31 changed files with 71 additions and 589 deletions
--- a/.envrc
+++ b/.envrc
@ -1,6 +0,0 @@
 # If nix-shell available, then nix is installed. We're going to use nix-direnv.
 if command -v nix-shell &> /dev/null
 then
    use flake
 fi
--- a/native_configs/alacritty/alacritty.yml
+++ b/native_configs/alacritty/alacritty.yml
--- a/default.nix
+++ b/default.nix
@ -1,11 +0,0 @@
 # We use top-level nix-flake, so default.nix is basically just a wrapper around ./flake.nix
 (import
  (
    let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
    fetchTarball {
      url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
      sha256 = lock.nodes.flake-compat.locked.narHash;
    }
  )
  { src = ./.; }
 ).defaultNix
--- a/dev-shell.nix
+++ b/dev-shell.nix
@ -1,20 +0,0 @@
 # Ideally, this should contain the barebone necessary for building/interacting 
 # with tech used in this project
 #
 # Should also incorporate shortcuts like scripts/{hm-switch,conf-sysnix}.sh in here instead
 #
 # It should not contain PDE
 {pkgs? import <nixpkgs> {}
 ,lib
 ,...}: pkgs.mkShell {
  # mkShell doesn't care about the differences across nativeBuildInputs,
  # buildInputs, or packages
  buildInputs = [
    # shell scripts
    (lib.shellAsDrv {script = ''echo "hello world"''; pname = "hello";})
  ];
  # env vars
  lol="hello world";
 }
--- a/docs/DEV.md
+++ b/docs/DEV.md
@ -1,36 +0,0 @@
 # Journal on development
 This contains information dump to record thoughts as I design this repo
 ## Nix as first-class citizen instead of native config
 - Nix can export JSON and other object serialization formats
 - Still allows native config, so that Neovim, for example, which uses Turing-complete
  config language, to make full use of its native LSP.
 ## Design pattern emerges from unstructured code
 ### Modules
 - Main thing for the first big refactor of codebase
 - nixpkgs and home-manager has their own interface for modules 
 - The main benefit is to provide (runtime) type-safety on options, along with
 documentations and defaults
 ## Nitpicky details
 ### `nativeBuildInputs` vs `buildInputs`
 - `nativeBuildInputs` is available **before** `buildInputs`.
 - `nativeBuildInputs` is supposed to be built by a deployment machine (not target)
 - `buildInputs` gives you access during runtime
 - `nativeBulidInputs` gives you access to packages during build time
 - `mkShell` doesn't care about `packages`, `nativeBuildInputs`, `buildInputs`
--- a/flake.lock
+++ b/flake.lock
@ -1,218 +0,0 @@
 {
  "nodes": {
    "agenix": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1665870395,
        "narHash": "sha256-Tsbqb27LDNxOoPLh0gw2hIb6L/6Ow/6lIBvqcHzEKBI=",
        "owner": "ryantm",
        "repo": "agenix",
        "rev": "a630400067c6d03c9b3e0455347dc8559db14288",
        "type": "github"
      },
      "original": {
        "owner": "ryantm",
        "repo": "agenix",
        "type": "github"
      }
    },
    "flake-compat": {
      "flake": false,
      "locked": {
        "lastModified": 1668681692,
        "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
        "owner": "edolstra",
        "repo": "flake-compat",
        "rev": "009399224d5e398d03b22badca40a37ac85412a1",
        "type": "github"
      },
      "original": {
        "owner": "edolstra",
        "repo": "flake-compat",
        "type": "github"
      }
    },
    "flake-utils": {
      "locked": {
        "lastModified": 1667395993,
        "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "flake-utils_2": {
      "locked": {
        "lastModified": 1659877975,
        "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "flake-utils_3": {
      "locked": {
