Compare commits

...

4 commits

Author SHA1 Message Date
73b74531a2 add formatting and sops
All checks were successful
Hydra nixosConfigurations.not522 Hydra build #24542 of nixos-config:pr618:nixosConfigurations.not522
Hydra devShells.x86_64-linux.default Hydra build #24538 of nixos-config:pr618:devShells.x86_64-linux.default
Hydra nixosConfigurations.container-default-riscv64-linux Hydra build #24540 of nixos-config:pr618:nixosConfigurations.container-default-riscv64-linux
Hydra nixosConfigurations.container-default-x86_64-linux Hydra build #24541 of nixos-config:pr618:nixosConfigurations.container-default-x86_64-linux
Hydra nixosConfigurations.container-default-aarch64-linux Hydra build #24539 of nixos-config:pr618:nixosConfigurations.container-default-aarch64-linux
Hydra nixosConfigurations.not522-installer Hydra build #24543 of nixos-config:pr618:nixosConfigurations.not522-installer
Hydra checks.x86_64-linux.containers-default Hydra build #24537 of nixos-config:pr618:checks.x86_64-linux.containers-default
Hydra nixosConfigurations.thinkrac Hydra build #24546 of nixos-config:pr618:nixosConfigurations.thinkrac
Hydra nixosConfigurations.rainbow-resort Hydra build #24545 of nixos-config:pr618:nixosConfigurations.rainbow-resort
Hydra nixosConfigurations.pc-installer Hydra build #24544 of nixos-config:pr618:nixosConfigurations.pc-installer
2024-11-09 15:26:52 +01:00
bb0abe5988 add fonts 2024-11-09 15:06:57 +01:00
0fe2e334bb format all code 2024-11-09 15:02:26 +01:00
c524dcaa0f add some vscode plugins 2024-11-09 15:01:22 +01:00
87 changed files with 847 additions and 601 deletions

View file

@ -1,4 +1,5 @@
{nixos-config, ...}: {
{ nixos-config, ... }:
{
imports = [
"${nixos-config}/modules"
"${nixos-config}/services/tailscale.nix"

View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
documentation.nixos.includeAllModules = true;
documentation.nixos.options.warningsAreErrors = false;
home-manager.users.darkkirb.manual = {

View file

@ -1,8 +1,10 @@
{config, ...}: {
{ config, ... }:
{
time.timeZone = "Etc/GMT-1";
isGraphical = true;
imports = [
./kde
./documentation.nix
./graphical/fonts.nix
];
}

View file

@ -0,0 +1,40 @@
{ pkgs, ... }:
{
fonts = {
fontDir.enable = true;
fontconfig = {
enable = true;
defaultFonts = {
emoji = [ "Noto Color Emoji" ];
monospace = [
"Fira Code"
"Font Awesome 5 Free"
];
sansSerif = [
"Noto Sans"
"Font Awesome 5 Free"
];
serif = [
"Noto Serif"
"Font Awesome 5 Free"
];
};
};
packages = with pkgs; [
fira-code
fira-code-symbols
font-awesome
noto-fonts
noto-fonts-cjk-sans
noto-fonts-emoji
noto-fonts-extra
(nerdfonts.override {
fonts = [
"FiraCode"
"DroidSansMono"
"Noto"
];
})
];
};
}

View file

@ -1,6 +1,7 @@
# Unlike other modules in this directory, this one is not enabled by default
# The default graphical configuration would enable this, the verbose configuration would not.
{config, ...}: {
{ config, ... }:
{
boot = {
plymouth.enable = true;
consoleLogLevel = 0;

View file

@ -1,4 +1,5 @@
{config, ...}: {
{ config, ... }:
{
console.keyMap = "neo";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";

View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
services.xserver.enable = true;
services.displayManager.sddm.enable = true;
services.desktopManager.plasma6.enable = true;

View file

@ -1,4 +1,5 @@
{plasma-manager, ...}: {
{ plasma-manager, ... }:
{
programs.plasma.enable = true;
programs.plasma.configFile.baloofilerc."Basic Settings"."Indexing-Enabled" = false;
imports = [

View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
services.libinput.enable = true;
services.xserver.xkb = {
layout = "de";

View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
programs.plasma = {
workspace.lookAndFeel = "org.kde.breezedark.desktop";
hotkeys.commands."launch-konsole" = {

View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
networking.networkmanager.enable = true;
users.users.darkkirb.extraGroups = [ "networkmanager" ];
environment.persistence."/persistent".directories = [

