From 33e0c3f4c6e9f592d95bcf882ab1b70dcb26d52f Mon Sep 17 00:00:00 2001 From: Stefan Junker Date: Sat, 15 Apr 2023 12:21:22 +0200 Subject: [PATCH] feat: flakify, gnome3 chore: nix fmt refactor: split out more home-manager programs feat: migrate shell as flake devShell feat: initial flake structure with colmena feat: migrate elias-e525 to colmena feat: migrate steveej-t14 with colmena feat: configure chromium extensions chore: remove all overlays and package overrides chore: delete some of _archive feat: migrate vmd102066 feat: migrate sj-vps-htz0 --- .envrc | 8 +- .gitignore | 1 + .vscode/settings.json | 5 +- README.md | 31 +- .../nixos-configuration/common/pkg/neovim.nix | 10 - .../nixos-configuration/common/pkg/vim.nix | 7 - .../common/user/steveej.nix | 20 - default.nix | 1 - flake-sandbox/flake.lock | 27 + flake-sandbox/flake.nix | 142 ++++++ flake.lock | 146 +++++- flake.nix | 58 ++- nix/devShells.nix | 58 +++ .../configuration/graphical-fullblown.nix | 471 ++++++++---------- .../configuration/graphical-gnome3.nix | 137 +---- .../configuration/graphical-removable.nix | 198 ++++---- .../configuration/text-minimal.nix | 37 +- nix/home-manager/profiles/common.nix | 47 +- nix/home-manager/profiles/qtile-desktop.nix | 103 +--- nix/home-manager/programs/chromium.nix | 54 +- nix/home-manager/programs/emacs.nix | 22 - nix/home-manager/programs/espanso.nix | 64 +++ nix/home-manager/programs/gnome-desktop.nix | 112 +++++ nix/home-manager/programs/gpg-agent.nix | 14 + nix/home-manager/programs/homeshick.nix | 2 +- nix/home-manager/programs/libreoffice.nix | 5 - nix/home-manager/programs/neovim.nix | 9 +- nix/home-manager/programs/pass.nix | 12 +- nix/home-manager/programs/podman.nix | 144 ------ nix/home-manager/programs/redshift.nix | 24 + nix/home-manager/programs/vscode/default.nix | 1 + nix/home-manager/programs/zsh.nix | 25 +- nix/modules/flake-parts/colmena.nix | 7 + nix/modules/flake-parts/perSystem/default.nix | 38 ++ nix/os/devices/elias-e525/default.nix | 29 ++ nix/os/devices/elias-e525/flake.lock | 65 +++ nix/os/devices/elias-e525/flake.nix | 10 + nix/os/devices/elias-e525/pkg.nix | 32 +- nix/os/devices/elias-e525/system.nix | 5 - nix/os/devices/elias-e525/versions.nix | 26 - nix/os/devices/elias-e525/versions.tmpl.nix | 34 -- .../README.md | 0 .../boot.nix | 0 .../configuration.nix | 0 .../default.nix | 26 + .../flake.lock | 99 ++++ .../flake.nix | 12 + .../hw.nix | 0 .../pkg.nix | 0 .../system.nix | 4 - .../versions.nix | 0 .../versions.tmpl.nix | 0 nix/os/devices/steveej-t14/default.nix | 27 + nix/os/devices/steveej-t14/flake.lock | 99 ++++ nix/os/devices/steveej-t14/flake.nix | 12 + nix/os/devices/steveej-t14/pkg.nix | 31 +- nix/os/devices/steveej-t14/system.nix | 24 +- nix/os/devices/steveej-t14/versions.nix | 36 -- nix/os/devices/steveej-t14/versions.tmpl.nix | 41 -- .../vmd102066.contaboserver.net/default.nix | 26 + .../vmd102066.contaboserver.net/flake.lock | 99 ++++ .../vmd102066.contaboserver.net/flake.nix | 12 + .../vmd102066.contaboserver.net/pkg.nix | 8 - .../vmd102066.contaboserver.net/system.nix | 31 +- .../vmd102066.contaboserver.net/versions.nix | 23 - .../versions.tmpl.nix | 26 - nix/os/profiles/common/configuration.nix | 2 - nix/os/profiles/common/pkg.nix | 49 +- nix/os/profiles/common/system.nix | 17 +- nix/os/profiles/containers/configuration.nix | 2 - nix/os/profiles/graphical/system.nix | 63 ++- nix/os/profiles/podman/configuration.nix | 182 ------- nix/overlays/default.nix | 5 - nix/overlays/overrides.nix | 34 -- nix/overlays/pkgs.nix | 14 - nix/overlays/posh.nix | 16 - nix/pkgs/default.nix | 44 +- nix/variables/versions.nix | 12 +- shell.nix | 58 --- 79 files changed, 1797 insertions(+), 1578 deletions(-) delete mode 100644 _archive/nixos-configuration/common/pkg/neovim.nix delete mode 100644 _archive/nixos-configuration/common/pkg/vim.nix delete mode 100644 _archive/nixos-configuration/common/user/steveej.nix create mode 100644 flake-sandbox/flake.lock create mode 100644 flake-sandbox/flake.nix create mode 100644 nix/devShells.nix delete mode 100644 nix/home-manager/programs/emacs.nix create mode 100644 nix/home-manager/programs/espanso.nix create mode 100644 nix/home-manager/programs/gnome-desktop.nix create mode 100644 nix/home-manager/programs/gpg-agent.nix delete mode 100644 nix/home-manager/programs/podman.nix create mode 100644 nix/home-manager/programs/redshift.nix create mode 100644 nix/modules/flake-parts/colmena.nix create mode 100644 nix/modules/flake-parts/perSystem/default.nix create mode 100644 nix/os/devices/elias-e525/default.nix create mode 100644 nix/os/devices/elias-e525/flake.lock create mode 100644 nix/os/devices/elias-e525/flake.nix delete mode 100644 nix/os/devices/elias-e525/versions.nix delete mode 100644 nix/os/devices/elias-e525/versions.tmpl.nix rename nix/os/devices/{167.233.1.14 => sj-vps-htz0.infra.stefanjunker.de}/README.md (100%) rename nix/os/devices/{167.233.1.14 => sj-vps-htz0.infra.stefanjunker.de}/boot.nix (100%) rename nix/os/devices/{167.233.1.14 => sj-vps-htz0.infra.stefanjunker.de}/configuration.nix (100%) create mode 100644 nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/default.nix create mode 100644 nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/flake.lock create mode 100644 nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/flake.nix rename nix/os/devices/{167.233.1.14 => sj-vps-htz0.infra.stefanjunker.de}/hw.nix (100%) rename nix/os/devices/{167.233.1.14 => sj-vps-htz0.infra.stefanjunker.de}/pkg.nix (100%) rename nix/os/devices/{167.233.1.14 => sj-vps-htz0.infra.stefanjunker.de}/system.nix (95%) rename nix/os/devices/{167.233.1.14 => sj-vps-htz0.infra.stefanjunker.de}/versions.nix (100%) rename nix/os/devices/{167.233.1.14 => sj-vps-htz0.infra.stefanjunker.de}/versions.tmpl.nix (100%) create mode 100644 nix/os/devices/steveej-t14/default.nix create mode 100644 nix/os/devices/steveej-t14/flake.lock create mode 100644 nix/os/devices/steveej-t14/flake.nix delete mode 100644 nix/os/devices/steveej-t14/versions.nix delete mode 100644 nix/os/devices/steveej-t14/versions.tmpl.nix create mode 100644 nix/os/devices/vmd102066.contaboserver.net/default.nix create mode 100644 nix/os/devices/vmd102066.contaboserver.net/flake.lock create mode 100644 nix/os/devices/vmd102066.contaboserver.net/flake.nix delete mode 100644 nix/os/devices/vmd102066.contaboserver.net/versions.nix delete mode 100644 nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix delete mode 100644 nix/os/profiles/podman/configuration.nix delete mode 100644 nix/overlays/default.nix delete mode 100644 nix/overlays/overrides.nix delete mode 100644 nix/overlays/pkgs.nix delete mode 100644 nix/overlays/posh.nix delete mode 100644 shell.nix diff --git a/.envrc b/.envrc index 64034fb..d8f5b3d 100644 --- a/.envrc +++ b/.envrc @@ -1,7 +1 @@ -# if ! has nix_direnv_version || ! nix_direnv_version 1.5.1; then -# source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/1.5.1/direnvrc" "sha256-p4CDMJjuBmEh9pkn2aoJrZqr0DlPZHPU7eXOSDzzcuo=" -# fi -# use_flake . --impure - -use nix - +use_flake . --impure diff --git a/.gitignore b/.gitignore index 06f83d9..92102e5 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ .*.log .env **/result +.direnv/ diff --git a/.vscode/settings.json b/.vscode/settings.json index d0eb512..df4ca93 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,3 +1,6 @@ { - "nixEnvSelector.nixFile": "${workspaceRoot}/shell.nix" + "nixEnvSelector.nixFile": "${workspaceRoot}/shell.nix", + "[nix]": { + "editor.defaultFormatter": "kamadorueda.alejandra" + }, } diff --git a/README.md b/README.md index fc6658a..8184c89 100644 --- a/README.md +++ b/README.md @@ -29,14 +29,41 @@ In the unlikely case that you actually read this and have any questions please d - [x] annotate recipes with some documentation - [x] declare shell.nix with runtime deps - [x] partition/encrypt/format disks -- [ ] Document bootstrap process +- [x] Maybe make this a nix-overlay +- [x] refactor as a nix flake and adopt an existing framework + - [x] devShell version + - [x] ~~version templating~~ obsolete due to the usage of flakes + - [x] elias-e525 + - [x] steveej-t14 + - [x] contabo vps + - [x] sj-pve0 +- [ ] use an existing secret management framework +- [ ] adapt (or abandon?) _just_ recipes + - [ ] `rebuild-this-device` + - [ ] `update-this-device` + - [ ] `rebuild-remote-device` + - [ ] `update-remote-device` + + evaluate, and understand a path to using these tools in a pull-based fashion: + - [x] [colmena](https://github.com/zhaofengli/colmena) + * bootstrapping: https://github.com/zhaofengli/colmena/issues/68 + - [ ] deploy-rs +- [ ] 🚧 find a better alternative for the qtile-desktop + + current issues: + - floating windows often get lost in the background + - plugging in-/out- screen crashes the desktop + + evaluate: + - [ ] 🚧 gnome3 + pop-shell + - [ ] leftwm + eww (+ wayland?) +- [ ] (Re-)document bootstrap process - [ ] `apt install sudo cryptsetup` as a requirements on a deb admin machine - [ ] a new machine - [ ] an install media - [ ] Design disaster recovery - [ ] Automatic synchronization of other state files - see https://gitlab.com/steveeJ/nix-expressions/issues/2 - [ ] Recycle *\_archived* -- [x] Maybe make this a nix-overlay - [ ] container migrations - [ ] ensure DDNS is updated _before_ the containers are started diff --git a/_archive/nixos-configuration/common/pkg/neovim.nix b/_archive/nixos-configuration/common/pkg/neovim.nix deleted file mode 100644 index a6d50b8..0000000 --- a/_archive/nixos-configuration/common/pkg/neovim.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - config, - pkgs, - ... -} @ args: { - environment.systemPackages = [ - pkgs.xsel - (import ../../../pkg-configuration/vim-derivates/neovim.nix args) - ]; -} diff --git a/_archive/nixos-configuration/common/pkg/vim.nix b/_archive/nixos-configuration/common/pkg/vim.nix deleted file mode 100644 index 79a3384..0000000 --- a/_archive/nixos-configuration/common/pkg/vim.nix +++ /dev/null @@ -1,7 +0,0 @@ -{pkgs, ...} @ args: { - environment.systemPackages = [ - pkgs.xsel - (import ../../../pkg-configuration/vim-derivates/vim.nix - (args // {name = "vim";})) - ]; -} diff --git a/_archive/nixos-configuration/common/user/steveej.nix b/_archive/nixos-configuration/common/user/steveej.nix deleted file mode 100644 index 9cd4c3e..0000000 --- a/_archive/nixos-configuration/common/user/steveej.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - pkgs, - ... -}: let - passwords = import ../passwords.crypt.nix; - keys = import ../keys.nix; - inherit (import ../lib) mkUser; -in { - users.mutableUsers = false; - users.defaultUserShell = pkgs.zsh; - - users.extraUsers.steveej = mkUser { - uid = 1000; - hashedPassword = passwords.users.steveej; - }; - - security.pam.enableU2F = true; - security.pam.services.steveej.u2fAuth = true; -} diff --git a/default.nix b/default.nix index e386421..75e1dbb 100644 --- a/default.nix +++ b/default.nix @@ -5,6 +5,5 @@ # commands such as: # nix-build -A mypackage {pkgs ? import {}}: { - overlays = import ./nix/overlays; pkgs = import ./nix/pkgs {inherit pkgs;}; } diff --git a/flake-sandbox/flake.lock b/flake-sandbox/flake.lock new file mode 100644 index 0000000..b600a49 --- /dev/null +++ b/flake-sandbox/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1681091990, + "narHash": "sha256-ifIzhksUBZKp5WgCuoVhDY32qaEplXp7khzrB6zkaFc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "ea96b4af6148114421fda90df33cf236ff5ecf1d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake-sandbox/flake.nix b/flake-sandbox/flake.nix new file mode 100644 index 0000000..112447e --- /dev/null +++ b/flake-sandbox/flake.nix @@ -0,0 +1,142 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; + }; + outputs = { + self, + nixpkgs, + }: let + system = "x86_64-linux"; + pkgs = import nixpkgs {inherit system;}; + in { + devShells."