mirror of
https://github.com/buckley310/nixos-config.git
synced 2024-12-21 19:24:15 +00:00
format rfc-style
This commit is contained in:
parent
a201733f96
commit
1bb5a821a6
32 changed files with 600 additions and 412 deletions
47
flake.nix
47
flake.nix
|
@ -2,13 +2,19 @@
|
||||||
inputs.nixpkgs.url = "nixpkgs/nixos-unstable";
|
inputs.nixpkgs.url = "nixpkgs/nixos-unstable";
|
||||||
inputs.impermanence.url = "github:nix-community/impermanence";
|
inputs.impermanence.url = "github:nix-community/impermanence";
|
||||||
|
|
||||||
outputs = { self, nixpkgs, impermanence }:
|
outputs =
|
||||||
|
{
|
||||||
|
self,
|
||||||
|
nixpkgs,
|
||||||
|
impermanence,
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
inherit (nixpkgs) lib;
|
inherit (nixpkgs) lib;
|
||||||
|
|
||||||
mypkgs = pkgs:
|
mypkgs =
|
||||||
self.lib.dirToAttrs ./pkgs (x: pkgs.callPackage x { }) //
|
pkgs:
|
||||||
{
|
self.lib.dirToAttrs ./pkgs (x: pkgs.callPackage x { })
|
||||||
|
// {
|
||||||
iso = import lib/gen-iso.nix lib pkgs.system;
|
iso = import lib/gen-iso.nix lib pkgs.system;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -35,35 +41,34 @@
|
||||||
gen-ssh-config = import lib/gen-ssh-config.nix lib;
|
gen-ssh-config = import lib/gen-ssh-config.nix lib;
|
||||||
ssh-keys = import lib/ssh-keys.nix;
|
ssh-keys = import lib/ssh-keys.nix;
|
||||||
|
|
||||||
dirToAttrs = dir: f: lib.mapAttrs'
|
dirToAttrs =
|
||||||
(name: _: {
|
dir: f:
|
||||||
|
lib.mapAttrs' (name: _: {
|
||||||
name = lib.removeSuffix ".nix" name;
|
name = lib.removeSuffix ".nix" name;
|
||||||
value = f "${toString dir}/${name}";
|
value = f "${toString dir}/${name}";
|
||||||
})
|
}) (builtins.readDir dir);
|
||||||
(builtins.readDir dir);
|
|
||||||
};
|
};
|
||||||
|
|
||||||
nixosModules =
|
nixosModules = {
|
||||||
{
|
|
||||||
inherit pins;
|
inherit pins;
|
||||||
inherit (impermanence.nixosModules) impermanence;
|
inherit (impermanence.nixosModules) impermanence;
|
||||||
pkgs.nixpkgs.overlays = [ (_: mypkgs) ];
|
pkgs.nixpkgs.overlays = [ (_: mypkgs) ];
|
||||||
} //
|
} // self.lib.dirToAttrs ./modules import;
|
||||||
self.lib.dirToAttrs ./modules import;
|
|
||||||
|
|
||||||
nixosConfigurations = self.lib.dirToAttrs ./hosts
|
nixosConfigurations = self.lib.dirToAttrs ./hosts (
|
||||||
(dir:
|
dir:
|
||||||
let cfg = import dir;
|
let
|
||||||
in lib.nixosSystem {
|
cfg = import dir;
|
||||||
|
in
|
||||||
|
lib.nixosSystem {
|
||||||
inherit (cfg) system;
|
inherit (cfg) system;
|
||||||
modules =
|
modules =
|
||||||
cfg.modules ++
|
cfg.modules
|
||||||
[{ networking.hostName = builtins.baseNameOf dir; }] ++
|
++ [ { networking.hostName = builtins.baseNameOf dir; } ]
|
||||||
(builtins.attrValues self.nixosModules);
|
++ (builtins.attrValues self.nixosModules);
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
packages = forAllSystems (system:
|
packages = forAllSystems (system: mypkgs nixpkgs.legacyPackages.${system});
|
||||||
mypkgs nixpkgs.legacyPackages.${system});
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,7 +20,10 @@ in
|
||||||
];
|
];
|
||||||
|
|
||||||
services.openssh.hostKeys = [
|
services.openssh.hostKeys = [
|
||||||
{ type = "ed25519"; path = "${persist}/ssh_host_ed25519_key"; }
|
{
|
||||||
|
type = "ed25519";
|
||||||
|
path = "${persist}/ssh_host_ed25519_key";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
users.mutableUsers = false;
|
users.mutableUsers = false;
|
||||||
|
@ -36,11 +39,27 @@ in
|
||||||
hardware.enableRedistributableFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
"/" = { device = "tmpfs"; fsType = "tmpfs"; options = [ "mode=755" ]; };
|
"/" = {
|
||||||
"/boot" = { device = "/dev/disk/by-partlabel/EFI\\x20system\\x20partition"; fsType = "vfat"; };
|
device = "tmpfs";
|
||||||
"/home" = { device = "zroot/locker/home"; fsType = "zfs"; };
|
fsType = "tmpfs";
|
||||||
"/nix" = { device = "zroot/locker/nix"; fsType = "zfs"; };
|
options = [ "mode=755" ];
|
||||||
"/var/log" = { device = "zroot/locker/log"; fsType = "zfs"; };
|
};
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-partlabel/EFI\\x20system\\x20partition";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
