrollback-down-page = "Shift+Page_Down Shift+KP_Page_Down"; + # scrollback-down-half-page = "none"; + # scrollback-down-line = "none"; + # scrollback-home = "none"; + # scrollback-end = "none"; + + clipboard-copy = "Control+Shift+c XF86Copy"; + clipboard-paste = "Control+Shift+v XF86Paste"; + primary-paste = "Shift+Insert"; + search-start = "Control+Shift+r"; + + font-increase = "Control+plus Control+equal Control+KP_Add"; + font-decrease = "Control+minus Control+KP_Subtract"; + font-reset = "Control+0 Control+KP_0"; + + spawn-terminal = "Control+Shift+n"; + # minimize = "none"; + # maximize = "none"; + # fullscreen = "none"; + + pipe-visible = "[sh -c \"xurls | fuzzel | xargs -r firefox\"] none"; + pipe-scrollback = "[sh -c \"xurls | fuzzel | xargs -r firefox\"] none"; + pipe-selected = "[xargs -r firefox] none"; + pipe-command-output = "[wl-copy] none"; + + show-urls-launch = "Control+Shift+o"; + # show-urls-copy = "none"; + # show-urls-persistent = "none"; + + prompt-prev = "Control+Shift+z"; + prompt-next = "Control+Shift+x"; + + unicode-input = "Control+Shift+u"; + # color-theme-switch-1 = "none"; + # color-theme-switch-2 = "none"; + color-theme-toggle = "Control+Alt+p"; + + # noop = "none"; + # quit = "none"; + }; + + search-bindings = { + cancel = "Control+g Control+c Escape"; + commit = "Return KP_Enter"; + + find-prev = "Control+r"; + find-next = "Control+s"; + + cursor-left = "Left Control+b"; + cursor-left-word = "Control+Left Mod1+b"; + cursor-right = "Right Control+f"; + cursor-right-word = "Control+Right Mod1+f"; + cursor-home = "Home Control+a"; + cursor-end = "End Control+e"; + + delete-prev = "BackSpace"; + delete-prev-word = "Mod1+BackSpace Control+BackSpace"; + delete-next = "Delete"; + delete-next-word = "Mod1+d Control+Delete"; + delete-to-start = "Control+u"; + delete-to-end = "Control+k"; + + extend-char = "Shift+Right"; + extend-to-word-boundary = "Control+w Control+Shift+Right"; + extend-to-next-whitespace = "Control+Shift+w"; + extend-line-down = "Shift+Down"; + extend-backward-char = "Shift+Left"; + extend-backward-to-word-boundary = "Control+Shift+Left"; + # extend-backward-to-next-whitespace = "none"; + extend-line-up = "Shift+Up"; + + clipboard-paste = "Control+v Control+Shift+v Control+y XF86Paste"; + primary-paste = "Shift+Insert"; + + # unicode-input = "none"; + + scrollback-up-page = "Shift+Page_Up Shift+KP_Page_Up"; + # scrollback-up-half-page = "none"; + # scrollback-up-line = "none"; + scrollback-down-page = "Shift+Page_Down Shift+KP_Page_Down"; + # scrollback-down-half-page = "none"; + # scrollback-down-line = "none"; + # scrollback-home = "none"; + # scrollback-end = "none"; + }; + + url-bindings = { + cancel = "Control+g Control+c Control+d Escape"; + toggle-url-visible = "t"; + }; + + text-bindings = { + "\\x03" = "Mod4+c"; # map Super+c -> Control+c + }; + + mouse-bindings = { + scrollback-up-mouse = "BTN_WHEEL_BACK"; + scrollback-down-mouse = "BTN_WHEEL_FORWARD"; + font-increase = "Control+BTN_WHEEL_BACK"; + font-decrease = "Control+BTN_WHEEL_FORWARD"; + selection-override-modifiers = "Shift"; + primary-paste = "BTN_MIDDLE"; + select-begin = "BTN_LEFT"; + select-begin-block = "Control+BTN_LEFT"; + select-extend = "BTN_RIGHT"; + select-extend-character-wise = "Control+BTN_RIGHT"; + select-word = "BTN_LEFT-2"; + select-word-whitespace = "Control+BTN_LEFT-2"; + select-quote = "BTN_LEFT-3"; + select-row = "BTN_LEFT-4"; + }; + }; + }; +} diff --git a/homes/modules/term/ghostty.nix b/homes/modules/term/ghostty.nix new file mode 100644 index 0000000..4c0b130 --- /dev/null +++ b/homes/modules/term/ghostty.nix @@ -0,0 +1,45 @@ +{pkgs, ...}: { + home = { + packages = [ + pkgs.ghostty + ]; + + sessionVariables.TERMINAL = "ghostty"; + }; + + programs.ghostty = { + enable = true; + + settings = { + theme = "Dracula"; + font-family = "Geist Nerd Font"; + font-feature = ["liga" "calt"]; + + window-padding-x = 12; + window-padding-y = 6; + window-theme = "system"; + + window-height = 26; + window-width = 90; + copy-on-select = true; + gtk-single-instance = false; + adw-toolbar-style = "flat"; + + # disable close confirmations + confirm-close-surface = false; + + keybind = [ + "ctrl+shift+plus=increase_font_size:1" + "ctrl+shift+minus=decrease_font_size:1" + + "ctrl+h=goto_split:left" + "ctrl+l=goto_split:right" + ]; + }; + + #themes = { + #aylur-dark = colors (import ./colors.nix {scheme = "dark";}); + #aylur-light = colors (import ./colors.nix {scheme = "light";}); + #}; + }; +} diff --git a/homes/modules/rio.nix b/homes/modules/term/rio.nix similarity index 90% rename from homes/modules/rio.nix rename to homes/modules/term/rio.nix index 84ea3a2..88ef968 100755 --- a/homes/modules/rio.nix +++ b/homes/modules/term/rio.nix @@ -3,8 +3,16 @@ pkgs, ... }: { + home = { + packages = [ + pkgs.rio + ]; + + # currently set to ghostty (on lolcathost) + #sessionVariables.TERMINAL = "rio"; + }; + # The terminal I use - # TODO: this is dependent on nvim being installed # TODO: make this into a module with a configurable editor option programs.rio = { enable = true; diff --git a/homes/modules/tmux.nix b/homes/modules/tmux.nix new file mode 100644 index 0000000..e5946c0 --- /dev/null +++ b/homes/modules/tmux.nix @@ -0,0 +1,5 @@ +{...}: { + programs.tmux = { + enable = true; + }; +} diff --git a/homes/modules/hypr/hypridle.nix b/homes/modules/wm/hypr/hypridle.nix similarity index 100% rename from homes/modules/hypr/hypridle.nix rename to homes/modules/wm/hypr/hypridle.nix diff --git a/homes/modules/wm/hypr/hyprland.nix b/homes/modules/wm/hypr/hyprland.nix new file mode 100755 index 0000000..38ed5af --- /dev/null +++ b/homes/modules/wm/hypr/hyprland.nix @@ -0,0 +1,42 @@ +# NOTE: hyprland must be enabled in BOTH your host config (for running hyprland) +# and your home-manager config (for managing hyprland's config files) +{ + pkgs, + inputs, + config, + lib, + ... +}: { + options.hyprland = { + enable = lib.mkEnableOption "Hyprland"; + }; + + config = lib.mkIf config.hyprland.enable { + wayland.windowManager.hyprland = { + enable = true; + package = pkgs.hyprland; + + xwayland.enable = true; + + systemd = { + enable = true; + # enable autostart of applications + # REF: `man 8 systemd-xdg-autostart-generator` + enableXdgAutostart = true; + }; + + plugins = with inputs; [ + split-monitor-workspaces.packages.${pkgs.system}.split + ]; + }; + + xdg.portal = { + enable = true; + extraPortals = with pkgs; [ + xdg-desktop-portal-gtk + ]; + }; + + # TODO: finish this + }; +} diff --git a/homes/modules/hypr/hyprlock.nix b/homes/modules/wm/hypr/hyprlock.nix similarity index 100% rename from homes/modules/hypr/hyprlock.nix rename to homes/modules/wm/hypr/hyprlock.nix diff --git a/homes/subspace/default.nix b/homes/subspace/default.nix deleted file mode 100644 index 6b1c0fa..0000000 --- a/homes/subspace/default.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - inputs, - outputs, - lib, - config, - pkgs, - ... -}: { - nixpkgs = { - config.allowUnfree = false; - }; - - imports = [ - ]; - - home = { - username = "subspace"; - homeDirectory = "/home/subspace"; - }; - - programs = { - fish = { - enable = true; - # Extra commands to run when entering a interactive shell - # (for the subspace user this will be exiting fish to - # run wishlist instead, a shell should not pop up!) - loginShellInit = '' - clear - exec wishlist - ''; - }; - - ssh = { - enable = true; - forwardAgent = true; - addKeysToAgent = "yes"; - - matchBlocks = { - hyrule = { - hostname = "imbored.dev"; - user = "ae"; - port = 22; - identityFile = "~/.ssh/id_hyrule"; - }; - YearnForTheMines = { - hostname = "deadlyserver.com"; - user = "emile"; - port = 29843; - identityFile = "~/.ssh/id_deadlyserver"; - }; - }; - }; - }; - - # Nicely reload system units when changing configs - systemd.user.startServices = "sd-switch"; - - # SERVICE: webfishing (example for wishlist) - #systemd.user.services.webfishing = { - # Unit.Description = "I be out here webfishing frfr"; - - # Install.WantedBy = ["default.target"]; - - # Service = { - # Type = "exec"; - # ExecStart = "echo $HOME; cat $HOME/.ssh/config"; - # Restart = "always"; - # }; - #}; - - home.stateVersion = "24.11"; # DO NOT MODIFY -} diff --git a/hosts/butterfly/default.nix b/hosts/butterfly/default.nix new file mode 100755 index 0000000..83ff46d --- /dev/null +++ b/hosts/butterfly/default.nix @@ -0,0 +1,69 @@ +{...}: { + imports = [ + ./hardware-configuration.nix + + ./services + ]; + + # super duper minimum grub2 config + boot.loader.grub = { + enable = true; + device = "/dev/vda"; + }; + + networking = { + hostName = "butterfly"; + + firewall = { + allowedTCPPorts = [ + 80 # nginx + # 143 # IMAP4 + 443 # nginx + # 587 # SMTPS + 2222 # forgejo ssh + 2035 # debug (for my job) + # 3000 (INTERNAL) forgejo + # 3306 (INTERNAL) forgejo sqlite3 database + 5000 # debug (for my job) + # 8222 (INTERNAL) vaultwarden + 45000 # minecaft server + ]; + allowedUDPPorts = [ + 54231 # Wireguard + ]; + }; + + # wg-quick.interfaces = { + # wg0 = { + # address = [ + # "10.10.10.4/24" + # ]; + # dns = ["10.10.10.1"]; + # privateKeyFile = "/root/wg_agrivpn_hyrule"; + # peers = [ + # { + # # peer's public key + # publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY="; + + # # choose which traffic to forward + # allowedIPs = [ + # "10.0.51.0/24" + # "10.10.10.0/24" + # ]; + # endpoint = "150.242.34.33:54231"; + # } + # ]; + # }; + # }; + }; + + users.users.cry = { + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" + ]; + }; + + virtualisation.docker.enable = true; + + system.stateVersion = "24.11"; # DO NOT MODIFY +} diff --git a/hosts/butterfly/hardware-configuration.nix b/hosts/butterfly/hardware-configuration.nix new file mode 100644 index 0000000..13fe39a --- /dev/null +++ b/hosts/butterfly/hardware-configuration.nix @@ -0,0 +1,37 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "ahci" "sd_mod" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-label/NIXROOT"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/hosts/butterfly/services/default.nix b/hosts/butterfly/services/default.nix new file mode 100644 index 0000000..d6f75e1 --- /dev/null +++ b/hosts/butterfly/services/default.nix @@ -0,0 +1,5 @@ +{...}: { + imports = [ + ./nginx.nix + ]; +} diff --git a/hosts/butterfly/services/forgejo.nix b/hosts/butterfly/services/forgejo.nix new file mode 100644 index 0000000..d5d680d --- /dev/null +++ b/hosts/butterfly/services/forgejo.nix @@ -0,0 +1,150 @@ +{...