        "lastModified": 1659877975,
        "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ],
        "utils": "utils"
      },
      "locked": {
        "lastModified": 1671958483,
        "narHash": "sha256-wX+VBdHwrpW654PzmM4efiPdUDI8da8TGZeQt/zYP40=",
        "owner": "nix-community",
        "repo": "home-manager",
        "rev": "939731b8cb75fb451170cb8f935186a6a7424444",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "repo": "home-manager",
        "type": "github"
      }
    },
    "nixgl": {
      "inputs": {
        "flake-utils": "flake-utils_2",
        "nixpkgs": "nixpkgs"
      },
      "locked": {
        "lastModified": 1661367362,
        "narHash": "sha256-Qc8MXcV+YCPREu8kk6oggk23ZBKLqeQRAIsLbHEviPE=",
        "owner": "guibou",
        "repo": "nixGL",
        "rev": "7165ffbccbd2cf4379b6cd6d2edd1620a427e5ae",
        "type": "github"
      },
      "original": {
        "owner": "guibou",
        "repo": "nixGL",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1660551188,
        "narHash": "sha256-a1LARMMYQ8DPx1BgoI/UN4bXe12hhZkCNqdxNi6uS0g=",
        "owner": "nixos",
        "repo": "nixpkgs",
        "rev": "441dc5d512153039f19ef198e662e4f3dbb9fd65",
        "type": "github"
      },
      "original": {
        "owner": "nixos",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1671722432,
        "narHash": "sha256-ojcZUekIQeOZkHHzR81st7qxX99dB1Eaaq6PU5MNeKc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "652e92b8064949a11bc193b90b74cb727f2a1405",
        "type": "github"
      },
      "original": {
        "id": "nixpkgs",
        "ref": "nixos-unstable",
        "type": "indirect"
      }
    },
    "nixpkgs_3": {
      "locked": {
        "lastModified": 1665296151,
        "narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixpkgs-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "agenix": "agenix",
        "flake-compat": "flake-compat",
        "flake-utils": "flake-utils",
        "home-manager": "home-manager",
        "nixgl": "nixgl",
        "nixpkgs": "nixpkgs_2",
        "rust-overlay": "rust-overlay"
      }
    },
    "rust-overlay": {
      "inputs": {
        "flake-utils": "flake-utils_3",
        "nixpkgs": "nixpkgs_3"
      },
      "locked": {
        "lastModified": 1671935094,
        "narHash": "sha256-fWEkH5550R6q6+CeG/317g9ywE/ZhW/4zuCjTaDsHe8=",
        "owner": "oxalica",
        "repo": "rust-overlay",
        "rev": "fd2740316bacb3e0106381c325e0bb90d6790aeb",
        "type": "github"
      },
      "original": {
        "owner": "oxalica",
        "repo": "rust-overlay",
        "type": "github"
      }
    },
    "utils": {
      "locked": {
        "lastModified": 1667395993,
        "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    }
  },
  "root": "root",
  "version": 7
 }
--- a/flake.nix
+++ b/flake.nix
@ -1,60 +0,0 @@
 {
  description = "My personal configuration in Nix (and some native configurations)";
  inputs = {
    nixpkgs.url = "nixpkgs/nixos-unstable";
    agenix = {
      url = "github:ryantm/agenix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    home-manager = {
      url = "github:nix-community/home-manager";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    flake-utils.url = "github:numtide/flake-utils";
    nixgl.url = "github:guibou/nixGL";
    rust-overlay.url = "github:oxalica/rust-overlay";
    # Allows default.nix to call onto flake.nix. Useful for nix eval and automations
    flake-compat = {
      url = "github:edolstra/flake-compat";
      flake = false;
    };
  };
  outputs = {
    nixpkgs, agenix, home-manager, flake-utils, nixgl, rust-overlay, flake-compat
    ,...