"/home" = {
|
||||||
|
device = "zroot/locker/home";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
"/nix" = {
|
||||||
|
device = "zroot/locker/nix";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
"/var/log" = {
|
||||||
|
device = "zroot/locker/log";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
system.stateVersion = "22.05";
|
system.stateVersion = "22.05";
|
||||||
|
|
|
@ -8,7 +8,10 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
services.openssh.hostKeys = [
|
services.openssh.hostKeys = [
|
||||||
{ type = "ed25519"; path = "${persist}/ssh_host_ed25519_key"; }
|
{
|
||||||
|
type = "ed25519";
|
||||||
|
path = "${persist}/ssh_host_ed25519_key";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
# services.ollama = {
|
# services.ollama = {
|
||||||
|
@ -22,7 +25,10 @@ in
|
||||||
sconfig = {
|
sconfig = {
|
||||||
gnome = true;
|
gnome = true;
|
||||||
desktop.enable = true;
|
desktop.enable = true;
|
||||||
wg-home = { enable = true; path = "${persist}/wireguard_home.conf"; };
|
wg-home = {
|
||||||
|
enable = true;
|
||||||
|
path = "${persist}/wireguard_home.conf";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.persistence."${persist}/system".directories = [
|
environment.persistence."${persist}/system".directories = [
|
||||||
|
@ -49,14 +55,32 @@ in
|
||||||
boot = {
|
boot = {
|
||||||
loader.systemd-boot.enable = true;
|
loader.systemd-boot.enable = true;
|
||||||
loader.efi.canTouchEfiVariables = true;
|
loader.efi.canTouchEfiVariables = true;
|
||||||
initrd.availableKernelModules = [ "xhci_pci" "vmd" "nvme" "sd_mod" ];
|
initrd.availableKernelModules = [
|
||||||
|
"xhci_pci"
|
||||||
|
"vmd"
|
||||||
|
"nvme"
|
||||||
|
"sd_mod"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
"/" = { device = "tmpfs"; fsType = "tmpfs"; options = [ "mode=755" ]; };
|
"/" = {
|
||||||
"/boot" = { fsType = "vfat"; device = "/dev/nvme0n1p1"; };
|
device = "tmpfs";
|
||||||
"/nix" = { device = "levi/nix"; fsType = "zfs"; };
|
fsType = "tmpfs";
|
||||||
"/home" = { device = "levi/home"; fsType = "zfs"; };
|
options = [ "mode=755" ];
|
||||||
|
};
|
||||||
|
"/boot" = {
|
||||||
|
fsType = "vfat";
|
||||||
|
device = "/dev/nvme0n1p1";
|
||||||
|
};
|
||||||
|
"/nix" = {
|
||||||
|
device = "levi/nix";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
"/home" = {
|
||||||
|
device = "levi/home";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
users.mutableUsers = false;
|
users.mutableUsers = false;
|
||||||
|
|
|
@ -1,15 +1,20 @@
|
||||||
{ runCommand }: {
|
{ runCommand }:
|
||||||
|
{
|
||||||
|
|
||||||
b64decode = input:
|
b64decode =
|
||||||
builtins.readFile
|
input:
|
||||||
(runCommand "b64decode" { } ''
|
builtins.readFile (
|
||||||
|
runCommand "b64decode" { } ''
|
||||||
base64 -d >$out <${builtins.toFile "input" input}
|
base64 -d >$out <${builtins.toFile "input" input}
|
||||||
'');
|
''
|
||||||
|
);
|
||||||
|
|
||||||
b64encode = input:
|
b64encode =
|
||||||
builtins.readFile
|
input:
|
||||||
(runCommand "b64encode" { } ''
|
builtins.readFile (
|
||||||
|
runCommand "b64encode" { } ''
|
||||||
base64 -w0 >$out <${builtins.toFile "input" input}
|
base64 -w0 >$out <${builtins.toFile "input" input}
|
||||||
'');
|
''
|
||||||
|
);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,16 +1,18 @@
|
||||||
lib:
|
lib: system:
|
||||||
system:
|
|
||||||
|
|
||||||
let
|
let
|
||||||
sys = lib.nixosSystem {
|
sys = lib.nixosSystem {
|
||||||
inherit system;
|
inherit system;
|
||||||
modules = [
|
modules = [
|
||||||
({ modulesPath, ... }: {
|
(
|
||||||
|
{ modulesPath, ... }:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
"${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
|
"${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
|
||||||
];
|
];
|
||||||
isoImage.squashfsCompression = "gzip -Xcompression-level 1";
|
isoImage.squashfsCompression = "gzip -Xcompression-level 1";
|
||||||
})
|
}
|
||||||
|
)
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,23 +1,22 @@
|
||||||
lib:
|
lib: nixosConfigurations:
|
||||||
nixosConfigurations:
|
|
||||||
|
|
||||||
