steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

feat: flakify, gnome3 #80

Merged
steveej merged 1 commit from wip_refactor_flakify_gnome3 into master 2023-04-24 16:32:23 +00:00
Conversation 3 Commits 1 Files changed 79 +1797 -1578
79 changed files with 1797 additions and 1578 deletions
Download patch file Download diff file Expand all files Collapse all files

8
.envrc
View file

@ -1,7 +1 @@
# if ! has nix_direnv_version || ! nix_direnv_version 1.5.1; then use_flake . --impure
# source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/1.5.1/direnvrc" "sha256-p4CDMJjuBmEh9pkn2aoJrZqr0DlPZHPU7eXOSDzzcuo="
# fi
# use_flake . --impure
use nix

1
.gitignore vendored
View file

@ -3,3 +3,4 @@
.*.log .*.log
.env .env
**/result **/result
.direnv/

5
.vscode/settings.json vendored
View file

@ -1,3 +1,6 @@
{ {
"nixEnvSelector.nixFile": "${workspaceRoot}/shell.nix" "nixEnvSelector.nixFile": "${workspaceRoot}/shell.nix",
"[nix]": {
"editor.defaultFormatter": "kamadorueda.alejandra"
},
} }

31
README.md
View file

@ -29,14 +29,41 @@ In the unlikely case that you actually read this and have any questions please d
- [x] annotate recipes with some documentation - [x] annotate recipes with some documentation
- [x] declare shell.nix with runtime deps - [x] declare shell.nix with runtime deps
- [x] partition/encrypt/format disks - [x] partition/encrypt/format disks
- [ ] Document bootstrap process - [x] Maybe make this a nix-overlay
- [x] refactor as a nix flake and adopt an existing framework
- [x] devShell version
- [x] ~~version templating~~ obsolete due to the usage of flakes
- [x] elias-e525
- [x] steveej-t14
- [x] contabo vps
- [x] sj-pve0
- [ ] use an existing secret management framework
- [ ] adapt (or abandon?) _just_ recipes
- [ ] `rebuild-this-device`
- [ ] `update-this-device`
- [ ] `rebuild-remote-device`
- [ ] `update-remote-device`
evaluate, and understand a path to using these tools in a pull-based fashion:
- [x] [colmena](https://github.com/zhaofengli/colmena)
* bootstrapping: https://github.com/zhaofengli/colmena/issues/68
- [ ] deploy-rs
- [ ] 🚧 find a better alternative for the qtile-desktop
current issues:
- floating windows often get lost in the background
- plugging in-/out- screen crashes the desktop
evaluate:
- [ ] 🚧 gnome3 + pop-shell
- [ ] leftwm + eww (+ wayland?)
- [ ] (Re-)document bootstrap process
- [ ] `apt install sudo cryptsetup` as a requirements on a deb admin machine - [ ] `apt install sudo cryptsetup` as a requirements on a deb admin machine
- [ ] a new machine - [ ] a new machine
- [ ] an install media - [ ] an install media
- [ ] Design disaster recovery - [ ] Design disaster recovery
- [ ] Automatic synchronization of other state files - see https://gitlab.com/steveeJ/nix-expressions/issues/2 - [ ] Automatic synchronization of other state files - see https://gitlab.com/steveeJ/nix-expressions/issues/2
- [ ] Recycle *\_archived* - [ ] Recycle *\_archived*
- [x] Maybe make this a nix-overlay
- [ ] container migrations - [ ] container migrations
- [ ] ensure DDNS is updated _before_ the containers are started - [ ] ensure DDNS is updated _before_ the containers are started

10
_archive/nixos-configuration/common/pkg/neovim.nix
View file

@ -1,10 +0,0 @@
{
config,
pkgs,
...
} @ args: {
environment.systemPackages = [
pkgs.xsel
(import ../../../pkg-configuration/vim-derivates/neovim.nix args)
];
}

7
_archive/nixos-configuration/common/pkg/vim.nix
View file

@ -1,7 +0,0 @@
{pkgs, ...} @ args: {
environment.systemPackages = [
pkgs.xsel
(import ../../../pkg-configuration/vim-derivates/vim.nix
(args // {name = "vim";}))
];
}

20
_archive/nixos-configuration/common/user/steveej.nix
View file

@ -1,20 +0,0 @@
{
config,
pkgs,
...
}: let
passwords = import ../passwords.crypt.nix;
keys = import ../keys.nix;
inherit (import ../lib) mkUser;
in {
users.mutableUsers = false;
users.defaultUserShell = pkgs.zsh;
users.extraUsers.steveej = mkUser {
uid = 1000;
hashedPassword = passwords.users.steveej;
};
security.pam.enableU2F = true;
security.pam.services.steveej.u2fAuth = true;
}

1
default.nix
View file

@ -5,6 +5,5 @@
# commands such as: # commands such as:
# nix-build -A mypackage # nix-build -A mypackage
{pkgs ? import <nixpkgs> {}}: { {pkgs ? import <nixpkgs> {}}: {
overlays = import ./nix/overlays;
pkgs = import ./nix/pkgs {inherit pkgs;}; pkgs = import ./nix/pkgs {inherit pkgs;};
} }

27
flake-sandbox/flake.lock generated Normal file
View file

@ -0,0 +1,27 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1681091990,
"narHash": "sha256-ifIzhksUBZKp5WgCuoVhDY32qaEplXp7khzrB6zkaFc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ea96b4af6148114421fda90df33cf236ff5ecf1d",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

142
flake-sandbox/flake.nix Normal file
View file

@ -0,0 +1,142 @@
{
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11";
};
outputs = {
self,
nixpkgs,
}: let
system = "x86_64-linux";
pkgs = import nixpkgs {inherit system;};
in {
devShells."${system}".default = pkgs.mkShell {
packages = with pkgs;
with pkgs.gnome; [
hexchat
audacity
proot
yubikey-manager-qt
cheese
remmina
exiv2
wireshark-qt
seahorse
kotatogram-desktop
usbutils
networkmanagerapplet
sshfs-fuse
pavucontrol
libwebcam
just
eog
git-crypt
espanso
unetbootin
vcsh
skypeforlinux
du-dust
bind
teamviewer
gparted
neovim
inkscape
rustdesk
gnome-themes-extra
pass
xdg-user-dirs
cbatticon
yubikey-personalization-gui
zoom
signal-desktop
xorg.xbacklight
vscode
ripgrep
lightdm
nixpkgs-fmt
git-lfs
qtpass
gimp
lxappearance
flameshot
thunderbird
fprintd
chromium
evtest
alejandra
vlc
pastebinit
evolution
zbar
libreoffice
brave
pidgin
direnv
xorg.xhost
lorri
firefox
logseq
x11_ssh_askpass
xsel
feh
htop
openvpn
syncthing
ncdu
rofi-pass
testdisk
vanilla-dmz
wireguard-tools
xarchive
gnome-icon-theme
wget
nix-index
mr
passff-host
browserpass
xorg.xcursorthemes
gitRepo
gitSVN
androidenv.androidPkgs_9_0.platform-tools
# introduces python
(qtile.passthru.unwrapped.overrideAttrs (oldAttrs: {
propagatedBuildInputs =
[]
# ++ oldAttrs.passthru.unwrapped.propagatedBuildInputs
# ++ (with pkgs.python3Packages; [
# # python-wifi
# # iwlib
# keyring
# ])
;
makeWrapperArgs =
oldAttrs.makeWrapperArgs
++ [
"--prefix PATH : ${pkgs.lib.makeBinPath oldAttrs.propagatedBuildInputs}"
];
}))
# gi-docgen
# yelp-tools
# scons
# autorandr
# arandr
# meson
# mercurial
# unrar-wrapper
# orca
# radicale
# criu
# gnome-music
# gnome-browser-connector
# radicale
# hplip
# qtile
# gtk-doc
# asciidoc
# meson
];
};
};
}

146
flake.lock generated
View file

@ -1,12 +1,131 @@
{ {
"nodes": { "nodes": {
"colmena": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs",
"stable": "stable"
},
"locked": {
"lastModified": 1675730932,
"narHash": "sha256-XcmirehPIcZGS7PzkS3WvAYQ9GBlBvCxYToIOIV2PVE=",
"owner": "zhaofengli",
"repo": "colmena",
"rev": "e034c15825c439131e4489de5a82cf8e5398fa61",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"repo": "colmena",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1650374568,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1680392223,
"narHash": "sha256-n3g7QFr85lDODKt250rkZj2IFS3i4/8HBU2yKHO3tqw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "dcc36e45d054d7bb554c9cdab69093debd91a0b5",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"get-flake": {
"locked": {
"lastModified": 1673819588,
"narHash": "sha256-gRtwKAlu4htvS6dxyZnW3n+vMS1acqnMGVHqxUdETeY=",
"owner": "ursi",
"repo": "get-flake",
"rev": "e0917b6f564aa5acefb1484b5baf76da21746c3c",
"type": "github"
},
"original": {
"owner": "ursi",
"repo": "get-flake",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1679224734, "lastModified": 1674641431,
"narHash": "sha256-1Ab3xY7Wgo1h1TNwRt6fp2XjV+KUo+hP1Bolh0KiDJs=", "narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1680213900,
"narHash": "sha256-cIDr5WZIj3EkKyCgj/6j3HBH4Jj1W296z7HTcWj1aMA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e3652e0735fbec227f342712f180f4f21f0594f2",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1681696129,
"narHash": "sha256-Ba2y1lmsWmmAOAoTD5G9UnTS/UqV0ZFyzysgdfu7qag=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "eac7da7b519a5aefe92c33c90b4450a24ebe0ab3", "rev": "de66115c552acc4e0c0f92c5a5efb32e37dfa216",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -18,7 +137,26 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "colmena": "colmena",
"flake-parts": "flake-parts",
"get-flake": "get-flake",
"nixpkgs": "nixpkgs_2"
}
},
"stable": {
"locked": {
"lastModified": 1669735802,
"narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "731cc710aeebecbf45a258e977e8b68350549522",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
} }
} }
}, },