View file

@ -1,6 +1,8 @@
{system, ...}: let
{ system, ... }:
let
isx86 = system == "x86_64-linux";
in {
in
{
boot.loader.systemd-boot = {
enable = true;
memtest86.enable = isx86;

View file

@ -1,4 +1,5 @@
{system, ...}: {
{ system, ... }:
{
inherit system;
config = import ./default.nix;
autoStart = true;

View file

@ -1,4 +1,5 @@
{nixos-config, ...}: {
{ nixos-config, ... }:
{
imports = [
nixos-config.nixosModules.containers
];

View file

@ -1,14 +1,11 @@
(
import
(
(import (
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
in
fetchTarball {
url = lock.nodes.flake-compat.locked.url or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
url =
lock.nodes.flake-compat.locked.url
or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash;
}
)
{src = ./.;}
)
.defaultNix
) { src = ./.; }).defaultNix

109
flake.nix
View file

@ -78,23 +78,23 @@
};
};
outputs = {
outputs =
{
self,
nixpkgs,
...
} @ inputs': let
inputs =
inputs'
// {
}@inputs':
let
inputs = inputs' // {
nixos-config = self;
inherit inputs;
inTester = false;
pureInputs = inputs';
};
pkgsFor = system: let
inputs' =
inputs
// {
pkgsFor =
system:
let
inputs' = inputs // {
inherit system;
inputs = inputs';
};
@ -103,56 +103,78 @@
inherit system;
overlays =
[
(_: _:
(
_: _:
inputs'
// {
inputs = inputs';
})
}
)
]
++ (
if system == "riscv64-linux"
then [
if system == "riscv64-linux" then
[
inputs.riscv-overlay.overlays.default
]
else []
else
[ ]
);
};
in {
checks.x86_64-linux = nixpkgs.lib.listToAttrs (map (testName: {
in
{
checks.x86_64-linux = nixpkgs.lib.listToAttrs (
map (testName: {
name = testName;
value = (pkgsFor "x86_64-linux").callPackage ./tests/${testName}.nix { };
}) ["containers-default"]);
}) [ "containers-default" ]
);
nixosModules = {
containers = import ./modules/containers/default.nix;
default = import ./modules/default.nix;
};
nixosContainers = with nixpkgs.lib; let
nixosContainers =
with nixpkgs.lib;
let
containerNames = [
"default"
];
containerArches = ["x86_64-linux" "aarch64-linux" "riscv64-linux"];
containers = listToAttrs (flatten (map (system: let
containerArches = [
"x86_64-linux"
"aarch64-linux"
"riscv64-linux"
];
containers = listToAttrs (
flatten (
map (
system:
let
pkgs = pkgsFor system;
in
map (container: {
name = "container-${container}-${system}";
value = pkgs.callPackage ./containers/${container}-configuration.nix { };
})
containerNames)
containerArches));
}) containerNames
) containerArches
)
);
in
containers;
nixosConfigurations = with nixpkgs.lib; let
mkSystem = args: let
inputs' = inputs // {inherit (args) system;};
nixosConfigurations =
with nixpkgs.lib;
let
mkSystem =
args:
let
inputs' = inputs // {
inherit (args) system;
};
in
nixosSystem (args
nixosSystem (
args
// {
specialArgs =
args.specialArgs
or {}
// inputs';
});
specialArgs = args.specialArgs or { } // inputs';
}
);
systems' = {
not522 = {
config = ./machine/not522;
@ -175,35 +197,42 @@
system = "x86_64-linux";
};
};
containers = mapAttrs (_: container:
containers = mapAttrs (
_: container:
mkSystem {
inherit (container) system;
modules = [
container.config
];
})
self.nixosContainers;
systems = mapAttrs (_: system:
}
) self.nixosContainers;
systems = mapAttrs (
_: system:
mkSystem {
inherit (system) system;
modules = [
system.config
];
})
systems';
}
) systems';
in
containers // systems;
hydraJobs = {
inherit (self) checks devShells;
nixosConfigurations = nixpkgs.lib.mapAttrs (_: v: v.config.system.build.toplevel) self.nixosConfigurations;
nixosConfigurations = nixpkgs.lib.mapAttrs (
_: v: v.config.system.build.toplevel
) self.nixosConfigurations;
};
devShells.x86_64-linux.default = with pkgsFor "x86_64-linux";
devShells.x86_64-linux.default =
with pkgsFor "x86_64-linux";
mkShell {
nativeBuildInputs = with pkgs; [
age
sops
ssh-to-age
nixfmt-rfc-style
];
};
formatter.x86_64-linux = (pkgsFor "x86_64-linux").nixfmt-rfc-style;
};
}

