diff --git a/GUIDE.md b/GUIDE.md new file mode 100644 index 0000000..7666492 --- /dev/null +++ b/GUIDE.md @@ -0,0 +1,109 @@ +# The Nix Documentation Situation +The Nix documentation situation is notorious bad. It's difficult to find +a concise answer with detailed justification/explanation. And most people +(myself included) tend resort to the [ArchWiki](https://wiki.archlinux.org). +> [!NOTE] +> The [Nix documentation team](https://nixos.org/community/teams/documentation) has an incredibly difficult job. + +Unlike the *centralised* [ArchWiki](https://wiki.archlinux.org), the Nix ecosystem +is incredibly large: +1. **Nix** (the package manager) +2. **Nix/NixLang** (the programming language) +3. **Nixpkgs** (the package repository) +4. **NixOS** (the linux distribution) +5. **Home-Manager** (user environment management) +6. **NUR** (Nix User Repository, like the AUR but Nix!) +7. *and **many** more...* + +Often each project has its own website, wiki, styling, etc. There is tonnes +of information available online but its so hard to find it. + +**Notable organisations:** +1. NixOS Foundation (*official organisation that maintains Nix/Nixpkgs/NixOS*) +2. Nix Community (*unofficial community providing infrastructure/hosting/visibility for projects*) + +## About Me +I love and hate Nix simultaneously. + +Originally *(circa 2023)* I used Windows 10/11 exclusively for programming. +But this is tedious and my friend started mentioning Arch Linux. So with their +help I formatted a spare SSD and began my journey. + +But I **REALLY** like computers... I have servers, routers, 3 computers +actively powered in my bedroom, and *I believe* 8 laptops *currently* in my posession. + +Documenting **every** change I make to a system and spending a week +setting up a device I don't really care about isn't sustainable. +And then *(circa October 2024)* I learnt about NixOS... And now life is "easy". +But learning Nix/NixLang/Nixpkgs/NixOS/Home-Manager/blah-blah-blah was exhausting. +So now I'll try to simplify this learning curve for other newbies **<3** + + +## Nix/NixOS How To +### NixOS Documentation +Using "the" NixOS wiki is surprisingly confusing (at least it was for me). +Why? Because there are multiple and you probably won't realise the difference. + +**Main Wikis:** +> These are visually and structurally identical... And are both community run. +> But they're content does differ. [nixos.wiki] was created +> because ""[wiki.nixos.org] was too limiting with regards to wiki features". +1. [https://wiki.nixos.org] (the **official** NixOS wiki) +2. [https://nixos.wiki] (the **unofficial** user's wiki, community run) + + +**Other Resources:** +> [!TODO] + + +### Migrate to a Newer Version of Nixpkgs +```bash +# Determine the channel name you're using +nix-channel --list +nix-channel --remove +nix-channel --add # ie https://nixos.org/channels/nixos-25.05 +nix-channel --update + +# Now upgrade system profile (log to file in case of failure) +nixos-rebuild boot --upgrade | tee rebuild.log +``` + + + +## Security Implications +### NixOS Default Home Permissions +```bash +# Executing from $HOME +>>> mkdir example.d && ls -l example.d +-rw-r--r-- 1 me users 1 Jul 25 10:13 example.d +>>> echo > example.f && ls -l example.f +-rw-r--r-- 1 me users 1 Jul 25 10:15 example.f + +## But these ignore facl? +>>> getfacl "$HOME" +# file: home/me +# owner: me +# group: users +user::rwx +group::--- +other::--- +``` +Many commands default to permissions that ignore the file access control listl (file ACLs). +This is not a NixOS specific issue. However this isn't ideal from a security perspective. +The simplest solution is a recursive `chmod -R 600 ~` but there are plenty of files we +intentionally want to be different. +> [!TODO] +> Solution: Make a Nix/Home-Manager package allowing for control over folder permissions. +> SOlution: Also it should warn if any files owned by $USER have a 2 + + + +## Further Reading +### Finding New Things to Do +`man 5 configuration.nix` is incredibly useful + similar info can be found at https://mynixos.com/options + +### For your curiosity +1. https://wiki.nixos.org/wiki/Firejail + + diff --git a/TODO b/TODO new file mode 100644 index 0000000..bb8e65c --- /dev/null +++ b/TODO @@ -0,0 +1,33 @@ +## Next Up +0. Rename TODO -> TODO.md +1. Rename user "ae" to "cry" or "vps" +2. Add 404 page to nginx on hyrule +3. Add a user called "mirror" that stores important mirrors (inspiration: https://git.gay/mirror) + +## TODO +SOON: fix having to keep specifying new sha256 for home-manager (where I fetchTarball for it) + +Create a command palette accessible with MOD+P (MOD => Windows Key) + (ie make fullscreen, send to monitor, etc) + +Boring stuff (ie work and uni should go on a separate user account) + on in some separate $HOME atleast + +Is home-manager installed standalone? If so please remove that... + +Rewrite the README.md file its all over the place (add more structure to the `docs` directory instead) + +Add a MAC Changer module like +https://github.com/XNM1/linux-nixos-hyprland-config-dotfiles/blob/main/nixos/mac-randomize.nix + +Make each monitor's window styling slightly different (just for fun) + +Research "input methods" ie https://wiki.archlinux.org/title/Input_method + +Bind 5 workspaces per connected monitor. + Then use the command palette (discussed prior) to send to + a different workspace (ie because I currently use MOD+SHIFT+n + but if n>=10 then it doesnt work! hence we need a command palette!) + +Can I run openvpn only for a specific proccess and its children? + then ie run qbittorrent (just in case the VPN isnt private) diff --git a/TODO.md b/TODO.md deleted file mode 100644 index 52635fc..0000000 --- a/TODO.md +++ /dev/null @@ -1,10 +0,0 @@ -- [ ] Update the README.md -- [ ] switch ssh keys to ECC (fuck RSA) - -- [ ] migrate forge.dobutterfliescry.net -> tearforge.net -- [ ] rename forgejo user to git -- [ ] setup my own VPN -- [ ] connect match to my VPN -- [ ] use matcha to build stuff instead of using my laptop - -- [ ] make `ceru` do local and remote deployments diff --git a/config.temp/hyprland.conf b/config.temp/hyprland.conf new file mode 100755 index 0000000..864b184 --- /dev/null +++ b/config.temp/hyprland.conf @@ -0,0 +1,371 @@ +# All hyprland configuration variables are listed (even niche ones) +# to save you the hassle. Reference: https://wiki.hypr.land/Configuring/Variables/ +# +# You can split this configuration into multiple files +# Create your files separately and then link them to this file like this: +# source = ~/.config/hypr/myColors.conf + + +################ +### MONITORS ### +################ + +# Programming: +monitor=eDP-1, highres@highrr, auto, 1.0 +# Comfy: +#monitor=eDP-1, highres@highrr, auto, 1.5 + + +################### +### MY PROGRAMS ### +################### + +# See https://wiki.hyprland.org/Configuring/Keywords/ + +# Set programs that you use +$terminal = ghostty #rio +$fileManager = thunar +#$menu = wofi --show drun +$menu = ags -t "applauncher" +$colorpicker = hyprpicker | head -c 7 | wl-copy + +################# +### AUTOSTART ### +################# + +# Autostart necessary processes (like notifications daemons, status bars, etc.) +# Or execute your favorite apps at launch like this: + +# exec-once = $terminal +# exec-once = nm-applet & +# exec-once = waybar & hyprpaper & firefox +exec-once = swww-daemon & +# TODO: or do I do `swww init` or `swww restore`? + +# █▀▀ █▄░█ █░█   █░█ ▄▀█ █▀█ +# ██▄ █░▀█ ▀▄▀   ▀▄▀ █▀█ █▀▄ + +# See https://wiki.hyprland.org/Configuring/Environment-variables/ + +#env = HYPRCURSOR_THEME,Bibata-Modern-Ice +env = HYPRCURSOR_SIZE,16 +#env = XCURSOR_THEME,Bibata-Modern-Ice +env = XCURSOR_SIZE,16 + +env = QT_QPA_PLATFORM,wayland +env = QT_QPA_PLATFORMTHEME,qt5ct +env = XDG_MENU_PREFIX,arch- + +# TODO: make this variable (not dependent on helix) in my flake +env = EDITOR,hx +env = TERMINAL,rio + + + + +# DEBUG: attempting to get screensharing working... (please god help me) +# REFERENCE: https://github.com/hyprwm/xdg-desktop-portal-hyprland/issues/251#issuecomment-2345631820 +env = XDG_CURRENT_DESKTOP,Hyprland +exec-once = dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP +#exec-once = dbus-update-activation-environment --systemd --all +#exec-once = systemctl --user import-environment WAYLAND_DISPLAY XDG_CURRENT_DESKTOP + + + +# .__. .___ __..___. . . .___ .___. ._. __ __. +# [__] [__ (__ | |__| [__ | | / ` (__ +# | | [___ .__) | | | [___ | _|_ \__. .__) + +# Refer to https://wiki.hyprland.org/Configuring/Variables/ + +# https://wiki.hyprland.org/Configuring/Variables/#general +general { + gaps_in = 12 # margin between windows + gaps_out = 25 # margin from windows to monitor edge + gaps_workspaces = 0 # margin between workspaces (stacks with gaps_out) + # float_gaps = 0 # gaps_out but for floating windows + + border_size = 4 + + # https://wiki.hyprland.org/Configuring/Variables/#variable-types for info about colors + col.active_border = rgba(33ccffee) rgba(00ff99ee) 45deg + col.inactive_border = rgba(00000000) + + # Set to true enable resizing windows by clicking and dragging on borders and gaps + resize_on_border = true + + # Please see https://wiki.hyprland.org/Configuring/Tearing/ before you turn this on + allow_tearing = false + + layout = dwindle + + snap { + enabled = false + window_gap = 10 + monitor_gap = 10 + border_overlap = false + # respect_gaps = false + } +} + +# https://wiki.hyprland.org/Configuring/Variables/#decoration +decoration { + rounding = 20 + rounding_power = 4.0 # Lp norm + border_part_of_window = true # consider border as part of its window + screen_shader = # path to custom GLSL fragment shader + + # Window Transparency + active_opacity = 1.0 + inactive_opacity = 0.95 + fullscreen_opacity = 1.0 # fullscreened windows + # Inactive Window Dimming + dim_inactive = false + dim_strength = 0.5 + dim_special = 0.2 + dim_around = 0.4 + + # https://wiki.hyprland.org/Configuring/Variables/#blur + blur { + enabled = true + new_optimizations = true + xray = false # floating windows xray through tiling windows + ignore_opacity = true + + # Blur Parameters + size = 8 + passes = 1 + noise = 0.0117 # default + contrast = 0.8916 # default + brightness = 0.8172 # default + vibrancy = 0.1696 # default + vibrancy_darkness = 0.0 # default + + # Blurring For Specific Window Types + special = false # blur special windows + popups = false # blur popups + popups_ignorealpha = 0.2 + input_methods = false + input_methods_ignorealpha = 0.2 + } + + shadow { + enabled = true + ignore_window = true # only render at edges (not behind) + + range = 3 + render_power = 1 # falloff rate + sharp = false # aka infinite shadow.render_power + offset = 0 0 # vec2 + scale = 1.0 + + color = rgba(00000000) + color_inactive = rgba(000000ff) # defaults to shadow.color if unset + } +} + +# https://wiki.hyprland.org/Configuring/Variables/#animations +animations { + enabled = yes, please :) + + # Animation Declaration Format: + # "animation = NAME, ENABLE, SPEED, BEZIER [,STYLE]" + # SPEED: in ds (where 1ds = 100ms) + + # Default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more + + bezier = easeOutQuint,0.23,1,0.32,1 + bezier = easeInOutCubic,0.65,0.05,0.36,1 + bezier = linear,0,0,1,1 + bezier = almostLinear,0.5,0.5,0.75,1.0 + bezier = quick,0.15,0,0.1,1 + + animation = global, 1, 10, default + animation = border, 1, 5.39, easeOutQuint + + #animation = windows, 1, 4.79, easeOutQuint + #animation = windowsIn, 1, 4.1, easeOutQuint, popin 87% + animation = windowsIn, 1, 4, linear, slide bottom + # animation = windowsOut, 1, 1.49, linear, popin 87% + animation = windowsOut, 1, 10, linear, popin + + animation = fadeIn, 1, 1.73, almostLinear + animation = fadeOut, 1, 1.46, almostLinear + animation = fade, 1, 3.03, quick + + animation = layers, 1, 3.81, easeOutQuint + animation = layersIn, 1, 4, easeOutQuint, fade + animation = layersOut, 1, 1.5, linear, fade + + animation = fadeLayersIn, 1, 1.79, almostLinear + animation = fadeLayersOut, 1, 1.39, almostLinear + + animation = workspaces, 1, 1.94, almostLinear, fade + animation = workspacesIn, 1, 1.21, almostLinear, fade + animation = workspacesOut, 1, 1.94, almostLinear, fade +} + +# Ref https://wiki.hyprland.org/Configuring/Workspace-Rules/ +# "Smart gaps" / "No gaps when only" +# uncomment all if you wish to use that. +# workspace = w[t1], gapsout:0, gapsin:0 +# workspace = w[tg1], gapsout:0, gapsin:0 +# workspace = f[1], gapsout:0, gapsin:0 +# windowrulev2 = bordersize 0, floating:0, onworkspace:w[t1] +# windowrulev2 = rounding 0, floating:0, onworkspace:w[t1] +# windowrulev2 = bordersize 0, floating:0, onworkspace:w[tg1] +# windowrulev2 = rounding 0, floating:0, onworkspace:w[tg1] +# windowrulev2 = bordersize 0, floating:0, onworkspace:f[1] +# windowrulev2 = rounding 0, floating:0, onworkspace:f[1] + +# See https://wiki.hyprland.org/Configuring/Dwindle-Layout/ for more +dwindle { + pseudotile = true # Master switch for pseudotiling. Enabling is bound to MOD + P in the keybinds section below + preserve_split = true # You probably want this +} + +# See https://wiki.hyprland.org/Configuring/Master-Layout/ for more +master { + new_status = master +} + +# https://wiki.hyprland.org/Configuring/Variables/#misc +misc { + #force_default_wallpaper = -1 # Set to 0 or 1 to disable the anime mascot wallpapers + disable_hyprland_logo = true # If true disables the random hyprland logo / anime girl background. :( + disable_splash_rendering = true +} + + +############# +### INPUT ### +############# + +# https://wiki.hyprland.org/Configuring/Variables/#input +input { + kb_layout = us + kb_variant = + kb_model = + kb_options = + kb_rules = + + follow_mouse = 1 + + sensitivity = 0 # -1.0 - 1.0, 0 means no modification. + + touchpad { + natural_scroll = false + } +} + +# https://wiki.hyprland.org/Configuring/Variables/#gestures +gestures { + workspace_swipe = true +} + +# Example per-device config +# See https://wiki.hyprland.org/Configuring/Keywords/#per-device-input-configs for more +#device { +# name = epic-mouse-v1 +# sensitivity = -0.5 +#} + + +################### +### KEYBINDINGS ### +################### + +# See https://wiki.hyprland.org/Configuring/Keywords/ +$MOD = SUPER # Sets "Windows" key as main modifier + +# Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more +bind = $MOD, RETURN, exec, $terminal +bind = $MOD, E, exec, $fileManager +bind = $MOD, R, exec, $menu +bind = $MOD, H, exec, $colorpicker + +bind = $MOD, F, fullscreen +bind = $MOD, V, togglefloating, +bind = $MOD, P, pseudo, # dwindle +bind = $MOD, J, togglesplit, # dwindle + +bind = $MOD, C, killactive, +#bind = $MOD, M, exit, + +# Move focus with MOD + arrow keys +bind = $MOD, left, movefocus, l +bind = $MOD, right, movefocus, r +bind = $MOD, up, movefocus, u +bind = $MOD, down, movefocus, d + +# Switch workspaces with MOD + [0-9] +bind = $MOD, 1, workspace, 1 +bind = $MOD, 2, workspace, 2 +bind = $MOD, 3, workspace, 3 +bind = $MOD, 4, workspace, 4 +bind = $MOD, 5, workspace, 5 +bind = $MOD, 6, workspace, 6 +bind = $MOD, 7, workspace, 7 +bind = $MOD, 8, workspace, 8 +bind = $MOD, 9, workspace, 9 +bind = $MOD, 0, workspace, 10 + +# Move active window to a workspace with MOD + SHIFT + [0-9] +bind = $MOD SHIFT, 1, movetoworkspace, 1 +bind = $MOD SHIFT, 2, movetoworkspace, 2 +bind = $MOD SHIFT, 3, movetoworkspace, 3 +bind = $MOD SHIFT, 4, movetoworkspace, 4 +bind = $MOD SHIFT, 5, movetoworkspace, 5 +bind = $MOD SHIFT, 6, movetoworkspace, 6 +bind = $MOD SHIFT, 7, movetoworkspace, 7 +bind = $MOD SHIFT, 8, movetoworkspace, 8 +bind = $MOD SHIFT, 9, movetoworkspace, 9 +bind = $MOD SHIFT, 0, movetoworkspace, 10 + +# Example special workspace (scratchpad) +bind = $MOD, S, togglespecialworkspace, magic +bind = $MOD SHIFT, S, movetoworkspace, special:magic + +# Scroll through existing workspaces with MOD + scroll +bind = $MOD, mouse_up, workspace, e-1 +bind = $MOD, mouse_down, workspace, e+1 +# Or with the keyboard +bind = $MOD SHIFT, left, workspace, e-1 +bind = $MOD SHIFT, right, workspace, e+1 + +# Move/resize windows with MOD + LMB/RMB and dragging +bindm = $MOD, mouse:272, movewindow +bindm = $MOD, mouse:273, resizewindow + +# Laptop multimedia keys for volume and LCD brightness +bindel = ,XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+ +bindel = ,XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%- +bindel = ,XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle +bindel = ,XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle +bindel = ,XF86MonBrightnessUp, exec, brightnessctl s 10%+ +bindel = ,XF86MonBrightnessDown, exec, brightnessctl s 10%- + +# Requires playerctl +bindl = , XF86AudioNext, exec, playerctl next +bindl = , XF86AudioPause, exec, playerctl play-pause +bindl = , XF86AudioPlay, exec, playerctl play-pause +bindl = , XF86AudioPrev, exec, playerctl previous + +############################## +### WINDOWS AND WORKSPACES ### +############################## + +# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more +# See https://wiki.hyprland.org/Configuring/Workspace-Rules/ for workspace rules + +# Example windowrule v1 +# windowrule = float, ^(kitty)$ + +# Example windowrule v2 +# windowrulev2 = float,class:^(kitty)$,title:^(kitty)$ + +# Ignore maximize requests from apps. You'll probably like this. +windowrulev2 = suppressevent maximize, class:.* + +# Fix some dragging issues with XWayland +windowrulev2 = nofocus,class:^$,title:^$,xwayland:1,floating:1,fullscreen:0,pinned:0 diff --git a/deploy b/deploy new file mode 100755 index 0000000..911d054 --- /dev/null +++ b/deploy @@ -0,0 +1,82 @@ +#!/usr/bin/env bash +set -e + +# TODO: use `nixos-rebuild build-vm` + +usage="Usage: $(basename $0) [OPTIONS] + +Options: + -f, --fresh Remove old content in the nixstore (good for debugging) + -b, --bootloader Reinstall the bootloader + -r, --remote Locally build and remotely deploy Colmena hive + -h, --help Show this message (^_^)" + +# delete all cached entries +# to make the system from scratch +collect_garbage () { + sudo nix-collect-garbage --delete-old +} + +rebuild_flake () { + # make sure all changes are visible to nixos + git add . --verbose + local FLAGS= + if [ "$1" = "reinstall-bootloader" ]; then + FLAGS="--install-bootloader" + # sudo nixos-rebuild switch --flake . --install-bootloader + # STC_DISPLAY_ALL_UNITS=1 (verbose, show output of all units) + fi + + # LOG="$(mktemp /tmp/rebuild-XXXXXXXX)" + LOG="./rebuild.log" + echo "[*] Logging to $LOG" + sudo nixos-rebuild switch --flake . $FLAGS 2>&1 | tee "$LOG" + #nixos-rebuild build --flake .# --cores 8 -j 1 +} + +deploy_hive () { + echo "[+] Adding keys to ssh-agent" + ssh-add ~/.ssh/id_hyrule + printf "\n" + + git add . --verbose + # Deploy to all Colmena hives + colmena build --experimental-flake-eval + colmena apply --experimental-flake-eval + # colmena apply --on hyrule --experimental-flake-eval +} + +# check which flags were given +flag_fresh=false +flag_bootloader=false +for flag in "$@"; do + case "$flag" in + -r|--remote) + deploy_hive + exit 0 ;; + -f|--fresh) + flag_fresh=true ;; + -b|--bootloader) + flag_bootloader=true ;; + -h|--help) + echo "$usage" + exit 0 ;; + *) + echo "[!] Unknown flag \"$flag\"" + exit 1 ;; + esac +done + +# delete cached items in nixstore +if [ "$flag_fresh" = true ]; then + collect_garbage + exit 0 +fi + +# nixos-rebuild switch ... +if [ "$flag_bootloader" = true ]; then + collect_garbage + rebuild_flake "reinstall-bootloader" +else + rebuild_flake +fi diff --git a/docs/DEVDOC.md b/docs/DEVDOC.md new file mode 100644 index 0000000..4b8567e --- /dev/null +++ b/docs/DEVDOC.md @@ -0,0 +1,25 @@ +## Users + +#### me +My main personal account, used on my PC and laptop. +Contains a hyprland graphical environment by default. + +#### ae +Primary account on my servers. Contains the bare +essentials for my work, no graphical environment. + + +#### friends +A simple account I let me friends connect to. +Limited functionality, mostly just for letting +them test small things or for giving them files. + + +## Setup Guide +##### Adding a New Server +Enable an ssh server on the remote host, then on the +local machine set `.ssh/config` to have a profile for +your desired host and have a key pair that's authorised +to your desired user. + +NOTE: these keys must have permission 600 (only readable/writable by you) diff --git a/docs/DEV_ENV.md b/docs/DEV_ENV.md new file mode 100644 index 0000000..65e8bb0 --- /dev/null +++ b/docs/DEV_ENV.md @@ -0,0 +1,67 @@ +This file will document what features I believe I need +for NixOS to be a good development environment. + + +Issues I've encountered: +- [X] Audio not working +- [X] Tesseract is a pain in the ass to setup on Nix +- [ ] ags no longer supports `-t` flag, so applauncher won't work, requires switching to Astral +- [ ] script to enable/disable passwordless sudo + +- [X] Move Emile.Vault to new vault (I lost the password...) + +- [X] Add a simple and ugly bar + +- [ ] Install powertop (funny name) for monitoring power usage by processes +- [ ] Try to make my battery life bettery + +- [ ] Apply for JetBrains student license +- [ ] JetBrains Rider and VSCodium for C# +2. Imperative development environment behind NixOS (declarative), +similar to python's virtualenv but for the entirety of my system. + +- [X] Call my wishlist command "subspace (highway)" (Scott Pilgrim reference) + +- [ ] Create a GitHub profile readme like this persons: + https://github.com/yuyudhn +- [ ] Set a new GitHub profile picture (like github:@Vendicated) + artists credit: https://dotpict.net/users/1598051 +- [ ] Change GitHub location to /dev/zero, /dev/null, www, World Wide Web, etc +- [ ] Clean up my GitHub profile (only have things I'm proud of) + +- [X] Put a template website on my VPS +- [ ] Put a neoweb-esque webiste on my VPS +- [ ] Host a blog on my VPS + +- [ ] Clean laptop and PC, there's tons of unnecessary files