Compare commits

..

116 Commits

Author SHA1 Message Date
pegasust e62e724c4d Merge pull request 'std works for now' (#18) from std into master
Reviewed-on: #18
2023-06-18 09:17:42 +00:00
pegasust ca73e77561 Merge branch 'master' into std 2023-06-18 09:17:21 +00:00
htran f454e55e80 std actually works now 2023-06-18 02:06:08 -07:00
Hung 3f1f1c8f6f wip: fix some more boneheads; stuck at starshpi not accepting nested list 2023-06-18 00:52:08 -07:00
Hung 820736fc8c wip: more migrations, mostly adding nix-index, kpcli-py, and nix-boost integration 2023-06-17 23:31:47 -07:00
Hung d5d4415d5c ts-ql is useless :) 2023-06-17 20:33:06 -07:00
Hung 6352f821c3 add some more hints on the default settings for neovim; just go with alejandra formatter; add more docs on qa 2023-06-17 20:32:15 -07:00
Hung e7efe1a965 format with alejandra and other things 2023-06-17 17:46:31 -07:00
Hung 1537fea0bd wip: interface-like structure but im sadge on development with no type-safety 2023-06-16 16:12:54 -07:00
Hung e67a18e465 fix: darwin spotlight patch; extra: debugging neovim-cmp type 2023-06-15 12:46:01 -07:00
Hung f04388f562 many neovim changes and vimplugins nightly overlay 2023-06-12 23:58:03 -07:00
Hung 7f0611d186 docs 2023-06-12 12:14:59 -07:00
Hung a6c979c659 feat: add couple more vim plugins via nixpkgs 2023-06-11 23:51:47 -07:00
Hung a5186b204c feat: idempotent installation with WPlug 2023-06-11 21:21:01 -07:00
Hung 63900e1117 docs 2023-06-07 22:04:50 -07:00
Hung fbb8477c19 feat: more ssh targets; darwin spotlight home-manager is broken :( 2023-06-07 21:53:56 -07:00
Hung f546cb6b32 fix: fidget and home-manager should remove existing darwin spotlight if already existed 2023-06-07 08:30:46 -07:00
Hung aef09a32c5 feat(nvim): fidget.nvim 2023-06-06 21:19:13 -07:00
Hung ba993d16f5 feat(nvim): tablines and potential for job management 2023-06-05 09:04:08 -07:00
Hung d58acd7bc2 feat(nvim): add '<leader>fug' for unrestricted live grep (no .gitignore) 2023-06-04 21:40:47 -07:00
Hung 9cd012f2e2 feat: less init.lua, more neovim.nix along with docs on shell setup 2023-06-04 20:17:13 -07:00
Hung 84a69f8638 feat: vi-copy mode now consistent with vim: use 'v' for select mode and 'y' to copy 2023-06-03 20:23:42 -07:00
Hung 9a8ddc42d5 tsql 2023-06-01 08:26:10 -07:00
Hung 632104be69 fix(flakes): minimum to work correctly, along with user shell integration 2023-05-16 09:31:51 -07:00
Hung 8b4cb660c8 fix(neovim): Just pin neovim correctly to its latest working nightly 2023-05-16 09:26:57 -07:00
Hung b50bd9964c feat(nvim): optimize for rust 2023-05-02 10:26:53 -07:00
Hung 3c483aeb89 feat(hm): cpu usage now works on tmux 2023-05-02 09:28:34 -07:00
Hung 1f511b052c nixGL/fetch: single-thread beats future 2023-04-02 11:49:46 -07:00
Hung 17937c2146 nixGL/fetch: cleanup 2023-04-02 01:35:36 -07:00
Hung 335efeb2d9 nixGL: simplify, update, and use builtins only 2023-04-02 01:10:47 -07:00
Hung b7c3707213 ^deps and allow htran home to be built 2023-04-01 23:35:11 -07:00
Hung bbcc5a14b7 wip: error building kpcli-py :/
error: builder for '/nix/store/sacq2mx2i7f4230sy0j2m36av73xsjc7-python3.10-pip-23.0.1.drv' failed with exit code 1;
       last 10 log lines:
       > updateAutotoolsGnuConfigScriptsPhase
       > configuring
       > no configure script, doing nothing
       > building
       > Executing setuptoolsBuildPhase
       > Traceback (most recent call last):
       >   File /private/tmp/nix-build-python3.10-pip-23.0.1.drv-0/pip-23.0.1-source/nix_run_setup, line 3, in <module>
       >     import setuptools
       > ModuleNotFoundError: No module named 'setuptools'
       > /nix/store/mymsi43djixs7aiqfb9gpms4jllszfrg-stdenv-darwin/setup: line 1601: pop_var_context: head of shell_variables not a function context
       For full logs, run 'nix log /nix/store/sacq2mx2i7f4230sy0j2m36av73xsjc7-python3.10-pip-23.0.1.drv'.
2023-03-24 09:39:29 -07:00
Hung b0b8d2cc3a wip: copy to some remote cache 2023-03-23 21:50:49 -07:00
Hung fa4f674853 add upload to cache 2023-03-23 13:49:13 -07:00
Hung 0e91219d9a add some troubleshooting info 2023-03-23 00:56:15 -07:00
Hung 56babf7600 add sops 2023-03-23 00:41:44 -07:00
Hung 4de2b92b25 more parallelism 2023-03-22 18:11:00 -07:00
Hung 516612c36e darwin apps should be put to spotlights 2023-03-22 18:04:29 -07:00
Hung 29d6a06346 nix flake update for first-timers 2023-03-22 17:08:04 -07:00
Pegasust dcc35d45a1 wip: tmux 2023-03-22 16:35:03 -07:00
Pegasust dce680f2a8 yamlls: remove keyOrdering enforcement 2023-03-19 21:25:41 -07:00
Pegasust 0a947801ab flake update for hm 2023-03-11 21:27:34 -08:00
Pegasust c9f22e24ad nix-dev: should be stable now 2023-03-11 15:29:21 -08:00
Pegasust 9f0023c4d6 add work gitlab 2023-03-06 13:11:12 -08:00
Pegasust 33c4acf9ea prefer ed25519 2023-03-06 12:55:55 -08:00
Hung 73da05fc73 credentials: add new user; add postman to work darwin 2023-02-28 12:04:25 -07:00
Hung 9a4e80ba6e +ssh 2023-02-27 10:32:48 -07:00
Hung fd82956c33 add ci user for dev1 2023-02-24 10:54:28 -07:00
Hung bdd7ea92d1 just bare minimum for convenience of sops and access to credentials.yml 2023-02-22 13:18:44 -07:00
Hung ac131e1389 cred: allow private key access for bao 2023-02-22 11:19:28 -07:00
Pegasust a9456019ad cred: add bao machine 2023-02-22 11:17:36 -07:00
Pegasust 79e3c20b39 before nuking top-level-wip again 2023-02-22 11:08:07 -07:00
Hung 1d39c05834 more credentials 2023-02-22 11:05:10 -07:00
Hung 7150eb19c1 misc changes for credentials, updates on py-poetry template 2023-02-21 08:40:14 -08:00
Hung 20d3325ae9 add work gitlab runner deploy key 2023-02-14 11:27:22 -07:00
Hung 7a37c135ee add credentials encrypted with sops 2023-02-14 11:19:44 -07:00
Hung 78b22d31fc add nickel lang 2023-02-14 10:06:39 -07:00
Hung ed84a5a871 clean c_ 2023-02-14 01:56:48 -07:00
Hung bf22c75270 add sops 2023-02-14 01:34:17 -07:00
Hung 267d7f829a add yang syntax highlight 2023-02-13 17:04:48 -07:00
Hung 34982b3079 fix ssh and use yq-go instead of yq 2023-02-12 12:02:27 -07:00
Hung 4283dba315 ssh: +id_ed25519 2023-02-09 21:54:08 -07:00
Hung 27ed93d41e htran work mbp: +slack :D 2023-02-04 14:48:08 -07:00
Hung c6a69029d7 internal stuffs 2023-02-02 01:51:09 -07:00
Hung d74280a44c nvim: gopls 2023-01-25 10:44:16 -08:00
Hung 150534c512 add bootstrapping profile for py-poetry 2023-01-20 14:58:02 -08:00
pegasust 98e8c003e6 Merge pull request 'top-level configuration is still broken. Maybe merging configurations is not really a good idea.' (#10) from top-level-wip into master
Reviewed-on: #10
2023-01-20 22:47:23 +00:00
Hung 7bddd37b48 another bonehead on networking interfaces should be plural 2023-01-20 13:19:59 -08:00
Hung 6f21b98c0e conf-sysnix.sh use that nix-conf/system for now 2023-01-20 13:16:52 -08:00
Hung 4ab83570aa while top-level nixosConfiguration is broken, bring back nix-conf/system 2023-01-20 13:13:14 -08:00
Hung b63f75815c bonehead on nix flake's fetch git convention 2023-01-20 10:59:07 -08:00
Hung eaee170085 forgot .envrc :/ 2023-01-20 10:48:41 -08:00
pegasust 2796a3720e Merge pull request 'templates: built with Nix' (#8) from top-level-wip into master
Reviewed-on: #8
2023-01-20 18:46:47 +00:00
Hung 9c4aa2799b more robust nix templates 2023-01-20 10:44:01 -08:00
Hung 1726597501 nvim: ansible is pretty much a finger away from all IT ops 2023-01-19 15:06:25 -08:00
pegasust 4f13c01728 Merge pull request 'py-poetry template + pyright instead of pylsp' (#7) from top-level-wip into master
Reviewed-on: #7
2023-01-19 22:23:46 +00:00
Hung 651806c0e4 add py-poetry template 2023-01-19 14:02:39 -08:00
Hung f9387aafc0 ow 2023-01-19 13:38:06 -08:00
Hung ec1afc4fe0 guess who got a job? 2023-01-19 13:32:03 -08:00
Pegasust 81fa580d0c nvim: remove pylsp for pyright 2023-01-19 13:30:25 -08:00
Pegasust 295166292a top-level configurations not working to start with :/ 2023-01-19 10:24:53 -08:00
Pegasust ca63340a3e cross-platform failing 2023-01-19 10:24:12 -08:00
pegasust 6eb4af3491 Merge pull request 'nixops, nix-index-database, out-of-tree flake-compat' (#6) from top-level-wip into master
Reviewed-on: #6
2023-01-15 17:24:07 +00:00
pegasust d4f6cf27a9 Merge branch 'master' into top-level-wip 2023-01-15 17:23:34 +00:00
Pegasust 97fd1543df nixops ok now 2023-01-15 04:48:11 -08:00
Pegasust a0dae5b3a0 add nix-index-database 2023-01-15 01:54:53 -08:00
Pegasust 8734707ab6 hungtran: another darwin that's more open to hardware mods 2023-01-15 00:45:51 -08:00
Pegasust ecfc6bf1fa onboard htran 2023-01-14 06:38:36 -08:00
pegasust 820ac199d8 add flake-compat for out-of-tree bc maintainer seems ded 2023-01-14 06:50:50 -07:00
pegasust ab3e8c6a9e Merge pull request 'Pure NVIDIA autodetection for NixGL' (#5) from top-level-wip into master
Reviewed-on: #5
2023-01-14 13:10:27 +00:00
pegasust 652854db20 resolve hosts/default.nix 2023-01-14 06:04:43 -07:00
pegasust 2fe6f6ce97 templates: rust-monorepo: no vcs on `cargo new` 2023-01-14 05:42:40 -07:00
pegasust d3c0db3363 bao: explicitly use nixGL 2023-01-13 00:24:32 -07:00
pegasust 22acf5787e hm: stricter graphics enable 2023-01-12 23:56:58 -07:00
pegasust f06509d74a logseq not available on x64-darwin 2023-01-12 23:51:50 -07:00
pegasust 7a3eee8647 htran 2023-01-12 23:47:43 -07:00
pegasust 2176df3047 nix-fmt 2023-01-12 23:42:21 -07:00
pegasust 3a3683baa9 hm-switch: home-manager only returns 0 if help is provided 2023-01-12 23:16:36 -07:00
pegasust 8b1503c4bd hm-switch: also aggressively manage nix.conf for non-nixos installs 2023-01-12 23:08:31 -07:00
pegasust 19b9a0713e bao: configure keepass db path 2023-01-12 17:33:53 -07:00
Pegasust d7c499dde1 nixGL: remove some rec for better error message 2023-01-12 17:27:32 -07:00
Pegasust 1c36b5c957 nixGL: throw if no sha-256; hm-switch: allow passthru 2023-01-12 17:24:20 -07:00
pegasust aa96b9e6ab nixgl: auto should be less impure now 2023-01-12 17:22:56 -07:00
pegasust 9abddeea3c nixgl: add fetch database for purity 2023-01-12 17:08:55 -07:00
pegasust 8b1ba34164 prohibit sha-less nixgl 2023-01-12 13:01:11 -07:00
pegasust 4a5981d050 add sha256 to pinned nixpkgs to support nix config monorepo 2023-01-12 12:34:30 -07:00
pegasust 3e9ba75329 more top-level bonehead 2023-01-12 11:42:20 -07:00
pegasust 313a5e7f3e top-level should direnv fine now (hwtr) 2023-01-12 11:04:56 -07:00
pegasust c6d74c6b3e shortcuts for rust 2023-01-12 10:41:58 -07:00
pegasust 6546a0e7fa neovim nightly 0.9 2023-01-11 18:55:28 -07:00
pegasust b0026dff5e flake update 2023-01-10 08:30:52 -07:00
pegasust 98da9eec26 readme to rust-monorepo 2023-01-06 11:07:05 -07:00
pegasust 34ef52d5b4 Merge pull request 'turborepo, neovim: rust-analyzer pushed to devShell' (#4) from top-level-wip into master
Reviewed-on: #4
2023-01-03 22:37:11 +00:00
pegasust 0b3403877f Merge pull request 'Add kpcli & fix template rust-monorepo bootstrap: corelib instead of core' (#3) from top-level-wip into master
Reviewed-on: #3
2022-12-31 10:23:15 +00:00
pegasust a04ffb87ba Merge pull request 'hotfix: nit on templates' (#2) from top-level-wip into master
Reviewed-on: #2
2022-12-28 02:15:14 +00:00
pegasust 1ed57bdf87 Merge pull request 'begin migrating to top-level nix-config; LSP stuffs working!' (#1) from top-level-wip into master
Reviewed-on: #1
2022-12-28 02:10:02 +00:00
139 changed files with 10277 additions and 3001 deletions

20
.envrc
View File

@ -1,6 +1,16 @@
# If nix-shell available, then nix is installed. We're going to use nix-direnv.
if command -v nix-shell &> /dev/null
then
use flake
fi
#! /bin/sh
source "$(
nix eval \
--no-update-lock-file \
--no-write-lock-file \
--no-warn-dirty \
--accept-flake-config \
.#__std.direnv_lib 2>/dev/null \
|| nix eval .#__std.direnv_lib # show the errors
)"
# FIXME: This should check if $USER is in userShells, if not,
# fall back to `use nix`
use std nix "//repo/userShells:${USER}"

2
.gitignore vendored
View File

@ -0,0 +1,2 @@
result
.direnv

16
.sops.yaml Normal file
View File

@ -0,0 +1,16 @@
keys:
- &htran-mbp age1jpm9mtxz6n8vncrk6pk7dppj3r7qxfj5hsgvcdulmp3lxvxez94qvxlgay
- &htran age1jw958shpwu7st8sc4z0fufuswmfpxfc9wl3df9g3f3y57m45j92syr0mng
- &bao age1umzkd4k0xt6uv5de85fpc4uztrph86nsd79h5f8cpuvtpy8n6adss7q2fv
- &root_bao age1vx7e6vz9zptwqd0cakjj8erqv58cstddama8zcrppc36rqqmlvjs53x9u0
- &htran1 age1vkd39dmrft3uk5wnfqppharn38dhrh78ev6pl85u005jhcge5e9qz4lt79
creation_rules:
- path_regex: .*
key_groups:
- age:
- *htran
- *htran-mbp
- *bao
- *root_bao
- *htran1

View File

@ -5,6 +5,10 @@ Contains my configurations for the software I use.
I'm looking to move forward to configuration with NixOS, but until I get
a bit more experiment on NixOS, I'll keep this repository as simple as possible.
- As of 2023-06-07, I have little interest in keeping configurations
([`init.lua`](./native_configs/neovim/init.lua), [`sshconfig`](./native_configs/ssh/config),...)
to be idempotent for Nix and non-Nix targets.
## Nix
Monorepo that contains my commonly used personal environments.
@ -13,8 +17,7 @@ onto this repo for quick env setup (especially devel) on new machines.
## How do I apply these config
- I will always first clone this repository, preferably from local source before
going from the github. `git clone https://github.com/pegasust/dotfiles`
- Clone and nixify
### neovim
@ -26,7 +29,6 @@ My main text editor. It's based on `vim`, but stays loyal to `lua` ecosystem
#### Notes
- Ensure that neovim is installed and invocable by `nvim`.
- My config based on rather experimental version of`nvim` (>=0.7.2)
- For information on installing neovim, visit their [github page](https://github.com/neovim/neovim/wiki/Installing-Neovim)
### tmux
@ -40,7 +42,7 @@ from one terminal.
#### Notes
- Unsure if the minimum version of tmux. I have had an ancient HPC server
- Unsure of the minimum version of tmux. I have had an ancient HPC server
that does not respond well to one of the config lines.
### zk
@ -57,4 +59,23 @@ text-editor agnostically.
- Templates: `zk/templates/`
- Command: `ln -s $PWD/zk/templates ~/.config/zk/templates`
Note (2023-06-07): I'm now using a mix of nvim-zk with Notion. I'm still figuring out
a centralize place to put my notes and use it to do some knowledge graph magic
## Troubleshoots
### My MacOS just updated, `nix` is no-longer here
- An easy fix is to add the following to the **bottom** of `/etc/zshrc`
```sh
# Nix {{{
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# }}}
```
- Otherwise, consult [`gh-gist:meeech/a_help-osx-borked-my-nix.md`](https://gist.github.com/meeech/0b97a86f235d10bc4e2a1116eec38e7e)

97
credentials.yml Normal file
View File

@ -0,0 +1,97 @@
credentials:
- kind:
name_unencrypted: kv
name_unencrypted: ci@dev1.htran.egihosting.com
user_unencrypted: ci
password: ENC[AES256_GCM,data:4AIDKxX9dQncyhHe,iv:+YbvHz6GLD9unbTwE/KwcdpU/yMygFurxelOjkrFJRU=,tag:VHnzt66W2pWwcxjTH9LreQ==,type:str]
- kind:
name_unencrypted: kv
name_unencrypted: Gitea credentials
user_unencrypted: pegasust
password: ENC[AES256_GCM,data:l472gCfek08/Z1cWL0EVtqWYYhE=,iv:TDUX4piGeHSkFSApeaGIPiXPzYAHZWxoMIuQ8G6cunw=,tag:WhCDoCNIUxe5gdxUuuYhZA==,type:str]
- kind:
name_unencrypted: kv
name_unencrypted: Nix SSH password for hungtr
user_unencrypted: hungtr
password: ENC[AES256_GCM,data:cJpfi8l1mx/86R1Oxd8=,iv:AwYBs4/P4ICNo4B6MxIz3HrGB+hdohIRtVflGBSS/P0=,tag:SC6MO5Zn0xwDRH4TGBR2LQ==,type:str]
- kind:
name_unencrypted: ssh
name_unencrypted: egi-htran
pubkey_unencrypted: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPNKyGKsVG/jVXwAmZvH8rLQPdGj8VgITMSN+/nbXTEY htran@Hung-Tran-MBP.local
privkey: ENC[AES256_GCM,data:OrurRGlutN1N1YFQvD1XbiF3thV8qO2y1ufRHi3ut1RVA/lxmqg1kYdWnYE7tOCCCITs20ZpcPFAwAjjAXZH6NaS8FgEJiPDUnJ+hg5v0VC7c4GNc+G3B8+9Taz7mggg70EL/s5QwofpuqJspr4EHrildX6eUeE6s9KwSFnw6KTBgO4r0JqBaicbbObhzxPYIYHjhxRxsbYMX4i8ADPeYryhEtL168dHEGENuz/mbw2I/5Qp3R/SwroNpYlTpq6ukGeobW4+j2KD7ZV9Nvcs/FL6/lPdaUKPxNW/bDeRhAaw9Mw3oDxHdTNisvCHJ53GHChdWcoXSMjYNH+zbgXp9YTeCLBMf9/lLnnEwtSEuD2kexcF+WR7gcbu6mdxJ1k3HBU+Xkrl6shGFuQv3hH8eSmfLhIdy+zcY/jb6tokQklrdKsrusFjuHhAuKfNl5uA93Pc0NxTZ4plxEEdbeyzz54cWwBf0HXR6ztSrjqfUtud3bQY667MNB2LHO91QBoQE7U2gUQ2CmI3VG9KVm2eh7LsXUjLoLzccYfg+kkTrQJnAfs=,iv:+4wsk7mUsIOWNe9IoV0TgrBKIsQdiJyzwVb2+hlPVTc=,tag:B9P2bHPh78JuwusZnAsC5A==,type:str]
agepub_unencrypted: age1jpm9mtxz6n8vncrk6pk7dppj3r7qxfj5hsgvcdulmp3lxvxez94qvxlgay
agepriv: ENC[AES256_GCM,data:tE6WLw8/dHsC6rfJpek7czvySW0+S2luc470l9X6UFX+zCOwlwoQpTWpIGPIqmkOFNSaaA0cyZ4BmWnlVz1iWxizh8DYqcE5los=,iv:4jnpibK+0cE1isWu6Zl1CsajMWN9Zgw8LGX5WpkRyy8=,tag:vdi85c3Q29olLGsCwrvmcA==,type:str]
- kind:
name_unencrypted: ssh
name_unencrypted: dev1-ssh
pubkey_unencrypted: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH1IiP+d2S152uiD2JjUJfADFv7AS0l3LX2NRgfMTYLe htran@htrandevbox
privkey: ENC[AES256_GCM,data:5lf+Oy0VhsxDLANpBFxtguD5unsZK9yKW/boTlxAOIzlcD1Xf4Nr0iC6YW/4nBB/eJ8xPlUiU5vhRQSLZPqnfc6nQJReqPPafzfugYb3slYBl59EeimBCqTi0qVIUHNFvRpp2agZW0wIQv4hlB3ks+WBVjKixLOdbUBQREZB22DWk6eoKawmekCr7ItDsxGWG7DtHx9A511LyPrT1n/VhAYHTuq6ycbWjDya++bJ/AkYlcqW0jEyQ/Mudo/TYkRt4TpWWDjGPDYVNrjBiwYOSpoM6IwzfRQvimCZnfqyXHrT2gzv9Vqqu9C2Vp2R0FLzbdA8dYoiXwss7opzsI5um6D4AdQv8c16TiVLFF0q0VP2xyRf3j7iqmuwQHIRlkBh2BhnsXT/s35K6cb1dUhIw0aQpFGzL/VuqMKrQW3j3S9pSiiupBuSwdLJ9s8+rkGYTO0Iw+T646L1NFW7oFMP8Fe5ZMC9UuTV/srWNtXHAQaY+L9TwMIQY36P4V0lqaVfCWAiIrBTgLhHQetnzb/Y44Ll/qTdRXHSW6D4,iv:30sivScr8WmFmZx8M/sqTEuGRg72VzJ+bc6AW847xz8=,tag:dJsH+/dhRWQoKwsGAUzqAQ==,type:str]
- kind:
name_unencrypted: age
agepub_unencrypted: age1jw958shpwu7st8sc4z0fufuswmfpxfc9wl3df9g3f3y57m45j92syr0mng
agepriv: ENC[AES256_GCM,data:f66nwYr1WLTejGI2SpHNrf8BYRJJuxpufYLSYVix1uLdBj2TfVJVjN3bLsnHrB1DoeVyaF0nUxrdcL64LhbI38zZC/fNORfXx4E=,iv:J/noycrJlL2+r1ojmUYC/6GUVMGqRFM2ondBm2C7fSE=,tag:pT5z5NQQdS30bucdbPPBng==,type:str]
- kind:
name_unencrypted: ssh
name_unencrypted: gl-egi-htran-ed25519
privkey: ENC[AES256_GCM,data:vM5G2o/syq9YUwqpUONJk5ebwha+UQI0wUCkwkmZTTtx+nB/HTnc4kqxX/eeF9ybSE8vq7YIWuKB8aSjpizOYZjjWIV3qpWBiDmdrWkWfUIl7kDdy75azZjHNRXuXUUExbPYGVjmL7KdDMHY2u1WceDSdEvgB2sNOPw4dNiZ9lcbJ5iDpQzmxaF6zdvZ/rVoXYM2NgSMdM4oTdRtYivcOPuxwRGi39R5XgyPJYwltawSAPFPmNYofszUzYLnD7jPEJqyEQORpcI2oM2qAPab22kDrDLyd51X1F6XT/5chKuPSsidZAVjB6+v2s/yN0quqz3qcP2RTYtaZcFyeEquk6eWA/MWVwCJK8XopNoPVVo0PRppOtq3M9Fss3Z587nQAis8doCbvv9XdUunOFHFWon7k8fGu9cDDMmSOE3KGWCO7Vw0V6dYnBT+OVJnJAxlf7AsUZdXVBo3PK9Zw6+d2XF2N9Jhr0bqA1tpmGqwCygHy41FGbWtuhZBX8JimTPFE1MyT5YvptzwbayONcvps8hZED8zwKbR/64DSF7wn1DAaW0=,iv:JjO6O+FB+W1Gi216bjkVXiIFvxLmIZ4rKLCXcepOIQc=,tag:TxiwbrCZ4vFgw6WMmKrVOg==,type:str]
pubkey_unencrypted: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINOqM08nqvcFhcF6E//dlphXctfck83N0tjKIfil8npY htran@Hung-Tran-MBP.local
agepriv: ENC[AES256_GCM,data:Z4qRvam25nvkNr4DuZhhKtN83NIfNcBW5Wq7SGm0Nb31kAjCS25VfkTrXUtrxWIunMCZEYoIdDLiENjRQPAh/NwffGbZn94/ZKY=,iv:t3YtQvRQPdbDcXgEC/A13W1K9/IIlt6rPceR1lAl0BM=,tag:QmiriOk19fGSPOWj98doUQ==,type:str]
agepub_unencrypted: age1jz7ajxer3fs02uygr8a374jfk7vuklpnnyugrlq4equ285t7nyfqwqdreq
- kind:
name_unencrypted: win-rdp
name_unencrypted: EGNGoat
ip: ENC[AES256_GCM,data:9/FPJM8l4hLvzDc5pg==,iv:ny1LKtgznhzMd3Bhogwu6b6bOk3/uCNarKTmlWRZAes=,tag:PsleUu2ZE4leEMEcEuJdLQ==,type:str]
user_unencrypted: EGN NOC
password: ENC[AES256_GCM,data:YOL5Sw6zaA==,iv:Cs8gySfGIQUBPivkM5N6kflZsRhp2w9xmPwtl7RrEZE=,tag:LXYKdsX++IP+jQyjL6JBrg==,type:str]
- kind:
name_unencrypted: kv
name_unencrypted: gl-deploy-token
user_unencrypted: gitlab+deploy-token-2
pass_unencrpyted: ENC[AES256_GCM,data:GcPu8JFy8JuPb3xrHKBpP196h0k=,iv:2N69xdTtnpjDLvRAbSpDWGh6+IFWpIZgHo6yVf2kE/4=,tag:L7UA7Oj/ZtekO3Cmvp2lvA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1jw958shpwu7st8sc4z0fufuswmfpxfc9wl3df9g3f3y57m45j92syr0mng
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwdGdsRlFqU3A5S3JERDFo
RjBhaHdhSVdXbThwNkR3aWNWc2pMY2owQ0JNCjZpTFBBRWlOTTRvYUJmVzU1QjN6
ZzkwcGNjNkVmVzhuMlhLN1ZpWEJiSjgKLS0tIGNmbHF5T3dFeWd1dDFCajIvUmJX
TkpXSCtrU1V5NjRWbTBKMWhhMi9JNGsK+UCiGQtJNU0QDTG2kIqxUO9boLPj583M
ZwQXwhqBljQojqs1NwvXHCWgyrqhPqIobwYO8xhq1/3S/jMkyfzbAQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1jpm9mtxz6n8vncrk6pk7dppj3r7qxfj5hsgvcdulmp3lxvxez94qvxlgay
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxSnN3V2hXZ25mU1gxait3
TDVDQ1RqbVZYOWI2Q1BCZnlDaFVHb2NuRXdrCm8yQ0FWRytReCt0TU11byt5THM1
VWh1MjhFWVlRQ29rQXlJS2FHTUFaQlkKLS0tIExJMndaY2g3ZmlnbyswWW9Fc0RM
MFFVNGs2RHVTcUdYZWljckt0RnRFN28K4O6nmQfMaJYzaA2n4PzLAqoslyxScplr
y6b6wTL3171sA2w6DgP+8BQjJ9/oCoGOtwpyxWzs2zld0dglmP9PGA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1umzkd4k0xt6uv5de85fpc4uztrph86nsd79h5f8cpuvtpy8n6adss7q2fv
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmOFVCTS9HS2dITFVqV2s5
VGV5WUZlaW9JMWdNM1NUeVNmTFV3eWVzS0hFCnNVTGRlbG1aU2dsaXhFMmZFekt5
cU4wWkNpYktFcEtwYTByUDlpOW5WY1EKLS0tIENyMndiL0gxUGdlK1BtelNKd295
QThYZGM0Y1FoTmVud2MxZ2lxK1RENFUKbRkax7DamL8m8qnN0FBHjJm7iDEjI4On
+xWVpKRSZviklQTybJqCS3PS3hCAW2zVlD8kZ5ZgTF9/p3towOAJGw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1vx7e6vz9zptwqd0cakjj8erqv58cstddama8zcrppc36rqqmlvjs53x9u0
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3eFI3YUtGbUFQbnQ5YXZ4
VE1uNHhNdUNPeEVOY3VuaFR5UEQ3ejJqaFJRClpETnFhQ09udk5XTWRBdmxnRW5q
T0xGbFYwOVlZWWFNb2c4d0ZBNzZnREEKLS0tIGlLK1RRMllKMG9vTmxOSHZXb3dT
cWxIRyszNmlpN2twMElIL3JCcHdOcHMKMT7Xq+XsSAdkJ1CAWRqdQTrr1NhPeTUc
UT0Fa8zUCBTUZEhcmVAnZ4Crr6N2GQbtNOU2S9Jt++od1dxQ+9TjHA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-02-28T17:54:36Z"
mac: ENC[AES256_GCM,data:uI84H7eyWsauw2RMysa8w/OHP4QXN+FvO/GW+orj86cTlfL521MdPgZZamtSxOeyb4+893jn09GSFUBmOdQHUOX3kGNdWNwpu7eXM1ext/cpZwCsaIDBWDyCCE6LcF69LQEKsbRlC1nDAeMW3Wn510teS/TFxgbRucNdGTnrRE0=,iv:PbjX7VTDkAi0O/pipgV70KbJD/LLJAmD/U7d2kn58DM=,tag:dMsU71CPnO8JHyXoWPcFaQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