${system}".default = pkgs.mkShell { + packages = with pkgs; + with pkgs.gnome; [ + hexchat + audacity + proot + yubikey-manager-qt + cheese + remmina + exiv2 + wireshark-qt + seahorse + kotatogram-desktop + usbutils + networkmanagerapplet + sshfs-fuse + pavucontrol + libwebcam + just + eog + git-crypt + espanso + unetbootin + vcsh + skypeforlinux + du-dust + bind + teamviewer + gparted + neovim + inkscape + rustdesk + gnome-themes-extra + pass + xdg-user-dirs + cbatticon + yubikey-personalization-gui + zoom + signal-desktop + xorg.xbacklight + vscode + ripgrep + lightdm + nixpkgs-fmt + git-lfs + qtpass + gimp + lxappearance + flameshot + thunderbird + fprintd + chromium + evtest + alejandra + vlc + pastebinit + evolution + zbar + libreoffice + brave + pidgin + direnv + xorg.xhost + lorri + firefox + logseq + x11_ssh_askpass + xsel + feh + htop + openvpn + syncthing + ncdu + rofi-pass + testdisk + vanilla-dmz + wireguard-tools + xarchive + gnome-icon-theme + wget + nix-index + mr + passff-host + browserpass + xorg.xcursorthemes + gitRepo + gitSVN + androidenv.androidPkgs_9_0.platform-tools + + # introduces python + (qtile.passthru.unwrapped.overrideAttrs (oldAttrs: { + propagatedBuildInputs = + [] + # ++ oldAttrs.passthru.unwrapped.propagatedBuildInputs + # ++ (with pkgs.python3Packages; [ + # # python-wifi + # # iwlib + # keyring + # ]) + ; + + makeWrapperArgs = + oldAttrs.makeWrapperArgs + ++ [ + "--prefix PATH : ${pkgs.lib.makeBinPath oldAttrs.propagatedBuildInputs}" + ]; + })) + + # gi-docgen + # yelp-tools + # scons + # autorandr + # arandr + # meson + # mercurial + # unrar-wrapper + # orca + # radicale + # criu + # gnome-music + # gnome-browser-connector + # radicale + # hplip + # qtile + # gtk-doc + # asciidoc + # meson + ]; + }; + }; +} diff --git a/flake.lock b/flake.lock index 05e32b5..333393d 100644 --- a/flake.lock +++ b/flake.lock @@ -1,12 +1,131 @@ { "nodes": { + "colmena": { + "inputs": { + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "stable": "stable" + }, + "locked": { + "lastModified": 1675730932, + "narHash": "sha256-XcmirehPIcZGS7PzkS3WvAYQ9GBlBvCxYToIOIV2PVE=", + "owner": "zhaofengli", + "repo": "colmena", + "rev": "e034c15825c439131e4489de5a82cf8e5398fa61", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "repo": "colmena", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1680392223, + "narHash": "sha256-n3g7QFr85lDODKt250rkZj2IFS3i4/8HBU2yKHO3tqw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "dcc36e45d054d7bb554c9cdab69093debd91a0b5", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "get-flake": { + "locked": { + "lastModified": 1673819588, + "narHash": "sha256-gRtwKAlu4htvS6dxyZnW3n+vMS1acqnMGVHqxUdETeY=", + "owner": "ursi", + "repo": "get-flake", + "rev": "e0917b6f564aa5acefb1484b5baf76da21746c3c", + "type": "github" + }, + "original": { + "owner": "ursi", + "repo": "get-flake", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1679224734, - "narHash": "sha256-1Ab3xY7Wgo1h1TNwRt6fp2XjV+KUo+hP1Bolh0KiDJs=", + "lastModified": 1674641431, + "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "dir": "lib", + "lastModified": 1680213900, + "narHash": "sha256-cIDr5WZIj3EkKyCgj/6j3HBH4Jj1W296z7HTcWj1aMA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e3652e0735fbec227f342712f180f4f21f0594f2", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1681696129, + "narHash": "sha256-Ba2y1lmsWmmAOAoTD5G9UnTS/UqV0ZFyzysgdfu7qag=", "owner": "nixos", "repo": "nixpkgs", - "rev": "eac7da7b519a5aefe92c33c90b4450a24ebe0ab3", + "rev": "de66115c552acc4e0c0f92c5a5efb32e37dfa216", "type": "github" }, "original": { @@ -18,7 +137,26 @@ }, "root": { "inputs": { - "nixpkgs": "nixpkgs" + "colmena": "colmena", + "flake-parts": "flake-parts", + "get-flake": "get-flake", + "nixpkgs": "nixpkgs_2" + } + }, + "stable": { + "locked": { + "lastModified": 1669735802, + "narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "731cc710aeebecbf45a258e977e8b68350549522", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index 104115e..ea8bbb1 100644 --- a/flake.nix +++ b/flake.nix @@ -2,12 +2,60 @@ { inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; + flake-parts.url = "github:hercules-ci/flake-parts"; + get-flake.url = "github:ursi/get-flake"; + + colmena.url = "github:zhaofengli/colmena"; + # colmena.url = "/home/steveej/src/others/colmena"; }; - outputs = { - nixpkgs, + outputs = inputs @ { self, - }: { - formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra; - }; + flake-parts, + nixpkgs, + ... + }: let + inherit (nixpkgs) lib; + + systems = [ + "x86_64-linux" + "aarch64-linux" + ]; + in + flake-parts.lib.mkFlake {inherit inputs;} { + flake.colmena = + lib.lists.foldl (sum: cur: lib.attrsets.recursiveUpdate sum cur) + { + meta.nixpkgs = import inputs.nixpkgs.outPath { + system = builtins.elemAt systems 0; + }; + } + (builtins.map (nodeName: + import ./nix/os/devices/${nodeName} { + repoFlake = self; + }) [ + "steveej-t14" + "elias-e525" + "vmd102066.contaboserver.net" + "sj-vps-htz0.infra.stefanjunker.de" + ]); + + inherit systems; + + perSystem = { + inputs', + system, + config, + lib, + pkgs, + ... + }: { + imports = [ + ./nix/modules/flake-parts/perSystem/default.nix + ]; + + formatter = pkgs.alejandra; + devShells.default = import ./nix/devShells.nix {inherit inputs' pkgs;}; + }; + }; } diff --git a/nix/devShells.nix b/nix/devShells.nix new file mode 100644 index 0000000..0fb8ff1 --- /dev/null +++ b/nix/devShells.nix @@ -0,0 +1,58 @@ +{ + inputs', + pkgs, +}: +pkgs.stdenv.mkDerivation { + name = "infra-env"; + buildInputs = + [ + (with pkgs.callPackage (pkgs.path + "/nixos") {configuration = {};}; + with config.system.build; [ + nixos-generate-config + nixos-install + nixos-enter + manual.manpages + ]) + ] + ++ (with pkgs; [ + inputs'.colmena.packages.colmena + nixos-install-tools + dconf2nix + + just + git-crypt + vcsh + gnupg + git + ripgrep + lm_sensors + + apacheHttpd + + vncdo + tesseract + imagemagick + + nmap + sysstat + lshw + xxHash + linssid + wavemon + wirelesstools + + zathura + xorg.xwininfo + glxinfo + autorandr + arandr + playerctl + x11docker + fwupd + + ntfy + ]); + + # Set Environment Variables + RUST_BACKTRACE = 1; +} diff --git a/nix/home-manager/configuration/graphical-fullblown.nix b/nix/home-manager/configuration/graphical-fullblown.nix index 133650b..2863a28 100644 --- a/nix/home-manager/configuration/graphical-fullblown.nix +++ b/nix/home-manager/configuration/graphical-fullblown.nix @@ -1,307 +1,228 @@ -{pkgs}: let - zshCurried = import ../programs/zsh.nix {inherit pkgs;}; -in - { - pkgs, - config, - ... - }: let - # gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; - unstablepkgs = - import {config = config.nixpkgs.config;}; - masterpkgs = import {config = config.nixpkgs.config;}; - in { - imports = [ - ../profiles/common.nix - ../profiles/qtile-desktop.nix - ../profiles/dotfiles.nix - ../programs/firefox.nix - ../programs/chromium.nix - # FIXME: fix homeshick when no WAN connection is available - # ../programs/homeshick.nix - ../programs/libreoffice.nix - ../programs/neovim.nix - ../programs/pass.nix - zshCurried - ../programs/podman.nix - ../programs/vscode - ../programs/holochain-launcher.nix - ../programs/radicale.nix - ]; +{ + inputs, + pkgs, + config, + # these come in via home-manager.extraSpecialArgs and are specific to each node + nodeFlake, + packages', + ... +}: let + pkgsUnstable = pkgs.callPackage nodeFlake.inputs.nixpkgs-unstable.outPath {}; + pkgsMaster = pkgs.callPackage nodeFlake.inputs.nixpkgs-master.outPath {}; +in { + imports = [ + ../profiles/common.nix + ../profiles/dotfiles.nix + # FIXME: fix homeshick when no WAN connection is available + # ../programs/homeshick.nix - nixpkgs.config = { - pidgin = { - openssl = true; - gnutls = true; - }; + ../programs/redshift.nix + ../programs/espanso.nix + ../programs/gnome-desktop.nix + ../programs/gpg-agent.nix - packageOverrides = pkgs: with pkgs; {}; - }; + ../programs/radicale.nix - home.sessionVariables = { - # TODO: find a way to prevent using a store path for the current file - # HM_CONFIG_PATH=builtins.toString "${./.}"; - HM_CONFIG = "graphical-fullblown"; + ../programs/firefox.nix + ../programs/chromium.nix - GOPATH = "$HOME/src/go"; + ../programs/libreoffice.nix + ../programs/neovim.nix + ../programs/pass.nix + ../programs/vscode - PATH = pkgs.lib.concatStringsSep ":" ["$HOME/.local/bin" "$PATH"]; - }; + ../programs/holochain-launcher.nix + ]; - home.packages = - [] - ++ (with pkgs; [ - # Authentication - cacert - fprintd - openssl - mkpasswd + home.sessionVariables.HM_CONFIG = "graphical-fullblown"; + home.sessionVariables.GOPATH = "$HOME/src/go"; + home.sessionVariables.PATH = pkgs.lib.concatStringsSep ":" ["$HOME/.local/bin" "$PATH"]; - # Nix package related tools - patchelf - nix-index - nox - nix-prefetch-scripts - nix-prefetch-github + home.packages = + [] + ++ (with pkgs; [ + # Authentication + cacert + fprintd + openssl + mkpasswd - # Version Control Systems - pijul - gitless - gitRepo - git-lfs + # Nix package related tools + patchelf + nix-index + nix-prefetch-scripts + # nix-prefetch-github - # Process/System Administration - htop - gnome.gnome-tweaks - xorg.xhost - dmidecode - evtest + # Version Control Systems + gitFull + pijul + # gitless + gitRepo + git-lfs - # Archive Managers - sshfs-fuse - xarchive - p7zip - zip - unzip - gzip - lzop + # Process/System Administration + htop + # gnome.gnome-tweaks + xorg.xhost + dmidecode + evtest - # Password Management - gnupg - yubikey-manager - yubikey-manager-qt - yubikey-personalization - yubikey-personalization-gui - gnome.gnome-keyring - gnome.seahorse + # Archive Managers + sshfs-fuse + xarchive + p7zip + zip + unzip + gzip + lzop - # Language Support - hunspellDicts.en-us - hunspellDicts.de-de + # Password Management + gnupg + # yubikey-manager + yubikey-manager-qt + yubikey-personalization + yubikey-personalization-gui + gnome.gnome-keyring + # gnome.seahorse - # Messaging/Communication - signal-desktop - pidgin - hexchat - aspellDicts.en - aspellDicts.de - skypeforlinux - unstablepkgs.jitsi-meet-electron - thunderbird - evolution # gnome4.glib_networking - kotatogram-desktop - zoom-us - thunderbird - evolution # gnome4.glib_networking - gnome.cheese - masterpkgs.discord + # Language Support + hunspellDicts.en-us + hunspellDicts.de-de - # Virtualization - virtmanager - # (pkgs.lib.hiPrio qemu) - # virtualbox - # vagrant - # docker_compose - # unstablepkgs.kubernetes - # unstablepkgs.minikube - # unstablepkgs.openshift - # (unstablepkgs.minikube.overrideAttrs (oldAttrs: { - # patches = oldAttrs.patches ++ [ - # (builtins.fetchurl { url ="https://patch-diff.githubusercontent.com/raw/kubernetes/minikube/pull/2517.diff"; }) - # ]; - # })) - appimage-run + # Messaging/Communication + signal-desktop + pidgin + hexchat + aspellDicts.en + aspellDicts.de + skypeforlinux + pkgsUnstable.jitsi-meet-electron + thunderbird + evolution # gnome4.glib_networking + kotatogram-desktop + zoom-us + thunderbird + gnome.cheese + pkgsMaster.discord - # Remote Control Tools - remmina - freerdp - teamviewer - rustdesk + # Virtualization + # virtmanager - # Audio/Video Players - ffmpeg - vlc - audacity - spotify - youtube-dl-light - libwebcam + # Remote Control Tools + remmina + freerdp + teamviewer + rustdesk - # Network Tools - openvpn - tcpdump - iftop - iperf - bind - socat - # 2019-03-05: broken on 19.03 linssid - iptraf-ng - ipmitool + # Audio/Video Players + ffmpeg + vlc + audacity + spotify + # youtube-dl-light + libwebcam - iptables - nftables - wireshark - wireguard-tools + # Network Tools + openvpn + tcpdump + iftop + iperf + bind + socat + # 2019-03-05: broken on 19.03 linssid + iptraf-ng + ipmitool - # Code Editors - # unstablepkgs.atom - xclip - xsel + iptables + nftables + wireshark + wireguard-tools - # Image/Graphic/Design Tools - gnome.eog - gimp - imagemagick - exiv2 - graphviz - inkscape - # barcode - qrencode - zbar - feh - # digikam + # Code Editors + xclip + xsel - # Modelling Tools - # plantuml - # umlet - # staruml - # eclipses.eclipse-modeling - # dia - # astah-community + # Image/Graphic/Design Tools + gnome.eog + gimp + imagemagick + exiv2 + graphviz + inkscape + qrencode + zbar + feh - # Misc Development Tools - qrcode - # travis - jq - # prometheus - cdrtools + # TODO: remove or move these: Modelling Tools + # plantuml + # umlet + # staruml + # eclipses.eclipse-modeling + # dia + # astah-community - # Document Processing and Management - # zathura - mendeley - # zotero - pandoc - unstablepkgs.logseq + # Misc Development Tools + qrcode + jq + cdrtools - # has an EOL version of electron - # obsidian + # Document Processing and Management + mendeley + (pkgsUnstable.logseq.override (_: {electron = pkgs.electron_20;})) - # LaTeX - perlPackages.YAMLTiny - perlPackages.FileHomeDir - perlPackages.UnicodeLineBreak - (texlive.combine { - inherit - (texlive) - scheme-small - texlive-de - texlive-en - texlive-scripts - collection-langgerman - latexindent - latexmk - algorithms - cm-super - preprint - enumitem - draftwatermark - everypage - ulem - placeins - minted - ifplatform - fvextra - xstring - framed - ; - }) + # File Synchronzation + dropbox + rsync - pdftk - # broken as of 2021-04-24 - # masterpdfeditor + # Filesystem Tools + ntfs3g + ddrescue + ncdu + unetbootin + hdparm + testdisk + # binwalk + gptfdisk + gparted + smartmontools - # File Synchronzation - # seafile-client - # grive2 - dropbox - rsync + ## Android + androidenv.androidPkgs_9_0.platform-tools - # Filesystem Tools - ntfs3g - ddrescue - ncdu - woeusb - unetbootin - pcmanfm - hdparm - testdisk - binwalk - gptfdisk - gparted - smartmontools + ## Python + packages'.myPython - ## Android - androidenv.androidPkgs_9_0.platform-tools + # Misc Desktop Tools + ltunify + # dex + xorg.xbacklight + coreutils + lsof + xdotool + xdg_utils + xdg-user-dirs + dconf + picocom + glib.dev # contains gdbus tool + alacritty + wally-cli + man-pages - ## Python - myPython + # Screen recording + # gtk-recordmydesktop # can't select the window + # qt-recordmydesktop + # vokoscreen + # shutter + # kazam # doesn't start + # xvidcap # doesn't keep the recording rectangle + # obs-studio + # shotcut + # openshot-qt + # introduces python: screenkey - # Code generators - # unstablepkgs.swagger-codegen + pkgsUnstable.ledger-live-desktop + ]); - # Misc Desktop Tools - # TODO: this may be required if brightness control isn't working - # brightnessctl - ltunify - # solaar # TODO: conflicts with solar over udev rules - dex - # kitty - busyboxStatic - xorg.xbacklight - coreutils - lsof - x11_ssh_askpass - xdotool - xdg_utils - xdg-user-dirs - dconf - picocom - glib.dev # contains gdbus tool - alacritty - unstablepkgs.wally-cli - man-pages - - # Screen recording - # gtk-recordmydesktop # can't select the window - # qt-recordmydesktop - # vokoscreen - # shutter - # kazam # doesn't start - # xvidcap # doesn't keep the recording rectangle - obs-studio - screenkey - # shotcut - # openshot-qt - - unstablepkgs.ledger-live-desktop - ]); - } + systemd.user.startServices = true; + services.syncthing.enable = true; +} diff --git a/nix/home-manager/configuration/graphical-gnome3.nix b/nix/home-manager/configuration/graphical-gnome3.nix index 2bc669f..12e1948 100644 --- a/nix/home-manager/configuration/graphical-gnome3.nix +++ b/nix/home-manager/configuration/graphical-gnome3.nix @@ -1,124 +1,13 @@ -{pkgs}: let - zshCurried = import ../programs/zsh.nix {inherit pkgs;}; -in - { - pkgs, - config, - ... - }: let - unstablepkgs = - import {config = config.nixpkgs.config;}; - in { - imports = [ - ../profiles/common.nix - ../programs/firefox.nix - # ../programs/chromium.nix - # FIXME: fix homeshick when no WAN connection is available - # ../programs/homeshick.nix - ../programs/libreoffice.nix - ../programs/neovim.nix - ../programs/pass.nix - zshCurried - ]; - - nixpkgs.config = { - pidgin = { - openssl = true; - gnutls = true; - }; - - packageOverrides = pkgs: with pkgs; {}; - }; - - home.sessionVariables = {}; - - home.packages = - [] - ++ (with pkgs; [ - # Nix package related tools - patchelf - nix-index - nix-prefetch-scripts - - # Version Control Systems - gitless - - # Process/System Administration - htop - gnome.gnome-tweaks - xorg.xhost - dmidecode - evtest - - # Archive Managers - sshfs-fuse - xarchive - p7zip - zip - unzip - gzip - lzop - - # Password Management - gnome.gnome-keyring - gnome.seahorse - - # Remote Control Tools - remmina - freerdp - - # Network Tools - openvpn - tcpdump - iftop - iperf - bind - socat - - # samba - iptables - nftables - wireshark - - # Code Editors - xclip - xsel - unstablepkgs.vscode - - # Image/Graphic/Design Tools - gnome.eog - gimp - inkscape - - # Misc Development Tools - qrcode - jq - cdrtools - - # Document Processing and Management - zathura - - # File Synchronzation - rsync - - # Filesystem Tools - ntfs3g - ddrescue - ncdu - unstablepkgs.woeusb - unetbootin - pcmanfm - hdparm - testdisk - python38Packages.binwalk - gptfdisk - - ## Python - myPython - - busyboxStatic - - # Virtualization - virtmanager - ]); - } +{ + pkgs, + config, + ... +}: { + home.packages = + [] + ++ (with pkgs; [ + gnome.gnome-tweaks + gnome.gnome-keyring + gnome.seahorse + ]); +} diff --git a/nix/home-manager/configuration/graphical-removable.nix b/nix/home-manager/configuration/graphical-removable.nix index dea1f8d..faac0d5 100644 --- a/nix/home-manager/configuration/graphical-removable.nix +++ b/nix/home-manager/configuration/graphical-removable.nix @@ -1,126 +1,104 @@ -{pkgs}: let - zshCurried = import ../programs/zsh.nix {inherit pkgs;}; -in - { - pkgs, - config, - ... - }: let - unstablepkgs = - import {config = config.nixpkgs.config;}; - in { - imports = [ - ../profiles/common.nix - ../profiles/qtile-desktop.nix - ../profiles/dotfiles.nix - ../programs/firefox.nix - ../programs/chromium.nix - # FIXME: fix homeshick when no WAN connection is available - # ../programs/homeshick.nix - ../programs/libreoffice.nix - ../programs/neovim.nix - ../programs/pass.nix - zshCurried - ]; +{ + pkgs, + config, + ... +}: { + imports = [ + ../profiles/common.nix + ../profiles/qtile-desktop.nix + ../profiles/dotfiles.nix + ../programs/firefox.nix + ../programs/chromium.nix + # FIXME: fix homeshick when no WAN connection is available + # ../programs/homeshick.nix + ../programs/libreoffice.nix + ../programs/neovim.nix + ../programs/pass.nix + ]; - nixpkgs.config = { - pidgin = { - openssl = true; - gnutls = true; - }; + home.packages = + [] + ++ (with pkgs; [ + # Nix package related tools + patchelf + nix-index + nix-prefetch-scripts - packageOverrides = pkgs: with pkgs; {}; - }; + # Version Control Systems + gitless - home.sessionVariables = {}; + # Process/System Administration + htop + gnome.gnome-tweaks + xorg.xhost + dmidecode + evtest - home.packages = - [] - ++ (with pkgs; [ - # Nix package related tools - patchelf - nix-index - nix-prefetch-scripts + # Archive Managers + sshfs-fuse + xarchive + p7zip + zip + unzip + gzip + lzop - # Version Control Systems - gitless + # Password Management + gnome.gnome-keyring + gnome.seahorse - # Process/System Administration - htop - gnome.gnome-tweaks - xorg.xhost - dmidecode - evtest + # Remote Control Tools + remmina + freerdp - # Archive Managers - sshfs-fuse - xarchive - p7zip - zip - unzip - gzip - lzop + # Network Tools + openvpn + tcpdump + iftop + iperf + bind + socat - # Password Management - gnome.gnome-keyring - gnome.seahorse + # samba + iptables + nftables + wireshark - # Remote Control Tools - remmina - freerdp + # Code Editors + xclip + xsel - # Network Tools - openvpn - tcpdump - iftop - iperf - bind - socat + # Image/Graphic/Design Tools + gnome.eog + gimp + inkscape - # samba - iptables - nftables - wireshark + # Misc Development Tools + qrcode + jq + cdrtools - # Code Editors - xclip - xsel - unstablepkgs.vscode + # Document Processing and Management + zathura - # Image/Graphic/Design Tools - gnome.eog - gimp - inkscape + # File Synchronzation + rsync - # Misc Development Tools - qrcode - jq - cdrtools + # Filesystem Tools + ntfs3g + ddrescue + ncdu + woeusb + unetbootin + pcmanfm + hdparm + testdisk + binwalk + gptfdisk - # Document Processing and Management - zathura + packages'.myPython - # File Synchronzation - rsync - - # Filesystem Tools - ntfs3g - ddrescue - ncdu - unstablepkgs.woeusb - unetbootin - pcmanfm - hdparm - testdisk - binwalk - gptfdisk - - ## Python - myPython - - busyboxStatic - - # Virtualization - virtmanager - ]); - } + # Virtualization + virtmanager + ]); +} diff --git a/nix/home-manager/configuration/text-minimal.nix b/nix/home-manager/configuration/text-minimal.nix index 60a2be6..4566af7 100644 --- a/nix/home-manager/configuration/text-minimal.nix +++ b/nix/home-manager/configuration/text-minimal.nix @@ -1,27 +1,12 @@ -{ - pkgs, - extraPackages ? [], -}: let - zshCurried = import ../programs/zsh.nix {inherit pkgs;}; -in - { - pkgs, - config, - ... - }: let - in { - imports = [ - ../profiles/common.nix - # ../profiles/nix-channels.nix - ../programs/neovim.nix - zshCurried - ]; +{pkgs, ...}: { + imports = [ + ../profiles/common.nix + ../programs/neovim.nix + ]; - nixpkgs.config = {packageOverrides = pkgs: with pkgs; {};}; - - home.sessionVariables = {}; - - home.packages = - extraPackages - ++ (with pkgs; [iperf3 inetutils speedtest-cli]); - } + home.packages = with pkgs; [ + iperf3 + inetutils + speedtest-cli + ]; +} diff --git a/nix/home-manager/profiles/common.nix b/nix/home-manager/profiles/common.nix index 2d08388..246dc2e 100644 --- a/nix/home-manager/profiles/common.nix +++ b/nix/home-manager/profiles/common.nix @@ -1,10 +1,11 @@ -{pkgs, ...}: let -in { - # TODO: re-enable this with the appropriate version +{pkgs, ...}: { + # TODO: re-enable this with the appropriate version? # programs.home-manager.enable = true; # programs.home-manager.path = https://github.com/rycee/home-manager/archive/445c0b1482c38172a9f8294ee16a7ca7462388e5.tar.gz; - nixpkgs.overlays = builtins.attrValues (import ../../overlays); + imports = [ + ../programs/zsh.nix + ]; nixpkgs.config = { allowBroken = false; @@ -25,14 +26,14 @@ in { ]; }; + xdg.enable = true; + programs.direnv.enable = true; services.lorri.enable = true; - home.sessionVariables = { - NIXPKGS_ALLOW_UNFREE = "1"; - # Don't create .pyc files. - PYTHONDONTWRITEBYTECODE = "1"; - }; + home.sessionVariables.NIXPKGS_ALLOW_UNFREE = "1"; + # Don't create .pyc files. + home.sessionVariables.PYTHONDONTWRITEBYTECODE = "1"; programs.command-not-found.enable = true; programs.fzf.enable = true; @@ -40,10 +41,9 @@ in { home.packages = [] ++ (with pkgs; [ - # git helpers - git-crypt - + htop vcsh + # Authentication cacert openssl @@ -52,6 +52,29 @@ in { just ripgrep du-dust + + elfutils + exfat + file + tree + pwgen + proot + + parted + pv + tmux + wget + curl + + # git helpers + git-crypt + gitFull + pastebinit + gist + mr + + usbutils + pciutils ]); home.stateVersion = "22.05"; diff --git a/nix/home-manager/profiles/qtile-desktop.nix b/nix/home-manager/profiles/qtile-desktop.nix index 6cc9b1f..da12f62 100644 --- a/nix/home-manager/profiles/qtile-desktop.nix +++ b/nix/home-manager/profiles/qtile-desktop.nix @@ -1,6 +1,8 @@ -{pkgs, ...