View file

@ -3,13 +3,15 @@
nixpkgs,
lix,
...
}: let
}:
let
pkgs_x86_64 = import nixpkgs {
system = "x86_64-linux";
crossSystem.system = "riscv64-linux";
overlays = [ lix.overlays.default ];
};
in {
in
{
nixpkgs.overlays = [
(self: super: {
inherit (pkgs_x86_64) lix nixos-option;

View file

@ -3,7 +3,8 @@
nixos-hardware,
nixpkgs,
...
}: {
}:
{
networking.hostName = "not522";
imports = [
"${nixos-config}/config"

View file

@ -40,7 +40,10 @@
};
# Parent is not mounted so the mountpoint must be set
"/nix" = {
mountOptions = ["compress=zstd" "noatime"];
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix";
};
};

View file

@ -3,7 +3,8 @@
nixos-hardware,
config,
...
}: {
}:
{
imports = [
"${nixos-hardware}/starfive/visionfive/v2/default.nix"
];

View file

@ -7,19 +7,19 @@
lib,
nixpkgs,
...
}: let
dependencies =
[
}:
let
dependencies = [
nixos-config.nixosConfigurations.not522.config.system.build.toplevel
nixos-config.nixosConfigurations.not522.config.system.build.diskoScript
nixos-config.nixosConfigurations.not522.config.system.build.diskoScript.drvPath
nixos-config.nixosConfigurations.not522.pkgs.stdenv.drvPath
(nixos-config.nixosConfigurations.not522.pkgs.closureInfo { rootPaths = [ ]; }).drvPath
]
++ map (i: i.outPath) (builtins.filter builtins.isAttrs (builtins.attrValues pureInputs));
] ++ map (i: i.outPath) (builtins.filter builtins.isAttrs (builtins.attrValues pureInputs));
closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
in {
in
{
networking.hostName = "not522-installer";
imports = [
"${nixos-config}/config"

View file

@ -40,7 +40,10 @@
};
# Parent is not mounted so the mountpoint must be set
"/nix" = {
mountOptions = ["compress=zstd" "noatime"];
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix";
};
};

View file

@ -5,7 +5,8 @@
pkgs,
pureInputs,
...
}: let
}:
let
getDeps = name: [
nixos-config.nixosConfigurations.${name}.config.system.build.toplevel
nixos-config.nixosConfigurations.${name}.config.system.build.diskoScript
@ -19,7 +20,8 @@
++ map (i: i.outPath) (builtins.filter builtins.isAttrs (builtins.attrValues pureInputs));
closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
in {
in
{
networking.hostName = "pc-installer";
imports = [
"${nixos-config}/config"

View file

@ -41,7 +41,10 @@
};
# Parent is not mounted so the mountpoint must be set
"/nix" = {
mountOptions = ["compress=zstd" "noatime"];
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix";
};
};

View file

@ -2,7 +2,8 @@
config,
nixos-config,
...
}: {
}:
{
imports = [
"${nixos-config}/config/graphical.nix"
];

View file

@ -2,7 +2,8 @@
config,
lib,
...
}: {
}:
{
# For legacy pc reason, this needs to be grub
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.loader.grub = {

View file

@ -1,5 +1,13 @@
{...}: {
boot.initrd.availableKernelModules = ["nvme" "ahci" "xhci_pci" "usbhid" "uas" "sd_mod"];
{ ... }:
{
boot.initrd.availableKernelModules = [
"nvme"
"ahci"
"xhci_pci"
"usbhid"
"uas"
"sd_mod"
];
hardware.cpu.amd.updateMicrocode = true;
hardware.cpu.intel.updateMicrocode = true;
}

View file

@ -3,7 +3,8 @@
nixos-config,
lib,
...
}: {
}:
{
networking.hostName = "rainbow-resort";
imports = [
"${nixos-config}/config"

View file

@ -40,7 +40,10 @@
};
# Parent is not mounted so the mountpoint must be set
"/nix" = {
mountOptions = ["compress=zstd" "noatime"];
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix";
};
};

View file

@ -2,7 +2,8 @@
modulesPath,
nixos-hardware,
...
}: {
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
nixos-hardware.nixosModules.common-cpu-amd
@ -13,9 +14,22 @@
nixos-hardware.nixosModules.common-pc-ssd
];
hardware.cpu.amd.updateMicrocode = true;
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" "k10temp"];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
"sr_mod"
"k10temp"
];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = ["kvm-amd" "i2c-dev" "i2c-piix4"];
boot.kernelModules = [
"kvm-amd"
"i2c-dev"
"i2c-piix4"
];
boot.extraModulePackages = [ ];
nix.settings.cores = 16;
boot.binfmt.emulatedSystems = [