View File

@ -1,11 +1,13 @@
# We use top-level nix-flake, so default.nix is basically just a wrapper around ./flake.nix
(import
(
import
(
let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
c_ = import ./c_.nix;
in
c_.fetchTree lock.nodes.flake-compat.locked
)
{ src = ./.; }
).defaultNix
{src = ./.;}
)
.defaultNix

View File

@ -4,17 +4,27 @@
# Should also incorporate shortcuts like scripts/{hm-switch,conf-sysnix}.sh in here instead
#
# It should not contain PDE
{pkgs? import <nixpkgs> {}
,lib
,...}: pkgs.mkShell {
{
pkgs ? import <nixpkgs> {},
lib,
...
}:
pkgs.mkShell {
# mkShell doesn't care about the differences across nativeBuildInputs,
# buildInputs, or packages
buildInputs = [
# shell scripts
(lib.shellAsDrv {script = ''echo "hello world"''; pname = "hello";})
pkgs.rust4cargo
pkgs.sops
pkgs.ssh-to-age
pkgs.go
pkgs.gopls
];
shellHook = ''
# Since we need late dispatch of ~, we have to put this in shellHook.
export SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt
'';
# env vars
lol="hello world";
lol = "hello world";
}

View File

@ -28,7 +28,7 @@ documentations and defaults
- `nativeBuildInputs` is supposed to be built by a deployment machine (not target)
- `buildInputs` gives you access during runtime
- `buildInputs` gives you access during runtime (if the package goes path build filter)
- `nativeBulidInputs` gives you access to packages during build time

View File

@ -0,0 +1,12 @@
# Neovim: Testing cmp for color with Tailwind
- [ ] It should detect a project uses tailwind, maybe via some kind of config file
(`tailwind.config.{cjs,mjs,js,ts,json,tsx,toml,yaml}`), or just based on the
string content or via tree-stiter. Check this by `:LspInfo` and `tailwindcss-lsp`
should attach to the current buffer that has tailwind-css string
- [ ] Type in a classname `text-red-500`, just stop at somewhere and start
browsing the cmp-lsp window. It should show a color in place of `lspkind`.
This validates `tailwindcss-colorizer-cmp.nvim` is good
- [ ] Hit that autocomplete, the string should show the color red. This validates
`nvim-colorizer.lua` is properly setup.

169
docs/vim-plugins.md Normal file
View File

@ -0,0 +1,169 @@
# Offset Vim Plugins onto nix packer
The current [`scripts/vim.dsl`](../scripts/vim.dsl) grabs the upstream supported vim plugins
onto a sqlite database to be stored in memory. We could perform some data exploration via this database
## Explore which plugins should be added to `neovim.nix`
Gather list of plugins need to be added. This can be done simply by adding
a print statement on `WPlug` in `../native_configs/neovim/init.lua` then run neovim
to collect it.
```lua
-- as of git://./dotfiles.git#a6c979c6
local function WPlug(plugin_path, ...)
local plugin_name = string.lower(plugin_path:match("/([^/]+)$"))
if not installed_plugins[plugin_name] then
-- NOTE: Add print statement to get which plugin is still being
-- plugged at runtime
print("Plugging "..plugin_path)
Plug(plugin_path, ...)
end
end
```
We can then use `vim_dsl.py`
```py
vp = VimPlugins(UPSTREAM_CSV)
need_install_plugins = """
tjdevries/nlua.nvim
yioneko/nvim-yati
nathanalderson/yang.vim
numToStr/Comment.nvim
lewis6991/gitsigns.nvim
tpope/vim-fugitive
williamboman/mason.nvim
williamboman/mason-lspconfig.nvim
TimUntersberger/neogit
folke/trouble.nvim
tpope/vim-dispatch
clojure-vim/vim-jack-in
radenling/vim-dispatch-neovim
gennaro-tedesco/nvim-jqx
kylechui/nvim-surround
simrat39/inlay-hints.nvim
gruvbox-community/gruvbox
nvim-lualine/lualine.nvim
lukas-reineke/indent-blankline.nvim
kyazdani42/nvim-web-devicons
m-demare/hlargs.nvim
folke/todo-comments.nvim
nvim-treesitter/playground
saadparwaiz1/cmp_luasnip
L3MON4D3/LuaSnip
arthurxavierx/vim-caser
~/local_repos/ts-ql
""".split()
need_install_plugins = [plugin.strip() for plugin in plugins_raw if plugin.strip()]
# Create the GitHub URL list
need_install_plugins_gh = [
f"https://github.com/{plugin}/".lower() for plugin in need_install_plugins if not plugin.startswith(("~", "."))]
# Get the values from the database
values = vp.query(f"SELECT LOWER(repo), alias from {vp.table_name()}")
# Check if the repo is in the list of plugins
need_install = [
vim_plugin_slug(alias) if alias else name_from_repo(repo) for repo, alias in values if repo in need_install_plugins_gh]
print("need_install", "\n".join(need_install))
# Check if the repo is not in the list
repos = [repo for repo, _ in values]
not_in_repo = [name_from_repo(gh) for gh in need_install_plugins_gh if gh not in repos]
print("not in repo", not_in_repo) # nvim-yati, yang-vim, Comment-nvim, inlay-hints-nvim, hlargs-nvim, vim-caser, gruvbox-community
```
This should print out
```
need_install
cmp_luasnip
comment-nvim
gitsigns-nvim
gruvbox-community
indent-blankline-nvim
lualine-nvim
luasnip
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
not in repo ['nvim-yati', 'yang-vim', 'inlay-hints-nvim', 'hlargs-nvim', 'vim-caser']
```
Given this list, we could safely add to `neovim.nix`
```nix
programs.neovim.plugins =
let inherit (pkgs.vimPlugins)
need_install
cmp_luasnip
comment-nvim
gitsigns-nvim
gruvbox-community
indent-blankline-nvim
lualine-nvim
luasnip
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
;in [
need_install
cmp_luasnip
comment-nvim
gitsigns-nvim
gruvbox-community
indent-blankline-nvim
lualine-nvim
luasnip
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
];
```
TODO:
- [ ] Source the plugins directly
- [ ] Add 'frozen' to each of these plugin
- [ ] Pin plugins separately from `neovim.nix`
- [ ] Find a better way to `inherit` with list comprehension
- [ ] Create alert & notification channel for this, ideally via Discord channel
- [ ] Even better, just put it in email with some labels
- [ ] Better end-to-end design that take even deeper account to gruvbox-community and such

1934
flake.lock

File diff suppressed because it is too large Load Diff

148
flake.nix
View File

@ -1,108 +1,70 @@
{
nixConfig = {
accept-flake-config = true;
experimental-features = "nix-command flakes";
max-jobs = 12;
};
description = "My personal configuration in Nix (and some native configurations)";
inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable";
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
};
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-latest.url = "github:nixos/nixpkgs";
deploy-rs.url = "github:serokell/deploy-rs";
std.url = "github:divnix/std";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
flake-utils.url = "github:numtide/flake-utils";
nixgl.url = "path:out-of-tree/nixGL";
rust-overlay.url = "github:oxalica/rust-overlay";
# Allows default.nix to call onto flake.nix. Useful for nix eval and automations
flake-compat = {
url = "github:edolstra/flake-compat";
flake = false;
neovim-nightly-overlay = {
# need to pin this until darwin build is successful again.
url = "github:nix-community/neovim-nightly-overlay?rev=88a6c749a7d126c49f3374f9f28ca452ea9419b8";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-boost = {
url = "git+https://git.pegasust.com/pegasust/nix-boost?ref=bleed";
};
kpcli-py = {
url = "github:rebkwok/kpcli";
flake = false;
};
};
outputs = {
nixpkgs, agenix, home-manager, flake-utils, nixgl, rust-overlay, flake-compat
,...
}@_inputs: let
# Context/global stuffs to be passed down
# NOTE: this will only read files that are within git tree
# all secrets should go into secrets.nix and secrets/*.age
proj_root = let
path = builtins.toString ./.;
in {
inherit path;
configs.path = "${path}/native_configs";
scripts.path = "${path}/scripts";
secrets.path = "${path}/secrets";
testdata.path = "${path}/tests";
modules.path = "${path}/modules";
hosts.path = "${path}/hosts";
users.path = "${path}/users";
};
# TODO: adapt to different platforms think about different systems later
system = "x86_64-linux";
overlays = [
rust-overlay.overlays.default
(self: pkgs@{lib,...}: {
lib = pkgs.lib // (import ./lib (_inputs // {inherit pkgs proj_root;}));
})
];
pkgs = import nixpkgs {
inherit system;
overlays = import ./overlays.nix _inputs;
config = {
allowUnfree = true;
};
};
# now, this lib is extremely powerful as it also engulfs nixpkgs.lib
# TODO: I really don't want to extend from nixpkgs.lib because it doesn't extend lib within nixosModule
lib = nixpkgs.lib.extend (self: nixpkgs_lib: (nixpkgs_lib // pkgs.lib));
inputs_w_lib = (pkgs.lib.recursiveUpdate _inputs {
inherit system proj_root pkgs lib;
});
modules = (import ./modules inputs_w_lib);
hosts = (import ./hosts inputs_w_lib);
users = (import ./users inputs_w_lib);
# {nixpkgs, agenix, home-manager, flake-utils, nixgl, rust-overlay, flake-compat
# ,pkgs, lib (extended), proj_root}
final_inputs = inputs_w_lib;
# Tests: unit + integration
unit_tests = (import ./lib/test.nix final_inputs) //
{
test_example = {
expr = "names must start with 'test'";
expected = "or won't show up";
};
not_show = {
expr = "this will be ignored by lib.runTests";
expected = "for sure";
};
};
secrets = import ./secrets final_inputs;
in {
inherit (hosts) nixosConfigurations;
inherit (users) homeConfigurations;
inherit lib proj_root;
devShell."${system}" = import ./dev-shell.nix final_inputs;
templates = import ./templates final_inputs;
secrets = {
pubKeys = {
hosts = hosts.pubKeys;
users = users.pubKeys;
};
};
unit_tests = lib.runTests unit_tests;
debug = {
inherit final_inputs hosts users modules lib unit_tests pkgs;
nix-index-database = {
url = "github:mic92/nix-index-database";
# Should show the latest nixpkgs whenever possible
inputs.nixpkgs.follows = "nixpkgs-latest";
};
};
outputs = {self, std, ...} @ inputs:
std.growOn
{
# boilerplate
inherit inputs;
# All cell blocks are under ./nix/cells/<cell>/<cellblock> as `<cellblock>.nix`
# or `<cellblock/default.nix`
cellsFrom = ./nix/cells;
# modules = ./nix/modules;
cellBlocks = let
inherit (std.blockTypes) devshells functions anything installables;
in [
(devshells "devshells")
(devshells "userShells")
(functions "home-profiles")
(functions "home-modules")
(anything "home-configs")
(installables "packages")
(anything "lib")
];
}
{
devShells = std.harvest self [["dotfiles" "devshells"]];
# nixosConfigurations = std.pick [ [ "dotfiles" "nixos" ] ];
# homeConfigurations = std.pick [ [ "dotfiles" "home" ] ];
homeModules = std.pick self [["repo" "home-modules"]];
packages = std.harvest self [["repo" "packages"]];
legacyPackages = std.harvest self [["repo" "home-configs"]];
lib = std.pick self [["repo" "lib"]];
# TODO: Debug only
homeProfiles = std.pick self [["repo" "home-profiles"]];
};
}

View File

@ -1,15 +1,19 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [];
boot.initrd.availableKernelModules = [ ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = [];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
## NOTE: These filesystems are mounted by a wrapper script from nix-wsl
@ -43,25 +47,22 @@
# fsType = "drvfs";
# };
fileSystems."/mnt/c" =
{
device = "C:";
fsType = "drvfs";
};
fileSystems."/mnt/c" = {
device = "C:";
fsType = "drvfs";
};
fileSystems."/mnt/d" =
{
device = "D:";
fsType = "drvfs";
};
fileSystems."/mnt/d" = {
device = "D:";
fsType = "drvfs";
};
fileSystems."/mnt/f" =
{
device = "F:";
fsType = "drvfs";
};
fileSystems."/mnt/f" = {
device = "F:";
fsType = "drvfs";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,5 +1,12 @@
{nixpkgs, agenix, home-manager, flake-utils, nixgl, rust-overlay, flake-compat
,pkgs, lib, proj_root}: {
}
{
nixpkgs,
agenix,
home-manager,
flake-utils,
nixgl,
rust-overlay,
flake-compat,
pkgs,
lib,
proj_root,
}: {}

View File

@ -1,33 +1,39 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.loader.systemd-boot.enable = true;
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
# boot.initrd.kernelModules = [ "amdgpu" ];
boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-amd" "coretemp"];
boot.extraModulePackages = [ ];
boot.kernelModules = ["kvm-amd" "coretemp"];
boot.extraModulePackages = [];
fileSystems."/" =
# Might be wise to use /dev/nvme0p1 instead
{ device = "/dev/disk/by-uuid/27fc09b3-e3b7-4883-94a0-c313a0e0abe2";
{
device = "/dev/disk/by-uuid/27fc09b3-e3b7-4883-94a0-c313a0e0abe2";
fsType = "ext4";
};
fileSystems."/boot" =
# Might be wise to use /dev/nvme0p2 instead
{ device = "/dev/disk/by-uuid/EBA6-394D";
{
device = "/dev/disk/by-uuid/EBA6-394D";
fsType = "vfat";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,73 +1,89 @@
{nixpkgs, agenix, home-manager, flake-utils, nixgl, rust-overlay, flake-compat
,pkgs, lib, proj_root, nixosDefaultVersion? "22.05", defaultSystem? "x86_64-linux",...}@finalInputs: let
config = {
bao.metadata = {
{
nixpkgs,
agenix,
home-manager,
flake-utils,
nixgl,
rust-overlay,
flake-compat,
pkgs,
lib,
proj_root,
nixosDefaultVersion ? "22.05",
defaultSystem ? "x86_64-linux",
...
} @ finalInputs: let
config = {
bao.metadata = {
# req
hostName = "bao";
# opts
ssh_pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBuAaAE7TiQmMH300VRj/pYCri1qPmHjd+y9aX2J0Fs";
nixosVersion = "22.11";
system = "x86_64-linux";
preset = "base";
};
# TODO: add override so that we can add wsl config on top
bao.nixosConfig = {
modules = [
(import ../modules/nvgpu.sys.nix)
(import ../modules/kde.sys.nix)
(import ../modules/pulseaudio.sys.nix)
(import ../modules/storage.perso.sys.nix)
];
};
};
propagate = hostConfig @ {
metadata,
nixosConfig,
}: let
# req
hostName = "bao";
inherit (metadata) hostName;
# opts
ssh_pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBuAaAE7TiQmMH300VRj/pYCri1qPmHjd+y9aX2J0Fs";
nixosVersion = "22.11";
system = "x86_64-linux";
preset = "base";
ssh_pubkey = lib.attrByPath ["ssh_pubkey"] null metadata; # metadata.ssh_pubkey??undefined
users = lib.attrByPath ["users"] {} metadata;
nixosVersion = lib.attrByPath ["nixosVersion"] nixosDefaultVersion metadata;
system = lib.attrByPath ["system"] defaultSystem metadata;
preset = lib.attrByPath ["preset"] "base" metadata;
# infer
hardwareConfig = import "${proj_root.hosts.path}/${hostName}/hardware-configuration.nix";
# alias to prevent infinite recursion
_nixosConfig = nixosConfig;
in {
inherit hostName ssh_pubkey users nixosVersion system preset hardwareConfig;
nixosConfig =
_nixosConfig
// {
inherit system;
modules =
[
{
config._module.args = {
inherit proj_root;
my-lib = finalInputs.lib;
};
}
hardwareConfig
{
system.stateVersion = nixosVersion;
networking.hostName = hostName;
users.users = users;
}
{
imports = [agenix.nixosModule];
environment.systemPackages = [agenix.defaultPackage.x86_64-linux];
}
(import "${proj_root.modules.path}/secrets.nix")
(import "${proj_root.modules.path}/${preset}.sys.nix")
]
++ _nixosConfig.modules;
};
};
# TODO: add override so that we can add wsl config on top
bao.nixosConfig = {
modules = [
(import ../modules/nvgpu.sys.nix)
(import ../modules/kde.sys.nix)
(import ../modules/pulseaudio.sys.nix)
(import ../modules/storage.perso.sys.nix)
];
};
};
propagate = hostConfig@{metadata, nixosConfig}: let
# req
inherit (metadata) hostName;
# opts
ssh_pubkey = lib.attrByPath ["ssh_pubkey"] null metadata; # metadata.ssh_pubkey??undefined
users = lib.attrByPath ["users"] {} metadata;
nixosVersion = lib.attrByPath ["nixosVersion"] nixosDefaultVersion metadata;
system = lib.attrByPath ["system"] defaultSystem metadata;
preset = lib.attrByPath ["preset"] "base" metadata;
# infer
hardwareConfig = import "${proj_root.hosts.path}/${hostName}/hardware-configuration.nix";
# alias to prevent infinite recursion
_nixosConfig = nixosConfig;
in {
inherit hostName ssh_pubkey users nixosVersion system preset hardwareConfig;
nixosConfig = _nixosConfig // {
inherit system;
modules = [
{
config._module.args = {
inherit proj_root;
my-lib = finalInputs.lib;
};
}
hardwareConfig
{
system.stateVersion = nixosVersion;
networking.hostName = hostName;
users.users = users;
}
{
imports = [agenix.nixosModule];
environment.systemPackages = [agenix.defaultPackage.x86_64-linux];
}
(import "${proj_root.modules.path}/secrets.nix")
(import "${proj_root.modules.path}/${preset}.sys.nix")
] ++ _nixosConfig.modules;
};
};
# we are blessed by the fact that we engulfed nixpkgs.lib.* at top level
mkHostFromPropagated = propagatedHostConfig@{nixosConfig,...}: nixpkgs.lib.nixosSystem nixosConfig;
<<<<<<< HEAD
mkHost = hostConfig: (lib.pipe [propagate mkHostFromPropagated] hostConfig);
trimNull = lib.filterAttrsRecursive (name: value: value != null);
flattenPubkey = lib.mapAttrs (hostName: meta_config: meta_config.metadata.ssh_pubkey);
=======
mkHost = hostConfig: (lib.pipe hostConfig [propagate mkHostFromPropagated]);
>>>>>>> 4619ea4 (rekey)
# we are blessed by the fact that we engulfed nixpkgs.lib.* at top level
mkHostFromPropagated = propagatedHostConfig @ {nixosConfig, ...}: nixpkgs.lib.nixosSystem nixosConfig;
mkHost = hostConfig: (lib.pipe [propagate mkHostFromPropagated] hostConfig);
trimNull = lib.filterAttrsRecursive (name: value: value != null);
flattenPubkey = lib.mapAttrs (hostName: meta_config: meta_config.metadata.ssh_pubkey);
in {
nixosConfigurations = lib.mapAttrs (name: hostConfig: mkHost hostConfig) config;
# {bao = "ssh-ed25519 ..."; another_host = "ssh-rsa ...";}

View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,17 +23,15 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,16 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -19,17 +23,15 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{ device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/sdb"; }
];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,4 +1,12 @@
{nixpkgs, agenix, home-manager, flake-utils, nixgl, rust-overlay, flake-compat
,pkgs, lib, proj_root}: {
}
{
nixpkgs,
agenix,
home-manager,
flake-utils,
nixgl,
rust-overlay,
flake-compat,
pkgs,
lib,
proj_root,
}: {}

View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,8 +23,8 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems = {
"/" = {
@ -35,8 +38,7 @@
};
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,17 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
@ -22,14 +26,12 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
fileSystems."/" =
{ device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/sdb"; }
];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -0,0 +1 @@