let
|
let
|
||||||
sshKnownHostsTxt = builtins.toFile "known_hosts" (lib.concatMapStrings
|
sshKnownHostsTxt = builtins.toFile "known_hosts" (
|
||||||
(hostName:
|
lib.concatMapStrings (
|
||||||
let d = nixosConfigurations.${hostName}.config.deploy;
|
hostName:
|
||||||
in lib.concatMapStrings (key: "${d.ssh.HostName} ${key}\n") d.sshPublicKeys
|
let
|
||||||
)
|
d = nixosConfigurations.${hostName}.config.deploy;
|
||||||
(builtins.attrNames nixosConfigurations)
|
in
|
||||||
|
lib.concatMapStrings (key: "${d.ssh.HostName} ${key}\n") d.sshPublicKeys
|
||||||
|
) (builtins.attrNames nixosConfigurations)
|
||||||
);
|
);
|
||||||
|
|
||||||
attrsToList = lib.mapAttrsToList (n: v: "${n} ${v}");
|
attrsToList = lib.mapAttrsToList (n: v: "${n} ${v}");
|
||||||
attrsToLines = a: lib.concatLines (attrsToList a);
|
attrsToLines = a: lib.concatLines (attrsToList a);
|
||||||
|
|
||||||
in
|
in
|
||||||
lib.concatMapStrings
|
lib.concatMapStrings (host: ''
|
||||||
(host: ''
|
|
||||||
Host ${host}
|
Host ${host}
|
||||||
UserKnownHostsFile ${sshKnownHostsTxt}
|
UserKnownHostsFile ${sshKnownHostsTxt}
|
||||||
${attrsToLines nixosConfigurations.${host}.config.deploy.ssh}
|
${attrsToLines nixosConfigurations.${host}.config.deploy.ssh}
|
||||||
'')
|
'') (builtins.attrNames nixosConfigurations)
|
||||||
(builtins.attrNames nixosConfigurations)
|
|
||||||
|
|
|
@ -1,10 +1,17 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.sconfig.ad-domain;
|
cfg = config.sconfig.ad-domain;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
options.sconfig.ad-domain = with lib; with types;
|
options.sconfig.ad-domain =
|
||||||
|
with lib;
|
||||||
|
with types;
|
||||||
{
|
{
|
||||||
enable = mkEnableOption "Join Domain with SSSD";
|
enable = mkEnableOption "Join Domain with SSSD";
|
||||||
longname = mkOption {
|
longname = mkOption {
|
||||||
|
@ -17,8 +24,7 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable
|
config = lib.mkIf cfg.enable {
|
||||||
{
|
|
||||||
networking.domain = cfg.longname;
|
networking.domain = cfg.longname;
|
||||||
networking.search = [ (cfg.longname) ];
|
networking.search = [ (cfg.longname) ];
|
||||||
security.pam.services.sshd.makeHomeDir = true;
|
security.pam.services.sshd.makeHomeDir = true;
|
||||||
|
|
|
@ -1,15 +1,14 @@
|
||||||
let
|
let
|
||||||
|
|
||||||
brave = (final: prev: {
|
brave = (
|
||||||
|
final: prev: {
|
||||||
brave =
|
brave =
|
||||||
let
|
let
|
||||||
# updates to the newer version before it hits the channels
|
# updates to the newer version before it hits the channels
|
||||||
version = "1";
|
version = "1";
|
||||||
hash = "";
|
hash = "";
|
||||||
in
|
in
|
||||||
if
|
if prev.lib.versionAtLeast prev.brave.version version then
|
||||||
prev.lib.versionAtLeast prev.brave.version version
|
|
||||||
then
|
|
||||||
prev.brave
|
prev.brave
|
||||||
else
|
else
|
||||||
prev.brave.overrideAttrs {
|
prev.brave.overrideAttrs {
|
||||||
|
@ -18,7 +17,8 @@ let
|
||||||
url = "https://github.com/brave/brave-browser/releases/download/v${version}/brave-browser_${version}_amd64.deb";
|
url = "https://github.com/brave/brave-browser/releases/download/v${version}/brave-browser_${version}_amd64.deb";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
});
|
}
|
||||||
|
);
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
|
@ -42,9 +42,11 @@
|
||||||
|
|
||||||
(writeShellScriptBin "dirt" "while sleep 1; do grep '^Dirty:' /proc/meminfo ; done")
|
(writeShellScriptBin "dirt" "while sleep 1; do grep '^Dirty:' /proc/meminfo ; done")
|
||||||
|
|
||||||
(lib.hiPrio (writeShellScriptBin "iftop" ''
|
(lib.hiPrio (
|
||||||
|
writeShellScriptBin "iftop" ''
|
||||||
exec ${iftop}/bin/iftop -P -m100M "$@"
|
exec ${iftop}/bin/iftop -P -m100M "$@"
|
||||||
''))
|
''
|
||||||
|
))
|
||||||
|
|
||||||
(writeShellScriptBin "bat" ''
|
(writeShellScriptBin "bat" ''
|
||||||
${bat}/bin/bat --pager=never --color=always --wrap=never --terminal-width=80 "$@"
|
${bat}/bin/bat --pager=never --color=always --wrap=never --terminal-width=80 "$@"
|
||||||
|
@ -85,7 +87,11 @@
|
||||||
update_process_names = 1;
|
update_process_names = 1;
|
||||||
};
|
};