View file

@ -1,4 +1,5 @@
{lib, ...}: {
{ lib, ... }:
{
xdg.configFile."kwinoutputconfig.json".text = lib.strings.toJSON [
{
data = [

View file

@ -3,7 +3,8 @@
nixos-config,
lib,
...
}: {
}:
{
networking.hostName = "thinkrac";
imports = [
"${nixos-config}/config"

View file

@ -40,7 +40,10 @@
};
# Parent is not mounted so the mountpoint must be set
"/nix" = {
mountOptions = ["compress=zstd" "noatime"];
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix";
};
};

View file

@ -2,7 +2,8 @@
modulesPath,
nixos-hardware,
...
}: {
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
nixos-hardware.nixosModules.lenovo-thinkpad-t470s
@ -11,7 +12,12 @@
nixos-hardware.nixosModules.common-pc-laptop-ssd
];
hardware.cpu.intel.updateMicrocode = true;
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"];
boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];

View file

@ -6,27 +6,28 @@
inputs,
...
}:
with lib; let
with lib;
let
badNames = [
"system"
"override"
"overrideDerivation"
];
filterBad = filterAttrs (n: _: lib.all (m: n != m) badNames);
in {
in
{
options.autoContainers = mkOption {
default = [ ];
type = types.listOf types.str;
};
config = {
containers = listToAttrs (map (container: {
containers = listToAttrs (
map (container: {
name = container;
value =
filterBad (pkgs.callPackage ../../containers/${container}-configuration.nix {})
// {
value = filterBad (pkgs.callPackage ../../containers/${container}-configuration.nix { }) // {
specialArgs = inputs;
};
})
config.autoContainers);
}) config.autoContainers
);
};
}

View file

@ -2,7 +2,8 @@
nixos-config,
lib,
...
}: {
}:
{
imports = [
nixos-config.nixosModules.default
./hostName.nix

View file

@ -3,7 +3,8 @@
lib,
...
}:
with lib; {
with lib;
{
options.networking = {
rootHostName = mkOption {
description = "Hostname of the running host";
@ -26,9 +27,10 @@ with lib; {
config = {
networking = rec {
fullHostName =
if config.networking.rootHostName == ""
then config.networking.hostName
else "${config.networking.rootHostName}-${config.networking.hostName}";
if config.networking.rootHostName == "" then
config.networking.hostName
else
"${config.networking.rootHostName}-${config.networking.hostName}";
nodeID = lib.substring 0 8 (builtins.hashString "sha256" fullHostName);
};
};

View file

@ -1,4 +1,5 @@
{nixpkgs, ...}: {
{ nixpkgs, ... }:
{
imports = [
(nixpkgs.outPath + "/nixos/modules/profiles/minimal.nix")
(nixpkgs.outPath + "/nixos/modules/profiles/headless.nix")

View file

@ -5,7 +5,8 @@
nur,
...
}:
with lib; {
with lib;
{
imports = [
./riscv.nix
./containers/autoconfig.nix

View file

@ -6,7 +6,8 @@
inTester,
...
}:
with lib; {
with lib;
{
imports = [
"${impermanence}/nixos.nix"
./user-impermanence.nix
@ -70,24 +71,21 @@ with lib; {
}
{
assertion =
if hasAttr "/" config.fileSystems
then config.fileSystems."/".fsType == "btrfs"
else false;
if hasAttr "/" config.fileSystems then config.fileSystems."/".fsType == "btrfs" else false;
message = "rootfs must be btrfs";
}
{
assertion =
if hasAttr "/" config.fileSystems
then any (t: t == "subvol=root" || t == "subvol=/root") config.fileSystems."/".options
else false;
if hasAttr "/" config.fileSystems then
any (t: t == "subvol=root" || t == "subvol=/root") config.fileSystems."/".options
else
false;
message = "rootfs must mount subvolume root";
}
];
fileSystems."/persistent" = {
device =
if hasAttr "/" config.fileSystems
then mkDefault config.fileSystems."/".device
else "/dev/null";
if hasAttr "/" config.fileSystems then mkDefault config.fileSystems."/".device else "/dev/null";
fsType = "btrfs";
options = [ "subvol=persistent" ];
neededForBoot = true;