View File

@ -1,56 +0,0 @@
{pkgs
# ,nixpkgs
,proj_root
# ,agenix
,nixosDefaultVersion? "22.05"
,defaultSystem? "x86_64-linux"
,...}@inputs: let
lib = pkgs.lib;
inputs_w_lib = (inputs // {inherit lib;});
serde = import ./serde.nix inputs_w_lib;
shellAsDrv = {script, pname}: (pkgs.callPackage (
# just a pattern that we must remember: args to this are children of pkgs.
{writeShellScriptBin}: writeShellScriptBin pname script
) {});
trimNull = lib.filterAttrs (name: value: value != null);
# ssh
flattenPubkey = lib.mapAttrs (_identity: meta_config: lib.attrByPath ["metadata" "ssh_pubkey"] null meta_config);
getPubkey = config: (lib.pipe config [flattenPubkey trimNull]);
# procedure =
in {
# short-hand to create a shell derivation
# NOTE: this is pure. This means, env vars from devShells might not
# be accessible unless MAYBE they are `export`ed
inherit shellAsDrv trimNull flattenPubkey getPubkey;
ssh = {
inherit flattenPubkey getPubkey;
};
# Configures hosts as nixosConfiguration
# mkHost = {hostName
# , nixosBareConfiguration
# , finalInputs
# , users ? {}
# , nixosVersion? nixosDefaultVersion
# , system? defaultSystem
# , preset? "base"}: # base | minimal
# let
# hardwareConfig = hostname: import "${proj_root.hosts.path}/${hostName}/hardware-configuration.nix";
# in nixpkgs.lib.nixosSystem (nixosBareConfiguration // {
# inherit system;
# modules = [
# {
# system.stateVersion = nixosVersion;
# networking.hostName = hostName;
# users.users = users;
# }
# {
# _module.args = finalInputs;
# }
# import "${proj_root.modules.path}/secrets.nix"
# import "${proj_root.modules.path}/${preset}.sys.nix"
# ] ++ nixosBareConfiguration.modules;
# lib = finalInputs.lib;
# });
inherit serde;
inherit (serde) fromYaml fromYamlPath;
}

View File

@ -1,29 +0,0 @@
# Takes care of serializing and deserializing to some formats
# Blame: Pegasust<pegasucksgg@gmail.com>
# TODO: Add to* formats from pkgs.formats.*
{ pkgs
, lib
,...
} @ inputs:
let
yamlToJsonDrv = yamlContent: outputPath: pkgs.callPackage
({ runCommand }:
# runCommand source: https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/trivial-builders.nix#L33
runCommand outputPath { inherit yamlContent; nativeBuildInputs = [ pkgs.yq ]; }
# run yq which outputs '.' (no filter) on file at yamlPath
# note that $out is passed onto the bash/sh script for execution
''
echo "$yamlContent" | yq >$out
'')
{ };
in {
# Takes in a yaml string and produces a derivation with translated JSON at $outputPath
# similar to builtins.fromJSON, turns a YAML string to nix attrset
fromYaml = yamlContent: builtins.fromJSON (builtins.readFile (yamlToJsonDrv yamlContent "any_output.json"));
fromYamlPath = yamlPath: builtins.fromJSON (
builtins.readFile (
yamlToJsonDrv (
builtins.readFile yamlPath)
"any-output.json"));
# TODO: fromToml?
}

View File

@ -1,3 +0,0 @@
{lib,...}: {
}

View File

@ -1,6 +1,6 @@
{
imports = [./gpu.sys.nix];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.initrd.kernelModules = ["amdgpu"];
services.xserver.enable = true;
services.xserver.videoDrivers = [ "amdgpu" ];
services.xserver.videoDrivers = ["amdgpu"];
}

View File

@ -1,8 +1,9 @@
{pkgs
,lib
,proj_root
,...
}:{
{
pkgs,
lib,
proj_root,
...
}: {
imports = [
./minimal.sys.nix
./mosh.sys.nix
@ -11,5 +12,4 @@
];
environment.systemPackages = [pkgs.lm_sensors];
time.timeZone = "America/Phoenix";
}

View File

@ -1,8 +1,8 @@
{ pkgs, ... }: {
environment.systemPackages = [ pkgs.clinfo pkgs.lshw pkgs.glxinfo pkgs.pciutils pkgs.vulkan-tools ];
{pkgs, ...}: {
environment.systemPackages = [pkgs.clinfo pkgs.lshw pkgs.glxinfo pkgs.pciutils pkgs.vulkan-tools];
hardware.opengl = {
enable = true;
extraPackages = [ pkgs.rocm-opencl-icd pkgs.rocm-opencl-runtime ];
extraPackages = [pkgs.rocm-opencl-icd pkgs.rocm-opencl-runtime];
# Vulkan
driSupport = true;
driSupport32Bit = true;

View File

@ -1,6 +1,7 @@
{ pkgs
, my-lib
,...
{
pkgs,
my-lib,
...
}: {
environment.noXlibs = my-lib.mkForce false;
# TODO: wireless networking
@ -11,15 +12,16 @@
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5 = {
enable = true;
excludePackages = let plasma5 = pkgs.libsForQt5; in
[
plasma5.elisa # audio viewer
plasma5.konsole # I use alacritty instaed
plasma5.plasma-browser-integration
plasma5.print-manager # will enable if I need
plasma5.khelpcenter # why not just write manpages instead :(
# plasma5.ksshaskpass # pls just put prompts on my dear terminal
];
excludePackages = let
plasma5 = pkgs.libsForQt5;
in [
plasma5.elisa # audio viewer
plasma5.konsole # I use alacritty instaed
plasma5.plasma-browser-integration
plasma5.print-manager # will enable if I need
plasma5.khelpcenter # why not just write manpages instead :(
# plasma5.ksshaskpass # pls just put prompts on my dear terminal
];
};
# disables KDE's setting of askpassword

View File

@ -1,19 +1,20 @@
{pkgs
,lib
,proj_root
,modulesPath
,...
}:{
{
pkgs,
lib,
proj_root,
modulesPath,
...
}: {
imports = ["${modulesPath}/profiles/minimal.nix"];
# prune old builds after a while
nix.settings.auto-optimise-store = true;
nix.package = pkgs.nixFlakes; # nix flakes
nix.package = pkgs.nixFlakes; # nix flakes
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
programs.neovim = {
enable = true;
defaultEditor = true;
enable = true;
defaultEditor = true;
};
programs.git.enable = true;
environment.systemPackages = [

View File

@ -1,13 +1,28 @@
{pkgs
,lib
,config
,...
}: {
environment.systemPackages = [pkgs.mosh];
networking.firewall = lib.mkIf config.networking.firewall.enable {
allowedUDPPortRanges = [
{ from = 60000; to = 61000; } # mosh
];
{
pkgs,
lib,
config,
...
}: let
cfg = config.mod.mosh;
in {
options.mod.mosh = {
enable = lib.mkOption {
type = lib.types.bool;
description = "enable mosh";
default = true;
example = false;
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [pkgs.mosh];
networking.firewall = lib.mkIf config.networking.firewall.enable {
allowedUDPPortRanges = [
{
from = 60000;
to = 61000;
} # mosh
];
};
};
}

View File

@ -1,7 +1,7 @@
{config,...}: {
{config, ...}: {
imports = [./gpu.sys.nix];
nixpkgs.config.allowUnfree = true;
services.xserver.enable = true;
services.xserver.videoDrivers = [ "nvidia" ];
services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable;
}

23
modules/opengl.sys.nix Normal file
View File

@ -0,0 +1,23 @@
{
config,
pkgs,
lib,
}: let
gpu_pkgs = [pkgs.clinfo pkgs.lshw pkgs.glxinfo pkgs.pciutils pkgs.vulkan-tools];
gpu_conf = {
# openCL
hardware.opengl = {
enable = true;
extraPackages = let
inherit (pkgs) rocm-opencl-icd rocm-opencl-runtime;
in [rocm-opencl-icd rocm-opencl-runtime];
# Vulkan
driSupport = true;
driSupport32Bit = true;
package = pkgs.mesa.drivers;
package32 = pkgs.pkgsi686Linux.mesa.drivers;
};
environment.systemPackages = gpu_pkgs;
};
in
gpu_conf

View File

@ -1,5 +1,4 @@
{proj_root
,...}: {
{proj_root, ...}: {
age.secrets.s3fs = {
file = "${proj_root.secrets.path}/s3fs.age";
# mode = "600"; # owner + group only

View File

@ -1,5 +1,10 @@
# Personal configuration on storage solution
{ pkgs, config, lib,... }: {
{
pkgs,
config,
lib,
...
}: {
environment.systemPackages = [
pkgs.s3fs
pkgs.cifs-utils
@ -9,68 +14,47 @@
# HACK: need to store secret somewhere so that root can access this
# because autofs may run as root for now, we enforce putting the secret in this monorepo
# TODO: make this configuration nix-less to show that it's 100% data
services.autofs =
let
# confToBackendArg {lol="what"; empty=""; name_only=null;} -> "lol=what,empty=,name_only"
# TODO: change null -> true/false. This allows overriding & better self-documentation
confToBackendArg = conf: (lib.concatStringsSep ","
(lib.mapAttrsToList (name: value: "${name}${lib.optionalString (value != null) "=${value}"}") conf));
services.autofs = let
# confToBackendArg {lol="what"; empty=""; name_only=null;} -> "lol=what,empty=,name_only"
# TODO: change null -> true/false. This allows overriding & better self-documentation
confToBackendArg = conf: (lib.concatStringsSep ","
(lib.mapAttrsToList (name: value: "${name}${lib.optionalString (value != null) "=${value}"}") conf));
# mount_dest: path ("wow")
# backend_args: nix attrs representing the arguments to be passed to s3fs
# ({"-fstype" = "fuse"; "use_cache" = "/tmp";})
# bucket: bucket name (hungtr-hot)
# NOTE: s3 custom provider will be provided inside
# backend_args, so just put the bucket name here
#
#-> "${mount_dest} ${formatted_args} ${s3fs-bin}#${bucket}"
autofs-s3fs_entry =
{ mount_dest
, backend_args ? { "-fstype" = "fuse"; }
, bucket
}@inputs:
# mount_dest: path ("wow")
# backend_args: nix attrs representing the arguments to be passed to s3fs
# ({"-fstype" = "fuse"; "use_cache" = "/tmp";})
# bucket: bucket name (hungtr-hot)
# NOTE: s3 custom provider will be provided inside
# backend_args, so just put the bucket name here
#
#-> "${mount_dest} ${formatted_args} ${s3fs-bin}#${bucket}"
autofs-s3fs_entry = {
mount_dest,
backend_args ? {"-fstype" = "fuse";},
bucket,
} @ inputs: let
s3fs-exec = "${pkgs.s3fs}/bin/s3fs";
in "${mount_dest} ${confToBackendArg backend_args} :${s3fs-exec}\#${bucket}";
personalStorage = [
(autofs-s3fs_entry {
mount_dest = "garden";
backend_args = {
"-fstype" = "fuse";
use_cache = "/tmp";
del_cache = null;
allow_other = null;
url = "https://v5h5.la11.idrivee2-14.com";
passwd_file = config.age.secrets."s3fs.digital-garden".path;
dbglevel = "debug"; # enable this for better debugging info in journalctl
uid = "1000"; # default user
gid = "100"; # users
umask = "003"; # others read only, fully shared for users group
};
bucket = "digital-garden";
})
(
let
s3fs-exec = "${pkgs.s3fs}/bin/s3fs";
in
"${mount_dest} ${confToBackendArg backend_args} :${s3fs-exec}\#${bucket}";
personalStorage = [
# hungtr-hot @ phoenix is broken :)
# (autofs-s3fs_entry {
# mount_dest = "hot";
# backend_args = {
# "-fstype" = "fuse";
# use_cache = "/tmp";
# del_cache = null;
# allow_other = null;
# url = ''"https://f5i0.ph.idrivee2-32.com"'';
# # TODO: builtins.readFile requires a Git-controlled file
# passwd_file = config.age.secrets.s3fs.path;
# dbglevel = "debug"; # enable this for better debugging info in journalctl
# uid = "1000"; # default user
# gid = "100"; # users
# umask="003"; # others read only, fully shared for users group
# # _netdev = null; # ignored by s3fs (https://github.com/s3fs-fuse/s3fs-fuse/blob/master/src/s3fs.cpp#L4910)
# };
# bucket = "hungtr-hot";
# })
(autofs-s3fs_entry {
mount_dest = "garden";
backend_args = {
"-fstype" = "fuse";
use_cache = "/tmp";
del_cache = null;
allow_other = null;
url = "https://v5h5.la11.idrivee2-14.com";
passwd_file = config.age.secrets."s3fs.digital-garden".path;
dbglevel = "debug"; # enable this for better debugging info in journalctl
uid = "1000"; # default user
gid = "100"; # users
umask = "003"; # others read only, fully shared for users group
};
bucket = "digital-garden";
})
(
let args = {
args = {
"-fstype" = "cifs";
credentials = config.age.secrets._nhitrl_cred.path;
user = null;
@ -79,10 +63,11 @@
dir_mode = "0777";
file_mode = "0777";
};
in "felia_d ${confToBackendArg args} ://felia.coati-celsius.ts.net/d"
)
(
let args = {
in "felia_d ${confToBackendArg args} ://felia.coati-celsius.ts.net/d"
)
(
let
args = {
"-fstype" = "cifs";
credentials = config.age.secrets._nhitrl_cred.path;
user = null;
@ -91,20 +76,19 @@
dir_mode = "0777";
file_mode = "0777";
};
in "felia_f ${confToBackendArg args} ://felia.coati-celsius.ts.net/f"
)
];
persoConf = pkgs.writeText "auto.personal" (builtins.concatStringsSep "\n" personalStorage);
in
{
enable = true;
# Creates /perso directory with every subdirectory declared by ${personalStorage}
# as of now (might be stale), /perso/hot is the only mount accessible
# that is also managed by s3fs
autoMaster = ''
/perso file:${persoConf}
'';
timeout = 30; # default: 600, 600 seconds (10 mins) of inactivity => unmount
# debug = true; # writes to more to journalctl
};
in "felia_f ${confToBackendArg args} ://felia.coati-celsius.ts.net/f"
)
];
persoConf = pkgs.writeText "auto.personal" (builtins.concatStringsSep "\n" personalStorage);
in {
enable = true;
# Creates /perso directory with every subdirectory declared by ${personalStorage}
# as of now (might be stale), /perso/hot is the only mount accessible
# that is also managed by s3fs
autoMaster = ''
/perso file:${persoConf}
'';
timeout = 30; # default: 600, 600 seconds (10 mins) of inactivity => unmount
# debug = true; # writes to more to journalctl
};
}

View File

@ -1,48 +1,57 @@
{pkgs
,config
,lib
,...}: {
environment.systemPackages = [pkgs.tailscale];
services.tailscale.enable = true;
systemd.services.tailscale-autoconnect = {
description = "Automatically connects to Tailscale";
# make sure tailscale is running before trying to connect to tailscale
after = [ "network-pre.target" "tailscale.service" ];
wants = [ "network-pre.target" "tailscale.service" ];
wantedBy = [ "multi-user.target" ];
# set this service as a oneshot job
serviceConfig.Type = "oneshot";
# have the job run this shell script
script = ''
# wait for tailscaled to settle
sleep 2
# check if we are already authenticated to tailscale
status="$(${pkgs.tailscale}/bin/tailscale status -json | ${pkgs.jq}/bin/jq -r .BackendState)"
if [ $status = "Running" ]; then # if so, then do nothing
exit 0
fi
# ${pkgs.tailscale}/bin/tailscale up # blocks, doesn't give url
# This time, configure device auth so that we authenticate from portal
# https://tailscale.com/kb/1099/device-authorization/#enable-device-authorization-for-your-network
${pkgs.tailscale}/bin/tailscale up -authkey tskey-auth-kJcgTG5CNTRL-PUVFkk31z1bThHpfq3FC5b1jcMmkW2EYW
'';
{
pkgs,
config,
lib,
...
}: let
cfg = config.mod.tailscale;
in {
options.mod.tailscale = {
enable = lib.mkEnableOption "tailscale";
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [pkgs.tailscale];
services.tailscale.enable = true;
networking.firewall = lib.mkIf config.networking.firewall.enable {
trustedInterfaces = [
"tailscale0"
];
allowedUDPPorts = [
config.services.tailscale.port
];
allowedTCPPorts = [
22
];
checkReversePath = "loose";
systemd.services.tailscale-autoconnect = {
description = "Automatically connects to Tailscale";
# make sure tailscale is running before trying to connect to tailscale
after = ["network-pre.target" "tailscale.service"];
wants = ["network-pre.target" "tailscale.service"];
wantedBy = ["multi-user.target"];
# set this service as a oneshot job
serviceConfig.Type = "oneshot";
# have the job run this shell script
script = ''
# wait for tailscaled to settle
sleep 2
# check if we are already authenticated to tailscale
status="$(${pkgs.tailscale}/bin/tailscale status -json | ${pkgs.jq}/bin/jq -r .BackendState)"
if [ $status = "Running" ]; then # if so, then do nothing
exit 0
fi
# ${pkgs.tailscale}/bin/tailscale up # blocks, doesn't give url
# This time, configure device auth so that we authenticate from portal
# https://tailscale.com/kb/1099/device-authorization/#enable-device-authorization-for-your-network
${pkgs.tailscale}/bin/tailscale up -authkey tskey-auth-kJcgTG5CNTRL-PUVFkk31z1bThHpfq3FC5b1jcMmkW2EYW
'';
};
networking.firewall = lib.mkIf config.networking.firewall.enable {
trustedInterfaces = [
"tailscale0"
];
allowedUDPPorts = [
config.services.tailscale.port
];
allowedTCPPorts = [
22
];
checkReversePath = "loose";
};
};
}

View File

@ -1,4 +1,4 @@
{config,...}: {
{config, ...}: {
networking.wireless.enable = true;
networking.wireless.environmentFile = config.age.secrets."wifi.env";
networking.wireless.networks = {

View File

@ -1,3 +1,17 @@
# Native configs
Contains all configurations that are written in their native language
Contains all configurations that are written in their native configuration language.
## Why native language?
- Easier portability
- Syntax highlighting and robust checking without needing to realize derivation
- Nix can read from [JSON](https://nixos.org/manual/nix/stable/language/builtins.html#builtins-fromJSON),
[TOML](https://nixos.org/manual/nix/stable/release-notes/rl-2.6.html#release-26-2022-01-24).
- We have also managed to hack together a [fromYaml](./../nix-conf/lib/serde/default.nix),
though it will not work for strictly pure builds or bootstrapping builds.
## When to use Nix to generate config?
- Original configuraiton language requires too much duplication that can be solved with Nix

View File

@ -866,7 +866,7 @@ key_bindings:
#- { key: Q, mods: Command, action: Quit }
#- { key: W, mods: Command, action: Quit }
#- { key: N, mods: Command, action: SpawnNewInstance }
#- { key: F, mods: Command|Control, action: ToggleFullscreen }
- { key: Return, mods: Command, action: ToggleFullscreen }
#- { key: F, mods: Command, mode: ~Search, action: SearchForward }
#- { key: B, mods: Command, mode: ~Search, action: SearchBackward }