56
flake.nix
View file

@ -2,12 +2,60 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11";
flake-parts.url = "github:hercules-ci/flake-parts";
get-flake.url = "github:ursi/get-flake";
colmena.url = "github:zhaofengli/colmena";
# colmena.url = "/home/steveej/src/others/colmena";
}; };
outputs = { outputs = inputs @ {
nixpkgs,
self, self,
}: { flake-parts,
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra; nixpkgs,
...
}: let
inherit (nixpkgs) lib;
systems = [
"x86_64-linux"
"aarch64-linux"
];
in
flake-parts.lib.mkFlake {inherit inputs;} {
flake.colmena =
lib.lists.foldl (sum: cur: lib.attrsets.recursiveUpdate sum cur)
{
meta.nixpkgs = import inputs.nixpkgs.outPath {
system = builtins.elemAt systems 0;
};
}
(builtins.map (nodeName:
import ./nix/os/devices/${nodeName} {
repoFlake = self;
}) [
"steveej-t14"
"elias-e525"
"vmd102066.contaboserver.net"
"sj-vps-htz0.infra.stefanjunker.de"
]);
inherit systems;
perSystem = {
inputs',
system,
config,
lib,
pkgs,
...
}: {
imports = [
./nix/modules/flake-parts/perSystem/default.nix
];
formatter = pkgs.alejandra;
devShells.default = import ./nix/devShells.nix {inherit inputs' pkgs;};
};
}; };
} }

58
nix/devShells.nix Normal file
View file

@ -0,0 +1,58 @@
{
inputs',
pkgs,
}:
pkgs.stdenv.mkDerivation {
name = "infra-env";
buildInputs =
[
(with pkgs.callPackage (pkgs.path + "/nixos") {configuration = {};};
with config.system.build; [
nixos-generate-config
nixos-install
nixos-enter
manual.manpages
])
]
++ (with pkgs; [
inputs'.colmena.packages.colmena
nixos-install-tools
dconf2nix
just
git-crypt
vcsh
gnupg
git
ripgrep
lm_sensors
apacheHttpd
vncdo
tesseract
imagemagick
nmap
sysstat
lshw
xxHash
linssid
wavemon
wirelesstools
zathura
xorg.xwininfo
glxinfo
autorandr
arandr
playerctl
x11docker
fwupd
ntfy
]);
# Set Environment Variables
RUST_BACKTRACE = 1;
}

165
nix/home-manager/configuration/graphical-fullblown.nix
View file

@ -1,52 +1,42 @@
{pkgs}: let
zshCurried = import ../programs/zsh.nix {inherit pkgs;};
in
{ {
inputs,
pkgs, pkgs,
config, config,
# these come in via home-manager.extraSpecialArgs and are specific to each node
nodeFlake,
packages',
... ...
}: let }: let
# gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; pkgsUnstable = pkgs.callPackage nodeFlake.inputs.nixpkgs-unstable.outPath {};
unstablepkgs = pkgsMaster = pkgs.callPackage nodeFlake.inputs.nixpkgs-master.outPath {};
import <channels-nixos-unstable-small> {config = config.nixpkgs.config;};
masterpkgs = import <nixpkgs-master> {config = config.nixpkgs.config;};
in { in {
imports = [ imports = [
../profiles/common.nix ../profiles/common.nix
../profiles/qtile-desktop.nix
../profiles/dotfiles.nix ../profiles/dotfiles.nix
../programs/firefox.nix
../programs/chromium.nix
# FIXME: fix homeshick when no WAN connection is available # FIXME: fix homeshick when no WAN connection is available
# ../programs/homeshick.nix # ../programs/homeshick.nix
../programs/redshift.nix
../programs/espanso.nix
../programs/gnome-desktop.nix
../programs/gpg-agent.nix
../programs/radicale.nix
../programs/firefox.nix
../programs/chromium.nix
../programs/libreoffice.nix ../programs/libreoffice.nix
../programs/neovim.nix ../programs/neovim.nix
../programs/pass.nix ../programs/pass.nix
zshCurried
../programs/podman.nix
../programs/vscode ../programs/vscode
../programs/holochain-launcher.nix ../programs/holochain-launcher.nix
../programs/radicale.nix
]; ];
nixpkgs.config = { home.sessionVariables.HM_CONFIG = "graphical-fullblown";
pidgin = { home.sessionVariables.GOPATH = "$HOME/src/go";
openssl = true; home.sessionVariables.PATH = pkgs.lib.concatStringsSep ":" ["$HOME/.local/bin" "$PATH"];
gnutls = true;
};
packageOverrides = pkgs: with pkgs; {};
};
home.sessionVariables = {
# TODO: find a way to prevent using a store path for the current file
# HM_CONFIG_PATH=builtins.toString "${./.}";
HM_CONFIG = "graphical-fullblown";
GOPATH = "$HOME/src/go";
PATH = pkgs.lib.concatStringsSep ":" ["$HOME/.local/bin" "$PATH"];
};
home.packages = home.packages =
[] []
@ -60,19 +50,19 @@ in
# Nix package related tools # Nix package related tools
patchelf patchelf
nix-index nix-index
nox
nix-prefetch-scripts nix-prefetch-scripts
nix-prefetch-github # nix-prefetch-github
# Version Control Systems # Version Control Systems
gitFull
pijul pijul
gitless # gitless
gitRepo gitRepo
git-lfs git-lfs
# Process/System Administration # Process/System Administration
htop htop
gnome.gnome-tweaks # gnome.gnome-tweaks
xorg.xhost xorg.xhost
dmidecode dmidecode
evtest evtest
@ -88,12 +78,12 @@ in
# Password Management # Password Management
gnupg gnupg
yubikey-manager # yubikey-manager
yubikey-manager-qt yubikey-manager-qt
yubikey-personalization yubikey-personalization
yubikey-personalization-gui yubikey-personalization-gui
gnome.gnome-keyring gnome.gnome-keyring
gnome.seahorse # gnome.seahorse
# Language Support # Language Support
hunspellDicts.en-us hunspellDicts.en-us
@ -106,31 +96,17 @@ in
aspellDicts.en aspellDicts.en
aspellDicts.de aspellDicts.de
skypeforlinux skypeforlinux
unstablepkgs.jitsi-meet-electron pkgsUnstable.jitsi-meet-electron
thunderbird thunderbird
evolution # gnome4.glib_networking evolution # gnome4.glib_networking
kotatogram-desktop kotatogram-desktop
zoom-us zoom-us
thunderbird thunderbird
evolution # gnome4.glib_networking
gnome.cheese gnome.cheese
masterpkgs.discord pkgsMaster.discord
# Virtualization # Virtualization
virtmanager # virtmanager
# (pkgs.lib.hiPrio qemu)
# virtualbox
# vagrant
# docker_compose
# unstablepkgs.kubernetes
# unstablepkgs.minikube
# unstablepkgs.openshift
# (unstablepkgs.minikube.overrideAttrs (oldAttrs: {
# patches = oldAttrs.patches ++ [
# (builtins.fetchurl { url ="https://patch-diff.githubusercontent.com/raw/kubernetes/minikube/pull/2517.diff"; })
# ];
# }))
appimage-run
# Remote Control Tools # Remote Control Tools
remmina remmina
@ -143,7 +119,7 @@ in
vlc vlc
audacity audacity
spotify spotify
youtube-dl-light # youtube-dl-light
libwebcam libwebcam
# Network Tools # Network Tools
@ -163,7 +139,6 @@ in
wireguard-tools wireguard-tools
# Code Editors # Code Editors
# unstablepkgs.atom
xclip xclip
xsel xsel
@ -174,13 +149,11 @@ in
exiv2 exiv2
graphviz graphviz
inkscape inkscape
# barcode
qrencode qrencode
zbar zbar
feh feh
# digikam
# Modelling Tools # TODO: remove or move these: Modelling Tools
# plantuml # plantuml
# umlet # umlet
# staruml # staruml
@ -190,58 +163,14 @@ in
# Misc Development Tools # Misc Development Tools
qrcode qrcode
# travis
jq jq
# prometheus
cdrtools cdrtools
# Document Processing and Management # Document Processing and Management
# zathura
mendeley mendeley
# zotero (pkgsUnstable.logseq.override (_: {electron = pkgs.electron_20;}))
pandoc
unstablepkgs.logseq
# has an EOL version of electron
# obsidian
# LaTeX
perlPackages.YAMLTiny
perlPackages.FileHomeDir
perlPackages.UnicodeLineBreak
(texlive.combine {
inherit
(texlive)
scheme-small
texlive-de
texlive-en
texlive-scripts
collection-langgerman
latexindent
latexmk
algorithms
cm-super
preprint
enumitem
draftwatermark
everypage
ulem
placeins
minted
ifplatform
fvextra
xstring
framed
;
})
pdftk
# broken as of 2021-04-24
# masterpdfeditor
# File Synchronzation # File Synchronzation
# seafile-client
# grive2
dropbox dropbox
rsync rsync
@ -249,12 +178,10 @@ in
ntfs3g ntfs3g
ddrescue ddrescue
ncdu ncdu
woeusb
unetbootin unetbootin
pcmanfm
hdparm hdparm
testdisk testdisk
binwalk # binwalk
gptfdisk gptfdisk
gparted gparted
smartmontools smartmontools
@ -263,23 +190,14 @@ in
androidenv.androidPkgs_9_0.platform-tools androidenv.androidPkgs_9_0.platform-tools
## Python ## Python
myPython packages'.myPython
# Code generators
# unstablepkgs.swagger-codegen
# Misc Desktop Tools # Misc Desktop Tools
# TODO: this may be required if brightness control isn't working
# brightnessctl
ltunify ltunify
# solaar # TODO: conflicts with solar over udev rules # dex
dex
# kitty
busyboxStatic
xorg.xbacklight xorg.xbacklight
coreutils coreutils
lsof lsof
x11_ssh_askpass
xdotool xdotool
xdg_utils xdg_utils
xdg-user-dirs xdg-user-dirs
@ -287,7 +205,7 @@ in
picocom picocom
glib.dev # contains gdbus tool glib.dev # contains gdbus tool
alacritty alacritty
unstablepkgs.wally-cli wally-cli
man-pages man-pages
# Screen recording # Screen recording
@ -297,11 +215,14 @@ in
# shutter # shutter
# kazam # doesn't start # kazam # doesn't start
# xvidcap # doesn't keep the recording rectangle # xvidcap # doesn't keep the recording rectangle
obs-studio # obs-studio
screenkey
# shotcut # shotcut
# openshot-qt # openshot-qt
# introduces python: screenkey
unstablepkgs.ledger-live-desktop pkgsUnstable.ledger-live-desktop
]); ]);
systemd.user.startServices = true;
services.syncthing.enable = true;
} }