View file

@ -5,7 +5,8 @@
inTester,
...
}:
with lib; {
with lib;
{
options = {
environment.impermanence.users = mkOption {
description = "Which users to clean up the home directory for";
@ -14,11 +15,16 @@ with lib; {
};
};
config = mkIf (config.environment.impermanence.enable && config.environment.impermanence.users != []) {
config =
mkIf (config.environment.impermanence.enable && config.environment.impermanence.users != [ ])
{
programs.fuse.userAllowOther = true;
home-manager.users = listToAttrs (map (name: {
home-manager.users = listToAttrs (
map (name: {
inherit name;
value = {config, ...}: {
value =
{ config, ... }:
{
home.file."${config.home.homeDirectory}/.cache/.keep" = {
enable = false;
};
@ -39,16 +45,22 @@ with lib; {
];
};
};
})
config.environment.impermanence.users);
systemd.tmpfiles.rules = mkMerge (map (name: [
}) config.environment.impermanence.users
);
systemd.tmpfiles.rules = mkMerge (
map (name: [
"d /persistent/home/${name} 700 ${name} ${config.users.users.${name}.group} - -"
"d /persistent/home/${name}/.cache 700 ${name} ${config.users.users.${name}.group} 7d -"
])
config.environment.impermanence.users);
systemd.services = listToAttrs (flatten (map (name: let
]) config.environment.impermanence.users
);
systemd.services = listToAttrs (
flatten (
map (
name:
let
cfg = config.users.users.${name};
in [
in
[
{
name = "cleanup-home-${name}";
description = "Clean home directory for ${name}";
@ -105,7 +117,9 @@ with lib; {
];
};
}
])
config.environment.impermanence.users));
]
) config.environment.impermanence.users
)
);
};
}

View file

@ -3,11 +3,13 @@
config,
...
}:
with lib; {
with lib;
{
options.hydra.buildServer.enable = mkEnableOption "Make this device a build server";
imports = [
{
config.hydra.buildServer.enable = let
config.hydra.buildServer.enable =
let
buildServers = import ./build-server-list.nix;
in
mkDefault (any (t: t == config.networking.hostName) buildServers);

View file

@ -3,10 +3,12 @@
pkgs,
lib,
...
}: let
}:
let
cfg = config.nix.auto-update;
in
with lib; {
with lib;
{
options.nix.auto-update = {
enable = mkEnableOption "enable automatic updates";
reboot = mkEnableOption "Reboot if kernel change";
@ -50,13 +52,13 @@ in
serviceConfig.Type = "oneshot";
script = let
script =
let
output =
if cfg.specialisation == null
then "$output"
else "$output/specialisation/${cfg.specialisation}";
if cfg.specialisation == null then "$output" else "$output/specialisation/${cfg.specialisation}";
switchToConfiguration = "${output}/bin/switch-to-configuration";
in ''
in
''
#!${pkgs.bash}/bin/bash
set -euxo pipefail
build=$(${pkgs.curl}/bin/curl -H "accept: application/json" -G ${cfg.hydraServer}/api/latestbuilds -d "nr=10" -d "project=${cfg.project}" -d "jobset=${cfg.jobset}" -d "job=${cfg.job}" | ${pkgs.jq}/bin/jq -r '[.[]|select(.buildstatus==0)][0].id')
@ -65,8 +67,8 @@ in
output=$(${pkgs.nix}/bin/nix-store -r $drvname)
${pkgs.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set ${output}
${
if cfg.reboot
then ''
if cfg.reboot then
''
${switchToConfiguration} boot
booted="$(${pkgs.coreutils}/bin/readlink /run/booted-system/{initrd,kernel,kernel-modules})"
built="$(${pkgs.coreutils}/bin/readlink ${output}/{initrd,kernel,kernel-modules})"
@ -77,7 +79,8 @@ in
fi
exit
''
else ''
else
''
${switchToConfiguration} switch
''
}

View file

@ -3,7 +3,8 @@
lib,
...
}:
with lib; {
with lib;
{
config = mkIf (!config.isInstaller) {
nix.distributedBuilds = true;
nix.buildMachines = mkMerge [
@ -17,7 +18,15 @@ with lib; {
];
maxJobs = 4;
speedFactor = 1;
supportedFeatures = ["nixos-test" "benchmark" "ca-derivations" "gccarch-armv8-a" "gccarch-armv8.1-a" "gccarch-armv8.2-a" "big-parallel"];
supportedFeatures = [
"nixos-test"
"benchmark"
"ca-derivations"
"gccarch-armv8-a"
"gccarch-armv8.1-a"
"gccarch-armv8.2-a"
"big-parallel"
];
}
]
[

