pegasust
/
dotfiles
1
0
Fork 0
Code Issues 6 Pull Requests Projects Releases Wiki Activity

format with alejandra and other things

std
Hung 2023-06-17 17:46:31 -07:00
parent 1537fea0bd
commit e7efe1a965
101 changed files with 2630 additions and 2175 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
default.nix
View File

@ -1,11 +1,13 @@
# We use top-level nix-flake, so default.nix is basically just a wrapper around ./flake.nix
(import
(
import
(
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
c_ = import ./c_.nix;
in
c_.fetchTree lock.nodes.flake-compat.locked
c_.fetchTree lock.nodes.flake-compat.locked
)
{ src = ./.; }
).defaultNix
{src = ./.;}
)
.defaultNix

15
dev-shell.nix
View File

@ -4,10 +4,12 @@
# Should also incorporate shortcuts like scripts/{hm-switch,conf-sysnix}.sh in here instead
#
# It should not contain PDE
{ pkgs ? import <nixpkgs> { }
, lib
, ...
}: pkgs.mkShell {
{
pkgs ? import <nixpkgs> {},
lib,
...
}:
pkgs.mkShell {
# mkShell doesn't care about the differences across nativeBuildInputs,
# buildInputs, or packages
buildInputs = [
@ -20,10 +22,9 @@
];
shellHook = ''
# Since we need late dispatch of ~, we have to put this in shellHook.
export SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt
# Since we need late dispatch of ~, we have to put this in shellHook.
export SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt
'';
# env vars
lol = "hello world";
}

6
flake.lock
View File

@ -429,11 +429,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1686869522,
"narHash": "sha256-tbJ9B8WLCTnVP/LwESRlg0dII6Zyg2LmUU/mB9Lu98E=",
"lastModified": 1686960236,
"narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "7c67f006ea0e7d0265f16d7df07cc076fdffd91f",
"rev": "04af42f3b31dba0ef742d254456dc4c14eedac86",
"type": "github"
},
"original": {

30
flake.nix
View File

@ -9,10 +9,11 @@
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
deploy-rs.url = "github:serokell/deploy-rs";
std.url = "github:divnix/std";
hive.url = "github:divnix/hive";
rust-overlay = "github:oxalica/rust-overlay.git";
};
outputs = { std, hive, ... }@inputs: std.growOn
outputs = {std, ...} @ inputs:
std.growOn
{
# boilerplate
inherit inputs;
@ -21,22 +22,23 @@
cellsFrom = ./nix/cells;
# modules = ./nix/modules;
cellBlocks =
let
inherit (std.blockTypes) devshells functions;
in
[
(devshells "devshells")
(devshells "userShells")
# (functions "host_profile")
# (functions "home_profile")
];
cellBlocks = let
inherit (std.blockTypes) devshells functions;
in [
(devshells "devshells")
(devshells "userShells")
(functions "home-profiles")
(functions "home-modules")
];
}
{
devShells = std.harvest [ [ "dotfiles" "devshells" ] ];
devShells = std.harvest [["dotfiles" "devshells"]];
# nixosConfigurations = std.pick [ [ "dotfiles" "nixos" ] ];
# homeConfigurations = std.pick [ [ "dotfiles" "home" ] ];
homeModules = std.pick [["repo" "home-modules"]];
# TODO: Debug only
homeProfiles = std.pick [["repo" "home-profiles"]];
packages = std.harvest [["repo" "home-configs"]];
};
}

47
hosts/Felia/hardware-configuration.nix
View File

@ -1,15 +1,19 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [];
boot.initrd.availableKernelModules = [ ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = [];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
## NOTE: These filesystems are mounted by a wrapper script from nix-wsl
@ -43,25 +47,22 @@
# fsType = "drvfs";
# };
fileSystems."/mnt/c" =
{
device = "C:";
fsType = "drvfs";
};
fileSystems."/mnt/c" = {
device = "C:";
fsType = "drvfs";
};
fileSystems."/mnt/d" =
{
device = "D:";
fsType = "drvfs";
};
fileSystems."/mnt/d" = {
device = "D:";
fsType = "drvfs";
};
fileSystems."/mnt/f" =
{
device = "F:";
fsType = "drvfs";
};
fileSystems."/mnt/f" = {
device = "F:";
fsType = "drvfs";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

24
hosts/bao/default.nix
View File

@ -1,12 +1,12 @@
{ nixpkgs
, agenix
, home-manager
, flake-utils
, nixgl
, rust-overlay
, flake-compat
, pkgs
, lib
, proj_root
}: { }
{
nixpkgs,
agenix,
home-manager,
flake-utils,
nixgl,
rust-overlay,
flake-compat,
pkgs,
lib,
proj_root,
}: {}

25
hosts/bao/hardware-configuration.nix
View File

@ -1,20 +1,23 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.loader.systemd-boot.enable = true;
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
# boot.initrd.kernelModules = [ "amdgpu" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" "coretemp" ];
boot.extraModulePackages = [ ];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd" "coretemp"];
boot.extraModulePackages = [];
fileSystems."/" =
# Might be wise to use /dev/nvme0p1 instead
@ -30,7 +33,7 @@
fsType = "vfat";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

120
hosts/default.nix
View File

@ -1,18 +1,18 @@
{ nixpkgs
, agenix
, home-manager
, flake-utils
, nixgl
, rust-overlay
, flake-compat
, pkgs
, lib
, proj_root
, nixosDefaultVersion ? "22.05"
, defaultSystem ? "x86_64-linux"
, ...
}@finalInputs:
let
{
nixpkgs,
agenix,
home-manager,
flake-utils,
nixgl,
rust-overlay,
flake-compat,
pkgs,
lib,
proj_root,
nixosDefaultVersion ? "22.05",
defaultSystem ? "x86_64-linux",
...
} @ finalInputs: let
config = {
bao.metadata = {
# req
@ -33,54 +33,58 @@ let
];
};
};
propagate = hostConfig@{ metadata, nixosConfig }:
let
# req
inherit (metadata) hostName;
# opts
ssh_pubkey = lib.attrByPath [ "ssh_pubkey" ] null metadata; # metadata.ssh_pubkey??undefined
users = lib.attrByPath [ "users" ] { } metadata;
nixosVersion = lib.attrByPath [ "nixosVersion" ] nixosDefaultVersion metadata;
system = lib.attrByPath [ "system" ] defaultSystem metadata;
preset = lib.attrByPath [ "preset" ] "base" metadata;
# infer
hardwareConfig = import "${proj_root.hosts.path}/${hostName}/hardware-configuration.nix";
# alias to prevent infinite recursion
_nixosConfig = nixosConfig;
in
{
inherit hostName ssh_pubkey users nixosVersion system preset hardwareConfig;
nixosConfig = _nixosConfig // {
propagate = hostConfig @ {
metadata,
nixosConfig,
}: let
# req
inherit (metadata) hostName;
# opts
ssh_pubkey = lib.attrByPath ["ssh_pubkey"] null metadata; # metadata.ssh_pubkey??undefined
users = lib.attrByPath ["users"] {} metadata;
nixosVersion = lib.attrByPath ["nixosVersion"] nixosDefaultVersion metadata;
system = lib.attrByPath ["system"] defaultSystem metadata;
preset = lib.attrByPath ["preset"] "base" metadata;
# infer
hardwareConfig = import "${proj_root.hosts.path}/${hostName}/hardware-configuration.nix";
# alias to prevent infinite recursion
_nixosConfig = nixosConfig;
in {
inherit hostName ssh_pubkey users nixosVersion system preset hardwareConfig;
nixosConfig =
_nixosConfig
// {
inherit system;
modules = [
{
config._module.args = {
inherit proj_root;
my-lib = finalInputs.lib;
};
}
hardwareConfig
{
system.stateVersion = nixosVersion;
networking.hostName = hostName;
users.users = users;
}
{
imports = [ agenix.nixosModule ];
environment.systemPackages = [ agenix.defaultPackage.x86_64-linux ];
}
(import "${proj_root.modules.path}/secrets.nix")
(import "${proj_root.modules.path}/${preset}.sys.nix")
] ++ _nixosConfig.modules;
modules =
[
{
config._module.args = {
inherit proj_root;
my-lib = finalInputs.lib;
};
}
hardwareConfig
{
system.stateVersion = nixosVersion;
networking.hostName = hostName;
users.users = users;
}
{
imports = [agenix.nixosModule];
environment.systemPackages = [agenix.defaultPackage.x86_64-linux];
}
(import "${proj_root.modules.path}/secrets.nix")
(import "${proj_root.modules.path}/${preset}.sys.nix")
]
++ _nixosConfig.modules;
};
};
};
# we are blessed by the fact that we engulfed nixpkgs.lib.* at top level
mkHostFromPropagated = propagatedHostConfig@{ nixosConfig, ... }: nixpkgs.lib.nixosSystem nixosConfig;
mkHost = hostConfig: (lib.pipe [ propagate mkHostFromPropagated ] hostConfig);
mkHostFromPropagated = propagatedHostConfig @ {nixosConfig, ...}: nixpkgs.lib.nixosSystem nixosConfig;
mkHost = hostConfig: (lib.pipe [propagate mkHostFromPropagated] hostConfig);
trimNull = lib.filterAttrsRecursive (name: value: value != null);
flattenPubkey = lib.mapAttrs (hostName: meta_config: meta_config.metadata.ssh_pubkey);
in
{
in {
nixosConfigurations = lib.mapAttrs (name: hostConfig: mkHost hostConfig) config;
# {bao = "ssh-ed25519 ..."; another_host = "ssh-rsa ...";}
pubKeys = lib.getPubkey config;

37
hosts/homeless/hardware-configuration.nix
View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,17 +23,15 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

37
hosts/lester/hardware-configuration.nix
View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,17 +23,15 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

23
hosts/lizzi/default.nix
View File

@ -1,11 +1,12 @@
{ nixpkgs
, agenix
, home-manager
, flake-utils
, nixgl
, rust-overlay
, flake-compat
, pkgs
, lib
, proj_root
}: { }
{
nixpkgs,
agenix,
home-manager,
flake-utils,
nixgl,
rust-overlay,
flake-compat,
pkgs,
lib,
proj_root,
}: {}

28
hosts/lizzi/hardware-configuration.nix
View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,8 +23,8 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems = {
"/" = {
@ -35,8 +38,7 @@
};
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

37
hosts/nyx/hardware-configuration.nix
View File

@ -1,20 +1,23 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -23,14 +26,12 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
fileSystems."/" =
{
device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

6
modules/amdgpu.sys.nix
View File

@ -1,6 +1,6 @@
{
imports = [ ./gpu.sys.nix ];
boot.initrd.kernelModules = [ "amdgpu" ];
imports = [./gpu.sys.nix];
boot.initrd.kernelModules = ["amdgpu"];
services.xserver.enable = true;
services.xserver.videoDrivers = [ "amdgpu" ];
services.xserver.videoDrivers = ["amdgpu"];
}

12
modules/base.sys.nix
View File

@ -1,7 +1,8 @@
{ pkgs
, lib
, proj_root
, ...
{
pkgs,
lib,
proj_root,
...
}: {
imports = [
./minimal.sys.nix
@ -9,7 +10,6 @@
./tailscale.sys.nix
./ssh.sys.nix
];
environment.systemPackages = [ pkgs.lm_sensors ];
environment.systemPackages = [pkgs.lm_sensors];
time.timeZone = "America/Phoenix";
}

2
modules/default.nix
View File

@ -1 +1 @@
inputs: { }
inputs: {}

6
modules/gpu.sys.nix
View File

@ -1,8 +1,8 @@
{ pkgs, ... }: {
environment.systemPackages = [ pkgs.clinfo pkgs.lshw pkgs.glxinfo pkgs.pciutils pkgs.vulkan-tools ];
{pkgs, ...}: {
environment.systemPackages = [pkgs.clinfo pkgs.lshw pkgs.glxinfo pkgs.pciutils pkgs.vulkan-tools];
hardware.opengl = {
enable = true;
extraPackages = [ pkgs.rocm-opencl-icd pkgs.rocm-opencl-runtime ];
extraPackages = [pkgs.rocm-opencl-icd pkgs.rocm-opencl-runtime];
# Vulkan
driSupport = true;
driSupport32Bit = true;

26
modules/kde.sys.nix
View File

@ -1,6 +1,7 @@
{ pkgs
, my-lib
, ...
{
pkgs,
my-lib,
...
}: {
environment.noXlibs = my-lib.mkForce false;
# TODO: wireless networking
@ -11,15 +12,16 @@
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5 = {
enable = true;
excludePackages = let plasma5 = pkgs.libsForQt5; in
[
plasma5.elisa # audio viewer
plasma5.konsole # I use alacritty instaed
plasma5.plasma-browser-integration
plasma5.print-manager # will enable if I need
plasma5.khelpcenter # why not just write manpages instead :(
# plasma5.ksshaskpass # pls just put prompts on my dear terminal
];
excludePackages = let
plasma5 = pkgs.libsForQt5;
in [
plasma5.elisa # audio viewer
plasma5.konsole # I use alacritty instaed
plasma5.plasma-browser-integration
plasma5.print-manager # will enable if I need
plasma5.khelpcenter # why not just write manpages instead :(
# plasma5.ksshaskpass # pls just put prompts on my dear terminal
];
};
# disables KDE's setting of askpassword

13
modules/minimal.sys.nix
View File

@ -1,10 +1,11 @@
{ pkgs
, lib
, proj_root
, modulesPath
, ...
{
pkgs,
lib,
proj_root,
modulesPath,
...
}: {
imports = [ "${modulesPath}/profiles/minimal.nix" ];
imports = ["${modulesPath}/profiles/minimal.nix"];
# prune old builds after a while
nix.settings.auto-optimise-store = true;
nix.package = pkgs.nixFlakes; # nix flakes

21
modules/mosh.sys.nix
View File

@ -1,10 +1,11 @@
{ pkgs
, lib
, config
, ...
}:
let cfg = config.mod.mosh; in
{
pkgs,
lib,
config,
...
}: let
cfg = config.mod.mosh;
in {
options.mod.mosh = {
enable = lib.mkOption {
type = lib.types.bool;
@ -14,12 +15,14 @@ let cfg = config.mod.mosh; in
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.mosh ];
environment.systemPackages = [pkgs.mosh];
networking.firewall = lib.mkIf config.networking.firewall.enable {
allowedUDPPortRanges = [
{ from = 60000; to = 61000; } # mosh
{
from = 60000;
to = 61000;
} # mosh
];
};
};
}

6
modules/nvgpu.sys.nix
View File

@ -1,7 +1,7 @@
{ config, ... }: {
imports = [ ./gpu.sys.nix ];
{config, ...}: {
imports = [./gpu.sys.nix];
nixpkgs.config.allowUnfree = true;
services.xserver.enable = true;
services.xserver.videoDrivers = [ "nvidia" ];
services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable;
}

20
modules/opengl.sys.nix
View File

@ -1,15 +1,16 @@
{ config, pkgs, lib }:
let
gpu_pkgs = [ pkgs.clinfo pkgs.lshw pkgs.glxinfo pkgs.pciutils pkgs.vulkan-tools ];
{
config,
pkgs,
lib,
}: let
gpu_pkgs = [pkgs.clinfo pkgs.lshw pkgs.glxinfo pkgs.pciutils pkgs.vulkan-tools];
gpu_conf = {
# openCL
hardware.opengl = {
enable = true;
extraPackages =
let
inherit (pkgs) rocm-opencl-icd rocm-opencl-runtime;
in
[ rocm-opencl-icd rocm-opencl-runtime ];
extraPackages = let
inherit (pkgs) rocm-opencl-icd rocm-opencl-runtime;
in [rocm-opencl-icd rocm-opencl-runtime];
# Vulkan
driSupport = true;
driSupport32Bit = true;
@ -18,4 +19,5 @@ let
};
environment.systemPackages = gpu_pkgs;
};
in gpu_conf
in
gpu_conf

4
modules/secrets.nix
View File

@ -1,6 +1,4 @@
{ proj_root
, ...
}: {
{proj_root, ...}: {
age.secrets.s3fs = {
file = "${proj_root.secrets.path}/s3fs.age";
# mode = "600"; # owner + group only

161
modules/storage.perso.sys.nix
View File

@ -1,5 +1,10 @@
# Personal configuration on storage solution
{ pkgs, config, lib, ... }: {
{
pkgs,
config,
lib,
...
}: {
environment.systemPackages = [
pkgs.s3fs
pkgs.cifs-utils
@ -9,87 +14,81 @@
# HACK: need to store secret somewhere so that root can access this
# because autofs may run as root for now, we enforce putting the secret in this monorepo
# TODO: make this configuration nix-less to show that it's 100% data
services.autofs =
let
# confToBackendArg {lol="what"; empty=""; name_only=null;} -> "lol=what,empty=,name_only"
# TODO: change null -> true/false. This allows overriding & better self-documentation
confToBackendArg = conf: (lib.concatStringsSep ","
(lib.mapAttrsToList (name: value: "${name}${lib.optionalString (value != null) "=${value}"}") conf));
services.autofs = let
# confToBackendArg {lol="what"; empty=""; name_only=null;} -> "lol=what,empty=,name_only"
# TODO: change null -> true/false. This allows overriding & better self-documentation
confToBackendArg = conf: (lib.concatStringsSep ","
(lib.mapAttrsToList (name: value: "${name}${lib.optionalString (value != null) "=${value}"}") conf));
# mount_dest: path ("wow")
# backend_args: nix attrs representing the arguments to be passed to s3fs
# ({"-fstype" = "fuse"; "use_cache" = "/tmp";})
# bucket: bucket name (hungtr-hot)
# NOTE: s3 custom provider will be provided inside
# backend_args, so just put the bucket name here
#
#-> "${mount_dest} ${formatted_args} ${s3fs-bin}#${bucket}"
autofs-s3fs_entry =
{ mount_dest
, backend_args ? { "-fstype" = "fuse"; }
, bucket
}@inputs:
# mount_dest: path ("wow")
# backend_args: nix attrs representing the arguments to be passed to s3fs
# ({"-fstype" = "fuse"; "use_cache" = "/tmp";})
# bucket: bucket name (hungtr-hot)
# NOTE: s3 custom provider will be provided inside
# backend_args, so just put the bucket name here
#
#-> "${mount_dest} ${formatted_args} ${s3fs-bin}#${bucket}"
autofs-s3fs_entry = {
mount_dest,
backend_args ? {"-fstype" = "fuse";},
bucket,
} @ inputs: let
s3fs-exec = "${pkgs.s3fs}/bin/s3fs";
in "${mount_dest} ${confToBackendArg backend_args} :${s3fs-exec}\#${bucket}";
personalStorage = [
(autofs-s3fs_entry {
mount_dest = "garden";
backend_args = {
"-fstype" = "fuse";
use_cache = "/tmp";
del_cache = null;
allow_other = null;
url = "https://v5h5.la11.idrivee2-14.com";
passwd_file = config.age.secrets."s3fs.digital-garden".path;
dbglevel = "debug"; # enable this for better debugging info in journalctl
uid = "1000"; # default user
gid = "100"; # users
umask = "003"; # others read only, fully shared for users group
};
bucket = "digital-garden";
})
(
let
s3fs-exec = "${pkgs.s3fs}/bin/s3fs";
in
"${mount_dest} ${confToBackendArg backend_args} :${s3fs-exec}\#${bucket}";
personalStorage = [
(autofs-s3fs_entry {
mount_dest = "garden";
backend_args = {
"-fstype" = "fuse";
use_cache = "/tmp";
del_cache = null;
allow_other = null;
url = "https://v5h5.la11.idrivee2-14.com";
passwd_file = config.age.secrets."s3fs.digital-garden".path;
dbglevel = "debug"; # enable this for better debugging info in journalctl
uid = "1000"; # default user
gid = "100"; # users
umask = "003"; # others read only, fully shared for users group
args = {
"-fstype" = "cifs";
credentials = config.age.secrets._nhitrl_cred.path;
user = null;
uid = "1001";
gid = "100";
dir_mode = "0777";
file_mode = "0777";
};
bucket = "digital-garden";
})
(
let
args = {
"-fstype" = "cifs";
credentials = config.age.secrets._nhitrl_cred.path;
user = null;
uid = "1001";
gid = "100";
dir_mode = "0777";
file_mode = "0777";
};
in
"felia_d ${confToBackendArg args} ://felia.coati-celsius.ts.net/d"
)
(
let
args = {
"-fstype" = "cifs";
credentials = config.age.secrets._nhitrl_cred.path;
user = null;
uid = "1001";
gid = "100";
dir_mode = "0777";
file_mode = "0777";
};
in
"felia_f ${confToBackendArg args} ://felia.coati-celsius.ts.net/f"
)
];
persoConf = pkgs.writeText "auto.personal" (builtins.concatStringsSep "\n" personalStorage);
in
{
enable = true;
# Creates /perso directory with every subdirectory declared by ${personalStorage}
# as of now (might be stale), /perso/hot is the only mount accessible
# that is also managed by s3fs
autoMaster = ''
/perso file:${persoConf}
'';
timeout = 30; # default: 600, 600 seconds (10 mins) of inactivity => unmount
# debug = true; # writes to more to journalctl
};
in "felia_d ${confToBackendArg args} ://felia.coati-celsius.ts.net/d"
)
(
let
args = {
"-fstype" = "cifs";
credentials = config.age.secrets._nhitrl_cred.path;
user = null;
uid = "1001";
gid = "100";
dir_mode = "0777";
file_mode = "0777";
};
in "felia_f ${confToBackendArg args} ://felia.coati-celsius.ts.net/f"
)
];
persoConf = pkgs.writeText "auto.personal" (builtins.concatStringsSep "\n" personalStorage);
in {
enable = true;
# Creates /perso directory with every subdirectory declared by ${personalStorage}
# as of now (might be stale), /perso/hot is the only mount accessible
# that is also managed by s3fs
autoMaster = ''
/perso file:${persoConf}
'';
timeout = 30; # default: 600, 600 seconds (10 mins) of inactivity => unmount
# debug = true; # writes to more to journalctl
};
}