and documents now +- [ ] Clean nixdots repo, start modularising it ^_^ +- [ ] Disable `allowUnfree` in nixdots everywhere, if a program needs it then they + can `mkForce` override it + +- [X] Add LSP for Nix in helix +- [ ] Make a way for me to put my laptop in a low power state, doing very specific actions like: + 1. disabling LSP use by default temporarily + +- [ ] Add https://github.com/levnikmyskin/hyprland-virtual-desktops + +TODO: +- [X] make btop theming declarative +- [X] Merge laptop and PC dotfiles repos +- [ ] declaratively install themes for gitkraken using home-manager + +Cool Technologies: +- wishlist (by charmbracelet) +- Vaultwarden server + Keyguard client +- devbox + + + +Random Idea List: +- [ ] powertop is cool but it's outdated and ugly, make a prettier one with charmbracelet's tui library + and call it powerbtm lmao +- [ ] Blog Post: a modern alternative to the suckless philosphy, + why GNU keeps failing cause their programs are amazing but + aren't designed for humans. suckless programs are excellent + too when writing shell scripts, but they suck in dev environments. + The solution is to gamify our code and focus on aesthetics + and "ergonomics" (usability) like what CharmBracelet does diff --git a/docs/PROBLEMLOG.md b/docs/PROBLEMLOG.md new file mode 100644 index 0000000..5b0e3a6 --- /dev/null +++ b/docs/PROBLEMLOG.md @@ -0,0 +1,5 @@ +180GB of disk space were used by my system which seemed absurd. Running the NixOS +garbage collector only removed 7GB. The rest was found via: +`du -hs ./.local/share/Games/drive_c/Program\ Files\ \(x86\)/Steam/dumps/reports/*` +tldr: there were 2714 30MB crash report files generated every minute of May 2nd 2025 (10 days ago) + SOLUTION: delete them all and hope it doesn't happen again diff --git a/docs/TODO.md b/docs/TODO.md new file mode 100755 index 0000000..f498088 --- /dev/null +++ b/docs/TODO.md @@ -0,0 +1,91 @@ +Get Utilities: +1. httpie +2. curlie +3. zoxide +4. doggo + +1. Get helix editor +2. Custom helix +3. Complete helix tutorial + +Get nixcord working +Get thunar working +Set a GTK theme & icon theme +Get better wallpapers +Get hyprcursor working with Bibata-Modern-Ice + +Get a GRUB theme working +Get SDDM and a theme working + +Make a custom hyprlock screen + +Get AGS working +Make an applauncher in AGS +Remove hyprland splash screen on init +Made lolcathost home modular + +Overtime just install more programs that I need regularly: ie +- btop/htop/etc + +Get GTK Bibata Cursors to be the same size as my system cursor (NOT SURE WHAT I DID...) + + +Get waybar (or another bar) working + +Get a QT theme + +Fix pipewire audio sometimes working and sometimes not :( + +Bind new terminal to SUPER+Enter instead of SUPER+Q + +Join Rio Terminal's discord and ask if they support nerdfonts or if I'm doing something wrong + + + +Change Dell loading screen (Boot Graphics Resource Table, aka BGRT) + + + + +Fix: your 131072x1 screen size is bogus. expect trouble + + + +Search for all "TODO" items in my nix dotfiles + +Push nixdots to github + + + + +Check out the Ekala Project (I joined their discord server) + + +Create a program that enables/disables passwordless sudo access + (add to github too) + +Learn to package my own home-manager modules + + + + +Ideal Features: +1. AI assistant +2. searching can also be used to calculate stuff (like I do on my iPad) + + + + +Fork nixcord and fix documentation (the installation is confusing) +But firstly the first code snippet is wrong... +```nix +inputs.nixcord = { + url = "github:kaylorben/nixcord" +}; +``` +Should actually be +```nix +inputs.nixcord = { + url = "github:kaylorben/nixcord"; # dont forget the semicolon +}; +``` diff --git a/docs/TODO_UI.md b/docs/TODO_UI.md new file mode 100755 index 0000000..34b5246 --- /dev/null +++ b/docs/TODO_UI.md @@ -0,0 +1,3 @@ +1. Create more themes for my applauncher +2. Create more themes for hyprlock + check out: https://github.com/MrVivekRajan/Hyprlock-Styles diff --git a/docs/inspiration.md b/docs/inspiration.md new file mode 100755 index 0000000..fdb73ab --- /dev/null +++ b/docs/inspiration.md @@ -0,0 +1,12 @@ +Godlike + https://github.com/end-4/dots-hyprland + +Gorgeous + https://github.com/prasanthrangan/hyprdots + +Very nice + https://github.com/linuxmobile/hyprland-dots + + +I love their hyprpanel! + https://www.reddit.com/r/unixporn/comments/1ha3mjw/hyprlandnixos_is_the_pretty_ucking_solid_i_love/ diff --git a/docs/nixos_notes.md b/docs/nixos_notes.md new file mode 100644 index 0000000..e396b10 --- /dev/null +++ b/docs/nixos_notes.md @@ -0,0 +1,2 @@ +Building specific parts of a NixOS system +https://nixos.org/manual/nixos/stable/#sec-building-parts diff --git a/flake.lock b/flake.lock index 26fea2d..4785725 100644 --- a/flake.lock +++ b/flake.lock @@ -1,91 +1,55 @@ { "nodes": { - "cerulean": { + "ags": { "inputs": { - "deploy-rs": "deploy-rs", - "home-manager": "home-manager", - "microvm": "microvm", - "nixpkgs": [ - "nixpkgs" - ], - "nt": [ - "nt" - ], - "systems": [ - "systems" - ] + "nixpkgs": "nixpkgs", + "systems": "systems" }, "locked": { - "lastModified": 1771194110, - "narHash": "sha256-x6rijGWmPL5FTpkr+8vpcKKCOT33QHEV8bP6ibEAXFE=", - "owner": "cry128", - "repo": "Cerulean", - "rev": "d527937829dec0f410f126a2f85e374cb99a2fbb", + "lastModified": 1728326430, + "narHash": "sha256-tV1ABHuA1HItMdCTuNdA8fMB+qw7LpjvI945VwMSABI=", + "owner": "Aylur", + "repo": "ags", + "rev": "60180a184cfb32b61a1d871c058b31a3b9b0743d", "type": "github" }, "original": { - "owner": "cry128", - "repo": "Cerulean", + "owner": "Aylur", + "repo": "ags", "type": "github" } }, - "deploy-rs": { + "colmena": { "inputs": { "flake-compat": "flake-compat", - "nixpkgs": [ - "cerulean", - "nixpkgs" - ], - "utils": "utils" + "flake-utils": "flake-utils", + "nix-github-actions": "nix-github-actions", + "nixpkgs": "nixpkgs_2", + "stable": "stable" }, "locked": { - "lastModified": 1766051518, - "narHash": "sha256-znKOwPXQnt3o7lDb3hdf19oDo0BLP4MfBOYiWkEHoik=", - "owner": "serokell", - "repo": "deploy-rs", - "rev": "d5eff7f948535b9c723d60cd8239f8f11ddc90fa", + "lastModified": 1734374287, + "narHash": "sha256-rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc=", + "owner": "zhaofengli", + "repo": "colmena", + "rev": "47b6414d800c8471e98ca072bc0835345741a56a", "type": "github" }, "original": { - "owner": "serokell", - "repo": "deploy-rs", + "owner": "zhaofengli", + "repo": "colmena", + "rev": "47b6414d800c8471e98ca072bc0835345741a56a", "type": "github" } }, - "dobutterfliescry-net": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ], - "nixpkgs-unstable": [ - "nixpkgs-unstable" - ], - "systems": [ - "systems" - ] - }, - "locked": { - "lastModified": 1770947070, - "narHash": "sha256-g/l/iUET/M+nSrXlwYF2e0KeKqgGpjy3qhwQY4tG62A=", - "ref": "refs/heads/main", - "rev": "4fc28bfb4f95071d34184c7ba3153eaff87eba41", - "revCount": 121, - "type": "git", - "url": "https://forge.dobutterfliescry.net/cry/site" - }, - "original": { - "type": "git", - "url": "https://forge.dobutterfliescry.net/cry/site" - } - }, "flake-compat": { "flake": false, "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", "owner": "edolstra", "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", "type": "github" }, "original": { @@ -94,72 +58,31 @@ "type": "github" } }, - "flake-compat_2": { + "flake-utils": { "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", - "revCount": 69, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1769996383, - "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "57928607ea566b5db3ad13af0e57e921e6b12381", + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", "type": "github" }, "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "nt", - "nix-unit", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1762440070, - "narHash": "sha256-xxdepIcb39UJ94+YydGP221rjnpkDZUlykKuF54PsqI=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "26d05891e14c88eb4a5d5bee659c0db5afb609d8", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", + "owner": "numtide", + "repo": "flake-utils", "type": "github" } }, "grub2-themes": { "inputs": { - "nixpkgs": [ - "nixpkgs" - ] + "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1757136219, - "narHash": "sha256-tKU+vq34KHu/A2wD7WdgP5A4/RCmSD8hB0TyQAUlixA=", + "lastModified": 1730004881, + "narHash": "sha256-8xVIqIW25o2uCL0fxAmP4Sj9sdebarQXmd1+64yMe8o=", "owner": "vinceliuice", "repo": "grub2-themes", - "rev": "80dd04ddf3ba7b284a7b1a5df2b1e95ee2aad606", + "rev": "42c232dfb46bf93c17506cbc1a574e5e89b5e09f", "type": "github" }, "original": { @@ -168,101 +91,19 @@ "type": "github" } }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "cerulean", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1770260404, - "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-25.11", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1770260404, - "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-25.11", - "repo": "home-manager", - "type": "github" - } - }, - "microvm": { - "inputs": { - "nixpkgs": [ - "cerulean", - "nixpkgs" - ], - "spectrum": "spectrum" - }, - "locked": { - "lastModified": 1770310890, - "narHash": "sha256-lyWAs4XKg3kLYaf4gm5qc5WJrDkYy3/qeV5G733fJww=", - "owner": "microvm-nix", - "repo": "microvm.nix", - "rev": "68c9f9c6ca91841f04f726a298c385411b7bfcd5", - "type": "github" - }, - "original": { - "owner": "microvm-nix", - "repo": "microvm.nix", - "type": "github" - } - }, - "nix-flatpak": { - "locked": { - "lastModified": 1767983141, - "narHash": "sha256-7ZCulYUD9RmJIDULTRkGLSW1faMpDlPKcbWJLYHoXcs=", - "owner": "gmodena", - "repo": "nix-flatpak", - "rev": "440818969ac2cbd77bfe025e884d0aa528991374", - "type": "github" - }, - "original": { - "owner": "gmodena", - "ref": "latest", - "repo": "nix-flatpak", - "type": "github" - } - }, "nix-github-actions": { "inputs": { "nixpkgs": [ - "nt", - "nix-unit", + "colmena", "nixpkgs" ] }, "locked": { - "lastModified": 1737420293, - "narHash": "sha256-F1G5ifvqTpJq7fdkT34e/Jy9VCyzd5XfJ9TO8fHhJWE=", + "lastModified": 1729742964, + "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", "owner": "nix-community", "repo": "nix-github-actions", - "rev": "f4158fa080ef4503c8f4c820967d946c2af31ec9", + "rev": "e04df33f62cdcf93d73e9a04142464753a16db67", "type": "github" }, "original": { @@ -271,90 +112,29 @@ "type": "github" } }, - "nix-unit": { - "inputs": { - "flake-parts": "flake-parts_2", - "nix-github-actions": "nix-github-actions", - "nixpkgs": [ - "nt", - "nixpkgs" - ], - "treefmt-nix": "treefmt-nix" - }, - "locked": { - "lastModified": 1762774186, - "narHash": "sha256-hRADkHjNt41+JUHw2EiSkMaL4owL83g5ZppjYUdF/Dc=", - "owner": "nix-community", - "repo": "nix-unit", - "rev": "1c9ab50554eed0b768f9e5b6f646d63c9673f0f7", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nix-unit", - "type": "github" - } - }, - "nixcord": { - "inputs": { - "flake-compat": "flake-compat_2", - "flake-parts": "flake-parts", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1770943752, - "narHash": "sha256-3vWAy2BCP5liaCEKmeqeVWbTCF/JnukgMOg8qf8mCcg=", - "owner": "FlameFlag", - "repo": "nixcord", - "rev": "aa1626057e57eca3686fbc1c3e2ddfde884c6b2a", - "type": "github" - }, - "original": { - "owner": "FlameFlag", - "repo": "nixcord", - "type": "github" - } - }, "nixpkgs": { "locked": { - "lastModified": 1770770419, - "narHash": "sha256-iKZMkr6Cm9JzWlRYW/VPoL0A9jVKtZYiU4zSrVeetIs=", - "owner": "nixos", + "lastModified": 1725634671, + "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "6c5e707c6b5339359a9a9e215c5e66d6d802fd7a", + "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-25.11", + "owner": "NixOS", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1769909678, - "narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "72716169fe93074c333e8d0173151350670b824c", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, "nixpkgs-unstable": { "locked": { - "lastModified": 1770841267, - "narHash": "sha256-9xejG0KoqsoKEGp2kVbXRlEYtFFcDTHjidiuX8hGO44=", + "lastModified": 1753939845, + "narHash": "sha256-K2ViRJfdVGE8tpJejs8Qpvvejks1+A4GQej/lBk5y7I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ec7c70d12ce2fc37cb92aff673dcdca89d187bae", + "rev": "94def634a20494ee057c76998843c015909d6311", "type": "github" }, "original": { @@ -366,152 +146,89 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1767313136, - "narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=", + "lastModified": 1734119587, + "narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d", + "rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5", "type": "github" }, "original": { "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1730808093, + "narHash": "sha256-oOenwoxpzQsBNi7KltgnXqq6e0+CxlfNXKn3k27w6cQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c1a390f74b2c93f69a6805142f11a215a689cec1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1752620740, + "narHash": "sha256-f3pO+9lg66mV7IMmmIqG4PL3223TYMlnlw+pnpelbss=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "32a4e87942101f1c9f9865e04dc3ddb175f5f32e", + "type": "github" + }, + "original": { + "owner": "nixos", "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } }, - "nt": { - "inputs": { - "nix-unit": "nix-unit", - "nixpkgs": "nixpkgs_2", - "systems": "systems_2" - }, - "locked": { - "lastModified": 1770975056, - "narHash": "sha256-ZXTz/P3zUbbM6lNXzt91u8EwfNqhXpYMu8+wvFZqQHE=", - "owner": "cry128", - "repo": "nt", - "rev": "f42dcdd49a7921a7f433512e83d5f93696632412", - "type": "github" - }, - "original": { - "owner": "cry128", - "repo": "nt", - "type": "github" - } - }, "root": { "inputs": { - "cerulean": "cerulean", - "dobutterfliescry-net": "dobutterfliescry-net", + "ags": "ags", + "colmena": "colmena", "grub2-themes": "grub2-themes", - "home-manager": "home-manager_2", - "nix-flatpak": "nix-flatpak", - "nixcord": "nixcord", - "nixpkgs": "nixpkgs", - "nixpkgs-unstable": "nixpkgs-unstable", - "nt": "nt", - "systems": "systems_3" + "nixpkgs": "nixpkgs_4", + "nixpkgs-unstable": "nixpkgs-unstable" } }, - "spectrum": { - "flake": false, + "stable": { "locked": { - "lastModified": 1759482047, - "narHash": "sha256-H1wiXRQHxxPyMMlP39ce3ROKCwI5/tUn36P8x6dFiiQ=", - "ref": "refs/heads/main", - "rev": "c5d5786d3dc938af0b279c542d1e43bce381b4b9", - "revCount": 996, - "type": "git", - "url": "https://spectrum-os.org/git/spectrum" + "lastModified": 1730883749, + "narHash": "sha256-mwrFF0vElHJP8X3pFCByJR365Q2463ATp2qGIrDUdlE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "dba414932936fde69f0606b4f1d87c5bc0003ede", + "type": "github" }, "original": { - "type": "git", - "url": "https://spectrum-os.org/git/spectrum" + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" } }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "treefmt-nix": { - "inputs": { - "nixpkgs": [ - "nt", - "nix-unit", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1762410071, - "narHash": "sha256-aF5fvoZeoXNPxT0bejFUBXeUjXfHLSL7g+mjR/p5TEg=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "97a30861b13c3731a84e09405414398fbf3e109f", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, - "utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", + "repo": "default-linux", "type": "github" } } diff --git a/flake.nix b/flake.nix index 2e7b315..382bca6 100644 --- a/flake.nix +++ b/flake.nix @@ -1,55 +1,98 @@ { - description = "im gonna cry again ;-;"; + description = "Emile's Nix Dotfiles"; inputs = { - systems.url = "github:nix-systems/default"; - - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; - home-manager = { - url = "github:nix-community/home-manager/release-25.11"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + #home-manager = { + # url = "github:nix-community/home-manager"; + # inputs.nixpkgs.follows = "nixpkgs"; + #}; - nt.url = "github:cry128/nt"; - # nt.url = "/home/me/cry/mk/nt"; + grub2-themes.url = "github:vinceliuice/grub2-themes"; - cerulean = { - url = "github:cry128/Cerulean"; - # url = "/home/me/cry/mk/Cerulean"; - inputs = { - systems.follows = "systems"; - nixpkgs.follows = "nixpkgs"; - nt.follows = "nt"; + ags.url = "github:Aylur/ags"; + + colmena.url = "github:zhaofengli/colmena/?rev=47b6414d800c8471e98ca072bc0835345741a56a"; + }; + + outputs = { + self, + nixpkgs, + nixpkgs-unstable, + grub2-themes, + colmena, + ... + } @ inputs: let + system = "x86_64-linux"; + + pkgs = import nixpkgs { + inherit system; + config = { + allowUnfree = false; # sanity check }; }; - nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; - grub2-themes = { - url = "github:vinceliuice/grub2-themes"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - nixcord = { - url = "github:FlameFlag/nixcord"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - dobutterfliescry-net = { - url = "git+https://forge.dobutterfliescry.net/cry/site"; - inputs = { - nixpkgs.follows = "nixpkgs"; - nixpkgs-unstable.follows = "nixpkgs-unstable"; - systems.follows = "systems"; + pkgs-unstable = import nixpkgs-unstable { + inherit system; + config = { + allowUnfree = true; # TODO: bandaid solution... (for minecraft-server) }; }; - }; + # TODO: come back to this its really cool + # this is just something I'm experimenting with + # PROJECT_ROOT = builtins.toString ./.; + in { + devShells."x86_64-linux".default = pkgs.mkShell { + shell = "${pkgs.bash}/bin/bash"; - nixConfig = { - extra-experimental-features = "pipe-operators"; - }; + packages = with pkgs; [ + # ./script/* dependencies + mkpasswd + ]; + }; - outputs = inputs: - import ./snow.nix inputs; + nixosConfigurations = { + # i be on my puter fr + myputer = nixpkgs.lib.nixosSystem { + # nix passes these to every single module + specialArgs = {inherit inputs pkgs-unstable;}; + + modules = [ + ./hosts/myputer + grub2-themes.nixosModules.default + ]; + }; + + # my laptop 0w0 + lolcathost = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs pkgs-unstable;}; + + modules = [ + ./hosts/lolcathost + grub2-themes.nixosModules.default + ]; + }; + }; + + # remote deployment to my servers!! + colmenaHive = colmena.lib.makeHive { + meta = { + nixpkgs = pkgs; + specialArgs = {inherit pkgs-unstable;}; + + # set nixpkgs per server + nodeNixpkgs = { + hyrule = import nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = false; + }; + }; + }; + + # meine vps + hyrule = import ./hosts/hyrule; + }; + }; } diff --git a/groups/all/default.nix b/groups/all/default.nix deleted file mode 100644 index a636196..0000000 --- a/groups/all/default.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - imports = [ - ./modules/flatpak.nix - ]; - - # NOTE: mkDefault is 1000 and mkForce is 50 - # NOTE: so this is like a second mkDefault - security.sudo.wheelNeedsPassword = lib.mkDefault true; - - networking = { - networkmanager.enable = true; - - nftables.enable = true; - firewall.enable = lib.mkDefault true; - - # Use CloudFlare's WARP+ 1.1.1.1 DNS service - nameservers = [ - "1.1.1.1" - "1.0.0.1" - ]; - }; - - programs.nh = { - enable = true; - clean.enable = true; - clean.extraArgs = "--keep-since 7d --keep 3"; - flake = "/home/me/flake"; # sets NH_OS_FLAKE variable for you - }; - - nix.settings = { - # make wheel group trusted users allows my "ae" user - # to import packages not signed by a trusted key - # (aka super duper easier to remote deploy) - trusted-users = ["root" "@wheel"]; - experimental-features = [ - "nix-command" - "flakes" - "pipe-operators" - ]; - download-buffer-size = 524288000; # 500 MiB - }; - - time.timeZone = lib.mkDefault "Australia/Brisbane"; - - i18n.defaultLocale = lib.mkDefault "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - }; - - users.defaultUserShell = pkgs.bash; - - environment.systemPackages = with pkgs; [ - git - vim - wget - tree - ]; -} diff --git a/groups/all/modules/flatpak.nix b/groups/all/modules/flatpak.nix deleted file mode 100644 index fbc2b38..0000000 --- a/groups/all/modules/flatpak.nix +++ /dev/null @@ -1,12 +0,0 @@ -{...}: { - services.flatpak = { - # DEBUG: remotes = [ - # DEBUG: { - # DEBUG: location = "https://dl.flathub.org/repo/flathub.flatpakrepo"; - # DEBUG: name = "flathub"; - # DEBUG: } - # DEBUG: ]; - - # DEBUG: uninstallUnmanaged = true; - }; -} diff --git a/groups/cryde/default.nix b/groups/cryde/default.nix deleted file mode 100644 index 02c1be0..0000000 --- a/groups/cryde/default.nix +++ /dev/null @@ -1,133 +0,0 @@ -{ - pkgs, - upkgs, - config, - ... -}: { - imports = [ - ./programs.nix - - ../../hosts/modules/bashistrans.nix - ../../hosts/modules/wm/hyprland.nix - ../../hosts/modules/steam.nix - ../../hosts/modules/obsidian.nix - ]; - - boot.loader.grub2-theme = { - enable = true; - # GitHub: vinceliuice/grub2-themes - theme = "whitesur"; # stylish, vimix, or whitesur - footer = true; - customResolution = "1920x1080"; - }; - - services = { - # Set display manager (login screen) - displayManager = { - # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects - sddm = { - enable = true; - wayland.enable = true; # experimental - theme = "corners"; - }; - defaultSession = - "hyprland" - + ( - if config.programs.hyprland.withUWSM == true - then "-uwsm" - else null - ); - }; - - tumbler.enable = true; # Thunar image thumbnail support - gvfs.enable = true; # Thunar mount, trash, and other functionality - }; - - programs = { - zsh.enable = true; - fish.enable = true; - - nix-ld.enable = true; - - neovim = { - enable = true; - defaultEditor = true; - viAlias = true; - vimAlias = true; - configure = { - customRC = '' - set number - set tabstop=4 - set shiftwidth=4 - ''; - }; - }; - - # Thunar also uses: `services.tumbler` & `services.gvfs` - thunar = { - enable = true; - plugins = with pkgs.xfce; [ - thunar-volman # for removable drives (ie USBs) - thunar-archive-plugin # create and extract archives - thunar-media-tags-plugin # change metadata for media files - ]; - }; - - # mozilla's email client - thunderbird.enable = true; - }; - - # ----- FONTS ----- - fonts = { - enableDefaultPackages = true; # no clue what this line does tbh - packages = with pkgs; - [ - geist-font # for my hyprlock theme - # texlive maintains a noto-emoji flake - texlivePackages.noto-emoji - ] - ++ builtins.filter lib.attrsets.isDerivation ( - builtins.attrValues pkgs.nerd-fonts - ); - - # TODO: change my default fonts - fontconfig = { - defaultFonts = { - serif = ["Geist"]; # TODO: package Iosevka Etoile since Iosevka isn't a serif font - sansSerif = ["Geist"]; - monospace = ["Cousine"]; - emoji = ["Noto Emoji"]; - }; - }; - }; - - # ---- ENVIRONMENT VARIABLES ---- - environment = { - sessionVariables = { - # Hint Electrons apps to use Wayland - NIXOS_OZONE_WL = "1"; - }; - systemPackages = with pkgs; [ - sddm-theme-corners - ]; - }; - - # ------- USERS ------- - users = { - users = { - # literally me fr (personal account) - me = { - isNormalUser = true; - extraGroups = ["wheel" "netdev" "docker"]; - shell = pkgs.bash; - packages = with pkgs; [ - firefox - nitch - starfetch - - gitkraken - ]; - }; - }; - }; -} diff --git a/groups/cryde/programs.nix b/groups/cryde/programs.nix deleted file mode 100644 index 09c0a67..0000000 --- a/groups/cryde/programs.