|
||||||
package = pkgs.htop.overrideAttrs (
|
package = pkgs.htop.overrideAttrs (
|
||||||
{ patches ? [ ], ... }: {
|
{
|
||||||
|
patches ? [ ],
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
patches = patches ++ [
|
patches = patches ++ [
|
||||||
# This patch fixes process sort order while in tree view.
|
# This patch fixes process sort order while in tree view.
|
||||||
# Started in 3.3.0. Should be fixed in 3.4.0.
|
# Started in 3.3.0. Should be fixed in 3.4.0.
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
let
|
let
|
||||||
left_hard_divider = builtins.fromJSON '' "\uE0B0" '';
|
left_hard_divider = builtins.fromJSON ''"\uE0B0" '';
|
||||||
upper_left_triangle = builtins.fromJSON '' "\uE0BC" '';
|
upper_left_triangle = builtins.fromJSON ''"\uE0BC" '';
|
||||||
|
|
||||||
theme = {
|
theme = {
|
||||||
BoldForeground = true;
|
BoldForeground = true;
|
||||||
|
@ -11,16 +11,20 @@ let
|
||||||
SeparatorFg = 16;
|
SeparatorFg = 16;
|
||||||
};
|
};
|
||||||
|
|
||||||
customEnd = [{
|
customEnd = [
|
||||||
|
{
|
||||||
Content = "$";
|
Content = "$";
|
||||||
Foreground = 231;
|
Foreground = 231;
|
||||||
Background = 102;
|
Background = 102;
|
||||||
Separator = left_hard_divider;
|
Separator = left_hard_divider;
|
||||||
}];
|
}
|
||||||
|
];
|
||||||
|
|
||||||
plconfig = builtins.toFile "powerline-config.json" (builtins.toJSON {
|
plconfig = builtins.toFile "powerline-config.json" (
|
||||||
|
builtins.toJSON {
|
||||||
modes.patched.Separator = upper_left_triangle;
|
modes.patched.Separator = upper_left_triangle;
|
||||||
});
|
}
|
||||||
|
);
|
||||||
|
|
||||||
args = [
|
args = [
|
||||||
"-modules=\${remote:+'user,host,'}nix-shell,git,jobs,cwd,newline,customend"
|
"-modules=\${remote:+'user,host,'}nix-shell,git,jobs,cwd,newline,customend"
|
||||||
|
@ -37,9 +41,7 @@ in
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
pkgs.powerline-go
|
pkgs.powerline-go
|
||||||
|
|
||||||
(pkgs.writeShellScriptBin
|
(pkgs.writeShellScriptBin "powerline-go-customend" "echo '${builtins.toJSON customEnd}'")
|
||||||
"powerline-go-customend"
|
|
||||||
"echo '${builtins.toJSON customEnd}'")
|
|
||||||
];
|
];
|
||||||
|
|
||||||
environment.etc."powerline-theme.json".text = builtins.toJSON theme;
|
environment.etc."powerline-theme.json".text = builtins.toJSON theme;
|
||||||
|
|
|
@ -1,20 +1,43 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
aconfig = (pkgs.formats.toml { }).generate "alacritty.toml"
|
aconfig = (pkgs.formats.toml { }).generate "alacritty.toml" {
|
||||||
{
|
|
||||||
env.TERM = "xterm-256color";
|
env.TERM = "xterm-256color";
|
||||||
font.size = 12;
|
font.size = 12;
|
||||||
window = {
|
window = {
|
||||||
dynamic_padding = true;
|
dynamic_padding = true;
|
||||||
resize_increments = true;
|
resize_increments = true;
|
||||||
dimensions = { columns = 120; lines = 40; };
|
dimensions = {
|
||||||
|
columns = 120;
|
||||||
|
lines = 40;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
keyboard.bindings = [
|
keyboard.bindings = [
|
||||||
{ action = "ScrollHalfPageDown"; mods = "Shift"; key = "PageDown"; }
|
{
|
||||||
{ action = "ScrollHalfPageUp"; mods = "Shift"; key = "PageUp"; }
|
action = "ScrollHalfPageDown";
|
||||||
{ action = "SpawnNewInstance"; mods = "Control|Shift"; key = "N"; }
|
mods = "Shift";
|
||||||
{ action = "SpawnNewInstance"; mods = "Control|Shift"; key = "T"; }
|
key = "PageDown";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
action = "ScrollHalfPageUp";
|
||||||
|
mods = "Shift";
|
||||||
|
key = "PageUp";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
action = "SpawnNewInstance";
|
||||||
|
mods = "Control|Shift";
|
||||||
|
key = "N";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
action = "SpawnNewInstance";
|
||||||
|
mods = "Control|Shift";
|
||||||
|
key = "T";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
colors = {
|
colors = {
|
||||||
primary.background = "0x1e1e1e";