  }@_inputs: let 
    # Context/global stuffs to be passed down
    # TODO: adapt to different platforms think about different systems later
    system = "x86_64-linux";
    pkgs = import nixpkgs {
      inherit system;
      config = {
        allowUnfree = true;
      };
    };
    # inject nixpkgs.lib onto c_ (calculus)
    _lib = pkgs.lib;
    inputs = (_lib.recursiveUpdate {
      inherit system; 
      # NOTE: this will only read files that are within git tree
      # all secrets should go into secrets.nix and secrets/*.age
      proj_root = builtins.toString ./.;
    } _inputs);
    inputs_w_pkgs = (_lib.recursiveUpdate {inherit pkgs;} inputs);
    lib = _lib.recursiveUpdate (import ./lib inputs_w_pkgs) _lib;
    # update inputs with our library and past onto our end configurations
    inputs_w_lib = (lib.recursiveUpdate {inherit lib;} inputs_w_pkgs);
    modules = (import ./modules inputs_w_lib);
    hosts = (import ./hosts inputs_w_lib); 
    users = (import ./users inputs_w_lib);
    final_inputs = inputs_w_lib;
  in {
    # inherit (hosts) nixosConfigurations;
    # inherit (users) homeConfigurations;
    devShell."${system}" = import ./dev-shell.nix final_inputs;
  };
 }
--- a/lib/default.nix
+++ b/lib/default.nix
@ -1,37 +0,0 @@
 {pkgs
 ,nixpkgs
 ,proj_root
 ,nixosDefaultVersion? "22.05"
 ,defaultSystem? "x86_64-linux";
 ,...}@inputs: let
  lib = pkgs.lib;
  # procedure = 
 in {
  # short-hand to create a shell derivation
  # NOTE: this is pure. This means, env vars from devShells might not
  # be accessible unless MAYBE they are `export`ed
  shellAsDrv = {script, pname}: (pkgs.callPackage (
    # just a pattern that we must remember: args to this are children of pkgs.
    {writeShellScriptBin}: writeShellScriptBin pname script
  ) {});
  # Configures hosts as nixosConfiguration
  # [host_T] -> {host_T[int].hostName = type (nixpkgs.lib.nixosConfiguration);}
  mkHost = {hostName
  , nixosBareConfiguration
  , nixosVersion? nixosDefaultVersion
  , system? defaultSystem
  , preset? "base"}:  # base | minimal
  nixpkgs.lib.nixosSystem (nixosBareConfiguration // {
    inherit system;
    modules = [
      {
        system.stateVersion = nixosVersion;
        networking.hostName = hostName;
      }
      import "${proj_root}/modules/base.nix"
      import "${proj_root}/modules/tailscale.sys.nix"
    ] ++ nixosBareConfiguration.modules;
  });
 }
--- a/modules/base.sys.nix
+++ b/modules/base.sys.nix
@ -1,10 +0,0 @@
 {pkgs
 ,lib
 ,proj_root
 }:{
  imports = [
    ./minimal.sys.nix
    ./mosh.sys.nix
    ./tailscale.sys.nix
  ];
 }
--- a/modules/default.nix
+++ b/modules/default.nix
@ -1 +0,0 @@
 inputs: {}
--- a/modules/kde.sys.nix
+++ b/modules/kde.sys.nix
@ -1,8 +0,0 @@
 {pkgs
 ,lib
 ,config
 ,proj_root
 ,agenix
 }: {
  environment.noXlibs = lib.mkForce false;
 }
--- a/modules/minimal.sys.nix
+++ b/modules/minimal.sys.nix
@ -1,27 +0,0 @@
 {pkgs
 ,lib
 ,proj_root
 }:{
  # prune old builds after a while
  nix.settings.auto-optimize-store = true;
  nix.package = pkgs.nixFlakes;             # nix flakes
  nix.extraOptions = ''
    experimental=feature = nix-command flakes
  '';
  programs.neovim = {
      enable = true;
      defaultEditor = true;
  };
  programs.git.enable = true;  
  environment.systemPackages = [
    pkgs.gnumake
    pkgs.wget
    pkgs.inetutils # network diag
    pkgs.mtr # network diag
    pkgs.sysstat # sys diag
  ];
