From 0eeb94b65c57980c6c688f0c4355b79981596227 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 7 Aug 2025 10:45:00 +1000 Subject: [PATCH 001/143] re-add nimble to lang pkgs --- hosts/lolcathost/default.nix | 1 + hosts/myputer/default.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index e6d03fd..c8479f5 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -231,6 +231,7 @@ in { rustc # Nim nim + nimble # Go go diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 486c59d..369fc20 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -232,6 +232,7 @@ in { rustc # Nim nim + nimble # Go go From ee7e38e7bacae4d21a50b968fa1c05031a9aa3e5 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 8 Aug 2025 11:28:11 +1000 Subject: [PATCH 002/143] add git aliases --- homes/modules/git.nix | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/homes/modules/git.nix b/homes/modules/git.nix index 3e0cfb0..82d0f1e 100755 --- a/homes/modules/git.nix +++ b/homes/modules/git.nix @@ -5,6 +5,19 @@ }: { programs.git = { enable = true; + lfs.enable = true; + + userName = "Emile Clark-Boman"; + userEmail = "eclarkboman@gmail.com"; + + aliases = { + s = "status"; + d = "diff"; + l = "log"; + c = "commit"; + p = "push"; + }; + extraConfig = { color.ui = true; core.editor = "hx"; @@ -22,8 +35,5 @@ }; }; }; - - userName = "Emile Clark-Boman"; - userEmail = "eclarkboman@gmail.com"; }; } From 0129fe2b9740db4a37a1fad0daa49d4b3645edb3 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 8 Aug 2025 14:08:50 +1000 Subject: [PATCH 003/143] renamed TODO -> +.md --- TODO => TODO.md | 1 - 1 file changed, 1 deletion(-) rename TODO => TODO.md (98%) diff --git a/TODO b/TODO.md similarity index 98% rename from TODO rename to TODO.md index bb8e65c..6b9f235 100644 --- a/TODO +++ b/TODO.md @@ -1,5 +1,4 @@ ## Next Up -0. Rename TODO -> TODO.md 1. Rename user "ae" to "cry" or "vps" 2. Add 404 page to nginx on hyrule 3. Add a user called "mirror" that stores important mirrors (inspiration: https://git.gay/mirror) From d3a642fafbea6285533db3d734879fecc3e0872d Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 8 Aug 2025 20:13:51 +1000 Subject: [PATCH 004/143] add "box" script for managing temp directories --- scripts/box | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100755 scripts/box diff --git a/scripts/box b/scripts/box new file mode 100755 index 0000000..7f69cb0 --- /dev/null +++ b/scripts/box @@ -0,0 +1,44 @@ +#!/usr/bin/env bash +USAGE="Usage: box [--enter]" + +# ===== Configuration ===== # +DATA_DIR="$HOME/.data/box" +# ========================= # + +function setup { + mkdir -p "$DATA_DIR" &>/dev/null +} + +function box { + mktemp -d + # TODO: use a custom name instead +} + +set -euo pipefail + +ENTER=false +for arg in $@; do + case "$arg" in + -e|--enter) + ENTER=true + shift + ;; + -h|--help) + echo "$USAGE" + ;; + -*) + echo "[!] Unknown opt \"$arg\"" >&2 + ;; + *) + echo "[!] Unknown arg \"$arg\"" >&2 + ;; + esac +done + +setup + +BOX=$(box) + +if [[ "$ENTER" == true ]]; then + cd "$BOX" +fi From d68132b8fb4fc76cab1e86a6c9c929e2e1889c48 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 8 Aug 2025 20:14:52 +1000 Subject: [PATCH 005/143] make fish dotfiles more verbose + add gitignore function to generate .gitignore files --- homes/modules/fish.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/homes/modules/fish.nix b/homes/modules/fish.nix index eaca566..8fdcc4b 100755 --- a/homes/modules/fish.nix +++ b/homes/modules/fish.nix @@ -12,6 +12,14 @@ config = { programs.fish = { enable = true; + generateCompletions = true; + + vendor = { + config.enable = true; + functions.enable = true; + completions.enable = true; + }; + interactiveShellInit = '' # add dotnet completions if it exists (ie we're in a virtual environment) if type -q dotnet @@ -27,8 +35,13 @@ echo -n $greetings[(random 1 (count $greetings))] end + function gitignore -a type + curl -sL "https://www.gitignore.io/api/$type" + end + set -g fish_greeting (rand_greet) ''; + plugins = [ { name = "grc"; From 7ab29bfe07261abc7c9b05c868303577489e01f2 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 8 Aug 2025 20:15:44 +1000 Subject: [PATCH 006/143] add custom huggingface_hub packages (learning from hf-cli's authentication workflow) --- hosts/packages/huggingface_hub/flake.nix | 35 +++++++++++ hosts/packages/huggingface_hub/hf-xet.nix | 56 +++++++++++++++++ .../huggingface_hub/huggingface_hub.nix | 62 +++++++++++++++++++ 3 files changed, 153 insertions(+) create mode 100644 hosts/packages/huggingface_hub/flake.nix create mode 100644 hosts/packages/huggingface_hub/hf-xet.nix create mode 100644 hosts/packages/huggingface_hub/huggingface_hub.nix diff --git a/hosts/packages/huggingface_hub/flake.nix b/hosts/packages/huggingface_hub/flake.nix new file mode 100644 index 0000000..37814d9 --- /dev/null +++ b/hosts/packages/huggingface_hub/flake.nix @@ -0,0 +1,35 @@ +# Template: https://nixos-and-flakes.thiscute.world/development/intro +{ + description = "Humanity's Last Exam - Devshell"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; + }; + + outputs = {nixpkgs, ...}: let + system = "x86_64-linux"; + pkgs = import nixpkgs { + inherit system; + }; + python = pkgs.python312.override { + self = python; + packageOverrides = pyfinal: pyprev: { + huggingface-hub = pyfinal.callPackage ./huggingface_hub.nix {}; + hf-xet = pyfinal.callPackage ./hf-xet.nix {}; + }; + }; + in { + devShells."${system}".default = pkgs.mkShell { + packages = [ + (python.withPackages (pypkgs: [ + pypkgs.huggingface-hub + ])) + ]; + + shell = "${pkgs.bash}/bin/bash"; + shellHook = '' + alias hf=huggingface-cli + ''; + }; + }; +} diff --git a/hosts/packages/huggingface_hub/hf-xet.nix b/hosts/packages/huggingface_hub/hf-xet.nix new file mode 100644 index 0000000..0f4c631 --- /dev/null +++ b/hosts/packages/huggingface_hub/hf-xet.nix @@ -0,0 +1,56 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + pkg-config, + rustPlatform, + openssl, +}: +buildPythonPackage rec { + pname = "hf-xet"; + version = "1.1.5"; + pyproject = true; + + src = fetchFromGitHub { + owner = "huggingface"; + repo = "xet-core"; + tag = "v${version}"; + hash = "sha256-udjZcXTH+Mc4Gvj6bSPv1xi4MyXrLeCYav+7CzKWyhY="; + }; + + sourceRoot = "${src.name}/hf_xet"; + + cargoDeps = rustPlatform.fetchCargoVendor { + inherit + pname + version + src + sourceRoot + ; + hash = "sha256-PTzYubJHFvhq6T3314R4aqBAJlwehOqF7SbpLu4Jo6E="; + }; + + nativeBuildInputs = [ + pkg-config + rustPlatform.cargoSetupHook + rustPlatform.maturinBuildHook + ]; + + buildInputs = [ + openssl + ]; + + env.OPENSSL_NO_VENDOR = 1; + + pythonImportsCheck = ["hf_xet"]; + + # No tests (yet?) + doCheck = false; + + meta = { + description = "Xet client tech, used in huggingface_hub"; + homepage = "https://github.com/huggingface/xet-core/tree/main/hf_xet"; + changelog = "https://github.com/huggingface/xet-core/releases/tag/v${version}"; + license = lib.licenses.asl20; + }; +} diff --git a/hosts/packages/huggingface_hub/huggingface_hub.nix b/hosts/packages/huggingface_hub/huggingface_hub.nix new file mode 100644 index 0000000..02b03b7 --- /dev/null +++ b/hosts/packages/huggingface_hub/huggingface_hub.nix @@ -0,0 +1,62 @@ +/* +* WARNING: Just use `pkgs.python312Packages.huggingface-hub` (or change python version) +* WARNING: I didn't realise it existed when I packaged this. +* +* Nix Resources: +* 1. https://wiki.nixos.org/wiki/Python +* 2. https://nixos.org/manual/nixpkgs/unstable/#developing-with-python +* +* Hugging Face Resources: +* 1. https://github.com/huggingface/huggingface_hub +* 2. https://huggingface.co/docs/huggingface_hub/main/en/guides/cli +*/ +{ + lib, + buildPythonPackage, + fetchPypi, + # build time dependencies + setuptools, + # runtime dependencies + filelock, + fsspec, + hf-xet, + pyyaml, + requests, + tqdm, + typing-extensions, +}: +buildPythonPackage rec { + pname = "huggingface_hub"; + version = "0.34.3"; + + src = fetchPypi { + inherit pname version; + hash = "sha256-1YEw/VqnQISAaBR1SRwKvX6DVEIIL7w+9NRbbDn4OFM="; + }; + + pyproject = true; + doCheck = false; # skip unit testing + pythonImportsCheck = ["huggingface_hub"]; + + # buildtime dependencies + build-system = [ + setuptools + ]; + # runtime dependencies + dependencies = [ + filelock + fsspec + hf-xet + pyyaml + requests + tqdm + typing-extensions + ]; + + meta = rec { + description = "The official Python client for the Huggingface Hub."; + homepage = "https://github.com/huggingface/huggingface_hub"; + changelog = "${homepage}/releases/tag/v${version}"; + license = lib.licenses.asl20; # Apache License 2.0 + }; +} From 63e8a31e7fbe95355e753eaa9e95c086a9559243 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 8 Aug 2025 20:20:13 +1000 Subject: [PATCH 007/143] add fish function for file name searching --- homes/modules/fish.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/homes/modules/fish.nix b/homes/modules/fish.nix index 8fdcc4b..bf496db 100755 --- a/homes/modules/fish.nix +++ b/homes/modules/fish.nix @@ -39,6 +39,11 @@ curl -sL "https://www.gitignore.io/api/$type" end + # ripgrep on files + function rgf + rg --files | rg $args + end + set -g fish_greeting (rand_greet) ''; From 7069840beb9a5a1fea4aca3fe094137c58cf3b35 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 12 Aug 2025 21:11:08 +1000 Subject: [PATCH 008/143] add gwenview + libreoffice apps --- hosts/myputer/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 369fc20..e120f67 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -208,6 +208,8 @@ in { hyprpicker qbittorrent signal-desktop + kdePackages.gwenview # image viewer + libreoffice (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners # dependencies for my sddm theme: From 60a6b07c9dc20f93669516892bbcb27c32700762 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 12 Aug 2025 21:11:38 +1000 Subject: [PATCH 009/143] comment programs.fish.vendor.* --- homes/modules/fish.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/homes/modules/fish.nix b/homes/modules/fish.nix index bf496db..0728abc 100755 --- a/homes/modules/fish.nix +++ b/homes/modules/fish.nix @@ -14,11 +14,11 @@ enable = true; generateCompletions = true; - vendor = { - config.enable = true; - functions.enable = true; - completions.enable = true; - }; + # vendor = { + # config.enable = true; + # functions.enable = true; + # completions.enable = true; + # }; interactiveShellInit = '' # add dotnet completions if it exists (ie we're in a virtual environment) From dc12ab717b99149d19d3b7b07aa5919da51f2be2 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 31 Aug 2025 14:54:59 +1000 Subject: [PATCH 010/143] remove gamescope.desktop entry, add GE Proton --- hosts/modules/steam.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/hosts/modules/steam.nix b/hosts/modules/steam.nix index 07f3ae1..5c72185 100644 --- a/hosts/modules/steam.nix +++ b/hosts/modules/steam.nix @@ -14,11 +14,15 @@ programs = { steam = { enable = true; - gamescopeSession.enable = true; + gamescopeSession.enable = false; # .desktop entry for gamescope remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; localNetworkGameTransfers.openFirewall = true; + + extraCompatPackages = with pkgs; [ + proton-ge-bin + ]; }; gamemode.enable = true; From 7ecf75bef5268933a2cc05e66184e2a2a991d127 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 31 Aug 2025 14:55:27 +1000 Subject: [PATCH 011/143] add hypr screenshot utility --- hosts/myputer/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index e120f67..87cd7f9 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -206,6 +206,7 @@ in { bluetui wl-clipboard # clipboard for wayland hyprpicker + hyprshot # screenshot utility qbittorrent signal-desktop kdePackages.gwenview # image viewer From 186c0c741afad6d24c03af111919145019fc7821 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 31 Aug 2025 14:56:01 +1000 Subject: [PATCH 012/143] add binary debug utils --- hosts/myputer/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 87cd7f9..bb00197 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -223,10 +223,11 @@ in { shellcheck grc # colorise command outputs - # Systems Emulation + # Systems Programming & Compilation qemu # Fellice Bellard's Quick Emulator - # Make gnumake + strace + ltrace # C Family gcc clang From 98244e7ecfbdf9e6d0e92384e909e57abe640ce1 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 31 Aug 2025 14:56:23 +1000 Subject: [PATCH 013/143] (test) openvas on myputer --- hosts/myputer/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index bb00197..af7b5c8 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -212,6 +212,11 @@ in { kdePackages.gwenview # image viewer libreoffice + # TEST: WARNING + # ospd-openvas + # openvas-scanner + # openvas-smb + (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners # dependencies for my sddm theme: pkgs.libsForQt5.qt5.qtgraphicaleffects From db0a34ebbd1d68d2fa31fa7fa4486cf476a7ca38 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 31 Aug 2025 15:19:51 +1000 Subject: [PATCH 014/143] ltrace/strace for lolcathost --- hosts/lolcathost/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index ef23633..1452d6e 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -235,6 +235,8 @@ in { # GNU Utils gnumake binutils + strace + ltrace # C Family gcc clang From 99a0adb621c1b7505c0baaabec4818d2fb8bb2ab Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 31 Aug 2025 23:23:10 +1000 Subject: [PATCH 015/143] add list syscalls script --- scripts/lsyscalls | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100755 scripts/lsyscalls diff --git a/scripts/lsyscalls b/scripts/lsyscalls new file mode 100755 index 0000000..5cbd744 --- /dev/null +++ b/scripts/lsyscalls @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +# USAGE: lsyscalls | sort [-nk2] + +echo -e '#include '\ + | cpp -dM \ + | grep "#define __NR_.*[0-9]$" \ + | cut -d_ -f 4- From 1f35c727ed4fe1e76d5c82d4d923926e74a2dfa1 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 31 Aug 2025 23:25:25 +1000 Subject: [PATCH 016/143] progress home-manager --- hosts/myputer/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 7ca8449..a8f1629 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -7,7 +7,7 @@ }: let home-manager = builtins.fetchTarball { url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; - sha256 = "026rvynmzmpigax9f8gy9z67lsl6dhzv2p6s8wz4w06v3gjvspm1"; + sha256 = "1wl2plp37a8qw26h6cj3ah6rq8bd3awl2938h5cm9b8ncxn4s1k8"; }; in { imports = [ From a33e8a0147b4baf1778a000062ed7196eb3a6d1e Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 31 Aug 2025 23:26:08 +1000 Subject: [PATCH 017/143] provide nixpkgs-unstable to homemanager (myputer) --- hosts/myputer/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index a8f1629..316463a 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -1,6 +1,7 @@ { lib, pkgs, + pkgs-unstable, inputs, config, ... @@ -183,6 +184,7 @@ in { home-manager = { users.me = import ../../homes/me; + extraSpecialArgs = {inherit inputs pkgs pkgs-unstable;}; sharedModules = [ inputs.ags.homeManagerModules.default ]; From 95bf9fe6adc2cc3ac85f5e7499087a1df812ddfd Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 31 Aug 2025 23:26:30 +1000 Subject: [PATCH 018/143] add nasm pkg --- hosts/lolcathost/default.nix | 3 +++ hosts/myputer/default.nix | 3 +++ 2 files changed, 6 insertions(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 1452d6e..753ab1b 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -234,9 +234,12 @@ in { qemu # Fellice Bellard's Quick Emulator # GNU Utils gnumake + # Binaries binutils strace ltrace + # ASM + nasm # C Family gcc clang diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 316463a..528c87d 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -235,9 +235,12 @@ in { qemu # Fellice Bellard's Quick Emulator # GNU Utils gnumake + # Binaries binutils strace ltrace + # ASM + nasm # C Family gcc clang From eb02262ae67189936485a7310bc0f821e353cb3f Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 31 Aug 2025 23:27:08 +1000 Subject: [PATCH 019/143] add x86-manpages derivation (ISA manpages) --- hosts/lolcathost/default.nix | 1 + hosts/myputer/default.nix | 1 + hosts/packages/x86-manpages/default.nix | 32 +++++++++++++++++++++++++ 3 files changed, 34 insertions(+) create mode 100644 hosts/packages/x86-manpages/default.nix diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 753ab1b..be4c996 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -240,6 +240,7 @@ in { ltrace # ASM nasm + (callPackage ../packages/x86-manpages {}) # C Family gcc clang diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 528c87d..b0c8f6c 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -241,6 +241,7 @@ in { ltrace # ASM nasm + (callPackage ../packages/x86-manpages {}) # C Family gcc clang diff --git a/hosts/packages/x86-manpages/default.nix b/hosts/packages/x86-manpages/default.nix new file mode 100644 index 0000000..b687422 --- /dev/null +++ b/hosts/packages/x86-manpages/default.nix @@ -0,0 +1,32 @@ +{pkgs, ...}: +pkgs.stdenv.mkDerivation { + pname = "x86-manpages"; + version = "0.0.1"; + + src = pkgs.fetchFromGitHub { + owner = "ttmo-O"; + repo = "x86-manpages"; + + ## Recommended + # rev = "0e199a8b4d90be7eb715291c21cf41de8527beac"; + # sha256 = "0im596j0pf90npg933gkq6wpw23c47fcwv0n64qfqn5mcy92qbcb"; + rev = "94902f9c45de0efe803c32b6c3e88d6623881866"; + sha256 = "0k6nsfabzqwnhjiyw2kyg0z49nzrsxn515f6dcjh1rn7bzih5562"; + }; + + installPhase = '' + mkdir -p $out/man/man7 + + shopt -u nullglob + for m in man7/*.7; do + install -m 644 "$m" "$out/man/man7" + done + ''; + + meta = with pkgs.lib; { + description = "Manpages for x86 instructions"; + homepage = "https://github.com/ttmo-O/x86-manpages"; + license = licenses.mit; + platforms = platforms.all; + }; +} From 364efb25ead548c72746508070e5d4f5d520baf1 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 3 Sep 2025 00:24:41 +1000 Subject: [PATCH 020/143] dbus sucks i wanna cry :( --- hosts/lolcathost/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index be4c996..2450c55 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -121,11 +121,11 @@ in { ); }; - dbus = { - # NOTE: programs.uwsm.enable sets implementation to dbus-broker, - # NOTE: however this seems to break dbus - implementation = lib.mkForce "dbus"; - }; + # dbus = { + # # NOTE: programs.uwsm.enable sets implementation to dbus-broker, + # # NOTE: however this seems to break dbus + # implementation = lib.mkForce "dbus"; + # }; # Multimedia Framework # With backwards compatability for alsa/pulseaudio/jack From 6fbaf7fe893a53e277ebaa70dfdf43e8da687ce7 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 3 Sep 2025 00:37:55 +1000 Subject: [PATCH 021/143] add haskell support --- homes/modules/editor/helix.nix | 10 ++++++++++ hosts/lolcathost/default.nix | 3 +++ hosts/myputer/default.nix | 3 +++ 3 files changed, 16 insertions(+) diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index e7d6003..3c1443d 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -136,6 +136,12 @@ formatter.command = "${pkgs.clang-tools}/bin/clang-format"; language-servers = ["clangd"]; } + { + name = "haskell"; + auto-format = true; + formatter.command = "${pkgs.ormolu}/bin/ormolu"; + language-servers = ["haskell-language-server"]; + } ]; language-server = { @@ -149,6 +155,10 @@ clangd = { command = "${pkgs.clang-tools}/bin/clangd"; }; + + haskell-language-server = { + command = "${pkgs.haskell-language-server}/bin/haskell-language-server-wrapper"; + }; }; }; }; diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 2450c55..765118b 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -253,6 +253,9 @@ in { nimble # Go go + # Haskell + ghc + ghcid # Python python312 # I use 3.12 since it's in a pretty stable state now diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index b0c8f6c..dc525f9 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -254,6 +254,9 @@ in { nimble # Go go + # Haskell + ghc + ghcid # Python python312 # I use 3.12 since it's in a pretty stable state now From a35cedeecbaa5f12f99a4ed6d77225897aaa1378 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 3 Sep 2025 03:24:39 +1000 Subject: [PATCH 022/143] add haskell lsp + formatter --- hosts/lolcathost/default.nix | 2 ++ hosts/myputer/default.nix | 2 ++ 2 files changed, 4 insertions(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 765118b..12125e5 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -256,6 +256,8 @@ in { # Haskell ghc ghcid + haskell-language-server + ormolu # Python python312 # I use 3.12 since it's in a pretty stable state now diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index dc525f9..ea5710a 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -257,6 +257,8 @@ in { # Haskell ghc ghcid + haskell-language-server + ormolu # Python python312 # I use 3.12 since it's in a pretty stable state now From eaea98a362a2f2d54e6ce6c22a4afb4c99286370 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 3 Sep 2025 03:27:12 +1000 Subject: [PATCH 023/143] add hyprsunset (its 3am and im going blind............) --- hosts/modules/wm/hyprland.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/hosts/modules/wm/hyprland.nix b/hosts/modules/wm/hyprland.nix index f2960ed..c83caa1 100644 --- a/hosts/modules/wm/hyprland.nix +++ b/hosts/modules/wm/hyprland.nix @@ -1,4 +1,8 @@ -{...}: { +{pkgs, ...}: { + environment.defaultPackages = with pkgs; [ + hyprsunset + ]; + programs = { hyprland = { enable = true; From c94e75bb0210cd61e40186d2a9ad19c5f923a50d Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 3 Sep 2025 11:13:13 +1000 Subject: [PATCH 024/143] mark all dev outputs for install --- hosts/lolcathost/default.nix | 15 ++++++++++----- hosts/myputer/default.nix | 15 ++++++++++----- 2 files changed, 20 insertions(+), 10 deletions(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 12125e5..02bd30f 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -198,12 +198,17 @@ in { }; # ---- ENVIRONMENT VARIABLES ---- - environment.sessionVariables = { - # folder names with capitalisation look awful! - XDG_DOWNLOAD_DIR = "$HOME/downloads"; + environment = { + # always install "dev" derivation outputs + extraOutputsToInstall = ["dev"]; - # Hint Electrons apps to use Wayland - NIXOS_OZONE_WL = "1"; + sessionVariables = { + # folder names with capitalisation look awful! + XDG_DOWNLOAD_DIR = "$HOME/downloads"; + + # Hint Electrons apps to use Wayland + NIXOS_OZONE_WL = "1"; + }; }; # ---- SYSTEM PACKAGES ----- diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index ea5710a..ce1c838 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -191,12 +191,17 @@ in { }; # ---- ENVIRONMENT VARIABLES ---- - environment.sessionVariables = { - # folder names with capitalisation look awful! - XDG_DOWNLOAD_DIR = "$HOME/downloads"; + environment = { + # always install "dev" derivation outputs + extraOutputsToInstall = ["dev"]; - # Hint Electrons apps to use Wayland - NIXOS_OZONE_WL = "1"; + sessionVariables = { + # folder names with capitalisation look awful! + XDG_DOWNLOAD_DIR = "$HOME/downloads"; + + # Hint Electrons apps to use Wayland + NIXOS_OZONE_WL = "1"; + }; }; # ---- SYSTEM PACKAGES ----- From 75751e308505c5d7330fd410879b784dca356a60 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 18 Sep 2025 19:48:07 +1000 Subject: [PATCH 025/143] always install derivation "man" ouputs --- hosts/lolcathost/default.nix | 2 +- hosts/myputer/default.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 02bd30f..b154d3c 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -200,7 +200,7 @@ in { # ---- ENVIRONMENT VARIABLES ---- environment = { # always install "dev" derivation outputs - extraOutputsToInstall = ["dev"]; + extraOutputsToInstall = ["dev" "man"]; sessionVariables = { # folder names with capitalisation look awful! diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index ce1c838..16df2cf 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -193,7 +193,7 @@ in { # ---- ENVIRONMENT VARIABLES ---- environment = { # always install "dev" derivation outputs - extraOutputsToInstall = ["dev"]; + extraOutputsToInstall = ["dev" "man"]; sessionVariables = { # folder names with capitalisation look awful! From cb6f98406565b7f6331ce329e5d0e6b1c450b17a Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 24 Sep 2025 13:30:20 +1000 Subject: [PATCH 026/143] add pkgs.moreutils --- hosts/lolcathost/default.nix | 1 + hosts/myputer/default.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index b154d3c..e0bfcb1 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -234,6 +234,7 @@ in { fish shellcheck grc # colorise command outputs + moreutils # Systems Emulation qemu # Fellice Bellard's Quick Emulator diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 16df2cf..2749192 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -235,6 +235,7 @@ in { fish shellcheck grc # colorise command outputs + moreutils # Systems Programming & Compilation qemu # Fellice Bellard's Quick Emulator From 81c7c25c6f90cf9d43d91d2230edb775e4edc4f7 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 26 Sep 2025 23:18:45 +1000 Subject: [PATCH 027/143] add hexyl, timg, and other --- hosts/lolcathost/default.nix | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index e0bfcb1..54efd89 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -244,6 +244,7 @@ in { binutils strace ltrace + hexyl # ASM nasm (callPackage ../packages/x86-manpages {}) @@ -265,6 +266,14 @@ in { haskell-language-server ormolu + # Nix + # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) + # helix will support nixd by default + # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix + nixd # lsp for nix + nix-prefetch-git + nix-index + # Python python312 # I use 3.12 since it's in a pretty stable state now python314 # also 3.14 for latest features @@ -288,23 +297,18 @@ in { zoxide doggo tldr - # btop + btop eza yazi lazygit ripgrep viddy # modern `watch` command thefuck - - # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) - # helix will support nixd by default - # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix - nixd # lsp for nix + timg # terminal image (sixel) viewer # Pretty necessary git git-filter-repo - nix-prefetch-git brightnessctl acpi # upower From bf22bfbcf48a0a1c5ee8b1f1b3f02bbd9e7a1865 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 09:18:26 +1000 Subject: [PATCH 028/143] enable NIX_SHELL_PRESERVE_PROMPT --- homes/me/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/homes/me/default.nix b/homes/me/default.nix index fac7454..194d568 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -35,6 +35,10 @@ man = "batman"; # bat + man }; + sessionVariables = { + NIX_SHELL_PRESERVE_PROMPT = 1; + }; + pointerCursor = { gtk.enable = true; # x11.enable = true # dont enable since im on hyprland From f9df463872f4dd0d811d7d157485393f4e21fdf2 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 09:20:37 +1000 Subject: [PATCH 029/143] add dotnet9 --- hosts/lolcathost/default.nix | 5 +++++ hosts/myputer/default.nix | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 54efd89..86ef3d5 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -281,6 +281,11 @@ in { # Sage sageWithDoc # SageMath + HTML Documentation + # .NET + dotnetCorePackages.dotnet_9.sdk + dotnetCorePackages.dotnet_9.aspnetcore + dotnetCorePackages.dotnet_9.runtime + openvpn inetutils diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 2749192..d51934f 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -273,6 +273,11 @@ in { # Sage sageWithDoc # SageMath + HTML Documentation + # .NET + dotnetCorePackages.dotnet_9.sdk + dotnetCorePackages.dotnet_9.aspnetcore + dotnetCorePackages.dotnet_9.runtime + openvpn inetutils From 3e1d10617908897f4af7be482f927025fc160d9f Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 09:21:56 +1000 Subject: [PATCH 030/143] add pstree + lz4 --- hosts/lolcathost/default.nix | 2 ++ hosts/myputer/default.nix | 2 ++ 2 files changed, 4 insertions(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 86ef3d5..be8db92 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -325,8 +325,10 @@ in { file wget tree + pstree unzip unrar-free + lz4 man-pages man-pages-posix diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index d51934f..d424817 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -323,8 +323,10 @@ in { file wget tree + pstree unzip unrar-free + lz4 man-pages man-pages-posix From 120b753882a49ba484e587e91a18a858a90cd452 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 09:24:16 +1000 Subject: [PATCH 031/143] (attempt) fix dbus service for bluetui manually configure resolvd with CloudFlare's WARP+ DNS --- hosts/lolcathost/default.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index be8db92..376140e 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -100,10 +100,30 @@ in { networkmanager.enable = true; firewall.enable = false; + + # Use CloudFlare's WARP+ 1.1.1.1 DNS service + nameservers = [ + "1.1.1.1#one.one.one.one" + "1.0.0.1#one.one.one.one" + ]; }; # ----- SERVICES ----- services = { + # systemd-resolved provides network name resolution + # to local processes via a D-Bus interface. + resolved = { + enable = true; + dnssec = "true"; + domains = ["~."]; + # Use CloudFlare's WARP+ 1.1.1.1 DNS service + fallbackDns = [ + "1.1.1.1#one.one.one.one" + "1.0.0.1#one.one.one.one" + ]; + dnsovertls = "true"; + }; + # Set display manager (login screen) displayManager = { # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects From 70ed4a9a38ddef2c8b6378a7457d54af2281368c Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 09:30:18 +1000 Subject: [PATCH 032/143] add hosts/modules/bashistrans.nix --- hosts/lolcathost/default.nix | 18 ++---------------- hosts/modules/bashistrans.nix | 23 +++++++++++++++++++++++ hosts/myputer/default.nix | 2 ++ 3 files changed, 27 insertions(+), 16 deletions(-) create mode 100644 hosts/modules/bashistrans.nix diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 376140e..dbdaba0 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -15,6 +15,8 @@ in { ./hardware-configuration.nix (import "${home-manager}/nixos") + ../modules/bashistrans.nix + ../modules/wm/hyprland.nix # ../modules/wm/river.nix ../modules/wm/crywl.nix @@ -375,22 +377,6 @@ in { nix-ld.enable = true; - # I want to use fish as my login shell but it always goes terrible - # cause it isn't POSIX compliant, so instead Bash is my login and - # will just exec fish (^-^) - bash = { - blesh.enable = false; # ble.sh replacement for GNU readline - completion.enable = true; - - interactiveShellInit = '' - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] - then - shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - exec ${pkgs.fish}/bin/fish $LOGIN_OPTION - fi - ''; - }; - # Thunar also uses: `services.tumbler` & `services.gvfs` thunar = { enable = true; diff --git a/hosts/modules/bashistrans.nix b/hosts/modules/bashistrans.nix new file mode 100644 index 0000000..d3b285c --- /dev/null +++ b/hosts/modules/bashistrans.nix @@ -0,0 +1,23 @@ +{pkgs, ...}: { + # I want to use fish as my login shell but it always goes terrible + # cause it isn't POSIX compliant, so instead Bash is my login and + # will just exec fish (^-^) + programs.bash = { + blesh.enable = false; # ble.sh replacement for GNU readline + completion.enable = true; + + interactiveShellInit = '' + # help bash transition into a beautiful fish! + if [[ -z $CRY_BASH_IS_TRANS ]] + then + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + fi + # bash is trans now! (no more transitioning required) + export CRY_BASH_IS_TRANS=true + ''; + }; +} diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index d424817..6844dcc 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -15,6 +15,8 @@ in { ./hardware-configuration.nix (import "${home-manager}/nixos") + ../modules/bashistrans.nix + ../modules/wm/hyprland.nix ../modules/steam.nix From 5c955e52322b331420371c85023a5136963c451a Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 09:40:21 +1000 Subject: [PATCH 033/143] (attempt) package CrazyCraft void launcher for my partner lol --- hosts/myputer/default.nix | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 6844dcc..b43fa6c 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -30,6 +30,13 @@ in { "nix-command" "flakes" ]; + # nixpkgs.overlays = [ + # (self: super: { + # jdk17 = super.jdk17.override (prev: { + # enableJavaFX = true; + # }); + # }) + # ]; nixpkgs.config.allowUnfreePredicate = let whitelist = map lib.getName [ @@ -268,6 +275,18 @@ in { haskell-language-server ormolu + # Java + # jdk17 + # (jre8.overrideAttrs + # (oldAttrs: { + # enableJavaFX = true; + # })) + # (jdk8.overrideAttrs + # (oldAttrs: { + # enableJavaFX = true; + # })) + visualvm + # Python python312 # I use 3.12 since it's in a pretty stable state now python314 # also 3.14 for latest features @@ -404,6 +423,18 @@ in { # mozilla's email client thunderbird.enable = true; + + java = let + # XXX: WARNING: TEST :WARNING: XXX + # Test for CrazyCraft VoidLauncher + myjdk = pkgs.jdk17.override { + enableJavaFX = true; + # openjfx_jdk = pkgs.openjfx17.override {withWebKit = true;}; + }; + in { + enable = true; + package = myjdk; + }; }; # ----- FONTS ----- From c05db6797455b031c9bc6e8eb2a17f1d7fbf72e4 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 09:40:54 +1000 Subject: [PATCH 034/143] progress hyrule home-manager --- hosts/hyrule/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 6ac57a5..e0da1d6 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -7,7 +7,7 @@ }: let home-manager = builtins.fetchTarball { url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; - sha256 = "026rvynmzmpigax9f8gy9z67lsl6dhzv2p6s8wz4w06v3gjvspm1"; + sha256 = "0d41gr0c89a4y4lllzdgmbm54h9kn9fjnmavwpgw0w9xwqwnzpax"; }; in { imports = [ From a04641fc9dc6c05fe1132a2cbeae4e03f02b4eb3 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 09:41:20 +1000 Subject: [PATCH 035/143] (temp) disable hyrule's minecraft server --- hosts/hyrule/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index e0da1d6..325e467 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -14,8 +14,9 @@ in { ./hardware-configuration.nix (import "${home-manager}/nixos") - ./mailserver.nix # TEMP: location - ./minecraft-server.nix # TEMP: location + # ./mailserver.nix # TEMP: location + # ./minecraft-server.nix # TEMP: location + #../modules/server/nginx.nix #../modules/server/ssh.nix #../modules/server/fail2ban.nix From 2da00759924a82edbcaaaaa8e09cf8db57ab9da2 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 09:43:26 +1000 Subject: [PATCH 036/143] add radare2, gdb, perf-tools --- hosts/lolcathost/default.nix | 8 ++++++-- hosts/myputer/default.nix | 8 ++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index dbdaba0..9075286 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -266,6 +266,9 @@ in { binutils strace ltrace + perf-tools # ftrace + perf + radare2 + gdb hexyl # ASM nasm @@ -273,15 +276,16 @@ in { # C Family gcc clang + clang-tools # Rust cargo rustc + # Go + go # Nim nim nimble - # Go - go # Haskell ghc ghcid diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index b43fa6c..ef640c7 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -254,6 +254,9 @@ in { binutils strace ltrace + perf-tools # ftrace + perf + radare2 + gdb # ASM nasm (callPackage ../packages/x86-manpages {}) @@ -261,14 +264,15 @@ in { gcc clang clang-tools + # Rust cargo rustc + # Go + go # Nim nim nimble - # Go - go # Haskell ghc ghcid From 2dde0450c410e2ca1a6101b8ecce1480a8043df4 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 09:43:40 +1000 Subject: [PATCH 037/143] add discord --- hosts/myputer/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index ef640c7..af9b257 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -46,6 +46,7 @@ in { pkgs.steamcmd pkgs.steam-unwrapped pkgs.dwarf-fortress + pkgs.discord ]; in pkg: builtins.elem (lib.getName pkg) whitelist; From d094fbb26fed01902193574491afbdc14a39244f Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 21:19:26 +1000 Subject: [PATCH 038/143] helix now supports C# LSP --- homes/modules/editor/helix.nix | 21 +++++++++++++++++++++ hosts/myputer/default.nix | 1 + 2 files changed, 22 insertions(+) diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index 3c1443d..8d6e22c 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -142,6 +142,22 @@ formatter.command = "${pkgs.ormolu}/bin/ormolu"; language-servers = ["haskell-language-server"]; } + # { + # name = "c-sharp"; + # source = "source.cs"; + # file-types = ["cs"]; + # indent = { + # tab-width = 4; + # unit = " "; + # }; + # block-comment-tokens = { + # start = "/*"; + # end = "*/"; + # }; + # # auto-format = false; + # # formatter.command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp"; + # # language-servers = ["OmniSharp"]; + # } ]; language-server = { @@ -159,6 +175,11 @@ haskell-language-server = { command = "${pkgs.haskell-language-server}/bin/haskell-language-server-wrapper"; }; + + # C# language services + OmniSharp = { + command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp"; + }; }; }; }; diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index af9b257..5a866c2 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -303,6 +303,7 @@ in { dotnetCorePackages.dotnet_9.sdk dotnetCorePackages.dotnet_9.aspnetcore dotnetCorePackages.dotnet_9.runtime + omnisharp-roslyn openvpn inetutils From 8ec227aa10fc739f61a3b85c4ba0b9a03e691f23 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 21:19:37 +1000 Subject: [PATCH 039/143] add cute lil banner --- banner | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 banner diff --git a/banner b/banner new file mode 100644 index 0000000..67e1bd9 --- /dev/null +++ b/banner @@ -0,0 +1,6 @@ + .------------. + | oh my | + '------------' + ^ (\_(\ + '----- ( -.-) + o_(")(") From 328c628291d010eddebc3ff2def75ed1aaa6bc71 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 21:19:53 +1000 Subject: [PATCH 040/143] (temp) add notes on screensharing --- SCREENSHARING | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 SCREENSHARING diff --git a/SCREENSHARING b/SCREENSHARING new file mode 100644 index 0000000..d3046f6 --- /dev/null +++ b/SCREENSHARING @@ -0,0 +1,11 @@ +Excellent Resource +https://gist.github.com/brunoanc/2dea6ddf6974ba4e5d26c3139ffb7580#install-xdg-desktop-portal-and-friends + +Hyprland official page on screensharing +https://wiki.hyprland.org/Useful-Utilities/Screen-Sharing/ + + +Multiple sources seem to think that use xdg-desktop-portal-wlr works (but I can't stream individual applications) +but I suppose that's better than nothing? + +Also check out xwaylandvideobridge From 4e615703a66fa03770e9afd837fd0a2d586d2651 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 6 Oct 2025 21:21:28 +1000 Subject: [PATCH 041/143] i dont need this anymore --- flake.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/flake.nix b/flake.nix index 382bca6..3d40a53 100644 --- a/flake.nix +++ b/flake.nix @@ -5,11 +5,6 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; - #home-manager = { - # url = "github:nix-community/home-manager"; - # inputs.nixpkgs.follows = "nixpkgs"; - #}; - grub2-themes.url = "github:vinceliuice/grub2-themes"; ags.url = "github:Aylur/ags"; From d26b8af26f622bc48e74c57612491f619dd8f642 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 7 Oct 2025 12:49:56 +1000 Subject: [PATCH 042/143] add work conditional .gitconfig --- homes/modules/git.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/homes/modules/git.nix b/homes/modules/git.nix index 82d0f1e..c2578a8 100755 --- a/homes/modules/git.nix +++ b/homes/modules/git.nix @@ -35,5 +35,12 @@ }; }; }; + + includes = [ + { + path = "/home/me/agribit/.gitconfig"; + condition = "gitdir:/home/me/agribit/"; + } + ]; }; } From c46d9665a180447bfb62fc89149129465ca2854c Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 8 Oct 2025 10:39:41 +1000 Subject: [PATCH 043/143] fix conditional .gitconfig --- homes/modules/git.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/homes/modules/git.nix b/homes/modules/git.nix index c2578a8..fdf6afb 100755 --- a/homes/modules/git.nix +++ b/homes/modules/git.nix @@ -33,13 +33,19 @@ "github:" ]; }; + "https://gitlab.com/" = { + insteadOf = [ + "gl:" + "gitlab:" + ]; + }; }; }; includes = [ { path = "/home/me/agribit/.gitconfig"; - condition = "gitdir:/home/me/agribit/"; + condition = "gitdir:/home/me/agribit/**"; } ]; }; From 78c75ea740abd19744adb5967105d742aaaa879a Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 8 Oct 2025 10:59:14 +1000 Subject: [PATCH 044/143] add NetCoreDbg for helix --- hosts/myputer/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 5a866c2..50d3bf6 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -8,7 +8,7 @@ }: let home-manager = builtins.fetchTarball { url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; - sha256 = "1wl2plp37a8qw26h6cj3ah6rq8bd3awl2938h5cm9b8ncxn4s1k8"; + sha256 = "0q3lv288xlzxczh6lc5lcw0zj9qskvjw3pzsrgvdh8rl8ibyq75s"; }; in { imports = [ @@ -304,6 +304,7 @@ in { dotnetCorePackages.dotnet_9.aspnetcore dotnetCorePackages.dotnet_9.runtime omnisharp-roslyn + netcoredbg openvpn inetutils From f51ac822e0eb26112c7b137b081182969ff7038f Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 8 Oct 2025 11:15:21 +1000 Subject: [PATCH 045/143] enable vscodium --- homes/me/default.nix | 4 +--- homes/modules/editor/vscodium.nix | 12 ++++++++++-- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/homes/me/default.nix b/homes/me/default.nix index 194d568..86b4c0b 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -12,12 +12,10 @@ ../modules/bat.nix ../modules/fish.nix ../modules/editor/helix.nix - # ../modules/editor/vscodium.nix + ../modules/editor/vscodium.nix ../modules/btop.nix - ../modules/term/ghostty.nix ../modules/term/foot.nix - # ../modules/term/rio.nix ../modules/firefox.nix #../modules/wm/hypr/hypridle.nix diff --git a/homes/modules/editor/vscodium.nix b/homes/modules/editor/vscodium.nix index c5daf64..5309bf7 100644 --- a/homes/modules/editor/vscodium.nix +++ b/homes/modules/editor/vscodium.nix @@ -1,9 +1,17 @@ {pkgs, ...}: { + # REF: https://home-manager-options.extranix.com/?query=vscode&release=release-25.05 programs.vscode = { enable = true; package = pkgs.vscodium; - extensions = with pkgs.vscode-extensions; [ - ]; + mutableExtensionsDir = true; + + profiles.default = { + enableUpdateCheck = false; + enableExtensionUpdateCheck = false; + extensions = with pkgs.vscode-extensions; [ + dracula-theme.theme-dracula + ]; + }; }; } From a29c66e35d5a52a57682080b4a2747cf557a0554 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:44:02 +1000 Subject: [PATCH 046/143] add mako notification daemon --- config.temp/hyprland.conf | 1 + homes/me/default.nix | 1 + homes/modules/mako.nix | 54 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 56 insertions(+) create mode 100644 homes/modules/mako.nix diff --git a/config.temp/hyprland.conf b/config.temp/hyprland.conf index 864b184..7243478 100755 --- a/config.temp/hyprland.conf +++ b/config.temp/hyprland.conf @@ -40,6 +40,7 @@ $colorpicker = hyprpicker | head -c 7 | wl-copy # exec-once = nm-applet & # exec-once = waybar & hyprpaper & firefox exec-once = swww-daemon & +exec-once = mako & # TODO: or do I do `swww init` or `swww restore`? # █▀▀ █▄░█ █░█   █░█ ▄▀█ █▀█ diff --git a/homes/me/default.nix b/homes/me/default.nix index 86b4c0b..46b2de6 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -22,6 +22,7 @@ ../modules/wm/hypr/hyprlock.nix ../modules/kanshi.nix ../modules/ags + ../modules/mako.nix ]; home = { diff --git a/homes/modules/mako.nix b/homes/modules/mako.nix new file mode 100644 index 0000000..762cd96 --- /dev/null +++ b/homes/modules/mako.nix @@ -0,0 +1,54 @@ +{...}: let + dracula = rec { + background = "#282A36"; + border = cyan; + + cyan = "#8BE9FD"; + yellow = "#F1FA8C"; + red = "#FF5555"; + }; + + theme = dracula; +in { + # notification daemon for Wayland + services.mako = { + enable = true; + settings = { + actions = true; + anchor = "top-right"; + layer = "overlay"; + sort = "-time"; + + height = 100; + width = 300; + margin = 50; + background-color = theme.background; + border-color = theme.border; + border-radius = 20; + border-size = 4; + font = "monospace 10"; + + markup = true; + icons = true; + max-icon-size = 64; + + default-timeout = 5000; + ignore-timeout = false; + + "actionable=true" = { + anchor = "top-left"; + }; + + "urgency=low" = { + border-color = theme.border; + }; + "urgency=normal" = { + border-color = theme.yellow; + }; + "urgency=high" = { + default-timeout = 0; + border-color = theme.red; + }; + }; + }; +} From 8e2aad53be8b8bd11f601993a5795ca859c22a10 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:45:00 +1000 Subject: [PATCH 047/143] customise vscodium --- homes/modules/editor/vscodium.nix | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/homes/modules/editor/vscodium.nix b/homes/modules/editor/vscodium.nix index 5309bf7..ecde271 100644 --- a/homes/modules/editor/vscodium.nix +++ b/homes/modules/editor/vscodium.nix @@ -1,4 +1,8 @@ -{pkgs, ...