21
modules/tailscale.sys.nix
View File

@ -1,22 +1,25 @@
{ pkgs
, config
, lib
, ...
}: let cfg = config.mod.tailscale; in {
{
pkgs,
config,
lib,
...
}: let
cfg = config.mod.tailscale;
in {
options.mod.tailscale = {
enable = lib.mkEnableOption "tailscale";
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.tailscale ];
environment.systemPackages = [pkgs.tailscale];
services.tailscale.enable = true;
systemd.services.tailscale-autoconnect = {
description = "Automatically connects to Tailscale";
# make sure tailscale is running before trying to connect to tailscale
after = [ "network-pre.target" "tailscale.service" ];
wants = [ "network-pre.target" "tailscale.service" ];
wantedBy = [ "multi-user.target" ];
after = ["network-pre.target" "tailscale.service"];
wants = ["network-pre.target" "tailscale.service"];
wantedBy = ["multi-user.target"];
# set this service as a oneshot job
serviceConfig.Type = "oneshot";

2
modules/wifi.sys.nix
View File

@ -1,4 +1,4 @@
{ config, ... }: {
{config, ...}: {
networking.wireless.enable = true;
networking.wireless.environmentFile = config.age.secrets."wifi.env";
networking.wireless.networks = {

5
native_configs/README.md
View File

@ -5,8 +5,13 @@ Contains all configurations that are written in their native configuration langu
## Why native language?
- Easier portability
- Syntax highlighting and robust checking without needing to realize derivation
- Nix can read from [JSON](https://nixos.org/manual/nix/stable/language/builtins.html#builtins-fromJSON),
[TOML](https://nixos.org/manual/nix/stable/release-notes/rl-2.6.html#release-26-2022-01-24).
- We have also managed to hack together a [fromYaml](./../nix-conf/lib/serde/default.nix),
though it will not work for strictly pure builds or bootstrapping builds.
## When to use Nix to generate config?
- Original configuraiton language requires too much duplication that can be solved with Nix

23
native_configs/neovim/init.lua
View File

@ -993,6 +993,29 @@ require('mason-lspconfig').setup_handlers({
},
}
end,
["nil_ls"] = function()
require('lspconfig').nil_ls.setup {
on_attach = on_attach,
capabilities = capabilities,
--- refer to https://github.com/oxalica/nil/blob/main/docs/configuration.md
--- for the list of configurations available for `nil_ls`
settings = {
["nil"] = {
formatting = {
command = {"nix", "run", "nixpkgs#alejandra"},
},
nix = {
flake = {
-- calls `nix flake archive` to put a flake and its output to store
autoArchive = true,
-- auto eval flake inputs for improved completion
autoEvalInputs = true,
},
},
},
},
}
end,
})
require("rust-tools").setup {
tools = {

90
nix-conf/home-manager/base/alacritty.nix
View File

@ -1,53 +1,51 @@
{ config
, proj_root
, myLib
, ...
}:
let
{
config,
proj_root,
myLib,
...
}: let
inherit (myLib) fromYaml;
actualConfig = fromYaml (builtins.readFile "${proj_root.config.path}//alacritty/alacritty.yml");
cfg = config.base.alacritty;
in
{
options.base.alacritty =
{
font.family = myLib.mkOption {
type = myLib.types.singleLineStr;
default = actualConfig.font.normal.family;
description = ''
The font family for Alacritty
'';
example = "DroidSansMono NF";
};
font.size = myLib.mkOption {
type = myLib.types.number;
default = actualConfig.font.size;
description = ''
The default font size for Alacritty. This is probably measured in px.
'';
example = 7.0;
};
enable = myLib.mkOption {
type = myLib.types.bool;
default = true;
description = ''
Enables alacritty
'';
example = true;
};
_actualConfig = myLib.mkOption {
type = myLib.types.attrs;
visible = false;
default = actualConfig;
description = "underlying default config";
};
additionalConfigPath = myLib.mkOption {
type = myLib.types.nullOr myLib.types.path;
visible = false;
default = null;
description = "impurely write our alacritty.yml to this path";
};
in {
options.base.alacritty = {
font.family = myLib.mkOption {
type = myLib.types.singleLineStr;
default = actualConfig.font.normal.family;
description = ''
The font family for Alacritty
'';
example = "DroidSansMono NF";
};
font.size = myLib.mkOption {
type = myLib.types.number;
default = actualConfig.font.size;
description = ''
The default font size for Alacritty. This is probably measured in px.
'';
example = 7.0;
};
enable = myLib.mkOption {
type = myLib.types.bool;
default = true;
description = ''
Enables alacritty
'';
example = true;
};
_actualConfig = myLib.mkOption {
type = myLib.types.attrs;
visible = false;
default = actualConfig;
description = "underlying default config";
};
additionalConfigPath = myLib.mkOption {
type = myLib.types.nullOr myLib.types.path;
visible = false;
default = null;
description = "impurely write our alacritty.yml to this path";
};
};
config.programs.alacritty = {
enable = cfg.enable;

35
nix-conf/home-manager/base/darwin-spotlight.nix
View File

@ -1,5 +1,9 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}: {
# This patch exists since Darwin's search bar requires solid apps and not
# symlinked
# TODO: QA
@ -11,15 +15,15 @@
# Copy GUI apps to "~/Applications/Home Manager Apps"
# Based on this comment: https://github.com/nix-community/home-manager/issues/1341#issuecomment-778820334
home.activation.patch-spotlight =
if pkgs.stdenv.isDarwin then
let
apps = pkgs.buildEnv {
name = "home-manager-applications";
paths = config.home.packages;
pathsToLink = "/Applications";
};
in
lib.hm.dag.entryAfter [ "linkGeneration" ] ''
if pkgs.stdenv.isDarwin
then let
apps = pkgs.buildEnv {
name = "home-manager-applications";
paths = config.home.packages;
pathsToLink = "/Applications";
};
in
lib.hm.dag.entryAfter ["linkGeneration"] ''
# Install MacOS applications to the user environment.
HM_APPS="$HOME/Applications/Home Manager Apps"
# Reset current state
@ -33,19 +37,18 @@
$DRY_RUN_CMD cp --archive -H --dereference ${apps}/Applications/* "$HM_APPS"
$DRY_RUN_CMD chmod +w -R "$HM_APPS"
''
else
"";
else "";
# We need this in case upstream home-manager changes the behavior of linking
# applications
home.activation.remove-patch-spotlight =
if pkgs.stdenv.isDarwin then
lib.hm.dag.entryBefore [ "checkLinkTargets" ] ''
if pkgs.stdenv.isDarwin
then
lib.hm.dag.entryBefore ["checkLinkTargets"] ''
HM_APPS="$HOME/Applications/Home Manager Apps"
# Reset current state
if [ -e "$HM_APPS" ]; then
$DRY_RUN_CMD mv "$HM_APPS" "$HM_APPS.$(date +%Y%m%d%H%M%S)"
fi
''
else
"";
else "";
}

4
nix-conf/home-manager/base/default.nix
View File

@ -1,6 +1,4 @@
{nix-index-database
,...
}@inputs:{
{nix-index-database, ...} @ inputs: {
mkModuleArgs = import ./mkModuleArgs.nix;
modules = [
./alacritty.nix

17
nix-conf/home-manager/base/git.nix
View File

@ -1,8 +1,8 @@
{ config
, myLib
, ...
}:
let
{
config,
myLib,
...
}: let
cfg = config.base.git;
baseAliases = {
a = "add";
@ -15,12 +15,11 @@ let
co = "checkout";
b = "branch";
};
in
{
in {
options.base.git = {
aliases = myLib.mkOption {
type = myLib.types.attrs;
default = { };
default = {};
example = baseAliases;
description = ''
Additional git aliases. This settings comes with base configuration.
@ -50,7 +49,7 @@ in
.gitignore patterns that are applied in every repository.
This is useful for IDE-specific settings.
'';
example = [ ".direnv" "node_modules" ];
example = [".direnv" "node_modules"];
};
enable = myLib.mkOption {
type = myLib.types.bool;

17
nix-conf/home-manager/base/graphics.nix
View File

@ -1,11 +1,14 @@
{ pkgs, config, lib, ... }:
let
{
pkgs,
config,
lib,
...
}: let
cfg = config.base.graphics;
cfgEnable = cfg.enable or (cfg.useNixGL.defaultPackage != null);
types = lib.types;
in
{
imports = [ ./shells.nix ];
in {
imports = [./shells.nix];
options.base.graphics = {
enable = lib.mkEnableOption "graphics";
_enable = lib.mkOption {
@ -23,7 +26,7 @@ in
];
};
defaultPackage = lib.mkOption {
type = types.nullOr (types.enum [ "nixGLIntel" "nixGLNvidia" "nixGLNvidiaBumblebee" ]);
type = types.nullOr (types.enum ["nixGLIntel" "nixGLNvidia" "nixGLNvidiaBumblebee"]);
description = "Which nixGL package to be aliased as `nixGL` on the shell";
default = null;
example = "nixGLIntel";
@ -41,6 +44,6 @@ in
nixGL = cfg.useNixGL.defaultPackage;
};
};
home.packages = [ cfg.useNixGL.package ];
home.packages = [cfg.useNixGL.package];
};
}

32
nix-conf/home-manager/base/keepass.nix
View File

@ -1,10 +1,14 @@
{ config, proj_root, pkgs, lib, ... }:
let
{
config,
proj_root,
pkgs,
lib,
...
}: let
cfg = config.base.keepass;
trimNull = lib.filterAttrsRecursive (name: value: value != null);
in
{
imports = [ ./graphics.nix ];
in {
imports = [./graphics.nix];
options.base.keepass = {
enable = lib.mkEnableOption "keepass";
use_gui = lib.mkOption {
@ -42,12 +46,18 @@ in
};
};
config = lib.mkIf cfg.enable {
home.packages = [
pkgs.kpcli-py # kp but is in cli
] ++ (if cfg.use_gui or config.base.graphics._enable then [
pkgs.keepass # Personal secret management
] else [ ]);
home.file.".kp/config.ini".text = lib.generators.toINI { } (trimNull {
home.packages =
[
pkgs.kpcli-py # kp but is in cli
]
++ (
if cfg.use_gui or config.base.graphics._enable
then [
pkgs.keepass # Personal secret management
]
else []
);
home.file.".kp/config.ini".text = lib.generators.toINI {} (trimNull {
default = {
KEEPASSDB = cfg.path;
KEEPASSDB_KEYFILE = cfg.keyfile_path;

30
nix-conf/home-manager/base/mkModuleArgs.nix
View File

@ -1,20 +1,20 @@
# Turns given inputs into the standardized shape of the inputs to configure
# custom base modules in this directory.
{ pkgs
, lib ? pkgs.lib
, ...
}@inputs:
let
{
pkgs,
lib ? pkgs.lib,
...
} @ inputs: let
recursiveUpdate = lib.recursiveUpdate;
_lib = recursiveUpdate lib (import ../../lib { inherit pkgs lib; });
_lib = recursiveUpdate lib (import ../../lib {inherit pkgs lib;});
proj_root = builtins.toString ./../../..;
in
# TODO: Unpollute inputs
recursiveUpdate inputs {
proj_root = {
path = proj_root;
config.path = "${proj_root}/native_configs";
scripts.path = "${proj_root}/scripts";
};
myLib = _lib;
}
# TODO: Unpollute inputs
recursiveUpdate inputs {
proj_root = {
path = proj_root;
config.path = "${proj_root}/native_configs";
scripts.path = "${proj_root}/scripts";
};
myLib = _lib;
}

214
nix-conf/home-manager/base/neovim.nix
View File

@ -2,68 +2,86 @@
#
# One thing to consider, though, /nix/store of `nix-shell` or `nix-develop`
# might be different from `home-manager`'s (~/.nix_profile/bin/jq)
{ pkgs, lib, config, proj_root, ... }:
let
{
pkgs,
lib,
config,
proj_root,
...
}: let
# NOTE: Add packages to nvim_pkgs instead, so that it's available at userspace
# and is added to the path after wrapping.
# check: nix repl `homeConfigurations.hungtr.config.programs.neovim.finalPackage.buildCommand`
# see: :/--suffix.*PATH
# there should be mentions of additional packages
my_neovim = pkgs.neovim-unwrapped;
rust_pkgs = (pkgs.rust-bin.selectLatestNightlyWith
rust_pkgs =
pkgs.rust-bin.selectLatestNightlyWith
(
toolchain:
toolchain.default.override {
extensions = [ "rust-src" "rust-analyzer" "rust-docs" "rustfmt" "clippy" "miri" ];
}
));
nvim_pkgs = [
# pkgs.gccStdenv
pkgs.tree-sitter
pkgs.fzf # file name fuzzy search
pkgs.ripgrep # content fuzzy search
pkgs.zk # Zettelkasten (limited support)
pkgs.fd # Required by a Telescope plugin (?)
pkgs.stdenv.cc.cc.lib
pkgs.rnix-lsp # doesn't work, Mason just installs it using cargo
pkgs.rust4cargo
pkgs.nickel
pkgs.nls
pkgs.go # doesn't work, Mason installs from runtime path
# Language-specific stuffs
pkgs.sumneko-lua-language-server
# pkgs.python3Packages.python-lsp-server
pkgs.nodePackages.pyright
pkgs.python3Packages.pylint
pkgs.python3Packages.flake8
# FIXME: installing ansible from here just doesn't work :/
# pkgs.ansible-lint
# pkgs.python38Packages.ansible
# pkgs.ansible-language-server
# TODO: the devShell should provide rust-analyzer so that
# cargo test builds binaries compatible with rust-analyzer
# pkgs.rust-analyzer
# rust_pkgs
# pkgs.evcxr # Rust REPL for Conjure!
] ++ lib.optionals (pkgs.stdenv.isDarwin) (
let
inherit (pkgs.darwin.apple_sdk.frameworks) System CoreFoundation; in
toolchain.default.override {
extensions = ["rust-src" "rust-analyzer" "rust-docs" "rustfmt" "clippy" "miri"];
}
);
nvim_pkgs =
[
System
CoreFoundation
# pkgs.gccStdenv
pkgs.tree-sitter
pkgs.fzf # file name fuzzy search
pkgs.ripgrep # content fuzzy search
pkgs.zk # Zettelkasten (limited support)
pkgs.fd # Required by a Telescope plugin (?)
pkgs.stdenv.cc.cc.lib
pkgs.rnix-lsp # doesn't work, Mason just installs it using cargo
pkgs.rust4cargo
pkgs.nickel
pkgs.nls
pkgs.go # doesn't work, Mason installs from runtime path
# Language-specific stuffs
pkgs.sumneko-lua-language-server
# pkgs.python3Packages.python-lsp-server
pkgs.nodePackages.pyright
pkgs.python3Packages.pylint
pkgs.python3Packages.flake8
# FIXME: installing ansible from here just doesn't work :/
# pkgs.ansible-lint
# pkgs.python38Packages.ansible
# pkgs.ansible-language-server
# TODO: the devShell should provide rust-analyzer so that
# cargo test builds binaries compatible with rust-analyzer
# pkgs.rust-analyzer
# rust_pkgs
# pkgs.evcxr # Rust REPL for Conjure!
]
);
in
{
++ lib.optionals (pkgs.stdenv.isDarwin) (
let
inherit (pkgs.darwin.apple_sdk.frameworks) System CoreFoundation;
in [
System
CoreFoundation
]
);
in {
options.base.neovim = {
enable = lib.mkOption {
default = true;
description = "enable personalized neovim as default editor";
type = lib.types.bool;
example = false;
f = let
adder = {
__functor = self: arg:
if builtins.isInt arg
then self // {x = self.x + arg;}
else self.x;
x = 0;
};
in {
what = adder 1 2 3 {};
};
};
};
config = lib.mkIf config.base.neovim.enable {
@ -76,60 +94,54 @@ in
withPython3 = true;
withNodeJs = true;
extraPackages = nvim_pkgs;
extraLuaConfig = (builtins.readFile "${proj_root.config.path}//neovim/init.lua");
plugins = (let inherit (pkgs.vimPlugins)
plenary-nvim
nvim-treesitter
nvim-treesitter-textobjects
nvim-treesitter-context
telescope-fzf-native-nvim
telescope-file-browser-nvim
telescope-nvim
nvim-lspconfig
gruvbox-community
neodev-nvim
cmp-nvim-lsp
cmp-path
cmp-buffer
cmp-cmdline
nvim-cmp
lspkind-nvim
nvim-autopairs
nvim-ts-autotag
guess-indent-nvim
harpoon
zk-nvim
luasnip
fidget-nvim
rust-tools-nvim
cmp_luasnip
gitsigns-nvim
indent-blankline-nvim
lualine-nvim
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
; in [
extraLuaConfig = builtins.readFile "${proj_root.config.path}//neovim/init.lua";
plugins = let
inherit
(pkgs.vimPlugins)
plenary-nvim
nvim-treesitter
nvim-treesitter-textobjects
nvim-treesitter-context
telescope-fzf-native-nvim
telescope-file-browser-nvim
telescope-nvim
nvim-lspconfig
gruvbox-community
neodev-nvim
cmp-nvim-lsp
cmp-path
cmp-buffer
cmp-cmdline
nvim-cmp
lspkind-nvim
nvim-autopairs
nvim-ts-autotag
guess-indent-nvim
harpoon
zk-nvim
luasnip
fidget-nvim
rust-tools-nvim
cmp_luasnip
gitsigns-nvim
indent-blankline-nvim
lualine-nvim
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
;
in [
plenary-nvim
nvim-treesitter.withAllGrammars
nvim-treesitter-textobjects
@ -173,7 +185,7 @@ in
vim-dispatch-neovim
vim-fugitive
vim-jack-in
]);
];
};
# home.packages = nvim_pkgs;
};