  users.users.root = {
    # openssh runs in root, no? This is because port < 1024 requires root.
    openssh.authorizedKeys.keys = lib.strings.splitString "\n" (builtins.readFile "${proj_root}/ssh/authorized_keys");
  };
 }
--- a/modules/mosh.sys.nix
+++ b/modules/mosh.sys.nix
@ -1,12 +0,0 @@
 {pkgs
 ,lib
 ,config
 }: {
  environment.systemPackages = [pkgs.mosh];
  networking.firewall = lib.mkIf config.networking.firewall.enable {
    allowedUDPPortRanges = [
      { from = 60000; to = 61000; } # mosh
    ];
  };
 }
--- a/modules/secrets.nix
+++ b/modules/secrets.nix
@ -1,16 +0,0 @@
 {agenix
 ,proj_root}: {
  age.secrets.s3fs = {
    file = "${proj_root}/secrets/s3fs.age";
    # mode = "600";  # owner + group only
    # owner = "hungtr";
    # group = "users";
  };
  age.secrets."s3fs.digital-garden" = {
    file = "${proj_root}/secrets/s3fs.digital-garden.age";
  };
  age.secrets._nhitrl_cred = {
    file = "${proj_root}/secrets/_nhitrl.age";
  };
  environment.systemPackages = [agenix.defaultPackage.x86_64-linux];
 }
--- a/modules/tailscale.sys.nix
+++ b/modules/tailscale.sys.nix
@ -1,48 +0,0 @@
 {pkgs
 ,config
 ,lib
 ,...}: {
  environment.systemPackages = [pkgs.tailscale];
  services.tailscale.enable = true;
  systemd.services.tailscale-autoconnect = {
    description = "Automatically connects to Tailscale";
    # make sure tailscale is running before trying to connect to tailscale
    after = [ "network-pre.target" "tailscale.service" ];
    wants = [ "network-pre.target" "tailscale.service" ];
    wantedBy = [ "multi-user.target" ];
    # set this service as a oneshot job
    serviceConfig.Type = "oneshot";
    # have the job run this shell script
    script = ''
      # wait for tailscaled to settle
      sleep 2
      # check if we are already authenticated to tailscale
      status="$(${pkgs.tailscale}/bin/tailscale status -json | ${pkgs.jq}/bin/jq -r .BackendState)"
      if [ $status = "Running" ]; then # if so, then do nothing
        exit 0
      fi
      # ${pkgs.tailscale}/bin/tailscale up # blocks, doesn't give url
      # This time, configure device auth so that we authenticate from portal
      # https://tailscale.com/kb/1099/device-authorization/#enable-device-authorization-for-your-network 
      ${pkgs.tailscale}/bin/tailscale up -authkey tskey-auth-kJcgTG5CNTRL-PUVFkk31z1bThHpfq3FC5b1jcMmkW2EYW
    '';
  };
  networking.firewall = lib.mkIf config.networking.firewall.enable {
    trustedInterfaces = [
      "tailscale0"
    ];
    allowedUDPPorts = [
      config.services.tailscale.port
    ];
    allowedTCPPorts = [
      22
    ];
    checkReversePath = "loose";
  };
 }
--- a/native_configs/README.md
+++ b/native_configs/README.md
@ -1,3 +0,0 @@
 # Native configs
 Contains all configurations that are written in their native language
--- a/native_configs/neovim/init.lua
+++ b/native_configs/neovim/init.lua
--- a/native_configs/neovim/scripts/deps.sh
+++ b/native_configs/neovim/scripts/deps.sh
--- a/nix-conf/home-manager/home.nix
+++ b/nix-conf/home-manager/home.nix
@ -15,14 +15,15 @@ let
    # Yes, I desperately want neovim to work out-of-the-box without flake.nix for now
    # I want at least python LSP to work everywhere because it's basically
    # an alternative to bash script when I move to OpenColo
-    # pkgs.gccStdenv
+    pkgs.gccStdenv
-    # pkgs.gcc
+    pkgs.gcc
-    # pkgs.tree-sitter
+    pkgs.tree-sitter
-    pkgs.fzf  # file name fuzzy search
+    pkgs.ripgrep
    pkgs.fzf
    # pkgs.sumneko-lua-language-server
-    pkgs.ripgrep  # content fuzzy search
+    pkgs.ripgrep
-    pkgs.zk  # Zettelkasten (limited support)
+    pkgs.zk
-    pkgs.fd  # Required by a Telescope plugin (?)
