diff --git a/.gitignore b/.gitignore old mode 100644 new mode 100755 index 62106e8..faf654e --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ .DS_Store _scratch result +._* diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..1340556 --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,15 @@ +keys: + # Admin - Age Native + - &admin_reichard age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w + # lin-va-mbp-personal@evanreichard - SSH Derived + - &user_lin-va-mbp-personal age17ayje4uv2mhwehhp9jr3u9l0ds07396kt7ef40sufx89vm7cgfjq6d5d4y +creation_rules: + - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ + key_groups: + - age: + - *admin_reichard + - path_regex: secrets/lin-va-mbp-personal/evanreichard/[^/]+\.(yaml|json|env|ini)$ + key_groups: + - age: + - *admin_reichard + - *user_lin-va-mbp-personal diff --git a/README.md b/README.md old mode 100644 new mode 100755 index f16272d..34aa94c --- a/README.md +++ b/README.md @@ -2,16 +2,22 @@ This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager). -## Home Manager +### NixOS -Utilizing [Home Manager](https://nix-community.github.io/home-manager/). Check out the [README.md](./home-manager/README.md). - -## NixOS +```bash +sudo nixos-rebuild switch --flake .#lin-va-mbp-personal +``` ### NixOS Generators ```bash -nix build .#packages.x86_64-linux.rke2-image +nix build .#vmwareConfigurations.rke2-node +``` + +### Home Manager + +```bash +home-manager switch --flake .#evanreichard@MBP-Personal ``` ### NixOS Hosts diff --git a/bootstrap.sh b/bootstrap.sh index 7732f64..92dbee5 100755 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -1,7 +1,9 @@ #!/bin/sh +export NIX_CONFIG="experimental-features = nix-command flakes" + function cmd_image() { - local usage="Usage: $0 image --name " + local usage="Usage: $0 image --name [--remote]" local name="" local remote=false @@ -29,14 +31,13 @@ function cmd_image() { # Validate Config Exists if ! nix eval --json --impure \ - --experimental-features "nix-command flakes" \ - ".#packages.x86_64-linux" \ + ".#qcowConfigurations" \ --apply "s: builtins.hasAttr \"$name\" s" 2>/dev/null | grep -q "true"; then echo "Error: NixOS Generator Config '$name' not found" exit 1 fi - build_args=(".#packages.x86_64-linux.$name") + build_args=(".#qcowConfigurations.$name") if [ "$remote" = true ]; then build_args+=("-j0") fi @@ -73,16 +74,16 @@ function cmd_install() { # Validate Config Exists if ! nix eval --json --impure \ - --experimental-features "nix-command flakes" \ ".#nixosConfigurations" \ --apply "s: builtins.hasAttr \"$name\" s" 2>/dev/null | grep -q "true"; then echo "Error: NixOS configuration '$name' not found" exit 1 fi + #$ TODO + # # Validate mainDiskID Exists if ! disk_id=$(nix eval --raw --impure \ - --experimental-features "nix-command flakes" \ ".#nixosConfigurations.$name.config.mainDiskID" 2>/dev/null); then echo "Error: mainDiskID not defined for configuration '$name'" exit 1 diff --git a/flake.lock b/flake.lock old mode 100644 new mode 100755 index 879b4b4..5ccd282 --- a/flake.lock +++ b/flake.lock @@ -1,15 +1,38 @@ { "nodes": { + "apple-silicon": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": [ + "nixpkgs" + ], + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1738646032, + "narHash": "sha256-57BdBE9anNpIpf48EiTVLGxg4mOQ04XjHCEP0gLTsFA=", + "owner": "tpwrules", + "repo": "nixos-apple-silicon", + "rev": "e77031211944723a38bebc043e48847c36e43668", + "type": "github" + }, + "original": { + "owner": "tpwrules", + "ref": "releasep2-2024-12-25", + "repo": "nixos-apple-silicon", + "type": "github" + } + }, "disko": { "inputs": { "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1739841949, - "narHash": "sha256-lSOXdgW/1zi/SSu7xp71v+55D5Egz8ACv0STkj7fhbs=", + "lastModified": 1743598667, + "narHash": "sha256-ViE7NoFWytYO2uJONTAX35eGsvTYXNHjWALeHAg8OQY=", "owner": "nix-community", "repo": "disko", - "rev": "15dbf8cebd8e2655a883b74547108e089f051bf0", + "rev": "329d3d7e8bc63dd30c39e14e6076db590a6eabe6", "type": "github" }, "original": { @@ -18,6 +41,133 @@ "type": "github" } }, + "firefox-addons": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "dir": "pkgs/firefox-addons", + "lastModified": 1743861198, + "narHash": "sha256-PzbPHoSI5U1juWd01Spf3ST7ylR9mQ84v5p7NksBplY=", + "owner": "rycee", + "repo": "nur-expressions", + "rev": "7408ed5bbc9009741094f4dd4cc1abec79e79e7e", + "type": "gitlab" + }, + "original": { + "dir": "pkgs/firefox-addons", + "owner": "rycee", + "repo": "nur-expressions", + "type": "gitlab" + } + }, + "flake-compat": { + "locked": { + "lastModified": 1688025799, + "narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=", + "owner": "nix-community", + "repo": "flake-compat", + "rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1629284811, + "narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils-plus": { + "inputs": { + "flake-utils": "flake-utils_2" + }, + "locked": { + "lastModified": 1715533576, + "narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=", + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f", + "type": "github" + }, + "original": { + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1743808813, + "narHash": "sha256-2lDQBOmlz9ggPxcS7/GvcVdzXMIiT+PpMao6FbLJSr0=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "a9f8b3db211b4609ddd83683f9db89796c7f6ac6", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.11", + "repo": "home-manager", + "type": "github" + } + }, "nixlib": { "locked": { "lastModified": 1736643958, @@ -41,11 +191,11 @@ ] }, "locked": { - "lastModified": 1737057290, - "narHash": "sha256-3Pe0yKlCc7EOeq1X/aJVDH0CtNL+tIBm49vpepwL1MQ=", + "lastModified": 1742568034, + "narHash": "sha256-QaMEhcnscfF2MqB7flZr+sLJMMYZPnvqO4NYf9B4G38=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "d002ce9b6e7eb467cd1c6bb9aef9c35d191b5453", + "rev": "42ee229088490e3777ed7d1162cb9e9d8c3dbb11", "type": "github" }, "original": { @@ -56,11 +206,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1738136902, - "narHash": "sha256-pUvLijVGARw4u793APze3j6mU1Zwdtz7hGkGGkD87qw=", + "lastModified": 1743259260, + "narHash": "sha256-ArWLUgRm1tKHiqlhnymyVqi5kLNCK5ghvm06mfCl4QY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9a5db3142ce450045840cc8d832b13b8a2018e0c", + "rev": "eb0e0f21f15c559d2ac7633dc81d079d1caf5f5f", "type": "github" }, "original": { @@ -70,13 +220,29 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs-unstable": { "locked": { - "lastModified": 1739758141, - "narHash": "sha256-uq6A2L7o1/tR6VfmYhZWoVAwb3gTy7j4Jx30MIrH0rE=", + "lastModified": 1744098102, + "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c618e28f70257593de75a7044438efc1c1fc0791", + "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1743813633, + "narHash": "sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p+jElwxaM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7819a0d29d1dd2bc331bec4b327f0776359b1fa6", "type": "github" }, "original": { @@ -88,9 +254,88 @@ }, "root": { "inputs": { + "apple-silicon": "apple-silicon", "disko": "disko", + "firefox-addons": "firefox-addons", + "home-manager": "home-manager", "nixos-generators": "nixos-generators", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_2", + "nixpkgs-unstable": "nixpkgs-unstable", + "snowfall-lib": "snowfall-lib", + "sops-nix": "sops-nix" + } + }, + "rust-overlay": { + "flake": false, + "locked": { + "lastModified": 1686795910, + "narHash": "sha256-jDa40qRZ0GRQtP9EMZdf+uCbvzuLnJglTUI2JoHfWDc=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "5c2b97c0a9bc5217fc3dfb1555aae0fb756d99f9", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "snowfall-lib": { + "inputs": { + "flake-compat": "flake-compat_2", + "flake-utils-plus": "flake-utils-plus", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1736130495, + "narHash": "sha256-4i9nAJEZFv7vZMmrE0YG55I3Ggrtfo5/T07JEpEZ/RM=", + "owner": "snowfallorg", + "repo": "lib", + "rev": "02d941739f98a09e81f3d2d9b3ab08918958beac", + "type": "github" + }, + "original": { + "owner": "snowfallorg", + "repo": "lib", + "type": "github" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1743910657, + "narHash": "sha256-zr2jmWeWyhCD8WmO2aWov2g0WPPuZfcJDKzMJZYGq3Y=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "523f58a4faff6c67f5f685bed33a7721e984c304", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix old mode 100644 new mode 100755 index 7b39d9f..7bc73ff --- a/flake.nix +++ b/flake.nix @@ -3,94 +3,63 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; disko.url = "github:nix-community/disko"; + snowfall-lib = { + url = "github:snowfallorg/lib"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + home-manager = { + url = "github:nix-community/home-manager/release-24.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + apple-silicon = { + url = "github:tpwrules/nixos-apple-silicon/releasep2-2024-12-25"; + inputs.nixpkgs.follows = "nixpkgs"; + }; nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs"; }; + firefox-addons = { + url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + sops-nix = { + url = "github:Mic92/sops-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = { self, nixpkgs, disko, nixos-generators }: - let - mkSystem = { systemConfig ? { }, moduleConfig }: nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - disko.nixosModules.disko - ./lib/disk-config.nix - ./lib/common-system.nix - systemConfig - ({ ... }: moduleConfig) + outputs = inputs: + inputs.snowfall-lib.mkFlake { + inherit inputs; + src = ./.; + + snowfall = { + namespace = "reichard"; + meta = { + title = "Reichard"; + name = "reichard"; + }; + }; + + channels-config = { + allowUnfree = true; + permittedInsecurePackages = [ + "intel-ocl-5.0-63503" ]; }; - in - { - # NixOS Generators - packages.x86_64-linux = { - # RKE2 - rke2-image = nixos-generators.nixosGenerate { - system = "x86_64-linux"; - format = "vmware"; - modules = [ - ./hosts/rke2-image.nix - ]; - }; - usb-image = nixos-generators.nixosGenerate { - system = "x86_64-linux"; - format = "raw-efi"; - modules = [ - ./hosts/usb-image.nix - ]; - }; - }; + homes.modules = with inputs; [ + sops-nix.homeManagerModules.sops + ]; - # NixOS Configurations - nixosConfigurations = { - # Office Server (LLaMA / ADS-B) - lin-va-office = mkSystem { - systemConfig = ./hosts/office-server.nix; - moduleConfig = { - hostName = "lin-va-office"; - mainDiskID = "/dev/disk/by-id/ata-MTFDDAK512MBF-1AN1ZABHA_161212233628"; - network = { - interface = "enp5s0"; - address = "10.0.50.120"; - defaultGateway = "10.0.50.254"; - nameservers = [ "10.0.50.254" ]; - }; - }; - }; - - # Utility Room Desktop - lin-va-utility = mkSystem { - systemConfig = ./hosts/utility-desktop.nix; - moduleConfig = { - hostName = "lin-va-utility"; - mainDiskID = "/dev/disk/by-id/nvme-eui.0026b768429d3eb5"; - network = { - interface = "eno1"; - address = "10.0.20.50"; - defaultGateway = "10.0.20.254"; - nameservers = [ "10.0.20.254" ]; - }; - }; - }; - - # Nix Builder - lin-va-nix-builder = mkSystem { - systemConfig = ./hosts/builder.nix; - moduleConfig = { - hostName = "lin-va-nix-builder"; - mainDiskID = "/dev/xvda"; - enableXenGuest = true; - network = { - interface = "enX0"; - address = "10.0.50.130"; - defaultGateway = "10.0.50.254"; - nameservers = [ "10.0.50.254" ]; - }; - }; - }; + systems.modules = { + nixos = with inputs; [ + disko.nixosModules.disko + sops-nix.nixosModules.sops + ]; }; }; } diff --git a/home-manager/bash/default.nix b/home-manager/bash/default.nix deleted file mode 100644 index a4342bd..0000000 --- a/home-manager/bash/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - programs.bash = { - enable = true; - shellAliases = { - grep = "grep --color"; - ssh = "TERM=xterm-256color ssh"; - flush_dns = "sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder"; - }; - profileExtra = '' - SHELL="$BASH" - PATH=~/.bin:$PATH - eval "$(thefuck --alias)" - set -o vi - bind "set show-mode-in-prompt on" - fastfetch - ''; - }; -} diff --git a/home-manager/btop/default.nix b/home-manager/btop/default.nix deleted file mode 100644 index 04df897..0000000 --- a/home-manager/btop/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - programs.btop = { - enable = true; - }; - - home.file.".config/btop/btop.conf".text = - builtins.readFile ./config/btop.conf; - home.file.".config/btop/themes/catppuccin_mocha.theme".text = - builtins.readFile ./config/catppuccin_mocha.theme; -} diff --git a/home-manager/direnv/default.nix b/home-manager/direnv/default.nix deleted file mode 100644 index 2b51c9d..0000000 --- a/home-manager/direnv/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - programs.direnv = { - enable = true; - nix-direnv.enable = true; - }; -} diff --git a/home-manager/fastfetch/default.nix b/home-manager/fastfetch/default.nix deleted file mode 100644 index 68bcfb8..0000000 --- a/home-manager/fastfetch/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - xdg.configFile = { - "fastfetch/config.jsonc" = { - source = ./config/config.jsonc; - }; - }; -} diff --git a/home-manager/ghostty/default.nix b/home-manager/ghostty/default.nix deleted file mode 100644 index c59774f..0000000 --- a/home-manager/ghostty/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - xdg.configFile = { - "ghostty/config" = { - source = ./config/ghostty.conf; - }; - }; -} diff --git a/home-manager/git/default.nix b/home-manager/git/default.nix deleted file mode 100644 index 3bee355..0000000 --- a/home-manager/git/default.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - programs.git = { - enable = true; - userName = "Evan Reichard"; - aliases = { - lg = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all -n 15"; - }; - includes = [ - { - path = "~/.config/git/work"; - condition = "gitdir:~/Development/git/work/"; - } - { - path = "~/.config/git/personal"; - condition = "gitdir:~/Development/git/personal/"; - } - ]; - extraConfig = { - core = { - autocrlf = "input"; - safecrlf = "true"; - excludesFile = "~/.config/git/.gitignore"; - }; - column = { - ui = "auto"; - }; - fetch = { - prune = true; - pruneTags = true; - all = true; - }; - help = { - autocorrect = true; - }; - diff = { - algorithm = "histogram"; - colorMoved = "plain"; - mnemonicPrefix = true; - renames = true; - }; - rebase = { - autoSquash = true; - autoStash = true; - updateRefs = true; - }; - rerere = { - enabled = true; - autoupdate = true; - }; - commit = { - verbose = true; - }; - branch = { - sort = "-committerdate"; - }; - merge = { - conflictstyle = "zdiff3"; - }; - push = { - autoSetupRemote = true; - }; - }; - }; - - # Copy Configuration - xdg.configFile = { - git = { - source = ./config; - recursive = true; - }; - }; -} diff --git a/home-manager/home.nix b/home-manager/home.nix deleted file mode 100644 index 87bfced..0000000 --- a/home-manager/home.nix +++ /dev/null @@ -1,86 +0,0 @@ -{ pkgs, ... }: -let - inherit (pkgs.lib) optionals mkForce; - inherit (pkgs.stdenv) isLinux isDarwin; -in -{ - - imports = [ - ./bash - ./btop - ./direnv - ./fastfetch - ./ghostty - ./git - ./nvim - ./powerline - ./readline - ./hyprland - ./waybar - ]; - - # Home Manager Config - home.stateVersion = "24.11"; - home.username = "evanreichard"; - home.homeDirectory = mkForce (if isLinux then "/home/evanreichard" else "/Users/evanreichard"); - programs.home-manager.enable = true; - - # Global Packages - home.packages = with pkgs; [ - (nerdfonts.override { fonts = [ "Meslo" ]; }) - # ghostty - Pending Darwin @ https://github.com/NixOS/nixpkgs/pull/369788 - android-tools - awscli2 - bashInteractive - cw - fastfetch - gitAndTools.gh - google-cloud-sdk - imagemagick - kubectl - kubernetes-helm - mosh - pre-commit - python311 - ssm-session-manager-plugin - texliveSmall # Pandoc PDF Dep - thefuck - tldr - ] - ++ optionals isLinux [ - ghostty - hyprpaper - firefox - ] - ++ optionals isDarwin [ ]; - - # GitHub CLI - programs.gh = { - enable = true; - settings = { - git_protocol = "ssh"; - }; - }; - - # Misc Programs - programs.jq.enable = true; - programs.k9s.enable = true; - programs.pandoc.enable = true; - - # Enable Flakes & Commands - nix = { - package = mkForce pkgs.nix; - settings = { - experimental-features = "nix-command flakes"; - }; - }; - - # SQLite Configuration - home.file.".sqliterc".text = '' - .headers on - .mode column - ''; - - # Darwin Spotlight Indexing Hack - disabledModules = [ "targets/darwin/linkapps.nix" ]; -} diff --git a/home-manager/hyprland/default.nix b/home-manager/hyprland/default.nix deleted file mode 100644 index 31cd74b..0000000 --- a/home-manager/hyprland/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ pkgs, lib, ... }: - -lib.mkIf pkgs.stdenv.isLinux { - wayland.windowManager.hyprland = { - enable = true; - extraConfig = builtins.readFile ./config/hyprland.conf; - }; -} diff --git a/home-manager/nvim/config/lua/base.lua b/home-manager/nvim/config/lua/base.lua deleted file mode 100644 index b9678c6..0000000 --- a/home-manager/nvim/config/lua/base.lua +++ /dev/null @@ -1,66 +0,0 @@ --- Set Theme --- vim.g.nord_borders = true --- vim.g.nord_contrast = true --- vim.cmd('colorscheme nord') -vim.cmd('colorscheme melange') - --- Set Leader -vim.keymap.set("n", "", "", {silent = true}) -vim.g.mapleader = " " - --- Set Timeout -vim.opt.timeoutlen = 250 - --- Disable NetRW -vim.g.loaded_netrw = 1 -vim.g.loaded_netrwPlugin = 1 - --- Set Term Colors -vim.opt.termguicolors = true - --- Synchronize with system clipboard -vim.opt.clipboard = "unnamed" - --- Always show the signcolumn -vim.opt.signcolumn = "yes" - --- Set nowrap, line numbers, hightlight search -vim.opt.wrap = false -vim.opt.nu = true -vim.opt.hlsearch = true -vim.opt.shiftwidth = 2 - --- Set fold settings -vim.opt.foldmethod = "indent" -vim.opt.foldnestmax = 10 -vim.opt.foldlevel = 2 - --- Diagnostics Mappings -local diagnostics_active = true -local toggle_diagnostics = function() - diagnostics_active = not diagnostics_active - if diagnostics_active then - vim.diagnostic.enable() - else - vim.diagnostic.disable() - end -end - -local diagnostics_loclist_active = false -local toggle_diagnostics_loclist = function() - diagnostics_loclist_active = not diagnostics_loclist_active - if diagnostics_loclist_active then - vim.diagnostic.setloclist() - else - vim.cmd('lclose') - end -end - -local opts = {noremap = true, silent = true} -vim.keymap.set('n', 'qt', toggle_diagnostics, opts) -vim.keymap.set('n', 'qN', - function() vim.diagnostic.goto_prev({float = false}) end, opts) -vim.keymap.set('n', 'qn', - function() vim.diagnostic.goto_next({float = false}) end, opts) -vim.keymap.set('n', 'qq', toggle_diagnostics_loclist, opts) -vim.keymap.set('n', 'qe', vim.diagnostic.open_float, opts) diff --git a/home-manager/nvim/default.nix b/home-manager/nvim/default.nix deleted file mode 100644 index 24b25b2..0000000 --- a/home-manager/nvim/default.nix +++ /dev/null @@ -1,194 +0,0 @@ -{ pkgs, ... }: -{ - programs.neovim = { - enable = true; - viAlias = true; - vimAlias = true; - withNodeJs = true; - withPython3 = true; - - plugins = with pkgs.vimPlugins; [ - # ------------------ - # --- Completion --- - # ------------------ - cmp-buffer # Buffer Word Completion - cmp-cmdline # Command Line Completion - cmp-nvim-lsp # Main LSP - cmp-path # Path Completion - cmp_luasnip # Snippets Completion - friendly-snippets # Snippets - lsp_lines-nvim # Inline Diagnostics - luasnip # Snippets - nvim-cmp # Completions - nvim-lspconfig # LSP Config - - # ------------------- - # ----- Helpers ----- - # ------------------- - aerial-nvim # Code Outline - comment-nvim # Code Comments - diffview-nvim # Diff View - gitsigns-nvim # Git Blame - leap-nvim # Quick Movement - markdown-preview-nvim # Markdown Preview - neo-tree-nvim # File Explorer - none-ls-nvim # Formatters - numb-nvim # Peek / Jump to Lines - nvim-autopairs # Automatically Close Pairs (),[],{} - telescope-fzf-native-nvim # Faster Telescope - telescope-nvim # Fuzzy Finder - telescope-ui-select-nvim # UI - toggleterm-nvim # Terminal Helper - vim-nix # Nix Helpers - which-key-nvim # Shortcut Helper - - # ------------------ - # --- Theme / UI --- - # ------------------ - lualine-nvim # Bottom Line - noice-nvim # UI Tweaks - # nord-nvim # Theme - melange-nvim # Theme - nvim-notify # Noice Dependency - nvim-web-devicons # Dev Icons - - # ------------------ - # --- Treesitter --- - # ------------------ - nvim-treesitter-context - nvim-treesitter.withAllGrammars - - # ------------------- - # ------- DAP ------- - # ------------------- - nvim-dap - nvim-dap-go - nvim-dap-ui - - # -------------------- - # -- NONE-LS EXTRAS -- - # -------------------- - ( - pkgs.vimUtils.buildVimPlugin { - pname = "none-ls-extras.nvim"; - version = "2024-06-11"; - src = pkgs.fetchFromGitHub { - owner = "nvimtools"; - repo = "none-ls-extras.nvim"; - rev = "336e84b9e43c0effb735b08798ffac382920053b"; - sha256 = "sha256-UtU4oWSRTKdEoMz3w8Pk95sROuo3LEwxSDAm169wxwk="; - }; - meta.homepage = "https://github.com/nvimtools/none-ls-extras.nvim/"; - } - ) - - # ------------------- - # ----- Silicon ----- - # ------------------- - ( - pkgs.vimUtils.buildVimPlugin { - pname = "silicon.lua"; - version = "2022-12-03"; - src = pkgs.fetchFromGitHub { - owner = "mhanberg"; - repo = "silicon.lua"; - rev = "5ca462bee0a39b058786bc7fbeb5d16ea49f3a23"; - sha256 = "0vlp645d5mmii513v72jca931miyrhkvhwb9bfzhix1199zx7vi2"; - }; - meta.homepage = "https://github.com/mhanberg/silicon.lua/"; - } - ) - - # ------------------- - # ------- LLM ------- - # ------------------- - ( - pkgs.vimUtils.buildVimPlugin { - pname = "llm.nvim"; - version = "2024-05-25"; - src = pkgs.fetchFromGitHub { - owner = "David-Kunz"; - repo = "gen.nvim"; - rev = "bd19cf584b5b82123de977b44105e855e61e5f39"; - sha256 = "sha256-0AEB6im8Jz5foYzmL6KEGSAYo48g1bkFpjlCSWT6JeE="; - }; - meta.homepage = "https://github.com/David-Kunz/gen.nvim/"; - } - ) - - # ------------------- - # ---- LLAMA.VIM ---- - # ------------------- - ( - pkgs.vimUtils.buildVimPlugin { - pname = "llama.vim"; - version = "2025-01-23"; - src = pkgs.fetchFromGitHub { - owner = "ggml-org"; - repo = "llama.vim"; - rev = "143fe910b8d47a054ed464c38d8b7c17d5354468"; - sha256 = "sha256-PW0HKzhSxcZiWzpDOuy98rl/X0o2nE7tMjZjwwh0qLE="; - }; - meta.homepage = "https://github.com/ggml-org/llama.vim/"; - } - ) - - ]; - - extraPackages = with pkgs; [ - # Telescope Dependencies - fd - ripgrep - tree-sitter - - # LSP Dependencies - go - golangci-lint - golangci-lint-langserver - gopls - lua-language-server - nil - nodePackages.eslint - nodePackages.svelte-language-server - nodePackages.typescript - nodePackages.typescript-language-server - nodePackages.vscode-langservers-extracted - pyright - eslint_d - - # Formatters - luaformatter - nixpkgs-fmt - nodePackages.prettier - sqlfluff - stylua - - # Silicon - silicon - ]; - - extraConfig = ":luafile ~/.config/nvim/lua/init.lua"; - }; - - - xdg.configFile = { - # Copy Configuration - nvim = { - source = ./config; - recursive = true; - }; - - # Generate Nix Vars - "nvim/lua/nix-vars.lua".text = '' - local nix_vars = { - gopls = "${pkgs.gopls}/bin/gopls", - luals = "${pkgs.lua-language-server}/bin/lua-language-server", - sveltels = "${pkgs.nodePackages.svelte-language-server}/bin/svelteserver", - tsls = "${pkgs.nodePackages.typescript-language-server}/bin/typescript-language-server", - golintls = "${pkgs.golangci-lint-langserver}/bin/golangci-lint-langserver", - vscls = "${pkgs.nodePackages.vscode-langservers-extracted}", - } - return nix_vars - ''; - }; -} diff --git a/home-manager/powerline/default.nix b/home-manager/powerline/default.nix deleted file mode 100644 index 363ec58..0000000 --- a/home-manager/powerline/default.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - programs.powerline-go = { - enable = true; - settings = { - git-mode = "compact"; - theme = "gruvbox"; - }; - modules = [ - "host" - "cwd" - "git" - "docker" - "venv" - ]; - }; -} diff --git a/home-manager/readline/default.nix b/home-manager/readline/default.nix deleted file mode 100644 index fb38452..0000000 --- a/home-manager/readline/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - programs.readline = { - enable = true; - extraConfig = '' - # Approximate VIM Dracula Colors - set vi-ins-mode-string \1\e[01;38;5;23;48;5;231m\2 I \1\e[38;5;231;48;5;238m\2\1\e[0m\2 - set vi-cmd-mode-string \1\e[01;38;5;22;48;5;148m\2 C \1\e[38;5;148;48;5;238m\2\1\e[0m\2 - ''; - }; -} diff --git a/home-manager/waybar/config/style.css b/home-manager/waybar/config/style.css deleted file mode 100644 index 1a2fefa..0000000 --- a/home-manager/waybar/config/style.css +++ /dev/null @@ -1,88 +0,0 @@ -* { - border: none; - border-radius: 0; - font-family: - Cartograph CF Nerd Font, - monospace; - font-weight: bold; - font-size: 14px; - min-height: 0; -} - -window#waybar { - background: rgba(21, 18, 27, 0); - color: #cdd6f4; -} - -tooltip { -} - -#workspaces button { -} - -#workspaces button.active { - color: #9ccfd8; -} - -#workspaces button.focused { - color: #9ccfd8; -} - -#workspaces button.urgent { -} - -#workspaces button:hover { -} - -#custom-language, -#custom-updates, -#custom-caffeine, -#custom-weather, -#window, -#clock, -#battery, -#pulseaudio, -#network, -#workspaces, -#tray, -#backlight { -} - -#tray { -} - -#workspaces { -} - -#custom-caffeine { -} - -#custom-language { -} - -#custom-updates { -} - -#window { -} - -#clock { -} - -#network { -} - -#pulseaudio { -} - -#pulseaudio.microphone { -} - -#battery { -} - -#custom-weather { -} - -#custom-endright { -} diff --git a/home-manager/waybar/default.nix b/home-manager/waybar/default.nix deleted file mode 100644 index 5e86e90..0000000 --- a/home-manager/waybar/default.nix +++ /dev/null @@ -1,114 +0,0 @@ -{ lib, pkgs, ... }: -lib.mkIf pkgs.stdenv.isLinux { - programs.waybar = { - enable = true; - style = builtins.readFile ./config/style.css; - settings = [{ - layer = "top"; - position = "top"; - mod = "dock"; - exclusive = true; - passtrough = false; - gtk-layer-shell = true; - height = 0; - modules-left = [ - "hyprland/workspaces" - "custom/divider" - "custom/divider" - "cpu" - "custom/divider" - "memory" - ]; - modules-center = [ "hyprland/window" ]; - modules-right = [ - "tray" - "network" - "custom/divider" - "backlight" - "custom/divider" - "pulseaudio" - "custom/divider" - "battery" - "custom/divider" - "clock" - ]; - "hyprland/window" = { format = "{}"; }; - "wlr/workspaces" = { - on-scroll-up = "hyprctl dispatch workspace e+1"; - on-scroll-down = "hyprctl dispatch workspace e-1"; - all-outputs = true; - on-click = "activate"; - }; - battery = { format = "󰁹 {}%"; }; - cpu = { - interval = 10; - format = "󰻠 {}%"; - max-length = 10; - on-click = ""; - }; - memory = { - interval = 30; - format = "  {}%"; - format-alt = " {used:0.1f}G"; - max-length = 10; - }; - backlight = { - format = "󰖨 {}"; - device = "acpi_video0"; - }; - tray = { - icon-size = 13; - tooltip = false; - spacing = 10; - }; - network = { - format = "󰖩 {essid}"; - format-disconnected = "󰖪 disconnected"; - }; - clock = { - format = " {:%I:%M %p  %m/%d} "; - tooltip-format = '' - {:%Y %B} - {calendar}''; - }; - pulseaudio = { - format = "{icon} {volume}%"; - tooltip = false; - format-muted = " Muted"; - on-click = "pamixer -t"; - on-scroll-up = "pamixer -i 5"; - on-scroll-down = "pamixer -d 5"; - scroll-step = 5; - format-icons = { - headphone = ""; - hands-free = ""; - headset = ""; - phone = ""; - portable = ""; - car = ""; - default = [ "" "" "" ]; - }; - }; - "pulseaudio#microphone" = { - format = "{format_source}"; - tooltip = false; - format-source = " {volume}%"; - format-source-muted = " Muted"; - on-click = "pamixer --default-source -t"; - on-scroll-up = "pamixer --default-source -i 5"; - on-scroll-down = "pamixer --default-source -d 5"; - scroll-step = 5; - }; - "custom/divider" = { - format = " | "; - interval = "once"; - tooltip = false; - }; - "custom/endright" = { - format = "_"; - interval = "once"; - tooltip = false; - }; - }]; - }; -} diff --git a/home-manager/README.md b/homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/README.md old mode 100644 new mode 100755 similarity index 100% rename from home-manager/README.md rename to homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/README.md diff --git a/homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/default.nix b/homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/default.nix new file mode 100755 index 0000000..496a366 --- /dev/null +++ b/homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/default.nix @@ -0,0 +1,57 @@ +{ lib, config, namespace, ... }: +let + inherit (lib.${namespace}) enabled; +in +{ + home.stateVersion = "24.11"; + + reichard = { + user = { + enable = true; + inherit (config.snowfallorg.user) name; + }; + + services = { + # TODO + # sops = { + # enable = true; + # defaultSopsFile = lib.snowfall.fs.get-file "secrets/mac-va-mbp-personal/evanreichard/default.yaml"; + # sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ]; + # }; + }; + + programs = { + graphical = { + ghostty = enabled; + ghidra = enabled; + }; + + terminal = { + btop = enabled; + direnv = enabled; + git = enabled; + k9s = enabled; + nvim = enabled; + }; + }; + }; + + # Global Packages + # programs.jq = enabled; + # programs.pandoc = enabled; + # home.packages = with pkgs; [ + # android-tools + # imagemagick + # mosh + # python311 + # texliveSmall # Pandoc PDF Dep + # google-cloud-sdk + # tldr + # ]; + + # SQLite Configuration + home.file.".sqliterc".text = '' + .headers on + .mode column + ''; +} diff --git a/homes/aarch64-darwin/evanreichard@mac-va-mbp-work/default.nix b/homes/aarch64-darwin/evanreichard@mac-va-mbp-work/default.nix new file mode 100755 index 0000000..c80af19 --- /dev/null +++ b/homes/aarch64-darwin/evanreichard@mac-va-mbp-work/default.nix @@ -0,0 +1,57 @@ +{ pkgs, lib, config, namespace, ... }: +let + inherit (lib.${namespace}) enabled; +in +{ + home.stateVersion = "24.11"; + + reichard = { + user = { + enable = true; + inherit (config.snowfallorg.user) name; + }; + + services = { + # TODO + # sops = { + # enable = true; + # defaultSopsFile = lib.snowfall.fs.get-file "secrets/mac-va-mbp-work/evanreichard/default.yaml"; + # sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ]; + # }; + }; + + programs = { + graphical = { + ghostty = enabled; + }; + + terminal = { + btop = enabled; + direnv = enabled; + git = enabled; + k9s = enabled; + nvim = enabled; + aws = enabled; + }; + }; + }; + + # Global Packages + programs.jq = enabled; + programs.pandoc = enabled; + home.packages = with pkgs; [ + android-tools + imagemagick + mosh + python311 + texliveSmall # Pandoc PDF Dep + google-cloud-sdk + tldr + ]; + + # SQLite Configuration + home.file.".sqliterc".text = '' + .headers on + .mode column + ''; +} diff --git a/homes/aarch64-linux/evanreichard@lin-va-mbp-personal/README.md b/homes/aarch64-linux/evanreichard@lin-va-mbp-personal/README.md new file mode 100755 index 0000000..2e30493 --- /dev/null +++ b/homes/aarch64-linux/evanreichard@lin-va-mbp-personal/README.md @@ -0,0 +1,40 @@ +# Nix Home Manager Configuration + +## Upgrade + +```bash +# Update System Channels +sudo nix-channel --add https://nixos.org/channels/nixpkgs-24.11-darwin nixpkgs +sudo nix-channel --update + +# Update Home Manager +nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz home-manager +nix-channel --update + +# Link Repo +ln -s /Users/evanreichard/Development/git/personal/nix/home-manager ~/.config/home-manager + +# Build Home Manager +home-manager switch +``` + +## Clean Garbage + +NOTE: This will remove previous generations + +```bash +sudo nix-collect-garbage --delete-old +nix-collect-garbage --delete-old +``` + +## OS Update + +`/etc/bashrc` may get overridden. To properly load Nix, prepend the following: + +```bash +# Nix +if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then + . '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' +fi +# End Nix +``` diff --git a/homes/aarch64-linux/evanreichard@lin-va-mbp-personal/default.nix b/homes/aarch64-linux/evanreichard@lin-va-mbp-personal/default.nix new file mode 100755 index 0000000..ad5d6d3 --- /dev/null +++ b/homes/aarch64-linux/evanreichard@lin-va-mbp-personal/default.nix @@ -0,0 +1,99 @@ +{ pkgs, lib, config, namespace, osConfig, ... }: +let + inherit (lib.