67
nix-conf/home-manager/base/private_chromium.nix
View File

@ -1,9 +1,13 @@
# TODO: maybe throw if base.graphics is not enabled?
# Though, headless chromium might be possible
{ config, pkgs, lib, ... }:
let cfg = config.base.private_chromium;
in
{
config,
pkgs,
lib,
...
}: let
cfg = config.base.private_chromium;
in {
options.base.private_chromium = {
enable = lib.mkOption {
type = lib.types.bool;
@ -19,33 +23,36 @@ in
programs.chromium = {
enable = true;
package = pkgs.ungoogled-chromium;
extensions =
let
# TODO: how about a chrome extension registry?
mkChromiumExtForVersion = browserVersion: { id, sha256, extVersion, ... }:
{
inherit id;
crxPath = builtins.fetchurl {
url = "https://clients2.google.com/service/update2/crx" +
"?response=redirect" +
"&acceptformat=crx2,crx3" +
"&prodversion=${browserVersion}" +
"&x=id%3D${id}%26installsource%3Dondemand%26uc";
name = "${id}.crx";
inherit sha256;
};
version = extVersion;
};
mkChromiumExt = mkChromiumExtForVersion (lib.versions.major pkgs.ungoogled-chromium.version);
in
[
# vimium
(mkChromiumExt {
id = "dbepggeogbaibhgnhhndojpepiihcmeb";
sha256 = "00qhbs41gx71q026xaflgwzzridfw1sx3i9yah45cyawv8q7ziic";
extVersion = "1.67.4";
})
];
extensions = let
# TODO: how about a chrome extension registry?
mkChromiumExtForVersion = browserVersion: {
id,
sha256,
extVersion,
...
}: {
inherit id;
crxPath = builtins.fetchurl {
url =
"https://clients2.google.com/service/update2/crx"
+ "?response=redirect"
+ "&acceptformat=crx2,crx3"
+ "&prodversion=${browserVersion}"
+ "&x=id%3D${id}%26installsource%3Dondemand%26uc";
name = "${id}.crx";
inherit sha256;
};
version = extVersion;
};
mkChromiumExt = mkChromiumExtForVersion (lib.versions.major pkgs.ungoogled-chromium.version);
in [
# vimium
(mkChromiumExt {
id = "dbepggeogbaibhgnhhndojpepiihcmeb";
sha256 = "00qhbs41gx71q026xaflgwzzridfw1sx3i9yah45cyawv8q7ziic";
extVersion = "1.67.4";
})
];
};
};
}

4
nix-conf/home-manager/base/productive_desktop.nix
View File

@ -1,8 +1,8 @@
# A module that takes care of a GUI-ful, productive desktop environment
inputs@{ pkgs, ... }: {
inputs @ {pkgs, ...}: {
imports = [
# slack
({ pkgs, ... }: {
({pkgs, ...}: {
home.packages = [
pkgs.slack
];

48
nix-conf/home-manager/base/shells.nix
View File

@ -1,14 +1,14 @@
# Configurations for shell stuffs.
# Should probably be decoupled even more for each feature
{ config
, proj_root
, myLib
, pkgs
, ...
}:
let cfg = config.base.shells;
in
{
config,
proj_root,
myLib,
pkgs,
...
}: let
cfg = config.base.shells;
in {
options.base.shells = {
enable = myLib.mkOption {
type = myLib.types.bool;
@ -30,7 +30,7 @@ in
shellAliases = myLib.mkOption {
type = myLib.types.attrs;
description = "Shell command aliases";
default = { };
default = {};
example = {
nixGL = "nixGLIntel";
};
@ -52,8 +52,8 @@ in
programs.tmux = {
enable = true;
# extraConfigBeforePlugin = builtins.readFile "${proj_root.config.path}/tmux/tmux.conf";
plugins = let inherit (pkgs.tmuxPlugins) cpu net-speed; in [ cpu net-speed ];
extraConfig = (builtins.readFile "${proj_root.config.path}/tmux/tmux.conf");
plugins = let inherit (pkgs.tmuxPlugins) cpu net-speed; in [cpu net-speed];
extraConfig = builtins.readFile "${proj_root.config.path}/tmux/tmux.conf";
};
xdg.configFile."tmux/tmux.conf".text = myLib.mkOrder 600 ''
set -g status-right '#{cpu_bg_color} CPU: #{cpu_icon} #{cpu_percentage} | %a %h-%d %H:%M '
@ -69,13 +69,14 @@ in
enableZshIntegration = true;
settings = let
native = builtins.fromTOML (builtins.readFile "${proj_root.config.path}/starship/starship.toml");
patch-nix = pkgs.lib.recursiveUpdate native ({
patch-nix = pkgs.lib.recursiveUpdate native {
c.commands = [
["nix" "run" "nixpkgs#clang" "--" "--version"]
["nix" "run" "nixpkgs#gcc" "--" "--version"]
];
});
in patch-nix;
};
in
patch-nix;
};
# Fuzzy finder. `fzf` for TUI, `fzf -f '<fuzzy query>'` for UNIX piping
programs.fzf.enable = true;
@ -88,10 +89,12 @@ in
enable = true;
enableCompletion = true;
enableAutosuggestions = true;
shellAliases = {
nix-rebuild = "sudo nixos-rebuild switch";
hm-switch = "home-manager switch --flake";
} // (cfg.shellAliases or { });
shellAliases =
{
nix-rebuild = "sudo nixos-rebuild switch";
hm-switch = "home-manager switch --flake";
}
// (cfg.shellAliases or {});
history = {
size = 10000;
path = "${config.xdg.dataHome}/zsh/history";
@ -119,10 +122,11 @@ in
ZVM_KEYTIMEOUT = 0.004; # 40ms, or subtly around 25 FPS. I'm a gamer :)
ZVM_ESCAPE_KEYTIMEOUT = 0.004; # 40ms, or subtly around 25 FPS. I'm a gamer :)
};
initExtra = (cfg.shellInitExtra or "") + ''
source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh
'';
initExtra =
(cfg.shellInitExtra or "")
+ ''
source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh
'';
};
};
}

15
nix-conf/home-manager/base/ssh.nix
View File

@ -1,11 +1,11 @@
{ config
, proj_root
, myLib
, ...
}:
let cfg = config.base.ssh;
in
{
config,
proj_root,
myLib,
...
}: let
cfg = config.base.ssh;
in {
options.base.ssh.enable = myLib.mkOption {
type = myLib.types.bool;
default = true;
@ -20,4 +20,3 @@ in
includes = ["${proj_root.config.path}/ssh/config"];
};
}

10
nix-conf/home-manager/default.nix
View File

@ -1,11 +1,13 @@
# We use top-level nix-flake, so default.nix is basically just a wrapper around ./flake.nix
(import
(
import
(
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
c_ = import ./../../c_.nix;
in
c_.fetchTree lock.nodes.flake-compat.locked
c_.fetchTree lock.nodes.flake-compat.locked
)
{ src = ./.; }
).defaultNix
{src = ./.;}
)
.defaultNix

18
nix-conf/home-manager/flake.lock
View File

@ -833,11 +833,11 @@
},
"nixpkgs-latest": {
"locked": {
"lastModified": 1686940302,
"narHash": "sha256-hTBVlV53sfi7ZyTkRKIVZy3V26ixnWGZnYrHvb9rCZU=",
"lastModified": 1687044368,
"narHash": "sha256-7eBtV3lgfgjeyBDa20Xr4O9mlcAHHFYpvo6m16tgLcY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1f5b5df0d309144d10d409d161b50adc94157ef6",
"rev": "b621273236ab985db5ff7e91171624f2e07e82a1",
"type": "github"
},
"original": {
@ -882,11 +882,11 @@
},
"nixpkgs_10": {
"locked": {
"lastModified": 1686869522,
"narHash": "sha256-tbJ9B8WLCTnVP/LwESRlg0dII6Zyg2LmUU/mB9Lu98E=",
"lastModified": 1686960236,
"narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "7c67f006ea0e7d0265f16d7df07cc076fdffd91f",
"rev": "04af42f3b31dba0ef742d254456dc4c14eedac86",
"type": "github"
},
"original": {
@ -1327,11 +1327,11 @@
"nixpkgs": "nixpkgs_11"
},
"locked": {
"lastModified": 1686882360,
"narHash": "sha256-6iWVGIdIzmx/CgXPVLPyyxxBhPGYMl8sG09S8hpQ6pc=",
"lastModified": 1686968542,
"narHash": "sha256-Gjlj7UeHqMFRAYyefeoLnSjLo8V+0XheIamojNEyTbE=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "b519b1d7a31f1bd35423990398adecc6f7dd4dd2",
"rev": "01d84cd842e48e89be67e4c2d9dc46aa7709adc5",
"type": "github"
},
"original": {

244
nix-conf/home-manager/flake.nix
View File

@ -43,82 +43,88 @@
};
};
outputs =
flake_inputs@{ nixpkgs
, home-manager
, nixgl
, rust-overlay
, flake-utils
, kpcli-py
, neovim-nightly-overlay
, nix-boost
, nixpkgs-latest
, ...
}:
let
# config_fn:: system -> config
cross_platform = config_fn: ({
packages = builtins.foldl'
(prev: system: prev // {
outputs = flake_inputs @ {
nixpkgs,
home-manager,
nixgl,
rust-overlay,
flake-utils,
kpcli-py,
neovim-nightly-overlay,
nix-boost,
nixpkgs-latest,
...
}: let
# config_fn:: system -> config
cross_platform = config_fn: {
packages =
builtins.foldl'
(prev: system:
prev
// {
"${system}" = config_fn system;
})
{ }
flake-utils.lib.defaultSystems;
});
in
cross_platform (system:
let
overlays = import ./overlays.nix (flake_inputs // { inherit system; });
{}
flake-utils.lib.defaultSystems;
};
in
cross_platform (system: let
overlays = import ./overlays.nix (flake_inputs // {inherit system;});
# pkgs = nixpkgs.legacyPackages.${system}.appendOverlays overlays;
pkgs = import nixpkgs {
inherit system overlays;
config = { allowUnfree = true; };
config = {allowUnfree = true;};
};
# lib = (import ../lib { inherit pkgs; lib = pkgs.lib; });
base = import ./base flake_inputs;
inherit (base) mkModuleArgs;
nerd_font_module = { config, pkgs, ... }: {
nerd_font_module = {
config,
pkgs,
...
}: {
fonts.fontconfig.enable = true;
home.packages = [
# list of fonts are available at https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/data/fonts/nerdfonts/shas.nix
(pkgs.nerdfonts.override { fonts = [ "Hack" ]; })
(pkgs.nerdfonts.override {fonts = ["Hack"];})
];
base.alacritty.font.family = "Hack Nerd Font Mono";
};
in
{
in {
debug = {
inherit overlays pkgs base;
};
homeConfigurations =
let
x11_wsl = ''
# x11 output for WSL
export DISPLAY=$(ip route list default | awk '{print $3}'):0
export LIBGL_ALWAYS_INDIRECT=1
'';
in
{
"hungtr" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = base.modules ++ [
homeConfigurations = let
x11_wsl = ''
# x11 output for WSL
export DISPLAY=$(ip route list default | awk '{print $3}'):0
export LIBGL_ALWAYS_INDIRECT=1
'';
in {
"hungtr" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
base.modules
++ [
./home.nix
];
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hungtr";
homeDirectory = "/home/hungtr";
};
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hungtr";
homeDirectory = "/home/hungtr";
};
};
"hungtr@bao" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = base.modules ++ [
};
"hungtr@bao" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
base.modules
++ [
./home.nix
nerd_font_module
./base/productive_desktop.nix
@ -131,21 +137,23 @@
base.graphics.useNixGL.enable = true;
}
];
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hungtr";
homeDirectory = "/home/hungtr";
};
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hungtr";
homeDirectory = "/home/hungtr";
};
};
# Personal darwin, effectively serves as the Darwin edge channel
"hungtran" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = base.modules ++ [
};
# Personal darwin, effectively serves as the Darwin edge channel
"hungtran" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
base.modules
++ [
./home.nix
{
base.graphics.enable = false;
@ -166,18 +174,20 @@
];
}
];
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hungtran";
homeDirectory = "/Users/hungtran";
};
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hungtran";
homeDirectory = "/Users/hungtran";
};
};
# Work darwin
"htran" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = base.modules ++ [
};
# Work darwin
"htran" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
base.modules
++ [
./home.nix
./base/productive_desktop.nix
./base/darwin-spotlight.nix
@ -198,42 +208,46 @@
pkgs.postman
];
}
{ base.keepass.enable = pkgs.lib.mkForce false; }
{base.keepass.enable = pkgs.lib.mkForce false;}
];
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "htran";
homeDirectory = "/Users/htran";
};
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "htran";
homeDirectory = "/Users/htran";
};
};
"nixos@Felia" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = [
./home.nix
{
base.shells = {
shellInitExtra = ''
'' + x11_wsl;
};
}
];
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "nixos";
homeDirectory = "/home/nixos";
};
"nixos@Felia" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = [
./home.nix
{
base.shells = {
shellInitExtra =
''
''
+ x11_wsl;
};
}
];
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "nixos";
homeDirectory = "/home/nixos";
};
};
# Personal laptop
hwtr = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = base.modules ++ [
};
# Personal laptop
hwtr = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
base.modules
++ [
./home.nix
./base/graphics.nix
{
@ -244,17 +258,17 @@
./base/productive_desktop.nix
];
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hwtr";
homeDirectory = "/home/hwtr";
packages = [
pkgs.postman
];
};
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hwtr";
homeDirectory = "/home/hwtr";
packages = [
pkgs.postman
];
};
};
};
};
});
}

74
nix-conf/home-manager/home.nix
View File

@ -3,18 +3,17 @@
# This file represents the base settings for each machine
# Additional configurations goes to profiles/<user>
# or inlined in flake.nix
{ config # Represents the realized final configuration
, pkgs # This is by default just ``= import <nixpkgs>{}`
, myHome
, myLib
, option # The options we're given, this might be useful for typesafety?
, proj_root
, ...
}:
let
inherit (myLib) fromYaml;
in
{
config, # Represents the realized final configuration
pkgs, # This is by default just ``= import <nixpkgs>{}`
myHome,
myLib,
option, # The options we're given, this might be useful for typesafety?
proj_root,
...
}: let
inherit (myLib) fromYaml;
in {
imports = [
./base/neovim.nix
./base/keepass.nix
@ -24,31 +23,38 @@ in
homeDirectory = myHome.homeDirectory;
stateVersion = myHome.stateVersion or "22.05";
};
home.packages = pkgs.lib.unique ([
# pkgs.ncdu
pkgs.rclone # cloud file operations
pkgs.htop # system diagnostics in CLI
pkgs.ripgrep # content fuzzy search
pkgs.unzip # compression
pkgs.zip # compression
home.packages = pkgs.lib.unique (
[
# pkgs.ncdu
pkgs.rclone # cloud file operations
pkgs.htop # system diagnostics in CLI
pkgs.ripgrep # content fuzzy search
pkgs.unzip # compression
pkgs.zip # compression
# cool utilities
pkgs.yq-go # Yaml adaptor for jq (only pretty print, little query)
# pkgs.xorg.xclock # TODO: only include if have gui # For testing GL installation
# pkgs.logseq # TODO: only include if have GL # Obsidian alt
pkgs.mosh # Parsec for SSH
# pkgs.nixops_unstable # nixops v2 # insecure for now
pkgs.lynx # Web browser at your local terminal
pkgs.zk
# cool utilities
pkgs.yq-go # Yaml adaptor for jq (only pretty print, little query)
# pkgs.xorg.xclock # TODO: only include if have gui # For testing GL installation
# pkgs.logseq # TODO: only include if have GL # Obsidian alt
pkgs.mosh # Parsec for SSH
# pkgs.nixops_unstable # nixops v2 # insecure for now
pkgs.lynx # Web browser at your local terminal
pkgs.zk
# pkgs.tailscale # VPC;; This should be installed in system-nix
pkgs.python310 # dev packages should be in project
# pkgs.python310.numpy
# pkgs.python310Packages.tensorflow
# pkgs.python310Packages.scikit-learn
] ++ (myHome.packages or [ ]) ++ (if pkgs.system == "x86_64-linux" then [
pkgs.logseq
] else [ ])
# pkgs.tailscale # VPC;; This should be installed in system-nix
pkgs.python310 # dev packages should be in project
# pkgs.python310.numpy
# pkgs.python310Packages.tensorflow
# pkgs.python310Packages.scikit-learn
]
++ (myHome.packages or [])
++ (
if pkgs.system == "x86_64-linux"
then [
pkgs.logseq
]
else []
)
);
## Configs ##

60
nix-conf/home-manager/overlays.nix
View File

@ -1,14 +1,14 @@
flake_input@{ kpcli-py
, nixgl
, rust-overlay
, neovim-nightly-overlay
, system
, nix-boost
, nixpkgs-latest
, ...
}:
let
kpcli-py = (final: prev: {
flake_input @ {
kpcli-py,
nixgl,
rust-overlay,
neovim-nightly-overlay,
system,
nix-boost,
nixpkgs-latest,
...
}: let
kpcli-py = final: prev: {
# use python3.9, which works because of cython somehow?
kpcli-py = final.poetry2nix.mkPoetryApplication {
projectDir = flake_input.kpcli-py;
@ -16,12 +16,12 @@ let
# tableformatter requires setuptools
tableformatter = super.tableformatter.overridePythonAttrs (
old: {
buildInputs = (old.buildInputs or [ ]) ++ [ self.setuptools self.cython_3 ];
buildInputs = (old.buildInputs or []) ++ [self.setuptools self.cython_3];
src = old.src;
}
);
kpcli = super.kpcli.overridePythonAttrs (old: {
buildInputs = (old.buildInputs or [ ]) ++ [ self.setuptools ];
buildInputs = (old.buildInputs or []) ++ [self.setuptools];
});
# ubersmith = super.ubersmith.overridePythonAttrs (old: {
@ -37,34 +37,30 @@ let
# sha256 = "sha256-Dystt7CBtjpLkgzCsAif8WkkYYeLyh7VMehAtwoDGuM=";
# };
# });
});
};
});
};
rust = (final: prev:
let
nightlyRustWithExts = exts: final.rust-bin.selectLatestNightlyWith (
rust = final: prev: let
nightlyRustWithExts = exts:
final.rust-bin.selectLatestNightlyWith (
toolchain: (toolchain.minimal.override {
extensions = exts;
})
);
# https://rust-lang.github.io/rustup/concepts/profiles.html
rust-default-components = [ "rust-docs" "rustfmt" "clippy" ];
rust-dev-components = rust-default-components ++ [ "rust-src" "rust-analyzer" "miri" ];
in
{
rust4devs = nightlyRustWithExts rust-dev-components;
rust4cargo = nightlyRustWithExts [ ];
rust4normi = nightlyRustWithExts rust-default-components;
});
# https://rust-lang.github.io/rustup/concepts/profiles.html
rust-default-components = ["rust-docs" "rustfmt" "clippy"];
rust-dev-components = rust-default-components ++ ["rust-src" "rust-analyzer" "miri"];
in {
rust4devs = nightlyRustWithExts rust-dev-components;
rust4cargo = nightlyRustWithExts [];
rust4normi = nightlyRustWithExts rust-default-components;
};
vimPlugins = (final: prev: {
vimPlugins = final: prev: {
inherit (nixpkgs-latest.legacyPackages.${system}) vimPlugins;
});
in
[
};
in [
nix-boost.overlays.default
nixgl.overlays.default
rust-overlay.overlays.default

5
nix-conf/home-manager/profiles/default.nix
View File

@ -1,5 +1,8 @@
# main module exporter for different configuration profiles
{ pkgs, libs, ... } @ inputs:
{
pkgs,
libs,
...
} @ inputs: {
hwtr = import ./hwtr.nix;
}

20
nix-conf/lib/default.nix
View File

@ -1,12 +1,12 @@
{ pkgs
, lib ? pkgs.lib
, ...
}@flake_import:
let
serde = import ./serde { inherit pkgs lib; };
{
pkgs,
lib ? pkgs.lib,
...
} @ flake_import: let
serde = import ./serde {inherit pkgs lib;};
recursiveUpdate = lib.recursiveUpdate;
in
recursiveUpdate (recursiveUpdate pkgs.lib lib) {
fromYaml = serde.fromYaml;
fromYamlPath = serde.fromYamlPath;
}
recursiveUpdate (recursiveUpdate pkgs.lib lib) {
fromYaml = serde.fromYaml;
fromYamlPath = serde.fromYamlPath;
}