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - pkgs, - upkgs, - ... -}: { - # ---- SYSTEM PACKAGES ----- - environment.systemPackages = with pkgs; [ - # User Environment - swww - helvum - easyeffects - pavucontrol - ani-cli - bluetui - wl-clipboard # clipboard for wayland - hyprpicker # color picker - hyprshot # screenshot utility - wl-screenrec # screen recording utility - qbittorrent # torrenting - signal-desktop - kdePackages.gwenview # image viewer - video-trimmer - element-desktop - - # Games - prismlauncher # minecraft - upkgs.olympus # celeste - discord - discordo - upkgs.ekphos - ]; -} diff --git a/groups/cryos/default.nix b/groups/cryos/default.nix deleted file mode 100644 index 82699d6..0000000 --- a/groups/cryos/default.nix +++ /dev/null @@ -1,140 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - imports = [ - ./programs.nix - ]; - - nixpkgs.config.allowUnfreePredicate = let - whitelist = with pkgs; - map lib.getName [ - discord - steam - steamcmd - steam-unwrapped - - winbox - - obsidian - gitkraken - ]; - in - pkg: builtins.elem (lib.getName pkg) whitelist; - - boot.loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot/efi"; - }; - grub = { - efiSupport = true; - device = "nodev"; - # useOSProber = true; - }; - }; - - # Enable initrd hook for virtual console customisation - # aka cool colours when bootting yay!! - console = { - enable = true; - earlySetup = true; # initrd pre hook - keyMap = "us"; - font = "Lat2-Terminus16"; - # ANSI 24-bit color definitions (theme: dracula) - colors = [ - "21222c" - "ff5555" - "50fa7b" - "f1fa8c" - "bd93f9" - "ff79c6" - "8be9fd" - "f8f8f2" - "6272a4" - "ff6e6e" - "69ff94" - "ffffa5" - "d6acff" - "ff92df" - "a4ffff" - "ffffff" - ]; - }; - - hardware = { - graphics = { - enable = true; - enable32Bit = true; - }; - - bluetooth = { - enable = true; - powerOnBoot = true; - }; - }; - - virtualisation.docker.enable = true; - - services = { - # systemd-resolved provides network name resolution - # to local processes via a D-Bus interface. - resolved = { - enable = true; - dnssec = "true"; - domains = ["~."]; - # Use CloudFlare's WARP+ 1.1.1.1 DNS service - fallbackDns = [ - "1.1.1.1#one.one.one.one" - "1.0.0.1#one.one.one.one" - ]; - dnsovertls = "true"; - }; - - # Multimedia Framework - # With backwards compatability for alsa/pulseaudio/jack - pipewire = { - enable = true; - audio.enable = true; - wireplumber.enable = true; - - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - }; - - security = { - rtkit.enable = true; # I *think* this is for pipewire - sudo.wheelNeedsPassword = lib.mkDefault true; - }; - - # ---- ENVIRONMENT VARIABLES ---- - environment = { - # always install "dev" derivation outputs - extraOutputsToInstall = ["dev" "man"]; - - sessionVariables = { - # folder names with capitalisation look awful! - XDG_DOWNLOAD_DIR = "$HOME/downloads"; - }; - }; - - documentation = { - enable = true; - doc.enable = true; # install /share/doc packages - man = { - enable = true; # install manpages - generateCaches = false; - }; - info.enable = true; # install GNU info - dev.enable = true; # install docs intended for developers - nixos = { - enable = true; # install NixOS documentation (ie man -k nix, & nixos-help) - options.splitBuild = true; - includeAllModules = false; - }; - }; -} diff --git a/groups/cryos/programs.nix b/groups/cryos/programs.nix deleted file mode 100644 index 3e58545..0000000 --- a/groups/cryos/programs.nix +++ /dev/null @@ -1,121 +0,0 @@ -{pkgs, ...}: { - environment.systemPackages = with pkgs; [ - # Shell - bash - fish - shellcheck - grc # colorise command outputs - moreutils - - # Systems Emulation - qemu # Fellice Bellard's Quick Emulator - # Binaries - binutils - strace - ltrace - perf-tools # ftrace + perf - radare2 - gdb - hexyl - # ASM - nasm - x86-manpages - # C Family - gcc - clang - clang-tools - gnumake - cmake - - # Rust - cargo - rustc - rustfmt - # Go - go - # Nim - nim - nimble - # Haskell - ghc - ghcid - ormolu - - # Nix - nix-prefetch-git - nix-index - nix-unit - - # Python - python312 # I use 3.12 since it's in a pretty stable state now - python314 # also 3.14 for latest features - poetry - # Sage - sageWithDoc # SageMath + HTML Documentation - - # .NET - dotnetCorePackages.dotnet_9.sdk - dotnetCorePackages.dotnet_9.aspnetcore - dotnetCorePackages.dotnet_9.runtime - - openvpn - inetutils - wireguard-tools - - # security tools - rustscan - nmap - dig - gobuster - nth - zap - - httpie - curlie - zoxide - doggo - tldr - btop - eza - yazi - lazygit - ripgrep - viddy # modern `watch` command - timg # terminal image (sixel) viewer - - # Pretty necessary - git - git-filter-repo - brightnessctl - acpi - # upower - vim - powertop - imagemagick - - # "Standard" Unix Commands - file - wget - tree - pstree - zip - unzip - unrar-free - lz4 - man-pages - man-pages-posix - - # Cryptography - gnupg - openssl - libargon2 - ]; - - programs = { - gnupg.agent = { - enable = true; - pinentryPackage = pkgs.pinentry-curses; - enableSSHSupport = true; - }; - }; -} diff --git a/groups/server/default.nix b/groups/server/default.nix deleted file mode 100644 index 32fe569..0000000 --- a/groups/server/default.nix +++ /dev/null @@ -1,71 +0,0 @@ -{lib, ...}: { - networking.firewall = { - allowedTCPPorts = [ - 42069 # ssh - ]; - }; - - security = { - # accept Lets Encrypt's security policy - acme = { - acceptTerms = true; - defaults.email = "eclarkboman@gmail.com"; - }; - - sudo = { - enable = true; - wheelNeedsPassword = true; - }; - # allow SSH keys for passwordless auth - pam = { - sshAgentAuth.enable = true; - services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module - }; - }; - - services = { - openssh = { - enable = true; - ports = [42069]; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "no"; - AllowUsers = ["cry"]; # DO NOT ALLOW ALL - UseDns = true; - X11Forwarding = false; - }; - }; - }; - - # simple fail2ban config (not production ready or anything though) - # refer to: https://nixos.wiki/wiki/Fail2Ban - services.fail2ban = { - enable = true; - - maxretry = 5; - bantime = "10m"; # 10 minute ban - bantime-increment = { - enable = true; - formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)"; - # multipliers = "1 2 4 8 16 32 64"; - maxtime = "168h"; # dont ban for more than 1 week - overalljails = true; - }; - }; - - users = { - users = { - # primary user - cry = { - isNormalUser = true; - home = "/home/cry"; - extraGroups = ["wheel"]; - openssh.authorizedKeys.keys = lib.mkDefault [ - (throw '' - Hosts in the `server` group must set `users.users.cry.openssh.authorizedKeys.keys = [ ... ]`. - '') - ]; - }; - }; - }; -} diff --git a/homes/me/default.nix b/homes/me/default.nix index 169219f..fac7454 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -1,30 +1,31 @@ { + inputs, + outputs, lib, + config, pkgs, + pkgs-unstable, ... }: { imports = [ - ../modules/fish.nix - ../modules/btop.nix - ../modules/tmux.nix - ../modules/term/foot.nix ../modules/git.nix ../modules/bat.nix - + ../modules/fish.nix ../modules/editor/helix.nix + # ../modules/editor/vscodium.nix + ../modules/btop.nix + ../modules/term/ghostty.nix + ../modules/term/foot.nix + # ../modules/term/rio.nix ../modules/firefox.nix - ../modules/apps/thunderbird.nix + + #../modules/wm/hypr/hypridle.nix ../modules/wm/hypr/hyprlock.nix ../modules/kanshi.nix - ../modules/mako.nix + ../modules/ags ]; - nixpkgs.config.allowUnfreePredicate = pkg: - builtins.elem (lib.GetName pkg) [ - "vscode-extension-ms-dotnettools-csharp" - ]; - home = { username = "me"; homeDirectory = "/home/me"; @@ -34,10 +35,6 @@ man = "batman"; # bat + man }; - sessionVariables = { - NIX_SHELL_PRESERVE_PROMPT = 1; - }; - pointerCursor = { gtk.enable = true; # x11.enable = true # dont enable since im on hyprland @@ -45,18 +42,6 @@ name = "Bibata-Modern-Ice"; size = 16; }; - - packages = with pkgs; [ - # for services.gnome-keyring - pkgs.gcr # provides org.gnome.keyring.SystemPrompter - seahorse # gui - - tor-browser - - fuzzel - - speedtest-cli - ]; }; gtk = { @@ -106,30 +91,36 @@ }; # set ssh profiles - # WARNING: this DOES NOT start the ssh-agent - # WARNING: for that you need to use `services.ssh-agent.enable` + # NOTE: (IMPORTANT) this DOES NOT start the ssh-agent + # for that you need to use `services.ssh-agent.enable` ssh = { enable = true; forwardAgent = false; - addKeysToAgent = "yes"; + addKeysToAgent = "no"; matchBlocks = { - butterfly = { - hostname = "dobutterfliescry.net"; - user = "cry"; - port = 42069; - identityFile = "~/.ssh/id_butterfly"; + hyrule = { + hostname = "imbored.dev"; + user = "ae"; + port = 22; + identityFile = "~/.ssh/id_hyrule"; setEnv = { TERM = "linux"; }; }; - clocktown = { - hostname = "hyrule.dobutterfliescry.net"; - user = "cry"; - port = 42069; - identityFile = "~/.ssh/id_hyrule"; + subspace = { + hostname = "imbored.dev"; + user = "subspace"; + port = 22; + identityFile = "~/.ssh/id_subspace"; + }; + dead = { + hostname = "deadlyserver.com"; + user = "emile"; + port = 29843; + identityFile = "~/.ssh/id_deadlyserver"; setEnv = { - TERM = "linux"; + TERM = "xterm-256color"; }; }; youcue = { @@ -145,12 +136,8 @@ }; }; - services = { - # enable OpenSSH private key agent - ssh-agent.enable = true; - - gnome-keyring.enable = true; - }; + # enable OpenSSH private key agent + services.ssh-agent.enable = true; # the ssh-agent won't set this for itself... systemd.user.sessionVariables.SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/ssh-agent"; # Nicely reload system units when changing configs diff --git a/homes/modules/apps/thunderbird.nix b/homes/modules/apps/thunderbird.nix deleted file mode 100644 index dd4f861..0000000 --- a/homes/modules/apps/thunderbird.nix +++ /dev/null @@ -1,10 +0,0 @@ -{...}: { - programs.thunderbird = { - enable = true; - profiles = { - "me" = { - isDefault = true; - }; - }; - }; -} diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index bccdc13..e7d6003 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -1,64 +1,5 @@ -{ - pkgs, - # upkgs, - ... -}: let - lsps = { - bash-language-server = { - pkg = pkgs.bash-language-server; - cmd = "bash-language-server"; - }; - - clangd = { - pkg = pkgs.clang-tools; - cmd = "clangd"; - }; - - glsl_analyzer = { - pkg = pkgs.glsl_analyzer; - cmd = "glsl_analyzer"; - }; - - haskell-language-server = { - pkg = pkgs.haskell-language-server; - cmd = "haskell-language-server-wrapper"; - }; - - # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) - # helix will support nixd by default - # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix - nixd = { - pkg = pkgs.nixd; - cmd = "nixd"; - }; - - OmniSharp = { - pkg = pkgs.omnisharp-roslyn; - cmd = "OmniSharp"; - }; - - rust-analyzer = { - pkg = pkgs.rust-analyzer; - cmd = "rust-analyzer"; - }; - - ty = { - pkg = pkgs.ty; # DEBUG: upkgs.ty; - cmd = "ty"; - }; - - typescript-language-server = { - pkg = pkgs.typescript-language-server; - cmd = "typescript-language-server"; - }; - }; -in { - home.packages = - lsps - |> builtins.attrValues - |> map (lsp: lsp.pkg); - - # REF: https://docs.helix-editor.com/editor.html +{pkgs, ...}: { + # read https://docs.helix-editor.com/editor.html programs.helix = { enable = true; settings = { @@ -187,79 +128,28 @@ in { }; auto-format = false; # my python is beautiful ^_^ rulers = [80]; - language-servers = ["ty"]; } { name = "c"; file-types = ["c" "h"]; # use .hpp for C++ - auto-format = true; + auto-format = false; formatter.command = "${pkgs.clang-tools}/bin/clang-format"; language-servers = ["clangd"]; } - { - name = "haskell"; - auto-format = true; - formatter.command = "${pkgs.ormolu}/bin/ormolu"; - language-servers = ["haskell-language-server"]; - } - { - name = "rust"; - indent = { - tab-width = 2; - unit = " "; - }; - auto-format = true; - formatter.command = "${pkgs.rustfmt}/bin/rustfmt"; - language-servers = ["rust-analyzer"]; - } - { - name = "c-sharp"; - file-types = ["cs"]; - indent = { - tab-width = 4; - unit = " "; - }; - block-comment-tokens = { - start = "/*"; - end = "*/"; - }; - # auto-format = true; - # formatter.command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp"; - # language-servers = ["OmniSharp"]; - } - { - name = "javascript"; - file-types = ["js"]; - indent = { - tab-width = 2; - unit = " "; - }; - block-comment-tokens = { - start = "/*"; - end = "*/"; - }; - auto-format = true; - language-servers = ["typescript-language-server"]; - } - { - name = "glsl"; - file-types = ["glsl"]; - indent = { - tab-width = 2; - unit = " "; - }; - block-comment-tokens = { - start = "/*"; - end = "*/"; - }; - auto-format = false; - language-servers = ["glsl_analyzer"]; - } ]; - language-server = - lsps - |> builtins.mapAttrs (_: lsp: {command = "${lsp.pkg}/bin/${lsp.cmd}";}); + language-server = { + # use nixd as default nix lsp (I haven't tried nil yet) + # NOTE: nixd will be supported by default after nix 24.07 + # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix + nixd = { + command = "${pkgs.nixd}/bin/nixd"; + }; + # clangd for C + clangd = { + command = "${pkgs.clang-tools}/bin/clangd"; + }; + }; }; }; } diff --git a/homes/modules/editor/vscode.nix b/homes/modules/editor/vscode.nix deleted file mode 100644 index f824b1c..0000000 --- a/homes/modules/editor/vscode.nix +++ /dev/null @@ -1,134 +0,0 @@ -{ - config, - lib, - pkgs, - vscodium ? false, - secret-service ? "gnome-libsecret", - vscode-argv ? ".vscode/argv.json", - ... -}: { - nixpkgs.overlays = [ - ( - self: super: { - vscode-extensions = super.vscode-extensions.overrideAttrs (prev: let - mkVscMarketplaceExtension = { - publisher, - name, - version, - hash, - description ? "", - homepage ? null, - changelog ? null, - license ? null, - maintainers ? [lib.maintainers.emileclarkb], - }: - with pkgs.vscode-utils.buildVscodeMarketplaceExtension; { - ${publisher}.${name} = buildVscodeMarketplaceExtension { - mktplcRef = { - inherit - publisher - name - version - hash - ; - }; - - meta = { - inherit - ( - if license != null - then {license = license;} - else {} - ) - description - homepage - maintainers - ; - downloadPage = "https://marketplace.visualstudio.com/items?itemName=${publisher}.${name}"; - changelog = - if changelog != null - then changelog - else "https://marketplace.visualstudio.com/items/${publisher}.${name}/changelog"; - }; - }; - }; - in - lib.mergeAttrsList [ - (mkVscMarketplaceExtension { - publisher = "ms-dotnettools"; - name = "dotnet-maui"; - version = "1.11.14"; - hash = lib.fakeHash; - - description = "Extend C# Dev Kit with tools for building .NET Multi-platform App UI (MAUI) apps"; - homepage = "https://github.com/microsoft/vscode-dotnettools"; - license = lib.licenses.unfree; - }) - ]); - } - ) - ]; - - # REF: https://home-manager-options.extranix.com/?query=vscode&release=release-25.05 - programs.vscode = { - enable = true; - # TODO: clean up - package = - ( - if vscodium - then pkgs.vscodium - else pkgs.vscode - ).overrideAttrs (oldAttrs: { - # runtimeDependencies = oldAttrs.runtimeDependencies ++ [] - }); - - mutableExtensionsDir = true; - - profiles.default = { - enableUpdateCheck = false; - enableExtensionUpdateCheck = false; - # extension format: USER.PACKAGENAME - extensions = with pkgs.vscode-extensions; [ - # .NET - ms-dotnettools.csharp - ms-dotnettools.csdevkit - ms-dotnettools.vscode-dotnet-runtime - # TODO: these extensions aren't packaged :( - # deitry.solution-syntax - # ms-dotnettools.vscode-dotnet-pack - # ms-dotnettools.dotnet-maui - - # Python - ms-python.python - - # GitLens by GitKraken - eamodio.gitlens - ms-azuretools.vscode-docker - - github.copilot - github.copilot-chat - - # Colors & Themes - dracula-theme.theme-dracula - catppuccin.catppuccin-vsc - catppuccin.catppuccin-vsc-icons - mvllow.rose-pine - ]; - - userSettings = { - "workbench.colorTheme" = "Dracula Theme"; - "github.copilot.nextEditSuggestions.enabled" = true; - }; - }; - }; - - # TODO: this is super ugly, make sure the JSON is formatted!! - home.file.${vscode-argv}.text = builtins.toJSON { - password-store = secret-service; - - disable-hardware-acceleration = false; - disable-color-correct-rendering = false; - enable-crash-reporter = false; - # crash-report-id = ...; - }; -} diff --git a/homes/modules/editor/vscodium.nix b/homes/modules/editor/vscodium.nix index ecde271..c5daf64 100644 --- a/homes/modules/editor/vscodium.nix +++ b/homes/modules/editor/vscodium.nix @@ -1,37 +1,9 @@ -{ - lib, - pkgs, - ... -}: { - # REF: https://home-manager-options.extranix.com/?query=vscode&release=release-25.05 +{pkgs, ...}: { programs.vscode = { enable = true; package = pkgs.vscodium; - mutableExtensionsDir = true; - - profiles.default = { - enableUpdateCheck = false; - enableExtensionUpdateCheck = false; - # extension format: USER.PACKAGENAME - extensions = with pkgs.vscode-extensions; [ - # .NET - ms-dotnettools.csharp - ms-dotnettools.csdevkit - ms-dotnettools.vscode-dotnet-runtime - # ms-dotnettools.vscode-dotnet-pack - # ms-dotnettools.dotnet-maui - - # Colors & Themes - dracula-theme.theme-dracula - catppuccin.catppuccin-vsc - catppuccin.catppuccin-vsc-icons - mvllow.rose-pine - ]; - - userSettings = { - "workbench.colorTheme" = "Dracula Theme"; - }; - }; + extensions = with pkgs.vscode-extensions; [ + ]; }; } diff --git a/homes/modules/fish.nix b/homes/modules/fish.nix index 69d82f3..51a40f4 100755 --- a/homes/modules/fish.nix +++ b/homes/modules/fish.nix @@ -12,54 +12,21 @@ config = { programs.fish = { enable = true; - generateCompletions = true; - - # vendor = { - # config.enable = true; - # functions.enable = true; - # completions.enable = true; - # }; - - interactiveShellInit = let - greetings = - [ - "Welcome weary traveller to my shop" - "It's dangerous to go alone! Take this." - "Do butterflies cry when they're sad?" - "I hope they do" - "I think Alice is lost..." - - "Something wicked this way comes" - "May your L's be many... and your bitches few" - - "What a horrible night to have a curse." - "The ancient spirits of light and dark have been released." - "The god of the stars rejects your offering. The ritual can only be performed at night." - "You should have just died..." - "Supreme Witch, Calamitas has killed every player!" - ] - |> map (x: "\"${x}\"") - |> builtins.concatStringsSep " "; - in '' + interactiveShellInit = '' # add dotnet completions if it exists (ie we're in a virtual environment) if type -q dotnet complete -f -c dotnet -a "(dotnet complete (commandline -cp))" end function rand_greet - set greetings ${greetings} + set weary "Welcome weary traveller to my shop" + set alone "It's dangerous to go alone! Take this." + set sad "Do butterflies cry when they're sad?" + set alice "I think Alice is lost..." + set greetings "$weary" "$alone" "$sad" "$alice" echo -n $greetings[(random 1 (count $greetings))] end - function gitignore -a type - curl -sL "https://www.gitignore.io/api/$type" - end - - # ripgrep on files - function rgf - rg --files | rg $args - end - set -g fish_greeting (rand_greet) diff --git a/homes/modules/git.nix b/homes/modules/git.nix index c1e3ed6..3e0cfb0 100755 --- a/homes/modules/git.nix +++ b/homes/modules/git.nix @@ -5,70 +5,25 @@ }: { programs.git = { enable = true; - lfs.enable = true; - - signing = { - # key = "F68745A836CA0412"; - # format = "openpgp"; - # signByDefault = true; - }; - - settings = { - user.name = "_cry64"; - user.email = "them@dobutterfliescry.net"; - - alias = { - s = "status"; - d = "diff"; - l = "log"; - c = "commit"; - p = "push"; - }; - + extraConfig = { color.ui = true; core.editor = "hx"; - github.user = "cry128"; + github.user = "emileclarkb"; init = { defaultBranch = "main"; }; url = { - "git@github.com:" = { + "https://github.com/" = { insteadOf = [ "gh:" "github:" ]; }; - "https://gitlab.com/" = { - insteadOf = [ - "gl:" - "gitlab:" - ]; - }; - "git@codeberg.org:" = { - insteadOf = [ - "cb:" - "codeberg:" - ]; - }; - "git@tearforge.net/" = { - insteadOf = [ - "cry:" - "forge:" - ]; - }; }; }; - includes = [ - { - path = "/home/me/agribit/.gitconfig"; - condition = "gitdir:/home/me/agribit/**"; - } - # { - # path = "/home/me/luminary/.gitconfig"; - # condition = "gitdir:/home/me/luminary/**"; - # } - ]; + userName = "Emile Clark-Boman"; + userEmail = "eclarkboman@gmail.com"; }; } diff --git a/homes/modules/mako.nix b/homes/modules/mako.nix deleted file mode 100644 index 762cd96..0000000 --- a/homes/modules/mako.nix +++ /dev/null @@ -1,54 +0,0 @@ -{...