113
nix/home-manager/configuration/graphical-gnome3.nix
View file

@ -1,124 +1,13 @@
{pkgs}: let
zshCurried = import ../programs/zsh.nix {inherit pkgs;};
in
{ {
pkgs, pkgs,
config, config,
... ...
}: let }: {
unstablepkgs =
import <channels-nixos-unstable> {config = config.nixpkgs.config;};
in {
imports = [
../profiles/common.nix
../programs/firefox.nix
# ../programs/chromium.nix
# FIXME: fix homeshick when no WAN connection is available
# ../programs/homeshick.nix
../programs/libreoffice.nix
../programs/neovim.nix
../programs/pass.nix
zshCurried
];
nixpkgs.config = {
pidgin = {
openssl = true;
gnutls = true;
};
packageOverrides = pkgs: with pkgs; {};
};
home.sessionVariables = {};
home.packages = home.packages =
[] []
++ (with pkgs; [ ++ (with pkgs; [
# Nix package related tools
patchelf
nix-index
nix-prefetch-scripts
# Version Control Systems
gitless
# Process/System Administration
htop
gnome.gnome-tweaks gnome.gnome-tweaks
xorg.xhost
dmidecode
evtest
# Archive Managers
sshfs-fuse
xarchive
p7zip
zip
unzip
gzip
lzop
# Password Management
gnome.gnome-keyring gnome.gnome-keyring
gnome.seahorse gnome.seahorse
# Remote Control Tools
remmina
freerdp
# Network Tools
openvpn
tcpdump
iftop
iperf
bind
socat
# samba
iptables
nftables
wireshark
# Code Editors
xclip
xsel
unstablepkgs.vscode
# Image/Graphic/Design Tools
gnome.eog
gimp
inkscape
# Misc Development Tools
qrcode
jq
cdrtools
# Document Processing and Management
zathura
# File Synchronzation
rsync
# Filesystem Tools
ntfs3g
ddrescue
ncdu
unstablepkgs.woeusb
unetbootin
pcmanfm
hdparm
testdisk
python38Packages.binwalk
gptfdisk
## Python
myPython
busyboxStatic
# Virtualization
virtmanager
]); ]);
} }

28
nix/home-manager/configuration/graphical-removable.nix
View file

@ -1,14 +1,8 @@
{pkgs}: let
zshCurried = import ../programs/zsh.nix {inherit pkgs;};
in
{ {
pkgs, pkgs,
config, config,
... ...
}: let }: {
unstablepkgs =
import <channels-nixos-unstable> {config = config.nixpkgs.config;};
in {
imports = [ imports = [
../profiles/common.nix ../profiles/common.nix
../profiles/qtile-desktop.nix ../profiles/qtile-desktop.nix
@ -20,20 +14,8 @@ in
../programs/libreoffice.nix ../programs/libreoffice.nix
../programs/neovim.nix ../programs/neovim.nix
../programs/pass.nix ../programs/pass.nix
zshCurried
]; ];
nixpkgs.config = {
pidgin = {
openssl = true;
gnutls = true;
};
packageOverrides = pkgs: with pkgs; {};
};
home.sessionVariables = {};
home.packages = home.packages =
[] []
++ (with pkgs; [ ++ (with pkgs; [
@ -85,7 +67,6 @@ in
# Code Editors # Code Editors
xclip xclip
xsel xsel
unstablepkgs.vscode
# Image/Graphic/Design Tools # Image/Graphic/Design Tools
gnome.eog gnome.eog
@ -107,7 +88,7 @@ in
ntfs3g ntfs3g
ddrescue ddrescue
ncdu ncdu
unstablepkgs.woeusb woeusb
unetbootin unetbootin
pcmanfm pcmanfm
hdparm hdparm
@ -115,10 +96,7 @@ in
binwalk binwalk
gptfdisk gptfdisk
## Python packages'.myPython
myPython
busyboxStatic
# Virtualization # Virtualization
virtmanager virtmanager

27
nix/home-manager/configuration/text-minimal.nix
View file

@ -1,27 +1,12 @@
{ {pkgs, ...}: {
pkgs,
extraPackages ? [],
}: let
zshCurried = import ../programs/zsh.nix {inherit pkgs;};
in
{
pkgs,
config,
...
}: let
in {
imports = [ imports = [
../profiles/common.nix ../profiles/common.nix
# ../profiles/nix-channels.nix
../programs/neovim.nix ../programs/neovim.nix
zshCurried
]; ];
nixpkgs.config = {packageOverrides = pkgs: with pkgs; {};}; home.packages = with pkgs; [
iperf3
home.sessionVariables = {}; inetutils
speedtest-cli
home.packages = ];
extraPackages
++ (with pkgs; [iperf3 inetutils speedtest-cli]);
} }

45
nix/home-manager/profiles/common.nix
View file

@ -1,10 +1,11 @@
{pkgs, ...}: let {pkgs, ...}: {
in { # TODO: re-enable this with the appropriate version?
# TODO: re-enable this with the appropriate version
# programs.home-manager.enable = true; # programs.home-manager.enable = true;
# programs.home-manager.path = https://github.com/rycee/home-manager/archive/445c0b1482c38172a9f8294ee16a7ca7462388e5.tar.gz; # programs.home-manager.path = https://github.com/rycee/home-manager/archive/445c0b1482c38172a9f8294ee16a7ca7462388e5.tar.gz;
nixpkgs.overlays = builtins.attrValues (import ../../overlays); imports = [
../programs/zsh.nix
];
nixpkgs.config = { nixpkgs.config = {
allowBroken = false; allowBroken = false;
@ -25,14 +26,14 @@ in {
]; ];
}; };
xdg.enable = true;
programs.direnv.enable = true; programs.direnv.enable = true;
services.lorri.enable = true; services.lorri.enable = true;
home.sessionVariables = { home.sessionVariables.NIXPKGS_ALLOW_UNFREE = "1";
NIXPKGS_ALLOW_UNFREE = "1";
# Don't create .pyc files. # Don't create .pyc files.
PYTHONDONTWRITEBYTECODE = "1"; home.sessionVariables.PYTHONDONTWRITEBYTECODE = "1";
};
programs.command-not-found.enable = true; programs.command-not-found.enable = true;
programs.fzf.enable = true; programs.fzf.enable = true;
@ -40,10 +41,9 @@ in {
home.packages = home.packages =
[] []
++ (with pkgs; [ ++ (with pkgs; [
# git helpers htop
git-crypt
vcsh vcsh
# Authentication # Authentication
cacert cacert
openssl openssl
@ -52,6 +52,29 @@ in {
just just
ripgrep ripgrep
du-dust du-dust
elfutils
exfat
file
tree
pwgen
proot
parted
pv
tmux
wget
curl
# git helpers
git-crypt
gitFull
pastebinit
gist
mr
usbutils
pciutils
]); ]);
home.stateVersion = "22.05"; home.stateVersion = "22.05";

103
nix/home-manager/profiles/qtile-desktop.nix
View file

@ -1,6 +1,8 @@
{pkgs, ...}: let {
passwords = import ../../variables/passwords.crypt.nix; pkgs,
config,
...
}: let
inherit (import ../lib.nix {}) mkSimpleTrayService; inherit (import ../lib.nix {}) mkSimpleTrayService;
audio = pkgs.writeShellScript "audio" '' audio = pkgs.writeShellScript "audio" ''
@ -250,13 +252,6 @@
print("new window: ", window) print("new window: ", window)
''; '';
in { in {
systemd.user = {
startServices = true;
services = {};
};
# systemd.user.sockets.gpg-agent.Socket.Accept = true;
services = { services = {
gnome-keyring.enable = true; gnome-keyring.enable = true;
blueman-applet.enable = true; blueman-applet.enable = true;
@ -266,93 +261,9 @@ in {
lockCmd = "${screenLockCommand}"; lockCmd = "${screenLockCommand}";
}; };
network-manager-applet.enable = true; network-manager-applet.enable = true;
syncthing.enable = true;
gpg-agent = {
enable = true;
enableScDaemon = true;
enableSshSupport = true;
grabKeyboardAndMouse = true;
pinentryFlavor = "gtk2";
extraConfig = "";
defaultCacheTtl = 0;
maxCacheTtl = 0;
};
flameshot.enable = true; flameshot.enable = true;
pasystray.enable = true; pasystray.enable = true;
cbatticon.enable = true; cbatticon.enable = true;
redshift = {
enable = true;
inherit (passwords.location.stefan) longitude latitude;
temperature = {
day = 6700;
night = 3700;
};
tray = true;
settings = {
redshift = {
brightness-day = 1.0;
brightness-night = 0.8;
adjustment-method = "randr";
};
};
};
espanso = {
enable = true;
settings = {
matches = let
playerctl = ''
${pkgs.coreutils}/bin/env DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(${pkgs.coreutils}/bin/id -u)/bus" ${pkgs.playerctl}/bin/playerctl'';
in [
{
trigger = ":vpos";
replace = "{{output}}";
vars = [
{
name = "output";
type = "script";
params = {
args = [
(pkgs.writeScript "espanso" ''
#! ${pkgs.python3}/bin/python
import subprocess, os, math, datetime
id=str(os.getuid())
result=subprocess.run(args=["${pkgs.playerctl}/bin/playerctl", "position"], env={"DBUS_SESSION_BUS_ADDRESS": "unix:path=/run/user/"+id+"/bus"},capture_output=True)
result.check_returncode()
position_secs = math.trunc(float(result.stdout))
position_human = datetime.timedelta(seconds=position_secs)
print("%s - %s" % (position_human, position_secs))
'')
];
};
}
];
}
{
trigger = ":vtit";
replace = "{{output}}";
vars = [
{
name = "output";
type = "script";
params = {
args = [
(pkgs.writeShellScript "espanso"
"${playerctl} metadata title")
];
};
}
];
}
{
trigger = ":dunno";
replace = "¯\\_()_/¯";
}
];
};
};
}; };
home.pointerCursor = { home.pointerCursor = {
@ -364,7 +275,7 @@ in {
}; };
xsession = { xsession = {
enable = true; enable = false;
windowManager.command = "${pkgs.qtile}/bin/qtile start -c ${qtileConfig}"; windowManager.command = "${pkgs.qtile}/bin/qtile start -c ${qtileConfig}";
initExtra = "${initScreen}"; initExtra = "${initScreen}";
}; };
@ -373,8 +284,6 @@ in {
# X Tools/Libraries # X Tools/Libraries
lightdm lightdm
networkmanagerapplet networkmanagerapplet
autorandr
arandr
gnome-icon-theme gnome-icon-theme
gnome.gnome-themes-extra gnome.gnome-themes-extra
gnome.adwaita-icon-theme gnome.adwaita-icon-theme