}: { +{ + lib, + pkgs, + ... +}: { # REF: https://home-manager-options.extranix.com/?query=vscode&release=release-25.05 programs.vscode = { enable = true; @@ -9,9 +13,25 @@ profiles.default = { enableUpdateCheck = false; enableExtensionUpdateCheck = false; + # extension format: USER.PACKAGENAME extensions = with pkgs.vscode-extensions; [ + # .NET + ms-dotnettools.csharp + ms-dotnettools.csdevkit + ms-dotnettools.vscode-dotnet-runtime + # ms-dotnettools.vscode-dotnet-pack + # ms-dotnettools.dotnet-maui + + # Colors & Themes dracula-theme.theme-dracula + catppuccin.catppuccin-vsc + catppuccin.catppuccin-vsc-icons + mvllow.rose-pine ]; + + userSettings = { + "workbench.colorTheme" = "Dracula Theme"; + }; }; }; } From 1600fd2885695126d64aac7bb166ac83eeb34599 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:46:08 +1000 Subject: [PATCH 048/143] fix bashistrans (myputer) --- hosts/myputer/default.nix | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 50d3bf6..244f5eb 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -403,21 +403,6 @@ in { }; }; - # I want to use fish as my login shell but it always goes terrible - # cause it isn't POSIX compliant, so instead Bash is my login and - # will just exec fish (^-^) - bash = { - completion.enable = true; - - interactiveShellInit = '' - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] - then - shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - exec ${pkgs.fish}/bin/fish $LOGIN_OPTION - fi - ''; - }; - # Thunar also (optionally) requires: `services.tumbler` & `services.gvfs` thunar = { enable = true; From 1d54b413477480c64ff7e980a6cf4f202dcf50f8 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:47:20 +1000 Subject: [PATCH 049/143] replace vscodium -> vscode --- homes/me/default.nix | 9 ++- homes/modules/editor/vscode.nix | 134 ++++++++++++++++++++++++++++++++ 2 files changed, 141 insertions(+), 2 deletions(-) create mode 100644 homes/modules/editor/vscode.nix diff --git a/homes/me/default.nix b/homes/me/default.nix index 46b2de6..ac87870 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -6,13 +6,13 @@ pkgs, pkgs-unstable, ... -}: { +} @ args: { imports = [ ../modules/git.nix ../modules/bat.nix ../modules/fish.nix ../modules/editor/helix.nix - ../modules/editor/vscodium.nix + (import ../modules/editor/vscode.nix args) ../modules/btop.nix ../modules/term/foot.nix @@ -25,6 +25,11 @@ ../modules/mako.nix ]; + nixpkgs.config.allowUnfreePredicate = pkg: + builtins.elem (lib.GetName pkg) [ + "vscode-extension-ms-dotnettools-csharp" + ]; + home = { username = "me"; homeDirectory = "/home/me"; diff --git a/homes/modules/editor/vscode.nix b/homes/modules/editor/vscode.nix new file mode 100644 index 0000000..f824b1c --- /dev/null +++ b/homes/modules/editor/vscode.nix @@ -0,0 +1,134 @@ +{ + config, + lib, + pkgs, + vscodium ? false, + secret-service ? "gnome-libsecret", + vscode-argv ? ".vscode/argv.json", + ... +}: { + nixpkgs.overlays = [ + ( + self: super: { + vscode-extensions = super.vscode-extensions.overrideAttrs (prev: let + mkVscMarketplaceExtension = { + publisher, + name, + version, + hash, + description ? "", + homepage ? null, + changelog ? null, + license ? null, + maintainers ? [lib.maintainers.emileclarkb], + }: + with pkgs.vscode-utils.buildVscodeMarketplaceExtension; { + ${publisher}.${name} = buildVscodeMarketplaceExtension { + mktplcRef = { + inherit + publisher + name + version + hash + ; + }; + + meta = { + inherit + ( + if license != null + then {license = license;} + else {} + ) + description + homepage + maintainers + ; + downloadPage = "https://marketplace.visualstudio.com/items?itemName=${publisher}.${name}"; + changelog = + if changelog != null + then changelog + else "https://marketplace.visualstudio.com/items/${publisher}.${name}/changelog"; + }; + }; + }; + in + lib.mergeAttrsList [ + (mkVscMarketplaceExtension { + publisher = "ms-dotnettools"; + name = "dotnet-maui"; + version = "1.11.14"; + hash = lib.fakeHash; + + description = "Extend C# Dev Kit with tools for building .NET Multi-platform App UI (MAUI) apps"; + homepage = "https://github.com/microsoft/vscode-dotnettools"; + license = lib.licenses.unfree; + }) + ]); + } + ) + ]; + + # REF: https://home-manager-options.extranix.com/?query=vscode&release=release-25.05 + programs.vscode = { + enable = true; + # TODO: clean up + package = + ( + if vscodium + then pkgs.vscodium + else pkgs.vscode + ).overrideAttrs (oldAttrs: { + # runtimeDependencies = oldAttrs.runtimeDependencies ++ [] + }); + + mutableExtensionsDir = true; + + profiles.default = { + enableUpdateCheck = false; + enableExtensionUpdateCheck = false; + # extension format: USER.PACKAGENAME + extensions = with pkgs.vscode-extensions; [ + # .NET + ms-dotnettools.csharp + ms-dotnettools.csdevkit + ms-dotnettools.vscode-dotnet-runtime + # TODO: these extensions aren't packaged :( + # deitry.solution-syntax + # ms-dotnettools.vscode-dotnet-pack + # ms-dotnettools.dotnet-maui + + # Python + ms-python.python + + # GitLens by GitKraken + eamodio.gitlens + ms-azuretools.vscode-docker + + github.copilot + github.copilot-chat + + # Colors & Themes + dracula-theme.theme-dracula + catppuccin.catppuccin-vsc + catppuccin.catppuccin-vsc-icons + mvllow.rose-pine + ]; + + userSettings = { + "workbench.colorTheme" = "Dracula Theme"; + "github.copilot.nextEditSuggestions.enabled" = true; + }; + }; + }; + + # TODO: this is super ugly, make sure the JSON is formatted!! + home.file.${vscode-argv}.text = builtins.toJSON { + password-store = secret-service; + + disable-hardware-acceleration = false; + disable-color-correct-rendering = false; + enable-crash-reporter = false; + # crash-report-id = ...; + }; +} From ce3eb7a6d80546318e052b27c8cdb5890a25639c Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:47:58 +1000 Subject: [PATCH 050/143] vscode requires an OS keyring daemon --- homes/me/default.nix | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/homes/me/default.nix b/homes/me/default.nix index ac87870..d37a8e9 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -50,6 +50,12 @@ name = "Bibata-Modern-Ice"; size = 16; }; + + packages = with pkgs; [ + # for services.gnome-keyring + pkgs.gcr # provides org.gnome.keyring.SystemPrompter + seahorse # gui + ]; }; gtk = { @@ -144,8 +150,12 @@ }; }; - # enable OpenSSH private key agent - services.ssh-agent.enable = true; + services = { + # enable OpenSSH private key agent + ssh-agent.enable = true; + + gnome-keyring.enable = true; + }; # the ssh-agent won't set this for itself... systemd.user.sessionVariables.SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/ssh-agent"; # Nicely reload system units when changing configs From 63c1f112d4b27287be3af8088d83a1be9f699657 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:48:49 +1000 Subject: [PATCH 051/143] (temp) hide chameleonultra+flipperzero to improve build time --- hosts/myputer/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 244f5eb..72b1e7d 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -22,8 +22,8 @@ in { ../modules/steam.nix ../modules/obsidian.nix - ../modules/flipperzero.nix - ../modules/chameleonultragui.nix + #../modules/flipperzero.nix + #../modules/chameleonultragui.nix ]; nix.settings.experimental-features = [ From 1ee0ba1a4ca55b0c62ba12a1a586760a642a4025 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:50:00 +1000 Subject: [PATCH 052/143] fix vscode plugins not whitelisted --- hosts/myputer/default.nix | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 72b1e7d..df47254 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -39,15 +39,26 @@ in { # ]; nixpkgs.config.allowUnfreePredicate = let - whitelist = map lib.getName [ - pkgs.obsidian - pkgs.gitkraken - pkgs.steam - pkgs.steamcmd - pkgs.steam-unwrapped - pkgs.dwarf-fortress - pkgs.discord - ]; + whitelist = let + vscext = pkgs.vscode-extensions; + in + with pkgs; + map lib.getName [ + discord + steam + steamcmd + steam-unwrapped + dwarf-fortress + + obsidian + gitkraken + + vscode + vscext.ms-dotnettools.csharp + vscext.ms-dotnettools.csdevkit + vscext.github.copilot + vscext.github.copilot-chat + ]; in pkg: builtins.elem (lib.getName pkg) whitelist; From 892a1ae877b27b88aa0af16ff7c5f107d8d054a5 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:51:49 +1000 Subject: [PATCH 053/143] add MicroTik WinBox --- hosts/modules/apps/winbox.nix | 6 ++++++ hosts/myputer/default.nix | 14 +++++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 hosts/modules/apps/winbox.nix diff --git a/hosts/modules/apps/winbox.nix b/hosts/modules/apps/winbox.nix new file mode 100644 index 0000000..eaf8b7c --- /dev/null +++ b/hosts/modules/apps/winbox.nix @@ -0,0 +1,6 @@ +{...}: { + programs.winbox = { + enable = true; + openFirewall = false; # port: 5678 + }; +} diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index df47254..2ba674d 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -20,7 +20,9 @@ in { ../modules/wm/hyprland.nix ../modules/steam.nix + ../modules/obsidian.nix + ../modules/apps/winbox.nix #../modules/flipperzero.nix #../modules/chameleonultragui.nix @@ -50,6 +52,8 @@ in { steam-unwrapped dwarf-fortress + winbox + obsidian gitkraken @@ -118,7 +122,15 @@ in { hostName = "myputer"; networkmanager.enable = true; - firewall.enable = true; + firewall = { + enable = true; + allowedTCPPorts = [ + 22 # SSH + 80 # HTTP + 443 # HTTPS + 5678 # MikroTik WinBox + ]; + }; }; # ----- SERVICES ----- From fd48d6af9a3eaf7a12bb8560048161d849b4d2b0 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:52:08 +1000 Subject: [PATCH 054/143] add Mozilla Thunderbird --- homes/me/default.nix | 1 + homes/modules/apps/thunderbird.nix | 10 ++++++++++ 2 files changed, 11 insertions(+) create mode 100644 homes/modules/apps/thunderbird.nix diff --git a/homes/me/default.nix b/homes/me/default.nix index d37a8e9..227ae21 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -17,6 +17,7 @@ ../modules/btop.nix ../modules/term/foot.nix ../modules/firefox.nix + ../modules/apps/thunderbird.nix #../modules/wm/hypr/hypridle.nix ../modules/wm/hypr/hyprlock.nix diff --git a/homes/modules/apps/thunderbird.nix b/homes/modules/apps/thunderbird.nix new file mode 100644 index 0000000..dd4f861 --- /dev/null +++ b/homes/modules/apps/thunderbird.nix @@ -0,0 +1,10 @@ +{...}: { + programs.thunderbird = { + enable = true; + profiles = { + "me" = { + isDefault = true; + }; + }; + }; +} From 596fcd5389f45bbc79e13e7a78631cb9625d37e9 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:52:24 +1000 Subject: [PATCH 055/143] add Tor Browser --- homes/me/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/homes/me/default.nix b/homes/me/default.nix index 227ae21..f264790 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -56,6 +56,7 @@ # for services.gnome-keyring pkgs.gcr # provides org.gnome.keyring.SystemPrompter seahorse # gui + tor-browser ]; }; From 46ed0778136576b1dbb33e8d7fe9934b2214f3b3 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:52:46 +1000 Subject: [PATCH 056/143] open minecraft server port 25565 (myputer) --- hosts/myputer/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 2ba674d..17bdc86 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -129,6 +129,7 @@ in { 80 # HTTP 443 # HTTPS 5678 # MikroTik WinBox + 25565 # Minecraft LAN ]; }; }; From 17807752e57ef6f56d552e5cda553a8ca19daf87 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 11:53:42 +1000 Subject: [PATCH 057/143] packaging JetBrains Rider (UNSTABLE) --- hosts/modules/apps/rider.nix | 47 ++++++++++++++++++++++++++++++++++++ hosts/myputer/default.nix | 8 ++++++ 2 files changed, 55 insertions(+) create mode 100644 hosts/modules/apps/rider.nix diff --git a/hosts/modules/apps/rider.nix b/hosts/modules/apps/rider.nix new file mode 100644 index 0000000..cf54c66 --- /dev/null +++ b/hosts/modules/apps/rider.nix @@ -0,0 +1,47 @@ +{ + pkgs, + pkgs-unstable, + ... +}: { + nixpkgs.overlays = [ + (self: super: { + # rider-override = super.jetbrains.rider.overrideAttrs ( + # final: prev: { + # # XXX: DEBUG + # buildInputs = prev.buildInputs ++ [pkgs.icu]; + # } + # ); + + # rider-fhs = super.buildFHSEnv { + # name = "rider-fhs"; + + # targetPkgs = pkgs: + # with pkgs; [ + # jetbrains.rider + # icu + # ]; + + # runScript = ''${super.jetbrains.rider}/bin/rider''; + + # profile = '' + # export DOTNET_CLI_TELEMETRY_OPTOUT=1 + # ''; + # }; + }) + ]; + + environment.systemPackages = [ + # rider-fhs + # rider-override + + # Unsure latest "stable" version + # pkgs-unstable.jetbrains.rider + ]; + + programs.nix-ld = { + enable = true; + libraries = with pkgs; [ + icu + ]; + }; +} diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 17bdc86..753899f 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -22,6 +22,7 @@ in { ../modules/steam.nix ../modules/obsidian.nix + ../modules/apps/rider.nix ../modules/apps/winbox.nix #../modules/flipperzero.nix @@ -62,6 +63,12 @@ in { vscext.ms-dotnettools.csdevkit vscext.github.copilot vscext.github.copilot-chat + + # XXX: DEBUG + # rider-override + # XXX: DEBUG + + # jetbrains.rider ]; in pkg: builtins.elem (lib.getName pkg) whitelist; @@ -327,6 +334,7 @@ in { dotnetCorePackages.dotnet_9.sdk dotnetCorePackages.dotnet_9.aspnetcore dotnetCorePackages.dotnet_9.runtime + mono omnisharp-roslyn netcoredbg From 09db1c47e18c2c79ba5960c91249884b8b65a55e Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 17:22:27 +1000 Subject: [PATCH 058/143] progress flake inputs to latest --- flake.lock | 80 +++++++++++++++++++++++++++++------------------------- 1 file changed, 43 insertions(+), 37 deletions(-) diff --git a/flake.lock b/flake.lock index 4785725..14e353a 100644 --- a/flake.lock +++ b/flake.lock @@ -2,15 +2,15 @@ "nodes": { "ags": { "inputs": { - "nixpkgs": "nixpkgs", - "systems": "systems" + "astal": "astal", + "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1728326430, - "narHash": "sha256-tV1ABHuA1HItMdCTuNdA8fMB+qw7LpjvI945VwMSABI=", + "lastModified": 1761132437, + "narHash": "sha256-ODNtCB3BHSv0EEA6AT3YDCELPeFX1n8e9lU1yL+s+Hk=", "owner": "Aylur", "repo": "ags", - "rev": "60180a184cfb32b61a1d871c058b31a3b9b0743d", + "rev": "63df72508c7d334c8f9f65d2e80e9db02838378b", "type": "github" }, "original": { @@ -19,6 +19,27 @@ "type": "github" } }, + "astal": { + "inputs": { + "nixpkgs": [ + "ags", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1761075011, + "narHash": "sha256-gQFgsJz2RQUMFdaHrbqRPYackAZYF3chcsZp8rUctVU=", + "owner": "aylur", + "repo": "astal", + "rev": "c8df34d0e5fc4f3a36f72bae7dfc5ecf0000e1c8", + "type": "github" + }, + "original": { + "owner": "aylur", + "repo": "astal", + "type": "github" + } + }, "colmena": { "inputs": { "flake-compat": "flake-compat", @@ -78,11 +99,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1730004881, - "narHash": "sha256-8xVIqIW25o2uCL0fxAmP4Sj9sdebarQXmd1+64yMe8o=", + "lastModified": 1757136219, + "narHash": "sha256-tKU+vq34KHu/A2wD7WdgP5A4/RCmSD8hB0TyQAUlixA=", "owner": "vinceliuice", "repo": "grub2-themes", - "rev": "42c232dfb46bf93c17506cbc1a574e5e89b5e09f", + "rev": "80dd04ddf3ba7b284a7b1a5df2b1e95ee2aad606", "type": "github" }, "original": { @@ -114,15 +135,15 @@ }, "nixpkgs": { "locked": { - "lastModified": 1725634671, - "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=", - "owner": "NixOS", + "lastModified": 1760878510, + "narHash": "sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c", + "rev": "5e2a59a5b1a82f89f2c7e598302a9cacebb72a67", "type": "github" }, "original": { - "owner": "NixOS", + "owner": "nixos", "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" @@ -130,11 +151,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1753939845, - "narHash": "sha256-K2ViRJfdVGE8tpJejs8Qpvvejks1+A4GQej/lBk5y7I=", + "lastModified": 1761114652, + "narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "94def634a20494ee057c76998843c015909d6311", + "rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c", "type": "github" }, "original": { @@ -162,11 +183,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1730808093, - "narHash": "sha256-oOenwoxpzQsBNi7KltgnXqq6e0+CxlfNXKn3k27w6cQ=", + "lastModified": 1761269590, + "narHash": "sha256-yTr+PCi4wGbOEidrm8XyXBobLxLMqIBsbUyhwsN6wrc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c1a390f74b2c93f69a6805142f11a215a689cec1", + "rev": "d792a6e0cd4ba35c90ea787b717d72410f56dc40", "type": "github" }, "original": { @@ -178,11 +199,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1752620740, - "narHash": "sha256-f3pO+9lg66mV7IMmmIqG4PL3223TYMlnlw+pnpelbss=", + "lastModified": 1761016216, + "narHash": "sha256-G/iC4t/9j/52i/nm+0/4ybBmAF4hzR8CNHC75qEhjHo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "32a4e87942101f1c9f9865e04dc3ddb175f5f32e", + "rev": "481cf557888e05d3128a76f14c76397b7d7cc869", "type": "github" }, "original": { @@ -216,21 +237,6 @@ "repo": "nixpkgs", "type": "github" } - }, - "systems": { - "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", - "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default-linux", - "type": "github" - } } }, "root": "root", From 11b4c920fc22c6c8fc50c4fc45c2cee79592cb78 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 17:23:28 +1000 Subject: [PATCH 059/143] patch mbedtls_2 now labelled insecure occurred due to flake.lock progression --- hosts/modules/steam.nix | 33 +++++++++++++++++++++++++-------- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/hosts/modules/steam.nix b/hosts/modules/steam.nix index 5c72185..e554441 100644 --- a/hosts/modules/steam.nix +++ b/hosts/modules/steam.nix @@ -3,13 +3,25 @@ lib, ... }: { - nixpkgs.config.allowUnfreePredicate = pkg: - builtins.elem (lib.getName pkg) [ - "steam" - "steam-original" - "steam-unwrapped" - "steam-run" - ]; + # nixpkgs.config.allowUnfreePredicate = pkg: + # builtins.elem (lib.getName pkg) [ + # "steam" + # "steam-original" + # "steam-unwrapped" + # "steam-run" + # ]; + nixpkgs.overlays = [ + (self: super: { + lutris = super.lutris.overrideAttrs (final: prev: { + # WARNING: pkgs.mbedtls_2 is marked insecure! + # Replace pkgs.mbedtls_2 (v2.28.10) with pkgs.mbedtls (v3.6.4) + targetPkgs = pkgs: ( + (builtins.filter (p: p != pkgs.mbedtls_2) (prev.targetPkgs pkgs)) + ++ [pkgs.mbedtls] + ); + }); + }) + ]; programs = { steam = { @@ -33,7 +45,12 @@ mangohud protonup-qt - lutris + + # XXX: DEBUG: disable lutris + # XXX: NOTE: pkgs.lutris depends on pkgs.mbedtls_2 which is marked insecure! + # XXX: NOTE: Use the provided overlay to patch pkgs.mbedtls_2 -> pkgs.mbedtls + # lutris + bottles heroic ]; From 2fb9171d923761168d24776f855a6cb487bf6820 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 17:24:11 +1000 Subject: [PATCH 060/143] replace ags -> fuzzel ags usage changed after flake.lock progression --- config.temp/hyprland.conf | 5 +++-- homes/me/default.nix | 3 +++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/config.temp/hyprland.conf b/config.temp/hyprland.conf index 7243478..4876e8a 100755 --- a/config.temp/hyprland.conf +++ b/config.temp/hyprland.conf @@ -25,8 +25,9 @@ monitor=eDP-1, highres@highrr, auto, 1.0 # Set programs that you use $terminal = ghostty #rio $fileManager = thunar -#$menu = wofi --show drun -$menu = ags -t "applauncher" +# $menu = wofi --show drun +# $menu = ags -t "applauncher" +$menu = fuzzel $colorpicker = hyprpicker | head -c 7 | wl-copy ################# diff --git a/homes/me/default.nix b/homes/me/default.nix index f264790..6df442b 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -56,7 +56,10 @@ # for services.gnome-keyring pkgs.gcr # provides org.gnome.keyring.SystemPrompter seahorse # gui + tor-browser + + fuzzel ]; }; From ffb9b35d46342e71fba5150dd4da0004ba5859c0 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 17:24:58 +1000 Subject: [PATCH 061/143] clean rider install + progress to latest on pkgs-unstable --- hosts/modules/apps/rider.nix | 43 +++++++++++------------------------- hosts/myputer/default.nix | 8 ------- 2 files changed, 13 insertions(+), 38 deletions(-) diff --git a/hosts/modules/apps/rider.nix b/hosts/modules/apps/rider.nix index cf54c66..94ac874 100644 --- a/hosts/modules/apps/rider.nix +++ b/hosts/modules/apps/rider.nix @@ -3,39 +3,22 @@ pkgs-unstable, ... }: { - nixpkgs.overlays = [ - (self: super: { - # rider-override = super.jetbrains.rider.overrideAttrs ( - # final: prev: { - # # XXX: DEBUG - # buildInputs = prev.buildInputs ++ [pkgs.icu]; - # } - # ); + environment.systemPackages = with pkgs; [ + # Ensure latest stable Rider version (not necessarily stable on NixOS) + pkgs-unstable.jetbrains.rider - # rider-fhs = super.buildFHSEnv { - # name = "rider-fhs"; + # .NET + dotnetCorePackages.dotnet_9.sdk + dotnetCorePackages.dotnet_9.aspnetcore + dotnetCorePackages.dotnet_9.runtime - # targetPkgs = pkgs: - # with pkgs; [ - # jetbrains.rider - # icu - # ]; + # Mono + mono + msbuild - # runScript = ''${super.jetbrains.rider}/bin/rider''; - - # profile = '' - # export DOTNET_CLI_TELEMETRY_OPTOUT=1 - # ''; - # }; - }) - ]; - - environment.systemPackages = [ - # rider-fhs - # rider-override - - # Unsure latest "stable" version - # pkgs-unstable.jetbrains.rider + # .NET Framework Tools/Services + omnisharp-roslyn + netcoredbg ]; programs.nix-ld = { diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 753899f..7121aeb 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -330,14 +330,6 @@ in { # Sage sageWithDoc # SageMath + HTML Documentation - # .NET - dotnetCorePackages.dotnet_9.sdk - dotnetCorePackages.dotnet_9.aspnetcore - dotnetCorePackages.dotnet_9.runtime - mono - omnisharp-roslyn - netcoredbg - openvpn inetutils From 728f933f394bfe32f1ebcbc72e4ad114e698dcbd Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 17:25:15 +1000 Subject: [PATCH 062/143] increase nix.settings.download-buffer-size --- hosts/myputer/default.nix | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 7121aeb..0ffa5d5 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -29,10 +29,13 @@ in { #../modules/chameleonultragui.nix ]; - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; + nix.settings = { + experimental-features = [ + "nix-command" + "flakes" + ]; + download-buffer-size = 524288000; # 500 MiB + }; # nixpkgs.overlays = [ # (self: super: { # jdk17 = super.jdk17.override (prev: { From e2f641e5535342db34fefb07bb261a32f626c1a5 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 17:31:23 +1000 Subject: [PATCH 063/143] use pkgs-unstable.msbuild pkgs.msbuild use .NET6 (marked insecure), pkgs-unstable.msbuild uses .NET8 --- hosts/modules/apps/rider.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hosts/modules/apps/rider.nix b/hosts/modules/apps/rider.nix index 94ac874..d7b3a1c 100644 --- a/hosts/modules/apps/rider.nix +++ b/hosts/modules/apps/rider.nix @@ -14,7 +14,9 @@ # Mono mono - msbuild + # NOTE: nixpkgs-unstable uses .NET8 SDK + # WARNING: nixpkgs-25.05 uses .NET6 SDK (now marked insecure) + pkgs-unstable.msbuild # .NET Framework Tools/Services omnisharp-roslyn From c8d3fe1e6b552a697ff2de3f198c9d1057227b97 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 23:39:00 +1000 Subject: [PATCH 064/143] add tmux --- homes/me/default.nix | 8 +++++--- homes/modules/tmux.nix | 5 +++++ 2 files changed, 10 insertions(+), 3 deletions(-) create mode 100644 homes/modules/tmux.nix diff --git a/homes/me/default.nix b/homes/me/default.nix index 6df442b..5f4c039 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -8,14 +8,16 @@ ... } @ args: { imports = [ + ../modules/fish.nix + ../modules/btop.nix + ../modules/tmux.nix + ../modules/term/foot.nix ../modules/git.nix ../modules/bat.nix - ../modules/fish.nix + ../modules/editor/helix.nix (import ../modules/editor/vscode.nix args) - ../modules/btop.nix - ../modules/term/foot.nix ../modules/firefox.nix ../modules/apps/thunderbird.nix diff --git a/homes/modules/tmux.nix b/homes/modules/tmux.nix new file mode 100644 index 0000000..e5946c0 --- /dev/null +++ b/homes/modules/tmux.nix @@ -0,0 +1,5 @@ +{...}: { + programs.tmux = { + enable = true; + }; +} From ca3fd4093f9d25d6966bdc98f5bcbaa6dc60e696 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 23:44:56 +1000 Subject: [PATCH 065/143] fix ugly nixpkgs.config.allowUnfreePredicate --- hosts/myputer/default.nix | 44 +++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 23 deletions(-) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 0ffa5d5..8b5079b 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -45,34 +45,32 @@ in { # ]; nixpkgs.config.allowUnfreePredicate = let - whitelist = let - vscext = pkgs.vscode-extensions; - in - with pkgs; - map lib.getName [ - discord - steam - steamcmd - steam-unwrapped - dwarf-fortress + vscext = pkgs.vscode-extensions; + whitelist = with pkgs; + map lib.getName [ + discord + steam + steamcmd + steam-unwrapped + dwarf-fortress - winbox + winbox - obsidian - gitkraken + obsidian + gitkraken - vscode - vscext.ms-dotnettools.csharp - vscext.ms-dotnettools.csdevkit - vscext.github.copilot - vscext.github.copilot-chat + vscode + vscext.ms-dotnettools.csharp + vscext.ms-dotnettools.csdevkit + vscext.github.copilot + vscext.github.copilot-chat - # XXX: DEBUG - # rider-override - # XXX: DEBUG + # XXX: DEBUG + # rider-override + # XXX: DEBUG - # jetbrains.rider - ]; + # jetbrains.rider + ]; in pkg: builtins.elem (lib.getName pkg) whitelist; From 8f222f454ad6c49ca2b67e6de33ae63471b13e66 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 23:45:29 +1000 Subject: [PATCH 066/143] add vscode + extensions to lolcathost nixpkgs allowed unfree --- hosts/lolcathost/default.nix | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 9075286..b09a29c 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -35,14 +35,32 @@ in { ]; nixpkgs.config.allowUnfreePredicate = let - whitelist = map lib.getName [ - pkgs.obsidian - pkgs.gitkraken - pkgs.steam - pkgs.steamcmd - pkgs.steam-unwrapped - pkgs.dwarf-fortress - ]; + vscext = pkgs.vscode-extensions; + whitelist = with pkgs; + map lib.getName [ + discord + steam + steamcmd + steam-unwrapped + dwarf-fortress + + winbox + + obsidian + gitkraken + + vscode + vscext.ms-dotnettools.csharp + vscext.ms-dotnettools.csdevkit + vscext.github.copilot + vscext.github.copilot-chat + + # XXX: DEBUG + # rider-override + # XXX: DEBUG + + # jetbrains.rider + ]; in pkg: builtins.elem (lib.getName pkg) whitelist; From 8a14f7e2fc78d40dddb499a79d088f2b8896b3b9 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 24 Oct 2025 23:46:17 +1000 Subject: [PATCH 067/143] remove dwarf-fortress & mindustry --- hosts/lolcathost/default.nix | 3 --- hosts/myputer/default.nix | 1 - 2 files changed, 4 deletions(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index b09a29c..dbf965d 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -42,7 +42,6 @@ in { steam steamcmd steam-unwrapped - dwarf-fortress winbox @@ -382,8 +381,6 @@ in { libargon2 # Games - mindustry - dwarf-fortress prismlauncher # minecraft ]; diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 8b5079b..6986a31 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -52,7 +52,6 @@ in { steam steamcmd steam-unwrapped - dwarf-fortress winbox From 8f7a725fd591ac63a5dec2f27826e88f5136a5da Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 1 Nov 2025 12:08:58 +1000 Subject: [PATCH 068/143] JetBrains Rider requires Chromium browser --- hosts/modules/apps/rider.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hosts/modules/apps/rider.nix b/hosts/modules/apps/rider.nix index d7b3a1c..adf8885 100644 --- a/hosts/modules/apps/rider.nix +++ b/hosts/modules/apps/rider.nix @@ -7,6 +7,10 @@ # Ensure latest stable Rider version (not necessarily stable on NixOS) pkgs-unstable.jetbrains.rider + # NOTE: Blazor requires a Chromium-based browser + chromium + # arc-browser + # .NET dotnetCorePackages.dotnet_9.sdk dotnetCorePackages.dotnet_9.aspnetcore From 91afb320497611681ed4fffa5d33b0008f8f867c Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 1 Nov 2025 12:09:28 +1000 Subject: [PATCH 069/143] add speedtest-cli --- homes/me/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/homes/me/default.nix b/homes/me/default.nix index 5f4c039..6998e63 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -62,6 +62,8 @@ tor-browser fuzzel + + speedtest-cli ]; }; From a03ea35af7cf5a8c50deec0bacf4b091f897ebc2 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 1 Nov 2025 12:27:00 +1000 Subject: [PATCH 070/143] begin working on my nib library <3 --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 31f728a..81b47aa 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ ISSUES/ secrets/ +nib/ result rebuild*.log From 540fd9c2a99e1317375a0849b4de670d76c086bf Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 1 Nov 2025 13:21:32 +1000 Subject: [PATCH 071/143] begin migrating hyprland config to home-manager --- homes/modules/wm/hypr/hyprland.nix | 41 ++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/homes/modules/wm/hypr/hyprland.nix b/homes/modules/wm/hypr/hyprland.nix index 40a1d99..b9ca1f7 100755 --- a/homes/modules/wm/hypr/hyprland.nix +++ b/homes/modules/wm/hypr/hyprland.nix @@ -1,2 +1,43 @@ # NOTE: hyprland must be enabled in BOTH your host config (for running hyprland) # and your home-manager config (for managing hyprland's config files) +{ + pkgs, + pkgs-unstable, + inputs, + config, + lib, + ... +}: { + options.hyprland = { + enable = lib.mkEnableOption "Hyprland"; + }; + + config = lib.mkIf config.hyprland.enable { + wayland.windowManager.hyprland = { + enable = true; + package = pkgs.hyprland; # pkgs-unstable.hyprland; + + xwayland.enable = true; + + systemd = { + enable = true; + # enable autostart of applications + # REF: `man 8 systemd-xdg-autostart-generator` + enableXdgAutostart = true; + }; + + plugins = with inputs; [ + split-monitor-workspaces.packages.${pkgs.system}.split + ]; + }; + + xdg.portal = { + enable = true; + extraPortals = with pkgs; [ + xdg-desktop-portal-gtk + ]; + }; + + # TODO: finish this + }; +} From f0c7f565c3435cedd17859dfce0acdb1d7da0f03 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 1 Nov 2025 13:21:55 +1000 Subject: [PATCH 072/143] remove flake.nix:inputs.ags --- flake.lock | 75 +++++++----------------------------------------------- flake.nix | 6 ++--- 2 files changed, 11 insertions(+), 70 deletions(-) diff --git a/flake.lock b/flake.lock index 14e353a..e1ab303 100644 --- a/flake.lock +++ b/flake.lock @@ -1,51 +1,11 @@ { "nodes": { - "ags": { - "inputs": { - "astal": "astal", - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1761132437, - "narHash": "sha256-ODNtCB3BHSv0EEA6AT3YDCELPeFX1n8e9lU1yL+s+Hk=", - "owner": "Aylur", - "repo": "ags", - "rev": "63df72508c7d334c8f9f65d2e80e9db02838378b", - "type": "github" - }, - "original": { - "owner": "Aylur", - "repo": "ags", - "type": "github" - } - }, - "astal": { - "inputs": { - "nixpkgs": [ - "ags", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1761075011, - "narHash": "sha256-gQFgsJz2RQUMFdaHrbqRPYackAZYF3chcsZp8rUctVU=", - "owner": "aylur", - "repo": "astal", - "rev": "c8df34d0e5fc4f3a36f72bae7dfc5ecf0000e1c8", - "type": "github" - }, - "original": { - "owner": "aylur", - "repo": "astal", - "type": "github" - } - }, "colmena": { "inputs": { "flake-compat": "flake-compat", "flake-utils": "flake-utils", "nix-github-actions": "nix-github-actions", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs", "stable": "stable" }, "locked": { @@ -96,7 +56,7 @@ }, "grub2-themes": { "inputs": { - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1757136219, @@ -135,15 +95,15 @@ }, "nixpkgs": { "locked": { - "lastModified": 1760878510, - "narHash": "sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs=", - "owner": "nixos", + "lastModified": 1734119587, + "narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "5e2a59a5b1a82f89f2c7e598302a9cacebb72a67", + "rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5", "type": "github" }, "original": { - "owner": "nixos", + "owner": "NixOS", "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" @@ -166,22 +126,6 @@ } }, "nixpkgs_2": { - "locked": { - "lastModified": 1734119587, - "narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1761269590, "narHash": "sha256-yTr+PCi4wGbOEidrm8XyXBobLxLMqIBsbUyhwsN6wrc=", @@ -197,7 +141,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_3": { "locked": { "lastModified": 1761016216, "narHash": "sha256-G/iC4t/9j/52i/nm+0/4ybBmAF4hzR8CNHC75qEhjHo=", @@ -215,10 +159,9 @@ }, "root": { "inputs": { - "ags": "ags", "colmena": "colmena", "grub2-themes": "grub2-themes", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "nixpkgs-unstable": "nixpkgs-unstable" } }, diff --git a/flake.nix b/flake.nix index 3d40a53..e339ce6 100644 --- a/flake.nix +++ b/flake.nix @@ -5,11 +5,9 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; - grub2-themes.url = "github:vinceliuice/grub2-themes"; - - ags.url = "github:Aylur/ags"; - colmena.url = "github:zhaofengli/colmena/?rev=47b6414d800c8471e98ca072bc0835345741a56a"; + + grub2-themes.url = "github:vinceliuice/grub2-themes"; }; outputs = { From 6439764717b43ef6bf1a81792483c0bf8c32742b Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 7 Jan 2026 10:22:47 +1000 Subject: [PATCH 073/143] (temp) remove ChameleonUltraGUI+FlipperZero --- hosts/lolcathost/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index dbf965d..72e307a 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -25,8 +25,8 @@ in { ../modules/obsidian.nix ../modules/angryoxide.nix - ../modules/flipperzero.nix - ../modules/chameleonultragui.nix + # ../modules/flipperzero.nix + # ../modules/chameleonultragui.nix ]; nix.settings.experimental-features = [ From 4bc40a1d37b26c074bafe17aed3ee568e5023e63 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 7 Jan 2026 10:23:04 +1000 Subject: [PATCH 074/143] i be gaming frfr --- hosts/lolcathost/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 72e307a..32e9b2f 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -382,6 +382,8 @@ in { # Games prismlauncher # minecraft + pkgs-unstable.olympus # celeste + discord ]; programs = { From 86bdcf2d397ca71c1c8562074c95ec4fd3693147 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 7 Jan 2026 10:23:14 +1000 Subject: [PATCH 075/143] is this necessary? --- hosts/lolcathost/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 32e9b2f..b0f5fe6 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -170,6 +170,7 @@ in { # With backwards compatability for alsa/pulseaudio/jack pipewire = { enable = true; + audio.enable = true; wireplumber.enable = true; alsa.enable = true; From 0c15fb78440b1472f44f619e945375f40a623618 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 7 Jan 2026 10:23:30 +1000 Subject: [PATCH 076/143] add hyprpicker + hyprshot to laptop --- hosts/lolcathost/default.nix | 2 ++ hosts/myputer/default.nix | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index b0f5fe6..93bce3b 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -262,6 +262,8 @@ in { ani-cli bluetui wl-clipboard # clipboard for wayland + hyprpicker # color picker + hyprshot # screenshot utility qbittorrent # torrenting signal-desktop diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 6986a31..d1999b2 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -255,7 +255,7 @@ in { ani-cli bluetui wl-clipboard # clipboard for wayland - hyprpicker + hyprpicker # color picker hyprshot # screenshot utility qbittorrent signal-desktop From 9c5af6a83d28f617ff2bd4e78d7ea362a815fa62 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Wed, 7 Jan 2026 10:24:49 +1000 Subject: [PATCH 077/143] add more url.insteadOf identifiers for git --- homes/modules/git.nix | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/homes/modules/git.nix b/homes/modules/git.nix index fdf6afb..6751849 100755 --- a/homes/modules/git.nix +++ b/homes/modules/git.nix @@ -27,7 +27,7 @@ defaultBranch = "main"; }; url = { - "https://github.com/" = { + "git@github.com:" = { insteadOf = [ "gh:" "github:" @@ -39,6 +39,24 @@ "gitlab:" ]; }; + "git@github.com:/Agribit/" = { + insteadOf = [ + "agri:" + "Agri:" + "agribit:" + "Agribit:" + ]; + }; + "ssh://forgejo@forge.imbored.dev:2222/" = { + insteadOf = [ + "forge" + ]; + }; + "ssh://forgejo@forge.imbored.dev:2222/emileclarkb/" = { + insteadOf = [ + "cry" + ]; + }; }; }; From fecb0c441f91bc27f6747df5bffc615601ddc60d Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:17:55 +1000 Subject: [PATCH 078/143] progress home-manager --- hosts/lolcathost/default.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 93bce3b..846d34a 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -8,7 +8,7 @@ }: let home-manager = builtins.fetchTarball { url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; - sha256 = "1y919cqrlmq0k44rgnacaq4zq37jj4rdh6f2swp6y2jiz28xb0iq"; + sha256 = "07pk5m6mxi666dclaxdwf7xrinifv01vvgxn49bjr8rsbh31syaq"; }; in { imports = [ @@ -232,9 +232,7 @@ in { home-manager = { users.me = import ../../homes/me; extraSpecialArgs = {inherit inputs pkgs pkgs-unstable;}; - sharedModules = [ - inputs.ags.homeManagerModules.default - ]; + # sharedModules = [ ]; }; # ---- ENVIRONMENT VARIABLES ---- @@ -274,6 +272,7 @@ in { # Shell bash fish + elvish # reference for crysh development shellcheck grc # colorise command outputs moreutils @@ -301,6 +300,8 @@ in { # Rust cargo rustc + rustfmt + rust-analyzer # Go go # Nim @@ -319,6 +320,7 @@ in { nixd # lsp for nix nix-prefetch-git nix-index + deploy-rs # Python python312 # I use 3.12 since it's in a pretty stable state now From 1971078bf836cf32b3b2c0f472a1839af9f928e5 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:18:03 +1000 Subject: [PATCH 079/143] support pipe-operators on lolcathost --- hosts/lolcathost/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 846d34a..3c88d97 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -32,6 +32,7 @@ in { nix.settings.experimental-features = [ "nix-command" "flakes" + "pipe-operators" ]; nixpkgs.config.allowUnfreePredicate = let From 51557ebd652bcdb38517e7ae9d92277b3a5bcf0e Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:18:19 +1000 Subject: [PATCH 080/143] remove ags --- homes/me/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/homes/me/default.nix b/homes/me/default.nix index 6998e63..9e436a3 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -24,7 +24,7 @@ #../modules/wm/hypr/hypridle.nix ../modules/wm/hypr/hyprlock.nix ../modules/kanshi.nix - ../modules/ags + # ../modules/ags ../modules/mako.nix ]; From bde48193073a8023ccc212b3c86d95c85862a605 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:18:27 +1000 Subject: [PATCH 081/143] helix support rust --- homes/modules/editor/helix.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index 8d6e22c..30dad17 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -142,6 +142,16 @@ formatter.command = "${pkgs.ormolu}/bin/ormolu"; language-servers = ["haskell-language-server"]; } + { + name = "rust"; + indent = { + tab-width = 2; + unit = " "; + }; + auto-format = true; + formatter.command = "${pkgs.rustfmt}/bin/rustfmt"; + language-servers = ["rust-analyzer"]; + } # { # name = "c-sharp"; # source = "source.cs"; @@ -176,6 +186,10 @@ command = "${pkgs.haskell-language-server}/bin/haskell-language-server-wrapper"; }; + rust-analyzer = { + command = "${pkgs.rust-analyzer}/bin/rust-analyzer"; + }; + # C# language services OmniSharp = { command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp"; From 5153b1d54b97c5bf2d951908f4fb344f61828a7e Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:20:25 +1000 Subject: [PATCH 082/143] ignore nib --- .gitignore | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitignore b/.gitignore index 81b47aa..31f728a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,5 @@ ISSUES/ secrets/ -nib/ result rebuild*.log From c4464eeba2b3b2b75767917eeaf602dc2ce5e8c4 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:20:55 +1000 Subject: [PATCH 083/143] remove ags --- homes/me/default.nix | 1 - hosts/lolcathost/default.nix | 4 +--- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/homes/me/default.nix b/homes/me/default.nix index 6998e63..a6e5745 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -24,7 +24,6 @@ #../modules/wm/hypr/hypridle.nix ../modules/wm/hypr/hyprlock.nix ../modules/kanshi.nix - ../modules/ags ../modules/mako.nix ]; diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index dbf965d..be32da0 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -231,9 +231,7 @@ in { home-manager = { users.me = import ../../homes/me; extraSpecialArgs = {inherit inputs pkgs pkgs-unstable;}; - sharedModules = [ - inputs.ags.homeManagerModules.default - ]; + sharedModules = []; }; # ---- ENVIRONMENT VARIABLES ---- From 5bae1d546a25d42f92d3fc23fac163c7ab8f8b3d Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:23:02 +1000 Subject: [PATCH 084/143] progress home-manager (hyrule) --- hosts/hyrule/default.nix | 53 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 52 insertions(+), 1 deletion(-) diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 325e467..72cf59f 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -7,7 +7,7 @@ }: let home-manager = builtins.fetchTarball { url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; - sha256 = "0d41gr0c89a4y4lllzdgmbm54h9kn9fjnmavwpgw0w9xwqwnzpax"; + sha256 = "07pk5m6mxi666dclaxdwf7xrinifv01vvgxn49bjr8rsbh31syaq"; }; in { imports = [ @@ -87,6 +87,56 @@ in { # 8222 (INTERNAL) vaultwarden 45000 # minecaft server ]; + allowedUDPPorts = [ + 54231 # Wireguard + ]; + }; + + # wireguard.interfaces = { + # wg0 = { + # ips = ["10.10.10.4/24"]; # my IP and the subnet (keyword: "AND") + # listenPort = 54231; + # + # privateKeyFile = "/root/wg_agrivpn_hyrule"; + # + # peers = [ + # { + # # peer's public key + # publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY="; + # + # # choose which traffic to forward + # allowedIPs = ["10.0.51.0/24" "10.10.10.0/24"]; + # + # # TODO: route to endpoint not automatically configured https://wiki.archlinux.org/index.php/WireGuard#Loop_routing https://discourse.nixos.org/t/solved-minimal-firewall-setup-for-wireguard-client/7577 + # endpoint = "150.242.34.33:54231"; + # + # # send keepalives every 25 seconds. Important to keep NAT tables alive. + # persistentKeepalive = 25; + # } + # ]; + # }; + # }; + wg-quick.interfaces = { + wg0 = { + address = [ + "10.10.10.4/24" + ]; + dns = ["10.10.10.1"]; + privateKeyFile = "/root/wg_agrivpn_hyrule"; + peers = [ + { + # peer's public key + publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY="; + + # choose which traffic to forward + allowedIPs = [ + "10.0.51.0/24" + "10.10.10.0/24" + ]; + endpoint = "150.242.34.33:54231"; + } + ]; + }; }; }; @@ -451,6 +501,7 @@ in { }; environment.systemPackages = with pkgs; [ + eza git vim helix From 9bbb8fa58534c62a94c092b7c702067d1bb021ec Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:23:16 +1000 Subject: [PATCH 085/143] add dotnet module --- hosts/modules/langs/dotnet.nix | 61 ++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 hosts/modules/langs/dotnet.nix diff --git a/hosts/modules/langs/dotnet.nix b/hosts/modules/langs/dotnet.nix new file mode 100644 index 0000000..d9c3177 --- /dev/null +++ b/hosts/modules/langs/dotnet.nix @@ -0,0 +1,61 @@ +{ + lib, + pkgs, + pkgs-unstable, + ... +}: let + dotnetVersions = [8 9 10]; + + dotnetCombined = + pkgs.dotnetCorePackages.combinePackages + (builtins.concatMap + (v: let + # dotnet = pkgs.dotnetCorePackages."dotnet_${builtins.toString x}"; + in [ + # dotnet.sdk + + # the runtime+aspnetcore packaged with the sdk + pkgs.dotnetCorePackages."sdk_${builtins.toString v}_0" + ]) + dotnetVersions); + + # Custom packaged tools + dotnetTools = with lib; { + uno-check = with pkgs.dotnetCorePackages; + buildDotnetGlobalTool { + pname = "Uno.Check"; + version = "1.32.17"; + + nugetHash = "sha256-BfTVF5uHu9/nyLXqdDEOHCxq6BVQWhsnDBbARzdLDAE="; + + executables = "uno-check"; + + dotnet-sdk = dotnet_9.sdk; + dotnet-runtime = dotnet_9.runtime; + + meta = { + homepage = "https://github.com/unoplatform/uno.check"; + license = licenses.mit; + maintainers = [maintainers.emileclarkb]; + }; + }; + }; +in { + environment.systemPackages = with pkgs; [ + # .NET + dotnetCombined + + # .NET Tools + dotnetTools.uno-check + + # Mono + mono + # NOTE: nixpkgs-unstable uses .NET8 SDK + # WARNING: nixpkgs-25.05 uses .NET6 SDK (now marked insecure) + pkgs-unstable.msbuild + + # .NET Framework Tools/Services + omnisharp-roslyn + netcoredbg + ]; +} From aa17215adf210eae4e83ceb58d88f51d42543d45 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:23:50 +1000 Subject: [PATCH 086/143] prefer final: prev: convention crywl module --- hosts/modules/wm/crywl.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/hosts/modules/wm/crywl.nix b/hosts/modules/wm/crywl.nix index 1454af2..ed719a6 100644 --- a/hosts/modules/wm/crywl.nix +++ b/hosts/modules/wm/crywl.nix @@ -37,8 +37,8 @@ in { ]; nixpkgs.overlays = [ - (self: super: { - crywl = super.dwl.overrideAttrs (oldAttrs: rec { + (final: prev: { + crywl = prev.dwl.overrideAttrs (oldAttrs: rec { pname = "crywl"; version = "0.1-unstable"; @@ -101,6 +101,7 @@ in { command = "crywl -v 2>&1; return 0"; }; }; + meta = { homepage = "https://forge.imbored.dev/emileclarkb/crywl"; description = "Personal fork of DWL"; From 2ef679f30f7a755b6ce23957e1e95d7d758fbff8 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:24:12 +1000 Subject: [PATCH 087/143] use dotnet module in rider module --- hosts/modules/apps/rider.nix | 21 +++++---------------- 1 file changed, 5 insertions(+), 16 deletions(-) diff --git a/hosts/modules/apps/rider.nix b/hosts/modules/apps/rider.nix index adf8885..5a4edce 100644 --- a/hosts/modules/apps/rider.nix +++ b/hosts/modules/apps/rider.nix @@ -1,30 +1,19 @@ { pkgs, pkgs-unstable, + dotnetVersions ? [8 9 10], ... }: { + imports = [ + ../langs/dotnet.nix + ]; + environment.systemPackages = with pkgs; [ # Ensure latest stable Rider version (not necessarily stable on NixOS) pkgs-unstable.jetbrains.rider # NOTE: Blazor requires a Chromium-based browser chromium - # arc-browser - - # .NET - dotnetCorePackages.dotnet_9.sdk - dotnetCorePackages.dotnet_9.aspnetcore - dotnetCorePackages.dotnet_9.runtime - - # Mono - mono - # NOTE: nixpkgs-unstable uses .NET8 SDK - # WARNING: nixpkgs-25.05 uses .NET6 SDK (now marked insecure) - pkgs-unstable.msbuild - - # .NET Framework Tools/Services - omnisharp-roslyn - netcoredbg ]; programs.nix-ld = { From 676b3d367cae54b22316817978d160197cd04cb0 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 20 Jan 2026 09:24:19 +1000 Subject: [PATCH 088/143] support pipe-operators --- hosts/myputer/default.