37
nix-conf/lib/serde/default.nix
View File

@ -1,31 +1,38 @@
# Takes care of serializing and deserializing to some formats
# Blame: Pegasust<pegasucksgg@gmail.com>
# TODO: Add to* formats from pkgs.formats.*
{ pkgs
, lib
} @ inputs:
let
yamlToJsonDrv = yamlContent: outputPath: pkgs.callPackage
({ runCommand }:
{
pkgs,
lib,
} @ inputs: let
yamlToJsonDrv = yamlContent: outputPath:
pkgs.callPackage
({runCommand}:
# runCommand source: https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/trivial-builders.nix#L33
runCommand outputPath { inherit yamlContent; nativeBuildInputs = [ pkgs.yq ]; }
runCommand outputPath {
inherit yamlContent;
nativeBuildInputs = [pkgs.yq];
}
# run yq which outputs '.' (no filter) on file at yamlPath
# note that $out is passed onto the bash/sh script for execution
''
echo "$yamlContent" | yq >$out
'')
{ };
in
{
{};
in {
# Takes in a yaml string and produces a derivation with translated JSON at $outputPath
# similar to builtins.fromJSON, turns a YAML string to nix attrset
fromYaml = yamlContent: builtins.fromJSON (builtins.readFile (yamlToJsonDrv yamlContent "any_output.json"));
fromYamlPath = yamlPath: builtins.fromJSON (
builtins.readFile (
yamlToJsonDrv
fromYamlPath = yamlPath:
builtins.fromJSON (
builtins.readFile (
yamlToJsonDrv
(
builtins.readFile yamlPath)
"any-output.json"));
builtins.readFile yamlPath
)
"any-output.json"
)
);
fromTOML = builtins.fromTOML;
fromJSON = builtins.fromJSON;
}

11
nix-conf/pkgs/default.nix
View File

@ -1,10 +1,11 @@
# This module aims to be merge (not inject/override) with top-level pkgs to provide
# personalized/custom packages
{ pkgs
, lib
, naersk # rust packages
, ...
}@pkgs_input: {
{
pkgs,
lib,
naersk, # rust packages
...
} @ pkgs_input: {
# dot-hwtr = import "./dot-hwtr" pkgs_input;
cargo-bacon = pkgs.rustPlatform.buildRustPackage rec {
pname = "bacon";

14
nix-conf/pkgs/flake.nix
View File

@ -4,10 +4,12 @@
rust-overlay.url = "github:oxalica/rust-overlay";
naersk.url = "gihub:nix-community/naersk";
};
outputs = { nixpkgs, rust-overlay, naersk }:
let
pkgs = import nixpkgs { overlays = [ rust-overlay.overlays.default ]; };
lib = pkgs.lib;
in
(import ./default.nix { inherit pkgs lib naersk; });
outputs = {
nixpkgs,
rust-overlay,
naersk,
}: let
pkgs = import nixpkgs {overlays = [rust-overlay.overlays.default];};
lib = pkgs.lib;
in (import ./default.nix {inherit pkgs lib naersk;});
}

10
nix-conf/secrets.nix
View File

@ -10,10 +10,8 @@ let
all = users // systems;
# stands for calculus
c_ = builtins;
in
{
"system/secrets/s3fs.age".publicKeys = c_.attrValues (all);
"system/secrets/s3fs.digital-garden.age".publicKeys = c_.attrValues (all);
"system/secrets/_nhitrl.age".publicKeys = c_.attrValues (all);
in {
"system/secrets/s3fs.age".publicKeys = c_.attrValues all;
"system/secrets/s3fs.digital-garden.age".publicKeys = c_.attrValues all;
"system/secrets/_nhitrl.age".publicKeys = c_.attrValues all;
}

112
nix-conf/system/configuration.nix
View File

@ -1,61 +1,71 @@
{ lib, pkgs, config, modulesPath, specialArgs, ... }:
let
{
lib,
pkgs,
config,
modulesPath,
specialArgs,
...
}: let
hostname = specialArgs.hostname;
enableSSH = specialArgs.enableSSH or true;
_networking = lib.recursiveUpdate { hostName = hostname; } (specialArgs._networking or { });
_boot = specialArgs._boot or { };
_services = specialArgs._services or { };
_networking = lib.recursiveUpdate {hostName = hostname;} (specialArgs._networking or {});
_boot = specialArgs._boot or {};
_services = specialArgs._services or {};
includeHardware = specialArgs.includeHardware or true;
proj_root = builtins.toString ./../..;
in
with lib;
{
imports = (if includeHardware then [
"${proj_root}/hosts/${hostname}/hardware-configuration.nix"
] else [ ]) ++ [
"${modulesPath}/profiles/minimal.nix"
"${proj_root}/modules/tailscale.sys.nix"
"${proj_root}/modules/mosh.sys.nix"
];
boot = _boot;
with lib; {
imports =
(
if includeHardware
then [
"${proj_root}/hosts/${hostname}/hardware-configuration.nix"
]
else []
)
++ [
"${modulesPath}/profiles/minimal.nix"
"${proj_root}/modules/tailscale.sys.nix"
"${proj_root}/modules/mosh.sys.nix"
];
boot = _boot;
# prune old builds
nix.settings.auto-optimise-store = true;
# prune old builds
nix.settings.auto-optimise-store = true;
# Enable nix flakes
nix.package = pkgs.nixFlakes;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
users.users.hungtr = {
isNormalUser = true;
home = "/home/hungtr";
description = "pegasust/hungtr";
extraGroups = [ "wheel" "networkmanager" "audio" ];
};
users.users.root = {
# openssh runs in root, no? This is because port < 1024 requires root.
openssh.authorizedKeys.keys = lib.strings.splitString "\n" (builtins.readFile "${proj_root}/native_configs/ssh/authorized_keys");
};
# Enable nix flakes
nix.package = pkgs.nixFlakes;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
users.users.hungtr = {
isNormalUser = true;
home = "/home/hungtr";
description = "pegasust/hungtr";
extraGroups = ["wheel" "networkmanager" "audio"];
};
users.users.root = {
# openssh runs in root, no? This is because port < 1024 requires root.
openssh.authorizedKeys.keys = lib.strings.splitString "\n" (builtins.readFile "${proj_root}/native_configs/ssh/authorized_keys");
};
# Some basic programs
programs.neovim = {
enable = true;
defaultEditor = true;
};
# Some basic programs
programs.neovim = {
enable = true;
defaultEditor = true;
};
programs.git = {
enable = true;
# more information should be configured under user level
# See other config at @/home-nix
};
environment.systemPackages = [
pkgs.gnumake
pkgs.wget
pkgs.inetutils # network diag
pkgs.mtr # network diag
pkgs.sysstat # sys diag
];
}
programs.git = {
enable = true;
# more information should be configured under user level
# See other config at @/home-nix
};
environment.systemPackages = [
pkgs.gnumake
pkgs.wget
pkgs.inetutils # network diag
pkgs.mtr # network diag
pkgs.sysstat # sys diag
];
}

466
nix-conf/system/flake.nix
View File

@ -7,208 +7,227 @@
};
};
outputs = { self, nixpkgs, agenix, ... }:
let
lib = nixpkgs.lib;
proj_root = ./../..;
# TODO: Change respectively to the system or make a nix shell to alias `nix run github:ryantm/agenix -- `
base_modules = [
agenix.nixosModule
{
age.secrets.s3fs = {
file = ../../secrets/s3fs.age;
# mode = "600"; # owner + group only
# owner = "hungtr";
# group = "users";
};
age.secrets."s3fs.digital-garden" = {
file = ../../secrets/s3fs.digital-garden.age;
};
age.secrets._nhitrl_cred = {
file = ../../secrets/_nhitrl.age;
};
environment.systemPackages = [ agenix.defaultPackage.x86_64-linux ];
}
];
in
{
# Windows with NixOS WSL
nixosConfigurations.Felia = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
outputs = {
self,
nixpkgs,
agenix,
...
}: let
lib = nixpkgs.lib;
proj_root = ./../..;
# TODO: Change respectively to the system or make a nix shell to alias `nix run github:ryantm/agenix -- `
base_modules = [
agenix.nixosModule
{
age.secrets.s3fs = {
file = ../../secrets/s3fs.age;
# mode = "600"; # owner + group only
# owner = "hungtr";
# group = "users";
};
age.secrets."s3fs.digital-garden" = {
file = ../../secrets/s3fs.digital-garden.age;
};
age.secrets._nhitrl_cred = {
file = ../../secrets/_nhitrl.age;
};
environment.systemPackages = [agenix.defaultPackage.x86_64-linux];
}
];
in {
# Windows with NixOS WSL
nixosConfigurations.Felia = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./wsl-configuration.nix
{
system.stateVersion = "22.05";
}
];
specialArgs = {
# includeHardware = false;
hostname = "Felia";
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
specialArgs = {
# includeHardware = false;
hostname = "Felia";
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
};
nixosConfigurations.lizzi = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
};
nixosConfigurations.lizzi = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./configuration.nix
{
system.stateVersion = "22.05";
mod.tailscale.enable = true;
}
];
specialArgs = {
hostname = "lizzi";
_networking = {
interfaces.eth1.ipv4.addresses = [{
specialArgs = {
hostname = "lizzi";
_networking = {
interfaces.eth1.ipv4.addresses = [
{
address = "71.0.0.1";
prefixLength = 24;
}];
firewall = {
enable = true;
allowedTCPPorts = [ 80 443 22 ];
};
useDHCP = false;
# required so that we get IP address from linode
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
}
];
firewall = {
enable = true;
allowedTCPPorts = [80 443 22];
};
_services.gitea = {
enable = true;
stateDir = "/gitea";
rootUrl = "https://git.pegasust.com";
settings = {
repository = {
"ENABLE_PUSH_CREATE_USER" = true;
"ENABLE_PUSH_CREATE_ORG" = true;
};
};
};
# Highly suspect that thanks to nginx, ipv6 is disabled?
_services.nginx = {
enable = true;
clientMaxBodySize = "100m"; # Allow big file transfers over git :^)
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."git.pegasust.com" = {
# Gitea hostname
sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem";
sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem";
forceSSL = true; # Runs on port 80 and 443
locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea
useDHCP = false;
# required so that we get IP address from linode
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
_services.gitea = {
enable = true;
stateDir = "/gitea";
rootUrl = "https://git.pegasust.com";
settings = {
repository = {
"ENABLE_PUSH_CREATE_USER" = true;
"ENABLE_PUSH_CREATE_ORG" = true;
};
};
};
# Highly suspect that thanks to nginx, ipv6 is disabled?
_services.nginx = {
enable = true;
clientMaxBodySize = "100m"; # Allow big file transfers over git :^)
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."git.pegasust.com" = {
# Gitea hostname
sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem";
sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem";
forceSSL = true; # Runs on port 80 and 443
locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea
};
};
};
# Generic machine
nixosConfigurations.pixi = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
};
# Generic machine
nixosConfigurations.pixi = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./configuration.nix
{
system.stateVersion = "22.05";
}
];
specialArgs = {
hostname = "pixi";
_networking = {
# interfaces.eth1.ipv4.addresses = [{
# address = "71.0.0.1";
# prefixLength = 24;
# }];
firewall = {
enable = false;
allowedTCPPorts = [ 80 443 22 ];
};
useDHCP = false;
# interfaces.eth0.useDHCP = true;
specialArgs = {
hostname = "pixi";
_networking = {
# interfaces.eth1.ipv4.addresses = [{
# address = "71.0.0.1";
# prefixLength = 24;
# }];
firewall = {
enable = false;
allowedTCPPorts = [80 443 22];
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
_services.gitea = {
enable = true;
stateDir = "/gitea";
rootUrl = "https://git.pegasust.com";
settings = {
repository = {
"ENABLE_PUSH_CREATE_USER" = true;
"ENABLE_PUSH_CREATE_ORG" = true;
};
};
};
_services.nginx = {
enable = true;
clientMaxBodySize = "100m"; # Allow big file transfers over git :^)
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."git.pegasust.com" = {
# Gitea hostname
sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem";
sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem";
forceSSL = true; # Runs on port 80 and 443
locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea
useDHCP = false;
# interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
_services.gitea = {
enable = true;
stateDir = "/gitea";
rootUrl = "https://git.pegasust.com";
settings = {
repository = {
"ENABLE_PUSH_CREATE_USER" = true;
"ENABLE_PUSH_CREATE_ORG" = true;
};
};
};
_services.nginx = {
enable = true;
clientMaxBodySize = "100m"; # Allow big file transfers over git :^)
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."git.pegasust.com" = {
# Gitea hostname
sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem";
sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem";
forceSSL = true; # Runs on port 80 and 443
locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea
};
};
};
nixosConfigurations.nyx = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
};
nixosConfigurations.nyx = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./configuration.nix
{
system.stateVersion = "22.05";
}
];
specialArgs = {
hostname = "nyx";
_networking = {
enableIPv6 = false;
interfaces.eth1.ipv4.addresses = [{
specialArgs = {
hostname = "nyx";
_networking = {
enableIPv6 = false;
interfaces.eth1.ipv4.addresses = [
{
address = "71.0.0.2";
prefixLength = 24;
}];
firewall.enable = true;
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
}
];
firewall.enable = true;
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
};
nixosConfigurations.nixos = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
};
nixosConfigurations.nixos = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./configuration.nix
{
system.stateVersion = "22.05";
}
];
specialArgs = {
hostname = "nixos";
};
specialArgs = {
hostname = "nixos";
};
nixosConfigurations.htran-dev = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
};
nixosConfigurations.htran-dev = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./configuration.nix
{
system.stateVersion = "22.11";
@ -218,29 +237,34 @@
# interface = "ens32";
};
networking.interfaces.ens32.ipv4.addresses = [
{ address = "10.100.200.230"; prefixLength = 24; }
{
address = "10.100.200.230";
prefixLength = 24;
}
];
}
];
specialArgs = {
hostname = "htran-dev";
_networking = {
firewall.enable = true;
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
specialArgs = {
hostname = "htran-dev";
_networking = {
firewall.enable = true;
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
};
nixosConfigurations.bao = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs.hostname = "bao";
modules = base_modules ++ [
};
nixosConfigurations.bao = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs.hostname = "bao";
modules =
base_modules
++ [
./configuration.nix
./../../modules/storage.perso.sys.nix
./../../modules/kde.sys.nix
@ -248,59 +272,63 @@
./../../modules/pulseaudio.sys.nix
./../../modules/opengl.sys.nix
./../../modules/nvgpu.sys.nix
({ config, pkgs, lib, ... }:
{
mod.tailscale.enable = true;
# Use UEFI
boot.loader.systemd-boot.enable = true;
({
config,
pkgs,
lib,
...
}: {
mod.tailscale.enable = true;
# Use UEFI
boot.loader.systemd-boot.enable = true;
networking.hostName = "bao"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
networking.hostName = "bao"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
time.timeZone = "America/Phoenix";
# Configure keymap in X11
services.xserver.layout = "us";
# services.xserver.xkbOptions = {
# "eurosign:e";
# "caps:escape" # map caps to escape.
# };
time.timeZone = "America/Phoenix";
# Configure keymap in X11
services.xserver.layout = "us";
# services.xserver.xkbOptions = {
# "eurosign:e";
# "caps:escape" # map caps to escape.
# };
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Just an initial user to get this started lol
users.users.user = {
initialPassword = "pw123";
extraGroups = [ "wheel" "networkmanager" "audio" ];
isNormalUser = true;
};
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Just an initial user to get this started lol
users.users.user = {
initialPassword = "pw123";
extraGroups = ["wheel" "networkmanager" "audio"];
isNormalUser = true;
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
})
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
})
];
};
};
};
}

37
nix-conf/system/hardware-configuration.nix
View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,17 +23,15 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

11
nix-conf/system/nixos-wsl/default.nix
View File

@ -3,11 +3,12 @@
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
in
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
)
{
src = ./.;
}).defaultNix
})
.defaultNix

43
nix-conf/system/nixos-wsl/flake.nix
View File

@ -11,9 +11,13 @@
};
};
outputs = { self, nixpkgs, flake-utils, ... }:
outputs = {
self,
nixpkgs,
flake-utils,
...
}:
{
nixosModules.wsl = {
imports = [
./modules/build-tarball.nix
@ -31,26 +35,25 @@
./configuration.nix
];
};
} //
flake-utils.lib.eachSystem
(with flake-utils.lib.system; [ "x86_64-linux" "aarch64-linux" ])
(system:
let
pkgs = import nixpkgs { inherit system; };
in
{
checks.check-format = pkgs.runCommand "check-format"
{
buildInputs = with pkgs; [ nixpkgs-fmt ];
} ''
}
// flake-utils.lib.eachSystem
(with flake-utils.lib.system; ["x86_64-linux" "aarch64-linux"])
(
system: let
pkgs = import nixpkgs {inherit system;};
in {
checks.check-format =
pkgs.runCommand "check-format"
{
buildInputs = with pkgs; [nixpkgs-fmt];
} ''
nixpkgs-fmt --check ${./.}
mkdir $out # success
'';
devShell = pkgs.mkShell {
nativeBuildInputs = with pkgs; [ nixpkgs-fmt ];
};
}
);
devShell = pkgs.mkShell {
nativeBuildInputs = with pkgs; [nixpkgs-fmt];
};
}
);
}

31
nix-conf/system/nixos-wsl/modules/build-tarball.nix
View File

@ -1,12 +1,22 @@
{ config, pkgs, lib, ... }:
with builtins; with lib;
let
pkgs2storeContents = l: map (x: { object = x; symlink = "none"; }) l;
{
config,
pkgs,
lib,
...
}:
with builtins; with lib; let
pkgs2storeContents = l:
map (x: {
object = x;
symlink = "none";
})
l;
nixpkgs = lib.cleanSource pkgs.path;
channelSources = pkgs.runCommand "nixos-${config.system.nixos.version}"
{ preferLocalBuild = true; }
channelSources =
pkgs.runCommand "nixos-${config.system.nixos.version}"
{preferLocalBuild = true;}
''
mkdir -p $out
cp -prd ${nixpkgs.outPath} $out/nixos
@ -58,10 +68,7 @@ let
sed -i 's|import \./default\.nix|import \./nixos-wsl|' ./etc/nixos/configuration.nix
''}
'';
in
{
in {
options.wsl.tarball = {
includeConfig = mkOption {
type = types.bool;
@ -70,13 +77,12 @@ in
};
};
config = mkIf config.wsl.enable {
# These options make no sense without the wsl-distro module anyway
system.build.tarball = pkgs.callPackage "${nixpkgs}/nixos/lib/make-system-tarball.nix" {
# No contents, structure will be added by prepare script
contents = [ ];
contents = [];
fileName = "nixos-wsl-${pkgs.hostPlatform.system}";
@ -92,6 +98,5 @@ in
compressCommand = "gzip";
compressionExtension = ".gz";
};
};
}

25
nix-conf/system/nixos-wsl/modules/docker-desktop.nix
View File

@ -1,20 +1,23 @@
{ config, lib, pkgs, ... }:
with builtins; with lib; {
{
config,
lib,
pkgs,
...
}:
with builtins;
with lib; {
imports = [
(mkRenamedOptionModule [ "wsl" "docker" ] [ "wsl" "docker-desktop" ])
(mkRenamedOptionModule ["wsl" "docker"] ["wsl" "docker-desktop"])
];
options.wsl.docker-desktop = with types; {
enable = mkEnableOption "Docker Desktop integration";
};
config =
let
cfg = config.wsl.docker-desktop;
in
config = let
cfg = config.wsl.docker-desktop;
in
mkIf (config.wsl.enable && cfg.enable) {
environment.systemPackages = with pkgs; [
docker
docker-compose
@ -25,7 +28,7 @@ with builtins; with lib; {
script = ''
${config.wsl.automountPath}/wsl/docker-desktop/docker-desktop-user-distro proxy --docker-desktop-root ${config.wsl.automountPath}/wsl/docker-desktop
'';
wantedBy = [ "multi-user.target" ];
wantedBy = ["multi-user.target"];
serviceConfig = {
Restart = "on-failure";
RestartSec = "30s";
@ -35,7 +38,5 @@ with builtins; with lib; {
users.groups.docker.members = [
config.wsl.defaultUser
];
};
}