View file

@ -3,7 +3,8 @@
lib,
...
}:
with lib; {
with lib;
{
imports = [
./link-inputs.nix
./lix.nix

View file

@ -2,22 +2,20 @@
lib,
inputs,
...
}: let
}:
let
# Taken from https://github.com/gytis-ivaskevicius/flake-utils-plus/blob/master/lib/options.nix
inherit (lib) filterAttrs mapAttrs';
flakes = filterAttrs (name: value: (value ? outputs)) inputs;
nixRegistry =
builtins.mapAttrs
(name: v: {flake = v;})
flakes;
in {
nixRegistry = builtins.mapAttrs (name: v: { flake = v; }) flakes;
in
{
nix.registry = nixRegistry;
environment.etc =
mapAttrs'
(name: value: {
environment.etc = mapAttrs' (name: value: {
name = "nix/inputs/${name}";
value = {source = value.outPath;};
})
flakes;
value = {
source = value.outPath;
};
}) flakes;
nix.nixPath = [ "/etc/nix/inputs" ];
}

View file

@ -5,11 +5,9 @@
pkgs,
lib,
...
}: {
imports =
if inTester
then []
else [lix-module.nixosModules.default];
}:
{
imports = if inTester then [ ] else [ lix-module.nixosModules.default ];
environment.systemPackages = lib.mkIf config.nix.enable [
pkgs.git

View file

@ -3,10 +3,11 @@
riscv-overlay,
...
}:
if system == "riscv64-linux"
then {
if system == "riscv64-linux" then
{
nixpkgs.overlays = [
riscv-overlay.overlays.default
];
}
else {}
else
{ }

View file

@ -2,7 +2,8 @@
sops-nix,
config,
...
}: {
}:
{
imports = [
"${sops-nix}/modules/sops"
];

View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
home.packages = with pkgs; [ audacious ];
home.persistence.default.directories = [
".config/audacious"

View file

@ -1,13 +1,15 @@
{config, pkgs, ...}: {
{ config, pkgs, ... }:
{
imports = [
./steam
];
home-manager.users.darkkirb.imports =
if config.isGraphical
then [
if config.isGraphical then
[
./home-manager.nix
]
else [];
else
[ ];
environment.plasma6.excludePackages = with pkgs.kdePackages; [
pkgs.elisa

View file

@ -4,7 +4,8 @@
lib,
nur,
...
}: let
}:
let
extensions = {
"ublock-origin" = [
"alarms"
@ -102,7 +103,8 @@
nurpkgs = pkgs;
inherit pkgs;
};
in {
in
{
programs.firefox = {
enable = true;
nativeMessagingHosts = with pkgs; [
@ -139,18 +141,16 @@ in {
'';
};
};
assertions =
lib.mapAttrsToList (k: v: let
unaccepted =
lib.subtractLists
v
nur'.repos.rycee.firefox-addons.${k}.meta.mozPermissions;
in {
assertions = lib.mapAttrsToList (
k: v:
let
unaccepted = lib.subtractLists v nur'.repos.rycee.firefox-addons.${k}.meta.mozPermissions;
in
{
assertion = unaccepted == [ ];
message = ''
Extension ${k} has unaccepted permissions: ${builtins.toJSON unaccepted}'';
})
extensions;
message = ''Extension ${k} has unaccepted permissions: ${builtins.toJSON unaccepted}'';
}
) extensions;
home.persistence.default.directories = [
".mozilla"
];

View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
imports = [
./ff14
];

View file

@ -1,4 +1,11 @@
{ config, pkgs, lib, systemConfig, ... }: {
{
config,
pkgs,
lib,
systemConfig,
...
}:
{
config = lib.mkIf (systemConfig.networking.hostName == "rainbow-resort") {
home.packages = with pkgs; [ xivlauncher ];
systemd.user.tmpfiles.rules = [

View file

@ -1,4 +1,5 @@
{pkgs, nixos-config, ...}: {
{ pkgs, nixos-config, ... }:
{
imports = [
./firefox
./password-manager.nix

View file

@ -1,4 +1,5 @@
{config, pkgs, ...}: {
{ config, pkgs, ... }:
{
home.packages = with pkgs; [
telegram-desktop
];

View file

@ -1,4 +1,5 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
home.packages = with pkgs; [
keepassxc
];

View file

@ -1,4 +1,5 @@
{lib, config, ...}: {
{ lib, config, ... }:
{
programs.steam = lib.mkIf config.isGraphical {
enable = !config.isInstaller;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play