}: { + # more options here: https://mynixos.com/nixpkgs/options/services.forgejo + # TODO: set a favicon https://forgejo.org/docs/next/contributor/customization/#changing-the-logo + # (might need me to override settings in the nixpkg) + # TODO: create a custom theme for forgejo (modify the source files most likely) + services.forgejo = { + enable = true; + # enable support for Git Large File Storage + lfs.enable = true; + database = { + type = "sqlite3"; # postgres + host = "127.0.0.1"; + port = "3306"; # 5432 if postgres + }; + # settings are written directly to the `app.ini` config file + # refer to: https://forgejo.org/docs/latest/admin/config-cheat-sheet/ + settings = { + server = { + # ENABLE_ACME = true; + # ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev" + DOMAIN = "dobutterfliescry.net"; # should this be "imbored.dev"? + ROOT_URL = "https://forge.dobutterfliescry.net"; # full public URL of the Forgejo server + # address and port to listen on + HTTP_ADDR = "127.0.0.1"; + HTTP_PORT = 3000; + PROTOCOL = "http"; # http internally, reverse proxy uses https externally + + START_SSH_SERVER = true; + DISABLE_SSH = false; + SSH_PORT = 2222; + }; + + DEFAULT = { + APP_NAME = "tearforge"; + APP_SLOGIN = "but cozy"; + APP_DISPLAY_NAME_FORMAT = "{APP_NAME} ::{APP_SLOGAN}::"; + }; + + repository = { + DEFAULT_PRIVATE = "private"; # last, private, public + # repo/org created on push to non-existent + ENABLE_PUSH_CREATE_USER = true; + ENABLE_PUSH_CREATE_ORG = false; + DEFAULT_PUSH_CREATE_PRIVATE = true; + MAX_CREATION_LIMIT = -1; + }; + + "repository.upload" = { + # max per-file size in MB + FILE_MAX_SIZE = 50; + # max number of files per upload + MAX_FILES = 5; + }; + + badges = let + # flat, flat-square, plastic, for-the-badge, social + style = "for-the-badge"; + in { + ENABLED = true; + GENERATOR_URL_TEMPLATE = "https://img.shields.io/badge/{{.label}}-{{.text}}-{{.color}}?style=${style}"; + }; + + ui = { + DEFAULT_THEME = "forgejo-dark"; + THEMES = "forgejo-auto,forgejo-light,forgejo-dark"; + }; + "ui.meta" = { + AUTHOR = "Emile Clark-Boman - emileclarkb"; + DESCRIPTION = "This is my personal self-hosted git forge, where I keep and maintain personal projects! PS do butterflies cry when they're sad?"; + KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies"; + }; + + markdown = { + ENABLE_HARD_LINE_BREAK_IN_COMMENTS = true; + ENABLE_MATH = true; + }; + + admin = { + DEFAULT_EMAIL_NOTIFICATIONS = "enabled"; + SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true; + }; + + security = { + # Controls access to the installation page. + # When set to “true”, the installation page is not accessible. + #INSTALL_LOCK = false; + + PASSWORD_HASH_ALGO = "argon2"; # ARGON2 BEST ALGO FR!! (default: argon2$2$65536$8$50) + MIN_PASSWORD_LENGTH = 12; + PASSWORD_COMPLEXITY = "lower,upper,digit,spec"; + PASSWORD_CHECK_PWN = true; + }; + + service = { + DISABLE_REGISTRATION = true; # toggle for new users + #DEFAULT_USER_IS_RESTRICTED = true; + # Forbid login with third-party services (ie github) + ALLOW_ONLY_INTERNAL_REGISTRATION = true; + ENABLE_CAPTCHA = true; + REQUIRE_CAPTCHA_FOR_LOGIN = true; + REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA = true; + LOGIN_REMEMBER_DAYS = 365; + ENABLE_NOTIFY_MAIL = true; + }; + "service.explore" = { + REQUIRE_SIGNIN_VIEW = false; + DISABLE_USERS_PAGE = false; + DISABLE_ORGANIZATIONS_PAGE = false; + DISABLE_CODE_PAGE = false; + }; + + cache = { + ADAPTER = "twoqueue"; + HOST = "{\"size\":100, \"recent_ratio\":0.25, \"ghost_ratio\":0.5}"; + ITEM_TTL = "16h"; + }; + + # TODO: fill this in once my mail server is configured + # email.incoming = { ... }; + + # optional + # TODO: fill this in once my mail server is configured + mailer = { + ENABLED = false; + SMTP_ADDR = "mail.dobutterfliescry.net"; + FROM = "iforgor@dobutterfliescry.net"; + USER = "iforgor@dobutterfliescry.net"; + }; + + log = { + MODE = "file"; + LEVEL = "Info"; # "Trace", "Debug", "Info", "Warn", "Error", "Critical" + ENABLE_SSH_LOG = true; + }; + + cron = { + ENABLED = true; + RUN_AT_START = false; + }; + + other = { + SHOW_FOOTER_VERSION = true; + SHOW_FOOTER_TEMPLATE_LOAD_TIME = true; + SHOW_FOOTER_POWERED_BY = true; + ENABLE_SITEMAP = true; + ENABLE_FEED = true; + }; + }; + }; +} diff --git a/hosts/butterfly/services/mailserver.nix b/hosts/butterfly/services/mailserver.nix new file mode 100644 index 0000000..cd2adfc --- /dev/null +++ b/hosts/butterfly/services/mailserver.nix @@ -0,0 +1,38 @@ +{ + config, + pkgs, + ... +}: { + imports = [ + (builtins.fetchTarball { + url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-25.05/nixos-mailserver-nixos-25.05.tar.gz"; + sha256 = "0jpp086m839dz6xh6kw5r8iq0cm4nd691zixzy6z11c4z2vf8v85"; + }) + ]; + + # simple-nixos-mailserver + # DOCS: https://nixos-mailserver.readthedocs.io/en/latest + mailserver = { + enable = true; + # stateVersion = 3; + # Manually open the firewall instead + openFirewall = false; + virusScanning = false; # expensive memory usage + + fqdn = "mail.imbored.dev"; + domains = ["imbored.dev"]; + + # NOTE: generate hashes with `mkpasswd -sm bcrypt` + loginAccounts = { + "me@imbored.dev" = { + aliases = ["emile@imbored.dev"]; + hashedPasswordFile = let + CWD = builtins.getEnv "PWD"; + # XXX: TODO: use a secrets manager! + in "${CWD}/secrets/passwd/me"; + }; + }; + + certificateScheme = "acme-nginx"; + }; +} diff --git a/hosts/butterfly/services/minecraft-server.nix b/hosts/butterfly/services/minecraft-server.nix new file mode 100644 index 0000000..3bdb51c --- /dev/null +++ b/hosts/butterfly/services/minecraft-server.nix @@ -0,0 +1,65 @@ +{ + pkgs, + upkgs, + ... +}: { + services.minecraft-server = { + enable = true; + package = upkgs.minecraft-server; # use latest version only! + declarative = true; + + eula = true; + + openFirewall = false; # do this manually instead + + whitelist = { + "SECRET1" = ""; + "SECRET2" = ""; + }; + + # REF: https://minecraft.wiki/w/Server.properties#Java_Edition + serverProperties = { + server-ip = "195.114.14.69"; # listen on all addresses if unset + server-port = 45000; # connection port + "query.port" = 45000; # share game info/advertising information + user-native-transport = true; # Linux packet RX/TX optimizations + + # Users Connections + enforce-secure-profile = true; + online-mode = true; # don't allow unlicensed minecraft accounts to join + prevent-proxy-connections = false; + rate-limit = 0; + + # Server Functionality + enable-status = true; # where the server appears as "online" + hide-online-players = false; + log-ips = true; + pause-when-empty-seconds = 60; # pause server when no player online for x seconds + view-distance = 10; # range: 3-32 + simulation-distance = 10; # range: 3-32 + + # Players + motd = "M&M's Cozycraft Realm <3"; + max-players = 2; + white-list = true; + idle-player-timeout = 0; # never kick idle players + + # Gameplay + gamemode = "survival"; + force-gamemode = true; + difficulty = "normal"; + hardcore = false; + pvp = true; + allow-cheats = true; + + # World + level-name = "M&M's Cozycraft"; # world name + # level-seed = "" # random seed if unset + level-type = "minecraft:normal"; # world generation preset + generate-structures = true; + spawn-monsters = true; + spawn-protection = 0; + }; + jvmOpts = "-Xms2046M -Xmx2046M -XX:+UseG1GC -XX:ParallelGCThreads=2 -XX:MinHeapFreeRatio=5 -XX:MaxHeapFreeRatio=10"; + }; +} diff --git a/hosts/butterfly/services/nginx.nix b/hosts/butterfly/services/nginx.nix new file mode 100644 index 0000000..5dcb5c6 --- /dev/null +++ b/hosts/butterfly/services/nginx.nix @@ -0,0 +1,58 @@ +{pkgs, ...}: { + services.nginx = { + enable = true; + # NOTE: in wake of CVE-2022-3602/CVE-2022-3786 nginxStable is overlayed + package = pkgs.nginx; + + # recommendedGzipSettings = true; + # recommendedOptimisation = true; + # recommendedProxySettings = true; + # recommendedTlsSettings = true; + + # streamConfig = '' + # server { + # listen 127.0.0.1:53 udp reuseport; + # proxy_timeout 20s; + # proxy_pass 192.168.0.1:53535; + # } + # ''; + + virtualHosts = let + localhost = "http://127.0.0.1"; + std = { + # TODO: should I run over QUIC+HTTP3? (experimental) + # quic = true; + # http3 = true; + enableACME = true; + # kTLS = true; # offload TLS to the linux kernel + }; + in { + "dobutterfliescry.net" = + { + default = true; + addSSL = true; # addSSL NOT forceSSL <3 + root = "${pkgs.dobutterfliescry-net}/www"; + # extraConfig = '' + # error_page 404 /custom_404.html; + # ''; + } + // std; + "vault.imbored.dev" = + { + forceSSL = true; + locations."/".proxyPass = "${localhost}:8222"; + } + // std; + # "tearforge.net" = + # { + # forceSSL = true; + # extraConfig = '' + # client_max_body_size 512M; + # ''; + # locations."/".proxyPass = "${localhost}:3000"; + # } + # // std; + # "tearforge.net" = forge; + }; + }; +} diff --git a/hosts/butterfly/services/vaultwarden.nix b/hosts/butterfly/services/vaultwarden.nix new file mode 100644 index 0000000..6cde9ab --- /dev/null +++ b/hosts/butterfly/services/vaultwarden.nix @@ -0,0 +1,25 @@ +{...}: { + services.vaultwarden = { + enable = true; + dbBackend = "sqlite"; + + # backupDir = "/var/backup/vaultwarden"; # disable with null + + # https://mynixos.com/nixpkgs/option/services.vaultwarden.config + config = { + # internal address and port to listen on + ROCKET_ADDRESS = "127.0.0.1"; + ROCKET_PORT = 8222; + + # hostname to listen for + DOMAIN = "https://vault.imbored.dev"; + + # signup policy + SIGNUPS_ALLOWED = false; + SIGNUPS_VERIFY = true; + INVITATIONS_ALLOWED = true; + }; + # https://mynixos.com/nixpkgs/option/services.vaultwarden.environmentFile + environmentFile = "/var/lib/vaultwarden/vaultwarden.env"; + }; +} diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 11048b6..9690354 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -1,65 +1,8 @@ -{ - pkgs, - inputs, - lib, - ... -}: let - home-manager = builtins.fetchTarball { - url = "https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz"; - sha256 = "0c07xj74vsj37d3a8f98i9rhhhr99ckwlp45n40f0qkmigm3pk8s"; - }; -in { +{...}: { imports = [ ./hardware-configuration.nix - (import "${home-manager}/nixos") - #../../flakes/wishlist/wishlist.nix - #../modules/server/nginx.nix - #../modules/server/ssh.nix - #../modules/server/fail2ban.nix ]; - # override wishlist with the new cool one! - #pkgs.config.packageOverrides = { - # wishlist = inputs.wishlist.packages.x86_64-linux.wishlist; - #}; - - nix.settings = { - # make wheel group trusted users allows my "ae" user - # to import packages not signed by a trusted key - # (aka super duper easier to remote deploy) - trusted-users = ["root" "@wheel"]; - experimental-features = [ - "nix-command" - "flakes" - ]; - }; - - time.timeZone = "Australia/Brisbane"; - - i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - }; - - # colmena deployment configuration - deployment = { - targetHost = "imbored.dev"; - targetUser = "ae"; - targetPort = 22; - # the following line is unnecessary if using an ssh agent - #sshOptions = ["-i /home/me/.ssh/id_hyrule"]; - #keys = { - # "imbored.dev" = { - # # text, keyCommand, or keyFile must be set - # # text = ""; - # #keyCommand = [ "" ]; - # keyFile = "/home/me/.ssh/id_hyrule"; - # }; - #}; - buildOnTarget = false; # build locally then deploy - }; - # super duper minimum grub2 config boot.loader.grub = { enable = true; @@ -68,419 +11,21 @@ in { networking = { hostName = "hyrule"; - networkmanager.enable = true; - firewall = { - enable = true; allowedTCPPorts = [ - 22 # sshd - 80 # nginx - # 143 # IMAP4 - 443 # nginx - # 587 # SMTPS - 2222 # forgejo ssh - 2035 # debug (for my job) - # 3000 (INTERNAL) forgejo - # 3306 (INTERNAL) forgejo sqlite3 database - 5000 # debug (for my job) - # 8222 (INTERNAL) vaultwarden + ]; + allowedUDPPorts = [ ]; }; }; - # grant passwordless sudo to wheel group - security.sudo.wheelNeedsPassword = false; - - users = { - defaultUserShell = pkgs.bash; - - users = { - # primary user - ae = { - isNormalUser = true; - extraGroups = ["wheel" "networkmanager" "docker"]; - shell = pkgs.bash; - home = "/home/ae"; # TEMP: remove and replace with home-manager - packages = with pkgs; [ - ]; - }; - - subspace = let - # override - wishlistBash = - pkgs.bash.override { - }; - in { - isNormalUser = true; - shell = pkgs.bash; - home = "/home/subspace"; - packages = with pkgs; [ - wishlist - ]; - }; - - # user for friends to ssh into - friends = { - isNormalUser = true; - shell = pkgs.bash; - home = "/home/friends"; # TEMP: remove and replace with home-manager - packages = with pkgs; [ - ]; - }; - }; + users.users.cry = { + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" + ]; }; virtualisation.docker.enable = true; - home-manager = { - users = { - ae = import ../../homes/ae; - subspace = import ../../homes/subspace; - }; - sharedModules = []; - }; - - services = { - # simple nginx instance to host static construction page - # TODO: I want sshd and forgejo's ssh server to both be bound to port 22 - # So change sshd to listen on a different address/port (ie 2222 or 127.0.0.3:22, etc) - # and change forgejo to use 127.0.0.2:22 (use port 22, ONLY change loopback address) - nginx = { - enable = true; - - # in wake of CVE-2022-3602/CVE-2022-3786 - package = pkgs.nginxStable.override {openssl = pkgs.libressl;}; - - #virtualHosts."imbored.dev".locations."