20
nix-conf/system/nixos-wsl/modules/docker-native.nix
View File

@ -1,6 +1,11 @@
{ config, lib, pkgs, ... }:
with builtins; with lib; {
{
config,
lib,
pkgs,
...
}:
with builtins;
with lib; {
options.wsl.docker-native = with types; {
enable = mkEnableOption "Native Docker integration in NixOS.";
@ -15,14 +20,13 @@ with builtins; with lib; {
};
};
config =
let
cfg = config.wsl.docker-native;
in
config = let
cfg = config.wsl.docker-native;
in
mkIf (config.wsl.enable && cfg.enable) {
nixpkgs.overlays = [
(self: super: {
docker = super.docker.override { iptables = pkgs.iptables-legacy; };
docker = super.docker.override {iptables = pkgs.iptables-legacy;};
})
];

54
nix-conf/system/nixos-wsl/modules/installer.nix
View File

@ -1,11 +1,19 @@
{ config, lib, pkgs, ... }:
with builtins; with lib; {
{
config,
lib,
pkgs,
...
}:
with builtins;
with lib; {
config = mkIf config.wsl.enable (
let
mkTarball = pkgs.callPackage "${lib.cleanSource pkgs.path}/nixos/lib/make-system-tarball.nix";
pkgs2storeContents = map (x: { object = x; symlink = "none"; });
pkgs2storeContents = map (x: {
object = x;
symlink = "none";
});
rootfs = let tarball = config.system.build.tarball; in "${tarball}/tarball/${tarball.fileName}.tar${tarball.extension}";
@ -39,25 +47,39 @@ with builtins; with lib; {
passwd = pkgs.writeText "passwd" ''
root:x:0:0:System administrator:/root:${installer}
'';
in
{
in {
system.build.installer = mkTarball {
fileName = "nixos-wsl-installer";
compressCommand = "gzip";
compressionExtension = ".gz";
extraArgs = "--hard-dereference";
storeContents = with pkgs; pkgs2storeContents [
installer
];
storeContents = with pkgs;
pkgs2storeContents [
installer
];
contents = [
{ source = config.environment.etc."wsl.conf".source; target = "/etc/wsl.conf"; }
{ source = config.environment.etc."fstab".source; target = "/etc/fstab"; }
{ source = passwd; target = "/etc/passwd"; }
{ source = "${pkgs.busybox}/bin/busybox"; target = "/bin/sh"; }
{ source = "${pkgs.busybox}/bin/busybox"; target = "/bin/mount"; }
{
source = config.environment.etc."wsl.conf".source;
target = "/etc/wsl.conf";
}
{
source = config.environment.etc."fstab".source;
target = "/etc/fstab";
}
{
source = passwd;
target = "/etc/passwd";
}
{
source = "${pkgs.busybox}/bin/busybox";
target = "/bin/sh";
}
{
source = "${pkgs.busybox}/bin/busybox";
target = "/bin/mount";
}
];
extraCommands = pkgs.writeShellScript "prepare" ''
@ -66,8 +88,6 @@ with builtins; with lib; {
ln -s /init bin/wslpath
'';
};
}
);
}

92
nix-conf/system/nixos-wsl/modules/interop.nix
View File

@ -1,9 +1,12 @@
{ lib, pkgs, config, ... }:
with builtins; with lib;
{
lib,
pkgs,
config,
...
}:
with builtins; with lib; {
imports = [
(mkRenamedOptionModule [ "wsl" "compatibility" "interopPreserveArgvZero" ] [ "wsl" "interop" "preserveArgvZero" ])
(mkRenamedOptionModule ["wsl" "compatibility" "interopPreserveArgvZero"] ["wsl" "interop" "preserveArgvZero"])
];
options.wsl.interop = with types; {
@ -32,57 +35,56 @@ with builtins; with lib;
};
};
config =
let
cfg = config.wsl.interop;
in
config = let
cfg = config.wsl.interop;
in
mkIf config.wsl.enable {
boot.binfmt.registrations = mkIf cfg.register {
WSLInterop =
let
compat = cfg.preserveArgvZero;
WSLInterop = let
compat = cfg.preserveArgvZero;
# WSL Preview 0.58 and up registers the /init binfmt interp for Windows executable
# with the "preserve argv[0]" flag, so if you run `./foo.exe`, the interp gets invoked
# as `/init foo.exe ./foo.exe`.
# argv[0] --^ ^-- actual path
#
# Older versions expect to be called without the argv[0] bit, simply as `/init ./foo.exe`.
#
# We detect that by running `/init /known-not-existing-path.exe` and checking the exit code:
# the new style interp expects at least two arguments, so exits with exit code 1,
# presumably meaning "parsing error"; the old style interp attempts to actually run
# the executable, fails to find it, and exits with 255.
compatWrapper = pkgs.writeShellScript "nixos-wsl-binfmt-hack" ''
/init /nixos-wsl-does-not-exist.exe
[ $? -eq 255 ] && shift
exec /init "$@"
'';
# WSL Preview 0.58 and up registers the /init binfmt interp for Windows executable
# with the "preserve argv[0]" flag, so if you run `./foo.exe`, the interp gets invoked
# as `/init foo.exe ./foo.exe`.
# argv[0] --^ ^-- actual path
#
# Older versions expect to be called without the argv[0] bit, simply as `/init ./foo.exe`.
#
# We detect that by running `/init /known-not-existing-path.exe` and checking the exit code:
# the new style interp expects at least two arguments, so exits with exit code 1,
# presumably meaning "parsing error"; the old style interp attempts to actually run
# the executable, fails to find it, and exits with 255.
compatWrapper = pkgs.writeShellScript "nixos-wsl-binfmt-hack" ''
/init /nixos-wsl-does-not-exist.exe
[ $? -eq 255 ] && shift
exec /init "$@"
'';
# use the autodetect hack if unset, otherwise call /init directly
interpreter = if compat == null then compatWrapper else "/init";
# use the autodetect hack if unset, otherwise call /init directly
interpreter =
if compat == null
then compatWrapper
else "/init";
# enable for the wrapper and autodetect hack
preserveArgvZero = if compat == false then false else true;
in
{
magicOrExtension = "MZ";
fixBinary = true;
wrapInterpreterInShell = false;
inherit interpreter preserveArgvZero;
};
# enable for the wrapper and autodetect hack
preserveArgvZero =
if compat == false
then false
else true;
in {
magicOrExtension = "MZ";
fixBinary = true;
wrapInterpreterInShell = false;
inherit interpreter preserveArgvZero;
};
};
# Include Windows %PATH% in Linux $PATH.
environment.extraInit = mkIf cfg.includePath ''PATH="$PATH:$WSLPATH"'';
warnings =
let
registrations = config.boot.binfmt.registrations;
in
warnings = let
registrations = config.boot.binfmt.registrations;
in
optional (!(registrations ? WSLInterop) && (length (attrNames config.boot.binfmt.registrations)) != 0) "Having any binfmt registrations without re-registering WSLInterop (wsl.interop.register) will break running .exe files from WSL2";
};
}

88
nix-conf/system/nixos-wsl/modules/wsl-distro.nix
View File

@ -1,42 +1,45 @@
{ lib, pkgs, config, ... }:
with builtins; with lib;
{
options.wsl = with types;
let
coercedToStr = coercedTo (oneOf [ bool path int ]) (toString) str;
in
{
enable = mkEnableOption "support for running NixOS as a WSL distribution";
automountPath = mkOption {
type = str;
default = "/mnt";
description = "The path where windows drives are mounted (e.g. /mnt/c)";
};
automountOptions = mkOption {
type = str;
default = "metadata,uid=1000,gid=100";
description = "Options to use when mounting windows drives";
};
defaultUser = mkOption {
type = str;
default = "nixos";
description = "The name of the default user";
};
startMenuLaunchers = mkEnableOption "shortcuts for GUI applications in the windows start menu";
wslConf = mkOption {
type = attrsOf (attrsOf (oneOf [ string int bool ]));
description = "Entries that are added to /etc/wsl.conf";
};
lib,
pkgs,
config,
...
}:
with builtins; with lib; {
options.wsl = with types; let
coercedToStr = coercedTo (oneOf [bool path int]) toString str;
in {
enable = mkEnableOption "support for running NixOS as a WSL distribution";
automountPath = mkOption {
type = str;
default = "/mnt";
description = "The path where windows drives are mounted (e.g. /mnt/c)";
};
automountOptions = mkOption {
type = str;
default = "metadata,uid=1000,gid=100";
description = "Options to use when mounting windows drives";
};
defaultUser = mkOption {
type = str;
default = "nixos";
description = "The name of the default user";
};
startMenuLaunchers = mkEnableOption "shortcuts for GUI applications in the windows start menu";
wslConf = mkOption {
type = attrsOf (attrsOf (oneOf [string int bool]));
description = "Entries that are added to /etc/wsl.conf";
};
};
config =
let
cfg = config.wsl;
syschdemd = import ../syschdemd.nix { inherit lib pkgs config; inherit (cfg) automountPath defaultUser; defaultUserHome = config.users.users.${cfg.defaultUser}.home; };
in
config = let
cfg = config.wsl;
syschdemd = import ../syschdemd.nix {
inherit lib pkgs config;
inherit (cfg) automountPath defaultUser;
defaultUserHome = config.users.users.${cfg.defaultUser}.home;
};
in
mkIf cfg.enable {
wsl.wslConf = {
automount = {
enabled = true;
@ -57,9 +60,8 @@ with builtins; with lib;
hardware.opengl.enable = true; # Enable GPU acceleration
environment = {
etc = {
"wsl.conf".text = generators.toINI { } cfg.wslConf;
"wsl.conf".text = generators.toINI {} cfg.wslConf;
# DNS settings are managed by WSL
hosts.enable = !config.wsl.wslConf.network.generateHosts;
@ -67,7 +69,7 @@ with builtins; with lib;
};
systemPackages = [
(pkgs.runCommand "wslpath" { } ''
(pkgs.runCommand "wslpath" {} ''
mkdir -p $out/bin
ln -s /init $out/bin/wslpath
'')
@ -79,13 +81,13 @@ with builtins; with lib;
users.users.${cfg.defaultUser} = {
isNormalUser = true;
uid = 1000;
extraGroups = [ "wheel" ]; # Allow the default user to use sudo
extraGroups = ["wheel"]; # Allow the default user to use sudo
};
users.users.root = {
shell = "${syschdemd}/bin/syschdemd";
# Otherwise WSL fails to login as root with "initgroups failed 5"
extraGroups = [ "root" ];
extraGroups = ["root"];
};
security.sudo = {
@ -97,7 +99,7 @@ with builtins; with lib;
system.activationScripts = {
copy-launchers = mkIf cfg.startMenuLaunchers (
stringAfter [ ] ''
stringAfter [] ''
for x in applications icons; do
echo "Copying /usr/share/$x"
mkdir -p /usr/share/$x
@ -105,7 +107,7 @@ with builtins; with lib;
done
''
);
populateBin = stringAfter [ ] ''
populateBin = stringAfter [] ''
echo "setting up /bin..."
ln -sf /init /bin/wslpath
ln -sf ${pkgs.bashInteractive}/bin/bash /bin/sh
@ -134,6 +136,6 @@ with builtins; with lib;
enableEmergencyMode = false;
};
warnings = (optional (config.systemd.services.systemd-resolved.enable && config.wsl.wslConf.network.generateResolvConf) "systemd-resolved is enabled, but resolv.conf is managed by WSL");
warnings = optional (config.systemd.services.systemd-resolved.enable && config.wsl.wslConf.network.generateResolvConf) "systemd-resolved is enabled, but resolv.conf is managed by WSL";
};
}

18
nix-conf/system/nixos-wsl/syschdemd.nix
View File

@ -1,19 +1,19 @@
{ lib
, pkgs
, config
, automountPath
, defaultUser
, defaultUserHome ? "/home/${defaultUser}"
, ...
{
lib,
pkgs,
config,
automountPath,
defaultUser,
defaultUserHome ? "/home/${defaultUser}",
...
}:
pkgs.substituteAll {
name = "syschdemd";
src = ./syschdemd.sh;
dir = "bin";
isExecutable = true;
buildInputs = with pkgs; [ daemonize ];
buildInputs = with pkgs; [daemonize];
inherit defaultUser defaultUserHome;
inherit (pkgs) daemonize;

47
nix-conf/system/profiles/Felia/hardware-configuration.nix
View File

@ -1,15 +1,19 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [];
boot.initrd.availableKernelModules = [ ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = [];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
## NOTE: These filesystems are mounted by a wrapper script from nix-wsl
@ -43,25 +47,22 @@
# fsType = "drvfs";
# };
fileSystems."/mnt/c" =
{
device = "C:";
fsType = "drvfs";
};
fileSystems."/mnt/c" = {
device = "C:";
fsType = "drvfs";
};
fileSystems."/mnt/d" =
{
device = "D:";
fsType = "drvfs";
};
fileSystems."/mnt/d" = {
device = "D:";
fsType = "drvfs";
};
fileSystems."/mnt/f" =
{
device = "F:";
fsType = "drvfs";
};
fileSystems."/mnt/f" = {
device = "F:";
fsType = "drvfs";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

25
nix-conf/system/profiles/bao/hardware-configuration.nix
View File

@ -1,19 +1,22 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
# boot.initrd.kernelModules = [ "amdgpu" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" "coretemp" ];
boot.extraModulePackages = [ ];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd" "coretemp"];
boot.extraModulePackages = [];
fileSystems."/" =
# Might be wise to use /dev/nvme0p1 instead
@ -29,7 +32,7 @@
fsType = "vfat";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

37
nix-conf/system/profiles/homeless/hardware-configuration.nix
View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,17 +23,15 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

37
nix-conf/system/profiles/lester/hardware-configuration.nix
View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,17 +23,15 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

28
nix-conf/system/profiles/lizzi/hardware-configuration.nix
View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,8 +23,8 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems = {
"/" = {
@ -35,8 +38,7 @@
};
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

37
nix-conf/system/profiles/nyx/hardware-configuration.nix
View File

@ -1,20 +1,23 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -23,14 +26,12 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
fileSystems."/" =
{
device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

11
nix-conf/system/wsl-configuration.nix
View File

@ -1,10 +1,7 @@
{ lib, ... }:
with lib;
let
{lib, ...}:
with lib; let
nixos-wsl = import ./nixos-wsl;
in
{
in {
imports = [
./configuration.nix
nixos-wsl.nixosModules.wsl
@ -21,9 +18,7 @@ in
# Enable integration with Docker Desktop (needs to be installed)
docker-desktop.enable = true;
};
# users.users.<defaultUser>.uid = 1000;
# networking.hostName = "nixos";
}

6
nix/cells/dotfiles/devshells.nix
View File

@ -1,6 +1,8 @@
{inputs, cell}: let
{
inputs,
cell,
}: let
inherit (inputs) std nixpkgs;
in {
default = std.lib.dev.mkShell {
name = "default";

6
nix/cells/home-configs/default.nix Normal file
View File

@ -0,0 +1,6 @@
{
inputs,
cell,
}: let
in {
}

5
nix/cells/packages/default.nix Normal file
View File

@ -0,0 +1,5 @@
{
inputs,
cell,
}: {
}

12
nix/cells/repo/home-modules/default.nix
View File

@ -102,7 +102,7 @@ in {
};
font.size = lib.mkOption {
type = lib.types.nullOr lib.types.number;
default = null;
default = 11.0;
description = ''
The default font size for Alacritty. This is probably measured in px.
'';
@ -116,7 +116,7 @@ in {
'';
example = true;
};
config-file = lib.mkOption {
config-path = lib.mkOption {
type = lib.types.path;
description = "Path to alacritty yaml";
default = null;
@ -126,12 +126,10 @@ in {
config.programs.alacritty = {
enable = cfg.enable;
settings = let ;
actualConfig = if cfg.config-file != null then fromYAML (builtins.readFile cfg.config-file) else {};
actualConfig = if cfg.config-path != null then fromYAML (builtins.readFile cfg.config-path) else {};
in lib.recursiveUpdate actualConfig {
font.normal.family = opt-toNullable(opt-leftmostSome (builtins.map opt-fromNullable [
cfg.font.family actualConfig.font.family actualConfig.font.normal.family
]));
font.size = cfg.font.size or actualConfig.font.size or 7.0;
font.normal.family = lib.mkIf (font.family != null) font.family;
font.size = lib.mkIf (font.size != null) font.size;
};
};
};

21
nix/cells/repo/home-modules/nixgl.nix
View File

@ -1,11 +1,18 @@
{inputs, cell, namespace}: { pkgs, config, lib, ... }:
let
{
inputs,
cell,
namespace,
}: {
pkgs,
config,
lib,
...
}: let
cfg = config."${namespace}".graphics;
cfgEnable = cfg.enable or (cfg.useNixGL.defaultPackage != null);
types = lib.types;
in
{
imports = [ ./shells.nix ];
in {
imports = [./shells.nix];
options."${namespace}".nixgl = {
enable = lib.mkEnableOption "nixgl";
useNixGL = {
@ -17,7 +24,7 @@ in
];
};
defaultPackage = lib.mkOption {
type = types.nullOr (types.enum [ "nixGLIntel" "nixGLNvidia" "nixGLNvidiaBumblebee" ]);
type = types.nullOr (types.enum ["nixGLIntel" "nixGLNvidia" "nixGLNvidiaBumblebee"]);
description = "Which nixGL package to be aliased as `nixGL` on the shell";
default = null;
example = "nixGLIntel";
@ -35,6 +42,6 @@ in
nixGL = cfg.useNixGL.defaultPackage;
};
};
home.packages = [ cfg.useNixGL.package ];
home.packages = [cfg.useNixGL.package];
};
}

100
nix/cells/repo/home-profiles/default.nix
View File

@ -1,15 +1,27 @@
_imports@{inputs, cell}: let
# This creates a layer that is specific to some profiles, but may require
# some variants in environment like username/email, work-oriented or personal
# and many more
_imports @ {
inputs,
cell,
}: let
# TODO: I don't think abstracting namespace away is a good idea in this case
namespace = "repo";
imports = _imports // {inherit namespace;};
in {
neovim = import ./neovim.nix imports;
nerd_font_module = {config, pkgs, ...}: {
nerd_font_module = {
config,
pkgs,
...
}: {
imports = [
import inputs.cells."${namespace}"
import
inputs.cells."${namespace}"
];
fonts.fontconfig.enable = true;
home.packages = [
(pkgs.nerdfonts.override { fonts = [ "Hack" ]; })
(pkgs.nerdfonts.override {fonts = ["Hack"];})
];
"${namespace}".alacritty.font.family = "Hack Nerd Font Mono";
};
@ -32,7 +44,13 @@ in {
};
};
ssh = {config, lib, ...}: let cfg = config."${namespace}".ssh; in {
ssh = {
config,
lib,
...
}: let
cfg = config."${namespace}".ssh;
in {
options."${namespace}".ssh.enable = lib.mkOption {
type = lib.types.bool;
default = true;
@ -48,13 +66,79 @@ in {
};
};
alacritty = {config, lib,...}: let cfg = config."${namespace}".alacritty; in {
alacritty = {
config,
lib,
...
}: let
cfg = config."${namespace}".alacritty;
in {
imports = [
import "${inputs.cells.repo.home-modules.alacritty}"
import
"${inputs.cells.repo.home-modules.alacritty}"
];
configs."${namespace}".alacritty = {
enable = true;
config-file = "${inputs.self}//native-configs/alacritty/alacritty.yml";
config-path = "${inputs.self}//native-configs/alacritty/alacritty.yml";
font.size = 11.0;
font.family = "Hack Nerd Font Mono";
};
};
shells = import ./shells.nix imports;
git = {
config,
pkgs,
lib,
...
}: let
baseAliases = {
a = "add";
c = "commit";
ca = "commit --amend";
cm = "commit -m";
lol = "log --graph --decorate --pretty=oneline --abbrev-commit";
lola = "log --graph --decorate --pretty=oneline --abbrev-commit --all";
sts = "status";
co = "checkout";
b = "branch";
};
in {
options."${namespace}".git = {
aliases = lib.mkOption {
type = lib.types.attrs;
default = {};
example = baseAliases;
description = ''
Additional git aliases. This config is merged on top of base aliases.
'';
};
name = lib.mkOption {
type = lib.types.str;
default = "Pegasust";
description = "Git username that appears on commits";
example = "Pegasust";
};
email = lib.mkOption {
type = lib.types.str;
default = "pegasucksgg@gmail.com";
example = "peagsucksgg@gmail.com";
description = "Git email that appears on commits";
};
ignores = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [
".vscode" # vscode settings
".direnv" # .envrc cached outputs
".DS_Store" # MacOS users, amrite
];
description = ''
.gitignore patterns that are applied in every repository.
This is useful for IDE-specific or environment-specific settings.
'';
example = [".direnv" "node_modules"];
};
};
};
}