View File

@ -0,0 +1,721 @@
(vim.cmd "let data_dir = has('nvim') ? stdpath('data') . '/site' : '~/.vim'
let plug_path = data_dir . '/autoload/plug.vim'
if empty(glob(plug_path))
execute '!curl -fLo '.plug_path.' --create-dirs https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim'
execute 'so '.plug_path
endif
")
(local Plug (. vim.fn "plug#"))
(local installed-plugins {})
(each [_ path (ipairs (vim.api.nvim_list_runtime_paths))]
(local last-folder-start (path:find "/[^/]*$"))
(when last-folder-start
(local plugin-name (path:sub (+ last-folder-start 1)))
(tset installed-plugins plugin-name true)))
(fn WPlug [plugin-path ...]
(let [plugin-name (string.lower (plugin-path:match "/([^/]+)$"))]
(when (not (. installed-plugins plugin-name)) (Plug plugin-path ...))))
(vim.call "plug#begin")
(WPlug :tjdevries/nlua.nvim)
(WPlug :nvim-treesitter/nvim-treesitter)
(WPlug :nvim-treesitter/nvim-treesitter-textobjects)
(WPlug :nvim-telescope/telescope.nvim {:branch :0.1.x})
(WPlug :nvim-telescope/telescope-fzf-native.nvim {:do "make >> /tmp/log 2>&1"})
(WPlug :nvim-telescope/telescope-file-browser.nvim)
(WPlug :neovim/nvim-lspconfig)
(WPlug :hrsh7th/cmp-nvim-lsp)
(WPlug :hrsh7th/cmp-path)
(WPlug :hrsh7th/cmp-buffer)
(WPlug :hrsh7th/cmp-cmdline)
(WPlug :hrsh7th/nvim-cmp)
(WPlug :onsails/lspkind-nvim)
(WPlug :yioneko/nvim-yati {:tag "*"})
(WPlug :nathanalderson/yang.vim)
(WPlug :windwp/nvim-autopairs)
(WPlug :windwp/nvim-ts-autotag)
(WPlug :NMAC427/guess-indent.nvim)
(WPlug :j-hui/fidget.nvim)
(WPlug :numToStr/Comment.nvim)
(WPlug :lewis6991/gitsigns.nvim)
(WPlug :tpope/vim-fugitive)
(WPlug :williamboman/mason.nvim)
(WPlug :williamboman/mason-lspconfig.nvim)
(WPlug :ThePrimeagen/harpoon)
(WPlug :TimUntersberger/neogit)
(WPlug :folke/trouble.nvim)
(WPlug :tpope/vim-dispatch)
(WPlug :clojure-vim/vim-jack-in)
(WPlug :radenling/vim-dispatch-neovim)
(WPlug :gennaro-tedesco/nvim-jqx)
(WPlug :kylechui/nvim-surround)
(WPlug :simrat39/rust-tools.nvim)
(WPlug :simrat39/inlay-hints.nvim)
(WPlug :gruvbox-community/gruvbox)
(WPlug :nvim-lualine/lualine.nvim)
(WPlug :lukas-reineke/indent-blankline.nvim)
(WPlug :kyazdani42/nvim-web-devicons)
(WPlug :m-demare/hlargs.nvim)
(WPlug :folke/todo-comments.nvim)
(WPlug :nvim-treesitter/nvim-treesitter-context)
(WPlug :nvim-treesitter/playground)
(WPlug :saadparwaiz1/cmp_luasnip)
(WPlug :L3MON4D3/LuaSnip)
(WPlug :mickael-menu/zk-nvim)
(WPlug :arthurxavierx/vim-caser)
(WPlug "~/local_repos/ts-ql")
(vim.call "plug#end")
(vim.cmd "if len(filter(values(g:plugs), '!isdirectory(v:val.dir)'))
PlugInstall --sync | autocmd VimEnter * so $MYVIMRC
endif
")
(vim.api.nvim_create_autocmd [:VimEnter]
{:callback (fn []
(fn named-term [term-idx term-name]
((. (require :harpoon.term)
:gotoTerminal) term-idx)
(vim.cmd (.. ":exe \":file "
term-name
"\" | :bfirst")))
(named-term 4 "term:ctl")
(named-term 5 "term:dev")
(named-term 7 "term:repl")
(named-term 6 "term:repl2"))})
(set vim.g.gruvbox_contrast_dark :soft)
(set vim.g.gruvbox_contrast_light :soft)
(set vim.opt.ignorecase true)
(set vim.opt.smartcase true)
(set vim.opt.incsearch true)
(set vim.opt.number true)
(set vim.opt.relativenumber true)
(set vim.opt.autoindent true)
(set vim.opt.smartindent true)
(set vim.opt.expandtab true)
(set vim.opt.exrc true)
(set vim.opt.tabstop 4)
(set vim.opt.softtabstop 4)
(set vim.opt.shiftwidth 4)
(set vim.opt.scrolloff 30)
(set vim.opt.signcolumn :yes)
(set vim.opt.colorcolumn :80)
(set vim.opt.background :dark)
(vim.api.nvim_create_user_command :Dark
(fn [opts]
(let [contrast (or (and (and opts.args
(> (string.len opts.args)
0))
opts.args)
vim.g.gruvbox_contrast_dark)]
(set vim.g.gruvbox_contrast_dark contrast)
(set vim.opt.background :dark)))
{:nargs "?"})
(vim.api.nvim_create_user_command :Light
(fn [opts]
(let [contrast (or (and (and opts.args
(> (string.len opts.args)
0))
opts.args)
vim.g.gruvbox_contrast_light)]
(set vim.g.gruvbox_contrast_light
contrast)
(set vim.opt.background :light)))
{:nargs "?"})
(set vim.opt.lazyredraw true)
(set vim.opt.termguicolors true)
(set vim.opt.cursorline true)
(set vim.opt.swapfile false)
(set vim.opt.backup false)
(set vim.opt.undodir (.. (vim.fn.stdpath :state) :/.vim/undodir))
(set vim.opt.undofile true)
(set vim.opt.completeopt "menuone,noselect")
(set vim.opt.updatetime 50)
(set vim.g.mapleader " ")
(set vim.g.maplocalleader ",")
(vim.keymap.set [:n :v] :<Space> :<Nop> {:silent true})
(vim.keymap.set :t :<Esc> "<C-\\><C-n>)")
(vim.keymap.set [:n :i :v] :<c-l> :<Cmd>mode<Cr> {:desc ""})
(vim.keymap.set :n "[d" vim.diagnostic.goto_prev)
(vim.keymap.set :n "]d" vim.diagnostic.goto_next)
(vim.keymap.set :n :<leader>e vim.diagnostic.open_float)
(vim.keymap.set :n :<leader>q "<cmd>TroubleToggle loclist<cr>")
(vim.keymap.set :n :<leader>wq "<cmd>TroubleToggle workspace_diagnostics<cr>")
(vim.keymap.set :n :<leader>gg :<cmd>GuessIndent<cr>)
(vim.cmd "colorscheme gruvbox\n")
((. (require :hlargs) :setup))
((. (require :nvim-web-devicons) :setup))
((. (require :trouble) :setup))
((. (require :todo-comments) :setup))
(fn remap [mode key-cmd binded-fn opts]
(set-forcibly! opts (or opts {:remap true}))
(vim.keymap.set mode key-cmd binded-fn opts))
((. (require :Comment) :setup))
(set vim.opt.list true)
(vim.opt.listchars:append "space:⋅")
(vim.opt.listchars:append "eol:↴")
((. (require :indent_blankline) :setup) {:show_end_of_line true
:space_char_blankline " "})
(vim.api.nvim_create_user_command :HalfSpaces
(fn [opts]
(vim.api.nvim_command "set ts=2 sts=2 noet")
(vim.api.nvim_command :retab!)
(vim.api.nvim_command "set ts=1 sts=1 et")
(vim.api.nvim_command :retab)
(vim.api.nvim_command :GuessIndent))
{:nargs 0})
(vim.api.nvim_create_user_command :DoubleSpaces
(fn [opts]
(vim.api.nvim_command "set ts=2 sts=2 noet")
(vim.api.nvim_command :retab!)
(vim.api.nvim_command "set ts=4 sts=4 et")
(vim.api.nvim_command :retab)
(vim.api.nvim_command :GuessIndent))
{:nargs 0})
(local fb-actions (. (. (. (require :telescope) :extensions) :file_browser)
:actions))
((. (require :telescope) :setup) {:defaults {:mappings {:i {:<C-d> false
:<C-u> false}}}
:extensions {:file_browser {:hiject_netrw true
:mappings {:i {}
:n {:c fb-actions.create
:d fb-actions.remove
:e fb-actions.goto_home_dir
:f fb-actions.toggle_browser
:g fb-actions.goto_parent_dir
:h fb-actions.toggle_hidden
:m fb-actions.move
:o fb-actions.open
:r fb-actions.rename
:s fb-actions.toggle_all
:t fb-actions.change_cwd
:w fb-actions.goto_cwd
:y fb-actions.copy}}
:theme (. ((. (require :telescope.themes)
:get_ivy))
:theme)}
:fzf {:case_mode :smart_case
:fuzzy true
:override_file_sorter true
:override_generic_sorter true}}})
(pcall (. (require :telescope) :load_extension) :fzf)
(pcall (. (require :telescope) :load_extension) :file_browser)
(remap :n :<C-p> :<cmd>Telescope<cr> {:desc "Open Telescope general search"})
(remap :n :<leader>fm (fn []
((. (. (. (require :telescope) :extensions)
:file_browser)
:file_browser) {}))
{:desc "[F]ile [M]utation"})
(remap :n :<leader>ff
(fn []
((. (require :telescope.builtin) :find_files) {:follow false
:hidden false
:no_ignore false}))
{:desc "[F]ind [F]ile"})
(remap :n :<leader>fa
(fn []
((. (require :telescope.builtin) :find_files) {:follow true
:hidden true
:no_ignore true}))
{:desc "[F]ind [A]ll files"})
(remap :n :<leader>fg
(fn []
((. (require :telescope.builtin) :live_grep)))
{:desc "[F]ind by [G]rep"})
(remap :n :<leader>fug
(fn []
((. (require :telescope.builtin) :live_grep) {:glob_pattern "**/*"}))
{:desc "[F]ind by [u]nrestricted [G]rep"})
(remap :n :<leader>fb
(fn []
((. (require :telescope.builtin) :buffers)))
{:desc "[F]ind existing [B]uffers"})
(remap :n :<leader>fh
(fn []
((. (require :telescope.builtin) :help_tags)))
{:desc "[F]ind [H]elp"})
(remap :n :<leader>fd
(fn []
((. (require :telescope.builtin) :diagnostics)))
{:desc "[F]ind [D]iagnostics"})
(remap :n :<leader>zf
(fn []
((. (require :zk) :edit) {} {:multi_select false}))
{:desc "[Z]ettelkasten [F]iles"})
(remap :n :<leader>zg (fn [] (vim.cmd ":ZkGrep"))
{:desc "[Z]ettelkasten [G]rep"})
(for [i 1 9]
(vim.api.nvim_set_keymap :n (.. :<C-t> i) (.. ":tabn " i :<CR>)
{:noremap true :silent true}))
(set vim.o.showtabline 1)
(set vim.o.tabline "%!v:lua.my_tabline()")
(fn _G.my_tabline []
(var s "")
(for [i 1 (vim.fn.tabpagenr "$")]
(if (= i (vim.fn.tabpagenr)) (set s (.. s "%" i "T%#TabLineSel#"))
(set s (.. s "%" i "T%#TabLine#")))
(local tab (. (vim.fn.gettabinfo i) 1))
(local tabbuf tab.variables.buffers)
(var bufname :<unknown>)
(when tabbuf
(set bufname (. (. tabbuf tab.curwin) :name)))
(set s (.. s " " i " " (vim.fn.fnamemodify bufname ":t")))
(when (not= i (vim.fn.tabpagenr "$"))
(set s (.. s "%#TabLine#|%#TabLine#"))))
(.. s "%T%#TabLineFill#%="))
(vim.api.nvim_set_keymap :n :<C-t>x
":tabdo if tabpagenr() > 1 | tabclose | endif<CR>"
{:noremap true :silent true})
(require :treesitter-context)
((. (require :nvim-treesitter.configs) :setup) {:autotag {:enable true}
:highlight {:enable true
:enable_vim_regex_highlighting true}
:incremental_selection {:enable true
:keymaps {:init_selection :<C-space>
:node_decremental :<C-backspace>
:node_incremental :<C-space>
:pscope_incremental :<C-S>}}
:indent {:enable false}
:playground {:disable {}
:enable true}
:textobjects {:select {:enable true
:keymaps {:ac "@class.outer"
:af "@function.outer"
:ic "@class.inner"
:if "@function.inner"}
:lookahead true}}
:yati {:default_fallback :auto
:default_lazy true
:disable [:nix]
:enable true}})
((. (require :nvim-autopairs) :setup) {:check_ts true})
(local parser-config
((. (require :nvim-treesitter.parsers) :get_parser_configs)))
(set parser-config.tsx.filetype_to_parsername [:javascript :typescript.tsx])
(set parser-config.astro.filetype_to_parsername
[:javascript :typescript.tsx :astro])
((. (require :guess-indent) :setup) {:auto_cmd true
:filetype_exclude [:netrw :tutor]})
(remap :n :<leader>m
(fn []
((. (require :harpoon.mark) :add_file)))
{:desc "[H]arpoon [M]ark"})
(fn harpoon-nav [key nav-file-index lead-keybind]
(set-forcibly! lead-keybind (or lead-keybind :<leader>h))
(assert (= (type key) :string) "expect key to be string(keybind)")
(assert (and (= (type nav-file-index) :number) (>= nav-file-index 1))
"expect 1-indexed number for file index")
(remap :n (.. lead-keybind key)
(fn []
((. (require :harpoon.ui) :nav_file) nav-file-index))
{:desc (.. "[H]arpoon navigate " (tostring nav-file-index))}))
(harpoon-nav :f 1)
(harpoon-nav :j 2)
(harpoon-nav :d 3)
(harpoon-nav :k 4)
(remap :n :<leader>hh
(fn []
((. (require :harpoon.ui) :toggle_quick_menu))))
(for [i 1 10]
(harpoon-nav (tostring (% i 10)) i)
(remap :n (.. :<leader>t (tostring (% i 10)))
(fn []
((. (require :harpoon.term) :gotoTerminal) i))))
((. (require :neogit) :setup) {})
(remap :n :<leader>gs (fn []
((. (require :neogit) :open) {}))
{:desc "[G]it [S]tatus"})
((. (require :inlay-hints) :setup) {:eol {:right_align false}
:only_current_line false})
(fn on-attach [client bufnr]
(fn nmap [keys func desc]
(when desc (set-forcibly! desc (.. "LSP: " desc)))
(vim.keymap.set :n keys func {:buffer bufnr : desc :noremap true}))
(nmap :<leader>rn vim.lsp.buf.rename "[R]e[n]ame")
(nmap :<leader>ca vim.lsp.buf.code_action "[C]ode [A]ction")
(vim.api.nvim_buf_set_option bufnr :omnifunc "v:lua.vim.lsp.omnifunc")
(nmap :<leader>df (fn [] (vim.lsp.buf.format {:async true}))
"[D]ocument [F]ormat")
(nmap :gd vim.lsp.buf.definition "[G]oto [D]efinition")
(nmap :gi vim.lsp.buf.implementation "[G]oto [I]mplementation")
(nmap :gr (. (require :telescope.builtin) :lsp_references))
(nmap :<leader>ds (. (require :telescope.builtin) :lsp_document_symbols)
"[D]ocument [S]ymbols")
(nmap :<leader>ws (. (require :telescope.builtin)
:lsp_dynamic_workspace_symbols)
"[W]orkspace [S]ymbols")
(nmap :K vim.lsp.buf.hover "Hover Documentation")
(nmap :<C-k> vim.lsp.buf.signature_help "Signature Documentation")
(nmap :gD vim.lsp.buf.declaration "[G]oto [D]eclaration")
(nmap :gtd vim.lsp.buf.type_definition "[G]oto [T]ype [D]efinition")
(nmap :<leader>D vim.lsp.buf.type_definition "Type [D]efinition")
(nmap :<leader>wa vim.lsp.buf.add_workspace_folder "[W]orkspace [A]dd Folder")
(nmap :<leader>wr vim.lsp.buf.remove_workspace_folder
"[W]orkspace [R]emove Folder")
(nmap :<leader>wl
(fn []
(print (vim.inspect (vim.lsp.buf.list_workspace_folders))))
"[W]orkspace [L]ist Folders")
((. (require :inlay-hints) :on_attach) client bufnr))
(local cmp (require :cmp))
(local luasnip (require :luasnip))
(local lspkind (require :lspkind))
(local source-mapping {:buffer "[Buffer]"
:nvim_lsp "[LSP]"
:nvim_lua "[Lua]"
:path "[Path]"})
(cmp.event:on :confirm_done ((. (require :nvim-autopairs.completion.cmp)
:on_confirm_done)))
(cmp.setup {:formatting {:format (fn [entry vim-item]
(set vim-item.kind
(lspkind.symbolic vim-item.kind
{:mode :symbol}))
(set vim-item.menu
(. source-mapping entry.source_name))
(local maxwidth 80)
(set vim-item.abbr
(string.sub vim-item.abbr 1 maxwidth))
vim-item)}
:mapping (cmp.mapping.preset.insert {:<C-d> (cmp.mapping.scroll_docs 4)
:<C-space> (cmp.mapping.complete)
:<C-u> (cmp.mapping.scroll_docs (- 4))
:<CR> (cmp.mapping.confirm {:behavior cmp.ConfirmBehavior.Replace
:select true})
:<S-Tab> (cmp.mapping (fn [fallback]
(if (cmp.visible)
(cmp.select_prev_item)
(luasnip.jumpable (- 1))
(luasnip.jump (- 1))
(fallback)))
[:i :s])
:<Tab> (cmp.mapping (fn [fallback]
(if (cmp.visible)
(cmp.select_next_item)
(luasnip.expand_or_jumpable)
(luasnip.expand_or_jump)
(fallback)))
[:i :s])})
:snippet {:expand (fn [args] (luasnip.lsp_expand args.body))}
:sources (cmp.config.sources [{:name :nvim_lsp}
{:name :luasnip}
{:name :buffer}
{:name :path}])})
(local capabilities ((. (require :cmp_nvim_lsp) :default_capabilities)))
(local servers [:clangd
:rust_analyzer
:pyright
:tsserver
:lua_ls
:cmake
:tailwindcss
:prismals
:rnix
:eslint
:terraformls
:tflint
:svelte
:astro
:clojure_lsp
:bashls
:yamlls
:ansiblels
:jsonls
:denols
:gopls
:nickel_ls
:pylsp])
((. (require :mason) :setup) {:PATH :append
:ui {:check_outdated_packages_on_open true
:icons {:package_installed "✓"
:package_pending "➜"
:package_uninstalled "✗"}}})
((. (require :mason-lspconfig) :setup) {:automatic_installation false})
(local inlay-hint-tsjs
{:includeInlayEnumMemberValueHints true
:includeInlayFunctionLikeReturnTypeHints true
:includeInlayFunctionParameterTypeHints true
:includeInlayParameterNameHints :all
:includeInlayPropertyDeclarationTypeHints true
:includeInlayVariableTypeHints true
:inlcudeInlayParameterNameHintsWhenArgumentMatchesName false})
((. (require :mason-lspconfig) :setup_handlers) {1 (fn [server-name]
((. (. (require :lspconfig)
server-name)
:setup) {: capabilities
:on_attach on-attach}))
:denols (fn []
((. (. (require :lspconfig)
:denols)
:setup) {: capabilities
:on_attach on-attach
:root_dir ((. (require :lspconfig.util)
:root_pattern) :deno.json
:deno.jsonc)}))
:lua_ls (fn []
((. (. (require :lspconfig)
:lua_ls)
:setup) {: capabilities
:on_attach on-attach
:settings {:Lua {:diagnostics {:globals [:vim]}
:format {:defaultConfig {:indent_size 4
:indent_style :space}
:enable true}
:hint {:enable true}
:runtime {:path (vim.split package.path
";")
:version :LuaJIT}
:telemetry {:enable false}
:workspace {:library (vim.api.nvim_get_runtime_file ""
true)}}}}))
:pyright (fn []
((. (. (require :lspconfig)
:pyright)
:setup) {: capabilities
:on_attach on-attach
:settings {:pyright {:disableLanguageServices false
:disableOrganizeImports false}
:python {:analysis {:autoImportCompletions true
:autoSearchPaths true
:diagnosticMode :openFilesOnly
:extraPaths {}
:logLevel :Information
:pythonPath :python
:stubPath :typings
:typeCheckingMode :basic
:typeshedPaths {}
:useLibraryCodeForTypes false
:venvPath ""}
:linting {:mypyEnabled true}}}}))
:tsserver (fn []
((. (. (require :lspconfig)
:tsserver)
:setup) {: capabilities
:on_attach on-attach
:root_dir ((. (require :lspconfig.util)
:root_pattern) :package.json)
:settings {:javascript inlay-hint-tsjs
:typescript inlay-hint-tsjs}}))
:yamlls (fn []
((. (. (require :lspconfig)
:yamlls)
:setup) {: capabilities
:on_attach on-attach
:settings {:yaml {:keyOrdering false}}}))})
((. (require :rust-tools) :setup) {:dap {:adapter {:command :lldb-vscode
:name :rt_lldb
:type :executable}}
:server {: capabilities
:cmd [:rust-analyzer]
:on_attach (fn [client bufnr]
(fn nmap [keys
func
desc]
(when desc
(set-forcibly! desc
(.. "LSP: "
desc)))
(vim.keymap.set :n
keys
func
{:buffer bufnr
: desc
:noremap true}))
(on-attach client
bufnr)
(nmap :K
(. (. (require :rust-tools)
:hover_actions)
:hover_actions)
"Hover Documentation"))
:settings {:rust-analyzer {:cargo {:loadOutDirsFromCheck true}
:checkOnSave {:command :clippy
:extraArgs [:--all
"--"
:-W
"clippy::all"]}
:procMacro {:enable true}
:rustfmt {:extraArgs [:+nightly]}}}
:standalone true}
:tools {:crate_graph {:backend :x11
:enabled_graphviz_backends [:bmp
:cgimage
:canon
:dot
:gv
:xdot
:xdot1.2
:xdot1.4
:eps
:exr
:fig
:gd
:gd2
:gif
:gtk
:ico
:cmap
:ismap
:imap
:cmapx
:imap_np
:cmapx_np
:jpg
:jpeg
:jpe
:jp2
:json
:json0
:dot_json
:xdot_json
:pdf
:pic
:pct
:pict
:plain
:plain-ext
:png
:pov
:ps
:ps2
:psd
:sgi
:svg
:svgz
:tga
:tiff
:tif
:tk
:vml
:vmlz
:wbmp
:webp
:xlib
:x11]
:full true
:output nil}
:executor (. (require :rust-tools/executors)
:termopen)
:hover_actions {:auto_focus false
:border [["╭"
:FloatBorder]
["─"
:FloatBorder]
["╮"
:FloatBorder]
["│"
:FloatBorder]
["╯"
:FloatBorder]
["─"
:FloatBorder]
["╰"
:FloatBorder]
["│"
:FloatBorder]]}
:inlay_hints {:auto false
:highlight :NonText
:max_len_align false
:max_len_align_padding 1
:only_current_line true
:other_hints_prefix "=> "
:parameter_hints_prefix "<- "
:right_align false
:right_align_padding 7
:show_parameter_hints true}
:on_initialized (fn []
((. (require :inlay-hints)
:set_all)))
:reload_workspace_from_cargo_toml true}})
((. (require :zk) :setup) {:lsp {:auto_attach {:enable true
:filetypes [:markdown]}
:config {:cmd [:zk :lsp]
:name :zk
:on_attach on-attach}}
:picker :telescope})
((. (require :zk.commands) :add) :ZkOrphans
(fn [options]
(set-forcibly! options
(vim.tbl_extend :force
{:orphan true}
(or options
{})))
((. (require :zk) :edit) options
{:title "Zk Orphans (unlinked notes)"})))
((. (require :zk.commands) :add) :ZkGrep
(fn [match-ctor]
(var grep-str match-ctor)
(var ___match___ nil)
(if (or (= match-ctor nil) (= match-ctor ""))
(do
(vim.fn.inputsave)
(set grep-str
(vim.fn.input "Grep string: >"))
(vim.fn.inputrestore)
(set ___match___ {:match grep-str}))
(= (type match-ctor) :string)
(set ___match___ {:match grep-str}))
((. (require :zk) :edit) ___match___
{:mutli_select false
:title (.. "Grep: '"
grep-str
"'")})))
((. (require :gitsigns) :setup) {:signs {:add {:text "+"}
:change {:text "~"}
:changedelete {:text "~"}
:delete {:text "_"}
:topdelete {:text "‾"}}})
((. (require :lualine) :setup) {:inactive_sections {:lualine_a {}
:lualine_b {}
:lualine_c [{1 :filename
:file_status true
:path 1}]
:lualine_x [:location]
:lualine_y {}
:lualine_z {}}
:options {:icons_enabled true}
:sections {:lualine_a [:mode]
:lualine_b [:branch
:diff
:diagnostics]
:lualine_c [{1 :filename
:file_status true
:newfile_status false
:path 1
:symbols {:modified "[+]"
:newfile "[New]"
:readonly "[-]"
:unnamed "[Unnamed]"}}]
:lualine_x [:encoding
:fileformat
:filetype]
:lualine_y [:progress]
:lualine_z [:location]}})
((. (require :nvim-surround) :setup) {})
((. (require :tsql) :setup))
((. (require :fidget) :setup) {:align {:bottom true :right true}
:debug {:logging false :strict false}
:fmt {:fidget (fn [fidget-name spinner]
(string.format "%s %s" spinner
fidget-name))
:leftpad true
:max_width 0
:stack_upwards true
:task (fn [task-name message percentage]
(string.format "%s%s [%s]" message
(or (and percentage
(string.format " (%s%%)"
percentage))
"")
task-name))}
:sources {:* {:ignore false}}
:text {:commenced :Started
:completed :Completed
:done "✔"
:spinner :moon}
:timer {:fidget_decay 2000
:spinner_rate 125
:task_decay 1000}
:window {:blend 100
:border :none
:relative :editor
:zindex nil}})

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,3 @@
Host *
IdentityFile ~/.ssh/id_rsa
# felia mirror on windows
Host felia-win
HostName felia.coati-celsius.ts.net
@ -47,3 +44,99 @@ Host mokoi
User ubuntu_admin
Port 22
Host noami
HostName 10.100.200.230
User htran
Port 22
Host sr1
HostName 10.30.76.46
User htran
Port 22
StrictHostKeyChecking no
HostKeyAlgorithms=+ssh-dss,ssh-rsa
KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
Host bgp1
HostName 10.111.100.113
User htran
Port 22
StrictHostKeyChecking no
HostKeyAlgorithms=+ssh-dss,ssh-rsa
KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
Host bgp2
HostName 10.111.100.114
User htran
Port 22
StrictHostKeyChecking no
HostKeyAlgorithms=+ssh-dss,ssh-rsa
KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
Host d1-30
HostName 10.111.103.60
User htran
Port 22
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
IdentityFile ~/.ssh/id_ed25519
IdentityFile ~/.ssh/id_rsa
Host d3l-3
HostName 10.111.103.65
User htran
Port 22
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
IdentityFile ~/.ssh/id_ed25519
IdentityFile ~/.ssh/id_rsa
Host dev0
HostName 10.100.200.230
User htran
Port 22
Host dev2
HostName 10.100.200.210
User htran
Port 22
Host dev1
HostName 10.100.200.220
User htran
Port 22
Host ztp-egi
HostName 10.23.27.201
User root
Port 22
Host goat
HostName 10.133.32.100
User "EGN NOC"
Port 22
Host portal2
HostName portal2.egihosting.com
User root
Port 22
Host egn-rest-api
HostName egn-rest-api.egihosting.com
User root
Port 22
Host gl-egi
HostName gitlab.egihosting.com
User git
Port 22
IdentityFile ~/.ssh/id_ed25519
Host 10.111.103.*
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
Host *
IdentityFile ~/.ssh/id_ed25519
IdentityFile ~/.ssh/id_rsa

View File

@ -3,6 +3,11 @@
[aws]
symbol = " "
[c]
disabled = false
# commands = [ [ 'cc', '--version' ], [ 'gcc', '--version' ], [ 'clang', '--version' ] ]
detect_extensions = ["c", "h", "cc", "cpp", "hh", "hpp"]
[conda]
symbol = " "

View File

@ -14,7 +14,19 @@ setw -g pane-base-index 1
set-option -g renumber-windows on
# status bar
set -g status-style 'bg=#333333 fg=#5eacd3'
# set -g status-style 'bg=#333333 fg=#5eacd3'
# set -g status-interval 60
# set -g status-right-style 'bg=#333333 fg=#5eacd3'
# set -g status-right-length 50
# set -g status-left " "
# Keybinds
# Enter copy mode with 'v' in vi mode
bind-key -Tcopy-mode-vi v send-keys -X begin-selection
# Copy selection with 'y' in vi mode
bind-key -Tcopy-mode-vi y send-keys -X copy-selection-and-cancel
set-window-option -g mode-keys vi
# # Log
# set-option -g history-file /tmp/.tmux.log

View File

@ -1,50 +1,57 @@
{ config
, proj_root
, myLib
, ...
}:
let
{
config,
proj_root,
myLib,
...
}: let
inherit (myLib) fromYaml;
actualConfig = fromYaml (builtins.readFile "${proj_root.config.path}//alacritty/alacritty.yml");
cfg = config.base.alacritty;
in
{
options.base.alacritty =
{
font.family = myLib.mkOption {
type = myLib.types.singleLineStr;
default = actualConfig.font.normal.family;
description = ''
The font family for Alacritty
'';
example = "DroidSansMono NF";
};
enable = myLib.mkOption {
type = myLib.types.bool;
default = true;
description = ''
Enables alacritty
'';
example = true;
};
_actualConfig = myLib.mkOption {
type = myLib.types.attrs;
visible = false;
default = actualConfig;
description = "underlying default config";
};
additionalConfigPath = myLib.mkOption {
type = myLib.types.nullOr myLib.types.path;
visible = false;
default = null;
description = "impurely write our alacritty.yml to this path";
};
in {
options.base.alacritty = {
font.family = myLib.mkOption {
type = myLib.types.singleLineStr;
default = actualConfig.font.normal.family;
description = ''
The font family for Alacritty
'';
example = "DroidSansMono NF";
};
font.size = myLib.mkOption {
type = myLib.types.number;
default = actualConfig.font.size;
description = ''
The default font size for Alacritty. This is probably measured in px.
'';
example = 7.0;
};
enable = myLib.mkOption {
type = myLib.types.bool;
default = true;
description = ''
Enables alacritty
'';
example = true;
};
_actualConfig = myLib.mkOption {
type = myLib.types.attrs;
visible = false;
default = actualConfig;
description = "underlying default config";
};
additionalConfigPath = myLib.mkOption {
type = myLib.types.nullOr myLib.types.path;
visible = false;
default = null;
description = "impurely write our alacritty.yml to this path";
};
};
config.programs.alacritty = {
enable = cfg.enable;
settings = myLib.recursiveUpdate actualConfig {
font.normal.family = cfg.font.family;
font.size = cfg.font.size;
};
};
}