/" = { - virtualHosts = { - "imbored.dev" = { - # "http:imbored.dev" = { - default = true; - # serverName = "imbored.dev"; - # listenAddresses = ["imbored.dev"]; - enableACME = true; - addSSL = true; # forceSSL = true; - root = "/var/www/imbored"; - #index = "index.html"; - #root = pkgs.writeTextDir "index.html" '' - # - # - # Give me your mittens! - # - # - #''; - }; - # "ssh:imbored.dev" = { - # serverName = "imbored.dev"; - # listen = [{ - # addr = "imbored.dev"; - # port= 22; - # }]; - # locations."/".proxyPass = "ssh://127.0.0.1:2222"; - # }; - # Route "vault" subdomain to vaultwarden - "vault.imbored.dev" = { - enableACME = true; - forceSSL = true; - locations."/".proxyPass = "http://127.0.0.1:8222"; - }; - # Route "forge" subdomain to forgejo - "forge.imbored.dev" = { - # "https:forge.imbored.dev" = { - #serverName = "forge.imbored.dev"; - #listenAddresses = ["forge.imbored.dev"]; # NOTE: I think this is wrong - enableACME = true; # TODO: maybe use `forgejo.settings.server.ENABLE_ACME` instead? - forceSSL = true; - extraConfig = '' - client_max_body_size 512M; - ''; - locations."/".proxyPass = "http://127.0.0.1:3000"; - }; - # NOTE: would it work if I used "ssh://forge.imbored.dev" and "https://forge.imbored.dev" instead? - # "ssh:forge.imbored.dev" = { - # serverName = "forge.imbored.dev"; - # listen = [{ - # addr = "forge.imbored.dev"; - # port = 22; - # }]; - # locations."/".proxyPass = "ssh://127.0.0.2:22"; - # }; - }; - }; - - openssh = { - enable = true; - ports = [22]; - settings = { - PasswordAuthentication = true; - PermitRootLogin = "no"; - AllowUsers = ["ae" "subspace"]; # allow all users by default - UseDns = true; - X11Forwarding = false; - }; - }; - - vaultwarden = { - enable = true; - dbBackend = "sqlite"; - - # backupDir = "/var/backup/vaultwarden"; # disable with null - - # https://mynixos.com/nixpkgs/option/services.vaultwarden.config - config = { - # internal address and port to listen on - ROCKET_ADDRESS = "127.0.0.1"; - ROCKET_PORT = 8222; - - # hostname to listen for - DOMAIN = "https://vault.imbored.dev"; - SIGNUPS_ALLOWED = false; - }; - # https://mynixos.com/nixpkgs/option/services.vaultwarden.environmentFile - environmentFile = "/var/lib/vaultwarden/vaultwarden.env"; - }; - - # stalwart-mail = let - # domain = "imbored.dev"; - # in { - # enable = false; # true; - # # openFirewall = true; # im doing this manually rn - # settings = { - # certificate."${domain}" = { - # cert = "file://${certs.${domain}.cert}"; - # private-key = "file://${certs.${domain}.key}"; - # }; - # server = { - # hostname = domain; - # tls = { - # certificate = "${domain}"; - # enable = true; - # implicit = false; - # }; - # listener = { - # "smtp-submission" = { - # bind = ["127.0.0.1:587"]; - # protocol = "smtp"; - # }; - # "imap" = { - # bind = ["127.0.0.1:143"]; - # protocol = "imap"; - # }; - # }; - # }; - # session = { - # rcpt.directory = "in-memory"; - # auth = { - # mechanisms = ["PLAIN"]; - # directory = "in-memory"; - # }; - # }; - # jmap.directory = "in-memory"; - # queue.outbound.next-hop = ["local"]; - # directory."in-memory" = { - # type = "memory"; - # users = [ - # { - # name = "me"; - # secret = "foobar"; - # email = ["me@${domain}"]; - # } - # { - # name = "Emile"; - # secret = "foobar"; - # email = ["emile@${domain}"]; - # } - # ]; - # }; - # }; - # }; - - # more options here: https://mynixos.com/nixpkgs/options/services.forgejo - # TODO: set a favicon https://forgejo.org/docs/next/contributor/customization/#changing-the-logo - # (might need me to override settings in the nixpkg) - # TODO: create a custom theme for forgejo (modify the source files most likely) - forgejo = { - enable = true; - # enable support for Git Large File Storage - lfs.enable = true; - database = { - type = "sqlite3"; # postgres - host = "127.0.0.1"; - port = "3306"; # 5432 if postgres - }; - # settings are written directly to the `app.ini` config file - # refer to: https://forgejo.org/docs/latest/admin/config-cheat-sheet/ - settings = { - server = { - # ENABLE_ACME = true; - # ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev" - DOMAIN = "forge.imbored.dev"; # should this be "imbored.dev"? - ROOT_URL = "https://forge.imbored.dev"; # full public URL of the Forgejo server - # address and port to listen on - HTTP_ADDR = "127.0.0.1"; - HTTP_PORT = 3000; - PROTOCOL = "http"; # http internally, reverse proxy uses https externally - - START_SSH_SERVER = true; - DISABLE_SSH = false; - SSH_PORT = 2222; - }; - - DEFAULT = { - APP_NAME = "Emile's Forge"; - APP_SLOGIN = "Cozy"; - APP_DISPLAY_NAME_FORMAT = "{APP_NAME}: {APP_SLOGAN}"; - }; - - repository = { - DEFAULT_PRIVATE = "private"; # last, private, public - DEFAULT_PUSH_CREATE_PRIVATE = true; - MAX_CREATION_LIMIT = -1; - }; - - "repository.upload" = { - # max per-file size in MB - FILE_MAX_SIZE = 50; - # max number of files per upload - MAX_FILES = 5; - }; - - badges = let - # flat, flat-square, plastic, for-the-badge, social - style = "for-the-badge"; - in { - ENABLED = true; - GENERATOR_URL_TEMPLATE = "https://img.shields.io/badge/{{.label}}-{{.text}}-{{.color}}?style=${style}"; - }; - - ui = { - DEFAULT_THEME = "forgejo-dark"; - THEMES = "forgejo-auto,forgejo-light,forgejo-dark"; - }; - "ui.meta" = { - AUTHOR = "Emile Clark-Boman - emileclarkb"; - DESCRIPTION = "This is my personal self-hosted git forge, where I keep and maintain personal projects!"; - KEYWORDS = "emileclarkb,git,forge,forgejo,self-hosted"; - }; - - markdown = { - ENABLE_HARD_LINE_BREAK_IN_COMMENTS = true; - ENABLE_MATH = true; - }; - - admin = { - DEFAULT_EMAIL_NOTIFICATIONS = "enabled"; - SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true; - }; - - security = { - # Controls access to the installation page. - # When set to “true”, the installation page is not accessible. - #INSTALL_LOCK = false; - - PASSWORD_HASH_ALGO = "argon2"; # ARGON2 BEST ALGO FR!! - MIN_PASSWORD_LENGTH = 12; - PASSWORD_COMPLEXITY = "lower,upper,digit,spec"; - PASSWORD_CHECK_PWN = true; - }; - - service = { - # toggle to create an admin user - DISABLE_REGISTRATION = true; - #DEFAULT_USER_IS_RESTRICTED = true; - # Forbid login with third-party services (ie github) - ALLOW_ONLY_INTERNAL_REGISTRATION = true; - ENABLE_CAPTCHA = true; - REQUIRE_CAPTCHA_FOR_LOGIN = true; - REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA = true; - LOGIN_REMEMBER_DAYS = 365; - ENABLE_NOTIFY_MAIL = true; - }; - "service.explore" = { - REQUIRE_SIGNIN_VIEW = false; - DISABLE_USERS_PAGE = false; - DISABLE_ORGANIZATIONS_PAGE = false; - DISABLE_CODE_PAGE = false; - }; - - cache = { - ADAPTER = "twoqueue"; - HOST = "{\"size\":100, \"recent_ratio\":0.25, \"ghost_ratio\":0.5}"; - ITEM_TTL = "16h"; - }; - - # TODO: fill this in once my mail server is configured - # email.incoming = { ... }; - - # optional - # TODO: fill this in once my mail server is configured - mailer = { - ENABLED = false; - SMTP_ADDR = "mail.imbored.dev"; - FROM = "noreply@imbored.dev"; - USER = "noreply@imbored.dev"; - }; - - log = { - MODE = "file"; - LEVEL = "Info"; # "Trace", "Debug", "Info", "Warn", "Error", "Critical" - ENABLE_SSH_LOG = true; - }; - - cron = { - ENABLED = true; - RUN_AT_START = false; - }; - - other = { - SHOW_FOOTER_VERSION = true; - SHOW_FOOTER_TEMPLATE_LOAD_TIME = true; - SHOW_FOOTER_POWERED_BY = true; - ENABLE_SITEMAP = true; - ENABLE_FEED = true; - }; - }; - }; - }; - # accept Lets Encrypt's security policy (for nginx) - security.acme = { - acceptTerms = true; - # TODO: change this to me@imbored.dev - defaults.email = "eclarkboman@gmail.com"; - }; - - environment.systemPackages = with pkgs; [ - vim - helix - - #wishlist - ]; - - programs = { - fish.enable = true; - - bash = { - interactiveShellInit = '' - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] - then - shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - exec ${pkgs.fish}/bin/fish $LOGIN_OPTION - fi - ''; - }; - }; - - #systemd.services.wishlist = { - # description = "Single entrypoint for multiple SSH endpoints"; - # wantedBy = ["multi-user.target"]; - # - # serviceConfig = { - # DynamicUser = "yes"; - # ExecStart = "${pkgs.wishlist}/bin/wishlist serve --config /home/$USER/.ssh/config"; - # Restart = "always"; - # RestartSec = "2s"; - # }; - #}; - - system.stateVersion = "24.11"; # DO NOT MODIFY + system.stateVersion = "25.11"; # DO NOT MODIFY } diff --git a/hosts/imbored/default.nix b/hosts/imbored/default.nix deleted file mode 100755 index df99d85..0000000 --- a/hosts/imbored/default.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ - pkgs, - inputs, - lib, - ... -}: let - home-manager = builtins.fetchTarball { - url = "https://github.com/nix-community/home-manager/archive/master.tar.gz"; - sha256 = "19w63qccz78v0spx03911z98w1bvlxvd07hb0ma14a4vdzi4ninj"; - }; -in { - # TODO: - # - add github:charmbracelet/soft-serve - # - add forgejo - - imports = [ - ../modules/server/nginx.nix - ../modules/server/ssh.nix - ../modules/server/fail2ban.nix - ]; - - system.stateVersion = "24.05"; - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; - - time.timeZone = "Australia/Brisbane"; - - i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - }; - - boot.loader = { - # TODO - }; - - networking = { - hostName = "imbored"; - networkmanager.enable = true; - firewall.allowedTCPPorts = [ - 22 # sshd - ] - }; - - users = { - defaultUserShell = pkgs.bash; - - users = { - # primary user - dev = { - isNormalUser = true; - extraGroups = ["wheel"]; - shell = pkgs.bash; - packages = with pkgs; [ - ]; - }; - - # user for friends to ssh into - friends = { - isNormalUser = true; - shell = pkgs.bash; - packages = with pkgs; [ - ]; - }; - }; - }; - - #home-manager = { - # users = { - # dev = import ../../homes/dev; - # friends = import ../../homes/friends; - # }; - #}; - - environment.SystemPackages = with pkgs; [ - ]; - - programs = { - }; -} diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index e8c0989..b0d87f8 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -1,297 +1,20 @@ -{ - pkgs, - inputs, - lib, - ... -}: let - home-manager = builtins.fetchTarball { - url = "https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz"; - sha256 = "15k41il0mvmwyv6jns4z8k6khhmb22jk5gpcqs1paym3l01g6abn"; - }; -in { +{...}: { imports = [ ./hardware-configuration.nix - (import "${home-manager}/nixos") - inputs.spicetify-nix.nixosModules.default ]; - programs.spicetify = let - spicePkgs = inputs.spicetify-nix.legacyPackages.