206
nix/cells/repo/home-profiles/neovim.nix
View File

@ -2,62 +2,72 @@
#
# One thing to consider, though, /nix/store of `nix-shell` or `nix-develop`
# might be different from `home-manager`'s (~/.nix_profile/bin/jq)
{inputs, cell, namespace}: { pkgs, lib, config, ... }:
let
{
inputs,
cell,
namespace,
}: {
pkgs,
lib,
config,
...
}: let
# NOTE: Add packages to nvim_pkgs instead, so that it's available at userspace
# and is added to the path after wrapping.
# check: nix repl `homeConfigurations.hungtr.config.programs.neovim.finalPackage.buildCommand`
# see: :/--suffix.*PATH
# there should be mentions of additional packages
my_neovim = pkgs.neovim-unwrapped;
rust_pkgs = (pkgs.rust-bin.selectLatestNightlyWith
rust_pkgs =
pkgs.rust-bin.selectLatestNightlyWith
(
toolchain:
toolchain.default.override {
extensions = [ "rust-src" "rust-analyzer" "rust-docs" "rustfmt" "clippy" "miri" ];
}
));
nvim_pkgs = [
# pkgs.gccStdenv
pkgs.tree-sitter
pkgs.fzf # file name fuzzy search
pkgs.ripgrep # content fuzzy search
pkgs.zk # Zettelkasten (limited support)
pkgs.fd # Required by a Telescope plugin (?)
pkgs.stdenv.cc.cc.lib
pkgs.rnix-lsp # doesn't work, Mason just installs it using cargo
pkgs.rust4cargo
pkgs.nickel
pkgs.nls
pkgs.go # doesn't work, Mason installs from runtime path
# Language-specific stuffs
pkgs.sumneko-lua-language-server
# pkgs.python3Packages.python-lsp-server
pkgs.nodePackages.pyright
pkgs.python3Packages.pylint
pkgs.python3Packages.flake8
# FIXME: installing ansible from here just doesn't work :/
# pkgs.ansible-lint
# pkgs.python38Packages.ansible
# pkgs.ansible-language-server
# TODO: the devShell should provide rust-analyzer so that
# cargo test builds binaries compatible with rust-analyzer
# pkgs.rust-analyzer
# rust_pkgs
# pkgs.evcxr # Rust REPL for Conjure!
] ++ lib.optionals (pkgs.stdenv.isDarwin) (
let
inherit (pkgs.darwin.apple_sdk.frameworks) System CoreFoundation; in
toolchain.default.override {
extensions = ["rust-src" "rust-analyzer" "rust-docs" "rustfmt" "clippy" "miri"];
}
);
nvim_pkgs =
[
System
CoreFoundation
# pkgs.gccStdenv
pkgs.tree-sitter
pkgs.fzf # file name fuzzy search
pkgs.ripgrep # content fuzzy search
pkgs.zk # Zettelkasten (limited support)
pkgs.fd # Required by a Telescope plugin (?)
pkgs.stdenv.cc.cc.lib
pkgs.rnix-lsp # doesn't work, Mason just installs it using cargo
pkgs.rust4cargo
pkgs.nickel
pkgs.nls
pkgs.go # doesn't work, Mason installs from runtime path
# Language-specific stuffs
pkgs.sumneko-lua-language-server
# pkgs.python3Packages.python-lsp-server
pkgs.nodePackages.pyright
pkgs.python3Packages.pylint
pkgs.python3Packages.flake8
# FIXME: installing ansible from here just doesn't work :/
# pkgs.ansible-lint
# pkgs.python38Packages.ansible
# pkgs.ansible-language-server
# TODO: the devShell should provide rust-analyzer so that
# cargo test builds binaries compatible with rust-analyzer
# pkgs.rust-analyzer
# rust_pkgs
# pkgs.evcxr # Rust REPL for Conjure!
]
);
in
{
++ lib.optionals (pkgs.stdenv.isDarwin) (
let
inherit (pkgs.darwin.apple_sdk.frameworks) System CoreFoundation;
in [
System
CoreFoundation
]
);
in {
options.base.neovim = {
enable = lib.mkOption {
default = true;
@ -77,60 +87,54 @@ in
withNodeJs = true;
# NOTE: this adds path to the wrapped version of neovim
extraPackages = nvim_pkgs;
extraLuaConfig = (builtins.readFile "${inputs.self}/native_configs/neovim/init.lua");
plugins = (let inherit (pkgs.vimPlugins)
plenary-nvim
nvim-treesitter
nvim-treesitter-textobjects
nvim-treesitter-context
telescope-fzf-native-nvim
telescope-file-browser-nvim
telescope-nvim
nvim-lspconfig
gruvbox-community
neodev-nvim
cmp-nvim-lsp
cmp-path
cmp-buffer
cmp-cmdline
nvim-cmp
lspkind-nvim
nvim-autopairs
nvim-ts-autotag
guess-indent-nvim
harpoon
zk-nvim
luasnip
fidget-nvim
rust-tools-nvim
cmp_luasnip
gitsigns-nvim
indent-blankline-nvim
lualine-nvim
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
; in [
extraLuaConfig = builtins.readFile "${inputs.self}/native_configs/neovim/init.lua";
plugins = let
inherit
(pkgs.vimPlugins)
plenary-nvim
nvim-treesitter
nvim-treesitter-textobjects
nvim-treesitter-context
telescope-fzf-native-nvim
telescope-file-browser-nvim
telescope-nvim
nvim-lspconfig
gruvbox-community
neodev-nvim
cmp-nvim-lsp
cmp-path
cmp-buffer
cmp-cmdline
nvim-cmp
lspkind-nvim
nvim-autopairs
nvim-ts-autotag
guess-indent-nvim
harpoon
zk-nvim
luasnip
fidget-nvim
rust-tools-nvim
cmp_luasnip
gitsigns-nvim
indent-blankline-nvim
lualine-nvim
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
;
in [
plenary-nvim
nvim-treesitter.withAllGrammars
nvim-treesitter-textobjects
@ -174,7 +178,7 @@ in
vim-dispatch-neovim
vim-fugitive
vim-jack-in
]);
];
};
# home.packages = nvim_pkgs;
};

53
nix/cells/repo/home-modules/shells.nix → nix/cells/repo/home-profiles/shells.nix
View File

@ -1,11 +1,15 @@
{inputs, cell, namespace}: { config
, lib
, pkgs
, ...
}:
let cfg = config."${namespace}".shells;
in
{
inputs,
cell,
namespace,
}: {
config,
lib,
pkgs,
...
}: let
cfg = config."${namespace}".shells;
in {
options."${namespace}".shells = {
enable = lib.mkOption {
type = lib.types.bool;
@ -26,7 +30,7 @@ in
shellAliases = lib.mkOption {
type = lib.types.attrs;
description = "Shell command aliases";
default = { };
default = {};
example = {
nixGL = "nixGLIntel";
};
@ -47,9 +51,8 @@ in
};
programs.tmux = {
enable = true;
# extraConfigBeforePlugin = builtins.readFile "${proj_root.config.path}/tmux/tmux.conf";
plugins = let inherit (pkgs.tmuxPlugins) cpu net-speed; in [ cpu net-speed ];
extraConfig = (builtins.readFile "${proj_root.config.path}/tmux/tmux.conf");
plugins = let inherit (pkgs.tmuxPlugins) cpu net-speed; in [cpu net-speed];
extraConfig = builtins.readFile "${innputs.self}/native_configs/tmux/tmux.conf";
};
xdg.configFile."tmux/tmux.conf".text = lib.mkOrder 600 ''
set -g status-right '#{cpu_bg_color} CPU: #{cpu_icon} #{cpu_percentage} | %a %h-%d %H:%M '
@ -64,14 +67,15 @@ in
enable = true;
enableZshIntegration = true;
settings = let
native = builtins.fromTOML (builtins.readFile "${proj_root.config.path}/starship/starship.toml");
patch-nix = pkgs.lib.recursiveUpdate native ({
native = builtins.fromTOML (builtins.readFile "${inputs.self}/native_configs/starship/starship.toml");
patch-nix = pkgs.lib.recursiveUpdate native {
c.commands = [
["nix" "run" "nixpkgs#clang" "--" "--version"]
["nix" "run" "nixpkgs#gcc" "--" "--version"]
];
});
in patch-nix;
};
in
patch-nix;
};
# Fuzzy finder. `fzf` for TUI, `fzf -f '<fuzzy query>'` for UNIX piping
programs.fzf.enable = true;
@ -84,10 +88,12 @@ in
enable = true;
enableCompletion = true;
enableAutosuggestions = true;
shellAliases = {
nix-rebuild = "sudo nixos-rebuild switch";
hm-switch = "home-manager switch --flake";
} // (cfg.shellAliases or { });
shellAliases =
{
nix-rebuild = "sudo nixos-rebuild switch";
hm-switch = "home-manager switch --flake";
}
// (cfg.shellAliases or {});
history = {
size = 10000;
path = "${config.xdg.dataHome}/zsh/history";
@ -112,10 +118,11 @@ in
ZVM_KEYTIMEOUT = 0.004; # 40ms, or subtly around 25 FPS. I'm a gamer :)
ZVM_ESCAPE_KEYTIMEOUT = 0.004; # 40ms, or subtly around 25 FPS. I'm a gamer :)
};
initExtra = (cfg.shellInitExtra or "") + ''
source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh
'';
initExtra =
(cfg.shellInitExtra or "")
+ ''
source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh
'';
};
};
}

1
nix/cells/repo/lib/default.nix
View File

@ -13,6 +13,7 @@
in {
fromYAML = yamlContent: bulitins.fromJSON (builtins.readFile (yamlToJsonDrv inputs.nixpkgs yamlContent "fromYaml.json"));
# NOTE: Deprecate
# ctor
opt-some = a: [a];
opt-none = [];

5
nix/cells/repo/userShells.nix
View File

@ -1,4 +1,7 @@
{inputs, cell}: {
{
inputs,
cell,
}: {
htran = inputs.cells.dotfiles.devshells.default;
hungtran = inputs.cells.dotfiles.devshells.default;
}

392
out-of-tree/flake-compat/default.nix
View File

@ -4,182 +4,264 @@
# calls the flake's 'outputs' function. It then returns an attrset
# containing 'defaultNix' (to be used in 'default.nix'), 'shellNix'
# (to be used in 'shell.nix').
{ src, system ? builtins.currentSystem or "unknown-system" }:
let
{
src,
system ? builtins.currentSystem or "unknown-system",
}: let
lockFilePath = src + "/flake.lock";
lockFile = builtins.fromJSON (builtins.readFile lockFilePath);
fetchTree =
info:
if info.type == "github" then
{ outPath =
fetchTarball
({ url = "https://api.${info.host or "github.com"}/repos/${info.owner}/${info.repo}/tarball/${info.rev}"; }
// (if info ? narHash then { sha256 = info.narHash; } else {})
);
rev = info.rev;
shortRev = builtins.substring 0 7 info.rev;
fetchTree = info:
if info.type == "github"
then {
outPath =
fetchTarball
(
{url = "https://api.${info.host or "github.com"}/repos/${info.owner}/${info.repo}/tarball/${info.rev}";}
// (
if info ? narHash
then {sha256 = info.narHash;}
else {}
)
);
rev = info.rev;
shortRev = builtins.substring 0 7 info.rev;
lastModified = info.lastModified;
lastModifiedDate = formatSecondsSinceEpoch info.lastModified;
narHash = info.narHash;
}
else if info.type == "git"
then
{
outPath =
builtins.fetchGit
(
{url = info.url;}
// (
if info ? rev
then {inherit (info) rev;}
else {}
)
// (
if info ? ref
then {inherit (info) ref;}
else {}
)
// (
if info ? submodules
then {inherit (info) submodules;}
else {}
)
);
lastModified = info.lastModified;
lastModifiedDate = formatSecondsSinceEpoch info.lastModified;
narHash = info.narHash;
}
else if info.type == "git" then
{ outPath =
builtins.fetchGit
({ url = info.url; }
// (if info ? rev then { inherit (info) rev; } else {})
// (if info ? ref then { inherit (info) ref; } else {})
// (if info ? submodules then { inherit (info) submodules; } else {})
);
lastModified = info.lastModified;
lastModifiedDate = formatSecondsSinceEpoch info.lastModified;
narHash = info.narHash;
} // (if info ? rev then {
rev = info.rev;
shortRev = builtins.substring 0 7 info.rev;
} else {
})
else if info.type == "path" then
{ outPath = builtins.path {
path = if builtins.substring 0 1 info.path != "/"
then src + ("/" + info.path) # make this absolute path by prepending ./
// (
if info ? rev
then {
rev = info.rev;
shortRev = builtins.substring 0 7 info.rev;
}
else {
}
)
else if info.type == "path"
then {
outPath = builtins.path {
path =
if builtins.substring 0 1 info.path != "/"
then src + ("/" + info.path) # make this absolute path by prepending ./
else info.path; # it's already an absolute path
};
narHash = info.narHash;
}
else if info.type == "tarball" then
{ outPath =
fetchTarball
({ inherit (info) url; }
// (if info ? narHash then { sha256 = info.narHash; } else {})
);
}
else if info.type == "gitlab" then
{ inherit (info) rev narHash lastModified;
outPath =
fetchTarball
({ url = "https://${info.host or "gitlab.com"}/api/v4/projects/${info.owner}%2F${info.repo}/repository/archive.tar.gz?sha=${info.rev}"; }
// (if info ? narHash then { sha256 = info.narHash; } else {})
);
shortRev = builtins.substring 0 7 info.rev;
}
narHash = info.narHash;
}
else if info.type == "tarball"
then {
outPath =
fetchTarball
(
{inherit (info) url;}
// (
if info ? narHash
then {sha256 = info.narHash;}
else {}
)
);
}
else if info.type == "gitlab"
then {
inherit (info) rev narHash lastModified;
outPath =
fetchTarball
(
{url = "https://${info.host or "gitlab.com"}/api/v4/projects/${info.owner}%2F${info.repo}/repository/archive.tar.gz?sha=${info.rev}";}
// (
if info ? narHash
then {sha256 = info.narHash;}
else {}
)
);
shortRev = builtins.substring 0 7 info.rev;
}
else
# FIXME: add Mercurial, tarball inputs.
throw "flake input has unsupported input type '${info.type}'";
callFlake4 = flakeSrc: locks:
let
flake = import (flakeSrc + "/flake.nix");
callFlake4 = flakeSrc: locks: let
flake = import (flakeSrc + "/flake.nix");
inputs = builtins.mapAttrs (n: v:
if v.flake or true
then callFlake4 (fetchTree (v.locked // v.info)) v.inputs
else fetchTree (v.locked // v.info)) locks;
inputs = builtins.mapAttrs (n: v:
if v.flake or true
then callFlake4 (fetchTree (v.locked // v.info)) v.inputs
else fetchTree (v.locked // v.info))
locks;
outputs = flakeSrc // (flake.outputs (inputs // {self = outputs;}));
in
assert flake.edition == 201909;
outputs;
outputs = flakeSrc // (flake.outputs (inputs // {self = outputs;}));
in
assert flake.edition == 201909; outputs;
callLocklessFlake = flakeSrc:
let
flake = import (flakeSrc + "/flake.nix");
outputs = flakeSrc // (flake.outputs ({ self = outputs; }));
in outputs;
callLocklessFlake = flakeSrc: let
flake = import (flakeSrc + "/flake.nix");
outputs = flakeSrc // (flake.outputs {self = outputs;});
in
outputs;
rootSrc = let
# Try to clean the source tree by using fetchGit, if this source
# tree is a valid git repository.
tryFetchGit = src:
if isGit && !isShallow
then
let res = builtins.fetchGit src;
in if res.rev == "0000000000000000000000000000000000000000" then removeAttrs res ["rev" "shortRev"] else res
else { outPath = src; };
then let
res = builtins.fetchGit src;
in
if res.rev == "0000000000000000000000000000000000000000"
then removeAttrs res ["rev" "shortRev"]
else res
else {outPath = src;};
# NB git worktrees have a file for .git, so we don't check the type of .git
isGit = builtins.pathExists (src + "/.git");
isShallow = builtins.pathExists (src + "/.git/shallow");
in
{ lastModified = 0; lastModifiedDate = formatSecondsSinceEpoch 0; }
// (if src ? outPath then src else tryFetchGit src);
{
lastModified = 0;
lastModifiedDate = formatSecondsSinceEpoch 0;
}
// (
if src ? outPath
then src
else tryFetchGit src
);
# Format number of seconds in the Unix epoch as %Y%m%d%H%M%S.
formatSecondsSinceEpoch = t:
let
rem = x: y: x - x / y * y;
days = t / 86400;
secondsInDay = rem t 86400;
hours = secondsInDay / 3600;
minutes = (rem secondsInDay 3600) / 60;
seconds = rem t 60;
formatSecondsSinceEpoch = t: let
rem = x: y: x - x / y * y;
days = t / 86400;
secondsInDay = rem t 86400;
hours = secondsInDay / 3600;
minutes = (rem secondsInDay 3600) / 60;
seconds = rem t 60;
# Courtesy of https://stackoverflow.com/a/32158604.
z = days + 719468;
era = (if z >= 0 then z else z - 146096) / 146097;
doe = z - era * 146097;
yoe = (doe - doe / 1460 + doe / 36524 - doe / 146096) / 365;
y = yoe + era * 400;
doy = doe - (365 * yoe + yoe / 4 - yoe / 100);
mp = (5 * doy + 2) / 153;
d = doy - (153 * mp + 2) / 5 + 1;
m = mp + (if mp < 10 then 3 else -9);
y' = y + (if m <= 2 then 1 else 0);
# Courtesy of https://stackoverflow.com/a/32158604.
z = days + 719468;
era =
(
if z >= 0
then z
else z - 146096
)
/ 146097;
doe = z - era * 146097;
yoe = (doe - doe / 1460 + doe / 36524 - doe / 146096) / 365;
y = yoe + era * 400;
doy = doe - (365 * yoe + yoe / 4 - yoe / 100);
mp = (5 * doy + 2) / 153;
d = doy - (153 * mp + 2) / 5 + 1;
m =
mp
+ (
if mp < 10
then 3
else -9
);
y' =
y
+ (
if m <= 2
then 1
else 0
);
pad = s: if builtins.stringLength s < 2 then "0" + s else s;
in "${toString y'}${pad (toString m)}${pad (toString d)}${pad (toString hours)}${pad (toString minutes)}${pad (toString seconds)}";
pad = s:
if builtins.stringLength s < 2
then "0" + s
else s;
in "${toString y'}${pad (toString m)}${pad (toString d)}${pad (toString hours)}${pad (toString minutes)}${pad (toString seconds)}";
allNodes =
builtins.mapAttrs
(key: node:
let
sourceInfo =
if key == lockFile.root
then rootSrc
else fetchTree (node.info or {} // removeAttrs node.locked ["dir"]);
(
key: node: let
sourceInfo =
if key == lockFile.root
then rootSrc
else fetchTree (node.info or {} // removeAttrs node.locked ["dir"]);
subdir = if key == lockFile.root then "" else node.locked.dir or "";
subdir =
if key == lockFile.root
then ""
else node.locked.dir or "";
flake = import (sourceInfo + (if subdir != "" then "/" else "") + subdir + "/flake.nix");
flake = import (sourceInfo
+ (
if subdir != ""
then "/"
else ""
)
+ subdir
+ "/flake.nix");
inputs = builtins.mapAttrs
(inputName: inputSpec: allNodes.${resolveInput inputSpec})
(node.inputs or {});
inputs =
builtins.mapAttrs
(inputName: inputSpec: allNodes.${resolveInput inputSpec})
(node.inputs or {});
# Resolve a input spec into a node name. An input spec is
# either a node name, or a 'follows' path from the root
# node.
resolveInput = inputSpec:
if builtins.isList inputSpec
then getInputByPath lockFile.root inputSpec
else inputSpec;
# Resolve a input spec into a node name. An input spec is
# either a node name, or a 'follows' path from the root
# node.
resolveInput = inputSpec:
if builtins.isList inputSpec
then getInputByPath lockFile.root inputSpec
else inputSpec;
# Follow an input path (e.g. ["dwarffs" "nixpkgs"]) from the
# root node, returning the final node.
getInputByPath = nodeName: path:
if path == []
then nodeName
else
getInputByPath
# Since this could be a 'follows' input, call resolveInput.
(resolveInput lockFile.nodes.${nodeName}.inputs.${builtins.head path})
(builtins.tail path);
outputs = flake.outputs (inputs // { self = result; });
result = outputs // sourceInfo // { inherit inputs; inherit outputs; inherit sourceInfo; };
in
if node.flake or true then
assert builtins.isFunction flake.outputs;
result
# Follow an input path (e.g. ["dwarffs" "nixpkgs"]) from the
# root node, returning the final node.
getInputByPath = nodeName: path:
if path == []
then nodeName
else
sourceInfo
)
lockFile.nodes;
getInputByPath
# Since this could be a 'follows' input, call resolveInput.
(resolveInput lockFile.nodes.${nodeName}.inputs.${builtins.head path})
(builtins.tail path);
outputs = flake.outputs (inputs // {self = result;});
result =
outputs
// sourceInfo
// {
inherit inputs;
inherit outputs;
inherit sourceInfo;
};
in
if node.flake or true
then assert builtins.isFunction flake.outputs; result
else sourceInfo
)
lockFile.nodes;
result =
if !(builtins.pathExists lockFilePath)
@ -189,16 +271,30 @@ let
else if lockFile.version >= 5 && lockFile.version <= 7
then allNodes.${lockFile.root}
else throw "lock file '${lockFilePath}' has unsupported version ${toString lockFile.version}";
in rec {
defaultNix =
(builtins.removeAttrs result ["__functor"])
// (
if result ? defaultPackage.${system}
then {default = result.defaultPackage.${system};}
else {}
)
// (
if result ? packages.${system}.default
then {default = result.packages.${system}.default;}
else {}
);
in
rec {
defaultNix =
(builtins.removeAttrs result ["__functor"])
// (if result ? defaultPackage.${system} then { default = result.defaultPackage.${system}; } else {})
// (if result ? packages.${system}.default then { default = result.packages.${system}.default; } else {});
shellNix =
defaultNix
// (if result ? devShell.${system} then { default = result.devShell.${system}; } else {})
// (if result ? devShells.${system}.default then { default = result.devShells.${system}.default; } else {});
}
shellNix =
defaultNix
// (
if result ? devShell.${system}
then {default = result.devShell.${system};}
else {}
)
// (
if result ? devShells.${system}.default
then {default = result.devShells.${system}.default;}
else {}
);
}