${namespace}) enabled; +in +{ + home.stateVersion = "24.11"; + + reichard = { + user = { + enable = true; + inherit (config.snowfallorg.user) name; + }; + + services = { + ssh-agent = enabled; + fusuma = enabled; + swww = enabled; + sops = { + enable = true; + defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml"; + sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ]; + }; + }; + + programs = { + graphical = { + wms.hyprland = enabled; + ghostty = enabled; + ghidra = enabled; + browsers.firefox = { + enable = true; + gpuAcceleration = true; + hardwareDecoding = true; + }; + }; + + terminal = { + btop = enabled; + direnv = enabled; + git = enabled; + k9s = enabled; + nvim = enabled; + }; + }; + }; + + # home.packages = with pkgs; [ + # catppuccin-gtk + # ]; + + dconf = { + settings = { + "org/gnome/desktop/interface" = { + color-scheme = "prefer-dark"; + cursor-theme = "catppuccin-macchiato-mauve-cursors"; + cursor-size = 24; + # enable-hot-corners = false; + # font-name = osConfig.${namespace}.system.fonts.default; + # gtk-theme = cfg.theme.name; + # icon-theme = cfg.icon.name; + }; + }; + }; + + + home.pointerCursor = { + # x11.enable = true; + gtk.enable = true; + name = "catppuccin-macchiato-mauve-cursors"; + package = pkgs.catppuccin-cursors.macchiatoMauve; + size = 24; + }; + + # Kubernetes Secrets + sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable { + rke2_kubeconfig = { + path = "${config.home.homeDirectory}/.kube/rke2"; + }; + }; + + # Global Packages + # programs.jq = enabled; + # programs.pandoc = enabled; + # home.packages = with pkgs; [ + # android-tools + # imagemagick + # mosh + # python311 + # texliveSmall # Pandoc PDF Dep + # google-cloud-sdk + # tldr + # ]; + + # SQLite Configuration + home.file.".sqliterc".text = '' + .headers on + .mode column + ''; +} diff --git a/hosts/builder.nix b/hosts/builder.nix deleted file mode 100644 index fd80561..0000000 --- a/hosts/builder.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ pkgs, ... }: - -{ - # User Authorized Keys - users.users.root = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGGGpRpDQRstoqnCAQioSnh6PZRzNQL7lGJHksIkcoF builder" - ]; - hashedPassword = null; - }; - - # System Packages - environment.systemPackages = with pkgs; [ - htop - tmux - vim - ]; -} diff --git a/hosts/rke2-image.nix b/hosts/rke2-image.nix deleted file mode 100644 index 62a7818..0000000 --- a/hosts/rke2-image.nix +++ /dev/null @@ -1,189 +0,0 @@ -{ pkgs, lib, modulesPath, ... }: -{ - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; - config = { - # Basic System - system.stateVersion = "24.11"; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - time.timeZone = "UTC"; - - fileSystems."/" = { - device = "/dev/disk/by-label/nixos"; - fsType = "ext4"; - autoResize = true; - }; - - boot = { - initrd = { - availableKernelModules = [ - # Xen - "xen_blkfront" - "xen_netfront" - ]; - kernelModules = [ "xen_netfront" "xen_blkfront" ]; - supportedFilesystems = [ "ext4" "xenfs" ]; - }; - kernelModules = [ - # Xen VM Requirements - "xen_netfront" - "xen_blkfront" - "xenfs" - - # iSCSI - "iscsi_tcp" - ]; - }; - - # Add Intel Arc A310 GPU Drivers - nixpkgs.config.allowUnfree = true; - hardware.enableRedistributableFirmware = true; - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - libvdpau-va-gl - intel-vaapi-driver - intel-media-driver - intel-compute-runtime - intel-ocl - ]; - }; - - # Network Configuration - networking = { - hostName = lib.mkForce ""; - useNetworkd = true; - useDHCP = false; - - firewall = { - enable = true; - - allowedTCPPorts = [ - # RKE2 Ports - https://docs.rke2.io/install/requirements#networking - 6443 # Kubernetes API - 9345 # RKE2 supervisor API - 2379 # etcd Client Port - 2380 # etcd Peer Port - 2381 # etcd Metrics Port - 10250 # kubelet metrics - 9099 # Canal CNI health checks - ]; - - allowedUDPPorts = [ - # RKE2 Ports - https://docs.rke2.io/install/requirements#networking - 8472 # Canal CNI with VXLAN - # 51820 # Canal CNI with WireGuard IPv4 (if using encryption) - # 51821 # Canal CNI with WireGuard IPv6 (if using encryption) - ]; - - # Allow Multicast - extraCommands = '' - iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT - ''; - }; - }; - - services = { - # Enable Xen Guest Utilities - xe-guest-utilities.enable = true; - - # Enable iSCSI - openiscsi = { - enable = true; - name = "iqn.2025.placeholder:initiator"; # Overridden @ Runtime - }; - - # Cloud Init - cloud-init = { - enable = true; - network.enable = true; - settings = { - datasource_list = [ "NoCloud" ]; - preserve_hostname = false; - system_info.distro = "nixos"; - system_info.network.renderers = [ "networkd" ]; - }; - }; - - # Enable SSH - openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "prohibit-password"; - }; - }; - - # Enable RKE2 - rke2 = { - enable = true; - disable = [ "rke2-ingress-nginx" ]; - }; - }; - - systemd.services = { - # RKE2 - Wait Cloud Init - rke2-server = { - after = [ "cloud-final.service" ]; - requires = [ "cloud-final.service" ]; - }; - - # Runtime iSCSI Initiator Setup - iscsi-initiator-setup = { - description = "Setup iSCSI Initiator Name"; - requires = [ "cloud-final.service" ]; - before = [ "iscsid.service" ]; - after = [ "cloud-final.service" ]; - wantedBy = [ "multi-user.target" ]; - - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - }; - - path = [ pkgs.hostname pkgs.util-linux ]; - script = '' - mkdir -p /run/iscsi - echo "InitiatorName=iqn.2025.org.nixos:$(hostname)" > /run/iscsi/initiatorname.iscsi - mount --bind /run/iscsi/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi - ''; - }; - }; - - # User Authorized Keys - users.users.root = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard" - ]; - hashedPassword = null; - }; - - # Add Symlinks Expected by Democratic - system.activationScripts = { - iscsi-initiator = '' - mkdir -p /usr/bin - ln -sf ${pkgs.openiscsi}/bin/iscsiadm /usr/bin/iscsiadm - ln -sf ${pkgs.openiscsi}/bin/iscsid /usr/bin/iscsid - ''; - }; - - # System Packages - environment = { - systemPackages = with pkgs; [ - htop - intel-gpu-tools - k9s - kubectl - kubernetes-helm - nfs-utils - openiscsi - tmux - vim - ]; - - # Don't Manage - Runtime Generation - etc."iscsi/initiatorname.iscsi".enable = false; - }; - }; -} diff --git a/hosts/usb-image.nix b/hosts/usb-image.nix deleted file mode 100644 index 568f569..0000000 --- a/hosts/usb-image.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ pkgs, ... }: - -{ - # Basic System - system.stateVersion = "24.11"; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - time.timeZone = "UTC"; - - fileSystems."/" = { - device = "/dev/disk/by-label/nixos"; - fsType = "ext4"; - autoResize = true; - }; - - # SSH - services.openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "prohibit-password"; - }; - }; - - # Firewall Configuration - networking.firewall = { - enable = true; - allowedTCPPorts = [ - 22 - ]; - }; - - # User Authorized Keys - users.users.root = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard" - ]; - hashedPassword = null; - }; - - # System Packages - environment.systemPackages = with pkgs; [ - htop - tmux - vim - ]; -} diff --git a/lib/common-system.nix b/lib/common-system.nix deleted file mode 100644 index dfddbab..0000000 --- a/lib/common-system.nix +++ /dev/null @@ -1,103 +0,0 @@ -{ config, lib, ... }: -{ - # NixOS Config - options = { - hostName = lib.mkOption { - type = lib.types.str; - description = "The node hostname"; - }; - enableXenGuest = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Whether to enable Xen guest support"; - }; - network = lib.mkOption { - type = lib.types.submodule { - options = { - interface = lib.mkOption { - type = lib.types.str; - description = "Network interface name"; - example = "enp0s3"; - }; - address = lib.mkOption { - type = lib.types.str; - description = "Static IP address"; - example = "10.0.20.200"; - }; - defaultGateway = lib.mkOption { - type = lib.types.str; - description = "Default gateway IP"; - example = "10.0.20.254"; - }; - nameservers = lib.mkOption { - type = lib.types.listOf lib.types.str; - description = "List of DNS servers"; - example = [ "10.0.20.254" "8.8.8.8" ]; - default = [ "8.8.8.8" "8.8.4.4" ]; - }; - }; - }; - default = null; - description = "Network configuration"; - }; - }; - - config = lib.mkMerge [ - { - # Basic System - system.stateVersion = "24.11"; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - networking.hostName = config.hostName; - - # Boot Loader Options - boot.loader = { - systemd-boot.enable = true; - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; - }; - }; - - # Enable SSH - services.openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "prohibit-password"; - }; - }; - - # User Authorized Keys - users.users.root = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard" - ]; - hashedPassword = null; - }; - } - - # Network Configuration - (lib.mkIf (config.network != null) { - networking = { - inherit (config.network) defaultGateway nameservers; - interfaces.${config.network.interface}.ipv4.addresses = [{ - inherit (config.network) address; - prefixLength = 24; - }]; - }; - }) - - # Xen Guest Configuration - (lib.mkIf config.enableXenGuest { - services.xe-guest-utilities.enable = true; - - boot.initrd = { - availableKernelModules = [ "xen_blkfront" "xen_netfront" ]; - kernelModules = [ "xen_netfront" "xen_blkfront" ]; - supportedFilesystems = [ "ext4" "xenfs" ]; - }; - - boot.kernelModules = [ "xen_netfront" "xen_blkfront" "xenfs" ]; - }) - ]; -} diff --git a/lib/module/default.nix b/lib/module/default.nix new file mode 100644 index 0000000..952d7d7 --- /dev/null +++ b/lib/module/default.nix @@ -0,0 +1,19 @@ +{ lib, ... }: +let + inherit (lib) mkOption types; +in +rec { + mkOpt = + type: default: description: + mkOption { inherit type default description; }; + + mkBoolOpt = mkOpt types.bool; + + enabled = { + enable = true; + }; + + disabled = { + enable = false; + }; +} diff --git a/modules/home/programs/graphical/browsers/firefox/default.nix b/modules/home/programs/graphical/browsers/firefox/default.nix new file mode 100644 index 0000000..4fe57d4 --- /dev/null +++ b/modules/home/programs/graphical/browsers/firefox/default.nix @@ -0,0 +1,114 @@ +{ config, lib, pkgs, namespace, ... }: +let + inherit (lib) + types + mkIf + mkMerge + optionalAttrs + ; + inherit (lib.${namespace}) mkBoolOpt mkOpt; + + cfg = config.${namespace}.programs.graphical.browsers.firefox; +in +{ + imports = lib.snowfall.fs.get-non-default-nix-files ./.; + + options.${namespace}.programs.graphical.browsers.firefox = with types; { + enable = lib.mkEnableOption "Firefox"; + + extraConfig = mkOpt str "" "Extra configuration for the user profile JS file."; + gpuAcceleration = mkBoolOpt false "Enable GPU acceleration."; + hardwareDecoding = mkBoolOpt false "Enable hardware video decoding."; + + policies = mkOpt attrs + { + CaptivePortal = false; + DisableFirefoxStudies = true; + DisableFormHistory = true; + DisablePocket = true; + DisableTelemetry = true; + DisplayBookmarksToolbar = false; + DontCheckDefaultBrowser = true; + FirefoxHome = { + Pocket = false; + Snippets = false; + }; + PasswordManagerEnabled = false; + UserMessaging = { + ExtensionRecommendations = false; + SkipOnboarding = true; + }; + ExtensionSettings = { + # Block All + # "*".installation_mode = "blocked"; + + # Bypass Paywalls + "magnolia@12.34" = { + install_url = "https://gitflic.ru/project/magnolia1234/bpc_uploads/blob/raw?file=bypass_paywalls_clean-latest.xpi"; + installation_mode = "force_installed"; + }; + }; + Preferences = { }; + } "Policies to apply to firefox"; + + settings = mkOpt attrs { } "Settings to apply to the profile."; + + extensions = mkOpt (with lib.types; listOf package) + (with pkgs.firefox-addons; [ + bitwarden + darkreader + gruvbox-dark-theme + kagi-search + sponsorblock + ublock-origin + + # bypass-paywalls-clean + ]) "Extensions to install"; + }; + + config = mkIf cfg.enable { + programs.firefox = { + enable = true; + + inherit (cfg) policies; + + profiles = { + ${config.${namespace}.user.name} = { + inherit (cfg) extraConfig extensions; + inherit (config.${namespace}.user) name; + + id = 0; + + settings = mkMerge [ + cfg.settings + { + "browser.aboutConfig.showWarning" = false; + "browser.aboutwelcome.enabled" = false; + "browser.sessionstore.warnOnQuit" = true; + "browser.shell.checkDefaultBrowser" = false; + "general.smoothScroll.msdPhysics.enabled" = true; + "intl.accept_languages" = "en-US,en"; + "ui.key.accelKey" = "224"; + + # "devtools.chrome.enabled" = true; + # "xpinstall.signatures.required" = false; + } + (optionalAttrs cfg.gpuAcceleration { + "dom.webgpu.enabled" = true; + "gfx.webrender.all" = true; + "layers.gpu-process.enabled" = true; + "layers.mlgpu.enabled" = true; + }) + (optionalAttrs cfg.hardwareDecoding { + "media.ffmpeg.vaapi.enabled" = true; + "media.gpu-process-decoder" = true; + "media.hardware-video-decoding.enabled" = true; + }) + ]; + + # userChrome = ./chrome/userChrome.css; + }; + }; + }; + }; +} diff --git a/modules/home/programs/graphical/ghidra/default.nix b/modules/home/programs/graphical/ghidra/default.nix new file mode 100755 index 0000000..18662e6 --- /dev/null +++ b/modules/home/programs/graphical/ghidra/default.nix @@ -0,0 +1,14 @@ +{ pkgs, lib, config, namespace, ... }: +let + inherit (lib) mkIf mkEnableOption; + cfg = config.${namespace}.programs.graphical.ghidra; +in +{ + options.${namespace}.programs.graphical.ghidra = { + enable = mkEnableOption "Enable Ghidra"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ ghidra ]; + }; +} diff --git a/home-manager/fastfetch/config/config.jsonc b/modules/home/programs/graphical/ghostty/config/fastfetch.jsonc old mode 100644 new mode 100755 similarity index 100% rename from home-manager/fastfetch/config/config.jsonc rename to modules/home/programs/graphical/ghostty/config/fastfetch.jsonc diff --git a/modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-macchiato.conf b/modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-macchiato.conf new file mode 100644 index 0000000..bfda76d --- /dev/null +++ b/modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-macchiato.conf @@ -0,0 +1,23 @@ +# https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-macchiato.conf +palette = 0=#494d64 +palette = 1=#ed8796 +palette = 2=#a6da95 +palette = 3=#eed49f +palette = 4=#8aadf4 +palette = 5=#f5bde6 +palette = 6=#8bd5ca +palette = 7=#b8c0e0 +palette = 8=#5b6078 +palette = 9=#ed8796 +palette = 10=#a6da95 +palette = 11=#eed49f +palette = 12=#8aadf4 +palette = 13=#f5bde6 +palette = 14=#8bd5ca +palette = 15=#a5adcb +background = 24273a +foreground = cad3f5 +cursor-color = f4dbd6 +cursor-text = 24273a +selection-background = 3a3e53 +selection-foreground = cad3f5 diff --git a/modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-mocha.conf b/modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-mocha.conf new file mode 100644 index 0000000..5eb849d --- /dev/null +++ b/modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-mocha.conf @@ -0,0 +1,23 @@ +# https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-mocha.conf +palette = 0=#45475a +palette = 1=#f38ba8 +palette = 2=#a6e3a1 +palette = 3=#f9e2af +palette = 4=#89b4fa +palette = 5=#f5c2e7 +palette = 6=#94e2d5 +palette = 7=#bac2de +palette = 8=#585b70 +palette = 9=#f38ba8 +palette = 10=#a6e3a1 +palette = 11=#f9e2af +palette = 12=#89b4fa +palette = 13=#f5c2e7 +palette = 14=#94e2d5 +palette = 15=#a6adc8 +background = 1e1e2e +foreground = cdd6f4 +cursor-color = f5e0dc +cursor-text = 1e1e2e +selection-background = 353749 +selection-foreground = cdd6f4 diff --git a/home-manager/ghostty/config/ghostty.conf b/modules/home/programs/graphical/ghostty/config/ghostty-melange-dark.conf similarity index 82% rename from home-manager/ghostty/config/ghostty.conf rename to modules/home/programs/graphical/ghostty/config/ghostty-melange-dark.conf index b5d687d..caf4915 100644 --- a/home-manager/ghostty/config/ghostty.conf +++ b/modules/home/programs/graphical/ghostty/config/ghostty-melange-dark.conf @@ -1,8 +1,3 @@ -command = bash --login -macos-titlebar-style = tabs -auto-update = off -font-family = "MesloLGM Nerd Font Mono" - # Melange Dark - Adapted From: https://github.com/savq/melange-nvim/blob/master/term/kitty/melange_dark.conf palette = 0=#34302C palette = 1=#BD8183 diff --git a/modules/home/programs/graphical/ghostty/config/ghostty.conf b/modules/home/programs/graphical/ghostty/config/ghostty.conf new file mode 100755 index 0000000..b22f7c1 --- /dev/null +++ b/modules/home/programs/graphical/ghostty/config/ghostty.conf @@ -0,0 +1,58 @@ +command = @BASH_PATH@ --login +macos-titlebar-style = tabs +auto-update = off +font-family = "MesloLGM Nerd Font Mono" +confirm-close-surface = true + +# Keybindings - Tabs & Splits +keybind = cmd+t=new_tab +keybind = cmd+w=close_surface +keybind = cmd+d=new_split:right +keybind = cmd+shift+d=new_split:down +keybind = cmd+shift+enter=toggle_split_zoom + +# Keybindings - Navigation - Splits +keybind = cmd+left=goto_split:left +keybind = cmd+right=goto_split:right +keybind = cmd+up=goto_split:up +keybind = cmd+down=goto_split:down +keybind = cmd+]=goto_split:next +keybind = cmd+[=goto_split:previous + +# Keybindings - Navigation - Tabs +keybind = cmd+1=goto_tab:1 +keybind = cmd+2=goto_tab:2 +keybind = cmd+3=goto_tab:3 +keybind = cmd+4=goto_tab:4 +keybind = cmd+5=goto_tab:5 +keybind = cmd+6=goto_tab:6 +keybind = cmd+7=goto_tab:7 +keybind = cmd+8=goto_tab:8 +keybind = cmd+9=goto_tab:9 + +keybind = performable:cmd+c=copy_to_clipboard +keybind = performable:cmd+v=paste_from_clipboard + +# https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-mocha.conf +palette = 0=#45475a +palette = 1=#f38ba8 +palette = 2=#a6e3a1 +palette = 3=#f9e2af +palette = 4=#89b4fa +palette = 5=#f5c2e7 +palette = 6=#94e2d5 +palette = 7=#bac2de +palette = 8=#585b70 +palette = 9=#f38ba8 +palette = 10=#a6e3a1 +palette = 11=#f9e2af +palette = 12=#89b4fa +palette = 13=#f5c2e7 +palette = 14=#94e2d5 +palette = 15=#a6adc8 +background = 1e1e2e +foreground = cdd6f4 +cursor-color = f5e0dc +cursor-text = 1e1e2e +selection-background = 353749 +selection-foreground = cdd6f4 diff --git a/modules/home/programs/graphical/ghostty/default.nix b/modules/home/programs/graphical/ghostty/default.nix new file mode 100755 index 0000000..f82e214 --- /dev/null +++ b/modules/home/programs/graphical/ghostty/default.nix @@ -0,0 +1,78 @@ +{ pkgs, lib, config, namespace, ... }: +let + inherit (pkgs.stdenv) isLinux; + inherit (lib) mkIf mkEnableOption optionals; + cfg = config.