${pkgs.system}; - in { - enable = true; - enabledExtensions = with spicePkgs.extensions; [ - adblock - hidePodcasts - shuffle # shuffle+ (special characters are sanitized out of extension names) - ]; - #theme = spicePkgs.themes.catppuccin; - #colorScheme = "mocha"; - }; - - boot.loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot/efi"; - }; - grub = { - efiSupport = true; - #efiInstallAsRemovable = true; # in case canTouchEfiVariables doesn't work on this system - device = "nodev"; - useOSProber = true; - }; - # GitHub: vinceliuice/grub2-themes - grub2-theme = { - enable = true; - theme = "whitesur"; # stylish, vimix, or whitesur - footer = true; - customResolution = "1920x1080"; # Optional: Set a custom resolution - }; - }; - - # Set your time zone. - time.timeZone = "Australia/Brisbane"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - #packages = with pkgs; [ - # nerdfonts - #]; - }; - - # ----- NETWORKING SECTION ----- networking.hostName = "lolcathost"; - networking.networkmanager.enable = true; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - networking.firewall.enable = true; # ----- SERVICES ----- services = { - # Set display manager (login screen) - displayManager = { - # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects - sddm = { - enable = true; - wayland.enable = true; # enable experimental sddm support for wayland - theme = "corners"; - }; - defaultSession = "hyprland"; - }; + # dbus = { + # # NOTE: programs.uwsm.enable sets implementation to dbus-broker, + # # NOTE: however this seems to break dbus + # implementation = lib.mkForce "dbus"; + # }; - # Enable sound - #hardware.pulseaudio.enable = false; - pipewire = { - enable = true; - wireplumber.enable = true; - - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - - # Enable touchpad support + # Touchpad support libinput.enable = true; - - tumbler.enable = true; # Thunar image thumbnail support - gvfs.enable = true; # Thunar mount, trash, and other functionality - }; - security.rtkit.enable = true; # I *think* this is for pipewire - - # allow wheel group to use passwordless sudo - users = { - # using fish as the login shell tends - # to go very poorly because it isn't - # POSIX compliant, so we'll just use - # simple Bash then :) - defaultUserShell = pkgs.bash; - - users = { - # literally me fr (personal account) - me = { - isNormalUser = true; - extraGroups = ["wheel"]; - shell = pkgs.bash; #pkgs.fish - packages = with pkgs; [ - firefox - nitch - starfetch - - # flatpak requires gnome-software - # for graphical applications - flatpak - gnome-software - ]; - }; - - # user for my professional jobs and stuff - ae = { - isNormalUser = true; - extraGroups = ["wheel"]; - shell = pkgs.bash; #pkgs.fish - packages = with pkgs; [ - ]; - }; - - # # This is the user account for servers - # dev = { - # isNormalUser = true; - # extraGroups = ["wheel"]; - # shell = pkgs.bash; #pkgs.zsh - # packages = with pkgs; [ - # ]; - # }; - - # user for friends to ssh into - friends = { - isNormalUser = true; - shell = pkgs.fish; - packages = with pkgs; [ - ]; - }; - }; - }; - - home-manager = { - users.me = import ../../homes/me; - sharedModules = [ - inputs.nixcord.homeManagerModules.nixcord - inputs.ags.homeManagerModules.default - {nixpkgs.overlays = [inputs.hyprpanel.overlay];} - ]; - }; - - # ---- SYSTEM PACKAGES ----- - environment.systemPackages = with pkgs; [ - # User Environment - inputs.swww.packages.${pkgs.system}.swww - helvum - easyeffects - ani-cli - wl-clipboard # clipboard for wayland - hyprpicker - - (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners - # dependencies for my sddm theme: - pkgs.libsForQt5.qt5.qtgraphicaleffects - - python311 # I use 3.11 since it's in a pretty stable state now - poetry # python dependency management and packaging - - # fish plugins - grc # colorise command outputs - - httpie - curlie - zoxide - doggo - tldr - btop - - # Pretty necessary - git - brightnessctl - acpi - vim - - # Unix Commands - wget - tree - unzip - ]; - - # Enable the use of certain programs - programs = { - hyprland = { - enable = true; - package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland; - portalPackage = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland; - - xwayland.enable = true; - }; - - zsh.enable = true; - fish.enable = true; - - # I want to use fish as my login shell but it always goes terrible - # cause it isn't POSIX compliant, so instead Bash is my login and - # will just exec fish (^-^) - bash = { - interactiveShellInit = '' - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] - then - shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - exec ${pkgs.fish}/bin/fish $LOGIN_OPTION - fi - ''; - }; - - # Thunar also uses: `services.tumbler` & `services.gvfs` - thunar = { - enable = true; - plugins = with pkgs.xfce; [ - thunar-volman # for removable drives (ie USBs) - thunar-archive-plugin # create and extract archives - thunar-media-tags-plugin # change metadata for media files - ]; - }; - }; - - # ----- FONTS ----- - fonts = { - enableDefaultPackages = true; # no clue what this line does tbh - packages = with pkgs; [ - #(nerdfonts.override { - # fonts = [ - # "Cousine" - # "Iosevka" - # "JetBrainsMono" - # ]; - # }) - nerdfonts - geist-font # for my hyprlock theme - - # texlive maintains a noto-emoji flake - texlivePackages.noto-emoji - ]; - - # TODO: change my default fonts - fontconfig = { - defaultFonts = { - serif = ["Iosevka"]; # TODO: package Iosevka Etoile since Iosevka isn't a serif font - sansSerif = ["Iosevka "]; - monospace = ["Cousine"]; - emoji = ["Noto Emoji"]; - }; - }; - }; - - # Enable the new CLI commands and the flakes as experimental features - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - # Enable OpenGL - hardware = { - graphics.enable = true; }; # DO NOT MODIFY diff --git a/hosts/modules/apps/rider.nix b/hosts/modules/apps/rider.nix new file mode 100644 index 0000000..b484f33 --- /dev/null +++ b/hosts/modules/apps/rider.nix @@ -0,0 +1,25 @@ +{ + pkgs, + upkgs, + dotnetVersions ? [8 9 10], + ... +}: { + imports = [ + ../langs/dotnet.nix + ]; + + environment.systemPackages = with pkgs; [ + # Ensure latest stable Rider version (not necessarily stable on NixOS) + upkgs.jetbrains.rider + + # NOTE: Blazor requires a Chromium-based browser + chromium + ]; + + programs.nix-ld = { + enable = true; + libraries = with pkgs; [ + icu + ]; + }; +} diff --git a/hosts/modules/apps/winbox.nix b/hosts/modules/apps/winbox.nix new file mode 100644 index 0000000..eaf8b7c --- /dev/null +++ b/hosts/modules/apps/winbox.nix @@ -0,0 +1,6 @@ +{...}: { + programs.winbox = { + enable = true; + openFirewall = false; # port: 5678 + }; +} diff --git a/hosts/modules/bashistrans.nix b/hosts/modules/bashistrans.nix new file mode 100644 index 0000000..e9d74ae --- /dev/null +++ b/hosts/modules/bashistrans.nix @@ -0,0 +1,27 @@ +{pkgs, ...}: { + # I want to use fish as my login shell but it always goes terrible + # cause it isn't POSIX compliant, so instead Bash is my login and + # will just exec fish (^-^) + programs = { + fish.enable = true; + + bash = { + blesh.enable = false; # ble.sh replacement for GNU readline + completion.enable = true; + + interactiveShellInit = '' + # help bash transition into a beautiful fish! + if [[ -z $CRY_BASH_IS_TRANS ]] + then + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + fi + # bash is trans now! (no more transitioning required) + export CRY_BASH_IS_TRANS=true + ''; + }; + }; +} diff --git a/modules/core/bluetooth.nix b/hosts/modules/core/bluetooth.nix similarity index 100% rename from modules/core/bluetooth.nix rename to hosts/modules/core/bluetooth.nix diff --git a/modules/core/bootloader/grub.nix b/hosts/modules/core/bootloader/grub.nix similarity index 100% rename from modules/core/bootloader/grub.nix rename to hosts/modules/core/bootloader/grub.nix diff --git a/modules/core/bootloader/systemd-boot.nix b/hosts/modules/core/bootloader/systemd-boot.nix similarity index 100% rename from modules/core/bootloader/systemd-boot.nix rename to hosts/modules/core/bootloader/systemd-boot.nix diff --git a/modules/core/garbage-collector.nix b/hosts/modules/core/garbage-collector.nix similarity index 100% rename from modules/core/garbage-collector.nix rename to hosts/modules/core/garbage-collector.nix diff --git a/modules/core/sound/default.nix b/hosts/modules/core/sound/default.nix similarity index 100% rename from modules/core/sound/default.nix rename to hosts/modules/core/sound/default.nix diff --git a/modules/core/sound/pipewire.nix b/hosts/modules/core/sound/pipewire.nix similarity index 100% rename from modules/core/sound/pipewire.nix rename to hosts/modules/core/sound/pipewire.nix diff --git a/modules/hyprland/default.nix b/hosts/modules/hyprland/default.nix similarity index 74% rename from modules/hyprland/default.nix rename to hosts/modules/hyprland/default.nix index 71ee559..530f075 100755 --- a/modules/hyprland/default.nix +++ b/hosts/modules/hyprland/default.nix @@ -1,12 +1,12 @@ -{ +# NOTE: hyprland must be enabled in BOTH your host config (for running hyprland) +# and your home-manager config (for managing hyprland's config files) +{ pkgs, inputs, config, - lib, - ... -}: - -{ + lib, + ... +}: { options.hyprland = { enable = lib.mkEnableOption "Hyprland"; }; @@ -17,7 +17,7 @@ #package = inputs.hyprland.packages.${pkgs.system}.hyprland; xwayland.enable = true; }; - + xdg.portal = { enable = true; extraPortals = with pkgs; [ @@ -26,5 +26,5 @@ }; # TODO: finish this (I didn't like the dotfiles I was getting inspo from and stopped) - }; + }; } diff --git a/hosts/modules/langs/dotnet.nix b/hosts/modules/langs/dotnet.nix new file mode 100644 index 0000000..4a42f74 --- /dev/null +++ b/hosts/modules/langs/dotnet.nix @@ -0,0 +1,61 @@ +{ + lib, + pkgs, + upkgs, + ... +}: let + dotnetVersions = [8 9 10]; + + dotnetCombined = + pkgs.dotnetCorePackages.combinePackages + (builtins.concatMap + (v: let + # dotnet = pkgs.dotnetCorePackages."dotnet_${builtins.toString x}"; + in [ + # dotnet.sdk + + # the runtime+aspnetcore packaged with the sdk + pkgs.dotnetCorePackages."sdk_${builtins.toString v}_0" + ]) + dotnetVersions); + + # Custom packaged tools + dotnetTools = with lib; { + uno-check = with pkgs.dotnetCorePackages; + buildDotnetGlobalTool { + pname = "Uno.Check"; + version = "1.32.17"; + + nugetHash = "sha256-BfTVF5uHu9/nyLXqdDEOHCxq6BVQWhsnDBbARzdLDAE="; + + executables = "uno-check"; + + dotnet-sdk = dotnet_9.sdk; + dotnet-runtime = dotnet_9.runtime; + + meta = { + homepage = "https://github.com/unoplatform/uno.check"; + license = licenses.mit; + maintainers = [maintainers.emileclarkb]; + }; + }; + }; +in { + environment.systemPackages = with pkgs; [ + # .NET + dotnetCombined + + # .NET Tools + dotnetTools.uno-check + + # Mono + mono + # NOTE: nixupkgs uses .NET8 SDK + # WARNING: nixpkgs-25.05 uses .NET6 SDK (now marked insecure) + upkgs.msbuild + + # .NET Framework Tools/Services + omnisharp-roslyn + netcoredbg + ]; +} diff --git a/hosts/modules/obsidian.nix b/hosts/modules/obsidian.nix new file mode 100644 index 0000000..ed800c3 --- /dev/null +++ b/hosts/modules/obsidian.nix @@ -0,0 +1,5 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + obsidian + ]; +} diff --git a/hosts/modules/steam.nix b/hosts/modules/steam.nix new file mode 100644 index 0000000..1e31d8d --- /dev/null +++ b/hosts/modules/steam.nix @@ -0,0 +1,56 @@ +{ + pkgs, + lib, + ... +}: { + # nixpkgs.config.allowUnfreePredicate = pkg: + # builtins.elem (lib.getName pkg) [ + # "steam" + # "steam-original" + # "steam-unwrapped" + # "steam-run" + # ]; + nixpkgs.overlays = [ + (self: super: { + lutris = super.lutris.overrideAttrs (final: prev: { + # WARNING: pkgs.mbedtls_2 is marked insecure! + # Replace pkgs.mbedtls_2 (v2.28.10) with pkgs.mbedtls (v3.6.4) + targetPkgs = pkgs: ( + (builtins.filter (p: p != pkgs.mbedtls_2) (prev.targetPkgs pkgs)) + ++ [pkgs.mbedtls] + ); + }); + }) + ]; + + programs = { + steam = { + enable = true; + gamescopeSession.enable = false; # .desktop entry for gamescope + + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + localNetworkGameTransfers.openFirewall = true; + + extraCompatPackages = with pkgs; [ + proton-ge-bin + ]; + }; + + gamemode.enable = true; + }; + + environment.systemPackages = with pkgs; [ + steamcmd + + mangohud + protonup-qt + + # XXX: DEBUG: disable lutris + # XXX: NOTE: pkgs.lutris depends on pkgs.mbedtls_2 which is marked insecure! + # XXX: NOTE: Use the provided overlay to patch pkgs.mbedtls_2 -> pkgs.mbedtls + # lutris + + bottles + ]; +} diff --git a/hosts/modules/wm/hyprland.nix b/hosts/modules/wm/hyprland.nix new file mode 100644 index 0000000..c83caa1 --- /dev/null +++ b/hosts/modules/wm/hyprland.nix @@ -0,0 +1,13 @@ +{pkgs, ...}: { + environment.defaultPackages = with pkgs; [ + hyprsunset + ]; + + programs = { + hyprland = { + enable = true; + withUWSM = true; # Universal Wayland Session Manager + xwayland.enable = true; + }; + }; +} diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 73d2eb1..1b397d4 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -1,226 +1,43 @@ { pkgs, - inputs, + upkgs, lib, - wishlist, ... -}: let - home-manager = builtins.fetchTarball { - url = "https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz"; - sha256 = "1dga3vsd60v9mfyhwgbil13mrchw5crbpgh4zjw9fghv1vyk89vq"; - }; -in { +}: { imports = [ ./hardware-configuration.nix - (import "${home-manager}/nixos") - inputs.spicetify-nix.nixosModules.default ]; - programs.spicetify = let - spicePkgs = inputs.spicetify-nix.legacyPackages.