}: let - passwords = import ../../variables/passwords.crypt.nix; - +{ + pkgs, + config, + ... +}: let inherit (import ../lib.nix {}) mkSimpleTrayService; audio = pkgs.writeShellScript "audio" '' @@ -250,13 +252,6 @@ print("new window: ", window) ''; in { - systemd.user = { - startServices = true; - services = {}; - }; - - # systemd.user.sockets.gpg-agent.Socket.Accept = true; - services = { gnome-keyring.enable = true; blueman-applet.enable = true; @@ -266,93 +261,9 @@ in { lockCmd = "${screenLockCommand}"; }; network-manager-applet.enable = true; - syncthing.enable = true; - gpg-agent = { - enable = true; - enableScDaemon = true; - enableSshSupport = true; - grabKeyboardAndMouse = true; - pinentryFlavor = "gtk2"; - extraConfig = ""; - - defaultCacheTtl = 0; - maxCacheTtl = 0; - }; flameshot.enable = true; pasystray.enable = true; cbatticon.enable = true; - redshift = { - enable = true; - inherit (passwords.location.stefan) longitude latitude; - temperature = { - day = 6700; - night = 3700; - }; - tray = true; - settings = { - redshift = { - brightness-day = 1.0; - brightness-night = 0.8; - adjustment-method = "randr"; - }; - }; - }; - espanso = { - enable = true; - settings = { - matches = let - playerctl = '' - ${pkgs.coreutils}/bin/env DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(${pkgs.coreutils}/bin/id -u)/bus" ${pkgs.playerctl}/bin/playerctl''; - in [ - { - trigger = ":vpos"; - replace = "{{output}}"; - vars = [ - { - name = "output"; - type = "script"; - params = { - args = [ - (pkgs.writeScript "espanso" '' - #! ${pkgs.python3}/bin/python - import subprocess, os, math, datetime - - id=str(os.getuid()) - result=subprocess.run(args=["${pkgs.playerctl}/bin/playerctl", "position"], env={"DBUS_SESSION_BUS_ADDRESS": "unix:path=/run/user/"+id+"/bus"},capture_output=True) - result.check_returncode() - - position_secs = math.trunc(float(result.stdout)) - position_human = datetime.timedelta(seconds=position_secs) - print("%s - %s" % (position_human, position_secs)) - '') - ]; - }; - } - ]; - } - { - trigger = ":vtit"; - replace = "{{output}}"; - vars = [ - { - name = "output"; - type = "script"; - params = { - args = [ - (pkgs.writeShellScript "espanso" - "${playerctl} metadata title") - ]; - }; - } - ]; - } - { - trigger = ":dunno"; - replace = "¯\\_(ツ)_/¯"; - } - ]; - }; - }; }; home.pointerCursor = { @@ -364,7 +275,7 @@ in { }; xsession = { - enable = true; + enable = false; windowManager.command = "${pkgs.qtile}/bin/qtile start -c ${qtileConfig}"; initExtra = "${initScreen}"; }; @@ -373,8 +284,6 @@ in { # X Tools/Libraries lightdm networkmanagerapplet - autorandr - arandr gnome-icon-theme gnome.gnome-themes-extra gnome.adwaita-icon-theme diff --git a/nix/home-manager/programs/chromium.nix b/nix/home-manager/programs/chromium.nix index bc528d0..c41823f 100644 --- a/nix/home-manager/programs/chromium.nix +++ b/nix/home-manager/programs/chromium.nix @@ -1,14 +1,50 @@ -{...}: { - programs.chromium = {enable = true;}; +{ + name, + lib, + ... +}: { + programs.chromium = { + enable = true; + extensions = + [ + #undetectable adblocker + {id = "gcfcpohokifjldeandkfjoboemihipmb";} + + # ublock origin + {id = "cjpalhdlnbpafiamejdnhcphjbkeiagm";} + + # # YT ad block + # {id = "cmedhionkhpnakcndndgjdbohmhepckk";} + + # # Adblock Plus + # {id = "cfhdojbkjhnklbpkdaibdccddilifddb";} + + # Cookie Notice Blocker + {id = "odhmfmnoejhihkmfebnolljiibpnednn";} + # i don't care about cookies + {id = "fihnjjcciajhdojfnbdddfaoknhalnja";} + + # NopeCHA + {id = "dknlfmjaanfblgfdfebhijalfmhmjjjo";} + + # h264ify + {id = "aleakchihdccplidncghkekgioiakgal";} + + # clippy + # {id = "honbeilkanbghjimjoniipnnehlmhggk"} + + { + id = "dcpihecpambacapedldabdbpakmachpb"; + updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml"; + } + ] + ++ (lib.lists.optionals ((builtins.match "^steveej.*" name) != null) [ + # Vimium C + {id = "hfjbmagddngcpeloejdejnfgbamkjaeg";} + ]); + }; programs.brave = {enable = true;}; - nixpkgs.config = { - chromium = { - # 2019-03-05: missing on 19.03 enablePepperPDF = true; - # 2021-03-16: missing enablePepperFlash = false; - }; - }; - programs.browserpass = {browsers = ["chromium" "brave"];}; } diff --git a/nix/home-manager/programs/emacs.nix b/nix/home-manager/programs/emacs.nix deleted file mode 100644 index 10e0ad5..0000000 --- a/nix/home-manager/programs/emacs.nix +++ /dev/null @@ -1,22 +0,0 @@ -{pkgs, ...}: { - programs.emacs = { - enable = true; - extraPackages = epkgs: - (with epkgs; [ - nix-mode - magit # ; Integrate git - zerodark-theme # ; Nicolas' theme - undo-tree # ; to show the undo tree - # zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+> - ]) - ++ (with epkgs.melpaPackages; [evil]) - ++ (with epkgs.elpaPackages; [ - auctex # ; LaTeX mode - beacon # ; highlight my cursor when scrolling - nameless # ; hide current package name everywhere in elisp code - ]) - ++ (with pkgs; [ - pkgs.notmuch # From main packages set - ]); - }; -} diff --git a/nix/home-manager/programs/espanso.nix b/nix/home-manager/programs/espanso.nix new file mode 100644 index 0000000..7cd435a --- /dev/null +++ b/nix/home-manager/programs/espanso.nix @@ -0,0 +1,64 @@ +{ + pkgs, + config, + ... +}: let + passwords = import ../../variables/passwords.crypt.nix; +in { + services.espanso = { + enable = true; + settings = { + matches = let + playerctl = '' + ${pkgs.coreutils}/bin/env DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(${pkgs.coreutils}/bin/id -u)/bus" ${pkgs.playerctl}/bin/playerctl''; + in [ + { + trigger = ":vpos"; + replace = "{{output}}"; + vars = [ + { + name = "output"; + type = "script"; + params = { + args = [ + (pkgs.writeScript "espanso" '' + #! ${pkgs.python3}/bin/python + import subprocess, os, math, datetime + + id=str(os.getuid()) + result=subprocess.run(args=["${pkgs.playerctl}/bin/playerctl", "position"], env={"DBUS_SESSION_BUS_ADDRESS": "unix:path=/run/user/"+id+"/bus"},capture_output=True) + result.check_returncode() + + position_secs = math.trunc(float(result.stdout)) + position_human = datetime.timedelta(seconds=position_secs) + print("%s - %s" % (position_human, position_secs)) + '') + ]; + }; + } + ]; + } + { + trigger = ":vtit"; + replace = "{{output}}"; + vars = [ + { + name = "output"; + type = "script"; + params = { + args = [ + (pkgs.writeShellScript "espanso" + "${playerctl} metadata title") + ]; + }; + } + ]; + } + { + trigger = ":dunno"; + replace = "¯\\_(ツ)_/¯"; + } + ]; + }; + }; +} diff --git a/nix/home-manager/programs/gnome-desktop.nix b/nix/home-manager/programs/gnome-desktop.nix new file mode 100644 index 0000000..2d2fea4 --- /dev/null +++ b/nix/home-manager/programs/gnome-desktop.nix @@ -0,0 +1,112 @@ +{ + pkgs, + config, + lib, + ... +}: let +in { + services = { + gnome-keyring.enable = false; + blueman-applet.enable = true; + flameshot.enable = true; + }; + + # TODO: remove this comment once i'm sure everything works + # xdg.configFile."autostart/gnome-keyring-ssh.desktop".text = '' + # [Desktop Entry] + # Type=Application + # Hidden=true + # ''; + + services.gpg-agent.pinentryFlavor = "gnome3"; + + # workaround: usually created by 'home.xsession.enabled=true' and i don't use with gnome + systemd.user.targets.tray = { + Unit = { + Description = "Home Manager System Tray"; + Requires = ["graphical-session-pre.target"]; + }; + }; + + home.packages = [ + pkgs.wmctrl + ]; + + home.sessionVariables.MOZ_ENABLE_WAYLAND = "1"; + + dconf.settings = let + manualKeybindings = [ + { + binding = "Print"; + command = "flameshot gui"; + name = "flameshot"; + } + + { + binding = "t"; + command = "alacritty"; + name = "alacritty"; + } + ]; + + numWorkspaces = 10; + customKeybindingBaseName = "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom"; + customKeybindingsNames = + builtins.genList (i: "/${customKeybindingBaseName}${toString i}/") + ( + (builtins.length manualKeybindings) + + numWorkspaces # for sending to the workspace + ); + + workspacesKeyBindingsOffset = builtins.length manualKeybindings; + + # with this we can make use of all number keys [0-9] + mapToNumber = i: + if i < 10 + then i + else if i == 10 + then 0 + else throw "i exceeds 10: ${i}"; + in + { + "org/gnome/settings-daemon/plugins/media-keys" = { + custom-keybindings = customKeybindingsNames; + screenreader = "@as []"; + screensaver = ["l"]; + }; + + # disable the builtin [1-9] functionality + "org/gnome/shell/keybindings" = builtins.listToAttrs (builtins.genList + (i: { + name = "switch-to-application-${toString (i + 1)}"; + value = []; + }) + numWorkspaces); + + # remap it to switching to the workspaces + "org/gnome/desktop/wm/keybindings" = builtins.listToAttrs (builtins.genList + (i: { + name = "switch-to-workspace-${toString (i + 1)}"; + value = [ + "${toString (mapToNumber (i + 1))}" + ]; + }) + numWorkspaces); + } + // builtins.listToAttrs (builtins.genList + (i: { + name = "${customKeybindingBaseName}${toString i}"; + value = builtins.elemAt manualKeybindings i; + }) + (builtins.length manualKeybindings)) + // builtins.listToAttrs (builtins.genList + (i: { + name = "${customKeybindingBaseName}${toString (workspacesKeyBindingsOffset + i)}"; + value = { + binding = "${toString (mapToNumber (i + 1))}"; + command = "wmctrl -r :ACTIVE: -t ${toString i}"; + name = "Send to workspace ${toString (i + 1)}"; + }; + }) + numWorkspaces); +} diff --git a/nix/home-manager/programs/gpg-agent.nix b/nix/home-manager/programs/gpg-agent.nix new file mode 100644 index 0000000..0c793a1 --- /dev/null +++ b/nix/home-manager/programs/gpg-agent.nix @@ -0,0 +1,14 @@ +{lib, ...}: { + programs.gpg.enable = true; + services.gpg-agent = { + enable = true; + enableScDaemon = true; + enableSshSupport = true; + grabKeyboardAndMouse = true; + pinentryFlavor = lib.mkDefault "gtk2"; + extraConfig = ""; + + defaultCacheTtl = 0; + maxCacheTtl = 0; + }; +} diff --git a/nix/home-manager/programs/homeshick.nix b/nix/home-manager/programs/homeshick.nix index ba83ae1..cbd4964 100644 --- a/nix/home-manager/programs/homeshick.nix +++ b/nix/home-manager/programs/homeshick.nix @@ -5,7 +5,7 @@ }: let # TODO: clean up the impurity in here in { - home.sessionVariables = {HOMESHICK_DIR = "${pkgs.homeshick}";}; + home.sessionVariables.HOMESHICK_DIR = "${pkgs.homeshick}"; home.activation.bootstrapRepos = config.lib.dag.entryAfter ["writeBoundary"] '' $DRY_RUN_CMD ${ diff --git a/nix/home-manager/programs/libreoffice.nix b/nix/home-manager/programs/libreoffice.nix index 3f9c077..f5921e2 100644 --- a/nix/home-manager/programs/libreoffice.nix +++ b/nix/home-manager/programs/libreoffice.nix @@ -1,8 +1,3 @@ {pkgs, ...}: { - home.sessionVariables = { - # Workaround for Libreoffice to force gtk3 - SAL_USE_VCLPLUGIN = "gtk3"; - }; - home.packages = with pkgs; [libreoffice-fresh]; } diff --git a/nix/home-manager/programs/neovim.nix b/nix/home-manager/programs/neovim.nix index 66d7fc5..e169eea 100644 --- a/nix/home-manager/programs/neovim.nix +++ b/nix/home-manager/programs/neovim.nix @@ -1,6 +1,11 @@ -{pkgs, ...}: let +{ + pkgs, + lib, + ... +}: let in { - home.sessionVariables = {EDITOR = "nvim";}; + # FIXME: this doesn't work + home.sessionVariables.EDITOR = "nvim"; programs.neovim = { enable = true; diff --git a/nix/home-manager/programs/pass.nix b/nix/home-manager/programs/pass.nix index 9a1b9c4..4d3bea9 100644 --- a/nix/home-manager/programs/pass.nix +++ b/nix/home-manager/programs/pass.nix @@ -1,11 +1,9 @@ {pkgs, ...}: { - home.sessionVariables = { - # required by pass-otp - PASSWORD_STORE_EXTENSIONS_DIR = "$HOME/.nix-profile/lib/password-store/extensions"; - PASSWORD_STORE_ENABLE_EXTENSIONS = "true"; - }; + # required by pass-otp + home.sessionVariables.PASSWORD_STORE_EXTENSIONS_DIR = "$HOME/.nix-profile/lib/password-store/extensions"; + home.sessionVariables.PASSWORD_STORE_ENABLE_EXTENSIONS = "true"; - programs.browserpass = {enable = true;}; + programs.browserpass.enable = true; - home.packages = with pkgs; [pass qtpass rofi-pass gnupg]; + home.packages = with pkgs; [pass rofi-pass gnupg]; } diff --git a/nix/home-manager/programs/podman.nix b/nix/home-manager/programs/podman.nix deleted file mode 100644 index f663743..0000000 --- a/nix/home-manager/programs/podman.nix +++ /dev/null @@ -1,144 +0,0 @@ -{pkgs, ...