+    pkgs.fd
    pkgs.stdenv.cc.cc.lib
    # Python3 as alternative to bash scripts :^)
    # (pkgs.python310Full.withPackages (pypkgs: [
@ -43,11 +44,11 @@ in
  };
  home.packages = pkgs.lib.unique ([
    # pkgs.ncdu
-    pkgs.rclone   # cloud file operations
+    pkgs.rclone
-    pkgs.htop     # system diagnostics in CLI
+    pkgs.htop
-    pkgs.ripgrep  # content fuzzy search
+    pkgs.ripgrep
-    pkgs.unzip    # compression
+    pkgs.unzip
-    pkgs.zip      # compression
+    pkgs.zip
    # cool utilities
    pkgs.yq # Yaml adaptor for jq (only pretty print, little query)
@ -58,7 +59,7 @@ in
    pkgs.lynx # Web browser at your local terminal
    # Personal management
-    pkgs.keepass  # password manager. wish there is a keepass-query
+    pkgs.keepass
    # pkgs.tailscale # VPC;; This should be installed in system-nix
    pkgs.python310 # dev packages should be in project
@ -75,7 +76,6 @@ in
  programs.jq = {
    enable = true;
  };
  # TODO: override the original package, inject tree-sitter and stuffs
  programs.neovim = {
    enable = true;
    viAlias = true;
--- a/nixops/simple_hydra.nix
+++ b/nixops/simple_hydra.nix
@ -0,0 +1,31 @@
 {
  my-hydra = { config, pkgs, ... }: {
    # send email
    services.postfix = {
      enable = true;
      setSendmail = true;
    };
    # postgresql as a build queue (optimization possible?)
    services.postgresql = {
      enable = true;
      package = pkgs.postgresql;
      identMap = ''
        hydra-users hydra hydra
        hydra-users hydra-queue-runner hydra
        hydra-users hydra-www hydra
        hydra-users root postgres
        hydra-users postgres postgres
      '';
    };
    services.hydra = {
      enable = true;
      useSubstitutes = true;
      # hydraURL = 
    };
    networking = {
      firewall = {
        allowedTCPPorts = [ config.services.hydra.port ];
      };
    };
  };
 }
--- a/nixops/simple_hydra_vbox.nix
+++ b/nixops/simple_hydra_vbox.nix
@ -0,0 +1,25 @@
 # guide: https://qfpl.io/posts/nix/starting-simple-hydra/
 {
  my-hydra = { config, pkgs, ... }: {
    deployment = {
      targetEnv = "virtualbox";
      virtualbox.memorySize = 1024; # 1 GB``
      virtualbox.vcpu = 2; # 2 vcpus :/ very limited on Linode, sorry
      virtualbox.headless = true; # no gui pls
    };
    services = {
      nixosManual.showManual = false; # save space, just no manual on our nix installation
      ntp.enable = true; # time daemon
      openssh = {
        allowSFTP = false; # Prefer using SCP because connection is less verbose (?)
        # we are going to generate rsa public key pair to machine
        passwordAuthentication = false; # client-pubkey/server-prikey or dig yourself
      };
    };
    users = {
      mutableUsers = false; # Remember Trien's Windows freeze function? this is it.
      # Yo, allow trusted users through ok?
      users.root.openssh.authorizedKeys.keyFiles = [ "ssh/authorizedKeys" ];
    };
  };
 }
--- a/secrets.nix
+++ b/secrets.nix
@ -1,18 +0,0 @@
 let 
  # user-specific (~/.ssh/id_ed25519.pub)
  users = {
    "hungtr@bao" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK+1+gps6phbZboIb9fH51VNPUCkhSSOAbkI3tq3Ou0Z";
  };