${namespace}.programs.graphical.ghostty; +in +{ + options.${namespace}.programs.graphical.ghostty = { + enable = mkEnableOption "Ghostty"; + }; + + config = mkIf cfg.enable { + programs.bash = { + enable = true; + shellAliases = { + grep = "grep --color"; + ssh = "TERM=xterm-256color ssh"; + flush_dns = "sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder"; + }; + profileExtra = '' + SHELL="$BASH" + PATH=~/.bin:$PATH + bind "set show-mode-in-prompt on" + + set -o vi || true + VISUAL=vim + EDITOR="$VISUAL" + + fastfetch + eval "$(thefuck --alias)" + ''; + }; + + programs.powerline-go = { + enable = true; + settings = { + git-mode = "compact"; + theme = "gruvbox"; + }; + modules = [ + "host" + "cwd" + "git" + "docker" + "venv" + ]; + }; + + programs.readline = { + enable = true; + extraConfig = '' + # Approximate VIM Dracula Colors + set vi-ins-mode-string \1\e[01;38;5;23;48;5;231m\2 I \1\e[38;5;231;48;5;238m\2\1\e[0m\2 + set vi-cmd-mode-string \1\e[01;38;5;22;48;5;148m\2 C \1\e[38;5;148;48;5;238m\2\1\e[0m\2 + ''; + }; + + home.packages = with pkgs; [ + thefuck + fastfetch + bashInteractive + (nerdfonts.override { fonts = [ "Meslo" ]; }) + ] ++ optionals isLinux [ + # Pending Darwin @ https://github.com/NixOS/nixpkgs/pull/369788 + ghostty + ]; + + home.file.".config/fastfetch/config.jsonc".text = builtins.readFile ./config/fastfetch.jsonc; + home.file.".config/ghostty/config".text = + let + bashPath = "${pkgs.bashInteractive}/bin/bash"; + in + builtins.replaceStrings + [ "@BASH_PATH@" ] + [ bashPath ] + (builtins.readFile ./config/ghostty.conf); + }; +} diff --git a/home-manager/hyprland/config/hyprland.conf b/modules/home/programs/graphical/wms/hyprland/config/hyprland.conf old mode 100644 new mode 100755 similarity index 83% rename from home-manager/hyprland/config/hyprland.conf rename to modules/home/programs/graphical/wms/hyprland/config/hyprland.conf index 30d57c1..55e3f72 --- a/home-manager/hyprland/config/hyprland.conf +++ b/modules/home/programs/graphical/wms/hyprland/config/hyprland.conf @@ -1,30 +1,10 @@ - -# ####################################################################################### -# AUTOGENERATED HYPR CONFIG. -# PLEASE USE THE CONFIG PROVIDED IN THE GIT REPO /examples/hypr.conf AND EDIT IT, -# OR EDIT THIS ONE ACCORDING TO THE WIKI INSTRUCTIONS. -# ####################################################################################### - -# This is an example Hyprland config file. -# Refer to the wiki for more information. -# https://wiki.hyprland.org/Configuring/ - -# Please note not all available settings / options are set here. -# For a full list, see the wiki - -# You can split this configuration into multiple files -# Create your files separately and then link them to this file like this: -# source = ~/.config/hypr/myColors.conf - - ################ ### MONITORS ### ################ # See https://wiki.hyprland.org/Configuring/Monitors/ -monitor=,preferred,auto,1.0 -# monitor=HDMI-A-1,1920x1080,0x0,1 - +# debug:disable_scale_checks = true +monitor=,highres,auto,2 # 1.68 ################### ### MY PROGRAMS ### @@ -47,7 +27,9 @@ $menu = wofi --show drun # exec-once = $terminal # exec-once = nm-applet & -exec-once = waybar & $terminal & firefox +exec-once = uwsm app -- waybar +exec-once = uwsm app -- $terminal +exec-once = uwsm app -- firefox ############################# @@ -56,8 +38,8 @@ exec-once = waybar & $terminal & firefox # See https://wiki.hyprland.org/Configuring/Environment-variables/ -env = XCURSOR_SIZE,24 -env = HYPRCURSOR_SIZE,24 +# env = XCURSOR_SIZE,24 +# env = HYPRCURSOR_SIZE,24 ##################### @@ -69,7 +51,7 @@ env = HYPRCURSOR_SIZE,24 # https://wiki.hyprland.org/Configuring/Variables/#general general { gaps_in = 5 - gaps_out = 20 + gaps_out = 12 border_size = 2 @@ -90,7 +72,6 @@ general { decoration { rounding = 10 - # Change transparency of focused and unfocused windows active_opacity = 1.0 inactive_opacity = 1.0 @@ -101,21 +82,19 @@ decoration { color = rgba(1a1a1aee) } - # https://wiki.hyprland.org/Configuring/Variables/#blur blur { enabled = true size = 3 passes = 1 - vibrancy = 0.1696 } } # https://wiki.hyprland.org/Configuring/Variables/#animations +#https://wiki.hyprland.org/Configuring/Animations/ animations { enabled = yes, please :) - # Default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more bezier = easeOutQuint,0.23,1,0.32,1 bezier = easeInOutCubic,0.65,0.05,0.36,1 @@ -183,40 +162,51 @@ input { follow_mouse = 1 - sensitivity = 0 # -1.0 - 1.0, 0 means no modification. + sensitivity = 0.0 # -1.0 - 1.0, 0 means no modification. touchpad { - natural_scroll = false + scroll_factor = 0.5 + disable_while_typing = true + natural_scroll = true + clickfinger_behavior = true + tap-to-click = false } } # https://wiki.hyprland.org/Configuring/Variables/#gestures gestures { - workspace_swipe = false + workspace_swipe = true + workspace_swipe_fingers = 4 + workspace_swipe_invert = true } # Example per-device config # See https://wiki.hyprland.org/Configuring/Keywords/#per-device-input-configs for more -device { - name = epic-mouse-v1 - sensitivity = -0.5 -} +# device { +# name = epic-mouse-v1 +# sensitivity = -0.5 +# } ################### ### KEYBINDINGS ### ################### +# Super Bindings (macOS Transition) +bind = SUPER_SHIFT, 1, exec, hyprshot -m output +bind = SUPER_SHIFT, 2, exec, hyprshot -m window +bind = SUPER_SHIFT, 3, exec, hyprshot -m region +bind = SUPER, Q, killactive, +bind = SUPER, SPACE, exec, $menu + # See https://wiki.hyprland.org/Configuring/Keywords/ -$mainMod = SUPER # Sets "Windows" key as main modifier +$mainMod = ALT # Sets "Windows" key as main modifier # Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more -bind = $mainMod, Q, exec, $terminal -bind = $mainMod, C, killactive, +bind = $mainMod, RETURN, exec, $terminal bind = $mainMod, M, exit, bind = $mainMod, E, exec, $fileManager bind = $mainMod, V, togglefloating, -bind = $mainMod, R, exec, $menu bind = $mainMod, P, pseudo, # dwindle bind = $mainMod, J, togglesplit, # dwindle @@ -262,7 +252,7 @@ bind = $mainMod, mouse_up, workspace, e-1 bindm = $mainMod, mouse:272, movewindow bindm = $mainMod, mouse:273, resizewindow -# Laptop multimedia keys for volume and LCD brightness +# Generic Laptop Multimedia Keys for Volume and LCD brightness bindel = ,XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+ bindel = ,XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%- bindel = ,XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle @@ -270,6 +260,10 @@ bindel = ,XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle bindel = ,XF86MonBrightnessUp, exec, brightnessctl s 10%+ bindel = ,XF86MonBrightnessDown, exec, brightnessctl s 10%- +# macOS Keyboard Brightness +bindel = ALT, XF86MonBrightnessUp, exec, brightnessctl -d kbd_backlight s 10%+ +bindel = ALT, XF86MonBrightnessDown, exec, brightnessctl -d kbd_backlight s 10%- + # Requires playerctl bindl = , XF86AudioNext, exec, playerctl next bindl = , XF86AudioPause, exec, playerctl play-pause diff --git a/modules/home/programs/graphical/wms/hyprland/config/waybar-style.css b/modules/home/programs/graphical/wms/hyprland/config/waybar-style.css new file mode 100644 index 0000000..df1561d --- /dev/null +++ b/modules/home/programs/graphical/wms/hyprland/config/waybar-style.css @@ -0,0 +1,146 @@ +@define-color rosewater #f5e0dc; +@define-color flamingo #f2cdcd; +@define-color pink #f5c2e7; +@define-color mauve #cba6f7; +@define-color red #f38ba8; +@define-color maroon #eba0ac; +@define-color peach #fab387; +@define-color yellow #f9e2af; +@define-color green #a6e3a1; +@define-color teal #94e2d5; +@define-color sky #89dceb; +@define-color sapphire #74c7ec; +@define-color blue #89b4fa; +@define-color lavender #b4befe; +@define-color text #cdd6f4; +@define-color subtext1 #bac2de; +@define-color subtext0 #a6adc8; +@define-color overlay2 #9399b2; +@define-color overlay1 #7f849c; +@define-color overlay0 #6c7086; +@define-color surface2 #585b70; +@define-color surface1 #45475a; +@define-color surface0 #313244; +@define-color base #1e1e2e; +@define-color mantle #181825; +@define-color crust #11111b; + +/* Common Styles */ +* { + font-family: FantasqueSansMono Nerd Font; + font-size: 14px; + min-height: 0; +} + +/* Primary Waybar */ +#waybar { + background: transparent; + color: @text; +} + +/* Icon Only Sizes */ +#network, +#backlight, +#battery { + font-size: 18px; +} + +/* Node Styles */ +#workspaces, +#window, +#tray, +#cpu, +#memory, +#pulseaudio, +#network, +#backlight, +#battery, +#clock { + margin-top: 1rem; + padding: 0.2px 1rem; + background-color: @surface0; +} + +#workspaces button { + color: @lavender; + border-radius: 1rem; +} + +#workspaces button.active { + color: @sky; + background-color: @surface2; +} + +#workspaces button:hover { + color: @sapphire; +} + +#window { + background: transparent; + margin-left: 0.5rem; + margin-right: 8rem; /* Notch */ +} + +#memory { + color: @blue; +} + +#pulseaudio { + color: @maroon; +} + +#network { + color: @mauve; +} + +#cpu { + color: @peach; +} + +#backlight { + color: @yellow; +} + +#battery { + color: @green; +} + +#battery.charging { + color: @green; +} + +#battery.warning:not(.charging) { + color: @red; +} + +/* Left Border Radius */ +#clock, +#network, +#cpu, +#tray, +#workspaces { + margin-left: 0.5rem; + border-top-left-radius: 1rem; + border-bottom-left-radius: 1rem; +} + +/* Right Border Radius */ +#pulseaudio, +#clock, +#tray, +#battery, +#workspaces { + margin-right: 0.5rem; + border-top-right-radius: 1rem; + border-bottom-right-radius: 1rem; +} + +#workspaces { + padding: 0px; + margin-left: 1rem; +} + +#clock { + color: @blue; + margin-right: 1rem; +} diff --git a/modules/home/programs/graphical/wms/hyprland/config/wofi-style.css b/modules/home/programs/graphical/wms/hyprland/config/wofi-style.css new file mode 100755 index 0000000..c1093e5 --- /dev/null +++ b/modules/home/programs/graphical/wms/hyprland/config/wofi-style.css @@ -0,0 +1,127 @@ +window { + font-family: "Hack Nerd Font"; + background: transparent; +} + +#outer-box { + padding: 10px; + border-radius: 8px; + background: #2e3440; +} + +#scroll { + /* The Nordic gtk theme adds an outline to show scroll areas... */ + outline-color: transparent; +} + +#input { + color: #e5e9f0; + caret-color: #e5e9f0; + background: #3b4252; + border-top-color: #3b4252; + border-left-color: #3b4252; + border-right-color: #3b4252; + border-bottom-color: #3b4252; + box-shadow: 0 0 0 1px transparent inset; + outline-color: transparent !important; +} + +#input:focus { + background: #3b4252; + border-color: #3b4252 !important; + box-shadow: 0 0 0 1px transparent inset; + border-top-color: #3b4252 !important; + border-left-color: #3b4252 !important; + border-right-color: #3b4252 !important; + border-bottom-color: #3b4252 !important; + box-shadow: none !important; + outline-color: transparent !important; +} + +#input image.left { + color: #d8dee9; +} + +#input:focus image.left { + color: #e5e9f0; +} + +#input image.right { + color: #d8dee9; +} + +#input:focus image.right { + color: #e5e9f0; +} + +label { + /* We set backgrounds on the block level. */ + background: transparent; +} + +#scroll { + padding-top: 6px; +} + +#entry { + color: #4c566a; + padding: 8px 8px; + border-radius: 4px; + background: transparent; +} + +#entry:selected { + color: #eceff4; + background: #8fbcbb; + font-weight: bold; +} + +expander arrow { + margin-right: 8px; +} + +#entry #selected #text { + color: #eceff4; +} + +expander list { + margin-top: 8px; + /* background: #8fbcbb; */ + background: transparent; + padding-left: 16px; +} + +expander list #entry { + transition: none; + background: transparent; +} + +expander list #entry:hover, +expander list #entry:active { + /* color: #8fbcbb; + background: #e5e9f0; */ +} + +expander list #entry #selected { + background: #8fbcbb; +} + +expander list #entry #selected label { + color: #eceff4; + font-weight: bold; +} + +expander list #entry:hover, +expander list #entry:active { + background: #8fbcbb; +} + +expander list #entry:hover label, +expander list #entry:active label { + color: #eceff4; + font-weight: bold; +} + +expander list label { + color: #d8dee9; +} diff --git a/modules/home/programs/graphical/wms/hyprland/config/wofi.conf b/modules/home/programs/graphical/wms/hyprland/config/wofi.conf new file mode 100755 index 0000000..fe03dbe --- /dev/null +++ b/modules/home/programs/graphical/wms/hyprland/config/wofi.conf @@ -0,0 +1,3 @@ +stylesheet=./style.css +term=foot +insensitive=true diff --git a/modules/home/programs/graphical/wms/hyprland/default.nix b/modules/home/programs/graphical/wms/hyprland/default.nix new file mode 100755 index 0000000..5b45d8f --- /dev/null +++ b/modules/home/programs/graphical/wms/hyprland/default.nix @@ -0,0 +1,188 @@ +{ lib, pkgs, config, namespace, ... }: +let + inherit (lib) mkIf; + inherit (lib.${namespace}) enabled; + + cfg = config.${namespace}.programs.graphical.wms.hyprland; +in +{ + options.