}: let - dracula = rec { - background = "#282A36"; - border = cyan; - - cyan = "#8BE9FD"; - yellow = "#F1FA8C"; - red = "#FF5555"; - }; - - theme = dracula; -in { - # notification daemon for Wayland - services.mako = { - enable = true; - settings = { - actions = true; - anchor = "top-right"; - layer = "overlay"; - sort = "-time"; - - height = 100; - width = 300; - margin = 50; - background-color = theme.background; - border-color = theme.border; - border-radius = 20; - border-size = 4; - font = "monospace 10"; - - markup = true; - icons = true; - max-icon-size = 64; - - default-timeout = 5000; - ignore-timeout = false; - - "actionable=true" = { - anchor = "top-left"; - }; - - "urgency=low" = { - border-color = theme.border; - }; - "urgency=normal" = { - border-color = theme.yellow; - }; - "urgency=high" = { - default-timeout = 0; - border-color = theme.red; - }; - }; - }; -} diff --git a/homes/modules/nixcord.nix b/homes/modules/nixcord.nix old mode 100644 new mode 100755 index 97e6b15..a006c0e --- a/homes/modules/nixcord.nix +++ b/homes/modules/nixcord.nix @@ -1,248 +1,16 @@ -{inputs, ...}: { - imports = [ - inputs.nixcord.homeModules.nixcord - ]; - +{ + config, + pkgs, + ... +}: { programs.nixcord = { enable = true; - equibop.enable = true; - - discord = { - vencord.enable = false; - equicord.enable = true; - }; - config = { - enabledThemes = [ - # "aurorastheme.css" - # "base16-colors.css" - ]; + frameless = true; plugins = { - anonymiseFileNames = { - enable = true; - anonymiseByDefault = true; - method = 0; - randomisedLength = 16; - }; - betterSessions = { - backgroundCheck = true; - checkInterval = 1; - }; - biggerStreamPreview.enable = true; - callTimer.enable = true; - fixYoutubeEmbeds.enable = true; - fixSpotifyEmbeds.enable = true; - tidalEmbeds.enable = true; - youtubeAdblock.enable = true; - followVoiceUser.enable = true; - friendsSince.enable = true; - ircColors = { - enable = true; - lightness = 80; - memberListColors = true; - applyColorOnlyInDms = false; - applyColorOnlyToUsersWithoutColor = false; - }; - messageLogger = { - enable = true; - showEditDiffs = true; - separatedDiffs = false; - }; - # fakeNitro.enable = true; - ghosted.enable = true; - noF1.enable = true; - noMaskedUrlPaste.enable = true; - messageLatency = { - enable = false; - latency = -1; - showMillis = true; - }; - openInApp.enable = true; - crashHandler.enable = true; - disableCallIdle.enable = true; - experiments.enable = true; - expressionCloner.enable = true; - favoriteGifSearch.enable = true; - fixImagesQuality.enable = true; - forceOwnerCrown.enable = true; - forwardAnywhere.enable = true; - spotifyCrack.enable = true; - spotifyShareCommands.enable = true; - spotifyControls.enable = true; - fullUserInChatbox.enable = true; - gifPaste.enable = true; - ignoreActivities = { - enable = true; - ignorePlaying = true; - ignoreStreaming = true; - ignoreListening = true; - ignoreWatching = true; - ignoreCompeting = true; - }; - imageLink.enable = true; - imageZoom.enable = true; - memberCount.enable = true; - noDevtoolsWarning.enable = true; - noUnblockToJump.enable = true; - pauseInvitesForever.enable = true; - permissionsViewer.enable = true; - pictureInPicture = { - enable = true; - loop = true; - }; - platformIndicators.enable = true; - previewMessage.enable = true; - relationshipNotifier.enable = true; - revealAllSpoilers.enable = true; - serverInfo.enable = true; - serverListIndicators.enable = true; - showHiddenChannels.enable = true; - showHiddenThings.enable = true; - showTimeoutDuration = { - enable = true; - displayStyle = "tooltip"; - }; - silentTyping = { - enable = true; - enabledGlobally = false; - }; - startupTimings.enable = true; - typingIndicator.enable = true; - unlockedAvatarZoom = { - enable = true; - zoomMultiplier = 4.0; - }; - userMessagesPronouns.enable = true; - validUser.enable = true; - validReply.enable = true; - viewIcons = { - enable = true; - format = "webp"; - imgSize = "4096"; - }; - voiceChatDoubleClick.enable = true; - voiceDownload.enable = true; - voiceMessages = { - enable = true; - noiseSuppression = false; - echoCancellation = true; - }; - volumeBooster.enable = true; - webKeybinds.enable = true; - webScreenShareFixes.enable = true; - whoReacted.enable = true; - whosWatching.enable = true; - quickReply.enable = true; - questCompleter.enable = true; - shikiCodeblocks = { - enable = true; - useDevIcon = "COLOR"; - theme = "https://raw.githubusercontent.com/shikijs/textmate-grammars-themes/2d87559c7601a928b9f7e0f0dda243d2fb6d4499/packages/tm-themes/themes/kanagawa-wave.json"; - }; + # TODO: remove this plugin + hideAttachments.enable = true; }; }; }; - - programs.nixcord.config.plugins.PinDMs = { - enable = true; - canCollapseDmSection = true; - # userBasedCategoryList = { - # "1202666382760607774" = [ - # { - # id = "i9dflmraztc"; - # name = "🏳️‍⚧️ girlfriends!!! :3 🏳️‍⚧️"; - # color = 16359423; - # collapsed = false; - # channels = [ - # "1436964273162289185" - # "1436988320474206311" - # "1449837047383855119" - # "1436965652861685891" - # "1436968495190642722" - # "1465424321919975454" - # ]; - # } - # { - # id = "p2v1f5y9zbd"; - # name = "🦋 best frens <3 🦋"; - # color = 10223511; - # collapsed = false; - # channels = [ - # "1436985374286155799" - # "1436965657076826222" - # "1429921297160212681" - # "1394808379381387385" - # "1433593753183977545" - # "1438254055452446881" - # "1436966389549236376" - # "1202678007026819134" - # "1437151552224624660" - # "1441906462094921789" - # "1450340272079769712" - # "1458123717124165764" - # "1436975341129306155" - # "1461885176534794427" - # "1462155159470866443" - # "1468735915076878407" - # ]; - # } - # { - # id = "c0mg5w635j8"; - # name = "🏳️‍🌈 close frens x3 🏳️‍🌈"; - # color = 10780927; - # collapsed = false; - # channels = [ - # "1437077103873888290" - # "1436975346338762823" - # "1437123353101205590" - # "1441516692164575283" - # "1419557866502754334" - # "1436985041203892315" - # "1438071327515742229" - # ]; - # } - # { - # id = "ghjrq5el3b"; - # name = "frens :3"; - # color = 7334399; - # collapsed = false; - # channels = [ - # "1437007154132422701" - # "1437006448948416526" - # "1446781617422209068" - # "1444723474835837103" - # "1437098569483161721" - # "1437237573146771469" - # "1436973705421914123" - # "1437135359359320125" - # "1438010723837022343" - # "1440553969461104740" - # "1437097082887475201" - # "1447222320015085740" - # "1462624704027164824" - # "1449513783893692589" - # "1463737720961634461" - # "1463000874392748249" - # "1461929299727749145" - # "1436984534712451105" - # "1436983282582683813" - # "1437283420312047659" - # "1437089201651847315" - # "1468324280445046824" - # ]; - # } - # { - # id = "zbmj00xw7d8"; - # name = "goop chats"; - # color = 14876549; - # collapsed = false; - # channels = [ - # "1437132769141719040" - # "1445549416516681902" - # "1458849972815663209" - # ]; - # } - # ]; - # }; - }; } diff --git a/homes/modules/server/fail2ban.nix b/homes/modules/server/fail2ban.nix new file mode 100755 index 0000000..0681c68 --- /dev/null +++ b/homes/modules/server/fail2ban.nix @@ -0,0 +1,17 @@ +{...}: { + # simple fail2ban config (not production ready or anything though) + # refer to: https://nixos.wiki/wiki/Fail2Ban + services.fail2ban = { + enable = true; + + maxretry = 5; + bantime = "10m"; # 10 minute ban + bantime-increment = { + enable = true; + formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)"; + multipliers = "1 2 4 8 16 32 64"; + maxtime = "168h"; # dont ban for more than 1 week + overalljails = true; + }; + }; +} diff --git a/homes/modules/server/nginx.nix b/homes/modules/server/nginx.nix new file mode 100755 index 0000000..a11b65c --- /dev/null +++ b/homes/modules/server/nginx.nix @@ -0,0 +1,35 @@ +{...}: { + services = { + # use nginx as the reverse proxy + # (also will use certbot and Let's Encrypt) + # refer to: https://nixos.wiki/wiki/Nginx + nginx = { + enable = true; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + # https://imbored.dev + virtualHosts = { + "imbored.dev" = { + forceSSL = true; + enableACME = true; + # config reverse proxy paths + locations = { + "/" = { + # TODO + proxyPass = "http://127.0.0.1:12345"; + }; + }; + }; + }; + }; + }; + + security.acme = { + acceptTerms = true; + defaults.email = "eclarkboman@gmail.com"; + }; +} diff --git a/homes/modules/server/ssh.nix b/homes/modules/server/ssh.nix new file mode 100755 index 0000000..b898468 --- /dev/null +++ b/homes/modules/server/ssh.nix @@ -0,0 +1,13 @@ +{...}: { + services.openssh = { + enable = true; + ports = [22]; + settings = { + PasswordAuthentication = true; + PermitRootLogin = "no"; + AllowUsers = null; # allow all users by default + UseDns = true; + X11Forwarding = false; + }; + }; +} diff --git a/homes/modules/term/foot.nix b/homes/modules/term/foot.nix index 4fdaad5..348eefa 100644 --- a/homes/modules/term/foot.nix +++ b/homes/modules/term/foot.nix @@ -1,8 +1,7 @@ -# DEBUG: {upkgs, ...}: { -{pkgs, ...}: { +{pkgs-unstable, ...}: { programs.foot = { enable = true; - package = pkgs.foot; # DEBUG: upkgs.foot; + package = pkgs-unstable.foot; server.enable = true; diff --git a/homes/modules/tmux.nix b/homes/modules/tmux.nix deleted file mode 100644 index e5946c0..0000000 --- a/homes/modules/tmux.nix +++ /dev/null @@ -1,5 +0,0 @@ -{...}: { - programs.tmux = { - enable = true; - }; -} diff --git a/homes/modules/wm/hypr/hyprland.nix b/homes/modules/wm/hypr/hyprland.nix index 38ed5af..40a1d99 100755 --- a/homes/modules/wm/hypr/hyprland.nix +++ b/homes/modules/wm/hypr/hyprland.nix @@ -1,42 +1,2 @@ # NOTE: hyprland must be enabled in BOTH your host config (for running hyprland) # and your home-manager config (for managing hyprland's config files) -{ - pkgs, - inputs, - config, - lib, - ... -}: { - options.hyprland = { - enable = lib.mkEnableOption "Hyprland"; - }; - - config = lib.mkIf config.hyprland.enable { - wayland.windowManager.hyprland = { - enable = true; - package = pkgs.hyprland; - - xwayland.enable = true; - - systemd = { - enable = true; - # enable autostart of applications - # REF: `man 8 systemd-xdg-autostart-generator` - enableXdgAutostart = true; - }; - - plugins = with inputs; [ - split-monitor-workspaces.packages.${pkgs.system}.split - ]; - }; - - xdg.portal = { - enable = true; - extraPortals = with pkgs; [ - xdg-desktop-portal-gtk - ]; - }; - - # TODO: finish this - }; -} diff --git a/homes/subspace/default.nix b/homes/subspace/default.nix new file mode 100644 index 0000000..c827022 --- /dev/null +++ b/homes/subspace/default.nix @@ -0,0 +1,87 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: { + nixpkgs = { + config.allowUnfree = false; + }; + + imports = [ + ]; + + home = { + username = "subspace"; + homeDirectory = "/home/subspace"; + }; + + programs = { + fish = { + enable = true; + # Extra commands to run when entering a interactive shell + # (for the subspace user this will be exiting fish to + # run wishlist instead, a shell should not pop up!) + loginShellInit = '' + clear + exec wishlist + ''; + }; + + ssh = { + enable = true; + forwardAgent = true; + addKeysToAgent = "yes"; + + matchBlocks = { + hyrule = { + hostname = "imbored.dev"; + user = "ae"; + port = 22; + identityFile = "~/.ssh/id_hyrule"; + setEnv = { + TERM = "linux"; + }; + }; + dead = { + hostname = "deadlyserver.com"; + user = "emile"; + port = 29843; + identityFile = "~/.ssh/id_deadlyserver"; + setEnv = { + TERM = "xterm-256color"; + }; + }; + youcue = { + hostname = "moss.labs.eait.uq.edu.au"; + user = "s4740056"; + port = 22; + identityFile = "~/.ssh/id_youcue"; + setEnv = { + TERM = "xterm-256color"; + }; + }; + }; + }; + }; + + # Nicely reload system units when changing configs + systemd.user.startServices = "sd-switch"; + + # SERVICE: webfishing (example for wishlist) + #systemd.user.services.webfishing = { + # Unit.Description = "I be out here webfishing frfr"; + + # Install.WantedBy = ["default.target"]; + + # Service = { + # Type = "exec"; + # ExecStart = "echo $HOME; cat $HOME/.ssh/config"; + # Restart = "always"; + # }; + #}; + + home.stateVersion = "24.11"; # DO NOT MODIFY +} diff --git a/hosts/butterfly/default.nix b/hosts/butterfly/default.nix deleted file mode 100755 index 83ff46d..0000000 --- a/hosts/butterfly/default.nix +++ /dev/null @@ -1,69 +0,0 @@ -{...}: { - imports = [ - ./hardware-configuration.nix - - ./services - ]; - - # super duper minimum grub2 config - boot.loader.grub = { - enable = true; - device = "/dev/vda"; - }; - - networking = { - hostName = "butterfly"; - - firewall = { - allowedTCPPorts = [ - 80 # nginx - # 143 # IMAP4 - 443 # nginx - # 587 # SMTPS - 2222 # forgejo ssh - 2035 # debug (for my job) - # 3000 (INTERNAL) forgejo - # 3306 (INTERNAL) forgejo sqlite3 database - 5000 # debug (for my job) - # 8222 (INTERNAL) vaultwarden - 45000 # minecaft server - ]; - allowedUDPPorts = [ - 54231 # Wireguard - ]; - }; - - # wg-quick.interfaces = { - # wg0 = { - # address = [ - # "10.10.10.4/24" - # ]; - # dns = ["10.10.10.1"]; - # privateKeyFile = "/root/wg_agrivpn_hyrule"; - # peers = [ - # { - # # peer's public key - # publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY="; - - # # choose which traffic to forward - # allowedIPs = [ - # "10.0.51.0/24" - # "10.10.10.0/24" - # ]; - # endpoint = "150.242.34.33:54231"; - # } - # ]; - # }; - # }; - }; - - users.users.cry = { - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" - ]; - }; - - virtualisation.docker.enable = true; - - system.stateVersion = "24.11"; # DO NOT MODIFY -} diff --git a/hosts/butterfly/hardware-configuration.nix b/hosts/butterfly/hardware-configuration.nix deleted file mode 100644 index 13fe39a..0000000 --- a/hosts/butterfly/hardware-configuration.nix +++ /dev/null @@ -1,37 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "ahci" "sd_mod" "sr_mod" "virtio_blk" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-label/NIXROOT"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-label/NIXBOOT"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.ens3.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/butterfly/services/default.nix b/hosts/butterfly/services/default.nix deleted file mode 100644 index d6f75e1..0000000 --- a/hosts/butterfly/services/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{...}: { - imports = [ - ./nginx.nix - ]; -} diff --git a/hosts/butterfly/services/forgejo.nix b/hosts/butterfly/services/forgejo.nix deleted file mode 100644 index d5d680d..0000000 --- a/hosts/butterfly/services/forgejo.nix +++ /dev/null @@ -1,150 +0,0 @@ -{...}: { - # more options here: https://mynixos.com/nixpkgs/options/services.forgejo - # TODO: set a favicon https://forgejo.org/docs/next/contributor/customization/#changing-the-logo - # (might need me to override settings in the nixpkg) - # TODO: create a custom theme for forgejo (modify the source files most likely) - services.forgejo = { - enable = true; - # enable support for Git Large File Storage - lfs.enable = true; - database = { - type = "sqlite3"; # postgres - host = "127.0.0.1"; - port = "3306"; # 5432 if postgres - }; - # settings are written directly to the `app.ini` config file - # refer to: https://forgejo.org/docs/latest/admin/config-cheat-sheet/ - settings = { - server = { - # ENABLE_ACME = true; - # ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev" - DOMAIN = "dobutterfliescry.net"; # should this be "imbored.dev"? - ROOT_URL = "https://forge.dobutterfliescry.net"; # full public URL of the Forgejo server - # address and port to listen on - HTTP_ADDR = "127.0.0.1"; - HTTP_PORT = 3000; - PROTOCOL = "http"; # http internally, reverse proxy uses https externally - - START_SSH_SERVER = true; - DISABLE_SSH = false; - SSH_PORT = 2222; - }; - - DEFAULT = { - APP_NAME = "tearforge"; - APP_SLOGIN = "but cozy"; - APP_DISPLAY_NAME_FORMAT = "{APP_NAME} ::{APP_SLOGAN}::"; - }; - - repository = { - DEFAULT_PRIVATE = "private"; # last, private, public - # repo/org created on push to non-existent - ENABLE_PUSH_CREATE_USER = true; - ENABLE_PUSH_CREATE_ORG = false; - DEFAULT_PUSH_CREATE_PRIVATE = true; - MAX_CREATION_LIMIT = -1; - }; - - "repository.upload" = { - # max per-file size in MB - FILE_MAX_SIZE = 50; - # max number of files per upload - MAX_FILES = 5; - }; - - badges = let - # flat, flat-square, plastic, for-the-badge, social - style = "for-the-badge"; - in { - ENABLED = true; - GENERATOR_URL_TEMPLATE = "https://img.shields.io/badge/{{.label}}-{{.text}}-{{.color}}?style=${style}"; - }; - - ui = { - DEFAULT_THEME = "forgejo-dark"; - THEMES = "forgejo-auto,forgejo-light,forgejo-dark"; - }; - "ui.meta" = { - AUTHOR = "Emile Clark-Boman - emileclarkb"; - DESCRIPTION = "This is my personal self-hosted git forge, where I keep and maintain personal projects! PS do butterflies cry when they're sad?"; - KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies"; - }; - - markdown = { - ENABLE_HARD_LINE_BREAK_IN_COMMENTS = true; - ENABLE_MATH = true; - }; - - admin = { - DEFAULT_EMAIL_NOTIFICATIONS = "enabled"; - SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true; - }; - - security = { - # Controls access to the installation page. - # When set to “true”, the installation page is not accessible. - #INSTALL_LOCK = false; - - PASSWORD_HASH_ALGO = "argon2"; # ARGON2 BEST ALGO FR!! (default: argon2$2$65536$8$50) - MIN_PASSWORD_LENGTH = 12; - PASSWORD_COMPLEXITY = "lower,upper,digit,spec"; - PASSWORD_CHECK_PWN = true; - }; - - service = { - DISABLE_REGISTRATION = true; # toggle for new users - #DEFAULT_USER_IS_RESTRICTED = true; - # Forbid login with third-party services (ie github) - ALLOW_ONLY_INTERNAL_REGISTRATION = true; - ENABLE_CAPTCHA = true; - REQUIRE_CAPTCHA_FOR_LOGIN = true; - REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA = true; - LOGIN_REMEMBER_DAYS = 365; - ENABLE_NOTIFY_MAIL = true; - }; - "service.explore" = { - REQUIRE_SIGNIN_VIEW = false; - DISABLE_USERS_PAGE = false; - DISABLE_ORGANIZATIONS_PAGE = false; - DISABLE_CODE_PAGE = false; - }; - - cache = { - ADAPTER = "twoqueue"; - HOST = "{\"size\":100, \"recent_ratio\":0.25, \"ghost_ratio\":0.5}"; - ITEM_TTL = "16h"; - }; - - # TODO: fill this in once my mail server is configured - # email.incoming = { ... }; - - # optional - # TODO: fill this in once my mail server is configured - mailer = { - ENABLED = false; - SMTP_ADDR = "mail.dobutterfliescry.net"; - FROM = "iforgor@dobutterfliescry.net"; - USER = "iforgor@dobutterfliescry.net"; - }; - - log = { - MODE = "file"; - LEVEL = "Info"; # "Trace", "Debug", "Info", "Warn", "Error", "Critical" - ENABLE_SSH_LOG = true; - }; - - cron = { - ENABLED = true; - RUN_AT_START = false; - }; - - other = { - SHOW_FOOTER_VERSION = true; - SHOW_FOOTER_TEMPLATE_LOAD_TIME = true; - SHOW_FOOTER_POWERED_BY = true; - ENABLE_SITEMAP = true; - ENABLE_FEED = true; - }; - }; - }; -} diff --git a/hosts/butterfly/services/nginx.nix b/hosts/butterfly/services/nginx.nix deleted file mode 100644 index 5dcb5c6..0000000 --- a/hosts/butterfly/services/nginx.nix +++ /dev/null @@ -1,58 +0,0 @@ -{pkgs, ...}: { - services.nginx = { - enable = true; - # NOTE: in wake of CVE-2022-3602/CVE-2022-3786 nginxStable is overlayed - package = pkgs.nginx; - - # recommendedGzipSettings = true; - # recommendedOptimisation = true; - # recommendedProxySettings = true; - # recommendedTlsSettings = true; - - # streamConfig = '' - # server { - # listen 127.0.0.1:53 udp reuseport; - # proxy_timeout 20s; - # proxy_pass 192.168.0.1:53535; - # } - # ''; - - virtualHosts = let - localhost = "http://127.0.0.1"; - std = { - # TODO: should I run over QUIC+HTTP3? (experimental) - # quic = true; - # http3 = true; - enableACME = true; - # kTLS = true; # offload TLS to the linux kernel - }; - in { - "dobutterfliescry.net" = - { - default = true; - addSSL = true; # addSSL NOT forceSSL <3 - root = "${pkgs.dobutterfliescry-net}/www"; - # extraConfig = '' - # error_page 404 /custom_404.html; - # ''; - } - // std; - "vault.imbored.dev" = - { - forceSSL = true; - locations."/".proxyPass = "${localhost}:8222"; - } - // std; - # "tearforge.net" = - # { - # forceSSL = true; - # extraConfig = '' - # client_max_body_size 512M; - # ''; - # locations."/".proxyPass = "${localhost}:3000"; - # } - # // std; - # "tearforge.net" = forge; - }; - }; -} diff --git a/hosts/butterfly/services/vaultwarden.nix b/hosts/butterfly/services/vaultwarden.nix deleted file mode 100644 index 6cde9ab..0000000 --- a/hosts/butterfly/services/vaultwarden.nix +++ /dev/null @@ -1,25 +0,0 @@ -{...}: { - services.vaultwarden = { - enable = true; - dbBackend = "sqlite"; - - # backupDir = "/var/backup/vaultwarden"; # disable with null - - # https://mynixos.com/nixpkgs/option/services.vaultwarden.config - config = { - # internal address and port to listen on - ROCKET_ADDRESS = "127.0.0.1"; - ROCKET_PORT = 8222; - - # hostname to listen for - DOMAIN = "https://vault.imbored.dev"; - - # signup policy - SIGNUPS_ALLOWED = false; - SIGNUPS_VERIFY = true; - INVITATIONS_ALLOWED = true; - }; - # https://mynixos.com/nixpkgs/option/services.vaultwarden.environmentFile - environmentFile = "/var/lib/vaultwarden/vaultwarden.env"; - }; -} diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 9690354..6ac57a5 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -1,8 +1,65 @@ -{...