View file

@ -1,6 +1,9 @@
{...}: {
home.persistence.default.directories = [{
{ ... }:
{
home.persistence.default.directories = [
{
directory = ".local/share/Steam";
method = "symlink";
}];
}
];
}

View file

@ -1,4 +1,5 @@
{config, systemConfig, ...}: {
{ config, systemConfig, ... }:
{
services.syncthing = {
enable = true;
tray.enable = true;

View file

@ -1,4 +1,5 @@
{config, ...}: {
{ config, ... }:
{
imports = [
./nvim
];

View file

@ -3,16 +3,12 @@
pkgs,
lib,
...
}: let
boolToStr = b:
if b
then "true"
else "false";
boolToStr' = b:
if b
then "1"
else "0";
in {
}:
let
boolToStr = b: if b then "true" else "false";
boolToStr' = b: if b then "1" else "0";
in
{
xdg.configFile."nvim/lua/globals.lua".text = ''
local fn = vim.fn
local api = vim.api

View file

@ -2,7 +2,8 @@
pkgs,
config,
...
}: {
}:
{
imports = [
./globals.nix
./plugins/lazy-nvim.nix

View file

@ -2,9 +2,11 @@
pkgs,
config,
...
}: {
}:
{
programs.neovim = {
plugins = with pkgs.vimPlugins;
plugins =
with pkgs.vimPlugins;
[
(nvim-treesitter.withPlugins (p: [ ]))
(pkgs.vimUtils.buildVimPlugin {
@ -39,7 +41,10 @@
indent-blankline-nvim
lazy-nvim
(LeaderF.overrideAttrs (super: {
buildInputs = [pkgs.python3 pkgs.python3Packages.setuptools];
buildInputs = [
pkgs.python3
pkgs.python3Packages.setuptools
];
}))
lspkind-nvim
lualine-nvim
@ -84,12 +89,13 @@
zen-mode-nvim
]
++ (
if pkgs.targetPlatform.system != "riscv64-linux"
then [
if pkgs.targetPlatform.system != "riscv64-linux" then
[
diffview-nvim
vim-grammarous
]
else []
else
[ ]
);
};
xdg.configFile."nvim/lua/config/lazy-nvim.lua".text = ''
@ -280,11 +286,13 @@
-- Better git commit experience
{ "rhysd/committia.vim", lazy = true },
${
if pkgs.targetPlatform.system != "riscv64-linux"
then '' {
if pkgs.targetPlatform.system != "riscv64-linux" then
''
{
"sindrets/diffview.nvim"
},''
else ""
else
""
}
{
"kevinhwang91/nvim-bqf",
@ -310,12 +318,14 @@
end,
},
${
if pkgs.targetPlatform.system != "riscv64-linux"
then '' {
if pkgs.targetPlatform.system != "riscv64-linux" then
''
{
"rhysd/vim-grammarous",
ft = { "markdown" },
},''
else ""
else
""
}
{ "chrisbra/unicode.vim", event = "VeryLazy" },
-- Additional powerful text object for vim, this plugin should be studied

View file

@ -1,4 +1,5 @@
{vscode-server, ...}: {
{ vscode-server, pkgs, ... }:
{
imports = [
"${vscode-server}/modules/vscode-server/home.nix"
];
@ -7,6 +8,25 @@
enableExtensionUpdateCheck = false;
enableUpdateCheck = false;
mutableExtensionsDir = false;
extensions = with pkgs.vscode-extensions; [
jnoortheen.nix-ide
mkhl.direnv
pkief.material-icon-theme
signageos.signageos-vscode-sops
];
userSettings = {
"editor.formatOnPaste" = true;
"editor.formatOnSave" = true;
"editor.formatOnType" = true;
"nix.enableLanguageServer" = true;
"nix.formatterPath" = "${pkgs.nixfmt-rfc-style}/bin/nixfmt";
"nix.serverPath" = "${pkgs.nil}/bin/nil";
"nix.serverSettings" = {
nil.formatting.command = [ "${pkgs.nixfmt-rfc-style}/bin/nixfmt" ];
};
"sops.binPath" = "${pkgs.sops}/bin/sops";
"workbench.iconTheme" = "material-icon-theme";
};
};
services.vscode-server.enable = true;
}

View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.eza.enable = true;
programs.bat.enable = true;
programs.fzf.enable = true;
@ -6,5 +7,8 @@
cat = "bat";
less = "bat";
};
home.packages = with pkgs; [ripgrep fd];
home.packages = with pkgs; [
ripgrep
fd
];
}

View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.fish.enable = true;
home-manager.users.root.imports = [
./home-manager.nix