}: let - cniConfigDir = let - loopback = pkgs.writeText "00-loopback.conf" '' - { - "cniVersion": "0.3.0", - "type": "loopback" - } - ''; - - podman-bridge = pkgs.writeText "87-podman-bridge.conflist" '' - { - "cniVersion": "0.3.0", - "name": "podman", - "plugins": [ - { - "type": "bridge", - "bridge": "cni0", - "isGateway": true, - "ipMasq": true, - "ipam": { - "type": "host-local", - "subnet": "10.88.0.0/16", - "routes": [ - { "dst": "0.0.0.0/0" } - ] - } - }, - { - "type": "portmap", - "capabilities": { - "portMappings": true - } - } - ] - } - ''; - in - pkgs.runCommand "cniConfig" {} '' - set -x - mkdir $out; - ln -s ${loopback} $out/${loopback.name} - ln -s ${podman-bridge} $out/${podman-bridge.name} - ''; - - containersConf = pkgs.writeText "containers.conf" '' - # containers.conf is the default configuration file for all tools using libpod to - # manage containers - - [containers] - - # Maximum size of log files (in bytes) - # -1 is unlimited - log_size_max = -1 - - - [engine] - - # Default transport method for pulling and pushing for images - image_default_transport = "docker://" - - # Paths to search for the conmon container manager binary. If the paths are empty or no valid path was found, then the $PATH environment variable will be used as the fallback. - conmon_path = [ - "${pkgs.conmon}/bin/conmon" - ] - - # --runtime ${pkgs.crun}/bin/crun \ - runtime = "crun" - - # Environment variables to pass into conmon - conmon_env_vars = [ - ] - - # CGroup Manager - valid values are "systemd" and "cgroupfs" - cgroup_manager = "systemd" - - - # Whether to use chroot instead of pivot_root in the runtime - no_pivot_root = false - - # Determines whether libpod will reserve ports on the host when they are - # forwarded to containers. When enabled, when ports are forwarded to containers, - # they are held open by conmon as long as the container is running, ensuring that - # they cannot be reused by other programs on the host. However, this can cause - # significant memory usage if a container has many ports forwarded to it. - # Disabling this can save memory. - enable_port_reservation = true - - [network] - # Directory containing CNI plugin configuration files - network_config_dir = "${cniConfigDir}" - - # Directories where the CNI plugin binaries may be located - cni_plugin_dirs = [ - "${pkgs.cni-plugins}/bin" - ] - - # Default CNI network for libpod. - # If multiple CNI network configs are present, libpod will use the network with - # the name given here for containers unless explicitly overridden. - # The default here is set to the name we set in the - # 87-podman-bridge.conflist included in the repository. - # Not setting this, or setting it to the empty string, will use normal CNI - # precedence rules for selecting between multiple networks. - default_network = "podman" - ''; -in { - home.packages = with pkgs; [podman]; - - home.file.".config/containers/containers.conf".source = containersConf; - - home.file.".config/containers/registries.conf".text = '' - [registries.search] - registries = ['docker.io', 'quay.io', 'registry.fedoraproject.org'] - - [registries.insecure] - registries = [] - - #blocked (docker only) - [registries.block] - registries = [] - ''; - - home.file.".config/containers/storage.conf".text = '' - [storage] - driver = "btrfs" - ''; - - home.file.".config/containers/policy.json".text = '' - { - "default": [ - { - "type": "insecureAcceptAnything" - } - ], - "transports": - { - "docker-daemon": - { - "": [{"type":"insecureAcceptAnything"}] - } - } - } - ''; -} diff --git a/nix/home-manager/programs/redshift.nix b/nix/home-manager/programs/redshift.nix new file mode 100644 index 0000000..e53ae04 --- /dev/null +++ b/nix/home-manager/programs/redshift.nix @@ -0,0 +1,24 @@ +{ + pkgs, + config, + ... +}: let + passwords = import ../../variables/passwords.crypt.nix; +in { + services.redshift = { + enable = true; + inherit (passwords.location.stefan) longitude latitude; + temperature = { + day = 6700; + night = 3000; + }; + tray = true; + settings = { + redshift = { + brightness-day = 1.0; + brightness-night = 0.5; + adjustment-method = "randr"; + }; + }; + }; +} diff --git a/nix/home-manager/programs/vscode/default.nix b/nix/home-manager/programs/vscode/default.nix index 71996cd..1e9cacd 100644 --- a/nix/home-manager/programs/vscode/default.nix +++ b/nix/home-manager/programs/vscode/default.nix @@ -463,6 +463,7 @@ in { programs.vscode = { enable = true; + package = pkgs.vscodium; extensions = [] ++ packagedExtensions # ++ marketPlaceExtensions diff --git a/nix/home-manager/programs/zsh.nix b/nix/home-manager/programs/zsh.nix index 9e64278..0e1528f 100644 --- a/nix/home-manager/programs/zsh.nix +++ b/nix/home-manager/programs/zsh.nix @@ -1,4 +1,9 @@ -{pkgs}: {...}: let +{ + config, + lib, + pkgs, + ... +}: let just-plugin = let plugin_file = pkgs.writeText "_just" '' #compdef just @@ -31,6 +36,10 @@ ''; }; in { + home.file.".profile".text = '' + . "${config.home.profileDirectory}/etc/profile.d/hm-session-vars.sh" + ''; + programs.zsh = { enable = true; @@ -65,17 +74,21 @@ in { # don't cd into directories when executed unsetopt AUTO_CD - export NIX_PATH="${pkgs.nixPath}" + export NIX_PATH="${pkgs.path}" # print lines without termination setopt PROMPT_CR setopt PROMPT_SP export PROMPT_EOL_MARK="" - ''; - sessionVariables = { - # Add more envrionment variables here - }; + ${lib.optionalString config.services.gpg-agent.enable '' + export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh" + ''} + + ${lib.optionalString config.programs.neovim.enable '' + export EDITOR="nvim" + ''} + ''; plugins = [ { diff --git a/nix/modules/flake-parts/colmena.nix b/nix/modules/flake-parts/colmena.nix new file mode 100644 index 0000000..ee885cf --- /dev/null +++ b/nix/modules/flake-parts/colmena.nix @@ -0,0 +1,7 @@ +{lib, ...}: { + options.flake.colmena = lib.mkOption { + # type = lib.types.attrsOf lib.types.unspecified; + type = lib.types.raw; + default = {}; + }; +} diff --git a/nix/modules/flake-parts/perSystem/default.nix b/nix/modules/flake-parts/perSystem/default.nix new file mode 100644 index 0000000..1339db8 --- /dev/null +++ b/nix/modules/flake-parts/perSystem/default.nix @@ -0,0 +1,38 @@ +{ + inputs', + system, + config, + lib, + pkgs, + ... +}: { + packages = { + myPython = pkgs.python310.withPackages (ps: + with ps; + [ + pep8 + yapf + flake8 + # autopep8 (broken) + # pylint (broken) + ipython + llfuse + dugong + defusedxml + wheel + pip + virtualenv + cffi + pyopenssl + urllib3 + # mistune (insecure) + sympy + + flask + + pyaml + requests + ] + ++ [pkgs.pypi2nix pkgs.libffi]); + }; +} diff --git a/nix/os/devices/elias-e525/default.nix b/nix/os/devices/elias-e525/default.nix new file mode 100644 index 0000000..537efdd --- /dev/null +++ b/nix/os/devices/elias-e525/default.nix @@ -0,0 +1,29 @@ +{repoFlake}: let + nodeName = "elias-e525"; + system = "x86_64-linux"; + + nodeFlake = repoFlake.inputs.get-flake ./.; +in { + meta.nodeSpecialArgs.${nodeName} = { + inherit nodeName nodeFlake; + packages' = repoFlake.packages.${system}; + }; + + meta.nodeNixpkgs.${nodeName} = import nodeFlake.inputs.nixpkgs.outPath { + inherit system; + }; + + # TODO: build a module with "meta" and "freeformtype" for all the others + + ${nodeName} = { + deployment.targetHost = nodeName; + deployment.replaceUnknownProfiles = false; + # deployment.allowLocalDeployment = true; + + imports = [ + (repoFlake + "/nix/os/devices/${nodeName}/configuration.nix") + + nodeFlake.inputs.home-manager.nixosModules.home-manager + ]; + }; +} diff --git a/nix/os/devices/elias-e525/flake.lock b/nix/os/devices/elias-e525/flake.lock new file mode 100644 index 0000000..fc1b46a --- /dev/null +++ b/nix/os/devices/elias-e525/flake.lock @@ -0,0 +1,65 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils" + }, + "locked": { + "lastModified": 1681092193, + "narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-22.11", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1681696129, + "narHash": "sha256-Ba2y1lmsWmmAOAoTD5G9UnTS/UqV0ZFyzysgdfu7qag=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "de66115c552acc4e0c0f92c5a5efb32e37dfa216", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs" + } + }, + "utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/nix/os/devices/elias-e525/flake.nix b/nix/os/devices/elias-e525/flake.nix new file mode 100644 index 0000000..7e29283 --- /dev/null +++ b/nix/os/devices/elias-e525/flake.nix @@ -0,0 +1,10 @@ +{ + inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; + + inputs.home-manager = { + url = "github:nix-community/home-manager/release-22.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = _: {}; +} diff --git a/nix/os/devices/elias-e525/pkg.nix b/nix/os/devices/elias-e525/pkg.nix index d07c68c..851f526 100644 --- a/nix/os/devices/elias-e525/pkg.nix +++ b/nix/os/devices/elias-e525/pkg.nix @@ -5,9 +5,13 @@ }: let homeEnv = keyboard: { imports = [ - (import ../../../home-manager/configuration/graphical-gnome3.nix { - inherit pkgs; - }) + ../../../home-manager/profiles/common.nix + + ../../../home-manager/configuration/graphical-gnome3.nix + + ../../../home-manager/programs/firefox.nix + ../../../home-manager/programs/libreoffice.nix + ../../../home-manager/programs/neovim.nix ]; home.keyboard = keyboard; @@ -16,28 +20,17 @@ rhythmbox lollypop dia + + rustdesk + kotatogram-desktop - jitsi + jitsi-meet-electron + signal-desktop ]; }; in { - nixpkgs.config.packageOverrides = pkgs: - with pkgs; { - nixPath = - (import ../../../default.nix { - versionsPath = ./versions.nix; - }) - .nixPath; - }; - services.gnome = builtins.mapAttrs (attr: value: lib.mkForce value) { - games.enable = true; gnome-remote-desktop.enable = true; - gnome-user-share.enable = true; - rygel.enable = true; - sushi.enable = true; - tracker.enable = true; - tracker-miners.enable = true; }; home-manager.users.steveej = homeEnv { @@ -58,6 +51,5 @@ in { variant = ""; }; - services.teamviewer.enable = true; system.stateVersion = "21.11"; } diff --git a/nix/os/devices/elias-e525/system.nix b/nix/os/devices/elias-e525/system.nix index 3cb10d3..c2087da 100644 --- a/nix/os/devices/elias-e525/system.nix +++ b/nix/os/devices/elias-e525/system.nix @@ -17,11 +17,6 @@ in { networking.firewall.logRefusedConnections = false; networking.usePredictableInterfaceNames = false; - services.printing = { - enable = true; - drivers = with pkgs; [mfcl3770cdw.driver mfcl3770cdw.cupswrapper]; - }; - services.fprintd.enable = true; security.pam.services = { login.fprintAuth = true; diff --git a/nix/os/devices/elias-e525/versions.nix b/nix/os/devices/elias-e525/versions.nix deleted file mode 100644 index 81a71e6..0000000 --- a/nix/os/devices/elias-e525/versions.nix +++ /dev/null @@ -1,26 +0,0 @@ -let - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-21.11"; - rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; - }; -in { - inherit nixpkgs; - nixos = nixpkgs // {suffix = "/nixos";}; - "channels-nixos-stable" = nixpkgs; - "channels-nixos-unstable" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-unstable"; - rev = "5aaed40d22f0d9376330b6fa413223435ad6fee5"; - }; - "nixpkgs-master" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "master"; - rev = "c4d1eff44eb12cb5500fb2ab05a1a7303711254e"; - }; - "home-manager-module" = { - url = "https://github.com/nix-community/home-manager"; - ref = "release-21.11"; - rev = "697cc8c68ed6a606296efbbe9614c32537078756"; - }; -} diff --git a/nix/os/devices/elias-e525/versions.tmpl.nix b/nix/os/devices/elias-e525/versions.tmpl.nix deleted file mode 100644 index ea299fb..0000000 --- a/nix/os/devices/elias-e525/versions.tmpl.nix +++ /dev/null @@ -1,34 +0,0 @@ -let - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-21.11"; - rev = '' - <% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; -in { - inherit nixpkgs; - nixos = nixpkgs // {suffix = "/nixos";}; - "channels-nixos-stable" = nixpkgs; - "channels-nixos-unstable" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-unstable"; - rev = '' - <% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; - "nixpkgs-master" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "master"; - rev = '' - <% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; - "home-manager-module" = { - url = "https://github.com/nix-community/home-manager"; - ref = "release-21.11"; - rev = '' - <% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; -} diff --git a/nix/os/devices/167.233.1.14/README.md b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/README.md similarity index 100% rename from nix/os/devices/167.233.1.14/README.md rename to nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/README.md diff --git a/nix/os/devices/167.233.1.14/boot.nix b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/boot.nix similarity index 100% rename from nix/os/devices/167.233.1.14/boot.nix rename to nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/boot.nix diff --git a/nix/os/devices/167.233.1.14/configuration.nix b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/configuration.nix similarity index 100% rename from nix/os/devices/167.233.1.14/configuration.nix rename to nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/configuration.nix diff --git a/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/default.nix b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/default.nix new file mode 100644 index 0000000..3c9621d --- /dev/null +++ b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/default.nix @@ -0,0 +1,26 @@ +{repoFlake}: let + nodeName = "sj-vps-htz0.infra.stefanjunker.de"; + system = "x86_64-linux"; + + nodeFlake = repoFlake.inputs.get-flake ./.; +in { + meta.nodeSpecialArgs.