${pkgs.system}; - in { - enable = true; - enabledExtensions = with spicePkgs.extensions; [ - adblock - hidePodcasts - shuffle # shuffle+ (special characters are sanitized out of extension names) - ]; - #theme = spicePkgs.themes.catppuccin; - #colorScheme = "mocha"; - }; + networking = { + hostName = "myputer"; - boot.loader.systemd-boot.enable = false; - boot.loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot/efi"; #/boot/efi - }; - grub = { - efiSupport = true; - #efiInstallAsRemovable = true; # in case canTouchEfiVariables doesn't work on this system - device = "nodev"; - #useOSProber = true; - }; - grub2-theme = { - enable = true; - theme = "whitesur"; # stylish, vimix, or whitesur - footer = true; - customResolution = "1920x1080"; + firewall = { + allowedTCPPorts = [ + 22 # SSH + 80 # HTTP + 443 # HTTPS + 5678 # MikroTik WinBox + 25565 # Minecraft LAN + ]; }; }; - # Set your time zone. - time.timeZone = "Australia/Brisbane"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - }; - - # ----- NETWORKING SECTION ----- - networking.hostName = "myputer"; - networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - networking.firewall.enable = true; - # ----- SERVICES ----- services = { - # Set display manager (login screen) - displayManager = { - sddm = { - enable = true; - wayland.enable = true; # enable experimental sddm support for wayland - theme = "corners"; - }; - defaultSession = "hyprland"; - }; - - # Enable sound - pipewire = { - enable = true; - wireplumber.enable = true; - - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - - tumbler.enable = true; # Thunar image thumbnail support - gvfs.enable = true; # Thunar mount, trash, and other functionality - }; - security.rtkit.enable = true; # I *think* this is for pipewire - - # allow wheel group to use passwordless sudo - security.sudo.wheelNeedsPassword = false; - users = { - # using fish as the login shell tends - # to go very poorly because it isn't - # POSIX compliant, so we'll just use - # simple Bash then :) - defaultUserShell = pkgs.bash; - - users = { - # just me fr (personal account) - me = { - isNormalUser = true; - extraGroups = ["wheel" "docker"]; - shell = pkgs.bash; #pkgs.fish - packages = let - # TODO: can I just do this: https://nix.dev/manual/nix/2.18/command-ref/new-cli/nix3-flake#url-like-syntax - # instead to use colmena's flake.nix by specifying a rev hash in the flake input? - colmena-src = pkgs.fetchFromGitHub { - owner = "zhaofengli"; - repo = "colmena"; - rev = "47b6414d800c8471e98ca072bc0835345741a56a"; - sha256 = "rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc="; - }; - colmena-new = pkgs.callPackage "${colmena-src}/package.nix" {}; - in - with pkgs; [ - firefox - nitch - starfetch - - # flatpak requires gnome-software - flatpak - gnome-software - - colmena-new - - gitkraken - # NOTE: downloadthing this causes my PC to freak!! ("too many open files" error) - #keyguard # bitwarden client app - ]; - }; - - # user for my professional jobs and stuff - ae = { - isNormalUser = true; - extraGroups = ["wheel"]; - shell = pkgs.bash; #pkgs.fish - packages = with pkgs; [ - ]; - }; - }; + flatpak.enable = true; }; - home-manager = { - users.me = import ../../homes/me; - sharedModules = [ - inputs.nixcord.homeManagerModules.nixcord - inputs.ags.homeManagerModules.default - {nixpkgs.overlays = [inputs.hyprpanel.overlay];} - ]; - }; - - # set environment variables - environment.sessionVariables = { - # folder names with capitalisation look awful! - XDG_DOWNLOAD_DIR = "$HOME/downloads"; - - # Hint Electrons apps to use Wayland - NIXOS_OZONE_WL = "1"; - }; + security.sudo.wheelNeedsPassword = lib.mkForce false; # ---- SYSTEM PACKAGES ----- environment.systemPackages = with pkgs; [ # User Environment - inputs.swww.packages.${pkgs.system}.swww - helvum - easyeffects - pavucontrol - ani-cli - wl-clipboard # clipboard for wayland - hyprpicker + libreoffice - #(callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners - # dependencies for my sddm theme: - pkgs.libsForQt5.qt5.qtgraphicaleffects - - python311 # I use 3.11 since it's in a pretty stable state now - poetry # python dependency management and packaging - - nixd # lsp for nix - - neofetch # TODO: remove (installed to debug something) - - # fish plugins - grc # colorise command outputs - - httpie - curlie - zoxide - doggo - tldr - #btop - - tesseract # for my work with Agribit - - # TODO: remove this and host my nix flake on github instead - #wishlist - - # Pretty necessary - git - brightnessctl - acpi - vim - nix-prefetch-git - - # Unix Commands - wget - tree - unzip - - # Cryptography - openssl - libargon2 + # Games + prismlauncher # minecraft + upkgs.olympus # CELESTE!! <3 :3 + discord ]; # DEBUG: configuring xdg portal here instead? @@ -239,121 +56,6 @@ in { # ]; #}; - # Enable the use of certain programs - programs = { - hyprland = { - enable = true; - # TODO: uncomment, I did this when hyprland wasn't working - #package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland; - #portalPackage = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland; - - xwayland.enable = true; - }; - - zsh.enable = true; - fish.enable = true; - - neovim = { - enable = true; - defaultEditor = true; - viAlias = true; - vimAlias = true; - configure = { - customRC = '' - set number - set tabstop=4 - set shiftwidth=4 - ''; - }; - }; - - # I want to use fish as my login shell but it always goes terrible - # cause it isn't POSIX compliant, so instead Bash is my login and - # will just exec fish (^-^) - bash = { - interactiveShellInit = '' - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] - then - shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - exec ${pkgs.fish}/bin/fish $LOGIN_OPTION - fi - ''; - }; - - # Thunar also users: `services.tumbler` & `services.gvfs` - thunar = { - enable = true; - plugins = with pkgs.xfce; [ - thunar-volman # for removable drives (ie USBs) - thunar-archive-plugin # create and extract archives - thunar-media-tags-plugin # change metadata for media files - ]; - }; - - # mozilla's email client - thunderbird.enable = true; - }; - - # ----- FONTS ----- - fonts = { - enableDefaultPackages = true; # no clue what this line does tbh - packages = with pkgs; [ - /* - (nerdfonts.override { - fonts = [ - "Cousine" # its already i guess - "Iosevka" # nah nah - "IosevkaTerm" # big nah - "CascadiaCode" # potential - "FiraCode" # potential - "JetBrainsMono" # for my rofi theme - "Hasklig" - "Hack" - ]; - }) - */ - nerdfonts - geist-font # for my hyprlock theme - - # texlive maintains a noto-emoji flake - texlivePackages.noto-emoji - ]; - - # TODO: change my default fonts - fontconfig = { - defaultFonts = { - serif = ["Iosevka"]; - sansSerif = ["Iosevka "]; - monospace = ["Cousine"]; - emoji = ["Noto Emoji"]; - }; - }; - }; - - # Enable the new CLI commands and the flakes as experimental features - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; - - virtualisation.docker.enable = true; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - #programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - #}; - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - # Enable OpenGL - hardware = { - graphics.enable = true; - }; - # DO NOT MODIFY system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/hosts/myputer/modules/gamergrl/default.nix b/hosts/myputer/modules/gamergrl/default.nix new file mode 100644 index 0000000..f295398 --- /dev/null +++ b/hosts/myputer/modules/gamergrl/default.nix @@ -0,0 +1,11 @@ +{...}: { + services.flatpak = { + packages = [ + { + # Linux Runtime for Roblox + appId = "org.vinegarhq.Sober"; + origin = "flathub"; + } + ]; + }; +} diff --git a/hosts/sddm-theme-corners.nix b/hosts/sddm-theme-corners.nix deleted file mode 100755 index ccc93f0..0000000 --- a/hosts/sddm-theme-corners.nix +++ /dev/null @@ -1,17 +0,0 @@ -{pkgs}: { - sddm-theme-corners = pkgs.stdenv.mkDerivation rec { - name = "sddm-theme-corners"; - #version = "1.0"; - #dontBuild = true; - installPhase = '' - mkdir -p $out/share/sddm/themes - cp -ar $src/corners $out/share/sddm/themes/ - ''; - src = pkgs.fetchFromGitHub { - owner = "aczw"; - repo = "sddm-theme-corners"; - rev = "6ff0ff455261badcae36cd7d151a34479f157a3c"; - sha256 = "0iiasrbl7ciyhq3z02la636as915zk9ph063ac7vm5iwny8vgwh8"; - }; - }; -} diff --git a/modules/colmena.nix b/modules/colmena.nix deleted file mode 100644 index 5756901..0000000 --- a/modules/colmena.nix +++ /dev/null @@ -1,20 +0,0 @@ -{}: { - # Colmena's latest stable version is - # unusable so get latest unstable version. - colmena = let - src = pkgsBuild.fetchFromGitHub { - owner = "zhaofengli"; - repo = "colmena"; - rev = "47b6414d800c8471e98ca072bc0835345741a56a"; - sha256 = "rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc="; - }; - flake = - pkgsBuild.callPackage "${src}/flake.nix" { - }; - in - flake.packages."${system}".colmena; - - nixpkgs.config.packageOverrides = pkgs: { - colmena = pkgs.callPackage - }; -} diff --git a/modules/discord/nixcord.nix b/modules/discord/nixcord.nix deleted file mode 100755 index a347405..0000000 --- a/modules/discord/nixcord.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - lib, - pkgs, - config, - inputs, - outputs, - ... -}: - -{ - imports = [ - config.nixcord.homeManagerModules.nixcord - ]; - - programs.nixcord = { - enable = true; - config = { - #themeLinks = [ - # "" - #]; - - # no surrounding window frame - frameless = true; - - plugins = { - }; - }; - }; -} diff --git a/modules/wishlist.nix b/modules/wishlist.nix deleted file mode 100644 index 62cc408..0000000 --- a/modules/wishlist.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - description = "Wishlist: Your SSH directory." - - inputs = { - - }; - - outputs = { - self - }: let - nixosModule = { - config, - lib, - pkgs, - ... - }: { - options.services.wishlist = { - enable = lib.mkEnableOption "Your SSH directory."; - - port = lib.mkOption { - type = lib.types.port; - default = 22; - description = "Port to listen on"; - }; - }; - - config = lib.mkIf config.services.wishlist.enable { - # configure the systemd service - systemd.services.wishlist = { - description = "Your SSH directory."; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - serviceConfig = { - ExecStart = "${self.packages.${pkgs.system}.default}/bin/wishlist"; - Restart = "always"; - Type = "simple"; - DynamicUser = "yes"; - }; - # environment variables - environment = { - - }; - }; - }; - }; - in - (flake-utils.lib.eachDefaultSystem (system: let - gopkg = go-nixpkgs.legacyPackages.${system}; - in { - packages.default = gopkg.buildGoModule ############################ - })) - buildGoModule rec { # is rec necessary? - pname = "wishlist"; - version = "0.15.1" - - src = fetchFromGithub { - owner = "charmbracelet"; - repo = "wishlist"; - rev = "v${version}"; - hash = "0c9g1s8j9znzd1mw61d0klc6sqri0wx6hljibxdwzi3cabfy3ld6"; - }; - - vendorSha256 = lib.fakeSha256; - - meta = with lib; { - homepage = "https://github.com/charmbracelet/wishlist"; - description = "Your SSH directory."; - license = lib.licenses.mit; - maintainers = with lib.maintainers; [ caarlos0 ]; - }; - }; -} diff --git a/modules/wishlist.nix.bak b/modules/wishlist.nix.bak deleted file mode 100644 index 3f190ad..0000000 --- a/modules/wishlist.nix.bak +++ /dev/null @@ -1,22 +0,0 @@ -{lib}: { - buildGoModule rec { # is rec necessary? - pname = "wishlist"; - version = "0.15.1" - - src = fetchFromGithub { - owner = "charmbracelet"; - repo = "wishlist"; - rev = "v${version}"; - hash = "0c9g1s8j9znzd1mw61d0klc6sqri0wx6hljibxdwzi3cabfy3ld6"; - }; - - vendorSha256 = lib.fakeSha256; - - meta = with lib; { - homepage = "https://github.com/charmbracelet/wishlist"; - description = "Your SSH directory."; - license = lib.licenses.mit; - maintainers = with lib.maintainers; [ caarlos0 ]; - }; - }; -} diff --git a/nixpkgs.nix b/nixpkgs.nix new file mode 100644 index 0000000..816800f --- /dev/null +++ b/nixpkgs.nix @@ -0,0 +1,46 @@ +{ + lib, + inputs, + system, + ... +} @ args: { + nixpkgs.channels.default = rec { + default = pkgs; + # nixpkgs (stable branch) + pkgs = { + inherit system; + source = inputs.nixpkgs; + overlays = [ + inputs.dobutterfliescry-net.overlays.default + (import ./overlays/default.nix args) + ]; + config = { + # allowUnfree = false; + allowBroken = false; + allowUnfreePredicate = pkg: + builtins.elem (lib.getName pkg) [ + "discord" + "steam" + "steamcmd" + "steam-unwrapped" + + "obsidian" + "gitkraken" + ]; + }; + }; + # nixpkgs-unstable + upkgs = { + inherit system; + source = inputs.nixpkgs-unstable; + overlays = [ + inputs.dobutterfliescry-net.overlays.default + (import ./overlays/default.nix args) + ]; + config = { + allowUnfree = false; + allowBroken = false; + }; + }; + }; +} diff --git a/overlays/default.nix b/overlays/default.nix new file mode 100644 index 0000000..d18a23d --- /dev/null +++ b/overlays/default.nix @@ -0,0 +1,33 @@ +{inputs, ...