View File

@ -0,0 +1,54 @@
{
lib,
pkgs,
config,
...
}: {
# This patch exists since Darwin's search bar requires solid apps and not
# symlinked
# TODO: QA
# - [x] works for base case
# - [x] works for repeated case
# - [ ] works after base case, then removed
# - [ ] works for repeated case, then removed
# Copy GUI apps to "~/Applications/Home Manager Apps"
# Based on this comment: https://github.com/nix-community/home-manager/issues/1341#issuecomment-778820334
home.activation.patch-spotlight =
if pkgs.stdenv.isDarwin
then let
apps = pkgs.buildEnv {
name = "home-manager-applications";
paths = config.home.packages;
pathsToLink = "/Applications";
};
in
lib.hm.dag.entryAfter ["linkGeneration"] ''
# Install MacOS applications to the user environment.
HM_APPS="$HOME/Applications/Home Manager Apps"
# Reset current state
if [ -e "$HM_APPS" ]; then
$DRY_RUN_CMD mv "$HM_APPS" "$HM_APPS.$(date +%Y%m%d%H%M%S)"
fi
$DRY_RUN_CMD mkdir -p "$HM_APPS"
# .app dirs need to be actual directories for Finder to detect them as Apps.
# In the env of Apps we build, the .apps are symlinks. We pass all of them as
# arguments to cp and make it dereference those using -H
$DRY_RUN_CMD cp --archive -H --dereference ${apps}/Applications/* "$HM_APPS"
$DRY_RUN_CMD chmod +w -R "$HM_APPS"
''
else "";
# We need this in case upstream home-manager changes the behavior of linking
# applications
home.activation.remove-patch-spotlight =
if pkgs.stdenv.isDarwin
then
lib.hm.dag.entryBefore ["checkLinkTargets"] ''
HM_APPS="$HOME/Applications/Home Manager Apps"
# Reset current state
if [ -e "$HM_APPS" ]; then
$DRY_RUN_CMD mv "$HM_APPS" "$HM_APPS.$(date +%Y%m%d%H%M%S)"
fi
''
else "";
}

View File

@ -1,12 +1,13 @@
{
mkModuleArgs = import ./mkModuleArgs.nix;
modules = [
./alacritty.nix
./git.nix
./ssh.nix
./shells.nix
{
config.programs.home-manager.enable = true;
}
];
{nix-index-database, ...} @ inputs: {
mkModuleArgs = import ./mkModuleArgs.nix;
modules = [
./alacritty.nix
./git.nix
./ssh.nix
./shells.nix
{
config.programs.home-manager.enable = true;
}
nix-index-database.hmModules.nix-index
];
}

View File

@ -1,8 +1,8 @@
{ config
, myLib
, ...
}:
let
{
config,
myLib,
...
}: let
cfg = config.base.git;
baseAliases = {
a = "add";
@ -15,12 +15,11 @@ let
co = "checkout";
b = "branch";
};
in
{
in {
options.base.git = {
aliases = myLib.mkOption {
type = myLib.types.attrs;
default = { };
default = {};
example = baseAliases;
description = ''
Additional git aliases. This settings comes with base configuration.
@ -44,12 +43,13 @@ in
default = [
".vscode" # vscode settings
".direnv" # .envrc cached outputs
".DS_Store" # MacOS users, amrite
];
description = ''
.gitignore patterns that are applied in every repository.
This is useful for IDE-specific settings.
'';
example = [ ".direnv" "node_modules" ];
example = [".direnv" "node_modules"];
};
enable = myLib.mkOption {
type = myLib.types.bool;
@ -66,7 +66,7 @@ in
example = 3000;
};
};
# TODO : anyway to override configuration?
# TODO : anyway to override configuration?
config.programs.git = {
inherit (cfg) enable ignores;
userName = cfg.name;

View File

@ -1,17 +1,20 @@
{ pkgs, config, lib, ... }:
let
cfg = config.base.graphics;
cfgEnable = cfg.enable or cfg.useNixGLPackage != null;
types = lib.types;
in
{
imports = [ ./shells.nix ];
pkgs,
config,
lib,
...
}: let
cfg = config.base.graphics;
cfgEnable = cfg.enable or (cfg.useNixGL.defaultPackage != null);
types = lib.types;
in {
imports = [./shells.nix];
options.base.graphics = {
enable = lib.mkEnableOption "graphics";
_enable = lib.mkOption {
type = types.bool;
description = "Whether the graphics is implicitly enabled (final)";
internal = true;
# internal = true;
default = false;
};
useNixGL = {
@ -23,24 +26,24 @@ in
];
};
defaultPackage = lib.mkOption {
type = types.nullOr (types.enum [ "nixGLIntel" "nixGLNvidia" "nixGLNvidiaBumblebee" ]);
type = types.nullOr (types.enum ["nixGLIntel" "nixGLNvidia" "nixGLNvidiaBumblebee"]);
description = "Which nixGL package to be aliased as `nixGL` on the shell";
default = null;
example = "nixGLIntel";
};
};
};
# importing shells does not mean we're enabling everything, if we do mkDefault false
# NOTE: importing shells does not mean we're enabling everything, if we do mkDefault false
# but the dilemma is, if the user import BOTH graphics.nix and shells.nix
# they will also need to do `config.base.shells.enable`
# generally, we want the behavior: import means enable
config = lib.mkIf cfgEnable {
base.graphics._enable = cfgEnable;
base.graphics._enable = lib.mkForce true;
base.shells = {
shellAliases = lib.mkIf (cfg.useNixGL.defaultPackage != null) {
nixGL = cfg.useNixGL.defaultPackage;
};
};
home.packages = [ cfg.useNixGL.package ];
home.packages = [cfg.useNixGL.package];
};
}

View File

@ -1,10 +1,14 @@
{ config, proj_root, pkgs, lib, ... }:
let
{
config,
proj_root,
pkgs,
lib,
...
}: let
cfg = config.base.keepass;
trimNull = lib.filterAttrsRecursive (name: value: value != null);
in
{
imports = [ ./graphics.nix ];
in {
imports = [./graphics.nix];
options.base.keepass = {
enable = lib.mkEnableOption "keepass";
use_gui = lib.mkOption {
@ -22,8 +26,8 @@ in
keyfile_path = lib.mkOption {
type = lib.types.nullOr lib.types.path;
description = ''
Path to key file for the database
If null, then the field is unset
Path to key file for the database
If null, then the field is unset
'';
default = null;
example = "/path/to/mykeyfile.key";
@ -42,11 +46,17 @@ in
};
};
config = lib.mkIf cfg.enable {
home.packages = [
pkgs.kpcli-py # kp but is in cli
] ++ (if cfg.use_gui or config.base.graphics._enable then [
pkgs.keepass # Personal secret management
] else [ ]);
home.packages =
[
pkgs.kpcli-py # kp but is in cli
]
++ (
if cfg.use_gui or config.base.graphics._enable
then [
pkgs.keepass # Personal secret management
]
else []
);
home.file.".kp/config.ini".text = lib.generators.toINI {} (trimNull {
default = {
KEEPASSDB = cfg.path;

View File

@ -1,18 +1,20 @@
{ pkgs
, lib ? pkgs.lib
, ...
}@inputs:
let
# Turns given inputs into the standardized shape of the inputs to configure
# custom base modules in this directory.
{
pkgs,
lib ? pkgs.lib,
...
} @ inputs: let
recursiveUpdate = lib.recursiveUpdate;
_lib = recursiveUpdate lib (import ../../lib { inherit pkgs lib; });
_lib = recursiveUpdate lib (import ../../lib {inherit pkgs lib;});
proj_root = builtins.toString ./../../..;
in
# TODO: Unpollute inputs
recursiveUpdate inputs {
proj_root = {
path = proj_root;
config.path = "${proj_root}/native_configs";
scripts.path = "${proj_root}/scripts";
};
myLib = _lib;
}
# TODO: Unpollute inputs
recursiveUpdate inputs {
proj_root = {
path = proj_root;
config.path = "${proj_root}/native_configs";
scripts.path = "${proj_root}/scripts";
};
myLib = _lib;
}

View File

@ -1,78 +1,91 @@
# TODO: vim-plug and Mason supports laziness. Probably worth it to explore
# incremental dependencies based on the project
# TODO: vim-plug and Mason supports laziness. Probably worth it to explore incremental dependencies based on the project TODO: just install these things, then symlink to mason's bin directory
#
# One thing to consider, though, /nix/store of `nix-shell` or `nix-develop`
# might be different from `home-manager`'s
{ pkgs, lib, config, proj_root, ... }:
let
# NOTE: Failure 1: buildInputs is pretty much ignored
# my_neovim = pkgs.neovim-unwrapped.overrideDerivation (old: {
# # TODO: is there a more beautiful way to override propagatedBuildInputs?
# name = "hungtr-" + old.name;
# buildInputs = (old.buildInputs or []) ++ [
# pkgs.tree-sitter # highlighting
# rust_pkgs # for potentially rust-analyzer
# pkgs.fzf
# pkgs.ripgrep
# pkgs.zk
# pkgs.fd
# ];
# NOTE: Failure 2: propagatedBuildInputs probably only concerns dyn libs
# });
# NOTE: Failure 3: must be unwrapped neovim because home-manager does the wrapping
# my_neovim = pkgs.neovim;
# might be different from `home-manager`'s (~/.nix_profile/bin/jq)
{
pkgs,
lib,
config,
proj_root,
...
}: let
# NOTE: Add packages to nvim_pkgs instead, so that it's available at userspace
# and is added to the path after wrapping.
# check: nix repl `homeConfigurations.hungtr.config.programs.neovim.finalPackage.buildCommand`
# see: :/--suffix.*PATH
# there should be mentions of additional packages
my_neovim = pkgs.neovim-unwrapped;
rust_pkgs = (pkgs.rust-bin.selectLatestNightlyWith
rust_pkgs =
pkgs.rust-bin.selectLatestNightlyWith
(
toolchain:
toolchain.default.override {
extensions = [ "rust-src" ];
}
));
nvim_pkgs = [
# pkgs.gccStdenv
pkgs.gcc
pkgs.tree-sitter
pkgs.fzf # file name fuzzy search
pkgs.ripgrep # content fuzzy search
pkgs.zk # Zettelkasten (limited support)
pkgs.fd # Required by a Telescope plugin (?)
pkgs.stdenv.cc.cc.lib
toolchain.default.override {
extensions = ["rust-src" "rust-analyzer" "rust-docs" "rustfmt" "clippy" "miri"];
}
);
nvim_pkgs =
[
# pkgs.gccStdenv
pkgs.tree-sitter
pkgs.fzf # file name fuzzy search
pkgs.ripgrep # content fuzzy search
pkgs.zk # Zettelkasten (limited support)
pkgs.fd # Required by a Telescope plugin (?)
pkgs.stdenv.cc.cc.lib
pkgs.rnix-lsp # doesn't work, Mason just installs it using cargo
pkgs.rust4cargo
pkgs.nickel
pkgs.nls
# Language-specific stuffs
pkgs.sumneko-lua-language-server
# TODO: the devShell should provide rust-analyzer so that
# cargo test builds binaries compatible with rust-analyzer
pkgs.go # doesn't work, Mason installs from runtime path
# pkgs.rust-analyzer
# rust_pkgs
# pkgs.evcxr # Rust REPL for Conjure!
# Language-specific stuffs
pkgs.sumneko-lua-language-server
# pkgs.python3Packages.python-lsp-server
pkgs.nodePackages.pyright
pkgs.python3Packages.pylint
pkgs.python3Packages.flake8
# FIXME: installing ansible from here just doesn't work :/
# pkgs.ansible-lint
# pkgs.python38Packages.ansible
# pkgs.ansible-language-server
# TODO: the devShell should provide rust-analyzer so that
# cargo test builds binaries compatible with rust-analyzer
# Python3 as alternative to bash scripts :^)
# (pkgs.python310Full.withPackages (pypkgs: [
# # python-lsp-server's dependencies is absolutely astronomous
# # pypkgs.python-lsp-server # python-lsp. Now we'll have to tell mason to look for this
# pypkgs.pynvim # nvim provider
# pypkgs.ujson # pylsp seems to rely on this. satisfy it lol
# ]))
];
in
{
# pkgs.rust-analyzer
# rust_pkgs
# pkgs.evcxr # Rust REPL for Conjure!
]
++ lib.optionals (pkgs.stdenv.isDarwin) (
let
inherit (pkgs.darwin.apple_sdk.frameworks) System CoreFoundation;
in [
System
CoreFoundation
]
);
in {
options.base.neovim = {
enable = lib.mkOption {
default = true;
description = "enable personalized neovim as default editor";
type = lib.types.bool;
example = false;
f = let
adder = {
__functor = self: arg:
if builtins.isInt arg
then self // {x = self.x + arg;}
else self.x;
x = 0;
};
in {
what = adder 1 2 3 {};
};
};
};
config = lib.mkIf config.base.neovim.enable {
# home-manager
programs.neovim = {
enable = true;
package = my_neovim;
@ -80,23 +93,100 @@ in
vimAlias = true;
withPython3 = true;
withNodeJs = true;
# Attempt 4: Correct way to make neovim aware of packages
# homeConfigurations.config.programs.neovim takes UNWRAPPED neovim
# and wraps it.
# Ideally, we build our own neovim and add that to config.home.packages
# to share it with nixOS. But we don't really need to share
extraPackages = nvim_pkgs;
# only for here for archive-documentation
# extraPython3Packages = (pypkgs: [
# # pypkgs.python-lsp-server
# pypkgs.ujson
# ]);
# I use vim-plug, so I probably don't require packaging
# extraConfig actually writes to init-home-manager.vim (not lua)
# https://github.com/nix-community/home-manager/pull/3287
# extraConfig = builtins.readFile "${proj_root}/neovim/init.lua";
extraLuaConfig = builtins.readFile "${proj_root.config.path}//neovim/init.lua";
plugins = let
inherit
(pkgs.vimPlugins)
plenary-nvim
nvim-treesitter
nvim-treesitter-textobjects
nvim-treesitter-context
telescope-fzf-native-nvim
telescope-file-browser-nvim
telescope-nvim
nvim-lspconfig
gruvbox-community
neodev-nvim
cmp-nvim-lsp
cmp-path
cmp-buffer
cmp-cmdline
nvim-cmp
lspkind-nvim
nvim-autopairs
nvim-ts-autotag
guess-indent-nvim
harpoon
zk-nvim
luasnip
fidget-nvim
rust-tools-nvim
cmp_luasnip
gitsigns-nvim
indent-blankline-nvim
lualine-nvim
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
;
in [
plenary-nvim
nvim-treesitter.withAllGrammars
nvim-treesitter-textobjects
telescope-fzf-native-nvim
telescope-file-browser-nvim
telescope-nvim
nvim-lspconfig
gruvbox-community
neodev-nvim
cmp-nvim-lsp
cmp-path
cmp-buffer
cmp-cmdline
nvim-cmp
lspkind-nvim
nvim-autopairs
nvim-ts-autotag
guess-indent-nvim
harpoon
zk-nvim
luasnip
nvim-treesitter-context
fidget-nvim
rust-tools-nvim
cmp_luasnip
gitsigns-nvim
indent-blankline-nvim
lualine-nvim
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
];
};
# home.packages = nvim_pkgs;
xdg.configFile."nvim/init.lua".source = "${proj_root.config.path}//neovim/init.lua";
};
}

View File

@ -1,7 +1,13 @@
{ config, pkgs, lib, ... }:
let cfg = config.base.private_chromium;
in
# TODO: maybe throw if base.graphics is not enabled?
# Though, headless chromium might be possible
{
config,
pkgs,
lib,
...
}: let
cfg = config.base.private_chromium;
in {
options.base.private_chromium = {
enable = lib.mkOption {
type = lib.types.bool;
@ -12,37 +18,41 @@ in
'';
};
};
config = lib.mkIf cfg.enable {
config = lib.mkIf (cfg.enable) {
# home.packages = [pkgs.ungoogled-chromium];
programs.chromium = {
enable = true;
package = pkgs.ungoogled-chromium;
extensions =
let
mkChromiumExtForVersion = browserVersion: { id, sha256, extVersion, ... }:
{
inherit id;
crxPath = builtins.fetchurl {
url = "https://clients2.google.com/service/update2/crx" +
"?response=redirect" +
"&acceptformat=crx2,crx3" +
"&prodversion=${browserVersion}" +
"&x=id%3D${id}%26installsource%3Dondemand%26uc";
name = "${id}.crx";
inherit sha256;
};
version = extVersion;
};
mkChromiumExt = mkChromiumExtForVersion (lib.versions.major pkgs.ungoogled-chromium.version);
in
[
# vimium
(mkChromiumExt {
id = "dbepggeogbaibhgnhhndojpepiihcmeb";
sha256 = "00qhbs41gx71q026xaflgwzzridfw1sx3i9yah45cyawv8q7ziic";
extVersion = "1.67.4";
})
];
extensions = let
# TODO: how about a chrome extension registry?
mkChromiumExtForVersion = browserVersion: {
id,
sha256,
extVersion,
...
}: {
inherit id;
crxPath = builtins.fetchurl {
url =
"https://clients2.google.com/service/update2/crx"
+ "?response=redirect"
+ "&acceptformat=crx2,crx3"
+ "&prodversion=${browserVersion}"
+ "&x=id%3D${id}%26installsource%3Dondemand%26uc";
name = "${id}.crx";
inherit sha256;
};
version = extVersion;
};
mkChromiumExt = mkChromiumExtForVersion (lib.versions.major pkgs.ungoogled-chromium.version);
in [
# vimium
(mkChromiumExt {
id = "dbepggeogbaibhgnhhndojpepiihcmeb";
sha256 = "00qhbs41gx71q026xaflgwzzridfw1sx3i9yah45cyawv8q7ziic";
extVersion = "1.67.4";
})
];
};
};
}

View File

@ -1,8 +1,11 @@
inputs@{pkgs,...}: {
# A module that takes care of a GUI-ful, productive desktop environment
inputs @ {pkgs, ...}: {
imports = [
# slack
({pkgs,...}: {
home.packages = [pkgs.slack];
({pkgs, ...}: {
home.packages = [
pkgs.slack
];
})
./private_chromium.nix
];

View File

@ -1,14 +1,14 @@
# Configurations for shell stuffs.
# Should probably be decoupled even more
{ config
, proj_root
, myLib
, pkgs
, ...
}:
let cfg = config.base.shells;
in
# Should probably be decoupled even more for each feature
{
config,
proj_root,
myLib,
pkgs,
...
}: let
cfg = config.base.shells;
in {
options.base.shells = {
enable = myLib.mkOption {
type = myLib.types.bool;
@ -30,14 +30,13 @@ in
shellAliases = myLib.mkOption {
type = myLib.types.attrs;
description = "Shell command aliases";
default = { };
default = {};
example = {
nixGL = "nixGLIntel";
};
};
};
config = myLib.mkIf cfg.enable {
xdg.configFile."starship.toml".source = "${proj_root.config.path}//starship/starship.toml";
# nix: Propagates the environment with packages and vars when enter (children of)
# a directory with shell.nix-compatible and .envrc
programs.direnv = {
@ -52,16 +51,37 @@ in
};
programs.tmux = {
enable = true;
# extraConfigBeforePlugin = builtins.readFile "${proj_root.config.path}/tmux/tmux.conf";
plugins = let inherit (pkgs.tmuxPlugins) cpu net-speed; in [cpu net-speed];
extraConfig = builtins.readFile "${proj_root.config.path}/tmux/tmux.conf";
};
xdg.configFile."tmux/tmux.conf".text = myLib.mkOrder 600 ''
set -g status-right '#{cpu_bg_color} CPU: #{cpu_icon} #{cpu_percentage} | %a %h-%d %H:%M '
'';
# Colored ls
programs.exa = {
enable = true;
enableAliases = true;
};
# Make the shell look beautiful
programs.starship = {
enable = true;
enableZshIntegration = true;
settings = let
native = builtins.fromTOML (builtins.readFile "${proj_root.config.path}/starship/starship.toml");
patch-nix = pkgs.lib.recursiveUpdate native {
# WARNING: home-manager fails on here for some reason. Likely not at the
# validation phase (type-checking), but at evaluation phaase (stringify)
# c.commands = [
# ["nix" "run" "nixpkgs#clang" "--" "--version"]
# ["nix" "run" "nixpkgs#gcc" "--" "--version"]
# ];
c.commands = "fuk";
};
in
patch-nix;
};
# Fuzzy finder. `fzf` for TUI, `fzf -f '<fuzzy query>'` for UNIX piping
programs.fzf.enable = true;
programs.bash = {
enable = true;
@ -72,10 +92,12 @@ in
enable = true;
enableCompletion = true;
enableAutosuggestions = true;
shellAliases = {
nix-rebuild = "sudo nixos-rebuild switch";
hm-switch = "home-manager switch --flake";
} // (cfg.shellAliases or { });
shellAliases =
{
nix-rebuild = "sudo nixos-rebuild switch";
hm-switch = "home-manager switch --flake";
}
// (cfg.shellAliases or {});
history = {
size = 10000;
path = "${config.xdg.dataHome}/zsh/history";
@ -83,27 +105,31 @@ in
oh-my-zsh = {
enable = true;
plugins = [
"git" # git command aliases: https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/git#aliases
"git" # git command aliases: https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/git#aliases
# "sudo" # double-escape to prepend sudo # UPDATE: just use vi-mode lol
"command-not-found" # suggests which package to install; does not support nixos (we have solution already)
"gitignore" # `gi list` -> `gi java >>.gitignore`
"ripgrep" # adds completion for `rg`
"rust" # compe for rustc/cargo
"ripgrep" # adds completion for `rg`
"rust" # compe for rustc/cargo
"poetry" # compe for poetry - Python's cargo
# "vi-mode" # edit promps with vi motions :)
];
};
sessionVariables = {
# Vim mode on the terminal
# VI_MODE_RESET_PROMPT_ON_MODE_CHANGE = true;
# VI_MODE_SET_CURSOR = true;
# ZVM_VI_ESCAPE_BINDKEY = "";
ZVM_READKEY_ENGINE="$ZVM_READKEY_ENGINE_NEX";
ZVM_KEYTIMEOUT=0.004; # 40ms, or subtly around 25 FPS. I'm a gamer :)
ZVM_ESCAPE_KEYTIMEOUT=0.004; # 40ms, or subtly around 25 FPS. I'm a gamer :)
ZVM_READKEY_ENGINE = "$ZVM_READKEY_ENGINE_NEX";
ZVM_KEYTIMEOUT = 0.004; # 40ms, or subtly around 25 FPS. I'm a gamer :)
ZVM_ESCAPE_KEYTIMEOUT = 0.004; # 40ms, or subtly around 25 FPS. I'm a gamer :)
};
initExtra = (cfg.shellInitExtra or "") + ''
source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh
'';
initExtra =
(cfg.shellInitExtra or "")
+ ''
source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh
'';
};
};
}

View File

@ -1,11 +1,11 @@
{ config
, proj_root
, myLib
, ...
}:
let cfg = config.base.ssh;
in
{
config,
proj_root,
myLib,
...
}: let
cfg = config.base.ssh;
in {
options.base.ssh.enable = myLib.mkOption {
type = myLib.types.bool;
default = true;
@ -17,7 +17,6 @@ in
config.programs.ssh = {
inherit (cfg) enable;
forwardAgent = true;
extraConfig = builtins.readFile "${proj_root.config.path}/ssh/config";
includes = ["${proj_root.config.path}/ssh/config"];
};
}

View File

@ -1,12 +1,13 @@
(import
# We use top-level nix-flake, so default.nix is basically just a wrapper around ./flake.nix
(
import
(
# Get corresponding version of flake-compat declared in on ./flake.lock
let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
c_ = import ./../../c_.nix;
in
c_.fetchTree lock.nodes.flake-compat.locked
)
{ src = ./.; } # calls flake.nix
).defaultNix
{src = ./.;}
)
.defaultNix