|
primary.background = "0x1e1e1e";
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
{
|
{
|
||||||
config = lib.mkIf (config.sconfig.desktop.enable) {
|
config = lib.mkIf (config.sconfig.desktop.enable) {
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
|
@ -26,8 +31,14 @@
|
||||||
ShowFullUrlsInAddressBar = true;
|
ShowFullUrlsInAddressBar = true;
|
||||||
SyncDisabled = true; # required for BrowsingDataLifetime
|
SyncDisabled = true; # required for BrowsingDataLifetime
|
||||||
BrowsingDataLifetime = [
|
BrowsingDataLifetime = [
|
||||||
{ data_types = [ "browsing_history" ]; time_to_live_in_hours = 24 * 7; }
|
{
|
||||||
{ data_types = [ "download_history" ]; time_to_live_in_hours = 6; }
|
data_types = [ "browsing_history" ];
|
||||||
|
time_to_live_in_hours = 24 * 7;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
data_types = [ "download_history" ];
|
||||||
|
time_to_live_in_hours = 6;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.sconfig.desktop = {
|
options.sconfig.desktop = {
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
{
|
{
|
||||||
config = lib.mkIf (config.sconfig.desktop.enable) {
|
config = lib.mkIf (config.sconfig.desktop.enable) {
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
|
@ -12,8 +17,12 @@
|
||||||
OfferToSaveLogins = false;
|
OfferToSaveLogins = false;
|
||||||
DisableFormHistory = true;
|
DisableFormHistory = true;
|
||||||
SearchSuggestEnabled = false;
|
SearchSuggestEnabled = false;
|
||||||
Preferences = builtins.mapAttrs
|
Preferences =
|
||||||
(n: v: { Value = v; Status = "locked"; })
|
builtins.mapAttrs
|
||||||
|
(n: v: {
|
||||||
|
Value = v;
|
||||||
|
Status = "locked";
|
||||||
|
})
|
||||||
{
|
{
|
||||||
"accessibility.force_disabled" = 1;
|
"accessibility.force_disabled" = 1;
|
||||||
"browser.aboutConfig.showWarning" = false;
|
"browser.aboutConfig.showWarning" = false;
|
||||||
|
@ -29,8 +38,10 @@
|
||||||
"ui.key.menuAccessKeyFocuses" = false;
|
"ui.key.menuAccessKeyFocuses" = false;
|
||||||
};
|
};
|
||||||
ExtensionSettings =
|
ExtensionSettings =
|
||||||
{ "*".installation_mode = "blocked"; } //
|
{
|
||||||
builtins.mapAttrs
|
"*".installation_mode = "blocked";
|
||||||
|
}
|
||||||
|
// builtins.mapAttrs
|
||||||
(n: v: {
|
(n: v: {
|
||||||
installation_mode = "force_installed";
|
installation_mode = "force_installed";
|
||||||
install_url = "https://addons.mozilla.org/firefox/downloads/latest/${v}/latest.xpi";
|
install_url = "https://addons.mozilla.org/firefox/downloads/latest/${v}/latest.xpi";
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
{
|
{
|
||||||
config = lib.mkIf (config.sconfig.desktop.enable) {
|
config = lib.mkIf (config.sconfig.desktop.enable) {
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
@ -22,9 +27,8 @@
|
||||||
|
|
||||||
environment.etc."vscode-keybindings.json".source = ./vscode-keybindings.json;
|
environment.etc."vscode-keybindings.json".source = ./vscode-keybindings.json;
|
||||||
environment.etc."vscode-settings.json".text = builtins.toJSON (
|
environment.etc."vscode-settings.json".text = builtins.toJSON (
|
||||||
(
|
(builtins.fromJSON (builtins.readFile ./vscode-settings.json))
|
||||||
builtins.fromJSON (builtins.readFile ./vscode-settings.json)
|
// {
|
||||||
) // {
|
|
||||||
# NixOS-specific vscode settings:
|
# NixOS-specific vscode settings:
|
||||||
"extensions.autoCheckUpdates" = false;
|
"extensions.autoCheckUpdates" = false;
|
||||||
"extensions.autoUpdate" = false;
|
"extensions.autoUpdate" = false;
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.sconfig.devtools;
|
cfg = config.sconfig.devtools;
|
||||||
in
|
in
|
||||||
|
@ -6,8 +11,7 @@ in
|
||||||
options.sconfig.devtools.enable = lib.mkEnableOption "Development Tools";
|
options.sconfig.devtools.enable = lib.mkEnableOption "Development Tools";
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
environment.systemPackages = with pkgs;