}: ( + self: super: { + angry-oxide = import ../packages/angryoxide { + pkgs = super; + inherit + (super) + lib + ; + }; + ekphos = import ../packages/ekphos { + pkgs = super; + }; + x86-manpages = import ../packages/x86-manpages { + pkgs = super; + }; + + sddm-theme-corners = import ../packages/sddm-theme-corners { + pkgs = super; + }; + + # in wake of CVE-2022-3602/CVE-2022-3786 + nginxStable = super.nginxStable.override {openssl = super.libressl;}; + nginx = super.nginx.override {openssl = super.libressl;}; + + element-desktop = super.element-desktop.overrideAttrs (final: prev: { + desktopItems = [ + ((builtins.elemAt prev.desktopItems 0).override { + exec = "element-desktop %u --password-store=\"gnome-libsecret\""; + }) + ]; + }); + } +) diff --git a/packages/README b/packages/README new file mode 100644 index 0000000..e6e892c --- /dev/null +++ b/packages/README @@ -0,0 +1,5 @@ +This directory (`hosts/packages`) contains custom package derivations, and differs +from `hosts/modules/` which contains importable modules for my nixdots. + +Often each package I write will have a corresponding module that simply +calls `pkgs.callPackage` to install the derivation to the system environment. diff --git a/packages/angryoxide/default.nix b/packages/angryoxide/default.nix new file mode 100644 index 0000000..7610848 --- /dev/null +++ b/packages/angryoxide/default.nix @@ -0,0 +1,84 @@ +{ + pkgs, + lib, + ... +}: let + # shared/global properties + angryoxide-owner = "Ragnt"; + angryoxide-pname = "AngryOxide"; + angryoxide-version = "0.8.32"; + angryoxide-meta = { + homepage = "https://github.com/${angryoxide-owner}/${angryoxide-pname}"; + license = lib.licenses.gpl3; + maintainers = [lib.maintainers.emileclarkb]; + }; + + # "Vendored LibWifi used in AngryOxide" + angryoxide-libwifi-src = pkgs.fetchFromGitHub { + owner = angryoxide-owner; + repo = "libwifi"; + # this specific revision is requested (by rev "e1352..." of AngryOxide) + rev = "71268e1898ad88b8b5d709e186836db417b33e81"; + sha256 = "0af9y7bvr3rban6bslsd9smrvibfp1b7d4nfw7wkdxfp49kx6zyr"; + }; + + # Using `mkDerivation` not `buildRustPackage` because + # AngryOxide uses Git submodules for a patched version of "LibWifi", + # and these aren't moved into `/build/source/libs/` for the `buildPhase`. + # Simply fix right? Well no I can't override `buildPhase`... + angryoxide-src = pkgs.stdenv.mkDerivation rec { + pname = "${angryoxide-pname}-source"; + version = angryoxide-version; + + src = pkgs.fetchFromGitHub { + owner = "Ragnt"; + repo = pname; + rev = "e1352c8aad370efa8db69d175686e4353c6002bd"; + sha256 = "07nhvy7kp7z4y0fdslv56pw7kz6idcpma42f4hyilrmazjbbjmja"; + # clone git submodules (needed for the rust workspace libs) + fetchSubmodules = true; + }; + + buildPhase = '' + # ensure $out and /libwifi paths exist + mkdir -p $out/libs/libwifi + # copy only the necessary source files + cp Cargo.toml Cargo.lock $out/ + cp -r $src/.cargo $src/assets $src/completions $src/libs $src/src $out/ + # ensure libwifi submodule is copied to the build environment + cp -r ${angryoxide-libwifi-src}/. $out/libs/libwifi/ + ''; + + installPhase = let + # SOURCE + completionScriptBash = "completions/bash_angry_oxide_completions"; + # DESTINATION + completionDirBash = "$out/share/bash-completion/completions"; + in '' + # mkdir -p $out/bin + #mkdir $out/bin + #cp target/release/angryoxide $out/bin + + # add bash completions + #mkdir -p ${completionDirBash} + #cp ${completionScriptBash} ${completionDirBash}/angryoxide + ''; + + meta = + { + description = "AngryOxide's source files isolated by (@emileclarkb) into a separate Nix derivation."; + } + // angryoxide-meta; + }; +in + pkgs.rustPackages.rustPlatform.buildRustPackage { + pname = angryoxide-pname; + version = angryoxide-version; + src = angryoxide-src; + cargoHash = "sha256-mry4l0a7DZOWkrChU40OVRCBjKwI39cyZtvEBA5tro0="; + meta = + { + description = "802.11 Attack Tool"; + } + // angryoxide-meta; + } diff --git a/packages/chameleonultragui/TODO.md b/packages/chameleonultragui/TODO.md new file mode 100644 index 0000000..5b49da7 --- /dev/null +++ b/packages/chameleonultragui/TODO.md @@ -0,0 +1 @@ +- [ ] Try using `gitHashes` argument instead of patching? (on chameleonultragui package) diff --git a/packages/chameleonultragui/default.nix b/packages/chameleonultragui/default.nix new file mode 100644 index 0000000..0aa10ec --- /dev/null +++ b/packages/chameleonultragui/default.nix @@ -0,0 +1,483 @@ +{ + pkgs, + lib, + makeDesktopItem, + copyDesktopItems, + ... +}: +# ChameleonUltraGUI requires flutter sdk >3.0.0 +pkgs.flutter324.buildFlutterApplication +rec { + pname = "ChameleonUltraGUI"; + version = "1.1.2"; + + src = pkgs.fetchFromGitHub { + owner = "GameTec-live"; + repo = "ChameleonUltraGUI"; + sha256 = "1mb6wkqk6vaamrhflfhsgp5gvqiw2qkvmy7j65abcx7sn5990i27"; + rev = "11424abaccb4a010fcbeab9799ae8f675d8afe99"; + }; + + desktopItems = [ + (makeDesktopItem { + name = pname; + desktopName = pname; + genericName = pname; + + icon = "chameleonultragui"; + comment = meta.description; + + exec = "chameleonultragui %u"; + type = "Application"; + terminal = false; + + categories = ["Utility"]; + keywords = [ + "Flutter" + "share" + "files" + "chameleon" + "chameleonultra" + "chameleonlite" + ]; + }) + ]; + + # path to application within fetched sources + sourceRoot = "source/chameleonultragui"; + + buildInputs = [ + pkgs.imagemagick # creating mipmaps for share/icons + pkgs.yj # converting pubspec.lock yaml->json + ]; + + nativeBuildInputs = [ + copyDesktopItems + ]; + + buildArguments = ["--release"]; + + # source files compile with Flutter >3.29.0 but this + # derivation uses 3.24.0 (so we patch for compatability) + postPatch = let + argbPatch = '' + --- general.dart.old 2025-05-11 15:59:51.812132078 +1000 + +++ general.dart 2025-05-11 15:58:14.755856407 +1000 + @@ -211,7 +211,7 @@ + } + + String colorToHex(Color color) { + - return '#\''${color.toARGB32().toRadixString(16).padLeft(8, '0').substring(2)}'; + + return '#\''${color.value.toRadixString(16).padLeft(8, '0').substring(2)}'; + } + + Color hexToColor(String hex) { + ''; + in '' + # patch source files using Color.toARGB32 method (not defined in Flutter 3.24) + argbPatch="${argbPatch}" + patch lib/helpers/general.dart <(echo "$argbPatch") + ''; + + postInstall = '' + # create mipmaps of desktop logo + logoOriginal="assets/logo-color-desktop.png" + for i in 16 32 64 128 256 512; do + res="$i"x"$i" + d="$out"/share/icons/hicolor/"$res"/apps + mkdir -p $d + ${pkgs.imagemagick}/bin/magick $logoOriginal -resize $res $d/chameleonultragui.png + done + ''; + + # Nix doesn't natively have a fromYAML function (so I made this instead) + pubspecLock = let + appRoot = "${src}/chameleonultragui"; + + # when generating patch files use -u flag and then + # make sure to escape all " characters for Nix string + pubspecLockPatch = '' + --- pubspec.lock.bak2025-05-10 15:42:44.287730979 +1000 + +++ pubspec.lock2025-05-10 15:41:23.778480048 +1000 + @@ -5,18 +5,23 @@ + dependency: transitive + description: + name: _fe_analyzer_shared + - sha256: dc27559385e905ad30838356c5f5d574014ba39872d732111cd07ac0beff4c57 + + sha256: f256b0c0ba6c7577c15e2e4e114755640a875e885099367bf6e012b19314c834 + url: \"https://pub.dev\" + source: hosted + - version: \"80.0.0\" + + version: \"72.0.0\" + + _macros: + + dependency: transitive + + description: dart + + source: sdk + + version: \"0.3.2\" + analyzer: + dependency: transitive + description: + name: analyzer + - sha256: \"192d1c5b944e7e53b24b5586db760db934b177d4147c42fbca8c8c5f1eb8d11e\" + + sha256: b652861553cd3990d8ed361f7979dc6d7053a9ac8843fa73820ab68ce5410139 + url: \"https://pub.dev\" + source: hosted + - version: \"7.3.0\" + + version: \"6.7.0\" + archive: + dependency: \"direct main\" + description: + @@ -37,26 +42,26 @@ + dependency: \"direct main\" + description: + name: async + - sha256: d2872f9c19731c2e5f10444b14686eb7cc85c76274bd6c16e1816bff9a3bab63 + + sha256: \"947bfcf187f74dbc5e146c9eb9c0f10c9f8b30743e341481c1e2ed3ecc18c20c\" + url: \"https://pub.dev\" + source: hosted + - version: \"2.12.0\" + + version: \"2.11.0\" + boolean_selector: + dependency: transitive + description: + name: boolean_selector + - sha256: \"8aab1771e1243a5063b8b0ff68042d67334e3feab9e95b9490f9a6ebf73b42ea\" + + sha256: \"6cfb5af12253eaf2b368f07bacc5a80d1301a071c73360d746b7f2e32d762c66\" + url: \"https://pub.dev\" + source: hosted + - version: \"2.1.2\" + + version: \"2.1.1\" + characters: + dependency: transitive + description: + name: characters + - sha256: f71061c654a3380576a52b451dd5532377954cf9dbd272a78fc8479606670803 + + sha256: \"04a925763edad70e8443c99234dc3328f442e811f1d8fd1a72f1c8ad0f69a605\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.4.0\" + + version: \"1.3.0\" + checked_yaml: + dependency: transitive + description: + @@ -77,18 +82,18 @@ + dependency: transitive + description: + name: clock + - sha256: fddb70d9b5277016c77a80201021d40a2247104d9f4aa7bab7157b7e3f05b84b + + sha256: cb6d7f03e1de671e34607e909a7213e31d7752be4fb66a86d29fe1eb14bfb5cf + url: \"https://pub.dev\" + source: hosted + - version: \"1.1.2\" + + version: \"1.1.1\" + collection: + dependency: \"direct main\" + description: + name: collection + - sha256: \"2f5709ae4d3d59dd8f7cd309b4e023046b57d8a6c82130785d2b0e5868084e76\" + + sha256: ee67cb0715911d28db6bf4af1026078bd6f0128b07a5f66fb2ed94ec6783c09a + url: \"https://pub.dev\" + source: hosted + - version: \"1.19.1\" + + version: \"1.18.0\" + convert: + dependency: \"direct main\" + description: + @@ -157,10 +162,10 @@ + dependency: transitive + description: + name: fake_async + - sha256: \"6a95e56b2449df2273fd8c45a662d6947ce1ebb7aafe80e550a3f68297f3cacc\" + + sha256: \"511392330127add0b769b75a987850d136345d9227c6b94c96a04cf4a391bf78\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.3.2\" + + version: \"1.3.1\" + ffi: + dependency: \"direct main\" + description: + @@ -196,11 +201,10 @@ + file_saver: + dependency: \"direct main\" + description: + - path: \".\" + - ref: fix-windows + - resolved-ref: \"3038d74d5560dcca528423fffd745abf31eb88ae\" + - url: \"https://github.com/Foxushka/file_saver.git\" + - source: git + + name: file_saver + + sha256: \"017a127de686af2d2fbbd64afea97052d95f2a0f87d19d25b87e097407bf9c1e\" + + url: \"https://pub.dev\" + + source: hosted + version: \"0.2.14\" + fixnum: + dependency: transitive + @@ -234,11 +238,10 @@ + flutter_libserialport: + dependency: \"direct main\" + description: + - path: \".\" + - ref: main + - resolved-ref: \"6740aae075505a220a98492910b090824efc7910\" + - url: \"https://github.com/NeariX67/flutter_libserialport.git\" + - source: git + + name: flutter_libserialport + + sha256: d193b5ac819db6540d20cc8d20d9f5ec9e3396edb4d2c4a23c97863fa9132336 + + url: \"https://pub.dev\" + + source: hosted + version: \"0.5.0\" + flutter_lints: + dependency: \"direct dev\" + @@ -347,18 +350,18 @@ + dependency: transitive + description: + name: leak_tracker + - sha256: c35baad643ba394b40aac41080300150a4f08fd0fd6a10378f8f7c6bc161acec + + sha256: \"3f87a60e8c63aecc975dda1ceedbc8f24de75f09e4856ea27daf8958f2f0ce05\" + url: \"https://pub.dev\" + source: hosted + - version: \"10.0.8\" + + version: \"10.0.5\" + leak_tracker_flutter_testing: + dependency: transitive + description: + name: leak_tracker_flutter_testing + - sha256: f8b613e7e6a13ec79cfdc0e97638fddb3ab848452eff057653abd3edba760573 + + sha256: \"932549fb305594d82d7183ecd9fa93463e9914e1b67cacc34bc40906594a1806\" + url: \"https://pub.dev\" + source: hosted + - version: \"3.0.9\" + + version: \"3.0.5\" + leak_tracker_testing: + dependency: transitive + description: + @@ -399,14 +402,22 @@ + url: \"https://pub.dev\" + source: hosted + version: \"1.3.0\" + + macros: + + dependency: transitive + + description: + + name: macros + + sha256: \"0acaed5d6b7eab89f63350bccd82119e6c602df0f391260d0e32b5e23db79536\" + + url: \"https://pub.dev\" + + source: hosted + + version: \"0.1.2-main.4\" + matcher: + dependency: transitive + description: + name: matcher + - sha256: dc58c723c3c24bf8d3e2d3ad3f2f9d7bd9cf43ec6feaa64181775e60190153f2 + + sha256: d2323aa2060500f906aa31a895b4030b6da3ebdcc5619d14ce1aada65cd161cb + url: \"https://pub.dev\" + source: hosted + - version: \"0.12.17\" + + version: \"0.12.16+1\" + material_color_utilities: + dependency: transitive + description: + @@ -419,10 +430,10 @@ + dependency: transitive + description: + name: meta + - sha256: e3641ec5d63ebf0d9b41bd43201a66e3fc79a65db5f61fc181f04cd27aab950c + + sha256: bdb68674043280c3428e9ec998512fb681678676b3c54e773629ffe74419f8c7 + url: \"https://pub.dev\" + source: hosted + - version: \"1.16.0\" + + version: \"1.15.0\" + mobile_scanner: + dependency: \"direct main\" + description: + @@ -467,10 +478,10 @@ + dependency: \"direct main\" + description: + name: path + - sha256: \"75cca69d1490965be98c73ceaea117e8a04dd21217b37b292c9ddbec0d955bc5\" + + sha256: \"087ce49c3f0dc39180befefc60fdb4acd8f8620e5682fe2476afd0b3688bb4af\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.9.1\" + + version: \"1.9.0\" + path_provider: + dependency: transitive + description: + @@ -723,15 +734,15 @@ + dependency: transitive + description: flutter + source: sdk + - version: \"0.0.0\" + + version: \"0.0.99\" + source_span: + dependency: transitive + description: + name: source_span + - sha256: \"254ee5351d6cb365c859e20ee823c3bb479bf4a293c22d17a9f1bf144ce86f7c\" + + sha256: \"53e943d4206a5e30df338fd4c6e7a077e02254531b138a15aec3bd143c1a8b3c\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.10.1\" + + version: \"1.10.0\" + sprintf: + dependency: transitive + description: + @@ -744,42 +755,42 @@ + dependency: transitive + description: + name: stack_trace + - sha256: \"8b27215b45d22309b5cddda1aa2b19bdfec9df0e765f2de506401c071d38d1b1\" + + sha256: \"73713990125a6d93122541237550ee3352a2d84baad52d375a4cad2eb9b7ce0b\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.12.1\" + + version: \"1.11.1\" + stream_channel: + dependency: transitive + description: + name: stream_channel + - sha256: \"969e04c80b8bcdf826f8f16579c7b14d780458bd97f56d107d3950fdbeef059d\" + + sha256: ba2aa5d8cc609d96bbb2899c28934f9e1af5cddbd60a827822ea467161eb54e7 + url: \"https://pub.dev\" + source: hosted + - version: \"2.1.4\" + + version: \"2.1.2\" + string_scanner: + dependency: transitive + description: + name: string_scanner + - sha256: \"921cd31725b72fe181906c6a94d987c78e3b98c2e205b397ea399d4054872b43\" + + sha256: \"556692adab6cfa87322a115640c11f13cb77b3f076ddcc5d6ae3c20242bedcde\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.4.1\" + + version: \"1.2.0\" + term_glyph: + dependency: transitive + description: + name: term_glyph + - sha256: \"7f554798625ea768a7518313e58f83891c7f5024f88e46e7182a4558850a4b8e\" + + sha256: a29248a84fbb7c79282b40b8c72a1209db169a2e0542bce341da992fe1bc7e84 + url: \"https://pub.dev\" + source: hosted + - version: \"1.2.2\" + + version: \"1.2.1\" + test_api: + dependency: transitive + description: + name: test_api + - sha256: fb31f383e2ee25fbbfe06b40fe21e1e458d14080e3c67e7ba0acfde4df4e0bbd + + sha256: \"5b8a98dafc4d5c4c9c72d8b31ab2b23fc13422348d2997120294d3bac86b4ddb\" + url: \"https://pub.dev\" + source: hosted + - version: \"0.7.4\" + + version: \"0.7.2\" + typed_data: + dependency: transitive + description: + @@ -855,12 +866,11 @@ + usb_serial: + dependency: \"direct main\" + description: + - path: \".\" + - ref: fix-usbserial + - resolved-ref: \"9fcbacc92bec19ea02d33a40d9f39e45d19cf637\" + - url: \"https://github.com/Foxushka/usbserial.git\" + - source: git + - version: \"0.5.1\" + + name: usb_serial + + sha256: a605a600e34e7f28d4e80851ca3999ef747e42e406138887b8a88b8c382a8b07 + + url: \"https://pub.dev\" + + source: hosted + + version: \"0.5.2\" + uuid: + dependency: \"direct main\" + description: + @@ -881,10 +891,10 @@ + dependency: transitive + description: + name: vm_service + - sha256: \"0968250880a6c5fe7edc067ed0a13d4bae1577fe2771dcf3010d52c4a9d3ca14\" + + sha256: \"5c5f338a667b4c644744b661f309fb8080bb94b18a7e91ef1dbd343bed00ed6d\" + url: \"https://pub.dev\" + source: hosted + - version: \"14.3.1\" + + version: \"14.2.5\" + wakelock_plus: + dependency: \"direct main\" + description: + @@ -958,5 +968,5 @@ + source: hosted + version: \"2.2.1\" + sdks: + - dart: \">=3.7.0-0 <4.0.0\" + + dart: \">=3.5.0 <4.0.0\" + flutter: \">=3.24.0\" + ''; + in + builtins.fromJSON + ( + builtins.readFile (pkgs.runCommand "${pname}-buildenv" { + inputs = [ + # DEBUG (both lines commented) + #pkgs.flutter324 # ChameleonUltraGUI requires sdk >3.0.0 + #pkgs.yj + ]; + } '' + # copy source files to a temporary path to rebuild the lockfile + buildPath=$(mktemp -d) + cp -r "${appRoot}/." "$buildPath/" + + outPubspecLock="$buildPath/pubspec.lock" + # MUST define variables to use multiline Nix string in bash scripting + pubspecLockPatch="${pubspecLockPatch}" + + # apply the pubspec.yaml patch and regenerate lock file + # (create a temporary home directory for flutter to play in) + #(cd $buildPath && chmod -R +w . \ + # && patch ./pubspec.yaml <(echo "$pubspecYamlPatch") \ + # && export HOME=$(mktemp -d) \ + # && flutter --disable-analytics \ + # && flutter config --no-cli-animations \ + # && ${pkgs.flutter}/bin/flutter pub get) + + # patch the lockfile + chmod +w $outPubspecLock + patch $outPubspecLock <(echo "$pubspecLockPatch") + + # convert new lockfile to json and return + ${pkgs.yj}/bin/yj < "$buildPath/pubspec.lock" > $out + '') + ); + + # TODO: try this instead of patching + # gitHashes = { + # dartssh2 = "sha256-2pypKwurziwGLZYuGaxlS2lzN3UvJp3bRTvvYYxEqRI="; + # hotkey_manager_linux = "sha256-aO0h94YZvgV/ggVupNw8GjyZsnXrq3qTHRDtuhNv3oI="; + # system_info2 = "sha256-fly7E2vG+bQ/+QGzXk+DYba73RZccltdW2LpZGDKX60="; + # tray_menu = "sha256-riiAiBEms+9ARog8i+MR1fto1Yqx+gwbBWyNbNq6VTM="; + # window_size = "sha256-71PqQzf+qY23hTJvcm0Oye8tng3Asr42E2vfF1nBmVA="; + # xterm = "sha256-h8vIonTPUVnNqZPk/A4ZV7EYCMyM0rrErL9ZOMe4ZBE="; + # }; + + meta = with lib; { + description = "A GUI for the Chameleon Ultra written in Flutter for crossplatform"; + homepage = "https://github.com/GameTec-live/ChameleonUltraGUI"; + license = licenses.gpl3; + maintainers = [maintainers.emileclarkb]; + platforms = platforms.linux; + }; +} +# find /nix/store -type f -print 2>/dev/null | rg "share/applications" +# NOTE: this command will show that there the desktop file was generated +# at some point. just not anymore?? +# NOTE2: read over ~/workshop/packaging/nixpkgs-24.11/pkgs/build-support/make-desktopitem/default.nix +# and see exactly how makeDesktopItem is defined! +# perhaps the item is added to the build environment but not the output? +# NOTE: see how it builds derivations for the desktop and makes the desktop items? +# (every time I build it does actually make the desktop items) +# HOWEVER I just dont think they're being copied over... +# /nix/store/4hqs6dkxqngi6wi95dmizbvmgm7l5cf0-ChameleonUltraGUI.desktop/share/applications/ChameleonUltraGUI.desktop +# /nix/store/869gy031lf243k0x9ir7gmrsfksipca1-ChameleonUltraGUI.desktop/share/applications/ChameleonUltraGUI.desktop +# /nix/store/adqq7slakkhpjc4hln19jd6p22cc9ci6-ChameleonUltraGUI.desktop/share/applications/ChameleonUltraGUI.desktop +# /nix/store/x9fa3na0is70h4ya4dbfsivk4m3mab57-ChameleonUltraGUI.desktop/share/applications/ChameleonUltraGUI.desktop + diff --git a/packages/ekphos/default.nix b/packages/ekphos/default.nix new file mode 100644 index 0000000..8e90cab --- /dev/null +++ b/packages/ekphos/default.nix @@ -0,0 +1,25 @@ +{pkgs, ...}: let + inherit + (pkgs) + lib + ; +in + pkgs.rustPackages.rustPlatform.buildRustPackage { + pname = "ekphos"; + version = "v0.20.10"; + src = pkgs.fetchFromGitHub { + repo = "ekphos"; + owner = "hanebox"; + sha256 = "sha256-mZ6yQdPpJ9PglYyHwivVDO05vRPvwZG7DPEBJeOVlFE="; + rev = "1ac1ab68dd4ea867dadf54f60e32a9a3e0305695"; + }; + + cargoHash = "sha256-s6Elg0Fqxdlc2/428oV7POMqphx8vWaLOncO5kZyBfQ="; + + meta = { + description = "A lightweight, fast, terminal-based markdown research tool inspired by Obsidian"; + homepage = "https://github.com/hanebox/ekphos"; + license = lib.licenses.mit; + maintainers = [lib.maintainers.emileclarkb]; + }; + } diff --git a/packages/huggingface_hub/flake.nix b/packages/huggingface_hub/flake.nix new file mode 100644 index 0000000..37814d9 --- /dev/null +++ b/packages/huggingface_hub/flake.nix @@ -0,0 +1,35 @@ +# Template: https://nixos-and-flakes.thiscute.world/development/intro +{ + description = "Humanity's Last Exam - Devshell"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; + }; + + outputs = {nixpkgs, ...}: let + system = "x86_64-linux"; + pkgs = import nixpkgs { + inherit system; + }; + python = pkgs.python312.override { + self = python; + packageOverrides = pyfinal: pyprev: { + huggingface-hub = pyfinal.callPackage ./huggingface_hub.nix {}; + hf-xet = pyfinal.callPackage ./hf-xet.nix {}; + }; + }; + in { + devShells."${system}".default = pkgs.mkShell { + packages = [ + (python.withPackages (pypkgs: [ + pypkgs.huggingface-hub + ])) + ]; + + shell = "${pkgs.bash}/bin/bash"; + shellHook = '' + alias hf=huggingface-cli + ''; + }; + }; +} diff --git a/packages/huggingface_hub/hf-xet.nix b/packages/huggingface_hub/hf-xet.nix new file mode 100644 index 0000000..0f4c631 --- /dev/null +++ b/packages/huggingface_hub/hf-xet.nix @@ -0,0 +1,56 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + pkg-config, + rustPlatform, + openssl, +}: +buildPythonPackage rec { + pname = "hf-xet"; + version = "1.1.5"; + pyproject = true; + + src = fetchFromGitHub { + owner = "huggingface"; + repo = "xet-core"; + tag = "v${version}"; + hash = "sha256-udjZcXTH+Mc4Gvj6bSPv1xi4MyXrLeCYav+7CzKWyhY="; + }; + + sourceRoot = "${src.name}/hf_xet"; + + cargoDeps = rustPlatform.fetchCargoVendor { + inherit + pname + version + src + sourceRoot + ; + hash = "sha256-PTzYubJHFvhq6T3314R4aqBAJlwehOqF7SbpLu4Jo6E="; + }; + + nativeBuildInputs = [ + pkg-config + rustPlatform.cargoSetupHook + rustPlatform.maturinBuildHook + ]; + + buildInputs = [ + openssl + ]; + + env.OPENSSL_NO_VENDOR = 1; + + pythonImportsCheck = ["hf_xet"]; + + # No tests (yet?) + doCheck = false; + + meta = { + description = "Xet client tech, used in huggingface_hub"; + homepage = "https://github.com/huggingface/xet-core/tree/main/hf_xet"; + changelog = "https://github.com/huggingface/xet-core/releases/tag/v${version}"; + license = lib.licenses.asl20; + }; +} diff --git a/packages/huggingface_hub/huggingface_hub.nix b/packages/huggingface_hub/huggingface_hub.nix new file mode 100644 index 0000000..02b03b7 --- /dev/null +++ b/packages/huggingface_hub/huggingface_hub.nix @@ -0,0 +1,62 @@ +/* +* WARNING: Just use `pkgs.python312Packages.huggingface-hub` (or change python version) +* WARNING: I didn't realise it existed when I packaged this. +* +* Nix Resources: +* 1. https://wiki.nixos.org/wiki/Python +* 