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 6986a31..47e8169 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -31,8 +31,9 @@ in { nix.settings = { experimental-features = [ - "nix-command" "flakes" + "nix-command" + "pipe-operators" ]; download-buffer-size = 524288000; # 500 MiB }; @@ -226,9 +227,7 @@ in { home-manager = { users.me = import ../../homes/me; extraSpecialArgs = {inherit inputs pkgs pkgs-unstable;}; - sharedModules = [ - inputs.ags.homeManagerModules.default - ]; + sharedModules = []; }; # ---- ENVIRONMENT VARIABLES ---- @@ -354,6 +353,8 @@ in { viddy # modern `watch` command thefuck + deploy-rs + tesseract # for my work with Agribit # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) @@ -389,6 +390,7 @@ in { # Games prismlauncher # minecraft + pkgs-unstable.olympus ]; # DEBUG: configuring xdg portal here instead? From 51a67d039fefdf08f9fc45b84e842783cff918b4 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 29 Jan 2026 14:39:15 +1000 Subject: [PATCH 089/143] add nix-unit --- hosts/lolcathost/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 1c9c270..f3c5943 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -321,6 +321,7 @@ in { nixd # lsp for nix nix-prefetch-git nix-index + nix-unit deploy-rs # Python From ba1a3fe07e3af0c56527b1f8123371e2cd4519d3 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 29 Jan 2026 14:39:59 +1000 Subject: [PATCH 090/143] helix module remove redudancy --- homes/modules/editor/helix.nix | 117 ++++++++++++++++++++------------- hosts/lolcathost/default.nix | 8 +-- hosts/myputer/default.nix | 15 ----- 3 files changed, 74 insertions(+), 66 deletions(-) diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index 30dad17..81f7959 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -1,5 +1,55 @@ -{pkgs, ...}: { - # read https://docs.helix-editor.com/editor.html +{ + pkgs, + pkgs-unstable, + ... +}: let + lsps = let + mkLsp = pkg: path: {inherit pkg path;}; + in { + bash-language-server = + mkLsp + pkgs.bash-language-server + "/bin/bash-language-server"; + + clangd = + mkLsp + pkgs.clang-tools + "/bin/clangd"; + + haskell-language-server = + mkLsp + pkgs.haskell-language-server + "/bin/haskell-language-server-wrapper"; + + # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) + # helix will support nixd by default + # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix + nixd = + mkLsp + pkgs.nixd + "/bin/nixd"; + + OmniSharp = + mkLsp + pkgs.omnisharp-roslyn + "/bin/OmniSharp"; + + rust-analyzer = + mkLsp + pkgs.rust-analyzer + "/bin/rust-analyzer"; + + ty = + mkLsp + pkgs.ty + "/bin/ty"; + }; +in { + environment.systemPackages = + lsps + |> map (lsp: lsp.pkg); + + # REF: https://docs.helix-editor.com/editor.html programs.helix = { enable = true; settings = { @@ -128,11 +178,12 @@ }; auto-format = false; # my python is beautiful ^_^ rulers = [80]; + language-servers = ["ty"]; } { name = "c"; file-types = ["c" "h"]; # use .hpp for C++ - auto-format = false; + auto-format = true; formatter.command = "${pkgs.clang-tools}/bin/clang-format"; language-servers = ["clangd"]; } @@ -152,49 +203,27 @@ formatter.command = "${pkgs.rustfmt}/bin/rustfmt"; language-servers = ["rust-analyzer"]; } - # { - # name = "c-sharp"; - # source = "source.cs"; - # file-types = ["cs"]; - # indent = { - # tab-width = 4; - # unit = " "; - # }; - # block-comment-tokens = { - # start = "/*"; - # end = "*/"; - # }; - # # auto-format = false; - # # formatter.command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp"; - # # language-servers = ["OmniSharp"]; - # } + { + name = "c-sharp"; + source = "source.cs"; + file-types = ["cs"]; + indent = { + tab-width = 4; + unit = " "; + }; + block-comment-tokens = { + start = "/*"; + end = "*/"; + }; + # auto-format = false; + # formatter.command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp"; + # language-servers = ["OmniSharp"]; + } ]; - language-server = { - # use nixd as default nix lsp (I haven't tried nil yet) - # NOTE: nixd will be supported by default after nix 24.07 - # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix - nixd = { - command = "${pkgs.nixd}/bin/nixd"; - }; - # clangd for C - clangd = { - command = "${pkgs.clang-tools}/bin/clangd"; - }; - - haskell-language-server = { - command = "${pkgs.haskell-language-server}/bin/haskell-language-server-wrapper"; - }; - - rust-analyzer = { - command = "${pkgs.rust-analyzer}/bin/rust-analyzer"; - }; - - # C# language services - OmniSharp = { - command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp"; - }; - }; + language-server = + lsps + |> builtins.mapAttrs (_: lsp: "${lsp.pkg}${lsp.path}"); }; }; } diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index f3c5943..4119d78 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -296,13 +296,12 @@ in { # C Family gcc clang - clang-tools + # Rust cargo rustc rustfmt - rust-analyzer # Go go # Nim @@ -311,14 +310,9 @@ in { # Haskell ghc ghcid - haskell-language-server ormolu # Nix - # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) - # helix will support nixd by default - # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix - nixd # lsp for nix nix-prefetch-git nix-index nix-unit diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index aecd7ce..60098b1 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -307,19 +307,9 @@ in { # Haskell ghc ghcid - haskell-language-server ormolu # Java - # jdk17 - # (jre8.overrideAttrs - # (oldAttrs: { - # enableJavaFX = true; - # })) - # (jdk8.overrideAttrs - # (oldAttrs: { - # enableJavaFX = true; - # })) visualvm # Python @@ -357,11 +347,6 @@ in { tesseract # for my work with Agribit - # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) - # helix will support nixd by default - # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix - # nixd # lsp for nix # DEBUG - # Pretty necessary git git-filter-repo From 3a5e6dcbed3d815992af5b9621b73ef85d2024e2 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 29 Jan 2026 14:40:18 +1000 Subject: [PATCH 091/143] ./deploy use --intend-to-add on call to `git add` --- deploy | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deploy b/deploy index 911d054..08b95d0 100755 --- a/deploy +++ b/deploy @@ -19,7 +19,8 @@ collect_garbage () { rebuild_flake () { # make sure all changes are visible to nixos - git add . --verbose + # (--intent-to-add tracks files but DOES NOT stage them) + git add . --intent-to-add --verbose local FLAGS= if [ "$1" = "reinstall-bootloader" ]; then FLAGS="--install-bootloader" From 7d4353bffeb5740f4b76aef1b1222d6a8bcc84d1 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 08:36:10 +1000 Subject: [PATCH 092/143] major buff to the helix module --- homes/modules/editor/helix.nix | 59 ++++++++++++++++++---------------- 1 file changed, 32 insertions(+), 27 deletions(-) diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index 81f7959..3d831c1 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -3,50 +3,56 @@ pkgs-unstable, ... }: let - lsps = let - mkLsp = pkg: path: {inherit pkg path;}; - in { + lsps = { bash-language-server = - mkLsp - pkgs.bash-language-server - "/bin/bash-language-server"; + { + pkg = pkgs.bash-language-server; + cmd = "bash-language-server"; + }; clangd = - mkLsp - pkgs.clang-tools - "/bin/clangd"; + { + pkg = pkgs.clang-tools; + cmd = "clangd"; + }; haskell-language-server = - mkLsp - pkgs.haskell-language-server - "/bin/haskell-language-server-wrapper"; + { + pkg = pkgs.haskell-language-server; + cmd = "haskell-language-server-wrapper"; + }; # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) # helix will support nixd by default # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix nixd = - mkLsp - pkgs.nixd - "/bin/nixd"; + { + pkg = pkgs.nixd; + cmd = "nixd"; + }; OmniSharp = - mkLsp - pkgs.omnisharp-roslyn - "/bin/OmniSharp"; + { + pkg = pkgs.omnisharp-roslyn; + cmd = "OmniSharp"; + }; rust-analyzer = - mkLsp - pkgs.rust-analyzer - "/bin/rust-analyzer"; + { + pkg = pkgs.rust-analyzer; + cmd = "rust-analyzer"; + }; ty = - mkLsp - pkgs.ty - "/bin/ty"; + { + pkg = pkgs-unstable.ty; + cmd = "ty"; + }; }; in { - environment.systemPackages = + home.packages = lsps + |> builtins.attrValues |> map (lsp: lsp.pkg); # REF: https://docs.helix-editor.com/editor.html @@ -205,7 +211,6 @@ in { } { name = "c-sharp"; - source = "source.cs"; file-types = ["cs"]; indent = { tab-width = 4; @@ -223,7 +228,7 @@ in { language-server = lsps - |> builtins.mapAttrs (_: lsp: "${lsp.pkg}${lsp.path}"); + |> builtins.mapAttrs (_: lsp: { command = "${lsp.pkg}/bin/${lsp.cmd}"; }); }; }; } From 6b6ce26c66e849096d5f06d828151216ad926184 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 08:36:33 +1000 Subject: [PATCH 093/143] move hyrule services to services/ --- hosts/hyrule/{ => services}/mailserver.nix | 1 + hosts/hyrule/{ => services}/minecraft-server.nix | 0 2 files changed, 1 insertion(+) rename hosts/hyrule/{ => services}/mailserver.nix (95%) rename hosts/hyrule/{ => services}/minecraft-server.nix (100%) diff --git a/hosts/hyrule/mailserver.nix b/hosts/hyrule/services/mailserver.nix similarity index 95% rename from hosts/hyrule/mailserver.nix rename to hosts/hyrule/services/mailserver.nix index 49274f2..cd2adfc 100644 --- a/hosts/hyrule/mailserver.nix +++ b/hosts/hyrule/services/mailserver.nix @@ -28,6 +28,7 @@ aliases = ["emile@imbored.dev"]; hashedPasswordFile = let CWD = builtins.getEnv "PWD"; + # XXX: TODO: use a secrets manager! in "${CWD}/secrets/passwd/me"; }; }; diff --git a/hosts/hyrule/minecraft-server.nix b/hosts/hyrule/services/minecraft-server.nix similarity index 100% rename from hosts/hyrule/minecraft-server.nix rename to hosts/hyrule/services/minecraft-server.nix From 83e9a001db75d37742612958c27407294c527fab Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 08:37:39 +1000 Subject: [PATCH 094/143] hyrule use bashistrans.nix --- hosts/hyrule/default.nix | 29 ++--------------------------- hosts/modules/bashistrans.nix | 32 ++++++++++++++++++-------------- 2 files changed, 20 insertions(+), 41 deletions(-) diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 72cf59f..c87d1ba 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -1,8 +1,6 @@ { pkgs, pkgs-unstable, - inputs, - lib, ... }: let home-manager = builtins.fetchTarball { @@ -20,6 +18,7 @@ in { #../modules/server/nginx.nix #../modules/server/ssh.nix #../modules/server/fail2ban.nix + ../modules/bashistrans.nix ]; nix.settings = { @@ -33,15 +32,6 @@ in { ]; }; - # nixpkgs.config.allowUnfreePredicate = let - # whitelist = map lib.getName [ - # "minecraft-server" - # pkgs.minecraft-server - # pkgs-unstable.minecraft-server - # ]; - # in - # pkg: builtins.elem (lib.getName pkg) whitelist; - time.timeZone = "Australia/Brisbane"; i18n.defaultLocale = "en_US.UTF-8"; @@ -480,6 +470,7 @@ in { }; }; }; + security = { # accept Lets Encrypt's security policy (for nginx) acme = { @@ -507,21 +498,5 @@ in { helix ]; - programs = { - fish.enable = true; - - bash = { - completion.enable = true; - - interactiveShellInit = '' - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] - then - shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - exec ${pkgs.fish}/bin/fish $LOGIN_OPTION - fi - ''; - }; - }; - system.stateVersion = "24.11"; # DO NOT MODIFY } diff --git a/hosts/modules/bashistrans.nix b/hosts/modules/bashistrans.nix index d3b285c..e9d74ae 100644 --- a/hosts/modules/bashistrans.nix +++ b/hosts/modules/bashistrans.nix @@ -2,22 +2,26 @@ # I want to use fish as my login shell but it always goes terrible # cause it isn't POSIX compliant, so instead Bash is my login and # will just exec fish (^-^) - programs.bash = { - blesh.enable = false; # ble.sh replacement for GNU readline - completion.enable = true; + programs = { + fish.enable = true; - interactiveShellInit = '' - # help bash transition into a beautiful fish! - if [[ -z $CRY_BASH_IS_TRANS ]] - then - if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + bash = { + blesh.enable = false; # ble.sh replacement for GNU readline + completion.enable = true; + + interactiveShellInit = '' + # help bash transition into a beautiful fish! + if [[ -z $CRY_BASH_IS_TRANS ]] then - shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" - exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi fi - fi - # bash is trans now! (no more transitioning required) - export CRY_BASH_IS_TRANS=true - ''; + # bash is trans now! (no more transitioning required) + export CRY_BASH_IS_TRANS=true + ''; + }; }; } From 56af3c8919a817ea06f3613ef692f7a03567a93a Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 08:38:36 +1000 Subject: [PATCH 095/143] split hyrule config --- hosts/hyrule/default.nix | 324 +------------------------- hosts/hyrule/services/forgejo.nix | 150 ++++++++++++ hosts/hyrule/services/nginx.nix | 99 ++++++++ hosts/hyrule/services/vaultwarden.nix | 25 ++ 4 files changed, 278 insertions(+), 320 deletions(-) create mode 100644 hosts/hyrule/services/forgejo.nix create mode 100644 hosts/hyrule/services/nginx.nix create mode 100644 hosts/hyrule/services/vaultwarden.nix diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index c87d1ba..837fc4d 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -12,12 +12,12 @@ in { ./hardware-configuration.nix (import "${home-manager}/nixos") + ./services/forgejo.nix + ./services/vaultwarden.nix + ./services/nginx.nix # ./mailserver.nix # TEMP: location # ./minecraft-server.nix # TEMP: location - #../modules/server/nginx.nix - #../modules/server/ssh.nix - #../modules/server/fail2ban.nix ../modules/bashistrans.nix ]; @@ -82,30 +82,6 @@ in { ]; }; - # wireguard.interfaces = { - # wg0 = { - # ips = ["10.10.10.4/24"]; # my IP and the subnet (keyword: "AND") - # listenPort = 54231; - # - # privateKeyFile = "/root/wg_agrivpn_hyrule"; - # - # peers = [ - # { - # # peer's public key - # publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY="; - # - # # choose which traffic to forward - # allowedIPs = ["10.0.51.0/24" "10.10.10.0/24"]; - # - # # TODO: route to endpoint not automatically configured https://wiki.archlinux.org/index.php/WireGuard#Loop_routing https://discourse.nixos.org/t/solved-minimal-firewall-setup-for-wireguard-client/7577 - # endpoint = "150.242.34.33:54231"; - # - # # send keepalives every 25 seconds. Important to keep NAT tables alive. - # persistentKeepalive = 25; - # } - # ]; - # }; - # }; wg-quick.interfaces = { wg0 = { address = [ @@ -140,7 +116,7 @@ in { extraGroups = ["wheel"]; shell = pkgs.bash; openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@imbored.dev" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" ]; }; @@ -166,70 +142,6 @@ in { }; services = { - # simple nginx instance to host static construction page - # TODO: I want sshd and forgejo's ssh server to both be bound to port 22 - # So change sshd to listen on a different address/port (ie 2222 or 127.0.0.3:22, etc) - # and change forgejo to use 127.0.0.2:22 (use port 22, ONLY change loopback address) - nginx = { - enable = true; - # in wake of CVE-2022-3602/CVE-2022-3786 - package = pkgs.nginxStable.override {openssl = pkgs.libressl;}; - - recommendedGzipSettings = true; - recommendedZstdSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - - # streamConfig = '' - # server { - # listen 127.0.0.1:53 udp reuseport; - # proxy_timeout 20s; - # proxy_pass 192.168.0.1:53535; - # } - # ''; - - virtualHosts = let - localhost = "http://127.0.0.1"; - std = { - # TODO: should I run over QUIC+HTTP3? (experimental) - # quic = true; - # http3 = true; - enableACME = true; - # kTLS = true; # offload TLS to the linux kernel - }; - in { - "imbored.dev" = - { - default = true; - addSSL = true; # not strictly enforced <3 - root = "/var/www/imbored"; - # extraConfig = '' - # error_page 404 /custom_404.html; - # ''; - } - // std; - # Route "vault" subdomain to vaultwarden - "vault.imbored.dev" = - { - forceSSL = true; - locations."/".proxyPass = "${localhost}:8222"; - } - // std; - # Route "forge" subdomain to forgejo - # TODO: use `forgejo.settings.server.ENABLE_ACME` instead? - "forge.imbored.dev" = - { - forceSSL = true; - extraConfig = '' - client_max_body_size 512M; - ''; - locations."/".proxyPass = "${localhost}:3000"; - } - // std; - }; - }; - openssh = { enable = true; ports = [22]; @@ -241,234 +153,6 @@ in { X11Forwarding = false; }; }; - - vaultwarden = { - enable = true; - dbBackend = "sqlite"; - - # backupDir = "/var/backup/vaultwarden"; # disable with null - - # https://mynixos.com/nixpkgs/option/services.vaultwarden.config - config = { - # internal address and port to listen on - ROCKET_ADDRESS = "127.0.0.1"; - ROCKET_PORT = 8222; - - # hostname to listen for - DOMAIN = "https://vault.imbored.dev"; - - # signup policy - SIGNUPS_ALLOWED = false; - SIGNUPS_VERIFY = true; - INVITATIONS_ALLOWED = true; - }; - # https://mynixos.com/nixpkgs/option/services.vaultwarden.environmentFile - environmentFile = "/var/lib/vaultwarden/vaultwarden.env"; - }; - - # stalwart-mail = let - # domain = "imbored.dev"; - # in { - # enable = false; # true; - # # openFirewall = true; # im doing this manually rn - # settings = { - # certificate."${domain}" = { - # cert = "file://${certs.${domain}.cert}"; - # private-key = "file://${certs.${domain}.key}"; - # }; - # server = { - # hostname = domain; - # tls = { - # certificate = "${domain}"; - # enable = true; - # implicit = false; - # }; - # listener = { - # "smtp-submission" = { - # bind = ["127.0.0.1:587"]; - # protocol = "smtp"; - # }; - # "imap" = { - # bind = ["127.0.0.1:143"]; - # protocol = "imap"; - # }; - # }; - # }; - # session = { - # rcpt.directory = "in-memory"; - # auth = { - # mechanisms = ["PLAIN"]; - # directory = "in-memory"; - # }; - # }; - # jmap.directory = "in-memory"; - # queue.outbound.next-hop = ["local"]; - # directory."in-memory" = { - # type = "memory"; - # users = [ - # { - # name = "me"; - # secret = "foobar"; - # email = ["me@${domain}"]; - # } - # { - # name = "Emile"; - # secret = "foobar"; - # email = ["emile@${domain}"]; - # } - # ]; - # }; - # }; - # }; - - # more options here: https://mynixos.com/nixpkgs/options/services.forgejo - # TODO: set a favicon https://forgejo.org/docs/next/contributor/customization/#changing-the-logo - # (might need me to override settings in the nixpkg) - # TODO: create a custom theme for forgejo (modify the source files most likely) - forgejo = { - enable = true; - # enable support for Git Large File Storage - lfs.enable = true; - database = { - type = "sqlite3"; # postgres - host = "127.0.0.1"; - port = "3306"; # 5432 if postgres - }; - # settings are written directly to the `app.ini` config file - # refer to: https://forgejo.org/docs/latest/admin/config-cheat-sheet/ - settings = { - server = { - # ENABLE_ACME = true; - # ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev" - DOMAIN = "forge.imbored.dev"; # should this be "imbored.dev"? - ROOT_URL = "https://forge.imbored.dev"; # full public URL of the Forgejo server - # address and port to listen on - HTTP_ADDR = "127.0.0.1"; - HTTP_PORT = 3000; - PROTOCOL = "http"; # http internally, reverse proxy uses https externally - - START_SSH_SERVER = true; - DISABLE_SSH = false; - SSH_PORT = 2222; - }; - - DEFAULT = { - APP_NAME = "tearforge"; - APP_SLOGIN = "but cozy"; - APP_DISPLAY_NAME_FORMAT = "{APP_NAME} ::{APP_SLOGAN}::"; - }; - - repository = { - DEFAULT_PRIVATE = "private"; # last, private, public - # repo/org created on push to non-existent - ENABLE_PUSH_CREATE_USER = true; - ENABLE_PUSH_CREATE_ORG = false; - DEFAULT_PUSH_CREATE_PRIVATE = true; - MAX_CREATION_LIMIT = -1; - }; - - "repository.upload" = { - # max per-file size in MB - FILE_MAX_SIZE = 50; - # max number of files per upload - MAX_FILES = 5; - }; - - badges = let - # flat, flat-square, plastic, for-the-badge, social - style = "for-the-badge"; - in { - ENABLED = true; - GENERATOR_URL_TEMPLATE = "https://img.shields.io/badge/{{.label}}-{{.text}}-{{.color}}?style=${style}"; - }; - - ui = { - DEFAULT_THEME = "forgejo-dark"; - THEMES = "forgejo-auto,forgejo-light,forgejo-dark"; - }; - "ui.meta" = { - AUTHOR = "Emile Clark-Boman - emileclarkb"; - DESCRIPTION = "This is my personal self-hosted git forge, where I keep and maintain personal projects! PS do butterflies cry when they're sad?"; - KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies"; - }; - - markdown = { - ENABLE_HARD_LINE_BREAK_IN_COMMENTS = true; - ENABLE_MATH = true; - }; - - admin = { - DEFAULT_EMAIL_NOTIFICATIONS = "enabled"; - SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true; - }; - - security = { - # Controls access to the installation page. - # When set to “true”, the installation page is not accessible. - #INSTALL_LOCK = false; - - PASSWORD_HASH_ALGO = "argon2"; # ARGON2 BEST ALGO FR!! (default: argon2$2$65536$8$50) - MIN_PASSWORD_LENGTH = 12; - PASSWORD_COMPLEXITY = "lower,upper,digit,spec"; - PASSWORD_CHECK_PWN = true; - }; - - service = { - DISABLE_REGISTRATION = true; # toggle for new users - #DEFAULT_USER_IS_RESTRICTED = true; - # Forbid login with third-party services (ie github) - ALLOW_ONLY_INTERNAL_REGISTRATION = true; - ENABLE_CAPTCHA = true; - REQUIRE_CAPTCHA_FOR_LOGIN = true; - REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA = true; - LOGIN_REMEMBER_DAYS = 365; - ENABLE_NOTIFY_MAIL = true; - }; - "service.explore" = { - REQUIRE_SIGNIN_VIEW = false; - DISABLE_USERS_PAGE = false; - DISABLE_ORGANIZATIONS_PAGE = false; - DISABLE_CODE_PAGE = false; - }; - - cache = { - ADAPTER = "twoqueue"; - HOST = "{\"size\":100, \"recent_ratio\":0.25, \"ghost_ratio\":0.5}"; - ITEM_TTL = "16h"; - }; - - # TODO: fill this in once my mail server is configured - # email.incoming = { ... }; - - # optional - # TODO: fill this in once my mail server is configured - mailer = { - ENABLED = false; - SMTP_ADDR = "mail.imbored.dev"; - FROM = "noreply@imbored.dev"; - USER = "noreply@imbored.dev"; - }; - - log = { - MODE = "file"; - LEVEL = "Info"; # "Trace", "Debug", "Info", "Warn", "Error", "Critical" - ENABLE_SSH_LOG = true; - }; - - cron = { - ENABLED = true; - RUN_AT_START = false; - }; - - other = { - SHOW_FOOTER_VERSION = true; - SHOW_FOOTER_TEMPLATE_LOAD_TIME = true; - SHOW_FOOTER_POWERED_BY = true; - ENABLE_SITEMAP = true; - ENABLE_FEED = true; - }; - }; - }; }; security = { diff --git a/hosts/hyrule/services/forgejo.nix b/hosts/hyrule/services/forgejo.nix new file mode 100644 index 0000000..f228116 --- /dev/null +++ b/hosts/hyrule/services/forgejo.nix @@ -0,0 +1,150 @@ +{...}: { + # more options here: https://mynixos.com/nixpkgs/options/services.forgejo + # TODO: set a favicon https://forgejo.org/docs/next/contributor/customization/#changing-the-logo + # (might need me to override settings in the nixpkg) + # TODO: create a custom theme for forgejo (modify the source files most likely) + services.forgejo = { + enable = true; + # enable support for Git Large File Storage + lfs.enable = true; + database = { + type = "sqlite3"; # postgres + host = "127.0.0.1"; + port = "3306"; # 5432 if postgres + }; + # settings are written directly to the `app.ini` config file + # refer to: https://forgejo.org/docs/latest/admin/config-cheat-sheet/ + settings = { + server = { + # ENABLE_ACME = true; + # ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev" + DOMAIN = "forge.imbored.dev"; # should this be "imbored.dev"? + ROOT_URL = "https://forge.imbored.dev"; # full public URL of the Forgejo server + # address and port to listen on + HTTP_ADDR = "127.0.0.1"; + HTTP_PORT = 3000; + PROTOCOL = "http"; # http internally, reverse proxy uses https externally + + START_SSH_SERVER = true; + DISABLE_SSH = false; + SSH_PORT = 2222; + }; + + DEFAULT = { + APP_NAME = "tearforge"; + APP_SLOGIN = "but cozy"; + APP_DISPLAY_NAME_FORMAT = "{APP_NAME} ::{APP_SLOGAN}::"; + }; + + repository = { + DEFAULT_PRIVATE = "private"; # last, private, public + # repo/org created on push to non-existent + ENABLE_PUSH_CREATE_USER = true; + ENABLE_PUSH_CREATE_ORG = false; + DEFAULT_PUSH_CREATE_PRIVATE = true; + MAX_CREATION_LIMIT = -1; + }; + + "repository.upload" = { + # max per-file size in MB + FILE_MAX_SIZE = 50; + # max number of files per upload + MAX_FILES = 5; + }; + + badges = let + # flat, flat-square, plastic, for-the-badge, social + style = "for-the-badge"; + in { + ENABLED = true; + GENERATOR_URL_TEMPLATE = "https://img.shields.io/badge/{{.label}}-{{.text}}-{{.color}}?style=${style}"; + }; + + ui = { + DEFAULT_THEME = "forgejo-dark"; + THEMES = "forgejo-auto,forgejo-light,forgejo-dark"; + }; + "ui.meta" = { + AUTHOR = "Emile Clark-Boman - emileclarkb"; + DESCRIPTION = "This is my personal self-hosted git forge, where I keep and maintain personal projects! PS do butterflies cry when they're sad?"; + KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies"; + }; + + markdown = { + ENABLE_HARD_LINE_BREAK_IN_COMMENTS = true; + ENABLE_MATH = true; + }; + + admin = { + DEFAULT_EMAIL_NOTIFICATIONS = "enabled"; + SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true; + }; + + security = { + # Controls access to the installation page. + # When set to “true”, the installation page is not accessible. + #INSTALL_LOCK = false; + + PASSWORD_HASH_ALGO = "argon2"; # ARGON2 BEST ALGO FR!! (default: argon2$2$65536$8$50) + MIN_PASSWORD_LENGTH = 12; + PASSWORD_COMPLEXITY = "lower,upper,digit,spec"; + PASSWORD_CHECK_PWN = true; + }; + + service = { + DISABLE_REGISTRATION = true; # toggle for new users + #DEFAULT_USER_IS_RESTRICTED = true; + # Forbid login with third-party services (ie github) + ALLOW_ONLY_INTERNAL_REGISTRATION = true; + ENABLE_CAPTCHA = true; + REQUIRE_CAPTCHA_FOR_LOGIN = true; + REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA = true; + LOGIN_REMEMBER_DAYS = 365; + ENABLE_NOTIFY_MAIL = true; + }; + "service.explore" = { + REQUIRE_SIGNIN_VIEW = false; + DISABLE_USERS_PAGE = false; + DISABLE_ORGANIZATIONS_PAGE = false; + DISABLE_CODE_PAGE = false; + }; + + cache = { + ADAPTER = "twoqueue"; + HOST = "{\"size\":100, \"recent_ratio\":0.25, \"ghost_ratio\":0.5}"; + ITEM_TTL = "16h"; + }; + + # TODO: fill this in once my mail server is configured + # email.incoming = { ... }; + + # optional + # TODO: fill this in once my mail server is configured + mailer = { + ENABLED = false; + SMTP_ADDR = "mail.dobutterfliescry.net"; + FROM = "iforgor@dobutterfliescry.net"; + USER = "iforgor@dobutterfliescry.net"; + }; + + log = { + MODE = "file"; + LEVEL = "Info"; # "Trace", "Debug", "Info", "Warn", "Error", "Critical" + ENABLE_SSH_LOG = true; + }; + + cron = { + ENABLED = true; + RUN_AT_START = false; + }; + + other = { + SHOW_FOOTER_VERSION = true; + SHOW_FOOTER_TEMPLATE_LOAD_TIME = true; + SHOW_FOOTER_POWERED_BY = true; + ENABLE_SITEMAP = true; + ENABLE_FEED = true; + }; + }; + }; +} diff --git a/hosts/hyrule/services/nginx.nix b/hosts/hyrule/services/nginx.nix new file mode 100644 index 0000000..d719841 --- /dev/null +++ b/hosts/hyrule/services/nginx.nix @@ -0,0 +1,99 @@ +{pkgs, ...}: { + nixpkgs.overlays = [ + (self: super: { + # in wake of CVE-2022-3602/CVE-2022-3786 + nginxStable = super.nginxStable.override {openssl = pkgs.libressl;}; + }) + ]; + + # simple nginx instance to host static construction page + # TODO: I want sshd and forgejo's ssh server to both be bound to port 22 + # So change sshd to listen on a different address/port (ie 2222 or 127.0.0.3:22, etc) + # and change forgejo to use 127.0.0.2:22 (use port 22, ONLY change loopback address) + services.nginx = { + enable = true; + # XXX: TODO: this should auto use the nginxStable overlay no? + # in wake of CVE-2022-3602/CVE-2022-3786 + # package = pkgs.nginxStable.override {openssl = pkgs.libressl;}; + + recommendedGzipSettings = true; + recommendedZstdSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + # streamConfig = '' + # server { + # listen 127.0.0.1:53 udp reuseport; + # proxy_timeout 20s; + # proxy_pass 192.168.0.1:53535; + # } + # ''; + + virtualHosts = let + localhost = "http://127.0.0.1"; + std = { + # TODO: should I run over QUIC+HTTP3? (experimental) + # quic = true; + # http3 = true; + enableACME = true; + # kTLS = true; # offload TLS to the linux kernel + }; + website = + { + default = true; + addSSL = true; # not strictly enforced <3 + root = "/var/www/imbored"; + # extraConfig = '' + # error_page 404 /custom_404.html; + # ''; + } + // std; + + vault = + { + forceSSL = true; + locations."/".proxyPass = "${localhost}:8222"; + } + // std; + forge = + { + forceSSL = true; + extraConfig = '' + client_max_body_size 512M; + ''; + locations."/".proxyPass = "${localhost}:3000"; + } + // std; + in { + # XXX: TODO: imbored.dev and dobutterfliescry.net can't + # XXX: TODO: be active at the same time??? why?? + # "imbored.dev" = + # { + # default = true; + # addSSL = true; # not strictly enforced <3 + # root = "/var/www/imbored"; + # # extraConfig = '' + # # error_page 404 /custom_404.html; + # # ''; + # } + # // std; + "dobutterfliescry.net" = + { + default = true; + addSSL = true; # not strictly enforced <3 + root = "/var/www/cry"; + # extraConfig = '' + # error_page 404 /custom_404.html; + # ''; + } + // std; + # Route "vault" subdomain to vaultwarden + "vault.imbored.dev" = vault; + # Route "forge" subdomain to forgejo + # TODO: use `forgejo.settings.server.ENABLE_ACME` instead? + "forge.imbored.dev" = forge; + # "forge.dobutterfliescry.net" = forge; + }; + }; +} diff --git a/hosts/hyrule/services/vaultwarden.nix b/hosts/hyrule/services/vaultwarden.nix new file mode 100644 index 0000000..6cde9ab --- /dev/null +++ b/hosts/hyrule/services/vaultwarden.nix @@ -0,0 +1,25 @@ +{...}: { + services.vaultwarden = { + enable = true; + dbBackend = "sqlite"; + + # backupDir = "/var/backup/vaultwarden"; # disable with null + + # https://mynixos.com/nixpkgs/option/services.vaultwarden.config + config = { + # internal address and port to listen on + ROCKET_ADDRESS = "127.0.0.1"; + ROCKET_PORT = 8222; + + # hostname to listen for + DOMAIN = "https://vault.imbored.dev"; + + # signup policy + SIGNUPS_ALLOWED = false; + SIGNUPS_VERIFY = true; + INVITATIONS_ALLOWED = true; + }; + # https://mynixos.com/nixpkgs/option/services.vaultwarden.environmentFile + environmentFile = "/var/lib/vaultwarden/vaultwarden.env"; + }; +} From 964b3b596fc84b6b8f91df5601387d74d206f949 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 09:42:35 +1000 Subject: [PATCH 096/143] ensure flake inputs follow --- flake.nix | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/flake.nix b/flake.nix index e339ce6..91f5a24 100644 --- a/flake.nix +++ b/flake.nix @@ -2,10 +2,19 @@ description = "Emile's Nix Dotfiles"; inputs = { + systems = "github:nix-systems/default"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; - colmena.url = "github:zhaofengli/colmena/?rev=47b6414d800c8471e98ca072bc0835345741a56a"; + colmena = { + url = "github:zhaofengli/colmena/?rev=47b6414d800c8471e98ca072bc0835345741a56a"; + inputs = { + nixpkgs.follows = "nixpkgs-unstable"; + stable.follows = "nixpkgs"; + flake-utils.inputs.systems.follows = "systems"; + }; + }; grub2-themes.url = "github:vinceliuice/grub2-themes"; }; @@ -30,12 +39,15 @@ pkgs-unstable = import nixpkgs-unstable { inherit system; config = { - allowUnfree = true; # TODO: bandaid solution... (for minecraft-server) + # allowUnfree = true; # TODO: bandaid solution... (for minecraft-server) + allowUnfree = false; }; }; # TODO: come back to this its really cool # this is just something I'm experimenting with - # PROJECT_ROOT = builtins.toString ./.; + # ROOT = ./.; + + specialArgs = {inherit inputs pkgs-unstable;}; in { devShells."x86_64-linux".default = pkgs.mkShell { shell = "${pkgs.bash}/bin/bash"; @@ -50,7 +62,7 @@ # i be on my puter fr myputer = nixpkgs.lib.nixosSystem { # nix passes these to every single module - specialArgs = {inherit inputs pkgs-unstable;}; + inherit specialArgs; modules = [ ./hosts/myputer @@ -60,7 +72,7 @@ # my laptop 0w0 lolcathost = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs-unstable;}; + inherit specialArgs; modules = [ ./hosts/lolcathost @@ -73,7 +85,7 @@ colmenaHive = colmena.lib.makeHive { meta = { nixpkgs = pkgs; - specialArgs = {inherit pkgs-unstable;}; + inherit specialArgs; # set nixpkgs per server nodeNixpkgs = { From 7e4959352a3ba725c5482e6434dcf987ac4ad292 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 09:42:44 +1000 Subject: [PATCH 097/143] add dobutterfliescry.net input --- flake.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/flake.nix b/flake.nix index 91f5a24..9667548 100644 --- a/flake.nix +++ b/flake.nix @@ -17,6 +17,15 @@ }; grub2-themes.url = "github:vinceliuice/grub2-themes"; + + dobutterfliescry-net = { + url = "https://forge.imbored.dev/emileclarkb/dobutterfliescry.net"; + inputs = { + nixpkgs.follows = "nixpkgs"; + nixpkgs-unstable.follows = "nixpkgs-unstable"; + systems.follows = "systems"; + }; + }; }; outputs = { From 0eec0a9adeb20c14b56e4f229c138594c9a0d36d Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 09:57:24 +1000 Subject: [PATCH 098/143] fix bad inputs --- flake.lock | 112 ++++++++++++++++++++++++++++++++++------------------- flake.nix | 4 +- 2 files changed, 74 insertions(+), 42 deletions(-) diff --git a/flake.lock b/flake.lock index e1ab303..8d37b6f 100644 --- a/flake.lock +++ b/flake.lock @@ -5,8 +5,12 @@ "flake-compat": "flake-compat", "flake-utils": "flake-utils", "nix-github-actions": "nix-github-actions", - "nixpkgs": "nixpkgs", - "stable": "stable" + "nixpkgs": [ + "nixpkgs-unstable" + ], + "stable": [ + "nixpkgs" + ] }, "locked": { "lastModified": 1734374287, @@ -23,6 +27,32 @@ "type": "github" } }, + "dobutterfliescry-net": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-unstable": [ + "nixpkgs-unstable" + ], + "systems": [ + "systems" + ] + }, + "locked": { + "lastModified": 1769815774, + "narHash": "sha256-77XLfci6EK+zenuJkHuyt8gh0MI2mlJYEPVRPu0Ufcc=", + "ref": "refs/heads/main", + "rev": "c4049313d442538a60edca4aba5e71b963d2bc40", + "revCount": 55, + "type": "git", + "url": "https://forge.imbored.dev/emileclarkb/dobutterfliescry.net" + }, + "original": { + "type": "git", + "url": "https://forge.imbored.dev/emileclarkb/dobutterfliescry.net" + } + }, "flake-compat": { "flake": false, "locked": { @@ -40,23 +70,25 @@ } }, "flake-utils": { + "inputs": { + "systems": "systems" + }, "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" + "id": "flake-utils", + "type": "indirect" } }, "grub2-themes": { "inputs": { - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs" }, "locked": { "lastModified": 1757136219, @@ -95,16 +127,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1734119587, - "narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=", + "lastModified": 1761269590, + "narHash": "sha256-yTr+PCi4wGbOEidrm8XyXBobLxLMqIBsbUyhwsN6wrc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5", + "rev": "d792a6e0cd4ba35c90ea787b717d72410f56dc40", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "master", "repo": "nixpkgs", "type": "github" } @@ -126,22 +158,6 @@ } }, "nixpkgs_2": { - "locked": { - "lastModified": 1761269590, - "narHash": "sha256-yTr+PCi4wGbOEidrm8XyXBobLxLMqIBsbUyhwsN6wrc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "d792a6e0cd4ba35c90ea787b717d72410f56dc40", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "master", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1761016216, "narHash": "sha256-G/iC4t/9j/52i/nm+0/4ybBmAF4hzR8CNHC75qEhjHo=", @@ -160,24 +176,40 @@ "root": { "inputs": { "colmena": "colmena", + "dobutterfliescry-net": "dobutterfliescry-net", "grub2-themes": "grub2-themes", - "nixpkgs": "nixpkgs_3", - "nixpkgs-unstable": "nixpkgs-unstable" + "nixpkgs": "nixpkgs_2", + "nixpkgs-unstable": "nixpkgs-unstable", + "systems": "systems_2" } }, - "stable": { + "systems": { "locked": { - "lastModified": 1730883749, - "narHash": "sha256-mwrFF0vElHJP8X3pFCByJR365Q2463ATp2qGIrDUdlE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "dba414932936fde69f0606b4f1d87c5bc0003ede", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", "type": "github" } } diff --git a/flake.nix b/flake.nix index 9667548..85de2d0 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "Emile's Nix Dotfiles"; inputs = { - systems = "github:nix-systems/default"; + systems.url = "github:nix-systems/default"; nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; @@ -19,7 +19,7 @@ grub2-themes.url = "github:vinceliuice/grub2-themes"; dobutterfliescry-net = { - url = "https://forge.imbored.dev/emileclarkb/dobutterfliescry.net"; + url = "git+https://forge.imbored.dev/emileclarkb/dobutterfliescry.net"; inputs = { nixpkgs.follows = "nixpkgs"; nixpkgs-unstable.follows = "nixpkgs-unstable"; From e14ebf98ca0b6adb5abdcf87a4caaf7acb07227a Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 10:14:46 +1000 Subject: [PATCH 099/143] add --show-flags and EXTRA_FLAGS to ./deploy --- deploy | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/deploy b/deploy index 08b95d0..fcd6f85 100755 --- a/deploy +++ b/deploy @@ -9,6 +9,7 @@ Options: -f, --fresh Remove old content in the nixstore (good for debugging) -b, --bootloader Reinstall the bootloader -r, --remote Locally build and remotely deploy Colmena hive + --show-trace Show nix stack trace on error -h, --help Show this message (^_^)" # delete all cached entries @@ -31,7 +32,7 @@ rebuild_flake () { # LOG="$(mktemp /tmp/rebuild-XXXXXXXX)" LOG="./rebuild.log" echo "[*] Logging to $LOG" - sudo nixos-rebuild switch --flake . $FLAGS 2>&1 | tee "$LOG" + sudo nixos-rebuild switch --flake . $FLAGS $EXTRA_FLAGS 2>&1 | tee "$LOG" #nixos-rebuild build --flake .# --cores 8 -j 1 } @@ -42,19 +43,22 @@ deploy_hive () { git add . --verbose # Deploy to all Colmena hives - colmena build --experimental-flake-eval - colmena apply --experimental-flake-eval + colmena build --experimental-flake-eval $EXTRA_FLAGS + colmena apply --experimental-flake-eval $EXTRA_FLAGS # colmena apply --on hyrule --experimental-flake-eval } # check which flags were given flag_fresh=false flag_bootloader=false +flag_remote=false +flag_trace=false for flag in "$@"; do case "$flag" in -r|--remote) - deploy_hive - exit 0 ;; + flag_remote=true ;; + --show-trace) + flag_trace=true ;; -f|--fresh) flag_fresh=true ;; -b|--bootloader) @@ -68,6 +72,16 @@ for flag in "$@"; do esac done +EXTRA_FLAGS="" +if [ "$flag_trace" = true ]; then + EXTRA_FLAGS="$EXTRA_FLAGS --show-trace" +fi + +if [ "$flag_remote" = true ]; then + deploy_hive + exit 0 +fi + # delete cached items in nixstore if [ "$flag_fresh" = true ]; then collect_garbage From 47bc060da7def6aa54faa5e7cb37fda5306c5139 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 10:26:17 +1000 Subject: [PATCH 100/143] fix nginx bad root --- flake.lock | 8 ++++---- hosts/hyrule/services/nginx.nix | 10 ++++++++-- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 8d37b6f..bfa8133 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1769815774, - "narHash": "sha256-77XLfci6EK+zenuJkHuyt8gh0MI2mlJYEPVRPu0Ufcc=", + "lastModified": 1769819040, + "narHash": "sha256-sFtlxsSXGH3BFkM7REuwntmKQ9f1SeDQIqEK8jTdz34=", "ref": "refs/heads/main", - "rev": "c4049313d442538a60edca4aba5e71b963d2bc40", - "revCount": 55, + "rev": "e001182489cea3e4cb2a461eb83a7c163f38b7e7", + "revCount": 56, "type": "git", "url": "https://forge.imbored.dev/emileclarkb/dobutterfliescry.net" }, diff --git a/hosts/hyrule/services/nginx.nix b/hosts/hyrule/services/nginx.nix index d719841..a923245 100644 --- a/hosts/hyrule/services/nginx.nix +++ b/hosts/hyrule/services/nginx.nix @@ -1,9 +1,14 @@ -{pkgs, ...