${nodeName} = { + inherit nodeName nodeFlake; + packages' = repoFlake.packages.${system}; + }; + + meta.nodeNixpkgs.${nodeName} = import nodeFlake.inputs.nixpkgs.outPath { + inherit system; + }; + + ${nodeName} = { + deployment.targetHost = nodeName; + deployment.replaceUnknownProfiles = true; + + imports = [ + (repoFlake + "/nix/os/devices/${nodeName}/configuration.nix") + + nodeFlake.inputs.home-manager.nixosModules.home-manager + ]; + }; +} diff --git a/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/flake.lock b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/flake.lock new file mode 100644 index 0000000..2a1267e --- /dev/null +++ b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/flake.lock @@ -0,0 +1,99 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils" + }, + "locked": { + "lastModified": 1681092193, + "narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-22.11", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1681759395, + "narHash": "sha256-7aaRtLxLAy8qFVIA26ulB+Q5nDVzuQ71qi0s0wMjAws=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-master": { + "locked": { + "lastModified": 1681895322, + "narHash": "sha256-dtduardGFljEIh0Whlnhzda7Au0s1WnnSdzh2ZhCu9c=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "57aad37a2eab85fb5522cbc8568fe27872071a1c", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1681770396, + "narHash": "sha256-tq+GZOkRA3uF3I/jIzuBGfnTRQFT4QnnRCWJ8DKSaMg=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "4df48038a44e9f3a3da8e9b42ca182726b743de4", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "nixpkgs-master": "nixpkgs-master", + "nixpkgs-unstable": "nixpkgs-unstable" + } + }, + "utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/flake.nix b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/flake.nix new file mode 100644 index 0000000..d432f24 --- /dev/null +++ b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/flake.nix @@ -0,0 +1,12 @@ +{ + inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; + inputs.nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small"; + inputs.nixpkgs-master.url = "github:nixos/nixpkgs/master"; + + inputs.home-manager = { + url = "github:nix-community/home-manager/release-22.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = _: {}; +} diff --git a/nix/os/devices/167.233.1.14/hw.nix b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/hw.nix similarity index 100% rename from nix/os/devices/167.233.1.14/hw.nix rename to nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/hw.nix diff --git a/nix/os/devices/167.233.1.14/pkg.nix b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/pkg.nix similarity index 100% rename from nix/os/devices/167.233.1.14/pkg.nix rename to nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/pkg.nix diff --git a/nix/os/devices/167.233.1.14/system.nix b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/system.nix similarity index 95% rename from nix/os/devices/167.233.1.14/system.nix rename to nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/system.nix index d23085d..bb37d96 100644 --- a/nix/os/devices/167.233.1.14/system.nix +++ b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/system.nix @@ -6,10 +6,6 @@ }: let keys = import ../../../variables/keys.nix; in { - # TASK: new device - networking.hostName = "sj-pvehtz0"; # Define your hostname. - # networking.domain = ""; - networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [ # iperf3 diff --git a/nix/os/devices/167.233.1.14/versions.nix b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/versions.nix similarity index 100% rename from nix/os/devices/167.233.1.14/versions.nix rename to nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/versions.nix diff --git a/nix/os/devices/167.233.1.14/versions.tmpl.nix b/nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/versions.tmpl.nix similarity index 100% rename from nix/os/devices/167.233.1.14/versions.tmpl.nix rename to nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/versions.tmpl.nix diff --git a/nix/os/devices/steveej-t14/default.nix b/nix/os/devices/steveej-t14/default.nix new file mode 100644 index 0000000..fb517e4 --- /dev/null +++ b/nix/os/devices/steveej-t14/default.nix @@ -0,0 +1,27 @@ +{repoFlake}: let + nodeName = "steveej-t14"; + system = "x86_64-linux"; + + nodeFlake = repoFlake.inputs.get-flake ./.; +in { + meta.nodeSpecialArgs.${nodeName} = { + inherit nodeName nodeFlake; + packages' = repoFlake.packages.${system}; + }; + + meta.nodeNixpkgs.${nodeName} = import nodeFlake.inputs.nixpkgs.outPath { + inherit system; + }; + + ${nodeName} = { + deployment.targetHost = nodeName; + deployment.replaceUnknownProfiles = false; + # deployment.allowLocalDeployment = true; + + imports = [ + (repoFlake + "/nix/os/devices/${nodeName}/configuration.nix") + + nodeFlake.inputs.home-manager.nixosModules.home-manager + ]; + }; +} diff --git a/nix/os/devices/steveej-t14/flake.lock b/nix/os/devices/steveej-t14/flake.lock new file mode 100644 index 0000000..2a1267e --- /dev/null +++ b/nix/os/devices/steveej-t14/flake.lock @@ -0,0 +1,99 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils" + }, + "locked": { + "lastModified": 1681092193, + "narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-22.11", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1681759395, + "narHash": "sha256-7aaRtLxLAy8qFVIA26ulB+Q5nDVzuQ71qi0s0wMjAws=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-master": { + "locked": { + "lastModified": 1681895322, + "narHash": "sha256-dtduardGFljEIh0Whlnhzda7Au0s1WnnSdzh2ZhCu9c=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "57aad37a2eab85fb5522cbc8568fe27872071a1c", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1681770396, + "narHash": "sha256-tq+GZOkRA3uF3I/jIzuBGfnTRQFT4QnnRCWJ8DKSaMg=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "4df48038a44e9f3a3da8e9b42ca182726b743de4", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "nixpkgs-master": "nixpkgs-master", + "nixpkgs-unstable": "nixpkgs-unstable" + } + }, + "utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/nix/os/devices/steveej-t14/flake.nix b/nix/os/devices/steveej-t14/flake.nix new file mode 100644 index 0000000..d432f24 --- /dev/null +++ b/nix/os/devices/steveej-t14/flake.nix @@ -0,0 +1,12 @@ +{ + inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; + inputs.nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small"; + inputs.nixpkgs-master.url = "github:nixos/nixpkgs/master"; + + inputs.home-manager = { + url = "github:nix-community/home-manager/release-22.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = _: {}; +} diff --git a/nix/os/devices/steveej-t14/pkg.nix b/nix/os/devices/steveej-t14/pkg.nix index 9897dc2..a92dfa4 100644 --- a/nix/os/devices/steveej-t14/pkg.nix +++ b/nix/os/devices/steveej-t14/pkg.nix @@ -1,15 +1,26 @@ {pkgs, ...}: { - nixpkgs.config.packageOverrides = pkgs: - with pkgs; { - nixPath = - (import ../../../default.nix { - versionsPath = ./versions.nix; - }) - .nixPath; - }; - home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix { - inherit pkgs; + home-manager.users.steveej = _: { + imports = [ + ../../../home-manager/configuration/graphical-fullblown.nix + + (_: { + programs.chromium.extensions = [ + # can define host-specific extensions here + ]; + }) + ]; }; + services.teamviewer.enable = true; system.stateVersion = "20.09"; + + # TODO: move this into home-manager + environment.systemPackages = with pkgs.gnomeExtensions; [ + pop-shell + vitals + + # TODO: currently not compatible + # window-switcher-current-workspace-first + # mmod-panel + ]; } diff --git a/nix/os/devices/steveej-t14/system.nix b/nix/os/devices/steveej-t14/system.nix index fcfdb17..ba6334c 100644 --- a/nix/os/devices/steveej-t14/system.nix +++ b/nix/os/devices/steveej-t14/system.nix @@ -2,26 +2,26 @@ pkgs, lib, config, + nodeName, ... }: let - keys = import ../../../variables/keys.nix; passwords = import ../../../variables/passwords.crypt.nix; in { nix = { - binaryCaches = ["https://holochain-ci.cachix.org" "https://cache.holo.host/"]; + binaryCaches = [ + "https://holochain-ci.cachix.org" + # "https://cache.holo.host/" + ]; binaryCachePublicKeys = [ "holochain-ci.cachix.org-1:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8=" - "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE=" - "cache.holo.host-2:ZJCkX3AUYZ8soxTLfTb60g+F3MkWD7hkH9y8CgqwhDQ=" + # "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE=" + # "cache.holo.host-2:ZJCkX3AUYZ8soxTLfTb60g+F3MkWD7hkH9y8CgqwhDQ=" ]; settings.extra-experimental-features = ["impure-derivations"]; settings.system-features = ["recursive-nix"]; }; - # TASK: new device - networking.hostName = "steveej-t14"; # Define your hostname. - networking.bridges."virbr1".interfaces = []; networking.interfaces."virbr1".ipv4.addresses = [ { @@ -42,10 +42,7 @@ in { networking.firewall.logRefusedConnections = false; networking.usePredictableInterfaceNames = false; - services.printing = { - enable = true; - drivers = with pkgs; [hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper]; - }; + services.fwupd.enable = true; services.fprintd.enable = true; security.pam.services = { @@ -62,9 +59,10 @@ in { addNetworkInterface = false; }; - docker = { + podman = { enable = true; - extraOptions = "--experimental"; + dockerCompat = true; + defaultNetwork.dnsname.enable = true; }; }; diff --git a/nix/os/devices/steveej-t14/versions.nix b/nix/os/devices/steveej-t14/versions.nix deleted file mode 100644 index 576db85..0000000 --- a/nix/os/devices/steveej-t14/versions.nix +++ /dev/null @@ -1,36 +0,0 @@ -let - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-22.11"; - rev = '' - ea96b4af6148114421fda90df33cf236ff5ecf1d''; - }; -in { - inherit nixpkgs; - nixos = nixpkgs // {suffix = "/nixos";}; - "channels-nixos-stable" = nixpkgs; - "channels-nixos-unstable" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-unstable"; - rev = '' - db24d86dd8a4769c50d6b7295e81aa280cd93f35''; - }; - "channels-nixos-unstable-small" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-unstable-small"; - rev = '' - 2d79f0ccbd2a418f1582b7a97a57683403512188''; - }; - "nixpkgs-master" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "master"; - rev = '' - 152a7b64ae22d2b0c5f6043868d2c98b74390517''; - }; - "home-manager-module" = { - url = "https://github.com/nix-community/home-manager"; - ref = "release-22.11"; - rev = '' - f9edbedaf015013eb35f8caacbe0c9666bbc16af''; - }; -} diff --git a/nix/os/devices/steveej-t14/versions.tmpl.nix b/nix/os/devices/steveej-t14/versions.tmpl.nix deleted file mode 100644 index a0fa34a..0000000 --- a/nix/os/devices/steveej-t14/versions.tmpl.nix +++ /dev/null @@ -1,41 +0,0 @@ -let - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-22.11"; - rev = '' - <% git ls-remote https://github.com/nixos/nixpkgs nixos-22.11 | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; -in { - inherit nixpkgs; - nixos = nixpkgs // {suffix = "/nixos";}; - "channels-nixos-stable" = nixpkgs; - "channels-nixos-unstable" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-unstable"; - rev = '' - <% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; - "channels-nixos-unstable-small" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-unstable-small"; - rev = '' - <% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable-small | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; - "nixpkgs-master" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "master"; - rev = '' - <% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; - "home-manager-module" = { - url = "https://github.com/nix-community/home-manager"; - ref = "release-22.11"; - rev = '' - <% git ls-remote https://github.com/nix-community/home-manager.git release-22.11 | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; -} diff --git a/nix/os/devices/vmd102066.contaboserver.net/default.nix b/nix/os/devices/vmd102066.contaboserver.net/default.nix new file mode 100644 index 0000000..77a6b95 --- /dev/null +++ b/nix/os/devices/vmd102066.contaboserver.net/default.nix @@ -0,0 +1,26 @@ +{repoFlake}: let + nodeName = "vmd102066.contaboserver.net"; + system = "x86_64-linux"; + + nodeFlake = repoFlake.inputs.get-flake ./.; +in { + meta.nodeSpecialArgs.