16
out-of-tree/nixGL/all.nix
View File

@ -1,25 +1,25 @@
let
pkgs = import ./nixpkgs.nix { config = { allowUnfree = true; }; };
pkgs = import ./nixpkgs.nix {config = {allowUnfree = true;};};
pure = pkgs.recurseIntoAttrs (pkgs.callPackage ./nixGL.nix {
nvidiaVersion = "440.82";
nvidiaHash = "edd415acf2f75a659e0f3b4f27c1fab770cf21614e84a18152d94f0d004a758e";
});
versionFile440 = (pkgs.callPackage ./nixGL.nix {
versionFile440 = pkgs.callPackage ./nixGL.nix {
nvidiaVersionFile = pkgs.writeText "nvidia-version-440.82" ''
NVRM version: NVIDIA UNIX x86_64 Kernel Module 440.82 Wed Apr 1 20:04:33 UTC 2020
GCC version: gcc version 9.3.0 (Arch Linux 9.3.0-1)
'';
});
};
versionFile510 = (pkgs.callPackage ./nixGL.nix {
versionFile510 = pkgs.callPackage ./nixGL.nix {
nvidiaVersionFile = pkgs.writeText "nvidia-version-510.54" ''
NVRM version: NVIDIA UNIX x86_64 Kernel Module 510.54 Wed Apr 1 20:04:33 UTC 2020
GCC version: gcc version 9.3.0 (Arch Linux 9.3.0-1)
'';
});
};
in
(with pure; [ nixGLIntel nixVulkanNvidia nixGLNvidia nixVulkanIntel ])
++ (with versionFile440.auto; [ nixGLNvidia nixGLDefault nixVulkanNvidia ])
++ (with versionFile510.auto; [ nixGLNvidia nixGLDefault nixVulkanNvidia ])
(with pure; [nixGLIntel nixVulkanNvidia nixGLNvidia nixVulkanIntel])
++ (with versionFile440.auto; [nixGLNvidia nixGLDefault nixVulkanNvidia])
++ (with versionFile510.auto; [nixGLNvidia nixGLDefault nixVulkanNvidia])

53
out-of-tree/nixGL/default.nix
View File

@ -1,36 +1,41 @@
{
## Nvidia informations.
# Version of the system kernel module. Let it to null to enable auto-detection.
nvidiaVersion ? null
, # Hash of the Nvidia driver .run file. null is fine, but fixing a value here
nvidiaVersion ? null,
# Hash of the Nvidia driver .run file. null is fine, but fixing a value here
# will be more reproducible and more efficient.
nvidiaHash ? null
, # Alternatively, you can pass a path that points to a nvidia version file
nvidiaHash ? null,
# Alternatively, you can pass a path that points to a nvidia version file
# and let nixGL extract the version from it. That file must be a copy of
# /proc/driver/nvidia/version. Nix doesn't like zero-sized files (see
# https://github.com/NixOS/nix/issues/3539 ).
nvidiaVersionFile ? null
, # Enable 32 bits driver
nvidiaVersionFile ? null,
# Enable 32 bits driver
# This is on by default, you can switch it to off if you want to reduce a
# bit the size of nixGL closure.
enable32bits ? true
, # Make sure to enable config.allowUnfree to the instance of nixpkgs to be
enable32bits ? true,
# Make sure to enable config.allowUnfree to the instance of nixpkgs to be
# able to access the nvidia drivers.
pkgs ? import <nixpkgs> {
config = { allowUnfree = true; };
}
, # Enable all Intel specific extensions which only works on x86_64
enableIntelX86Extensions ? true
pkgs ?
import <nixpkgs> {
config = {allowUnfree = true;};
},
# Enable all Intel specific extensions which only works on x86_64
enableIntelX86Extensions ? true,
}:
pkgs.callPackage ./nixGL.nix ({
inherit
nvidiaVersion
nvidiaVersionFile
nvidiaHash
enable32bits
;
} // (if enableIntelX86Extensions then { }
else {
intel-media-driver = null;
vaapiIntel = null;
}))
inherit
nvidiaVersion
nvidiaVersionFile
nvidiaHash
enable32bits
;
}
// (
if enableIntelX86Extensions
then {}
else {
intel-media-driver = null;
vaapiIntel = null;
}
))

75
out-of-tree/nixGL/flake.nix
View File

@ -4,45 +4,46 @@
inputs.flake-utils.url = "github:numtide/flake-utils";
inputs.nixpkgs.url = "github:nixos/nixpkgs";
outputs = { self, nixpkgs, flake-utils }:
(flake-utils.lib.eachDefaultSystem (system:
let
isIntelX86Platform = system == "x86_64-linux";
nix_pkgs = import nixpkgs { inherit system; };
pkgs = import ./default.nix {
pkgs = nix_pkgs;
outputs = {
self,
nixpkgs,
flake-utils,
}:
(flake-utils.lib.eachDefaultSystem (system: let
isIntelX86Platform = system == "x86_64-linux";
nix_pkgs = import nixpkgs {inherit system;};
pkgs = import ./default.nix {
pkgs = nix_pkgs;
enable32bits = isIntelX86Platform;
enableIntelX86Extensions = isIntelX86Platform;
};
in rec {
packages = {
# makes it easy to use "nix run nixGL --impure -- program"
default = pkgs.auto.nixGLDefault;
nixGLDefault = pkgs.auto.nixGLDefault;
nixGLNvidia = pkgs.auto.nixGLNvidia;
nixGLNvidiaBumblebee = pkgs.auto.nixGLNvidiaBumblebee;
nixGLIntel = pkgs.nixGLIntel;
nixVulkanNvidia = pkgs.auto.nixVulkanNvidia;
nixVulkanIntel = pkgs.nixVulkanIntel;
};
# deprecated attributes for retro compatibility
defaultPackage = packages;
}))
// rec {
# deprecated attributes for retro compatibility
overlay = overlays.default;
overlays.default = final: _: let
isIntelX86Platform = final.system == "x86_64-linux";
in {
nixgl = import ./default.nix {
pkgs = final;
enable32bits = isIntelX86Platform;
enableIntelX86Extensions = isIntelX86Platform;
};
in
rec {
packages = {
# makes it easy to use "nix run nixGL --impure -- program"
default = pkgs.auto.nixGLDefault;
nixGLDefault = pkgs.auto.nixGLDefault;
nixGLNvidia = pkgs.auto.nixGLNvidia;
nixGLNvidiaBumblebee = pkgs.auto.nixGLNvidiaBumblebee;
nixGLIntel = pkgs.nixGLIntel;
nixVulkanNvidia = pkgs.auto.nixVulkanNvidia;
nixVulkanIntel = pkgs.nixVulkanIntel;
};
# deprecated attributes for retro compatibility
defaultPackage = packages;
})) // rec {
# deprecated attributes for retro compatibility
overlay = overlays.default;
overlays.default = final: _:
let isIntelX86Platform = final.system == "x86_64-linux";
in {
nixgl = import ./default.nix {
pkgs = final;
enable32bits = isIntelX86Platform;
enableIntelX86Extensions = isIntelX86Platform;
};
};
};
};
}

441
out-of-tree/nixGL/nixGL.nix
View File

@ -1,45 +1,46 @@
{
# # Nvidia informations.
# Version of the system kernel module. Let it to null to enable auto-detection.
nvidiaVersion ? null
, # Hash of the Nvidia driver .run file. null is fine, but fixing a value here
nvidiaVersion ? null,
# Hash of the Nvidia driver .run file. null is fine, but fixing a value here
# will be more reproducible and more efficient.
nvidiaHash ? null
, # Alternatively, you can pass a path that points to a nvidia version file
nvidiaHash ? null,
# Alternatively, you can pass a path that points to a nvidia version file
# and let nixGL extract the version from it. That file must be a copy of
# /proc/driver/nvidia/version. Nix doesn't like zero-sized files (see
# https://github.com/NixOS/nix/issues/3539 ).
nvidiaVersionFile ? null
, # Enable 32 bits driver
nvidiaVersionFile ? null,
# Enable 32 bits driver
# This is one by default, you can switch it to off if you want to reduce a
# bit the size of nixGL closure.
enable32bits ? true
, writeTextFile
, shellcheck
, pcre
, runCommand
, linuxPackages
, fetchurl
, lib
, runtimeShell
, bumblebee
, libglvnd
, vulkan-validation-layers
, mesa
, libvdpau-va-gl
, intel-media-driver
, vaapiIntel
, pkgsi686Linux
, driversi686Linux
, zlib
, libdrm
, xorg
, wayland
, gcc
}:
let
writeExecutable = { name, text }:
enable32bits ? true,
writeTextFile,
shellcheck,
pcre,
runCommand,
linuxPackages,
fetchurl,
lib,
runtimeShell,
bumblebee,
libglvnd,
vulkan-validation-layers,
mesa,
libvdpau-va-gl,
intel-media-driver,
vaapiIntel,
pkgsi686Linux,
driversi686Linux,
zlib,
libdrm,
xorg,
wayland,
gcc,
}: let
writeExecutable = {
name,
text,
}:
writeTextFile {
inherit name text;
@ -59,230 +60,234 @@ let
fetch_db = builtins.fromJSON (builtins.readFile ./nvidia_versions.json);
top = rec {
/*
It contains the builder for different nvidia configuration, parametrized by
the version of the driver and sha256 sum of the driver installer file.
It contains the builder for different nvidia configuration, parametrized by
the version of the driver and sha256 sum of the driver installer file.
*/
nvidiaPackages = { version, sha256 ? fetch_db."${version}".sha256 }:
let
nvidiaDrivers = (linuxPackages.nvidia_x11.override { }).overrideAttrs
(oldAttrs: {
pname = "nvidia";
name = "nvidia-x11-${version}-nixGL";
inherit version;
src =
let
url =
"https://download.nvidia.com/XFree86/Linux-x86_64/${version}/NVIDIA-Linux-x86_64-${version}.run";
in
fetchurl { inherit url sha256; };
useGLVND = true;
});
nvidiaLibsOnly = nvidiaDrivers.override {
libsOnly = true;
kernel = null;
};
nixNvidiaWrapper = api:
writeExecutable {
name = "nix${api}Nvidia-${version}";
text = ''
#!${runtimeShell}
${lib.optionalString (api == "Vulkan")
"export VK_LAYER_PATH=${vulkan-validation-layers}/share/vulkan/explicit_layer.d"}
NVIDIA_JSON=(${nvidiaLibsOnly}/share/glvnd/egl_vendor.d/*nvidia.json)
${lib.optionalString enable32bits "NVIDIA_JSON32=(${nvidiaLibsOnly.lib32}/share/glvnd/egl_vendor.d/*nvidia.json)"}
${''export __EGL_VENDOR_LIBRARY_FILENAMES=''${NVIDIA_JSON[*]}${
lib.optionalString enable32bits
'':''${NVIDIA_JSON32[*]}''
}"''${__EGL_VENDOR_LIBRARY_FILENAMES:+:$__EGL_VENDOR_LIBRARY_FILENAMES}"''
}
${
lib.optionalString (api == "Vulkan")
''export VK_ICD_FILENAMES=${nvidiaLibsOnly}/share/vulkan/icd.d/nvidia_icd.json${
lib.optionalString enable32bits
":${nvidiaLibsOnly.lib32}/share/vulkan/icd.d/nvidia_icd.json"
}"''${VK_ICD_FILENAMES:+:$VK_ICD_FILENAMES}"''
}
export LD_LIBRARY_PATH=${
lib.makeLibraryPath ([ libglvnd nvidiaLibsOnly ]
++ lib.optional (api == "Vulkan") vulkan-validation-layers
++ lib.optionals enable32bits [
nvidiaLibsOnly.lib32
pkgsi686Linux.libglvnd
])
}"''${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
exec "$@"
'';
};
in
{
inherit nvidiaDrivers nvidiaLibsOnly;
nixGLNvidiaBumblebee = writeExecutable {
name = "nixGLNvidiaBumblebee-${version}";
nvidiaPackages = {
version,
sha256 ? fetch_db."${version}".sha256,
}: let
nvidiaDrivers =
(linuxPackages.nvidia_x11.override {}).overrideAttrs
(oldAttrs: {
pname = "nvidia";
name = "nvidia-x11-${version}-nixGL";
inherit version;
src = let
url = "https://download.nvidia.com/XFree86/Linux-x86_64/${version}/NVIDIA-Linux-x86_64-${version}.run";
in
fetchurl {inherit url sha256;};
useGLVND = true;
});
nvidiaLibsOnly = nvidiaDrivers.override {
libsOnly = true;
kernel = null;
};
nixNvidiaWrapper = api:
writeExecutable {
name = "nix${api}Nvidia-${version}";
text = ''
#!${runtimeShell}
export LD_LIBRARY_PATH=${
lib.makeLibraryPath [ nvidiaDrivers ]
}"''${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
${
bumblebee.override {
nvidia_x11 = nvidiaDrivers;
nvidia_x11_i686 = nvidiaDrivers.lib32;
}
}/bin/optirun --ldpath ${
lib.makeLibraryPath ([ libglvnd nvidiaDrivers ]
${lib.optionalString (api == "Vulkan")
"export VK_LAYER_PATH=${vulkan-validation-layers}/share/vulkan/explicit_layer.d"}
NVIDIA_JSON=(${nvidiaLibsOnly}/share/glvnd/egl_vendor.d/*nvidia.json)
${lib.optionalString enable32bits "NVIDIA_JSON32=(${nvidiaLibsOnly.lib32}/share/glvnd/egl_vendor.d/*nvidia.json)"}
${''export __EGL_VENDOR_LIBRARY_FILENAMES=''${NVIDIA_JSON[*]}${
lib.optionalString enable32bits
'':''${NVIDIA_JSON32[*]}''
}"''${__EGL_VENDOR_LIBRARY_FILENAMES:+:$__EGL_VENDOR_LIBRARY_FILENAMES}"''}
${
lib.optionalString (api == "Vulkan")
''export VK_ICD_FILENAMES=${nvidiaLibsOnly}/share/vulkan/icd.d/nvidia_icd.json${
lib.optionalString enable32bits
":${nvidiaLibsOnly.lib32}/share/vulkan/icd.d/nvidia_icd.json"
}"''${VK_ICD_FILENAMES:+:$VK_ICD_FILENAMES}"''
}
export LD_LIBRARY_PATH=${
lib.makeLibraryPath ([libglvnd nvidiaLibsOnly]
++ lib.optional (api == "Vulkan") vulkan-validation-layers
++ lib.optionals enable32bits [
nvidiaDrivers.lib32
nvidiaLibsOnly.lib32
pkgsi686Linux.libglvnd
])
} "$@"
}"''${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
exec "$@"
'';
};
in {
inherit nvidiaDrivers nvidiaLibsOnly;
# TODO: 32bit version? Not tested.
inherit nixNvidiaWrapper;
# TODO: 32bit version? Not tested.
nixGLNvidia = nixNvidiaWrapper "GL";
# TODO: 32bit version? Not tested.
nixVulkanNvidia = nixNvidiaWrapper "Vulkan";
nixGLNvidiaBumblebee = writeExecutable {
name = "nixGLNvidiaBumblebee-${version}";
text = ''
#!${runtimeShell}
export LD_LIBRARY_PATH=${
lib.makeLibraryPath [nvidiaDrivers]
}"''${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
${
bumblebee.override {
nvidia_x11 = nvidiaDrivers;
nvidia_x11_i686 = nvidiaDrivers.lib32;
}
}/bin/optirun --ldpath ${
lib.makeLibraryPath ([libglvnd nvidiaDrivers]
++ lib.optionals enable32bits [
nvidiaDrivers.lib32
pkgsi686Linux.libglvnd
])
} "$@"
'';
};
# TODO: 32bit version? Not tested.
inherit nixNvidiaWrapper;
# TODO: 32bit version? Not tested.
nixGLNvidia = nixNvidiaWrapper "GL";
# TODO: 32bit version? Not tested.
nixVulkanNvidia = nixNvidiaWrapper "Vulkan";
};
nixGLIntel = writeExecutable {
name = "nixGLIntel";
# add the 32 bits drivers if needed
text =
let
mesa-drivers = [ mesa.drivers ]
++ lib.optional enable32bits pkgsi686Linux.mesa.drivers;
intel-driver = [ intel-media-driver vaapiIntel ]
# Note: intel-media-driver is disabled for i686 until https://github.com/NixOS/nixpkgs/issues/140471 is fixed
++ lib.optionals enable32bits [ /* pkgsi686Linux.intel-media-driver */ driversi686Linux.vaapiIntel ];
libvdpau = [ libvdpau-va-gl ]
++ lib.optional enable32bits pkgsi686Linux.libvdpau-va-gl;
glxindirect = runCommand "mesa_glxindirect" { } (
''
mkdir -p $out/lib
ln -s ${mesa.drivers}/lib/libGLX_mesa.so.0 $out/lib/libGLX_indirect.so.0
''
);
in
''
#!${runtimeShell}
export LIBGL_DRIVERS_PATH=${lib.makeSearchPathOutput "lib" "lib/dri" mesa-drivers}
export LIBVA_DRIVERS_PATH=${lib.makeSearchPathOutput "out" "lib/dri" intel-driver}
${''export __EGL_VENDOR_LIBRARY_FILENAMES=${mesa.drivers}/share/glvnd/egl_vendor.d/50_mesa.json${
text = let
mesa-drivers =
[mesa.drivers]
++ lib.optional enable32bits pkgsi686Linux.mesa.drivers;
intel-driver =
[intel-media-driver vaapiIntel]
# Note: intel-media-driver is disabled for i686 until https://github.com/NixOS/nixpkgs/issues/140471 is fixed
++ lib.optionals enable32bits [
/*
pkgsi686Linux.intel-media-driver
*/
driversi686Linux.vaapiIntel
];
libvdpau =
[libvdpau-va-gl]
++ lib.optional enable32bits pkgsi686Linux.libvdpau-va-gl;
glxindirect = runCommand "mesa_glxindirect" {} ''
mkdir -p $out/lib
ln -s ${mesa.drivers}/lib/libGLX_mesa.so.0 $out/lib/libGLX_indirect.so.0
'';
in ''
#!${runtimeShell}
export LIBGL_DRIVERS_PATH=${lib.makeSearchPathOutput "lib" "lib/dri" mesa-drivers}
export LIBVA_DRIVERS_PATH=${lib.makeSearchPathOutput "out" "lib/dri" intel-driver}
${''export __EGL_VENDOR_LIBRARY_FILENAMES=${mesa.drivers}/share/glvnd/egl_vendor.d/50_mesa.json${
lib.optionalString enable32bits
":${pkgsi686Linux.mesa.drivers}/share/glvnd/egl_vendor.d/50_mesa.json"
}"''${__EGL_VENDOR_LIBRARY_FILENAMES:+:$__EGL_VENDOR_LIBRARY_FILENAMES}"''
}
export LD_LIBRARY_PATH=${lib.makeLibraryPath mesa-drivers}:${lib.makeSearchPathOutput "lib" "lib/vdpau" libvdpau}:${glxindirect}/lib:${lib.makeLibraryPath [libglvnd]}"''${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
exec "$@"
'';
}"''${__EGL_VENDOR_LIBRARY_FILENAMES:+:$__EGL_VENDOR_LIBRARY_FILENAMES}"''}
export LD_LIBRARY_PATH=${lib.makeLibraryPath mesa-drivers}:${lib.makeSearchPathOutput "lib" "lib/vdpau" libvdpau}:${glxindirect}/lib:${lib.makeLibraryPath [libglvnd]}"''${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
exec "$@"
'';
};
nixVulkanIntel = writeExecutable {
name = "nixVulkanIntel";
text =
let
# generate a file with the listing of all the icd files
icd = runCommand "mesa_icd" { } (
# 64 bits icd
''
ls ${mesa.drivers}/share/vulkan/icd.d/*.json > f
''
# 32 bits ones
+ lib.optionalString enable32bits ''
ls ${pkgsi686Linux.mesa.drivers}/share/vulkan/icd.d/*.json >> f
''
# concat everything as a one line string with ":" as seperator
+ ''cat f | xargs | sed "s/ /:/g" > $out''
);
in
''
#!${runtimeShell}
if [ -n "$LD_LIBRARY_PATH" ]; then
echo "Warning, nixVulkanIntel overwriting existing LD_LIBRARY_PATH" 1>&2
fi
export VK_LAYER_PATH=${vulkan-validation-layers}/share/vulkan/explicit_layer.d
ICDS=$(cat ${icd})
export VK_ICD_FILENAMES=$ICDS"''${VK_ICD_FILENAMES:+:$VK_ICD_FILENAMES}"
export LD_LIBRARY_PATH=${
lib.makeLibraryPath [
zlib
libdrm
xorg.libX11
xorg.libxcb
xorg.libxshmfence
wayland
gcc.cc
]
}"''${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
exec "$@"
'';
text = let
# generate a file with the listing of all the icd files
icd = runCommand "mesa_icd" {} (
# 64 bits icd
''
ls ${mesa.drivers}/share/vulkan/icd.d/*.json > f
''
# 32 bits ones
+ lib.optionalString enable32bits ''
ls ${pkgsi686Linux.mesa.drivers}/share/vulkan/icd.d/*.json >> f
''
# concat everything as a one line string with ":" as seperator
+ ''cat f | xargs | sed "s/ /:/g" > $out''
);
in ''
#!${runtimeShell}
if [ -n "$LD_LIBRARY_PATH" ]; then
echo "Warning, nixVulkanIntel overwriting existing LD_LIBRARY_PATH" 1>&2
fi
export VK_LAYER_PATH=${vulkan-validation-layers}/share/vulkan/explicit_layer.d
ICDS=$(cat ${icd})
export VK_ICD_FILENAMES=$ICDS"''${VK_ICD_FILENAMES:+:$VK_ICD_FILENAMES}"
export LD_LIBRARY_PATH=${
lib.makeLibraryPath [
zlib
libdrm
xorg.libX11
xorg.libxcb
xorg.libxshmfence
wayland
gcc.cc
]
}"''${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
exec "$@"
'';
};
nixGLCommon = nixGL:
runCommand "nixGL" { } ''
runCommand "nixGL" {} ''
mkdir -p "$out/bin"
# star because nixGLNvidia... have version prefixed name
cp ${nixGL}/bin/* "$out/bin/nixGL";
'';
auto =
let
_nvidiaVersionFile =
if nvidiaVersionFile != null then
nvidiaVersionFile
else
auto = let
_nvidiaVersionFile =
if nvidiaVersionFile != null
then nvidiaVersionFile
else
# HACK: Get the version from /proc. It turns out that /proc is mounted
# inside of the build sandbox and varies from machine to machine.
#
# builtins.readFile is not able to read /proc files. See
# https://github.com/NixOS/nix/issues/3539.
runCommand "impure-nvidia-version-file"
{
# To avoid sharing the build result over time or between machine,
# Add an impure parameter to force the rebuild on each access.
# time = builtins.currentTime;
preferLocalBuild = true;
allowSubstitutes = false;
} "cp /proc/driver/nvidia/version $out 2> /dev/null || touch $out";
runCommand "impure-nvidia-version-file"
{
# To avoid sharing the build result over time or between machine,
# Add an impure parameter to force the rebuild on each access.
# time = builtins.currentTime;
preferLocalBuild = true;
allowSubstitutes = false;
} "cp /proc/driver/nvidia/version $out 2> /dev/null || touch $out";
# The nvidia version. Either fixed by the `nvidiaVersion` argument, or
# auto-detected. Auto-detection is impure.
nvidiaVersionAuto =
if nvidiaVersion != null then
nvidiaVersion
else
# The nvidia version. Either fixed by the `nvidiaVersion` argument, or
# auto-detected. Auto-detection is impure.
nvidiaVersionAuto =
if nvidiaVersion != null
then nvidiaVersion
else
# Get if from the nvidiaVersionFile
let
data = builtins.readFile _nvidiaVersionFile;
versionMatch = builtins.match ".*Module ([0-9.]+) .*" data;
in
if versionMatch != null then builtins.head versionMatch else null;
let
data = builtins.readFile _nvidiaVersionFile;
versionMatch = builtins.match ".*Module ([0-9.]+) .*" data;
in
if versionMatch != null
then builtins.head versionMatch
else null;
autoNvidia = nvidiaPackages { version = nvidiaVersionAuto; };
in
autoNvidia = nvidiaPackages {version = nvidiaVersionAuto;};
in
rec {
# The output derivation contains nixGL which point either to
# nixGLNvidia or nixGLIntel using an heuristic.
nixGLDefault =
if nvidiaVersionAuto != null then
nixGLCommon autoNvidia.nixGLNvidia
else
nixGLCommon nixGLIntel;
} // autoNvidia;
if nvidiaVersionAuto != null
then nixGLCommon autoNvidia.nixGLNvidia
else nixGLCommon nixGLIntel;
}
// autoNvidia;
};
in
top // (if nvidiaVersion != null then
top.nvidiaPackages
{
version = nvidiaVersion;
sha256 = nvidiaHash;
}
else
{ })
top
// (
if nvidiaVersion != null
then
top.nvidiaPackages
{
version = nvidiaVersion;
sha256 = nvidiaHash;
}
else {}
)