${namespace}.programs.graphical.wms.hyprland = { + enable = lib.mkEnableOption "Hyprland"; + }; + + config = mkIf cfg.enable { + services.swaync = enabled; + + wayland.windowManager.hyprland = { + enable = true; + extraConfig = builtins.readFile ./config/hyprland.conf; + }; + + programs.waybar = { + enable = true; + style = builtins.readFile ./config/waybar-style.css; + settings = [{ + layer = "top"; + position = "top"; + mod = "dock"; + exclusive = true; + passtrough = false; + gtk-layer-shell = true; + height = 0; + modules-left = [ + "hyprland/workspaces" + "hyprland/window" + ]; + # modules-center = [ "hyprland/window" ]; + modules-right = [ + "tray" + "cpu" + "memory" + "pulseaudio" + "network" + "backlight" + "battery" + "clock" + ]; + "hyprland/window" = { format = "{}"; }; + "wlr/workspaces" = { + on-scroll-up = "hyprctl dispatch workspace e+1"; + on-scroll-down = "hyprctl dispatch workspace e-1"; + all-outputs = true; + on-click = "activate"; + }; + battery = { + states = { + warning = 30; + critical = 15; + }; + format = "{icon}"; + format-charging = "󰂄"; + format-plugged = "󰂄"; + format-alt = "{icon}"; + format-icons = [ + "󰂃" + "󰁺" + "󰁻" + "󰁼" + "󰁽" + "󰁾" + "󰁾" + "󰁿" + "󰂀" + "󰂁" + "󰂂" + "󰁹" + ]; + }; + cpu = { + interval = 10; + format = " {}%"; + max-length = 10; + on-click = ""; + }; + memory = { + interval = 30; + format = " {}%"; + format-alt = " {used:0.1f}G"; + max-length = 10; + }; + + backlight = { + format = "{icon}"; + format-icons = [ + "󰋙" + "󰫃" + "󰫄" + "󰫅" + "󰫆" + "󰫇" + "󰫈" + ]; + on-scroll-up = "brightnessctl s 1%-"; + on-scroll-down = "brightnessctl s +1%"; + }; + tray = { + icon-size = 13; + tooltip = false; + spacing = 10; + }; + network = { + interval = 1; + format-wifi = "󰖩"; + format-ethernet = "󰈀"; + format-linked = "󰈁"; + format-disconnected = ""; + on-click-right = "${pkgs.networkmanagerapplet}/bin/nm-connection-editor"; + # tooltip-format = '' + # Network Details + # Interface: {ifname} + # IP: {ipaddr}/{cidr} + # Gateway: {gwaddr} + # 󰜷 {bandwidthUpBytes}\n󰜮 {bandwidthDownBytes}''; + tooltip-format = '' + Network Details + + Interface: {ifname} + SSID: {essid} + IP Address: {ipaddr}/{cidr} + Gateway: {gwaddr} + + 󰜷 {bandwidthUpBytes} / 󰜮 {bandwidthDownBytes} + ''; + + }; + clock = { + format = " {:%Y-%m-%d %H:%M:%S}"; + interval = 1; + tooltip-format = '' + {:%Y %B} + {calendar}''; + }; + pulseaudio = { + format = "{icon} {volume}%"; + tooltip = false; + format-muted = " Muted"; + on-click = "pamixer -t"; + on-scroll-up = "pamixer -i 5"; + on-scroll-down = "pamixer -d 5"; + scroll-step = 5; + format-icons = { + headphone = ""; + hands-free = ""; + headset = ""; + phone = ""; + portable = ""; + car = ""; + default = [ "" "" "" ]; + }; + }; + "pulseaudio#microphone" = { + format = "{format_source}"; + tooltip = false; + format-source = " {volume}%"; + format-source-muted = " Muted"; + on-click = "pamixer --default-source -t"; + on-scroll-up = "pamixer --default-source -i 5"; + on-scroll-down = "pamixer --default-source -d 5"; + scroll-step = 5; + }; + }]; + }; + + home.packages = with pkgs; [ + brightnessctl + hyprshot + wofi + wofi-emoji + ]; + + xdg.configFile = { + "wofi/config".source = ./config/wofi.conf; + "wofi/style.css".source = ./config/wofi-style.css; + "uwsp/env".text = '' + export XCURSOR_SIZE=64 + ''; + }; + }; +} diff --git a/modules/home/programs/terminal/aws/default.nix b/modules/home/programs/terminal/aws/default.nix new file mode 100755 index 0000000..ce22376 --- /dev/null +++ b/modules/home/programs/terminal/aws/default.nix @@ -0,0 +1,18 @@ +{ lib, pkgs, config, namespace, ... }: +let + inherit (lib) mkIf; + cfg = config.${namespace}.programs.terminal.aws; +in +{ + options.${namespace}.programs.terminal.aws = { + enable = lib.mkEnableOption "AWS"; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ + cw + awscli2 + ssm-session-manager-plugin + ]; + }; +} diff --git a/home-manager/btop/config/btop.conf b/modules/home/programs/terminal/btop/config/btop.conf old mode 100644 new mode 100755 similarity index 100% rename from home-manager/btop/config/btop.conf rename to modules/home/programs/terminal/btop/config/btop.conf diff --git a/home-manager/btop/config/catppuccin_mocha.theme b/modules/home/programs/terminal/btop/config/catppuccin_mocha.theme old mode 100644 new mode 100755 similarity index 100% rename from home-manager/btop/config/catppuccin_mocha.theme rename to modules/home/programs/terminal/btop/config/catppuccin_mocha.theme diff --git a/modules/home/programs/terminal/btop/default.nix b/modules/home/programs/terminal/btop/default.nix new file mode 100755 index 0000000..a43a5ec --- /dev/null +++ b/modules/home/programs/terminal/btop/default.nix @@ -0,0 +1,19 @@ +{ lib, config, namespace, ... }: +let + inherit (lib) mkIf; + cfg = config.${namespace}.programs.terminal.btop; +in +{ + options.${namespace}.programs.terminal.btop = { + enable = lib.mkEnableOption "btop"; + }; + + config = mkIf cfg.enable { + programs.btop.enable = true; + + home.file.".config/btop/btop.conf".text = + builtins.readFile ./config/btop.conf; + home.file.".config/btop/themes/catppuccin_mocha.theme".text = + builtins.readFile ./config/catppuccin_mocha.theme; + }; +} diff --git a/modules/home/programs/terminal/direnv/default.nix b/modules/home/programs/terminal/direnv/default.nix new file mode 100755 index 0000000..93ade8b --- /dev/null +++ b/modules/home/programs/terminal/direnv/default.nix @@ -0,0 +1,17 @@ +{ lib, config, namespace, ... }: +let + inherit (lib) mkIf; + cfg = config.${namespace}.programs.terminal.direnv; +in +{ + options.${namespace}.programs.terminal.direnv = { + enable = lib.mkEnableOption "direnv"; + }; + + config = mkIf cfg.enable { + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + }; +} diff --git a/home-manager/git/config/.gitignore b/modules/home/programs/terminal/git/config/.gitignore old mode 100644 new mode 100755 similarity index 100% rename from home-manager/git/config/.gitignore rename to modules/home/programs/terminal/git/config/.gitignore diff --git a/home-manager/git/config/personal b/modules/home/programs/terminal/git/config/personal old mode 100644 new mode 100755 similarity index 100% rename from home-manager/git/config/personal rename to modules/home/programs/terminal/git/config/personal diff --git a/home-manager/git/config/work b/modules/home/programs/terminal/git/config/work old mode 100644 new mode 100755 similarity index 100% rename from home-manager/git/config/work rename to modules/home/programs/terminal/git/config/work diff --git a/modules/home/programs/terminal/git/default.nix b/modules/home/programs/terminal/git/default.nix new file mode 100755 index 0000000..edac2e8 --- /dev/null +++ b/modules/home/programs/terminal/git/default.nix @@ -0,0 +1,98 @@ +{ pkgs, lib, config, namespace, ... }: +let + inherit (lib) mkIf; + cfg = config.${namespace}.programs.terminal.git; +in +{ + options.${namespace}.programs.terminal.git = { + enable = lib.mkEnableOption "Git"; + }; + + config = mkIf cfg.enable { + programs.git = { + enable = true; + userName = "Evan Reichard"; + aliases = { + lg = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all -n 15"; + }; + includes = [ + { + path = "~/.config/git/work"; + condition = "gitdir:~/Development/git/work/"; + } + { + path = "~/.config/git/personal"; + condition = "gitdir:~/Development/git/personal/"; + } + ]; + extraConfig = { + user = { + email = "evan@reichard.io"; + }; + core = { + autocrlf = "input"; + safecrlf = "true"; + excludesFile = "~/.config/git/.gitignore"; + }; + column = { + ui = "auto"; + }; + fetch = { + prune = true; + pruneTags = true; + all = true; + }; + help = { + autocorrect = true; + }; + diff = { + algorithm = "histogram"; + colorMoved = "plain"; + mnemonicPrefix = true; + renames = true; + }; + rebase = { + autoSquash = true; + autoStash = true; + updateRefs = true; + }; + rerere = { + enabled = true; + autoupdate = true; + }; + commit = { + verbose = true; + }; + branch = { + sort = "-committerdate"; + }; + merge = { + conflictstyle = "zdiff3"; + }; + push = { + autoSetupRemote = true; + }; + }; + }; + + programs.gh = { + enable = true; + settings = { + git_protocol = "ssh"; + }; + }; + + home.packages = with pkgs; [ + gitAndTools.gh + pre-commit + ]; + + # Copy Configuration + xdg.configFile = { + git = { + source = ./config; + recursive = true; + }; + }; + }; +} diff --git a/modules/home/programs/terminal/k9s/default.nix b/modules/home/programs/terminal/k9s/default.nix new file mode 100755 index 0000000..f167e28 --- /dev/null +++ b/modules/home/programs/terminal/k9s/default.nix @@ -0,0 +1,19 @@ +{ lib, pkgs, config, namespace, ... }: +let + inherit (lib) mkIf; + cfg = config.${namespace}.programs.terminal.k9s; +in +{ + options.${namespace}.programs.terminal.k9s = { + enable = lib.mkEnableOption "k9s"; + }; + + config = mkIf cfg.enable { + programs.k9s.enable = true; + + home.packages = with pkgs; [ + kubectl + kubernetes-helm + ]; + }; +} diff --git a/home-manager/nvim/config/lua/.luarc.json b/modules/home/programs/terminal/nvim/config/lua/.luarc.json old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/.luarc.json rename to modules/home/programs/terminal/nvim/config/lua/.luarc.json diff --git a/home-manager/nvim/config/lua/aerial-config.lua b/modules/home/programs/terminal/nvim/config/lua/aerial-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/aerial-config.lua rename to modules/home/programs/terminal/nvim/config/lua/aerial-config.lua diff --git a/home-manager/nvim/config/lua/autopairs-config.lua b/modules/home/programs/terminal/nvim/config/lua/autopairs-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/autopairs-config.lua rename to modules/home/programs/terminal/nvim/config/lua/autopairs-config.lua diff --git a/modules/home/programs/terminal/nvim/config/lua/base.lua b/modules/home/programs/terminal/nvim/config/lua/base.lua new file mode 100755 index 0000000..cfd6dac --- /dev/null +++ b/modules/home/programs/terminal/nvim/config/lua/base.lua @@ -0,0 +1,69 @@ +-- Set Theme +-- vim.g.nord_borders = true +-- vim.g.nord_contrast = true +-- vim.cmd('colorscheme nord') +-- vim.cmd('colorscheme melange') +vim.cmd("colorscheme catppuccin-mocha") + +-- Set Leader +vim.keymap.set("n", "", "", { silent = true }) +vim.g.mapleader = " " + +-- Set Timeout +vim.opt.timeoutlen = 250 + +-- Disable NetRW +vim.g.loaded_netrw = 1 +vim.g.loaded_netrwPlugin = 1 + +-- Set Term Colors +vim.opt.termguicolors = true + +-- Synchronize with system clipboard +vim.opt.clipboard = "unnamed" + +-- Always show the signcolumn +vim.opt.signcolumn = "yes" + +-- Set nowrap, line numbers, hightlight search +vim.opt.wrap = false +vim.opt.nu = true +vim.opt.hlsearch = true +vim.opt.shiftwidth = 2 + +-- Set fold settings +vim.opt.foldmethod = "indent" +vim.opt.foldnestmax = 10 +vim.opt.foldlevel = 2 + +-- Diagnostics Mappings +local diagnostics_active = true +local toggle_diagnostics = function() + diagnostics_active = not diagnostics_active + if diagnostics_active then + vim.diagnostic.enable() + else + vim.diagnostic.disable() + end +end + +local diagnostics_loclist_active = false +local toggle_diagnostics_loclist = function() + diagnostics_loclist_active = not diagnostics_loclist_active + if diagnostics_loclist_active then + vim.diagnostic.setloclist() + else + vim.cmd("lclose") + end +end + +local opts = { noremap = true, silent = true } +vim.keymap.set("n", "qt", toggle_diagnostics, opts) +vim.keymap.set("n", "qN", function() + vim.diagnostic.goto_prev({ float = false }) +end, opts) +vim.keymap.set("n", "qn", function() + vim.diagnostic.goto_next({ float = false }) +end, opts) +vim.keymap.set("n", "qq", toggle_diagnostics_loclist, opts) +vim.keymap.set("n", "qe", vim.diagnostic.open_float, opts) diff --git a/home-manager/nvim/config/lua/cmp-config.lua b/modules/home/programs/terminal/nvim/config/lua/cmp-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/cmp-config.lua rename to modules/home/programs/terminal/nvim/config/lua/cmp-config.lua diff --git a/home-manager/nvim/config/lua/comment-config.lua b/modules/home/programs/terminal/nvim/config/lua/comment-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/comment-config.lua rename to modules/home/programs/terminal/nvim/config/lua/comment-config.lua diff --git a/home-manager/nvim/config/lua/dap-config.lua b/modules/home/programs/terminal/nvim/config/lua/dap-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/dap-config.lua rename to modules/home/programs/terminal/nvim/config/lua/dap-config.lua diff --git a/home-manager/nvim/config/lua/diffview-config.lua b/modules/home/programs/terminal/nvim/config/lua/diffview-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/diffview-config.lua rename to modules/home/programs/terminal/nvim/config/lua/diffview-config.lua diff --git a/home-manager/nvim/config/lua/git-ref.lua b/modules/home/programs/terminal/nvim/config/lua/git-ref.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/git-ref.lua rename to modules/home/programs/terminal/nvim/config/lua/git-ref.lua diff --git a/home-manager/nvim/config/lua/git-signs.lua b/modules/home/programs/terminal/nvim/config/lua/git-signs.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/git-signs.lua rename to modules/home/programs/terminal/nvim/config/lua/git-signs.lua diff --git a/home-manager/nvim/config/lua/init.lua b/modules/home/programs/terminal/nvim/config/lua/init.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/init.lua rename to modules/home/programs/terminal/nvim/config/lua/init.lua diff --git a/home-manager/nvim/config/lua/leap-config.lua b/modules/home/programs/terminal/nvim/config/lua/leap-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/leap-config.lua rename to modules/home/programs/terminal/nvim/config/lua/leap-config.lua diff --git a/home-manager/nvim/config/lua/llm.lua b/modules/home/programs/terminal/nvim/config/lua/llm.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/llm.lua rename to modules/home/programs/terminal/nvim/config/lua/llm.lua diff --git a/home-manager/nvim/config/lua/lsp-config.lua b/modules/home/programs/terminal/nvim/config/lua/lsp-config.lua old mode 100644 new mode 100755 similarity index 99% rename from home-manager/nvim/config/lua/lsp-config.lua rename to modules/home/programs/terminal/nvim/config/lua/lsp-config.lua index 87ca89e..de69a50 --- a/home-manager/nvim/config/lua/lsp-config.lua +++ b/modules/home/programs/terminal/nvim/config/lua/lsp-config.lua @@ -174,8 +174,9 @@ nvim_lsp.golangci_lint_ls.setup({ command = { "golangci-lint", "run", - "--out-format", - "json", + "--output.json.path", + "stdout", + "--show-stats=false", "--issues-exit-code=1", }, }, diff --git a/home-manager/nvim/config/lua/lsp-lines-config.lua b/modules/home/programs/terminal/nvim/config/lua/lsp-lines-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/lsp-lines-config.lua rename to modules/home/programs/terminal/nvim/config/lua/lsp-lines-config.lua diff --git a/home-manager/nvim/config/lua/lualine-config.lua b/modules/home/programs/terminal/nvim/config/lua/lualine-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/lualine-config.lua rename to modules/home/programs/terminal/nvim/config/lua/lualine-config.lua diff --git a/home-manager/nvim/config/lua/neotree-config.lua b/modules/home/programs/terminal/nvim/config/lua/neotree-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/neotree-config.lua rename to modules/home/programs/terminal/nvim/config/lua/neotree-config.lua diff --git a/home-manager/nvim/config/lua/noice-config.lua b/modules/home/programs/terminal/nvim/config/lua/noice-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/noice-config.lua rename to modules/home/programs/terminal/nvim/config/lua/noice-config.lua diff --git a/home-manager/nvim/config/lua/numb-config.lua b/modules/home/programs/terminal/nvim/config/lua/numb-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/numb-config.lua rename to modules/home/programs/terminal/nvim/config/lua/numb-config.lua diff --git a/home-manager/nvim/config/lua/silicon-config.lua b/modules/home/programs/terminal/nvim/config/lua/silicon-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/silicon-config.lua rename to modules/home/programs/terminal/nvim/config/lua/silicon-config.lua diff --git a/home-manager/nvim/config/lua/telescope-config.lua b/modules/home/programs/terminal/nvim/config/lua/telescope-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/telescope-config.lua rename to modules/home/programs/terminal/nvim/config/lua/telescope-config.lua diff --git a/home-manager/nvim/config/lua/toggleterm-config.lua b/modules/home/programs/terminal/nvim/config/lua/toggleterm-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/toggleterm-config.lua rename to modules/home/programs/terminal/nvim/config/lua/toggleterm-config.lua diff --git a/home-manager/nvim/config/lua/ts-config.lua b/modules/home/programs/terminal/nvim/config/lua/ts-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/ts-config.lua rename to modules/home/programs/terminal/nvim/config/lua/ts-config.lua diff --git a/home-manager/nvim/config/lua/weird-chars.lua b/modules/home/programs/terminal/nvim/config/lua/weird-chars.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/weird-chars.lua rename to modules/home/programs/terminal/nvim/config/lua/weird-chars.lua diff --git a/home-manager/nvim/config/lua/which-key-config.lua b/modules/home/programs/terminal/nvim/config/lua/which-key-config.lua old mode 100644 new mode 100755 similarity index 100% rename from home-manager/nvim/config/lua/which-key-config.lua rename to modules/home/programs/terminal/nvim/config/lua/which-key-config.lua diff --git a/modules/home/programs/terminal/nvim/default.nix b/modules/home/programs/terminal/nvim/default.nix new file mode 100755 index 0000000..5ed0934 --- /dev/null +++ b/modules/home/programs/terminal/nvim/default.nix @@ -0,0 +1,204 @@ +{ pkgs, lib, config, namespace, ... }: +let + inherit (lib) mkIf; + cfg = config.