54
nix/home-manager/programs/chromium.nix
View file

@ -1,14 +1,50 @@
{...}: { {
programs.chromium = {enable = true;}; name,
lib,
...
}: {
programs.chromium = {
enable = true;
extensions =
[
#undetectable adblocker
{id = "gcfcpohokifjldeandkfjoboemihipmb";}
# ublock origin
{id = "cjpalhdlnbpafiamejdnhcphjbkeiagm";}
# # YT ad block
# {id = "cmedhionkhpnakcndndgjdbohmhepckk";}
# # Adblock Plus
# {id = "cfhdojbkjhnklbpkdaibdccddilifddb";}
# Cookie Notice Blocker
{id = "odhmfmnoejhihkmfebnolljiibpnednn";}
# i don't care about cookies
{id = "fihnjjcciajhdojfnbdddfaoknhalnja";}
# NopeCHA
{id = "dknlfmjaanfblgfdfebhijalfmhmjjjo";}
# h264ify
{id = "aleakchihdccplidncghkekgioiakgal";}
# clippy
# {id = "honbeilkanbghjimjoniipnnehlmhggk"}
{
id = "dcpihecpambacapedldabdbpakmachpb";
updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml";
}
]
++ (lib.lists.optionals ((builtins.match "^steveej.*" name) != null) [
# Vimium C
{id = "hfjbmagddngcpeloejdejnfgbamkjaeg";}
]);
};
programs.brave = {enable = true;}; programs.brave = {enable = true;};
nixpkgs.config = {
chromium = {
# 2019-03-05: missing on 19.03 enablePepperPDF = true;
# 2021-03-16: missing enablePepperFlash = false;
};
};
programs.browserpass = {browsers = ["chromium" "brave"];}; programs.browserpass = {browsers = ["chromium" "brave"];};
} }

22
nix/home-manager/programs/emacs.nix
View file

@ -1,22 +0,0 @@
{pkgs, ...}: {
programs.emacs = {
enable = true;
extraPackages = epkgs:
(with epkgs; [
nix-mode
magit # ; Integrate git <C-x g>
zerodark-theme # ; Nicolas' theme
undo-tree # ; <C-x u> to show the undo tree
# zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+>
])
++ (with epkgs.melpaPackages; [evil])
++ (with epkgs.elpaPackages; [
auctex # ; LaTeX mode
beacon # ; highlight my cursor when scrolling
nameless # ; hide current package name everywhere in elisp code
])
++ (with pkgs; [
pkgs.notmuch # From main packages set
]);
};
}

64
nix/home-manager/programs/espanso.nix Normal file
View file

@ -0,0 +1,64 @@
{
pkgs,
config,
...
}: let
passwords = import ../../variables/passwords.crypt.nix;
in {
services.espanso = {
enable = true;
settings = {
matches = let
playerctl = ''
${pkgs.coreutils}/bin/env DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(${pkgs.coreutils}/bin/id -u)/bus" ${pkgs.playerctl}/bin/playerctl'';
in [
{
trigger = ":vpos";
replace = "{{output}}";
vars = [
{
name = "output";
type = "script";
params = {
args = [
(pkgs.writeScript "espanso" ''
#! ${pkgs.python3}/bin/python
import subprocess, os, math, datetime
id=str(os.getuid())
result=subprocess.run(args=["${pkgs.playerctl}/bin/playerctl", "position"], env={"DBUS_SESSION_BUS_ADDRESS": "unix:path=/run/user/"+id+"/bus"},capture_output=True)
result.check_returncode()
position_secs = math.trunc(float(result.stdout))
position_human = datetime.timedelta(seconds=position_secs)
print("%s - %s" % (position_human, position_secs))
'')
];
};
}
];
}
{
trigger = ":vtit";
replace = "{{output}}";
vars = [
{
name = "output";
type = "script";
params = {
args = [
(pkgs.writeShellScript "espanso"
"${playerctl} metadata title")
];
};
}
];
}
{
trigger = ":dunno";
replace = "¯\\_()_/¯";
}
];
};
};
}

112
nix/home-manager/programs/gnome-desktop.nix Normal file
View file

@ -0,0 +1,112 @@
{
pkgs,
config,
lib,
...
}: let
in {
services = {
gnome-keyring.enable = false;
blueman-applet.enable = true;
flameshot.enable = true;
};
# TODO: remove this comment once i'm sure everything works
# xdg.configFile."autostart/gnome-keyring-ssh.desktop".text = ''
# [Desktop Entry]
# Type=Application
# Hidden=true
# '';
services.gpg-agent.pinentryFlavor = "gnome3";
# workaround: usually created by 'home.xsession.enabled=true' and i don't use with gnome
systemd.user.targets.tray = {
Unit = {
Description = "Home Manager System Tray";
Requires = ["graphical-session-pre.target"];
};
};
home.packages = [
pkgs.wmctrl
];
home.sessionVariables.MOZ_ENABLE_WAYLAND = "1";
dconf.settings = let
manualKeybindings = [
{
binding = "Print";
command = "flameshot gui";
name = "flameshot";
}
{
binding = "<Super>t";
command = "alacritty";
name = "alacritty";
}
];
numWorkspaces = 10;
customKeybindingBaseName = "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom";
customKeybindingsNames =
builtins.genList (i: "/${customKeybindingBaseName}${toString i}/")
(
(builtins.length manualKeybindings)
+ numWorkspaces # for sending to the workspace
);
workspacesKeyBindingsOffset = builtins.length manualKeybindings;
# with this we can make use of all number keys [0-9]
mapToNumber = i:
if i < 10
then i
else if i == 10
then 0
else throw "i exceeds 10: ${i}";
in
{
"org/gnome/settings-daemon/plugins/media-keys" = {
custom-keybindings = customKeybindingsNames;
screenreader = "@as []";
screensaver = ["<Alt><Super>l"];
};
# disable the builtin <Super>[1-9] functionality
"org/gnome/shell/keybindings" = builtins.listToAttrs (builtins.genList
(i: {
name = "switch-to-application-${toString (i + 1)}";
value = [];
})
numWorkspaces);
# remap it to switching to the workspaces
"org/gnome/desktop/wm/keybindings" = builtins.listToAttrs (builtins.genList
(i: {
name = "switch-to-workspace-${toString (i + 1)}";
value = [
"<Super>${toString (mapToNumber (i + 1))}"
];
})
numWorkspaces);
}
// builtins.listToAttrs (builtins.genList
(i: {
name = "${customKeybindingBaseName}${toString i}";
value = builtins.elemAt manualKeybindings i;
})
(builtins.length manualKeybindings))
// builtins.listToAttrs (builtins.genList
(i: {
name = "${customKeybindingBaseName}${toString (workspacesKeyBindingsOffset + i)}";
value = {
binding = "<Control><Super>${toString (mapToNumber (i + 1))}";
command = "wmctrl -r :ACTIVE: -t ${toString i}";
name = "Send to workspace ${toString (i + 1)}";
};
})
numWorkspaces);
}

14
nix/home-manager/programs/gpg-agent.nix Normal file
View file

@ -0,0 +1,14 @@
{lib, ...}: {
programs.gpg.enable = true;
services.gpg-agent = {
enable = true;
enableScDaemon = true;
enableSshSupport = true;
grabKeyboardAndMouse = true;
pinentryFlavor = lib.mkDefault "gtk2";
extraConfig = "";
defaultCacheTtl = 0;
maxCacheTtl = 0;
};
}

2
nix/home-manager/programs/homeshick.nix
View file

@ -5,7 +5,7 @@
}: let }: let
# TODO: clean up the impurity in here # TODO: clean up the impurity in here
in { in {
home.sessionVariables = {HOMESHICK_DIR = "${pkgs.homeshick}";}; home.sessionVariables.HOMESHICK_DIR = "${pkgs.homeshick}";
home.activation.bootstrapRepos = config.lib.dag.entryAfter ["writeBoundary"] '' home.activation.bootstrapRepos = config.lib.dag.entryAfter ["writeBoundary"] ''
$DRY_RUN_CMD ${ $DRY_RUN_CMD ${

5
nix/home-manager/programs/libreoffice.nix
View file

@ -1,8 +1,3 @@
{pkgs, ...}: { {pkgs, ...}: {
home.sessionVariables = {
# Workaround for Libreoffice to force gtk3
SAL_USE_VCLPLUGIN = "gtk3";
};
home.packages = with pkgs; [libreoffice-fresh]; home.packages = with pkgs; [libreoffice-fresh];
} }

9
nix/home-manager/programs/neovim.nix
View file

@ -1,6 +1,11 @@
{pkgs, ...}: let {
pkgs,
lib,
...
}: let
in { in {
home.sessionVariables = {EDITOR = "nvim";}; # FIXME: this doesn't work
home.sessionVariables.EDITOR = "nvim";
programs.neovim = { programs.neovim = {
enable = true; enable = true;

10
nix/home-manager/programs/pass.nix
View file

@ -1,11 +1,9 @@
{pkgs, ...}: { {pkgs, ...}: {
home.sessionVariables = {
# required by pass-otp # required by pass-otp
PASSWORD_STORE_EXTENSIONS_DIR = "$HOME/.nix-profile/lib/password-store/extensions"; home.sessionVariables.PASSWORD_STORE_EXTENSIONS_DIR = "$HOME/.nix-profile/lib/password-store/extensions";
PASSWORD_STORE_ENABLE_EXTENSIONS = "true"; home.sessionVariables.PASSWORD_STORE_ENABLE_EXTENSIONS = "true";
};
programs.browserpass = {enable = true;}; programs.browserpass.enable = true;
home.packages = with pkgs; [pass qtpass rofi-pass gnupg]; home.packages = with pkgs; [pass rofi-pass gnupg];
} }