|
environment.systemPackages = with pkgs; [
|
||||||
[
|
|
||||||
black
|
black
|
||||||
cargo
|
cargo
|
||||||
efm-langserver
|
efm-langserver
|
||||||
|
@ -34,8 +38,7 @@ in
|
||||||
# dedicated script, because bash aliases dont work with `watch`
|
# dedicated script, because bash aliases dont work with `watch`
|
||||||
(writeShellScriptBin "k" "exec kubectl \"$@\"")
|
(writeShellScriptBin "k" "exec kubectl \"$@\"")
|
||||||
|
|
||||||
(google-cloud-sdk.withExtraComponents
|
(google-cloud-sdk.withExtraComponents [ google-cloud-sdk.components.gke-gcloud-auth-plugin ])
|
||||||
[ google-cloud-sdk.components.gke-gcloud-auth-plugin ])
|
|
||||||
];
|
];
|
||||||
programs.bash.interactiveShellInit = ''
|
programs.bash.interactiveShellInit = ''
|
||||||
alias t=terraform
|
alias t=terraform
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.sconfig.gnome;
|
cfg = config.sconfig.gnome;
|
||||||
in
|
in
|
||||||
|
|
|
@ -4,11 +4,15 @@ let
|
||||||
exec prettier --stdin-filepath "$HX_FILE"
|
exec prettier --stdin-filepath "$HX_FILE"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
prettier-formats = map
|
prettier-formats =
|
||||||
|
map
|
||||||
(name: {
|
(name: {
|
||||||
inherit name;
|
inherit name;
|
||||||
auto-format = true;
|
auto-format = true;
|
||||||
indent = { tab-width = 4; unit = "\t"; };
|
indent = {
|
||||||
|
tab-width = 4;
|
||||||
|
unit = "\t";
|
||||||
|
};
|
||||||
formatter.command = hx-pretty;
|
formatter.command = hx-pretty;
|
||||||
})
|
})
|
||||||
[
|
[
|
||||||
|
@ -21,8 +25,7 @@ let
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
environment.etc."bck-helix/config.toml".source =
|
environment.etc."bck-helix/config.toml".source = (pkgs.formats.toml { }).generate "config.toml" {
|
||||||
(pkgs.formats.toml { }).generate "config.toml" {
|
|
||||||
theme = "dark_plus";
|
theme = "dark_plus";
|
||||||
editor = {
|
editor = {
|
||||||
auto-format = true;
|
auto-format = true;
|
||||||
|
@ -43,28 +46,44 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.etc."bck-helix/languages.toml".source =
|
environment.etc."bck-helix/languages.toml".source =
|
||||||
(pkgs.formats.toml { }).generate "languages.toml" {
|
(pkgs.formats.toml { }).generate "languages.toml"
|
||||||
|
{
|
||||||
language = prettier-formats ++ [
|
language = prettier-formats ++ [
|
||||||
{
|
{
|
||||||
name = "bash";
|
name = "bash";
|
||||||
auto-format = true;
|
auto-format = true;
|
||||||
indent = { tab-width = 4; unit = "\t"; };
|
indent = {
|
||||||
|
tab-width = 4;
|
||||||
|
unit = "\t";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "lua";
|
name = "lua";
|
||||||
auto-format = true;
|
auto-format = true;
|
||||||
indent = { tab-width = 4; unit = "\t"; };
|
indent = {
|
||||||
|
tab-width = 4;
|
||||||
|
unit = "\t";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "nix";
|
name = "nix";
|
||||||
auto-format = true;
|
auto-format = true;
|
||||||
formatter = { command = "nixfmt"; args = [ "--verify" ]; };
|
formatter = {
|
||||||
|
command = "nixfmt";
|
||||||
|
args = [ "--verify" ];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "python";
|
name = "python";
|
||||||
auto-format = true;
|
auto-format = true;
|
||||||
language-servers = [ "pyright" ];
|
language-servers = [ "pyright" ];
|
||||||
formatter = { command = "black"; args = [ "--quiet" "-" ]; };
|
formatter = {
|
||||||
|
command = "black";
|
||||||
|
args = [
|
||||||
|
"--quiet"
|
||||||
|
"-"
|
||||||
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "yaml";
|
name = "yaml";
|
||||||
|
@ -81,13 +100,19 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
(helix.overrideAttrs ({ patches ? [ ], ... }: {
|
(helix.overrideAttrs (
|
||||||
|
{
|
||||||
|
patches ? [ ],
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
# Patch required for .editorconfig to work properly with formatters
|
# Patch required for .editorconfig to work properly with formatters
|
||||||