File diff suppressed because it is too large Load Diff

View File

@ -1,145 +1,253 @@
{
nixConfig = {
accept-flake-config = true;
experimental-features = "nix-command flakes";
extra-substituters = [
"https://nix-community.cachix.org"
"https://cache.nixos.org"
];
extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
];
max-jobs = 12;
};
description = "simple home-manager config";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-latest.url = "github:nixos/nixpkgs";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
# url = "github:pegasust/home-manager/starship-config-type";
follows = "nixpkgs";
};
flake-utils.url = "github:numtide/flake-utils";
nixgl.url = "path:./../../out-of-tree/nixGL";
rust-overlay.url = "github:oxalica/rust-overlay";
# Allows default.nix to call onto flake.nix. Useful for nix eval and automations
flake-compat = {
url = "github:edolstra/flake-compat";
url = "path:../../out-of-tree/flake-compat";
flake = false;
};
nix-boost.url = "git+https://git.pegasust.com/pegasust/nix-boost.git";
kpcli-py = {
url = "github:rebkwok/kpcli";
flake = false;
};
neovim-nightly-overlay = {
url = "github:nix-community/neovim-nightly-overlay?rev=88a6c749a7d126c49f3374f9f28ca452ea9419b8";
};
nix-index-database = {
url = "github:mic92/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
flake_inputs@{ nixpkgs
, home-manager
, nixgl
, rust-overlay
, flake-utils
, kpcli-py
, ...
}:
let
system = "x86_64-linux";
overlays = import ./../../overlays.nix flake_inputs;
outputs = flake_inputs @ {
nixpkgs,
home-manager,
nixgl,
rust-overlay,
flake-utils,
kpcli-py,
neovim-nightly-overlay,
nix-boost,
nixpkgs-latest,
...
}: let
# config_fn:: system -> config
cross_platform = config_fn: {
packages =
builtins.foldl'
(prev: system:
prev
// {
"${system}" = config_fn system;
})
{}
flake-utils.lib.defaultSystems;
};
in
cross_platform (system: let
overlays = import ./overlays.nix (flake_inputs // {inherit system;});
# pkgs = nixpkgs.legacyPackages.${system}.appendOverlays overlays;
pkgs = import nixpkgs {
inherit system overlays;
config = { allowUnfree = true; };
config = {allowUnfree = true;};
};
# lib = (import ../lib { inherit pkgs; lib = pkgs.lib; });
base = import ./base;
base = import ./base flake_inputs;
inherit (base) mkModuleArgs;
kde_module = {config, pkgs, ...}: {
nerd_font_module = {
config,
pkgs,
...
}: {
fonts.fontconfig.enable = true;
home.packages = [
(pkgs.nerdfonts.override {fonts = ["DroidSansMono"];})
# list of fonts are available at https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/data/fonts/nerdfonts/shas.nix
(pkgs.nerdfonts.override {fonts = ["Hack"];})
];
# For some reasons, Windows es in the font name as DroidSansMono NF
# so we need to override this
base.alacritty.font.family = "DroidSansMono Nerd Font";
base.alacritty.font.family = "Hack Nerd Font Mono";
};
in
{
in {
debug = {
inherit overlays pkgs base;
};
homeConfigurations =
let x11_wsl = ''
homeConfigurations = let
x11_wsl = ''
# x11 output for WSL
export DISPLAY=$(ip route list default | awk '{print $3}'):0
export LIBGL_ALWAYS_INDIRECT=1
'';
in
rec {
"hungtr" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = base.modules ++ [
in {
"hungtr" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
base.modules
++ [
./home.nix
];
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hungtr";
homeDirectory = "/home/hungtr";
};
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hungtr";
homeDirectory = "/home/hungtr";
};
};
"hungtr@bao" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = base.modules ++ [
};
"hungtr@bao" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
base.modules
++ [
./home.nix
kde_module
nerd_font_module
./base/productive_desktop.nix
];
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hungtr";
homeDirectory = "/home/hungtr";
};
};
};
"nixos@Felia" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = [
./home.nix
{
base.shells = {
shellInitExtra = ''
'' + x11_wsl;
};
# since home.nix forces us to use keepass, and base.keepass.path
# defaults to a bad value (on purpose), we should configure a
# it to be the proper path
base.keepass.path = "/perso/garden/keepass.kdbx";
base.graphics.useNixGL.defaultPackage = "nixGLNvidia";
base.graphics.useNixGL.enable = true;
}
];
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "nixos";
homeDirectory = "/home/nixos";
};
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hungtr";
homeDirectory = "/home/hungtr";
};
};
# NOTE: This is never actually tested. This is for Ubuntu@Felia
# "ubuntu_admin" = home-manager.lib.homeManagerConfiguration {
# inherit pkgs;
# modules = [
# ./home.nix
# ];
# extraSpecialArgs = {
# myLib = lib;
# myHome = {
# username = "ubuntu_admin";
# homeDirectory = "/home/ubuntu_admin";
# shellInitExtra = ''
# '' + x11_wsl;
# };
# };
# };
# Personal laptop
hwtr = home-manager.lib.homeManagerConfiguration {
};
# Personal darwin, effectively serves as the Darwin edge channel
"hungtran" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
base.modules
++ [
./home.nix
{
base.graphics.enable = false;
# don't want to deal with GL stuffs on mac yet :/
base.graphics.useNixGL.defaultPackage = null;
# NOTE: this actually does not exist
base.keepass.path = "/Users/hungtran/keepass.kdbx";
base.alacritty.font.size = 11.0;
}
nerd_font_module
./base/productive_desktop.nix
{
base.private_chromium.enable = false;
}
{
home.packages = [
pkgs.postman
];
}
];
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
modules = base.modules ++ [
myHome = {
username = "hungtran";
homeDirectory = "/Users/hungtran";
};
};
};
# Work darwin
"htran" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
base.modules
++ [
./home.nix
./base/productive_desktop.nix
./base/darwin-spotlight.nix
{
base.private_chromium.enable = false;
}
nerd_font_module
{
base.graphics.enable = false;
# don't want to deal with GL stuffs on mac yet :/
base.graphics.useNixGL.defaultPackage = null;
base.alacritty.font.size = 11.0;
base.git.name = "Hung";
base.git.email = "htran@egihosting.com";
}
{
home.packages = [
pkgs.postman
];
}
{base.keepass.enable = pkgs.lib.mkForce false;}
];
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "htran";
homeDirectory = "/Users/htran";
};
};
};
"nixos@Felia" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = [
./home.nix
{
base.shells = {
shellInitExtra =
''
''
+ x11_wsl;
};
}
];
# optionally pass inarguments to module
# we migrate this from in-place modules to allow flexibility
# in this case, we can add "home" to input arglist of home.nix
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "nixos";
homeDirectory = "/home/nixos";
};
};
};
# Personal laptop
hwtr = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
base.modules
++ [
./home.nix
./base/graphics.nix
{
@ -147,19 +255,20 @@
base.alacritty.font.family = "BitstreamVeraSansMono Nerd Font";
base.keepass.path = "/media/homelab/f/PersistentHotStorage/keepass.kdbx";
}
./base/productive_desktop.nix
];
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hwtr";
homeDirectory = "/home/hwtr";
packages = [
pkgs.postman
];
};
extraSpecialArgs = mkModuleArgs {
inherit pkgs;
myHome = {
username = "hwtr";
homeDirectory = "/home/hwtr";
packages = [
pkgs.postman
];
};
};
};
};
};
});
}

View File

@ -1,44 +0,0 @@
{
"nodes": {
"from-yaml": {
"flake": false,
"locked": {
"lastModified": 1667993008,
"narHash": "sha256-X5RWyebq+j56mUGGCmZTVcJBy6Y/QgFEMHklaz+GOt0=",
"owner": "pegasust",
"repo": "fromYaml",
"rev": "23d2616051f5a781dcfe2915a526925fd9cdd08c",
"type": "github"
},
"original": {
"owner": "pegasust",
"repo": "fromYaml",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1667811565,
"narHash": "sha256-HYml7RdQPQ7X13VNe2CoDMqmifsXbt4ACTKxHRKQE3Q=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "667e5581d16745bcda791300ae7e2d73f49fff25",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"from-yaml": "from-yaml",
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

View File

@ -1,109 +0,0 @@
{
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
from-yaml ={
url = "github:pegasust/fromYaml";
flake = false;
};
};
outputs = {nixpkgs,from-yaml, ...}: let
system = "x86_64-linux";
pkgs = import nixpkgs {inherit system;};
lib = {
fromYaml = import "${from-yaml}/fromYaml.nix" {lib = pkgs.lib;};
};
in {
inherit nixpkgs;
inherit from-yaml;
inherit lib;
inherit pkgs;
fromYamlFn = lib.fromYaml;
yamlCmd = str: (builtins.fromJSON(pkgs.runCommand "echo ${str} | yq"));
test_0 = ''
key_bindings:
- hello:
"N"
'';
key_bind = ''
key_bindings:
- { key: N, mods: Control, action: CreateNewWindow }
# - { key: Paste, action: Paste }
# - { key: Copy, action: Copy }
#- { key: L, mods: Control, action: ClearLogNotice }
#- { key: L, mods: Control, mode: ~Vi|~Search, chars: "\x0c" }
#- { key: PageUp, mods: Shift, mode: ~Alt, action: ScrollPageUp }
#- { key: PageDown, mods: Shift, mode: ~Alt, action: ScrollPageDown }
#- { key: Home, mods: Shift, mode: ~Alt, action: ScrollToTop }
#- { key: End, mods: Shift, mode: ~Alt, action: ScrollToBottom }
# Vi Mode
#- { key: Space, mods: Shift|Control, mode: ~Search, action: ToggleViMode }
- { key: Escape, mods: Shift, mode: ~Search, action: ToggleViMode }
#- { key: Space, mods: Shift|Control, mode: Vi|~Search, action: ScrollToBottom }
#- { key: Escape, mode: Vi|~Search, action: ClearSelection }
#- { key: I, mode: Vi|~Search, action: ToggleViMode }
#- { key: I, mode: Vi|~Search, action: ScrollToBottom }
#- { key: C, mods: Control, mode: Vi|~Search, action: ToggleViMode }
#- { key: Y, mods: Control, mode: Vi|~Search, action: ScrollLineUp }
#- { key: E, mods: Control, mode: Vi|~Search, action: ScrollLineDown }
#- { key: G, mode: Vi|~Search, action: ScrollToTop }
#- { key: G, mods: Shift, mode: Vi|~Search, action: ScrollToBottom }
#- { key: B, mods: Control, mode: Vi|~Search, action: ScrollPageUp }
#- { key: F, mods: Control, mode: Vi|~Search, action: ScrollPageDown }
#- { key: U, mods: Control, mode: Vi|~Search, action: ScrollHalfPageUp }
#- { key: D, mods: Control, mode: Vi|~Search, action: ScrollHalfPageDown }
#- { key: Y, mode: Vi|~Search, action: Copy }
#- { key: Y, mode: Vi|~Search, action: ClearSelection }
#- { key: Copy, mode: Vi|~Search, action: ClearSelection }
#- { key: V, mode: Vi|~Search, action: ToggleNormalSelection }
#- { key: V, mods: Shift, mode: Vi|~Search, action: ToggleLineSelection }
#- { key: V, mods: Control, mode: Vi|~Search, action: ToggleBlockSelection }
#- { key: V, mods: Alt, mode: Vi|~Search, action: ToggleSemanticSelection }
#- { key: Return, mode: Vi|~Search, action: Open }
#- { key: Z, mode: Vi|~Search, action: CenterAroundViCursor }
#- { key: K, mode: Vi|~Search, action: Up }
#- { key: J, mode: Vi|~Search, action: Down }
#- { key: H, mode: Vi|~Search, action: Left }
#- { key: L, mode: Vi|~Search, action: Right }
#- { key: Up, mode: Vi|~Search, action: Up }
#- { key: Down, mode: Vi|~Search, action: Down }
#- { key: Left, mode: Vi|~Search, action: Left }
#- { key: Right, mode: Vi|~Search, action: Right }
#- { key: Key0, mode: Vi|~Search, action: First }
#- { key: Key4, mods: Shift, mode: Vi|~Search, action: Last }
#- { key: Key6, mods: Shift, mode: Vi|~Search, action: FirstOccupied }
#- { key: H, mods: Shift, mode: Vi|~Search, action: High }
#- { key: M, mods: Shift, mode: Vi|~Search, action: Middle }
#- { key: L, mods: Shift, mode: Vi|~Search, action: Low }
#- { key: B, mode: Vi|~Search, action: SemanticLeft }
#- { key: W, mode: Vi|~Search, action: SemanticRight }
#- { key: E, mode: Vi|~Search, action: SemanticRightEnd }
#- { key: B, mods: Shift, mode: Vi|~Search, action: WordLeft }
#- { key: W, mods: Shift, mode: Vi|~Search, action: WordRight }
#- { key: E, mods: Shift, mode: Vi|~Search, action: WordRightEnd }
#- { key: Key5, mods: Shift, mode: Vi|~Search, action: Bracket }
#- { key: Slash, mode: Vi|~Search, action: SearchForward }
#- { key: Slash, mods: Shift, mode: Vi|~Search, action: SearchBackward }
#- { key: N, mode: Vi|~Search, action: SearchNext }
#- { key: N, mods: Shift, mode: Vi|~Search, action: SearchPrevious }
# Search Mode
#- { key: Return, mode: Search|Vi, action: SearchConfirm }
#- { key: Escape, mode: Search, action: SearchCancel }
#- { key: C, mods: Control, mode: Search, action: SearchCancel }
#- { key: U, mods: Control, mode: Search, action: SearchClear }
#- { key: W, mods: Control, mode: Search, action: SearchDeleteWord }
#- { key: P, mods: Control, mode: Search, action: SearchHistoryPrevious }
#- { key: N, mods: Control, mode: Search, action: SearchHistoryNext }
#- { key: Up, mode: Search, action: SearchHistoryPrevious }
#- { key: Down, mode: Search, action: SearchHistoryNext }
#- { key: Return, mode: Search|~Vi, action: SearchFocusNext }
#- { key: Return, mods: Shift, mode: Search|~Vi, action: SearchFocusPrevious }
# (Windows, Linux, and BSD only)
- { key: V, mods: Control|Shift, mode: ~Vi, action: Paste }
- { key: C, mods: Control|Shift, action: Copy }
'';
};
}

View File

@ -3,18 +3,20 @@
# This file represents the base settings for each machine
# Additional configurations goes to profiles/<user>
# or inlined in flake.nix
{ config # Represents the realized final configuration
, pkgs # This is by default just ``= import <nixpkgs>{}`
, myHome
, myLib
, option # The options we're given, this might be useful for typesafety?
, proj_root
, ...
}:
let
inherit (myLib) fromYaml;
in
{
config,
# Represents the realized final configuration
pkgs,
# This is by default just ``= import <nixpkgs>{}`
myHome,
myLib,
option,
# The options we're given, this might be useful for typesafety?
proj_root,
...
}: let
inherit (myLib) fromYaml;
in {
imports = [
./base/neovim.nix
./base/keepass.nix
@ -24,29 +26,38 @@ in
homeDirectory = myHome.homeDirectory;
stateVersion = myHome.stateVersion or "22.05";
};
home.packages = pkgs.lib.unique ([
# pkgs.ncdu
pkgs.rclone # cloud file operations
pkgs.htop # system diagnostics in CLI
pkgs.ripgrep # content fuzzy search
pkgs.unzip # compression
pkgs.zip # compression
home.packages = pkgs.lib.unique (
[
# pkgs.ncdu
pkgs.rclone # cloud file operations
pkgs.htop # system diagnostics in CLI
pkgs.ripgrep # content fuzzy search
pkgs.unzip # compression
pkgs.zip # compression
# cool utilities
pkgs.yq # Yaml adaptor for jq (only pretty print, little query)
pkgs.xorg.xclock # TODO: only include if have gui # For testing GL installation
pkgs.logseq # TODO: only include if have GL # Obsidian alt
pkgs.mosh # Parsec for SSH
# pkgs.nixops_unstable # nixops v2 # insecure for now
pkgs.lynx # Web browser at your local terminal
pkgs.zk
# cool utilities
pkgs.yq-go # Yaml adaptor for jq (only pretty print, little query)
# pkgs.xorg.xclock # TODO: only include if have gui # For testing GL installation
# pkgs.logseq # TODO: only include if have GL # Obsidian alt
pkgs.mosh # Parsec for SSH
# pkgs.nixops_unstable # nixops v2 # insecure for now
pkgs.lynx # Web browser at your local terminal
pkgs.zk
# pkgs.tailscale # VPC;; This should be installed in system-nix
pkgs.python310 # dev packages should be in project
# pkgs.python310.numpy
# pkgs.python310Packages.tensorflow
# pkgs.python310Packages.scikit-learn
] ++ (myHome.packages or [ ])
# pkgs.tailscale # VPC;; This should be installed in system-nix
pkgs.python310 # dev packages should be in project
# pkgs.python310.numpy
# pkgs.python310Packages.tensorflow
# pkgs.python310Packages.scikit-learn
]
++ (myHome.packages or [])
++ (
if pkgs.system == "x86_64-linux"
then [
pkgs.logseq
]
else []
)
);
## Configs ##
@ -56,9 +67,6 @@ in
programs.jq = {
enable = true;
};
# not exist in home-manager
# have to do it at system level
# services.ntp.enable = true; # automatic time
programs.nix-index = {
enable = true;
enableBashIntegration = true;

View File

@ -0,0 +1,6 @@
accept-flake-config = true
experimental-features = nix-command flakes
post-build-hook = /etc/nix/upload-to-cache.sh
trusted-users = root htran hungtran hwtr
max-jobs = 8
cores = 12

View File

@ -1,3 +1,5 @@
accept-flake-config = true
experimental-features = nix-command flakes
post-build-hook = /etc/nix/upload-to-cache.sh
trusted-users = root htran hungtran hwtr

View File

@ -0,0 +1,4 @@
accept-flake-config = true
experimental-features = nix-command flakes
post-build-hook = /etc/nix/upload-to-cache.sh
trusted-users = root htran hungtran hwtr

View File

@ -0,0 +1,71 @@
flake_input @ {
kpcli-py,
nixgl,
rust-overlay,
neovim-nightly-overlay,
system,
nix-boost,
nixpkgs-latest,
...
}: let
kpcli-py = final: prev: {
# use python3.9, which works because of cython somehow?
kpcli-py = final.poetry2nix.mkPoetryApplication {
projectDir = flake_input.kpcli-py;
overrides = final.poetry2nix.defaultPoetryOverrides.extend (self: super: {
# tableformatter requires setuptools
tableformatter = super.tableformatter.overridePythonAttrs (
old: {
buildInputs = (old.buildInputs or []) ++ [self.setuptools self.cython_3];
src = old.src;
}
);
kpcli = super.kpcli.overridePythonAttrs (old: {
buildInputs = (old.buildInputs or []) ++ [self.setuptools];
});
# ubersmith = super.ubersmith.overridePythonAttrs (old: {
# buildInputs = builtins.filter (x: ! builtins.elem x [ ]) ((old.buildInputs or [ ]) ++ [
# py-final.setuptools
# py-final.pip
# ]);
#
# src = final.fetchFromGitHub {
# owner = "jasonkeene";
# repo = "python-ubersmith";
# rev = "0c594e2eb41066d1fe7860e3a6f04b14c14f6e6a";
# sha256 = "sha256-Dystt7CBtjpLkgzCsAif8WkkYYeLyh7VMehAtwoDGuM=";
# };
# });
});
};
};
rust = final: prev: let
nightlyRustWithExts = exts:
final.rust-bin.selectLatestNightlyWith (
toolchain: (toolchain.minimal.override {
extensions = exts;
})
);
# https://rust-lang.github.io/rustup/concepts/profiles.html
rust-default-components = ["rust-docs" "rustfmt" "clippy"];
rust-dev-components = rust-default-components ++ ["rust-src" "rust-analyzer" "miri"];
in {
rust4devs = nightlyRustWithExts rust-dev-components;
rust4cargo = nightlyRustWithExts [];
rust4normi = nightlyRustWithExts rust-default-components;
};
vimPlugins = final: prev: {
inherit (nixpkgs-latest.legacyPackages.${system}) vimPlugins;
};
in [
nix-boost.overlays.default
nixgl.overlays.default
rust-overlay.overlays.default
neovim-nightly-overlay.overlay
rust
kpcli-py
vimPlugins
]

View File

@ -1,5 +1,8 @@
# main module exporter for different configuration profiles
{pkgs, libs,...} @ inputs:
{
hwtr = import ./hwtr.nix;
pkgs,
libs,
...
} @ inputs: {
hwtr = import ./hwtr.nix;
}

View File

@ -0,0 +1 @@

View File

@ -1,10 +1,12 @@
{ pkgs
, lib ? pkgs.lib
, ... }@flake_import:
let serde = import ./serde { inherit pkgs lib; };
recursiveUpdate = lib.recursiveUpdate;
{
pkgs,
lib ? pkgs.lib,
...
} @ flake_import: let
serde = import ./serde {inherit pkgs lib;};
recursiveUpdate = lib.recursiveUpdate;
in
recursiveUpdate (recursiveUpdate pkgs.lib lib) {
fromYaml = serde.fromYaml;
fromYamlPath = serde.fromYamlPath;
}
recursiveUpdate (recursiveUpdate pkgs.lib lib) {
fromYaml = serde.fromYaml;
fromYamlPath = serde.fromYamlPath;
}

View File

@ -1,28 +1,39 @@
# Takes care of serializing and deserializing to some formats
# Blame: Pegasust<pegasucksgg@gmail.com>
# TODO: Add to* formats from pkgs.formats.*
{ pkgs
, lib
} @ inputs:
let
yamlToJsonDrv = yamlContent: outputPath: pkgs.callPackage
({ runCommand }:
{
pkgs,
lib,
} @ inputs: let
yamlToJsonDrv = yamlContent: outputPath:
pkgs.callPackage
({runCommand}:
# runCommand source: https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/trivial-builders.nix#L33
runCommand outputPath { inherit yamlContent; nativeBuildInputs = [ pkgs.yq ]; }
runCommand outputPath
{
inherit yamlContent;
nativeBuildInputs = [pkgs.yq];
}
# run yq which outputs '.' (no filter) on file at yamlPath
# note that $out is passed onto the bash/sh script for execution
''
echo "$yamlContent" | yq >$out
'')
{ };
{};
in {
# Takes in a yaml string and produces a derivation with translated JSON at $outputPath
# similar to builtins.fromJSON, turns a YAML string to nix attrset
fromYaml = yamlContent: builtins.fromJSON (builtins.readFile (yamlToJsonDrv yamlContent "any_output.json"));
fromYamlPath = yamlPath: builtins.fromJSON (
builtins.readFile (
yamlToJsonDrv (
builtins.readFile yamlPath)
"any-output.json"));
# TODO: fromToml?
fromYamlPath = yamlPath:
builtins.fromJSON (
builtins.readFile (
yamlToJsonDrv
(
builtins.readFile yamlPath
)
"any-output.json"
)
);
fromTOML = builtins.fromTOML;
fromJSON = builtins.fromJSON;
}

View File

@ -1,10 +1,12 @@
# This module aims to be merge (not inject/override) with top-level pkgs to provide
# personalized/custom packages
{ pkgs
, lib
, naersk # rust packages
, ...
}@pkgs_input: {
{
pkgs,
lib,
naersk,
# rust packages
...
} @ pkgs_input: {
# dot-hwtr = import "./dot-hwtr" pkgs_input;
cargo-bacon = pkgs.rustPlatform.buildRustPackage rec {
pname = "bacon";

View File

@ -4,10 +4,12 @@
rust-overlay.url = "github:oxalica/rust-overlay";
naersk.url = "gihub:nix-community/naersk";
};
outputs = { nixpkgs, rust-overlay, naersk }:
let
pkgs = import nixpkgs { overlays = [ rust-overlay.overlays.default ]; };
lib = pkgs.lib;
in
(import ./default.nix { inherit pkgs lib naersk; });
outputs = {
nixpkgs,
rust-overlay,
naersk,
}: let
pkgs = import nixpkgs {overlays = [rust-overlay.overlays.default];};
lib = pkgs.lib;
in (import ./default.nix {inherit pkgs lib naersk;});
}

View File

@ -11,8 +11,7 @@ let
# stands for calculus
c_ = builtins;
in {
"system/secrets/s3fs.age".publicKeys = c_.attrValues (all);
"system/secrets/s3fs.digital-garden.age".publicKeys = c_.attrValues (all);
"system/secrets/_nhitrl.age".publicKeys = c_.attrValues (all);
"system/secrets/s3fs.age".publicKeys = c_.attrValues all;
"system/secrets/s3fs.digital-garden.age".publicKeys = c_.attrValues all;
"system/secrets/_nhitrl.age".publicKeys = c_.attrValues all;
}

View File

@ -1,120 +1,71 @@
{ lib, pkgs, config, modulesPath, specialArgs, ... }:
let
{
lib,
pkgs,
config,
modulesPath,
specialArgs,
...
}: let
hostname = specialArgs.hostname;
enableSSH = specialArgs.enableSSH or true;
_networking = lib.recursiveUpdate { hostName = hostname; } (specialArgs._networking or { });
_boot = specialArgs._boot or { };
_services = specialArgs._services or { };
_networking = lib.recursiveUpdate {hostName = hostname;} (specialArgs._networking or {});
_boot = specialArgs._boot or {};
_services = specialArgs._services or {};
includeHardware = specialArgs.includeHardware or true;
proj_root = builtins.toString ./../..;
in
with lib;
{
imports = (if includeHardware then [
./profiles/${hostname}/hardware-configuration.nix
] else [ ]) ++ [
"${modulesPath}/profiles/minimal.nix"
];
boot = _boot;
with lib; {
imports =
(
if includeHardware
then [
"${proj_root}/hosts/${hostname}/hardware-configuration.nix"
]
else []
)
++ [
"${modulesPath}/profiles/minimal.nix"
"${proj_root}/modules/tailscale.sys.nix"
"${proj_root}/modules/mosh.sys.nix"
];
boot = _boot;
# prune old builds
nix.settings.auto-optimise-store = true;
# prune old builds
nix.settings.auto-optimise-store = true;
# Enable nix flakes
nix.package = pkgs.nixFlakes;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
users.users.hungtr = {
isNormalUser = true;
home = "/home/hungtr";
description = "pegasust/hungtr";
extraGroups = [ "wheel" "networkmanager" "audio"];
};
users.users.root = {
# openssh runs in root, no? This is because port < 1024 requires root.
openssh.authorizedKeys.keys = lib.strings.splitString "\n" (builtins.readFile "${proj_root}/native_configs/ssh/authorized_keys");
};
# Some basic programs
programs.neovim = {
enable = true;
defaultEditor = true;
};
programs.git = {
enable = true;
# more information should be configured under user level
# See other config at @/home-nix
};
environment.systemPackages = [
pkgs.gnumake
pkgs.wget
pkgs.inetutils # network diag
pkgs.mtr # network diag
pkgs.sysstat # sys diag
pkgs.mosh # ssh-alt; parsec-like
pkgs.tailscale # VPC
];
# tailscale is mandatory : ^)
# inherit services;
services = lib.recursiveUpdate _services {
tailscale.enable = true;
ntp.enable = true;
};
# create a oneshot job to authenticate to Tailscale
systemd.services.tailscale-autoconnect = {
description = "Automatic connection to Tailscale";
# make sure tailscale is running before trying to connect to tailscale
after = [ "network-pre.target" "tailscale.service" ];
wants = [ "network-pre.target" "tailscale.service" ];
wantedBy = [ "multi-user.target" ];
# set this service as a oneshot job
serviceConfig.Type = "oneshot";
# have the job run this shell script
script = ''
# wait for tailscaled to settle
sleep 2
# check if we are already authenticated to tailscale
status="$(${pkgs.tailscale}/bin/tailscale status -json | ${pkgs.jq}/bin/jq -r .BackendState)"
if [ $status = "Running" ]; then # if so, then do nothing
exit 0
fi
# ${pkgs.tailscale}/bin/tailscale up # blocks, doesn't give url
# This time, configure device auth so that we authenticate from portal
# https://tailscale.com/kb/1099/device-authorization/#enable-device-authorization-for-your-network
${pkgs.tailscale}/bin/tailscale up -authkey tskey-auth-kJcgTG5CNTRL-PUVFkk31z1bThHpfq3FC5b1jcMmkW2EYW
# Enable nix flakes
nix.package = pkgs.nixFlakes;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
};
# Don't touch networking.firewall.enable, just configure everything else.
# inherit networking;
# inherit _networking;
networking = lib.recursiveUpdate _networking {
firewall =
if _networking ? firewall.enable && _networking.firewall.enable then {
trustedInterfaces = _networking.firewall.trustedInterfaces or [ ] ++ [
"tailscale0"
];
allowedUDPPorts = _networking.firewall.allowedUDPPorts or [ ] ++ [
config.services.tailscale.port
];
allowedTCPPorts = _networking.firewall.allowedTCPPorts or [ ] ++ [
22
];
allowedUDPPortRanges = _networking.firewall.allowedUDPPortRanges or [ ] ++ [
{ from = 60000; to = 61000; } # mosh
users.users.hungtr = {
isNormalUser = true;
home = "/home/hungtr";
description = "pegasust/hungtr";
extraGroups = ["wheel" "networkmanager" "audio"];
};
users.users.root = {
# openssh runs in root, no? This is because port < 1024 requires root.
openssh.authorizedKeys.keys = lib.strings.splitString "\n" (builtins.readFile "${proj_root}/native_configs/ssh/authorized_keys");
};
];
checkReversePath = "loose";
} else { enable = false; };
};
# Some basic programs
programs.neovim = {
enable = true;
defaultEditor = true;
};
environment.noXlibs = lib.mkForce false;
}
programs.git = {
enable = true;
# more information should be configured under user level
# See other config at @/home-nix
};
environment.systemPackages = [
pkgs.gnumake
pkgs.wget
pkgs.inetutils # network diag
pkgs.mtr # network diag
pkgs.sysstat # sys diag
];
}