144
nix/home-manager/programs/podman.nix
View file

@ -1,144 +0,0 @@
{pkgs, ...}: let
cniConfigDir = let
loopback = pkgs.writeText "00-loopback.conf" ''
{
"cniVersion": "0.3.0",
"type": "loopback"
}
'';
podman-bridge = pkgs.writeText "87-podman-bridge.conflist" ''
{
"cniVersion": "0.3.0",
"name": "podman",
"plugins": [
{
"type": "bridge",
"bridge": "cni0",
"isGateway": true,
"ipMasq": true,
"ipam": {
"type": "host-local",
"subnet": "10.88.0.0/16",
"routes": [
{ "dst": "0.0.0.0/0" }
]
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
'';
in
pkgs.runCommand "cniConfig" {} ''
set -x
mkdir $out;
ln -s ${loopback} $out/${loopback.name}
ln -s ${podman-bridge} $out/${podman-bridge.name}
'';
containersConf = pkgs.writeText "containers.conf" ''
# containers.conf is the default configuration file for all tools using libpod to
# manage containers
[containers]
# Maximum size of log files (in bytes)
# -1 is unlimited
log_size_max = -1
[engine]
# Default transport method for pulling and pushing for images
image_default_transport = "docker://"
# Paths to search for the conmon container manager binary. If the paths are empty or no valid path was found, then the $PATH environment variable will be used as the fallback.
conmon_path = [
"${pkgs.conmon}/bin/conmon"
]
# --runtime ${pkgs.crun}/bin/crun \
runtime = "crun"
# Environment variables to pass into conmon
conmon_env_vars = [
]
# CGroup Manager - valid values are "systemd" and "cgroupfs"
cgroup_manager = "systemd"
# Whether to use chroot instead of pivot_root in the runtime
no_pivot_root = false
# Determines whether libpod will reserve ports on the host when they are
# forwarded to containers. When enabled, when ports are forwarded to containers,
# they are held open by conmon as long as the container is running, ensuring that
# they cannot be reused by other programs on the host. However, this can cause
# significant memory usage if a container has many ports forwarded to it.
# Disabling this can save memory.
enable_port_reservation = true
[network]
# Directory containing CNI plugin configuration files
network_config_dir = "${cniConfigDir}"
# Directories where the CNI plugin binaries may be located
cni_plugin_dirs = [
"${pkgs.cni-plugins}/bin"
]
# Default CNI network for libpod.
# If multiple CNI network configs are present, libpod will use the network with
# the name given here for containers unless explicitly overridden.
# The default here is set to the name we set in the
# 87-podman-bridge.conflist included in the repository.
# Not setting this, or setting it to the empty string, will use normal CNI
# precedence rules for selecting between multiple networks.
default_network = "podman"
'';
in {
home.packages = with pkgs; [podman];
home.file.".config/containers/containers.conf".source = containersConf;
home.file.".config/containers/registries.conf".text = ''
[registries.search]
registries = ['docker.io', 'quay.io', 'registry.fedoraproject.org']
[registries.insecure]
registries = []
#blocked (docker only)
[registries.block]
registries = []
'';
home.file.".config/containers/storage.conf".text = ''
[storage]
driver = "btrfs"
'';
home.file.".config/containers/policy.json".text = ''
{
"default": [
{
"type": "insecureAcceptAnything"
}
],
"transports":
{
"docker-daemon":
{
"": [{"type":"insecureAcceptAnything"}]
}
}
}
'';
}

24
nix/home-manager/programs/redshift.nix Normal file
View file

@ -0,0 +1,24 @@
{
pkgs,
config,
...
}: let
passwords = import ../../variables/passwords.crypt.nix;
in {
services.redshift = {
enable = true;
inherit (passwords.location.stefan) longitude latitude;
temperature = {
day = 6700;
night = 3000;
};
tray = true;
settings = {
redshift = {
brightness-day = 1.0;
brightness-night = 0.5;
adjustment-method = "randr";
};
};
};
}

1
nix/home-manager/programs/vscode/default.nix
View file

@ -463,6 +463,7 @@
in { in {
programs.vscode = { programs.vscode = {
enable = true; enable = true;
package = pkgs.vscodium;
extensions = extensions =
[] ++ packagedExtensions [] ++ packagedExtensions
# ++ marketPlaceExtensions # ++ marketPlaceExtensions

25
nix/home-manager/programs/zsh.nix
View file

@ -1,4 +1,9 @@
{pkgs}: {...}: let {
config,
lib,
pkgs,
...
}: let
just-plugin = let just-plugin = let
plugin_file = pkgs.writeText "_just" '' plugin_file = pkgs.writeText "_just" ''
#compdef just #compdef just
@ -31,6 +36,10 @@
''; '';
}; };
in { in {
home.file.".profile".text = ''
. "${config.home.profileDirectory}/etc/profile.d/hm-session-vars.sh"
'';
programs.zsh = { programs.zsh = {
enable = true; enable = true;
@ -65,17 +74,21 @@ in {
# don't cd into directories when executed # don't cd into directories when executed
unsetopt AUTO_CD unsetopt AUTO_CD
export NIX_PATH="${pkgs.nixPath}" export NIX_PATH="${pkgs.path}"
# print lines without termination # print lines without termination
setopt PROMPT_CR setopt PROMPT_CR
setopt PROMPT_SP setopt PROMPT_SP
export PROMPT_EOL_MARK="" export PROMPT_EOL_MARK=""
'';
sessionVariables = { ${lib.optionalString config.services.gpg-agent.enable ''
# Add more envrionment variables here export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh"
}; ''}
${lib.optionalString config.programs.neovim.enable ''
export EDITOR="nvim"
''}
'';
plugins = [ plugins = [
{ {

7
nix/modules/flake-parts/colmena.nix Normal file
View file

@ -0,0 +1,7 @@
{lib, ...}: {
options.flake.colmena = lib.mkOption {
# type = lib.types.attrsOf lib.types.unspecified;
type = lib.types.raw;
default = {};
};
}

38
nix/modules/flake-parts/perSystem/default.nix Normal file
View file

@ -0,0 +1,38 @@
{
inputs',
system,
config,
lib,
pkgs,
...
}: {
packages = {
myPython = pkgs.python310.withPackages (ps:
with ps;
[
pep8
yapf
flake8
# autopep8 (broken)
# pylint (broken)
ipython
llfuse
dugong
defusedxml
wheel
pip
virtualenv
cffi
pyopenssl
urllib3
# mistune (insecure)
sympy
flask
pyaml
requests
]
++ [pkgs.pypi2nix pkgs.libffi]);
};
}

29
nix/os/devices/elias-e525/default.nix Normal file
View file

@ -0,0 +1,29 @@
{repoFlake}: let
nodeName = "elias-e525";
system = "x86_64-linux";
nodeFlake = repoFlake.inputs.get-flake ./.;
in {
meta.nodeSpecialArgs.${nodeName} = {
inherit nodeName nodeFlake;
packages' = repoFlake.packages.${system};
};
meta.nodeNixpkgs.${nodeName} = import nodeFlake.inputs.nixpkgs.outPath {
inherit system;
};
# TODO: build a module with "meta" and "freeformtype" for all the others
${nodeName} = {
deployment.targetHost = nodeName;
deployment.replaceUnknownProfiles = false;
# deployment.allowLocalDeployment = true;
imports = [
(repoFlake + "/nix/os/devices/${nodeName}/configuration.nix")
nodeFlake.inputs.home-manager.nixosModules.home-manager
];
};
}

65
nix/os/devices/elias-e525/flake.lock generated Normal file
View file

@ -0,0 +1,65 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1681092193,
"narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-22.11",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1681696129,
"narHash": "sha256-Ba2y1lmsWmmAOAoTD5G9UnTS/UqV0ZFyzysgdfu7qag=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "de66115c552acc4e0c0f92c5a5efb32e37dfa216",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

10
nix/os/devices/elias-e525/flake.nix Normal file
View file

@ -0,0 +1,10 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11";
inputs.home-manager = {
url = "github:nix-community/home-manager/release-22.11";
inputs.nixpkgs.follows = "nixpkgs";
};
outputs = _: {};
}

32
nix/os/devices/elias-e525/pkg.nix
View file

@ -5,9 +5,13 @@
}: let }: let
homeEnv = keyboard: { homeEnv = keyboard: {
imports = [ imports = [
(import ../../../home-manager/configuration/graphical-gnome3.nix { ../../../home-manager/profiles/common.nix
inherit pkgs;
}) ../../../home-manager/configuration/graphical-gnome3.nix
../../../home-manager/programs/firefox.nix
../../../home-manager/programs/libreoffice.nix
../../../home-manager/programs/neovim.nix
]; ];
home.keyboard = keyboard; home.keyboard = keyboard;
@ -16,28 +20,17 @@
rhythmbox rhythmbox
lollypop lollypop
dia dia
rustdesk
kotatogram-desktop kotatogram-desktop
jitsi jitsi-meet-electron
signal-desktop
]; ];
}; };
in { in {
nixpkgs.config.packageOverrides = pkgs:
with pkgs; {
nixPath =
(import ../../../default.nix {
versionsPath = ./versions.nix;
})
.nixPath;
};
services.gnome = builtins.mapAttrs (attr: value: lib.mkForce value) { services.gnome = builtins.mapAttrs (attr: value: lib.mkForce value) {
games.enable = true;
gnome-remote-desktop.enable = true; gnome-remote-desktop.enable = true;
gnome-user-share.enable = true;
rygel.enable = true;
sushi.enable = true;
tracker.enable = true;
tracker-miners.enable = true;
}; };
home-manager.users.steveej = homeEnv { home-manager.users.steveej = homeEnv {
@ -58,6 +51,5 @@ in {
variant = ""; variant = "";
}; };
services.teamviewer.enable = true;
system.stateVersion = "21.11"; system.stateVersion = "21.11";
} }

5
nix/os/devices/elias-e525/system.nix
View file

@ -17,11 +17,6 @@ in {
networking.firewall.logRefusedConnections = false; networking.firewall.logRefusedConnections = false;
networking.usePredictableInterfaceNames = false; networking.usePredictableInterfaceNames = false;
services.printing = {
enable = true;
drivers = with pkgs; [mfcl3770cdw.driver mfcl3770cdw.cupswrapper];
};
services.fprintd.enable = true; services.fprintd.enable = true;
security.pam.services = { security.pam.services = {
login.fprintAuth = true; login.fprintAuth = true;

26
nix/os/devices/elias-e525/versions.nix
View file

@ -1,26 +0,0 @@
let
nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
};
in {
inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";};
"channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable";
rev = "5aaed40d22f0d9376330b6fa413223435ad6fee5";
};
"nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "master";
rev = "c4d1eff44eb12cb5500fb2ab05a1a7303711254e";
};
"home-manager-module" = {
url = "https://github.com/nix-community/home-manager";
ref = "release-21.11";
rev = "697cc8c68ed6a606296efbbe9614c32537078756";
};
}

34
nix/os/devices/elias-e525/versions.tmpl.nix
View file

@ -1,34 +0,0 @@
let
nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.11";
rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
};
in {
inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";};
"channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable";
rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
};
"nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "master";
rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
};
"home-manager-module" = {
url = "https://github.com/nix-community/home-manager";
ref = "release-21.11";
rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
};
}

0
nix/os/devices/167.233.1.14/README.md → nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/README.md
View file

0
nix/os/devices/167.233.1.14/boot.nix → nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/boot.nix
View file

0
nix/os/devices/167.233.1.14/configuration.nix → nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/configuration.nix
View file

26
nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/default.nix Normal file
View file

@ -0,0 +1,26 @@
{repoFlake}: let
nodeName = "sj-vps-htz0.infra.stefanjunker.de";
system = "x86_64-linux";
nodeFlake = repoFlake.inputs.get-flake ./.;
in {
meta.nodeSpecialArgs.${nodeName} = {
inherit nodeName nodeFlake;
packages' = repoFlake.packages.${system};
};
meta.nodeNixpkgs.${nodeName} = import nodeFlake.inputs.nixpkgs.outPath {
inherit system;
};
${nodeName} = {
deployment.targetHost = nodeName;
deployment.replaceUnknownProfiles = true;
imports = [
(repoFlake + "/nix/os/devices/${nodeName}/configuration.nix")
nodeFlake.inputs.home-manager.nixosModules.home-manager
];
};
}