  # System-specific settings (/etc/ssh/ssh_host_ed25519_key.pub)
  systems = {
    "bao" = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBuAaAE7TiQmMH300VRj/pYCri1qPmHjd+y9aX2J0Fs";
  };
  all = users // systems;
  # stands for calculus
  c_ = builtins;
 in {
  "system/secrets/s3fs.age".publicKeys = c_.attrValues (all);
  "system/secrets/s3fs.digital-garden.age".publicKeys = c_.attrValues (all);
  "system/secrets/_nhitrl.age".publicKeys = c_.attrValues (all);
 }
--- a/secrets/_nhitrl.age
+++ b/secrets/_nhitrl.age
@ -1,10 +0,0 @@
 age-encryption.org/v1
 -> ssh-ed25519 ahbzMg QEQ0gfV00KEZFXSUMAnITVG2vAhS0IrnbbEXVsQRjXA
 /iXv++nOsRRmWAu4dFTmxxC7qlCjMuTYuTa6GsYgsX0
 -> ssh-ed25519 glsjZQ Lob1uedpMxsDygT/i6Pnuwi6BzdgZPAeemISakcncVM
 UddBD1YezLMeCUn4UuHGIrK68AwCIwuHAobpkJdi/3U
 -> Tx+>#u-grease ;A%8 W
 m11Fw6roG6feroJ/o5Ro8Dv1C3Piq3bGbdV78TH9Z0URPru+srdINovMvoVqjkuZ
 eHiRwb1fN0ymLRD6/WxT4ZLKbT6J5yNPCrc+
 --- 88hy3b76RX3PAc0Lfms//lhuqsi2tsqmL9gFQqUMBKM
 >%frPåúéÚó€+÷JY`•îŽð',„ë~<7E><>ÄôÊ¼fÝ‚Ä_Q2A59N/ÄV·þ
ºÝ[ˆSgË3üß4Y(´cä}N[’Ò•ëJ¡ò6Uµ¯pvf/i§Ò+‘tÒTÞ^–Ø)<1A>
--- a/secrets/s3fs.age
+++ b/secrets/s3fs.age
@ -1,10 +0,0 @@
 age-encryption.org/v1
 -> ssh-ed25519 ahbzMg 6pTVLAgOY/JZVWiCFHLo8xQ4/CL6620IMaBRpqI8Wws
 CtJeQuy5VzKZhJnIH+/cjlKsAcg0RY2bhHTWVm+hUOY
 -> ssh-ed25519 glsjZQ we7RCgsnODTJ8rKYhU+9tu0DmLH+98mcQKQ3I2slikM
 G81lsFLQR9polxme1K/MU2d8Y01PrTqtzJnVq0EMJF0
 -> |-grease B\W,I9z ^Gx;$ Kk7!4,P
 0Jl5Lhx7R8YOs9S+hUtQDDpNIqBhC/MM0N7w1MCtwYtkIIIWKfY9jkJ7+Cew2Ee5
 Qb04jnE
 --- b7AXWRgK45a/91iwmwt5g+CWOlU/2f4nUDfXlg/bs9A
 ¢²%;Þ3RmQÚ‹WhpÌ–VŠ;º×®¡¥VÍÚñ[zš9al¦±=cLêüva<>ëu7é,†tø±’ýUÜ¶h^&å‰Ö¿WåJP6-ÇÒ£
n‘-ˆ¿=™]
--- a/secrets/s3fs.digital-garden.age
+++ b/secrets/s3fs.digital-garden.age
@ -1,10 +0,0 @@
 age-encryption.org/v1
 -> ssh-ed25519 ahbzMg GUriNV3lYlrA4xfIUj9PedI8p87avdQKOXhFqVnyzG4
 TvLDyCGbmU0N26SLWDIhj8tAgwrx1kFyhe6knPvJbLg
 -> ssh-ed25519 glsjZQ uZUN8LJ5tnBlkrQ23JutAMzOODVF/96m+5qwgE0mJgM
 srPQPu/fcCSDsbyZF8HLytPts7LGib6AHKBxaVXbK+c
 -> R{n]I@-grease
 EdbrkSaDEZBhArX2fk83dPE8DAtFuCdzm9TlIfXWhv8+jFLNmSshkKYc2Rlj/FE1
 7w
 --- GYDU/uV9eu8AKstyufFIueBnuvXwlKO3Oz9LLxkkhKQ
 fâ/MôïŽ×XƒÁ€ôÑb€vÎV}®^}|~êž¹.í•qÒU–Ô"‘€Öµ*«Åy‡…ÆÄñÇIôifªjîE´JW®a\ðÉysUïö<>“Ÿ¥Qè$’
--- a/shell.nix
+++ b/shell.nix
@ -1,13 +0,0 @@
 # This uses the exported devShells from flake.nix
 # the default or base version of nix-shell can be found in dev-shell.nix instead
 # This architecture is because we use top-level flake.nix
 (import
  (
    let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
    fetchTarball {
      url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
      sha256 = lock.nodes.flake-compat.locked.narHash;
    }
  )
  { src = ./.; }
 ).shellNix
--- a/native_configs/ssh/authorized_keys
+++ b/native_configs/ssh/authorized_keys
--- a/native_configs/ssh/config
+++ b/native_configs/ssh/config
--- a/native_configs/starship/starship.toml
+++ b/native_configs/starship/starship.toml
--- a/native_configs/tmux/tmux.conf
+++ b/native_configs/tmux/tmux.conf
--- a/native_configs/zk/config.toml
+++ b/native_configs/zk/config.toml
		`@ -1,3 +0,0 @@`
			`# Native configs`

			`Contains all configurations that are written in their native language`