View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
imports = [
./tide.nix
./z.nix

View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.fish.plugins = with pkgs.fishPlugins; [
{
name = "tide";

View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.fish.plugins = with pkgs.fishPlugins; [
{
name = "z";

View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
home-manager.users.root.imports = [
./home-manager.nix
];

View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.tmux = {
enable = true;
baseIndex = 1;

View file

@ -3,12 +3,15 @@
systemConfig,
lib,
...
}: let
}:
let
identityFile =
if config.home.username == "root"
then systemConfig.sops.secrets.".ssh/builder_id_ed25519".path
else config.sops.secrets.".ssh/builder_id_ed25519".path;
in {
if config.home.username == "root" then
systemConfig.sops.secrets.".ssh/builder_id_ed25519".path
else
config.sops.secrets.".ssh/builder_id_ed25519".path;
in
{
programs.ssh = {
enable = true;
matchBlocks = {

View file

@ -3,18 +3,28 @@
config,
systemConfig,
...
}: {
}:
{
imports = [
./builders.nix
];
programs.ssh = {
controlMaster = "auto";
controlPersist = "10m";
matchBlocks."*" = lib.hm.dag.entryAfter ["build-nas" "build-rainbow-resort" "build-aarch64" "build-riscv"] {
matchBlocks."*" =
lib.hm.dag.entryAfter
[
"build-nas"
"build-rainbow-resort"
"build-aarch64"
"build-riscv"
]
{
identityFile =
if config.home.username == "root"
then systemConfig.sops.secrets.".ssh/id_ed25519_sk".path
else config.sops.secrets.".ssh/id_ed25519_sk".path;
if config.home.username == "root" then
systemConfig.sops.secrets.".ssh/id_ed25519_sk".path
else
config.sops.secrets.".ssh/id_ed25519_sk".path;
};
enable = true;
};

View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
imports = [
./kdeconnect.nix
];

View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
services.kdeconnect = {
enable = true;
indicator = true;

View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
services.openssh.enable = true;
services.openssh.settings = {
PermitRootLogin = "yes";

View file

@ -3,7 +3,8 @@
lib,
...
}:
with lib; {
with lib;
{
config = mkIf (!config.isInstaller) {
services.tailscale = {
enable = true;

View file

@ -6,18 +6,22 @@
}:
testers.runNixOSTest {
name = "container-default-test";
nodes.default = {
nodes.default =
{
config,
pkgs,
nixos-config,
...
}: {
}:
{
imports = [
nixos-config.nixosModules.default
];
autoContainers = [ "default" ];
};
node.specialArgs = inputs // {inTester = true;};
node.specialArgs = inputs // {
inTester = true;
};
testScript = ''
machine.wait_for_unit("container@default.service")
'';

View file

@ -1,3 +1,4 @@
{...}: {
{ ... }:
{
home.stateVersion = "24.11";
}

View file

@ -1,4 +1,5 @@
{config, ...}: {
{ config, ... }:
{
users.users.darkkirb = {
createHome = true;
isNormalUser = true;
@ -16,7 +17,8 @@
owner = "darkkirb";
sopsFile = ./system.yaml;
};
home-manager.users.darkkirb.sops.age.keyFile = config.sops.secrets."users/users/darkkirb/age-key".path;
home-manager.users.darkkirb.sops.age.keyFile =
config.sops.secrets."users/users/darkkirb/age-key".path;
home-manager.users.darkkirb.home.persistence.default.directories = [
"sources"
{

View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
imports = [
./git.nix
];

View file

@ -1,10 +1,8 @@
{pkgs, systemConfig, ...}: {
{ pkgs, systemConfig, ... }:
{
programs.git = {
enable = true;
package =
if systemConfig.isGraphical
then pkgs.gitAndTools.gitFull
else pkgs.git;
package = if systemConfig.isGraphical then pkgs.gitAndTools.gitFull else pkgs.git;
lfs.enable = true;
userEmail = "lotte@chir.rs";
userName = "Charlotte 🦝 Delenk";
@ -17,4 +15,3 @@
delta.enable = true;
};
}

View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
imports = [
./home-manager.nix
./root

View file

@ -5,14 +5,13 @@
config,
sops-nix,
...
}: {
}:
{
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
backupFileExtension = "backup";
extraSpecialArgs =
inputs
// {
extraSpecialArgs = inputs // {
inherit inputs inputs';
systemConfig = config;
};

View file

@ -3,7 +3,8 @@
config,
lib,
...
}: {
}:
{
users.users.root = {
createHome = true;
openssh.authorizedKeys.keys = [