99
nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/flake.lock generated Normal file
View file

@ -0,0 +1,99 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1681092193,
"narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-22.11",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1681759395,
"narHash": "sha256-7aaRtLxLAy8qFVIA26ulB+Q5nDVzuQ71qi0s0wMjAws=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1681895322,
"narHash": "sha256-dtduardGFljEIh0Whlnhzda7Au0s1WnnSdzh2ZhCu9c=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "57aad37a2eab85fb5522cbc8568fe27872071a1c",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1681770396,
"narHash": "sha256-tq+GZOkRA3uF3I/jIzuBGfnTRQFT4QnnRCWJ8DKSaMg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4df48038a44e9f3a3da8e9b42ca182726b743de4",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-unstable": "nixpkgs-unstable"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

12
nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/flake.nix Normal file
View file

@ -0,0 +1,12 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11";
inputs.nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
inputs.nixpkgs-master.url = "github:nixos/nixpkgs/master";
inputs.home-manager = {
url = "github:nix-community/home-manager/release-22.11";
inputs.nixpkgs.follows = "nixpkgs";
};
outputs = _: {};
}

0
nix/os/devices/167.233.1.14/hw.nix → nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/hw.nix
View file

0
nix/os/devices/167.233.1.14/pkg.nix → nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/pkg.nix
View file

4
nix/os/devices/167.233.1.14/system.nix → nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/system.nix
View file

@ -6,10 +6,6 @@
}: let }: let
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
in { in {
# TASK: new device
networking.hostName = "sj-pvehtz0"; # Define your hostname.
# networking.domain = "";
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
# iperf3 # iperf3

0
nix/os/devices/167.233.1.14/versions.nix → nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/versions.nix
View file

0
nix/os/devices/167.233.1.14/versions.tmpl.nix → nix/os/devices/sj-vps-htz0.infra.stefanjunker.de/versions.tmpl.nix
View file

27
nix/os/devices/steveej-t14/default.nix Normal file
View file

@ -0,0 +1,27 @@
{repoFlake}: let
nodeName = "steveej-t14";
system = "x86_64-linux";
nodeFlake = repoFlake.inputs.get-flake ./.;
in {
meta.nodeSpecialArgs.${nodeName} = {
inherit nodeName nodeFlake;
packages' = repoFlake.packages.${system};
};
meta.nodeNixpkgs.${nodeName} = import nodeFlake.inputs.nixpkgs.outPath {
inherit system;
};
${nodeName} = {
deployment.targetHost = nodeName;
deployment.replaceUnknownProfiles = false;
# deployment.allowLocalDeployment = true;
imports = [
(repoFlake + "/nix/os/devices/${nodeName}/configuration.nix")
nodeFlake.inputs.home-manager.nixosModules.home-manager
];
};
}

99
nix/os/devices/steveej-t14/flake.lock generated Normal file
View file

@ -0,0 +1,99 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1681092193,
"narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-22.11",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1681759395,
"narHash": "sha256-7aaRtLxLAy8qFVIA26ulB+Q5nDVzuQ71qi0s0wMjAws=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1681895322,
"narHash": "sha256-dtduardGFljEIh0Whlnhzda7Au0s1WnnSdzh2ZhCu9c=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "57aad37a2eab85fb5522cbc8568fe27872071a1c",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1681770396,
"narHash": "sha256-tq+GZOkRA3uF3I/jIzuBGfnTRQFT4QnnRCWJ8DKSaMg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4df48038a44e9f3a3da8e9b42ca182726b743de4",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-unstable": "nixpkgs-unstable"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

12
nix/os/devices/steveej-t14/flake.nix Normal file
View file

@ -0,0 +1,12 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11";
inputs.nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
inputs.nixpkgs-master.url = "github:nixos/nixpkgs/master";
inputs.home-manager = {
url = "github:nix-community/home-manager/release-22.11";
inputs.nixpkgs.follows = "nixpkgs";
};
outputs = _: {};
}

29
nix/os/devices/steveej-t14/pkg.nix
View file

@ -1,15 +1,26 @@
{pkgs, ...}: { {pkgs, ...}: {
nixpkgs.config.packageOverrides = pkgs: home-manager.users.steveej = _: {
with pkgs; { imports = [
nixPath = ../../../home-manager/configuration/graphical-fullblown.nix
(import ../../../default.nix {
versionsPath = ./versions.nix; (_: {
programs.chromium.extensions = [
# can define host-specific extensions here
];
}) })
.nixPath; ];
};
home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix {
inherit pkgs;
}; };
services.teamviewer.enable = true; services.teamviewer.enable = true;
system.stateVersion = "20.09"; system.stateVersion = "20.09";
# TODO: move this into home-manager
environment.systemPackages = with pkgs.gnomeExtensions; [
pop-shell
vitals
# TODO: currently not compatible
# window-switcher-current-workspace-first
# mmod-panel
];
} }

24
nix/os/devices/steveej-t14/system.nix
View file

@ -2,26 +2,26 @@
pkgs, pkgs,
lib, lib,
config, config,
nodeName,
... ...
}: let }: let
keys = import ../../../variables/keys.nix;
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
in { in {
nix = { nix = {
binaryCaches = ["https://holochain-ci.cachix.org" "https://cache.holo.host/"]; binaryCaches = [
"https://holochain-ci.cachix.org"
# "https://cache.holo.host/"
];
binaryCachePublicKeys = [ binaryCachePublicKeys = [
"holochain-ci.cachix.org-1:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8=" "holochain-ci.cachix.org-1:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8="
"cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE=" # "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE="
"cache.holo.host-2:ZJCkX3AUYZ8soxTLfTb60g+F3MkWD7hkH9y8CgqwhDQ=" # "cache.holo.host-2:ZJCkX3AUYZ8soxTLfTb60g+F3MkWD7hkH9y8CgqwhDQ="
]; ];
settings.extra-experimental-features = ["impure-derivations"]; settings.extra-experimental-features = ["impure-derivations"];
settings.system-features = ["recursive-nix"]; settings.system-features = ["recursive-nix"];
}; };
# TASK: new device
networking.hostName = "steveej-t14"; # Define your hostname.
networking.bridges."virbr1".interfaces = []; networking.bridges."virbr1".interfaces = [];
networking.interfaces."virbr1".ipv4.addresses = [ networking.interfaces."virbr1".ipv4.addresses = [
{ {
@ -42,10 +42,7 @@ in {
networking.firewall.logRefusedConnections = false; networking.firewall.logRefusedConnections = false;
networking.usePredictableInterfaceNames = false; networking.usePredictableInterfaceNames = false;
services.printing = { services.fwupd.enable = true;
enable = true;
drivers = with pkgs; [hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper];
};
services.fprintd.enable = true; services.fprintd.enable = true;
security.pam.services = { security.pam.services = {
@ -62,9 +59,10 @@ in {
addNetworkInterface = false; addNetworkInterface = false;
}; };
docker = { podman = {
enable = true; enable = true;
extraOptions = "--experimental"; dockerCompat = true;
defaultNetwork.dnsname.enable = true;
}; };
}; };

36
nix/os/devices/steveej-t14/versions.nix
View file

@ -1,36 +0,0 @@
let
nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-22.11";
rev = ''
ea96b4af6148114421fda90df33cf236ff5ecf1d'';
};
in {
inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";};
"channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable";
rev = ''
db24d86dd8a4769c50d6b7295e81aa280cd93f35'';
};
"channels-nixos-unstable-small" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable-small";
rev = ''
2d79f0ccbd2a418f1582b7a97a57683403512188'';
};
"nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "master";
rev = ''
152a7b64ae22d2b0c5f6043868d2c98b74390517'';
};
"home-manager-module" = {
url = "https://github.com/nix-community/home-manager";
ref = "release-22.11";
rev = ''
f9edbedaf015013eb35f8caacbe0c9666bbc16af'';
};
}

41
nix/os/devices/steveej-t14/versions.tmpl.nix
View file

@ -1,41 +0,0 @@
let
nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-22.11";
rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-22.11 | awk '{ print $1 }' | tr -d '
' -%>'';
};
in {
inherit nixpkgs;
nixos = nixpkgs // {suffix = "/nixos";};
"channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable";
rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
};
"channels-nixos-unstable-small" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable-small";
rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable-small | awk '{ print $1 }' | tr -d '
' -%>'';
};
"nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "master";
rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
};
"home-manager-module" = {
url = "https://github.com/nix-community/home-manager";
ref = "release-22.11";
rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-22.11 | awk '{ print $1 }' | tr -d '
' -%>'';
};
}

26
nix/os/devices/vmd102066.contaboserver.net/default.nix Normal file
View file

@ -0,0 +1,26 @@
{repoFlake}: let
nodeName = "vmd102066.contaboserver.net";
system = "x86_64-linux";
nodeFlake = repoFlake.inputs.get-flake ./.;
in {
meta.nodeSpecialArgs.${nodeName} = {
inherit nodeName nodeFlake;
packages' = repoFlake.packages.${system};
};
meta.nodeNixpkgs.${nodeName} = import nodeFlake.inputs.nixpkgs.outPath {
inherit system;
};
${nodeName} = {
deployment.targetHost = nodeName;
deployment.replaceUnknownProfiles = true;
imports = [
(repoFlake + "/nix/os/devices/${nodeName}/configuration.nix")
nodeFlake.inputs.home-manager.nixosModules.home-manager
];
};
}

99
nix/os/devices/vmd102066.contaboserver.net/flake.lock generated Normal file
View file

@ -0,0 +1,99 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1681092193,
"narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-22.11",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1681759395,
"narHash": "sha256-7aaRtLxLAy8qFVIA26ulB+Q5nDVzuQ71qi0s0wMjAws=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1681895322,
"narHash": "sha256-dtduardGFljEIh0Whlnhzda7Au0s1WnnSdzh2ZhCu9c=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "57aad37a2eab85fb5522cbc8568fe27872071a1c",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1681770396,
"narHash": "sha256-tq+GZOkRA3uF3I/jIzuBGfnTRQFT4QnnRCWJ8DKSaMg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4df48038a44e9f3a3da8e9b42ca182726b743de4",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-unstable": "nixpkgs-unstable"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