}: { +{ + inputs, + pkgs, + ... +}: { nixpkgs.overlays = [ (self: super: { # in wake of CVE-2022-3602/CVE-2022-3786 nginxStable = super.nginxStable.override {openssl = pkgs.libressl;}; }) + inputs.dobutterfliescry-net.overlays.default ]; # simple nginx instance to host static construction page @@ -82,7 +87,8 @@ { default = true; addSSL = true; # not strictly enforced <3 - root = "/var/www/cry"; + # root = "/var/www/cry"; + root = "${pkgs.dobutterfliescry-net}/www"; # extraConfig = '' # error_page 404 /custom_404.html; # ''; From de526f42a0a1619ad6ea0a6f735d8869990111a1 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 10:57:49 +1000 Subject: [PATCH 101/143] progress input dobutterfliescry-net --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index bfa8133..6c38971 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1769819040, - "narHash": "sha256-sFtlxsSXGH3BFkM7REuwntmKQ9f1SeDQIqEK8jTdz34=", + "lastModified": 1769819491, + "narHash": "sha256-hMr47pVjBGd9Jk0zlKL66GWBlS6E50Mp4sW0OBvneSk=", "ref": "refs/heads/main", - "rev": "e001182489cea3e4cb2a461eb83a7c163f38b7e7", - "revCount": 56, + "rev": "c0f53e00c1888ff9bd92055f0bdc3fe9f218d387", + "revCount": 57, "type": "git", "url": "https://forge.imbored.dev/emileclarkb/dobutterfliescry.net" }, From f1224c8cf80edc2d1e63cdd8e81b00329ab94cf4 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 10:57:59 +1000 Subject: [PATCH 102/143] add helix js/ts lsp --- homes/modules/editor/helix.nix | 84 +++++++++++++++++++--------------- 1 file changed, 48 insertions(+), 36 deletions(-) diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index 3d831c1..80ea265 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -4,50 +4,48 @@ ... }: let lsps = { - bash-language-server = - { - pkg = pkgs.bash-language-server; - cmd = "bash-language-server"; - }; + bash-language-server = { + pkg = pkgs.bash-language-server; + cmd = "bash-language-server"; + }; - clangd = - { - pkg = pkgs.clang-tools; - cmd = "clangd"; - }; + clangd = { + pkg = pkgs.clang-tools; + cmd = "clangd"; + }; - haskell-language-server = - { - pkg = pkgs.haskell-language-server; - cmd = "haskell-language-server-wrapper"; - }; + haskell-language-server = { + pkg = pkgs.haskell-language-server; + cmd = "haskell-language-server-wrapper"; + }; # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think) # helix will support nixd by default # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix - nixd = - { - pkg = pkgs.nixd; - cmd = "nixd"; - }; + nixd = { + pkg = pkgs.nixd; + cmd = "nixd"; + }; - OmniSharp = - { - pkg = pkgs.omnisharp-roslyn; - cmd = "OmniSharp"; - }; + OmniSharp = { + pkg = pkgs.omnisharp-roslyn; + cmd = "OmniSharp"; + }; - rust-analyzer = - { - pkg = pkgs.rust-analyzer; - cmd = "rust-analyzer"; - }; + rust-analyzer = { + pkg = pkgs.rust-analyzer; + cmd = "rust-analyzer"; + }; - ty = - { - pkg = pkgs-unstable.ty; - cmd = "ty"; - }; + ty = { + pkg = pkgs-unstable.ty; + cmd = "ty"; + }; + + typescript-language-server = { + pkg = pkgs.typescript-language-server; + cmd = "typescript-language-server"; + }; }; in { home.packages = @@ -224,11 +222,25 @@ in { # formatter.command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp"; # language-servers = ["OmniSharp"]; } + { + name = "javascript"; + file-types = ["js"]; + indent = { + tab-width = 2; + unit = " "; + }; + block-comment-tokens = { + start = "/*"; + end = "*/"; + }; + auto-format = true; + language-servers = ["typescript-language-server"]; + } ]; language-server = lsps - |> builtins.mapAttrs (_: lsp: { command = "${lsp.pkg}/bin/${lsp.cmd}"; }); + |> builtins.mapAttrs (_: lsp: {command = "${lsp.pkg}/bin/${lsp.cmd}";}); }; }; } From e628d59c72d74cfa5caf369bc18912f96fb9d814 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sat, 31 Jan 2026 11:07:09 +1000 Subject: [PATCH 103/143] add helix glsl lsp --- homes/modules/editor/helix.nix | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index 80ea265..1014cca 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -14,6 +14,11 @@ cmd = "clangd"; }; + glsl_analyzer = { + pkg = pkgs.glsl_analyzer; + cmd = "glsl_analyzer"; + }; + haskell-language-server = { pkg = pkgs.haskell-language-server; cmd = "haskell-language-server-wrapper"; @@ -218,7 +223,7 @@ in { start = "/*"; end = "*/"; }; - # auto-format = false; + # auto-format = true; # formatter.command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp"; # language-servers = ["OmniSharp"]; } @@ -236,6 +241,20 @@ in { auto-format = true; language-servers = ["typescript-language-server"]; } + { + name = "glsl"; + file-types = ["glsl"]; + indent = { + tab-width = 2; + unit = " "; + }; + block-comment-tokens = { + start = "/*"; + end = "*/"; + }; + auto-format = false; + language-servers = ["glsl_analyzer"]; + } ]; language-server = From 42d2e37aedf9763568e8b55831d016327e4f1737 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 3 Feb 2026 12:24:40 +1000 Subject: [PATCH 104/143] add clocktown host --- flake.lock | 8 ++++---- homes/me/default.nix | 6 ++++++ 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 6c38971..b10fff6 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1769819491, - "narHash": "sha256-hMr47pVjBGd9Jk0zlKL66GWBlS6E50Mp4sW0OBvneSk=", + "lastModified": 1769832488, + "narHash": "sha256-mYNFYj3Ed7l6MbuFIMd9ahlyNuav5X8q9siKwVkPxUQ=", "ref": "refs/heads/main", - "rev": "c0f53e00c1888ff9bd92055f0bdc3fe9f218d387", - "revCount": 57, + "rev": "efdedb23b8becfdaf7b43b431007fc369bae318d", + "revCount": 77, "type": "git", "url": "https://forge.imbored.dev/emileclarkb/dobutterfliescry.net" }, diff --git a/homes/me/default.nix b/homes/me/default.nix index a6e5745..2c4e918 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -130,6 +130,12 @@ TERM = "linux"; }; }; + clocktown = { + hostname = "clocktown.dobutterfliescry.net"; + user = "root"; + port = 22; + identityFile = "~/.ssh/id_clocktown"; + }; subspace = { hostname = "imbored.dev"; user = "subspace"; From d64357365928ba1d1ecae49ae4501b2716820b26 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 3 Feb 2026 12:24:59 +1000 Subject: [PATCH 105/143] add wl-screenrec, video-trimmer, cmake --- hosts/lolcathost/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 4119d78..997eb05 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -263,8 +263,10 @@ in { wl-clipboard # clipboard for wayland hyprpicker # color picker hyprshot # screenshot utility + wl-screenrec # screen recording utility qbittorrent # torrenting signal-desktop + video-trimmer (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners # dependencies for my sddm theme: @@ -280,8 +282,6 @@ in { # Systems Emulation qemu # Fellice Bellard's Quick Emulator - # GNU Utils - gnumake # Binaries binutils strace @@ -297,6 +297,8 @@ in { gcc clang clang-tools + gnumake + cmake # Rust cargo From 502e4a82c0caeef4223fd5b14ea0f6412ea25d4a Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 3 Feb 2026 12:25:10 +1000 Subject: [PATCH 106/143] migrate to dobutterfliescry.net --- hosts/hyrule/services/nginx.nix | 25 +------------------------ 1 file changed, 1 insertion(+), 24 deletions(-) diff --git a/hosts/hyrule/services/nginx.nix b/hosts/hyrule/services/nginx.nix index a923245..945724e 100644 --- a/hosts/hyrule/services/nginx.nix +++ b/hosts/hyrule/services/nginx.nix @@ -44,16 +44,6 @@ enableACME = true; # kTLS = true; # offload TLS to the linux kernel }; - website = - { - default = true; - addSSL = true; # not strictly enforced <3 - root = "/var/www/imbored"; - # extraConfig = '' - # error_page 404 /custom_404.html; - # ''; - } - // std; vault = { @@ -71,18 +61,6 @@ } // std; in { - # XXX: TODO: imbored.dev and dobutterfliescry.net can't - # XXX: TODO: be active at the same time??? why?? - # "imbored.dev" = - # { - # default = true; - # addSSL = true; # not strictly enforced <3 - # root = "/var/www/imbored"; - # # extraConfig = '' - # # error_page 404 /custom_404.html; - # # ''; - # } - # // std; "dobutterfliescry.net" = { default = true; @@ -98,8 +76,7 @@ "vault.imbored.dev" = vault; # Route "forge" subdomain to forgejo # TODO: use `forgejo.settings.server.ENABLE_ACME` instead? - "forge.imbored.dev" = forge; - # "forge.dobutterfliescry.net" = forge; + "forge.dobutterfliescry.net" = forge; }; }; } From e7fdc3af6b9eb9c4dfe158c547c5b3764c2f1258 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Tue, 3 Feb 2026 22:27:23 +1000 Subject: [PATCH 107/143] update dobutterfliescry-net upstream --- flake.lock | 12 ++++++------ flake.nix | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index b10fff6..3cf7a06 100644 --- a/flake.lock +++ b/flake.lock @@ -40,17 +40,17 @@ ] }, "locked": { - "lastModified": 1769832488, - "narHash": "sha256-mYNFYj3Ed7l6MbuFIMd9ahlyNuav5X8q9siKwVkPxUQ=", + "lastModified": 1770121583, + "narHash": "sha256-BI9UgaWtIHqyV8L4Vfh5Vrakax65QOG6m0a28L05YzM=", "ref": "refs/heads/main", - "rev": "efdedb23b8becfdaf7b43b431007fc369bae318d", - "revCount": 77, + "rev": "d511138e76f03990da593d1d0129f58c1ec3f570", + "revCount": 100, "type": "git", - "url": "https://forge.imbored.dev/emileclarkb/dobutterfliescry.net" + "url": "https://forge.dobutterfliescry.net/cry/site" }, "original": { "type": "git", - "url": "https://forge.imbored.dev/emileclarkb/dobutterfliescry.net" + "url": "https://forge.dobutterfliescry.net/cry/site" } }, "flake-compat": { diff --git a/flake.nix b/flake.nix index 85de2d0..b6d5a67 100644 --- a/flake.nix +++ b/flake.nix @@ -19,7 +19,7 @@ grub2-themes.url = "github:vinceliuice/grub2-themes"; dobutterfliescry-net = { - url = "git+https://forge.imbored.dev/emileclarkb/dobutterfliescry.net"; + url = "git+https://forge.dobutterfliescry.net/cry/site"; inputs = { nixpkgs.follows = "nixpkgs"; nixpkgs-unstable.follows = "nixpkgs-unstable"; From d78f6c2ffe7927b9f4bf0fbd3126cb50d89cdbe2 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 8 Feb 2026 17:46:28 +1000 Subject: [PATCH 108/143] remove random docs --- GUIDE.md | 109 ----------- SCREENSHARING | 11 -- TODO.md | 32 ---- banner | 6 - config.temp/hyprland.conf | 373 -------------------------------------- docs/DEVDOC.md | 25 --- docs/DEV_ENV.md | 67 ------- docs/PROBLEMLOG.md | 5 - docs/TODO.md | 91 ---------- docs/TODO_UI.md | 3 - docs/inspiration.md | 12 -- docs/nixos_notes.md | 2 - 12 files changed, 736 deletions(-) delete mode 100644 GUIDE.md delete mode 100644 SCREENSHARING delete mode 100644 TODO.md delete mode 100644 banner delete mode 100755 config.temp/hyprland.conf delete mode 100644 docs/DEVDOC.md delete mode 100644 docs/DEV_ENV.md delete mode 100644 docs/PROBLEMLOG.md delete mode 100755 docs/TODO.md delete mode 100755 docs/TODO_UI.md delete mode 100755 docs/inspiration.md delete mode 100644 docs/nixos_notes.md diff --git a/GUIDE.md b/GUIDE.md deleted file mode 100644 index 7666492..0000000 --- a/GUIDE.md +++ /dev/null @@ -1,109 +0,0 @@ -# The Nix Documentation Situation -The Nix documentation situation is notorious bad. It's difficult to find -a concise answer with detailed justification/explanation. And most people -(myself included) tend resort to the [ArchWiki](https://wiki.archlinux.org). -> [!NOTE] -> The [Nix documentation team](https://nixos.org/community/teams/documentation) has an incredibly difficult job. - -Unlike the *centralised* [ArchWiki](https://wiki.archlinux.org), the Nix ecosystem -is incredibly large: -1. **Nix** (the package manager) -2. **Nix/NixLang** (the programming language) -3. **Nixpkgs** (the package repository) -4. **NixOS** (the linux distribution) -5. **Home-Manager** (user environment management) -6. **NUR** (Nix User Repository, like the AUR but Nix!) -7. *and **many** more...* - -Often each project has its own website, wiki, styling, etc. There is tonnes -of information available online but its so hard to find it. - -**Notable organisations:** -1. NixOS Foundation (*official organisation that maintains Nix/Nixpkgs/NixOS*) -2. Nix Community (*unofficial community providing infrastructure/hosting/visibility for projects*) - -## About Me -I love and hate Nix simultaneously. - -Originally *(circa 2023)* I used Windows 10/11 exclusively for programming. -But this is tedious and my friend started mentioning Arch Linux. So with their -help I formatted a spare SSD and began my journey. - -But I **REALLY** like computers... I have servers, routers, 3 computers -actively powered in my bedroom, and *I believe* 8 laptops *currently* in my posession. - -Documenting **every** change I make to a system and spending a week -setting up a device I don't really care about isn't sustainable. -And then *(circa October 2024)* I learnt about NixOS... And now life is "easy". -But learning Nix/NixLang/Nixpkgs/NixOS/Home-Manager/blah-blah-blah was exhausting. -So now I'll try to simplify this learning curve for other newbies **<3** - - -## Nix/NixOS How To -### NixOS Documentation -Using "the" NixOS wiki is surprisingly confusing (at least it was for me). -Why? Because there are multiple and you probably won't realise the difference. - -**Main Wikis:** -> These are visually and structurally identical... And are both community run. -> But they're content does differ. [nixos.wiki] was created -> because ""[wiki.nixos.org] was too limiting with regards to wiki features". -1. [https://wiki.nixos.org] (the **official** NixOS wiki) -2. [https://nixos.wiki] (the **unofficial** user's wiki, community run) - - -**Other Resources:** -> [!TODO] - - -### Migrate to a Newer Version of Nixpkgs -```bash -# Determine the channel name you're using -nix-channel --list -nix-channel --remove -nix-channel --add # ie https://nixos.org/channels/nixos-25.05 -nix-channel --update - -# Now upgrade system profile (log to file in case of failure) -nixos-rebuild boot --upgrade | tee rebuild.log -``` - - - -## Security Implications -### NixOS Default Home Permissions -```bash -# Executing from $HOME ->>> mkdir example.d && ls -l example.d --rw-r--r-- 1 me users 1 Jul 25 10:13 example.d ->>> echo > example.f && ls -l example.f --rw-r--r-- 1 me users 1 Jul 25 10:15 example.f - -## But these ignore facl? ->>> getfacl "$HOME" -# file: home/me -# owner: me -# group: users -user::rwx -group::--- -other::--- -``` -Many commands default to permissions that ignore the file access control listl (file ACLs). -This is not a NixOS specific issue. However this isn't ideal from a security perspective. -The simplest solution is a recursive `chmod -R 600 ~` but there are plenty of files we -intentionally want to be different. -> [!TODO] -> Solution: Make a Nix/Home-Manager package allowing for control over folder permissions. -> SOlution: Also it should warn if any files owned by $USER have a 2 - - - -## Further Reading -### Finding New Things to Do -`man 5 configuration.nix` is incredibly useful - similar info can be found at https://mynixos.com/options - -### For your curiosity -1. https://wiki.nixos.org/wiki/Firejail - - diff --git a/SCREENSHARING b/SCREENSHARING deleted file mode 100644 index d3046f6..0000000 --- a/SCREENSHARING +++ /dev/null @@ -1,11 +0,0 @@ -Excellent Resource -https://gist.github.com/brunoanc/2dea6ddf6974ba4e5d26c3139ffb7580#install-xdg-desktop-portal-and-friends - -Hyprland official page on screensharing -https://wiki.hyprland.org/Useful-Utilities/Screen-Sharing/ - - -Multiple sources seem to think that use xdg-desktop-portal-wlr works (but I can't stream individual applications) -but I suppose that's better than nothing? - -Also check out xwaylandvideobridge diff --git a/TODO.md b/TODO.md deleted file mode 100644 index 6b9f235..0000000 --- a/TODO.md +++ /dev/null @@ -1,32 +0,0 @@ -## Next Up -1. Rename user "ae" to "cry" or "vps" -2. Add 404 page to nginx on hyrule -3. Add a user called "mirror" that stores important mirrors (inspiration: https://git.gay/mirror) - -## TODO -SOON: fix having to keep specifying new sha256 for home-manager (where I fetchTarball for it) - -Create a command palette accessible with MOD+P (MOD => Windows Key) - (ie make fullscreen, send to monitor, etc) - -Boring stuff (ie work and uni should go on a separate user account) - on in some separate $HOME atleast - -Is home-manager installed standalone? If so please remove that... - -Rewrite the README.md file its all over the place (add more structure to the `docs` directory instead) - -Add a MAC Changer module like -https://github.com/XNM1/linux-nixos-hyprland-config-dotfiles/blob/main/nixos/mac-randomize.nix - -Make each monitor's window styling slightly different (just for fun) - -Research "input methods" ie https://wiki.archlinux.org/title/Input_method - -Bind 5 workspaces per connected monitor. - Then use the command palette (discussed prior) to send to - a different workspace (ie because I currently use MOD+SHIFT+n - but if n>=10 then it doesnt work! hence we need a command palette!) - -Can I run openvpn only for a specific proccess and its children? - then ie run qbittorrent (just in case the VPN isnt private) diff --git a/banner b/banner deleted file mode 100644 index 67e1bd9..0000000 --- a/banner +++ /dev/null @@ -1,6 +0,0 @@ - .------------. - | oh my | - '------------' - ^ (\_(\ - '----- ( -.-) - o_(")(") diff --git a/config.temp/hyprland.conf b/config.temp/hyprland.conf deleted file mode 100755 index 4876e8a..0000000 --- a/config.temp/hyprland.conf +++ /dev/null @@ -1,373 +0,0 @@ -# All hyprland configuration variables are listed (even niche ones) -# to save you the hassle. Reference: https://wiki.hypr.land/Configuring/Variables/ -# -# You can split this configuration into multiple files -# Create your files separately and then link them to this file like this: -# source = ~/.config/hypr/myColors.conf - - -################ -### MONITORS ### -################ - -# Programming: -monitor=eDP-1, highres@highrr, auto, 1.0 -# Comfy: -#monitor=eDP-1, highres@highrr, auto, 1.5 - - -################### -### MY PROGRAMS ### -################### - -# See https://wiki.hyprland.org/Configuring/Keywords/ - -# Set programs that you use -$terminal = ghostty #rio -$fileManager = thunar -# $menu = wofi --show drun -# $menu = ags -t "applauncher" -$menu = fuzzel -$colorpicker = hyprpicker | head -c 7 | wl-copy - -################# -### AUTOSTART ### -################# - -# Autostart necessary processes (like notifications daemons, status bars, etc.) -# Or execute your favorite apps at launch like this: - -# exec-once = $terminal -# exec-once = nm-applet & -# exec-once = waybar & hyprpaper & firefox -exec-once = swww-daemon & -exec-once = mako & -# TODO: or do I do `swww init` or `swww restore`? - -# █▀▀ █▄░█ █░█   █░█ ▄▀█ █▀█ -# ██▄ █░▀█ ▀▄▀   ▀▄▀ █▀█ █▀▄ - -# See https://wiki.hyprland.org/Configuring/Environment-variables/ - -#env = HYPRCURSOR_THEME,Bibata-Modern-Ice -env = HYPRCURSOR_SIZE,16 -#env = XCURSOR_THEME,Bibata-Modern-Ice -env = XCURSOR_SIZE,16 - -env = QT_QPA_PLATFORM,wayland -env = QT_QPA_PLATFORMTHEME,qt5ct -env = XDG_MENU_PREFIX,arch- - -# TODO: make this variable (not dependent on helix) in my flake -env = EDITOR,hx -env = TERMINAL,rio - - - - -# DEBUG: attempting to get screensharing working... (please god help me) -# REFERENCE: https://github.com/hyprwm/xdg-desktop-portal-hyprland/issues/251#issuecomment-2345631820 -env = XDG_CURRENT_DESKTOP,Hyprland -exec-once = dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP -#exec-once = dbus-update-activation-environment --systemd --all -#exec-once = systemctl --user import-environment WAYLAND_DISPLAY XDG_CURRENT_DESKTOP - - - -# .__. .___ __..___. . . .___ .___. ._. __ __. -# [__] [__ (__ | |__| [__ | | / ` (__ -# | | [___ .__) | | | [___ | _|_ \__. .__) - -# Refer to https://wiki.hyprland.org/Configuring/Variables/ - -# https://wiki.hyprland.org/Configuring/Variables/#general -general { - gaps_in = 12 # margin between windows - gaps_out = 25 # margin from windows to monitor edge - gaps_workspaces = 0 # margin between workspaces (stacks with gaps_out) - # float_gaps = 0 # gaps_out but for floating windows - - border_size = 4 - - # https://wiki.hyprland.org/Configuring/Variables/#variable-types for info about colors - col.active_border = rgba(33ccffee) rgba(00ff99ee) 45deg - col.inactive_border = rgba(00000000) - - # Set to true enable resizing windows by clicking and dragging on borders and gaps - resize_on_border = true - - # Please see https://wiki.hyprland.org/Configuring/Tearing/ before you turn this on - allow_tearing = false - - layout = dwindle - - snap { - enabled = false - window_gap = 10 - monitor_gap = 10 - border_overlap = false - # respect_gaps = false - } -} - -# https://wiki.hyprland.org/Configuring/Variables/#decoration -decoration { - rounding = 20 - rounding_power = 4.0 # Lp norm - border_part_of_window = true # consider border as part of its window - screen_shader = # path to custom GLSL fragment shader - - # Window Transparency - active_opacity = 1.0 - inactive_opacity = 0.95 - fullscreen_opacity = 1.0 # fullscreened windows - # Inactive Window Dimming - dim_inactive = false - dim_strength = 0.5 - dim_special = 0.2 - dim_around = 0.4 - - # https://wiki.hyprland.org/Configuring/Variables/#blur - blur { - enabled = true - new_optimizations = true - xray = false # floating windows xray through tiling windows - ignore_opacity = true - - # Blur Parameters - size = 8 - passes = 1 - noise = 0.0117 # default - contrast = 0.8916 # default - brightness = 0.8172 # default - vibrancy = 0.1696 # default - vibrancy_darkness = 0.0 # default - - # Blurring For Specific Window Types - special = false # blur special windows - popups = false # blur popups - popups_ignorealpha = 0.2 - input_methods = false - input_methods_ignorealpha = 0.2 - } - - shadow { - enabled = true - ignore_window = true # only render at edges (not behind) - - range = 3 - render_power = 1 # falloff rate - sharp = false # aka infinite shadow.render_power - offset = 0 0 # vec2 - scale = 1.0 - - color = rgba(00000000) - color_inactive = rgba(000000ff) # defaults to shadow.color if unset - } -} - -# https://wiki.hyprland.org/Configuring/Variables/#animations -animations { - enabled = yes, please :) - - # Animation Declaration Format: - # "animation = NAME, ENABLE, SPEED, BEZIER [,STYLE]" - # SPEED: in ds (where 1ds = 100ms) - - # Default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more - - bezier = easeOutQuint,0.23,1,0.32,1 - bezier = easeInOutCubic,0.65,0.05,0.36,1 - bezier = linear,0,0,1,1 - bezier = almostLinear,0.5,0.5,0.75,1.0 - bezier = quick,0.15,0,0.1,1 - - animation = global, 1, 10, default - animation = border, 1, 5.39, easeOutQuint - - #animation = windows, 1, 4.79, easeOutQuint - #animation = windowsIn, 1, 4.1, easeOutQuint, popin 87% - animation = windowsIn, 1, 4, linear, slide bottom - # animation = windowsOut, 1, 1.49, linear, popin 87% - animation = windowsOut, 1, 10, linear, popin - - animation = fadeIn, 1, 1.73, almostLinear - animation = fadeOut, 1, 1.46, almostLinear - animation = fade, 1, 3.03, quick - - animation = layers, 1, 3.81, easeOutQuint - animation = layersIn, 1, 4, easeOutQuint, fade - animation = layersOut, 1, 1.5, linear, fade - - animation = fadeLayersIn, 1, 1.79, almostLinear - animation = fadeLayersOut, 1, 1.39, almostLinear - - animation = workspaces, 1, 1.94, almostLinear, fade - animation = workspacesIn, 1, 1.21, almostLinear, fade - animation = workspacesOut, 1, 1.94, almostLinear, fade -} - -# Ref https://wiki.hyprland.org/Configuring/Workspace-Rules/ -# "Smart gaps" / "No gaps when only" -# uncomment all if you wish to use that. -# workspace = w[t1], gapsout:0, gapsin:0 -# workspace = w[tg1], gapsout:0, gapsin:0 -# workspace = f[1], gapsout:0, gapsin:0 -# windowrulev2 = bordersize 0, floating:0, onworkspace:w[t1] -# windowrulev2 = rounding 0, floating:0, onworkspace:w[t1] -# windowrulev2 = bordersize 0, floating:0, onworkspace:w[tg1] -# windowrulev2 = rounding 0, floating:0, onworkspace:w[tg1] -# windowrulev2 = bordersize 0, floating:0, onworkspace:f[1] -# windowrulev2 = rounding 0, floating:0, onworkspace:f[1] - -# See https://wiki.hyprland.org/Configuring/Dwindle-Layout/ for more -dwindle { - pseudotile = true # Master switch for pseudotiling. Enabling is bound to MOD + P in the keybinds section below - preserve_split = true # You probably want this -} - -# See https://wiki.hyprland.org/Configuring/Master-Layout/ for more -master { - new_status = master -} - -# https://wiki.hyprland.org/Configuring/Variables/#misc -misc { - #force_default_wallpaper = -1 # Set to 0 or 1 to disable the anime mascot wallpapers - disable_hyprland_logo = true # If true disables the random hyprland logo / anime girl background. :( - disable_splash_rendering = true -} - - -############# -### INPUT ### -############# - -# https://wiki.hyprland.org/Configuring/Variables/#input -input { - kb_layout = us - kb_variant = - kb_model = - kb_options = - kb_rules = - - follow_mouse = 1 - - sensitivity = 0 # -1.0 - 1.0, 0 means no modification. - - touchpad { - natural_scroll = false - } -} - -# https://wiki.hyprland.org/Configuring/Variables/#gestures -gestures { - workspace_swipe = true -} - -# Example per-device config -# See https://wiki.hyprland.org/Configuring/Keywords/#per-device-input-configs for more -#device { -# name = epic-mouse-v1 -# sensitivity = -0.5 -#} - - -################### -### KEYBINDINGS ### -################### - -# See https://wiki.hyprland.org/Configuring/Keywords/ -$MOD = SUPER # Sets "Windows" key as main modifier - -# Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more -bind = $MOD, RETURN, exec, $terminal -bind = $MOD, E, exec, $fileManager -bind = $MOD, R, exec, $menu -bind = $MOD, H, exec, $colorpicker - -bind = $MOD, F, fullscreen -bind = $MOD, V, togglefloating, -bind = $MOD, P, pseudo, # dwindle -bind = $MOD, J, togglesplit, # dwindle - -bind = $MOD, C, killactive, -#bind = $MOD, M, exit, - -# Move focus with MOD + arrow keys -bind = $MOD, left, movefocus, l -bind = $MOD, right, movefocus, r -bind = $MOD, up, movefocus, u -bind = $MOD, down, movefocus, d - -# Switch workspaces with MOD + [0-9] -bind = $MOD, 1, workspace, 1 -bind = $MOD, 2, workspace, 2 -bind = $MOD, 3, workspace, 3 -bind = $MOD, 4, workspace, 4 -bind = $MOD, 5, workspace, 5 -bind = $MOD, 6, workspace, 6 -bind = $MOD, 7, workspace, 7 -bind = $MOD, 8, workspace, 8 -bind = $MOD, 9, workspace, 9 -bind = $MOD, 0, workspace, 10 - -# Move active window to a workspace with MOD + SHIFT + [0-9] -bind = $MOD SHIFT, 1, movetoworkspace, 1 -bind = $MOD SHIFT, 2, movetoworkspace, 2 -bind = $MOD SHIFT, 3, movetoworkspace, 3 -bind = $MOD SHIFT, 4, movetoworkspace, 4 -bind = $MOD SHIFT, 5, movetoworkspace, 5 -bind = $MOD SHIFT, 6, movetoworkspace, 6 -bind = $MOD SHIFT, 7, movetoworkspace, 7 -bind = $MOD SHIFT, 8, movetoworkspace, 8 -bind = $MOD SHIFT, 9, movetoworkspace, 9 -bind = $MOD SHIFT, 0, movetoworkspace, 10 - -# Example special workspace (scratchpad) -bind = $MOD, S, togglespecialworkspace, magic -bind = $MOD SHIFT, S, movetoworkspace, special:magic - -# Scroll through existing workspaces with MOD + scroll -bind = $MOD, mouse_up, workspace, e-1 -bind = $MOD, mouse_down, workspace, e+1 -# Or with the keyboard -bind = $MOD SHIFT, left, workspace, e-1 -bind = $MOD SHIFT, right, workspace, e+1 - -# Move/resize windows with MOD + LMB/RMB and dragging -bindm = $MOD, mouse:272, movewindow -bindm = $MOD, mouse:273, resizewindow - -# Laptop multimedia keys for volume and LCD brightness -bindel = ,XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+ -bindel = ,XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%- -bindel = ,XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle -bindel = ,XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle -bindel = ,XF86MonBrightnessUp, exec, brightnessctl s 10%+ -bindel = ,XF86MonBrightnessDown, exec, brightnessctl s 10%- - -# Requires playerctl -bindl = , XF86AudioNext, exec, playerctl next -bindl = , XF86AudioPause, exec, playerctl play-pause -bindl = , XF86AudioPlay, exec, playerctl play-pause -bindl = , XF86AudioPrev, exec, playerctl previous - -############################## -### WINDOWS AND WORKSPACES ### -############################## - -# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more -# See https://wiki.hyprland.org/Configuring/Workspace-Rules/ for workspace rules - -# Example windowrule v1 -# windowrule = float, ^(kitty)$ - -# Example windowrule v2 -# windowrulev2 = float,class:^(kitty)$,title:^(kitty)$ - -# Ignore maximize requests from apps. You'll probably like this. -windowrulev2 = suppressevent maximize, class:.* - -# Fix some dragging issues with XWayland -windowrulev2 = nofocus,class:^$,title:^$,xwayland:1,floating:1,fullscreen:0,pinned:0 diff --git a/docs/DEVDOC.md b/docs/DEVDOC.md deleted file mode 100644 index 4b8567e..0000000 --- a/docs/DEVDOC.md +++ /dev/null @@ -1,25 +0,0 @@ -## Users - -#### me -My main personal account, used on my PC and laptop. -Contains a hyprland graphical environment by default. - -#### ae -Primary account on my servers. Contains the bare -essentials for my work, no graphical environment. - - -#### friends -A simple account I let me friends connect to. -Limited functionality, mostly just for letting -them test small things or for giving them files. - - -## Setup Guide -##### Adding a New Server -Enable an ssh server on the remote host, then on the -local machine set `.ssh/config` to have a profile for -your desired host and have a key pair that's authorised -to your desired user. - -NOTE: these keys must have permission 600 (only readable/writable by you) diff --git a/docs/DEV_ENV.md b/docs/DEV_ENV.md deleted file mode 100644 index 65e8bb0..0000000 --- a/docs/DEV_ENV.md +++ /dev/null @@ -1,67 +0,0 @@ -This file will document what features I believe I need -for NixOS to be a good development environment. - - -Issues I've encountered: -- [X] Audio not working -- [X] Tesseract is a pain in the ass to setup on Nix -- [ ] ags no longer supports `-t` flag, so applauncher won't work, requires switching to Astral -- [ ] script to enable/disable passwordless sudo - -- [X] Move Emile.Vault to new vault (I lost the password...) - -- [X] Add a simple and ugly bar - -- [ ] Install powertop (funny name) for monitoring power usage by processes -- [ ] Try to make my battery life bettery - -- [ ] Apply for JetBrains student license -- [ ] JetBrains Rider and VSCodium for C# -2. Imperative development environment behind NixOS (declarative), -similar to python's virtualenv but for the entirety of my system. - -- [X] Call my wishlist command "subspace (highway)" (Scott Pilgrim reference) - -- [ ] Create a GitHub profile readme like this persons: - https://github.com/yuyudhn -- [ ] Set a new GitHub profile picture (like github:@Vendicated) - artists credit: https://dotpict.net/users/1598051 -- [ ] Change GitHub location to /dev/zero, /dev/null, www, World Wide Web, etc -- [ ] Clean up my GitHub profile (only have things I'm proud of) - -- [X] Put a template website on my VPS -- [ ] Put a neoweb-esque webiste on my VPS -- [ ] Host a blog on my VPS - -- [ ] Clean laptop and PC, there's tons of unnecessary files and documents now -- [ ] Clean nixdots repo, start modularising it ^_^ -- [ ] Disable `allowUnfree` in nixdots everywhere, if a program needs it then they - can `mkForce` override it - -- [X] Add LSP for Nix in helix -- [ ] Make a way for me to put my laptop in a low power state, doing very specific actions like: - 1. disabling LSP use by default temporarily - -- [ ] Add https://github.com/levnikmyskin/hyprland-virtual-desktops - -TODO: -- [X] make btop theming declarative -- [X] Merge laptop and PC dotfiles repos -- [ ] declaratively install themes for gitkraken using home-manager - -Cool Technologies: -- wishlist (by charmbracelet) -- Vaultwarden server + Keyguard client -- devbox - - - -Random Idea List: -- [ ] powertop is cool but it's outdated and ugly, make a prettier one with charmbracelet's tui library - and call it powerbtm lmao -- [ ] Blog Post: a modern alternative to the suckless philosphy, - why GNU keeps failing cause their programs are amazing but - aren't designed for humans. suckless programs are excellent - too when writing shell scripts, but they suck in dev environments. - The solution is to gamify our code and focus on aesthetics - and "ergonomics" (usability) like what CharmBracelet does diff --git a/docs/PROBLEMLOG.md b/docs/PROBLEMLOG.md deleted file mode 100644 index 5b0e3a6..0000000 --- a/docs/PROBLEMLOG.md +++ /dev/null @@ -1,5 +0,0 @@ -180GB of disk space were used by my system which seemed absurd. Running the NixOS -garbage collector only removed 7GB. The rest was found via: -`du -hs ./.local/share/Games/drive_c/Program\ Files\ \(x86\)/Steam/dumps/reports/*` -tldr: there were 2714 30MB crash report files generated every minute of May 2nd 2025 (10 days ago) - SOLUTION: delete them all and hope it doesn't happen again diff --git a/docs/TODO.md b/docs/TODO.md deleted file mode 100755 index f498088..0000000 --- a/docs/TODO.md +++ /dev/null @@ -1,91 +0,0 @@ -Get Utilities: -1. httpie -2. curlie -3. zoxide -4. doggo - -1. Get helix editor -2. Custom helix -3. Complete helix tutorial - -Get nixcord working -Get thunar working -Set a GTK theme & icon theme -Get better wallpapers -Get hyprcursor working with Bibata-Modern-Ice - -Get a GRUB theme working -Get SDDM and a theme working - -Make a custom hyprlock screen - -Get AGS working -Make an applauncher in AGS -Remove hyprland splash screen on init -Made lolcathost home modular - -Overtime just install more programs that I need regularly: ie -- btop/htop/etc - -Get GTK Bibata Cursors to be the same size as my system cursor (NOT SURE WHAT I DID...) - - -Get waybar (or another bar) working - -Get a QT theme - -Fix pipewire audio sometimes working and sometimes not :( - -Bind new terminal to SUPER+Enter instead of SUPER+Q - -Join Rio Terminal's discord and ask if they support nerdfonts or if I'm doing something wrong - - - -Change Dell loading screen (Boot Graphics Resource Table, aka BGRT) - - - - -Fix: your 131072x1 screen size is bogus. expect trouble - - - -Search for all "TODO" items in my nix dotfiles - -Push nixdots to github - - - - -Check out the Ekala Project (I joined their discord server) - - -Create a program that enables/disables passwordless sudo access - (add to github too) - -Learn to package my own home-manager modules - - - - -Ideal Features: -1. AI assistant -2. searching can also be used to calculate stuff (like I do on my iPad) - - - - -Fork nixcord and fix documentation (the installation is confusing) -But firstly the first code snippet is wrong... -```nix -inputs.nixcord = { - url = "github:kaylorben/nixcord" -}; -``` -Should actually be -```nix -inputs.nixcord = { - url = "github:kaylorben/nixcord"; # dont forget the semicolon -}; -``` diff --git a/docs/TODO_UI.md b/docs/TODO_UI.md deleted file mode 100755 index 34b5246..0000000 --- a/docs/TODO_UI.md +++ /dev/null @@ -1,3 +0,0 @@ -1. Create more themes for my applauncher -2. Create more themes for hyprlock - check out: https://github.com/MrVivekRajan/Hyprlock-Styles diff --git a/docs/inspiration.md b/docs/inspiration.md deleted file mode 100755 index fdb73ab..0000000 --- a/docs/inspiration.md +++ /dev/null @@ -1,12 +0,0 @@ -Godlike - https://github.com/end-4/dots-hyprland - -Gorgeous - https://github.com/prasanthrangan/hyprdots - -Very nice - https://github.com/linuxmobile/hyprland-dots - - -I love their hyprpanel! - https://www.reddit.com/r/unixporn/comments/1ha3mjw/hyprlandnixos_is_the_pretty_ucking_solid_i_love/ diff --git a/docs/nixos_notes.md b/docs/nixos_notes.md deleted file mode 100644 index e396b10..0000000 --- a/docs/nixos_notes.md +++ /dev/null @@ -1,2 +0,0 @@ -Building specific parts of a NixOS system -https://nixos.org/manual/nixos/stable/#sec-building-parts From 4faa68debfae070e04c48027c1e0ea8b9f5851a9 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 8 Feb 2026 17:46:34 +1000 Subject: [PATCH 109/143] remove subspace user --- homes/subspace/default.nix | 87 -------------------------------------- 1 file changed, 87 deletions(-) delete mode 100644 homes/subspace/default.nix diff --git a/homes/subspace/default.nix b/homes/subspace/default.nix deleted file mode 100644 index c827022..0000000 --- a/homes/subspace/default.nix +++ /dev/null @@ -1,87 +0,0 @@ -{ - inputs, - outputs, - lib, - config, - pkgs, - ... -}: { - nixpkgs = { - config.allowUnfree = false; - }; - - imports = [ - ]; - - home = { - username = "subspace"; - homeDirectory = "/home/subspace"; - }; - - programs = { - fish = { - enable = true; - # Extra commands to run when entering a interactive shell - # (for the subspace user this will be exiting fish to - # run wishlist instead, a shell should not pop up!) - loginShellInit = '' - clear - exec wishlist - ''; - }; - - ssh = { - enable = true; - forwardAgent = true; - addKeysToAgent = "yes"; - - matchBlocks = { - hyrule = { - hostname = "imbored.dev"; - user = "ae"; - port = 22; - identityFile = "~/.ssh/id_hyrule"; - setEnv = { - TERM = "linux"; - }; - }; - dead = { - hostname = "deadlyserver.com"; - user = "emile"; - port = 29843; - identityFile = "~/.ssh/id_deadlyserver"; - setEnv = { - TERM = "xterm-256color"; - }; - }; - youcue = { - hostname = "moss.labs.eait.uq.edu.au"; - user = "s4740056"; - port = 22; - identityFile = "~/.ssh/id_youcue"; - setEnv = { - TERM = "xterm-256color"; - }; - }; - }; - }; - }; - - # Nicely reload system units when changing configs - systemd.user.startServices = "sd-switch"; - - # SERVICE: webfishing (example for wishlist) - #systemd.user.services.webfishing = { - # Unit.Description = "I be out here webfishing frfr"; - - # Install.WantedBy = ["default.target"]; - - # Service = { - # Type = "exec"; - # ExecStart = "echo $HOME; cat $HOME/.ssh/config"; - # Restart = "always"; - # }; - #}; - - home.stateVersion = "24.11"; # DO NOT MODIFY -} From ae01c0b13ec88f9e0380899e286f0e15250f37f0 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 8 Feb 2026 17:46:42 +1000 Subject: [PATCH 110/143] add nix-flatpak --- flake.lock | 17 +++++++++++++++++ flake.nix | 2 ++ 2 files changed, 19 insertions(+) diff --git a/flake.lock b/flake.lock index e1ab303..7f7dc60 100644 --- a/flake.lock +++ b/flake.lock @@ -72,6 +72,22 @@ "type": "github" } }, + "nix-flatpak": { + "locked": { + "lastModified": 1767983141, + "narHash": "sha256-7ZCulYUD9RmJIDULTRkGLSW1faMpDlPKcbWJLYHoXcs=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "440818969ac2cbd77bfe025e884d0aa528991374", + "type": "github" + }, + "original": { + "owner": "gmodena", + "ref": "v0.7.0", + "repo": "nix-flatpak", + "type": "github" + } + }, "nix-github-actions": { "inputs": { "nixpkgs": [ @@ -161,6 +177,7 @@ "inputs": { "colmena": "colmena", "grub2-themes": "grub2-themes", + "nix-flatpak": "nix-flatpak", "nixpkgs": "nixpkgs_3", "nixpkgs-unstable": "nixpkgs-unstable" } diff --git a/flake.nix b/flake.nix index e339ce6..649f4d9 100644 --- a/flake.nix +++ b/flake.nix @@ -7,6 +7,8 @@ colmena.url = "github:zhaofengli/colmena/?rev=47b6414d800c8471e98ca072bc0835345741a56a"; + nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=v0.7.0"; + grub2-themes.url = "github:vinceliuice/grub2-themes"; }; From 9d6b398bae8b08b4189c5ed8d1393c7d1613b58c Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 8 Feb 2026 17:47:11 +1000 Subject: [PATCH 111/143] add discord --- hosts/myputer/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index aecd7ce..a552046 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -27,6 +27,8 @@ in { #../modules/flipperzero.nix #../modules/chameleonultragui.nix + + inputs.nix-flatpak.nixosModules.nix-flatpak ]; nix.settings = { @@ -144,6 +146,8 @@ in { # ----- SERVICES ----- services = { + flatpak.enable = true; + # Set display manager (login screen) displayManager = { # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects @@ -339,6 +343,7 @@ in { gobuster nth zap + wireguard-tools httpie curlie @@ -391,6 +396,7 @@ in { # Games prismlauncher # minecraft pkgs-unstable.olympus + discord ]; # DEBUG: configuring xdg portal here instead? From a1f4e812a58fa63fb20befdbf8e834013d8598e5 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 8 Feb 2026 17:47:19 +1000 Subject: [PATCH 112/143] add friends user to hyrule --- hosts/hyrule/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 72cf59f..071ed86 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -163,6 +163,12 @@ in { wishlist ]; }; + + friends = { + isNormalUser = true; + shell = pkgs.fish; + home = "/home/friends"; + }; }; }; @@ -505,6 +511,7 @@ in { git vim helix + tcpdump ]; programs = { From d5e36b8df8c5eb363a6f037144287c6c50ef34a0 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 8 Feb 2026 18:56:06 +1000 Subject: [PATCH 113/143] im lazy --- flake.lock | 132 +++++++++++----- flake.nix | 10 +- homes/modules/fish.nix | 28 +++- homes/modules/nixcord.nix | 248 +++++++++++++++++++++++++++++- hosts/hyrule/default.nix | 48 +++--- hosts/hyrule/services/forgejo.nix | 4 +- hosts/hyrule/services/nginx.nix | 1 + hosts/lolcathost/default.nix | 7 + hosts/modules/discord/nixcord.nix | 29 ---- overlays/default.nix | 10 ++ packages/ekphos.nix | 29 ++++ 11 files changed, 441 insertions(+), 105 deletions(-) mode change 100755 => 100644 homes/modules/nixcord.nix delete mode 100755 hosts/modules/discord/nixcord.nix create mode 100644 overlays/default.nix create mode 100644 packages/ekphos.nix diff --git a/flake.lock b/flake.lock index 3cf7a06..b10be59 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1770121583, - "narHash": "sha256-BI9UgaWtIHqyV8L4Vfh5Vrakax65QOG6m0a28L05YzM=", + "lastModified": 1770316708, + "narHash": "sha256-i9oEi2PUIZfp+73ZvQE/Ze0aCEV3y3+vvaJ/ZmAe3bw=", "ref": "refs/heads/main", - "rev": "d511138e76f03990da593d1d0129f58c1ec3f570", - "revCount": 100, + "rev": "955746af205e2a94a8e0798a911941da9c5af779", + "revCount": 117, "type": "git", "url": "https://forge.dobutterfliescry.net/cry/site" }, @@ -69,6 +69,38 @@ "type": "github" } }, + "flake-compat_2": { + "locked": { + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "revCount": 69, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1768135262, + "narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -88,7 +120,9 @@ }, "grub2-themes": { "inputs": { - "nixpkgs": "nixpkgs" + "nixpkgs": [ + "nixpkgs" + ] }, "locked": { "lastModified": 1757136219, @@ -125,39 +159,29 @@ "type": "github" } }, + "nixcord": { + "inputs": { + "flake-compat": "flake-compat_2", + "flake-parts": "flake-parts", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1770365342, + "narHash": "sha256-jV5tAs67HSBWz/ePEp1eyoUK3Lqfc1fEAvt2wC6reFc=", + "owner": "FlameFlag", + "repo": "nixcord", + "rev": "51db830336715209a4a213aa985f4d405ff0be69", + "type": "github" + }, + "original": { + "owner": "FlameFlag", + "repo": "nixcord", + "type": "github" + } + }, "nixpkgs": { - "locked": { - "lastModified": 1761269590, - "narHash": "sha256-yTr+PCi4wGbOEidrm8XyXBobLxLMqIBsbUyhwsN6wrc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "d792a6e0cd4ba35c90ea787b717d72410f56dc40", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "master", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1761114652, - "narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { "locked": { "lastModified": 1761016216, "narHash": "sha256-G/iC4t/9j/52i/nm+0/4ybBmAF4hzR8CNHC75qEhjHo=", @@ -173,12 +197,44 @@ "type": "github" } }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1765674936, + "narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1770197578, + "narHash": "sha256-AYqlWrX09+HvGs8zM6ebZ1pwUqjkfpnv8mewYwAo+iM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "00c21e4c93d963c50d4c0c89bfa84ed6e0694df2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { "colmena": "colmena", "dobutterfliescry-net": "dobutterfliescry-net", "grub2-themes": "grub2-themes", - "nixpkgs": "nixpkgs_2", + "nixcord": "nixcord", + "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", "systems": "systems_2" } diff --git a/flake.nix b/flake.nix index b6d5a67..2df01c1 100644 --- a/flake.nix +++ b/flake.nix @@ -16,7 +16,15 @@ }; }; - grub2-themes.url = "github:vinceliuice/grub2-themes"; + grub2-themes = { + url = "github:vinceliuice/grub2-themes"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + nixcord = { + url = "github:FlameFlag/nixcord"; + inputs.nixpkgs.follows = "nixpkgs"; + }; dobutterfliescry-net = { url = "git+https://forge.dobutterfliescry.net/cry/site"; diff --git a/homes/modules/fish.nix b/homes/modules/fish.nix index 801fa0f..69d82f3 100755 --- a/homes/modules/fish.nix +++ b/homes/modules/fish.nix @@ -20,18 +20,34 @@ # completions.enable = true; # }; - interactiveShellInit = '' + interactiveShellInit = let + greetings = + [ + "Welcome weary traveller to my shop" + "It's dangerous to go alone! Take this." + "Do butterflies cry when they're sad?" + "I hope they do" + "I think Alice is lost..." + + "Something wicked this way comes" + "May your L's be many... and your bitches few" + + "What a horrible night to have a curse." + "The ancient spirits of light and dark have been released." + "The god of the stars rejects your offering. The ritual can only be performed at night." + "You should have just died..." + "Supreme Witch, Calamitas has killed every player!" + ] + |> map (x: "\"${x}\"") + |> builtins.concatStringsSep " "; + in '' # add dotnet completions if it exists (ie we're in a virtual environment) if type -q dotnet complete -f -c dotnet -a "(dotnet complete (commandline -cp))" end function rand_greet - set weary "Welcome weary traveller to my shop" - set alone "It's dangerous to go alone! Take this." - set sad "Do butterflies cry when they're sad?" - set alice "I think Alice is lost..." - set greetings "$weary" "$alone" "$sad" "$alice" + set greetings ${greetings} echo -n $greetings[(random 1 (count $greetings))] end diff --git a/homes/modules/nixcord.nix b/homes/modules/nixcord.nix old mode 100755 new mode 100644 index a006c0e..97e6b15 --- a/homes/modules/nixcord.nix +++ b/homes/modules/nixcord.nix @@ -1,16 +1,248 @@ -{ - config, - pkgs, - ... -}: { +{inputs, ...}: { + imports = [ + inputs.nixcord.homeModules.nixcord + ]; + programs.nixcord = { enable = true; + equibop.enable = true; + + discord = { + vencord.enable = false; + equicord.enable = true; + }; + config = { - frameless = true; + enabledThemes = [ + # "aurorastheme.css" + # "base16-colors.css" + ]; plugins = { - # TODO: remove this plugin - hideAttachments.enable = true; + anonymiseFileNames = { + enable = true; + anonymiseByDefault = true; + method = 0; + randomisedLength = 16; + }; + betterSessions = { + backgroundCheck = true; + checkInterval = 1; + }; + biggerStreamPreview.enable = true; + callTimer.enable = true; + fixYoutubeEmbeds.enable = true; + fixSpotifyEmbeds.enable = true; + tidalEmbeds.enable = true; + youtubeAdblock.enable = true; + followVoiceUser.enable = true; + friendsSince.enable = true; + ircColors = { + enable = true; + lightness = 80; + memberListColors = true; + applyColorOnlyInDms = false; + applyColorOnlyToUsersWithoutColor = false; + }; + messageLogger = { + enable = true; + showEditDiffs = true; + separatedDiffs = false; + }; + # fakeNitro.enable = true; + ghosted.enable = true; + noF1.enable = true; + noMaskedUrlPaste.enable = true; + messageLatency = { + enable = false; + latency = -1; + showMillis = true; + }; + openInApp.enable = true; + crashHandler.enable = true; + disableCallIdle.enable = true; + experiments.enable = true; + expressionCloner.enable = true; + favoriteGifSearch.enable = true; + fixImagesQuality.enable = true; + forceOwnerCrown.enable = true; + forwardAnywhere.enable = true; + spotifyCrack.enable = true; + spotifyShareCommands.enable = true; + spotifyControls.enable = true; + fullUserInChatbox.enable = true; + gifPaste.enable = true; + ignoreActivities = { + enable = true; + ignorePlaying = true; + ignoreStreaming = true; + ignoreListening = true; + ignoreWatching = true; + ignoreCompeting = true; + }; + imageLink.enable = true; + imageZoom.enable = true; + memberCount.enable = true; + noDevtoolsWarning.enable = true; + noUnblockToJump.enable = true; + pauseInvitesForever.enable = true; + permissionsViewer.enable = true; + pictureInPicture = { + enable = true; + loop = true; + }; + platformIndicators.enable = true; + previewMessage.enable = true; + relationshipNotifier.enable = true; + revealAllSpoilers.enable = true; + serverInfo.enable = true; + serverListIndicators.enable = true; + showHiddenChannels.enable = true; + showHiddenThings.enable = true; + showTimeoutDuration = { + enable = true; + displayStyle = "tooltip"; + }; + silentTyping = { + enable = true; + enabledGlobally = false; + }; + startupTimings.enable = true; + typingIndicator.enable = true; + unlockedAvatarZoom = { + enable = true; + zoomMultiplier = 4.0; + }; + userMessagesPronouns.enable = true; + validUser.enable = true; + validReply.enable = true; + viewIcons = { + enable = true; + format = "webp"; + imgSize = "4096"; + }; + voiceChatDoubleClick.enable = true; + voiceDownload.enable = true; + voiceMessages = { + enable = true; + noiseSuppression = false; + echoCancellation = true; + }; + volumeBooster.enable = true; + webKeybinds.enable = true; + webScreenShareFixes.enable = true; + whoReacted.enable = true; + whosWatching.enable = true; + quickReply.enable = true; + questCompleter.enable = true; + shikiCodeblocks = { + enable = true; + useDevIcon = "COLOR"; + theme = "https://raw.githubusercontent.com/shikijs/textmate-grammars-themes/2d87559c7601a928b9f7e0f0dda243d2fb6d4499/packages/tm-themes/themes/kanagawa-wave.json"; + }; }; }; }; + + programs.nixcord.config.plugins.PinDMs = { + enable = true; + canCollapseDmSection = true; + # userBasedCategoryList = { + # "1202666382760607774" = [ + # { + # id = "i9dflmraztc"; + # name = "🏳️‍⚧️ girlfriends!!! :3 🏳️‍⚧️"; + # color = 16359423; + # collapsed = false; + # channels = [ + # "1436964273162289185" + # "1436988320474206311" + # "1449837047383855119" + # "1436965652861685891" + # "1436968495190642722" + # "1465424321919975454" + # ]; + # } + # { + # id = "p2v1f5y9zbd"; + # name = "🦋 best frens <3 🦋"; + # color = 10223511; + # collapsed = false; + # channels = [ + # "1436985374286155799" + # "1436965657076826222" + # "1429921297160212681" + # "1394808379381387385" + # "1433593753183977545" + # "1438254055452446881" + # "1436966389549236376" + # "1202678007026819134" + # "1437151552224624660" + # "1441906462094921789" + # "1450340272079769712" + # "1458123717124165764" + # "1436975341129306155" + # "1461885176534794427" + # "1462155159470866443" + # "1468735915076878407" + # ]; + # } + # { + # id = "c0mg5w635j8"; + # name = "🏳️‍🌈 close frens x3 🏳️‍🌈"; + # color = 10780927; + # collapsed = false; + # channels = [ + # "1437077103873888290" + # "1436975346338762823" + # "1437123353101205590" + # "1441516692164575283" + # "1419557866502754334" + # "1436985041203892315" + # "1438071327515742229" + # ]; + # } + # { + # id = "ghjrq5el3b"; + # name = "frens :3"; + # color = 7334399; + # collapsed = false; + # channels = [ + # "1437007154132422701" + # "1437006448948416526" + # "1446781617422209068" + # "1444723474835837103" + # "1437098569483161721" + # "1437237573146771469" + # "1436973705421914123" + # "1437135359359320125" + # "1438010723837022343" + # "1440553969461104740" + # "1437097082887475201" + # "1447222320015085740" + # "1462624704027164824" + # "1449513783893692589" + # "1463737720961634461" + # "1463000874392748249" + # "1461929299727749145" + # "1436984534712451105" + # "1436983282582683813" + # "1437283420312047659" + # "1437089201651847315" + # "1468324280445046824" + # ]; + # } + # { + # id = "zbmj00xw7d8"; + # name = "goop chats"; + # color = 14876549; + # collapsed = false; + # channels = [ + # "1437132769141719040" + # "1445549416516681902" + # "1458849972815663209" + # ]; + # } + # ]; + # }; + }; } diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 837fc4d..1bb4b6b 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -61,6 +61,12 @@ in { hostName = "hyrule"; networkmanager.enable = true; + # Use CloudFlare's WARP+ 1.1.1.1 DNS service + nameservers = [ + "1.1.1.1" + "1.0.0.1" + ]; + firewall = { enable = true; allowedTCPPorts = [ @@ -82,28 +88,28 @@ in { ]; }; - wg-quick.interfaces = { - wg0 = { - address = [ - "10.10.10.4/24" - ]; - dns = ["10.10.10.1"]; - privateKeyFile = "/root/wg_agrivpn_hyrule"; - peers = [ - { - # peer's public key - publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY="; + # wg-quick.interfaces = { + # wg0 = { + # address = [ + # "10.10.10.4/24" + # ]; + # dns = ["10.10.10.1"]; + # privateKeyFile = "/root/wg_agrivpn_hyrule"; + # peers = [ + # { + # # peer's public key + # publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY="; - # choose which traffic to forward - allowedIPs = [ - "10.0.51.0/24" - "10.10.10.0/24" - ]; - endpoint = "150.242.34.33:54231"; - } - ]; - }; - }; + # # choose which traffic to forward + # allowedIPs = [ + # "10.0.51.0/24" + # "10.10.10.0/24" + # ]; + # endpoint = "150.242.34.33:54231"; + # } + # ]; + # }; + # }; }; users = { diff --git a/hosts/hyrule/services/forgejo.nix b/hosts/hyrule/services/forgejo.nix index f228116..d5d680d 100644 --- a/hosts/hyrule/services/forgejo.nix +++ b/hosts/hyrule/services/forgejo.nix @@ -18,8 +18,8 @@ server = { # ENABLE_ACME = true; # ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev" - DOMAIN = "forge.imbored.dev"; # should this be "imbored.dev"? - ROOT_URL = "https://forge.imbored.dev"; # full public URL of the Forgejo server + DOMAIN = "dobutterfliescry.net"; # should this be "imbored.dev"? + ROOT_URL = "https://forge.dobutterfliescry.net"; # full public URL of the Forgejo server # address and port to listen on HTTP_ADDR = "127.0.0.1"; HTTP_PORT = 3000; diff --git a/hosts/hyrule/services/nginx.nix b/hosts/hyrule/services/nginx.nix index 945724e..6d0205d 100644 --- a/hosts/hyrule/services/nginx.nix +++ b/hosts/hyrule/services/nginx.nix @@ -76,6 +76,7 @@ "vault.imbored.dev" = vault; # Route "forge" subdomain to forgejo # TODO: use `forgejo.settings.server.ENABLE_ACME` instead? + # "tearforge.net" = forge; "forge.dobutterfliescry.net" = forge; }; }; diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 997eb05..94c3d46 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -27,6 +27,11 @@ in { ../modules/angryoxide.nix # ../modules/flipperzero.nix # ../modules/chameleonultragui.nix + + (import ../../overlays/default.nix { + inherit pkgs; + upkgs = pkgs-unstable; + }) ]; nix.settings.experimental-features = [ @@ -387,6 +392,8 @@ in { prismlauncher # minecraft pkgs-unstable.olympus # celeste discord + discordo + ekphos ]; programs = { diff --git a/hosts/modules/discord/nixcord.nix b/hosts/modules/discord/nixcord.nix deleted file mode 100755 index a347405..0000000 --- a/hosts/modules/discord/nixcord.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - lib, - pkgs, - config, - inputs, - outputs, - ... -}: - -{ - imports = [ - config.nixcord.homeManagerModules.nixcord - ]; - - programs.nixcord = { - enable = true; - config = { - #themeLinks = [ - # "" - #]; - - # no surrounding window frame - frameless = true; - - plugins = { - }; - }; - }; -} diff --git a/overlays/default.nix b/overlays/default.nix new file mode 100644 index 0000000..b6445d9 --- /dev/null +++ b/overlays/default.nix @@ -0,0 +1,10 @@ +{upkgs, ...}: { + nixpkgs.overlays = [ + (self: super: { + ekphos = import ../packages/ekphos.nix { + inherit upkgs; + pkgs = super; + }; + }) + ]; +} diff --git a/packages/ekphos.nix b/packages/ekphos.nix new file mode 100644 index 0000000..bf176d5 --- /dev/null +++ b/packages/ekphos.nix @@ -0,0 +1,29 @@ +{ + pkgs, + upkgs, + ... +}: let + inherit + (pkgs) + lib + ; +in + upkgs.rustPackages.rustPlatform.buildRustPackage { + pname = "ekphos"; + version = "v0.20.10"; + src = pkgs.fetchFromGitHub { + repo = "ekphos"; + owner = "hanebox"; + sha256 = "sha256-mZ6yQdPpJ9PglYyHwivVDO05vRPvwZG7DPEBJeOVlFE="; + rev = "1ac1ab68dd4ea867dadf54f60e32a9a3e0305695"; + }; + + cargoHash = "sha256-s6Elg0Fqxdlc2/428oV7POMqphx8vWaLOncO5kZyBfQ="; + + meta = { + description = "A lightweight, fast, terminal-based markdown research tool inspired by Obsidian"; + homepage = "https://github.com/hanebox/ekphos"; + license = lib.licenses.mit; + maintainers = [lib.maintainers.emileclarkb]; + }; + } From 14193c05fbd4878b78f3670d99ae96723ce3d388 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 8 Feb 2026 19:40:20 +1000 Subject: [PATCH 114/143] remove thefuck --- flake.lock | 23 +++++------------------ hosts/lolcathost/default.nix | 1 - hosts/myputer/default.nix | 1 - 3 files changed, 5 insertions(+), 20 deletions(-) diff --git a/flake.lock b/flake.lock index 6dcb3ef..ad2b20c 100644 --- a/flake.lock +++ b/flake.lock @@ -103,7 +103,9 @@ }, "flake-utils": { "inputs": { - "systems": "systems" + "systems": [ + "systems" + ] }, "locked": { "lastModified": 1731533236, @@ -249,11 +251,11 @@ "colmena": "colmena", "dobutterfliescry-net": "dobutterfliescry-net", "grub2-themes": "grub2-themes", + "nix-flatpak": "nix-flatpak", "nixcord": "nixcord", "nixpkgs": "nixpkgs", - "nix-flatpak": "nix-flatpak", "nixpkgs-unstable": "nixpkgs-unstable", - "systems": "systems_2" + "systems": "systems" } }, "systems": { @@ -270,21 +272,6 @@ "repo": "default", "type": "github" } - }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } } }, "root": "root", diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 94c3d46..1517f52 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -359,7 +359,6 @@ in { lazygit ripgrep viddy # modern `watch` command - thefuck timg # terminal image (sixel) viewer # Pretty necessary diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 698dbf5..04b31d9 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -346,7 +346,6 @@ in { lazygit ripgrep viddy # modern `watch` command - thefuck deploy-rs From e961180371086a7539a29bbd5eafdd587c4a3562 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 8 Feb 2026 20:22:39 +1000 Subject: [PATCH 115/143] move hosts/packages -> packages --- .../chameleonultragui/default.nix.bak1 | 474 ------------------ hosts/packages/tundra/README | 12 - hosts/packages/tundra/flake.lock | 62 --- hosts/packages/tundra/flake.nix | 42 -- hosts/packages/tundra/src/app.in.vala | 31 -- hosts/packages/tundra/src/meson.build | 47 -- hosts/packages/tundra/src/style.scss | 107 ---- hosts/packages/tundra/src/widget/Bar.vala | 265 ---------- {hosts/packages => packages}/README | 0 .../angryoxide/default.nix | 0 .../chameleonultragui/TODO.md | 0 .../chameleonultragui/default.nix | 0 packages/{ekphos.nix => ekphos/default.nix} | 0 .../huggingface_hub/flake.nix | 0 .../huggingface_hub/hf-xet.nix | 0 .../huggingface_hub/huggingface_hub.nix | 0 .../x86-manpages/default.nix | 0 17 files changed, 1040 deletions(-) delete mode 100644 hosts/packages/chameleonultragui/default.nix.bak1 delete mode 100644 hosts/packages/tundra/README delete mode 100644 hosts/packages/tundra/flake.lock delete mode 100644 hosts/packages/tundra/flake.nix delete mode 100644 hosts/packages/tundra/src/app.in.vala delete mode 100644 hosts/packages/tundra/src/meson.build delete mode 100644 hosts/packages/tundra/src/style.scss delete mode 100644 hosts/packages/tundra/src/widget/Bar.vala rename {hosts/packages => packages}/README (100%) rename {hosts/packages => packages}/angryoxide/default.nix (100%) rename hosts/packages/chameleonultragui/TODO => packages/chameleonultragui/TODO.md (100%) rename {hosts/packages => packages}/chameleonultragui/default.nix (100%) rename packages/{ekphos.nix => ekphos/default.nix} (100%) rename {hosts/packages => packages}/huggingface_hub/flake.nix (100%) rename {hosts/packages => packages}/huggingface_hub/hf-xet.nix (100%) rename {hosts/packages => packages}/huggingface_hub/huggingface_hub.nix (100%) rename {hosts/packages => packages}/x86-manpages/default.nix (100%) diff --git a/hosts/packages/chameleonultragui/default.nix.bak1 b/hosts/packages/chameleonultragui/default.nix.bak1 deleted file mode 100644 index 158877a..0000000 --- a/hosts/packages/chameleonultragui/default.nix.bak1 +++ /dev/null @@ -1,474 +0,0 @@ -{ - pkgs, - lib, - ... -}: -# ChameleonUltraGUI requires flutter sdk >3.0.0 -pkgs.flutter324.buildFlutterApplication -(self: { - pname = "ChameleonUltraGUI"; - version = "1.1.2"; - - src = pkgs.fetchFromGitHub { - owner = "GameTec-live"; - repo = "ChameleonUltraGUI"; - sha256 = "1mb6wkqk6vaamrhflfhsgp5gvqiw2qkvmy7j65abcx7sn5990i27"; - rev = "11424abaccb4a010fcbeab9799ae8f675d8afe99"; - }; - - desktopItems = [ - (pkgs.makeDesktopItem { - name = self.pname; - desktopName = "Chameleon Ultra GUI"; - icon = self.pname; - comment = self.meta.description; - - exec = "chameleonultragui"; - terminal = false; - - categories = [ - "Utility" - ]; - }) - ]; - - # path to application within fetched sources - sourceRoot = "source/chameleonultragui"; - - buildInputs = [ - pkgs.imagemagick # creating mipmaps for share/icons - pkgs.yj # converting pubspec.lock yaml->json - ]; - - buildArguments = ["--release"]; - - # source files compile with Flutter >3.29.0 but this - # derivation uses 3.24.0 (so we patch for compatability) - postPatch = let - argbPatch = '' - --- general.dart.old 2025-05-11 15:59:51.812132078 +1000 - +++ general.dart 2025-05-11 15:58:14.755856407 +1000 - @@ -211,7 +211,7 @@ - } - - String colorToHex(Color color) { - - return '#\''${color.toARGB32().toRadixString(16).padLeft(8, '0').substring(2)}'; - + return '#\''${color.value.toRadixString(16).padLeft(8, '0').substring(2)}'; - } - - Color hexToColor(String hex) { - ''; - in '' - # patch source files using Color.toARGB32 method (not defined in Flutter 3.24) - argbPatch="${argbPatch}" - patch lib/helpers/general.dart <(echo "$argbPatch") - ''; - - # installPhase = '' - # runHook preInstall - - # # create mipmaps of desktop logo - # logoOriginal="assets/logo-color-desktop.png" - # for i in 16 32 64 128 256 512; do - # res="$i"x"$i" - # logoOut="$out"/share/icons/hicolor/"$res"/apps - # mkdir -p $logoOut - # ${pkgs.imagemagick}/bin/magick $logoOriginal -resize $res $logoOut/${pname}.png - # done - - # runHook postInstall - # ''; - - # Nix doesn't natively have a fromYAML function (so I made this instead) - pubspecLock = let - appRoot = "${self.src}/chameleonultragui"; - - # when generating patch files use -u flag and then - # make sure to escape all " characters for Nix string - pubspecLockPatch = '' - --- pubspec.lock.bak2025-05-10 15:42:44.287730979 +1000 - +++ pubspec.lock2025-05-10 15:41:23.778480048 +1000 - @@ -5,18 +5,23 @@ - dependency: transitive - description: - name: _fe_analyzer_shared - - sha256: dc27559385e905ad30838356c5f5d574014ba39872d732111cd07ac0beff4c57 - + sha256: f256b0c0ba6c7577c15e2e4e114755640a875e885099367bf6e012b19314c834 - url: \"https://pub.dev\" - source: hosted - - version: \"80.0.0\" - + version: \"72.0.0\" - + _macros: - + dependency: transitive - + description: dart - + source: sdk - + version: \"0.3.2\" - analyzer: - dependency: transitive - description: - name: analyzer - - sha256: \"192d1c5b944e7e53b24b5586db760db934b177d4147c42fbca8c8c5f1eb8d11e\" - + sha256: b652861553cd3990d8ed361f7979dc6d7053a9ac8843fa73820ab68ce5410139 - url: \"https://pub.dev\" - source: hosted - - version: \"7.3.0\" - + version: \"6.7.0\" - archive: - dependency: \"direct main\" - description: - @@ -37,26 +42,26 @@ - dependency: \"direct main\" - description: - name: async - - sha256: d2872f9c19731c2e5f10444b14686eb7cc85c76274bd6c16e1816bff9a3bab63 - + sha256: \"947bfcf187f74dbc5e146c9eb9c0f10c9f8b30743e341481c1e2ed3ecc18c20c\" - url: \"https://pub.dev\" - source: hosted - - version: \"2.12.0\" - + version: \"2.11.0\" - boolean_selector: - dependency: transitive - description: - name: boolean_selector - - sha256: \"8aab1771e1243a5063b8b0ff68042d67334e3feab9e95b9490f9a6ebf73b42ea\" - + sha256: \"6cfb5af12253eaf2b368f07bacc5a80d1301a071c73360d746b7f2e32d762c66\" - url: \"https://pub.dev\" - source: hosted - - version: \"2.1.2\" - + version: \"2.1.1\" - characters: - dependency: transitive - description: - name: characters - - sha256: f71061c654a3380576a52b451dd5532377954cf9dbd272a78fc8479606670803 - + sha256: \"04a925763edad70e8443c99234dc3328f442e811f1d8fd1a72f1c8ad0f69a605\" - url: \"https://pub.dev\" - source: hosted - - version: \"1.4.0\" - + version: \"1.3.0\" - checked_yaml: - dependency: transitive - description: - @@ -77,18 +82,18 @@ - dependency: transitive - description: - name: clock - - sha256: fddb70d9b5277016c77a80201021d40a2247104d9f4aa7bab7157b7e3f05b84b - + sha256: cb6d7f03e1de671e34607e909a7213e31d7752be4fb66a86d29fe1eb14bfb5cf - url: \"https://pub.dev\" - source: hosted - - version: \"1.1.2\" - + version: \"1.1.1\" - collection: - dependency: \"direct main\" - description: - name: collection - - sha256: \"2f5709ae4d3d59dd8f7cd309b4e023046b57d8a6c82130785d2b0e5868084e76\" - + sha256: ee67cb0715911d28db6bf4af1026078bd6f0128b07a5f66fb2ed94ec6783c09a - url: \"https://pub.dev\" - source: hosted - - version: \"1.19.1\" - + version: \"1.18.0\" - convert: - dependency: \"direct main\" - description: - @@ -157,10 +162,10 @@ - dependency: transitive - description: - name: fake_async - - sha256: \"6a95e56b2449df2273fd8c45a662d6947ce1ebb7aafe80e550a3f68297f3cacc\" - + sha256: \"511392330127add0b769b75a987850d136345d9227c6b94c96a04cf4a391bf78\" - url: \"https://pub.dev\" - source: hosted - - version: \"1.3.2\" - + version: \"1.3.1\" - ffi: - dependency: \"direct main\" - description: - @@ -196,11 +201,10 @@ - file_saver: - dependency: \"direct main\" - description: - - path: \".\" - - ref: fix-windows - - resolved-ref: \"3038d74d5560dcca528423fffd745abf31eb88ae\" - - url: \"https://github.com/Foxushka/file_saver.git\" - - source: git - + name: file_saver - + sha256: \"017a127de686af2d2fbbd64afea97052d95f2a0f87d19d25b87e097407bf9c1e\" - + url: \"https://pub.dev\" - + source: hosted - version: \"0.2.14\" - fixnum: - dependency: transitive - @@ -234,11 +238,10 @@ - flutter_libserialport: - dependency: \"direct main\" - description: - - path: \".\" - - ref: main - - resolved-ref: \"6740aae075505a220a98492910b090824efc7910\" - - url: \"https://github.com/NeariX67/flutter_libserialport.git\" - - source: git - + name: flutter_libserialport - + sha256: d193b5ac819db6540d20cc8d20d9f5ec9e3396edb4d2c4a23c97863fa9132336 - + url: \"https://pub.dev\" - + source: hosted - version: \"0.5.0\" - flutter_lints: - dependency: \"direct dev\" - @@ -347,18 +350,18 @@ - dependency: transitive - description: - name: leak_tracker - - sha256: c35baad643ba394b40aac41080300150a4f08fd0fd6a10378f8f7c6bc161acec - + sha256: \"3f87a60e8c63aecc975dda1ceedbc8f24de75f09e4856ea27daf8958f2f0ce05\" - url: \"https://pub.dev\" - source: hosted - - version: \"10.0.8\" - + version: \"10.0.5\" - leak_tracker_flutter_testing: - dependency: transitive - description: - name: leak_tracker_flutter_testing - - sha256: f8b613e7e6a13ec79cfdc0e97638fddb3ab848452eff057653abd3edba760573 - + sha256: \"932549fb305594d82d7183ecd9fa93463e9914e1b67cacc34bc40906594a1806\" - url: \"https://pub.dev\" - source: hosted - - version: \"3.0.9\" - + version: \"3.0.5\" - leak_tracker_testing: - dependency: transitive - description: - @@ -399,14 +402,22 @@ - url: \"https://pub.dev\" - source: hosted - version: \"1.3.0\" - + macros: - + dependency: transitive - + description: - + name: macros - + sha256: \"0acaed5d6b7eab89f63350bccd82119e6c602df0f391260d0e32b5e23db79536\" - + url: \"https://pub.dev\" - + source: hosted - + version: \"0.1.2-main.4\" - matcher: - dependency: transitive - description: - name: matcher - - sha256: dc58c723c3c24bf8d3e2d3ad3f2f9d7bd9cf43ec6feaa64181775e60190153f2 - + sha256: d2323aa2060500f906aa31a895b4030b6da3ebdcc5619d14ce1aada65cd161cb - url: \"https://pub.dev\" - source: hosted - - version: \"0.12.17\" - + version: \"0.12.16+1\" - material_color_utilities: - dependency: transitive - description: - @@ -419,10 +430,10 @@ - dependency: transitive - description: - name: meta - - sha256: e3641ec5d63ebf0d9b41bd43201a66e3fc79a65db5f61fc181f04cd27aab950c - + sha256: bdb68674043280c3428e9ec998512fb681678676b3c54e773629ffe74419f8c7 - url: \"https://pub.dev\" - source: hosted - - version: \"1.16.0\" - + version: \"1.15.0\" - mobile_scanner: - dependency: \"direct main\" - description: - @@ -467,10 +478,10 @@ - dependency: \"direct main\" - description: - name: path - - sha256: \"75cca69d1490965be98c73ceaea117e8a04dd21217b37b292c9ddbec0d955bc5\" - + sha256: \"087ce49c3f0dc39180befefc60fdb4acd8f8620e5682fe2476afd0b3688bb4af\" - url: \"https://pub.dev\" - source: hosted - - version: \"1.9.1\" - + version: \"1.9.0\" - path_provider: - dependency: transitive - description: - @@ -723,15 +734,15 @@ - dependency: transitive - description: flutter - source: sdk - - version: \"0.0.0\" - + version: \"0.0.99\" - source_span: - dependency: transitive - description: - name: source_span - - sha256: \"254ee5351d6cb365c859e20ee823c3bb479bf4a293c22d17a9f1bf144ce86f7c\" - + sha256: \"53e943d4206a5e30df338fd4c6e7a077e02254531b138a15aec3bd143c1a8b3c\" - url: \"https://pub.dev\" - source: hosted - - version: \"1.10.1\" - + version: \"1.10.0\" - sprintf: - dependency: transitive - description: - @@ -744,42 +755,42 @@ - dependency: transitive - description: - name: stack_trace - - sha256: \"8b27215b45d22309b5cddda1aa2b19bdfec9df0e765f2de506401c071d38d1b1\" - + sha256: \"73713990125a6d93122541237550ee3352a2d84baad52d375a4cad2eb9b7ce0b\" - url: \"https://pub.dev\" - source: hosted - - version: \"1.12.1\" - + version: \"1.11.1\" - stream_channel: - dependency: transitive - description: - name: stream_channel - - sha256: \"969e04c80b8bcdf826f8f16579c7b14d780458bd97f56d107d3950fdbeef059d\" - + sha256: ba2aa5d8cc609d96bbb2899c28934f9e1af5cddbd60a827822ea467161eb54e7 - url: \"https://pub.dev\" - source: hosted - - version: \"2.1.4\" - + version: \"2.1.2\" - string_scanner: - dependency: transitive - description: - name: string_scanner - - sha256: \"921cd31725b72fe181906c6a94d987c78e3b98c2e205b397ea399d4054872b43\" - + sha256: \"556692adab6cfa87322a115640c11f13cb77b3f076ddcc5d6ae3c20242bedcde\" - url: \"https://pub.dev\" - source: hosted - - version: \"1.4.1\" - + version: \"1.2.0\" - term_glyph: - dependency: transitive - description: - name: term_glyph - - sha256: \"7f554798625ea768a7518313e58f83891c7f5024f88e46e7182a4558850a4b8e\" - + sha256: a29248a84fbb7c79282b40b8c72a1209db169a2e0542bce341da992fe1bc7e84 - url: \"https://pub.dev\" - source: hosted - - version: \"1.2.2\" - + version: \"1.2.1\" - test_api: - dependency: transitive - description: - name: test_api - - sha256: fb31f383e2ee25fbbfe06b40fe21e1e458d14080e3c67e7ba0acfde4df4e0bbd - + sha256: \"5b8a98dafc4d5c4c9c72d8b31ab2b23fc13422348d2997120294d3bac86b4ddb\" - url: \"https://pub.dev\" - source: hosted - - version: \"0.7.4\" - + version: \"0.7.2\" - typed_data: - dependency: transitive - description: - @@ -855,12 +866,11 @@ - usb_serial: - dependency: \"direct main\" - description: - - path: \".\" - - ref: fix-usbserial - - resolved-ref: \"9fcbacc92bec19ea02d33a40d9f39e45d19cf637\" - - url: \"https://github.com/Foxushka/usbserial.git\" - - source: git - - version: \"0.5.1\" - + name: usb_serial - + sha256: a605a600e34e7f28d4e80851ca3999ef747e42e406138887b8a88b8c382a8b07 - + url: \"https://pub.dev\" - + source: hosted - + version: \"0.5.2\" - uuid: - dependency: \"direct main\" - description: - @@ -881,10 +891,10 @@ - dependency: transitive - description: - name: vm_service - - sha256: \"0968250880a6c5fe7edc067ed0a13d4bae1577fe2771dcf3010d52c4a9d3ca14\" - + sha256: \"5c5f338a667b4c644744b661f309fb8080bb94b18a7e91ef1dbd343bed00ed6d\" - url: \"https://pub.dev\" - source: hosted - - version: \"14.3.1\" - + version: \"14.2.5\" - wakelock_plus: - dependency: \"direct main\" - description: - @@ -958,5 +968,5 @@ - source: hosted - version: \"2.2.1\" - sdks: - - dart: \">=3.7.0-0 <4.0.0\" - + dart: \">=3.5.0 <4.0.0\" - flutter: \">=3.24.0\" - ''; - in - builtins.fromJSON - ( - builtins.readFile (pkgs.runCommand "${self.pname}-buildenv" { - inputs = [ - # DEBUG (both lines commented) - #pkgs.flutter324 # ChameleonUltraGUI requires sdk >3.0.0 - #pkgs.yj - ]; - } '' - # copy source files to a temporary path to rebuild the lockfile - buildPath=$(mktemp -d) - cp -r "${appRoot}/." "$buildPath/" - - outPubspecLock="$buildPath/pubspec.lock" - # MUST define variables to use multiline Nix string in bash scripting - pubspecLockPatch="${pubspecLockPatch}" - - # apply the pubspec.yaml patch and regenerate lock file - # (create a temporary home directory for flutter to play in) - #(cd $buildPath && chmod -R +w . \ - # && patch ./pubspec.yaml <(echo "$pubspecYamlPatch") \ - # && export HOME=$(mktemp -d) \ - # && flutter --disable-analytics \ - # && flutter config --no-cli-animations \ - # && ${pkgs.flutter}/bin/flutter pub get) - - # patch the lockfile - chmod +w $outPubspecLock - patch $outPubspecLock <(echo "$pubspecLockPatch") - - # convert new lockfile to json and return - ${pkgs.yj}/bin/yj < "$buildPath/pubspec.lock" > $out - '') - ); - - # TODO: try this instead of patching - # gitHashes = { - # dartssh2 = "sha256-2pypKwurziwGLZYuGaxlS2lzN3UvJp3bRTvvYYxEqRI="; - # hotkey_manager_linux = "sha256-aO0h94YZvgV/ggVupNw8GjyZsnXrq3qTHRDtuhNv3oI="; - # system_info2 = "sha256-fly7E2vG+bQ/+QGzXk+DYba73RZccltdW2LpZGDKX60="; - # tray_menu = "sha256-riiAiBEms+9ARog8i+MR1fto1Yqx+gwbBWyNbNq6VTM="; - # window_size = "sha256-71PqQzf+qY23hTJvcm0Oye8tng3Asr42E2vfF1nBmVA="; - # xterm = "sha256-h8vIonTPUVnNqZPk/A4ZV7EYCMyM0rrErL9ZOMe4ZBE="; - # }; - - meta = with lib; { - description = "A GUI for the Chameleon Ultra written in Flutter for crossplatform"; - homepage = "https://github.com/GameTec-live/ChameleonUltraGUI"; - license = licenses.gpl3; - maintainers = [maintainers.emileclarkb]; - platforms = platforms.linux; - }; -}) -.overrideAttrs ( - previousAttrs: { - installPhase = - previousAttrs.installPhase - + '' - # create mipmaps of desktop logo - logoOriginal="assets/logo-color-desktop.png" - for i in 16 32 64 128 256 512; do - res="$i"x"$i" - logoOut="$out"/share/icons/hicolor/"$res"/apps - mkdir -p $logoOut - ${pkgs.imagemagick}/bin/magick $logoOriginal -resize $res $logoOut/${previousAttrs.pname}.png - done - ''; - } -) diff --git a/hosts/packages/tundra/README b/hosts/packages/tundra/README deleted file mode 100644 index e44647c..0000000 --- a/hosts/packages/tundra/README +++ /dev/null @@ -1,12 +0,0 @@ -**Tundra** is the name I'm giving my *desktop environment.* -Made primarily with Aylur's Astal library and the Vala -programming language (as an excuse to learn it). - -NOTE: Tundra is designed specifically to work on Hyprland, -I have no idea how it'll interact with other window managers :) - - -##### Meson Notes (temporary) -Setup meson like `meson setup ` ie `meson setup build src`. -Compile meson like `meson compile -C ` where is the relative path to it, -if you're in it already just use `meson compile` otherwise if in project root use `meson compile build`. diff --git a/hosts/packages/tundra/flake.lock b/hosts/packages/tundra/flake.lock deleted file mode 100644 index 85ad9ef..0000000 --- a/hosts/packages/tundra/flake.lock +++ /dev/null @@ -1,62 +0,0 @@ -{ - "nodes": { - "astal": { - "inputs": { - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1745934282, - "narHash": "sha256-hgUd4yUYALHzzoEi/88BnsgrxZIqk+zyQVoI3CL61IU=", - "owner": "aylur", - "repo": "astal", - "rev": "07583deff8a486fad472718572c3248f0fbea1f3", - "type": "github" - }, - "original": { - "owner": "aylur", - "repo": "astal", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1737469691, - "narHash": "sha256-nmKOgAU48S41dTPIXAq0AHZSehWUn6ZPrUKijHAMmIk=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "9e4d5190a9482a1fb9d18adf0bdb83c6e506eaab", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1746663147, - "narHash": "sha256-Ua0drDHawlzNqJnclTJGf87dBmaO/tn7iZ+TCkTRpRc=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "dda3dcd3fe03e991015e9a74b22d35950f264a54", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "root": { - "inputs": { - "astal": "astal", - "nixpkgs": "nixpkgs_2" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/hosts/packages/tundra/flake.nix b/hosts/packages/tundra/flake.nix deleted file mode 100644 index b6e0a36..0000000 --- a/hosts/packages/tundra/flake.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ - inputs = { - nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable"; - astal.url = "github:aylur/astal"; - }; - - outputs = { - self, - nixpkgs, - astal, - }: let - system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; - in { - packages.${system} = { - default = pkgs.stdenv.mkDerivation { - name = "tundra"; - src = ./.; - - nativeBuildInputs = with pkgs; [ - meson - ninja - pkg-config - vala - gobject-introspection - dart-sass - ]; - - buildInputs = [ - astal.packages.${system}.io - astal.packages.${system}.astal3 - astal.packages.${system}.battery - astal.packages.${system}.wireplumber - astal.packages.${system}.network - astal.packages.${system}.tray - astal.packages.${system}.mpris - astal.packages.${system}.hyprland - ]; - }; - }; - }; -} diff --git a/hosts/packages/tundra/src/app.in.vala b/hosts/packages/tundra/src/app.in.vala deleted file mode 100644 index b3da69e..0000000 --- a/hosts/packages/tundra/src/app.in.vala +++ /dev/null @@ -1,31 +0,0 @@ -class App : Astal.Application { - public static App instance; - - public override void request (string msg, SocketConnection conn) { - print(@"$msg\n"); - AstalIO.write_sock.begin(conn, "ok"); - } - - public override void activate () { - foreach (var mon in this.monitors) - add_window(new Bar(mon)); - - apply_css("@STYLE@"); - } - - public static void main(string[] args) { - var instance_name = "vala"; - - App.instance = new App() { - instance_name = instance_name - }; - - try { - App.instance.acquire_socket(); - App.instance.run(null); - } catch (Error err) { - print(AstalIO.send_request(instance_name, string.joinv(" ", args))); - } - } -} - diff --git a/hosts/packages/tundra/src/meson.build b/hosts/packages/tundra/src/meson.build deleted file mode 100644 index 1cc6b10..0000000 --- a/hosts/packages/tundra/src/meson.build +++ /dev/null @@ -1,47 +0,0 @@ -project('tundra', 'vala', 'c') - -bindir = get_option('prefix') / get_option('bindir') -# bindir = './bin' -libdir = get_option('prefix') / get_option('libdir') - -pkgconfig_deps = [ - dependency('glib-2.0'), - dependency('gobject-2.0'), - dependency('gtk+-3.0'), - dependency('libnm'), - dependency('astal-io-0.1'), - dependency('astal-3.0'), - dependency('astal-battery-0.1'), - dependency('astal-wireplumber-0.1'), - dependency('astal-network-0.1'), - dependency('astal-tray-0.1'), - dependency('astal-mpris-0.1'), - dependency('astal-hyprland-0.1'), -] - -# needed for GLib.Math -deps = pkgconfig_deps + meson.get_compiler('c').find_library('m') - -main = configure_file( - input: 'app.in.vala', - output: 'app.vala', - configuration: { - 'STYLE': run_command( - find_program('sass'), - meson.project_source_root() / 'style.scss', - ).stdout(), - }, -) - -sources = files( - 'widget/Bar.vala', -) - -executable( - 'tundra', - [sources, main], - dependencies: deps, - install: true, - install_dir: bindir, -) - diff --git a/hosts/packages/tundra/src/style.scss b/hosts/packages/tundra/src/style.scss deleted file mode 100644 index 5c20382..0000000 --- a/hosts/packages/tundra/src/style.scss +++ /dev/null @@ -1,107 +0,0 @@ -@use "sass:color"; - -$bg: #212223; -$fg: #f1f1f1; -$accent: #378DF7; -$radius: 7px; - -window.Bar { - border: none; - box-shadow: none; - background-color: $bg; - color: $fg; - font-size: 1.1em; - font-weight: bold; - - label { - margin: 0 8px; - } - - .Workspaces { - button { - all: unset; - background-color: transparent; - - &:hover label { - background-color: color.adjust($fg, $alpha: -0.84); - border-color: color.adjust($accent, $alpha: -0.8); - } - - &:active label { - background-color: color.adjust($fg, $alpha: -0.8) - } - } - - label { - transition: 200ms; - padding: 0 8px; - margin: 2px; - border-radius: $radius; - border: 1pt solid transparent; - } - - .focused label { - color: $accent; - border-color: $accent; - } - } - - .SysTray { - margin-right: 8px; - - button { - padding: 0 4px; - } - } - - .FocusedClient { - color: $accent; - } - - .Media .Cover { - min-height: 1.2em; - min-width: 1.2em; - border-radius: $radius; - background-position: center; - background-size: contain; - } - - .Battery label { - padding-left: 0; - margin-left: 0; - } - - .AudioSlider { - * { - all: unset; - } - - icon { - margin-right: .6em; - } - - & { - margin: 0 1em; - } - - trough { - background-color: color.adjust($fg, $alpha: -0.8); - border-radius: $radius; - } - - highlight { - background-color: $accent; - min-height: .8em; - border-radius: $radius; - } - - slider { - background-color: $fg; - border-radius: $radius; - min-height: 1em; - min-width: 1em; - margin: -.2em; - } - } -} - diff --git a/hosts/packages/tundra/src/widget/Bar.vala b/hosts/packages/tundra/src/widget/Bar.vala deleted file mode 100644 index f1ba8eb..0000000 --- a/hosts/packages/tundra/src/widget/Bar.vala +++ /dev/null @@ -1,265 +0,0 @@ -class Workspaces : Gtk.Box { - AstalHyprland.Hyprland hypr = AstalHyprland.get_default(); - public Workspaces() { - Astal.widget_set_class_names(this, {"Workspaces"}); - hypr.notify["workspaces"].connect(sync); - sync(); - } - - void sync() { - foreach (var child in get_children()) - child.destroy(); - - // TODO: create a copy of workspaces - // then create a list of tuples (map id to index in hypr.workspaces) - // then sort new list by id - // then iterate and use index on hypr.workspaces - // NEVERMIND: read `lib/hyprland/hyprland.vala` and see how the - // `_workspaces` property is defined as a HashTable - // basically just extend on that / create a wrapper - // that allows better organisation - - hypr.workspaces.sort((a, b) => { return a.id - b.id; }); - foreach (var ws in hypr.workspaces) { - // filter out special workspaces - if (!(ws.id >= -99 && ws.id <= -2)) { - add(button(ws)); - } - } - } - - Gtk.Button button(AstalHyprland.Workspace ws) { - var btn = new Gtk.Button() { - visible = true, - label = ws.id.to_string() - }; - - hypr.notify["focused-workspace"].connect(() => { - var focused = hypr.focused_workspace == ws; - if (focused) { - Astal.widget_set_class_names(btn, {"focused"}); - } else { - Astal.widget_set_class_names(btn, {}); - } - }); - - btn.clicked.connect(ws.focus); - return btn; - } -} - -class FocusedClient : Gtk.Box { - public FocusedClient() { - Astal.widget_set_class_names(this, {"Focused"}); - AstalHyprland.get_default().notify["focused-client"].connect(sync); - sync(); - } - - void sync() { - foreach (var child in get_children()) - child.destroy(); - - var client = AstalHyprland.get_default().focused_client; - if (client == null) - return; - - var label = new Gtk.Label(client.title) { visible = true }; - client.bind_property("title", label, "label", BindingFlags.SYNC_CREATE); - add(label); - } -} - -class Media : Gtk.Box { - AstalMpris.Mpris mpris = AstalMpris.get_default(); - - public Media() { - Astal.widget_set_class_names(this, {"Media"}); - mpris.notify["players"].connect(sync); - sync(); - } - - void sync() { - foreach (var child in get_children()) - child.destroy(); - - if (mpris.players.length() == 0) { - add(new Gtk.Label("Nothing Playing")); - return; - } - - var player = mpris.players.nth_data(0); - var label = new Gtk.Label(null); - var cover = new Gtk.Box(Gtk.Orientation.HORIZONTAL, 0) { - valign = Gtk.Align.CENTER - }; - - Astal.widget_set_class_names(cover, {"Cover"}); - player.bind_property("metadata", label, "label", BindingFlags.SYNC_CREATE, (_, src, ref trgt) => { - var title = player.title; - var artist = player.artist; - trgt.set_string(@"$artist - $title"); - return true; - }); - - var id = player.notify["cover-art"].connect(() => { - var art = player.cover_art; - Astal.widget_set_css(cover, @"background-image: url('$art')"); - }); - - cover.destroy.connect(() => player.disconnect(id)); - add(cover); - add(label); - } -} - -class SysTray : Gtk.Box { - HashTable items = new HashTable(str_hash, str_equal); - AstalTray.Tray tray = AstalTray.get_default(); - - public SysTray() { - Astal.widget_set_class_names(this, { "SysTray" }); - tray.item_added.connect(add_item); - tray.item_removed.connect(remove_item); - } - - void add_item(string id) { - if (items.contains(id)) - return; - - var item = tray.get_item(id); - var btn = new Gtk.MenuButton() { use_popover = false, visible = true }; - var icon = new Astal.Icon() { visible = true }; - - item.bind_property("tooltip-markup", btn, "tooltip-markup", BindingFlags.SYNC_CREATE); - item.bind_property("gicon", icon, "gicon", BindingFlags.SYNC_CREATE); - item.bind_property("menu-model", btn, "menu-model", BindingFlags.SYNC_CREATE); - btn.insert_action_group("dbusmenu", item.action_group); - item.notify["action-group"].connect(() => { - btn.insert_action_group("dbusmenu", item.action_group); - }); - - btn.add(icon); - add(btn); - items.set(id, btn); - } - - void remove_item(string id) { - if (items.contains(id)) { - items.remove(id); - } - } -} - -class Wifi : Astal.Icon { - public Wifi() { - Astal.widget_set_class_names(this, {"Wifi"}); - var wifi = AstalNetwork.get_default().wifi; - // var wifi = AstalNetwork.get_default().get_wifi(); - if (wifi != null) { - wifi.bind_property("ssid", this, "tooltip-text", BindingFlags.SYNC_CREATE); - wifi.bind_property("icon-name", this, "icon", BindingFlags.SYNC_CREATE); - } - } -} - -class AudioSlider : Gtk.Box { - Astal.Icon icon = new Astal.Icon(); - Astal.Slider slider = new Astal.Slider() { hexpand = true }; - - public AudioSlider() { - add(icon); - add(slider); - Astal.widget_set_class_names(this, {"AudioSlider"}); - Astal.widget_set_css(this, "min-width: 140px"); - - var speaker = AstalWp.get_default().audio.default_speaker; - speaker.bind_property("volume-icon", icon, "icon", BindingFlags.SYNC_CREATE); - speaker.bind_property("volume", slider, "value", BindingFlags.SYNC_CREATE); - slider.dragged.connect(() => speaker.volume = slider.value); - } -} - -class Battery : Gtk.Box { - Astal.Icon icon = new Astal.Icon(); - Astal.Label label = new Astal.Label(); - - public Battery() { - add(icon); - add(label); - Astal.widget_set_class_names(this, {"Battery"}); - - var bat = AstalBattery.get_default(); - bat.bind_property("is-present", this, "visible", BindingFlags.SYNC_CREATE); - bat.bind_property("battery-icon-name", icon, "icon", BindingFlags.SYNC_CREATE); - bat.bind_property("percentage", label, "label", BindingFlags.SYNC_CREATE, (_, src, ref trgt) => { - var p = Math.floor(src.get_double() * 100); - trgt.set_string(@"$p%"); - return true; - }); - } -} - -class Time : Astal.Label { - string format; - AstalIO.Time interval; - - void sync() { - label = new DateTime.now_local().format(format); - } - - public Time(string format = "%H:%M - %A %e.") { - this.format = format; - interval = AstalIO.Time.interval(1000, null); - interval.now.connect(sync); - destroy.connect(interval.cancel); - Astal.widget_set_class_names(this, {"Time"}); - } -} - -class Left : Gtk.Box { - public Left() { - Object(hexpand: true, halign: Gtk.Align.START); - add(new Workspaces()); - add(new FocusedClient()); - } -} - -class Center : Gtk.Box { - public Center() { - add(new Media()); - } -} - -class Right : Gtk.Box { - public Right() { - Object(hexpand: true, halign: Gtk.Align.END); - add(new SysTray()); - add(new Wifi()); - add(new AudioSlider()); - add(new Battery()); - add(new Time()); - } -} - -class Bar : Astal.Window { - public Bar(Gdk.Monitor monitor) { - Object( - anchor: Astal.WindowAnchor.TOP - | Astal.WindowAnchor.LEFT - | Astal.WindowAnchor.RIGHT, - exclusivity: Astal.Exclusivity.EXCLUSIVE, - gdkmonitor: monitor - ); - - Astal.widget_set_class_names(this, {"Bar"}); - - add(new Astal.CenterBox() { - start_widget = new Left(), - center_widget = new Center(), - end_widget = new Right(), - }); - - show_all(); - } -} - diff --git a/hosts/packages/README b/packages/README similarity index 100% rename from hosts/packages/README rename to packages/README diff --git a/hosts/packages/angryoxide/default.nix b/packages/angryoxide/default.nix similarity index 100% rename from hosts/packages/angryoxide/default.nix rename to packages/angryoxide/default.nix diff --git a/hosts/packages/chameleonultragui/TODO b/packages/chameleonultragui/TODO.md similarity index 100% rename from hosts/packages/chameleonultragui/TODO rename to packages/chameleonultragui/TODO.md diff --git a/hosts/packages/chameleonultragui/default.nix b/packages/chameleonultragui/default.nix similarity index 100% rename from hosts/packages/chameleonultragui/default.nix rename to packages/chameleonultragui/default.nix diff --git a/packages/ekphos.nix b/packages/ekphos/default.nix similarity index 100% rename from packages/ekphos.nix rename to packages/ekphos/default.nix diff --git a/hosts/packages/huggingface_hub/flake.nix b/packages/huggingface_hub/flake.nix similarity index 100% rename from hosts/packages/huggingface_hub/flake.nix rename to packages/huggingface_hub/flake.nix diff --git a/hosts/packages/huggingface_hub/hf-xet.nix b/packages/huggingface_hub/hf-xet.nix similarity index 100% rename from hosts/packages/huggingface_hub/hf-xet.nix rename to packages/huggingface_hub/hf-xet.nix diff --git a/hosts/packages/huggingface_hub/huggingface_hub.nix b/packages/huggingface_hub/huggingface_hub.nix similarity index 100% rename from hosts/packages/huggingface_hub/huggingface_hub.nix rename to packages/huggingface_hub/huggingface_hub.nix diff --git a/hosts/packages/x86-manpages/default.nix b/packages/x86-manpages/default.nix similarity index 100% rename from hosts/packages/x86-manpages/default.nix rename to packages/x86-manpages/default.nix From a2192c9341590d82d9647b9abd1989d068967b43 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Sun, 8 Feb 2026 23:41:05 +1000 Subject: [PATCH 116/143] add cerulean compatability --- flake.lock | 200 ++++++++++++++------- flake.nix | 139 +++++++------- homes/me/default.nix | 5 +- homes/modules/editor/helix.nix | 4 +- homes/modules/term/foot.nix | 4 +- hosts/hyrule/default.nix | 13 +- hosts/hyrule/services/minecraft-server.nix | 4 +- hosts/lolcathost/default.nix | 52 +----- hosts/modules/angryoxide.nix | 5 - hosts/modules/apps/rider.nix | 4 +- hosts/modules/chameleonultragui.nix | 5 - hosts/modules/flakes/wishlist/README | 31 ---- hosts/modules/flakes/wishlist/flake.nix | 93 ---------- hosts/modules/flakes/wishlist/wishlist.nix | 99 ---------- hosts/modules/flipperzero.nix | 6 - hosts/modules/langs/dotnet.nix | 6 +- hosts/modules/wishlist.nix | 72 -------- hosts/modules/wishlist.nix.bak | 22 --- hosts/modules/wm/crywl.nix | 117 ------------ hosts/modules/wm/river.nix | 5 - hosts/myputer/default.nix | 6 +- overlays/default.nix | 27 +-- packages/ekphos/default.nix | 8 +- 23 files changed, 239 insertions(+), 688 deletions(-) delete mode 100644 hosts/modules/angryoxide.nix delete mode 100644 hosts/modules/chameleonultragui.nix delete mode 100644 hosts/modules/flakes/wishlist/README delete mode 100644 hosts/modules/flakes/wishlist/flake.nix delete mode 100644 hosts/modules/flakes/wishlist/wishlist.nix delete mode 100644 hosts/modules/flipperzero.nix delete mode 100644 hosts/modules/wishlist.nix delete mode 100644 hosts/modules/wishlist.nix.bak delete mode 100644 hosts/modules/wm/crywl.nix delete mode 100644 hosts/modules/wm/river.nix diff --git a/flake.lock b/flake.lock index ad2b20c..d1deb86 100644 --- a/flake.lock +++ b/flake.lock @@ -1,29 +1,48 @@ { "nodes": { - "colmena": { + "cerulean": { "inputs": { - "flake-compat": "flake-compat", - "flake-utils": "flake-utils", - "nix-github-actions": "nix-github-actions", + "deploy-rs": "deploy-rs", + "mix": "mix", + "nib": "nib", "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-unstable": [ "nixpkgs-unstable" ], - "stable": [ - "nixpkgs" + "systems": [ + "systems" ] }, "locked": { - "lastModified": 1734374287, - "narHash": "sha256-rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc=", - "owner": "zhaofengli", - "repo": "colmena", - "rev": "47b6414d800c8471e98ca072bc0835345741a56a", + "lastModified": 1770552327, + "narHash": "sha256-cVVPdC650MRP4tMSB9EcECUpc0U4HWSZzoQnpEHH0uE=", + "path": "/home/me/agribit/nexus/Cerulean", + "type": "path" + }, + "original": { + "path": "/home/me/agribit/nexus/Cerulean", + "type": "path" + } + }, + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1766051518, + "narHash": "sha256-znKOwPXQnt3o7lDb3hdf19oDo0BLP4MfBOYiWkEHoik=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "d5eff7f948535b9c723d60cd8239f8f11ddc90fa", "type": "github" }, "original": { - "owner": "zhaofengli", - "repo": "colmena", - "rev": "47b6414d800c8471e98ca072bc0835345741a56a", + "owner": "serokell", + "repo": "deploy-rs", "type": "github" } }, @@ -56,11 +75,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", "type": "github" }, "original": { @@ -101,25 +120,6 @@ "type": "github" } }, - "flake-utils": { - "inputs": { - "systems": [ - "systems" - ] - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "id": "flake-utils", - "type": "indirect" - } - }, "grub2-themes": { "inputs": { "nixpkgs": [ @@ -140,6 +140,48 @@ "type": "github" } }, + "mix": { + "inputs": { + "nib": [ + "cerulean", + "nib" + ] + }, + "locked": { + "lastModified": 1768525804, + "narHash": "sha256-jlpNb7Utqfdq2HESAB1mtddWHOsxKlTjPiLFRLd35r8=", + "owner": "emilelcb", + "repo": "mix", + "rev": "617d8915a6518a3d4e375b87c50ae34d9daee6c6", + "type": "github" + }, + "original": { + "owner": "emilelcb", + "repo": "mix", + "type": "github" + } + }, + "nib": { + "inputs": { + "systems": [ + "cerulean", + "systems" + ] + }, + "locked": { + "lastModified": 1768472076, + "narHash": "sha256-bdVRCDy6oJx/CZiyxkke783FgtBW//wDuOAITUsQcNc=", + "owner": "emilelcb", + "repo": "nib", + "rev": "42ac66dfc180a13af1cc8850397db66ec5556991", + "type": "github" + }, + "original": { + "owner": "emilelcb", + "repo": "nib", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1767983141, @@ -156,27 +198,6 @@ "type": "github" } }, - "nix-github-actions": { - "inputs": { - "nixpkgs": [ - "colmena", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1729742964, - "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", - "owner": "nix-community", - "repo": "nix-github-actions", - "rev": "e04df33f62cdcf93d73e9a04142464753a16db67", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nix-github-actions", - "type": "github" - } - }, "nixcord": { "inputs": { "flake-compat": "flake-compat_2", @@ -201,16 +222,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1770536720, - "narHash": "sha256-pbmbaQUuoG+v37b91lqcNcz05YUvVif7iWjIx9lF8R4=", + "lastModified": 1743014863, + "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3c64ab24b22579c833895b6030c9563837e41a70", + "rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-25.05", + "owner": "NixOS", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -246,16 +267,32 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1770536720, + "narHash": "sha256-pbmbaQUuoG+v37b91lqcNcz05YUvVif7iWjIx9lF8R4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3c64ab24b22579c833895b6030c9563837e41a70", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { - "colmena": "colmena", + "cerulean": "cerulean", "dobutterfliescry-net": "dobutterfliescry-net", "grub2-themes": "grub2-themes", "nix-flatpak": "nix-flatpak", "nixcord": "nixcord", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "nixpkgs-unstable": "nixpkgs-unstable", - "systems": "systems" + "systems": "systems_2" } }, "systems": { @@ -272,6 +309,39 @@ "repo": "default", "type": "github" } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 61e3e1d..4534072 100644 --- a/flake.nix +++ b/flake.nix @@ -1,5 +1,5 @@ { - description = "Emile's Nix Dotfiles"; + description = "im gonna cry again ;-;"; inputs = { systems.url = "github:nix-systems/default"; @@ -7,12 +7,18 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; - colmena = { - url = "github:zhaofengli/colmena/?rev=47b6414d800c8471e98ca072bc0835345741a56a"; + home-manager = { + url = "github:nix-community/home-manager/release-25.05"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + cerulean = { + # url = "github:emilelcb/Cerulean"; + url = "/home/me/agribit/nexus/Cerulean"; inputs = { - nixpkgs.follows = "nixpkgs-unstable"; - stable.follows = "nixpkgs"; - flake-utils.inputs.systems.follows = "systems"; + systems.follows = "systems"; + nixpkgs.follows = "nixpkgs"; + nixpkgs-unstable.follows = "nixpkgs-unstable"; }; }; @@ -38,84 +44,63 @@ }; outputs = { - self, - nixpkgs, - nixpkgs-unstable, + cerulean, + home-manager, grub2-themes, - colmena, ... - } @ inputs: let - system = "x86_64-linux"; - - pkgs = import nixpkgs { - inherit system; - config = { - allowUnfree = false; # sanity check - }; + }: let + groups = { + cryde = {}; # oh frick i cried again + server = {}; }; + in + cerulean.mkNexus ./. { + nexus = { + inherit groups; + overlays = import ./overlays; - pkgs-unstable = import nixpkgs-unstable { - inherit system; - config = { - # allowUnfree = true; # TODO: bandaid solution... (for minecraft-server) - allowUnfree = false; - }; - }; - # TODO: come back to this its really cool - # this is just something I'm experimenting with - # ROOT = ./.; - - specialArgs = {inherit inputs pkgs-unstable;}; - in { - devShells."x86_64-linux".default = pkgs.mkShell { - shell = "${pkgs.bash}/bin/bash"; - - packages = with pkgs; [ - # ./script/* dependencies - mkpasswd - ]; - }; - - nixosConfigurations = { - # i be on my puter fr - myputer = nixpkgs.lib.nixosSystem { - # nix passes these to every single module - inherit specialArgs; - - modules = [ - ./hosts/myputer - grub2-themes.nixosModules.default - ]; - }; - - # my laptop 0w0 - lolcathost = nixpkgs.lib.nixosSystem { - inherit specialArgs; - - modules = [ - ./hosts/lolcathost - grub2-themes.nixosModules.default - ]; - }; - }; - - # remote deployment to my servers!! - colmenaHive = colmena.lib.makeHive { - meta = { - nixpkgs = pkgs; - inherit specialArgs; - - # set nixpkgs per server - nodeNixpkgs = { - hyrule = import nixpkgs { + nodes = { + # my laptop <3 :3 + lolcathost = { system = "x86_64-linux"; - config.allowUnfree = false; + groups = [groups.cryde]; + extraModules = [ + home-manager.nixosModules.default + grub2-themes.nixosModules.default + ]; + }; + + # i be on my puter frfr + myputer = { + system = "x86_64-linux"; + groups = [groups.cryde]; + extraModules = [ + home-manager.nixosModules.default + grub2-themes.nixosModules.default + ]; + }; + + # courtesy of aurora <3 + butterfly = { + system = "x86_64-linux"; + groups = [groups.server]; + deploy.ssh.host = "dobutterfliescry.net"; + }; + + # pls dont sue me im broke + hyrule = { + system = "x86_64-linux"; + groups = [groups.server]; + deploy.ssh.host = "hyrule.dobutterfliescry.net"; + }; + + # call me a statistician the way she spreads in my sheets + matcha = { + system = "x86_64-linux"; + groups = [groups.server]; + deploy.ssh.host = "bedroom.dobutterfliescry.net"; }; }; }; - - # meine vps - hyrule = import ./hosts/hyrule; }; - }; } diff --git a/homes/me/default.nix b/homes/me/default.nix index 2c4e918..c9a57cc 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -4,7 +4,7 @@ lib, config, pkgs, - pkgs-unstable, + upkgs, ... } @ args: { imports = [ @@ -16,12 +16,9 @@ ../modules/bat.nix ../modules/editor/helix.nix - (import ../modules/editor/vscode.nix args) ../modules/firefox.nix ../modules/apps/thunderbird.nix - - #../modules/wm/hypr/hypridle.nix ../modules/wm/hypr/hyprlock.nix ../modules/kanshi.nix ../modules/mako.nix diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index 1014cca..4119cc5 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -1,6 +1,6 @@ { pkgs, - pkgs-unstable, + upkgs, ... }: let lsps = { @@ -43,7 +43,7 @@ }; ty = { - pkg = pkgs-unstable.ty; + pkg = upkgs.ty; cmd = "ty"; }; diff --git a/homes/modules/term/foot.nix b/homes/modules/term/foot.nix index 348eefa..8e40209 100644 --- a/homes/modules/term/foot.nix +++ b/homes/modules/term/foot.nix @@ -1,7 +1,7 @@ -{pkgs-unstable, ...}: { +{upkgs, ...}: { programs.foot = { enable = true; - package = pkgs-unstable.foot; + package = upkgs.foot; server.enable = true; diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 459fd4e..beaa81d 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -1,6 +1,6 @@ { pkgs, - pkgs-unstable, + upkgs, ... }: let home-manager = builtins.fetchTarball { @@ -40,17 +40,6 @@ in { keyMap = "us"; }; - # colmena deployment configuration - deployment = { - targetHost = "imbored.dev"; - targetUser = "ae"; - targetPort = 22; - sshOptions = [ - "-A" # forward ssh-agent - ]; - buildOnTarget = false; # build locally then deploy - }; - # super duper minimum grub2 config boot.loader.grub = { enable = true; diff --git a/hosts/hyrule/services/minecraft-server.nix b/hosts/hyrule/services/minecraft-server.nix index 43a4efd..3bdb51c 100644 --- a/hosts/hyrule/services/minecraft-server.nix +++ b/hosts/hyrule/services/minecraft-server.nix @@ -1,11 +1,11 @@ { pkgs, - pkgs-unstable, + upkgs, ... }: { services.minecraft-server = { enable = true; - package = pkgs-unstable.minecraft-server; # use latest version only! + package = upkgs.minecraft-server; # use latest version only! declarative = true; eula = true; diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 1517f52..80b12fd 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -1,37 +1,20 @@ { lib, pkgs, - pkgs-unstable, + upkgs, inputs, config, ... -}: let - home-manager = builtins.fetchTarball { - url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; - sha256 = "07pk5m6mxi666dclaxdwf7xrinifv01vvgxn49bjr8rsbh31syaq"; - }; -in { +}: { imports = [ ./hardware-configuration.nix - (import "${home-manager}/nixos") ../modules/bashistrans.nix ../modules/wm/hyprland.nix - # ../modules/wm/river.nix - ../modules/wm/crywl.nix ../modules/steam.nix ../modules/obsidian.nix - - ../modules/angryoxide.nix - # ../modules/flipperzero.nix - # ../modules/chameleonultragui.nix - - (import ../../overlays/default.nix { - inherit pkgs; - upkgs = pkgs-unstable; - }) ]; nix.settings.experimental-features = [ @@ -41,7 +24,6 @@ in { ]; nixpkgs.config.allowUnfreePredicate = let - vscext = pkgs.vscode-extensions; whitelist = with pkgs; map lib.getName [ discord @@ -53,18 +35,6 @@ in { obsidian gitkraken - - vscode - vscext.ms-dotnettools.csharp - vscext.ms-dotnettools.csdevkit - vscext.github.copilot - vscext.github.copilot-chat - - # XXX: DEBUG - # rider-override - # XXX: DEBUG - - # jetbrains.rider ]; in pkg: builtins.elem (lib.getName pkg) whitelist; @@ -237,7 +207,7 @@ in { home-manager = { users.me = import ../../homes/me; - extraSpecialArgs = {inherit inputs pkgs pkgs-unstable;}; + extraSpecialArgs = {inherit inputs pkgs upkgs;}; sharedModules = []; }; @@ -258,7 +228,6 @@ in { # ---- SYSTEM PACKAGES ----- environment.systemPackages = with pkgs; [ # User Environment - # crywl swww helvum easyeffects @@ -297,7 +266,7 @@ in { hexyl # ASM nasm - (callPackage ../packages/x86-manpages {}) + # x86-manpages # WARNING: cerulean doesn't allow overlays bruh # C Family gcc clang @@ -323,7 +292,7 @@ in { nix-prefetch-git nix-index nix-unit - deploy-rs + deploy-rs.deploy-rs # Python python312 # I use 3.12 since it's in a pretty stable state now @@ -389,20 +358,13 @@ in { # Games prismlauncher # minecraft - pkgs-unstable.olympus # celeste + upkgs.olympus # celeste discord discordo - ekphos + # ekphos # WARNING: cerulean doesnt allow overlays yet ]; programs = { - crywl = { - enable = true; - xwayland.enable = false; - defaultSession = false; - useUnmodifiedDWL = false; - }; - fish.enable = true; nix-ld.enable = true; diff --git a/hosts/modules/angryoxide.nix b/hosts/modules/angryoxide.nix deleted file mode 100644 index ae4faa7..0000000 --- a/hosts/modules/angryoxide.nix +++ /dev/null @@ -1,5 +0,0 @@ -{pkgs, ...}: { - environment.systemPackages = with pkgs; [ - (callPackage ../packages/angryoxide {}) - ]; -} diff --git a/hosts/modules/apps/rider.nix b/hosts/modules/apps/rider.nix index 5a4edce..b484f33 100644 --- a/hosts/modules/apps/rider.nix +++ b/hosts/modules/apps/rider.nix @@ -1,6 +1,6 @@ { pkgs, - pkgs-unstable, + upkgs, dotnetVersions ? [8 9 10], ... }: { @@ -10,7 +10,7 @@ environment.systemPackages = with pkgs; [ # Ensure latest stable Rider version (not necessarily stable on NixOS) - pkgs-unstable.jetbrains.rider + upkgs.jetbrains.rider # NOTE: Blazor requires a Chromium-based browser chromium diff --git a/hosts/modules/chameleonultragui.nix b/hosts/modules/chameleonultragui.nix deleted file mode 100644 index 6999022..0000000 --- a/hosts/modules/chameleonultragui.nix +++ /dev/null @@ -1,5 +0,0 @@ -{pkgs, ...}: { - environment.systemPackages = with pkgs; [ - (callPackage ../packages/chameleonultragui {}) - ]; -} diff --git a/hosts/modules/flakes/wishlist/README b/hosts/modules/flakes/wishlist/README deleted file mode 100644 index 5c662bb..0000000 --- a/hosts/modules/flakes/wishlist/README +++ /dev/null @@ -1,31 +0,0 @@ -#### wishlist.nix -This is a simple Nix flake defining a service from which -wishlist can run automatically. This flake runs wishlist-0.15.1 -and lacks configurability unfortunately. However this was an -intentional choice, allowing wishlist to read from the user's -`~/.ssh/config` file, which can be configured seperately using -the something akin to the follow home-manager snippet: -```nix -programs.ssh = { - enable = true; - addKeysToAgent = "yes"; # always add keys to ssh-agent - - matchBlocks = { - hyrule = { - hostname = "imbored.dev"; - user = "ae"; - port = 22; - identityFile = "/home/me/.ssh/id_hyrule"; - }; - }; -}; - -``` - -This decision was mostly selfish as it was easiest... -But it comes at the cost of not being able to set the -port wishlist listens on. So for now you're stuck with `2222`. - -###### The Future!! (woooowwww) -Create an option for wishlist that is used to construct -the `config.yaml` file diff --git a/hosts/modules/flakes/wishlist/flake.nix b/hosts/modules/flakes/wishlist/flake.nix deleted file mode 100644 index a98561a..0000000 --- a/hosts/modules/flakes/wishlist/flake.nix +++ /dev/null @@ -1,93 +0,0 @@ -{ - inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; - flake-utils.url = "github:numtide/flake-utils"; - }; - - outputs = { - self, - config, - nixpkgs, - lib, - flake-utils, - }: let - cfg = config.services.wishlist; - supportedSystems = ["x86_64-linux" "i686-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin"]; - in { - # TODO: 1. add options (ie one to set whether the server should be enabled), - # 2. create a systemd service - # 3. create a main program - # 4. celibrate - - # TODO: do I need to make this a home-manager option and set the yaml config? - - # define what settings a user can change - options = { - services.wishlist = with lib; { - enable = mkEnableOption "wishlist"; - - port = mkOption { - type = types.port; - default = 2222; - description = "Port to listen on"; - }; - - package = mkOption { - type = types.package; - default = self.packages.${nixpkgs.system}.default; - description = "Package to use"; - }; - }; - }; - - # define a systemd service for wishlist ^_^ - config = lib.mkIf cfg.enable { - systemd.services.wishlist = { - description = "Single entrypoint for multiple SSH endpoints"; - wantedBy = ["multi-user.target"]; - - serviceConfig = { - DynamicUser = "yes"; - ExecStart = "${cfg.package}/bin/wishlist serve"; - Restart = "always"; - RestartSec = "2s"; - }; - }; - }; - - packages = flake-utils.lib.eachSystem supportedSystems ( - system: let - version = "0.15.1"; - #pkgs = nixpkgs.legacyPackages.${system}; - pkgs = import nixpkgs { - inherit system; - config.allowUnfree = false; - }; - #lib = pkgs.lib; - in rec { - defaultPackage = self.packages.${system}.wishlist; - wishlist = pkgs.buildGoModule { - pname = "wishlist"; - inherit version; - meta = with lib; { - description = "Single entrypoint for multiple SSH endpoints"; - homepage = "https://github.com/charmbracelet/wishlist"; - changelog = "https://github.com/charmbracelet/wishlist/releases/tag/v${version}"; - license = licenses.mit; - maintainers = with maintainers; [caarlos0 penguwin]; - mainProgram = "wishlist"; - }; - - src = pkgs.fetchFromGitHub { - owner = "charmbracelet"; - repo = "wishlist"; - rev = "v${version}"; - # rev = "d7f058e115a8b4a4131406d01dde84fb4a8e93c4"; - hash = "53fojA+gdvpSVNjx6QncH16F8/x+lpY5SkNs7obW2XQ="; - }; - vendorSha256 = "0x6rss3fwv2398wrd5kyzkrqaphzvh4ykwfqai9glxm01y6fhxz7"; - }; - } - ); - }; -} diff --git a/hosts/modules/flakes/wishlist/wishlist.nix b/hosts/modules/flakes/wishlist/wishlist.nix deleted file mode 100644 index 1bdb24b..0000000 --- a/hosts/modules/flakes/wishlist/wishlist.nix +++ /dev/null @@ -1,99 +0,0 @@ -# NOTE: Wishlist service fails on nix because of readonly file system -# and it can't find a config file for itself, it needs to write that -# itself I suppose :( -# So: -# 1. Get it to write that file, and -# 2. Allow it to inherit profiles from configured ssh -{ - self, - config, - pkgs, - lib, -}: let - cfg = config.services.wishlist; -in { - options = { - services.wishlist = with lib; { - enable = mkEnableOption "wishlist"; - - name = mkOption { - type = types.str; - default = - }; - - port = mkOption { - type = types.port; - default = 2222; - description = "Port to listen on"; - }; - - #configPath = mkOption { - # type = types.path; - # default = ; - # description = "Path to config file"; - #}; - - package = mkOption { - type = types.package; - default = self.packages.${nixpkgs.system}.default; - description = "Package to use"; - }; - }; - }; - - # define a systemd service for wishlist ^_^ - config = lib.mkIf cfg.enable { - systemd.services.wishlist = { - description = "Single entrypoint for multiple SSH endpoints"; - wantedBy = ["multi-user.target"]; - - serviceConfig = let - wishlistServiceConfig = pkgs.writeText "config.yaml" '' - hello world! - ''; - in { - DynamicUser = "yes"; - ExecStart = "${pkgs.wishlist}/bin/wishlist serve --config ${wishlistServiceConfig}"; - Restart = "always"; - RestartSec = "2s"; - }; - }; - }; - - /* - packages = flake-utils.lib.eachSystem supportedSystems ( - system: let - version = "0.15.1"; - #pkgs = nixpkgs.legacyPackages.${system}; - pkgs = import nixpkgs { - inherit system; - config.allowUnfree = false; - }; - #lib = pkgs.lib; - in rec { - defaultPackage = self.packages.${system}.wishlist; - wishlist = pkgs.buildGoModule { - pname = "wishlist"; - inherit version; - meta = with lib; { - description = "Single entrypoint for multiple SSH endpoints"; - homepage = "https://github.com/charmbracelet/wishlist"; - changelog = "https://github.com/charmbracelet/wishlist/releases/tag/v${version}"; - license = licenses.mit; - maintainers = with maintainers; [caarlos0 penguwin]; - mainProgram = "wishlist"; - }; - - src = pkgs.fetchFromGitHub { - owner = "charmbracelet"; - repo = "wishlist"; - rev = "v${version}"; - # rev = "d7f058e115a8b4a4131406d01dde84fb4a8e93c4"; - hash = "53fojA+gdvpSVNjx6QncH16F8/x+lpY5SkNs7obW2XQ="; - }; - vendorSha256 = "0x6rss3fwv2398wrd5kyzkrqaphzvh4ykwfqai9glxm01y6fhxz7"; - }; - } - ); - */ -} diff --git a/hosts/modules/flipperzero.nix b/hosts/modules/flipperzero.nix deleted file mode 100644 index 7c466ad..0000000 --- a/hosts/modules/flipperzero.nix +++ /dev/null @@ -1,6 +0,0 @@ -{pkgs, ...}: { - environment.systemPackages = with pkgs; [ - # flipper zero desktop app - qflipper - ]; -} diff --git a/hosts/modules/langs/dotnet.nix b/hosts/modules/langs/dotnet.nix index d9c3177..4a42f74 100644 --- a/hosts/modules/langs/dotnet.nix +++ b/hosts/modules/langs/dotnet.nix @@ -1,7 +1,7 @@ { lib, pkgs, - pkgs-unstable, + upkgs, ... }: let dotnetVersions = [8 9 10]; @@ -50,9 +50,9 @@ in { # Mono mono - # NOTE: nixpkgs-unstable uses .NET8 SDK + # NOTE: nixupkgs uses .NET8 SDK # WARNING: nixpkgs-25.05 uses .NET6 SDK (now marked insecure) - pkgs-unstable.msbuild + upkgs.msbuild # .NET Framework Tools/Services omnisharp-roslyn diff --git a/hosts/modules/wishlist.nix b/hosts/modules/wishlist.nix deleted file mode 100644 index 62cc408..0000000 --- a/hosts/modules/wishlist.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - description = "Wishlist: Your SSH directory." - - inputs = { - - }; - - outputs = { - self - }: let - nixosModule = { - config, - lib, - pkgs, - ... - }: { - options.services.wishlist = { - enable = lib.mkEnableOption "Your SSH directory."; - - port = lib.mkOption { - type = lib.types.port; - default = 22; - description = "Port to listen on"; - }; - }; - - config = lib.mkIf config.services.wishlist.enable { - # configure the systemd service - systemd.services.wishlist = { - description = "Your SSH directory."; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - serviceConfig = { - ExecStart = "${self.packages.${pkgs.system}.default}/bin/wishlist"; - Restart = "always"; - Type = "simple"; - DynamicUser = "yes"; - }; - # environment variables - environment = { - - }; - }; - }; - }; - in - (flake-utils.lib.eachDefaultSystem (system: let - gopkg = go-nixpkgs.legacyPackages.${system}; - in { - packages.default = gopkg.buildGoModule ############################ - })) - buildGoModule rec { # is rec necessary? - pname = "wishlist"; - version = "0.15.1" - - src = fetchFromGithub { - owner = "charmbracelet"; - repo = "wishlist"; - rev = "v${version}"; - hash = "0c9g1s8j9znzd1mw61d0klc6sqri0wx6hljibxdwzi3cabfy3ld6"; - }; - - vendorSha256 = lib.fakeSha256; - - meta = with lib; { - homepage = "https://github.com/charmbracelet/wishlist"; - description = "Your SSH directory."; - license = lib.licenses.mit; - maintainers = with lib.maintainers; [ caarlos0 ]; - }; - }; -} diff --git a/hosts/modules/wishlist.nix.bak b/hosts/modules/wishlist.nix.bak deleted file mode 100644 index 3f190ad..0000000 --- a/hosts/modules/wishlist.nix.bak +++ /dev/null @@ -1,22 +0,0 @@ -{lib}: { - buildGoModule rec { # is rec necessary? - pname = "wishlist"; - version = "0.15.1" - - src = fetchFromGithub { - owner = "charmbracelet"; - repo = "wishlist"; - rev = "v${version}"; - hash = "0c9g1s8j9znzd1mw61d0klc6sqri0wx6hljibxdwzi3cabfy3ld6"; - }; - - vendorSha256 = lib.fakeSha256; - - meta = with lib; { - homepage = "https://github.com/charmbracelet/wishlist"; - description = "Your SSH directory."; - license = lib.licenses.mit; - maintainers = with lib.maintainers; [ caarlos0 ]; - }; - }; -} diff --git a/hosts/modules/wm/crywl.nix b/hosts/modules/wm/crywl.nix deleted file mode 100644 index ed719a6..0000000 --- a/hosts/modules/wm/crywl.nix +++ /dev/null @@ -1,117 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config.programs.crywl; -in { - options.programs.crywl = with lib; { - enable = mkEnableOption "CryWL"; - xwayland.enable = mkEnableOption "XWayland"; - defaultSession = mkEnableOption "CryWL as the default login session"; - - # currently DWL 0.7 (also beware I'll barely ever update the original DWL refs) - useUnmodifiedDWL = mkOption { - type = types.bool; - default = false; - description = "Whether to use unmodified DWL source code (latest stable release)"; - }; - }; - - config = lib.mkIf cfg.enable (let - xwaylandEnabled = cfg.xwayland.enable; - defaultSession = cfg.defaultSession; - useUnmodifiedDWL = cfg.useUnmodifiedDWL; - in { - services.displayManager = { - sessionPackages = [ - pkgs.crywl - ]; - - defaultSession = lib.mkIf defaultSession "crywl"; - }; - - environment.systemPackages = [ - pkgs.crywl - ]; - - nixpkgs.overlays = [ - (final: prev: { - crywl = prev.dwl.overrideAttrs (oldAttrs: rec { - pname = "crywl"; - version = "0.1-unstable"; - - src = let - dwl_0_70 = { - rev = "74e45c4014ae7048ecbb76eb6f54034b8b479480"; - hash = "sha256-7SoCITrbMrlfL4Z4hVyPpjB9RrrjLXHP9C5t1DVXBBA="; - }; - crywl_unstable = { - rev = "dc1260d3cfd14e8e5b243ec1d3d56e4b08c8c517"; - hash = "sha256-61R+xBYMzeEn93gLofcj8Y3VbJqW6g7GzCTujpAco90="; - }; - in - pkgs.fetchFromGitea ({ - domain = "forge.imbored.dev"; - owner = "emileclarkb"; - repo = pname; - } - // ( - if useUnmodifiedDWL - then dwl_0_70 - else crywl_unstable - )); - - buildInputs = with pkgs; - [ - libinput - xorg.libxcb - libxkbcommon - pixman - wayland - wayland-protocols - wlroots_0_19 - ] - ++ lib.optionals xwaylandEnabled [ - xorg.libX11 - xorg.xcbutilwm - xwayland - ]; - - makeFlags = - [ - "PKG_CONFIG=${pkgs.stdenv.cc.targetPrefix}pkg-config" - "WAYLAND_SCANNER=wayland-scanner" - "PREFIX=$(out)" - "MANDIR=$(man)/share/man" - ] - ++ lib.optionals xwaylandEnabled [ - ''XWAYLAND="-DXWAYLAND"'' - ''XLIBS="xcb xcb-icccm.pc"'' - ]; - - # Ensure `crywl.desktop` entry is registered - passthru = { - providedSessions = [pname]; - - tests.version = pkgs.testers.testVersion { - package = oldAttrs.finalPackage; - # `dwl -v` emits its version string to stderr and returns 1 - command = "crywl -v 2>&1; return 0"; - }; - }; - - meta = { - homepage = "https://forge.imbored.dev/emileclarkb/crywl"; - description = "Personal fork of DWL"; - license = lib.licenses.gpl3Only; - maintainers = [lib.maintainers.emileclarkb]; - inherit (pkgs.wayland.meta) platforms; - mainProgram = "crywl"; - }; - }); - }) - ]; - }); -} diff --git a/hosts/modules/wm/river.nix b/hosts/modules/wm/river.nix deleted file mode 100644 index 02721cc..0000000 --- a/hosts/modules/wm/river.nix +++ /dev/null @@ -1,5 +0,0 @@ -{...}: { - programs = { - river.enable = true; - }; -} diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 04b31d9..5cb8368 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -1,7 +1,7 @@ { lib, pkgs, - pkgs-unstable, + upkgs, inputs, config, ... @@ -230,7 +230,7 @@ in { home-manager = { users.me = import ../../homes/me; - extraSpecialArgs = {inherit inputs pkgs pkgs-unstable;}; + extraSpecialArgs = {inherit inputs pkgs upkgs;}; sharedModules = []; }; @@ -379,7 +379,7 @@ in { # Games prismlauncher # minecraft - pkgs-unstable.olympus + upkgs.olympus discord ]; diff --git a/overlays/default.nix b/overlays/default.nix index b6445d9..cecd3fc 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,10 +1,17 @@ -{upkgs, ...}: { - nixpkgs.overlays = [ - (self: super: { - ekphos = import ../packages/ekphos.nix { - inherit upkgs; - pkgs = super; - }; - }) - ]; -} +[ + (self: super: { + angry-oxide = import ../packages/angryoxide { + pkgs = super; + inherit + (super) + lib + ; + }; + ekphos = import ../packages/ekphos { + pkgs = super; + }; + x86-manpages = import ../packages/x86-manpages { + pkgs = super; + }; + }) +] diff --git a/packages/ekphos/default.nix b/packages/ekphos/default.nix index bf176d5..8e90cab 100644 --- a/packages/ekphos/default.nix +++ b/packages/ekphos/default.nix @@ -1,14 +1,10 @@ -{ - pkgs, - upkgs, - ... -}: let +{pkgs, ...}: let inherit (pkgs) lib ; in - upkgs.rustPackages.rustPlatform.buildRustPackage { + pkgs.rustPackages.rustPlatform.buildRustPackage { pname = "ekphos"; version = "v0.20.10"; src = pkgs.fetchFromGitHub { From 1de15c45f2d7bb1136f61c244a4580b43ac6800b Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 9 Feb 2026 01:51:30 +1000 Subject: [PATCH 117/143] super massive rewrite --- groups/cryde/default.nix | 140 ++++++ groups/cryde/programs.nix | 27 + groups/cryos/default.nix | 137 ++++++ groups/cryos/programs.nix | 114 +++++ groups/default.nix | 49 ++ groups/server/default.nix | 54 ++ hosts/butterfly/default.nix | 77 +++ hosts/butterfly/hardware-configuration.nix | 37 ++ hosts/butterfly/services/default.nix | 5 + .../services/forgejo.nix | 0 .../services/mailserver.nix | 0 .../services/minecraft-server.nix | 0 hosts/butterfly/services/nginx.nix | 83 ++++ .../services/vaultwarden.nix | 0 hosts/hyrule/default.nix | 121 +---- hosts/hyrule/services/default.nix | 7 + hosts/lolcathost/default.nix | 435 +---------------- hosts/myputer/default.nix | 460 +----------------- .../sddm-theme-corners/default.nix | 0 19 files changed, 746 insertions(+), 1000 deletions(-) create mode 100644 groups/cryde/default.nix create mode 100644 groups/cryde/programs.nix create mode 100644 groups/cryos/default.nix create mode 100644 groups/cryos/programs.nix create mode 100644 groups/default.nix create mode 100644 groups/server/default.nix create mode 100755 hosts/butterfly/default.nix create mode 100644 hosts/butterfly/hardware-configuration.nix create mode 100644 hosts/butterfly/services/default.nix rename hosts/{hyrule => butterfly}/services/forgejo.nix (100%) rename hosts/{hyrule => butterfly}/services/mailserver.nix (100%) rename hosts/{hyrule => butterfly}/services/minecraft-server.nix (100%) create mode 100644 hosts/butterfly/services/nginx.nix rename hosts/{hyrule => butterfly}/services/vaultwarden.nix (100%) create mode 100644 hosts/hyrule/services/default.nix rename hosts/sddm-theme-corners.nix => packages/sddm-theme-corners/default.nix (100%) diff --git a/groups/cryde/default.nix b/groups/cryde/default.nix new file mode 100644 index 0000000..daadfc0 --- /dev/null +++ b/groups/cryde/default.nix @@ -0,0 +1,140 @@ +{ + inputs, + pkgs, + config, + ... +}: { + imports = [ + ./programs.nix + + ../../hosts/modules/bashistrans.nix + ../../hosts/modules/wm/hyprland.nix + ../../hosts/modules/steam.nix + ../../hosts/modules/obsidian.nix + + inputs.nix-flatpak.nixosModules.nix-flatpak + ]; + + boot.loader.grub2-theme = { + enable = true; + # GitHub: vinceliuice/grub2-themes + theme = "whitesur"; # stylish, vimix, or whitesur + footer = true; + customResolution = "1920x1080"; + }; + + services = { + # Set display manager (login screen) + displayManager = { + # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects + sddm = { + enable = true; + wayland.enable = true; # experimental + theme = "corners"; + }; + defaultSession = + "hyprland" + + ( + if config.programs.hyprland.withUWSM == true + then "-uwsm" + else null + ); + }; + + tumbler.enable = true; # Thunar image thumbnail support + gvfs.enable = true; # Thunar mount, trash, and other functionality + }; + + programs = { + zsh.enable = true; + fish.enable = true; + + nix-ld.enable = true; + + neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + configure = { + customRC = '' + set number + set tabstop=4 + set shiftwidth=4 + ''; + }; + }; + + # Thunar also uses: `services.tumbler` & `services.gvfs` + thunar = { + enable = true; + plugins = with pkgs.xfce; [ + thunar-volman # for removable drives (ie USBs) + thunar-archive-plugin # create and extract archives + thunar-media-tags-plugin # change metadata for media files + ]; + }; + + # mozilla's email client + thunderbird.enable = true; + }; + + # ----- FONTS ----- + fonts = { + enableDefaultPackages = true; # no clue what this line does tbh + packages = with pkgs; + [ + geist-font # for my hyprlock theme + # texlive maintains a noto-emoji flake + texlivePackages.noto-emoji + ] + ++ builtins.filter lib.attrsets.isDerivation ( + builtins.attrValues pkgs.nerd-fonts + ); + + # TODO: change my default fonts + fontconfig = { + defaultFonts = { + serif = ["Geist"]; # TODO: package Iosevka Etoile since Iosevka isn't a serif font + sansSerif = ["Geist"]; + monospace = ["Cousine"]; + emoji = ["Noto Emoji"]; + }; + }; + }; + + # ---- ENVIRONMENT VARIABLES ---- + environment = { + sessionVariables = { + # Hint Electrons apps to use Wayland + NIXOS_OZONE_WL = "1"; + }; + systemPackages = with pkgs; [ + (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners + # dependencies for my sddm theme: + # XXX: add these as a buildInput + pkgs.libsForQt5.qt5.qtgraphicaleffects + ]; + }; + + # ------- USERS ------- + users = { + users = { + # literally me fr (personal account) + me = { + isNormalUser = true; + extraGroups = ["wheel" "netdev" "docker"]; + shell = pkgs.bash; + packages = with pkgs; [ + firefox + nitch + starfetch + + colmena-latest + + gitkraken + ]; + }; + }; + }; +} diff --git a/groups/cryde/programs.nix b/groups/cryde/programs.nix new file mode 100644 index 0000000..dbfe31e --- /dev/null +++ b/groups/cryde/programs.nix @@ -0,0 +1,27 @@ +{pkgs, ...}: { + # ---- SYSTEM PACKAGES ----- + environment.systemPackages = with pkgs; [ + # User Environment + swww + helvum + easyeffects + pavucontrol + ani-cli + bluetui + wl-clipboard # clipboard for wayland + hyprpicker # color picker + hyprshot # screenshot utility + wl-screenrec # screen recording utility + qbittorrent # torrenting + signal-desktop + kdePackages.gwenview # image viewer + video-trimmer + + # Games + prismlauncher # minecraft + upkgs.olympus # celeste + discord + discordo + ekphos + ]; +} diff --git a/groups/cryos/default.nix b/groups/cryos/default.nix new file mode 100644 index 0000000..795ed8b --- /dev/null +++ b/groups/cryos/default.nix @@ -0,0 +1,137 @@ +{ + pkgs, + lib, + ... +}: { + imports = [ + ./programs.nix + ]; + + nixpkgs.config.allowUnfreePredicate = let + whitelist = with pkgs; + map lib.getName [ + discord + steam + steamcmd + steam-unwrapped + + winbox + + obsidian + gitkraken + ]; + in + pkg: builtins.elem (lib.getName pkg) whitelist; + + boot.loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot/efi"; + }; + grub = { + efiSupport = true; + device = "nodev"; + # useOSProber = true; + }; + }; + + # Enable initrd hook for virtual console customisation + # aka cool colours when bootting yay!! + console = { + enable = true; + earlySetup = true; # initrd pre hook + keyMap = "us"; + font = "Lat2-Terminus16"; + # ANSI 24-bit color definitions (theme: dracula) + colors = [ + "21222c" + "ff5555" + "50fa7b" + "f1fa8c" + "bd93f9" + "ff79c6" + "8be9fd" + "f8f8f2" + "6272a4" + "ff6e6e" + "69ff94" + "ffffa5" + "d6acff" + "ff92df" + "a4ffff" + "ffffff" + ]; + }; + + hardware = { + graphics = { + enable = true; + enable32Bit = true; + }; + + bluetooth = { + enable = true; + powerOnBoot = true; + }; + }; + + virtualisation.docker.enable = true; + + services = { + # systemd-resolved provides network name resolution + # to local processes via a D-Bus interface. + resolved = { + enable = true; + dnssec = "true"; + domains = ["~."]; + # Use CloudFlare's WARP+ 1.1.1.1 DNS service + fallbackDns = [ + "1.1.1.1#one.one.one.one" + "1.0.0.1#one.one.one.one" + ]; + dnsovertls = "true"; + }; + + # Multimedia Framework + # With backwards compatability for alsa/pulseaudio/jack + pipewire = { + enable = true; + audio.enable = true; + wireplumber.enable = true; + + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; + }; + + security = { + rtkit.enable = true; # I *think* this is for pipewire + sudo.wheelNeedsPassword = lib.mkDefault true; + }; + + # ---- ENVIRONMENT VARIABLES ---- + environment = { + # always install "dev" derivation outputs + extraOutputsToInstall = ["dev" "man"]; + + sessionVariables = { + # folder names with capitalisation look awful! + XDG_DOWNLOAD_DIR = "$HOME/downloads"; + }; + }; + + documentation = { + enable = true; + doc.enable = true; # install /share/doc packages + man.enable = true; # install manpages + info.enable = true; # install GNU info + dev.enable = true; # install docs intended for developers + nixos = { + enable = true; # install NixOS documentation (ie man -k nix, & nixos-help) + options.splitBuild = true; + includeAllModules = false; + }; + }; +} diff --git a/groups/cryos/programs.nix b/groups/cryos/programs.nix new file mode 100644 index 0000000..4b0fc6b --- /dev/null +++ b/groups/cryos/programs.nix @@ -0,0 +1,114 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + # Shell + bash + fish + shellcheck + grc # colorise command outputs + moreutils + + # Systems Emulation + qemu # Fellice Bellard's Quick Emulator + # Binaries + binutils + strace + ltrace + perf-tools # ftrace + perf + radare2 + gdb + hexyl + # ASM + nasm + x86-manpages + # C Family + gcc + clang + clang-tools + gnumake + cmake + + # Rust + cargo + rustc + rustfmt + # Go + go + # Nim + nim + nimble + # Haskell + ghc + ghcid + ormolu + + # Nix + nix-prefetch-git + nix-index + nix-unit + deploy-rs.deploy-rs + + # Python + python312 # I use 3.12 since it's in a pretty stable state now + python314 # also 3.14 for latest features + poetry + # Sage + sageWithDoc # SageMath + HTML Documentation + + # .NET + dotnetCorePackages.dotnet_9.sdk + dotnetCorePackages.dotnet_9.aspnetcore + dotnetCorePackages.dotnet_9.runtime + + openvpn + inetutils + wireguard-tools + + # security tools + rustscan + nmap + dig + gobuster + nth + zap + + httpie + curlie + zoxide + doggo + tldr + btop + eza + yazi + lazygit + ripgrep + viddy # modern `watch` command + timg # terminal image (sixel) viewer + + # Pretty necessary + git + git-filter-repo + brightnessctl + acpi + # upower + vim + powertop + imagemagick + + # "Standard" Unix Commands + file + wget + tree + pstree + zip + unzip + unrar-free + lz4 + man-pages + man-pages-posix + + # Cryptography + gnupg + openssl + libargon2 + ]; +} diff --git a/groups/default.nix b/groups/default.nix new file mode 100644 index 0000000..0dfb8f8 --- /dev/null +++ b/groups/default.nix @@ -0,0 +1,49 @@ +{ + root, + pkgs, + upkgs, + lib, + inputs, + config, + ... +}: { + nix.settings = { + # make wheel group trusted users allows my "ae" user + # to import packages not signed by a trusted key + # (aka super duper easier to remote deploy) + trusted-users = ["root" "@wheel"]; + experimental-features = [ + "nix-command" + "flakes" + "pipe-operators" + ]; + download-buffer-size = 524288000; # 500 MiB + }; + + time.timeZone = lib.mkDefault "Australia/Brisbane"; + + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + users.defaultUserShell = pkgs.bash; + + home-manager = { + users = + config.users.users + |> builtins.attrNames + |> builtins.filter (x: builtins.pathExists (root + "/homes/${x}")) + |> lib.genAttrs (x: import (root + "/homes/${x}")); + + extraSpecialArgs = {inherit inputs pkgs upkgs;}; + }; + + environment.systemPackages = with pkgs; [ + git + vim + wget + tree + ]; +} diff --git a/groups/server/default.nix b/groups/server/default.nix new file mode 100644 index 0000000..4092412 --- /dev/null +++ b/groups/server/default.nix @@ -0,0 +1,54 @@ +{ + lib, + sshPort ? 22, + ... +}: { + networking = { + networkmanager.enable = true; + + # Use CloudFlare's WARP+ 1.1.1.1 DNS service + nameservers = [ + "1.1.1.1" + "1.0.0.1" + ]; + + firewall = { + enable = lib.mkDefault true; + allowedTCPPorts = [ + sshPort + ]; + }; + }; + + security = { + # accept Lets Encrypt's security policy + acme = { + acceptTerms = true; + defaults.email = "them@dobutterfliescry.net"; + }; + + sudo = { + enable = true; + wheelNeedsPassword = true; + }; + # allow SSH keys for passwordless auth + pam = { + enableSSHAgentAuth = true; + services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module + }; + }; + + services = { + openssh = { + enable = true; + ports = [sshPort]; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + # AllowUsers = ["cry"]; # DO NOT ALLOW ALL + UseDns = true; + X11Forwarding = false; + }; + }; + }; +} diff --git a/hosts/butterfly/default.nix b/hosts/butterfly/default.nix new file mode 100755 index 0000000..cc00dd3 --- /dev/null +++ b/hosts/butterfly/default.nix @@ -0,0 +1,77 @@ +{...}: { + imports = [ + ./hardware-configuration.nix + + ./services + ]; + + # super duper minimum grub2 config + boot.loader.grub = { + enable = true; + device = "/dev/vda"; + }; + + networking = { + hostName = "butterfly"; + + firewall = { + allowedTCPPorts = [ + 80 # nginx + # 143 # IMAP4 + 443 # nginx + # 587 # SMTPS + 2222 # forgejo ssh + 2035 # debug (for my job) + # 3000 (INTERNAL) forgejo + # 3306 (INTERNAL) forgejo sqlite3 database + 5000 # debug (for my job) + # 8222 (INTERNAL) vaultwarden + 45000 # minecaft server + ]; + allowedUDPPorts = [ + 54231 # Wireguard + ]; + }; + + # wg-quick.interfaces = { + # wg0 = { + # address = [ + # "10.10.10.4/24" + # ]; + # dns = ["10.10.10.1"]; + # privateKeyFile = "/root/wg_agrivpn_hyrule"; + # peers = [ + # { + # # peer's public key + # publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY="; + + # # choose which traffic to forward + # allowedIPs = [ + # "10.0.51.0/24" + # "10.10.10.0/24" + # ]; + # endpoint = "150.242.34.33:54231"; + # } + # ]; + # }; + # }; + }; + + users = { + users = { + # primary user + cry = { + isNormalUser = true; + home = "/home/cry"; + extraGroups = ["wheel"]; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" + ]; + }; + }; + }; + + virtualisation.docker.enable = true; + + system.stateVersion = "24.11"; # DO NOT MODIFY +} diff --git a/hosts/butterfly/hardware-configuration.nix b/hosts/butterfly/hardware-configuration.nix new file mode 100644 index 0000000..13fe39a --- /dev/null +++ b/hosts/butterfly/hardware-configuration.nix @@ -0,0 +1,37 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "ahci" "sd_mod" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-label/NIXROOT"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/hosts/butterfly/services/default.nix b/hosts/butterfly/services/default.nix new file mode 100644 index 0000000..d6f75e1 --- /dev/null +++ b/hosts/butterfly/services/default.nix @@ -0,0 +1,5 @@ +{...}: { + imports = [ + ./nginx.nix + ]; +} diff --git a/hosts/hyrule/services/forgejo.nix b/hosts/butterfly/services/forgejo.nix similarity index 100% rename from hosts/hyrule/services/forgejo.nix rename to hosts/butterfly/services/forgejo.nix diff --git a/hosts/hyrule/services/mailserver.nix b/hosts/butterfly/services/mailserver.nix similarity index 100% rename from hosts/hyrule/services/mailserver.nix rename to hosts/butterfly/services/mailserver.nix diff --git a/hosts/hyrule/services/minecraft-server.nix b/hosts/butterfly/services/minecraft-server.nix similarity index 100% rename from hosts/hyrule/services/minecraft-server.nix rename to hosts/butterfly/services/minecraft-server.nix diff --git a/hosts/butterfly/services/nginx.nix b/hosts/butterfly/services/nginx.nix new file mode 100644 index 0000000..6d0205d --- /dev/null +++ b/hosts/butterfly/services/nginx.nix @@ -0,0 +1,83 @@ +{ + inputs, + pkgs, + ... +}: { + nixpkgs.overlays = [ + (self: super: { + # in wake of CVE-2022-3602/CVE-2022-3786 + nginxStable = super.nginxStable.override {openssl = pkgs.libressl;}; + }) + inputs.dobutterfliescry-net.overlays.default + ]; + + # simple nginx instance to host static construction page + # TODO: I want sshd and forgejo's ssh server to both be bound to port 22 + # So change sshd to listen on a different address/port (ie 2222 or 127.0.0.3:22, etc) + # and change forgejo to use 127.0.0.2:22 (use port 22, ONLY change loopback address) + services.nginx = { + enable = true; + # XXX: TODO: this should auto use the nginxStable overlay no? + # in wake of CVE-2022-3602/CVE-2022-3786 + # package = pkgs.nginxStable.override {openssl = pkgs.libressl;}; + + recommendedGzipSettings = true; + recommendedZstdSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + # streamConfig = '' + # server { + # listen 127.0.0.1:53 udp reuseport; + # proxy_timeout 20s; + # proxy_pass 192.168.0.1:53535; + # } + # ''; + + virtualHosts = let + localhost = "http://127.0.0.1"; + std = { + # TODO: should I run over QUIC+HTTP3? (experimental) + # quic = true; + # http3 = true; + enableACME = true; + # kTLS = true; # offload TLS to the linux kernel + }; + + vault = + { + forceSSL = true; + locations."/".proxyPass = "${localhost}:8222"; + } + // std; + forge = + { + forceSSL = true; + extraConfig = '' + client_max_body_size 512M; + ''; + locations."/".proxyPass = "${localhost}:3000"; + } + // std; + in { + "dobutterfliescry.net" = + { + default = true; + addSSL = true; # not strictly enforced <3 + # root = "/var/www/cry"; + root = "${pkgs.dobutterfliescry-net}/www"; + # extraConfig = '' + # error_page 404 /custom_404.html; + # ''; + } + // std; + # Route "vault" subdomain to vaultwarden + "vault.imbored.dev" = vault; + # Route "forge" subdomain to forgejo + # TODO: use `forgejo.settings.server.ENABLE_ACME` instead? + # "tearforge.net" = forge; + "forge.dobutterfliescry.net" = forge; + }; + }; +} diff --git a/hosts/hyrule/services/vaultwarden.nix b/hosts/butterfly/services/vaultwarden.nix similarity index 100% rename from hosts/hyrule/services/vaultwarden.nix rename to hosts/butterfly/services/vaultwarden.nix diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index beaa81d..6684f58 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -1,45 +1,10 @@ -{ - pkgs, - upkgs, - ... -}: let - home-manager = builtins.fetchTarball { - url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; - sha256 = "07pk5m6mxi666dclaxdwf7xrinifv01vvgxn49bjr8rsbh31syaq"; - }; -in { +{pkgs, ...}: { imports = [ ./hardware-configuration.nix - (import "${home-manager}/nixos") - ./services/forgejo.nix - ./services/vaultwarden.nix - ./services/nginx.nix - # ./mailserver.nix # TEMP: location - # ./minecraft-server.nix # TEMP: location - - ../modules/bashistrans.nix + ./services ]; - nix.settings = { - # make wheel group trusted users allows my "ae" user - # to import packages not signed by a trusted key - # (aka super duper easier to remote deploy) - trusted-users = ["root" "@wheel"]; - experimental-features = [ - "nix-command" - "flakes" - ]; - }; - - time.timeZone = "Australia/Brisbane"; - - i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - }; - # super duper minimum grub2 config boot.loader.grub = { enable = true; @@ -48,29 +13,10 @@ in { networking = { hostName = "hyrule"; - networkmanager.enable = true; - - # Use CloudFlare's WARP+ 1.1.1.1 DNS service - nameservers = [ - "1.1.1.1" - "1.0.0.1" - ]; - firewall = { - enable = true; allowedTCPPorts = [ - 22 # sshd 80 # nginx - # 143 # IMAP4 443 # nginx - # 587 # SMTPS - 2222 # forgejo ssh - 2035 # debug (for my job) - # 3000 (INTERNAL) forgejo - # 3306 (INTERNAL) forgejo sqlite3 database - 5000 # debug (for my job) - # 8222 (INTERNAL) vaultwarden - 45000 # minecaft server ]; allowedUDPPorts = [ 54231 # Wireguard @@ -102,11 +48,9 @@ in { }; users = { - defaultUserShell = pkgs.bash; - users = { # primary user - ae = { + cry = { isNormalUser = true; extraGroups = ["wheel"]; shell = pkgs.bash; @@ -115,16 +59,6 @@ in { ]; }; - # TODO: reduce security implications of subspace - subspace = { - isNormalUser = true; - shell = pkgs.bash; - home = "/home/subspace"; - packages = with pkgs; [ - wishlist - ]; - }; - friends = { isNormalUser = true; shell = pkgs.fish; @@ -135,54 +69,5 @@ in { virtualisation.docker.enable = true; - home-manager = { - users = { - ae = import ../../homes/ae; - subspace = import ../../homes/subspace; - }; - }; - - services = { - openssh = { - enable = true; - ports = [22]; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "no"; - AllowUsers = ["ae" "subspace"]; # DO NOT ALLOW ALL - UseDns = true; - X11Forwarding = false; - }; - }; - }; - - security = { - # accept Lets Encrypt's security policy (for nginx) - acme = { - acceptTerms = true; - # TODO: change this to me@imbored.dev - defaults.email = "eclarkboman@gmail.com"; - }; - - sudo = { - enable = true; - wheelNeedsPassword = true; - }; - # allow SSH keys for passwordless auth - # TODO: DO NOT USE THIS (create my own alternative to colmena) - pam = { - enableSSHAgentAuth = true; - services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module - }; - }; - - environment.systemPackages = with pkgs; [ - eza - git - vim - helix - tcpdump - ]; - system.stateVersion = "24.11"; # DO NOT MODIFY } diff --git a/hosts/hyrule/services/default.nix b/hosts/hyrule/services/default.nix new file mode 100644 index 0000000..1f3c874 --- /dev/null +++ b/hosts/hyrule/services/default.nix @@ -0,0 +1,7 @@ +{...}: { + imports = [ + ./services/forgejo.nix + ./services/vaultwarden.nix + ./services/nginx.nix + ]; +} diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index 80b12fd..b0d87f8 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -1,451 +1,20 @@ -{ - lib, - pkgs, - upkgs, - inputs, - config, - ... -}: { +{...}: { imports = [ ./hardware-configuration.nix - - ../modules/bashistrans.nix - - ../modules/wm/hyprland.nix - - ../modules/steam.nix - ../modules/obsidian.nix ]; - nix.settings.experimental-features = [ - "nix-command" - "flakes" - "pipe-operators" - ]; - - nixpkgs.config.allowUnfreePredicate = let - whitelist = with pkgs; - map lib.getName [ - discord - steam - steamcmd - steam-unwrapped - - winbox - - obsidian - gitkraken - ]; - in - pkg: builtins.elem (lib.getName pkg) whitelist; - - boot.loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot/efi"; - }; - grub = { - efiSupport = true; - device = "nodev"; - useOSProber = false; - }; - # GitHub: vinceliuice/grub2-themes - grub2-theme = { - enable = true; - theme = "whitesur"; # stylish, vimix, or whitesur - footer = true; - customResolution = "1920x1080"; - }; - }; - - time.timeZone = "Australia/Brisbane"; - i18n.defaultLocale = "en_US.UTF-8"; # internationalisation - - # Enable initrd hook for virtual console customisation - # aka cool colours when bootting yay!! - console = { - enable = true; - earlySetup = true; # initrd pre hook - keyMap = "us"; - font = "Lat2-Terminus16"; - # ANSI 24-bit color definitions (theme: dracula) - colors = [ - "21222c" - "ff5555" - "50fa7b" - "f1fa8c" - "bd93f9" - "ff79c6" - "8be9fd" - "f8f8f2" - "6272a4" - "ff6e6e" - "69ff94" - "ffffa5" - "d6acff" - "ff92df" - "a4ffff" - "ffffff" - ]; - }; - - # ----- NETWORKING ----- - networking = { - hostName = "lolcathost"; - networkmanager.enable = true; - - firewall.enable = false; - - # Use CloudFlare's WARP+ 1.1.1.1 DNS service - nameservers = [ - "1.1.1.1#one.one.one.one" - "1.0.0.1#one.one.one.one" - ]; - }; + networking.hostName = "lolcathost"; # ----- SERVICES ----- services = { - # systemd-resolved provides network name resolution - # to local processes via a D-Bus interface. - resolved = { - enable = true; - dnssec = "true"; - domains = ["~."]; - # Use CloudFlare's WARP+ 1.1.1.1 DNS service - fallbackDns = [ - "1.1.1.1#one.one.one.one" - "1.0.0.1#one.one.one.one" - ]; - dnsovertls = "true"; - }; - - # Set display manager (login screen) - displayManager = { - # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects - sddm = { - enable = true; - wayland.enable = true; # experimental - theme = "corners"; - }; - defaultSession = - "hyprland" - + ( - if config.programs.hyprland.withUWSM == true - then "-uwsm" - else null - ); - }; - # dbus = { # # NOTE: programs.uwsm.enable sets implementation to dbus-broker, # # NOTE: however this seems to break dbus # implementation = lib.mkForce "dbus"; # }; - # Multimedia Framework - # With backwards compatability for alsa/pulseaudio/jack - pipewire = { - enable = true; - audio.enable = true; - wireplumber.enable = true; - - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - # Touchpad support libinput.enable = true; - - tumbler.enable = true; # Thunar image thumbnail support - gvfs.enable = true; # Thunar mount, trash, and other functionality - }; - security.rtkit.enable = true; # I *think* this is for pipewire - - # ------- USERS ------- - users = { - # Using fish as the login shell tends to go very poorly because it isn't - # POSIX compliant, so we default the login shell to Bash instead :) - defaultUserShell = pkgs.bash; - - users = { - # literally me fr (personal account) - me = { - isNormalUser = true; - extraGroups = ["wheel" "netdev" "docker"]; - shell = pkgs.bash; - packages = let - # TODO: can I just do this: https://nix.dev/manual/nix/2.18/command-ref/new-cli/nix3-flake#url-like-syntax - # instead to use colmena's flake.nix by specifying a rev hash in the flake input? - colmena-src = pkgs.fetchFromGitHub { - owner = "zhaofengli"; - repo = "colmena"; - rev = "47b6414d800c8471e98ca072bc0835345741a56a"; - sha256 = "rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc="; - }; - colmena-latest = pkgs.callPackage "${colmena-src}/package.nix" {}; - in - with pkgs; [ - firefox - nitch - starfetch - - colmena-latest - - gitkraken - ]; - }; - - # user for friends to ssh into - friends = { - isNormalUser = true; - shell = pkgs.fish; - }; - }; - }; - - home-manager = { - users.me = import ../../homes/me; - extraSpecialArgs = {inherit inputs pkgs upkgs;}; - sharedModules = []; - }; - - # ---- ENVIRONMENT VARIABLES ---- - environment = { - # always install "dev" derivation outputs - extraOutputsToInstall = ["dev" "man"]; - - sessionVariables = { - # folder names with capitalisation look awful! - XDG_DOWNLOAD_DIR = "$HOME/downloads"; - - # Hint Electrons apps to use Wayland - NIXOS_OZONE_WL = "1"; - }; - }; - - # ---- SYSTEM PACKAGES ----- - environment.systemPackages = with pkgs; [ - # User Environment - swww - helvum - easyeffects - pavucontrol - ani-cli - bluetui - wl-clipboard # clipboard for wayland - hyprpicker # color picker - hyprshot # screenshot utility - wl-screenrec # screen recording utility - qbittorrent # torrenting - signal-desktop - video-trimmer - - (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners - # dependencies for my sddm theme: - pkgs.libsForQt5.qt5.qtgraphicaleffects - - # Shell - bash - fish - elvish # reference for crysh development - shellcheck - grc # colorise command outputs - moreutils - - # Systems Emulation - qemu # Fellice Bellard's Quick Emulator - # Binaries - binutils - strace - ltrace - perf-tools # ftrace + perf - radare2 - gdb - hexyl - # ASM - nasm - # x86-manpages # WARNING: cerulean doesn't allow overlays bruh - # C Family - gcc - clang - clang-tools - gnumake - cmake - - # Rust - cargo - rustc - rustfmt - # Go - go - # Nim - nim - nimble - # Haskell - ghc - ghcid - ormolu - - # Nix - nix-prefetch-git - nix-index - nix-unit - deploy-rs.deploy-rs - - # Python - python312 # I use 3.12 since it's in a pretty stable state now - python314 # also 3.14 for latest features - poetry - # Sage - sageWithDoc # SageMath + HTML Documentation - - # .NET - dotnetCorePackages.dotnet_9.sdk - dotnetCorePackages.dotnet_9.aspnetcore - dotnetCorePackages.dotnet_9.runtime - - openvpn - inetutils - - # security tools - rustscan - nmap - dig - gobuster - nth - zap - - httpie - curlie - zoxide - doggo - tldr - btop - eza - yazi - lazygit - ripgrep - viddy # modern `watch` command - timg # terminal image (sixel) viewer - - # Pretty necessary - git - git-filter-repo - brightnessctl - acpi - # upower - vim - powertop - imagemagick - - # "Standard" Unix Commands - file - wget - tree - pstree - unzip - unrar-free - lz4 - man-pages - man-pages-posix - - # Cryptography - gnupg - openssl - libargon2 - - # Games - prismlauncher # minecraft - upkgs.olympus # celeste - discord - discordo - # ekphos # WARNING: cerulean doesnt allow overlays yet - ]; - - programs = { - fish.enable = true; - - nix-ld.enable = true; - - # Thunar also uses: `services.tumbler` & `services.gvfs` - thunar = { - enable = true; - plugins = with pkgs.xfce; [ - thunar-volman # for removable drives (ie USBs) - thunar-archive-plugin # create and extract archives - thunar-media-tags-plugin # change metadata for media files - ]; - }; - - # mozilla's email client - thunderbird.enable = true; - }; - - # ----- FONTS ----- - fonts = { - enableDefaultPackages = true; # no clue what this line does tbh - packages = with pkgs; - [ - #(nerdfonts.override { - # fonts = [ - # "Cousine" - # "Iosevka" - # "JetBrainsMono" - # ]; - # }) - - geist-font # for my hyprlock theme - # texlive maintains a noto-emoji flake - texlivePackages.noto-emoji - ] - ++ builtins.filter lib.attrsets.isDerivation ( - builtins.attrValues pkgs.nerd-fonts - ); - - # TODO: change my default fonts - fontconfig = { - defaultFonts = { - serif = ["Geist"]; # TODO: package Iosevka Etoile since Iosevka isn't a serif font - sansSerif = ["Geist"]; - monospace = ["Cousine"]; - emoji = ["Noto Emoji"]; - }; - }; - }; - - documentation = { - enable = true; - doc.enable = true; # install /share/doc packages - man.enable = true; # install manpages - info.enable = true; # install GNU info - dev.enable = true; # install docs intended for developers - nixos = { - enable = true; # install NixOS documentation (ie man -k nix, & nixos-help) - options.splitBuild = true; - # includeAllModules = true; - }; - }; - - virtualisation.docker.enable = true; - - hardware = { - graphics = { - enable = true; - enable32Bit = true; - }; - - # opengl = { - # enable = true; - # driSupport = true; - # driSupport32Bit = true; - # } - - bluetooth = { - enable = true; - powerOnBoot = true; - }; }; # DO NOT MODIFY diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 5cb8368..cd0d683 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -1,139 +1,16 @@ { - lib, pkgs, upkgs, - inputs, - config, ... -}: let - home-manager = builtins.fetchTarball { - url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; - sha256 = "0q3lv288xlzxczh6lc5lcw0zj9qskvjw3pzsrgvdh8rl8ibyq75s"; - }; -in { +}: { imports = [ ./hardware-configuration.nix - (import "${home-manager}/nixos") - - ../modules/bashistrans.nix - - ../modules/wm/hyprland.nix - - ../modules/steam.nix - - ../modules/obsidian.nix - ../modules/apps/rider.nix - ../modules/apps/winbox.nix - - #../modules/flipperzero.nix - #../modules/chameleonultragui.nix - - inputs.nix-flatpak.nixosModules.nix-flatpak ]; - nix.settings = { - experimental-features = [ - "flakes" - "nix-command" - "pipe-operators" - ]; - download-buffer-size = 524288000; # 500 MiB - }; - # nixpkgs.overlays = [ - # (self: super: { - # jdk17 = super.jdk17.override (prev: { - # enableJavaFX = true; - # }); - # }) - # ]; - - nixpkgs.config.allowUnfreePredicate = let - vscext = pkgs.vscode-extensions; - whitelist = with pkgs; - map lib.getName [ - discord - steam - steamcmd - steam-unwrapped - - winbox - - obsidian - gitkraken - - vscode - vscext.ms-dotnettools.csharp - vscext.ms-dotnettools.csdevkit - vscext.github.copilot - vscext.github.copilot-chat - - # XXX: DEBUG - # rider-override - # XXX: DEBUG - - # jetbrains.rider - ]; - in - pkg: builtins.elem (lib.getName pkg) whitelist; - - boot.loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot/efi"; - }; - grub = { - efiSupport = true; - device = "nodev"; - # useOSProber = true; - }; - # GitHub: vinceliuice/grub2-themes - grub2-theme = { - enable = true; - theme = "whitesur"; # stylish, vimix, or whitesur - footer = true; - # TODO: switch my cables to switch default grub display - customResolution = "3840x2160"; - }; - }; - - time.timeZone = "Australia/Brisbane"; - i18n.defaultLocale = "en_US.UTF-8"; # internationalisation - - # Enable initrd hook for virtual console customisation - # aka cool colours when bootting yay!! - console = { - enable = true; - earlySetup = true; # initrd pre hook - keyMap = "us"; - font = "Lat2-Terminus16"; - # ANSI 24-bit color definitions (theme: dracula) - colors = [ - "21222c" - "ff5555" - "50fa7b" - "f1fa8c" - "bd93f9" - "ff79c6" - "8be9fd" - "f8f8f2" - "6272a4" - "ff6e6e" - "69ff94" - "ffffa5" - "d6acff" - "ff92df" - "a4ffff" - "ffffff" - ]; - }; - - # ----- NETWORKING ----- networking = { hostName = "myputer"; - networkmanager.enable = true; firewall = { - enable = true; allowedTCPPorts = [ 22 # SSH 80 # HTTP @@ -147,239 +24,40 @@ in { # ----- SERVICES ----- services = { flatpak.enable = true; - - # Set display manager (login screen) - displayManager = { - # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects - sddm = { - enable = true; - wayland.enable = true; # experimental - theme = "corners"; - }; - defaultSession = - "hyprland" - + ( - if config.programs.hyprland.withUWSM - then "-uwsm" - else null - ); - }; - - # Multimedia Framework - # With backwards compatability for alsa/pulseaudio/jack - pipewire = { - enable = true; - wireplumber.enable = true; - - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - - tumbler.enable = true; # Thunar image thumbnail support - gvfs.enable = true; # Thunar mount, trash, and other functionality }; - security.rtkit.enable = true; # I *think* this is for pipewire # ------- USERS ------- security.sudo.wheelNeedsPassword = false; users = { - # Using fish as the login shell tends to go very poorly because it isn't - # POSIX compliant, so we default the login shell to Bash instead :) - defaultUserShell = pkgs.bash; - users = { # just me fr (personal account) me = { isNormalUser = true; extraGroups = ["wheel" "netdev" "docker"]; shell = pkgs.bash; - packages = let - # TODO: can I just do this: https://nix.dev/manual/nix/2.18/command-ref/new-cli/nix3-flake#url-like-syntax - # instead to use colmena's flake.nix by specifying a rev hash in the flake input? - colmena-src = pkgs.fetchFromGitHub { - owner = "zhaofengli"; - repo = "colmena"; - rev = "47b6414d800c8471e98ca072bc0835345741a56a"; - sha256 = "rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc="; - }; - colmena-latest = pkgs.callPackage "${colmena-src}/package.nix" {}; - in - with pkgs; [ - firefox - nitch - starfetch + packages = with pkgs; [ + firefox + nitch + starfetch - colmena-latest + colmena-latest - gitkraken - # NOTE: downloadthing this causes my PC to freak!! ("too many open files" error) - #keyguard # bitwarden client app - ]; + gitkraken + # NOTE: downloadthing this causes my PC to freak!! ("too many open files" error) + #keyguard # bitwarden client app + ]; }; - - # user for my professional jobs and stuff - ae = { - isNormalUser = true; - extraGroups = ["wheel"]; - shell = pkgs.bash; - }; - }; - }; - - home-manager = { - users.me = import ../../homes/me; - extraSpecialArgs = {inherit inputs pkgs upkgs;}; - sharedModules = []; - }; - - # ---- ENVIRONMENT VARIABLES ---- - environment = { - # always install "dev" derivation outputs - extraOutputsToInstall = ["dev" "man"]; - - sessionVariables = { - # folder names with capitalisation look awful! - XDG_DOWNLOAD_DIR = "$HOME/downloads"; - - # Hint Electrons apps to use Wayland - NIXOS_OZONE_WL = "1"; }; }; # ---- SYSTEM PACKAGES ----- environment.systemPackages = with pkgs; [ # User Environment - swww - helvum - easyeffects - pavucontrol - ani-cli - bluetui - wl-clipboard # clipboard for wayland - hyprpicker # color picker - hyprshot # screenshot utility - qbittorrent - signal-desktop - kdePackages.gwenview # image viewer libreoffice - # TEST: WARNING - # ospd-openvas - # openvas-scanner - # openvas-smb - - (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners - # dependencies for my sddm theme: - pkgs.libsForQt5.qt5.qtgraphicaleffects - - # Shell - bash - fish - shellcheck - grc # colorise command outputs - moreutils - - # Systems Programming & Compilation - qemu # Fellice Bellard's Quick Emulator - # GNU Utils - gnumake - # Binaries - binutils - strace - ltrace - perf-tools # ftrace + perf - radare2 - gdb - # ASM - nasm - (callPackage ../packages/x86-manpages {}) - # C Family - gcc - clang - clang-tools - - # Rust - cargo - rustc - # Go - go - # Nim - nim - nimble - # Haskell - ghc - ghcid - ormolu - - # Java - visualvm - - # Python - python312 # I use 3.12 since it's in a pretty stable state now - python314 # also 3.14 for latest features - poetry - # Sage - sageWithDoc # SageMath + HTML Documentation - - openvpn - inetutils - - # security tools - rustscan - nmap - dig - gobuster - nth - zap - wireguard-tools - - httpie - curlie - zoxide - doggo - tldr - # btop - eza - yazi - lazygit - ripgrep - viddy # modern `watch` command - - deploy-rs - - tesseract # for my work with Agribit - - # Pretty necessary - git - git-filter-repo - nix-prefetch-git - brightnessctl - acpi - vim - powertop - imagemagick - - # "Standard" Unix Commands - file - wget - tree - pstree - unzip - unrar-free - lz4 - man-pages - man-pages-posix - - # Cryptography - gnupg - openssl - libargon2 - # Games prismlauncher # minecraft - upkgs.olympus + upkgs.olympus # CELESTE!! <3 :3 discord ]; @@ -399,122 +77,6 @@ in { # ]; #}; - programs = { - zsh.enable = true; - fish.enable = true; - - nix-ld.enable = true; - - neovim = { - enable = true; - defaultEditor = true; - viAlias = true; - vimAlias = true; - configure = { - customRC = '' - set number - set tabstop=4 - set shiftwidth=4 - ''; - }; - }; - - # Thunar also (optionally) requires: `services.tumbler` & `services.gvfs` - thunar = { - enable = true; - plugins = with pkgs.xfce; [ - thunar-volman # for removable drives (ie USBs) - thunar-archive-plugin # create and extract archives - thunar-media-tags-plugin # change metadata for media files - ]; - }; - - # mozilla's email client - thunderbird.enable = true; - - java = let - # XXX: WARNING: TEST :WARNING: XXX - # Test for CrazyCraft VoidLauncher - myjdk = pkgs.jdk17.override { - enableJavaFX = true; - # openjfx_jdk = pkgs.openjfx17.override {withWebKit = true;}; - }; - in { - enable = true; - package = myjdk; - }; - }; - - # ----- FONTS ----- - fonts = { - enableDefaultPackages = true; # no clue what this line does tbh - packages = with pkgs; - [ - # (nerdfonts.override { - # fonts = [ - # "Cousine" # its ok i guess - # "Iosevka" # nah nah - # "IosevkaTerm" # big nah - # "CascadiaCode" # potential - # "FiraCode" # potential - # "JetBrainsMono" # for my rofi theme - # "Hasklig" - # "Hack" - # ]; - # }) - - geist-font # for my hyprlock theme - # texlive maintains a noto-emoji flake - texlivePackages.noto-emoji - ] - ++ builtins.filter lib.attrsets.isDerivation ( - builtins.attrValues pkgs.nerd-fonts - ); - - # TODO: change my default fonts - fontconfig = { - defaultFonts = { - serif = ["Iosevka"]; - sansSerif = ["Iosevka "]; - monospace = ["Cousine"]; - emoji = ["Noto Emoji"]; - }; - }; - }; - - documentation = { - enable = true; - doc.enable = true; # install /share/doc packages - man.enable = true; # install manpages - info.enable = true; # install GNU info - dev.enable = true; # install docs intended for developers - nixos = { - enable = true; # install NixOS documentation (ie man -k nix, & nixos-help) - options.splitBuild = true; - # includeAllModules = true; - }; - }; - - virtualisation.docker.enable = true; - - hardware = { - graphics = { - enable = true; - enable32Bit = true; - }; - - # opengl = { - # enable = true; - # driSupport = true; - # driSupport32Bit = true; - # } - - bluetooth = { - enable = true; - powerOnBoot = true; - }; - }; - # DO NOT MODIFY system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/hosts/sddm-theme-corners.nix b/packages/sddm-theme-corners/default.nix similarity index 100% rename from hosts/sddm-theme-corners.nix rename to packages/sddm-theme-corners/default.nix From d7850a7acccdd0a8b3f12d342f965e2f9d0b0605 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 9 Feb 2026 09:43:37 +1000 Subject: [PATCH 118/143] use NixTypes system --- flake.lock | 194 +++++++++++++++++++++++++++++++++++++++++++---------- flake.nix | 12 +++- 2 files changed, 166 insertions(+), 40 deletions(-) diff --git a/flake.lock b/flake.lock index d1deb86..3b22954 100644 --- a/flake.lock +++ b/flake.lock @@ -3,21 +3,22 @@ "cerulean": { "inputs": { "deploy-rs": "deploy-rs", - "mix": "mix", - "nib": "nib", "nixpkgs": [ "nixpkgs" ], "nixpkgs-unstable": [ "nixpkgs-unstable" ], + "nt": [ + "nt" + ], "systems": [ "systems" ] }, "locked": { - "lastModified": 1770552327, - "narHash": "sha256-cVVPdC650MRP4tMSB9EcECUpc0U4HWSZzoQnpEHH0uE=", + "lastModified": 1770594166, + "narHash": "sha256-ijsAdvC9/0873gCkqNpTjUDl+Gk8oKovgvpnnQfA+/A=", "path": "/home/me/agribit/nexus/Cerulean", "type": "path" }, @@ -120,6 +121,28 @@ "type": "github" } }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "nt", + "nix-unit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1762440070, + "narHash": "sha256-xxdepIcb39UJ94+YydGP221rjnpkDZUlykKuF54PsqI=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "26d05891e14c88eb4a5d5bee659c0db5afb609d8", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "grub2-themes": { "inputs": { "nixpkgs": [ @@ -140,45 +163,24 @@ "type": "github" } }, - "mix": { + "home-manager": { "inputs": { - "nib": [ - "cerulean", - "nib" + "nixpkgs": [ + "nixpkgs" ] }, "locked": { - "lastModified": 1768525804, - "narHash": "sha256-jlpNb7Utqfdq2HESAB1mtddWHOsxKlTjPiLFRLd35r8=", - "owner": "emilelcb", - "repo": "mix", - "rev": "617d8915a6518a3d4e375b87c50ae34d9daee6c6", + "lastModified": 1763992789, + "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3", "type": "github" }, "original": { - "owner": "emilelcb", - "repo": "mix", - "type": "github" - } - }, - "nib": { - "inputs": { - "systems": [ - "cerulean", - "systems" - ] - }, - "locked": { - "lastModified": 1768472076, - "narHash": "sha256-bdVRCDy6oJx/CZiyxkke783FgtBW//wDuOAITUsQcNc=", - "owner": "emilelcb", - "repo": "nib", - "rev": "42ac66dfc180a13af1cc8850397db66ec5556991", - "type": "github" - }, - "original": { - "owner": "emilelcb", - "repo": "nib", + "owner": "nix-community", + "ref": "release-25.05", + "repo": "home-manager", "type": "github" } }, @@ -198,6 +200,52 @@ "type": "github" } }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "nt", + "nix-unit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1737420293, + "narHash": "sha256-F1G5ifvqTpJq7fdkT34e/Jy9VCyzd5XfJ9TO8fHhJWE=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "f4158fa080ef4503c8f4c820967d946c2af31ec9", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, + "nix-unit": { + "inputs": { + "flake-parts": "flake-parts_2", + "nix-github-actions": "nix-github-actions", + "nixpkgs": [ + "nt", + "nixpkgs" + ], + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1762774186, + "narHash": "sha256-hRADkHjNt41+JUHw2EiSkMaL4owL83g5ZppjYUdF/Dc=", + "owner": "nix-community", + "repo": "nix-unit", + "rev": "1c9ab50554eed0b768f9e5b6f646d63c9673f0f7", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-unit", + "type": "github" + } + }, "nixcord": { "inputs": { "flake-compat": "flake-compat_2", @@ -283,16 +331,51 @@ "type": "github" } }, + "nixpkgs_3": { + "locked": { + "lastModified": 1767313136, + "narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nt": { + "inputs": { + "nix-unit": "nix-unit", + "nixpkgs": "nixpkgs_3", + "systems": "systems_2" + }, + "locked": { + "lastModified": 1770593961, + "narHash": "sha256-Q2rRlN6yZiatLwEfYyCKJ/SImva+vbXr8DVA0qvix4c=", + "path": "/home/me/agribit/nexus/nt", + "type": "path" + }, + "original": { + "path": "/home/me/agribit/nexus/nt", + "type": "path" + } + }, "root": { "inputs": { "cerulean": "cerulean", "dobutterfliescry-net": "dobutterfliescry-net", "grub2-themes": "grub2-themes", + "home-manager": "home-manager", "nix-flatpak": "nix-flatpak", "nixcord": "nixcord", "nixpkgs": "nixpkgs_2", "nixpkgs-unstable": "nixpkgs-unstable", - "systems": "systems_2" + "nt": "nt", + "systems": "systems_3" } }, "systems": { @@ -325,6 +408,43 @@ "type": "github" } }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nt", + "nix-unit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1762410071, + "narHash": "sha256-aF5fvoZeoXNPxT0bejFUBXeUjXfHLSL7g+mjR/p5TEg=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "97a30861b13c3731a84e09405414398fbf3e109f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "utils": { "inputs": { "systems": "systems" diff --git a/flake.nix b/flake.nix index 4534072..029c5fa 100644 --- a/flake.nix +++ b/flake.nix @@ -12,6 +12,9 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + # nt.url = "github:emilelcb/nt"; + nt.url = "/home/me/agribit/nexus/nt"; + cerulean = { # url = "github:emilelcb/Cerulean"; url = "/home/me/agribit/nexus/Cerulean"; @@ -19,6 +22,7 @@ systems.follows = "systems"; nixpkgs.follows = "nixpkgs"; nixpkgs-unstable.follows = "nixpkgs-unstable"; + nt.follows = "nt"; }; }; @@ -50,7 +54,9 @@ ... }: let groups = { - cryde = {}; # oh frick i cried again + cryos = { + cryde = {}; # oh frick i cried again + }; server = {}; }; in @@ -63,7 +69,7 @@ # my laptop <3 :3 lolcathost = { system = "x86_64-linux"; - groups = [groups.cryde]; + groups = [groups.cryos.cryde]; extraModules = [ home-manager.nixosModules.default grub2-themes.nixosModules.default @@ -73,7 +79,7 @@ # i be on my puter frfr myputer = { system = "x86_64-linux"; - groups = [groups.cryde]; + groups = [groups.cryos.cryde]; extraModules = [ home-manager.nixosModules.default grub2-themes.nixosModules.default From b2f9db3148b3efc5c4f0119c5824f325fc10540c Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 12 Feb 2026 13:25:40 +1000 Subject: [PATCH 119/143] idk a bunch of things got the merge working --- groups/all/default.nix | 5 ++ groups/cryde/default.nix | 8 +-- groups/cryde/programs.nix | 6 +- groups/server/default.nix | 26 +++++--- hosts/butterfly/default.nix | 16 ++--- hosts/hyrule/default.nix | 54 ++-------------- hosts/hyrule/services/default.nix | 7 --- hosts/hyrule/services/nginx.nix | 83 ------------------------- hosts/modules/colmena.nix | 20 ------ hosts/modules/steam.nix | 1 - hosts/myputer/default.nix | 25 +------- overlays/default.nix | 4 ++ packages/sddm-theme-corners/default.nix | 31 ++++----- 13 files changed, 65 insertions(+), 221 deletions(-) create mode 100644 groups/all/default.nix delete mode 100644 hosts/hyrule/services/default.nix delete mode 100644 hosts/hyrule/services/nginx.nix delete mode 100644 hosts/modules/colmena.nix diff --git a/groups/all/default.nix b/groups/all/default.nix new file mode 100644 index 0000000..225997d --- /dev/null +++ b/groups/all/default.nix @@ -0,0 +1,5 @@ +{lib, ...}: { + # NOTE: mkDefault is 1000 and mkForce is 50 + # NOTE: so this is like a second mkDefault + security.sudo.wheelNeedsPassword = lib.mkOverride 900 true; +} diff --git a/groups/cryde/default.nix b/groups/cryde/default.nix index daadfc0..3a75daa 100644 --- a/groups/cryde/default.nix +++ b/groups/cryde/default.nix @@ -12,7 +12,7 @@ ../../hosts/modules/steam.nix ../../hosts/modules/obsidian.nix - inputs.nix-flatpak.nixosModules.nix-flatpak + # inputs.nix-flatpak.nixosModules.nix-flatpak ]; boot.loader.grub2-theme = { @@ -110,10 +110,10 @@ NIXOS_OZONE_WL = "1"; }; systemPackages = with pkgs; [ - (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners + sddm-theme-corners # dependencies for my sddm theme: # XXX: add these as a buildInput - pkgs.libsForQt5.qt5.qtgraphicaleffects + # pkgs.libsForQt5.qt5.qtgraphicaleffects ]; }; @@ -130,8 +130,6 @@ nitch starfetch - colmena-latest - gitkraken ]; }; diff --git a/groups/cryde/programs.nix b/groups/cryde/programs.nix index dbfe31e..8d8ba86 100644 --- a/groups/cryde/programs.nix +++ b/groups/cryde/programs.nix @@ -1,4 +1,8 @@ -{pkgs, ...}: { +{ + pkgs, + upkgs, + ... +}: { # ---- SYSTEM PACKAGES ----- environment.systemPackages = with pkgs; [ # User Environment diff --git a/groups/server/default.nix b/groups/server/default.nix index 4092412..e9ad3ac 100644 --- a/groups/server/default.nix +++ b/groups/server/default.nix @@ -1,8 +1,4 @@ -{ - lib, - sshPort ? 22, - ... -}: { +{lib, ...}: { networking = { networkmanager.enable = true; @@ -15,7 +11,7 @@ firewall = { enable = lib.mkDefault true; allowedTCPPorts = [ - sshPort + 22 ]; }; }; @@ -41,7 +37,7 @@ services = { openssh = { enable = true; - ports = [sshPort]; + ports = [22]; settings = { PasswordAuthentication = false; PermitRootLogin = "no"; @@ -51,4 +47,20 @@ }; }; }; + + users = { + users = { + # primary user + cry = { + isNormalUser = true; + home = "/home/cry"; + extraGroups = ["wheel"]; + openssh.authorizedKeys.keys = lib.mkOverride 900 [ + (throw '' + Hosts in the `server` group must set `users.users.cry.openssh.authorizedKeys.keys = [ ... ]`. + '') + ]; + }; + }; + }; } diff --git a/hosts/butterfly/default.nix b/hosts/butterfly/default.nix index cc00dd3..83ff46d 100755 --- a/hosts/butterfly/default.nix +++ b/hosts/butterfly/default.nix @@ -57,18 +57,10 @@ # }; }; - users = { - users = { - # primary user - cry = { - isNormalUser = true; - home = "/home/cry"; - extraGroups = ["wheel"]; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" - ]; - }; - }; + users.users.cry = { + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" + ]; }; virtualisation.docker.enable = true; diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 6684f58..9690354 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -1,8 +1,6 @@ -{pkgs, ...}: { +{...}: { imports = [ ./hardware-configuration.nix - - ./services ]; # super duper minimum grub2 config @@ -15,59 +13,19 @@ hostName = "hyrule"; firewall = { allowedTCPPorts = [ - 80 # nginx - 443 # nginx ]; allowedUDPPorts = [ - 54231 # Wireguard ]; }; - - # wg-quick.interfaces = { - # wg0 = { - # address = [ - # "10.10.10.4/24" - # ]; - # dns = ["10.10.10.1"]; - # privateKeyFile = "/root/wg_agrivpn_hyrule"; - # peers = [ - # { - # # peer's public key - # publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY="; - - # # choose which traffic to forward - # allowedIPs = [ - # "10.0.51.0/24" - # "10.10.10.0/24" - # ]; - # endpoint = "150.242.34.33:54231"; - # } - # ]; - # }; - # }; }; - users = { - users = { - # primary user - cry = { - isNormalUser = true; - extraGroups = ["wheel"]; - shell = pkgs.bash; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" - ]; - }; - - friends = { - isNormalUser = true; - shell = pkgs.fish; - home = "/home/friends"; - }; - }; + users.users.cry = { + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" + ]; }; virtualisation.docker.enable = true; - system.stateVersion = "24.11"; # DO NOT MODIFY + system.stateVersion = "25.11"; # DO NOT MODIFY } diff --git a/hosts/hyrule/services/default.nix b/hosts/hyrule/services/default.nix deleted file mode 100644 index 1f3c874..0000000 --- a/hosts/hyrule/services/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{...}: { - imports = [ - ./services/forgejo.nix - ./services/vaultwarden.nix - ./services/nginx.nix - ]; -} diff --git a/hosts/hyrule/services/nginx.nix b/hosts/hyrule/services/nginx.nix deleted file mode 100644 index 6d0205d..0000000 --- a/hosts/hyrule/services/nginx.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ - inputs, - pkgs, - ... -}: { - nixpkgs.overlays = [ - (self: super: { - # in wake of CVE-2022-3602/CVE-2022-3786 - nginxStable = super.nginxStable.override {openssl = pkgs.libressl;}; - }) - inputs.dobutterfliescry-net.overlays.default - ]; - - # simple nginx instance to host static construction page - # TODO: I want sshd and forgejo's ssh server to both be bound to port 22 - # So change sshd to listen on a different address/port (ie 2222 or 127.0.0.3:22, etc) - # and change forgejo to use 127.0.0.2:22 (use port 22, ONLY change loopback address) - services.nginx = { - enable = true; - # XXX: TODO: this should auto use the nginxStable overlay no? - # in wake of CVE-2022-3602/CVE-2022-3786 - # package = pkgs.nginxStable.override {openssl = pkgs.libressl;}; - - recommendedGzipSettings = true; - recommendedZstdSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - - # streamConfig = '' - # server { - # listen 127.0.0.1:53 udp reuseport; - # proxy_timeout 20s; - # proxy_pass 192.168.0.1:53535; - # } - # ''; - - virtualHosts = let - localhost = "http://127.0.0.1"; - std = { - # TODO: should I run over QUIC+HTTP3? (experimental) - # quic = true; - # http3 = true; - enableACME = true; - # kTLS = true; # offload TLS to the linux kernel - }; - - vault = - { - forceSSL = true; - locations."/".proxyPass = "${localhost}:8222"; - } - // std; - forge = - { - forceSSL = true; - extraConfig = '' - client_max_body_size 512M; - ''; - locations."/".proxyPass = "${localhost}:3000"; - } - // std; - in { - "dobutterfliescry.net" = - { - default = true; - addSSL = true; # not strictly enforced <3 - # root = "/var/www/cry"; - root = "${pkgs.dobutterfliescry-net}/www"; - # extraConfig = '' - # error_page 404 /custom_404.html; - # ''; - } - // std; - # Route "vault" subdomain to vaultwarden - "vault.imbored.dev" = vault; - # Route "forge" subdomain to forgejo - # TODO: use `forgejo.settings.server.ENABLE_ACME` instead? - # "tearforge.net" = forge; - "forge.dobutterfliescry.net" = forge; - }; - }; -} diff --git a/hosts/modules/colmena.nix b/hosts/modules/colmena.nix deleted file mode 100644 index 5756901..0000000 --- a/hosts/modules/colmena.nix +++ /dev/null @@ -1,20 +0,0 @@ -{}: { - # Colmena's latest stable version is - # unusable so get latest unstable version. - colmena = let - src = pkgsBuild.fetchFromGitHub { - owner = "zhaofengli"; - repo = "colmena"; - rev = "47b6414d800c8471e98ca072bc0835345741a56a"; - sha256 = "rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc="; - }; - flake = - pkgsBuild.callPackage "${src}/flake.nix" { - }; - in - flake.packages."${system}".colmena; - - nixpkgs.config.packageOverrides = pkgs: { - colmena = pkgs.callPackage - }; -} diff --git a/hosts/modules/steam.nix b/hosts/modules/steam.nix index e554441..1e31d8d 100644 --- a/hosts/modules/steam.nix +++ b/hosts/modules/steam.nix @@ -52,6 +52,5 @@ # lutris bottles - heroic ]; } diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index cd0d683..1b397d4 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -1,6 +1,7 @@ { pkgs, upkgs, + lib, ... }: { imports = [ @@ -26,29 +27,7 @@ flatpak.enable = true; }; - # ------- USERS ------- - security.sudo.wheelNeedsPassword = false; - users = { - users = { - # just me fr (personal account) - me = { - isNormalUser = true; - extraGroups = ["wheel" "netdev" "docker"]; - shell = pkgs.bash; - packages = with pkgs; [ - firefox - nitch - starfetch - - colmena-latest - - gitkraken - # NOTE: downloadthing this causes my PC to freak!! ("too many open files" error) - #keyguard # bitwarden client app - ]; - }; - }; - }; + security.sudo.wheelNeedsPassword = lib.mkForce false; # ---- SYSTEM PACKAGES ----- environment.systemPackages = with pkgs; [ diff --git a/overlays/default.nix b/overlays/default.nix index cecd3fc..4865280 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -13,5 +13,9 @@ x86-manpages = import ../packages/x86-manpages { pkgs = super; }; + + sddm-theme-corners = import ../packages/sddm-theme-corners { + pkgs = super; + }; }) ] diff --git a/packages/sddm-theme-corners/default.nix b/packages/sddm-theme-corners/default.nix index e9a755f..da1ebfc 100755 --- a/packages/sddm-theme-corners/default.nix +++ b/packages/sddm-theme-corners/default.nix @@ -1,17 +1,20 @@ -{pkgs}: { - sddm-theme-corners = pkgs.stdenv.mkDerivation { - name = "sddm-theme-corners"; - version = "1.0.0"; +{pkgs}: +pkgs.stdenv.mkDerivation { + name = "sddm-theme-corners"; + version = "1.0.0"; - installPhase = '' - mkdir -p $out/share/sddm/themes - cp -ar $src/corners $out/share/sddm/themes/ - ''; - src = pkgs.fetchFromGitHub { - owner = "aczw"; - repo = "sddm-theme-corners"; - rev = "6ff0ff455261badcae36cd7d151a34479f157a3c"; - sha256 = "0iiasrbl7ciyhq3z02la636as915zk9ph063ac7vm5iwny8vgwh8"; - }; + installPhase = '' + mkdir -p $out/share/sddm/themes + cp -ar $src/corners $out/share/sddm/themes/ + ''; + src = pkgs.fetchFromGitHub { + owner = "aczw"; + repo = "sddm-theme-corners"; + rev = "6ff0ff455261badcae36cd7d151a34479f157a3c"; + sha256 = "0iiasrbl7ciyhq3z02la636as915zk9ph063ac7vm5iwny8vgwh8"; }; + + buildInputs = with pkgs; [ + libsForQt5.qt5.qtgraphicaleffects + ]; } From 16ddee5acae8be3178e30109a81f2909011abe03 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 12 Feb 2026 13:25:52 +1000 Subject: [PATCH 120/143] remove deploy.sh --- deploy | 97 ---------------------------------------------------------- 1 file changed, 97 deletions(-) delete mode 100755 deploy diff --git a/deploy b/deploy deleted file mode 100755 index fcd6f85..0000000 --- a/deploy +++ /dev/null @@ -1,97 +0,0 @@ -#!/usr/bin/env bash -set -e - -# TODO: use `nixos-rebuild build-vm` - -usage="Usage: $(basename $0) [OPTIONS] - -Options: - -f, --fresh Remove old content in the nixstore (good for debugging) - -b, --bootloader Reinstall the bootloader - -r, --remote Locally build and remotely deploy Colmena hive - --show-trace Show nix stack trace on error - -h, --help Show this message (^_^)" - -# delete all cached entries -# to make the system from scratch -collect_garbage () { - sudo nix-collect-garbage --delete-old -} - -rebuild_flake () { - # make sure all changes are visible to nixos - # (--intent-to-add tracks files but DOES NOT stage them) - git add . --intent-to-add --verbose - local FLAGS= - if [ "$1" = "reinstall-bootloader" ]; then - FLAGS="--install-bootloader" - # sudo nixos-rebuild switch --flake . --install-bootloader - # STC_DISPLAY_ALL_UNITS=1 (verbose, show output of all units) - fi - - # LOG="$(mktemp /tmp/rebuild-XXXXXXXX)" - LOG="./rebuild.log" - echo "[*] Logging to $LOG" - sudo nixos-rebuild switch --flake . $FLAGS $EXTRA_FLAGS 2>&1 | tee "$LOG" - #nixos-rebuild build --flake .# --cores 8 -j 1 -} - -deploy_hive () { - echo "[+] Adding keys to ssh-agent" - ssh-add ~/.ssh/id_hyrule - printf "\n" - - git add . --verbose - # Deploy to all Colmena hives - colmena build --experimental-flake-eval $EXTRA_FLAGS - colmena apply --experimental-flake-eval $EXTRA_FLAGS - # colmena apply --on hyrule --experimental-flake-eval -} - -# check which flags were given -flag_fresh=false -flag_bootloader=false -flag_remote=false -flag_trace=false -for flag in "$@"; do - case "$flag" in - -r|--remote) - flag_remote=true ;; - --show-trace) - flag_trace=true ;; - -f|--fresh) - flag_fresh=true ;; - -b|--bootloader) - flag_bootloader=true ;; - -h|--help) - echo "$usage" - exit 0 ;; - *) - echo "[!] Unknown flag \"$flag\"" - exit 1 ;; - esac -done - -EXTRA_FLAGS="" -if [ "$flag_trace" = true ]; then - EXTRA_FLAGS="$EXTRA_FLAGS --show-trace" -fi - -if [ "$flag_remote" = true ]; then - deploy_hive - exit 0 -fi - -# delete cached items in nixstore -if [ "$flag_fresh" = true ]; then - collect_garbage - exit 0 -fi - -# nixos-rebuild switch ... -if [ "$flag_bootloader" = true ]; then - collect_garbage - rebuild_flake "reinstall-bootloader" -else - rebuild_flake -fi From 726111079ef5a9bd33622ecca8f185e8af696925 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 12 Feb 2026 13:26:00 +1000 Subject: [PATCH 121/143] ignore matcha for now --- flake.nix | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/flake.nix b/flake.nix index 029c5fa..91d57f6 100644 --- a/flake.nix +++ b/flake.nix @@ -55,7 +55,8 @@ }: let groups = { cryos = { - cryde = {}; # oh frick i cried again + # oh frick i cried again + cryde = {}; }; server = {}; }; @@ -101,11 +102,11 @@ }; # call me a statistician the way she spreads in my sheets - matcha = { - system = "x86_64-linux"; - groups = [groups.server]; - deploy.ssh.host = "bedroom.dobutterfliescry.net"; - }; + # matcha = { + # system = "x86_64-linux"; + # groups = [groups.server]; + # deploy.ssh.host = "bedroom.dobutterfliescry.net"; + # }; }; }; }; From 9757cd823d8f9d407867b9e5e66836f6f78f2364 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 12 Feb 2026 13:27:01 +1000 Subject: [PATCH 122/143] progress flake.lock --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 3b22954..7071611 100644 --- a/flake.lock +++ b/flake.lock @@ -17,8 +17,8 @@ ] }, "locked": { - "lastModified": 1770594166, - "narHash": "sha256-ijsAdvC9/0873gCkqNpTjUDl+Gk8oKovgvpnnQfA+/A=", + "lastModified": 1770866677, + "narHash": "sha256-5DN5PxKnkHkCLQrm/XPtORgUNZ0izTOFCtgxVJB98vU=", "path": "/home/me/agribit/nexus/Cerulean", "type": "path" }, @@ -354,8 +354,8 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1770593961, - "narHash": "sha256-Q2rRlN6yZiatLwEfYyCKJ/SImva+vbXr8DVA0qvix4c=", + "lastModified": 1770855466, + "narHash": "sha256-hZyD4m2Iix0FKWiRtzNFhbgdaULq52oysD68LmtT5H4=", "path": "/home/me/agribit/nexus/nt", "type": "path" }, From 27bc2ec0af9e79fcc41b1745dcbb2654230d539f Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 12 Feb 2026 14:21:45 +1000 Subject: [PATCH 123/143] fix groups/default.nix should be groups/all/default.nix --- flake.lock | 22 ++++----- flake.nix | 45 +++++++++++------- groups/all/default.nix | 63 ++++++++++++++++++++++++- groups/default.nix | 49 ------------------- groups/server/default.nix | 21 ++------- hosts/butterfly/services/nginx.nix | 1 - packages/sddm-theme-corners/default.nix | 4 ++ 7 files changed, 111 insertions(+), 94 deletions(-) delete mode 100644 groups/default.nix diff --git a/flake.lock b/flake.lock index 7071611..e0c1171 100644 --- a/flake.lock +++ b/flake.lock @@ -17,8 +17,8 @@ ] }, "locked": { - "lastModified": 1770866677, - "narHash": "sha256-5DN5PxKnkHkCLQrm/XPtORgUNZ0izTOFCtgxVJB98vU=", + "lastModified": 1770869519, + "narHash": "sha256-3NyegyJeuQQSFuQMZKNCJhTw2qhJUjUL6ep432EOgJY=", "path": "/home/me/agribit/nexus/Cerulean", "type": "path" }, @@ -170,16 +170,16 @@ ] }, "locked": { - "lastModified": 1763992789, - "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=", + "lastModified": 1770260404, + "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", "owner": "nix-community", "repo": "home-manager", - "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3", + "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-25.05", + "ref": "release-25.11", "repo": "home-manager", "type": "github" } @@ -317,16 +317,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1770536720, - "narHash": "sha256-pbmbaQUuoG+v37b91lqcNcz05YUvVif7iWjIx9lF8R4=", - "owner": "NixOS", + "lastModified": 1770770419, + "narHash": "sha256-iKZMkr6Cm9JzWlRYW/VPoL0A9jVKtZYiU4zSrVeetIs=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "3c64ab24b22579c833895b6030c9563837e41a70", + "rev": "6c5e707c6b5339359a9a9e215c5e66d6d802fd7a", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-25.05", + "ref": "nixos-25.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 91d57f6..100114b 100644 --- a/flake.nix +++ b/flake.nix @@ -4,11 +4,11 @@ inputs = { systems.url = "github:nix-systems/default"; - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; home-manager = { - url = "github:nix-community/home-manager/release-25.05"; + url = "github:nix-community/home-manager/release-25.11"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -47,26 +47,39 @@ }; }; + nixConfig = { + extra-experimental-features = "pipe-operators"; + }; + outputs = { cerulean, home-manager, grub2-themes, + dobutterfliescry-net, ... - }: let - groups = { - cryos = { - # oh frick i cried again - cryde = {}; - }; - server = {}; - }; - in - cerulean.mkNexus ./. { + }: + cerulean.mkNexus ./. (self: { nexus = { - inherit groups; - overlays = import ./overlays; + overlays = + import ./overlays + ++ [ + dobutterfliescry-net.overlays.default + ]; - nodes = { + groups = { + cryos = { + # oh frick i cried again + cryde = {}; + }; + server = {}; + }; + + nodes = let + inherit + (self.nexus) + groups + ; + in { # my laptop <3 :3 lolcathost = { system = "x86_64-linux"; @@ -109,5 +122,5 @@ # }; }; }; - }; + }); } diff --git a/groups/all/default.nix b/groups/all/default.nix index 225997d..b367245 100644 --- a/groups/all/default.nix +++ b/groups/all/default.nix @@ -1,5 +1,66 @@ -{lib, ...}: { +{ + root, + inputs, + config, + pkgs, + upkgs, + lib, + ... +}: { # NOTE: mkDefault is 1000 and mkForce is 50 # NOTE: so this is like a second mkDefault security.sudo.wheelNeedsPassword = lib.mkOverride 900 true; + + networking = { + networkmanager.enable = true; + + nftables.enable = true; + firewall.enable = lib.mkDefault true; + + # Use CloudFlare's WARP+ 1.1.1.1 DNS service + nameservers = [ + "1.1.1.1" + "1.0.0.1" + ]; + }; + + nix.settings = { + # make wheel group trusted users allows my "ae" user + # to import packages not signed by a trusted key + # (aka super duper easier to remote deploy) + trusted-users = ["root" "@wheel"]; + experimental-features = [ + "nix-command" + "flakes" + "pipe-operators" + ]; + download-buffer-size = 524288000; # 500 MiB + }; + + time.timeZone = lib.mkDefault "Australia/Brisbane"; + + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + users.defaultUserShell = pkgs.bash; + + home-manager = { + users = + config.users.users + |> builtins.attrNames + |> builtins.filter (x: builtins.pathExists (root + "/homes/${x}")) + |> (x: lib.genAttrs x (y: import (root + "/homes/${y}"))); + + extraSpecialArgs = {inherit inputs pkgs upkgs;}; + }; + + environment.systemPackages = with pkgs; [ + git + vim + wget + tree + ]; } diff --git a/groups/default.nix b/groups/default.nix deleted file mode 100644 index 0dfb8f8..0000000 --- a/groups/default.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ - root, - pkgs, - upkgs, - lib, - inputs, - config, - ... -}: { - nix.settings = { - # make wheel group trusted users allows my "ae" user - # to import packages not signed by a trusted key - # (aka super duper easier to remote deploy) - trusted-users = ["root" "@wheel"]; - experimental-features = [ - "nix-command" - "flakes" - "pipe-operators" - ]; - download-buffer-size = 524288000; # 500 MiB - }; - - time.timeZone = lib.mkDefault "Australia/Brisbane"; - - i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - }; - - users.defaultUserShell = pkgs.bash; - - home-manager = { - users = - config.users.users - |> builtins.attrNames - |> builtins.filter (x: builtins.pathExists (root + "/homes/${x}")) - |> lib.genAttrs (x: import (root + "/homes/${x}")); - - extraSpecialArgs = {inherit inputs pkgs upkgs;}; - }; - - environment.systemPackages = with pkgs; [ - git - vim - wget - tree - ]; -} diff --git a/groups/server/default.nix b/groups/server/default.nix index e9ad3ac..5c447fc 100644 --- a/groups/server/default.nix +++ b/groups/server/default.nix @@ -1,19 +1,8 @@ {lib, ...}: { - networking = { - networkmanager.enable = true; - - # Use CloudFlare's WARP+ 1.1.1.1 DNS service - nameservers = [ - "1.1.1.1" - "1.0.0.1" + networking.firewall = { + allowedTCPPorts = [ + 22 ]; - - firewall = { - enable = lib.mkDefault true; - allowedTCPPorts = [ - 22 - ]; - }; }; security = { @@ -29,7 +18,7 @@ }; # allow SSH keys for passwordless auth pam = { - enableSSHAgentAuth = true; + sshAgentAuth.enable = true; services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module }; }; @@ -41,7 +30,7 @@ settings = { PasswordAuthentication = false; PermitRootLogin = "no"; - # AllowUsers = ["cry"]; # DO NOT ALLOW ALL + AllowUsers = ["cry"]; # DO NOT ALLOW ALL UseDns = true; X11Forwarding = false; }; diff --git a/hosts/butterfly/services/nginx.nix b/hosts/butterfly/services/nginx.nix index 6d0205d..ba78c0a 100644 --- a/hosts/butterfly/services/nginx.nix +++ b/hosts/butterfly/services/nginx.nix @@ -22,7 +22,6 @@ # package = pkgs.nginxStable.override {openssl = pkgs.libressl;}; recommendedGzipSettings = true; - recommendedZstdSettings = true; recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; diff --git a/packages/sddm-theme-corners/default.nix b/packages/sddm-theme-corners/default.nix index da1ebfc..b0e3789 100755 --- a/packages/sddm-theme-corners/default.nix +++ b/packages/sddm-theme-corners/default.nix @@ -17,4 +17,8 @@ pkgs.stdenv.mkDerivation { buildInputs = with pkgs; [ libsForQt5.qt5.qtgraphicaleffects ]; + + nativeBuildInputs = with pkgs; [ + qt5.wrapQtAppsHook + ]; } From d5891684a970a8f6d9e0f1d526c8306f5b00d06b Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 13 Feb 2026 12:47:55 +1000 Subject: [PATCH 124/143] clean flatpak modules --- flake.nix | 2 +- groups/all/default.nix | 4 ++++ groups/all/modules/flatpak.nix | 12 ++++++++++++ groups/cryde/default.nix | 3 --- hosts/myputer/modules/gamergrl/default.nix | 11 +++++++++++ 5 files changed, 28 insertions(+), 4 deletions(-) create mode 100644 groups/all/modules/flatpak.nix create mode 100644 hosts/myputer/modules/gamergrl/default.nix diff --git a/flake.nix b/flake.nix index 100114b..168993f 100644 --- a/flake.nix +++ b/flake.nix @@ -26,7 +26,7 @@ }; }; - nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=v0.7.0"; + nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=latest"; grub2-themes = { url = "github:vinceliuice/grub2-themes"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/groups/all/default.nix b/groups/all/default.nix index b367245..090cc7b 100644 --- a/groups/all/default.nix +++ b/groups/all/default.nix @@ -7,6 +7,10 @@ lib, ... }: { + imports = [ + ./modules/flatpak.nix + ]; + # NOTE: mkDefault is 1000 and mkForce is 50 # NOTE: so this is like a second mkDefault security.sudo.wheelNeedsPassword = lib.mkOverride 900 true; diff --git a/groups/all/modules/flatpak.nix b/groups/all/modules/flatpak.nix new file mode 100644 index 0000000..20cf828 --- /dev/null +++ b/groups/all/modules/flatpak.nix @@ -0,0 +1,12 @@ +{...