}: { +{ + pkgs, + pkgs-unstable, + inputs, + lib, + ... +}: let + home-manager = builtins.fetchTarball { + url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; + sha256 = "026rvynmzmpigax9f8gy9z67lsl6dhzv2p6s8wz4w06v3gjvspm1"; + }; +in { imports = [ ./hardware-configuration.nix + (import "${home-manager}/nixos") + + ./mailserver.nix # TEMP: location + ./minecraft-server.nix # TEMP: location + #../modules/server/nginx.nix + #../modules/server/ssh.nix + #../modules/server/fail2ban.nix ]; + nix.settings = { + # make wheel group trusted users allows my "ae" user + # to import packages not signed by a trusted key + # (aka super duper easier to remote deploy) + trusted-users = ["root" "@wheel"]; + experimental-features = [ + "nix-command" + "flakes" + ]; + }; + + # nixpkgs.config.allowUnfreePredicate = let + # whitelist = map lib.getName [ + # "minecraft-server" + # pkgs.minecraft-server + # pkgs-unstable.minecraft-server + # ]; + # in + # pkg: builtins.elem (lib.getName pkg) whitelist; + + time.timeZone = "Australia/Brisbane"; + + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + # colmena deployment configuration + deployment = { + targetHost = "imbored.dev"; + targetUser = "ae"; + targetPort = 22; + sshOptions = [ + "-A" # forward ssh-agent + ]; + buildOnTarget = false; # build locally then deploy + }; + # super duper minimum grub2 config boot.loader.grub = { enable = true; @@ -11,21 +68,408 @@ networking = { hostName = "hyrule"; + networkmanager.enable = true; + firewall = { + enable = true; allowedTCPPorts = [ - ]; - allowedUDPPorts = [ + 22 # sshd + 80 # nginx + # 143 # IMAP4 + 443 # nginx + # 587 # SMTPS + 2222 # forgejo ssh + 2035 # debug (for my job) + # 3000 (INTERNAL) forgejo + # 3306 (INTERNAL) forgejo sqlite3 database + 5000 # debug (for my job) + # 8222 (INTERNAL) vaultwarden + 45000 # minecaft server ]; }; }; - users.users.cry = { - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" - ]; + users = { + defaultUserShell = pkgs.bash; + + users = { + # primary user + ae = { + isNormalUser = true; + extraGroups = ["wheel"]; + shell = pkgs.bash; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@imbored.dev" + ]; + }; + + # TODO: reduce security implications of subspace + subspace = { + isNormalUser = true; + shell = pkgs.bash; + home = "/home/subspace"; + packages = with pkgs; [ + wishlist + ]; + }; + }; }; virtualisation.docker.enable = true; - system.stateVersion = "25.11"; # DO NOT MODIFY + home-manager = { + users = { + ae = import ../../homes/ae; + subspace = import ../../homes/subspace; + }; + }; + + services = { + # simple nginx instance to host static construction page + # TODO: I want sshd and forgejo's ssh server to both be bound to port 22 + # So change sshd to listen on a different address/port (ie 2222 or 127.0.0.3:22, etc) + # and change forgejo to use 127.0.0.2:22 (use port 22, ONLY change loopback address) + nginx = { + enable = true; + # in wake of CVE-2022-3602/CVE-2022-3786 + package = pkgs.nginxStable.override {openssl = pkgs.libressl;}; + + recommendedGzipSettings = true; + recommendedZstdSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + # streamConfig = '' + # server { + # listen 127.0.0.1:53 udp reuseport; + # proxy_timeout 20s; + # proxy_pass 192.168.0.1:53535; + # } + # ''; + + virtualHosts = let + localhost = "http://127.0.0.1"; + std = { + # TODO: should I run over QUIC+HTTP3? (experimental) + # quic = true; + # http3 = true; + enableACME = true; + # kTLS = true; # offload TLS to the linux kernel + }; + in { + "imbored.dev" = + { + default = true; + addSSL = true; # not strictly enforced <3 + root = "/var/www/imbored"; + # extraConfig = '' + # error_page 404 /custom_404.html; + # ''; + } + // std; + # Route "vault" subdomain to vaultwarden + "vault.imbored.dev" = + { + forceSSL = true; + locations."/".proxyPass = "${localhost}:8222"; + } + // std; + # Route "forge" subdomain to forgejo + # TODO: use `forgejo.settings.server.ENABLE_ACME` instead? + "forge.imbored.dev" = + { + forceSSL = true; + extraConfig = '' + client_max_body_size 512M; + ''; + locations."/".proxyPass = "${localhost}:3000"; + } + // std; + }; + }; + + openssh = { + enable = true; + ports = [22]; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + AllowUsers = ["ae" "subspace"]; # DO NOT ALLOW ALL + UseDns = true; + X11Forwarding = false; + }; + }; + + vaultwarden = { + enable = true; + dbBackend = "sqlite"; + + # backupDir = "/var/backup/vaultwarden"; # disable with null + + # https://mynixos.com/nixpkgs/option/services.vaultwarden.config + config = { + # internal address and port to listen on + ROCKET_ADDRESS = "127.0.0.1"; + ROCKET_PORT = 8222; + + # hostname to listen for + DOMAIN = "https://vault.imbored.dev"; + + # signup policy + SIGNUPS_ALLOWED = false; + SIGNUPS_VERIFY = true; + INVITATIONS_ALLOWED = true; + }; + # https://mynixos.com/nixpkgs/option/services.vaultwarden.environmentFile + environmentFile = "/var/lib/vaultwarden/vaultwarden.env"; + }; + + # stalwart-mail = let + # domain = "imbored.dev"; + # in { + # enable = false; # true; + # # openFirewall = true; # im doing this manually rn + # settings = { + # certificate."${domain}" = { + # cert = "file://${certs.${domain}.cert}"; + # private-key = "file://${certs.${domain}.key}"; + # }; + # server = { + # hostname = domain; + # tls = { + # certificate = "${domain}"; + # enable = true; + # implicit = false; + # }; + # listener = { + # "smtp-submission" = { + # bind = ["127.0.0.1:587"]; + # protocol = "smtp"; + # }; + # "imap" = { + # bind = ["127.0.0.1:143"]; + # protocol = "imap"; + # }; + # }; + # }; + # session = { + # rcpt.directory = "in-memory"; + # auth = { + # mechanisms = ["PLAIN"]; + # directory = "in-memory"; + # }; + # }; + # jmap.directory = "in-memory"; + # queue.outbound.next-hop = ["local"]; + # directory."in-memory" = { + # type = "memory"; + # users = [ + # { + # name = "me"; + # secret = "foobar"; + # email = ["me@${domain}"]; + # } + # { + # name = "Emile"; + # secret = "foobar"; + # email = ["emile@${domain}"]; + # } + # ]; + # }; + # }; + # }; + + # more options here: https://mynixos.com/nixpkgs/options/services.forgejo + # TODO: set a favicon https://forgejo.org/docs/next/contributor/customization/#changing-the-logo + # (might need me to override settings in the nixpkg) + # TODO: create a custom theme for forgejo (modify the source files most likely) + forgejo = { + enable = true; + # enable support for Git Large File Storage + lfs.enable = true; + database = { + type = "sqlite3"; # postgres + host = "127.0.0.1"; + port = "3306"; # 5432 if postgres + }; + # settings are written directly to the `app.ini` config file + # refer to: https://forgejo.org/docs/latest/admin/config-cheat-sheet/ + settings = { + server = { + # ENABLE_ACME = true; + # ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev" + DOMAIN = "forge.imbored.dev"; # should this be "imbored.dev"? + ROOT_URL = "https://forge.imbored.dev"; # full public URL of the Forgejo server + # address and port to listen on + HTTP_ADDR = "127.0.0.1"; + HTTP_PORT = 3000; + PROTOCOL = "http"; # http internally, reverse proxy uses https externally + + START_SSH_SERVER = true; + DISABLE_SSH = false; + SSH_PORT = 2222; + }; + + DEFAULT = { + APP_NAME = "tearforge"; + APP_SLOGIN = "but cozy"; + APP_DISPLAY_NAME_FORMAT = "{APP_NAME} ::{APP_SLOGAN}::"; + }; + + repository = { + DEFAULT_PRIVATE = "private"; # last, private, public + # repo/org created on push to non-existent + ENABLE_PUSH_CREATE_USER = true; + ENABLE_PUSH_CREATE_ORG = false; + DEFAULT_PUSH_CREATE_PRIVATE = true; + MAX_CREATION_LIMIT = -1; + }; + + "repository.upload" = { + # max per-file size in MB + FILE_MAX_SIZE = 50; + # max number of files per upload + MAX_FILES = 5; + }; + + badges = let + # flat, flat-square, plastic, for-the-badge, social + style = "for-the-badge"; + in { + ENABLED = true; + GENERATOR_URL_TEMPLATE = "https://img.shields.io/badge/{{.label}}-{{.text}}-{{.color}}?style=${style}"; + }; + + ui = { + DEFAULT_THEME = "forgejo-dark"; + THEMES = "forgejo-auto,forgejo-light,forgejo-dark"; + }; + "ui.meta" = { + AUTHOR = "Emile Clark-Boman - emileclarkb"; + DESCRIPTION = "This is my personal self-hosted git forge, where I keep and maintain personal projects! PS do butterflies cry when they're sad?"; + KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies"; + }; + + markdown = { + ENABLE_HARD_LINE_BREAK_IN_COMMENTS = true; + ENABLE_MATH = true; + }; + + admin = { + DEFAULT_EMAIL_NOTIFICATIONS = "enabled"; + SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true; + }; + + security = { + # Controls access to the installation page. + # When set to “true”, the installation page is not accessible. + #INSTALL_LOCK = false; + + PASSWORD_HASH_ALGO = "argon2"; # ARGON2 BEST ALGO FR!! (default: argon2$2$65536$8$50) + MIN_PASSWORD_LENGTH = 12; + PASSWORD_COMPLEXITY = "lower,upper,digit,spec"; + PASSWORD_CHECK_PWN = true; + }; + + service = { + DISABLE_REGISTRATION = true; # toggle for new users + #DEFAULT_USER_IS_RESTRICTED = true; + # Forbid login with third-party services (ie github) + ALLOW_ONLY_INTERNAL_REGISTRATION = true; + ENABLE_CAPTCHA = true; + REQUIRE_CAPTCHA_FOR_LOGIN = true; + REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA = true; + LOGIN_REMEMBER_DAYS = 365; + ENABLE_NOTIFY_MAIL = true; + }; + "service.explore" = { + REQUIRE_SIGNIN_VIEW = false; + DISABLE_USERS_PAGE = false; + DISABLE_ORGANIZATIONS_PAGE = false; + DISABLE_CODE_PAGE = false; + }; + + cache = { + ADAPTER = "twoqueue"; + HOST = "{\"size\":100, \"recent_ratio\":0.25, \"ghost_ratio\":0.5}"; + ITEM_TTL = "16h"; + }; + + # TODO: fill this in once my mail server is configured + # email.incoming = { ... }; + + # optional + # TODO: fill this in once my mail server is configured + mailer = { + ENABLED = false; + SMTP_ADDR = "mail.imbored.dev"; + FROM = "noreply@imbored.dev"; + USER = "noreply@imbored.dev"; + }; + + log = { + MODE = "file"; + LEVEL = "Info"; # "Trace", "Debug", "Info", "Warn", "Error", "Critical" + ENABLE_SSH_LOG = true; + }; + + cron = { + ENABLED = true; + RUN_AT_START = false; + }; + + other = { + SHOW_FOOTER_VERSION = true; + SHOW_FOOTER_TEMPLATE_LOAD_TIME = true; + SHOW_FOOTER_POWERED_BY = true; + ENABLE_SITEMAP = true; + ENABLE_FEED = true; + }; + }; + }; + }; + security = { + # accept Lets Encrypt's security policy (for nginx) + acme = { + acceptTerms = true; + # TODO: change this to me@imbored.dev + defaults.email = "eclarkboman@gmail.com"; + }; + + sudo = { + enable = true; + wheelNeedsPassword = true; + }; + # allow SSH keys for passwordless auth + # TODO: DO NOT USE THIS (create my own alternative to colmena) + pam = { + enableSSHAgentAuth = true; + services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module + }; + }; + + environment.systemPackages = with pkgs; [ + git + vim + helix + ]; + + programs = { + fish.enable = true; + + bash = { + completion.enable = true; + + interactiveShellInit = '' + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + ''; + }; + }; + + system.stateVersion = "24.11"; # DO NOT MODIFY } diff --git a/hosts/butterfly/services/mailserver.nix b/hosts/hyrule/mailserver.nix similarity index 95% rename from hosts/butterfly/services/mailserver.nix rename to hosts/hyrule/mailserver.nix index cd2adfc..49274f2 100644 --- a/hosts/butterfly/services/mailserver.nix +++ b/hosts/hyrule/mailserver.nix @@ -28,7 +28,6 @@ aliases = ["emile@imbored.dev"]; hashedPasswordFile = let CWD = builtins.getEnv "PWD"; - # XXX: TODO: use a secrets manager! in "${CWD}/secrets/passwd/me"; }; }; diff --git a/hosts/butterfly/services/minecraft-server.nix b/hosts/hyrule/minecraft-server.nix similarity index 95% rename from hosts/butterfly/services/minecraft-server.nix rename to hosts/hyrule/minecraft-server.nix index 3bdb51c..43a4efd 100644 --- a/hosts/butterfly/services/minecraft-server.nix +++ b/hosts/hyrule/minecraft-server.nix @@ -1,11 +1,11 @@ { pkgs, - upkgs, + pkgs-unstable, ... }: { services.minecraft-server = { enable = true; - package = upkgs.minecraft-server; # use latest version only! + package = pkgs-unstable.minecraft-server; # use latest version only! declarative = true; eula = true; diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index b0d87f8..5ba7704 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -1,20 +1,424 @@ -{...}: { +{ + lib, + pkgs, + pkgs-unstable, + inputs, + config, + ... +}: let + home-manager = builtins.fetchTarball { + url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; + sha256 = "1y919cqrlmq0k44rgnacaq4zq37jj4rdh6f2swp6y2jiz28xb0iq"; + }; +in { imports = [ ./hardware-configuration.nix + (import "${home-manager}/nixos") + + ../modules/wm/hyprland.nix + # ../modules/wm/river.nix + ../modules/wm/crywl.nix + + ../modules/steam.nix + ../modules/obsidian.nix + + ../modules/angryoxide.nix + ../modules/flipperzero.nix + ../modules/chameleonultragui.nix ]; - networking.hostName = "lolcathost"; + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + + nixpkgs.config.allowUnfreePredicate = let + whitelist = map lib.getName [ + pkgs.obsidian + pkgs.gitkraken + pkgs.steam + pkgs.steamcmd + pkgs.steam-unwrapped + pkgs.dwarf-fortress + ]; + in + pkg: builtins.elem (lib.getName pkg) whitelist; + + boot.loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot/efi"; + }; + grub = { + efiSupport = true; + device = "nodev"; + useOSProber = false; + }; + # GitHub: vinceliuice/grub2-themes + grub2-theme = { + enable = true; + theme = "whitesur"; # stylish, vimix, or whitesur + footer = true; + customResolution = "1920x1080"; + }; + }; + + time.timeZone = "Australia/Brisbane"; + i18n.defaultLocale = "en_US.UTF-8"; # internationalisation + + # Enable initrd hook for virtual console customisation + # aka cool colours when bootting yay!! + console = { + enable = true; + earlySetup = true; # initrd pre hook + keyMap = "us"; + font = "Lat2-Terminus16"; + # ANSI 24-bit color definitions (theme: dracula) + colors = [ + "21222c" + "ff5555" + "50fa7b" + "f1fa8c" + "bd93f9" + "ff79c6" + "8be9fd" + "f8f8f2" + "6272a4" + "ff6e6e" + "69ff94" + "ffffa5" + "d6acff" + "ff92df" + "a4ffff" + "ffffff" + ]; + }; + + # ----- NETWORKING ----- + networking = { + hostName = "lolcathost"; + networkmanager.enable = true; + + firewall.enable = false; + }; # ----- SERVICES ----- services = { - # dbus = { - # # NOTE: programs.uwsm.enable sets implementation to dbus-broker, - # # NOTE: however this seems to break dbus - # implementation = lib.mkForce "dbus"; - # }; + # Set display manager (login screen) + displayManager = { + # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects + sddm = { + enable = true; + wayland.enable = true; # experimental + theme = "corners"; + }; + defaultSession = + "hyprland" + + ( + if config.programs.hyprland.withUWSM == true + then "-uwsm" + else null + ); + }; + + dbus = { + # NOTE: programs.uwsm.enable sets implementation to dbus-broker, + # NOTE: however this seems to break dbus + implementation = lib.mkForce "dbus"; + }; + + # Multimedia Framework + # With backwards compatability for alsa/pulseaudio/jack + pipewire = { + enable = true; + wireplumber.enable = true; + + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; # Touchpad support libinput.enable = true; + + tumbler.enable = true; # Thunar image thumbnail support + gvfs.enable = true; # Thunar mount, trash, and other functionality + }; + security.rtkit.enable = true; # I *think* this is for pipewire + + # ------- USERS ------- + users = { + # Using fish as the login shell tends to go very poorly because it isn't + # POSIX compliant, so we default the login shell to Bash instead :) + defaultUserShell = pkgs.bash; + + users = { + # literally me fr (personal account) + me = { + isNormalUser = true; + extraGroups = ["wheel" "netdev" "docker"]; + shell = pkgs.bash; + packages = let + # TODO: can I just do this: https://nix.dev/manual/nix/2.18/command-ref/new-cli/nix3-flake#url-like-syntax + # instead to use colmena's flake.nix by specifying a rev hash in the flake input? + colmena-src = pkgs.fetchFromGitHub { + owner = "zhaofengli"; + repo = "colmena"; + rev = "47b6414d800c8471e98ca072bc0835345741a56a"; + sha256 = "rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc="; + }; + colmena-latest = pkgs.callPackage "${colmena-src}/package.nix" {}; + in + with pkgs; [ + firefox + nitch + starfetch + + colmena-latest + + gitkraken + ]; + }; + + # user for friends to ssh into + friends = { + isNormalUser = true; + shell = pkgs.fish; + }; + }; + }; + + home-manager = { + users.me = import ../../homes/me; + extraSpecialArgs = {inherit inputs pkgs pkgs-unstable;}; + sharedModules = [ + inputs.ags.homeManagerModules.default + ]; + }; + + # ---- ENVIRONMENT VARIABLES ---- + environment.sessionVariables = { + # folder names with capitalisation look awful! + XDG_DOWNLOAD_DIR = "$HOME/downloads"; + + # Hint Electrons apps to use Wayland + NIXOS_OZONE_WL = "1"; + }; + + # ---- SYSTEM PACKAGES ----- + environment.systemPackages = with pkgs; [ + # User Environment + # crywl + swww + helvum + easyeffects + pavucontrol + ani-cli + bluetui + wl-clipboard # clipboard for wayland + qbittorrent # torrenting + signal-desktop + + (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners + # dependencies for my sddm theme: + pkgs.libsForQt5.qt5.qtgraphicaleffects + + # Shell + bash + fish + shellcheck + grc # colorise command outputs + + # Systems Emulation + qemu # Fellice Bellard's Quick Emulator + # GNU Utils + gnumake + binutils + # C Family + gcc + clang + clang-tools + # Rust + cargo + rustc + # Nim + nim + # Go + go + + # Python + python312 # I use 3.12 since it's in a pretty stable state now + python314 # also 3.14 for latest features + poetry + # Sage + sageWithDoc # SageMath + HTML Documentation + + openvpn + inetutils + + # security tools + rustscan + nmap + dig + gobuster + nth + zap + + httpie + curlie + zoxide + doggo + tldr + # btop + eza + yazi + lazygit + ripgrep + viddy # modern `watch` command + thefuck + + # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) + # helix will support nixd by default + # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix + nixd # lsp for nix + + # Pretty necessary + git + git-filter-repo + nix-prefetch-git + brightnessctl + acpi + # upower + vim + powertop + imagemagick + + # "Standard" Unix Commands + file + wget + tree + unzip + unrar-free + man-pages + man-pages-posix + + # Cryptography + gnupg + openssl + libargon2 + + # Games + mindustry + dwarf-fortress + prismlauncher # minecraft + ]; + + programs = { + crywl = { + enable = true; + xwayland.enable = false; + defaultSession = false; + useUnmodifiedDWL = false; + }; + + fish.enable = true; + + nix-ld.enable = true; + + # I want to use fish as my login shell but it always goes terrible + # cause it isn't POSIX compliant, so instead Bash is my login and + # will just exec fish (^-^) + bash = { + blesh.enable = false; # ble.sh replacement for GNU readline + completion.enable = true; + + interactiveShellInit = '' + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + ''; + }; + + # Thunar also uses: `services.tumbler` & `services.gvfs` + thunar = { + enable = true; + plugins = with pkgs.xfce; [ + thunar-volman # for removable drives (ie USBs) + thunar-archive-plugin # create and extract archives + thunar-media-tags-plugin # change metadata for media files + ]; + }; + + # mozilla's email client + thunderbird.enable = true; + }; + + # ----- FONTS ----- + fonts = { + enableDefaultPackages = true; # no clue what this line does tbh + packages = with pkgs; + [ + #(nerdfonts.override { + # fonts = [ + # "Cousine" + # "Iosevka" + # "JetBrainsMono" + # ]; + # }) + + geist-font # for my hyprlock theme + # texlive maintains a noto-emoji flake + texlivePackages.noto-emoji + ] + ++ builtins.filter lib.attrsets.isDerivation ( + builtins.attrValues pkgs.nerd-fonts + ); + + # TODO: change my default fonts + fontconfig = { + defaultFonts = { + serif = ["Geist"]; # TODO: package Iosevka Etoile since Iosevka isn't a serif font + sansSerif = ["Geist"]; + monospace = ["Cousine"]; + emoji = ["Noto Emoji"]; + }; + }; + }; + + documentation = { + enable = true; + doc.enable = true; # install /share/doc packages + man.enable = true; # install manpages + info.enable = true; # install GNU info + dev.enable = true; # install docs intended for developers + nixos = { + enable = true; # install NixOS documentation (ie man -k nix, & nixos-help) + options.splitBuild = true; + # includeAllModules = true; + }; + }; + + virtualisation.docker.enable = true; + + hardware = { + graphics = { + enable = true; + enable32Bit = true; + }; + + # opengl = { + # enable = true; + # driSupport = true; + # driSupport32Bit = true; + # } + + bluetooth = { + enable = true; + powerOnBoot = true; + }; }; # DO NOT MODIFY diff --git a/hosts/modules/angryoxide.nix b/hosts/modules/angryoxide.nix new file mode 100644 index 0000000..ae4faa7 --- /dev/null +++ b/hosts/modules/angryoxide.nix @@ -0,0 +1,5 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + (callPackage ../packages/angryoxide {}) + ]; +} diff --git a/hosts/modules/apps/rider.nix b/hosts/modules/apps/rider.nix deleted file mode 100644 index b484f33..0000000 --- a/hosts/modules/apps/rider.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - pkgs, - upkgs, - dotnetVersions ? [8 9 10], - ... -}: { - imports = [ - ../langs/dotnet.nix - ]; - - environment.systemPackages = with pkgs; [ - # Ensure latest stable Rider version (not necessarily stable on NixOS) - upkgs.jetbrains.rider - - # NOTE: Blazor requires a Chromium-based browser - chromium - ]; - - programs.nix-ld = { - enable = true; - libraries = with pkgs; [ - icu - ]; - }; -} diff --git a/hosts/modules/apps/winbox.nix b/hosts/modules/apps/winbox.nix deleted file mode 100644 index eaf8b7c..0000000 --- a/hosts/modules/apps/winbox.nix +++ /dev/null @@ -1,6 +0,0 @@ -{...}: { - programs.winbox = { - enable = true; - openFirewall = false; # port: 5678 - }; -} diff --git a/hosts/modules/bashistrans.nix b/hosts/modules/bashistrans.nix deleted file mode 100644 index e9d74ae..0000000 --- a/hosts/modules/bashistrans.nix +++ /dev/null @@ -1,27 +0,0 @@ -{pkgs, ...}: { - # I want to use fish as my login shell but it always goes terrible - # cause it isn't POSIX compliant, so instead Bash is my login and - # will just exec fish (^-^) - programs = { - fish.enable = true; - - bash = { - blesh.enable = false; # ble.sh replacement for GNU readline - completion.enable = true; - - interactiveShellInit = '' - # help bash transition into a beautiful fish! - if [[ -z $CRY_BASH_IS_TRANS ]] - then - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] - then - shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - exec ${pkgs.fish}/bin/fish $LOGIN_OPTION - fi - fi - # bash is trans now! (no more transitioning required) - export CRY_BASH_IS_TRANS=true - ''; - }; - }; -} diff --git a/hosts/modules/chameleonultragui.nix b/hosts/modules/chameleonultragui.nix new file mode 100644 index 0000000..6999022 --- /dev/null +++ b/hosts/modules/chameleonultragui.nix @@ -0,0 +1,5 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + (callPackage ../packages/chameleonultragui {}) + ]; +} diff --git a/hosts/modules/colmena.nix b/hosts/modules/colmena.nix new file mode 100644 index 0000000..5756901 --- /dev/null +++ b/hosts/modules/colmena.nix @@ -0,0 +1,20 @@ +{}: { + # Colmena's latest stable version is + # unusable so get latest unstable version. + colmena = let + src = pkgsBuild.fetchFromGitHub { + owner = "zhaofengli"; + repo = "colmena"; + rev = "47b6414d800c8471e98ca072bc0835345741a56a"; + sha256 = "rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc="; + }; + flake = + pkgsBuild.callPackage "${src}/flake.nix" { + }; + in + flake.packages."