View File

@ -7,269 +7,285 @@
};
};
outputs = { self, nixpkgs, agenix, ... }:
let
lib = nixpkgs.lib;
proj_root = ./../..;
# TODO: Change respectively to the system or make a nix shell to alias `nix run github:ryantm/agenix -- `
base_modules = [
agenix.nixosModule
{
age.secrets.s3fs = {
file = ./secrets/s3fs.age;
# mode = "600"; # owner + group only
# owner = "hungtr";
# group = "users";
};
age.secrets."s3fs.digital-garden" = {
file = ./secrets/s3fs.digital-garden.age;
};
age.secrets._nhitrl_cred = {
file = ./secrets/_nhitrl.age;
};
environment.systemPackages = [agenix.defaultPackage.x86_64-linux];
}
];
in {
# Windows with NixOS WSL
nixosConfigurations.Felia = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
outputs = {
self,
nixpkgs,
agenix,
...
}: let
lib = nixpkgs.lib;
proj_root = ./../..;
# TODO: Change respectively to the system or make a nix shell to alias `nix run github:ryantm/agenix -- `
base_modules = [
agenix.nixosModule
{
age.secrets.s3fs = {
file = ../../secrets/s3fs.age;
# mode = "600"; # owner + group only
# owner = "hungtr";
# group = "users";
};
age.secrets."s3fs.digital-garden" = {
file = ../../secrets/s3fs.digital-garden.age;
};
age.secrets._nhitrl_cred = {
file = ../../secrets/_nhitrl.age;
};
environment.systemPackages = [agenix.defaultPackage.x86_64-linux];
}
];
in {
# Windows with NixOS WSL
nixosConfigurations.Felia = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./wsl-configuration.nix
{
system.stateVersion = "22.05";
}
];
specialArgs = {
# includeHardware = false;
hostname = "Felia";
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
specialArgs = {
# includeHardware = false;
hostname = "Felia";
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
};
nixosConfigurations.lizzi = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
};
nixosConfigurations.lizzi = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./configuration.nix
{
system.stateVersion = "22.05";
mod.tailscale.enable = true;
}
];
specialArgs = {
hostname = "lizzi";
_networking = {
interfaces.eth1.ipv4.addresses = [{
specialArgs = {
hostname = "lizzi";
_networking = {
interfaces.eth1.ipv4.addresses = [
{
address = "71.0.0.1";
prefixLength = 24;
}];
firewall = {
enable = true;
allowedTCPPorts = [ 80 443 22 ];
};
useDHCP = false;
# required so that we get IP address from linode
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
}
];
firewall = {
enable = true;
allowedTCPPorts = [80 443 22];
};
_services.gitea = {
enable = true;
stateDir = "/gitea";
rootUrl = "https://git.pegasust.com";
settings = {
repository = {
"ENABLE_PUSH_CREATE_USER" = true;
"ENABLE_PUSH_CREATE_ORG" = true;
};
};
};
# Highly suspect that thanks to nginx, ipv6 is disabled?
_services.nginx = {
enable = true;
clientMaxBodySize = "100m"; # Allow big file transfers over git :^)
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."git.pegasust.com" = {
# Gitea hostname
sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem";
sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem";
forceSSL = true; # Runs on port 80 and 443
locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea
useDHCP = false;
# required so that we get IP address from linode
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
_services.gitea = {
enable = true;
stateDir = "/gitea";
rootUrl = "https://git.pegasust.com";
settings = {
repository = {
"ENABLE_PUSH_CREATE_USER" = true;
"ENABLE_PUSH_CREATE_ORG" = true;
};
};
};
# Highly suspect that thanks to nginx, ipv6 is disabled?
_services.nginx = {
enable = true;
clientMaxBodySize = "100m"; # Allow big file transfers over git :^)
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."git.pegasust.com" = {
# Gitea hostname
sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem";
sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem";
forceSSL = true; # Runs on port 80 and 443
locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea
};
};
};
# Generic machine
nixosConfigurations.pixi = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
};
# Generic machine
nixosConfigurations.pixi = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./configuration.nix
{
system.stateVersion = "22.05";
}
];
specialArgs = {
hostname = "pixi";
_networking = {
# interfaces.eth1.ipv4.addresses = [{
# address = "71.0.0.1";
# prefixLength = 24;
# }];
firewall = {
enable = false;
allowedTCPPorts = [ 80 443 22 ];
};
useDHCP = false;
# interfaces.eth0.useDHCP = true;
specialArgs = {
hostname = "pixi";
_networking = {
# interfaces.eth1.ipv4.addresses = [{
# address = "71.0.0.1";
# prefixLength = 24;
# }];
firewall = {
enable = false;
allowedTCPPorts = [80 443 22];
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
_services.gitea = {
enable = true;
stateDir = "/gitea";
rootUrl = "https://git.pegasust.com";
settings = {
repository = {
"ENABLE_PUSH_CREATE_USER" = true;
"ENABLE_PUSH_CREATE_ORG" = true;
};
};
};
_services.nginx = {
enable = true;
clientMaxBodySize = "100m"; # Allow big file transfers over git :^)
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."git.pegasust.com" = {
# Gitea hostname
sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem";
sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem";
forceSSL = true; # Runs on port 80 and 443
locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea
useDHCP = false;
# interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
_services.gitea = {
enable = true;
stateDir = "/gitea";
rootUrl = "https://git.pegasust.com";
settings = {
repository = {
"ENABLE_PUSH_CREATE_USER" = true;
"ENABLE_PUSH_CREATE_ORG" = true;
};
};
};
_services.nginx = {
enable = true;
clientMaxBodySize = "100m"; # Allow big file transfers over git :^)
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."git.pegasust.com" = {
# Gitea hostname
sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem";
sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem";
forceSSL = true; # Runs on port 80 and 443
locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea
};
};
};
nixosConfigurations.nyx = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
};
nixosConfigurations.nyx = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./configuration.nix
{
system.stateVersion = "22.05";
}
];
specialArgs = {
hostname = "nyx";
_networking = {
enableIPv6 = false;
interfaces.eth1.ipv4.addresses = [{
specialArgs = {
hostname = "nyx";
_networking = {
enableIPv6 = false;
interfaces.eth1.ipv4.addresses = [
{
address = "71.0.0.2";
prefixLength = 24;
}];
firewall.enable = true;
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
}
];
firewall.enable = true;
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
};
nixosConfigurations.nixos = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = base_modules ++ [
};
nixosConfigurations.nixos = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./configuration.nix
{
system.stateVersion = "22.05";
}
];
specialArgs = {
hostname = "nixos";
specialArgs = {
hostname = "nixos";
};
};
nixosConfigurations.htran-dev = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
base_modules
++ [
./configuration.nix
{
system.stateVersion = "22.11";
mod.tailscale.enable = false;
networking.defaultGateway = {
address = "10.100.200.1";
# interface = "ens32";
};
networking.interfaces.ens32.ipv4.addresses = [
{
address = "10.100.200.230";
prefixLength = 24;
}
];
}
];
specialArgs = {
hostname = "htran-dev";
_networking = {
firewall.enable = true;
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
_boot.loader.grub.enable = true;
_boot.loader.grub.version = 2;
_services.openssh = {
permitRootLogin = "no";
enable = true;
};
};
nixosConfigurations.bao = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs.hostname = "bao";
modules = base_modules ++ [
};
nixosConfigurations.bao = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs.hostname = "bao";
modules =
base_modules
++ [
./configuration.nix
./../../modules/storage.perso.sys.nix
./../../modules/kde.sys.nix
# GPU, sound, networking stuffs
({ config, pkgs, lib, ... }:
let
gpu_pkgs = [ pkgs.clinfo pkgs.lshw pkgs.glxinfo pkgs.pciutils pkgs.vulkan-tools ];
gpu_conf = {
# openCL
hardware.opengl = {
enable = true;
extraPackages = let
inherit (pkgs) rocm-opencl-icd rocm-opencl-runtime;
in [rocm-opencl-icd rocm-opencl-runtime];
# Vulkan
driSupport = true;
driSupport32Bit = true;
package = pkgs.mesa.drivers;
package32 = pkgs.pkgsi686Linux.mesa.drivers;
};
};
amd_rx470 = {
# early amd gpu usage
boot.initrd.kernelModules = ["amdgpu"];
services.xserver.enable = true;
services.xserver.videoDrivers = ["amdgpu"];
};
nv_rtx3060 = {
nixpkgs.config.allowUnfree = true;
services.xserver.enable = true;
services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable;
};
systemPackages = [] ++ gpu_pkgs;
in
lib.recursiveUpdate gpu_conf (lib.recursiveUpdate nv_rtx3060 {
./../../modules/pulseaudio.sys.nix
./../../modules/opengl.sys.nix
./../../modules/nvgpu.sys.nix
({
config,
pkgs,
lib,
...
}: {
mod.tailscale.enable = true;
# Use UEFI
boot.loader.systemd-boot.enable = true;
networking.hostName = "bao"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Enable the X11 windowing system.
services.xserver.enable = true;
# KDE & Plasma 5
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5 = {
enable = true;
excludePackages = let plasma5 = pkgs.libsForQt5; in [
plasma5.elisa # audio viewer
plasma5.konsole # I use alacritty instaed
plasma5.plasma-browser-integration
plasma5.print-manager # will enable if I need
plasma5.khelpcenter # why not just write manpages instead :(
# plasma5.ksshaskpass # pls just put prompts on my dear terminal
];
};
# disables KDE's setting of askpassword
programs.ssh.askPassword = "";
programs.ssh.enableAskPassword = false;
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
time.timeZone = "America/Phoenix";
# Configure keymap in X11
@ -282,55 +298,15 @@
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound. (pulse audio)
sound.enable = true;
programs.dconf.enable = true;
hardware.pulseaudio.enable = true;
hardware.pulseaudio.support32Bit = true;
nixpkgs.config.pulseaudio = true;
hardware.pulseaudio.extraConfig = "load-module module-combine-sink";
# Sound: pipewire
# sound.enable = false;
# hardware.pulseaudio.enable = false;
# services.pipewire = {
# enable = true;
# alsa.enable = true;
# alsa.support32Bit = true;
# pulse.enable = true;
# # Might want to use JACK in the future
# jack.enable = true;
# };
#
# security.rtkit.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# users.users.alice = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = with pkgs; [
# firefox
# thunderbird
# ];
# };
# Just an initial user to get this started lol
users.users.user = {
initialPassword = "pw123";
extraGroups = [ "wheel" "networkmanager" "audio"];
extraGroups = ["wheel" "networkmanager" "audio"];
isNormalUser = true;
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
neovim
wget
] ++ systemPackages;
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
@ -344,17 +320,6 @@
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
@ -362,8 +327,8 @@
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}))
})
];
};
};
};
}

View File

@ -1,16 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -19,17 +23,15 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{ device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/sdb"; }
];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -3,11 +3,12 @@
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
in
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
)
{
src = ./.;
}).defaultNix
})
.defaultNix

View File

@ -11,9 +11,13 @@
};
};
outputs = { self, nixpkgs, flake-utils, ... }:
outputs = {
self,
nixpkgs,
flake-utils,
...
}:
{
nixosModules.wsl = {
imports = [
./modules/build-tarball.nix
@ -31,26 +35,25 @@
./configuration.nix
];
};
} //
flake-utils.lib.eachSystem
(with flake-utils.lib.system; [ "x86_64-linux" "aarch64-linux" ])
(system:
let
pkgs = import nixpkgs { inherit system; };
in
{
checks.check-format = pkgs.runCommand "check-format"
{
buildInputs = with pkgs; [ nixpkgs-fmt ];
} ''
}
// flake-utils.lib.eachSystem
(with flake-utils.lib.system; ["x86_64-linux" "aarch64-linux"])
(
system: let
pkgs = import nixpkgs {inherit system;};
in {
checks.check-format =
pkgs.runCommand "check-format"
{
buildInputs = with pkgs; [nixpkgs-fmt];
} ''
nixpkgs-fmt --check ${./.}
mkdir $out # success
'';
devShell = pkgs.mkShell {
nativeBuildInputs = with pkgs; [ nixpkgs-fmt ];
};
}
);
devShell = pkgs.mkShell {
nativeBuildInputs = with pkgs; [nixpkgs-fmt];
};
}
);
}

View File

@ -1,12 +1,24 @@
{ config, pkgs, lib, ... }:
with builtins; with lib;
let
pkgs2storeContents = l: map (x: { object = x; symlink = "none"; }) l;
{
config,
pkgs,
lib,
...
}:
with builtins;
with lib; let
pkgs2storeContents = l:
map
(x: {
object = x;
symlink = "none";
})
l;
nixpkgs = lib.cleanSource pkgs.path;
channelSources = pkgs.runCommand "nixos-${config.system.nixos.version}"
{ preferLocalBuild = true; }
channelSources =
pkgs.runCommand "nixos-${config.system.nixos.version}"
{preferLocalBuild = true;}
''
mkdir -p $out
cp -prd ${nixpkgs.outPath} $out/nixos
@ -58,10 +70,7 @@ let
sed -i 's|import \./default\.nix|import \./nixos-wsl|' ./etc/nixos/configuration.nix
''}
'';
in
{
in {
options.wsl.tarball = {
includeConfig = mkOption {
type = types.bool;
@ -70,13 +79,12 @@ in
};
};
config = mkIf config.wsl.enable {
# These options make no sense without the wsl-distro module anyway
system.build.tarball = pkgs.callPackage "${nixpkgs}/nixos/lib/make-system-tarball.nix" {
# No contents, structure will be added by prepare script
contents = [ ];
contents = [];
fileName = "nixos-wsl-${pkgs.hostPlatform.system}";
@ -92,6 +100,5 @@ in
compressCommand = "gzip";
compressionExtension = ".gz";
};
};
}

View File

@ -1,20 +1,23 @@
{ config, lib, pkgs, ... }:
with builtins; with lib; {
{
config,
lib,
pkgs,
...
}:
with builtins;
with lib; {
imports = [
(mkRenamedOptionModule [ "wsl" "docker" ] [ "wsl" "docker-desktop" ])
(mkRenamedOptionModule ["wsl" "docker"] ["wsl" "docker-desktop"])
];
options.wsl.docker-desktop = with types; {
enable = mkEnableOption "Docker Desktop integration";
};
config =
let
cfg = config.wsl.docker-desktop;
in
config = let
cfg = config.wsl.docker-desktop;
in
mkIf (config.wsl.enable && cfg.enable) {
environment.systemPackages = with pkgs; [
docker
docker-compose
@ -25,7 +28,7 @@ with builtins; with lib; {
script = ''
${config.wsl.automountPath}/wsl/docker-desktop/docker-desktop-user-distro proxy --docker-desktop-root ${config.wsl.automountPath}/wsl/docker-desktop
'';
wantedBy = [ "multi-user.target" ];
wantedBy = ["multi-user.target"];
serviceConfig = {
Restart = "on-failure";
RestartSec = "30s";
@ -35,7 +38,5 @@ with builtins; with lib; {
users.groups.docker.members = [
config.wsl.defaultUser
];
};
}

View File

@ -1,6 +1,11 @@
{ config, lib, pkgs, ... }:
with builtins; with lib; {
{
config,
lib,
pkgs,
...
}:
with builtins;
with lib; {
options.wsl.docker-native = with types; {
enable = mkEnableOption "Native Docker integration in NixOS.";
@ -15,14 +20,13 @@ with builtins; with lib; {
};
};
config =
let
cfg = config.wsl.docker-native;
in
config = let
cfg = config.wsl.docker-native;
in
mkIf (config.wsl.enable && cfg.enable) {
nixpkgs.overlays = [
(self: super: {
docker = super.docker.override { iptables = pkgs.iptables-legacy; };
docker = super.docker.override {iptables = pkgs.iptables-legacy;};
})
];

View File

@ -1,11 +1,19 @@
{ config, lib, pkgs, ... }:
with builtins; with lib; {
{
config,
lib,
pkgs,
...
}:
with builtins;
with lib; {
config = mkIf config.wsl.enable (
let
mkTarball = pkgs.callPackage "${lib.cleanSource pkgs.path}/nixos/lib/make-system-tarball.nix";
pkgs2storeContents = map (x: { object = x; symlink = "none"; });
pkgs2storeContents = map (x: {
object = x;
symlink = "none";
});
rootfs = let tarball = config.system.build.tarball; in "${tarball}/tarball/${tarball.fileName}.tar${tarball.extension}";
@ -39,25 +47,39 @@ with builtins; with lib; {
passwd = pkgs.writeText "passwd" ''
root:x:0:0:System administrator:/root:${installer}
'';
in
{
in {
system.build.installer = mkTarball {
fileName = "nixos-wsl-installer";
compressCommand = "gzip";
compressionExtension = ".gz";
extraArgs = "--hard-dereference";
storeContents = with pkgs; pkgs2storeContents [
installer
];
storeContents = with pkgs;
pkgs2storeContents [
installer
];
contents = [
{ source = config.environment.etc."wsl.conf".source; target = "/etc/wsl.conf"; }
{ source = config.environment.etc."fstab".source; target = "/etc/fstab"; }
{ source = passwd; target = "/etc/passwd"; }
{ source = "${pkgs.busybox}/bin/busybox"; target = "/bin/sh"; }
{ source = "${pkgs.busybox}/bin/busybox"; target = "/bin/mount"; }
{
source = config.environment.etc."wsl.conf".source;
target = "/etc/wsl.conf";
}
{
source = config.environment.etc."fstab".source;
target = "/etc/fstab";
}
{
source = passwd;
target = "/etc/passwd";
}
{
source = "${pkgs.busybox}/bin/busybox";
target = "/bin/sh";
}
{
source = "${pkgs.busybox}/bin/busybox";
target = "/bin/mount";
}
];
extraCommands = pkgs.writeShellScript "prepare" ''
@ -66,8 +88,6 @@ with builtins; with lib; {
ln -s /init bin/wslpath
'';
};
}
);
}

View File

@ -1,9 +1,13 @@
{ lib, pkgs, config, ... }:
with builtins; with lib;
{
lib,
pkgs,
config,
...
}:
with builtins;
with lib; {
imports = [
(mkRenamedOptionModule [ "wsl" "compatibility" "interopPreserveArgvZero" ] [ "wsl" "interop" "preserveArgvZero" ])
(mkRenamedOptionModule ["wsl" "compatibility" "interopPreserveArgvZero"] ["wsl" "interop" "preserveArgvZero"])
];
options.wsl.interop = with types; {
@ -32,57 +36,56 @@ with builtins; with lib;
};
};
config =
let
cfg = config.wsl.interop;
in
config = let
cfg = config.wsl.interop;
in
mkIf config.wsl.enable {
boot.binfmt.registrations = mkIf cfg.register {
WSLInterop =
let
compat = cfg.preserveArgvZero;
WSLInterop = let
compat = cfg.preserveArgvZero;
# WSL Preview 0.58 and up registers the /init binfmt interp for Windows executable
# with the "preserve argv[0]" flag, so if you run `./foo.exe`, the interp gets invoked
# as `/init foo.exe ./foo.exe`.
# argv[0] --^ ^-- actual path
#
# Older versions expect to be called without the argv[0] bit, simply as `/init ./foo.exe`.
#
# We detect that by running `/init /known-not-existing-path.exe` and checking the exit code:
# the new style interp expects at least two arguments, so exits with exit code 1,
# presumably meaning "parsing error"; the old style interp attempts to actually run
# the executable, fails to find it, and exits with 255.
compatWrapper = pkgs.writeShellScript "nixos-wsl-binfmt-hack" ''
/init /nixos-wsl-does-not-exist.exe
[ $? -eq 255 ] && shift
exec /init "$@"
'';
# WSL Preview 0.58 and up registers the /init binfmt interp for Windows executable
# with the "preserve argv[0]" flag, so if you run `./foo.exe`, the interp gets invoked
# as `/init foo.exe ./foo.exe`.
# argv[0] --^ ^-- actual path
#
# Older versions expect to be called without the argv[0] bit, simply as `/init ./foo.exe`.
#
# We detect that by running `/init /known-not-existing-path.exe` and checking the exit code:
# the new style interp expects at least two arguments, so exits with exit code 1,
# presumably meaning "parsing error"; the old style interp attempts to actually run
# the executable, fails to find it, and exits with 255.
compatWrapper = pkgs.writeShellScript "nixos-wsl-binfmt-hack" ''
/init /nixos-wsl-does-not-exist.exe
[ $? -eq 255 ] && shift
exec /init "$@"
'';
# use the autodetect hack if unset, otherwise call /init directly
interpreter = if compat == null then compatWrapper else "/init";
# use the autodetect hack if unset, otherwise call /init directly
interpreter =
if compat == null
then compatWrapper
else "/init";
# enable for the wrapper and autodetect hack
preserveArgvZero = if compat == false then false else true;
in
{
magicOrExtension = "MZ";
fixBinary = true;
wrapInterpreterInShell = false;
inherit interpreter preserveArgvZero;
};
# enable for the wrapper and autodetect hack
preserveArgvZero =
if compat == false
then false
else true;
in {
magicOrExtension = "MZ";
fixBinary = true;
wrapInterpreterInShell = false;
inherit interpreter preserveArgvZero;
};
};
# Include Windows %PATH% in Linux $PATH.
environment.extraInit = mkIf cfg.includePath ''PATH="$PATH:$WSLPATH"'';
warnings =
let
registrations = config.boot.binfmt.registrations;
in
warnings = let
registrations = config.boot.binfmt.registrations;
in
optional (!(registrations ? WSLInterop) && (length (attrNames config.boot.binfmt.registrations)) != 0) "Having any binfmt registrations without re-registering WSLInterop (wsl.interop.register) will break running .exe files from WSL2";
};
}