patches = patches ++ [ ./format-filepath.patch ];
|
patches = patches ++ [ ./format-filepath.patch ];
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
sed 's/tab-width = .,/tab-width = 4,/' -i languages.toml
|
sed 's/tab-width = .,/tab-width = 4,/' -i languages.toml
|
||||||
'';
|
'';
|
||||||
}))
|
}
|
||||||
|
))
|
||||||
];
|
];
|
||||||
|
|
||||||
environment.etc."bck-settings.sh".text = ''
|
environment.etc."bck-settings.sh".text = ''
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.sconfig.plasma;
|
cfg = config.sconfig.plasma;
|
||||||
in
|
in
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
|
|
||||||
cfg = config.sconfig.security-tools;
|
cfg = config.sconfig.security-tools;
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.sconfig.swapspace;
|
cfg = config.sconfig.swapspace;
|
||||||
in
|
in
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.sconfig.wg-home;
|
cfg = config.sconfig.wg-home;
|
||||||
in
|
in
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{ lib
|
{
|
||||||
, writeTextDir
|
lib,
|
||||||
|
writeTextDir,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
writeTextDir "authorized_keys" (lib.concatLines (import ../lib/ssh-keys.nix))
|
writeTextDir "authorized_keys" (lib.concatLines (import ../lib/ssh-keys.nix))
|
||||||
|
|
|
@ -1,20 +1,17 @@
|
||||||
{ lib
|
{
|
||||||
, extraBinPaths ? [ ]
|
lib,
|
||||||
, neovim-unwrapped
|
extraBinPaths ? [ ],
|
||||||
, vimPlugins
|
neovim-unwrapped,
|
||||||
, wrapNeovim
|
vimPlugins,
|
||||||
|
wrapNeovim,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
luafiles = lib.concatLines (map
|
luafiles = lib.concatLines (
|
||||||
(x: "luafile ${./lua}/${x}")
|
map (x: "luafile ${./lua}/${x}") (builtins.attrNames (builtins.readDir ./lua))
|
||||||
(builtins.attrNames (builtins.readDir ./lua))
|
|
||||||
);
|
);
|
||||||
|
|
||||||
extraPath = lib.concatLines (map
|
extraPath = lib.concatLines (map (p: "let $PATH .= ':${p}/bin'") (extraBinPaths));
|
||||||
(p: "let $PATH .= ':${p}/bin'")
|
|
||||||
(extraBinPaths)
|
|
||||||
);
|
|
||||||
|
|
||||||
in
|
in
|
||||||
wrapNeovim neovim-unwrapped {
|
wrapNeovim neovim-unwrapped {
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
{ stdenv
|
{
|
||||||
, autoPatchelfHook
|
stdenv,
|
||||||
, libglvnd
|
autoPatchelfHook,
|
||||||
, makeWrapper
|
libglvnd,
|
||||||
, python3
|
makeWrapper,
|
||||||
, qt6
|
python3,
|
||||||
, requireFile
|
qt6,
|
||||||
, unzip
|
requireFile,
|
||||||
|
unzip,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
{ nixos-rebuild
|
{
|
||||||
, python3
|
nixos-rebuild,
|
||||||
, writeShellScriptBin
|
python3,
|
||||||
|
writeShellScriptBin,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
writeShellScriptBin "deploy" ''
|
writeShellScriptBin "deploy" ''
|
||||||
|
|
|
@ -1,14 +1,16 @@
|
||||||
{ callPackage
|
{
|
||||||
, firecracker
|
callPackage,
|
||||||
, writeShellApplication
|
firecracker,
|
||||||
, writeText
|
writeShellApplication,
|
||||||
|
writeText,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
kernel = callPackage ./kernel.nix { };
|
kernel = callPackage ./kernel.nix { };
|
||||||
rootfs = callPackage ./rootfs.nix { };
|
rootfs = callPackage ./rootfs.nix { };
|
||||||
|
|
||||||
vmconfig = writeText "vmconfig.json" (builtins.toJSON {
|
vmconfig = writeText "vmconfig.json" (
|
||||||
|
builtins.toJSON {
|
||||||
boot-source = {
|
boot-source = {
|
||||||
kernel_image_path = "${kernel}/vmlinux";
|
kernel_image_path = "${kernel}/vmlinux";
|
||||||
boot_args = "panic=1 console=ttyS0 ro";
|
boot_args = "panic=1 console=ttyS0 ro";
|
||||||
|
@ -24,11 +26,14 @@ let
|
||||||
machine-config.vcpu_count = 2;
|
machine-config.vcpu_count = 2;
|
||||||
machine-config.mem_size_mib = 1024;
|
machine-config.mem_size_mib = 1024;
|
||||||
network-interfaces = [ ];
|
network-interfaces = [ ];
|
||||||
});
|
}
|
||||||
|
);
|
||||||
|
|
||||||
in
|
in
|
||||||
writeShellApplication {