${namespace}.programs.terminal.nvim; +in +{ + options.${namespace}.programs.terminal.nvim = { + enable = lib.mkEnableOption "NeoVim"; + }; + + config = mkIf cfg.enable { + programs.neovim = { + enable = true; + viAlias = true; + vimAlias = true; + withNodeJs = true; + withPython3 = true; + + plugins = with pkgs.vimPlugins; [ + # ------------------ + # --- Completion --- + # ------------------ + cmp-buffer # Buffer Word Completion + cmp-cmdline # Command Line Completion + cmp-nvim-lsp # Main LSP + cmp-path # Path Completion + cmp_luasnip # Snippets Completion + friendly-snippets # Snippets + lsp_lines-nvim # Inline Diagnostics + luasnip # Snippets + nvim-cmp # Completions + nvim-lspconfig # LSP Config + + # ------------------- + # ----- Helpers ----- + # ------------------- + aerial-nvim # Code Outline + comment-nvim # Code Comments + diffview-nvim # Diff View + gitsigns-nvim # Git Blame + leap-nvim # Quick Movement + markdown-preview-nvim # Markdown Preview + neo-tree-nvim # File Explorer + none-ls-nvim # Formatters + numb-nvim # Peek / Jump to Lines + nvim-autopairs # Automatically Close Pairs (),[],{} + telescope-fzf-native-nvim # Faster Telescope + telescope-nvim # Fuzzy Finder + telescope-ui-select-nvim # UI + toggleterm-nvim # Terminal Helper + vim-nix # Nix Helpers + which-key-nvim # Shortcut Helper + + # ------------------ + # --- Theme / UI --- + # ------------------ + lualine-nvim # Bottom Line + noice-nvim # UI Tweaks + # nord-nvim # Theme + # melange-nvim # Theme + catppuccin-nvim # Theme + nvim-notify # Noice Dependency + nvim-web-devicons # Dev Icons + + # ------------------ + # --- Treesitter --- + # ------------------ + nvim-treesitter-context + nvim-treesitter.withAllGrammars + + # ------------------- + # ------- DAP ------- + # ------------------- + nvim-dap + nvim-dap-go + nvim-dap-ui + + # -------------------- + # -- NONE-LS EXTRAS -- + # -------------------- + ( + pkgs.vimUtils.buildVimPlugin { + pname = "none-ls-extras.nvim"; + version = "2024-06-11"; + src = pkgs.fetchFromGitHub { + owner = "nvimtools"; + repo = "none-ls-extras.nvim"; + rev = "336e84b9e43c0effb735b08798ffac382920053b"; + sha256 = "sha256-UtU4oWSRTKdEoMz3w8Pk95sROuo3LEwxSDAm169wxwk="; + }; + meta.homepage = "https://github.com/nvimtools/none-ls-extras.nvim/"; + } + ) + + # ------------------- + # ----- Silicon ----- + # ------------------- + ( + pkgs.vimUtils.buildVimPlugin { + pname = "silicon.lua"; + version = "2022-12-03"; + src = pkgs.fetchFromGitHub { + owner = "mhanberg"; + repo = "silicon.lua"; + rev = "5ca462bee0a39b058786bc7fbeb5d16ea49f3a23"; + sha256 = "0vlp645d5mmii513v72jca931miyrhkvhwb9bfzhix1199zx7vi2"; + }; + meta.homepage = "https://github.com/mhanberg/silicon.lua/"; + } + ) + + # ------------------- + # ------- LLM ------- + # ------------------- + ( + pkgs.vimUtils.buildVimPlugin { + pname = "llm.nvim"; + version = "2024-05-25"; + src = pkgs.fetchFromGitHub { + owner = "David-Kunz"; + repo = "gen.nvim"; + rev = "bd19cf584b5b82123de977b44105e855e61e5f39"; + sha256 = "sha256-0AEB6im8Jz5foYzmL6KEGSAYo48g1bkFpjlCSWT6JeE="; + }; + meta.homepage = "https://github.com/David-Kunz/gen.nvim/"; + } + ) + + # ------------------- + # ---- LLAMA.VIM ---- + # ------------------- + ( + pkgs.vimUtils.buildVimPlugin { + pname = "llama.vim"; + version = "2025-01-23"; + src = pkgs.fetchFromGitHub { + owner = "ggml-org"; + repo = "llama.vim"; + rev = "143fe910b8d47a054ed464c38d8b7c17d5354468"; + sha256 = "sha256-PW0HKzhSxcZiWzpDOuy98rl/X0o2nE7tMjZjwwh0qLE="; + }; + meta.homepage = "https://github.com/ggml-org/llama.vim/"; + } + ) + + ]; + + extraPackages = with pkgs; [ + # Telescope Dependencies + fd + ripgrep + tree-sitter + + # LSP Dependencies + go + golangci-lint + golangci-lint-langserver + gopls + lua-language-server + nil + nodePackages.eslint + nodePackages.svelte-language-server + nodePackages.typescript + nodePackages.typescript-language-server + nodePackages.vscode-langservers-extracted + pyright + eslint_d + + # Formatters + luaformatter + nixpkgs-fmt + nodePackages.prettier + sqlfluff + stylua + + # Silicon + silicon + ]; + + extraConfig = ":luafile ~/.config/nvim/lua/init.lua"; + }; + + xdg.configFile = { + # Copy Configuration + nvim = { + source = ./config; + recursive = true; + }; + + # Generate Nix Vars + "nvim/lua/nix-vars.lua".text = '' + local nix_vars = { + gopls = "${pkgs.gopls}/bin/gopls", + luals = "${pkgs.lua-language-server}/bin/lua-language-server", + sveltels = "${pkgs.nodePackages.svelte-language-server}/bin/svelteserver", + tsls = "${pkgs.nodePackages.typescript-language-server}/bin/typescript-language-server", + golintls = "${pkgs.golangci-lint-langserver}/bin/golangci-lint-langserver", + vscls = "${pkgs.nodePackages.vscode-langservers-extracted}", + } + return nix_vars + ''; + }; + }; +} diff --git a/modules/home/services/fusuma/default.nix b/modules/home/services/fusuma/default.nix new file mode 100644 index 0000000..51ef931 --- /dev/null +++ b/modules/home/services/fusuma/default.nix @@ -0,0 +1,35 @@ +{ config, pkgs, lib, namespace, ... }: +let + cfg = config.${namespace}.services.fusuma; +in +{ + options.${namespace}.services.fusuma = { + enable = lib.mkEnableOption "Fusuma"; + }; + + config = lib.mkIf cfg.enable { + services.fusuma = { + enable = true; + extraPackages = with pkgs; [ ydotool deterministic-uname uutils-coreutils-noprefix ]; + settings = { + swipe = { + "3" = { + begin = { + command = "ydotool click 40"; + interval = 0.00; + }; + update = { + command = "ydotool mousemove -- $move_x, $move_y"; + interval = 0.01; + accel = 1.00; + # accel = 1.70; + }; + end = { + command = "ydotool click 80"; + }; + }; + }; + }; + }; + }; +} diff --git a/modules/home/services/sops/default.nix b/modules/home/services/sops/default.nix new file mode 100644 index 0000000..4b4b12b --- /dev/null +++ b/modules/home/services/sops/default.nix @@ -0,0 +1,41 @@ +{ config, lib, namespace, pkgs, ... }: +let + inherit (lib) mkIf types; + inherit (lib.${namespace}) mkOpt; + + cfg = config.${namespace}.services.sops; +in +{ + options.${namespace}.services.sops = with types; { + enable = lib.mkEnableOption "sops"; + defaultSopsFile = mkOpt path null "Default sops file."; + sshKeyPaths = mkOpt (listOf path) [ ] "SSH Key paths to use."; + }; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ + age + sops + ssh-to-age + ]; + + sops = { + inherit (cfg) defaultSopsFile; + defaultSopsFormat = "yaml"; + + age = { + generateKey = true; + keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt"; + sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ] ++ cfg.sshKeyPaths; + }; + + # TODO + # secrets = { + # nix = { + # sopsFile = lib.snowfall.fs.get-file "secrets/default.yaml"; + # path = "${config.home.homeDirectory}/.config/nix/nix.conf"; + # }; + # }; + }; + }; +} diff --git a/modules/home/services/ssh-agent/default.nix b/modules/home/services/ssh-agent/default.nix new file mode 100644 index 0000000..7957968 --- /dev/null +++ b/modules/home/services/ssh-agent/default.nix @@ -0,0 +1,15 @@ +{ config, lib, namespace, ... }: +let + cfg = config.${namespace}.services.ssh-agent; +in +{ + options.${namespace}.services.ssh-agent = { + enable = lib.mkEnableOption "ssh-agent service"; + }; + + config = lib.mkIf cfg.enable { + services.ssh-agent = { + enable = true; + }; + }; +} diff --git a/modules/home/services/swww/default.nix b/modules/home/services/swww/default.nix new file mode 100644 index 0000000..5c0a075 --- /dev/null +++ b/modules/home/services/swww/default.nix @@ -0,0 +1,73 @@ +{ config, lib, pkgs, namespace, ... }: +let + cfg = config.${namespace}.services.swww; +in +{ + options.${namespace}.services.swww = { + enable = lib.mkEnableOption "swww wallpaper service"; + }; + + config = lib.mkIf cfg.enable { + home.packages = with pkgs; [ + swww + ]; + + systemd.user = { + services = { + swww-daemon = { + Unit = { + Description = "SWWW Wallpaper Daemon"; + After = [ "graphical-session.target" ]; + }; + + Install = { + WantedBy = [ "graphical-session.target" ]; + }; + + Service = { + Type = "simple"; + ExecStart = "${pkgs.swww}/bin/swww-daemon"; + Restart = "on-failure"; + RestartSec = 5; + }; + }; + + change-wallpaper = { + Unit = { + Description = "SWWW Wallpaper Changer"; + After = [ "swww-daemon.service" ]; + Requires = [ "swww-daemon.service" ]; + }; + + Install = { + WantedBy = [ "swww-daemon.service" ]; + }; + + Service = { + Type = "oneshot"; + ExecStart = "${pkgs.writeShellScript "change-wallpaper-script" '' + WALLPAPER=$(${pkgs.findutils}/bin/find $HOME/Wallpapers -type f | ${pkgs.coreutils}/bin/shuf -n 1) + ${pkgs.swww}/bin/swww img "$WALLPAPER" --transition-type random + ''}"; + }; + }; + }; + + timers.swww-schedule = { + Unit = { + Description = "SWWW Wallpaper Schedule"; + }; + + Install = { + WantedBy = [ "timers.target" ]; + }; + + Timer = { + OnBootSec = "1min"; + OnUnitActiveSec = "1h"; + Unit = "change-wallpaper.service"; + }; + }; + }; + }; +} diff --git a/modules/home/user/default.nix b/modules/home/user/default.nix new file mode 100644 index 0000000..ae02644 --- /dev/null +++ b/modules/home/user/default.nix @@ -0,0 +1,52 @@ +{ config, lib, pkgs, namespace, ... }: +let + inherit (lib) + types + mkIf + mkDefault + mkMerge + mkEnableOption + ; + inherit (lib.${namespace}) mkOpt; + + cfg = config.${namespace}.user; + + home-directory = + if cfg.name == null then + null + else if pkgs.stdenv.hostPlatform.isDarwin then + "/Users/${cfg.name}" + else + "/home/${cfg.name}"; +in +{ + options.${namespace}.user = { + enable = mkEnableOption "Whether to configure the user account."; + email = mkOpt types.str "evan@reichard.io" "The email of the user."; + fullName = mkOpt types.str "Evan Reichard" "The full name of the user."; + home = mkOpt (types.nullOr types.str) home-directory "The user's home directory."; + name = mkOpt (types.nullOr types.str) config.snowfallorg.user.name "The user account."; + }; + + config = mkIf cfg.enable (mkMerge [ + { + assertions = [ + { + assertion = cfg.name != null; + message = "${namespace}.user.name must be set"; + } + { + assertion = cfg.home != null; + message = "${namespace}.user.home must be set"; + } + ]; + + home = { + homeDirectory = mkDefault cfg.home; + username = mkDefault cfg.name; + }; + + programs.home-manager.enable = true; + } + ]); +} diff --git a/modules/nixos/display-managers/sddm/default.nix b/modules/nixos/display-managers/sddm/default.nix new file mode 100644 index 0000000..6ad3d9f --- /dev/null +++ b/modules/nixos/display-managers/sddm/default.nix @@ -0,0 +1,33 @@ +{ config, lib, pkgs, namespace, ... }: +let + inherit (lib) mkIf; + + cfg = config.${namespace}.display-managers.sddm; +in +{ + options.${namespace}.display-managers.sddm = { + enable = lib.mkEnableOption "sddm"; + }; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + catppuccin-sddm + ]; + + services = { + displayManager = { + sddm = { + inherit (cfg) enable; + package = pkgs.kdePackages.sddm; + theme = "catppuccin-mocha"; + wayland.enable = true; + }; + }; + }; + + environment.sessionVariables = { + QT_SCREEN_SCALE_FACTORS = "2"; + QT_FONT_DPI = "192"; + }; + }; +} diff --git a/modules/nixos/hardware/asahi/default.nix b/modules/nixos/hardware/asahi/default.nix new file mode 100644 index 0000000..51f783a --- /dev/null +++ b/modules/nixos/hardware/asahi/default.nix @@ -0,0 +1,27 @@ +{ config, lib, inputs, namespace, ... }: +let + inherit (lib) types optionalAttrs; + inherit (lib.${namespace}) mkOpt mkBoolOpt; + + cfg = config.${namespace}.hardware.asahi; +in +{ + imports = [ + inputs.apple-silicon.nixosModules.default + ]; + + options.${namespace}.hardware.asahi = { + enable = lib.mkEnableOption "support for asahi linux"; + enableGPU = mkBoolOpt false "enable gpu driver"; + firmwareDirectory = mkOpt types.path null "firmware directory"; + }; + + config = { + hardware.asahi = { + enable = cfg.enable; + } // optionalAttrs cfg.enable { + peripheralFirmwareDirectory = cfg.firmwareDirectory; + useExperimentalGPUDriver = cfg.enableGPU; + }; + }; +} diff --git a/modules/nixos/hardware/opengl/default.nix b/modules/nixos/hardware/opengl/default.nix new file mode 100644 index 0000000..75e6833 --- /dev/null +++ b/modules/nixos/hardware/opengl/default.nix @@ -0,0 +1,44 @@ +{ config, lib, pkgs, namespace, ... }: +let + inherit (lib) mkIf; + inherit (lib.${namespace}) mkBoolOpt; + + cfg = config.${namespace}.hardware.opengl; +in +{ + options.${namespace}.hardware.opengl = { + enable = lib.mkEnableOption "support for opengl"; + enable32Bit = mkBoolOpt false "enable 32-bit"; + enableIntel = mkBoolOpt false "support for intel"; + enableNvidia = mkBoolOpt false "support for nvidia"; + }; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + libva-utils + vdpauinfo + ] ++ lib.optionals cfg.enableNvidia [ + nvtopPackages.full + ] ++ lib.optionals cfg.enableIntel [ + intel-gpu-tools + ]; + + # Add Intel Arc / Nvidia Drivers + hardware.enableRedistributableFirmware = cfg.enableIntel; + hardware.graphics = { + enable = true; + enable32Bit = cfg.enable32Bit; + + extraPackages = with pkgs; + lib.optionals cfg.enableIntel [ + libvdpau-va-gl + intel-vaapi-driver + intel-media-driver + intel-compute-runtime + intel-ocl + ] ++ lib.optionals cfg.enableNvidia [ + cudatoolkit + ]; + }; + }; +} diff --git a/modules/nixos/nix/default.nix b/modules/nixos/nix/default.nix new file mode 100644 index 0000000..9c14304 --- /dev/null +++ b/modules/nixos/nix/default.nix @@ -0,0 +1,102 @@ +{ config, lib, pkgs, inputs, namespace, host, ... }: +let + inherit (lib) types mkIf; + inherit (lib.${namespace}) mkBoolOpt mkOpt; + + cfg = config.${namespace}.nix; +in +{ + options.${namespace}.nix = { + enable = mkBoolOpt true "Whether or not to manage nix configuration."; + package = mkOpt types.package pkgs.nixVersions.latest "Which nix package to use."; + }; + + config = mkIf cfg.enable { + nix = + let + mappedRegistry = lib.pipe inputs [ + (lib.filterAttrs (_: lib.isType "flake")) + (lib.mapAttrs (_: flake: { inherit flake; })) + (x: x // { + nixpkgs.flake = if pkgs.stdenv.hostPlatform.isLinux then inputs.nixpkgs else inputs.nixpkgs-unstable; + }) + (x: if pkgs.stdenv.hostPlatform.isDarwin then lib.removeAttrs x [ "nixpkgs-unstable" ] else x) + ]; + users = [ + "root" + "@wheel" + "nix-builder" + "evanreichard" + ]; + in + { + inherit (cfg) package; + + buildMachines = lib.optional (config.${namespace}.security.sops.enable && host != "nixos-builder") { + hostName = "10.0.50.130"; + systems = [ "x86_64-linux" ]; + sshUser = "evanreichard"; + protocol = "ssh"; + sshKey = config.sops.secrets.builder_ssh_key.path; + supportedFeatures = [ + "benchmark" + "big-parallel" + "nixos-test" + "kvm" + ]; + }; + + checkConfig = true; + distributedBuilds = true; + optimise.automatic = true; + registry = mappedRegistry; + + gc = { + automatic = true; + options = "--delete-older-than 7d"; + }; + + settings = { + connect-timeout = 5; + allowed-users = users; + max-jobs = "auto"; + auto-optimise-store = pkgs.stdenv.hostPlatform.isLinux; + builders-use-substitutes = true; + experimental-features = [ + "nix-command" + "flakes " + ]; + flake-registry = "/etc/nix/registry.json"; + http-connections = 50; + keep-derivations = true; + keep-going = true; + keep-outputs = true; + log-lines = 50; + sandbox = true; + trusted-users = users; + warn-dirty = false; + use-xdg-base-directories = true; + + substituters = [ + "https://anyrun.cachix.org" + "https://cache.nixos.org" + "https://hyprland.cachix.org" + "https://nix-community.cachix.org" + "https://nixpkgs-unfree.cachix.org" + "https://nixpkgs-wayland.cachix.org" + "https://numtide.cachix.org" + ]; + + trusted-public-keys = [ + "anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s=" + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs=" + "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA=" + "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE=" + ]; + }; + }; + }; +} diff --git a/modules/nixos/programs/graphical/wms/hyprland/default.nix b/modules/nixos/programs/graphical/wms/hyprland/default.nix new file mode 100644 index 0000000..8020f27 --- /dev/null +++ b/modules/nixos/programs/graphical/wms/hyprland/default.nix @@ -0,0 +1,28 @@ +{ config, lib, namespace, ... }: +let + inherit (lib) mkIf; + + cfg = config.${namespace}.programs.graphical.wms.hyprland; +in +{ + options.${namespace}.programs.graphical.wms.hyprland = { + enable = lib.mkEnableOption "Hyprland"; + }; + + config = mkIf cfg.enable { + programs = { + hyprland = { + enable = true; + withUWSM = true; + }; + }; + + reichard = { + display-managers = { + sddm = { + enable = true; + }; + }; + }; + }; +} diff --git a/modules/nixos/security/sops/default.nix b/modules/nixos/security/sops/default.nix new file mode 100644 index 0000000..adfcfe5 --- /dev/null +++ b/modules/nixos/security/sops/default.nix @@ -0,0 +1,31 @@ +{ config, lib, namespace, ... }: +let + inherit (lib.${namespace}) mkOpt; + + cfg = config.${namespace}.security.sops; +in +{ + options.${namespace}.security.sops = { + enable = lib.mkEnableOption "sops"; + defaultSopsFile = mkOpt lib.types.path null "Default sops file."; + sshKeyPaths = mkOpt (with lib.types; listOf path) [ + # "/etc/ssh/ssh_host_ed25519_key" + ] "SSH Key paths to use."; + }; + + config = lib.mkIf cfg.enable { + sops = { + inherit (cfg) defaultSopsFile; + + age = { + inherit (cfg) sshKeyPaths; + + keyFile = "${config.users.users.${config.${namespace}.user.name}.home}/.config/sops/age/keys.txt"; + }; + }; + + sops.secrets.builder_ssh_key = { + sopsFile = lib.snowfall.fs.get-file "secrets/default.yaml"; + }; + }; +} diff --git a/modules/nixos/services/avahi/default.nix b/modules/nixos/services/avahi/default.nix new file mode 100644 index 0000000..6ec05ba --- /dev/null +++ b/modules/nixos/services/avahi/default.nix @@ -0,0 +1,33 @@ +{ config, lib, namespace, ... }: +let + inherit (lib) mkIf; + + cfg = config.${namespace}.services.avahi; +in +{ + options.${namespace}.services.avahi = { + enable = lib.mkEnableOption "Avahi"; + }; + + config = mkIf cfg.enable { + services.avahi = { + enable = true; + nssmdns4 = true; + openFirewall = true; + publish = { + enable = true; + addresses = true; + domain = true; + hinfo = true; + userServices = true; + workstation = true; + }; + }; + + # Cloud Init + systemd.services.avahi-daemon = mkIf config.${namespace}.services.cloud-init.enable { + after = [ "cloud-final.service" ]; + requires = [ "cloud-final.service" ]; + }; + }; +} diff --git a/modules/nixos/services/cloud-init/default.nix b/modules/nixos/services/cloud-init/default.nix new file mode 100644 index 0000000..affb66a --- /dev/null +++ b/modules/nixos/services/cloud-init/default.nix @@ -0,0 +1,27 @@ +{ config, lib, namespace, ... }: +let + inherit (lib) mkIf; + + cfg = config.${namespace}.services.cloud-init; +in +{ + options.${namespace}.services.cloud-init = { + enable = lib.mkEnableOption "Enable Cloud-Init"; + }; + + config = mkIf cfg.enable { + services.cloud-init = { + enable = true; + network.enable = true; + settings = { + datasource_list = [ "NoCloud" ]; + preserve_hostname = false; + system_info = { + distro = "nixos"; + network.renderers = [ "networkd" ]; + }; + }; + }; + networking.hostName = lib.mkForce ""; + }; +} diff --git a/modules/nixos/services/openiscsi/default.nix b/modules/nixos/services/openiscsi/default.nix new file mode 100644 index 0000000..72214a1 --- /dev/null +++ b/modules/nixos/services/openiscsi/default.nix @@ -0,0 +1,57 @@ +{ config, pkgs, lib, namespace, host, ... }: +let + inherit (lib) types mkIf; + inherit (lib.${namespace}) mkOpt mkBoolOpt; + + cfg = config.${namespace}.services.openiscsi; + cloudInitEnabled = config.${namespace}.services.cloud-init.enable; +in +{ + options.${namespace}.services.openiscsi = { + enable = lib.mkEnableOption "Open iSCSI support"; + name = mkOpt types.str "iqn.2025.reichard.io:${host}" "iSCSI name"; + symlink = mkBoolOpt false "Create a symlink to the iSCSI binaries"; + }; + + config = mkIf cfg.enable { + boot.kernelModules = [ "iscsi_tcp" "libiscsi" "scsi_transport_iscsi" ]; + + services.openiscsi = { + enable = true; + name = cfg.name; + }; + + environment.systemPackages = with pkgs; [ + openiscsi + ]; + + # Predominately used for RKE2 & Democratic CSI + system.activationScripts.iscsi-symlink = mkIf cfg.symlink '' + mkdir -p /usr/bin + ln -sf ${pkgs.openiscsi}/bin/iscsiadm /usr/bin/iscsiadm + ln -sf ${pkgs.openiscsi}/bin/iscsid /usr/bin/iscsid + ''; + + # Cloud Init Compatibility + environment.etc."iscsi/initiatorname.iscsi".enable = mkIf cloudInitEnabled false; + systemd.services.iscsi-initiator-setup = mkIf cloudInitEnabled { + description = "Setup iSCSI Initiator Name"; + requires = [ "cloud-final.service" ]; + before = [ "iscsid.service" ]; + after = [ "cloud-final.service" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + + path = [ pkgs.hostname pkgs.util-linux ]; + script = '' + mkdir -p /run/iscsi + echo "InitiatorName=iqn.2025.org.nixos:$(hostname)" > /run/iscsi/initiatorname.iscsi + mount --bind /run/iscsi/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi + ''; + }; + }; +} diff --git a/modules/nixos/services/openssh/default.nix b/modules/nixos/services/openssh/default.nix new file mode 100644 index 0000000..fa8f508 --- /dev/null +++ b/modules/nixos/services/openssh/default.nix @@ -0,0 +1,78 @@ +{ config, lib, namespace, ... }: +let + inherit (lib) + types + mkDefault + mkIf + ; + inherit (lib.${namespace}) mkOpt; + + cfg = config.${namespace}.services.openssh; + + authorizedKeys = [ + # evanreichard@lin-va-mbp-personal + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" + ]; +in +{ + options.${namespace}.services.openssh = with types; { + enable = lib.mkEnableOption "OpenSSH support"; + authorizedKeys = mkOpt (listOf str) authorizedKeys "The public keys to apply."; + extraConfig = mkOpt str "" "Extra configuration to apply."; + }; + + config = mkIf cfg.enable { + services.openssh = { + enable = true; + + hostKeys = mkDefault [ + { + bits = 4096; + path = "/etc/ssh/ssh_host_ed25519_key"; + type = "ed25519"; + } + ]; + + openFirewall = true; + ports = [ 22 ]; + + settings = { + AuthenticationMethods = "publickey"; + ChallengeResponseAuthentication = "no"; + PasswordAuthentication = false; + PermitRootLogin = "prohibit-password"; + PubkeyAuthentication = "yes"; + StreamLocalBindUnlink = "yes"; + UseDns = false; + UsePAM = true; + X11Forwarding = false; + + KexAlgorithms = [ + "curve25519-sha256" + "curve25519-sha256@libssh.org" + "diffie-hellman-group16-sha512" + "diffie-hellman-group18-sha512" + "diffie-hellman-group-exchange-sha256" + "sntrup761x25519-sha512@openssh.com" + ]; + + Macs = [ + "hmac-sha2-512-etm@openssh.com" + "hmac-sha2-256-etm@openssh.com" + "umac-128-etm@openssh.com" + ]; + }; + + startWhenNeeded = true; + }; + + programs.ssh = { + startAgent = lib.mkDefault true; + inherit (cfg) extraConfig; + }; + + reichard = { + user.extraOptions.openssh.authorizedKeys.keys = cfg.authorizedKeys; + }; + }; +} diff --git a/modules/nixos/services/rke2/default.nix b/modules/nixos/services/rke2/default.nix new file mode 100644 index 0000000..30e9e6b --- /dev/null +++ b/modules/nixos/services/rke2/default.nix @@ -0,0 +1,53 @@ +{ config, pkgs, lib, namespace, ... }: +let + inherit (lib) types mkIf; + inherit (lib.${namespace}) mkOpt mkBoolOpt; + + cfg = config.${namespace}.services.rke2; +in +{ + options.${namespace}.services.rke2 = with types; { + enable = lib.mkEnableOption "Enable RKE2"; + disable = mkOpt (listOf str) [ ] "Disable services"; + openFirewall = mkBoolOpt true "Open firewall"; + }; + + config = mkIf cfg.enable { + services.rke2 = { + enable = true; + disable = cfg.disable; + }; + + networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ + # RKE2 Ports - https://docs.rke2.io/install/requirements#networking + 6443 # Kubernetes API + 9345 # RKE2 supervisor API + 2379 # etcd Client Port + 2380 # etcd Peer Port + 2381 # etcd Metrics Port + 10250 # kubelet metrics + 9099 # Canal CNI health checks + + # MetalLB + 7946 # memberlist + ]; + + environment.systemPackages = with pkgs; [ nfs-utils ]; + + networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [ + # RKE2 Ports - https://docs.rke2.io/install/requirements#networking + 8472 # Canal CNI with VXLAN + # 51820 # Canal CNI with WireGuard IPv4 (if using encryption) + # 51821 # Canal CNI with WireGuard IPv6 (if using encryption) + + # MetalLB + 7946 # memberlist + ]; + + # Cloud Init + systemd.services.rke2-server = mkIf config.${namespace}.services.cloud-init.enable { + after = [ "cloud-final.service" ]; + requires = [ "cloud-final.service" ]; + }; + }; +} diff --git a/modules/nixos/services/ydotool/default.nix b/modules/nixos/services/ydotool/default.nix new file mode 100644 index 0000000..eebd2c0 --- /dev/null +++ b/modules/nixos/services/ydotool/default.nix @@ -0,0 +1,19 @@ +{ config, lib, namespace, ... }: +let + inherit (lib) mkIf; + + cfg = config.${namespace}.services.ydotool; +in +{ + options.${namespace}.services.ydotool = { + enable = lib.mkEnableOption "ydotool"; + }; + + config = mkIf cfg.enable { + reichard.user.extraGroups = [ "input" ]; + programs.ydotool = { + enable = true; + group = "input"; + }; + }; +} diff --git a/modules/nixos/system/boot/default.nix b/modules/nixos/system/boot/default.nix new file mode 100644 index 0000000..dfdf9ae --- /dev/null +++ b/modules/nixos/system/boot/default.nix @@ -0,0 +1,52 @@ +{ config, lib, namespace, ... }: +let + inherit (lib) mkIf mkDefault; + + cfg = config.${namespace}.system.boot; +in +{ + options.${namespace}.system.boot = { + enable = lib.mkEnableOption "Enable Boot"; + xenGuest = lib.mkEnableOption "Enable Xen Guest"; + showNotch = lib.mkEnableOption "Show macOS Notch"; + silentBoot = lib.mkEnableOption "Silent Boot"; + }; + + config = mkIf cfg.enable { + services.xe-guest-utilities.enable = mkIf cfg.xenGuest true; + + boot = { + kernelParams = lib.optionals cfg.silentBoot [ + "quiet" + "loglevel=3" + "udev.log_level=3" + "rd.udev.log_level=3" + "systemd.show_status=auto" + "rd.systemd.show_status=auto" + "vt.global_cursor_default=0" + ] ++ lib.optionals cfg.showNotch [ + "apple_dcp.show_notch=1" + ]; + + loader = { + efi = { + canTouchEfiVariables = false; + }; + + systemd-boot = { + enable = true; + configurationLimit = 20; + editor = false; + }; + + timeout = mkDefault 1; + }; + + initrd = mkIf cfg.xenGuest { + kernelModules = [ "xen_netfront" "xen_blkfront" ]; + supportedFilesystems = [ "xenfs" ]; + }; + kernelModules = mkIf cfg.xenGuest [ "xen_netfront" "xen_blkfront" "xenfs" ]; + }; + }; +} diff --git a/lib/disk-config.nix b/modules/nixos/system/disk/default.nix similarity index 55% rename from lib/disk-config.nix rename to modules/nixos/system/disk/default.nix index d54867e..f0d1895 100644 --- a/lib/disk-config.nix +++ b/modules/nixos/system/disk/default.nix @@ -1,18 +1,22 @@ -{ config, lib, ... }: { - options = { - mainDiskID = lib.mkOption { - type = lib.types.str; - description = "Device path for the main disk"; - example = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBcd9425b8-d666f9b8"; - }; +{ config, lib, namespace, ... }: +let + inherit (lib.${namespace}) mkOpt; + inherit (lib) mkIf types; + + cfg = config.${namespace}.system.disk; +in +{ + options.${namespace}.system.disk = { + enable = lib.mkEnableOption "Disko Configuration"; + diskPath = mkOpt types.str null "Device path for the main disk"; }; - config = { + config = mkIf cfg.enable { disko.devices = { disk = { main = { type = "disk"; - device = config.mainDiskID; + device = cfg.diskPath; content = { type = "gpt"; partitions = { @@ -34,6 +38,14 @@ mountpoint = "/"; }; }; + swap = { + size = "32G"; + content = { + type = "swap"; + discardPolicy = "both"; + resumeDevice = true; + }; + }; }; }; }; diff --git a/modules/nixos/system/networking/default.nix b/modules/nixos/system/networking/default.nix new file mode 100644 index 0000000..8d2fe99 --- /dev/null +++ b/modules/nixos/system/networking/default.nix @@ -0,0 +1,71 @@ +{ config, lib, pkgs, namespace, ... }: +let + inherit (lib) types mkIf mkForce mkOption mkEnableOption; + inherit (lib.${namespace}) mkBoolOpt enabled; + + cfg = config.${namespace}.system.networking; +in +{ + options.${namespace}.system.networking = { + enable = mkEnableOption "Enable Networking"; + enableIWD = mkEnableOption "Enable IWD"; + useDHCP = mkBoolOpt true "Use DHCP"; + useNetworkd = mkBoolOpt false "Use networkd"; + useStatic = mkOption { + type = types.nullOr (types.submodule { + options = { + interface = mkOption { + type = lib.types.str; + description = "Network interface name"; + example = "enp0s3"; + }; + address = mkOption { + type = types.str; + description = "Static IP address"; + example = "10.0.20.200"; + }; + defaultGateway = mkOption { + type = types.str; + description = "Default gateway IP"; + example = "10.0.20.254"; + }; + nameservers = mkOption { + type = types.listOf types.str; + description = "List of DNS servers"; + example = [ "10.0.20.254" "8.8.8.8" ]; + default = [ "8.8.8.8" "8.8.4.4" ]; + }; + }; + }); + default = null; + description = "Static Network Configuration"; + }; + }; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + mtr + tcpdump + traceroute + ]; + + reichard.user.extraGroups = [ "network" ]; + + networking = { + firewall = enabled; + useDHCP = mkForce (cfg.useDHCP && cfg.useStatic == null); + useNetworkd = cfg.useNetworkd; + } // (lib.optionalAttrs (cfg.enableIWD) { + wireless.iwd = { + enable = true; + settings.General.EnableNetworkConfiguration = true; + }; + }) // (lib.optionalAttrs (cfg.useStatic != null) { + inherit (cfg.useStatic) defaultGateway nameservers; + interfaces.${cfg.useStatic.interface}.ipv4.addresses = [{ + inherit (cfg.useStatic) address; + prefixLength = 24; + }]; + }); + }; +} diff --git a/modules/nixos/system/networking/networkmanager/default.nix b/modules/nixos/system/networking/networkmanager/default.nix new file mode 100644 index 0000000..57253e2 --- /dev/null +++ b/modules/nixos/system/networking/networkmanager/default.nix @@ -0,0 +1,26 @@ +{ config, lib, namespace, ... }: +let + inherit (lib) mkIf; + + cfg = config.${namespace}.system.networking; +in +{ + config = mkIf cfg.enable { + reichard.user.extraGroups = [ "networkmanager" ]; + + networking.networkmanager = { + enable = true; + + connectionConfig = { + "connection.mdns" = "2"; + }; + + # unmanaged = [ + # "interface-name:br-*" + # "interface-name:rndis*" + # ] + # ++ lib.optionals config.${namespace}.virtualisation.podman.enable [ "interface-name:docker*" ] + # ++ lib.optionals config.${namespace}.virtualisation.kvm.enable [ "interface-name:virbr*" ]; + }; + }; +} diff --git a/modules/nixos/user/default.nix b/modules/nixos/user/default.nix new file mode 100644 index 0000000..6814545 --- /dev/null +++ b/modules/nixos/user/default.nix @@ -0,0 +1,30 @@ +{ config, lib, pkgs, namespace, ... }: +let + inherit (lib) types; + inherit (lib.${namespace}) mkOpt; + + cfg = config.${namespace}.user; +in +{ + options.${namespace}.user = with types; { + email = mkOpt str "evan@reichard.io" "The email of the user."; + extraGroups = mkOpt (listOf str) [ ] "Groups for the user to be assigned."; + extraOptions = mkOpt attrs { } "Extra options passed to ."; + fullName = mkOpt str "Evan Reichard" "The full name of the user."; + initialPassword = mkOpt str "changeMe2025!" "The initial password to use when the user is first created."; + name = mkOpt str "evanreichard" "The name to use for the user account."; + }; + + config = { + users.users.${cfg.name} = { + inherit (cfg) name initialPassword; + + group = "users"; + home = "/home/${cfg.name}"; + extraGroups = [ "wheel" ] ++ cfg.extraGroups; + isNormalUser = true; + shell = pkgs.bashInteractive; + uid = 1000; + } // cfg.extraOptions; + }; +} diff --git a/modules/nixos/virtualisation/podman/default.nix b/modules/nixos/virtualisation/podman/default.nix new file mode 100644 index 0000000..cd4b066 --- /dev/null +++ b/modules/nixos/virtualisation/podman/default.nix @@ -0,0 +1,43 @@ +{ config, lib, pkgs, namespace, ... }: +let + inherit (lib) mkIf; + + cfg = config.${namespace}.virtualisation.podman; +in +{ + options.${namespace}.virtualisation.podman = { + enable = lib.mkEnableOption "podman"; + }; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + podman-compose + podman-desktop + ]; + + reichard = { + user = { + extraGroups = [ + "docker" + "podman" + ]; + }; + }; + + virtualisation = { + podman = { + inherit (cfg) enable; + + autoPrune = { + enable = true; + flags = [ "--all" ]; + dates = "weekly"; + }; + + defaultNetwork.settings.dns_enabled = true; + dockerCompat = true; + dockerSocket.enable = true; + }; + }; + }; +} diff --git a/overlays/firefox-addons/default.nix b/overlays/firefox-addons/default.nix new file mode 100644 index 0000000..decb8af --- /dev/null +++ b/overlays/firefox-addons/default.nix @@ -0,0 +1,8 @@ +{ inputs, ... }: +final: _prev: { + firefox-addons = import inputs.firefox-addons { + inherit (final) fetchurl; + inherit (final) lib; + inherit (final) stdenv; + }; +} diff --git a/secrets/default.yaml b/secrets/default.yaml new file mode 100644 index 0000000..3697b55 --- /dev/null +++ b/secrets/default.yaml @@ -0,0 +1,22 @@ +builder_ssh_key: ENC[AES256_GCM,data:7WoeR4Fc9FQrTHsujqlIm/b0ASJuLQcWUwIeMqQ4wk9WEFrwycnMyoxzPyZ2oxRqmUp0LY2DFWaByOAABhKRN6oQFFse8ol4KOr4EZkFR131bFy8WhJaJWq6VZo8gLv+1hHo1etLeoNl/fwBVixqrqBibEWWBtTSlvEE6PYFPV/BcW/LfFaabnhmRjIEL5hCqcQTlBqPq9jMt6ALWcj42mdzsbamRWbaN0/W5QkcKDPTIfALMdJ36VR38+slOkkmxPGJFUMhgL08SgOcnitSevvo+hq6xkGhXY8hnV1lk9nC9o8MXYURacPobqW88fx145ez8a+o2xSjm3E/+KoGfGsWSatqrKqTMfm6pJndvf5JeCTCMER2sCZCF620OJ2fZM6VS/XwMzQjLQICFGMCKZm8RQEKhPjyPVVbu5voa9KNxdWp7l40Ya86dty2oUR56CB8lHB32uWiZAMR9v8LytUkoOy/8LZpfbRVIHm7nnywNirnve+81egixUz9t+vgZ2u7vL2LzzApWUjcLa/1pFVTPwspYJDohMSGtpHtmAInN80=,iv:emhMHi7Htuy7quNbKPNb/TdqkuDeHbYym1ubEeDOfls=,tag:pJGBVr69QbT1FerG153gUA==,type:str] +rke2_kubeconfig: ENC[AES256_GCM,data:ZfqWAsIcx2h/cyrfkcyQXrO+dzYF7JRkplj3Y9mm4oEiQKeG7xeYdtNAE112PdFfLcI00HQRaKbzrcNBbG1M+kUQZROUk47sr7AqpeRxJIob1ZoTgwN98gQ1W0ikPFYBUw4HIVxmY9wuNyqDk54LNwu47A3hMUmCLEv8sPkk8r7lhA9Vf3HTtTbQBK8VBa5059YJyEIpZjMMaXPZReIR6Gka9qsZ4d1F1B8VYu+fBH2ZIKtG1HMCXzl/RvjaCqtlrk5AptooSQ/upOMq6omHWfBf8oty/0o6yasxYldMawetUW55TOm12QlgdmbDkXqeMAai03N3tj8zMESOVEHVxRzjosVTq4u5DzPAMmLFAk5NYaPpd5c6jlM2Gk7pT9v+X+n+GGYW9xfYLURe1sSy/yWmLXhEhOzLXkyc1T3M1bHWqnXDXfU1bhXWVLKwNDmuS96YWHb1o+Qr+3HTUCPQa70M9Va18O+pERD0Yj/Jz1HxwyAHKClRs06Lo73gl3eY7lOGhnafRSyxR91oMXs+ijSfFk8CNEA/PxKPaXUoKpDLpM6+iPnEmnsAT/kV9IrqnevsIABtzWMR6XHQbRodPowsx2zlSgzJfLkVZ37dsZawALv1FN/XOtrW53Zt8BGK3dIwIM1tRy6nR+UKoN8mQ4KI43MNZ7A7CagCAkWbs3AserDqU+4VYIF/biLVA9q+tZZory7lLraLpByVa2Mi1/JFUW23PyW6fa9nVvBDonzs5M4N7p4/Yw9rdWBWC/1ZQIvSKbTIla+mtDKX6GTlEAsaoJOFc+F8fX8FxGEZtxoXENshoyAvsQSihUbdsKkjDQAIcZ0lHAUKLJyJZSWFRkQsl64MkvBJwGedsMq/zzU8K96iBojYLQspPq8Yp612nxQahRyxAXWFvYAfMmxMqhSbEYuJA62DSUA1KwILZx7yPfKZWXLQzGDnpGyFRuORP+ZjANGXo1eqAED4cHqwZCHTo6q6Zh9zN4Y4jrO/z4G16PwheAi/WTJswzdI83J9FAR3TrKAGyf3a5hR03BNVHBbO+I6dX/Rhwp0eIdR0MPVXJE+CshcTixQNKWK7SRmpDQemAQq3g6c4i5DWB9PUlipkry+pcQzsz1omPLGjf/2Mz2CAdvPnjCYfeTeFxz42s6VJHBBd5Sgg/7ONQTj6QpvFhpP2u8aWmgbPnV3n0phejq9Bpj1lEEEN5JZlU2Swj6t6rtFD5fAZUu3L5FRPg5xZhCV0zu4VXuaEflPdidK35b0jIiz22qpAkw+/0vh36u+kkUOabgpnt+I3CqeCilRuq6tIvtIx2AHFZ4Y9WdfXpjd/BEl2GY8VrxSWzpXS0YYWiNwypJx/J1zzmZZO6G7QcKSpIuoULM4uneBlaZurjXdVT8QzupUmX+CVyXHZUTXX3tM0rFnuDG3uGjOUM+67kS/zd3LJk8fnY1awU08gTOrs7qIDIzqEaEVxvK60XcBqc4dDYG+FTKEOEOi88WGIZH12gFy49epciPaTQMxcKbRftE9R1fZNdze1PwX2lrm891KTBD7YwFJkUin88Ype7bQNI4Djyca0TumZjYKok1AoSzjLTJGYOmiZg9wYyN+6m/FrdM0krgUQzvErtfSFryX4XaLbpPJnpRcdzoiNzwwuVYMLn5mBhj4m08gjiiHQlVlSMSJxpXi6GdXqrMCDudDHyPX5LHh21e2wajZ59p1Y42Gew1dOOP+M/5/0PrwDvqKhUWgAp2q8PzQuQ+ZyCq63jVpTI0/BskiD1iQBwQFDN2A32V9xymnkuS1pKn9xnosNMWVR3R9l6sLQDxH6vJcCEqWvCmxg8n5nfPtgx0E+clmmFFHVQ/xmXbe1lKS1o/M5dLHDG3CdrUpSEf8IC7/qkhaG8d3EmKGFskwJcbpPSzCJfMLS1JuYGJL/m7jqSI5JJ+KzTlPQCjubW74+EEvScTIaQP7e+RtE60LbgkwLprIEfCao3I+P0W4YgqLfE/xF4NQ3qVy3vrXOVGJSR4e0R3rI9RiuHmYoduldqtLr8rhqVqbU33q9s1ifL/62Rh2ZnXcnP4w75eH1EtunucZ2ml9QwHbpG0liKrthvPlmUNVsOhWdwlUfHrCUs8sgLNwW98mgG+7Kva4edejNmaEq/43TtN/RBmrNanB0Dp2SIeEbYRFfLqWGCtIRJpeJF227ggJXxt3fZnCW1eiEihDLKfc3hz+7zo/QlkBkbbj9D1BRURieH7DCr8cvymKa1QL9nRl0aJzWvMg//Q8/nMA23qBays34s4EUrcDin6AnUZIu63eAvxtcesPDTVq31+NatLmty21VG3mk7s7yw1dDwJncCXQ6zYp+SOC90xMFUR++FYcpX6qFiRGk7qNln9hnllwu1SqQYgV/w9MmD6GYLk+/xCUWK3kbCjWZ0Nhxkk+A3snUealYeeK75fZfL8TlAkgKqpRL1KlY3jrDe2rgzQyrHb7AoLukf2RJcXwu3GBP9PLQjJSSJw3vEHltCDnt7YR2KRA5NvJw429brs/4RvkBlX2a593swY63YthWinhCs6I3kgiDVaycpiQit4HCwMATAnhkzD590QLgf/am+7vcQlxl1MCtG6V+mBSIDQw17kxfrq/P18MyKixtREI/TW2lT127JvMlH3Te3f5KDQNyWc5oUP8bsfvxpZ6nO6xrUY1pZ+1eCsapkNalLH5x4yk3viGHiWS7ow44jjaCDraL/YCvGN+7SHjDBIWRpt+/ncrjezxWJa2yN29y+JrJgRxHYmfmZVMHxPGZ9aexCRHxnTVgwlT577VTDltqYi9CC0kQmTPt3CZzSiOP8ht4gwHNuNjNus8qGT9w7nYd81ViCYV/VpMRKmq9cR3rY75U6BU8QO74hFTfDigmGBPxXwGuhWZEWMbmK1Xl867xybVj9UTHhdbgnhta0J9RXm29A9YL3RMdL/DDZNQGq2eMK4CDq2l9X7UdPqbJphXfCv1AmCdufdvzEAq8kVEw5+RQxEOVV0g84G8bH5dOKfOwr7b9Bogtg37+j5pLPJzcoRKl3NynlWMGZVcnkEgRqmzFreXAYIyScE16rIzeEHdL5ngvm9EcPQfAWz6CvylrK7Bl91pJonNYprSqHUO0F4K4/kscm4j90kD5wpGOcrwke2+OI3oqez7QPmfzKnYoSrtcXqbt9lnluqobdYsCHY6mUjn4utROUD+g7gW5yYkxC7R1ySvvt5t63rOX6QH4UP9Uz7dCpo831vMHQ8Am+VFNbLXirq6/2P4TKTnScSQh/OnJ8Sx0/zxbPAb3jwzmx/eFAd+eazL0hCGTnh/D0WxcqfxTItOllsKUGX+md2VAoJQLra07gMJlh1tuDk2+ZXjvOsoGOMAzswpKPLf6TVe5Yi4eEosDM8ZFkVSngF3qx4TB2NcuKl739qUvLf0eL461y7+doJcdC+sl19scJjlEBFmEU9YNoJ8T0m9nT5UIi7l0tuek2i9SpzQRjHym1Y12JsiYoTR83mTBMR33hChE9aMc0FBkNesVJ9SBWOtLsd1i/UxUyZIk/C8shVGPmYplT9QOO/RqwJtvTeOkhrEWQq9zRoGqKQJs+j6VatHOdqVweX4/0icBN5QamXwgH61c7RbT79MDCZHvHSKkAe+eNVw7y6+0ZgCxtiIbo3RJwdRGqy6XHGnRfzRbzjO9H26gBmWX+Z7ZfeHLghen/tOW/qEh+uT1TR+O71GnhOgd1QQh84vyE2U+lAzneHI2gVG8EzA8Ho/UGiXJALQPElkJzR3GXDXVAHAw8Q6wCjLnxpmpkJZEJiJ9uDktKkNdF5uM6oEfQbxpP8uWJQnK4sCaZOTBsqEzyBm+KUXOpt0PbGFmb+gfPHIpO6rNGdWJ/C9F63ZbWhMXfONuLCjMis86lLJimwYH9G0PQWrmh7ENuZB3/giYbVqUjD3yP44axfw,iv:zfbeDFKb3hHQFi9wEuDj8XRqTLhc+2AnJU1roGJVZkU=,tag:mwNz9UCO6lCDK5hMWNLfNw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0SnA3M2F0cXZjOGlFSTJw + aE9BNGJsQ1JzelFoQk4yMGlpN2dkVUR4ZUNvCmljSDhsVU4rUnowV2dIdlhZYnMy + aXo2OGZRd21PYk81ZE9pV05XSmpVOEEKLS0tIGhGNkVmTnVYRENEYlBxZXJTaExt + SC91WFNocEN2K1NFK2dBUHYwZTQrVFkKKb3AlaRX96vJwEmxNNAThTlO9ZwtD1tv + c6aBELEbmJFdHOcIJITzmS3YOssDOgTL2TbcSFu8mdAQYsRvxC96HA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-04-09T00:53:28Z" + mac: ENC[AES256_GCM,data:NKv91i8Ms4TfbU0t9td4QoGD+9d9KYGQ9Mu1QlFdCc4AjMfRCcUCrvb9SVMF5JbYa8oZAH4Qp9FEJ5fFmgoTNrewspLUMpyjUYRgARYQWiHYhZjE/uTNhFo2FxXYLWsAlQjEJ8abbwUyr2y6NsK2tcQcOBDIWUssb4XqajNcylE=,iv:gvwQZB20JR4bKfMMR6sYjTnf3CNiOjcd8T30s2drKwY=,tag:mF9etyVyPVw5YblI8VdtTw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.4 diff --git a/secrets/lin-va-mbp-personal/evanreichard/default.yaml b/secrets/lin-va-mbp-personal/evanreichard/default.yaml new file mode 100644 index 0000000..38047c1 --- /dev/null +++ b/secrets/lin-va-mbp-personal/evanreichard/default.yaml @@ -0,0 +1,21 @@ +rke2_kubeconfig: ENC[AES256_GCM,data:ZfqWAsIcx2h/cyrfkcyQXrO+dzYF7JRkplj3Y9mm4oEiQKeG7xeYdtNAE112PdFfLcI00HQRaKbzrcNBbG1M+kUQZROUk47sr7AqpeRxJIob1ZoTgwN98gQ1W0ikPFYBUw4HIVxmY9wuNyqDk54LNwu47A3hMUmCLEv8sPkk8r7lhA9Vf3HTtTbQBK8VBa5059YJyEIpZjMMaXPZReIR6Gka9qsZ4d1F1B8VYu+fBH2ZIKtG1HMCXzl/RvjaCqtlrk5AptooSQ/upOMq6omHWfBf8oty/0o6yasxYldMawetUW55TOm12QlgdmbDkXqeMAai03N3tj8zMESOVEHVxRzjosVTq4u5DzPAMmLFAk5NYaPpd5c6jlM2Gk7pT9v+X+n+GGYW9xfYLURe1sSy/yWmLXhEhOzLXkyc1T3M1bHWqnXDXfU1bhXWVLKwNDmuS96YWHb1o+Qr+3HTUCPQa70M9Va18O+pERD0Yj/Jz1HxwyAHKClRs06Lo73gl3eY7lOGhnafRSyxR91oMXs+ijSfFk8CNEA/PxKPaXUoKpDLpM6+iPnEmnsAT/kV9IrqnevsIABtzWMR6XHQbRodPowsx2zlSgzJfLkVZ37dsZawALv1FN/XOtrW53Zt8BGK3dIwIM1tRy6nR+UKoN8mQ4KI43MNZ7A7CagCAkWbs3AserDqU+4VYIF/biLVA9q+tZZory7lLraLpByVa2Mi1/JFUW23PyW6fa9nVvBDonzs5M4N7p4/Yw9rdWBWC/1ZQIvSKbTIla+mtDKX6GTlEAsaoJOFc+F8fX8FxGEZtxoXENshoyAvsQSihUbdsKkjDQAIcZ0lHAUKLJyJZSWFRkQsl64MkvBJwGedsMq/zzU8K96iBojYLQspPq8Yp612nxQahRyxAXWFvYAfMmxMqhSbEYuJA62DSUA1KwILZx7yPfKZWXLQzGDnpGyFRuORP+ZjANGXo1eqAED4cHqwZCHTo6q6Zh9zN4Y4jrO/z4G16PwheAi/WTJswzdI83J9FAR3TrKAGyf3a5hR03BNVHBbO+I6dX/Rhwp0eIdR0MPVXJE+CshcTixQNKWK7SRmpDQemAQq3g6c4i5DWB9PUlipkry+pcQzsz1omPLGjf/2Mz2CAdvPnjCYfeTeFxz42s6VJHBBd5Sgg/7ONQTj6QpvFhpP2u8aWmgbPnV3n0phejq9Bpj1lEEEN5JZlU2Swj6t6rtFD5fAZUu3L5FRPg5xZhCV0zu4VXuaEflPdidK35b0jIiz22qpAkw+/0vh36u+kkUOabgpnt+I3CqeCilRuq6tIvtIx2AHFZ4Y9WdfXpjd/BEl2GY8VrxSWzpXS0YYWiNwypJx/J1zzmZZO6G7QcKSpIuoULM4uneBlaZurjXdVT8QzupUmX+CVyXHZUTXX3tM0rFnuDG3uGjOUM+67kS/zd3LJk8fnY1awU08gTOrs7qIDIzqEaEVxvK60XcBqc4dDYG+FTKEOEOi88WGIZH12gFy49epciPaTQMxcKbRftE9R1fZNdze1PwX2lrm891KTBD7YwFJkUin88Ype7bQNI4Djyca0TumZjYKok1AoSzjLTJGYOmiZg9wYyN+6m/FrdM0krgUQzvErtfSFryX4XaLbpPJnpRcdzoiNzwwuVYMLn5mBhj4m08gjiiHQlVlSMSJxpXi6GdXqrMCDudDHyPX5LHh21e2wajZ59p1Y42Gew1dOOP+M/5/0PrwDvqKhUWgAp2q8PzQuQ+ZyCq63jVpTI0/BskiD1iQBwQFDN2A32V9xymnkuS1pKn9xnosNMWVR3R9l6sLQDxH6vJcCEqWvCmxg8n5nfPtgx0E+clmmFFHVQ/xmXbe1lKS1o/M5dLHDG3CdrUpSEf8IC7/qkhaG8d3EmKGFskwJcbpPSzCJfMLS1JuYGJL/m7jqSI5JJ+KzTlPQCjubW74+EEvScTIaQP7e+RtE60LbgkwLprIEfCao3I+P0W4YgqLfE/xF4NQ3qVy3vrXOVGJSR4e0R3rI9RiuHmYoduldqtLr8rhqVqbU33q9s1ifL/62Rh2ZnXcnP4w75eH1EtunucZ2ml9QwHbpG0liKrthvPlmUNVsOhWdwlUfHrCUs8sgLNwW98mgG+7Kva4edejNmaEq/43TtN/RBmrNanB0Dp2SIeEbYRFfLqWGCtIRJpeJF227ggJXxt3fZnCW1eiEihDLKfc3hz+7zo/QlkBkbbj9D1BRURieH7DCr8cvymKa1QL9nRl0aJzWvMg//Q8/nMA23qBays34s4EUrcDin6AnUZIu63eAvxtcesPDTVq31+NatLmty21VG3mk7s7yw1dDwJncCXQ6zYp+SOC90xMFUR++FYcpX6qFiRGk7qNln9hnllwu1SqQYgV/w9MmD6GYLk+/xCUWK3kbCjWZ0Nhxkk+A3snUealYeeK75fZfL8TlAkgKqpRL1KlY3jrDe2rgzQyrHb7AoLukf2RJcXwu3GBP9PLQjJSSJw3vEHltCDnt7YR2KRA5NvJw429brs/4RvkBlX2a593swY63YthWinhCs6I3kgiDVaycpiQit4HCwMATAnhkzD590QLgf/am+7vcQlxl1MCtG6V+mBSIDQw17kxfrq/P18MyKixtREI/TW2lT127JvMlH3Te3f5KDQNyWc5oUP8bsfvxpZ6nO6xrUY1pZ+1eCsapkNalLH5x4yk3viGHiWS7ow44jjaCDraL/YCvGN+7SHjDBIWRpt+/ncrjezxWJa2yN29y+JrJgRxHYmfmZVMHxPGZ9aexCRHxnTVgwlT577VTDltqYi9CC0kQmTPt3CZzSiOP8ht4gwHNuNjNus8qGT9w7nYd81ViCYV/VpMRKmq9cR3rY75U6BU8QO74hFTfDigmGBPxXwGuhWZEWMbmK1Xl867xybVj9UTHhdbgnhta0J9RXm29A9YL3RMdL/DDZNQGq2eMK4CDq2l9X7UdPqbJphXfCv1AmCdufdvzEAq8kVEw5+RQxEOVV0g84G8bH5dOKfOwr7b9Bogtg37+j5pLPJzcoRKl3NynlWMGZVcnkEgRqmzFreXAYIyScE16rIzeEHdL5ngvm9EcPQfAWz6CvylrK7Bl91pJonNYprSqHUO0F4K4/kscm4j90kD5wpGOcrwke2+OI3oqez7QPmfzKnYoSrtcXqbt9lnluqobdYsCHY6mUjn4utROUD+g7gW5yYkxC7R1ySvvt5t63rOX6QH4UP9Uz7dCpo831vMHQ8Am+VFNbLXirq6/2P4TKTnScSQh/OnJ8Sx0/zxbPAb3jwzmx/eFAd+eazL0hCGTnh/D0WxcqfxTItOllsKUGX+md2VAoJQLra07gMJlh1tuDk2+ZXjvOsoGOMAzswpKPLf6TVe5Yi4eEosDM8ZFkVSngF3qx4TB2NcuKl739qUvLf0eL461y7+doJcdC+sl19scJjlEBFmEU9YNoJ8T0m9nT5UIi7l0tuek2i9SpzQRjHym1Y12JsiYoTR83mTBMR33hChE9aMc0FBkNesVJ9SBWOtLsd1i/UxUyZIk/C8shVGPmYplT9QOO/RqwJtvTeOkhrEWQq9zRoGqKQJs+j6VatHOdqVweX4/0icBN5QamXwgH61c7RbT79MDCZHvHSKkAe+eNVw7y6+0ZgCxtiIbo3RJwdRGqy6XHGnRfzRbzjO9H26gBmWX+Z7ZfeHLghen/tOW/qEh+uT1TR+O71GnhOgd1QQh84vyE2U+lAzneHI2gVG8EzA8Ho/UGiXJALQPElkJzR3GXDXVAHAw8Q6wCjLnxpmpkJZEJiJ9uDktKkNdF5uM6oEfQbxpP8uWJQnK4sCaZOTBsqEzyBm+KUXOpt0PbGFmb+gfPHIpO6rNGdWJ/C9F63ZbWhMXfONuLCjMis86lLJimwYH9G0PQWrmh7ENuZB3/giYbVqUjD3yP44axfw,iv:zfbeDFKb3hHQFi9wEuDj8XRqTLhc+2AnJU1roGJVZkU=,tag:mwNz9UCO6lCDK5hMWNLfNw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0SnA3M2F0cXZjOGlFSTJw + aE9BNGJsQ1JzelFoQk4yMGlpN2dkVUR4ZUNvCmljSDhsVU4rUnowV2dIdlhZYnMy + aXo2OGZRd21PYk81ZE9pV05XSmpVOEEKLS0tIGhGNkVmTnVYRENEYlBxZXJTaExt + SC91WFNocEN2K1NFK2dBUHYwZTQrVFkKKb3AlaRX96vJwEmxNNAThTlO9ZwtD1tv + c6aBELEbmJFdHOcIJITzmS3YOssDOgTL2TbcSFu8mdAQYsRvxC96HA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-04-07T18:09:21Z" + mac: ENC[AES256_GCM,data:RxVXYkx4JD2l6zIcx051DSyw4yYMWdK23ssaw94jkxlICvDyeZy9aO9kC0bAYqn0iB2BDEdh/0rzNZeJHlkjKQx9+et82iwFdwC9GSTVl/FV39fr9YbsqFQGqMAEo/JqElul9Sjd5vgdC1xQOF+Jceo11F9LhDteOiFn2a3Sv5I=,iv:sb9ah+Tk39FUIDpq4g5YGScIku3w5tVlDDNyxuHS4OY=,tag:nC+yLdj/moS2+nMIzNAOdw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.4 diff --git a/systems/aarch64-linux/lin-va-mbp-personal/default.nix b/systems/aarch64-linux/lin-va-mbp-personal/default.nix new file mode 100755 index 0000000..9b54c56 --- /dev/null +++ b/systems/aarch64-linux/lin-va-mbp-personal/default.nix @@ -0,0 +1,61 @@ +{ namespace, lib, ... }: +let + inherit (lib.${namespace}) enabled; +in +{ + imports = [ + ./hardware-configuration.nix + ]; + + system.stateVersion = "24.11"; + time.timeZone = "America/New_York"; + + # System Config + reichard = { + nix = enabled; + + system = { + boot = { + enable = true; + showNotch = true; + silentBoot = true; + }; + networking = { + enable = true; + enableIWD = true; + }; + }; + + hardware = { + opengl = enabled; + asahi = { + enable = true; + enableGPU = true; + firmwareDirectory = ./firmware; + }; + }; + + services = { + avahi = enabled; + ydotool = enabled; + }; + + security = { + sops = { + enable = true; + # sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + defaultSopsFile = lib.snowfall.fs.get-file "secrets/lin-mbp-personal/default.yaml"; + }; + }; + + virtualisation = { + podman = enabled; + }; + + programs = { + graphical = { + wms.hyprland = enabled; + }; + }; + }; +} diff --git a/systems/aarch64-linux/lin-va-mbp-personal/firmware/all_firmware.tar.gz b/systems/aarch64-linux/lin-va-mbp-personal/firmware/all_firmware.tar.gz new file mode 100755 index 0000000..4e330cd Binary files /dev/null and b/systems/aarch64-linux/lin-va-mbp-personal/firmware/all_firmware.tar.gz differ diff --git a/systems/aarch64-linux/lin-va-mbp-personal/firmware/kernelcache.release.mac14j b/systems/aarch64-linux/lin-va-mbp-personal/firmware/kernelcache.release.mac14j new file mode 100755 index 0000000..9f95e2b Binary files /dev/null and b/systems/aarch64-linux/lin-va-mbp-personal/firmware/kernelcache.release.mac14j differ diff --git a/systems/aarch64-linux/lin-va-mbp-personal/hardware-configuration.nix b/systems/aarch64-linux/lin-va-mbp-personal/hardware-configuration.nix new file mode 100755 index 0000000..d422838 --- /dev/null +++ b/systems/aarch64-linux/lin-va-mbp-personal/hardware-configuration.nix @@ -0,0 +1,37 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "usb_storage" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/6dce11fa-5075-44d4-b502-14d0a1b36e7f"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/2254-0F1E"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlan0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +} diff --git a/systems/x86_64-linux/lin-va-nix-builder/default.nix b/systems/x86_64-linux/lin-va-nix-builder/default.nix new file mode 100755 index 0000000..3a80b3e --- /dev/null +++ b/systems/x86_64-linux/lin-va-nix-builder/default.nix @@ -0,0 +1,63 @@ +{ namespace, lib, config, pkgs, ... }: +let + inherit (lib.${namespace}) enabled; + + cfg = config.${namespace}.user; +in +{ + time.timeZone = "America/New_York"; + system.stateVersion = "24.11"; + + reichard = { + system = { + boot = { + enable = true; + xenGuest = true; + }; + disk = { + enable = true; + diskPath = "/dev/xvda"; + }; + networking = { + enable = true; + useStatic = { + interface = "enX0"; + address = "10.0.50.130"; + defaultGateway = "10.0.50.254"; + nameservers = [ "10.0.50.254" ]; + }; + }; + }; + + services = { + openssh = { + enable = true; + authorizedKeys = [ + # evanreichard@lin-va-mbp-personal + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" + # NixOS Builder + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN" + ]; + }; + }; + }; + + users.users.${cfg.name} = { + openssh = { + authorizedKeys.keys = [ + # evanreichard@lin-va-mbp-personal + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" + # NixOS Builder + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN" + ]; + }; + }; + + # System Packages + environment.systemPackages = with pkgs; [ + btop + git + tmux + vim + ]; +} diff --git a/hosts/office-server.nix b/systems/x86_64-linux/lin-va-office/default.nix old mode 100644 new mode 100755 similarity index 100% rename from hosts/office-server.nix rename to systems/x86_64-linux/lin-va-office/default.nix diff --git a/hosts/utility-desktop.nix b/systems/x86_64-linux/lin-va-utility/default.nix old mode 100644 new mode 100755 similarity index 100% rename from hosts/utility-desktop.nix rename to systems/x86_64-linux/lin-va-utility/default.nix diff --git a/systems/x86_64-qcow/lin-va-rke2/default.nix b/systems/x86_64-qcow/lin-va-rke2/default.nix new file mode 100755 index 0000000..a73bf58 --- /dev/null +++ b/systems/x86_64-qcow/lin-va-rke2/default.nix @@ -0,0 +1,52 @@ +{ namespace, lib, modulesPath, ... }: +let + inherit (lib.${namespace}) enabled; +in +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + config = { + # Basic System + system.stateVersion = "24.11"; + time.timeZone = "UTC"; + + reichard = { + nix = enabled; + + system = { + boot = { + enable = true; + xenGuest = true; + }; + networking = { + enable = true; + useDHCP = false; + useNetworkd = true; + }; + }; + + services = { + avahi = enabled; + openssh = enabled; + cloud-init = enabled; + rke2 = { + enable = true; + disable = [ "rke2-ingress-nginx" ]; + }; + openiscsi = { + enable = true; + symlink = true; + }; + }; + + hardware = { + opengl = { + enable = true; + enableIntel = true; + }; + }; + }; + }; +}