${nodeName} = { + inherit nodeName nodeFlake; + packages' = repoFlake.packages.${system}; + }; + + meta.nodeNixpkgs.${nodeName} = import nodeFlake.inputs.nixpkgs.outPath { + inherit system; + }; + + ${nodeName} = { + deployment.targetHost = nodeName; + deployment.replaceUnknownProfiles = true; + + imports = [ + (repoFlake + "/nix/os/devices/${nodeName}/configuration.nix") + + nodeFlake.inputs.home-manager.nixosModules.home-manager + ]; + }; +} diff --git a/nix/os/devices/vmd102066.contaboserver.net/flake.lock b/nix/os/devices/vmd102066.contaboserver.net/flake.lock new file mode 100644 index 0000000..2a1267e --- /dev/null +++ b/nix/os/devices/vmd102066.contaboserver.net/flake.lock @@ -0,0 +1,99 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils" + }, + "locked": { + "lastModified": 1681092193, + "narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-22.11", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1681759395, + "narHash": "sha256-7aaRtLxLAy8qFVIA26ulB+Q5nDVzuQ71qi0s0wMjAws=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-master": { + "locked": { + "lastModified": 1681895322, + "narHash": "sha256-dtduardGFljEIh0Whlnhzda7Au0s1WnnSdzh2ZhCu9c=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "57aad37a2eab85fb5522cbc8568fe27872071a1c", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1681770396, + "narHash": "sha256-tq+GZOkRA3uF3I/jIzuBGfnTRQFT4QnnRCWJ8DKSaMg=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "4df48038a44e9f3a3da8e9b42ca182726b743de4", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "nixpkgs-master": "nixpkgs-master", + "nixpkgs-unstable": "nixpkgs-unstable" + } + }, + "utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/nix/os/devices/vmd102066.contaboserver.net/flake.nix b/nix/os/devices/vmd102066.contaboserver.net/flake.nix new file mode 100644 index 0000000..d432f24 --- /dev/null +++ b/nix/os/devices/vmd102066.contaboserver.net/flake.nix @@ -0,0 +1,12 @@ +{ + inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; + inputs.nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small"; + inputs.nixpkgs-master.url = "github:nixos/nixpkgs/master"; + + inputs.home-manager = { + url = "github:nix-community/home-manager/release-22.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = _: {}; +} diff --git a/nix/os/devices/vmd102066.contaboserver.net/pkg.nix b/nix/os/devices/vmd102066.contaboserver.net/pkg.nix index 821775e..96cfc55 100644 --- a/nix/os/devices/vmd102066.contaboserver.net/pkg.nix +++ b/nix/os/devices/vmd102066.contaboserver.net/pkg.nix @@ -4,14 +4,6 @@ lib, ... }: { - nixpkgs.config.packageOverrides = pkgs: - with pkgs; { - nixPath = - (import ../../../default.nix { - versionsPath = ./versions.nix; - }) - .nixPath; - }; home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { inherit pkgs; }; diff --git a/nix/os/devices/vmd102066.contaboserver.net/system.nix b/nix/os/devices/vmd102066.contaboserver.net/system.nix index 929874f..45c6b0c 100644 --- a/nix/os/devices/vmd102066.contaboserver.net/system.nix +++ b/nix/os/devices/vmd102066.contaboserver.net/system.nix @@ -2,15 +2,12 @@ pkgs, lib, config, + nodeName, ... }: let keys = import ../../../variables/keys.nix; passwords = import ../../../variables/passwords.crypt.nix; in { - # TASK: new device - networking.hostName = "vmd102066"; # Define your hostname. - networking.domain = "contaboserver.net"; - networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [ # iperf3 @@ -62,19 +59,19 @@ in { ''; }; - systemd.services.sshd.serviceConfig = {TasksMax = 32;}; + # systemd.services.sshd.serviceConfig = {TasksMax = 32;}; - systemd.timers."sshd-status" = { - description = "Timer to trigger sshd-status periodically"; - enable = true; - wantedBy = ["timer.target" "multi-user.target"]; - timerConfig = { - OnActiveSec = "5s"; - OnUnitActiveSec = "5s"; - AccuracySec = "1s"; - Unit = "sshd-status.service"; - }; - }; + # systemd.timers."sshd-status" = { + # description = "Timer to trigger sshd-status periodically"; + # enable = true; + # wantedBy = ["timer.target" "multi-user.target"]; + # timerConfig = { + # OnActiveSec = "5s"; + # OnUnitActiveSec = "5s"; + # AccuracySec = "1s"; + # Unit = "sshd-status.service"; + # }; + # }; nix.gc = {automatic = true;}; @@ -100,8 +97,6 @@ in { done ''; - # networking.useHostResolvConf = true; - containers = { backup = import ../../containers/backup.nix { autoStart = false; diff --git a/nix/os/devices/vmd102066.contaboserver.net/versions.nix b/nix/os/devices/vmd102066.contaboserver.net/versions.nix deleted file mode 100644 index 1a3a576..0000000 --- a/nix/os/devices/vmd102066.contaboserver.net/versions.nix +++ /dev/null @@ -1,23 +0,0 @@ -let - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-22.11"; - rev = '' - a7cc81913bb3cd1ef05ed0ece048b773e1839e51''; - }; -in { - inherit nixpkgs; - "channels-nixos-stable" = nixpkgs; - "nixpkgs-master" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "master"; - rev = '' - 3b12bfe6c4e11e91865f4d244d13fdc9860bd322''; - }; - "home-manager-module" = { - url = "https://github.com/nix-community/home-manager"; - ref = "release-22.11"; - rev = '' - b0be47978de5cfd729a79c3f57ace4c86364ff45''; - }; -} diff --git a/nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix b/nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix deleted file mode 100644 index 51bfdff..0000000 --- a/nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix +++ /dev/null @@ -1,26 +0,0 @@ -let - nixpkgs = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "nixos-22.11"; - rev = '' - <% git ls-remote https://github.com/nixos/nixpkgs nixos-22.11 | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; -in { - inherit nixpkgs; - "channels-nixos-stable" = nixpkgs; - "nixpkgs-master" = { - url = "https://github.com/NixOS/nixpkgs/"; - ref = "master"; - rev = '' - <% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; - "home-manager-module" = { - url = "https://github.com/nix-community/home-manager"; - ref = "release-22.11"; - rev = '' - <% git ls-remote https://github.com/nix-community/home-manager.git release-22.11 | awk '{ print $1 }' | tr -d ' - ' -%>''; - }; -} diff --git a/nix/os/profiles/common/configuration.nix b/nix/os/profiles/common/configuration.nix index 80f92dd..ba5da40 100644 --- a/nix/os/profiles/common/configuration.nix +++ b/nix/os/profiles/common/configuration.nix @@ -1,5 +1,3 @@ {...}: { - nixpkgs.overlays = builtins.attrValues (import ../../../overlays); - imports = [./boot.nix ./pkg.nix ./user.nix ./system.nix ./hw.nix]; } diff --git a/nix/os/profiles/common/pkg.nix b/nix/os/profiles/common/pkg.nix index e855acf..5810dcc 100644 --- a/nix/os/profiles/common/pkg.nix +++ b/nix/os/profiles/common/pkg.nix @@ -1,40 +1,31 @@ { - config, + flake, pkgs, + # these come in via nodeSpecialArgs and are expected to be defined for every node + nodeFlake, + packages', ... }: { - imports = ["${}/nixos"]; - home-manager.users.root = import ../../../home-manager/configuration/text-minimal.nix { - inherit pkgs; + imports = [ + ]; + + nix.registry.nixpkgs.flake = nodeFlake.inputs.nixpkgs; + home-manager.useGlobalPkgs = false; + home-manager.useUserPackages = true; + home-manager.users.root = import ../../../home-manager/configuration/text-minimal.nix; + + # TODO: investigate an issue with the "name" arg contained here, which causes problems with home-manager + # home-manager.extraSpecialArgs = specialArgs; + # hence, opt for passing the arguments selectively instead + home-manager.extraSpecialArgs = { + inherit + packages' + nodeFlake + ; }; nixpkgs.config = { allowBroken = false; allowUnfree = true; - - packageOverrides = pkgs: with pkgs; {}; }; - - environment.systemPackages = with pkgs; [ - elfutils - exfat - file - tree - pwgen - proot - - parted - pv - tmux - wget - curl - - gitFull - pastebinit - gist - mr - - usbutils - pciutils - ]; } diff --git a/nix/os/profiles/common/system.nix b/nix/os/profiles/common/system.nix index e91180c..388a07b 100644 --- a/nix/os/profiles/common/system.nix +++ b/nix/os/profiles/common/system.nix @@ -2,25 +2,18 @@ config, pkgs, lib, + nodeName, ... }: { - nix.settings.trusted-public-keys = [ - # "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" - ]; - nix.settings.substituters = [ - "https://cache.nixos.org" - # "https://hydra.nixos.org" - ]; - nix.settings.trusted-substituters = [ - "https://cache.nixos.org" - # "https://hydra.nixos.org" - ]; + networking.hostName = builtins.elemAt (builtins.split "\\." nodeName) 0; # Define your hostname. + networking.domain = builtins.elemAt (builtins.split "(^[^\\.]+\.)" nodeName) 2; nix.daemonCPUSchedPolicy = "idle"; nix.daemonIOSchedClass = "idle"; nix.settings.max-jobs = lib.mkDefault "auto"; nix.settings.cores = lib.mkDefault 0; nix.settings.sandbox = true; + nix.nixPath = ["nixpkgs=${pkgs.path}"]; environment.etc."lvm/lvm.conf".text = '' devices { @@ -28,8 +21,6 @@ } ''; - environment.variables = {NIX_PATH = lib.mkForce pkgs.nixPath;}; - # Fonts, I18N, Date ... fonts.fonts = [pkgs.corefonts]; diff --git a/nix/os/profiles/containers/configuration.nix b/nix/os/profiles/containers/configuration.nix index 765752d..fdb9a5a 100644 --- a/nix/os/profiles/containers/configuration.nix +++ b/nix/os/profiles/containers/configuration.nix @@ -1,6 +1,4 @@ {...}: { - nixpkgs.overlays = builtins.attrValues (import ../../../overlays); - networking.useHostResolvConf = false; services.resolved = {enable = true;}; diff --git a/nix/os/profiles/graphical/system.nix b/nix/os/profiles/graphical/system.nix index ff22960..e658954 100644 --- a/nix/os/profiles/graphical/system.nix +++ b/nix/os/profiles/graphical/system.nix @@ -1,4 +1,8 @@ -{pkgs, ...