|
writeShellApplication {
|
||||||
name = "firecracker-vm";
|
name = "firecracker-vm";
|
||||||
text = "${firecracker}/bin/firecracker --no-api --config-file ${vmconfig}";
|
text = "${firecracker}/bin/firecracker --no-api --config-file ${vmconfig}";
|
||||||
derivationArgs.passthru = { inherit kernel rootfs; };
|
derivationArgs.passthru = {
|
||||||
|
inherit kernel rootfs;
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
{ fetchFromGitHub
|
{
|
||||||
, linuxManualConfig
|
fetchFromGitHub,
|
||||||
, linux_6_1
|
linuxManualConfig,
|
||||||
, kernel ? linux_6_1
|
linux_6_1,
|
||||||
|
kernel ? linux_6_1,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
@ -12,23 +13,21 @@ let
|
||||||
hash = "sha256-NuVH12cy38uu+8oms66p9k0xoMOJSl5AvY5pD1FCKkI=";
|
hash = "sha256-NuVH12cy38uu+8oms66p9k0xoMOJSl5AvY5pD1FCKkI=";
|
||||||
};
|
};
|
||||||
|
|
||||||
shortVer = builtins.head (
|
shortVer = builtins.head (builtins.match "([0-9]+\.[0-9]+).*" kernel.version);
|
||||||
builtins.match
|
|
||||||
"([0-9]+\.[0-9]+).*"
|
|
||||||
kernel.version
|
|
||||||
);
|
|
||||||
|
|
||||||
in
|
in
|
||||||
(linuxManualConfig {
|
(linuxManualConfig {
|
||||||
|
|
||||||
inherit (kernel) src version;
|
inherit (kernel) src version;
|
||||||
configfile =
|
configfile = "${fcsrc}/resources/guest_configs/microvm-kernel-ci-x86_64-${shortVer}.config";
|
||||||
"${fcsrc}/resources/guest_configs/microvm-kernel-ci-x86_64-${shortVer}.config";
|
|
||||||
|
|
||||||
}).overrideAttrs (o: {
|
}).overrideAttrs
|
||||||
|
(o: {
|
||||||
|
|
||||||
postInstall = (o.postInstall or "") + ''
|
postInstall =
|
||||||
|
(o.postInstall or "")
|
||||||
|
+ ''
|
||||||
cp vmlinux $out/
|
cp vmlinux $out/
|
||||||
'';
|
'';
|
||||||
|
|
||||||
})
|
})
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
{ e2fsprogs
|
{
|
||||||
, pkgsStatic
|
e2fsprogs,
|
||||||
, runCommand
|
pkgsStatic,
|
||||||
, util-linux
|
runCommand,
|
||||||
, writeShellScript
|
util-linux,
|
||||||
|
writeShellScript,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
|
11
pkgs/ftb.nix
11
pkgs/ftb.nix
|
@ -1,8 +1,9 @@
|
||||||
{ lib
|
{
|
||||||
, dpkg
|
lib,
|
||||||
, fetchurl
|
dpkg,
|
||||||
, stdenv
|
fetchurl,
|
||||||
, steam-run
|
stdenv,
|
||||||
|
steam-run,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
{ stdenv
|
{
|
||||||
, autoPatchelfHook
|
stdenv,
|
||||||
, fetchFromGitHub
|
autoPatchelfHook,
|
||||||
, fetchzip
|
fetchFromGitHub,
|
||||||
, gcc-unwrapped
|
fetchzip,
|
||||||
, makeWrapper
|
gcc-unwrapped,
|
||||||
, ocamlPackages
|
makeWrapper,
|
||||||
, model ? "small"
|
ocamlPackages,
|
||||||
|
model ? "small",
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
@ -30,8 +31,7 @@ let
|
||||||
'';
|
'';
|
||||||
|
|
||||||
in
|
in
|
||||||
stdenv.mkDerivation rec
|
stdenv.mkDerivation rec {
|
||||||
{
|
|
||||||
pname = "mp4grep";
|
pname = "mp4grep";
|
||||||
version = "0.1.4";
|
version = "0.1.4";
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ stdenv, python3, fetchFromGitHub, makeWrapper }:
|
{
|
||||||
|
stdenv,
|
||||||
|
python3,
|
||||||
|
fetchFromGitHub,
|
||||||
|
makeWrapper,
|
||||||
|
}:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "weevely";
|
pname = "weevely";
|
||||||
|
@ -11,14 +16,16 @@ stdenv.mkDerivation rec {
|
||||||
sha256 = "0sgjf7ihgipb33k73d84dcx7snv2fvbzyd0f4468k1w5w6zqm9xj";
|
sha256 = "0sgjf7ihgipb33k73d84dcx7snv2fvbzyd0f4468k1w5w6zqm9xj";
|
||||||
};
|
};
|
||||||
|
|
||||||
pythonWithPkgs = python3.withPackages (ps: with ps; [
|
pythonWithPkgs = python3.withPackages (
|
||||||
|
ps: with ps; [
|
||||||
Mako
|
Mako
|
||||||
prettytable
|
prettytable
|
||||||
pyopenssl
|
pyopenssl
|
||||||
pysocks
|
pysocks
|
||||||
python-dateutil
|
python-dateutil
|
||||||
pyyaml
|
pyyaml
|
||||||
]);
|
]
|
||||||
|
);
|
||||||
|
|
||||||
buildInputs = [ makeWrapper ];
|
buildInputs = [ makeWrapper ];
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue