From 2510ffac1ef1af93c09eb279544ee7efbef56ce5 Mon Sep 17 00:00:00 2001 From: Tristan Schrader Date: Sun, 11 Feb 2024 11:06:30 -0800 Subject: [PATCH] massive rewrite into all flake modules --- .envrc | 1 - .gitignore | 1 + .sops.yaml | 2 +- bin/init.sh | 125 --------- bin/k8s | 15 -- bin/nixos | 55 ---- bin/nux | 3 - bin/tix | 70 ----- default.nix | 96 +++++++ flake.lock | 252 ++++++++++-------- flake.nix | 206 +++----------- {src/infra => old}/firefly.nix | 0 src/{home => }/brew/Brewfile | 0 src/brew/default.nix | 26 ++ src/darwin.nix | 41 +++ src/darwin/default.nix | 18 -- src/dev/nixos-flake.nix | 13 + src/dev/pre-commit.nix | 20 ++ src/dev/sops.nix | 33 +++ {conf => src/dev}/sops.yaml | 0 src/droid.nix | 34 +++ src/droid/default.nix | 21 -- src/{home => }/emacs/config.org | 0 src/emacs/default.nix | 77 ++++++ src/{home => }/emacs/elfeed.org | 0 src/{home => }/emacs/init.el | 0 src/git.nix | 35 +++ src/graphical.nix | 89 +++++++ src/hardware.nix | 30 +++ src/home.nix | 86 ++++++ src/home/.skhdrc | 145 ---------- src/home/.yabairc | 51 ---- src/home/brew/default.nix | 25 -- src/home/default.nix | 133 --------- src/home/emacs/default.nix | 61 ----- src/home/git/default.nix | 28 -- src/home/k9s/default.nix | 19 -- src/home/nvim/default.nix | 33 --- src/home/nvim/settings.lua | 42 --- src/home/spicetify/config-xpui.ini | 31 --- src/home/spicetify/darwin.nix | 4 - src/home/spicetify/linux.nix | 46 ---- src/home/ssh/default.nix | 55 ---- src/home/tmux/default.nix | 15 -- src/home/vim/default.nix | 45 ---- src/home/zsh/config.d/swatch.zsh | 42 --- src/home/zsh/config.d/wezterm.zsh | 4 - src/home/zsh/default.nix | 145 ---------- src/home/zsh/init.zshrc | 23 -- src/k9s.nix | 99 +++++++ src/kubernetes.nix | 19 ++ src/nixos.nix | 69 +++++ src/nixos/default.nix | 95 ------- src/nixos/kubernetes.nix | 10 - src/nux/clusters/prod/nux.yaml | 1 - src/nux/default.nix | 82 ------ src/nux/modules/default.nix | 31 --- src/nux/modules/gitrepositories.nix | 57 ---- src/nux/modules/helmreleases.nix | 109 -------- src/nux/modules/helmrepositories.nix | 57 ---- src/nux/modules/kustomizations.nix | 144 ---------- src/nux/modules/namespaces.nix | 29 -- src/nux/oauth2-proxy-config.py | 20 -- src/overlays/external.nix | 66 ----- src/overlays/internal.nix | 49 ---- src/people.nix | 63 +++++ src/scripts/default.nix | 9 + bin/utils.sh => src/scripts/nixos.sh | 50 ++++ src/spicetify.nix | 80 ++++++ src/ssh.nix | 80 ++++++ .../chilldom/hardware-configuration.nix | 43 --- src/systems/sirver/hardware-configuration.nix | 44 --- src/tix/sirver/default.nix | 29 -- src/tmux.nix | 41 +++ src/users/config.nix | 12 - src/users/default.nix | 57 ---- src/{home => }/vim/config.vim | 0 src/vim/default.nix | 60 +++++ src/wordnet.nix | 14 + src/work.nix | 15 ++ src/{home => }/wtf/config.yml | 0 src/wtf/default.nix | 16 ++ src/{home => }/wtf/slack_status_check.sh | 0 src/yaml.nix | 21 ++ src/{home => }/zsh/.p10k.zsh | 1 + src/zsh/default.nix | 170 ++++++++++++ 86 files changed, 1570 insertions(+), 2468 deletions(-) delete mode 100644 bin/init.sh delete mode 100755 bin/k8s delete mode 100755 bin/nixos delete mode 100755 bin/nux delete mode 100755 bin/tix create mode 100644 default.nix rename {src/infra => old}/firefly.nix (100%) rename src/{home => }/brew/Brewfile (100%) create mode 100644 src/brew/default.nix create mode 100644 src/darwin.nix delete mode 100644 src/darwin/default.nix create mode 100644 src/dev/nixos-flake.nix create mode 100644 src/dev/pre-commit.nix create mode 100644 src/dev/sops.nix rename {conf => src/dev}/sops.yaml (100%) create mode 100644 src/droid.nix delete mode 100644 src/droid/default.nix rename src/{home => }/emacs/config.org (100%) create mode 100644 src/emacs/default.nix rename src/{home => }/emacs/elfeed.org (100%) rename src/{home => }/emacs/init.el (100%) create mode 100644 src/git.nix create mode 100644 src/graphical.nix create mode 100644 src/hardware.nix create mode 100644 src/home.nix delete mode 100755 src/home/.skhdrc delete mode 100755 src/home/.yabairc delete mode 100644 src/home/brew/default.nix delete mode 100644 src/home/default.nix delete mode 100644 src/home/emacs/default.nix delete mode 100644 src/home/git/default.nix delete mode 100644 src/home/k9s/default.nix delete mode 100644 src/home/nvim/default.nix delete mode 100644 src/home/nvim/settings.lua delete mode 100644 src/home/spicetify/config-xpui.ini delete mode 100644 src/home/spicetify/darwin.nix delete mode 100644 src/home/spicetify/linux.nix delete mode 100644 src/home/ssh/default.nix delete mode 100644 src/home/tmux/default.nix delete mode 100644 src/home/vim/default.nix delete mode 100644 src/home/zsh/config.d/swatch.zsh delete mode 100644 src/home/zsh/config.d/wezterm.zsh delete mode 100644 src/home/zsh/default.nix delete mode 100644 src/home/zsh/init.zshrc create mode 100644 src/k9s.nix create mode 100644 src/kubernetes.nix create mode 100644 src/nixos.nix delete mode 100644 src/nixos/default.nix delete mode 100644 src/nixos/kubernetes.nix delete mode 120000 src/nux/clusters/prod/nux.yaml delete mode 100644 src/nux/default.nix delete mode 100644 src/nux/modules/default.nix delete mode 100644 src/nux/modules/gitrepositories.nix delete mode 100644 src/nux/modules/helmreleases.nix delete mode 100644 src/nux/modules/helmrepositories.nix delete mode 100644 src/nux/modules/kustomizations.nix delete mode 100644 src/nux/modules/namespaces.nix delete mode 100644 src/nux/oauth2-proxy-config.py delete mode 100644 src/overlays/external.nix delete mode 100644 src/overlays/internal.nix create mode 100644 src/people.nix create mode 100644 src/scripts/default.nix rename bin/utils.sh => src/scripts/nixos.sh (51%) create mode 100644 src/spicetify.nix create mode 100644 src/ssh.nix delete mode 100644 src/systems/chilldom/hardware-configuration.nix delete mode 100644 src/systems/sirver/hardware-configuration.nix delete mode 100644 src/tix/sirver/default.nix create mode 100644 src/tmux.nix delete mode 100644 src/users/config.nix delete mode 100644 src/users/default.nix rename src/{home => }/vim/config.vim (100%) create mode 100644 src/vim/default.nix create mode 100644 src/wordnet.nix create mode 100644 src/work.nix rename src/{home => }/wtf/config.yml (100%) create mode 100644 src/wtf/default.nix rename src/{home => }/wtf/slack_status_check.sh (100%) create mode 100644 src/yaml.nix rename src/{home => }/zsh/.p10k.zsh (99%) create mode 100644 src/zsh/default.nix diff --git a/.envrc b/.envrc index e3fecb3..3550a30 100644 --- a/.envrc +++ b/.envrc @@ -1,2 +1 @@ use flake - diff --git a/.gitignore b/.gitignore index 6458aa1..a968e82 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ /src/home/emacs/doom.d/config.el /src/home/emacs/doom.d/packages.el /src/home/emacs/doom.d/custom.el +/.pre-commit-config.yaml diff --git a/.sops.yaml b/.sops.yaml index 25a48d5..1008b77 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,7 +1,7 @@ keys: - &tristan age1udsm4dv9q95d76p7ljxqyceafrwj3twmq883glc3prmry4w9eunqfhg9p3 creation_rules: - - path_regex: conf/sops.yaml$ + - path_regex: src/dev/sops.yaml$ key_groups: - age: - *tristan diff --git a/bin/init.sh b/bin/init.sh deleted file mode 100644 index 01055b5..0000000 --- a/bin/init.sh +++ /dev/null @@ -1,125 +0,0 @@ -#!/bin/bash - -# Copy files from host -# ~/.zshrc -# ~/.p10k.zsh -# ~/.fzf.zsh -# ~/.fzf-gcloud.plugin.zsh (remember we had to rewrite this one...) - -# TODO setup .tmux.conf -# TODO wtfutil config - -# We should probably generate new SSH keys on a different host - -# Install brew -/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" -echo 'eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"' >> /home/tristanschrader/.profile -echo 'eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"' >> /home/tristanschrader/.zprofile -eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" -sudo apt-get install --yes build-essential fontconfig - -# Install brew dependencies -brew install ansible bat cheat darksky-weather direnv exa fzf gh git helm htop hyperfine jq kubernetes-cli lsof navi node operator-sdk ranger rclone ripgrep shellcheck speedtest-cli terraform thefuck tmux virtualenv wget wtfutil xclip zoxide zsh -# We don't install the mattermost cask because it barely works... Mattermost functionality is supported best in the browser unfortunately -brew install mmctl -brew install java -brew install emacs -brew install git-gui -brew install koekeishiya/formulae/yabai -brew install koekeishiya/formulae/skhd -brew install --cask kodi -brew install --cask jellyfin -brew install --cask android-studio -brew tap homebrew/command-not-found -/home/linuxbrew/.linuxbrew/opt/fzf/install - -# Install docker -sudo apt-get update --yes -sudo apt-get install ca-certificates curl gnupg lsb-release -sudo mkdir -p /etc/apt/keyrings -curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg -echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list >/dev/null -sudo apt-get update --yes -sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin -# Make run without root -sudo groupadd docker -sudo usermod -aG docker "$USER" -newgrp docker - -mkdir -p ~/.docker/cli-plugins -ln -sfn /home/linuxbrew/.linuxbrew/opt/docker-compose/bin/docker-compose ~/.docker/cli-plugins/docker-compose -DOCKER_BUILDX_LATEST=$(wget -qO- "https://api.github.com/repos/docker/buildx/releases/latest" | jq -r .name) -curl "https://github.com/docker/buildx/releases/download/$DOCKER_BUILDX_LATEST/buildx-$DOCKER_BUILDX_LATEST.linux-amd64" \ - -o ~/.docker/cli-plugins/docker-buildx -chmod a+x ~/.docker/cli-plugins/buildx-"$DOCKER_BUILDX_LATEST".linux-amd64 - -# TODO Must build node from source ??? -# TODO how to install docker? brew install --cask docker or just brew install docker? -# if gcloud doesn't exist, brew install --cask google-cloud-sdk -# if we want google drive mount, brew install --cask google-drive -# TODO handle if anything must be built from source, like brew install --build-from-source node - -# Install oh-my-zsh and plugins -sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" -# Install fonts -mkdir -p ~/.local/share/fonts -curl https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Regular.ttf -o ~/.local/share/fonts/MesloLGS%20NF%20Regular.ttf -curl https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Bold.ttf -o ~/.local/share/fonts/MesloLGS%20NF%20Bold.ttf -curl https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Italic.ttf -o ~/.local/share/fonts/MesloLGS%20NF%20Italic.ttf -curl https://github.com/romkatv/powerlevel10k-media/raw/master/MesloLGS%20NF%20Bold%20Italic.ttf -o ~/.local/share/fonts/MesloLGS%20NF%20Bold%20Italic.ttf -chmod 0644 ~/.local/share/fonts/MesloLGS%20NF%20Regular.ttf -chmod 0644 ~/.local/share/fonts/MesloLGS%20NF%20Bold.ttf -chmod 0644 ~/.local/share/fonts/MesloLGS%20NF%20Italic.ttf -chmod 0644 ~/.local/share/fonts/MesloLGS%20NF%20Bold%20Italic.ttf -sudo fc-cache -f -v -# Install theme -git clone --depth=1 https://github.com/romkatv/powerlevel10k.git "${ZSH_CUSTOM:-$HOME/.oh-my-zsh/custom}/themes/powerlevel10k" - -# Install plugins -git clone https://github.com/Aloxaf/fzf-tab "${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/fzf-tab" -# TODO should I use fast-syntax-highlighting or zsh-syntax-highlighting? -# git clone https://github.com/zdharma-continuum/fast-syntax-highlighting.git "${ZSH_CUSTOM:-$HOME/.oh-my-zsh/custom}/plugins/fast-syntax-highlighting" -# git clone https://github.com/zsh-users/zsh-syntax-highlighting.git "${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting" -git clone https://github.com/chrissicool/zsh-256color.git "$ZSH_CUSTOM/plugins/zsh-256color" -git clone https://github.com/unixorn/git-extra-commands.git "$ZSH_CUSTOM/plugins/git-extra-commands" -git clone https://github.com/MichaelAquilina/zsh-you-should-use.git "$ZSH_CUSTOM/plugins/you-should-use" -git clone https://github.com/DarrinTisdale/zsh-aliases-exa.git "$ZSH_CUSTOM/plugins/zsh-aliases-exa" -git clone https://github.com/zsh-users/zsh-autosuggestions.git "${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions" -git clone https://github.com/zsh-users/zsh-completions.git "${ZSH_CUSTOM:-${ZSH:-~/.oh-my-zsh}/custom}/plugins/zsh-completions" -git clone https://github.com/spwhitt/nix-zsh-completions.git "$ZSH_CUSTOM/plugins/nix-zsh-completions" - -# Change default shell -sudo chsh "$(whoami)" "$(which zsh)" - -# Install nix -sh <(curl -L https://nixos.org/nix/install) --daemon - -# Google drive mount -sudo apt install software-properties-common -echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/ocamlfuse.gpg] https://... $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/ocamlfuse.list >/dev/null -curl -fsSL https://.../gpg | sudo gpg --dearmor -o /etc/apt/keyrings/ocamlfuse.gpg -sudo add-apt-repository ppa:alessandro-strada/ppa -sudo apt update --yes -sudo apt install google-drive-ocamlfuse -google-drive-ocamlfuse -mkdir -p /Volumes/GoogleDrive -sudo chown "$USER" -R /Volumes -google-drive-ocamlfuse /Volumes/GoogleDrive - -release=$(lsb_release -cs) -pkg_name="google-drive-omcalfuse" -gpg_key="/etc/apt/keyrings/$pkg_name.gpg" -pkg_url="https://launchpad.net/~alessandro-strada/ubuntu/ppa/google-drive-ocamlfuse" -wget -O debian-ocamlfuse.deb https://launchpad.net/~alessandro-strada/+archive/ubuntu/ppa/+files/google-drive-ocamlfuse_0.7.30-0ubuntu1~ubuntu20.04.1_amd64.deb -sudo apt install ./debian-ocamlfuse.deb -rm -f ./debian-ocamlfuse.deb -# Unmounting -# fusermount -u /Volumes/GoogleDrive -# - -git config --global pager.branch false - - -# Spicetify -curl -fsSL https://raw.githubusercontent.com/spicetify/spicetify-cli/master/install.sh | sh -curl -fsSL https://raw.githubusercontent.com/spicetify/spicetify-marketplace/main/resources/install.sh | sh diff --git a/bin/k8s b/bin/k8s deleted file mode 100755 index ef38410..0000000 --- a/bin/k8s +++ /dev/null @@ -1,15 +0,0 @@ -#! /usr/bin/env bash - -set -o errexit - -root="$(git rev-parse --show-toplevel)" -secrets="$root/run/secrets" -mkdir -p "$secrets" -source "$root/bin/utils.sh" - -logfx <<< "Download kubernetes config" -k8s_config="$secrets/config.yaml" -k8s_name="sirver" -# k3s on nixos writes a root config in /etc/rancher for a "default" context on localhost -# but we want to replace these with our own preferences -ssh "$k8s_name" sudo cat /etc/rancher/k3s/k3s.yaml | sed "s/default/$k8s_name/g" > "$k8s_config" diff --git a/bin/nixos b/bin/nixos deleted file mode 100755 index 7224ef3..0000000 --- a/bin/nixos +++ /dev/null @@ -1,55 +0,0 @@ -#! /usr/bin/env bash - -set -o errexit - -# Setup -root="$(git rev-parse --show-toplevel)" -source "$root/bin/utils.sh" - -readarray -t devices < <(nix flake show --json | jq '.nixosConfigurations | keys[]' -r) -devices_str="$(IFS="|"; echo "${devices[*]}")" -cmd="test" - -usage="Usage: nixos - -d|--device DEVICE (Required) The device to deploy a nixos configuration for (options: ${devices_str}) - [-c|--cmd CMD] The nixos-rebuild command to run on the device (default: $cmd) - [--remote] The device is a remote device - [...] Extra arguments passed to nixos-rebuild -" - -# Parse and validate arguments -if [[ $# -eq 0 ]]; then - logfx exit_status=SUCCESS <<< "$usage" -fi -extra_args=() -while [[ $# -gt 0 ]]; do - case $1 in - -d|--device) - device="$2" - if ! contains "$device" "${devices[@]}"; then - logfx log_level=ERROR exit_status=FAILURE <<< "$1 is not an available device among: ${devices_str}" - fi - shift 1 - ;; - -c|--cmd) - cmd="$2" - shift 1 - ;; - --remote) - # We override the ControlPath because otherwise Nix will create too long of a Unix domain socket name - # if the name of the device is more than 5 characters... This path is managed by nix and will be deleted - # when the connection to the remote host ends when the program halts. - export NIX_SSHOPTS="-o ControlPath=/tmp/%C" - extra_args+=(--build-host "$device" --target-host "$device" --fast --use-remote-sudo) - ;; - *) - extra_args+=("$1") - ;; - esac - shift 1 -done -if [[ -z $device ]]; then - logfx log_level=ERROR exit_status=FAILURE <<< "No device specified. Options: ${devices_str}" -fi - -\nixos-rebuild "$cmd" --flake ".#$device" "${extra_args[@]}" diff --git a/bin/nux b/bin/nux deleted file mode 100755 index 21a1400..0000000 --- a/bin/nux +++ /dev/null @@ -1,3 +0,0 @@ -#! /usr/bin/env bash - -nix build "$PRJ_ROOT#nux" --out-link "$PRJ_ROOT/src/nux/clusters/prod/nux.yaml" diff --git a/bin/tix b/bin/tix deleted file mode 100755 index fdb1a1a..0000000 --- a/bin/tix +++ /dev/null @@ -1,70 +0,0 @@ -#!/usr/bin/env bash -# shellcheck disable=SC2239 - -set -o errexit - -# Variable and function definitions -root="$(git rev-parse --show-toplevel)" -source "$root/bin/utils.sh" - -readarray -t workspaces < <(find "$root/src/tix" -type d -exec basename {} \; | sed 1d) -workspaces_str="$(IFS="|"; echo "${workspaces[*]}")" - -usage="Usage: tix - [-h|--help] Display this message - [tf WORKSPACE] Terraform workspace to build (options: ${workspaces_str}) - [all] Run entire terraform workspace in phases - [...] Options will be passed to terraform -" - -# Parse arguments -# SUBJECT is needed for the Google Drive Terraform provider -SUBJECT="$(git config user.email)" -export SUBJECT - -if [[ $# -eq 0 ]]; then - logfx exit_status=SUCCESS <<< "$usage" -fi -while [[ $# -gt 0 ]]; do - group="$1" - case $group in - tf) - workspace="$2" - if ! contains "$workspace" "${workspaces[@]}"; then - message="'$workspace' is not a valid workspace among: ${workspaces_str}" - logfx log_level=ERROR exit_status=FAILURE <<< "$message" - fi - case $3 in - all) - bb tf "$workspace" -- init - bb tf "$workspace" -- apply -auto-approve - exit 0 - ;; - *) - # Open SSH tunnel if connecting to a remote host - [[ $workspace != local && $workspace != $(hostname) ]] && { - ssh -N -L 6443:localhost:6443 "$workspace" & - ssh_pid=$! - trap 'kill -9 "$ssh_pid" &> /dev/null' EXIT - sleep 1 - } - - # Build workspace config with terranix - nix build "$root#${workspace}" - - # Prepare run directory - run_d="$root/run/terraform/$workspace" - mkdir -p "$run_d" - mv -f "$(pwd)/result" "$run_d/terraform.tf.json" - - # Run terraform - terraform -chdir="$run_d" "${@:3}" - exit 0 - ;; - esac - ;; - --help|-h) logfx exit_status=SUCCESS <<< "$usage" ;; - *) logfx log_level=ERROR exit_status=FAILURE <<< "'$1' is not a recognized option" ;; - esac - shift -done diff --git a/default.nix b/default.nix new file mode 100644 index 0000000..b706d79 --- /dev/null +++ b/default.nix @@ -0,0 +1,96 @@ +{inputs, ...}: let + lib = inputs.nixpkgs.lib; + flake-parts-lib = inputs.flake-parts.lib; + + # Convenience functions + pipe' = functions: value: lib.trivial.pipe value functions; + flatMap = function: pipe' [(builtins.map function) lib.lists.flatten]; + + # Filesystem traversal + filter = f: root: + lib.trivial.pipe root [ + builtins.readDir + (lib.attrsets.filterAttrs f) + builtins.attrNames + (builtins.map (file: root + "/${file}")) + ]; + dirs = filter (_: type: type == "directory"); + files = filter (name: type: type == "regular" && builtins.match ".+\.nix$" name != null); + everything = let + filesAndDirs = root: [ + (files root) + (builtins.map everything (dirs root)) + ]; + in + pipe' [lib.lists.toList (flatMap filesAndDirs)]; + everythingBut = roots: exclude: builtins.filter (path: lib.lists.all (prefix: ! lib.path.hasPrefix prefix path) exclude) (everything roots); + + # Options + mkEnabledOption = doc: + lib.mkOption { + type = lib.types.bool; + default = true; + example = false; + description = lib.mdDoc "Whether to enable ${doc}"; + }; + mkSystemOption = args: + lib.mkOption ({ + type = lib.types.enum (import inputs.systems-all); + default = builtins.head (import inputs.systems-default); + example = builtins.head (import inputs.systems-darwin); + description = lib.mdDoc "System for the configuration"; + } + // args); + mkOpenModuleOption = args: + lib.mkOption ({ + type = lib.types.lazyAttrsOf lib.types.unspecified; + default = {}; + } + // args); + + nix = lib.attrsets.mergeAttrsList [ + builtins + lib + lib.attrsets + lib.strings + lib.trivial + lib.types + flake-parts-lib + { + inherit pipe' flatMap; + inherit mkEnabledOption mkOpenModuleOption mkSystemOption; + fs = {inherit filter dirs files everything everythingBut;}; + } + ]; +in { + imports = nix.fs.everything ./src; + + _module.args.nix = nix; + + perSystem = { + config, + pkgs, + system, + ... + }: { + _module.args.nix = nix; + _module.args.pkgs = with nix; + import inputs.nixpkgs { + inherit system; + overlays = attrValues inputs.self.overlays; + config.allowUnfreePredicate = pkg: elem (getName pkg) ["terraform" "spotify" "android-studio-stable"]; + }; + devShells.default = pkgs.mkShell { + inputsFrom = nix.attrValues (nix.removeAttrs config.devShells ["default"]); + }; + }; + + flake.nixosModules.args = { + _module.args.nix = nix; + home-manager.extraSpecialArgs.nix = nix; + }; + flake.darwinModules_.args = { + _module.args.nix = nix; + home-manager.extraSpecialArgs.nix = nix; + }; +} diff --git a/flake.lock b/flake.lock index 3463bdc..1be2663 100644 --- a/flake.lock +++ b/flake.lock @@ -1,37 +1,5 @@ { "nodes": { - "bats-assert": { - "flake": false, - "locked": { - "lastModified": 1636059754, - "narHash": "sha256-ewME0l27ZqfmAwJO4h5biTALc9bDLv7Bl3ftBzBuZwk=", - "owner": "bats-core", - "repo": "bats-assert", - "rev": "34551b1d7f8c7b677c1a66fc0ac140d6223409e5", - "type": "github" - }, - "original": { - "owner": "bats-core", - "repo": "bats-assert", - "type": "github" - } - }, - "bats-support": { - "flake": false, - "locked": { - "lastModified": 1548869839, - "narHash": "sha256-Gr4ntadr42F2Ks8Pte2D4wNDbijhujuoJi4OPZnTAZU=", - "owner": "bats-core", - "repo": "bats-support", - "rev": "d140a65044b2d6810381935ae7f0c94c7023c8c3", - "type": "github" - }, - "original": { - "owner": "bats-core", - "repo": "bats-support", - "type": "github" - } - }, "doom-emacs": { "flake": false, "locked": { @@ -214,6 +182,22 @@ "type": "github" } }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" @@ -288,11 +272,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1685518550, - "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", "owner": "numtide", "repo": "flake-utils", - "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", "type": "github" }, "original": { @@ -302,12 +286,15 @@ } }, "flake-utils_5": { + "inputs": { + "systems": "systems_4" + }, "locked": { - "lastModified": 1634851050, - "narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=", + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", "owner": "numtide", "repo": "flake-utils", - "rev": "c91f3de5adaf1de973b797ef7485e441a65b8935", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", "type": "github" }, "original": { @@ -333,6 +320,27 @@ "type": "github" } }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703887061, + "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "gke-gcloud-auth-plugin-flake": { "inputs": { "flake-utils": "flake-utils_2", @@ -598,46 +606,47 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1702148972, - "narHash": "sha256-h2jODFP6n+ABrUWcGRSVPRFfLOkM9TJ2pO+h+9JcaL0=", + "lastModified": 1704874635, + "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b8f33c044e51de6dde3ad80a9676945e0e4e3227", + "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", "type": "github" }, "original": { "owner": "NixOS", - "ref": "release-23.05", + "ref": "nixos-23.11", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs_10": { + "nixpkgs-stable_3": { "locked": { - "lastModified": 1636823747, - "narHash": "sha256-oWo1nElRAOZqEf90Yek2ixdHyjD+gqtS/pAgwaQ9UhQ=", - "owner": "nixos", + "lastModified": 1702148972, + "narHash": "sha256-h2jODFP6n+ABrUWcGRSVPRFfLOkM9TJ2pO+h+9JcaL0=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "f6a2ed2082d9a51668c86ba27d0b5496f7a2ea93", + "rev": "b8f33c044e51de6dde3ad80a9676945e0e4e3227", "type": "github" }, "original": { - "owner": "nixos", + "owner": "NixOS", + "ref": "release-23.05", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs_11": { + "nixpkgs_10": { "locked": { - "lastModified": 1695644571, - "narHash": "sha256-asS9dCCdlt1lPq0DLwkVBbVoEKuEuz+Zi3DG7pR/RxA=", - "owner": "nixos", + "lastModified": 1686020360, + "narHash": "sha256-Wee7lIlZ6DIZHHLiNxU5KdYZQl0iprENXa/czzI6Cj4=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "6500b4580c2a1f3d0f980d32d285739d8e156d92", + "rev": "4729ffac6fd12e26e5a8de002781ffc49b0e94b7", "type": "github" }, "original": { - "owner": "nixos", + "owner": "NixOS", "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" @@ -734,11 +743,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1702029940, - "narHash": "sha256-qM3Du0perpLesh5hr87mVPZ79McMUKIWUH7EQMh2kWo=", + "lastModified": 1704842529, + "narHash": "sha256-OTeQA+F8d/Evad33JMfuXC89VMetQbsU4qcaePchGr4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e9ef8a102c555da4f8f417fe5cf5bd539d8a38b7", + "rev": "eabe8d3eface69f5bb16c18f8662a702f50c20d5", "type": "github" }, "original": { @@ -750,16 +759,16 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1686020360, - "narHash": "sha256-Wee7lIlZ6DIZHHLiNxU5KdYZQl0iprENXa/czzI6Cj4=", + "lastModified": 1702029940, + "narHash": "sha256-qM3Du0perpLesh5hr87mVPZ79McMUKIWUH7EQMh2kWo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4729ffac6fd12e26e5a8de002781ffc49b0e94b7", + "rev": "e9ef8a102c555da4f8f417fe5cf5bd539d8a38b7", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -908,6 +917,28 @@ "type": "github" } }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils_4", + "gitignore": "gitignore", + "nixpkgs": "nixpkgs_8", + "nixpkgs-stable": "nixpkgs-stable_2" + }, + "locked": { + "lastModified": 1707297608, + "narHash": "sha256-ADjo/5VySGlvtCW3qR+vdFF4xM9kJFlRDqcC9ZGI8EA=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "0db2e67ee49910adfa13010e7f012149660af7f0", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "revealjs": { "flake": false, "locked": { @@ -935,10 +966,12 @@ "nix-on-droid": "nix-on-droid", "nixos-flake": "nixos-flake", "nixpkgs": "nixpkgs_7", + "pre-commit-hooks-nix": "pre-commit-hooks-nix", "sops-nix": "sops-nix", "spicetify-nix": "spicetify-nix", - "terranix": "terranix", - "treefmt-nix": "treefmt-nix" + "systems-all": "systems-all", + "systems-darwin": "systems-darwin", + "systems-default": "systems-default" } }, "rotate-text": { @@ -975,8 +1008,8 @@ }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_8", - "nixpkgs-stable": "nixpkgs-stable_2" + "nixpkgs": "nixpkgs_9", + "nixpkgs-stable": "nixpkgs-stable_3" }, "locked": { "lastModified": 1702177193, @@ -994,8 +1027,8 @@ }, "spicetify-nix": { "inputs": { - "flake-utils": "flake-utils_4", - "nixpkgs": "nixpkgs_9" + "flake-utils": "flake-utils_5", + "nixpkgs": "nixpkgs_10" }, "locked": { "lastModified": 1699986787, @@ -1026,7 +1059,7 @@ "type": "github" } }, - "systems_2": { + "systems-all": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -1041,73 +1074,78 @@ "type": "github" } }, - "systems_3": { + "systems-darwin": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1680978170, + "narHash": "sha256-PHVNQ7y0EQYzujQRYoRdb96K0m1KSeAjSrbz2b75S6Q=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "aarch64-darwin", + "rev": "75e6c6912484d28ebba5769b794ffa4aff653ba2", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "aarch64-darwin", "type": "github" } }, - "terranix": { - "inputs": { - "bats-assert": "bats-assert", - "bats-support": "bats-support", - "flake-utils": "flake-utils_5", - "nixpkgs": "nixpkgs_10", - "terranix-examples": "terranix-examples" - }, + "systems-default": { "locked": { - "lastModified": 1695406838, - "narHash": "sha256-xiUfVD6rtsVWFotVtUW3Q1nQh4obKzgvpN1wqZuGXvM=", - "owner": "terranix", - "repo": "terranix", - "rev": "fc9077ca02ab5681935dbf0ecd725c4d889b9275", + "lastModified": 1680978846, + "narHash": "sha256-Gtqg8b/v49BFDpDetjclCYXm8mAnTrUzR0JnE2nv5aw=", + "owner": "nix-systems", + "repo": "x86_64-linux", + "rev": "2ecfcac5e15790ba6ce360ceccddb15ad16d08a8", "type": "github" }, "original": { - "owner": "terranix", - "repo": "terranix", + "owner": "nix-systems", + "repo": "x86_64-linux", "type": "github" } }, - "terranix-examples": { + "systems_2": { "locked": { - "lastModified": 1636300201, - "narHash": "sha256-0n1je1WpiR6XfCsvi8ZK7GrpEnMl+DpwhWaO1949Vbc=", - "owner": "terranix", - "repo": "terranix-examples", - "rev": "a934aa1cf88f6bd6c6ddb4c77b77ec6e1660bd5e", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { - "owner": "terranix", - "repo": "terranix-examples", + "owner": "nix-systems", + "repo": "default", "type": "github" } }, - "treefmt-nix": { - "inputs": { - "nixpkgs": "nixpkgs_11" + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_4": { "locked": { - "lastModified": 1702281974, - "narHash": "sha256-OX6umqmLlRKKX0yEfQBmMx8pDNHtxp+sGTLyFh8kLG8=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "5ff2cdbe0db6a6f3445f7d878cb87d121d914d83", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { - "owner": "numtide", - "repo": "treefmt-nix", + "owner": "nix-systems", + "repo": "default", "type": "github" } }, diff --git a/flake.nix b/flake.nix index 3d12092..9527e0f 100644 --- a/flake.nix +++ b/flake.nix @@ -6,9 +6,13 @@ nix-darwin.url = github:LnL7/nix-darwin; nix-on-droid.url = github:nix-community/nix-on-droid/release-23.05; + systems-all.url = github:nix-systems/default; + systems-default.url = github:nix-systems/x86_64-linux; + systems-darwin.url = github:nix-systems/aarch64-darwin; + nixos-flake.url = github:srid/nixos-flake; flake-parts.url = github:hercules-ci/flake-parts; - treefmt-nix.url = github:numtide/treefmt-nix; + pre-commit-hooks-nix.url = github:cachix/pre-commit-hooks.nix; # nix-doom-emacs marked as broken for now # TODO keep tabs on this project to see if it's evolving enough to try to use @@ -16,184 +20,46 @@ emacs-overlay.url = github:nix-community/emacs-overlay; sops-nix.url = github:Mic92/sops-nix; - terranix.url = github:terranix/terranix; gke-gcloud-auth-plugin-flake.url = github:christian-blades-cb/gke-gcloud-auth-plugin-nix; spicetify-nix.url = github:the-argus/spicetify-nix; }; outputs = inputs: inputs.flake-parts.lib.mkFlake {inherit inputs;} { - systems = ["x86_64-linux" "aarch64-darwin"]; - imports = [ - inputs.treefmt-nix.flakeModule - inputs.nixos-flake.flakeModule - ./src/home - ./src/nixos - ./src/nixos/kubernetes.nix - ./src/darwin - ./src/droid - ./src/users - ]; - flake = let - allowUnfree = { - pkgs ? [], - system ? builtins.currentSystem, - }: pkg: builtins.elem (inputs.nixpkgs.legacyPackages.${system}.lib.getName pkg) pkgs; - in { - overlays.default = inputs.nixpkgs.lib.composeManyExtensions [ - (import ./src/overlays/external.nix) - (import ./src/overlays/internal.nix) - inputs.emacs-overlay.overlay - inputs.gke-gcloud-auth-plugin-flake.overlays.default - ]; - nixosConfigurations.chilldom = inputs.nixpkgs.lib.nixosSystem { - pkgs = import inputs.nixpkgs rec { - system = "x86_64-linux"; - overlays = [inputs.self.overlays.default]; - config.allowUnfreePredicate = allowUnfree { pkgs = ["discord" "android-studio-stable" "spotify"]; inherit system; }; - }; - specialArgs = inputs.self.nixos-flake.lib.specialArgsFor.nixos; - modules = [ - inputs.self.nixosModules.graphical - ./src/systems/chilldom/hardware-configuration.nix - ({lib, ...}: { - networking.hostName = "chilldom"; - networking.wireless.enable = true; - networking.wireless.networks.lanyard.psk = "bruhWHY123!"; - }) - ]; - }; - nixosConfigurations.sirver = inputs.nixpkgs.lib.nixosSystem { - pkgs = import inputs.nixpkgs { - system = "x86_64-linux"; - overlays = [inputs.self.overlays.default]; - }; - specialArgs = inputs.self.nixos-flake.lib.specialArgsFor.nixos; - modules = [ - inputs.self.nixosModules.headless - inputs.self.nixosModules.kubernetes - ./src/systems/sirver/hardware-configuration.nix - { - networking.hostName = "sirver"; - home-manager.users.tristan = { - imports = [./src/home/k9s]; - }; - } - ]; - }; - darwinConfigurations.morgenmuffel = inputs.self.nixos-flake.lib.mkMacosSystem ({pkgs, ...}: { - imports = [inputs.self.darwinModules.common]; - home-manager.users.${inputs.self.people.me}.home.packages = with pkgs; [ - google-cloud-sdk - gke-gcloud-auth-plugin - skhd - ]; - }); - nixOnDroidConfigurations.boox = inputs.nix-on-droid.lib.nixOnDroidConfiguration { - modules = [inputs.self.droidModules.common]; - }; - }; - perSystem = { - self', - config, - pkgs, - lib, - system, - ... - }: { - _module.args.pkgs = import inputs.nixpkgs { - inherit system; - overlays = [inputs.self.overlays.default]; - config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) ["terraform"]; - }; - nixos-flake.primary-inputs = ["nixpkgs" "home-manager" "nix-darwin" "nixos-flake"]; + # TODO fix infinite recursion using `nix.mkIf` - formatter = config.treefmt.build.wrapper; - treefmt.config = { - projectRootFile = "flake.nix"; - programs.alejandra.enable = true; - }; + systems = import inputs.systems-all; + imports = [./.]; - legacyPackages.homeConfigurations.tristanschrader = inputs.self.nixos-flake.lib.mkHomeConfiguration pkgs { - imports = [ - inputs.self.homeModules.common - inputs.self.homeModules.darwin-graphical - ]; - hostname = "morgenmuffel"; - home.username = "tristanschrader"; - home.packages = with pkgs; [google-cloud-sdk gke-gcloud-auth-plugin deluge]; - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) ["discord"]; + people = { + me = "tristan"; + users.tristan = { + name = "Tristan Schrader"; + email = "t0rdos@pm.me"; + accounts.github = "schradert"; + accounts.gitlab = "schrader.tristan"; + sshKeys.github.public = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBU/var4dzyl3BvVvN/e+T6JjnptZVhLpLemn6UaUcm"; }; - - packages.default = self'.packages.activate; - packages.home = self'.packages.activate-home; - packages.nux = pkgs.mk-nux-pkg ./src/nux; - devShells.default = pkgs.mkShell { - packages = with pkgs; [ - kubectl - kubernetes-helm - nixos-rebuild - sops - ssh-to-age - terraform - ]; - shellHook = '' - export PRJ_ROOT="$(git rev-parse --show-toplevel)" - export KUBE_CONFIG_PATH="$PRJ_ROOT/run/secrets/config.yaml" - export KUBECONFIG="$KUBE_CONFIG_PATH:$HOME/.kube/config" - PATH_add bin - ''; - }; - - # TODO (Tristan): convert these two packages into new system - packages.sirver = inputs.terranix.lib.terranixConfiguration { - inherit system pkgs; - modules = [ - # ./src/infra/firefly.nix - ({config, ...}: { - provider.kubernetes = { - config_path = "~/.kube/config"; - config_context = "k3d-local"; - }; - provider.helm = {inherit (config.provider) kubernetes;}; - }) - { - terraform.required_providers = { - github.source = "integrations/github"; - github.version = "5.42.0"; - flux.source = "fluxcd/flux"; - flux.version = "1.1.2"; - }; - resource.tls_private_key.flux = { - algorithm = "ECDSA"; - ecdsa_curve = "P256"; - }; - resource.github_repository_deploy_key.flux = { - key = "\${ tls_private_key.flux.public_key_openssh }"; - read_only = false; - repository = "backbone"; - title = "Flux"; - }; - provider.flux = { - kubernetes = {}; - git.url = "ssh://git@github.com/schradert/dotfiles"; - git.branch = "trunk"; - git.ssh = { - username = "git"; - private_key = "\${ tls_private_key.flux.private_key_pem }"; - }; - }; - resource.flux_bootstrap_git.prod = {path = "src/nux/clusters/prod";}; - } - ]; - }; - packages.local = inputs.terranix.lib.terranixConfiguration { - inherit system pkgs; - modules = [ - ./src/tix/sirver - {locals.cluster.name = "sirver";} - # ./src/infra/firefly.nix - ]; + users.test = { + name = "Test User"; + email = "test@t0rdos.me"; }; }; + nixos.sirver.module = { + dotfiles.kubernetes.enable = true; + # TODO allow creating another basic user + # dotfiles.users.test.home.dotfiles.work.enable = true; + boot.initrd.availableKernelModules = ["ehci_pci" "megaraid_sas" "usbhid"]; + }; + nixos.chilldom.module = { + dotfiles.graphical.enable = true; + boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "rtsx_pci_sdmmc"]; + networking.wireless.enable = true; + networking.wireless.networks.lanyard.psk = "bruhWHY123!"; + powerManagement.cpuFreqGovernor = "powersave"; + }; + droid.boox = {}; + droid.mobile = {}; + # TODO fix nix-darwin + darwin.morgenmuffel.module.dotfiles.work.enable = true; }; } diff --git a/src/infra/firefly.nix b/old/firefly.nix similarity index 100% rename from src/infra/firefly.nix rename to old/firefly.nix diff --git a/src/home/brew/Brewfile b/src/brew/Brewfile similarity index 100% rename from src/home/brew/Brewfile rename to src/brew/Brewfile diff --git a/src/brew/default.nix b/src/brew/default.nix new file mode 100644 index 0000000..2553379 --- /dev/null +++ b/src/brew/default.nix @@ -0,0 +1,26 @@ +{ + flake.homeModules.brew = { + lib, + pkgs, + ... + }: let + brew = "/opt/homebrew/bin/brew"; + in + lib.mkIf pkgs.stdenv.isDarwin { + home.file.".config/brew/Brewfile".source = ./Brewfile; + home.activation.homebrewSelfInstallation = lib.hm.dag.entryAfter ["linkGeneration"] '' + if [ ! -x "${brew}" ] &>/dev/null; then + $DRY_RUN_CMD ${pkgs.bash}/bin/bash \ + -c "$(${pkgs.curl}/bin/curl \ + --fail --silent --show-error --location \ + https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" + fi + ''; + home.activation.homebrewPkgsInstallation = lib.hm.dag.entryAfter ["homebrewSelfInstallation"] '' + export HOMEBREW_BUNDLE_NO_LOCKFILE_WRITE_WARNING=1 + $DRY_RUN_CMD "${brew}" bundle check --file ${./Brewfile} \ + || "${brew}" bundle install --file ${./Brewfile} --cleanup + # $DRY_RUN_CMD zsh -c "'${brew}' install emacs-plus@29 --with-native-comp --with-modern-doom3-icon --with-xwidgets --with-poll --with-imagemagick --with-dbus" + ''; + }; +} diff --git a/src/darwin.nix b/src/darwin.nix new file mode 100644 index 0000000..3d0150d --- /dev/null +++ b/src/darwin.nix @@ -0,0 +1,41 @@ +{ + config, + inputs, + nix, + withSystem, + ... +}: +with nix; { + options.darwin = mkOption { + type = attrsOf (submodule { + options.system = mkSystemOption {}; + options.module = mkOpenModuleOption {}; + }); + default = {}; + description = "Specific Nix-Darwin configurations"; + }; + options.flake = mkSubmoduleOptions { + darwinModules_ = mkOpenModuleOption { + description = mkDoc "Nix-Darwin modules"; + }; + }; + config.flake.darwinModules_.default = { + users.users.${config.people.me} = {}; + system.stateVersion = 4; + }; + config.flake.darwinConfigurations = mapAttrs (name: cfg: + withSystem cfg.system ({ + pkgs, + system, + ... + }: + inputs.nix-darwin.lib.darwinSystem { + inherit pkgs system; + specialArgs = inputs.self.nixos-flake.lib.specialArgsFor.darwin; + modules = toList { + imports = attrValues inputs.self.darwinModules_ ++ [cfg.module]; + nixpkgs.hostPlatform = system; + }; + })) + config.nixos; +} diff --git a/src/darwin/default.nix b/src/darwin/default.nix deleted file mode 100644 index 1acd2ac..0000000 --- a/src/darwin/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - self, - config, - ... -}: { - flake = { - darwinModules.common = { - users.users.${config.people.me} = {}; - home-manager.users.${config.people.me} = { - imports = [ - self.darwinModules.home-manager - self.homeModules.darwin-graphical - ]; - }; - system.stateVersion = 4; - }; - }; -} diff --git a/src/dev/nixos-flake.nix b/src/dev/nixos-flake.nix new file mode 100644 index 0000000..63807bf --- /dev/null +++ b/src/dev/nixos-flake.nix @@ -0,0 +1,13 @@ +{ + inputs, + nix, + ... +}: { + imports = [inputs.nixos-flake.flakeModule]; + perSystem = {self', ...}: { + nixos-flake.primary-inputs = nix.subtractLists ["self"] (nix.attrNames inputs); + packages.default = self'.packages.activate; + # TODO why isn't this package recognized? + # packages.home = self'.packages.activate-home; + }; +} diff --git a/src/dev/pre-commit.nix b/src/dev/pre-commit.nix new file mode 100644 index 0000000..80753e8 --- /dev/null +++ b/src/dev/pre-commit.nix @@ -0,0 +1,20 @@ +{inputs, ...}: { + imports = [inputs.pre-commit-hooks-nix.flakeModule]; + perSystem = { + config, + pkgs, + ... + }: { + pre-commit.settings.default_stages = ["push" "manual"]; + pre-commit.settings.hooks = { + gitleaks.enable = true; + gitleaks.entry = "${pkgs.gitleaks}/bin/gitleaks protect --redact"; + alejandra.enable = true; + shellcheck.enable = true; + }; + devShells.pre-commit = pkgs.mkShell { + inputsFrom = [config.pre-commit.devShell]; + packages = with pkgs; [alejandra gitleaks shellcheck]; + }; + }; +} diff --git a/src/dev/sops.nix b/src/dev/sops.nix new file mode 100644 index 0000000..886e714 --- /dev/null +++ b/src/dev/sops.nix @@ -0,0 +1,33 @@ +{inputs, ...}: { + flake.homeModules.sops-nix = inputs.sops-nix.homeManagerModules.sops; + perSystem = { + config, + nix, + pkgs, + ... + }: { + # # Upgrading sops because: https://github.com/getsops/sops/issues/1263 + # # Overriding go modules requires overriding the buildGoModule function instead of attributes directly. + # # Follow the discussion and activity below: + # # [Issue](https://github.com/NixOS/nixpkgs/issues/86349) + # # [PR: buildGoModule](https://github.com/NixOS/nixpkgs/pull/225051) + # # [PR: lib.extendMkDerivation](https://github.com/NixOS/nixpkgs/pull/234651) + packages.sops = pkgs.sops.override { + buildGoModule = args: + pkgs.buildGoModule (args + // rec { + version = "3.8.1"; + src = pkgs.fetchFromGitHub { + owner = "mozilla"; + repo = args.pname; + rev = "v${version}"; + sha256 = "4K09wLV1+TvYTtvha6YyGhjlhEldWL1eVazNwcEhi3Q="; + }; + vendorHash = "sha256-iRgLspYhwSVuL0yarPdjXCKfjK7TGDZeQCOcIYtNvzA="; + }); + }; + devShells.sops = pkgs.mkShell { + packages = [config.packages.sops]; + }; + }; +} diff --git a/conf/sops.yaml b/src/dev/sops.yaml similarity index 100% rename from conf/sops.yaml rename to src/dev/sops.yaml diff --git a/src/droid.nix b/src/droid.nix new file mode 100644 index 0000000..8e95b6e --- /dev/null +++ b/src/droid.nix @@ -0,0 +1,34 @@ +{ + inputs, + nix, + ... +}: +with nix; { + options.droid = mkOpenModuleOption { + description = "Specific Nix-on-Droid configurations"; + }; + options.flake = mkSubmoduleOptions { + droidModules = mkOpenModuleOption { + description = mkDoc "Nix-on-Droid modules"; + }; + }; + config.flake.droidModules.default = { + environment.etcBackupExtension = ".bak"; + home-manager.backupFileExtension = "hm-bak"; + home-manager.config = { + imports = attrValues inputs.self.homeModules; + # TODO what's the right user name and location? + # home.username = "termux"; + # home.userDirectory = "/data/data/com.termux.nix/files/home"; + }; + home-manager.useGlobalPkgs = true; + nix.extraOptions = '' + experimental-features = nix-command flakes + ''; + system.stateVersion = "23.05"; + }; + config.flake.nixOnDroidConfigurations = mapAttrs' (_: module: + inputs.nix-on-droid.lib.nixOnDroidConfiguration { + modules = attrValues inputs.self.droidModules ++ [module]; + }); +} diff --git a/src/droid/default.nix b/src/droid/default.nix deleted file mode 100644 index 831bcda..0000000 --- a/src/droid/default.nix +++ /dev/null @@ -1,21 +0,0 @@ -{self, ...}: { - flake = { - droidModules.common = { - environment.etcBackupExtension = ".bak"; - home-manager.backupFileExtension = "hm-bak"; - home-manager.config = { - imports = [self.homeModules.common]; - # TODO what's the right user name and location? - # home.username = "termux"; - # home.userDirectory = "/data/data/com.termux.nix/files/home"; - programs.eza.enable = null; - programs.exa.enable = true; - }; - home-manager.useGlobalPkgs = true; - nix.extraOptions = '' - experimental-features = nix-command flakes - ''; - system.stateVersion = "23.05"; - }; - }; -} diff --git a/src/home/emacs/config.org b/src/emacs/config.org similarity index 100% rename from src/home/emacs/config.org rename to src/emacs/config.org diff --git a/src/emacs/default.nix b/src/emacs/default.nix new file mode 100644 index 0000000..9e9c1f8 --- /dev/null +++ b/src/emacs/default.nix @@ -0,0 +1,77 @@ +{inputs, ...}: { + flake.overlays.emacs = inputs.emacs-overlay.overlay; + flake.homeModules.emacs = { + config, + flake, + lib, + nix, + pkgs, + ... + }: + with lib; + mkMerge [ + { + services.emacs = { + enable = mkDefault pkgs.stdenv.isLinux; + defaultEditor = config.dotfiles.editor == "emacs"; + # package = inputs.emacs-overlay.packages.${system}.emacs-unstable-pgtk; + package = pkgs.emacs-unstable-pgtk; + }; + } + (mkIf config.services.emacs.enable (mkMerge [ + { + programs.zsh.initExtraLines = nix.toList "export PATH=\"$HOME/.config/emacs/bin:$PATH\""; + home = { + file.".doom.d/init.el".source = ./init.el; + file.".doom.d/config.org".source = ./config.org; + # TODO get elfeed working + packages = with pkgs; [ + config.services.emacs.package + + # dependencies + cargo + editorconfig-core-c + gopls + gotools + gomodifytags + gore + gotests + gnugrep + graphviz + haskellPackages.haskell-language-server + haskellPackages.hoogle + haskellPackages.cabal-install + imagemagick + ispell + isync + ktlint + mu + nil + nixfmt + nodePackages.js-beautify + nodePackages.stylelint + pandoc + pipenv + python311Packages.grip + python311Packages.isort + python311Packages.nose + python311Packages.pytest + rust-analyzer + rustc + shellcheck + taplo + sqls + ]; + }; + } + (mkIf config.programs.git.enable { + home.activation.doomInstallation = hm.dag.entryAfter ["linkGeneration"] '' + if [ ! -d "$XDG_CONFIG_HOME/emacs" ]; then + ${pkgs.git}/bin/git clone --depth 1 https://github.com/doomemacs/doomemacs "$XDG_CONFIG_HOME/emacs" + "$XDG_CONFIG_HOME/emacs/bin/doom" install + fi + ''; + }) + ])) + ]; +} diff --git a/src/home/emacs/elfeed.org b/src/emacs/elfeed.org similarity index 100% rename from src/home/emacs/elfeed.org rename to src/emacs/elfeed.org diff --git a/src/home/emacs/init.el b/src/emacs/init.el similarity index 100% rename from src/home/emacs/init.el rename to src/emacs/init.el diff --git a/src/git.nix b/src/git.nix new file mode 100644 index 0000000..4b254e6 --- /dev/null +++ b/src/git.nix @@ -0,0 +1,35 @@ +{ + flake.homeModules.git = { + config, + flake, + lib, + nix, + ... + }: + with nix; { + programs.git = { + enable = true; + userName = flake.config.people.my.name; + userEmail = flake.config.people.my.email; + extraConfig = { + push.autoSetupRemote = true; + color.status = "always"; + github.user = "schradert"; + gitlab.user = "schrader.tristan"; + }; + }; + programs.gh = { + enable = true; + settings.editor = config.dotfiles.editor; + settings.git_protocol = + if config.programs.ssh.enable + then "ssh" + else "https"; + settings.aliases.co = "pr checkout"; + }; + programs.zsh.initExtraLines = optional config.programs.git.enable '' + # disable sort when completing `git checkout` + zstyle ':completion:*:git-checkout:*' sort false + ''; + }; +} diff --git a/src/graphical.nix b/src/graphical.nix new file mode 100644 index 0000000..75a65e0 --- /dev/null +++ b/src/graphical.nix @@ -0,0 +1,89 @@ +{ + flake.homeModules.graphical = { + config, + lib, + pkgs, + ... + }: + with lib; { + options.dotfiles.graphical.enable = mkEnableOption "graphical tools (i.e. not headless)"; + config = mkIf config.dotfiles.graphical.enable (mkMerge [ + { + dotfiles.editor = "emacs"; + home.packages = with pkgs; [ + gnutls + harfbuzz + libtool + librsvg + podman + unbound + # TODO (Tristan): figure out how to run docker as a home-manager service + # docker + # TODO (Tristan): fix ENOTFOUND -3008 getaddrinfo registry.yarnpkg.com for element-desktop build + # element-desktop + # TODO (Tristan): figure out why these graphical apps are not installing! + # zoom-us + # raycast + # slack + ]; + } + (mkIf pkgs.stdenv.isDarwin { + # TODO why do I need pngpaste + home.packages = with pkgs; [discord pngpaste]; + home.homeDirectory = "/Users/${config.home.username}"; + }) + (mkIf pkgs.stdenv.isLinux { + home.packages = with pkgs; [ + android-studio + anki + bitwarden + brave + godot3 + protonvpn-gui + ]; + }) + ]); + }; + flake.nixosModules.nixos-graphical = { + config, + flake, + lib, + pkgs, + ... + }: { + options.dotfiles.graphical.enable = lib.mkEnableOption "graphical tools (i.e. not headless)"; + config = lib.mkIf config.dotfiles.graphical.enable { + fonts.packages = [pkgs.meslo-lgs-nf]; + hardware.pulseaudio.enable = true; + home-manager.users.${flake.config.people.me}.dotfiles.graphical.enable = true; + services.xserver = { + enable = true; + layout = "us"; + displayManager.sddm.enable = true; + desktopManager.plasma5.enable = true; + }; + sound.enable = true; + }; + }; + flake.darwinModules_.nixos-graphical = { + config, + flake, + lib, + pkgs, + ... + }: { + options.dotfiles.graphical.enable = lib.mkEnableOption "graphical tools (i.e. not headless)"; + config = lib.mkIf config.dotfiles.graphical.enable { + fonts.packages = [pkgs.meslo-lgs-nf]; + hardware.pulseaudio.enable = true; + home-manager.users.${flake.config.people.me}.dotfiles.graphical.enable = true; + services.xserver = { + enable = true; + layout = "us"; + displayManager.sddm.enable = true; + desktopManager.plasma5.enable = true; + }; + sound.enable = true; + }; + }; +} diff --git a/src/hardware.nix b/src/hardware.nix new file mode 100644 index 0000000..680a0b9 --- /dev/null +++ b/src/hardware.nix @@ -0,0 +1,30 @@ +{ + flake.nixosModules.hardware = { + config, + nix, + ... + }: + with nix; { + boot = { + initrd.availableKernelModules = ["ahci" "usb_storage" "sd_mod"]; + kernelModules = ["kvm-intel"]; + loader.efi.efiSysMountPoint = "/boot"; + loader.systemd-boot.enable = true; + loader.efi.canTouchEfiVariables = true; + }; + + fileSystems."/" = { + device = "/dev/disk/by-label/root"; + fsType = "ext4"; + }; + fileSystems."/boot" = { + device = "/dev/disk/by-label/boot"; + fsType = "vfat"; + }; + + hardware.enableRedistributableFirmware = mkDefault true; + hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware; + networking.useDHCP = mkDefault true; + swapDevices = [{device = "/dev/disk/by-label/swap";}]; + }; +} diff --git a/src/home.nix b/src/home.nix new file mode 100644 index 0000000..d437f1a --- /dev/null +++ b/src/home.nix @@ -0,0 +1,86 @@ +{ + config, + inputs, + nix, + ... +}: +with nix; { + options.flake = nix.mkSubmoduleOptions { + homeModules = nix.mkOpenModuleOption { + description = nix.mkDoc "Home-Manager modules"; + }; + }; + config.flake.homeModules.home = home @ {pkgs, ...}: { + options.dotfiles.editor = mkOption { + type = enum ["vim" "emacs"]; + default = "vim"; + example = "emacs"; + description = mdDoc "Default editor to use for profile"; + }; + config = { + home.username = mkDefault config.people.me; + home.stateVersion = "23.05"; + home.packages = with pkgs; [ + aria2 + bitwarden-cli + cheat + cachix + cmake + dig + fd + file + glab + iftop + k3d + libtool + lsof + nethogs + nmap + nodejs + openssl + protonvpn-cli + ranger + rclone + ripgrep + signal-cli + speedtest-cli + sqlite + thefuck + tig + tldr + tree + unzip + xplr + ]; + programs = { + bat.enable = true; + btop.enable = true; + dircolors.enable = true; + direnv.enable = true; + direnv.nix-direnv.enable = true; + eza.enable = true; + fzf.enable = true; + fzf.tmux.enableShellIntegration = home.config.programs.tmux.enable; + gpg.enable = true; + home-manager.enable = true; + htop.enable = true; + jq.enable = true; + navi.enable = true; + wezterm.enable = true; + zoxide.enable = true; + }; + sops.defaultSopsFile = ./dev/sops.yaml; + sops.age.keyFile = "${home.config.home.homeDirectory}/.config/sops/age/keys.txt"; + }; + }; + config.flake.nixosModules = + mapAttrs (_: module: { + home-manager.users.${config.people.me} = module; + }) + inputs.self.homeModules; + config.flake.darwinModules_ = + mapAttrs (_: module: { + home-manager.users.${config.people.me} = module; + }) + inputs.self.homeModules; +} diff --git a/src/home/.skhdrc b/src/home/.skhdrc deleted file mode 100755 index 0e8f0f4..0000000 --- a/src/home/.skhdrc +++ /dev/null @@ -1,145 +0,0 @@ -# ################################################################ # -# THE FOLLOWING IS AN EXPLANATION OF THE GRAMMAR THAT SKHD PARSES. # -# FOR SIMPLE EXAMPLE MAPPINGS LOOK FURTHER DOWN THIS FILE.. # -# ################################################################ # - -# A list of all built-in modifier and literal keywords can -# be found at https://github.com/koekeishiya/skhd/issues/1 -# -# A hotkey is written according to the following rules: -# -# hotkey = '<' | -# -# mode = 'name of mode' | ',' -# -# action = '[' ']' | '->' '[' ']' -# ':' | '->' ':' -# ';' | '->' ';' -# -# keysym = '-' | -# -# mod = 'modifier keyword' | '+' -# -# key = | -# -# literal = 'single letter or built-in keyword' -# -# keycode = 'apple keyboard kVK_ values (0x3C)' -# -# proc_map_lst = * -# -# proc_map = ':' | '~' | -# '*' ':' | '*' '~' -# -# string = '"' 'sequence of characters' '"' -# -# command = command is executed through '$SHELL -c' and -# follows valid shell syntax. if the $SHELL environment -# variable is not set, it will default to '/bin/bash'. -# when bash is used, the ';' delimeter can be specified -# to chain commands. -# -# to allow a command to extend into multiple lines, -# prepend '\' at the end of the previous line. -# -# an EOL character signifies the end of the bind. -# -# -> = keypress is not consumed by skhd -# -# * = matches every application not specified in -# -# ~ = application is unbound and keypress is forwarded per usual, when specified in a -# -# A mode is declared according to the following rules: -# -# mode_decl = '::' '@' ':' | '::' ':' | -# '::' '@' | '::' -# -# name = desired name for this mode, -# -# @ = capture keypresses regardless of being bound to an action -# -# command = command is executed through '$SHELL -c' and -# follows valid shell syntax. if the $SHELL environment -# variable is not set, it will default to '/bin/bash'. -# when bash is used, the ';' delimeter can be specified -# to chain commands. -# -# to allow a command to extend into multiple lines, -# prepend '\' at the end of the previous line. -# -# an EOL character signifies the end of the bind. - -# ############################################################### # -# THE FOLLOWING SECTION CONTAIN SIMPLE MAPPINGS DEMONSTRATING HOW # -# TO INTERACT WITH THE YABAI WM. THESE ARE SUPPOSED TO BE USED AS # -# A REFERENCE ONLY, WHEN MAKING YOUR OWN CONFIGURATION.. # -# ############################################################### # - -# focus window -# alt - h : yabai -m window --focus west - -# swap managed window -# shift + alt - h : yabai -m window --swap north - -# move managed window -# shift + cmd - h : yabai -m window --warp east - -# balance size of windows -# shift + alt - 0 : yabai -m space --balance - -# make floating window fill screen -# shift + alt - up : yabai -m window --grid 1:1:0:0:1:1 - -# make floating window fill left-half of screen -# shift + alt - left : yabai -m window --grid 1:2:0:0:1:1 - -# create desktop, move window and follow focus - uses jq for parsing json (brew install jq) -# shift + cmd - n : yabai -m space --create && \ -# index="$(yabai -m query --spaces --display | jq 'map(select(."is-native-fullscreen" == false))[-1].index')" && \ -# yabai -m window --space "${index}" && \ -# yabai -m space --focus "${index}" - -# fast focus desktop -# cmd + alt - x : yabai -m space --focus recent -# cmd + alt - 1 : yabai -m space --focus 1 - -# send window to desktop and follow focus -# shift + cmd - z : yabai -m window --space next; yabai -m space --focus next -# shift + cmd - 2 : yabai -m window --space 2; yabai -m space --focus 2 - -# focus monitor -# ctrl + alt - z : yabai -m display --focus prev -# ctrl + alt - 3 : yabai -m display --focus 3 - -# send window to monitor and follow focus -# ctrl + cmd - c : yabai -m window --display next; yabai -m display --focus next -# ctrl + cmd - 1 : yabai -m window --display 1; yabai -m display --focus 1 - -# move floating window -# shift + ctrl - a : yabai -m window --move rel:-20:0 -# shift + ctrl - s : yabai -m window --move rel:0:20 - -# increase window size -# shift + alt - a : yabai -m window --resize left:-20:0 -# shift + alt - w : yabai -m window --resize top:0:-20 - -# decrease window size -# shift + cmd - s : yabai -m window --resize bottom:0:-20 -# shift + cmd - w : yabai -m window --resize top:0:20 - -# set insertion point in focused container -# ctrl + alt - h : yabai -m window --insert west - -# toggle window zoom -# alt - d : yabai -m window --toggle zoom-parent -# alt - f : yabai -m window --toggle zoom-fullscreen - -# toggle window split type -# alt - e : yabai -m window --toggle split - -# float / unfloat window and center on screen -# alt - t : yabai -m window --toggle float --grid 4:4:1:1:2:2 - -# toggle sticky(+float), topmost, picture-in-picture -# alt - p : yabai -m window --toggle sticky --toggle topmost --toggle pip diff --git a/src/home/.yabairc b/src/home/.yabairc deleted file mode 100755 index ec5825c..0000000 --- a/src/home/.yabairc +++ /dev/null @@ -1,51 +0,0 @@ -#!/usr/bin/env sh - -# -# for this to work you must configure sudo such that -# it will be able to run the command without password -# -# see this wiki page for information: -# - https://github.com/koekeishiya/yabai/wiki/Installing-yabai-(latest-release)#configure-scripting-addition -# -# yabai -m signal --add event=dock_did_restart action="sudo yabai --load-sa" -# sudo yabai --load-sa -# - -# global settings -yabai -m config \ - mouse_follows_focus off \ - focus_follows_mouse off \ - window_origin_display default \ - window_placement second_child \ - window_zoom_persist on \ - window_topmost off \ - window_shadow on \ - window_animation_duration 0.0 \ - window_animation_frame_rate 120 \ - window_opacity_duration 0.0 \ - active_window_opacity 1.0 \ - normal_window_opacity 0.90 \ - window_opacity off \ - insert_feedback_color 0xffd75f5f \ - active_window_border_color 0xff775759 \ - normal_window_border_color 0xff555555 \ - window_border_width 4 \ - window_border_radius 12 \ - window_border_blur off \ - window_border_hidpi on \ - window_border off \ - split_ratio 0.50 \ - split_type auto \ - auto_balance off \ - top_padding 12 \ - bottom_padding 12 \ - left_padding 12 \ - right_padding 12 \ - window_gap 06 \ - layout bsp \ - mouse_modifier fn \ - mouse_action1 move \ - mouse_action2 resize \ - mouse_drop_action swap - -echo "yabai configuration loaded.." diff --git a/src/home/brew/default.nix b/src/home/brew/default.nix deleted file mode 100644 index ed15410..0000000 --- a/src/home/brew/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - lib, - config, - pkgs, - ... -}: let - brew = "/opt/homebrew/bin/brew"; -in { - home.file.".config/brew/Brewfile".source = ./Brewfile; - home.activation.homebrewSelfInstallation = lib.hm.dag.entryAfter ["linkGeneration"] '' - brew=/opt/homebrew/bin/brew - if [ ! -x "$brew" ] &>/dev/null; then - $DRY_RUN_CMD ${pkgs.bash}/bin/bash \ - -c "$(${pkgs.curl}/bin/curl \ - --fail --silent --show-error --location \ - https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" - fi - ''; - home.activation.homebrewPkgsInstallation = lib.hm.dag.entryAfter ["homebrewSelfInstallation"] '' - export HOMEBREW_BUNDLE_NO_LOCKFILE_WRITE_WARNING=1 - $DRY_RUN_CMD ${brew} bundle check --file ${./Brewfile} \ - || ${brew} bundle install --file ${./Brewfile} --cleanup - # $DRY_RUN_CMD zsh -c "${brew} install emacs-plus@29 --with-native-comp --with-modern-doom3-icon --with-xwidgets --with-poll --with-imagemagick --with-dbus" - ''; -} diff --git a/src/home/default.nix b/src/home/default.nix deleted file mode 100644 index 8abc645..0000000 --- a/src/home/default.nix +++ /dev/null @@ -1,133 +0,0 @@ -{ - self, - config, - inputs, - ... -}: let - flakeConfig = config; -in { - flake = { - homeModules.common = { - pkgs, - lib, - config, - ... - }: { - imports = [ - inputs.sops-nix.homeManagerModule - ./vim - ./zsh - ./nvim - ./git - ./ssh - ./tmux - ]; - home.username = lib.mkDefault flakeConfig.people.me; - home.stateVersion = "23.05"; - home.packages = with pkgs; [ - aria2 - bitwarden-cli - cheat - cachix - cmake - dig - fd - file - glab - iftop - k3d - libtool - lsof - nmap - nodejs - openssl - ranger - rclone - ripgrep - signal-cli - speedtest-cli - sqlite - thefuck - tig - tldr - tree - unzip - wordnet - xplr - ]; - programs = { - bat.enable = true; - btop.enable = true; - dircolors.enable = true; - direnv = { - enable = true; - nix-direnv.enable = true; - }; - eza.enable = true; - fzf = { - enable = true; - tmux.enableShellIntegration = true; - }; - gpg.enable = true; - home-manager.enable = true; - htop.enable = true; - jq.enable = true; - navi.enable = true; - wezterm.enable = true; - zoxide.enable = true; - }; - sops.defaultSopsFile = ../../conf/sops.yaml; - sops.age.keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt"; - }; - homeModules.headless = { - programs.vim.defaultEditor = true; - }; - homeModules.graphical = { - pkgs, - lib, - ... - }: { - imports = [./emacs]; - home.packages = with pkgs; [ - # TODO (Tristan): figure out how to run docker as a home-manager service - # docker - podman - libtool - librsvg - harfbuzz - gnutls - unbound - # TODO (Tristan): fix ENOTFOUND -3008 getaddrinfo registry.yarnpkg.com for element-desktop build - # element-desktop - # TODO (Tristan): figure out why these graphical apps are not installing! - # zoom-us - # raycast - # slack - ]; - }; - homeModules.linux-graphical = {pkgs, ...}: { - imports = [ - self.homeModules.graphical - # ./spicetify/linux.nix - ]; - home.packages = with pkgs; [anki]; - }; - homeModules.darwin-graphical = { - config, - pkgs, - lib, - ... - }: { - imports = [ - self.homeModules.graphical - ./brew - ./spicetify/darwin.nix - ./k9s - ]; - home.packages = with pkgs; [skhd discord pngpaste]; - home.homeDirectory = "/Users/${config.home.username}"; - home.file.".skhdrc".source = ./.skhdrc; - home.file.".yabairc".source = ./.yabairc; - }; - }; -} diff --git a/src/home/emacs/default.nix b/src/home/emacs/default.nix deleted file mode 100644 index 8b8f8b3..0000000 --- a/src/home/emacs/default.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ - config, - pkgs, - flake, - inputs, - lib, - ... -}: { - services.emacs = { - enable = pkgs.stdenv.isLinux; - defaultEditor = true; - package = pkgs.emacs-unstable-pgtk; - }; - home = { - file.".doom.d/init.el".source = ./init.el; - file.".doom.d/config.org".source = ./config.org; - packages = with pkgs; [ - config.services.emacs.package - - # dependencies - cargo - editorconfig-core-c - gopls - gotools - gomodifytags - gore - gotests - gnugrep - graphviz - haskellPackages.haskell-language-server - haskellPackages.hoogle - haskellPackages.cabal-install - imagemagick - ispell - isync - ktlint - mu - nil - nixfmt - nodePackages.js-beautify - nodePackages.stylelint - pandoc - pipenv - python311Packages.grip - python311Packages.isort - python311Packages.nose - python311Packages.pytest - rust-analyzer - rustc - shellcheck - taplo - sqls - ]; - activation.doomInstallation = lib.hm.dag.entryAfter ["linkGeneration"] '' - if [ ! -d "$XDG_CONFIG_HOME/emacs" ]; then - ${pkgs.git}/bin/git clone --depth 1 https://github.com/doomemacs/doomemacs "$XDG_CONFIG_HOME/emacs" - "$XDG_CONFIG_HOME/emacs/bin/doom" install - fi - ''; - }; -} diff --git a/src/home/git/default.nix b/src/home/git/default.nix deleted file mode 100644 index 63da988..0000000 --- a/src/home/git/default.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - config, - flake, - ... -}: { - programs.git = { - enable = true; - # TODO (Tristan): figure out using home.username - userName = flake.config.people.my.name; - userEmail = flake.config.people.my.email; - extraConfig = { - push.autoSetupRemote = true; - color.status = "always"; - github.user = "schradert"; - gitlab.user = "schrader.tristan"; - # This is probably how our hosted Gitea repository will look - # gitea.git.bunkbed.tech.user = "tristan"; - }; - }; - programs.gh = { - enable = true; - settings.editor = "emacs"; - settings.git_protocol = "ssh"; - # settings.editor = lib.mkIf config.programs.emacs.enable "emacs"; - # settings.git_protocol = lib.mkIf config.programs.ssh.enable "ssh"; - settings.aliases.co = "pr checkout"; - }; -} diff --git a/src/home/k9s/default.nix b/src/home/k9s/default.nix deleted file mode 100644 index 70a703a..0000000 --- a/src/home/k9s/default.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - pkgs, - lib, - ... -}: let - skin = pkgs.fetchurl { - url = "https://raw.githubusercontent.com/derailed/k9s/5a0a8f12e4cd2137badf8e2063c0ab3e3ff2f5cd/skins/dracula.yml"; - sha256 = "10is0kb0n6s0hd2lhyszrd6fln6clmhdbaw5faic5vlqg77hbjqs"; - }; -in { - programs.k9s = { - enable = lib.mkDefault true; - skin = pkgs.fromYAML skin; - }; - home.packages = with pkgs; [ - kubectl - kubernetes-helm - ]; -} diff --git a/src/home/nvim/default.nix b/src/home/nvim/default.nix deleted file mode 100644 index 8a2afdd..0000000 --- a/src/home/nvim/default.nix +++ /dev/null @@ -1,33 +0,0 @@ -{pkgs, ...}: { - programs.neovim = { - enable = true; - withPython3 = true; - extraConfig = builtins.readFile ./settings.lua; - plugins = with pkgs.vimPlugins; [ - csv-vim - ctrlp-vim - dracula-vim - jsonc-vim - nerdtree - taboo-vim - tagbar - terminus - tmuxline-vim - undotree - vimtex - vim-airline - vim-airline-themes - vim-devicons - vim-flog - vim-fugitive - vim-gitgutter - vim-lastplace - vim-nix - vim-startify - vim-surround - ]; - viAlias = false; - vimAlias = false; - vimdiffAlias = false; - }; -} diff --git a/src/home/nvim/settings.lua b/src/home/nvim/settings.lua deleted file mode 100644 index 0b7622e..0000000 --- a/src/home/nvim/settings.lua +++ /dev/null @@ -1,42 +0,0 @@ -local opt = vim.opt -local g = vim.g - -g.mapleader = " " -g.maplocalleader = "," -g.ale_disable_lsp = 1 -opt.ignorecase = true -opt.hidden = true -opt.history = 1000 -opt.mouse = "a" -opt.number = true -opt.shiftwidth = 4 -opt.smartcase = true -opt.tabstop = 4 -opt.expandtab = true -opt.syntax = "enable" -opt.autoread = true -opt.cmdheight = 2 -opt.updatetime = 300 -opt.ruler = true -opt.foldenable = false -opt.compatible = false -opt.encoding = "utf-8" -opt.enc = "utf-8" -opt.fileencoding = "utf-8" -opt.fileencodings = "ucs-bom,utf-8" -opt.wrap = false -opt.incsearch = true -opt.showcmd = true -opt.showmatch = true -opt.showmode = true -opt.hlsearch = true -opt.scrolloff = 10 --- opt.wildignore = opt.wildignore .. ",*.docx,*.jpg,*.png,*.gif,*.pdf,*.pyc,*.exe,*.img,*.xlsx,*/tmp/*,*.so,*.swp,*.zip" --- opt.smartindent = true --- opt.autoindent = true --- opt.clipboard = "unnamedplus" --- opt.termguicolors = true --- opt.cursorline = true --- opt.viminfo = "" --- opt.viminfofile = "NONE" --- opt.ttimeoutlen = 5 diff --git a/src/home/spicetify/config-xpui.ini b/src/home/spicetify/config-xpui.ini deleted file mode 100644 index 47430c7..0000000 --- a/src/home/spicetify/config-xpui.ini +++ /dev/null @@ -1,31 +0,0 @@ -[AdditionalOptions] -experimental_features = 1 -extensions = shuffle+.js|bookmark.js|keyboardShortcut.js|loopyLoop.js|popupLyrics.js|trashbin.js -custom_apps = marketplace|reddit|new-releases|lyrics-plus -sidebar_config = 1 -home_config = 1 - -[Patch] - -[Setting] -spotify_path = /Applications/Spotify.app/Contents/Resources -check_spicetify_upgrade = 0 -spotify_launch_flags = -prefs_path = /Users/tristanschrader/Library/Application Support/Spotify/prefs -; current_theme = default -color_scheme = -inject_css = 1 -replace_colors = 1 -overwrite_assets = 0 - -[Preprocesses] -disable_sentry = 1 -disable_ui_logging = 1 -remove_rtl_rule = 1 -expose_apis = 1 -disable_upgrade_check = 1 - -; DO NOT CHANGE! -[Backup] -version = 1.2.0.1165.gabf054ab -with = 2.15.0 diff --git a/src/home/spicetify/darwin.nix b/src/home/spicetify/darwin.nix deleted file mode 100644 index 0238a61..0000000 --- a/src/home/spicetify/darwin.nix +++ /dev/null @@ -1,4 +0,0 @@ -{pkgs, ...}: { - home.shellAliases.spicetify = "spicetify-cli"; - home.packages = with pkgs; [spicetify-cli]; -} diff --git a/src/home/spicetify/linux.nix b/src/home/spicetify/linux.nix deleted file mode 100644 index b3705e5..0000000 --- a/src/home/spicetify/linux.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ - flake, - lib, - pkgs, - ... -}: { - imports = [flake.inputs.spicetify-nix.homeManagerModule]; - programs.spicetify = let - spicePkgs = flake.inputs.spicetify-nix.packages.${pkgs.system}.default; - in { - enable = true; - enabledCustomApps = with spicePkgs.apps; [ - new-releases - reddit - lyrics-plus - marketplace - localFiles - nameThatTune - ]; - enabledExtensions = with spicePkgs.extensions; [ - bookmark - keyboardShortcut - loopyLoop - shuffle - popupLyrics - trashbin - powerBar - seekSong - skipOrPlayLikedSongs - playlistIcons - listPlaylistsWithSong - playlistIntersection - skipStats - wikify - featureShuffle - songStats - showQueueDuration - history - genre - autoSkip - playNext - volumePercentage - ]; - theme = spicePkgs.themes.DefaultDynamic; - }; -} diff --git a/src/home/ssh/default.nix b/src/home/ssh/default.nix deleted file mode 100644 index 6a09a10..0000000 --- a/src/home/ssh/default.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ - config, - flake, - lib, - ... -}: { - options.hostname = lib.mkOption { - type = lib.types.str; - description = lib.mdDoc "The hostname of the relevant machine with this user"; - example = "another-server"; - }; - config = { - programs.ssh = { - enable = true; - forwardAgent = true; - matchBlocks = { - climax-static-relay = { - hostname = "35.212.163.7"; - user = "root"; - identityFile = "/Users/tristanschrader/.ssh/climax_server"; - }; - climax-server-via-relay = { - proxyCommand = "ssh -q climax-static-relay nc localhost 2222"; - user = "tristan"; - identityFile = "/Users/tristanschrader/.ssh/climax_server"; - }; - climax-dev = { - hostname = "dev.nodes.climax.bio"; - user = "terraform"; - identityFile = "/Users/tristanschrader/.ssh/terraform"; - }; - climax-relay = { - hostname = "relay.nodes.climax.bio"; - user = "terraform"; - identityFile = "/Users/tristanschrader/.ssh/terraform"; - }; - climax-server = { - hostname = "server.nodes.climax.bio"; - user = "terraform"; - identityFile = "/Users/tristanschrader/.ssh/terraform"; - }; - sirver = { - hostname = "192.168.50.21"; - user = "tristan"; - identityFile = "/Users/tristanschrader/.ssh/tristan_sirver_ed25519"; - }; - }; - }; - - # TODO (Tristan): figure out how I can get the path to work properly with home-manager - sops.secrets."ssh/${flake.config.people.me}/github" = {}; - # home.file.".ssh/github".source = config.sops.secrets."ssh/${flake.config.people.me}/github".path; - home.file.".ssh/github.pub".text = "${flake.config.people.my.sshKeys.github.public} ${config.home.username}@${config.hostname}.local"; - }; -} diff --git a/src/home/tmux/default.nix b/src/home/tmux/default.nix deleted file mode 100644 index 67b5193..0000000 --- a/src/home/tmux/default.nix +++ /dev/null @@ -1,15 +0,0 @@ -{pkgs, ...}: { - programs.tmux = { - enable = true; - plugins = [ - { - plugin = pkgs.tmuxPlugins.dracula; - extraConfig = '' - set -g @dracula-show-battery false - set -g @dracula-show-powerline true - set -g @dracula-refresh-rate 10 - ''; - } - ]; - }; -} diff --git a/src/home/vim/default.nix b/src/home/vim/default.nix deleted file mode 100644 index 10e19ec..0000000 --- a/src/home/vim/default.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - programs.vim = { - enable = true; - plugins = with pkgs.vimPlugins; [ - csv-vim - ctrlp-vim - dracula-vim - jsonc-vim - nerdtree - taboo-vim - tagbar - terminus - tmuxline-vim - undotree - vimspector - vimtex - vim-airline - vim-airline-themes - vim-devicons - vim-flog - vim-fugitive - vim-gitgutter - vim-lastplace - vim-nix - vim-startify - vim-surround - ]; - settings = { - expandtab = true; - hidden = true; - history = 1000; - ignorecase = true; - mouse = "a"; - number = true; - shiftwidth = 4; - smartcase = true; - tabstop = 2; - }; - extraConfig = builtins.readFile ./config.vim; - }; -} diff --git a/src/home/zsh/config.d/swatch.zsh b/src/home/zsh/config.d/swatch.zsh deleted file mode 100644 index 6fcd21a..0000000 --- a/src/home/zsh/config.d/swatch.zsh +++ /dev/null @@ -1,42 +0,0 @@ -swatch_usage() { - cat <&2 -NAME - swatch - execute a program periodically with "watch". Supports aliases. - -SYNOPSIS - swatch [options] command - -OTIONS - -n, --interval seconds (default: 1) - Specify update interval. The command will not allow quicker than - 0.1 second interval. -EOF -} - -swatch() { - if [ $# -eq 0 ]; then - swatch_usage - return 1 - fi - seconds=1 - - case "$1" in - -n) - seconds="$2" - args=${*:3} - ;; - -h) - swatch_usage - return 1 - ;; - *) - seconds=1 - args=${*:1} - ;; - - esac - - watch --color -n "$seconds" --exec bash -ic "$args || true" -} - - diff --git a/src/home/zsh/config.d/wezterm.zsh b/src/home/zsh/config.d/wezterm.zsh deleted file mode 100644 index 4a02d62..0000000 --- a/src/home/zsh/config.d/wezterm.zsh +++ /dev/null @@ -1,4 +0,0 @@ -rename_wezterm_title() { - echo "\x1b]1337;SetUserVar=panetitle=$(echo -n $1 | base64)\x07" -} - diff --git a/src/home/zsh/default.nix b/src/home/zsh/default.nix deleted file mode 100644 index 52e9903..0000000 --- a/src/home/zsh/default.nix +++ /dev/null @@ -1,145 +0,0 @@ -{pkgs, ...}: { - programs.zsh = { - enable = true; - enableAutosuggestions = true; - syntaxHighlighting.enable = true; - enableVteIntegration = true; - autocd = true; - history = { - expireDuplicatesFirst = true; - extended = true; - }; - initExtra = builtins.readFile ./init.zshrc; - localVariables = { - VISUAL = "vim"; - YSU_MESSAGE_POSITION = "after"; - YSU_MODE = "ALL"; - YSU_HARDCORE = 1; - CPPFLAGS = "-I/opt/homebrew/opt/ruby/include"; - LDFLAGS = "-L/opt/homebrew/opt/ruby/lib"; - ZSH_AUTOSUGGEST_STRATEGY = ["history" "completion"]; - DIRENV_WARN_TIMEOUT = "10s"; - }; - oh-my-zsh = { - enable = true; - plugins = [ - "aliases" - "battery" - "brew" - "colored-man-pages" - "common-aliases" - "cp" - "dirhistory" - "docker" - "docker-compose" - "fzf" - "gcloud" - "gh" - "git" - "git-auto-fetch" - "golang" - "helm" - "kubectl" - "pip" - "ripgrep" - "rsync" - "terraform" - "tmux" - "vscode" - ]; - }; - plugins = [ - { - name = "powerlevel10k"; - src = pkgs.zsh-powerlevel10k; - file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme"; - } - { - name = "powerlevel10k-config"; - src = pkgs.lib.cleanSource ./.; - file = ".p10k.zsh"; - } - { - name = "fzf-tab"; - src = pkgs.fetchFromGitHub { - owner = "Aloxaf"; - repo = "fzf-tab"; - rev = "master"; - sha256 = "dPe5CLCAuuuLGRdRCt/nNruxMrP9f/oddRxERkgm1FE="; - }; - } - { - name = "fast-syntax-highlighting"; - src = pkgs.fetchFromGitHub { - owner = "zdharma-continuum"; - repo = "fast-syntax-highlighting"; - rev = "v1.55"; - sha256 = "DWVFBoICroKaKgByLmDEo4O+xo6eA8YO792g8t8R7kA="; - }; - } - { - name = "zsh-256color"; - src = pkgs.fetchFromGitHub { - owner = "chrissicool"; - repo = "zsh-256color"; - rev = "master"; - sha256 = "P/pbpDJmsMSZkNi5GjVTDy7R+OxaIVZhb/bEnYQlaLo="; - }; - } - { - name = "git-extra-commands"; - src = pkgs.fetchFromGitHub { - owner = "unixorn"; - repo = "git-extra-commands"; - rev = "05083c4ed2f0f5e253714e340625adaf8d51e2eb"; - sha256 = "OQ1LH0XNQgNF6DEUO4i4zNls95Y2ZVngnN2AUMQ65MU="; - }; - } - { - name = "you-should-use"; - src = pkgs.fetchFromGitHub { - owner = "MichaelAquilina"; - repo = "zsh-you-should-use"; - rev = "1.7.3"; - sha256 = "/uVFyplnlg9mETMi7myIndO6IG7Wr9M7xDFfY1pG5Lc="; - }; - } - { - name = "zsh-aliases-exa"; - src = pkgs.fetchFromGitHub { - owner = "DarrinTisdale"; - repo = "zsh-aliases-exa"; - rev = "master"; - sha256 = "h4Wu2bUTKH25O0QCy3sAD7w1Xot/nleeqmJLqBhU7Xc="; - }; - } - { - name = "zsh-autosuggestions"; - src = pkgs.fetchFromGitHub { - owner = "zsh-users"; - repo = "zsh-autosuggestions"; - rev = "v0.7.0"; - sha256 = "KLUYpUu4DHRumQZ3w59m9aTW6TBKMCXl2UcKi4uMd7w="; - }; - } - { - name = "zsh-completions"; - src = pkgs.fetchFromGitHub { - owner = "zsh-users"; - repo = "zsh-completions"; - rev = "0.34.0"; - sha256 = "qSobM4PRXjfsvoXY6ENqJGI9NEAaFFzlij6MPeTfT0o="; - }; - } - { - name = "nix-zsh-completions"; - src = pkgs.fetchFromGitHub { - owner = "spwhitt"; - repo = "nix-zsh-completions"; - rev = "0.4.4"; - sha256 = "Djs1oOnzeVAUMrZObNLZ8/5zD7DjW3YK42SWpD2FPNk="; - }; - } - ]; - }; -} diff --git a/src/home/zsh/init.zshrc b/src/home/zsh/init.zshrc deleted file mode 100644 index d2b09c0..0000000 --- a/src/home/zsh/init.zshrc +++ /dev/null @@ -1,23 +0,0 @@ -bindkey '^R' fzf-history-widget -prompt_nix_shell_setup -export GEM_HOME="$HOME/.gem" -export PATH="$HOME/.local/bin:$PATH" -export PATH="/opt/homebrew/opt/ruby/bin:$PATH" -export PATH="$HOME/.config/emacs/bin:$PATH" -export PATH="$GEM_HOME/ruby/3.2.0/bin:$PATH" -export PATH="/Applications/Docker.app/Contents/Resources/bin:$PATH" -# TODO: only include lines if the tools are being used! -export PATH="$HOME/.spicetify:$PATH" -export PATH="$PATH:$HOME/.config/wtf" -export XDG_CONFIG_HOME="$HOME/.config" -fpath+=($ZSH/custom/plugins/zsh-completions/src) -# disable sort when completing `git checkout` -zstyle ':completion:*:git-checkout:*' sort false -# set descriptions format to enable group support -zstyle ':completion:*:descriptions' format '[%d]' -# set list-colors to enable filename colorizing -zstyle ':completion:*' list-colors $LS_COLORS # ${(s.:.)LS_COLORS} -# preview directory's content with exa when completing cd -zstyle ':fzf-tab:complete:cd:*' fzf-preview 'exa -1 --color=always $realpath' -# switch group using `,` and `.` -zstyle ':fzf-tab:*' switch-group ',' '.' diff --git a/src/k9s.nix b/src/k9s.nix new file mode 100644 index 0000000..a95becb --- /dev/null +++ b/src/k9s.nix @@ -0,0 +1,99 @@ +{ + flake.homeModules.k9s = { + config, + nix, + pkgs, + ... + }: { + programs.k9s.enable = true; + # Reference "https://github.com/derailed/k9s/blob/master/skins/dracula.yml" + programs.k9s.skin.k9s = let + fgColor = "#f8f8f2"; + bgColor = "#282a36"; + selection = "#44475a"; + comment = "#6272a4"; + cyan = "#8be9fd"; + green = "#50fa7b"; + orange = "#ffb86c"; + purple = "#bd93f9"; + pink = "#ff79c6"; + red = "#ff5555"; + yellow = "#f1fa8c"; + in { + body.fgColor = fgColor; + body.bgColor = bgColor; + body.logoColor = purple; + dialog = { + inherit fgColor bgColor; + buttonFgColor = fgColor; + buttonBgColor = purple; + buttonFocusFgColor = yellow; + buttonFocusBgColor = pink; + labelFgColor = orange; + fieldFgColor = fgColor; + }; + frame = { + border.fgColor = selection; + border.focusColor = selection; + menu.fgColor = fgColor; + menu.keyColor = pink; + menu.numKeyColor = pink; + crumbs.fgColor = fgColor; + crumbs.bgColor = selection; + crumbs.activeColor = selection; + status = { + newColor = cyan; + modifyColor = purple; + addColor = green; + errorColor = red; + highlightColor = orange; + killColor = comment; + completedColor = comment; + }; + title = { + inherit fgColor; + bgColor = selection; + highlightColor = orange; + counterColor = purple; + filterColor = pink; + }; + }; + info.fgColor = pink; + info.sectionColor = fgColor; + prompt.fgColor = fgColor; + prompt.bgColor = bgColor; + prompt.suggestColor = purple; + views = { + charts.bgColor = "default"; + charts.defaultDialColors = [purple red]; + charts.defaultChartColors = [purple red]; + logs = { + inherit fgColor bgColor; + indicator = { + inherit fgColor; + bgColor = purple; + toggleOnColor = green; + toggleOffColor = cyan; + }; + }; + table = { + inherit fgColor bgColor; + header = { + inherit fgColor bgColor; + sorterColor = cyan; + }; + }; + xray = { + inherit fgColor bgColor; + cursorColor = selection; + graphicColor = purple; + showIcons = false; + }; + yaml.keyColor = pink; + yaml.colonColor = purple; + yaml.valueColor = fgColor; + }; + }; + home.packages = nix.optionals config.programs.k9s.enable (with pkgs; [kubectl kubernetes-helm]); + }; +} diff --git a/src/kubernetes.nix b/src/kubernetes.nix new file mode 100644 index 0000000..b466216 --- /dev/null +++ b/src/kubernetes.nix @@ -0,0 +1,19 @@ +{ + flake.nixosModules.kubernetes = { + config, + lib, + nix, + pkgs, + ... + }: { + options.dotfiles.kubernetes.enable = nix.mkEnableOption "kubernetes as a service"; + config = lib.mkIf config.dotfiles.kubernetes.enable { + environment.systemPackages = [pkgs.k3s]; + services.k3s.enable = true; + services.k3s.configPath = pkgs.toYAML { + disable = ["traefik"]; + disable-helm-controller = true; + }; + }; + }; +} diff --git a/src/nixos.nix b/src/nixos.nix new file mode 100644 index 0000000..720e312 --- /dev/null +++ b/src/nixos.nix @@ -0,0 +1,69 @@ +{ + config, + inputs, + nix, + withSystem, + ... +}: +with nix; { + options.nixos = mkOption { + type = attrsOf (submodule { + options.system = mkSystemOption {}; + options.module = mkOpenModuleOption {}; + }); + default = {}; + description = "Specific NixOS configurations"; + }; + config.flake.nixosModules.default = {pkgs, ...}: let + me = config.people.me; + my = config.people.my; + keys = nix.catAttrs "public" (attrValues my.sshKeys); + in { + environment.pathsToLink = ["/share/zsh"]; + environment.shells = [pkgs.zsh]; + i18n.defaultLocale = "en_US.UTF-8"; + programs.zsh.enable = true; + services.openssh.enable = true; + security.polkit.enable = true; + security.pam.enableSSHAgentAuth = true; + security.sudo.extraRules = toList { + users = [me]; + commands = toList { + command = "ALL"; + options = ["NOPASSWD"]; + }; + }; + system.stateVersion = "22.11"; + time.timeZone = "America/Los_Angeles"; + users.mutableUsers = true; + users.users.${me} = { + isNormalUser = true; + home = "/home/${me}"; + description = my.name; + extraGroups = ["wheel" "tty" "networkmanager"]; + shell = pkgs.zsh; + openssh.authorizedKeys.keys = keys; + }; + users.users.root.openssh.authorizedKeys.keys = keys; + virtualisation.podman = { + enable = true; + dockerSocket.enable = true; + defaultNetwork.settings.dns_enable = true; + }; + }; + config.flake.nixosConfigurations = mapAttrs (name: cfg: + withSystem cfg.system ({ + pkgs, + system, + ... + }: + inputs.nixpkgs.lib.nixosSystem { + inherit pkgs system; + specialArgs = inputs.self.nixos-flake.lib.specialArgsFor.nixos; + modules = toList { + imports = attrValues inputs.self.nixosModules ++ [cfg.module]; + nixpkgs.hostPlatform = system; + }; + })) + config.nixos; +} diff --git a/src/nixos/default.nix b/src/nixos/default.nix deleted file mode 100644 index 360d5dc..0000000 --- a/src/nixos/default.nix +++ /dev/null @@ -1,95 +0,0 @@ -{ - self, - config, - ... -}: let - flakeConfig = config; -in { - flake = { - nixosModules.common = { - pkgs, - config, - lib, - ... - }: { - imports = [ - self.nixosModules.home-manager - ]; - users.users.${flakeConfig.people.me} = { - isNormalUser = true; - home = "/home/${flakeConfig.people.me}"; - description = flakeConfig.people.my.name; - extraGroups = ["wheel" "tty"]; - shell = pkgs.zsh; - openssh.authorizedKeys.keys = lib.attrsets.catAttrs "public" (builtins.attrValues flakeConfig.people.my.sshKeys); - }; - home-manager.users.${flakeConfig.people.me} = { - imports = [self.homeModules.common]; - home.packages = with pkgs; [nethogs protonvpn-cli]; - hostname = config.networking.hostName; - }; - environment.pathsToLink = ["/share/zsh"]; - environment.shells = [pkgs.zsh]; - home-manager.useUserPackages = true; - home-manager.useGlobalPkgs = true; - users.users.root.openssh.authorizedKeys.keys = lib.attrsets.catAttrs "public" (builtins.attrValues flakeConfig.people.my.sshKeys); - users.mutableUsers = true; - services.openssh.enable = true; - system.stateVersion = "22.11"; - security.polkit.enable = true; - security.pam.enableSSHAgentAuth = true; - virtualisation.podman = { - enable = true; - dockerSocket.enable = true; - defaultNetwork.settings.dns_enable = true; - }; - time.timeZone = "America/Los_Angeles"; - i18n.defaultLocale = "en_US.UTF-8"; - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - programs.zsh.enable = true; - security.sudo.extraRules = [ - { - users = [flakeConfig.people.me]; - commands = [ - { - command = "ALL"; - options = ["NOPASSWD"]; - } - ]; - } - ]; - }; - nixosModules.headless = { - imports = [self.nixosModules.common]; - home-manager.users.${flakeConfig.people.me}.imports = [self.homeModules.headless]; - }; - nixosModules.graphical = { - pkgs, - lib, - ... - }: { - imports = [self.nixosModules.common]; - home-manager.users.${flakeConfig.people.me} = { - imports = [self.homeModules.linux-graphical]; - home.packages = with pkgs; [ - bitwarden - brave - godot3 - protonvpn-gui - android-studio - ]; - }; - services.xserver = { - enable = true; - layout = "us"; - displayManager.sddm.enable = true; - desktopManager.plasma5.enable = true; - }; - fonts.packages = with pkgs; [meslo-lgs-nf]; - sound.enable = true; - hardware.pulseaudio.enable = true; - users.users.${flakeConfig.people.me}.extraGroups = ["networkmanager"]; - }; - }; -} diff --git a/src/nixos/kubernetes.nix b/src/nixos/kubernetes.nix deleted file mode 100644 index 37fa41d..0000000 --- a/src/nixos/kubernetes.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - flake.nixosModules.kubernetes = {pkgs, ...}: { - environment.systemPackages = with pkgs; [k3s]; - services.k3s.enable = true; - services.k3s.configPath = pkgs.toYAMLFile { - disable = ["traefik"]; - disable-helm-controller = true; - }; - }; -} diff --git a/src/nux/clusters/prod/nux.yaml b/src/nux/clusters/prod/nux.yaml deleted file mode 120000 index 1759750..0000000 --- a/src/nux/clusters/prod/nux.yaml +++ /dev/null @@ -1 +0,0 @@ -/nix/store/96bfikvqspq54v5kpmg46ac1aphvvai9-from-json-to-yaml \ No newline at end of file diff --git a/src/nux/default.nix b/src/nux/default.nix deleted file mode 100644 index 580a774..0000000 --- a/src/nux/default.nix +++ /dev/null @@ -1,82 +0,0 @@ -{pkgs, ...}: { - imports = [./modules]; - namespaces.new = ["oauth2-proxy" "prometheus" "traefik" "keycloak"]; - repositories.helm.oauth2-proxy.spec.url = "https://oauth2-proxy.github.io/manifests"; - repositories.helm.traefik.spec.url = "https://traefik.github.io/charts"; - repositories.helm.prometheus.spec.url = "https://prometheus-community.github.io/helm-charts"; - repositories.helm.keycloak.spec = { - type = "oci"; - url = "oci://registry-1.docker.io/bitnamicharts"; - }; - repositories.git.podinfo = { - metadata.namespace = "flux-system"; - spec.url = "https://github.com/stefanprodan/podinfo"; - spec.ref.branch = "master"; - }; - releases.helm.oauth2-proxy = { - spec.chart.spec.version = "6.19.1"; - spec.values = { - config.existingSecret = "oauth2-proxy"; - # config.configFile = builtins.readFile ../../oauth2-proxy-config.py; - }; - }; - releases.helm.traefik = { - spec.chart.spec.version = "24.0.0"; - spec.values = { - additionalArguments = [ - "--api.insecure" - "--accesslog" - "--entrypoints.web.http.redirections.entryPoint.to=websecure" - ]; - certResolvers.letsencrypt-staging-tls = { - email = "tristan@t0rdos.me"; - tlsChallenge = true; - storage = "letsencrypt-staging-tls.json"; - caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"; - }; - certResolvers.letsencrypt-production-tls = { - email = "tristan@t0rdos.me"; - tlsChallenge = true; - storage = "letsencrypt-production-tls.json"; - caServer = "https://acme-v02.api.letsencrypt.org/directory"; - }; - ingressRoute.dashboard.entryPoints = ["websecure"]; - ingressRoute.dashboard.matchRule = "Host(`proxy.tord0s.me`)"; - ingressRoute.dashboard.tls.certResolver = "letsencrypt-staging-tls"; - }; - }; - releases.helm.prometheus-operator-crds = { - metadata.namespace = "prometheus"; - spec.chart.spec.version = "6.0.0"; - }; - releases.helm.kube-prometheus-stack = { - metadata.namespace = "prometheus"; - spec.dependsOn = "prometheus-operator-crds"; - spec.chart.spec.version = "51.4.0"; - spec.values.crds.enabled = false; - }; - releases.helm.keycloak.spec.chart.spec.version = "17.3.5"; - kustomizations.podinfo = { - spec = { - interval = "30m0s"; - timeout = "3m0s"; - retryInterval = "2m0s"; - wait = true; - prune = true; - targetNamespace = "default"; - path = "./kustomize"; - patches = [ - { - patch = pkgs.toYAML { - apiVersion = "autoscaling/v2"; - kind = "HorizontalPodAutoscaler"; - metadata.name = "podinfo"; - spec.minReplicas = 3; - }; - target.name = "podinfo"; - target.kind = "HorizontalPodAutoscaler"; - } - ]; - }; - }; -} diff --git a/src/nux/modules/default.nix b/src/nux/modules/default.nix deleted file mode 100644 index 50d8c42..0000000 --- a/src/nux/modules/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{lib, ...}: { - imports = [ - ./namespaces.nix - ./helmrepositories.nix - ./gitrepositories.nix - ./helmreleases.nix - ./kustomizations.nix - ]; - options.resources = lib.mkOption { - type = lib.types.listOf (lib.types.attrsOf lib.types.anything); - default = []; - description = lib.mdDoc "All of the resources to create in the cluster"; - }; - options.assertions = lib.mkOption { - type = lib.types.listOf (lib.types.submodule { - options = { - assertion = lib.mkOption { - type = lib.types.bool; - description = "Boolean expression of the assertion"; - }; - message = lib.mkOption { - type = lib.types.str; - description = "Message to display if the assertion is false"; - }; - }; - }); - default = []; - internal = true; - description = lib.mdDoc "Checks of valid configuration"; - }; -} diff --git a/src/nux/modules/gitrepositories.nix b/src/nux/modules/gitrepositories.nix deleted file mode 100644 index 2302090..0000000 --- a/src/nux/modules/gitrepositories.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: { - options.repositories.git = lib.mkOption { - type = lib.types.attrsOf (lib.types.submodule ({name, ...}: { - options = { - apiVersion = lib.mkOption { - type = lib.types.str; - default = "source.toolkit.fluxcd.io/v1"; - example = "source.toolkit.fluxcd.io/v1beta2"; - description = lib.mdDoc "Kubernetes apiVersion for resource"; - }; - kind = lib.mkOption { - type = lib.types.str; - default = "GitRepository"; - example = "MyGitRepository"; - description = lib.mdDoc "Kubernetes resource type available at apiVersion"; - }; - metadata.name = lib.mkOption { - type = lib.types.str; - default = name; - example = "my-helm-repository"; - description = lib.mdDoc "The name of the git repository"; - }; - metadata.namespace = lib.mkOption { - type = lib.types.enum config.namespaces.all; - default = name; - example = "my-namespace"; - description = lib.mdDoc "The namespace for this git repository reference"; - }; - spec.interval = lib.mkOption { - type = lib.types.strMatching "^([0-9]+h)?([0-5]?[0-9]m)?([0-5]?[0-9]+s)?$"; - default = "1m0s"; - example = "23h59m59s"; - description = lib.mdDoc "Interval for syncing with repository"; - }; - spec.url = lib.mkOption { - type = lib.types.strMatching "^https://[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}(/.*)?$"; - example = "https://github.com/organization/repository"; - description = lib.mdDoc "URL of git repository"; - }; - spec.ref.branch = lib.mkOption { - type = lib.types.str; - default = "main"; - example = "trunk"; - description = lib.mdDoc "Reference to relevant git branch in the repository"; - }; - }; - })); - default = {}; - description = lib.mdDoc "FluxCD GitRepository resources"; - }; - config.resources = builtins.attrValues config.repositories.git; -} diff --git a/src/nux/modules/helmreleases.nix b/src/nux/modules/helmreleases.nix deleted file mode 100644 index 79e5f1d..0000000 --- a/src/nux/modules/helmreleases.nix +++ /dev/null @@ -1,109 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config; -in { - options.releases.helm = lib.mkOption { - type = lib.types.attrsOf (lib.types.submodule ({ - name, - config, - ... - }: { - options = { - apiVersion = lib.mkOption { - type = lib.types.str; - default = "helm.toolkit.fluxcd.io/v2beta1"; - example = "helm.toolkit.fluxcd.io/v1"; - description = lib.mdDoc "Kubernetes apiVersion for resource"; - }; - kind = lib.mkOption { - type = lib.types.str; - default = "HelmRelease"; - example = "MyHelmRelease"; - description = lib.mdDoc "Kubernetes resource type available at apiVersion"; - }; - metadata.name = lib.mkOption { - type = lib.types.str; - default = name; - example = "my-helm-repository"; - description = lib.mdDoc "The name of the helm release"; - }; - metadata.namespace = lib.mkOption { - type = lib.types.enum cfg.namespaces.all; - default = name; - example = "my-namespace"; - description = lib.mdDoc "The namespace for this helm release"; - }; - spec.chart.spec = { - chart = lib.mkOption { - type = lib.types.str; - default = name; - example = "kube-prometheus-stack"; - description = lib.mdDoc "Name of the chart from the source repository"; - }; - reconcileStrategy = lib.mkOption { - type = lib.types.str; - default = "ChartVersion"; - description = lib.mdDoc "TODO what does this actually do?"; - }; - version = lib.mkOption { - type = lib.types.str; - example = "1.0.2"; - description = lib.mdDoc "Version of the chart from the source repository"; - }; - sourceRef.kind = lib.mkOption { - type = lib.types.str; - default = "HelmRepository"; - example = "MyHelmRepository"; - description = lib.mdDoc "Type of source helm repository"; - }; - sourceRef.name = lib.mkOption { - type = lib.types.str; - default = config.metadata.namespace; - example = "my-helm-repository"; - description = lib.mdDoc "Name of source helm repository"; - }; - }; - spec.dependsOn = lib.mkOption { - type = lib.types.nullOr lib.types.str; - default = null; - example = "my-other-upstream-release"; - description = lib.mdDoc "Name of another release that must be deployed before this one"; - }; - spec.interval = lib.mkOption { - type = lib.types.strMatching "^([0-9]+h)?([0-5]?[0-9]m)?([0-5]?[0-9]+s)?$"; - default = "1m0s"; - example = "23h59m59s"; - description = lib.mdDoc "Interval for syncing with repository"; - }; - spec.values = lib.mkOption { - type = lib.types.attrsOf lib.types.anything; - default = {}; - example = { - global.postgresPassword = "my-password"; - auth.username = "admin"; - }; - description = lib.mdDoc "Configuration overrides for helm chart"; - }; - }; - })); - default = {}; - description = lib.mdDoc "FluxCD HelmRelease resources"; - }; - config = let - releases = builtins.attrValues cfg.releases.helm; - releasesNames = builtins.attrNames cfg.releases.helm; - in { - resources = releases; - assertions = lib.trivial.pipe releases [ - (map (lib.attrsets.attrByPath ["spec" "dependsOn"] null)) - (map (releaseName: { - assertion = builtins.isNull releaseName || builtins.elem releaseName releasesNames; - message = "'${releaseName}' is not an existing helm release to depend on"; - })) - ]; - }; -} diff --git a/src/nux/modules/helmrepositories.nix b/src/nux/modules/helmrepositories.nix deleted file mode 100644 index 068e838..0000000 --- a/src/nux/modules/helmrepositories.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: { - options.repositories.helm = lib.mkOption { - type = lib.types.attrsOf (lib.types.submodule ({name, ...}: { - options = { - apiVersion = lib.mkOption { - type = lib.types.str; - default = "source.toolkit.fluxcd.io/v1beta2"; - example = "source.toolkit.fluxcd.io/v1"; - description = lib.mdDoc "Kubernetes apiVersion for resource"; - }; - kind = lib.mkOption { - type = lib.types.str; - default = "HelmRepository"; - example = "MyHelmRepository"; - description = lib.mdDoc "Kubernetes resource type available at apiVersion"; - }; - metadata.name = lib.mkOption { - type = lib.types.str; - default = name; - example = "my-helm-repository"; - description = lib.mdDoc "The name of the helm repository"; - }; - metadata.namespace = lib.mkOption { - type = lib.types.enum config.namespaces.all; - default = name; - example = "my-namespace"; - description = lib.mdDoc "The namespace for this helm repository reference"; - }; - spec.interval = lib.mkOption { - type = lib.types.strMatching "^([0-9]+h)?([0-5]?[0-9]m)?([0-5]?[0-9]+s)?$"; - default = "1m0s"; - example = "23h59m59s"; - description = lib.mdDoc "Interval for syncing with repository"; - }; - spec.type = lib.mkOption { - type = lib.types.enum ["http" "oci"]; - default = "http"; - example = "oci"; - description = lib.mdDoc "HelmRepository type (e.g. http, oci, etc.)"; - }; - spec.url = lib.mkOption { - type = lib.types.strMatching "^(oci|https)://[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}(/.*)?$"; - example = "https://traefik.github.io/charts"; - description = lib.mdDoc "URL of helm chart repository"; - }; - }; - })); - default = {}; - description = lib.mdDoc "FluxCD HelmRepository resources"; - }; - config.resources = builtins.attrValues config.repositories.helm; -} diff --git a/src/nux/modules/kustomizations.nix b/src/nux/modules/kustomizations.nix deleted file mode 100644 index 393774f..0000000 --- a/src/nux/modules/kustomizations.nix +++ /dev/null @@ -1,144 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - cfg = config; -in { - options.kustomizations = lib.mkOption { - type = lib.types.attrsOf (lib.types.submodule ({ - name, - config, - ... - }: { - options = { - apiVersion = lib.mkOption { - type = lib.types.str; - default = "kustomize.toolkit.fluxcd.io/v1"; - example = "kustomize.toolkit.fluxcd.io/v1beta1"; - description = lib.mdDoc "Kubernetes apiVersion for resource"; - }; - kind = lib.mkOption { - type = lib.types.str; - default = "Kustomization"; - example = "MyKustomization"; - description = lib.mdDoc "Kubernetes resource type available at apiVersion"; - }; - metadata.name = lib.mkOption { - type = lib.types.str; - default = name; - example = "my-kustomization"; - description = lib.mdDoc "The name of the resource"; - }; - metadata.namespace = lib.mkOption { - type = lib.types.enum cfg.namespaces.all; - default = "flux-system"; - example = "my-namespace"; - description = lib.mdDoc "The namespace for this resource"; - }; - spec = { - interval = lib.mkOption { - type = lib.types.strMatching "^([0-9]+h)?([0-5]?[0-9]m)?([0-5]?[0-9]+s)?$"; - default = "1m0s"; - example = "23h59m59s"; - description = lib.mdDoc "Interval for syncing with repository"; - }; - timeout = lib.mkOption { - type = lib.types.strMatching "^([0-9]+h)?([0-5]?[0-9]m)?([0-5]?[0-9]+s)?$"; - default = "1m0s"; - example = "23h59m59s"; - description = lib.mdDoc "Interval to wait for repository sync to be successful"; - }; - retryInterval = lib.mkOption { - type = lib.types.strMatching "^([0-9]+h)?([0-5]?[0-9]m)?([0-5]?[0-9]+s)?$"; - default = "1m0s"; - example = "23h59m59s"; - description = lib.mdDoc "Interval for retrying to sync with repository"; - }; - wait = lib.mkOption { - type = lib.types.bool; - default = true; - example = false; - description = lib.mdDoc "Whether to wait for the resource to be deployed"; - }; - prune = lib.mkOption { - type = lib.types.bool; - default = true; - example = false; - description = lib.mdDoc "Whether to remove all resources when upstream source has changed"; - }; - targetNamespace = lib.mkOption { - type = lib.types.enum cfg.namespaces.all; - default = config.metadata.namespace; - example = "my-namespace"; - description = lib.mdDoc "The namespace for the resources in this deployment"; - }; - path = lib.mkOption { - type = lib.types.strMatching "\./.+"; - default = "./kustomize"; - example = "./path/to/kustomize/dir"; - description = lib.mdDoc "Where the kustomization files are for this deployment in source"; - }; - sourceRef.kind = lib.mkOption { - type = lib.types.str; - default = "GitRepository"; - example = "MyGitRepository"; - description = lib.mdDoc "Type of source repository"; - }; - sourceRef.name = lib.mkOption { - type = lib.types.str; - default = config.metadata.name; - example = "my-git-repository"; - description = lib.mdDoc "Name of source repository in same Kustomization namespace"; - }; - patches = lib.mkOption { - type = lib.types.listOf (lib.types.submodule { - options = { - patch = lib.mkOption { - type = lib.types.str; - example = '' - apiVersion: autoscaling/v2 - kind: HorizontalPodAutoscaler - metadata: - name: podinfo - spec: - minReplicas: 3 - ''; - description = lib.mdDoc "String YAML extra configuration"; - }; - target.name = lib.mkOption { - type = lib.types.str; - example = "my-deployment"; - description = lib.mdDoc "The resource to direct this patch towards"; - }; - target.kind = lib.mkOption { - type = lib.types.str; - example = "MyHorizontalPodAutoscaler"; - description = lib.mdDoc "The kind of resource to patch"; - }; - }; - }); - default = []; - description = lib.mdDoc "Flux level overrides of deployment configuration"; - }; - }; - }; - })); - default = {}; - description = lib.mdDoc "FluxCD HelmRelease resources"; - }; - config = let - releases = builtins.attrValues cfg.releases.helm; - releasesNames = builtins.attrNames cfg.releases.helm; - in { - resources = releases; - assertions = lib.trivial.pipe releases [ - (map (lib.attrsets.attrByPath ["spec" "dependsOn"] null)) - (map (releaseName: { - assertion = builtins.isNull releaseName || builtins.elem releaseName releasesNames; - message = "'${releaseName}' is not an existing helm release to depend on"; - })) - ]; - }; -} diff --git a/src/nux/modules/namespaces.nix b/src/nux/modules/namespaces.nix deleted file mode 100644 index 59e38d2..0000000 --- a/src/nux/modules/namespaces.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: { - options.namespaces.existing = lib.mkOption { - type = lib.types.listOf lib.types.str; - example = ["another-existing-namespace"]; - description = lib.mdDoc "Namespaces that are not managed by FluxCD"; - }; - options.namespaces.new = lib.mkOption { - type = lib.types.addCheck (lib.types.listOf lib.types.str) (lib.lists.mutuallyExclusive config.namespaces.existing); - default = []; - example = ["traefik" "prometheus"]; - description = lib.mdDoc "Namespaces to create on the cluster"; - }; - options.namespaces.all = lib.mkOption rec { - type = lib.types.addCheck (lib.types.listOf lib.types.str) (all: all == default); - default = config.namespaces.existing ++ config.namespaces.new; - description = lib.mdDoc "Don't override!"; - }; - config.resources = pkgs.map' config.namespaces.new (namespace: { - apiVersion = "v1"; - kind = "Namespace"; - metadata.name = namespace; - }); - config.namespaces.existing = ["default" "flux-system"]; -} diff --git a/src/nux/oauth2-proxy-config.py b/src/nux/oauth2-proxy-config.py deleted file mode 100644 index 246f32c..0000000 --- a/src/nux/oauth2-proxy-config.py +++ /dev/null @@ -1,20 +0,0 @@ -provider = "keycloak-oidc" -provider_display_name = "Keycloak" -# TODO pass these values through a secret -# client_id = "" -# client_secret = "" -# redirect_url = "https://net.t0rdos.me/oauth2/callback" -# oidc_issuer_url = "https://key.t0rdos.me/realms/me" -# email_domains = "t0rdos.me" -# allowed_roles = ["me", "client:you"] -# allowed_groups = ["family"] -# reverse_proxy = True -# pass_basic_auth = True -# pass_user_headers = True -# prefer_email_to_user = True -# set_authorization_header = True -# set_xauthrequest = True -# skip_provider_button = True -# silence_ping_logging = True -# upstreams = ["static://202"] -# scope = "openid profile email" diff --git a/src/overlays/external.nix b/src/overlays/external.nix deleted file mode 100644 index 423a7d9..0000000 --- a/src/overlays/external.nix +++ /dev/null @@ -1,66 +0,0 @@ -final: prev: { - wordnet = prev.wordnet.overrideAttrs (old: { - patchPhase = - old.patchPhase - + '' - sed '132s/^/int /' -i src/wn.c - ''; - }); - tmux = prev.tmux.overrideAttrs (_: { - version = "unstable-2023-04-06"; - src = prev.fetchFromGitHub { - owner = "tmux"; - repo = "tmux"; - rev = "b9524f5b72d16bd634fc47ad1a4a9d3240bd4370"; - sha256 = "7jvmeMipZcNMqFloMuSgPwKowNqWC1J8/++ha6H/D1M="; - }; - patches = []; - }); - tmuxPlugins = - prev.tmuxPlugins - // { - dracula = prev.tmuxPlugins.dracula.overrideAttrs (_: { - version = "unstable-2023-04-04"; - src = prev.fetchFromGitHub { - owner = "dracula"; - repo = "tmux"; - rev = "b346d1030696620154309f71d5b14bc657294a98"; - sha256 = "89S8LHTx2gYWj+Ejws5f6YRQgoj0rYE7ITtGtZibl30="; - }; - }); - }; - # Upgrading sops because: https://github.com/getsops/sops/issues/1263 - # Overriding go modules requires overriding the buildGoModule function instead of attributes directly. - # Follow the discussion and activity below: - # [Issue](https://github.com/NixOS/nixpkgs/issues/86349) - # [PR: buildGoModule](https://github.com/NixOS/nixpkgs/pull/225051) - # [PR: lib.extendMkDerivation](https://github.com/NixOS/nixpkgs/pull/234651) - sops = prev.sops.override { - buildGoModule = args: - prev.buildGoModule (args - // rec { - version = "3.8.1"; - src = prev.fetchFromGitHub { - owner = "mozilla"; - repo = args.pname; - rev = "v${version}"; - sha256 = "4K09wLV1+TvYTtvha6YyGhjlhEldWL1eVazNwcEhi3Q="; - }; - vendorHash = "sha256-iRgLspYhwSVuL0yarPdjXCKfjK7TGDZeQCOcIYtNvzA="; - }); - }; - spicetify-cli = prev.spicetify-cli.override { - buildGoModule = args: - prev.buildGoModule (args - // rec { - version = "2.24.2"; - src = prev.fetchFromGitHub { - owner = "spicetify"; - repo = args.pname; - rev = "v${version}"; - sha256 = "jzEtXmlpt6foldLW57ZcpevX8CDc+c8iIynT5nOD9qY="; - }; - vendorHash = "sha256-rMMTUT7HIgYvxGcqR02VmxOh1ihE6xuIboDsnuOo09g="; - }); - }; -} diff --git a/src/overlays/internal.nix b/src/overlays/internal.nix deleted file mode 100644 index c28102e..0000000 --- a/src/overlays/internal.nix +++ /dev/null @@ -1,49 +0,0 @@ -final: prev: { - fromJSONtoYAML = input_f: let - command = "remarshal -if json -i \"${input_f}\" -of yaml -o \"$out\""; - in - prev.runCommand "from-json-to-yaml" {nativeBuildInputs = [prev.remarshal];} command; - toYAMLFile = obj: let - file = builtins.toFile "obj.json" (builtins.toJSON obj); - in - final.fromJSONtoYAML file; - toYAML = obj: [(builtins.readFile (final.toYAMLFile obj))]; - fromYAML = yaml: let - command = "remarshal -if yaml -i \"${yaml}\" -of json -o \"$out\""; - in - prev.lib.trivial.importJSON (prev.runCommand "from-yaml" {nativeBuildInputs = [prev.remarshal];} command); - subTemplateCmds = { - template, - cmds ? {}, - }: let - contents_old = builtins.readFile template; - cmds_sub_fmt = map (cmd: "\\${cmd}") (builtins.attrNames cmds); - contents_new = builtins.replaceStrings cmds_sub_fmt (builtins.attrValues cmds) contents_old; - in - contents_new; - validate-nux-pkg = pkg: let - errors = prev.lib.trivial.pipe pkg.config.assertions [ - (builtins.filter (assertion: !assertion.assertion)) - (map (builtins.getAttr "message")) - (builtins.concatStringsSep "\n") - ]; - failed = builtins.stringLength errors > 0; - in - prev.lib.trivial.throwIf failed errors pkg; - map' = values: function: builtins.map function values; - mk-nux-pkg = module: - prev.lib.trivial.pipe module [ - (mod: - prev.lib.evalModules { - specialArgs.pkgs = final; - modules = [mod]; - }) - final.validate-nux-pkg - (pkg: - final.toYAMLFile { - apiVersion = "v1"; - kind = "List"; - items = pkg.config.resources; - }) - ]; -} diff --git a/src/people.nix b/src/people.nix new file mode 100644 index 0000000..67266f6 --- /dev/null +++ b/src/people.nix @@ -0,0 +1,63 @@ +{ + config, + nix, + ... +}: +with nix; let + sshKeySubmodule = submodule { + options = { + public = mkOption { + type = str; + description = mdDoc "Contents of public key"; + example = "ssh-ed25519 AAAAC3Qrst1lZDI1NTE5AAAAIBRaIPhp5LExmqK7KECgbqdTY3goyUfNgKjKD9WFalkE"; + }; + }; + }; + userSubmodule = submodule { + options = { + name = mkOption { + type = str; + description = "The name of the user to default to in all contexts"; + example = "John Doe"; + }; + email = mkOption { + type = str; + description = mdDoc "The default email to associate with the user in all contexts"; + example = "me@123.com"; + }; + accounts = mkOption { + type = attrsOf str; + default = {}; + example.github = "my-username"; + description = mdDoc "Mapping of external program name to user account name on it"; + }; + sshKeys = mkOption { + type = attrsOf sshKeySubmodule; + description = mdDoc "Public and private keys for SSH access between machines"; + }; + }; + }; +in { + options.people = mkOption { + type = submodule { + options = { + users = mkOption { + type = attrsOf userSubmodule; + description = mdDoc "All of the users to create configurations for"; + }; + me = mkOption { + type = str; + description = mdDoc '' + The name of the user that represents myself. + This will be the admin user in all contexts. + ''; + }; + my = mkOption { + default = config.people.users.${config.people.me}; + type = userSubmodule; + description = mdDoc "The user details associated with 'me'"; + }; + }; + }; + }; +} diff --git a/src/scripts/default.nix b/src/scripts/default.nix new file mode 100644 index 0000000..35fa6ec --- /dev/null +++ b/src/scripts/default.nix @@ -0,0 +1,9 @@ +{ + perSystem = { + nix, + pkgs, + ... + }: { + packages.nixos = pkgs.writeShellScriptBin "nixos" (nix.readFile ./nixos.sh); + }; +} diff --git a/bin/utils.sh b/src/scripts/nixos.sh similarity index 51% rename from bin/utils.sh rename to src/scripts/nixos.sh index 979852c..022d1eb 100644 --- a/bin/utils.sh +++ b/src/scripts/nixos.sh @@ -1,5 +1,7 @@ #! /usr/bin/env bash +set -o errexit + reset=$(tput sgr0) # shellcheck disable=SC2034 null=/dev/null @@ -66,3 +68,51 @@ contains() { done return "$is_contained" } + +readarray -t devices < <(nix flake show --json | jq '.nixosConfigurations | keys[]' -r) +devices_str="$(IFS="|"; echo "${devices[*]}")" +cmd="test" + +usage="Usage: nixos + -d|--device DEVICE (Required) The device to deploy a nixos configuration for (options: ${devices_str}) + [-c|--cmd CMD] The nixos-rebuild command to run on the device (default: $cmd) + [--remote] The device is a remote device + [...] Extra arguments passed to nixos-rebuild +" + +# Parse and validate arguments +if [[ $# -eq 0 ]]; then + logfx exit_status=SUCCESS <<< "$usage" +fi +extra_args=() +while [[ $# -gt 0 ]]; do + case $1 in + -d|--device) + device="$2" + if ! contains "$device" "${devices[@]}"; then + logfx log_level=ERROR exit_status=FAILURE <<< "$1 is not an available device among: ${devices_str}" + fi + shift 1 + ;; + -c|--cmd) + cmd="$2" + shift 1 + ;; + --remote) + # We override the ControlPath because otherwise Nix will create too long of a Unix domain socket name + # if the name of the device is more than 5 characters... This path is managed by nix and will be deleted + # when the connection to the remote host ends when the program halts. + export NIX_SSHOPTS="-o ControlPath=/tmp/%C" + extra_args+=(--build-host "$device" --target-host "$device" --fast --use-remote-sudo) + ;; + *) + extra_args+=("$1") + ;; + esac + shift 1 +done +if [[ -z $device ]]; then + logfx log_level=ERROR exit_status=FAILURE <<< "No device specified. Options: ${devices_str}" +fi + +\nixos-rebuild "$cmd" --flake ".#$device" "${extra_args[@]}" diff --git a/src/spicetify.nix b/src/spicetify.nix new file mode 100644 index 0000000..76830e8 --- /dev/null +++ b/src/spicetify.nix @@ -0,0 +1,80 @@ +{ + inputs, + moduleWithSystem, + nix, + ... +}: +with nix; { + perSystem = {pkgs, ...}: { + packages.spicetify-cli = with pkgs; + spicetify-cli.override { + buildGoModule = args: + buildGoModule (args + // rec { + version = "2.24.2"; + src = fetchFromGitHub { + owner = "spicetify"; + repo = args.pname; + rev = "v${version}"; + sha256 = "jzEtXmlpt6foldLW57ZcpevX8CDc+c8iIynT5nOD9qY="; + }; + vendorHash = "sha256-rMMTUT7HIgYvxGcqR02VmxOh1ihE6xuIboDsnuOo09g="; + }); + }; + }; + flake.homeModules.spicetify-nix = inputs.spicetify-nix.homeManagerModule; + flake.homeModules.spicetify = moduleWithSystem ({ + inputs', + self', + ... + }: { + config, + lib, + ... + }: + mkMerge [ + { + programs.spicetify = with inputs'.spicetify-nix.packages.default; { + enable = mkDefault true; + enabledCustomApps = with apps; [ + new-releases + reddit + lyrics-plus + marketplace + localFiles + nameThatTune + ]; + enabledExtensions = with extensions; [ + bookmark + keyboardShortcut + loopyLoop + shuffle + popupLyrics + trashbin + powerBar + seekSong + skipOrPlayLikedSongs + playlistIcons + listPlaylistsWithSong + playlistIntersection + skipStats + wikify + featureShuffle + songStats + showQueueDuration + history + genre + autoSkip + playNext + volumePercentage + ]; + theme = themes.DefaultDynamic; + }; + } + (lib.mkIf config.programs.spicetify.enable { + programs.zsh.initExtraLines = toList "export PATH=\"$HOME/.spicetify:$PATH\""; + home.shellAliases.spicetify = "spicetify-cli"; + home.packages = [self'.packages.spicetify-cli]; + }) + ]); +} diff --git a/src/ssh.nix b/src/ssh.nix new file mode 100644 index 0000000..a524cc7 --- /dev/null +++ b/src/ssh.nix @@ -0,0 +1,80 @@ +{ + config, + nix, + ... +}: +with nix; { + flake.homeModules.hostname.options.dotfiles.hostname = mkOption { + type = str; + description = mdDoc "The hostname of the relevant machine with this user"; + example = "another-server"; + }; + flake.nixosModules.nixos-hostname = { + config, + flake, + ... + }: { + home-manager.users.${flake.config.people.me}.dotfiles.hostname = config.networking.hostName; + }; + flake.darwinModules_.darwin-hostname = { + config, + flake, + ... + }: { + home-manager.users.${flake.config.people.me}.dotfiles.hostname = config.networking.hostName; + }; + flake.homeModules.ssh = home: let + base = home.config.home.homeDirectory; + in { + config = mkMerge [ + { + programs.ssh = { + enable = mkDefault true; + forwardAgent = true; + matchBlocks = { + climax-static-relay = { + hostname = "35.212.163.7"; + user = "root"; + identityFile = "${base}/.ssh/climax_server"; + }; + climax-server-via-relay = { + proxyCommand = "ssh -q climax-static-relay nc localhost 2222"; + user = "tristan"; + identityFile = "${base}/.ssh/climax_server"; + }; + climax-dev = { + hostname = "dev.nodes.climax.bio"; + user = "terraform"; + identityFile = "${base}/.ssh/terraform"; + }; + climax-relay = { + hostname = "relay.nodes.climax.bio"; + user = "terraform"; + identityFile = "${base}/.ssh/terraform"; + }; + climax-server = { + hostname = "server.nodes.climax.bio"; + user = "terraform"; + identityFile = "${base}/.ssh/terraform"; + }; + sirver = { + hostname = "192.168.50.21"; + user = "tristan"; + identityFile = "${base}/.ssh/tristan_sirver_ed25519"; + }; + }; + }; + } + (mkIf home.config.programs.ssh.enable { + # TODO (Tristan): figure out how I can get the path to work properly with home-manager + sops.secrets."ssh/${config.people.me}/github" = {}; + # home.file.".ssh/github".source = config.sops.secrets."ssh/${flake.config.people.me}/github".path; + home.file.".ssh/github.pub".text = let + key = config.people.my.sshKeys.github.public; + username = home.config.home.username; + hostname = home.config.dotfiles.hostname; + in "${key} ${username}@${hostname}.local"; + }) + ]; + }; +} diff --git a/src/systems/chilldom/hardware-configuration.nix b/src/systems/chilldom/hardware-configuration.nix deleted file mode 100644 index 7a27380..0000000 --- a/src/systems/chilldom/hardware-configuration.nix +++ /dev/null @@ -1,43 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/7d0cc1ae-4752-4df6-b6e8-8670f62eb2f9"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/40BD-8780"; - fsType = "vfat"; - }; - - swapDevices = [{device = "/dev/disk/by-uuid/e5f2cde4-014a-4f28-88ee-b7f4b255663e";}]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/src/systems/sirver/hardware-configuration.nix b/src/systems/sirver/hardware-configuration.nix deleted file mode 100644 index fd83a5e..0000000 --- a/src/systems/sirver/hardware-configuration.nix +++ /dev/null @@ -1,44 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = ["ahci" "ehci_pci" "megaraid_sas" "usbhid" "usb_storage" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/9f9ee81b-f575-4aff-9c0a-e2bc1736b626"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/971B-2131"; - fsType = "vfat"; - }; - - swapDevices = [{device = "/dev/disk/by-uuid/ee58c60b-dd4d-40ba-9a48-b226fbabb0fb";}]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eno1.useDHCP = lib.mkDefault true; - # networking.interfaces.eno2.useDHCP = lib.mkDefault true; - # networking.interfaces.eno3.useDHCP = lib.mkDefault true; - # networking.interfaces.eno4.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/src/tix/sirver/default.nix b/src/tix/sirver/default.nix deleted file mode 100644 index 568cc8b..0000000 --- a/src/tix/sirver/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{config, ...}: { - provider.helm = {inherit (config.provider) kubernetes;}; - terraform.required_providers = { - github.source = "integrations/github"; - github.version = "5.42.0"; - flux.source = "fluxcd/flux"; - flux.version = "1.1.2"; - }; - resource.tls_private_key.flux = { - algorithm = "ECDSA"; - ecdsa_curve = "P256"; - }; - resource.github_repository_deploy_key.flux = { - key = "\${ tls_private_key.flux.public_key_openssh }"; - read_only = false; - repository = "dotfiles"; - title = "Flux (${config.locals.cluster.name})"; - }; - provider.flux = { - kubernetes = {}; - git.url = "ssh://git@github.com/schradert/dotfiles"; - git.branch = "trunk"; - git.ssh = { - username = "git"; - private_key = "\${ tls_private_key.flux.private_key_pem }"; - }; - }; - resource.flux_bootstrap_git.prod = {path = "src/nux/clusters/${config.locals.cluster.name}";}; -} diff --git a/src/tmux.nix b/src/tmux.nix new file mode 100644 index 0000000..5a44101 --- /dev/null +++ b/src/tmux.nix @@ -0,0 +1,41 @@ +{moduleWithSystem, ...}: { + flake.homeModules.tmux = moduleWithSystem ({config, ...}: + with config.packages; { + programs.tmux = { + enable = true; + package = tmux; + plugins = [ + { + plugin = tmux-dracula; + extraConfig = '' + set -g @dracula-show-battery false + set -g @dracula-show-powerline true + set -g @dracula-refresh-rate 10 + ''; + } + ]; + }; + }); + perSystem = {pkgs, ...}: + with pkgs; { + packages.tmux = tmux.overrideAttrs (_: { + version = "unstable-2023-04-06"; + src = fetchFromGitHub { + owner = "tmux"; + repo = "tmux"; + rev = "b9524f5b72d16bd634fc47ad1a4a9d3240bd4370"; + sha256 = "7jvmeMipZcNMqFloMuSgPwKowNqWC1J8/++ha6H/D1M="; + }; + patches = []; + }); + packages.tmux-dracula = tmuxPlugins.dracula.overrideAttrs (_: { + version = "unstable-2023-04-04"; + src = fetchFromGitHub { + owner = "dracula"; + repo = "tmux"; + rev = "b346d1030696620154309f71d5b14bc657294a98"; + sha256 = "89S8LHTx2gYWj+Ejws5f6YRQgoj0rYE7ITtGtZibl30="; + }; + }); + }; +} diff --git a/src/users/config.nix b/src/users/config.nix deleted file mode 100644 index 9efe402..0000000 --- a/src/users/config.nix +++ /dev/null @@ -1,12 +0,0 @@ -{...}: { - people = { - me = "tristan"; - users = { - tristan = { - name = "Tristan Schrader"; - email = "tristan@climaxfoods.com"; - sshKeys.github.public = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBU/var4dzyl3BvVvN/e+T6JjnptZVhLpLemn6UaUcm"; - }; - }; - }; -} diff --git a/src/users/default.nix b/src/users/default.nix deleted file mode 100644 index 2639f68..0000000 --- a/src/users/default.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: let - sshKeySubmodule = lib.types.submodule { - options = { - public = lib.mkOption { - type = lib.types.str; - description = lib.mdDoc "Contents of public key"; - example = "ssh-ed25519 AAAAC3Qrst1lZDI1NTE5AAAAIBRaIPhp5LExmqK7KECgbqdTY3goyUfNgKjKD9WFalkE"; - }; - }; - }; - userSubmodule = lib.types.submodule { - options = { - name = lib.mkOption { - type = lib.types.str; - description = "The name of the user to default to in all contexts"; - example = "John Doe"; - }; - email = lib.mkOption { - type = lib.types.str; - description = lib.mdDoc "The default email to associate with the user in all contexts"; - example = "me@123.com"; - }; - sshKeys = lib.mkOption { - type = lib.types.attrsOf sshKeySubmodule; - description = lib.mdDoc "Public and private keys for SSH access between machines"; - }; - }; - }; - peopleSubmodule = lib.types.submodule { - options = { - users = lib.mkOption { - type = lib.types.attrsOf userSubmodule; - description = lib.mdDoc "All of the users to create configurations for"; - }; - me = lib.mkOption { - type = lib.types.str; - description = lib.mdDoc '' - The name of the user that represents myself. - This will be the admin user in all contexts. - ''; - }; - my = lib.mkOption { - default = config.people.users.${config.people.me}; - type = userSubmodule; - description = lib.mdDoc "The user details associated with 'me'"; - }; - }; - }; -in { - imports = [./config.nix]; - options.people = lib.mkOption {type = peopleSubmodule;}; -} diff --git a/src/home/vim/config.vim b/src/vim/config.vim similarity index 100% rename from src/home/vim/config.vim rename to src/vim/config.vim diff --git a/src/vim/default.nix b/src/vim/default.nix new file mode 100644 index 0000000..a6d961d --- /dev/null +++ b/src/vim/default.nix @@ -0,0 +1,60 @@ +{ + flake.homeModules.vim = { + config, + lib, + nix, + pkgs, + ... + }: + with nix; + mkMerge [ + { + programs.vim = { + enable = true; + plugins = with pkgs.vimPlugins; + [ + csv-vim + ctrlp-vim + dracula-vim + jsonc-vim + nerdtree + taboo-vim + tagbar + terminus + undotree + vimspector + vimtex + vim-airline + vim-airline-themes + vim-devicons + vim-flog + vim-fugitive + vim-gitgutter + vim-lastplace + vim-nix + vim-startify + vim-surround + ] + ++ optionals config.programs.tmux.enable [ + tmuxline-vim + ]; + settings = { + expandtab = true; + hidden = true; + history = 1000; + ignorecase = true; + mouse = "a"; + number = true; + shiftwidth = 4; + smartcase = true; + tabstop = 2; + }; + extraConfig = readFile ./config.vim; + }; + programs.vim.defaultEditor = config.dotfiles.editor == "vim"; + } + (lib.mkIf config.programs.vim.enable { + programs.zsh.localVariables.VISUAL = "vim"; + }) + ]; +} diff --git a/src/wordnet.nix b/src/wordnet.nix new file mode 100644 index 0000000..e24bb78 --- /dev/null +++ b/src/wordnet.nix @@ -0,0 +1,14 @@ +{moduleWithSystem, ...}: { + perSystem = {pkgs, ...}: { + packages.wordnet = pkgs.wordnet.overrideAttrs (old: { + patchPhase = + old.patchPhase + + '' + sed '132s/^/int /' -i src/wn.c + ''; + }); + }; + flake.homeModules.wordnet = moduleWithSystem ({self', ...}: { + home.packages = [self'.packages.wordnet]; + }); +} diff --git a/src/work.nix b/src/work.nix new file mode 100644 index 0000000..583dae3 --- /dev/null +++ b/src/work.nix @@ -0,0 +1,15 @@ +{ + flake.homeModules.work = { + config, + pkgs, + nix, + flake, + ... + }: { + options.dotfiles.work.enable = nix.mkEnableOption "work packages"; + config = nix.mkIf config.dotfiles.work.enable { + nixpkgs.overlays = [flake.inputs.gke-gcloud-auth-plugin-flake.overlays.default]; + home.packages = with pkgs; [google-cloud-sdk gke-gcloud-auth-plugin]; + }; + }; +} diff --git a/src/home/wtf/config.yml b/src/wtf/config.yml similarity index 100% rename from src/home/wtf/config.yml rename to src/wtf/config.yml diff --git a/src/wtf/default.nix b/src/wtf/default.nix new file mode 100644 index 0000000..0874ec3 --- /dev/null +++ b/src/wtf/default.nix @@ -0,0 +1,16 @@ +{ + flake.homeModules.wtf = { + config, + lib, + nix, + pkgs, + ... + }: { + options.programs.wtf.enable = lib.mkEnableOption "wtfutil"; + config = lib.mkIf config.programs.wtf.enable { + home.packages = [pkgs.wtf]; + programs.zsh.initExtraLines = nix.toList "export PATH=\"$PATH:$HOME/.config/wtf\""; + # TODO add the configuration + }; + }; +} diff --git a/src/home/wtf/slack_status_check.sh b/src/wtf/slack_status_check.sh similarity index 100% rename from src/home/wtf/slack_status_check.sh rename to src/wtf/slack_status_check.sh diff --git a/src/yaml.nix b/src/yaml.nix new file mode 100644 index 0000000..ad70906 --- /dev/null +++ b/src/yaml.nix @@ -0,0 +1,21 @@ +{nix, ...}: +with nix; { + flake.overlays.yaml = final: prev: + with prev; { + toYAML = pipe' [ + toJSON + (toFile "obj.json") + (file: "${remarshal}/bin/remarshal -if json -i ${file} -of yaml -o $out") + (runCommand "to-yaml" {}) + ]; + fromYAML = pipe' [ + (yaml: + if isPath yaml + then yaml + else toFile "yaml.yaml" yaml) + (file: "${remarshal}/bin/remarshal -if yaml -i ${file} -of json -o $out") + (runCommand "from-yaml" {}) + importJSON + ]; + }; +} diff --git a/src/home/zsh/.p10k.zsh b/src/zsh/.p10k.zsh similarity index 99% rename from src/home/zsh/.p10k.zsh rename to src/zsh/.p10k.zsh index 8ee9666..d71a5bf 100644 --- a/src/home/zsh/.p10k.zsh +++ b/src/zsh/.p10k.zsh @@ -1,3 +1,4 @@ +# shellcheck disable=all # Generated by Powerlevel10k configuration wizard on 2022-08-09 at 11:47 PDT. # Based on romkatv/powerlevel10k/config/p10k-rainbow.zsh. # Wizard options: nerdfont-complete + powerline, small icons, rainbow, unicode, diff --git a/src/zsh/default.nix b/src/zsh/default.nix new file mode 100644 index 0000000..24d5c22 --- /dev/null +++ b/src/zsh/default.nix @@ -0,0 +1,170 @@ +{ + flake.homeModules.zsh = { + config, + lib, + nix, + pkgs, + ... + }: + with nix; { + options.programs.zsh.initExtraLines = mkOption { + type = listOf str; + default = []; + description = mdDoc "List implementation of programs.zsh.initExtra to allow merging"; + }; + config.programs.zsh = { + enable = true; + enableAutosuggestions = true; + syntaxHighlighting.enable = true; + enableVteIntegration = true; + autocd = true; + history.expireDuplicatesFirst = true; + history.extended = true; + # TODO trim leading tabs + initExtra = concatMapStringsSep "\n" (x: x) config.programs.zsh.initExtraLines; + initExtraLines = with config.programs; + toList '' + prompt_nix_shell_setup + # set descriptions format to enable group support + zstyle ':completion:*:descriptions' format '[%d]' + # set list-colors to enable filename colorizing + zstyle ':completion:*' list-colors $LS_COLORS # ''${(s.:.)LS_COLORS} + fpath+=($ZSH/custom/plugins/zsh-completions/src) + export PATH="$HOME/.local/bin:$PATH" + export XDG_CONFIG_HOME="$HOME/.config" + ${optionalString pkgs.stdenv.isDarwin "export PATH=\"/Applications/Docker.app/Contents/Resources/bin:$PATH\""} + ${optionalString fzf.enable '' + bindkey '^R' fzf-history-widget + # switch group using `,` and `.` + zstyle ':fzf-tab:*' switch-group ',' '.' + ${optionalString eza.enable '' + # preview directory's content with exa when completing cd + zstyle ':fzf-tab:complete:cd:*' fzf-preview 'eza -1 --color=always $realpath' + ''} + ''} + ''; + localVariables = { + YSU_MESSAGE_POSITION = "after"; + YSU_MODE = "ALL"; + YSU_HARDCORE = 1; + ZSH_AUTOSUGGEST_STRATEGY = ["history" "completion"]; + DIRENV_WARN_TIMEOUT = "10s"; + }; + oh-my-zsh.enable = true; + oh-my-zsh.plugins = with config; + flatten [ + "aliases" + "battery" + "colored-man-pages" + "common-aliases" + "cp" + "dirhistory" + "docker" + "docker-compose" + "ripgrep" + "rsync" + (optionals dotfiles.work.enable ["gcloud"]) + (optionals programs.gh.enable ["gh"]) + (optionals programs.fzf.enable ["fzf"]) + (optionals programs.git.enable ["git git-auto-fetch"]) + (optionals programs.tmux.enable ["tmux"]) + (optionals programs.k9s.enable ["helm" "kubectl"]) + (optionals programs.k9s.enable ["helm" "kubectl"]) + (optionals pkgs.stdenv.isDarwin ["brew"]) + ]; + plugins = with pkgs; [ + { + name = "powerlevel10k"; + src = zsh-powerlevel10k; + file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme"; + } + { + name = "powerlevel10k-config"; + src = cleanSource ./.; + file = ".p10k.zsh"; + } + { + name = "fzf-tab"; + src = fetchFromGitHub { + owner = "Aloxaf"; + repo = "fzf-tab"; + rev = "master"; + sha256 = "dPe5CLCAuuuLGRdRCt/nNruxMrP9f/oddRxERkgm1FE="; + }; + } + { + name = "fast-syntax-highlighting"; + src = fetchFromGitHub { + owner = "zdharma-continuum"; + repo = "fast-syntax-highlighting"; + rev = "v1.55"; + sha256 = "DWVFBoICroKaKgByLmDEo4O+xo6eA8YO792g8t8R7kA="; + }; + } + { + name = "zsh-256color"; + src = fetchFromGitHub { + owner = "chrissicool"; + repo = "zsh-256color"; + rev = "master"; + sha256 = "P/pbpDJmsMSZkNi5GjVTDy7R+OxaIVZhb/bEnYQlaLo="; + }; + } + { + name = "git-extra-commands"; + src = fetchFromGitHub { + owner = "unixorn"; + repo = "git-extra-commands"; + rev = "05083c4ed2f0f5e253714e340625adaf8d51e2eb"; + sha256 = "OQ1LH0XNQgNF6DEUO4i4zNls95Y2ZVngnN2AUMQ65MU="; + }; + } + { + name = "you-should-use"; + src = fetchFromGitHub { + owner = "MichaelAquilina"; + repo = "zsh-you-should-use"; + rev = "1.7.3"; + sha256 = "/uVFyplnlg9mETMi7myIndO6IG7Wr9M7xDFfY1pG5Lc="; + }; + } + { + name = "zsh-aliases-exa"; + src = fetchFromGitHub { + owner = "DarrinTisdale"; + repo = "zsh-aliases-exa"; + rev = "master"; + sha256 = "h4Wu2bUTKH25O0QCy3sAD7w1Xot/nleeqmJLqBhU7Xc="; + }; + } + { + name = "zsh-autosuggestions"; + src = fetchFromGitHub { + owner = "zsh-users"; + repo = "zsh-autosuggestions"; + rev = "v0.7.0"; + sha256 = "KLUYpUu4DHRumQZ3w59m9aTW6TBKMCXl2UcKi4uMd7w="; + }; + } + { + name = "zsh-completions"; + src = fetchFromGitHub { + owner = "zsh-users"; + repo = "zsh-completions"; + rev = "0.34.0"; + sha256 = "qSobM4PRXjfsvoXY6ENqJGI9NEAaFFzlij6MPeTfT0o="; + }; + } + { + name = "nix-zsh-completions"; + src = fetchFromGitHub { + owner = "spwhitt"; + repo = "nix-zsh-completions"; + rev = "0.4.4"; + sha256 = "Djs1oOnzeVAUMrZObNLZ8/5zD7DjW3YK42SWpD2FPNk="; + }; + } + ]; + }; + }; +}