}: { +{ + pkgs, + lib, + ... +}: { networking.networkmanager = { enable = true; dns = "systemd-resolved"; @@ -26,7 +30,7 @@ }; }; # required for running blueman-applet in user sessions - services.dbus.packages = with pkgs; [blueman]; + services.dbus.packages = with pkgs; [blueman dconf]; services.blueman.enable = true; services.xserver = { @@ -57,31 +61,23 @@ }; displayManager = { - gdm.enable = false; + gdm.enable = true; autoLogin = { enable = true; user = "steveej"; }; - - lightdm = { - enable = true; - background = "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png"; - }; - - sessionCommands = ""; }; }; - services.gvfs.enable = true; - programs.seahorse.enable = true; + # gnome, most of it is disabled and ideally it could live entirely in the user's home config programs.gpaste.enable = false; programs.gnome-terminal.enable = false; programs.gnome-documents.enable = false; programs.gnome-disks.enable = false; services.gnome = { - # gnome-online-miners.enable = false; TODO: enable this again + gnome-online-miners.enable = lib.mkForce false; games.enable = false; gnome-remote-desktop.enable = false; gnome-user-share.enable = false; @@ -90,15 +86,47 @@ tracker.enable = false; tracker-miners.enable = false; - # FIXME: gnome should be moved to user session + gnome-browser-connector.enable = false; + gnome-initial-setup.enable = false; + + # FIXME: gnome should be moved to home config + gnome-settings-daemon.enable = true; core-os-services.enable = true; at-spi2-core.enable = true; evolution-data-server.enable = true; gnome-online-accounts.enable = true; - gnome-keyring.enable = true; + gnome-keyring.enable = lib.mkForce false; }; + # FIXME: gnome should be moved to user session + services.gvfs.enable = true; + programs.seahorse.enable = true; + programs.dconf.enable = true; + + environment.gnome.excludePackages = + (with pkgs; [ + orca + gnome-photos + gnome-tour + ]) + ++ (with pkgs.gnome; [ + cheese # webcam tool + gnome-music + gnome-terminal + gedit # text editor + epiphany # web browser + geary # email reader + evince # document viewer + gnome-characters + totem # video player + tali # poker game + iagno # go game + hitori # sudoku game + atomix # puzzle game + ]); + # More Services + environment.systemPackages = [pkgs.gnome.adwaita-icon-theme pkgs.gnomeExtensions.appindicator]; services.udev.packages = [pkgs.libu2f-host pkgs.yubikey-personalization pkgs.android-udev-rules]; services.udev.extraRules = '' # OnePlusOne @@ -120,4 +148,9 @@ ''; services.logind.lidSwitchExternalPower = "ignore"; + + services.printing = { + enable = true; + drivers = with pkgs; [mfcl3770cdwlpr mfcl3770cdwcupswrapper]; + }; } diff --git a/nix/os/profiles/podman/configuration.nix b/nix/os/profiles/podman/configuration.nix deleted file mode 100644 index b70ff6c..0000000 --- a/nix/os/profiles/podman/configuration.nix +++ /dev/null @@ -1,182 +0,0 @@ -{ - config, - pkgs, - ... -}: { - environment.systemPackages = with pkgs; [ - podman - runc - conmon - cni - cni-plugins - slirp4netns - ]; - - environment.etc."containers/registries.conf".text = '' - # This is a system-wide configuration file used to - # keep track of registries for various container backends. - # It adheres to TOML format and does not support recursive - # lists of registries. - - [registries.search] - registries = [ 'docker.io' - , 'registry.fedoraproject.org' - , 'registry.access.redhat.com' - , 'quay.io' - ] - - # If you need to access insecure registries, add the registry's fully-qualified name. - # An insecure registry is one that does not have a valid SSL certificate or only does HTTP. - [registries.insecure] - registries = ['localhost:5000'] - ''; - - environment.etc."containers/policy.json".text = '' - { - "default": [ - { - "type": "insecureAcceptAnything" - } - ], - "transports": - { - "docker-daemon": - { - "": [{"type":"insecureAcceptAnything"}] - } - } - } - ''; - - environment.etc."cni/net.d/00-loopback.conf".text = '' - { - "cniVersion": "0.3.0", - "type": "loopback" - } - ''; - - environment.etc."cni/net.d/87-podman-bridge.conflist".text = '' - { - "cniVersion": "0.3.0", - "name": "podman", - "plugins": [ - { - "type": "bridge", - "bridge": "cni0", - "isGateway": true, - "ipMasq": true, - "ipam": { - "type": "host-local", - "subnet": "10.88.0.0/16", - "routes": [ - { "dst": "0.0.0.0/0" } - ] - } - }, - { - "type": "portmap", - "capabilities": { - "portMappings": true - } - } - ] - } - ''; - - environment.etc."containers/libpod.conf".text = '' - # libpod.conf is the default configuration file for all tools using libpod to - # manage containers - - # Default transport method for pulling and pushing for images - image_default_transport = "docker://" - - # Paths to search for the Conmon container manager binary - runtime_path = [ - "${pkgs.runc}/bin/runc" - ] - - - # Paths to look for the Conmon container manager binary - conmon_path = [ - "${pkgs.conmon}/bin/conmon" - ] - - - # Environment variables to pass into conmon - conmon_env_vars = [ - # "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - ] - - # CGroup Manager - valid values are "systemd" and "cgroupfs" - cgroup_manager = "systemd" - - # Container init binary - #init_path = "/usr/libexec/podman/catatonit" - - # Directory for persistent libpod files (database, etc) - # By default, this will be configured relative to where containers/storage - # stores containers - # Uncomment to change location from this default - #static_dir = "/var/lib/containers/storage/libpod" - - # Directory for temporary files. Must be tmpfs (wiped after reboot) - tmp_dir = "/var/run/libpod" - - # Maximum size of log files (in bytes) - # -1 is unlimited - max_log_size = -1 - - # Whether to use chroot instead of pivot_root in the runtime - no_pivot_root = false - - # Directory containing CNI plugin configuration files - cni_config_dir = "/etc/cni/net.d/" - - # Directories where the CNI plugin binaries may be located - cni_plugin_dir = [ - "${pkgs.cni-plugins}/bin" - ] - - - # Default CNI network for libpod. - # If multiple CNI network configs are present, libpod will use the network with - # the name given here for containers unless explicitly overridden. - # The default here is set to the name we set in the - # 87-podman-bridge.conflist included in the repository. - # Not setting this, or setting it to the empty string, will use normal CNI - # precedence rules for selecting between multiple networks. - cni_default_network = "podman" - - # Default libpod namespace - # If libpod is joined to a namespace, it will see only containers and pods - # that were created in the same namespace, and will create new containers and - # pods in that namespace. - # The default namespace is "", which corresponds to no namespace. When no - # namespace is set, all containers and pods are visible. - #namespace = "" - - # Default pause image name for pod pause containers - pause_image = "k8s.gcr.io/pause:3.1" - - # Default command to run the pause container - pause_command = "/pause" - - # Determines whether libpod will reserve ports on the host when they are - # forwarded to containers. When enabled, when ports are forwarded to containers, - # they are held open by conmon as long as the container is running, ensuring that - # they cannot be reused by other programs on the host. However, this can cause - # significant memory usage if a container has many ports forwarded to it. - # Disabling this can save memory. - #enable_port_reservation = true - - # Default libpod support for container labeling - # label=true - - # Paths to look for a valid OCI runtime (runc, runv, etc) - # FIXME: this doesn't seem to take effect - [runtimes] - runc = [ - "${pkgs.runc}/bin/runc" - ] - ''; -} diff --git a/nix/overlays/default.nix b/nix/overlays/default.nix deleted file mode 100644 index e412c8d..0000000 --- a/nix/overlays/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - overrides = import ./overrides.nix; - pkgs = import ./pkgs.nix; - posh = import ./posh.nix; -} diff --git a/nix/overlays/overrides.nix b/nix/overlays/overrides.nix deleted file mode 100644 index 884b40c..0000000 --- a/nix/overlays/overrides.nix +++ /dev/null @@ -1,34 +0,0 @@ -# This overlay is used for overriding upstream packages. -self: super: let - sources = import ../../nix/sources.nix; - - nixpkgs-master = import {inherit (super) config;}; - nixpkgs-unstable = - import {inherit (super) config;}; -in { - inherit nixpkgs-master; - inherit nixpkgs-unstable; - - # alacritty = nixpkgs-master.alacritty; - alacritty = super.stdenv.mkDerivation { - name = "alacritty-custom"; - buildInputs = [super.makeWrapper]; - phases = "installPhase"; - installPhase = '' - makeWrapper ${super.alacritty}/bin/alacritty $out/bin/alacritty \ - --set-default WINIT_X11_SCALE_FACTOR 1.4 - ''; - }; - - qtile = super.qtile.overrideAttrs (oldAttrs: { - propagatedBuildInputs = - oldAttrs.passthru.unwrapped.propagatedBuildInputs - ++ (with self.python3Packages; [ - # python-wifi - # iwlib - keyring - ]); - }); - - # logseq = nixpkgs-staging-steveej.logseq; -} diff --git a/nix/overlays/pkgs.nix b/nix/overlays/pkgs.nix deleted file mode 100644 index 2459f2c..0000000 --- a/nix/overlays/pkgs.nix +++ /dev/null @@ -1,14 +0,0 @@ -# This overlay includes all packages defined by the top-level default.nix. -# The code is copied from the NUR repository [0]. -# -# [0]: https://github.com/nix-community/nur-packages-template/blob/2610a5b60bd926cea3e6395511da8f0d14c613b9/overlay.nix -self: super: let - isReserved = n: n == "lib" || n == "overlays" || n == "modules"; - nameValuePair = n: v: { - name = n; - value = v; - }; - nurAttrs = import ../pkgs {pkgs = super;}; -in - builtins.listToAttrs (map (n: nameValuePair n nurAttrs.${n}) - (builtins.filter (n: !isReserved n) (builtins.attrNames nurAttrs))) diff --git a/nix/overlays/posh.nix b/nix/overlays/posh.nix deleted file mode 100644 index e7ce1b6..0000000 --- a/nix/overlays/posh.nix +++ /dev/null @@ -1,16 +0,0 @@ -self: super: let - nixpkgs-master = import {}; - - inherit (nixpkgs-master) crun; - crun_10_6_0 = crun.overrideAttrs (oldAttrs: rec { - version = "0.10.6"; - src = super.fetchgit { - inherit (crun.src) url; - rev = version; - sha256 = "0v1hrlpnln0c976fb0k2ig4jv11qbyzf95z0wy92fd8r8in16rc1"; - }; - }); -in { - inherit (nixpkgs-master) podman conmon slirp4netns; - posh = self.callPackage ../pkgs/posh.nix {}; -} diff --git a/nix/pkgs/default.nix b/nix/pkgs/default.nix index 4a8dea3..6f114b2 100644 --- a/nix/pkgs/default.nix +++ b/nix/pkgs/default.nix @@ -1,49 +1,7 @@ -{pkgs}: let -in rec { - nixpkgs-master = import {}; - - busyboxStatic = pkgs.busybox.override { - enableStatic = true; - extraConfig = '' - CONFIG_STATIC y - CONFIG_INSTALL_APPLET_DONT y - CONFIG_INSTALL_APPLET_SYMLINKS n - ''; - }; - dropbearStatic = pkgs.dropbear.override {enableStatic = true;}; - +{pkgs}: { duplicacy = pkgs.callPackage ../pkgs/duplicacy {}; - mfcl3770cdw = pkgs.callPackage ../pkgs/mfcl3770cdw.nix {}; staruml = pkgs.callPackage ../pkgs/staruml.nix { inherit (pkgs.gnome2) GConf; libgcrypt = pkgs.libgcrypt_1_5; }; - - pythonPackages = myPython; - myPython = pkgs.python310.withPackages (ps: - with ps; - [ - pep8 - yapf - flake8 - # autopep8 (broken) - # pylint (broken) - ipython - llfuse - dugong - defusedxml - wheel - pip - virtualenv - cffi - pyopenssl - urllib3 - # mistune (insecure) - sympy - - flask - - pyaml - ] - ++ [pkgs.pypi2nix pkgs.libffi]); } diff --git a/nix/variables/versions.nix b/nix/variables/versions.nix index dfd0677..535d7d3 100644 --- a/nix/variables/versions.nix +++ b/nix/variables/versions.nix @@ -2,7 +2,8 @@ let nixpkgs = { url = "https://github.com/NixOS/nixpkgs/"; ref = "nixos-22.11"; - rev = "dac57a4eccf1442e8bf4030df6fcbb55883cb682"; + rev = '' + 5b7cd5c39befee629be284970415b6eb3b0ff000''; }; in { inherit nixpkgs; @@ -11,16 +12,19 @@ in { "channels-nixos-unstable" = { url = "https://github.com/NixOS/nixpkgs/"; ref = "nixos-unstable"; - rev = "1eb875e811dd59e21e77f6337f2c1592889b48b3"; + rev = '' + 4bb072f0a8b267613c127684e099a70e1f6ff106''; }; "nixpkgs-master" = { url = "https://github.com/NixOS/nixpkgs/"; ref = "master"; - rev = "590321a5defbbabe96f8def70013d5b45406dee4"; + rev = '' + a8636efe2df64047cd58898010a72f73efd56722''; }; "home-manager-module" = { url = "https://github.com/nix-community/home-manager"; ref = "release-22.11"; - rev = "89a8ba0b5b43b3350ff2e3ef37b66736b2ef8706"; + rev = '' + 83110c259889230b324bb2d35bef78bf5f214a1f''; }; } diff --git a/shell.nix b/shell.nix deleted file mode 100644 index 0ec42a9..0000000 --- a/shell.nix +++ /dev/null @@ -1,58 +0,0 @@ -{...}: let - pkgsPath = (import ./nix/sources.nix).nixpkgs; - pkgs = - import pkgsPath {overlays = builtins.attrValues (import ./nix/overlays);}; -in - pkgs.stdenv.mkDerivation { - name = "infra-env"; - buildInputs = - [ - (with import (pkgsPath + "/nixos") {configuration = {};}; - with config.system.build; [ - nixos-generate-config - nixos-install - nixos-enter - manual.manpages - ]) - ] - ++ (with pkgs; [ - just - git-crypt - vcsh - gnupg - git - nixUnstable - niv - nixos-install-tools - apacheHttpd - - vncdo - tesseract - imagemagick - - esh - - xorg.xwininfo - nmap - sysstat - lshw - xxHash - linssid - wavemon - wirelesstools - lm_sensors - - zathura - - ripgrep - glxinfo - nixfmt - - ntfy - - playerctl - ]); - - # Set Environment Variables - RUST_BACKTRACE = 1; - } -- 2.49.0