12
nix/os/devices/vmd102066.contaboserver.net/flake.nix Normal file
View file

@ -0,0 +1,12 @@
{
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11";
inputs.nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
inputs.nixpkgs-master.url = "github:nixos/nixpkgs/master";
inputs.home-manager = {
url = "github:nix-community/home-manager/release-22.11";
inputs.nixpkgs.follows = "nixpkgs";
};
outputs = _: {};
}

8
nix/os/devices/vmd102066.contaboserver.net/pkg.nix
View file

@ -4,14 +4,6 @@
lib, lib,
... ...
}: { }: {
nixpkgs.config.packageOverrides = pkgs:
with pkgs; {
nixPath =
(import ../../../default.nix {
versionsPath = ./versions.nix;
})
.nixPath;
};
home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs; inherit pkgs;
}; };

31
nix/os/devices/vmd102066.contaboserver.net/system.nix
View file

@ -2,15 +2,12 @@
pkgs, pkgs,
lib, lib,
config, config,
nodeName,
... ...
}: let }: let
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
in { in {
# TASK: new device
networking.hostName = "vmd102066"; # Define your hostname.
networking.domain = "contaboserver.net";
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
# iperf3 # iperf3
@ -62,19 +59,19 @@ in {
''; '';
}; };
systemd.services.sshd.serviceConfig = {TasksMax = 32;}; # systemd.services.sshd.serviceConfig = {TasksMax = 32;};
systemd.timers."sshd-status" = { # systemd.timers."sshd-status" = {
description = "Timer to trigger sshd-status periodically"; # description = "Timer to trigger sshd-status periodically";
enable = true; # enable = true;
wantedBy = ["timer.target" "multi-user.target"]; # wantedBy = ["timer.target" "multi-user.target"];
timerConfig = { # timerConfig = {
OnActiveSec = "5s"; # OnActiveSec = "5s";
OnUnitActiveSec = "5s"; # OnUnitActiveSec = "5s";
AccuracySec = "1s"; # AccuracySec = "1s";
Unit = "sshd-status.service"; # Unit = "sshd-status.service";
}; # };
}; # };
nix.gc = {automatic = true;}; nix.gc = {automatic = true;};
@ -100,8 +97,6 @@ in {
done done
''; '';
# networking.useHostResolvConf = true;
containers = { containers = {
backup = import ../../containers/backup.nix { backup = import ../../containers/backup.nix {
autoStart = false; autoStart = false;

23
nix/os/devices/vmd102066.contaboserver.net/versions.nix
View file

@ -1,23 +0,0 @@
let
nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-22.11";
rev = ''
a7cc81913bb3cd1ef05ed0ece048b773e1839e51'';
};
in {
inherit nixpkgs;
"channels-nixos-stable" = nixpkgs;
"nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "master";
rev = ''
3b12bfe6c4e11e91865f4d244d13fdc9860bd322'';
};
"home-manager-module" = {
url = "https://github.com/nix-community/home-manager";
ref = "release-22.11";
rev = ''
b0be47978de5cfd729a79c3f57ace4c86364ff45'';
};
}

26
nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix
View file

@ -1,26 +0,0 @@
let
nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-22.11";
rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-22.11 | awk '{ print $1 }' | tr -d '
' -%>'';
};
in {
inherit nixpkgs;
"channels-nixos-stable" = nixpkgs;
"nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "master";
rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
};
"home-manager-module" = {
url = "https://github.com/nix-community/home-manager";
ref = "release-22.11";
rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-22.11 | awk '{ print $1 }' | tr -d '
' -%>'';
};
}

2
nix/os/profiles/common/configuration.nix
View file

@ -1,5 +1,3 @@
{...}: { {...}: {
nixpkgs.overlays = builtins.attrValues (import ../../../overlays);
imports = [./boot.nix ./pkg.nix ./user.nix ./system.nix ./hw.nix]; imports = [./boot.nix ./pkg.nix ./user.nix ./system.nix ./hw.nix];
} }

49
nix/os/profiles/common/pkg.nix
View file

@ -1,40 +1,31 @@
{ {
config, flake,
pkgs, pkgs,
# these come in via nodeSpecialArgs and are expected to be defined for every node
nodeFlake,
packages',
... ...
}: { }: {
imports = ["${<home-manager-module>}/nixos"]; imports = [
home-manager.users.root = import ../../../home-manager/configuration/text-minimal.nix { ];
inherit pkgs;
nix.registry.nixpkgs.flake = nodeFlake.inputs.nixpkgs;
home-manager.useGlobalPkgs = false;
home-manager.useUserPackages = true;
home-manager.users.root = import ../../../home-manager/configuration/text-minimal.nix;
# TODO: investigate an issue with the "name" arg contained here, which causes problems with home-manager
# home-manager.extraSpecialArgs = specialArgs;
# hence, opt for passing the arguments selectively instead
home-manager.extraSpecialArgs = {
inherit
packages'
nodeFlake
;
}; };
nixpkgs.config = { nixpkgs.config = {
allowBroken = false; allowBroken = false;
allowUnfree = true; allowUnfree = true;
packageOverrides = pkgs: with pkgs; {};
}; };
environment.systemPackages = with pkgs; [
elfutils
exfat
file
tree
pwgen
proot
parted
pv
tmux
wget
curl
gitFull
pastebinit
gist
mr
usbutils
pciutils
];
} }

17
nix/os/profiles/common/system.nix
View file

@ -2,25 +2,18 @@
config, config,
pkgs, pkgs,
lib, lib,
nodeName,
... ...
}: { }: {
nix.settings.trusted-public-keys = [ networking.hostName = builtins.elemAt (builtins.split "\\." nodeName) 0; # Define your hostname.
# "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" networking.domain = builtins.elemAt (builtins.split "(^[^\\.]+\.)" nodeName) 2;
];
nix.settings.substituters = [
"https://cache.nixos.org"
# "https://hydra.nixos.org"
];
nix.settings.trusted-substituters = [
"https://cache.nixos.org"
# "https://hydra.nixos.org"
];
nix.daemonCPUSchedPolicy = "idle"; nix.daemonCPUSchedPolicy = "idle";
nix.daemonIOSchedClass = "idle"; nix.daemonIOSchedClass = "idle";
nix.settings.max-jobs = lib.mkDefault "auto"; nix.settings.max-jobs = lib.mkDefault "auto";
nix.settings.cores = lib.mkDefault 0; nix.settings.cores = lib.mkDefault 0;
nix.settings.sandbox = true; nix.settings.sandbox = true;
nix.nixPath = ["nixpkgs=${pkgs.path}"];
environment.etc."lvm/lvm.conf".text = '' environment.etc."lvm/lvm.conf".text = ''
devices { devices {
@ -28,8 +21,6 @@
} }
''; '';
environment.variables = {NIX_PATH = lib.mkForce pkgs.nixPath;};
# Fonts, I18N, Date ... # Fonts, I18N, Date ...
fonts.fonts = [pkgs.corefonts]; fonts.fonts = [pkgs.corefonts];

2
nix/os/profiles/containers/configuration.nix
View file

@ -1,6 +1,4 @@
{...}: { {...}: {
nixpkgs.overlays = builtins.attrValues (import ../../../overlays);
networking.useHostResolvConf = false; networking.useHostResolvConf = false;
services.resolved = {enable = true;}; services.resolved = {enable = true;};

63
nix/os/profiles/graphical/system.nix
View file

@ -1,4 +1,8 @@
{pkgs, ...}: { {
pkgs,
lib,
...
}: {
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
dns = "systemd-resolved"; dns = "systemd-resolved";
@ -26,7 +30,7 @@
}; };
}; };
# required for running blueman-applet in user sessions # required for running blueman-applet in user sessions
services.dbus.packages = with pkgs; [blueman]; services.dbus.packages = with pkgs; [blueman dconf];
services.blueman.enable = true; services.blueman.enable = true;
services.xserver = { services.xserver = {
@ -57,31 +61,23 @@
}; };
displayManager = { displayManager = {
gdm.enable = false; gdm.enable = true;
autoLogin = { autoLogin = {
enable = true; enable = true;
user = "steveej"; user = "steveej";
}; };
lightdm = {
enable = true;
background = "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png";
};
sessionCommands = "";
}; };
}; };
services.gvfs.enable = true; # gnome, most of it is disabled and ideally it could live entirely in the user's home config
programs.seahorse.enable = true;
programs.gpaste.enable = false; programs.gpaste.enable = false;
programs.gnome-terminal.enable = false; programs.gnome-terminal.enable = false;
programs.gnome-documents.enable = false; programs.gnome-documents.enable = false;
programs.gnome-disks.enable = false; programs.gnome-disks.enable = false;
services.gnome = { services.gnome = {
# gnome-online-miners.enable = false; TODO: enable this again gnome-online-miners.enable = lib.mkForce false;
games.enable = false; games.enable = false;
gnome-remote-desktop.enable = false; gnome-remote-desktop.enable = false;
gnome-user-share.enable = false; gnome-user-share.enable = false;
@ -90,15 +86,47 @@
tracker.enable = false; tracker.enable = false;
tracker-miners.enable = false; tracker-miners.enable = false;
# FIXME: gnome should be moved to user session gnome-browser-connector.enable = false;
gnome-initial-setup.enable = false;
# FIXME: gnome should be moved to home config
gnome-settings-daemon.enable = true;
core-os-services.enable = true; core-os-services.enable = true;
at-spi2-core.enable = true; at-spi2-core.enable = true;
evolution-data-server.enable = true; evolution-data-server.enable = true;
gnome-online-accounts.enable = true; gnome-online-accounts.enable = true;
gnome-keyring.enable = true; gnome-keyring.enable = lib.mkForce false;
}; };
# FIXME: gnome should be moved to user session
services.gvfs.enable = true;
programs.seahorse.enable = true;
programs.dconf.enable = true;
environment.gnome.excludePackages =
(with pkgs; [
orca
gnome-photos
gnome-tour
])
++ (with pkgs.gnome; [
cheese # webcam tool
gnome-music
gnome-terminal
gedit # text editor
epiphany # web browser
geary # email reader
evince # document viewer
gnome-characters
totem # video player
tali # poker game
iagno # go game
hitori # sudoku game
atomix # puzzle game
]);
# More Services # More Services
environment.systemPackages = [pkgs.gnome.adwaita-icon-theme pkgs.gnomeExtensions.appindicator];
services.udev.packages = [pkgs.libu2f-host pkgs.yubikey-personalization pkgs.android-udev-rules]; services.udev.packages = [pkgs.libu2f-host pkgs.yubikey-personalization pkgs.android-udev-rules];
services.udev.extraRules = '' services.udev.extraRules = ''
# OnePlusOne # OnePlusOne
@ -120,4 +148,9 @@
''; '';
services.logind.lidSwitchExternalPower = "ignore"; services.logind.lidSwitchExternalPower = "ignore";
services.printing = {
enable = true;
drivers = with pkgs; [mfcl3770cdwlpr mfcl3770cdwcupswrapper];
};
} }