${system}".colmena; + + nixpkgs.config.packageOverrides = pkgs: { + colmena = pkgs.callPackage + }; +} diff --git a/hosts/modules/discord/nixcord.nix b/hosts/modules/discord/nixcord.nix new file mode 100755 index 0000000..a347405 --- /dev/null +++ b/hosts/modules/discord/nixcord.nix @@ -0,0 +1,29 @@ +{ + lib, + pkgs, + config, + inputs, + outputs, + ... +}: + +{ + imports = [ + config.nixcord.homeManagerModules.nixcord + ]; + + programs.nixcord = { + enable = true; + config = { + #themeLinks = [ + # "" + #]; + + # no surrounding window frame + frameless = true; + + plugins = { + }; + }; + }; +} diff --git a/hosts/modules/flakes/wishlist/README b/hosts/modules/flakes/wishlist/README new file mode 100644 index 0000000..5c662bb --- /dev/null +++ b/hosts/modules/flakes/wishlist/README @@ -0,0 +1,31 @@ +#### wishlist.nix +This is a simple Nix flake defining a service from which +wishlist can run automatically. This flake runs wishlist-0.15.1 +and lacks configurability unfortunately. However this was an +intentional choice, allowing wishlist to read from the user's +`~/.ssh/config` file, which can be configured seperately using +the something akin to the follow home-manager snippet: +```nix +programs.ssh = { + enable = true; + addKeysToAgent = "yes"; # always add keys to ssh-agent + + matchBlocks = { + hyrule = { + hostname = "imbored.dev"; + user = "ae"; + port = 22; + identityFile = "/home/me/.ssh/id_hyrule"; + }; + }; +}; + +``` + +This decision was mostly selfish as it was easiest... +But it comes at the cost of not being able to set the +port wishlist listens on. So for now you're stuck with `2222`. + +###### The Future!! (woooowwww) +Create an option for wishlist that is used to construct +the `config.yaml` file diff --git a/hosts/modules/flakes/wishlist/flake.nix b/hosts/modules/flakes/wishlist/flake.nix new file mode 100644 index 0000000..a98561a --- /dev/null +++ b/hosts/modules/flakes/wishlist/flake.nix @@ -0,0 +1,93 @@ +{ + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + flake-utils.url = "github:numtide/flake-utils"; + }; + + outputs = { + self, + config, + nixpkgs, + lib, + flake-utils, + }: let + cfg = config.services.wishlist; + supportedSystems = ["x86_64-linux" "i686-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin"]; + in { + # TODO: 1. add options (ie one to set whether the server should be enabled), + # 2. create a systemd service + # 3. create a main program + # 4. celibrate + + # TODO: do I need to make this a home-manager option and set the yaml config? + + # define what settings a user can change + options = { + services.wishlist = with lib; { + enable = mkEnableOption "wishlist"; + + port = mkOption { + type = types.port; + default = 2222; + description = "Port to listen on"; + }; + + package = mkOption { + type = types.package; + default = self.packages.${nixpkgs.system}.default; + description = "Package to use"; + }; + }; + }; + + # define a systemd service for wishlist ^_^ + config = lib.mkIf cfg.enable { + systemd.services.wishlist = { + description = "Single entrypoint for multiple SSH endpoints"; + wantedBy = ["multi-user.target"]; + + serviceConfig = { + DynamicUser = "yes"; + ExecStart = "${cfg.package}/bin/wishlist serve"; + Restart = "always"; + RestartSec = "2s"; + }; + }; + }; + + packages = flake-utils.lib.eachSystem supportedSystems ( + system: let + version = "0.15.1"; + #pkgs = nixpkgs.legacyPackages.${system}; + pkgs = import nixpkgs { + inherit system; + config.allowUnfree = false; + }; + #lib = pkgs.lib; + in rec { + defaultPackage = self.packages.${system}.wishlist; + wishlist = pkgs.buildGoModule { + pname = "wishlist"; + inherit version; + meta = with lib; { + description = "Single entrypoint for multiple SSH endpoints"; + homepage = "https://github.com/charmbracelet/wishlist"; + changelog = "https://github.com/charmbracelet/wishlist/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [caarlos0 penguwin]; + mainProgram = "wishlist"; + }; + + src = pkgs.fetchFromGitHub { + owner = "charmbracelet"; + repo = "wishlist"; + rev = "v${version}"; + # rev = "d7f058e115a8b4a4131406d01dde84fb4a8e93c4"; + hash = "53fojA+gdvpSVNjx6QncH16F8/x+lpY5SkNs7obW2XQ="; + }; + vendorSha256 = "0x6rss3fwv2398wrd5kyzkrqaphzvh4ykwfqai9glxm01y6fhxz7"; + }; + } + ); + }; +} diff --git a/hosts/modules/flakes/wishlist/wishlist.nix b/hosts/modules/flakes/wishlist/wishlist.nix new file mode 100644 index 0000000..1bdb24b --- /dev/null +++ b/hosts/modules/flakes/wishlist/wishlist.nix @@ -0,0 +1,99 @@ +# NOTE: Wishlist service fails on nix because of readonly file system +# and it can't find a config file for itself, it needs to write that +# itself I suppose :( +# So: +# 1. Get it to write that file, and +# 2. Allow it to inherit profiles from configured ssh +{ + self, + config, + pkgs, + lib, +}: let + cfg = config.services.wishlist; +in { + options = { + services.wishlist = with lib; { + enable = mkEnableOption "wishlist"; + + name = mkOption { + type = types.str; + default = + }; + + port = mkOption { + type = types.port; + default = 2222; + description = "Port to listen on"; + }; + + #configPath = mkOption { + # type = types.path; + # default = ; + # description = "Path to config file"; + #}; + + package = mkOption { + type = types.package; + default = self.packages.${nixpkgs.system}.default; + description = "Package to use"; + }; + }; + }; + + # define a systemd service for wishlist ^_^ + config = lib.mkIf cfg.enable { + systemd.services.wishlist = { + description = "Single entrypoint for multiple SSH endpoints"; + wantedBy = ["multi-user.target"]; + + serviceConfig = let + wishlistServiceConfig = pkgs.writeText "config.yaml" '' + hello world! + ''; + in { + DynamicUser = "yes"; + ExecStart = "${pkgs.wishlist}/bin/wishlist serve --config ${wishlistServiceConfig}"; + Restart = "always"; + RestartSec = "2s"; + }; + }; + }; + + /* + packages = flake-utils.lib.eachSystem supportedSystems ( + system: let + version = "0.15.1"; + #pkgs = nixpkgs.legacyPackages.${system}; + pkgs = import nixpkgs { + inherit system; + config.allowUnfree = false; + }; + #lib = pkgs.lib; + in rec { + defaultPackage = self.packages.${system}.wishlist; + wishlist = pkgs.buildGoModule { + pname = "wishlist"; + inherit version; + meta = with lib; { + description = "Single entrypoint for multiple SSH endpoints"; + homepage = "https://github.com/charmbracelet/wishlist"; + changelog = "https://github.com/charmbracelet/wishlist/releases/tag/v${version}"; + license = licenses.mit; + maintainers = with maintainers; [caarlos0 penguwin]; + mainProgram = "wishlist"; + }; + + src = pkgs.fetchFromGitHub { + owner = "charmbracelet"; + repo = "wishlist"; + rev = "v${version}"; + # rev = "d7f058e115a8b4a4131406d01dde84fb4a8e93c4"; + hash = "53fojA+gdvpSVNjx6QncH16F8/x+lpY5SkNs7obW2XQ="; + }; + vendorSha256 = "0x6rss3fwv2398wrd5kyzkrqaphzvh4ykwfqai9glxm01y6fhxz7"; + }; + } + ); + */ +} diff --git a/hosts/modules/flipperzero.nix b/hosts/modules/flipperzero.nix new file mode 100644 index 0000000..7c466ad --- /dev/null +++ b/hosts/modules/flipperzero.nix @@ -0,0 +1,6 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + # flipper zero desktop app + qflipper + ]; +} diff --git a/hosts/modules/langs/dotnet.nix b/hosts/modules/langs/dotnet.nix deleted file mode 100644 index 4a42f74..0000000 --- a/hosts/modules/langs/dotnet.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ - lib, - pkgs, - upkgs, - ... -}: let - dotnetVersions = [8 9 10]; - - dotnetCombined = - pkgs.dotnetCorePackages.combinePackages - (builtins.concatMap - (v: let - # dotnet = pkgs.dotnetCorePackages."dotnet_${builtins.toString x}"; - in [ - # dotnet.sdk - - # the runtime+aspnetcore packaged with the sdk - pkgs.dotnetCorePackages."sdk_${builtins.toString v}_0" - ]) - dotnetVersions); - - # Custom packaged tools - dotnetTools = with lib; { - uno-check = with pkgs.dotnetCorePackages; - buildDotnetGlobalTool { - pname = "Uno.Check"; - version = "1.32.17"; - - nugetHash = "sha256-BfTVF5uHu9/nyLXqdDEOHCxq6BVQWhsnDBbARzdLDAE="; - - executables = "uno-check"; - - dotnet-sdk = dotnet_9.sdk; - dotnet-runtime = dotnet_9.runtime; - - meta = { - homepage = "https://github.com/unoplatform/uno.check"; - license = licenses.mit; - maintainers = [maintainers.emileclarkb]; - }; - }; - }; -in { - environment.systemPackages = with pkgs; [ - # .NET - dotnetCombined - - # .NET Tools - dotnetTools.uno-check - - # Mono - mono - # NOTE: nixupkgs uses .NET8 SDK - # WARNING: nixpkgs-25.05 uses .NET6 SDK (now marked insecure) - upkgs.msbuild - - # .NET Framework Tools/Services - omnisharp-roslyn - netcoredbg - ]; -} diff --git a/hosts/modules/steam.nix b/hosts/modules/steam.nix index 1e31d8d..07f3ae1 100644 --- a/hosts/modules/steam.nix +++ b/hosts/modules/steam.nix @@ -3,38 +3,22 @@ lib, ... }: { - # nixpkgs.config.allowUnfreePredicate = pkg: - # builtins.elem (lib.getName pkg) [ - # "steam" - # "steam-original" - # "steam-unwrapped" - # "steam-run" - # ]; - nixpkgs.overlays = [ - (self: super: { - lutris = super.lutris.overrideAttrs (final: prev: { - # WARNING: pkgs.mbedtls_2 is marked insecure! - # Replace pkgs.mbedtls_2 (v2.28.10) with pkgs.mbedtls (v3.6.4) - targetPkgs = pkgs: ( - (builtins.filter (p: p != pkgs.mbedtls_2) (prev.targetPkgs pkgs)) - ++ [pkgs.mbedtls] - ); - }); - }) - ]; + nixpkgs.config.allowUnfreePredicate = pkg: + builtins.elem (lib.getName pkg) [ + "steam" + "steam-original" + "steam-unwrapped" + "steam-run" + ]; programs = { steam = { enable = true; - gamescopeSession.enable = false; # .desktop entry for gamescope + gamescopeSession.enable = true; remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; localNetworkGameTransfers.openFirewall = true; - - extraCompatPackages = with pkgs; [ - proton-ge-bin - ]; }; gamemode.enable = true; @@ -45,12 +29,8 @@ mangohud protonup-qt - - # XXX: DEBUG: disable lutris - # XXX: NOTE: pkgs.lutris depends on pkgs.mbedtls_2 which is marked insecure! - # XXX: NOTE: Use the provided overlay to patch pkgs.mbedtls_2 -> pkgs.mbedtls - # lutris - + lutris bottles + heroic ]; } diff --git a/hosts/modules/wishlist.nix b/hosts/modules/wishlist.nix new file mode 100644 index 0000000..62cc408 --- /dev/null +++ b/hosts/modules/wishlist.nix @@ -0,0 +1,72 @@ +{ + description = "Wishlist: Your SSH directory." + + inputs = { + + }; + + outputs = { + self + }: let + nixosModule = { + config, + lib, + pkgs, + ... + }: { + options.services.wishlist = { + enable = lib.mkEnableOption "Your SSH directory."; + + port = lib.mkOption { + type = lib.types.port; + default = 22; + description = "Port to listen on"; + }; + }; + + config = lib.mkIf config.services.wishlist.enable { + # configure the systemd service + systemd.services.wishlist = { + description = "Your SSH directory."; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + serviceConfig = { + ExecStart = "${self.packages.${pkgs.system}.default}/bin/wishlist"; + Restart = "always"; + Type = "simple"; + DynamicUser = "yes"; + }; + # environment variables + environment = { + + }; + }; + }; + }; + in + (flake-utils.lib.eachDefaultSystem (system: let + gopkg = go-nixpkgs.legacyPackages.${system}; + in { + packages.default = gopkg.buildGoModule ############################ + })) + buildGoModule rec { # is rec necessary? + pname = "wishlist"; + version = "0.15.1" + + src = fetchFromGithub { + owner = "charmbracelet"; + repo = "wishlist"; + rev = "v${version}"; + hash = "0c9g1s8j9znzd1mw61d0klc6sqri0wx6hljibxdwzi3cabfy3ld6"; + }; + + vendorSha256 = lib.fakeSha256; + + meta = with lib; { + homepage = "https://github.com/charmbracelet/wishlist"; + description = "Your SSH directory."; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ caarlos0 ]; + }; + }; +} diff --git a/hosts/modules/wishlist.nix.bak b/hosts/modules/wishlist.nix.bak new file mode 100644 index 0000000..3f190ad --- /dev/null +++ b/hosts/modules/wishlist.nix.bak @@ -0,0 +1,22 @@ +{lib}: { + buildGoModule rec { # is rec necessary? + pname = "wishlist"; + version = "0.15.1" + + src = fetchFromGithub { + owner = "charmbracelet"; + repo = "wishlist"; + rev = "v${version}"; + hash = "0c9g1s8j9znzd1mw61d0klc6sqri0wx6hljibxdwzi3cabfy3ld6"; + }; + + vendorSha256 = lib.fakeSha256; + + meta = with lib; { + homepage = "https://github.com/charmbracelet/wishlist"; + description = "Your SSH directory."; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ caarlos0 ]; + }; + }; +} diff --git a/hosts/modules/wm/crywl.nix b/hosts/modules/wm/crywl.nix new file mode 100644 index 0000000..1454af2 --- /dev/null +++ b/hosts/modules/wm/crywl.nix @@ -0,0 +1,116 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.programs.crywl; +in { + options.programs.crywl = with lib; { + enable = mkEnableOption "CryWL"; + xwayland.enable = mkEnableOption "XWayland"; + defaultSession = mkEnableOption "CryWL as the default login session"; + + # currently DWL 0.7 (also beware I'll barely ever update the original DWL refs) + useUnmodifiedDWL = mkOption { + type = types.bool; + default = false; + description = "Whether to use unmodified DWL source code (latest stable release)"; + }; + }; + + config = lib.mkIf cfg.enable (let + xwaylandEnabled = cfg.xwayland.enable; + defaultSession = cfg.defaultSession; + useUnmodifiedDWL = cfg.useUnmodifiedDWL; + in { + services.displayManager = { + sessionPackages = [ + pkgs.crywl + ]; + + defaultSession = lib.mkIf defaultSession "crywl"; + }; + + environment.systemPackages = [ + pkgs.crywl + ]; + + nixpkgs.overlays = [ + (self: super: { + crywl = super.dwl.overrideAttrs (oldAttrs: rec { + pname = "crywl"; + version = "0.1-unstable"; + + src = let + dwl_0_70 = { + rev = "74e45c4014ae7048ecbb76eb6f54034b8b479480"; + hash = "sha256-7SoCITrbMrlfL4Z4hVyPpjB9RrrjLXHP9C5t1DVXBBA="; + }; + crywl_unstable = { + rev = "dc1260d3cfd14e8e5b243ec1d3d56e4b08c8c517"; + hash = "sha256-61R+xBYMzeEn93gLofcj8Y3VbJqW6g7GzCTujpAco90="; + }; + in + pkgs.fetchFromGitea ({ + domain = "forge.imbored.dev"; + owner = "emileclarkb"; + repo = pname; + } + // ( + if useUnmodifiedDWL + then dwl_0_70 + else crywl_unstable + )); + + buildInputs = with pkgs; + [ + libinput + xorg.libxcb + libxkbcommon + pixman + wayland + wayland-protocols + wlroots_0_19 + ] + ++ lib.optionals xwaylandEnabled [ + xorg.libX11 + xorg.xcbutilwm + xwayland + ]; + + makeFlags = + [ + "PKG_CONFIG=${pkgs.stdenv.cc.targetPrefix}pkg-config" + "WAYLAND_SCANNER=wayland-scanner" + "PREFIX=$(out)" + "MANDIR=$(man)/share/man" + ] + ++ lib.optionals xwaylandEnabled [ + ''XWAYLAND="-DXWAYLAND"'' + ''XLIBS="xcb xcb-icccm.pc"'' + ]; + + # Ensure `crywl.desktop` entry is registered + passthru = { + providedSessions = [pname]; + + tests.version = pkgs.testers.testVersion { + package = oldAttrs.finalPackage; + # `dwl -v` emits its version string to stderr and returns 1 + command = "crywl -v 2>&1; return 0"; + }; + }; + meta = { + homepage = "https://forge.imbored.dev/emileclarkb/crywl"; + description = "Personal fork of DWL"; + license = lib.licenses.gpl3Only; + maintainers = [lib.maintainers.emileclarkb]; + inherit (pkgs.wayland.meta) platforms; + mainProgram = "crywl"; + }; + }); + }) + ]; + }); +} diff --git a/hosts/modules/wm/hyprland.nix b/hosts/modules/wm/hyprland.nix index c83caa1..f2960ed 100644 --- a/hosts/modules/wm/hyprland.nix +++ b/hosts/modules/wm/hyprland.nix @@ -1,8 +1,4 @@ -{pkgs, ...}: { - environment.defaultPackages = with pkgs; [ - hyprsunset - ]; - +{...}: { programs = { hyprland = { enable = true; diff --git a/hosts/modules/wm/river.nix b/hosts/modules/wm/river.nix new file mode 100644 index 0000000..02721cc --- /dev/null +++ b/hosts/modules/wm/river.nix @@ -0,0 +1,5 @@ +{...}: { + programs = { + river.enable = true; + }; +} diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 1b397d4..404a1c8 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -1,43 +1,307 @@ { - pkgs, - upkgs, lib, + pkgs, + inputs, + config, ... -}: { +}: let + home-manager = builtins.fetchTarball { + url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; + sha256 = "026rvynmzmpigax9f8gy9z67lsl6dhzv2p6s8wz4w06v3gjvspm1"; + }; +in { imports = [ ./hardware-configuration.nix + (import "${home-manager}/nixos") + + ../modules/wm/hyprland.nix + + ../modules/steam.nix + ../modules/obsidian.nix + + ../modules/flipperzero.nix + ../modules/chameleonultragui.nix ]; + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + + nixpkgs.config.allowUnfreePredicate = let + whitelist = map lib.getName [ + pkgs.obsidian + pkgs.gitkraken + pkgs.steam + pkgs.steamcmd + pkgs.steam-unwrapped + pkgs.dwarf-fortress + ]; + in + pkg: builtins.elem (lib.getName pkg) whitelist; + + boot.loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot/efi"; + }; + grub = { + efiSupport = true; + device = "nodev"; + # useOSProber = true; + }; + # GitHub: vinceliuice/grub2-themes + grub2-theme = { + enable = true; + theme = "whitesur"; # stylish, vimix, or whitesur + footer = true; + # TODO: switch my cables to switch default grub display + customResolution = "3840x2160"; + }; + }; + + time.timeZone = "Australia/Brisbane"; + i18n.defaultLocale = "en_US.UTF-8"; # internationalisation + + # Enable initrd hook for virtual console customisation + # aka cool colours when bootting yay!! + console = { + enable = true; + earlySetup = true; # initrd pre hook + keyMap = "us"; + font = "Lat2-Terminus16"; + # ANSI 24-bit color definitions (theme: dracula) + colors = [ + "21222c" + "ff5555" + "50fa7b" + "f1fa8c" + "bd93f9" + "ff79c6" + "8be9fd" + "f8f8f2" + "6272a4" + "ff6e6e" + "69ff94" + "ffffa5" + "d6acff" + "ff92df" + "a4ffff" + "ffffff" + ]; + }; + + # ----- NETWORKING ----- networking = { hostName = "myputer"; + networkmanager.enable = true; - firewall = { - allowedTCPPorts = [ - 22 # SSH - 80 # HTTP - 443 # HTTPS - 5678 # MikroTik WinBox - 25565 # Minecraft LAN - ]; - }; + firewall.enable = true; }; # ----- SERVICES ----- services = { - flatpak.enable = true; + # Set display manager (login screen) + displayManager = { + # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects + sddm = { + enable = true; + wayland.enable = true; # experimental + theme = "corners"; + }; + defaultSession = + "hyprland" + + ( + if config.programs.hyprland.withUWSM + then "-uwsm" + else null + ); + }; + + # Multimedia Framework + # With backwards compatability for alsa/pulseaudio/jack + pipewire = { + enable = true; + wireplumber.enable = true; + + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; + + tumbler.enable = true; # Thunar image thumbnail support + gvfs.enable = true; # Thunar mount, trash, and other functionality + }; + security.rtkit.enable = true; # I *think* this is for pipewire + + # ------- USERS ------- + security.sudo.wheelNeedsPassword = false; + users = { + # Using fish as the login shell tends to go very poorly because it isn't + # POSIX compliant, so we default the login shell to Bash instead :) + defaultUserShell = pkgs.bash; + + users = { + # just me fr (personal account) + me = { + isNormalUser = true; + extraGroups = ["wheel" "netdev" "docker"]; + shell = pkgs.bash; + packages = let + # TODO: can I just do this: https://nix.dev/manual/nix/2.18/command-ref/new-cli/nix3-flake#url-like-syntax + # instead to use colmena's flake.nix by specifying a rev hash in the flake input? + colmena-src = pkgs.fetchFromGitHub { + owner = "zhaofengli"; + repo = "colmena"; + rev = "47b6414d800c8471e98ca072bc0835345741a56a"; + sha256 = "rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc="; + }; + colmena-latest = pkgs.callPackage "${colmena-src}/package.nix" {}; + in + with pkgs; [ + firefox + nitch + starfetch + + colmena-latest + + gitkraken + # NOTE: downloadthing this causes my PC to freak!! ("too many open files" error) + #keyguard # bitwarden client app + ]; + }; + + # user for my professional jobs and stuff + ae = { + isNormalUser = true; + extraGroups = ["wheel"]; + shell = pkgs.bash; + }; + }; }; - security.sudo.wheelNeedsPassword = lib.mkForce false; + home-manager = { + users.me = import ../../homes/me; + sharedModules = [ + inputs.ags.homeManagerModules.default + ]; + }; + + # ---- ENVIRONMENT VARIABLES ---- + environment.sessionVariables = { + # folder names with capitalisation look awful! + XDG_DOWNLOAD_DIR = "$HOME/downloads"; + + # Hint Electrons apps to use Wayland + NIXOS_OZONE_WL = "1"; + }; # ---- SYSTEM PACKAGES ----- environment.systemPackages = with pkgs; [ # User Environment - libreoffice + swww + helvum + easyeffects + pavucontrol + ani-cli + bluetui + wl-clipboard # clipboard for wayland + hyprpicker + qbittorrent + signal-desktop + + (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners + # dependencies for my sddm theme: + pkgs.libsForQt5.qt5.qtgraphicaleffects + + # Shell + bash + fish + shellcheck + grc # colorise command outputs + + # Systems Emulation + qemu # Fellice Bellard's Quick Emulator + # GNU Utils + gnumake + binutils + # C Family + gcc + clang + clang-tools + # Rust + cargo + rustc + # Nim + nim + # Go + go + + # Python + python312 # I use 3.12 since it's in a pretty stable state now + python314 # also 3.14 for latest features + poetry + # Sage + sageWithDoc # SageMath + HTML Documentation + + openvpn + inetutils + + # security tools + rustscan + nmap + dig + gobuster + nth + zap + + httpie + curlie + zoxide + doggo + tldr + # btop + eza + yazi + lazygit + ripgrep + viddy # modern `watch` command + thefuck + + tesseract # for my work with Agribit + + # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) + # helix will support nixd by default + # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix + # nixd # lsp for nix # DEBUG + + # Pretty necessary + git + git-filter-repo + nix-prefetch-git + brightnessctl + acpi + vim + powertop + imagemagick + + # "Standard" Unix Commands + file + wget + tree + unzip + unrar-free + man-pages + man-pages-posix + + # Cryptography + gnupg + openssl + libargon2 # Games prismlauncher # minecraft - upkgs.olympus # CELESTE!! <3 :3 - discord ]; # DEBUG: configuring xdg portal here instead? @@ -56,6 +320,125 @@ # ]; #}; + programs = { + zsh.enable = true; + fish.enable = true; + + nix-ld.enable = true; + + neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + configure = { + customRC = '' + set number + set tabstop=4 + set shiftwidth=4 + ''; + }; + }; + + # I want to use fish as my login shell but it always goes terrible + # cause it isn't POSIX compliant, so instead Bash is my login and + # will just exec fish (^-^) + bash = { + completion.enable = true; + + interactiveShellInit = '' + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + ''; + }; + + # Thunar also (optionally) requires: `services.tumbler` & `services.gvfs` + thunar = { + enable = true; + plugins = with pkgs.xfce; [ + thunar-volman # for removable drives (ie USBs) + thunar-archive-plugin # create and extract archives + thunar-media-tags-plugin # change metadata for media files + ]; + }; + + # mozilla's email client + thunderbird.enable = true; + }; + + # ----- FONTS ----- + fonts = { + enableDefaultPackages = true; # no clue what this line does tbh + packages = with pkgs; + [ + # (nerdfonts.override { + # fonts = [ + # "Cousine" # its ok i guess + # "Iosevka" # nah nah + # "IosevkaTerm" # big nah + # "CascadiaCode" # potential + # "FiraCode" # potential + # "JetBrainsMono" # for my rofi theme + # "Hasklig" + # "Hack" + # ]; + # }) + + geist-font # for my hyprlock theme + # texlive maintains a noto-emoji flake + texlivePackages.noto-emoji + ] + ++ builtins.filter lib.attrsets.isDerivation ( + builtins.attrValues pkgs.nerd-fonts + ); + + # TODO: change my default fonts + fontconfig = { + defaultFonts = { + serif = ["Iosevka"]; + sansSerif = ["Iosevka "]; + monospace = ["Cousine"]; + emoji = ["Noto Emoji"]; + }; + }; + }; + + documentation = { + enable = true; + doc.enable = true; # install /share/doc packages + man.enable = true; # install manpages + info.enable = true; # install GNU info + dev.enable = true; # install docs intended for developers + nixos = { + enable = true; # install NixOS documentation (ie man -k nix, & nixos-help) + options.splitBuild = true; + # includeAllModules = true; + }; + }; + + virtualisation.docker.enable = true; + + hardware = { + graphics = { + enable = true; + enable32Bit = true; + }; + + # opengl = { + # enable = true; + # driSupport = true; + # driSupport32Bit = true; + # } + + bluetooth = { + enable = true; + powerOnBoot = true; + }; + }; + # DO NOT MODIFY system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/hosts/myputer/modules/gamergrl/default.nix b/hosts/myputer/modules/gamergrl/default.nix deleted file mode 100644 index f295398..0000000 --- a/hosts/myputer/modules/gamergrl/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{...}: { - services.flatpak = { - packages = [ - { - # Linux Runtime for Roblox - appId = "org.vinegarhq.Sober"; - origin = "flathub"; - } - ]; - }; -} diff --git a/packages/README b/hosts/packages/README similarity index 100% rename from packages/README rename to hosts/packages/README diff --git a/packages/angryoxide/default.nix b/hosts/packages/angryoxide/default.nix similarity index 100% rename from packages/angryoxide/default.nix rename to hosts/packages/angryoxide/default.nix diff --git a/packages/chameleonultragui/TODO.md b/hosts/packages/chameleonultragui/TODO similarity index 100% rename from packages/chameleonultragui/TODO.md rename to hosts/packages/chameleonultragui/TODO diff --git a/packages/chameleonultragui/default.nix b/hosts/packages/chameleonultragui/default.nix similarity index 100% rename from packages/chameleonultragui/default.nix rename to hosts/packages/chameleonultragui/default.nix diff --git a/hosts/packages/chameleonultragui/default.nix.bak1 b/hosts/packages/chameleonultragui/default.nix.bak1 new file mode 100644 index 0000000..158877a --- /dev/null +++ b/hosts/packages/chameleonultragui/default.nix.bak1 @@ -0,0 +1,474 @@ +{ + pkgs, + lib, + ... +}: +# ChameleonUltraGUI requires flutter sdk >3.0.0 +pkgs.flutter324.buildFlutterApplication +(self: { + pname = "ChameleonUltraGUI"; + version = "1.1.2"; + + src = pkgs.fetchFromGitHub { + owner = "GameTec-live"; + repo = "ChameleonUltraGUI"; + sha256 = "1mb6wkqk6vaamrhflfhsgp5gvqiw2qkvmy7j65abcx7sn5990i27"; + rev = "11424abaccb4a010fcbeab9799ae8f675d8afe99"; + }; + + desktopItems = [ + (pkgs.makeDesktopItem { + name = self.pname; + desktopName = "Chameleon Ultra GUI"; + icon = self.pname; + comment = self.meta.description; + + exec = "chameleonultragui"; + terminal = false; + + categories = [ + "Utility" + ]; + }) + ]; + + # path to application within fetched sources + sourceRoot = "source/chameleonultragui"; + + buildInputs = [ + pkgs.imagemagick # creating mipmaps for share/icons + pkgs.yj # converting pubspec.lock yaml->json + ]; + + buildArguments = ["--release"]; + + # source files compile with Flutter >3.29.0 but this + # derivation uses 3.24.0 (so we patch for compatability) + postPatch = let + argbPatch = '' + --- general.dart.old 2025-05-11 15:59:51.812132078 +1000 + +++ general.dart 2025-05-11 15:58:14.755856407 +1000 + @@ -211,7 +211,7 @@ + } + + String colorToHex(Color color) { + - return '#\''${color.toARGB32().toRadixString(16).padLeft(8, '0').substring(2)}'; + + return '#\''${color.value.toRadixString(16).padLeft(8, '0').substring(2)}'; + } + + Color hexToColor(String hex) { + ''; + in '' + # patch source files using Color.toARGB32 method (not defined in Flutter 3.24) + argbPatch="${argbPatch}" + patch lib/helpers/general.dart <(echo "$argbPatch") + ''; + + # installPhase = '' + # runHook preInstall + + # # create mipmaps of desktop logo + # logoOriginal="assets/logo-color-desktop.png" + # for i in 16 32 64 128 256 512; do + # res="$i"x"$i" + # logoOut="$out"/share/icons/hicolor/"$res"/apps + # mkdir -p $logoOut + # ${pkgs.imagemagick}/bin/magick $logoOriginal -resize $res $logoOut/${pname}.png + # done + + # runHook postInstall + # ''; + + # Nix doesn't natively have a fromYAML function (so I made this instead) + pubspecLock = let + appRoot = "${self.src}/chameleonultragui"; + + # when generating patch files use -u flag and then + # make sure to escape all " characters for Nix string + pubspecLockPatch = '' + --- pubspec.lock.bak2025-05-10 15:42:44.287730979 +1000 + +++ pubspec.lock2025-05-10 15:41:23.778480048 +1000 + @@ -5,18 +5,23 @@ + dependency: transitive + description: + name: _fe_analyzer_shared + - sha256: dc27559385e905ad30838356c5f5d574014ba39872d732111cd07ac0beff4c57 + + sha256: f256b0c0ba6c7577c15e2e4e114755640a875e885099367bf6e012b19314c834 + url: \"https://pub.dev\" + source: hosted + - version: \"80.0.0\" + + version: \"72.0.0\" + + _macros: + + dependency: transitive + + description: dart + + source: sdk + + version: \"0.3.2\" + analyzer: + dependency: transitive + description: + name: analyzer + - sha256: \"192d1c5b944e7e53b24b5586db760db934b177d4147c42fbca8c8c5f1eb8d11e\" + + sha256: b652861553cd3990d8ed361f7979dc6d7053a9ac8843fa73820ab68ce5410139 + url: \"https://pub.dev\" + source: hosted + - version: \"7.3.0\" + + version: \"6.7.0\" + archive: + dependency: \"direct main\" + description: + @@ -37,26 +42,26 @@ + dependency: \"direct main\" + description: + name: async + - sha256: d2872f9c19731c2e5f10444b14686eb7cc85c76274bd6c16e1816bff9a3bab63 + + sha256: \"947bfcf187f74dbc5e146c9eb9c0f10c9f8b30743e341481c1e2ed3ecc18c20c\" + url: \"https://pub.dev\" + source: hosted + - version: \"2.12.0\" + + version: \"2.11.0\" + boolean_selector: + dependency: transitive + description: + name: boolean_selector + - sha256: \"8aab1771e1243a5063b8b0ff68042d67334e3feab9e95b9490f9a6ebf73b42ea\" + + sha256: \"6cfb5af12253eaf2b368f07bacc5a80d1301a071c73360d746b7f2e32d762c66\" + url: \"https://pub.dev\" + source: hosted + - version: \"2.1.2\" + + version: \"2.1.1\" + characters: + dependency: transitive + description: + name: characters + - sha256: f71061c654a3380576a52b451dd5532377954cf9dbd272a78fc8479606670803 + + sha256: \"04a925763edad70e8443c99234dc3328f442e811f1d8fd1a72f1c8ad0f69a605\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.4.0\" + + version: \"1.3.0\" + checked_yaml: + dependency: transitive + description: + @@ -77,18 +82,18 @@ + dependency: transitive + description: + name: clock + - sha256: fddb70d9b5277016c77a80201021d40a2247104d9f4aa7bab7157b7e3f05b84b + + sha256: cb6d7f03e1de671e34607e909a7213e31d7752be4fb66a86d29fe1eb14bfb5cf + url: \"https://pub.dev\" + source: hosted + - version: \"1.1.2\" + + version: \"1.1.1\" + collection: + dependency: \"direct main\" + description: + name: collection + - sha256: \"2f5709ae4d3d59dd8f7cd309b4e023046b57d8a6c82130785d2b0e5868084e76\" + + sha256: ee67cb0715911d28db6bf4af1026078bd6f0128b07a5f66fb2ed94ec6783c09a + url: \"https://pub.dev\" + source: hosted + - version: \"1.19.1\" + + version: \"1.18.0\" + convert: + dependency: \"direct main\" + description: + @@ -157,10 +162,10 @@ + dependency: transitive + description: + name: fake_async + - sha256: \"6a95e56b2449df2273fd8c45a662d6947ce1ebb7aafe80e550a3f68297f3cacc\" + + sha256: \"511392330127add0b769b75a987850d136345d9227c6b94c96a04cf4a391bf78\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.3.2\" + + version: \"1.3.1\" + ffi: + dependency: \"direct main\" + description: + @@ -196,11 +201,10 @@ + file_saver: + dependency: \"direct main\" + description: + - path: \".\" + - ref: fix-windows + - resolved-ref: \"3038d74d5560dcca528423fffd745abf31eb88ae\" + - url: \"https://github.com/Foxushka/file_saver.git\" + - source: git + + name: file_saver + + sha256: \"017a127de686af2d2fbbd64afea97052d95f2a0f87d19d25b87e097407bf9c1e\" + + url: \"https://pub.dev\" + + source: hosted + version: \"0.2.14\" + fixnum: + dependency: transitive + @@ -234,11 +238,10 @@ + flutter_libserialport: + dependency: \"direct main\" + description: + - path: \".\" + - ref: main + - resolved-ref: \"6740aae075505a220a98492910b090824efc7910\" + - url: \"https://github.com/NeariX67/flutter_libserialport.git\" + - source: git + + name: flutter_libserialport + + sha256: d193b5ac819db6540d20cc8d20d9f5ec9e3396edb4d2c4a23c97863fa9132336 + + url: \"https://pub.dev\" + + source: hosted + version: \"0.5.0\" + flutter_lints: + dependency: \"direct dev\" + @@ -347,18 +350,18 @@ + dependency: transitive + description: + name: leak_tracker + - sha256: c35baad643ba394b40aac41080300150a4f08fd0fd6a10378f8f7c6bc161acec + + sha256: \"3f87a60e8c63aecc975dda1ceedbc8f24de75f09e4856ea27daf8958f2f0ce05\" + url: \"https://pub.dev\" + source: hosted + - version: \"10.0.8\" + + version: \"10.0.5\" + leak_tracker_flutter_testing: + dependency: transitive + description: + name: leak_tracker_flutter_testing + - sha256: f8b613e7e6a13ec79cfdc0e97638fddb3ab848452eff057653abd3edba760573 + + sha256: \"932549fb305594d82d7183ecd9fa93463e9914e1b67cacc34bc40906594a1806\" + url: \"https://pub.dev\" + source: hosted + - version: \"3.0.9\" + + version: \"3.0.5\" + leak_tracker_testing: + dependency: transitive + description: + @@ -399,14 +402,22 @@ + url: \"https://pub.dev\" + source: hosted + version: \"1.3.0\" + + macros: + + dependency: transitive + + description: + + name: macros + + sha256: \"0acaed5d6b7eab89f63350bccd82119e6c602df0f391260d0e32b5e23db79536\" + + url: \"https://pub.dev\" + + source: hosted + + version: \"0.1.2-main.4\" + matcher: + dependency: transitive + description: + name: matcher + - sha256: dc58c723c3c24bf8d3e2d3ad3f2f9d7bd9cf43ec6feaa64181775e60190153f2 + + sha256: d2323aa2060500f906aa31a895b4030b6da3ebdcc5619d14ce1aada65cd161cb + url: \"https://pub.dev\" + source: hosted + - version: \"0.12.17\" + + version: \"0.12.16+1\" + material_color_utilities: + dependency: transitive + description: + @@ -419,10 +430,10 @@ + dependency: transitive + description: + name: meta + - sha256: e3641ec5d63ebf0d9b41bd43201a66e3fc79a65db5f61fc181f04cd27aab950c + + sha256: bdb68674043280c3428e9ec998512fb681678676b3c54e773629ffe74419f8c7 + url: \"https://pub.dev\" + source: hosted + - version: \"1.16.0\" + + version: \"1.15.0\" + mobile_scanner: + dependency: \"direct main\" + description: + @@ -467,10 +478,10 @@ + dependency: \"direct main\" + description: + name: path + - sha256: \"75cca69d1490965be98c73ceaea117e8a04dd21217b37b292c9ddbec0d955bc5\" + + sha256: \"087ce49c3f0dc39180befefc60fdb4acd8f8620e5682fe2476afd0b3688bb4af\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.9.1\" + + version: \"1.9.0\" + path_provider: + dependency: transitive + description: + @@ -723,15 +734,15 @@ + dependency: transitive + description: flutter + source: sdk + - version: \"0.0.0\" + + version: \"0.0.99\" + source_span: + dependency: transitive + description: + name: source_span + - sha256: \"254ee5351d6cb365c859e20ee823c3bb479bf4a293c22d17a9f1bf144ce86f7c\" + + sha256: \"53e943d4206a5e30df338fd4c6e7a077e02254531b138a15aec3bd143c1a8b3c\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.10.1\" + + version: \"1.10.0\" + sprintf: + dependency: transitive + description: + @@ -744,42 +755,42 @@ + dependency: transitive + description: + name: stack_trace + - sha256: \"8b27215b45d22309b5cddda1aa2b19bdfec9df0e765f2de506401c071d38d1b1\" + + sha256: \"73713990125a6d93122541237550ee3352a2d84baad52d375a4cad2eb9b7ce0b\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.12.1\" + + version: \"1.11.1\" + stream_channel: + dependency: transitive + description: + name: stream_channel + - sha256: \"969e04c80b8bcdf826f8f16579c7b14d780458bd97f56d107d3950fdbeef059d\" + + sha256: ba2aa5d8cc609d96bbb2899c28934f9e1af5cddbd60a827822ea467161eb54e7 + url: \"https://pub.dev\" + source: hosted + - version: \"2.1.4\" + + version: \"2.1.2\" + string_scanner: + dependency: transitive + description: + name: string_scanner + - sha256: \"921cd31725b72fe181906c6a94d987c78e3b98c2e205b397ea399d4054872b43\" + + sha256: \"556692adab6cfa87322a115640c11f13cb77b3f076ddcc5d6ae3c20242bedcde\" + url: \"https://pub.dev\" + source: hosted + - version: \"1.4.1\" + + version: \"1.2.0\" + term_glyph: + dependency: transitive + description: + name: term_glyph + - sha256: \"7f554798625ea768a7518313e58f83891c7f5024f88e46e7182a4558850a4b8e\" + + sha256: a29248a84fbb7c79282b40b8c72a1209db169a2e0542bce341da992fe1bc7e84 + url: \"https://pub.dev\" + source: hosted + - version: \"1.2.2\" + + version: \"1.2.1\" + test_api: + dependency: transitive + description: + name: test_api + - sha256: fb31f383e2ee25fbbfe06b40fe21e1e458d14080e3c67e7ba0acfde4df4e0bbd + + sha256: \"5b8a98dafc4d5c4c9c72d8b31ab2b23fc13422348d2997120294d3bac86b4ddb\" + url: \"https://pub.dev\" + source: hosted + - version: \"0.7.4\" + + version: \"0.7.2\" + typed_data: + dependency: transitive + description: + @@ -855,12 +866,11 @@ + usb_serial: + dependency: \"direct main\" + description: + - path: \".\" + - ref: fix-usbserial + - resolved-ref: \"9fcbacc92bec19ea02d33a40d9f39e45d19cf637\" + - url: \"https://github.com/Foxushka/usbserial.git\" + - source: git + - version: \"0.5.1\" + + name: usb_serial + + sha256: a605a600e34e7f28d4e80851ca3999ef747e42e406138887b8a88b8c382a8b07 + + url: \"https://pub.dev\" + + source: hosted + + version: \"0.5.2\" + uuid: + dependency: \"direct main\" + description: + @@ -881,10 +891,10 @@ + dependency: transitive + description: + name: vm_service + - sha256: \"0968250880a6c5fe7edc067ed0a13d4bae1577fe2771dcf3010d52c4a9d3ca14\" + + sha256: \"5c5f338a667b4c644744b661f309fb8080bb94b18a7e91ef1dbd343bed00ed6d\" + url: \"https://pub.dev\" + source: hosted + - version: \"14.3.1\" + + version: \"14.2.5\" + wakelock_plus: + dependency: \"direct main\" + description: + @@ -958,5 +968,5 @@ + source: hosted + version: \"2.2.1\" + sdks: + - dart: \">=3.7.0-0 <4.0.0\" + + dart: \">=3.5.0 <4.0.0\" + flutter: \">=3.24.0\" + ''; + in + builtins.fromJSON + ( + builtins.readFile (pkgs.runCommand "${self.pname}-buildenv" { + inputs = [ + # DEBUG (both lines commented) + #pkgs.flutter324 # ChameleonUltraGUI requires sdk >3.0.0 + #pkgs.yj + ]; + } '' + # copy source files to a temporary path to rebuild the lockfile + buildPath=$(mktemp -d) + cp -r "${appRoot}/." "$buildPath/" + + outPubspecLock="$buildPath/pubspec.lock" + # MUST define variables to use multiline Nix string in bash scripting + pubspecLockPatch="${pubspecLockPatch}" + + # apply the pubspec.yaml patch and regenerate lock file + # (create a temporary home directory for flutter to play in) + #(cd $buildPath && chmod -R +w . \ + # && patch ./pubspec.yaml <(echo "$pubspecYamlPatch") \ + # && export HOME=$(mktemp -d) \ + # && flutter --disable-analytics \ + # && flutter config --no-cli-animations \ + # && ${pkgs.flutter}/bin/flutter pub get) + + # patch the lockfile + chmod +w $outPubspecLock + patch $outPubspecLock <(echo "$pubspecLockPatch") + + # convert new lockfile to json and return + ${pkgs.yj}/bin/yj < "$buildPath/pubspec.lock" > $out + '') + ); + + # TODO: try this instead of patching + # gitHashes = { + # dartssh2 = "sha256-2pypKwurziwGLZYuGaxlS2lzN3UvJp3bRTvvYYxEqRI="; + # hotkey_manager_linux = "sha256-aO0h94YZvgV/ggVupNw8GjyZsnXrq3qTHRDtuhNv3oI="; + # system_info2 = "sha256-fly7E2vG+bQ/+QGzXk+DYba73RZccltdW2LpZGDKX60="; + # tray_menu = "sha256-riiAiBEms+9ARog8i+MR1fto1Yqx+gwbBWyNbNq6VTM="; + # window_size = "sha256-71PqQzf+qY23hTJvcm0Oye8tng3Asr42E2vfF1nBmVA="; + # xterm = "sha256-h8vIonTPUVnNqZPk/A4ZV7EYCMyM0rrErL9ZOMe4ZBE="; + # }; + + meta = with lib; { + description = "A GUI for the Chameleon Ultra written in Flutter for crossplatform"; + homepage = "https://github.com/GameTec-live/ChameleonUltraGUI"; + license = licenses.gpl3; + maintainers = [maintainers.emileclarkb]; + platforms = platforms.linux; + }; +}) +.overrideAttrs ( + previousAttrs: { + installPhase = + previousAttrs.installPhase + + '' + # create mipmaps of desktop logo + logoOriginal="assets/logo-color-desktop.png" + for i in 16 32 64 128 256 512; do + res="$i"x"$i" + logoOut="$out"/share/icons/hicolor/"$res"/apps + mkdir -p $logoOut + ${pkgs.imagemagick}/bin/magick $logoOriginal -resize $res $logoOut/${previousAttrs.pname}.png + done + ''; + } +) diff --git a/hosts/packages/tundra/README b/hosts/packages/tundra/README new file mode 100644 index 0000000..e44647c --- /dev/null +++ b/hosts/packages/tundra/README @@ -0,0 +1,12 @@ +**Tundra** is the name I'm giving my *desktop environment.* +Made primarily with Aylur's Astal library and the Vala +programming language (as an excuse to learn it). + +NOTE: Tundra is designed specifically to work on Hyprland, +I have no idea how it'll interact with other window managers :) + + +##### Meson Notes (temporary) +Setup meson like `meson setup ` ie `meson setup build src`. +Compile meson like `meson compile -C ` where is the relative path to it, +if you're in it already just use `meson compile` otherwise if in project root use `meson compile build`. diff --git a/hosts/packages/tundra/flake.lock b/hosts/packages/tundra/flake.lock new file mode 100644 index 0000000..85ad9ef --- /dev/null +++ b/hosts/packages/tundra/flake.lock @@ -0,0 +1,62 @@ +{ + "nodes": { + "astal": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1745934282, + "narHash": "sha256-hgUd4yUYALHzzoEi/88BnsgrxZIqk+zyQVoI3CL61IU=", + "owner": "aylur", + "repo": "astal", + "rev": "07583deff8a486fad472718572c3248f0fbea1f3", + "type": "github" + }, + "original": { + "owner": "aylur", + "repo": "astal", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1737469691, + "narHash": "sha256-nmKOgAU48S41dTPIXAq0AHZSehWUn6ZPrUKijHAMmIk=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "9e4d5190a9482a1fb9d18adf0bdb83c6e506eaab", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1746663147, + "narHash": "sha256-Ua0drDHawlzNqJnclTJGf87dBmaO/tn7iZ+TCkTRpRc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "dda3dcd3fe03e991015e9a74b22d35950f264a54", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "astal": "astal", + "nixpkgs": "nixpkgs_2" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/hosts/packages/tundra/flake.nix b/hosts/packages/tundra/flake.nix new file mode 100644 index 0000000..b6e0a36 --- /dev/null +++ b/hosts/packages/tundra/flake.nix @@ -0,0 +1,42 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable"; + astal.url = "github:aylur/astal"; + }; + + outputs = { + self, + nixpkgs, + astal, + }: let + system = "x86_64-linux"; + pkgs = nixpkgs.legacyPackages.${system}; + in { + packages.${system} = { + default = pkgs.stdenv.mkDerivation { + name = "tundra"; + src = ./.; + + nativeBuildInputs = with pkgs; [ + meson + ninja + pkg-config + vala + gobject-introspection + dart-sass + ]; + + buildInputs = [ + astal.packages.${system}.io + astal.packages.${system}.astal3 + astal.packages.${system}.battery + astal.packages.${system}.wireplumber + astal.packages.${system}.network + astal.packages.${system}.tray + astal.packages.${system}.mpris + astal.packages.