8
out-of-tree/nixGL/nixpkgs.nix
View File

@ -1,7 +1,7 @@
let
rev = "4f6d8095fd51";
in
import (fetchTarball {
url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz";
sha256 = "14sm0bjjcmi9qmznwy3nkd2vbhj5xcshgm54a5wiprl9ssvxqw53";
})
import (fetchTarball {
url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz";
sha256 = "14sm0bjjcmi9qmznwy3nkd2vbhj5xcshgm54a5wiprl9ssvxqw53";
})

39
secrets.nix
View File

@ -1,22 +1,29 @@
# WARNING: currently not usable anymore
let
inherit ((import
(
let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
)
{ src = ./.; }
).defaultNix) secrets;
inherit
((
import
(
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
in
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
)
{src = ./.;}
)
.defaultNix)
secrets
;
inherit (secrets) pubKeys;
inherit (pubKeys) users hosts;
all = users // hosts;
c_ = builtins;
in
{
"secrets/s3fs.age".publicKeys = c_.attrValues (all);
"secrets/s3fs.digital-garden.age".publicKeys = c_.attrValues (all);
"secrets/_nhitrl.age".publicKeys = c_.attrValues (all);
"secrets/wifi.env.age".publicKeys = c_.attrValues (all);
in {
"secrets/s3fs.age".publicKeys = c_.attrValues all;
"secrets/s3fs.digital-garden.age".publicKeys = c_.attrValues all;
"secrets/_nhitrl.age".publicKeys = c_.attrValues all;
"secrets/wifi.env.age".publicKeys = c_.attrValues all;
}

12
secrets/default.nix
View File

@ -1,6 +1,5 @@
# TODO: put ssh keys as user/host config
inputs:
let
inputs: let
# user-specific (~/.ssh/id_ed25519.pub)
users = {
"hungtr@bao" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK+1+gps6phbZboIb9fH51VNPUCkhSSOAbkI3tq3Ou0Z";
@ -12,9 +11,8 @@ let
all = users // systems;
# stands for calculus
c_ = builtins;
in
{
"system/secrets/s3fs.age".publicKeys = c_.attrValues (all);
"system/secrets/s3fs.digital-garden.age".publicKeys = c_.attrValues (all);
"system/secrets/_nhitrl.age".publicKeys = c_.attrValues (all);
in {
"system/secrets/s3fs.age".publicKeys = c_.attrValues all;
"system/secrets/s3fs.digital-garden.age".publicKeys = c_.attrValues all;
"system/secrets/_nhitrl.age".publicKeys = c_.attrValues all;
}

11
shell.nix
View File

@ -1,11 +1,14 @@
# This uses the exported devShells from flake.nix
# the default or base version of nix-shell can be found in dev-shell.nix instead
# This architecture is because we use top-level flake.nix
(import
(
import
(
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
in (import ./c_.nix).fetchTree lock.nodes.flake-compat.locked
in
(import ./c_.nix).fetchTree lock.nodes.flake-compat.locked
)
{ src = ./.; }
).shellNix
{src = ./.;}
)
.shellNix

7
templates/default.nix
View File

@ -1,8 +1,9 @@
# TODO: templates should be able to have initial states like
# repo name, author,...
{ pkgs
, lib
, ...
{
pkgs,
lib,
...
}: {
rust = {
path = ./rust;

3
templates/py-poetry/default.nix
View File

@ -7,4 +7,5 @@
)
{
src = ./.;
}).defaultNix
})
.defaultNix

49
templates/py-poetry/flake.nix
View File

@ -1,29 +1,30 @@
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
outputs = { self, nixpkgs }:
let
supportedSystems = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ];
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
pkgs = forAllSystems (system: nixpkgs.legacyPackages.${system});
in
{
packages = forAllSystems (system: {
default = pkgs.${system}.poetry2nix.mkPoetryApplication { projectDir = self; };
});
outputs = {
self,
nixpkgs,
}: let
supportedSystems = ["x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin"];
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
pkgs = forAllSystems (system: nixpkgs.legacyPackages.${system});
in {
packages = forAllSystems (system: {
default = pkgs.${system}.poetry2nix.mkPoetryApplication {projectDir = self;};
});
devShells = forAllSystems (system: {
bootstrap = pkgs.${system}.mkShellNoCC {
packages = [
pkgs.${system}.poetry
];
};
default = pkgs.${system}.mkShellNoCC {
packages = [
(pkgs.${system}.poetry2nix.mkPoetryEnv { projectDir = self; })
pkgs.${system}.poetry
];
};
});
};
devShells = forAllSystems (system: {
bootstrap = pkgs.${system}.mkShellNoCC {
packages = [
pkgs.${system}.poetry
];
};
default = pkgs.${system}.mkShellNoCC {
packages = [
(pkgs.${system}.poetry2nix.mkPoetryEnv {projectDir = self;})
pkgs.${system}.poetry
];
};
});
};
}

3
templates/py-poetry/shell.nix
View File

@ -7,4 +7,5 @@
)
{
src = ./.;
}).shellNix
})
.shellNix

3
templates/rust-monorepo/default.nix
View File

@ -7,4 +7,5 @@
)
{
src = ./.;
}).defaultNix
})
.defaultNix

38
templates/rust-monorepo/flake.nix
View File

@ -6,23 +6,29 @@
rust-overlay.url = "github:oxalica/rust-overlay";
};
outputs = { self, nixpkgs, utils, naersk, rust-overlay }:
utils.lib.eachDefaultSystem (system:
let
overlays = [ rust-overlay.overlays.default ];
pkgs = import nixpkgs { inherit system overlays; };
rust_pkgs = (pkgs.rust-bin.selectLatestNightlyWith
(
toolchain:
outputs = {
self,
nixpkgs,
utils,
naersk,
rust-overlay,
}:
utils.lib.eachDefaultSystem (system: let
overlays = [rust-overlay.overlays.default];
pkgs = import nixpkgs {inherit system overlays;};
rust_pkgs =
pkgs.rust-bin.selectLatestNightlyWith
(
toolchain:
toolchain.default.override {
extensions = [ "rust-src" "rust-analyzer" "rust-docs" "clippy" "miri" ];
extensions = ["rust-src" "rust-analyzer" "rust-docs" "clippy" "miri"];
}
));
naersk-lib = pkgs.callPackage naersk { };
in
{
defaultPackage = naersk-lib.buildPackage ./.;
devShell = with pkgs; mkShell {
);
naersk-lib = pkgs.callPackage naersk {};
in {
defaultPackage = naersk-lib.buildPackage ./.;
devShell = with pkgs;
mkShell {
buildInputs = [
rust_pkgs
# rust's compiler is quite powerful enough to the point where
@ -37,5 +43,5 @@
# nix flake update # is this even needed?
'';
};
});
});
}

3
templates/rust-monorepo/shell.nix
View File

@ -7,4 +7,5 @@
)
{
src = ./.;
}).shellNix
})
.shellNix

3
templates/rust/default.nix
View File

@ -7,4 +7,5 @@
)
{
src = ./.;
}).defaultNix
})
.defaultNix

38
templates/rust/flake.nix
View File

@ -6,23 +6,29 @@
rust-overlay.url = "github:oxalica/rust-overlay";
};
outputs = { self, nixpkgs, utils, naersk, rust-overlay }:
utils.lib.eachDefaultSystem (system:
let
overlays = [ rust-overlay.overlays.default ];
pkgs = import nixpkgs { inherit system overlays; };
rust_pkgs = (pkgs.rust-bin.selectLatestNightlyWith
(
toolchain:
outputs = {
self,
nixpkgs,
utils,
naersk,
rust-overlay,
}:
utils.lib.eachDefaultSystem (system: let
overlays = [rust-overlay.overlays.default];
pkgs = import nixpkgs {inherit system overlays;};
rust_pkgs =
pkgs.rust-bin.selectLatestNightlyWith
(
toolchain:
toolchain.default.override {
extensions = [ "rust-src" "rust-analyzer" "rust-docs" "clippy" "miri" ];
extensions = ["rust-src" "rust-analyzer" "rust-docs" "clippy" "miri"];
}
));
naersk-lib = pkgs.callPackage naersk { };
in
{
defaultPackage = naersk-lib.buildPackage ./.;
devShell = with pkgs; mkShell {
);
naersk-lib = pkgs.callPackage naersk {};
in {
defaultPackage = naersk-lib.buildPackage ./.;
devShell = with pkgs;
mkShell {
buildInputs = [
rust_pkgs
# rust's compiler is quite powerful enough to the point where
@ -37,5 +43,5 @@
# nix flake update # is this even needed?
'';
};
});
});
}

3
templates/rust/shell.nix
View File

@ -7,4 +7,5 @@
)
{
src = ./.;
}).shellNix
})
.shellNix

89
templates/ts/turborepo/flake.nix
View File

@ -9,45 +9,52 @@
turbo.url = "github:dlip/turbo";
};
outputs = { self, turbo, flake-utils, nixpkgs }:
with flake-utils; lib.eachSystem lib.defaultSystems (sys:
let
overlays = [ turbo.overlay ];
# pkgs is our tweaked nixpkgs
pkgs = import nixpkgs { system = sys; overlays = overlays; };
shellMsg = ''
echo "Hello from nix ${sys}"
echo "Local development may use our remote planetscale database (pscale login && pnpm dev:infra; pnpm dev)"
echo "Or from the specified docker-compose.yml (pnpm dev:local_infra && pnpm dev)"
echo "See more on CONTRIBUTING.md"
'';
in
{
devShell = pkgs.mkShell {
nativeBuildInputs = [ pkgs.bashInteractive ];
buildInputs = [
pkgs.nodejs-18_x
pkgs.nodePackages.pnpm
pkgs.nodePackages.prisma
pkgs.prisma-engines
pkgs.turbo
# pkgs.turbo-tooling
pkgs.jq
pkgs.pscale
pkgs.act # Github workflow
];
shellHook =
# https://github.com/prisma/prisma/issues/3026#issuecomment-927258138
# nix-direnv is required (impure build?) https://github.com/nix-community/nix-direnv
''
export PRISMA_MIGRATION_ENGINE_BINARY="${pkgs.prisma-engines}/bin/migration-engine"
export PRISMA_QUERY_ENGINE_BINARY="${pkgs.prisma-engines}/bin/query-engine"
export PRISMA_QUERY_ENGINE_LIBRARY="${pkgs.prisma-engines}/lib/libquery_engine.node"
export PRISMA_INTROSPECTION_ENGINE_BINARY="${pkgs.prisma-engines}/bin/introspection-engine"
export PRISMA_FMT_BINARY="${pkgs.prisma-engines}/bin/prisma-fmt"
export TURBO_BINARY_PATH="${pkgs.turbo}/bin/turbo"
pnpm install
'' + shellMsg;
};
});
outputs = {
self,
turbo,
flake-utils,
nixpkgs,
}:
with flake-utils; lib.eachSystem lib.defaultSystems (sys: let
overlays = [turbo.overlay];
# pkgs is our tweaked nixpkgs
pkgs = import nixpkgs {
system = sys;
overlays = overlays;
};
shellMsg = ''
echo "Hello from nix ${sys}"
echo "Local development may use our remote planetscale database (pscale login && pnpm dev:infra; pnpm dev)"
echo "Or from the specified docker-compose.yml (pnpm dev:local_infra && pnpm dev)"
echo "See more on CONTRIBUTING.md"
'';
in {
devShell = pkgs.mkShell {
nativeBuildInputs = [pkgs.bashInteractive];
buildInputs = [
pkgs.nodejs-18_x
pkgs.nodePackages.pnpm
pkgs.nodePackages.prisma
pkgs.prisma-engines
pkgs.turbo
# pkgs.turbo-tooling
pkgs.jq
pkgs.pscale
pkgs.act # Github workflow
];
shellHook =
# https://github.com/prisma/prisma/issues/3026#issuecomment-927258138
# nix-direnv is required (impure build?) https://github.com/nix-community/nix-direnv
''
export PRISMA_MIGRATION_ENGINE_BINARY="${pkgs.prisma-engines}/bin/migration-engine"
export PRISMA_QUERY_ENGINE_BINARY="${pkgs.prisma-engines}/bin/query-engine"
export PRISMA_QUERY_ENGINE_LIBRARY="${pkgs.prisma-engines}/lib/libquery_engine.node"
export PRISMA_INTROSPECTION_ENGINE_BINARY="${pkgs.prisma-engines}/bin/introspection-engine"
export PRISMA_FMT_BINARY="${pkgs.prisma-engines}/bin/prisma-fmt"
export TURBO_BINARY_PATH="${pkgs.turbo}/bin/turbo"
pnpm install
''
+ shellMsg;
};
});
}

Some files were not shown because too many files have changed in this diff Show More