From d7850a7acccdd0a8b3f12d342f965e2f9d0b0605 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Mon, 9 Feb 2026 09:43:37 +1000 Subject: [PATCH 1/4] use NixTypes system --- flake.lock | 194 +++++++++++++++++++++++++++++++++++++++++++---------- flake.nix | 12 +++- 2 files changed, 166 insertions(+), 40 deletions(-) diff --git a/flake.lock b/flake.lock index d1deb86..3b22954 100644 --- a/flake.lock +++ b/flake.lock @@ -3,21 +3,22 @@ "cerulean": { "inputs": { "deploy-rs": "deploy-rs", - "mix": "mix", - "nib": "nib", "nixpkgs": [ "nixpkgs" ], "nixpkgs-unstable": [ "nixpkgs-unstable" ], + "nt": [ + "nt" + ], "systems": [ "systems" ] }, "locked": { - "lastModified": 1770552327, - "narHash": "sha256-cVVPdC650MRP4tMSB9EcECUpc0U4HWSZzoQnpEHH0uE=", + "lastModified": 1770594166, + "narHash": "sha256-ijsAdvC9/0873gCkqNpTjUDl+Gk8oKovgvpnnQfA+/A=", "path": "/home/me/agribit/nexus/Cerulean", "type": "path" }, @@ -120,6 +121,28 @@ "type": "github" } }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "nt", + "nix-unit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1762440070, + "narHash": "sha256-xxdepIcb39UJ94+YydGP221rjnpkDZUlykKuF54PsqI=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "26d05891e14c88eb4a5d5bee659c0db5afb609d8", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "grub2-themes": { "inputs": { "nixpkgs": [ @@ -140,45 +163,24 @@ "type": "github" } }, - "mix": { + "home-manager": { "inputs": { - "nib": [ - "cerulean", - "nib" + "nixpkgs": [ + "nixpkgs" ] }, "locked": { - "lastModified": 1768525804, - "narHash": "sha256-jlpNb7Utqfdq2HESAB1mtddWHOsxKlTjPiLFRLd35r8=", - "owner": "emilelcb", - "repo": "mix", - "rev": "617d8915a6518a3d4e375b87c50ae34d9daee6c6", + "lastModified": 1763992789, + "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3", "type": "github" }, "original": { - "owner": "emilelcb", - "repo": "mix", - "type": "github" - } - }, - "nib": { - "inputs": { - "systems": [ - "cerulean", - "systems" - ] - }, - "locked": { - "lastModified": 1768472076, - "narHash": "sha256-bdVRCDy6oJx/CZiyxkke783FgtBW//wDuOAITUsQcNc=", - "owner": "emilelcb", - "repo": "nib", - "rev": "42ac66dfc180a13af1cc8850397db66ec5556991", - "type": "github" - }, - "original": { - "owner": "emilelcb", - "repo": "nib", + "owner": "nix-community", + "ref": "release-25.05", + "repo": "home-manager", "type": "github" } }, @@ -198,6 +200,52 @@ "type": "github" } }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "nt", + "nix-unit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1737420293, + "narHash": "sha256-F1G5ifvqTpJq7fdkT34e/Jy9VCyzd5XfJ9TO8fHhJWE=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "f4158fa080ef4503c8f4c820967d946c2af31ec9", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, + "nix-unit": { + "inputs": { + "flake-parts": "flake-parts_2", + "nix-github-actions": "nix-github-actions", + "nixpkgs": [ + "nt", + "nixpkgs" + ], + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1762774186, + "narHash": "sha256-hRADkHjNt41+JUHw2EiSkMaL4owL83g5ZppjYUdF/Dc=", + "owner": "nix-community", + "repo": "nix-unit", + "rev": "1c9ab50554eed0b768f9e5b6f646d63c9673f0f7", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-unit", + "type": "github" + } + }, "nixcord": { "inputs": { "flake-compat": "flake-compat_2", @@ -283,16 +331,51 @@ "type": "github" } }, + "nixpkgs_3": { + "locked": { + "lastModified": 1767313136, + "narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nt": { + "inputs": { + "nix-unit": "nix-unit", + "nixpkgs": "nixpkgs_3", + "systems": "systems_2" + }, + "locked": { + "lastModified": 1770593961, + "narHash": "sha256-Q2rRlN6yZiatLwEfYyCKJ/SImva+vbXr8DVA0qvix4c=", + "path": "/home/me/agribit/nexus/nt", + "type": "path" + }, + "original": { + "path": "/home/me/agribit/nexus/nt", + "type": "path" + } + }, "root": { "inputs": { "cerulean": "cerulean", "dobutterfliescry-net": "dobutterfliescry-net", "grub2-themes": "grub2-themes", + "home-manager": "home-manager", "nix-flatpak": "nix-flatpak", "nixcord": "nixcord", "nixpkgs": "nixpkgs_2", "nixpkgs-unstable": "nixpkgs-unstable", - "systems": "systems_2" + "nt": "nt", + "systems": "systems_3" } }, "systems": { @@ -325,6 +408,43 @@ "type": "github" } }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nt", + "nix-unit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1762410071, + "narHash": "sha256-aF5fvoZeoXNPxT0bejFUBXeUjXfHLSL7g+mjR/p5TEg=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "97a30861b13c3731a84e09405414398fbf3e109f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "utils": { "inputs": { "systems": "systems" diff --git a/flake.nix b/flake.nix index 4534072..029c5fa 100644 --- a/flake.nix +++ b/flake.nix @@ -12,6 +12,9 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + # nt.url = "github:emilelcb/nt"; + nt.url = "/home/me/agribit/nexus/nt"; + cerulean = { # url = "github:emilelcb/Cerulean"; url = "/home/me/agribit/nexus/Cerulean"; @@ -19,6 +22,7 @@ systems.follows = "systems"; nixpkgs.follows = "nixpkgs"; nixpkgs-unstable.follows = "nixpkgs-unstable"; + nt.follows = "nt"; }; }; @@ -50,7 +54,9 @@ ... }: let groups = { - cryde = {}; # oh frick i cried again + cryos = { + cryde = {}; # oh frick i cried again + }; server = {}; }; in @@ -63,7 +69,7 @@ # my laptop <3 :3 lolcathost = { system = "x86_64-linux"; - groups = [groups.cryde]; + groups = [groups.cryos.cryde]; extraModules = [ home-manager.nixosModules.default grub2-themes.nixosModules.default @@ -73,7 +79,7 @@ # i be on my puter frfr myputer = { system = "x86_64-linux"; - groups = [groups.cryde]; + groups = [groups.cryos.cryde]; extraModules = [ home-manager.nixosModules.default grub2-themes.nixosModules.default From b2f9db3148b3efc5c4f0119c5824f325fc10540c Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 12 Feb 2026 13:25:40 +1000 Subject: [PATCH 2/4] idk a bunch of things got the merge working --- groups/all/default.nix | 5 ++ groups/cryde/default.nix | 8 +-- groups/cryde/programs.nix | 6 +- groups/server/default.nix | 26 +++++--- hosts/butterfly/default.nix | 16 ++--- hosts/hyrule/default.nix | 54 ++-------------- hosts/hyrule/services/default.nix | 7 --- hosts/hyrule/services/nginx.nix | 83 ------------------------- hosts/modules/colmena.nix | 20 ------ hosts/modules/steam.nix | 1 - hosts/myputer/default.nix | 25 +------- overlays/default.nix | 4 ++ packages/sddm-theme-corners/default.nix | 31 ++++----- 13 files changed, 65 insertions(+), 221 deletions(-) create mode 100644 groups/all/default.nix delete mode 100644 hosts/hyrule/services/default.nix delete mode 100644 hosts/hyrule/services/nginx.nix delete mode 100644 hosts/modules/colmena.nix diff --git a/groups/all/default.nix b/groups/all/default.nix new file mode 100644 index 0000000..225997d --- /dev/null +++ b/groups/all/default.nix @@ -0,0 +1,5 @@ +{lib, ...}: { + # NOTE: mkDefault is 1000 and mkForce is 50 + # NOTE: so this is like a second mkDefault + security.sudo.wheelNeedsPassword = lib.mkOverride 900 true; +} diff --git a/groups/cryde/default.nix b/groups/cryde/default.nix index daadfc0..3a75daa 100644 --- a/groups/cryde/default.nix +++ b/groups/cryde/default.nix @@ -12,7 +12,7 @@ ../../hosts/modules/steam.nix ../../hosts/modules/obsidian.nix - inputs.nix-flatpak.nixosModules.nix-flatpak + # inputs.nix-flatpak.nixosModules.nix-flatpak ]; boot.loader.grub2-theme = { @@ -110,10 +110,10 @@ NIXOS_OZONE_WL = "1"; }; systemPackages = with pkgs; [ - (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners + sddm-theme-corners # dependencies for my sddm theme: # XXX: add these as a buildInput - pkgs.libsForQt5.qt5.qtgraphicaleffects + # pkgs.libsForQt5.qt5.qtgraphicaleffects ]; }; @@ -130,8 +130,6 @@ nitch starfetch - colmena-latest - gitkraken ]; }; diff --git a/groups/cryde/programs.nix b/groups/cryde/programs.nix index dbfe31e..8d8ba86 100644 --- a/groups/cryde/programs.nix +++ b/groups/cryde/programs.nix @@ -1,4 +1,8 @@ -{pkgs, ...}: { +{ + pkgs, + upkgs, + ... +}: { # ---- SYSTEM PACKAGES ----- environment.systemPackages = with pkgs; [ # User Environment diff --git a/groups/server/default.nix b/groups/server/default.nix index 4092412..e9ad3ac 100644 --- a/groups/server/default.nix +++ b/groups/server/default.nix @@ -1,8 +1,4 @@ -{ - lib, - sshPort ? 22, - ... -}: { +{lib, ...}: { networking = { networkmanager.enable = true; @@ -15,7 +11,7 @@ firewall = { enable = lib.mkDefault true; allowedTCPPorts = [ - sshPort + 22 ]; }; }; @@ -41,7 +37,7 @@ services = { openssh = { enable = true; - ports = [sshPort]; + ports = [22]; settings = { PasswordAuthentication = false; PermitRootLogin = "no"; @@ -51,4 +47,20 @@ }; }; }; + + users = { + users = { + # primary user + cry = { + isNormalUser = true; + home = "/home/cry"; + extraGroups = ["wheel"]; + openssh.authorizedKeys.keys = lib.mkOverride 900 [ + (throw '' + Hosts in the `server` group must set `users.users.cry.openssh.authorizedKeys.keys = [ ... ]`. + '') + ]; + }; + }; + }; } diff --git a/hosts/butterfly/default.nix b/hosts/butterfly/default.nix index cc00dd3..83ff46d 100755 --- a/hosts/butterfly/default.nix +++ b/hosts/butterfly/default.nix @@ -57,18 +57,10 @@ # }; }; - users = { - users = { - # primary user - cry = { - isNormalUser = true; - home = "/home/cry"; - extraGroups = ["wheel"]; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" - ]; - }; - }; + users.users.cry = { + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" + ]; }; virtualisation.docker.enable = true; diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 6684f58..9690354 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -1,8 +1,6 @@ -{pkgs, ...}: { +{...}: { imports = [ ./hardware-configuration.nix - - ./services ]; # super duper minimum grub2 config @@ -15,59 +13,19 @@ hostName = "hyrule"; firewall = { allowedTCPPorts = [ - 80 # nginx - 443 # nginx ]; allowedUDPPorts = [ - 54231 # Wireguard ]; }; - - # wg-quick.interfaces = { - # wg0 = { - # address = [ - # "10.10.10.4/24" - # ]; - # dns = ["10.10.10.1"]; - # privateKeyFile = "/root/wg_agrivpn_hyrule"; - # peers = [ - # { - # # peer's public key - # publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY="; - - # # choose which traffic to forward - # allowedIPs = [ - # "10.0.51.0/24" - # "10.10.10.0/24" - # ]; - # endpoint = "150.242.34.33:54231"; - # } - # ]; - # }; - # }; }; - users = { - users = { - # primary user - cry = { - isNormalUser = true; - extraGroups = ["wheel"]; - shell = pkgs.bash; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" - ]; - }; - - friends = { - isNormalUser = true; - shell = pkgs.fish; - home = "/home/friends"; - }; - }; + users.users.cry = { + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" + ]; }; virtualisation.docker.enable = true; - system.stateVersion = "24.11"; # DO NOT MODIFY + system.stateVersion = "25.11"; # DO NOT MODIFY } diff --git a/hosts/hyrule/services/default.nix b/hosts/hyrule/services/default.nix deleted file mode 100644 index 1f3c874..0000000 --- a/hosts/hyrule/services/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{...}: { - imports = [ - ./services/forgejo.nix - ./services/vaultwarden.nix - ./services/nginx.nix - ]; -} diff --git a/hosts/hyrule/services/nginx.nix b/hosts/hyrule/services/nginx.nix deleted file mode 100644 index 6d0205d..0000000 --- a/hosts/hyrule/services/nginx.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ - inputs, - pkgs, - ... -}: { - nixpkgs.overlays = [ - (self: super: { - # in wake of CVE-2022-3602/CVE-2022-3786 - nginxStable = super.nginxStable.override {openssl = pkgs.libressl;}; - }) - inputs.dobutterfliescry-net.overlays.default - ]; - - # simple nginx instance to host static construction page - # TODO: I want sshd and forgejo's ssh server to both be bound to port 22 - # So change sshd to listen on a different address/port (ie 2222 or 127.0.0.3:22, etc) - # and change forgejo to use 127.0.0.2:22 (use port 22, ONLY change loopback address) - services.nginx = { - enable = true; - # XXX: TODO: this should auto use the nginxStable overlay no? - # in wake of CVE-2022-3602/CVE-2022-3786 - # package = pkgs.nginxStable.override {openssl = pkgs.libressl;}; - - recommendedGzipSettings = true; - recommendedZstdSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - - # streamConfig = '' - # server { - # listen 127.0.0.1:53 udp reuseport; - # proxy_timeout 20s; - # proxy_pass 192.168.0.1:53535; - # } - # ''; - - virtualHosts = let - localhost = "http://127.0.0.1"; - std = { - # TODO: should I run over QUIC+HTTP3? (experimental) - # quic = true; - # http3 = true; - enableACME = true; - # kTLS = true; # offload TLS to the linux kernel - }; - - vault = - { - forceSSL = true; - locations."/".proxyPass = "${localhost}:8222"; - } - // std; - forge = - { - forceSSL = true; - extraConfig = '' - client_max_body_size 512M; - ''; - locations."/".proxyPass = "${localhost}:3000"; - } - // std; - in { - "dobutterfliescry.net" = - { - default = true; - addSSL = true; # not strictly enforced <3 - # root = "/var/www/cry"; - root = "${pkgs.dobutterfliescry-net}/www"; - # extraConfig = '' - # error_page 404 /custom_404.html; - # ''; - } - // std; - # Route "vault" subdomain to vaultwarden - "vault.imbored.dev" = vault; - # Route "forge" subdomain to forgejo - # TODO: use `forgejo.settings.server.ENABLE_ACME` instead? - # "tearforge.net" = forge; - "forge.dobutterfliescry.net" = forge; - }; - }; -} diff --git a/hosts/modules/colmena.nix b/hosts/modules/colmena.nix deleted file mode 100644 index 5756901..0000000 --- a/hosts/modules/colmena.nix +++ /dev/null @@ -1,20 +0,0 @@ -{}: { - # Colmena's latest stable version is - # unusable so get latest unstable version. - colmena = let - src = pkgsBuild.fetchFromGitHub { - owner = "zhaofengli"; - repo = "colmena"; - rev = "47b6414d800c8471e98ca072bc0835345741a56a"; - sha256 = "rINodqeUuezuCWOnpJgrH7u9vJ86fYT+Dj8Mu8T/IBc="; - }; - flake = - pkgsBuild.callPackage "${src}/flake.nix" { - }; - in - flake.packages."${system}".colmena; - - nixpkgs.config.packageOverrides = pkgs: { - colmena = pkgs.callPackage - }; -} diff --git a/hosts/modules/steam.nix b/hosts/modules/steam.nix index e554441..1e31d8d 100644 --- a/hosts/modules/steam.nix +++ b/hosts/modules/steam.nix @@ -52,6 +52,5 @@ # lutris bottles - heroic ]; } diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index cd0d683..1b397d4 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -1,6 +1,7 @@ { pkgs, upkgs, + lib, ... }: { imports = [ @@ -26,29 +27,7 @@ flatpak.enable = true; }; - # ------- USERS ------- - security.sudo.wheelNeedsPassword = false; - users = { - users = { - # just me fr (personal account) - me = { - isNormalUser = true; - extraGroups = ["wheel" "netdev" "docker"]; - shell = pkgs.bash; - packages = with pkgs; [ - firefox - nitch - starfetch - - colmena-latest - - gitkraken - # NOTE: downloadthing this causes my PC to freak!! ("too many open files" error) - #keyguard # bitwarden client app - ]; - }; - }; - }; + security.sudo.wheelNeedsPassword = lib.mkForce false; # ---- SYSTEM PACKAGES ----- environment.systemPackages = with pkgs; [ diff --git a/overlays/default.nix b/overlays/default.nix index cecd3fc..4865280 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -13,5 +13,9 @@ x86-manpages = import ../packages/x86-manpages { pkgs = super; }; + + sddm-theme-corners = import ../packages/sddm-theme-corners { + pkgs = super; + }; }) ] diff --git a/packages/sddm-theme-corners/default.nix b/packages/sddm-theme-corners/default.nix index e9a755f..da1ebfc 100755 --- a/packages/sddm-theme-corners/default.nix +++ b/packages/sddm-theme-corners/default.nix @@ -1,17 +1,20 @@ -{pkgs}: { - sddm-theme-corners = pkgs.stdenv.mkDerivation { - name = "sddm-theme-corners"; - version = "1.0.0"; +{pkgs}: +pkgs.stdenv.mkDerivation { + name = "sddm-theme-corners"; + version = "1.0.0"; - installPhase = '' - mkdir -p $out/share/sddm/themes - cp -ar $src/corners $out/share/sddm/themes/ - ''; - src = pkgs.fetchFromGitHub { - owner = "aczw"; - repo = "sddm-theme-corners"; - rev = "6ff0ff455261badcae36cd7d151a34479f157a3c"; - sha256 = "0iiasrbl7ciyhq3z02la636as915zk9ph063ac7vm5iwny8vgwh8"; - }; + installPhase = '' + mkdir -p $out/share/sddm/themes + cp -ar $src/corners $out/share/sddm/themes/ + ''; + src = pkgs.fetchFromGitHub { + owner = "aczw"; + repo = "sddm-theme-corners"; + rev = "6ff0ff455261badcae36cd7d151a34479f157a3c"; + sha256 = "0iiasrbl7ciyhq3z02la636as915zk9ph063ac7vm5iwny8vgwh8"; }; + + buildInputs = with pkgs; [ + libsForQt5.qt5.qtgraphicaleffects + ]; } From 16ddee5acae8be3178e30109a81f2909011abe03 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 12 Feb 2026 13:25:52 +1000 Subject: [PATCH 3/4] remove deploy.sh --- deploy | 97 ---------------------------------------------------------- 1 file changed, 97 deletions(-) delete mode 100755 deploy diff --git a/deploy b/deploy deleted file mode 100755 index fcd6f85..0000000 --- a/deploy +++ /dev/null @@ -1,97 +0,0 @@ -#!/usr/bin/env bash -set -e - -# TODO: use `nixos-rebuild build-vm` - -usage="Usage: $(basename $0) [OPTIONS] - -Options: - -f, --fresh Remove old content in the nixstore (good for debugging) - -b, --bootloader Reinstall the bootloader - -r, --remote Locally build and remotely deploy Colmena hive - --show-trace Show nix stack trace on error - -h, --help Show this message (^_^)" - -# delete all cached entries -# to make the system from scratch -collect_garbage () { - sudo nix-collect-garbage --delete-old -} - -rebuild_flake () { - # make sure all changes are visible to nixos - # (--intent-to-add tracks files but DOES NOT stage them) - git add . --intent-to-add --verbose - local FLAGS= - if [ "$1" = "reinstall-bootloader" ]; then - FLAGS="--install-bootloader" - # sudo nixos-rebuild switch --flake . --install-bootloader - # STC_DISPLAY_ALL_UNITS=1 (verbose, show output of all units) - fi - - # LOG="$(mktemp /tmp/rebuild-XXXXXXXX)" - LOG="./rebuild.log" - echo "[*] Logging to $LOG" - sudo nixos-rebuild switch --flake . $FLAGS $EXTRA_FLAGS 2>&1 | tee "$LOG" - #nixos-rebuild build --flake .# --cores 8 -j 1 -} - -deploy_hive () { - echo "[+] Adding keys to ssh-agent" - ssh-add ~/.ssh/id_hyrule - printf "\n" - - git add . --verbose - # Deploy to all Colmena hives - colmena build --experimental-flake-eval $EXTRA_FLAGS - colmena apply --experimental-flake-eval $EXTRA_FLAGS - # colmena apply --on hyrule --experimental-flake-eval -} - -# check which flags were given -flag_fresh=false -flag_bootloader=false -flag_remote=false -flag_trace=false -for flag in "$@"; do - case "$flag" in - -r|--remote) - flag_remote=true ;; - --show-trace) - flag_trace=true ;; - -f|--fresh) - flag_fresh=true ;; - -b|--bootloader) - flag_bootloader=true ;; - -h|--help) - echo "$usage" - exit 0 ;; - *) - echo "[!] Unknown flag \"$flag\"" - exit 1 ;; - esac -done - -EXTRA_FLAGS="" -if [ "$flag_trace" = true ]; then - EXTRA_FLAGS="$EXTRA_FLAGS --show-trace" -fi - -if [ "$flag_remote" = true ]; then - deploy_hive - exit 0 -fi - -# delete cached items in nixstore -if [ "$flag_fresh" = true ]; then - collect_garbage - exit 0 -fi - -# nixos-rebuild switch ... -if [ "$flag_bootloader" = true ]; then - collect_garbage - rebuild_flake "reinstall-bootloader" -else - rebuild_flake -fi From 726111079ef5a9bd33622ecca8f185e8af696925 Mon Sep 17 00:00:00 2001 From: Emile Clark-Boman Date: Thu, 12 Feb 2026 13:26:00 +1000 Subject: [PATCH 4/4] ignore matcha for now --- flake.nix | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/flake.nix b/flake.nix index 029c5fa..91d57f6 100644 --- a/flake.nix +++ b/flake.nix @@ -55,7 +55,8 @@ }: let groups = { cryos = { - cryde = {}; # oh frick i cried again + # oh frick i cried again + cryde = {}; }; server = {}; }; @@ -101,11 +102,11 @@ }; # call me a statistician the way she spreads in my sheets - matcha = { - system = "x86_64-linux"; - groups = [groups.server]; - deploy.ssh.host = "bedroom.dobutterfliescry.net"; - }; + # matcha = { + # system = "x86_64-linux"; + # groups = [groups.server]; + # deploy.ssh.host = "bedroom.dobutterfliescry.net"; + # }; }; }; };