182
nix/os/profiles/podman/configuration.nix
View file

@ -1,182 +0,0 @@
{
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
podman
runc
conmon
cni
cni-plugins
slirp4netns
];
environment.etc."containers/registries.conf".text = ''
# This is a system-wide configuration file used to
# keep track of registries for various container backends.
# It adheres to TOML format and does not support recursive
# lists of registries.
[registries.search]
registries = [ 'docker.io'
, 'registry.fedoraproject.org'
, 'registry.access.redhat.com'
, 'quay.io'
]
# If you need to access insecure registries, add the registry's fully-qualified name.
# An insecure registry is one that does not have a valid SSL certificate or only does HTTP.
[registries.insecure]
registries = ['localhost:5000']
'';
environment.etc."containers/policy.json".text = ''
{
"default": [
{
"type": "insecureAcceptAnything"
}
],
"transports":
{
"docker-daemon":
{
"": [{"type":"insecureAcceptAnything"}]
}
}
}
'';
environment.etc."cni/net.d/00-loopback.conf".text = ''
{
"cniVersion": "0.3.0",
"type": "loopback"
}
'';
environment.etc."cni/net.d/87-podman-bridge.conflist".text = ''
{
"cniVersion": "0.3.0",
"name": "podman",
"plugins": [
{
"type": "bridge",
"bridge": "cni0",
"isGateway": true,
"ipMasq": true,
"ipam": {
"type": "host-local",
"subnet": "10.88.0.0/16",
"routes": [
{ "dst": "0.0.0.0/0" }
]
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
'';
environment.etc."containers/libpod.conf".text = ''
# libpod.conf is the default configuration file for all tools using libpod to
# manage containers
# Default transport method for pulling and pushing for images
image_default_transport = "docker://"
# Paths to search for the Conmon container manager binary
runtime_path = [
"${pkgs.runc}/bin/runc"
]
# Paths to look for the Conmon container manager binary
conmon_path = [
"${pkgs.conmon}/bin/conmon"
]
# Environment variables to pass into conmon
conmon_env_vars = [
# "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
]
# CGroup Manager - valid values are "systemd" and "cgroupfs"
cgroup_manager = "systemd"
# Container init binary
#init_path = "/usr/libexec/podman/catatonit"
# Directory for persistent libpod files (database, etc)
# By default, this will be configured relative to where containers/storage
# stores containers
# Uncomment to change location from this default
#static_dir = "/var/lib/containers/storage/libpod"
# Directory for temporary files. Must be tmpfs (wiped after reboot)
tmp_dir = "/var/run/libpod"
# Maximum size of log files (in bytes)
# -1 is unlimited
max_log_size = -1
# Whether to use chroot instead of pivot_root in the runtime
no_pivot_root = false
# Directory containing CNI plugin configuration files
cni_config_dir = "/etc/cni/net.d/"
# Directories where the CNI plugin binaries may be located
cni_plugin_dir = [
"${pkgs.cni-plugins}/bin"
]
# Default CNI network for libpod.
# If multiple CNI network configs are present, libpod will use the network with
# the name given here for containers unless explicitly overridden.
# The default here is set to the name we set in the
# 87-podman-bridge.conflist included in the repository.
# Not setting this, or setting it to the empty string, will use normal CNI
# precedence rules for selecting between multiple networks.
cni_default_network = "podman"
# Default libpod namespace
# If libpod is joined to a namespace, it will see only containers and pods
# that were created in the same namespace, and will create new containers and
# pods in that namespace.
# The default namespace is "", which corresponds to no namespace. When no
# namespace is set, all containers and pods are visible.
#namespace = ""
# Default pause image name for pod pause containers
pause_image = "k8s.gcr.io/pause:3.1"
# Default command to run the pause container
pause_command = "/pause"
# Determines whether libpod will reserve ports on the host when they are
# forwarded to containers. When enabled, when ports are forwarded to containers,
# they are held open by conmon as long as the container is running, ensuring that
# they cannot be reused by other programs on the host. However, this can cause
# significant memory usage if a container has many ports forwarded to it.
# Disabling this can save memory.
#enable_port_reservation = true
# Default libpod support for container labeling
# label=true
# Paths to look for a valid OCI runtime (runc, runv, etc)
# FIXME: this doesn't seem to take effect
[runtimes]
runc = [
"${pkgs.runc}/bin/runc"
]
'';
}

5
nix/overlays/default.nix
View file

@ -1,5 +0,0 @@
{
overrides = import ./overrides.nix;
pkgs = import ./pkgs.nix;
posh = import ./posh.nix;
}

34
nix/overlays/overrides.nix
View file

@ -1,34 +0,0 @@
# This overlay is used for overriding upstream packages.
self: super: let
sources = import ../../nix/sources.nix;
nixpkgs-master = import <nixpkgs-master> {inherit (super) config;};
nixpkgs-unstable =
import <channels-nixos-unstable> {inherit (super) config;};
in {
inherit nixpkgs-master;
inherit nixpkgs-unstable;
# alacritty = nixpkgs-master.alacritty;
alacritty = super.stdenv.mkDerivation {
name = "alacritty-custom";
buildInputs = [super.makeWrapper];
phases = "installPhase";
installPhase = ''
makeWrapper ${super.alacritty}/bin/alacritty $out/bin/alacritty \
--set-default WINIT_X11_SCALE_FACTOR 1.4
'';
};
qtile = super.qtile.overrideAttrs (oldAttrs: {
propagatedBuildInputs =
oldAttrs.passthru.unwrapped.propagatedBuildInputs
++ (with self.python3Packages; [
# python-wifi
# iwlib
keyring
]);
});
# logseq = nixpkgs-staging-steveej.logseq;
}

14
nix/overlays/pkgs.nix
View file

@ -1,14 +0,0 @@
# This overlay includes all packages defined by the top-level default.nix.
# The code is copied from the NUR repository [0].
#
# [0]: https://github.com/nix-community/nur-packages-template/blob/2610a5b60bd926cea3e6395511da8f0d14c613b9/overlay.nix
self: super: let
isReserved = n: n == "lib" || n == "overlays" || n == "modules";
nameValuePair = n: v: {
name = n;
value = v;
};
nurAttrs = import ../pkgs {pkgs = super;};
in
builtins.listToAttrs (map (n: nameValuePair n nurAttrs.${n})
(builtins.filter (n: !isReserved n) (builtins.attrNames nurAttrs)))

16
nix/overlays/posh.nix
View file

@ -1,16 +0,0 @@
self: super: let
nixpkgs-master = import <nixpkgs-master> {};
inherit (nixpkgs-master) crun;
crun_10_6_0 = crun.overrideAttrs (oldAttrs: rec {
version = "0.10.6";
src = super.fetchgit {
inherit (crun.src) url;
rev = version;
sha256 = "0v1hrlpnln0c976fb0k2ig4jv11qbyzf95z0wy92fd8r8in16rc1";
};
});
in {
inherit (nixpkgs-master) podman conmon slirp4netns;
posh = self.callPackage ../pkgs/posh.nix {};
}

44
nix/pkgs/default.nix
View file

@ -1,49 +1,7 @@
{pkgs}: let {pkgs}: {
in rec {
nixpkgs-master = import <nixpkgs-master> {};
busyboxStatic = pkgs.busybox.override {
enableStatic = true;
extraConfig = ''
CONFIG_STATIC y
CONFIG_INSTALL_APPLET_DONT y
CONFIG_INSTALL_APPLET_SYMLINKS n
'';
};
dropbearStatic = pkgs.dropbear.override {enableStatic = true;};
duplicacy = pkgs.callPackage ../pkgs/duplicacy {}; duplicacy = pkgs.callPackage ../pkgs/duplicacy {};
mfcl3770cdw = pkgs.callPackage ../pkgs/mfcl3770cdw.nix {};
staruml = pkgs.callPackage ../pkgs/staruml.nix { staruml = pkgs.callPackage ../pkgs/staruml.nix {
inherit (pkgs.gnome2) GConf; inherit (pkgs.gnome2) GConf;
libgcrypt = pkgs.libgcrypt_1_5; libgcrypt = pkgs.libgcrypt_1_5;
}; };
pythonPackages = myPython;
myPython = pkgs.python310.withPackages (ps:
with ps;
[
pep8
yapf
flake8
# autopep8 (broken)
# pylint (broken)
ipython
llfuse
dugong
defusedxml
wheel
pip
virtualenv
cffi
pyopenssl
urllib3
# mistune (insecure)
sympy
flask
pyaml
]
++ [pkgs.pypi2nix pkgs.libffi]);
} }

12
nix/variables/versions.nix
View file

@ -2,7 +2,8 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-22.11"; ref = "nixos-22.11";
rev = "dac57a4eccf1442e8bf4030df6fcbb55883cb682"; rev = ''
5b7cd5c39befee629be284970415b6eb3b0ff000'';
}; };
in { in {
inherit nixpkgs; inherit nixpkgs;
@ -11,16 +12,19 @@ in {
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "1eb875e811dd59e21e77f6337f2c1592889b48b3"; rev = ''
4bb072f0a8b267613c127684e099a70e1f6ff106'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "590321a5defbbabe96f8def70013d5b45406dee4"; rev = ''
a8636efe2df64047cd58898010a72f73efd56722'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-22.11"; ref = "release-22.11";
rev = "89a8ba0b5b43b3350ff2e3ef37b66736b2ef8706"; rev = ''
83110c259889230b324bb2d35bef78bf5f214a1f'';
}; };
} }

58
shell.nix
View file

@ -1,58 +0,0 @@
{...}: let
pkgsPath = (import ./nix/sources.nix).nixpkgs;
pkgs =
import pkgsPath {overlays = builtins.attrValues (import ./nix/overlays);};
in
pkgs.stdenv.mkDerivation {
name = "infra-env";
buildInputs =
[
(with import (pkgsPath + "/nixos") {configuration = {};};
with config.system.build; [
nixos-generate-config
nixos-install
nixos-enter
manual.manpages
])
]
++ (with pkgs; [
just
git-crypt
vcsh
gnupg
git
nixUnstable
niv
nixos-install-tools
apacheHttpd
vncdo
tesseract
imagemagick
esh
xorg.xwininfo
nmap
sysstat
lshw
xxHash
linssid
wavemon
wirelesstools
lm_sensors
zathura
ripgrep
glxinfo
nixfmt
ntfy
playerctl
]);
# Set Environment Variables
RUST_BACKTRACE = 1;
}