View File

@ -1,42 +1,46 @@
{ lib, pkgs, config, ... }:
with builtins; with lib;
{
options.wsl = with types;
let
coercedToStr = coercedTo (oneOf [ bool path int ]) (toString) str;
in
{
enable = mkEnableOption "support for running NixOS as a WSL distribution";
automountPath = mkOption {
type = str;
default = "/mnt";
description = "The path where windows drives are mounted (e.g. /mnt/c)";
};
automountOptions = mkOption {
type = str;
default = "metadata,uid=1000,gid=100";
description = "Options to use when mounting windows drives";
};
defaultUser = mkOption {
type = str;
default = "nixos";
description = "The name of the default user";
};
startMenuLaunchers = mkEnableOption "shortcuts for GUI applications in the windows start menu";
wslConf = mkOption {
type = attrsOf (attrsOf (oneOf [ string int bool ]));
description = "Entries that are added to /etc/wsl.conf";
};
lib,
pkgs,
config,
...
}:
with builtins;
with lib; {
options.wsl = with types; let
coercedToStr = coercedTo (oneOf [bool path int]) toString str;
in {
enable = mkEnableOption "support for running NixOS as a WSL distribution";
automountPath = mkOption {
type = str;
default = "/mnt";
description = "The path where windows drives are mounted (e.g. /mnt/c)";
};
automountOptions = mkOption {
type = str;
default = "metadata,uid=1000,gid=100";
description = "Options to use when mounting windows drives";
};
defaultUser = mkOption {
type = str;
default = "nixos";
description = "The name of the default user";
};
startMenuLaunchers = mkEnableOption "shortcuts for GUI applications in the windows start menu";
wslConf = mkOption {
type = attrsOf (attrsOf (oneOf [string int bool]));
description = "Entries that are added to /etc/wsl.conf";
};
};
config =
let
cfg = config.wsl;
syschdemd = import ../syschdemd.nix { inherit lib pkgs config; inherit (cfg) automountPath defaultUser; defaultUserHome = config.users.users.${cfg.defaultUser}.home; };
in
config = let
cfg = config.wsl;
syschdemd = import ../syschdemd.nix {
inherit lib pkgs config;
inherit (cfg) automountPath defaultUser;
defaultUserHome = config.users.users.${cfg.defaultUser}.home;
};
in
mkIf cfg.enable {
wsl.wslConf = {
automount = {
enabled = true;
@ -57,9 +61,8 @@ with builtins; with lib;
hardware.opengl.enable = true; # Enable GPU acceleration
environment = {
etc = {
"wsl.conf".text = generators.toINI { } cfg.wslConf;
"wsl.conf".text = generators.toINI {} cfg.wslConf;
# DNS settings are managed by WSL
hosts.enable = !config.wsl.wslConf.network.generateHosts;
@ -67,7 +70,7 @@ with builtins; with lib;
};
systemPackages = [
(pkgs.runCommand "wslpath" { } ''
(pkgs.runCommand "wslpath" {} ''
mkdir -p $out/bin
ln -s /init $out/bin/wslpath
'')
@ -79,13 +82,13 @@ with builtins; with lib;
users.users.${cfg.defaultUser} = {
isNormalUser = true;
uid = 1000;
extraGroups = [ "wheel" ]; # Allow the default user to use sudo
extraGroups = ["wheel"]; # Allow the default user to use sudo
};
users.users.root = {
shell = "${syschdemd}/bin/syschdemd";
# Otherwise WSL fails to login as root with "initgroups failed 5"
extraGroups = [ "root" ];
extraGroups = ["root"];
};
security.sudo = {
@ -97,7 +100,7 @@ with builtins; with lib;
system.activationScripts = {
copy-launchers = mkIf cfg.startMenuLaunchers (
stringAfter [ ] ''
stringAfter [] ''
for x in applications icons; do
echo "Copying /usr/share/$x"
mkdir -p /usr/share/$x
@ -105,7 +108,7 @@ with builtins; with lib;
done
''
);
populateBin = stringAfter [ ] ''
populateBin = stringAfter [] ''
echo "setting up /bin..."
ln -sf /init /bin/wslpath
ln -sf ${pkgs.bashInteractive}/bin/bash /bin/sh
@ -134,6 +137,6 @@ with builtins; with lib;
enableEmergencyMode = false;
};
warnings = (optional (config.systemd.services.systemd-resolved.enable && config.wsl.wslConf.network.generateResolvConf) "systemd-resolved is enabled, but resolv.conf is managed by WSL");
warnings = optional (config.systemd.services.systemd-resolved.enable && config.wsl.wslConf.network.generateResolvConf) "systemd-resolved is enabled, but resolv.conf is managed by WSL";
};
}

View File

@ -1,19 +1,19 @@
{ lib
, pkgs
, config
, automountPath
, defaultUser
, defaultUserHome ? "/home/${defaultUser}"
, ...
{
lib,
pkgs,
config,
automountPath,
defaultUser,
defaultUserHome ? "/home/${defaultUser}",
...
}:
pkgs.substituteAll {
name = "syschdemd";
src = ./syschdemd.sh;
dir = "bin";
isExecutable = true;
buildInputs = with pkgs; [ daemonize ];
buildInputs = with pkgs; [daemonize];
inherit defaultUser defaultUserHome;
inherit (pkgs) daemonize;

View File

@ -1,15 +1,19 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [];
boot.initrd.availableKernelModules = [ ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = [];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
## NOTE: These filesystems are mounted by a wrapper script from nix-wsl
@ -43,25 +47,22 @@
# fsType = "drvfs";
# };
fileSystems."/mnt/c" =
{
device = "C:";
fsType = "drvfs";
};
fileSystems."/mnt/c" = {
device = "C:";
fsType = "drvfs";
};
fileSystems."/mnt/d" =
{
device = "D:";
fsType = "drvfs";
};
fileSystems."/mnt/d" = {
device = "D:";
fsType = "drvfs";
};
fileSystems."/mnt/f" =
{
device = "F:";
fsType = "drvfs";
};
fileSystems."/mnt/f" = {
device = "F:";
fsType = "drvfs";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,32 +1,38 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
# boot.initrd.kernelModules = [ "amdgpu" ];
boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-amd" "coretemp"];
boot.extraModulePackages = [ ];
boot.kernelModules = ["kvm-amd" "coretemp"];
boot.extraModulePackages = [];
fileSystems."/" =
# Might be wise to use /dev/nvme0p1 instead
{ device = "/dev/disk/by-uuid/27fc09b3-e3b7-4883-94a0-c313a0e0abe2";
{
device = "/dev/disk/by-uuid/27fc09b3-e3b7-4883-94a0-c313a0e0abe2";
fsType = "ext4";
};
fileSystems."/boot" =
# Might be wise to use /dev/nvme0p2 instead
{ device = "/dev/disk/by-uuid/EBA6-394D";
{
device = "/dev/disk/by-uuid/EBA6-394D";
fsType = "vfat";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,17 +23,15 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,16 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -19,17 +23,15 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" =
{ device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/sdb"; }
];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,17 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
@ -20,8 +23,8 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems = {
"/" = {
@ -35,8 +38,7 @@
};
};
swapDevices =
[{ device = "/dev/sdb"; }];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,17 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader.grub.extraConfig = ''
@ -22,14 +26,12 @@
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
fileSystems."/" =
{ device = "/dev/sda";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/sdb"; }
];
swapDevices = [{device = "/dev/sdb";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View File

@ -1,10 +1,7 @@
{ lib, ... }:
with lib;
let
{lib, ...}:
with lib; let
nixos-wsl = import ./nixos-wsl;
in
{
in {
imports = [
./configuration.nix
nixos-wsl.nixosModules.wsl
@ -21,9 +18,7 @@ in
# Enable integration with Docker Desktop (needs to be installed)
docker-desktop.enable = true;
};
# users.users.<defaultUser>.uid = 1000;
# networking.hostName = "nixos";
}

View File

@ -0,0 +1,11 @@
{
inputs,
cell,
}: let
inherit (inputs) std nixpkgs;
in {
default = std.lib.dev.mkShell {
name = "default";
imports = [inputs.std.std.devshellProfiles.default];
};
}

View File

@ -0,0 +1,24 @@
{
inputs,
cell,
}: let
inherit (inputs.nixpkgs) system;
inherit (inputs.nix-boost.pkgs."${system}".mypkgs) poetry2nix;
inherit (poetry2nix) mkPoetryApplication defaultPoetryOverrides;
in {
kpcli-py = mkPoetryApplication {
projectDir = inputs.kpcli-py;
overrides = defaultPoetryOverrides.extend (self: super: {
# TODO: add this to upstream poetry2nix
tableformatter = super.tableformatter.overridePythonAttrs (old: {
buildInputs = (old.buildInputs or []) ++ [self.setuptools self.cython_3];
src = old.src;
});
kpcli = super.kpcli.overridePythonAttrs (old: {
buildInputs = (old.buildInputs or []) ++ [self.setuptools];
});
});
};
}

View File

@ -0,0 +1,47 @@
# TODO: this should use winnow with a fair matching of supported systems
{
inputs,
cell,
}: let
inherit (cell) home-profiles home-modules;
inherit (inputs) home-manager;
pkgs = inputs.nixpkgs;
# hm is derivation that is compatible with homeConfigurations
home-config = {supported_systems, hm, tested_systems ? []}:
hm // {
_supported_systems = supported_systems;
_tested_systems = tested_systems;
};
base-modules = [
home-profiles.alacritty
# home-profiles.git
home-profiles.ssh
home-profiles.shells
({config.programs.home-manager.enable = true;})
home-profiles.nix-index
home-profiles.neovim
];
in {
homeConfigurations.htran = home-config {
supported_systems = ["aarch64-darwin" "x86_64-darwin"];
tested_systems = ["aarch64-darwin"];
hm = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = base-modules ++ [
home-profiles.nerd_font_module
home-profiles.git-htran
home-profiles.dev-packages
home-profiles.zk
home-modules.darwin-spotlight
({
home.username = "htran";
home.homeDirectory = "/Users/htran";
home.stateVersion = "23.11";
})
];
};
};
}

View File

@ -0,0 +1,250 @@
# This is an interface for home-profiles and should not contain opinionated
# configurations. It should provide alternative configurations, aggregates
# or new configurations
_imports@{ inputs, cell }:
let
namespace = "repo";
imports = _imports // { inherit namespace; };
in
{
git = { config, lib, ... }:
let
cfg = config."${namespace}".git;
baseAliases = {
a = "add";
c = "commit";
ca = "commit --amend";
cm = "commit -m";
lol = "log --graph --decorate --pretty=oneline --abbrev-commit";
lola = "log --graph --decorate --pretty=oneline --abbrev-commit --all";
sts = "status";
co = "checkout";
b = "branch";
};
default-user = "Pegasust";
default-email = "pegasucksgg@gmail.com";
in
{
options."${namespace}".git = {
aliases = lib.mkOption {
type = lib.types.attrs;
default = { };
example = baseAliases;
description = ''
Additional git aliases. This settings comes with base configuration.
Redeclaring the base config will override the values.
''; # TODO: Add baseAliases as string here (builtins.toString doesn't work)
};
name = lib.mkOption {
type = lib.types.str;
default = default-user;
description = "Git username that appears on commits";
example = default-user;
};
email = lib.mkOption {
type = lib.types.str;
default = default-email;
example = default-email;
description = "Git email that appears on commits";
};
ignores = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [
".vscode" # vscode settings
".direnv" # .envrc cached outputs
".DS_Store" # MacOS users, amrite
];
description = ''
.gitignore patterns that are applied in every "${namespace}"sitory.
This is useful for IDE-specific settings.
'';
example = [ ".direnv" "node_modules" ];
};
enable = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Enables git
'';
example = false;
};
credentialCacheTimeoutSeconds = lib.mkOption {
type = lib.types.int;
default = 3000;
description = "Credential cache (in-memory store) for Git in seconds.";
example = 3000;
};
};
# TODO : anyway to override configuration?
# idk wtf I was thinking about. there is no context in this question
config.programs.git = {
inherit (cfg) enable ignores;
userName = cfg.name;
userEmail = cfg.email;
aliases = baseAliases // cfg.aliases;
extraConfig = {
# TODO: in the case of darwin, git always open up the built-in keychain.
# possibly something we can't really control since we don't have access to `nix-darwin`
credential.helper = "cache --timeout=${builtins.toString cfg.credentialCacheTimeoutSeconds}";
};
lfs.enable = true;
};
};
alacritty = { config, lib, ... }:
let
inherit (inputs.cells.repo.lib) fromYAML;
cfg = config."${namespace}".alacritty;
in
{
options."${namespace}".alacritty = {
font.family = lib.mkOption {
type = lib.types.nullOr lib.types.singleLineStr;
default = null;
description = ''
The font family for Alacritty
'';
example = "DroidSansMono NF";
};
font.size = lib.mkOption {
type = lib.types.nullOr lib.types.number;
default = 11.0;
description = ''
The default font size for Alacritty. This is probably measured in px.
'';
example = 7.0;
};
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enables alacritty
'';
example = true;
};
config-path = lib.mkOption {
type = lib.types.path;
description = "Path to alacritty yaml";
default = null;
example = "./config/alacritty.yaml";
};
};
config.programs.alacritty = {
enable = cfg.enable;
settings =
let
actualConfig =
if cfg.config-path != null then fromYAML (builtins.readFile cfg.config-path) else { };
in
lib.recursiveUpdate actualConfig {
font.normal.family = lib.mkIf (cfg.font.family != null) cfg.font.family;
font.size = lib.mkIf (cfg.font.size != null) cfg.font.size;
};
};
};
# TODO: chromium is not really supported on darwin
private_chromium = { config, pkgs, lib, ... }:
let
cfg = config."${namespace}".private_chromium;
in
{
options."${namespace}".private_chromium = {
enable = lib.mkOption {
type = lib.types.bool;
default = true;
example = false;
description = ''
Enable extremely lightweight chromium with vimium plugin
'';
};
};
config = lib.mkIf (cfg.enable) {
# home.packages = [pkgs.ungoogled-chromium];
programs.chromium = {
enable = true;
package = pkgs.ungoogled-chromium;
extensions =
let
# TODO: how about a chrome extension registry?
mkChromiumExtForVersion = browserVersion: { id, sha256, extVersion, ... }:
{
inherit id;
crxPath = builtins.fetchurl {
url = "https://clients2.google.com/service/update2/crx" +
"?response=redirect" +
"&acceptformat=crx2,crx3" +
"&prodversion=${browserVersion}" +
"&x=id%3D${id}%26installsource%3Dondemand%26uc";
name = "${id}.crx";
inherit sha256;
};
version = extVersion;
};
mkChromiumExt = mkChromiumExtForVersion (lib.versions.major pkgs.ungoogled-chromium.version);
in
[
# vimium
(mkChromiumExt {
id = "dbepggeogbaibhgnhhndojpepiihcmeb";
sha256 = "00qhbs41gx71q026xaflgwzzridfw1sx3i9yah45cyawv8q7ziic";
extVersion = "1.67.4";
})
];
};
};
};
darwin-spotlight = { lib, pkgs, config, ... }: {
# This patch exists since Darwin's search bar requires solid apps and not
# symlinked
# TODO: QA
# - [x] works for base case
# - [x] works for repeated case
# - [ ] works after base case, then removed
# - [ ] works for repeated case, then removed
# Copy GUI apps to "~/Applications/Home Manager Apps"
# Based on this comment: https://github.com/nix-community/home-manager/issues/1341#issuecomment-778820334
home.activation.patch-spotlight =
if pkgs.stdenv.isDarwin then
let
apps = pkgs.buildEnv {
name = "home-manager-applications";
paths = config.home.packages;
pathsToLink = "/Applications";
};
in
lib.hm.dag.entryAfter [ "linkGeneration" ] ''
# Install MacOS applications to the user environment.
HM_APPS="$HOME/Applications/Home Manager Apps"
# Reset current state
if [ -e "$HM_APPS" ]; then
$DRY_RUN_CMD mv "$HM_APPS" "$HM_APPS.$(date +%Y%m%d%H%M%S)"
fi
$DRY_RUN_CMD mkdir -p "$HM_APPS"
# .app dirs need to be actual directories for Finder to detect them as Apps.
# In the env of Apps we build, the .apps are symlinks. We pass all of them as
# arguments to cp and make it dereference those using -H
$DRY_RUN_CMD cp --archive -H --dereference ${apps}/Applications/* "$HM_APPS"
$DRY_RUN_CMD chmod +w -R "$HM_APPS"
''
else
"";
# We need this in case upstream home-manager changes the behavior of linking
# applications
home.activation.remove-patch-spotlight =
if pkgs.stdenv.isDarwin then
lib.hm.dag.entryBefore [ "checkLinkTargets" ] ''
HM_APPS="$HOME/Applications/Home Manager Apps"
# Reset current state
if [ -e "$HM_APPS" ]; then
$DRY_RUN_CMD mv "$HM_APPS" "$HM_APPS.$(date +%Y%m%d%H%M%S)"
fi
''
else
"";
};
}

View File

@ -0,0 +1,47 @@
{
inputs,
cell,
namespace,
}: {
pkgs,
config,
lib,
...
}: let
cfg = config."${namespace}".graphics;
cfgEnable = cfg.enable or (cfg.useNixGL.defaultPackage != null);
types = lib.types;
in {
imports = [./shells.nix];
options."${namespace}".nixgl = {
enable = lib.mkEnableOption "nixgl";
useNixGL = {
package = lib.mkPackageOption pkgs "nixGL package" {
default = [
"nixgl"
"auto"
"nixGLDefault"
];
};
defaultPackage = lib.mkOption {
type = types.nullOr (types.enum ["nixGLIntel" "nixGLNvidia" "nixGLNvidiaBumblebee"]);
description = "Which nixGL package to be aliased as `nixGL` on the shell";
default = null;
example = "nixGLIntel";
};
};
};
# NOTE: importing shells does not mean we're enabling everything, if we do mkDefault false
# but the dilemma is, if the user import BOTH graphics.nix and shells.nix
# they will also need to do `config."${namespace}".shells.enable`
# generally, we want the behavior: import means enable
config = lib.mkIf cfgEnable {
"${namespace}".graphics._enable = lib.mkForce true;
"${namespace}".shells = {
shellAliases = lib.mkIf (cfg.useNixGL.defaultPackage != null) {
nixGL = cfg.useNixGL.defaultPackage;
};
};
home.packages = [cfg.useNixGL.package];
};
}

View File

@ -0,0 +1,200 @@
# This creates a layer that is specific to some profiles, but may require
# some variants in environment like username/email, work-oriented or personal
# and many more
_imports @ {
inputs,
cell,
}: let
# TODO: I don't think abstracting namespace away is a good idea in this case
namespace = "repo";
imports = _imports // {inherit namespace;};
inherit (cell) home-modules;
in {
neovim = import ./neovim.nix imports;
nerd_font_module = {
config,
pkgs,
...
}: {
config.fonts.fontconfig.enable = true;
config.home.packages = [
(pkgs.nerdfonts.override {fonts = ["Hack"];})
];
config."${namespace}".alacritty.font.family = "Hack Nerd Font Mono";
};
secrets = {
age.secrets.s3fs = {
file = "${inputs.self}/secrets/s3fs.age";
# mode = "600"; # owner + group only
# owner = "hungtr";
# group = "users";
};
age.secrets."s3fs.digital-garden" = {
file = "${inputs.self}/secrets/s3fs.digital-garden.age";
};
age.secrets._nhitrl_cred = {
file = "${inputs.self}/secrets/_nhitrl.age";
};
age.secrets."wifi.env" = {
file = "${inputs.self}/secrets/wifi.env.age";
};
};
ssh = {
config,
lib,
...
}: let
cfg = config."${namespace}".ssh;
in {
options."${namespace}".ssh.enable = lib.mkOption {
type = lib.types.bool;
default = true;
example = false;
description = ''
Enables SSH
'';
};
config.programs.ssh = {
inherit (cfg) enable;
forwardAgent = true;
includes = ["${inputs.self}/native_configs/ssh/config"];
};
};
alacritty = {
config,
lib,
...
}: let
cfg = config."${namespace}".alacritty;
in {
imports = [
inputs.cells.repo.home-modules.alacritty
];
config."${namespace}".alacritty = {
enable = true;
config-path = "${inputs.self}//native_configs/alacritty/alacritty.yml";
font.size = 11.0;
font.family = "Hack Nerd Font Mono";
};
};
shells = import ./shells.nix imports;
git = {
config,
pkgs,
lib,
...
}: let
baseAliases = {
a = "add";
c = "commit";
ca = "commit --amend";
cm = "commit -m";
lol = "log --graph --decorate --pretty=oneline --abbrev-commit";
lola = "log --graph --decorate --pretty=oneline --abbrev-commit --all";
sts = "status";
co = "checkout";
b = "branch";
};
cfg = config."${namespace}".profile.git;
in {
imports = [
home-modules.git
];
options."${namespace}".profile.git = {
aliases = lib.mkOption {
type = lib.types.attrs;
default = {};
example = baseAliases;
description = ''
Additional git aliases. This config is merged on top of base aliases.
'';
};
name = lib.mkOption {
type = lib.types.str;
default = "Pegasust";
description = "Git username that appears on commits";
example = "Pegasust";
};
email = lib.mkOption {
type = lib.types.str;
default = "pegasucksgg@gmail.com";
example = "peagsucksgg@gmail.com";
description = "Git email that appears on commits";
};
ignores = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [
".vscode" # vscode settings
".direnv" # .envrc cached outputs
".DS_Store" # MacOS users, amrite
];
description = ''
.gitignore patterns that are applied in every repository.
This is useful for IDE-specific or environment-specific settings.
'';
example = [".direnv" "node_modules"];
};
};
# WARNING: This should be completed wtf
config."${namespace}".git = {
inherit (cfg) name email ignores aliases;
enable = true;
};
};
git-htran = {
imports = [inputs.cells.repo.home-profiles.git];
config."${namespace}".profile.git = {
name = "htran";
email = "htran@egihosting.com";
};
};
git-pegasust = {
imports = [inputs.cells.repo.home-profiles.git];
config."${namespace}".profile.git = {
email = "pegasucksgg@gmail.com";
name = "pegasust";
};
};
dev-packages = let pkgs = inputs.nixpkgs; in {
programs.jq.enable = true;
home.packages = [
pkgs.htop
pkgs.ripgrep
pkgs.unzip
pkgs.zip
pkgs.yq-go
pkgs.mosh
pkgs.python310
];
};
# Local nixpkgs search and fallback if command not found to search from nixpkgs
nix-index = {
imports = [
inputs.nix-index-database.hmModules.nix-index
];
config.programs.nix-index = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
};
};
# digital garden stack
zk = {
config.xdg.configFile."zk/config.toml".source = "${inputs.self}/native_configs/zk/config.toml";
# NB: this is done with lib.mkMerge
config.home.packages = [
inputs.nixpkgs.zk
];
};
}

View File

@ -0,0 +1,178 @@
# TODO: vim-plug and Mason supports laziness. Probably worth it to explore incremental dependencies based on the project TODO: just install these things, then symlink to mason's bin directory
#
# One thing to consider, though, /nix/store of `nix-shell` or `nix-develop`
# might be different from `home-manager`'s (~/.nix_profile/bin/jq)
{
inputs,
cell,
namespace,
}: {
pkgs,
lib,
config,
...
}: let
# NOTE: Add packages to nvim_pkgs instead, so that it's available at userspace
# and is added to the path after wrapping.
# check: nix repl `homeConfigurations.hungtr.config.programs.neovim.finalPackage.buildCommand`
# see: :/--suffix.*PATH
# there should be mentions of additional packages
my_neovim = pkgs.neovim-unwrapped;
inherit (inputs.nixpkgs) system;
nvim_pkgs =
[
# pkgs.gccStdenv
pkgs.tree-sitter
pkgs.fzf # file name fuzzy search
pkgs.ripgrep # content fuzzy search
pkgs.zk # Zettelkasten (limited support)
pkgs.fd # Required by a Telescope plugin (?)
pkgs.stdenv.cc.cc.lib
pkgs.nil # oxalica's better nix language server
inputs.nix-boost.packages."${system}".rust4cargo
pkgs.nickel
pkgs.nls
pkgs.go # doesn't work, Mason installs from runtime path
# Language-specific stuffs
pkgs.sumneko-lua-language-server
# pkgs.python3Packages.python-lsp-server
pkgs.nodePackages.pyright
pkgs.python3Packages.pylint
pkgs.python3Packages.flake8
# FIXME: installing ansible from here just doesn't work :/
# pkgs.ansible-lint
# pkgs.python38Packages.ansible
# pkgs.ansible-language-server
# TODO: the devShell should provide rust-analyzer so that
# cargo test builds binaries compatible with rust-analyzer
# pkgs.rust-analyzer
# rust_pkgs
# pkgs.evcxr # Rust REPL for Conjure!
]
++ lib.optionals (pkgs.stdenv.isDarwin) (
let
inherit (pkgs.darwin.apple_sdk.frameworks) System CoreFoundation;
in [
System
CoreFoundation
]
);
in {
options.base.neovim = {
enable = lib.mkOption {
default = true;
description = "enable personalized neovim as default editor";
type = lib.types.bool;
example = false;
};
};
config = lib.mkIf config.base.neovim.enable {
# home-manager
programs.neovim = {
enable = true;
package = my_neovim;
viAlias = true;
vimAlias = true;
withPython3 = true;
withNodeJs = true;
# NOTE: this adds path to the wrapped version of neovim
extraPackages = nvim_pkgs;
extraLuaConfig = builtins.readFile "${inputs.self}/native_configs/neovim/init.lua";
plugins = let
inherit
(inputs.nixpkgs-latest.legacyPackages.${system}.vimPlugins)
plenary-nvim
nvim-treesitter
nvim-treesitter-textobjects
nvim-treesitter-context
telescope-fzf-native-nvim
telescope-file-browser-nvim
telescope-nvim
nvim-lspconfig
gruvbox-community
neodev-nvim
cmp-nvim-lsp
cmp-path
cmp-buffer
cmp-cmdline
nvim-cmp
lspkind-nvim
nvim-autopairs
nvim-ts-autotag
guess-indent-nvim
harpoon
zk-nvim
luasnip
fidget-nvim
rust-tools-nvim
cmp_luasnip
gitsigns-nvim
indent-blankline-nvim
lualine-nvim
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
;
in [
plenary-nvim
nvim-treesitter.withAllGrammars
nvim-treesitter-textobjects
telescope-fzf-native-nvim
telescope-file-browser-nvim
telescope-nvim
nvim-lspconfig
gruvbox-community
neodev-nvim
cmp-nvim-lsp
cmp-path
cmp-buffer
cmp-cmdline
nvim-cmp
lspkind-nvim
nvim-autopairs
nvim-ts-autotag
guess-indent-nvim
harpoon
zk-nvim
luasnip
nvim-treesitter-context
fidget-nvim
rust-tools-nvim
cmp_luasnip
gitsigns-nvim
indent-blankline-nvim
lualine-nvim
mason-lspconfig-nvim
mason-nvim
neogit
nlua-nvim
nvim-jqx
nvim-surround
nvim-web-devicons
playground
todo-comments-nvim
trouble-nvim
vim-dispatch
vim-dispatch-neovim
vim-fugitive
vim-jack-in
];
};
# home.packages = nvim_pkgs;
};
}

Some files were not shown because too many files have changed in this diff Show More