}: { + services.flatpak = { + remotes = [ + { + location = "https://dl.flathub.org/repo/flathub.flatpakrepo"; + name = "flathub"; + } + ]; + + uninstallUnmanaged = true; + }; +} diff --git a/groups/cryde/default.nix b/groups/cryde/default.nix index 3a75daa..359642e 100644 --- a/groups/cryde/default.nix +++ b/groups/cryde/default.nix @@ -1,5 +1,4 @@ { - inputs, pkgs, config, ... @@ -11,8 +10,6 @@ ../../hosts/modules/wm/hyprland.nix ../../hosts/modules/steam.nix ../../hosts/modules/obsidian.nix - - # inputs.nix-flatpak.nixosModules.nix-flatpak ]; boot.loader.grub2-theme = { diff --git a/hosts/myputer/modules/gamergrl/default.nix b/hosts/myputer/modules/gamergrl/default.nix new file mode 100644 index 0000000..f295398 --- /dev/null +++ b/hosts/myputer/modules/gamergrl/default.nix @@ -0,0 +1,11 @@ +{...}: { + services.flatpak = { + packages = [ + { + # Linux Runtime for Roblox + appId = "org.vinegarhq.Sober"; + origin = "flathub"; + } + ]; + }; +} From 7bd393c7631242d7b84edc6d3d92cc632ed92b19 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 13 Feb 2026 12:48:04 +1000 Subject: [PATCH 125/143] snow + flake :3 --- flake.lock | 10 +++--- flake.nix | 74 ++---------------------------------------- groups/all/default.nix | 5 ++- snow.nix | 66 +++++++++++++++++++++++++++++++++++++ 4 files changed, 75 insertions(+), 80 deletions(-) create mode 100644 snow.nix diff --git a/flake.lock b/flake.lock index e0c1171..912db39 100644 --- a/flake.lock +++ b/flake.lock @@ -17,8 +17,8 @@ ] }, "locked": { - "lastModified": 1770869519, - "narHash": "sha256-3NyegyJeuQQSFuQMZKNCJhTw2qhJUjUL6ep432EOgJY=", + "lastModified": 1770938216, + "narHash": "sha256-BSsm9Lsqk0Rv5bk0jknms1+RPnfDiHk8m2IZ4BeoDIw=", "path": "/home/me/agribit/nexus/Cerulean", "type": "path" }, @@ -195,7 +195,7 @@ }, "original": { "owner": "gmodena", - "ref": "v0.7.0", + "ref": "latest", "repo": "nix-flatpak", "type": "github" } @@ -354,8 +354,8 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1770855466, - "narHash": "sha256-hZyD4m2Iix0FKWiRtzNFhbgdaULq52oysD68LmtT5H4=", + "lastModified": 1770920652, + "narHash": "sha256-GkHYl2+lQ4go7jSHheIfjRdRVVvjl3LysdVNxWXcoec=", "path": "/home/me/agribit/nexus/nt", "type": "path" }, diff --git a/flake.nix b/flake.nix index 168993f..c833943 100644 --- a/flake.nix +++ b/flake.nix @@ -51,76 +51,6 @@ extra-experimental-features = "pipe-operators"; }; - outputs = { - cerulean, - home-manager, - grub2-themes, - dobutterfliescry-net, - ... - }: - cerulean.mkNexus ./. (self: { - nexus = { - overlays = - import ./overlays - ++ [ - dobutterfliescry-net.overlays.default - ]; - - groups = { - cryos = { - # oh frick i cried again - cryde = {}; - }; - server = {}; - }; - - nodes = let - inherit - (self.nexus) - groups - ; - in { - # my laptop <3 :3 - lolcathost = { - system = "x86_64-linux"; - groups = [groups.cryos.cryde]; - extraModules = [ - home-manager.nixosModules.default - grub2-themes.nixosModules.default - ]; - }; - - # i be on my puter frfr - myputer = { - system = "x86_64-linux"; - groups = [groups.cryos.cryde]; - extraModules = [ - home-manager.nixosModules.default - grub2-themes.nixosModules.default - ]; - }; - - # courtesy of aurora <3 - butterfly = { - system = "x86_64-linux"; - groups = [groups.server]; - deploy.ssh.host = "dobutterfliescry.net"; - }; - - # pls dont sue me im broke - hyrule = { - system = "x86_64-linux"; - groups = [groups.server]; - deploy.ssh.host = "hyrule.dobutterfliescry.net"; - }; - - # call me a statistician the way she spreads in my sheets - # matcha = { - # system = "x86_64-linux"; - # groups = [groups.server]; - # deploy.ssh.host = "bedroom.dobutterfliescry.net"; - # }; - }; - }; - }); + outputs = inputs: + import ./snow.nix inputs; } diff --git a/groups/all/default.nix b/groups/all/default.nix index 090cc7b..70b682d 100644 --- a/groups/all/default.nix +++ b/groups/all/default.nix @@ -1,13 +1,12 @@ { - root, inputs, - config, pkgs, - upkgs, lib, ... }: { imports = [ + inputs.dobutterfliescry-net.overlays.default + ./modules/flatpak.nix ]; diff --git a/snow.nix b/snow.nix new file mode 100644 index 0000000..5fe3054 --- /dev/null +++ b/snow.nix @@ -0,0 +1,66 @@ +{cerulean, ...} @ inputs: +cerulean.mkNexus ./. (self: { + nexus = { + specialArgs = {inherit inputs;}; + + groups = { + # wait.. that's too cold... + cryos = { + # oh frick i cried again + cryde = {}; + }; + # + server = {}; + }; + + nodes = let + inherit + (self.nexus) + groups + ; + in { + # my laptop <3 :3 + lolcathost = { + system = "x86_64-linux"; + groups = [groups.cryos.cryde]; + extraModules = with inputs; [ + home-manager.nixosModules.default + grub2-themes.nixosModules.default + nix-flatpak.nixosModules.nix-flatpak + ]; + }; + + # i be on my puter frfr + myputer = { + system = "x86_64-linux"; + groups = [groups.cryos.cryde]; + extraModules = with inputs; [ + home-manager.nixosModules.default + grub2-themes.nixosModules.default + nix-flatpak.nixosModules.nix-flatpak + ]; + }; + + # courtesy of aurora <3 + butterfly = { + system = "x86_64-linux"; + groups = [groups.server]; + deploy.ssh.host = "dobutterfliescry.net"; + }; + + # pls dont sue me im broke + hyrule = { + system = "x86_64-linux"; + groups = [groups.server]; + deploy.ssh.host = "hyrule.dobutterfliescry.net"; + }; + + # call me a statistician the way she spreads in my sheets + # matcha = { + # system = "x86_64-linux"; + # groups = [groups.server]; + # deploy.ssh.host = "bedroom.dobutterfliescry.net"; + # }; + }; + }; +}) From 737ba60df8d74f833ae5ad56dc7bc49607e7279f Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 13 Feb 2026 12:48:30 +1000 Subject: [PATCH 126/143] add element-desktop --- groups/cryde/programs.nix | 1 + overlays/default.nix | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/groups/cryde/programs.nix b/groups/cryde/programs.nix index 8d8ba86..a07eaa7 100644 --- a/groups/cryde/programs.nix +++ b/groups/cryde/programs.nix @@ -20,6 +20,7 @@ signal-desktop kdePackages.gwenview # image viewer video-trimmer + element-desktop # Games prismlauncher # minecraft diff --git a/overlays/default.nix b/overlays/default.nix index 4865280..5c6507a 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -17,5 +17,13 @@ sddm-theme-corners = import ../packages/sddm-theme-corners { pkgs = super; }; + + element-desktop = super.element-desktop.overrideAttrs (final: prev: { + desktopItems = [ + ((builtins.elemAt prev.desktopItems 0).override { + exec = "element-desktop %u --password-store=\"gnome-libsecret\""; + }) + ]; + }); }) ] From 4329feb5f4b6cf6e2b00d6aba6fbbbbe43ab75fb Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 13 Feb 2026 12:49:52 +1000 Subject: [PATCH 127/143] use lib.mkDefault --- groups/all/default.nix | 4 ++-- groups/server/default.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/groups/all/default.nix b/groups/all/default.nix index 70b682d..3f851c9 100644 --- a/groups/all/default.nix +++ b/groups/all/default.nix @@ -12,7 +12,7 @@ # NOTE: mkDefault is 1000 and mkForce is 50 # NOTE: so this is like a second mkDefault - security.sudo.wheelNeedsPassword = lib.mkOverride 900 true; + security.sudo.wheelNeedsPassword = lib.mkDefault true; networking = { networkmanager.enable = true; @@ -42,7 +42,7 @@ time.timeZone = lib.mkDefault "Australia/Brisbane"; - i18n.defaultLocale = "en_US.UTF-8"; + i18n.defaultLocale = lib.mkDefault "en_US.UTF-8"; console = { font = "Lat2-Terminus16"; keyMap = "us"; diff --git a/groups/server/default.nix b/groups/server/default.nix index 5c447fc..6182ef1 100644 --- a/groups/server/default.nix +++ b/groups/server/default.nix @@ -44,7 +44,7 @@ isNormalUser = true; home = "/home/cry"; extraGroups = ["wheel"]; - openssh.authorizedKeys.keys = lib.mkOverride 900 [ + openssh.authorizedKeys.keys = lib.mkDefault [ (throw '' Hosts in the `server` group must set `users.users.cry.openssh.authorizedKeys.keys = [ ... ]`. '') From dd2e30801df7e7d68b6b3ded51aa71dc6461eb0a Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 13 Feb 2026 12:50:01 +1000 Subject: [PATCH 128/143] cerulean now supports home-manager --- groups/all/default.nix | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/groups/all/default.nix b/groups/all/default.nix index 3f851c9..2c84bee 100644 --- a/groups/all/default.nix +++ b/groups/all/default.nix @@ -50,16 +50,6 @@ users.defaultUserShell = pkgs.bash; - home-manager = { - users = - config.users.users - |> builtins.attrNames - |> builtins.filter (x: builtins.pathExists (root + "/homes/${x}")) - |> (x: lib.genAttrs x (y: import (root + "/homes/${y}"))); - - extraSpecialArgs = {inherit inputs pkgs upkgs;}; - }; - environment.systemPackages = with pkgs; [ git vim From a29292169dca9f6234cdebea35ca6c82e8f40463 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 13 Feb 2026 12:50:22 +1000 Subject: [PATCH 129/143] disable man cache generation --- groups/cryos/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/groups/cryos/default.nix b/groups/cryos/default.nix index 795ed8b..82699d6 100644 --- a/groups/cryos/default.nix +++ b/groups/cryos/default.nix @@ -125,7 +125,10 @@ documentation = { enable = true; doc.enable = true; # install /share/doc packages - man.enable = true; # install manpages + man = { + enable = true; # install manpages + generateCaches = false; + }; info.enable = true; # install GNU info dev.enable = true; # install docs intended for developers nixos = { From e991a0611cd1260e9340d3f304eeecc2abeecbd6 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 13 Feb 2026 13:10:39 +1000 Subject: [PATCH 130/143] update git config --- homes/modules/git.nix | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/homes/modules/git.nix b/homes/modules/git.nix index 6751849..f035281 100755 --- a/homes/modules/git.nix +++ b/homes/modules/git.nix @@ -7,8 +7,14 @@ enable = true; lfs.enable = true; - userName = "Emile Clark-Boman"; - userEmail = "eclarkboman@gmail.com"; + userName = "_cry64"; + userEmail = "them@dobutterfliescry.net"; + + signing = { + key = "F68745A836CA0412"; + format = "openpgp"; + signByDefault = true; + }; aliases = { s = "status"; @@ -21,7 +27,7 @@ extraConfig = { color.ui = true; core.editor = "hx"; - github.user = "emileclarkb"; + github.user = "cry128"; init = { defaultBranch = "main"; @@ -39,22 +45,16 @@ "gitlab:" ]; }; - "git@github.com:/Agribit/" = { + "git@codeberg.org:" = { insteadOf = [ - "agri:" - "Agri:" - "agribit:" - "Agribit:" + "cb:" + "codeberg:" ]; }; - "ssh://forgejo@forge.imbored.dev:2222/" = { + "forgejo@forge.dobutterfliescry.net:2222/" = { insteadOf = [ - "forge" - ]; - }; - "ssh://forgejo@forge.imbored.dev:2222/emileclarkb/" = { - insteadOf = [ - "cry" + "cry:" + "forge:" ]; }; }; @@ -65,6 +65,10 @@ path = "/home/me/agribit/.gitconfig"; condition = "gitdir:/home/me/agribit/**"; } + # { + # path = "/home/me/luminary/.gitconfig"; + # condition = "gitdir:/home/me/luminary/**"; + # } ]; }; } From 1e78d45ba88ed9c7c1f4885a6ca26c580bf1d0c4 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 13 Feb 2026 13:10:51 +1000 Subject: [PATCH 131/143] progress flake to latest upstreams --- flake.lock | 30 ++++++++++++++++++------------ flake.nix | 8 ++++---- 2 files changed, 22 insertions(+), 16 deletions(-) diff --git a/flake.lock b/flake.lock index 912db39..f2657e6 100644 --- a/flake.lock +++ b/flake.lock @@ -17,14 +17,17 @@ ] }, "locked": { - "lastModified": 1770938216, - "narHash": "sha256-BSsm9Lsqk0Rv5bk0jknms1+RPnfDiHk8m2IZ4BeoDIw=", - "path": "/home/me/agribit/nexus/Cerulean", - "type": "path" + "lastModified": 1770950478, + "narHash": "sha256-y83gbdVEQheIYUvD8rzQcidLN0tcGCGq5b2TWQRjr4c=", + "owner": "cry128", + "repo": "Cerulean", + "rev": "5397bf5efcb1a047612a6e919bc2aad87ba9bb40", + "type": "github" }, "original": { - "path": "/home/me/agribit/nexus/Cerulean", - "type": "path" + "owner": "cry128", + "repo": "Cerulean", + "type": "github" } }, "deploy-rs": { @@ -354,14 +357,17 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1770920652, - "narHash": "sha256-GkHYl2+lQ4go7jSHheIfjRdRVVvjl3LysdVNxWXcoec=", - "path": "/home/me/agribit/nexus/nt", - "type": "path" + "lastModified": 1770950436, + "narHash": "sha256-+h5jrsIJBea5P+rAk4OqUpScqnHYQTvCRUhgGv/MX34=", + "owner": "cry128", + "repo": "nt", + "rev": "8725f5079f8f27b3faafeff90e5fc075d55e7d0a", + "type": "github" }, "original": { - "path": "/home/me/agribit/nexus/nt", - "type": "path" + "owner": "cry128", + "repo": "nt", + "type": "github" } }, "root": { diff --git a/flake.nix b/flake.nix index c833943..238f561 100644 --- a/flake.nix +++ b/flake.nix @@ -12,12 +12,12 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - # nt.url = "github:emilelcb/nt"; - nt.url = "/home/me/agribit/nexus/nt"; + nt.url = "github:cry128/nt"; + # nt.url = "/home/me/cry/mk/nt"; cerulean = { - # url = "github:emilelcb/Cerulean"; - url = "/home/me/agribit/nexus/Cerulean"; + url = "github:cry128/Cerulean"; + # url = "/home/me/cry/mk/Cerulean"; inputs = { systems.follows = "systems"; nixpkgs.follows = "nixpkgs"; From 42f80cd9f23c7a617103e7f1e0ce08e76a95d79c Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 13 Feb 2026 19:29:27 +1000 Subject: [PATCH 132/143] bug fixes --- groups/cryos/programs.nix | 1 - homes/modules/wm/hypr/hyprland.nix | 3 +-- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/groups/cryos/programs.nix b/groups/cryos/programs.nix index 4b0fc6b..4ec2405 100644 --- a/groups/cryos/programs.nix +++ b/groups/cryos/programs.nix @@ -45,7 +45,6 @@ nix-prefetch-git nix-index nix-unit - deploy-rs.deploy-rs # Python python312 # I use 3.12 since it's in a pretty stable state now diff --git a/homes/modules/wm/hypr/hyprland.nix b/homes/modules/wm/hypr/hyprland.nix index b9ca1f7..4db2870 100755 --- a/homes/modules/wm/hypr/hyprland.nix +++ b/homes/modules/wm/hypr/hyprland.nix @@ -2,7 +2,6 @@ # and your home-manager config (for managing hyprland's config files) { pkgs, - pkgs-unstable, inputs, config, lib, @@ -15,7 +14,7 @@ config = lib.mkIf config.hyprland.enable { wayland.windowManager.hyprland = { enable = true; - package = pkgs.hyprland; # pkgs-unstable.hyprland; + package = pkgs.hyprland; # upkgs.hyprland; xwayland.enable = true; From 02251bd75064d4d58b6f852267e221cbae28d3fd Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Fri, 13 Feb 2026 19:29:45 +1000 Subject: [PATCH 133/143] add nixpkgs.nix --- flake.lock | 66 +++++++++++++++++++----------------------- groups/all/default.nix | 3 -- nixpkgs.nix | 27 +++++++++++++++++ 3 files changed, 57 insertions(+), 39 deletions(-) create mode 100644 nixpkgs.nix diff --git a/flake.lock b/flake.lock index f2657e6..ec582ef 100644 --- a/flake.lock +++ b/flake.lock @@ -17,17 +17,14 @@ ] }, "locked": { - "lastModified": 1770950478, - "narHash": "sha256-y83gbdVEQheIYUvD8rzQcidLN0tcGCGq5b2TWQRjr4c=", - "owner": "cry128", - "repo": "Cerulean", - "rev": "5397bf5efcb1a047612a6e919bc2aad87ba9bb40", - "type": "github" + "lastModified": 1770974095, + "narHash": "sha256-7plCbyNGVinY0Ti+MIR8tU+BJDe1qvyXCKq1TDk9tc8=", + "path": "/home/me/cry/mk/Cerulean", + "type": "path" }, "original": { - "owner": "cry128", - "repo": "Cerulean", - "type": "github" + "path": "/home/me/cry/mk/Cerulean", + "type": "path" } }, "deploy-rs": { @@ -63,11 +60,11 @@ ] }, "locked": { - "lastModified": 1770316708, - "narHash": "sha256-i9oEi2PUIZfp+73ZvQE/Ze0aCEV3y3+vvaJ/ZmAe3bw=", + "lastModified": 1770947070, + "narHash": "sha256-g/l/iUET/M+nSrXlwYF2e0KeKqgGpjy3qhwQY4tG62A=", "ref": "refs/heads/main", - "rev": "955746af205e2a94a8e0798a911941da9c5af779", - "revCount": 117, + "rev": "4fc28bfb4f95071d34184c7ba3153eaff87eba41", + "revCount": 121, "type": "git", "url": "https://forge.dobutterfliescry.net/cry/site" }, @@ -111,11 +108,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1768135262, - "narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=", + "lastModified": 1769996383, + "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac", + "rev": "57928607ea566b5db3ad13af0e57e921e6b12381", "type": "github" }, "original": { @@ -258,11 +255,11 @@ ] }, "locked": { - "lastModified": 1770365342, - "narHash": "sha256-jV5tAs67HSBWz/ePEp1eyoUK3Lqfc1fEAvt2wC6reFc=", + "lastModified": 1770943752, + "narHash": "sha256-3vWAy2BCP5liaCEKmeqeVWbTCF/JnukgMOg8qf8mCcg=", "owner": "FlameFlag", "repo": "nixcord", - "rev": "51db830336715209a4a213aa985f4d405ff0be69", + "rev": "aa1626057e57eca3686fbc1c3e2ddfde884c6b2a", "type": "github" }, "original": { @@ -289,11 +286,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1761114652, - "narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c", + "lastModified": 1769909678, + "narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "72716169fe93074c333e8d0173151350670b824c", "type": "github" }, "original": { @@ -304,11 +301,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1770197578, - "narHash": "sha256-AYqlWrX09+HvGs8zM6ebZ1pwUqjkfpnv8mewYwAo+iM=", + "lastModified": 1770841267, + "narHash": "sha256-9xejG0KoqsoKEGp2kVbXRlEYtFFcDTHjidiuX8hGO44=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "00c21e4c93d963c50d4c0c89bfa84ed6e0694df2", + "rev": "ec7c70d12ce2fc37cb92aff673dcdca89d187bae", "type": "github" }, "original": { @@ -357,17 +354,14 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1770950436, - "narHash": "sha256-+h5jrsIJBea5P+rAk4OqUpScqnHYQTvCRUhgGv/MX34=", - "owner": "cry128", - "repo": "nt", - "rev": "8725f5079f8f27b3faafeff90e5fc075d55e7d0a", - "type": "github" + "lastModified": 1770954326, + "narHash": "sha256-PZ+78r+iFZ90l6fdwC73SSyNyCqaiZIAFeDg0qBHY+8=", + "path": "/home/me/cry/mk/nt", + "type": "path" }, "original": { - "owner": "cry128", - "repo": "nt", - "type": "github" + "path": "/home/me/cry/mk/nt", + "type": "path" } }, "root": { diff --git a/groups/all/default.nix b/groups/all/default.nix index 2c84bee..3860303 100644 --- a/groups/all/default.nix +++ b/groups/all/default.nix @@ -1,12 +1,9 @@ { - inputs, pkgs, lib, ... }: { imports = [ - inputs.dobutterfliescry-net.overlays.default - ./modules/flatpak.nix ]; diff --git a/nixpkgs.nix b/nixpkgs.nix new file mode 100644 index 0000000..549ca0b --- /dev/null +++ b/nixpkgs.nix @@ -0,0 +1,27 @@ +{ + root, + inputs, + ... +}: { + nixpkgs.channels.default = { + # nixpkgs (stable branch) + pkgs = { + source = inputs.nixpkgs; + overlays = + [inputs.dobutterfliescry-net.overlays.default] + ++ import (root + "/overlays"); + config = { + allowUnfree = false; + allowBroken = false; + }; + }; + # nixpkgs-unstable + upkgs = { + source = inputs.nixpkgs-unstable; + config = { + allowUnfree = false; + allowBroken = false; + }; + }; + }; +} From 099d1960ab8b170c23c1c07bf59916e564ec136d Mon Sep 17 00:00:00 2001 From: _cry64 Date: Fri, 13 Feb 2026 22:14:30 +1000 Subject: [PATCH 134/143] IM FUCKING SISYPHUS SAVE ME --- flake.lock | 8 ++++---- flake.nix | 8 ++++---- groups/cryde/default.nix | 1 + groups/cryde/programs.nix | 2 +- groups/cryos/programs.nix | 10 +++++++++- homes/me/default.nix | 6 +----- homes/modules/editor/helix.nix | 4 ++-- homes/modules/git.nix | 6 +++--- homes/modules/term/foot.nix | 5 +++-- homes/modules/wm/hypr/hyprland.nix | 2 +- nixpkgs.nix | 22 +++++++++++++++++++--- snow.nix | 6 ++++-- 12 files changed, 52 insertions(+), 28 deletions(-) diff --git a/flake.lock b/flake.lock index ec582ef..ef08cd8 100644 --- a/flake.lock +++ b/flake.lock @@ -17,8 +17,8 @@ ] }, "locked": { - "lastModified": 1770974095, - "narHash": "sha256-7plCbyNGVinY0Ti+MIR8tU+BJDe1qvyXCKq1TDk9tc8=", + "lastModified": 1770984385, + "narHash": "sha256-CwSXJ5b0f3etnFdh8SaLeW8DMxCdu/r00D9xUFvfJTw=", "path": "/home/me/cry/mk/Cerulean", "type": "path" }, @@ -354,8 +354,8 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1770954326, - "narHash": "sha256-PZ+78r+iFZ90l6fdwC73SSyNyCqaiZIAFeDg0qBHY+8=", + "lastModified": 1770975061, + "narHash": "sha256-dedEcQSEzur2/pBcxFFygkSrMuKGOUWThOUD2LXMCsA=", "path": "/home/me/cry/mk/nt", "type": "path" }, diff --git a/flake.nix b/flake.nix index 238f561..6f73362 100644 --- a/flake.nix +++ b/flake.nix @@ -12,12 +12,12 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - nt.url = "github:cry128/nt"; - # nt.url = "/home/me/cry/mk/nt"; + # nt.url = "github:cry128/nt"; + nt.url = "/home/me/cry/mk/nt"; cerulean = { - url = "github:cry128/Cerulean"; - # url = "/home/me/cry/mk/Cerulean"; + # url = "github:cry128/Cerulean"; + url = "/home/me/cry/mk/Cerulean"; inputs = { systems.follows = "systems"; nixpkgs.follows = "nixpkgs"; diff --git a/groups/cryde/default.nix b/groups/cryde/default.nix index 359642e..03cdd2c 100644 --- a/groups/cryde/default.nix +++ b/groups/cryde/default.nix @@ -1,5 +1,6 @@ { pkgs, + upkgs, config, ... }: { diff --git a/groups/cryde/programs.nix b/groups/cryde/programs.nix index a07eaa7..09c0a67 100644 --- a/groups/cryde/programs.nix +++ b/groups/cryde/programs.nix @@ -27,6 +27,6 @@ upkgs.olympus # celeste discord discordo - ekphos + upkgs.ekphos ]; } diff --git a/groups/cryos/programs.nix b/groups/cryos/programs.nix index 4ec2405..947a1e5 100644 --- a/groups/cryos/programs.nix +++ b/groups/cryos/programs.nix @@ -19,7 +19,7 @@ hexyl # ASM nasm - x86-manpages + # x86-manpages # DEBUG # C Family gcc clang @@ -110,4 +110,12 @@ openssl libargon2 ]; + + programs = { + gnupg.agent = { + enable = true; + pinentryPackage = pkgs.pinentry-curses; + enableSSHSupport = true; + }; + }; } diff --git a/homes/me/default.nix b/homes/me/default.nix index c9a57cc..8484344 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -1,12 +1,8 @@ { - inputs, - outputs, lib, - config, pkgs, - upkgs, ... -} @ args: { +}: { imports = [ ../modules/fish.nix ../modules/btop.nix diff --git a/homes/modules/editor/helix.nix b/homes/modules/editor/helix.nix index 4119cc5..bccdc13 100755 --- a/homes/modules/editor/helix.nix +++ b/homes/modules/editor/helix.nix @@ -1,6 +1,6 @@ { pkgs, - upkgs, + # upkgs, ... }: let lsps = { @@ -43,7 +43,7 @@ }; ty = { - pkg = upkgs.ty; + pkg = pkgs.ty; # DEBUG: upkgs.ty; cmd = "ty"; }; diff --git a/homes/modules/git.nix b/homes/modules/git.nix index f035281..402efaa 100755 --- a/homes/modules/git.nix +++ b/homes/modules/git.nix @@ -11,9 +11,9 @@ userEmail = "them@dobutterfliescry.net"; signing = { - key = "F68745A836CA0412"; - format = "openpgp"; - signByDefault = true; + # key = "F68745A836CA0412"; + # format = "openpgp"; + # signByDefault = true; }; aliases = { diff --git a/homes/modules/term/foot.nix b/homes/modules/term/foot.nix index 8e40209..4fdaad5 100644 --- a/homes/modules/term/foot.nix +++ b/homes/modules/term/foot.nix @@ -1,7 +1,8 @@ -{upkgs, ...}: { +# DEBUG: {upkgs, ...}: { +{pkgs, ...}: { programs.foot = { enable = true; - package = upkgs.foot; + package = pkgs.foot; # DEBUG: upkgs.foot; server.enable = true; diff --git a/homes/modules/wm/hypr/hyprland.nix b/homes/modules/wm/hypr/hyprland.nix index 4db2870..38ed5af 100755 --- a/homes/modules/wm/hypr/hyprland.nix +++ b/homes/modules/wm/hypr/hyprland.nix @@ -14,7 +14,7 @@ config = lib.mkIf config.hyprland.enable { wayland.windowManager.hyprland = { enable = true; - package = pkgs.hyprland; # upkgs.hyprland; + package = pkgs.hyprland; xwayland.enable = true; diff --git a/nixpkgs.nix b/nixpkgs.nix index 549ca0b..12e275c 100644 --- a/nixpkgs.nix +++ b/nixpkgs.nix @@ -1,23 +1,39 @@ { - root, + lib, inputs, + system, ... }: { nixpkgs.channels.default = { # nixpkgs (stable branch) pkgs = { + inherit system; source = inputs.nixpkgs; overlays = [inputs.dobutterfliescry-net.overlays.default] - ++ import (root + "/overlays"); + ++ import ./overlays/default.nix; config = { - allowUnfree = false; + # allowUnfree = false; allowBroken = false; + allowUnfreePredicate = pkg: + builtins.elem (lib.getName pkg) [ + "discord" + "steam" + "steamcmd" + "steam-unwrapped" + + "obsidian" + "gitkraken" + ]; }; }; # nixpkgs-unstable upkgs = { + inherit system; source = inputs.nixpkgs-unstable; + overlays = + [inputs.dobutterfliescry-net.overlays.default] + ++ import ./overlays/default.nix; config = { allowUnfree = false; allowBroken = false; diff --git a/snow.nix b/snow.nix index 5fe3054..7b263f3 100644 --- a/snow.nix +++ b/snow.nix @@ -13,6 +13,10 @@ cerulean.mkNexus ./. (self: { server = {}; }; + extraModules = with inputs; [ + home-manager.nixosModules.default + ]; + nodes = let inherit (self.nexus) @@ -24,7 +28,6 @@ cerulean.mkNexus ./. (self: { system = "x86_64-linux"; groups = [groups.cryos.cryde]; extraModules = with inputs; [ - home-manager.nixosModules.default grub2-themes.nixosModules.default nix-flatpak.nixosModules.nix-flatpak ]; @@ -35,7 +38,6 @@ cerulean.mkNexus ./. (self: { system = "x86_64-linux"; groups = [groups.cryos.cryde]; extraModules = with inputs; [ - home-manager.nixosModules.default grub2-themes.nixosModules.default nix-flatpak.nixosModules.nix-flatpak ]; From f845588d00be1bff0858d98fbc078574c14bd40a Mon Sep 17 00:00:00 2001 From: _cry64 Date: Fri, 13 Feb 2026 22:14:41 +1000 Subject: [PATCH 135/143] progress flake.lock --- flake.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.lock b/flake.lock index ef08cd8..6285619 100644 --- a/flake.lock +++ b/flake.lock @@ -17,8 +17,8 @@ ] }, "locked": { - "lastModified": 1770984385, - "narHash": "sha256-CwSXJ5b0f3etnFdh8SaLeW8DMxCdu/r00D9xUFvfJTw=", + "lastModified": 1770984845, + "narHash": "sha256-si6XCx0xGq3z7dZSVCx5NgVxgFdnTc1qaKro5IemG70=", "path": "/home/me/cry/mk/Cerulean", "type": "path" }, From 3b2e3ddaab7a95a9d6713d217187d77bb3284500 Mon Sep 17 00:00:00 2001 From: _cry64 Date: Mon, 16 Feb 2026 09:32:40 +1000 Subject: [PATCH 136/143] add nginx overlay to overlays.nix --- hosts/butterfly/services/nginx.nix | 70 ++++++++++-------------------- overlays/default.nix | 12 +++-- 2 files changed, 31 insertions(+), 51 deletions(-) diff --git a/hosts/butterfly/services/nginx.nix b/hosts/butterfly/services/nginx.nix index ba78c0a..5dcb5c6 100644 --- a/hosts/butterfly/services/nginx.nix +++ b/hosts/butterfly/services/nginx.nix @@ -1,30 +1,13 @@ -{ - inputs, - pkgs, - ... -}: { - nixpkgs.overlays = [ - (self: super: { - # in wake of CVE-2022-3602/CVE-2022-3786 - nginxStable = super.nginxStable.override {openssl = pkgs.libressl;}; - }) - inputs.dobutterfliescry-net.overlays.default - ]; - - # simple nginx instance to host static construction page - # TODO: I want sshd and forgejo's ssh server to both be bound to port 22 - # So change sshd to listen on a different address/port (ie 2222 or 127.0.0.3:22, etc) - # and change forgejo to use 127.0.0.2:22 (use port 22, ONLY change loopback address) +{pkgs, ...}: { services.nginx = { enable = true; - # XXX: TODO: this should auto use the nginxStable overlay no? - # in wake of CVE-2022-3602/CVE-2022-3786 - # package = pkgs.nginxStable.override {openssl = pkgs.libressl;}; + # NOTE: in wake of CVE-2022-3602/CVE-2022-3786 nginxStable is overlayed + package = pkgs.nginx; - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; + # recommendedGzipSettings = true; + # recommendedOptimisation = true; + # recommendedProxySettings = true; + # recommendedTlsSettings = true; # streamConfig = '' # server { @@ -43,40 +26,33 @@ enableACME = true; # kTLS = true; # offload TLS to the linux kernel }; - - vault = - { - forceSSL = true; - locations."/".proxyPass = "${localhost}:8222"; - } - // std; - forge = - { - forceSSL = true; - extraConfig = '' - client_max_body_size 512M; - ''; - locations."/".proxyPass = "${localhost}:3000"; - } - // std; in { "dobutterfliescry.net" = { default = true; - addSSL = true; # not strictly enforced <3 - # root = "/var/www/cry"; + addSSL = true; # addSSL NOT forceSSL <3 root = "${pkgs.dobutterfliescry-net}/www"; # extraConfig = '' # error_page 404 /custom_404.html; # ''; } // std; - # Route "vault" subdomain to vaultwarden - "vault.imbored.dev" = vault; - # Route "forge" subdomain to forgejo - # TODO: use `forgejo.settings.server.ENABLE_ACME` instead? + "vault.imbored.dev" = + { + forceSSL = true; + locations."/".proxyPass = "${localhost}:8222"; + } + // std; + # "tearforge.net" = + # { + # forceSSL = true; + # extraConfig = '' + # client_max_body_size 512M; + # ''; + # locations."/".proxyPass = "${localhost}:3000"; + # } + # // std; # "tearforge.net" = forge; - "forge.dobutterfliescry.net" = forge; }; }; } diff --git a/overlays/default.nix b/overlays/default.nix index 5c6507a..d18a23d 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,5 +1,5 @@ -[ - (self: super: { +{inputs, ...}: ( + self: super: { angry-oxide = import ../packages/angryoxide { pkgs = super; inherit @@ -18,6 +18,10 @@ pkgs = super; }; + # in wake of CVE-2022-3602/CVE-2022-3786 + nginxStable = super.nginxStable.override {openssl = super.libressl;}; + nginx = super.nginx.override {openssl = super.libressl;}; + element-desktop = super.element-desktop.overrideAttrs (final: prev: { desktopItems = [ ((builtins.elemAt prev.desktopItems 0).override { @@ -25,5 +29,5 @@ }) ]; }); - }) -] + } +) From b22bb3217ebfaae4605849c0cd0addceac3989d0 Mon Sep 17 00:00:00 2001 From: _cry64 Date: Mon, 16 Feb 2026 09:33:25 +1000 Subject: [PATCH 137/143] update git config --- homes/modules/git.nix | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/homes/modules/git.nix b/homes/modules/git.nix index 402efaa..c1e3ed6 100755 --- a/homes/modules/git.nix +++ b/homes/modules/git.nix @@ -7,24 +7,24 @@ enable = true; lfs.enable = true; - userName = "_cry64"; - userEmail = "them@dobutterfliescry.net"; - signing = { # key = "F68745A836CA0412"; # format = "openpgp"; # signByDefault = true; }; - aliases = { - s = "status"; - d = "diff"; - l = "log"; - c = "commit"; - p = "push"; - }; + settings = { + user.name = "_cry64"; + user.email = "them@dobutterfliescry.net"; + + alias = { + s = "status"; + d = "diff"; + l = "log"; + c = "commit"; + p = "push"; + }; - extraConfig = { color.ui = true; core.editor = "hx"; github.user = "cry128"; @@ -51,7 +51,7 @@ "codeberg:" ]; }; - "forgejo@forge.dobutterfliescry.net:2222/" = { + "git@tearforge.net/" = { insteadOf = [ "cry:" "forge:" From 921741546ea58c4925f2d73422c6b20e61d1f857 Mon Sep 17 00:00:00 2001 From: _cry64 Date: Mon, 16 Feb 2026 09:33:33 +1000 Subject: [PATCH 138/143] remove modules/server --- homes/modules/server/fail2ban.nix | 17 --------------- homes/modules/server/nginx.nix | 35 ------------------------------- homes/modules/server/ssh.nix | 13 ------------ 3 files changed, 65 deletions(-) delete mode 100755 homes/modules/server/fail2ban.nix delete mode 100755 homes/modules/server/nginx.nix delete mode 100755 homes/modules/server/ssh.nix diff --git a/homes/modules/server/fail2ban.nix b/homes/modules/server/fail2ban.nix deleted file mode 100755 index 0681c68..0000000 --- a/homes/modules/server/fail2ban.nix +++ /dev/null @@ -1,17 +0,0 @@ -{...}: { - # simple fail2ban config (not production ready or anything though) - # refer to: https://nixos.wiki/wiki/Fail2Ban - services.fail2ban = { - enable = true; - - maxretry = 5; - bantime = "10m"; # 10 minute ban - bantime-increment = { - enable = true; - formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)"; - multipliers = "1 2 4 8 16 32 64"; - maxtime = "168h"; # dont ban for more than 1 week - overalljails = true; - }; - }; -} diff --git a/homes/modules/server/nginx.nix b/homes/modules/server/nginx.nix deleted file mode 100755 index a11b65c..0000000 --- a/homes/modules/server/nginx.nix +++ /dev/null @@ -1,35 +0,0 @@ -{...}: { - services = { - # use nginx as the reverse proxy - # (also will use certbot and Let's Encrypt) - # refer to: https://nixos.wiki/wiki/Nginx - nginx = { - enable = true; - - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - - # https://imbored.dev - virtualHosts = { - "imbored.dev" = { - forceSSL = true; - enableACME = true; - # config reverse proxy paths - locations = { - "/" = { - # TODO - proxyPass = "http://127.0.0.1:12345"; - }; - }; - }; - }; - }; - }; - - security.acme = { - acceptTerms = true; - defaults.email = "eclarkboman@gmail.com"; - }; -} diff --git a/homes/modules/server/ssh.nix b/homes/modules/server/ssh.nix deleted file mode 100755 index b898468..0000000 --- a/homes/modules/server/ssh.nix +++ /dev/null @@ -1,13 +0,0 @@ -{...}: { - services.openssh = { - enable = true; - ports = [22]; - settings = { - PasswordAuthentication = true; - PermitRootLogin = "no"; - AllowUsers = null; # allow all users by default - UseDns = true; - X11Forwarding = false; - }; - }; -} From 821349be7158126a6d7405570694062260840b0a Mon Sep 17 00:00:00 2001 From: _cry64 Date: Mon, 16 Feb 2026 09:34:17 +1000 Subject: [PATCH 139/143] add flatpak + nh --- groups/all/default.nix | 7 +++++++ groups/all/modules/flatpak.nix | 14 +++++++------- groups/cryde/default.nix | 3 --- groups/cryos/programs.nix | 2 +- 4 files changed, 15 insertions(+), 11 deletions(-) diff --git a/groups/all/default.nix b/groups/all/default.nix index 3860303..a636196 100644 --- a/groups/all/default.nix +++ b/groups/all/default.nix @@ -24,6 +24,13 @@ ]; }; + programs.nh = { + enable = true; + clean.enable = true; + clean.extraArgs = "--keep-since 7d --keep 3"; + flake = "/home/me/flake"; # sets NH_OS_FLAKE variable for you + }; + nix.settings = { # make wheel group trusted users allows my "ae" user # to import packages not signed by a trusted key diff --git a/groups/all/modules/flatpak.nix b/groups/all/modules/flatpak.nix index 20cf828..fbc2b38 100644 --- a/groups/all/modules/flatpak.nix +++ b/groups/all/modules/flatpak.nix @@ -1,12 +1,12 @@ {...}: { services.flatpak = { - remotes = [ - { - location = "https://dl.flathub.org/repo/flathub.flatpakrepo"; - name = "flathub"; - } - ]; + # DEBUG: remotes = [ + # DEBUG: { + # DEBUG: location = "https://dl.flathub.org/repo/flathub.flatpakrepo"; + # DEBUG: name = "flathub"; + # DEBUG: } + # DEBUG: ]; - uninstallUnmanaged = true; + # DEBUG: uninstallUnmanaged = true; }; } diff --git a/groups/cryde/default.nix b/groups/cryde/default.nix index 03cdd2c..02c1be0 100644 --- a/groups/cryde/default.nix +++ b/groups/cryde/default.nix @@ -109,9 +109,6 @@ }; systemPackages = with pkgs; [ sddm-theme-corners - # dependencies for my sddm theme: - # XXX: add these as a buildInput - # pkgs.libsForQt5.qt5.qtgraphicaleffects ]; }; diff --git a/groups/cryos/programs.nix b/groups/cryos/programs.nix index 947a1e5..3e58545 100644 --- a/groups/cryos/programs.nix +++ b/groups/cryos/programs.nix @@ -19,7 +19,7 @@ hexyl # ASM nasm - # x86-manpages # DEBUG + x86-manpages # C Family gcc clang From b6202ad56a9b1c3f982661197c5b22a7fea1775e Mon Sep 17 00:00:00 2001 From: _cry64 Date: Mon, 16 Feb 2026 09:35:29 +1000 Subject: [PATCH 140/143] update hosts (+ update sshPort) --- groups/server/default.nix | 22 +++++++++++++++++++--- homes/me/default.nix | 38 +++++++++++++------------------------- snow.nix | 15 +++++++++------ 3 files changed, 41 insertions(+), 34 deletions(-) diff --git a/groups/server/default.nix b/groups/server/default.nix index 6182ef1..32fe569 100644 --- a/groups/server/default.nix +++ b/groups/server/default.nix @@ -1,7 +1,7 @@ {lib, ...}: { networking.firewall = { allowedTCPPorts = [ - 22 + 42069 # ssh ]; }; @@ -9,7 +9,7 @@ # accept Lets Encrypt's security policy acme = { acceptTerms = true; - defaults.email = "them@dobutterfliescry.net"; + defaults.email = "eclarkboman@gmail.com"; }; sudo = { @@ -26,7 +26,7 @@ services = { openssh = { enable = true; - ports = [22]; + ports = [42069]; settings = { PasswordAuthentication = false; PermitRootLogin = "no"; @@ -37,6 +37,22 @@ }; }; + # simple fail2ban config (not production ready or anything though) + # refer to: https://nixos.wiki/wiki/Fail2Ban + services.fail2ban = { + enable = true; + + maxretry = 5; + bantime = "10m"; # 10 minute ban + bantime-increment = { + enable = true; + formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)"; + # multipliers = "1 2 4 8 16 32 64"; + maxtime = "168h"; # dont ban for more than 1 week + overalljails = true; + }; + }; + users = { users = { # primary user diff --git a/homes/me/default.nix b/homes/me/default.nix index 8484344..169219f 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -106,42 +106,30 @@ }; # set ssh profiles - # NOTE: (IMPORTANT) this DOES NOT start the ssh-agent - # for that you need to use `services.ssh-agent.enable` + # WARNING: this DOES NOT start the ssh-agent + # WARNING: for that you need to use `services.ssh-agent.enable` ssh = { enable = true; forwardAgent = false; - addKeysToAgent = "no"; + addKeysToAgent = "yes"; matchBlocks = { - hyrule = { - hostname = "imbored.dev"; - user = "ae"; - port = 22; - identityFile = "~/.ssh/id_hyrule"; + butterfly = { + hostname = "dobutterfliescry.net"; + user = "cry"; + port = 42069; + identityFile = "~/.ssh/id_butterfly"; setEnv = { TERM = "linux"; }; }; clocktown = { - hostname = "clocktown.dobutterfliescry.net"; - user = "root"; - port = 22; - identityFile = "~/.ssh/id_clocktown"; - }; - subspace = { - hostname = "imbored.dev"; - user = "subspace"; - port = 22; - identityFile = "~/.ssh/id_subspace"; - }; - dead = { - hostname = "deadlyserver.com"; - user = "emile"; - port = 29843; - identityFile = "~/.ssh/id_deadlyserver"; + hostname = "hyrule.dobutterfliescry.net"; + user = "cry"; + port = 42069; + identityFile = "~/.ssh/id_hyrule"; setEnv = { - TERM = "xterm-256color"; + TERM = "linux"; }; }; youcue = { diff --git a/snow.nix b/snow.nix index 7b263f3..4d3b575 100644 --- a/snow.nix +++ b/snow.nix @@ -13,10 +13,6 @@ cerulean.mkNexus ./. (self: { server = {}; }; - extraModules = with inputs; [ - home-manager.nixosModules.default - ]; - nodes = let inherit (self.nexus) @@ -47,14 +43,21 @@ cerulean.mkNexus ./. (self: { butterfly = { system = "x86_64-linux"; groups = [groups.server]; - deploy.ssh.host = "dobutterfliescry.net"; + deploy.ssh = { + host = "dobutterfliescry.net"; + user = "cry"; + port = 42069; + }; }; # pls dont sue me im broke hyrule = { system = "x86_64-linux"; groups = [groups.server]; - deploy.ssh.host = "hyrule.dobutterfliescry.net"; + deploy.ssh = { + host = "hyrule.dobutterfliescry.net"; + user = "cry"; + }; }; # call me a statistician the way she spreads in my sheets From ed8618c8a641214bede2b67d37e1efadd30ee863 Mon Sep 17 00:00:00 2001 From: _cry64 Date: Mon, 16 Feb 2026 09:35:47 +1000 Subject: [PATCH 141/143] add default nixpkgs.nix --- nixpkgs.nix | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/nixpkgs.nix b/nixpkgs.nix index 12e275c..816800f 100644 --- a/nixpkgs.nix +++ b/nixpkgs.nix @@ -3,15 +3,17 @@ inputs, system, ... -}: { - nixpkgs.channels.default = { +} @ args: { + nixpkgs.channels.default = rec { + default = pkgs; # nixpkgs (stable branch) pkgs = { inherit system; source = inputs.nixpkgs; - overlays = - [inputs.dobutterfliescry-net.overlays.default] - ++ import ./overlays/default.nix; + overlays = [ + inputs.dobutterfliescry-net.overlays.default + (import ./overlays/default.nix args) + ]; config = { # allowUnfree = false; allowBroken = false; @@ -31,9 +33,10 @@ upkgs = { inherit system; source = inputs.nixpkgs-unstable; - overlays = - [inputs.dobutterfliescry-net.overlays.default] - ++ import ./overlays/default.nix; + overlays = [ + inputs.dobutterfliescry-net.overlays.default + (import ./overlays/default.nix args) + ]; config = { allowUnfree = false; allowBroken = false; From 4ecb9ad03aefec1ea28c66fb97b3f53cb0708379 Mon Sep 17 00:00:00 2001 From: _cry64 Date: Mon, 16 Feb 2026 09:35:57 +1000 Subject: [PATCH 142/143] progress flake --- flake.lock | 134 +++++++++++++++++++++++++++++++++++++---------------- flake.nix | 9 ++-- 2 files changed, 97 insertions(+), 46 deletions(-) diff --git a/flake.lock b/flake.lock index 6285619..26fea2d 100644 --- a/flake.lock +++ b/flake.lock @@ -3,12 +3,11 @@ "cerulean": { "inputs": { "deploy-rs": "deploy-rs", + "home-manager": "home-manager", + "microvm": "microvm", "nixpkgs": [ "nixpkgs" ], - "nixpkgs-unstable": [ - "nixpkgs-unstable" - ], "nt": [ "nt" ], @@ -17,20 +16,26 @@ ] }, "locked": { - "lastModified": 1770984845, - "narHash": "sha256-si6XCx0xGq3z7dZSVCx5NgVxgFdnTc1qaKro5IemG70=", - "path": "/home/me/cry/mk/Cerulean", - "type": "path" + "lastModified": 1771194110, + "narHash": "sha256-x6rijGWmPL5FTpkr+8vpcKKCOT33QHEV8bP6ibEAXFE=", + "owner": "cry128", + "repo": "Cerulean", + "rev": "d527937829dec0f410f126a2f85e374cb99a2fbb", + "type": "github" }, "original": { - "path": "/home/me/cry/mk/Cerulean", - "type": "path" + "owner": "cry128", + "repo": "Cerulean", + "type": "github" } }, "deploy-rs": { "inputs": { "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs", + "nixpkgs": [ + "cerulean", + "nixpkgs" + ], "utils": "utils" }, "locked": { @@ -166,6 +171,7 @@ "home-manager": { "inputs": { "nixpkgs": [ + "cerulean", "nixpkgs" ] }, @@ -184,6 +190,49 @@ "type": "github" } }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1770260404, + "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-25.11", + "repo": "home-manager", + "type": "github" + } + }, + "microvm": { + "inputs": { + "nixpkgs": [ + "cerulean", + "nixpkgs" + ], + "spectrum": "spectrum" + }, + "locked": { + "lastModified": 1770310890, + "narHash": "sha256-lyWAs4XKg3kLYaf4gm5qc5WJrDkYy3/qeV5G733fJww=", + "owner": "microvm-nix", + "repo": "microvm.nix", + "rev": "68c9f9c6ca91841f04f726a298c385411b7bfcd5", + "type": "github" + }, + "original": { + "owner": "microvm-nix", + "repo": "microvm.nix", + "type": "github" + } + }, "nix-flatpak": { "locked": { "lastModified": 1767983141, @@ -270,16 +319,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743014863, - "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=", - "owner": "NixOS", + "lastModified": 1770770419, + "narHash": "sha256-iKZMkr6Cm9JzWlRYW/VPoL0A9jVKtZYiU4zSrVeetIs=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f", + "rev": "6c5e707c6b5339359a9a9e215c5e66d6d802fd7a", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", + "owner": "nixos", + "ref": "nixos-25.11", "repo": "nixpkgs", "type": "github" } @@ -316,22 +365,6 @@ } }, "nixpkgs_2": { - "locked": { - "lastModified": 1770770419, - "narHash": "sha256-iKZMkr6Cm9JzWlRYW/VPoL0A9jVKtZYiU4zSrVeetIs=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "6c5e707c6b5339359a9a9e215c5e66d6d802fd7a", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-25.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1767313136, "narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=", @@ -350,18 +383,21 @@ "nt": { "inputs": { "nix-unit": "nix-unit", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "systems": "systems_2" }, "locked": { - "lastModified": 1770975061, - "narHash": "sha256-dedEcQSEzur2/pBcxFFygkSrMuKGOUWThOUD2LXMCsA=", - "path": "/home/me/cry/mk/nt", - "type": "path" + "lastModified": 1770975056, + "narHash": "sha256-ZXTz/P3zUbbM6lNXzt91u8EwfNqhXpYMu8+wvFZqQHE=", + "owner": "cry128", + "repo": "nt", + "rev": "f42dcdd49a7921a7f433512e83d5f93696632412", + "type": "github" }, "original": { - "path": "/home/me/cry/mk/nt", - "type": "path" + "owner": "cry128", + "repo": "nt", + "type": "github" } }, "root": { @@ -369,15 +405,31 @@ "cerulean": "cerulean", "dobutterfliescry-net": "dobutterfliescry-net", "grub2-themes": "grub2-themes", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "nix-flatpak": "nix-flatpak", "nixcord": "nixcord", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", "nt": "nt", "systems": "systems_3" } }, + "spectrum": { + "flake": false, + "locked": { + "lastModified": 1759482047, + "narHash": "sha256-H1wiXRQHxxPyMMlP39ce3ROKCwI5/tUn36P8x6dFiiQ=", + "ref": "refs/heads/main", + "rev": "c5d5786d3dc938af0b279c542d1e43bce381b4b9", + "revCount": 996, + "type": "git", + "url": "https://spectrum-os.org/git/spectrum" + }, + "original": { + "type": "git", + "url": "https://spectrum-os.org/git/spectrum" + } + }, "systems": { "locked": { "lastModified": 1681028828, diff --git a/flake.nix b/flake.nix index 6f73362..2e7b315 100644 --- a/flake.nix +++ b/flake.nix @@ -12,16 +12,15 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - # nt.url = "github:cry128/nt"; - nt.url = "/home/me/cry/mk/nt"; + nt.url = "github:cry128/nt"; + # nt.url = "/home/me/cry/mk/nt"; cerulean = { - # url = "github:cry128/Cerulean"; - url = "/home/me/cry/mk/Cerulean"; + url = "github:cry128/Cerulean"; + # url = "/home/me/cry/mk/Cerulean"; inputs = { systems.follows = "systems"; nixpkgs.follows = "nixpkgs"; - nixpkgs-unstable.follows = "nixpkgs-unstable"; nt.follows = "nt"; }; }; From 648f53ae758b1e39acfd06f0270ffb2dc4c834fe Mon Sep 17 00:00:00 2001 From: _cry64 Date: Mon, 16 Feb 2026 09:36:01 +1000 Subject: [PATCH 143/143] add TODO.md --- TODO.md | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 TODO.md diff --git a/TODO.md b/TODO.md new file mode 100644 index 0000000..52635fc --- /dev/null +++ b/TODO.md @@ -0,0 +1,10 @@ +- [ ] Update the README.md +- [ ] switch ssh keys to ECC (fuck RSA) + +- [ ] migrate forge.dobutterfliescry.net -> tearforge.net +- [ ] rename forgejo user to git +- [ ] setup my own VPN +- [ ] connect match to my VPN +- [ ] use matcha to build stuff instead of using my laptop + +- [ ] make `ceru` do local and remote deployments