2. https://nixos.org/manual/nixpkgs/unstable/#developing-with-python +* +* Hugging Face Resources: +* 1. https://github.com/huggingface/huggingface_hub +* 2. https://huggingface.co/docs/huggingface_hub/main/en/guides/cli +*/ +{ + lib, + buildPythonPackage, + fetchPypi, + # build time dependencies + setuptools, + # runtime dependencies + filelock, + fsspec, + hf-xet, + pyyaml, + requests, + tqdm, + typing-extensions, +}: +buildPythonPackage rec { + pname = "huggingface_hub"; + version = "0.34.3"; + + src = fetchPypi { + inherit pname version; + hash = "sha256-1YEw/VqnQISAaBR1SRwKvX6DVEIIL7w+9NRbbDn4OFM="; + }; + + pyproject = true; + doCheck = false; # skip unit testing + pythonImportsCheck = ["huggingface_hub"]; + + # buildtime dependencies + build-system = [ + setuptools + ]; + # runtime dependencies + dependencies = [ + filelock + fsspec + hf-xet + pyyaml + requests + tqdm + typing-extensions + ]; + + meta = rec { + description = "The official Python client for the Huggingface Hub."; + homepage = "https://github.com/huggingface/huggingface_hub"; + changelog = "${homepage}/releases/tag/v${version}"; + license = lib.licenses.asl20; # Apache License 2.0 + }; +} diff --git a/packages/sddm-theme-corners/default.nix b/packages/sddm-theme-corners/default.nix new file mode 100755 index 0000000..b0e3789 --- /dev/null +++ b/packages/sddm-theme-corners/default.nix @@ -0,0 +1,24 @@ +{pkgs}: +pkgs.stdenv.mkDerivation { + name = "sddm-theme-corners"; + version = "1.0.0"; + + installPhase = '' + mkdir -p $out/share/sddm/themes + cp -ar $src/corners $out/share/sddm/themes/ + ''; + src = pkgs.fetchFromGitHub { + owner = "aczw"; + repo = "sddm-theme-corners"; + rev = "6ff0ff455261badcae36cd7d151a34479f157a3c"; + sha256 = "0iiasrbl7ciyhq3z02la636as915zk9ph063ac7vm5iwny8vgwh8"; + }; + + buildInputs = with pkgs; [ + libsForQt5.qt5.qtgraphicaleffects + ]; + + nativeBuildInputs = with pkgs; [ + qt5.wrapQtAppsHook + ]; +} diff --git a/packages/x86-manpages/default.nix b/packages/x86-manpages/default.nix new file mode 100644 index 0000000..b687422 --- /dev/null +++ b/packages/x86-manpages/default.nix @@ -0,0 +1,32 @@ +{pkgs, ...}: +pkgs.stdenv.mkDerivation { + pname = "x86-manpages"; + version = "0.0.1"; + + src = pkgs.fetchFromGitHub { + owner = "ttmo-O"; + repo = "x86-manpages"; + + ## Recommended + # rev = "0e199a8b4d90be7eb715291c21cf41de8527beac"; + # sha256 = "0im596j0pf90npg933gkq6wpw23c47fcwv0n64qfqn5mcy92qbcb"; + rev = "94902f9c45de0efe803c32b6c3e88d6623881866"; + sha256 = "0k6nsfabzqwnhjiyw2kyg0z49nzrsxn515f6dcjh1rn7bzih5562"; + }; + + installPhase = '' + mkdir -p $out/man/man7 + + shopt -u nullglob + for m in man7/*.7; do + install -m 644 "$m" "$out/man/man7" + done + ''; + + meta = with pkgs.lib; { + description = "Manpages for x86 instructions"; + homepage = "https://github.com/ttmo-O/x86-manpages"; + license = licenses.mit; + platforms = platforms.all; + }; +} diff --git a/result b/result deleted file mode 120000 index fab173e..0000000 --- a/result +++ /dev/null @@ -1 +0,0 @@ -/nix/store/clc95m2c889yns3n8c71vfgb1q2qd419-nixos-system-myputer-24.11.20250212.0ff09db \ No newline at end of file diff --git a/scripts/box b/scripts/box new file mode 100755 index 0000000..7f69cb0 --- /dev/null +++ b/scripts/box @@ -0,0 +1,44 @@ +#!/usr/bin/env bash +USAGE="Usage: box [--enter]" + +# ===== Configuration ===== # +DATA_DIR="$HOME/.data/box" +# ========================= # + +function setup { + mkdir -p "$DATA_DIR" &>/dev/null +} + +function box { + mktemp -d + # TODO: use a custom name instead +} + +set -euo pipefail + +ENTER=false +for arg in $@; do + case "$arg" in + -e|--enter) + ENTER=true + shift + ;; + -h|--help) + echo "$USAGE" + ;; + -*) + echo "[!] Unknown opt \"$arg\"" >&2 + ;; + *) + echo "[!] Unknown arg \"$arg\"" >&2 + ;; + esac +done + +setup + +BOX=$(box) + +if [[ "$ENTER" == true ]]; then + cd "$BOX" +fi diff --git a/scripts/fontgrep b/scripts/fontgrep new file mode 100755 index 0000000..6e06a64 --- /dev/null +++ b/scripts/fontgrep @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +function fontgrep { + fc-list \ + | grep $@ \ + | awk '{$1=""; print substr($0, 2, length($0)-1) }' \ + | grep -oE '^\s*[^,]+' \ + | sort \ + | uniq +} + +fontgrep $@ diff --git a/scripts/huhh b/scripts/huhh new file mode 100755 index 0000000..5dbcc81 --- /dev/null +++ b/scripts/huhh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +EXPR_MSG="evaluating derivation" +PROP_MSG="of derivation" + +LOC=$1 +if [ -z $1 ]; then + exec {1}<>"$LOC" +fi + +ERROR_LINE=$(<$LOC grep -nF "error:" \ + | tail -n1 \ + | awk '{print substr($1,1,length($1)-1)}' ) +<$LOC sed -n "$ERROR_LINE,\$p" + +echo "[*] Reason:" +<$LOC grep "evaluating attribute '.*' of derivation" \ + | awk '{ print substr($NF, 2, length($NF)-2), substr($5, 2, length($5)-2)}' diff --git a/scripts/lsyscalls b/scripts/lsyscalls new file mode 100755 index 0000000..5cbd744 --- /dev/null +++ b/scripts/lsyscalls @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +# USAGE: lsyscalls | sort [-nk2] + +echo -e '#include '\ + | cpp -dM \ + | grep "#define __NR_.*[0-9]$" \ + | cut -d_ -f 4- diff --git a/scripts/nix-list-installed b/scripts/nix-list-installed new file mode 100755 index 0000000..5a253b9 --- /dev/null +++ b/scripts/nix-list-installed @@ -0,0 +1,3 @@ +#!/usr/bin/env sh +nix-store -q --references /var/run/current-system/sw \ + | cut -d'-' -f2- diff --git a/scripts/openport b/scripts/openport new file mode 100755 index 0000000..dd6222f --- /dev/null +++ b/scripts/openport @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +# Credit: u/boxofrox https://discourse.nixos.org/u/boxofrox +# Ref: https://discourse.nixos.org/t/how-to-temporarily-open-a-tcp-port-in-nixos/12306/3 +USAGE="[Usage] sudo withport " + +set -ueo pipefail + +open-port() { + local port=$1 + iptables -A INPUT -p tcp --dport $port -j ACCEPT +} + +close-port() { + local port=${1:-0} + iptables -D INPUT -p tcp --dport $port -j ACCEPT +} + +PORT=$1 +if [[ -z "$PORT" ]]; then + echo -e "[!] Port not given\n$USAGE" >&2 + exit 1 +fi +shift; # Drop port argument + +if [[ 0 -eq $# ]]; then + echo -e "[!] Command not given\n$USAGE" >&2 + exit 1 +fi + +open-port $PORT +# Ensure port closes if error occurs. +trap "close-port $PORT" EXIT +# Run the command as user, not root. +runuser -u $SUDO_USER -- "$@" +# Trap will close port. diff --git a/scripts/set-wallpaper b/scripts/set-wallpaper new file mode 100755 index 0000000..2f6b928 --- /dev/null +++ b/scripts/set-wallpaper @@ -0,0 +1,17 @@ +#!/usr/bin/env bash + +# THIS PROGRAM RELIES SOLELY ON `SWWW` + +transition=$1 +wallpaper_path=$2 + +if [[ "$transition" == "wipe" ]]; then + swww img --transition-type wipe --transition-angle 30 --transition-step 90 --transition-fps 60 $wallpaper_path +elif [[ "$transition" == "preview" ]]; then + swww img --transition-type wipe --transition-angle 45 --transition-step 90 --transition-bezier .27,.98,.78,0 --transition-fps 60 $wallpaper_path +elif [[ "$transition" == "circle" ]]; then + swww img --transition-type grow --transition-pos "$(hyprctl cursorpos)" --transition-duration 3 --transition-fps 60 --invert-y $wallpaper_path +else + echo "[!] Unknown transition type \"$transition\"" + exit 1 +fi diff --git a/scripts/testvps b/scripts/testvps new file mode 100755 index 0000000..4382b7d --- /dev/null +++ b/scripts/testvps @@ -0,0 +1,82 @@ +#!/usr/bin/env bash +# Requires: systemctl + +set -u + +function match { + [[ "$1" =~ $2 ]] +} + +function padlen { + local MAX=0 + for KEY in "$@"; do + local LEN=${#KEY} + ((LEN > MAX)) && MAX=$LEN + done + echo $MAX +} + +function pad { + local PAD="$1" + if [ -z "$PAD" ]; then + exit 1 + fi + + for ((i=0; i/dev/null) + if [ -z "$STAT" ]; then + fmt_print "$SERVICE" "$LPAD" "NOTFOUND" + exit 1 + fi + + local STAT_LOADED=$(head -n2 <<< "$STAT" | tail -n1) + # NOTE: "active " intentionally contains right padding + local ENABLED=$(match "$STAT_LOADED" "^\s*Loaded: loaded \(.*; enabled; .*\)" && echo "enabled" || echo "disabled") + local ACTIVE=$(match "$STAT" "\s*Active: active \(running\)" && echo "active " || echo "inactive") + fmt_print "$SERVICE" "$LPAD" "$ACTIVE" "$ENABLED" +) + +function test_services { + local PAD_ALIGN=$(padlen $@) + # fmt_test_service + for SERVICE in "$@"; do + local LPAD=$((PAD_ALIGN - ${#SERVICE})) + fmt_test_service "$SERVICE" $LPAD + done +} + +test_services nginx forgejo vaultwarden diff --git a/scripts/webdev b/scripts/webdev new file mode 100755 index 0000000..9754cdc --- /dev/null +++ b/scripts/webdev @@ -0,0 +1,81 @@ +#!/usr/bin/env bash +USAGE="Usage: webdev [-h|--help] [-q|--quiet] uri|file" + +# NOTE: These can either be set manually here or they +# NOTE: can be exported as environment variables (^-^) +# === Configuration === # +DEFAULT_BROWSER=${DEFAULT_BROWSER:-} +# ===================== # + +# WARNING: Internal use only (do not modify!) +# === Internal Environment === # +QUIET=false +BROWSER="" +LOC="" +LOC_TYPE="" # file or uri +# ============================ # + +# Quiet Echo - doesn't echo if QUIET is set +qecho() { + if [[ "$QUIET" == false ]]; then + echo "$@" + fi +} + +# Argument Parsing +for ARG in $@; do + case $ARG in + -h|--help) + echo "$USAGE" + exit 0 + ;; + -q|--quiet) + QUIET=true + ;; + -*) + echo -e "[!] Unknown option \"$ARG\"\n$USAGE" >&2 + exit 1 + ;; + *) + # first unknown (non-option) argument assumed $LOC + if [[ -n "$LOC" ]]; then + LOC="$OPT" + else + echo "[!] Unknown option \"$ARG\"\n$USAGE" >&2 + exit 1 + fi + ;; + esac +done +# ensure $LOC was set during argparse phase +if [[ -z "$LOC" ]]; then + echo -e "[!] URI or file not specified\n$USAGE" >&2 +fi + +# Use DEFAULT_BROWSER or check XDG default-web-browser or fail +if [[ -n "$DEFAULT_BROWSER" ]]; then + qecho "[+] Browser manually set to $DEFAULT_BROWSER" + qecho " > Skipped checking XDG default-web-browser" +else + qecho "[*] Lookup XDG default-web-browser" + BROWSER=$(xdg-settings get default-web-browser 2>/dev/null) + if [[ $? -eq 0 ]]; then + BROWSER=${BROWSER%%.desktop} + qecho "[+] Browser automatically set to $BROWSER" + else + echo "[!] Unknown browser girlypop :(" >&2 + echo " > Either:" >&2 + echo " > 1. export DEFAULT_BROWSER" >&2 + echo " > 2. run \`xdg-settings set default-web-browser\`" >&2 + exit 1 + fi +fi +echo # linebreak + +# Check if $LOC is a valid path +REALPATH=$(realpath "$LOC" 2>/dev/null) +if [ -f "$REALPATH"]; then + LOC="file://$LOC" # open file directly via "file" protocol +fi +# Substitutions left intentionally unquoted (allows for providing args) +command $BROWSER $LOC diff --git a/snow.nix b/snow.nix new file mode 100644 index 0000000..4d3b575 --- /dev/null +++ b/snow.nix @@ -0,0 +1,71 @@ +{cerulean, ...} @ inputs: +cerulean.mkNexus ./. (self: { + nexus = { + specialArgs = {inherit inputs;}; + + groups = { + # wait.. that's too cold... + cryos = { + # oh frick i cried again + cryde = {}; + }; + # + server = {}; + }; + + nodes = let + inherit + (self.nexus) + groups + ; + in { + # my laptop <3 :3 + lolcathost = { + system = "x86_64-linux"; + groups = [groups.cryos.cryde]; + extraModules = with inputs; [ + grub2-themes.nixosModules.default + nix-flatpak.nixosModules.nix-flatpak + ]; + }; + + # i be on my puter frfr + myputer = { + system = "x86_64-linux"; + groups = [groups.cryos.cryde]; + extraModules = with inputs; [ + grub2-themes.nixosModules.default + nix-flatpak.nixosModules.nix-flatpak + ]; + }; + + # courtesy of aurora <3 + butterfly = { + system = "x86_64-linux"; + groups = [groups.server]; + deploy.ssh = { + host = "dobutterfliescry.net"; + user = "cry"; + port = 42069; + }; + }; + + # pls dont sue me im broke + hyrule = { + system = "x86_64-linux"; + groups = [groups.server]; + deploy.ssh = { + host = "hyrule.dobutterfliescry.net"; + user = "cry"; + }; + }; + + # call me a statistician the way she spreads in my sheets + # matcha = { + # system = "x86_64-linux"; + # groups = [groups.server]; + # deploy.ssh.host = "bedroom.dobutterfliescry.net"; + # }; + }; + }; +})