${system}.hyprland + ]; + }; + }; + }; +} diff --git a/hosts/packages/tundra/src/app.in.vala b/hosts/packages/tundra/src/app.in.vala new file mode 100644 index 0000000..b3da69e --- /dev/null +++ b/hosts/packages/tundra/src/app.in.vala @@ -0,0 +1,31 @@ +class App : Astal.Application { + public static App instance; + + public override void request (string msg, SocketConnection conn) { + print(@"$msg\n"); + AstalIO.write_sock.begin(conn, "ok"); + } + + public override void activate () { + foreach (var mon in this.monitors) + add_window(new Bar(mon)); + + apply_css("@STYLE@"); + } + + public static void main(string[] args) { + var instance_name = "vala"; + + App.instance = new App() { + instance_name = instance_name + }; + + try { + App.instance.acquire_socket(); + App.instance.run(null); + } catch (Error err) { + print(AstalIO.send_request(instance_name, string.joinv(" ", args))); + } + } +} + diff --git a/hosts/packages/tundra/src/meson.build b/hosts/packages/tundra/src/meson.build new file mode 100644 index 0000000..1cc6b10 --- /dev/null +++ b/hosts/packages/tundra/src/meson.build @@ -0,0 +1,47 @@ +project('tundra', 'vala', 'c') + +bindir = get_option('prefix') / get_option('bindir') +# bindir = './bin' +libdir = get_option('prefix') / get_option('libdir') + +pkgconfig_deps = [ + dependency('glib-2.0'), + dependency('gobject-2.0'), + dependency('gtk+-3.0'), + dependency('libnm'), + dependency('astal-io-0.1'), + dependency('astal-3.0'), + dependency('astal-battery-0.1'), + dependency('astal-wireplumber-0.1'), + dependency('astal-network-0.1'), + dependency('astal-tray-0.1'), + dependency('astal-mpris-0.1'), + dependency('astal-hyprland-0.1'), +] + +# needed for GLib.Math +deps = pkgconfig_deps + meson.get_compiler('c').find_library('m') + +main = configure_file( + input: 'app.in.vala', + output: 'app.vala', + configuration: { + 'STYLE': run_command( + find_program('sass'), + meson.project_source_root() / 'style.scss', + ).stdout(), + }, +) + +sources = files( + 'widget/Bar.vala', +) + +executable( + 'tundra', + [sources, main], + dependencies: deps, + install: true, + install_dir: bindir, +) + diff --git a/hosts/packages/tundra/src/style.scss b/hosts/packages/tundra/src/style.scss new file mode 100644 index 0000000..5c20382 --- /dev/null +++ b/hosts/packages/tundra/src/style.scss @@ -0,0 +1,107 @@ +@use "sass:color"; + +$bg: #212223; +$fg: #f1f1f1; +$accent: #378DF7; +$radius: 7px; + +window.Bar { + border: none; + box-shadow: none; + background-color: $bg; + color: $fg; + font-size: 1.1em; + font-weight: bold; + + label { + margin: 0 8px; + } + + .Workspaces { + button { + all: unset; + background-color: transparent; + + &:hover label { + background-color: color.adjust($fg, $alpha: -0.84); + border-color: color.adjust($accent, $alpha: -0.8); + } + + &:active label { + background-color: color.adjust($fg, $alpha: -0.8) + } + } + + label { + transition: 200ms; + padding: 0 8px; + margin: 2px; + border-radius: $radius; + border: 1pt solid transparent; + } + + .focused label { + color: $accent; + border-color: $accent; + } + } + + .SysTray { + margin-right: 8px; + + button { + padding: 0 4px; + } + } + + .FocusedClient { + color: $accent; + } + + .Media .Cover { + min-height: 1.2em; + min-width: 1.2em; + border-radius: $radius; + background-position: center; + background-size: contain; + } + + .Battery label { + padding-left: 0; + margin-left: 0; + } + + .AudioSlider { + * { + all: unset; + } + + icon { + margin-right: .6em; + } + + & { + margin: 0 1em; + } + + trough { + background-color: color.adjust($fg, $alpha: -0.8); + border-radius: $radius; + } + + highlight { + background-color: $accent; + min-height: .8em; + border-radius: $radius; + } + + slider { + background-color: $fg; + border-radius: $radius; + min-height: 1em; + min-width: 1em; + margin: -.2em; + } + } +} + diff --git a/hosts/packages/tundra/src/widget/Bar.vala b/hosts/packages/tundra/src/widget/Bar.vala new file mode 100644 index 0000000..f1ba8eb --- /dev/null +++ b/hosts/packages/tundra/src/widget/Bar.vala @@ -0,0 +1,265 @@ +class Workspaces : Gtk.Box { + AstalHyprland.Hyprland hypr = AstalHyprland.get_default(); + public Workspaces() { + Astal.widget_set_class_names(this, {"Workspaces"}); + hypr.notify["workspaces"].connect(sync); + sync(); + } + + void sync() { + foreach (var child in get_children()) + child.destroy(); + + // TODO: create a copy of workspaces + // then create a list of tuples (map id to index in hypr.workspaces) + // then sort new list by id + // then iterate and use index on hypr.workspaces + // NEVERMIND: read `lib/hyprland/hyprland.vala` and see how the + // `_workspaces` property is defined as a HashTable + // basically just extend on that / create a wrapper + // that allows better organisation + + hypr.workspaces.sort((a, b) => { return a.id - b.id; }); + foreach (var ws in hypr.workspaces) { + // filter out special workspaces + if (!(ws.id >= -99 && ws.id <= -2)) { + add(button(ws)); + } + } + } + + Gtk.Button button(AstalHyprland.Workspace ws) { + var btn = new Gtk.Button() { + visible = true, + label = ws.id.to_string() + }; + + hypr.notify["focused-workspace"].connect(() => { + var focused = hypr.focused_workspace == ws; + if (focused) { + Astal.widget_set_class_names(btn, {"focused"}); + } else { + Astal.widget_set_class_names(btn, {}); + } + }); + + btn.clicked.connect(ws.focus); + return btn; + } +} + +class FocusedClient : Gtk.Box { + public FocusedClient() { + Astal.widget_set_class_names(this, {"Focused"}); + AstalHyprland.get_default().notify["focused-client"].connect(sync); + sync(); + } + + void sync() { + foreach (var child in get_children()) + child.destroy(); + + var client = AstalHyprland.get_default().focused_client; + if (client == null) + return; + + var label = new Gtk.Label(client.title) { visible = true }; + client.bind_property("title", label, "label", BindingFlags.SYNC_CREATE); + add(label); + } +} + +class Media : Gtk.Box { + AstalMpris.Mpris mpris = AstalMpris.get_default(); + + public Media() { + Astal.widget_set_class_names(this, {"Media"}); + mpris.notify["players"].connect(sync); + sync(); + } + + void sync() { + foreach (var child in get_children()) + child.destroy(); + + if (mpris.players.length() == 0) { + add(new Gtk.Label("Nothing Playing")); + return; + } + + var player = mpris.players.nth_data(0); + var label = new Gtk.Label(null); + var cover = new Gtk.Box(Gtk.Orientation.HORIZONTAL, 0) { + valign = Gtk.Align.CENTER + }; + + Astal.widget_set_class_names(cover, {"Cover"}); + player.bind_property("metadata", label, "label", BindingFlags.SYNC_CREATE, (_, src, ref trgt) => { + var title = player.title; + var artist = player.artist; + trgt.set_string(@"$artist - $title"); + return true; + }); + + var id = player.notify["cover-art"].connect(() => { + var art = player.cover_art; + Astal.widget_set_css(cover, @"background-image: url('$art')"); + }); + + cover.destroy.connect(() => player.disconnect(id)); + add(cover); + add(label); + } +} + +class SysTray : Gtk.Box { + HashTable items = new HashTable(str_hash, str_equal); + AstalTray.Tray tray = AstalTray.get_default(); + + public SysTray() { + Astal.widget_set_class_names(this, { "SysTray" }); + tray.item_added.connect(add_item); + tray.item_removed.connect(remove_item); + } + + void add_item(string id) { + if (items.contains(id)) + return; + + var item = tray.get_item(id); + var btn = new Gtk.MenuButton() { use_popover = false, visible = true }; + var icon = new Astal.Icon() { visible = true }; + + item.bind_property("tooltip-markup", btn, "tooltip-markup", BindingFlags.SYNC_CREATE); + item.bind_property("gicon", icon, "gicon", BindingFlags.SYNC_CREATE); + item.bind_property("menu-model", btn, "menu-model", BindingFlags.SYNC_CREATE); + btn.insert_action_group("dbusmenu", item.action_group); + item.notify["action-group"].connect(() => { + btn.insert_action_group("dbusmenu", item.action_group); + }); + + btn.add(icon); + add(btn); + items.set(id, btn); + } + + void remove_item(string id) { + if (items.contains(id)) { + items.remove(id); + } + } +} + +class Wifi : Astal.Icon { + public Wifi() { + Astal.widget_set_class_names(this, {"Wifi"}); + var wifi = AstalNetwork.get_default().wifi; + // var wifi = AstalNetwork.get_default().get_wifi(); + if (wifi != null) { + wifi.bind_property("ssid", this, "tooltip-text", BindingFlags.SYNC_CREATE); + wifi.bind_property("icon-name", this, "icon", BindingFlags.SYNC_CREATE); + } + } +} + +class AudioSlider : Gtk.Box { + Astal.Icon icon = new Astal.Icon(); + Astal.Slider slider = new Astal.Slider() { hexpand = true }; + + public AudioSlider() { + add(icon); + add(slider); + Astal.widget_set_class_names(this, {"AudioSlider"}); + Astal.widget_set_css(this, "min-width: 140px"); + + var speaker = AstalWp.get_default().audio.default_speaker; + speaker.bind_property("volume-icon", icon, "icon", BindingFlags.SYNC_CREATE); + speaker.bind_property("volume", slider, "value", BindingFlags.SYNC_CREATE); + slider.dragged.connect(() => speaker.volume = slider.value); + } +} + +class Battery : Gtk.Box { + Astal.Icon icon = new Astal.Icon(); + Astal.Label label = new Astal.Label(); + + public Battery() { + add(icon); + add(label); + Astal.widget_set_class_names(this, {"Battery"}); + + var bat = AstalBattery.get_default(); + bat.bind_property("is-present", this, "visible", BindingFlags.SYNC_CREATE); + bat.bind_property("battery-icon-name", icon, "icon", BindingFlags.SYNC_CREATE); + bat.bind_property("percentage", label, "label", BindingFlags.SYNC_CREATE, (_, src, ref trgt) => { + var p = Math.floor(src.get_double() * 100); + trgt.set_string(@"$p%"); + return true; + }); + } +} + +class Time : Astal.Label { + string format; + AstalIO.Time interval; + + void sync() { + label = new DateTime.now_local().format(format); + } + + public Time(string format = "%H:%M - %A %e.") { + this.format = format; + interval = AstalIO.Time.interval(1000, null); + interval.now.connect(sync); + destroy.connect(interval.cancel); + Astal.widget_set_class_names(this, {"Time"}); + } +} + +class Left : Gtk.Box { + public Left() { + Object(hexpand: true, halign: Gtk.Align.START); + add(new Workspaces()); + add(new FocusedClient()); + } +} + +class Center : Gtk.Box { + public Center() { + add(new Media()); + } +} + +class Right : Gtk.Box { + public Right() { + Object(hexpand: true, halign: Gtk.Align.END); + add(new SysTray()); + add(new Wifi()); + add(new AudioSlider()); + add(new Battery()); + add(new Time()); + } +} + +class Bar : Astal.Window { + public Bar(Gdk.Monitor monitor) { + Object( + anchor: Astal.WindowAnchor.TOP + | Astal.WindowAnchor.LEFT + | Astal.WindowAnchor.RIGHT, + exclusivity: Astal.Exclusivity.EXCLUSIVE, + gdkmonitor: monitor + ); + + Astal.widget_set_class_names(this, {"Bar"}); + + add(new Astal.CenterBox() { + start_widget = new Left(), + center_widget = new Center(), + end_widget = new Right(), + }); + + show_all(); + } +} + diff --git a/hosts/sddm-theme-corners.nix b/hosts/sddm-theme-corners.nix new file mode 100755 index 0000000..e9a755f --- /dev/null +++ b/hosts/sddm-theme-corners.nix @@ -0,0 +1,17 @@ +{pkgs}: { + sddm-theme-corners = pkgs.stdenv.mkDerivation { + name = "sddm-theme-corners"; + version = "1.0.0"; + + installPhase = '' + mkdir -p $out/share/sddm/themes + cp -ar $src/corners $out/share/sddm/themes/ + ''; + src = pkgs.fetchFromGitHub { + owner = "aczw"; + repo = "sddm-theme-corners"; + rev = "6ff0ff455261badcae36cd7d151a34479f157a3c"; + sha256 = "0iiasrbl7ciyhq3z02la636as915zk9ph063ac7vm5iwny8vgwh8"; + }; + }; +} diff --git a/nixpkgs.nix b/nixpkgs.nix deleted file mode 100644 index 816800f..0000000 --- a/nixpkgs.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ - lib, - inputs, - system, - ... -} @ args: { - nixpkgs.channels.default = rec { - default = pkgs; - # nixpkgs (stable branch) - pkgs = { - inherit system; - source = inputs.nixpkgs; - overlays = [ - inputs.dobutterfliescry-net.overlays.default - (import ./overlays/default.nix args) - ]; - config = { - # allowUnfree = false; - allowBroken = false; - allowUnfreePredicate = pkg: - builtins.elem (lib.getName pkg) [ - "discord" - "steam" - "steamcmd" - "steam-unwrapped" - - "obsidian" - "gitkraken" - ]; - }; - }; - # nixpkgs-unstable - upkgs = { - inherit system; - source = inputs.nixpkgs-unstable; - overlays = [ - inputs.dobutterfliescry-net.overlays.default - (import ./overlays/default.nix args) - ]; - config = { - allowUnfree = false; - allowBroken = false; - }; - }; - }; -} diff --git a/overlays/default.nix b/overlays/default.nix deleted file mode 100644 index d18a23d..0000000 --- a/overlays/default.nix +++ /dev/null @@ -1,33 +0,0 @@ -{inputs, ...}: ( - self: super: { - angry-oxide = import ../packages/angryoxide { - pkgs = super; - inherit - (super) - lib - ; - }; - ekphos = import ../packages/ekphos { - pkgs = super; - }; - x86-manpages = import ../packages/x86-manpages { - pkgs = super; - }; - - sddm-theme-corners = import ../packages/sddm-theme-corners { - pkgs = super; - }; - - # in wake of CVE-2022-3602/CVE-2022-3786 - nginxStable = super.nginxStable.override {openssl = super.libressl;}; - nginx = super.nginx.override {openssl = super.libressl;}; - - element-desktop = super.element-desktop.overrideAttrs (final: prev: { - desktopItems = [ - ((builtins.elemAt prev.desktopItems 0).override { - exec = "element-desktop %u --password-store=\"gnome-libsecret\""; - }) - ]; - }); - } -) diff --git a/packages/ekphos/default.nix b/packages/ekphos/default.nix deleted file mode 100644 index 8e90cab..0000000 --- a/packages/ekphos/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{pkgs, ...}: let - inherit - (pkgs) - lib - ; -in - pkgs.rustPackages.rustPlatform.buildRustPackage { - pname = "ekphos"; - version = "v0.20.10"; - src = pkgs.fetchFromGitHub { - repo = "ekphos"; - owner = "hanebox"; - sha256 = "sha256-mZ6yQdPpJ9PglYyHwivVDO05vRPvwZG7DPEBJeOVlFE="; - rev = "1ac1ab68dd4ea867dadf54f60e32a9a3e0305695"; - }; - - cargoHash = "sha256-s6Elg0Fqxdlc2/428oV7POMqphx8vWaLOncO5kZyBfQ="; - - meta = { - description = "A lightweight, fast, terminal-based markdown research tool inspired by Obsidian"; - homepage = "https://github.com/hanebox/ekphos"; - license = lib.licenses.mit; - maintainers = [lib.maintainers.emileclarkb]; - }; - } diff --git a/packages/huggingface_hub/flake.nix b/packages/huggingface_hub/flake.nix deleted file mode 100644 index 37814d9..0000000 --- a/packages/huggingface_hub/flake.nix +++ /dev/null @@ -1,35 +0,0 @@ -# Template: https://nixos-and-flakes.thiscute.world/development/intro -{ - description = "Humanity's Last Exam - Devshell"; - - inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; - }; - - outputs = {nixpkgs, ...}: let - system = "x86_64-linux"; - pkgs = import nixpkgs { - inherit system; - }; - python = pkgs.python312.override { - self = python; - packageOverrides = pyfinal: pyprev: { - huggingface-hub = pyfinal.callPackage ./huggingface_hub.nix {}; - hf-xet = pyfinal.callPackage ./hf-xet.nix {}; - }; - }; - in { - devShells."${system}".default = pkgs.mkShell { - packages = [ - (python.withPackages (pypkgs: [ - pypkgs.huggingface-hub - ])) - ]; - - shell = "${pkgs.bash}/bin/bash"; - shellHook = '' - alias hf=huggingface-cli - ''; - }; - }; -} diff --git a/packages/huggingface_hub/hf-xet.nix b/packages/huggingface_hub/hf-xet.nix deleted file mode 100644 index 0f4c631..0000000 --- a/packages/huggingface_hub/hf-xet.nix +++ /dev/null @@ -1,56 +0,0 @@ -{ - lib, - buildPythonPackage, - fetchFromGitHub, - pkg-config, - rustPlatform, - openssl, -}: -buildPythonPackage rec { - pname = "hf-xet"; - version = "1.1.5"; - pyproject = true; - - src = fetchFromGitHub { - owner = "huggingface"; - repo = "xet-core"; - tag = "v${version}"; - hash = "sha256-udjZcXTH+Mc4Gvj6bSPv1xi4MyXrLeCYav+7CzKWyhY="; - }; - - sourceRoot = "${src.name}/hf_xet"; - - cargoDeps = rustPlatform.fetchCargoVendor { - inherit - pname - version - src - sourceRoot - ; - hash = "sha256-PTzYubJHFvhq6T3314R4aqBAJlwehOqF7SbpLu4Jo6E="; - }; - - nativeBuildInputs = [ - pkg-config - rustPlatform.cargoSetupHook - rustPlatform.maturinBuildHook - ]; - - buildInputs = [ - openssl - ]; - - env.OPENSSL_NO_VENDOR = 1; - - pythonImportsCheck = ["hf_xet"]; - - # No tests (yet?) - doCheck = false; - - meta = { - description = "Xet client tech, used in huggingface_hub"; - homepage = "https://github.com/huggingface/xet-core/tree/main/hf_xet"; - changelog = "https://github.com/huggingface/xet-core/releases/tag/v${version}"; - license = lib.licenses.asl20; - }; -} diff --git a/packages/huggingface_hub/huggingface_hub.nix b/packages/huggingface_hub/huggingface_hub.nix deleted file mode 100644 index 02b03b7..0000000 --- a/packages/huggingface_hub/huggingface_hub.nix +++ /dev/null @@ -1,62 +0,0 @@ -/* -* WARNING: Just use `pkgs.python312Packages.huggingface-hub` (or change python version) -* WARNING: I didn't realise it existed when I packaged this. -* -* Nix Resources: -* 1. https://wiki.nixos.org/wiki/Python -* 2. https://nixos.org/manual/nixpkgs/unstable/#developing-with-python -* -* Hugging Face Resources: -* 1. https://github.com/huggingface/huggingface_hub -* 2. https://huggingface.co/docs/huggingface_hub/main/en/guides/cli -*/ -{ - lib, - buildPythonPackage, - fetchPypi, - # build time dependencies - setuptools, - # runtime dependencies - filelock, - fsspec, - hf-xet, - pyyaml, - requests, - tqdm, - typing-extensions, -}: -buildPythonPackage rec { - pname = "huggingface_hub"; - version = "0.34.3"; - - src = fetchPypi { - inherit pname version; - hash = "sha256-1YEw/VqnQISAaBR1SRwKvX6DVEIIL7w+9NRbbDn4OFM="; - }; - - pyproject = true; - doCheck = false; # skip unit testing - pythonImportsCheck = ["huggingface_hub"]; - - # buildtime dependencies - build-system = [ - setuptools - ]; - # runtime dependencies - dependencies = [ - filelock - fsspec - hf-xet - pyyaml - requests - tqdm - typing-extensions - ]; - - meta = rec { - description = "The official Python client for the Huggingface Hub."; - homepage = "https://github.com/huggingface/huggingface_hub"; - changelog = "${homepage}/releases/tag/v${version}"; - license = lib.licenses.asl20; # Apache License 2.0 - }; -} diff --git a/packages/sddm-theme-corners/default.nix b/packages/sddm-theme-corners/default.nix deleted file mode 100755 index b0e3789..0000000 --- a/packages/sddm-theme-corners/default.nix +++ /dev/null @@ -1,24 +0,0 @@ -{pkgs}: -pkgs.stdenv.mkDerivation { - name = "sddm-theme-corners"; - version = "1.0.0"; - - installPhase = '' - mkdir -p $out/share/sddm/themes - cp -ar $src/corners $out/share/sddm/themes/ - ''; - src = pkgs.fetchFromGitHub { - owner = "aczw"; - repo = "sddm-theme-corners"; - rev = "6ff0ff455261badcae36cd7d151a34479f157a3c"; - sha256 = "0iiasrbl7ciyhq3z02la636as915zk9ph063ac7vm5iwny8vgwh8"; - }; - - buildInputs = with pkgs; [ - libsForQt5.qt5.qtgraphicaleffects - ]; - - nativeBuildInputs = with pkgs; [ - qt5.wrapQtAppsHook - ]; -} diff --git a/packages/x86-manpages/default.nix b/packages/x86-manpages/default.nix deleted file mode 100644 index b687422..0000000 --- a/packages/x86-manpages/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{pkgs, ...}: -pkgs.stdenv.mkDerivation { - pname = "x86-manpages"; - version = "0.0.1"; - - src = pkgs.fetchFromGitHub { - owner = "ttmo-O"; - repo = "x86-manpages"; - - ## Recommended - # rev = "0e199a8b4d90be7eb715291c21cf41de8527beac"; - # sha256 = "0im596j0pf90npg933gkq6wpw23c47fcwv0n64qfqn5mcy92qbcb"; - rev = "94902f9c45de0efe803c32b6c3e88d6623881866"; - sha256 = "0k6nsfabzqwnhjiyw2kyg0z49nzrsxn515f6dcjh1rn7bzih5562"; - }; - - installPhase = '' - mkdir -p $out/man/man7 - - shopt -u nullglob - for m in man7/*.7; do - install -m 644 "$m" "$out/man/man7" - done - ''; - - meta = with pkgs.lib; { - description = "Manpages for x86 instructions"; - homepage = "https://github.com/ttmo-O/x86-manpages"; - license = licenses.mit; - platforms = platforms.all; - }; -} diff --git a/scripts/box b/scripts/box deleted file mode 100755 index 7f69cb0..0000000 --- a/scripts/box +++ /dev/null @@ -1,44 +0,0 @@ -#!/usr/bin/env bash -USAGE="Usage: box [--enter]" - -# ===== Configuration ===== # -DATA_DIR="$HOME/.data/box" -# ========================= # - -function setup { - mkdir -p "$DATA_DIR" &>/dev/null -} - -function box { - mktemp -d - # TODO: use a custom name instead -} - -set -euo pipefail - -ENTER=false -for arg in $@; do - case "$arg" in - -e|--enter) - ENTER=true - shift - ;; - -h|--help) - echo "$USAGE" - ;; - -*) - echo "[!] Unknown opt \"$arg\"" >&2 - ;; - *) - echo "[!] Unknown arg \"$arg\"" >&2 - ;; - esac -done - -setup - -BOX=$(box) - -if [[ "$ENTER" == true ]]; then - cd "$BOX" -fi diff --git a/scripts/lsyscalls b/scripts/lsyscalls deleted file mode 100755 index 5cbd744..0000000 --- a/scripts/lsyscalls +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/env bash -# USAGE: lsyscalls | sort [-nk2] - -echo -e '#include '\ - | cpp -dM \ - | grep "#define __NR_.*[0-9]$" \ - | cut -d_ -f 4- diff --git a/snow.nix b/snow.nix deleted file mode 100644 index 4d3b575..0000000 --- a/snow.nix +++ /dev/null @@ -1,71 +0,0 @@ -{cerulean, ...} @ inputs: -cerulean.mkNexus ./. (self: { - nexus = { - specialArgs = {inherit inputs;}; - - groups = { - # wait.. that's too cold... - cryos = { - # oh frick i cried again - cryde = {}; - }; - # - server = {}; - }; - - nodes = let - inherit - (self.nexus) - groups - ; - in { - # my laptop <3 :3 - lolcathost = { - system = "x86_64-linux"; - groups = [groups.cryos.cryde]; - extraModules = with inputs; [ - grub2-themes.nixosModules.default - nix-flatpak.nixosModules.nix-flatpak - ]; - }; - - # i be on my puter frfr - myputer = { - system = "x86_64-linux"; - groups = [groups.cryos.cryde]; - extraModules = with inputs; [ - grub2-themes.nixosModules.default - nix-flatpak.nixosModules.nix-flatpak - ]; - }; - - # courtesy of aurora <3 - butterfly = { - system = "x86_64-linux"; - groups = [groups.server]; - deploy.ssh = { - host = "dobutterfliescry.net"; - user = "cry"; - port = 42069; - }; - }; - - # pls dont sue me im broke - hyrule = { - system = "x86_64-linux"; - groups = [groups.server]; - deploy.ssh = { - host = "hyrule.dobutterfliescry.net"; - user = "cry"; - }; - }; - - # call me a statistician the way she spreads in my sheets - # matcha = { - # system = "x86_64-linux"; - # groups = [groups.server]; - # deploy.ssh.host = "bedroom.dobutterfliescry.net"; - # }; - }; - }; -})