evan/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: evan:cddaa01e9913b123f65c5dc8429ec8ad987c3276
Branches Tags
evan:master evan:snowfall
..
compare: evan:master
Branches Tags
evan:master evan:snowfall

56 Commits
cddaa01e99 ... master

Author SHA1 Message Date
Evan Reichard
c60cb58d14 chore: native lsp 2025-11-15 16:04:57 -05:00
Evan Reichard
167c1d811c chore: update flake 2025-11-10 16:23:48 -05:00
Evan Reichard
bf9e3a044b fix: determinate nix + nix darwin 2025-11-08 11:32:50 -05:00
Evan Reichard
56921235b3 fix: actually fix user shell 2025-11-08 11:28:35 -05:00
Evan Reichard
b111cf4197 chore: remove csharp_ls 2025-11-08 11:19:44 -05:00
Evan Reichard
567e8c10d2 feat(nvim): add omnisharp 2025-11-06 09:26:34 -05:00
Evan Reichard
3480837c26 add: common tools 2025-11-04 21:02:25 -05:00
Evan Reichard
ad6de45681 add: strawberry 2025-11-03 08:58:33 -05:00
Evan Reichard
e7ee14a3c1 feat: add csharp lsp 2025-11-02 18:27:34 -05:00
Evan Reichard
667df4e8e6 fix: thinkpad sleep 2025-10-31 09:26:05 -04:00
Evan Reichard
5c429b8a6b block firefox ai crap 2025-10-28 08:41:12 -04:00
Evan Reichard
4f054051e5 fix: thinkpad L14 S4 hibernate 2025-10-25 13:02:36 -04:00
Evan Reichard
318c6f6984 asahi update 2025-10-22 10:19:21 -04:00
Evan Reichard
0c2bf58cfa fix: prevent clangd from formatting proto files 2025-10-15 10:36:09 -04:00
Evan Reichard
70df72a6f5 fix: incorrect bash shell in toggleterm 2025-10-10 14:24:22 -04:00
Evan Reichard
8c417d8e56 add aws stuff 2025-10-10 10:29:17 -04:00
Evan Reichard
7ce476adb3 update libvirt & add clangd lsp 2025-10-03 13:10:09 -04:00
Evan Reichard
e173ddffc9 fix tmux over mosh copy & boot config 2025-10-01 17:55:44 -04:00
Evan Reichard
eb0c28d2f0 add qemu & battery notifs 2025-09-29 20:37:53 -04:00
Evan Reichard
2a40dc791d more 2025-09-28 18:32:02 -04:00
Evan Reichard
1098c68073 wip 2025-09-27 12:28:43 -04:00
Evan Reichard
74e6684783 add ssh key 2025-09-23 20:32:31 -04:00
Evan Reichard
5b05dffb20 enable ts 2025-09-23 20:31:07 -04:00
Evan Reichard
1d9517a37f enable mosh 2025-09-23 19:23:35 -04:00
Evan Reichard
ff62814436 update nameserver 2025-09-23 16:18:43 -04:00
Evan Reichard
be5c3e9cb8 tmux 2025-09-23 15:44:57 -04:00
Evan Reichard
bf4148dab0 split bash from ghostty 2025-09-22 19:05:18 -04:00
Evan Reichard
fbb274a50a more systems 2025-09-19 14:37:17 -04:00
Evan Reichard
9159465836 add headscale specific node 2025-09-16 16:30:56 -04:00
Evan Reichard
cff9bcaecc alias 2025-09-07 21:03:27 -04:00
Evan Reichard
2492bb8825 tailscale 2025-09-07 15:20:47 -04:00
Evan Reichard
788697561a add kubectl 2025-09-06 20:33:36 -04:00
Evan Reichard
f6dbe8ad1d mkopt systemd vs grub 2025-09-06 09:47:27 -04:00
Evan Reichard
26f32d3225 chore: added llama-cpp and migrate office 2025-09-05 22:58:00 -04:00
Evan Reichard
9433abcaf4 update nix flake, remote nix-anywhere, update readme 2025-09-03 08:12:35 -04:00
Evan Reichard
f5c4e6c9db back to vmware 2025-09-01 20:51:48 -04:00
Evan Reichard
b970f6f550 add cloud 2025-09-01 20:09:23 -04:00
Evan Reichard
93b7c6ee25 update nix 2025-09-01 15:10:31 -04:00
Evan Reichard
cc045f225b feat(nvim): add octo 2025-08-28 17:04:54 -04:00
Evan Reichard
e63dd8d5d1 add: remmina & thinkpad hardware mod 2025-07-28 16:55:28 -04:00
Evan Reichard
6b42b3cc22 vim deprecated functions 2025-07-27 18:22:11 -04:00
Evan Reichard
73b9bf063e update 25.05 2025-07-27 18:17:35 -04:00
Evan Reichard
dea1fc8790 chore: update vim stuff 2025-07-27 18:09:57 -04:00
Evan Reichard
57dbafb5a4 update 24.11 2025-07-27 17:57:35 -04:00
Evan Reichard
5bb653f561 add bt to tp 2025-07-27 17:49:29 -04:00
Evan Reichard
f09e2a9ec1 chore: nvim autopep8 line limit 2025-07-23 20:21:10 -04:00
Evan Reichard
6cd0437fb5 feat: add wireshark 2025-07-23 11:17:48 -04:00
Evan Reichard
d6c908dc70 git signs tweak 2025-06-09 13:22:03 -04:00
Evan Reichard
b1981a2dcc autopep8 2025-05-01 14:06:05 -04:00
Evan Reichard
a58d02d1bd nvim: use pyright for starlark 2025-04-30 13:12:00 -04:00
Evan Reichard
c2af87fce5 add telescope undo tree 2025-04-22 19:11:08 -04:00
Evan Reichard
93d50641c1 macos update instructions 2025-04-22 11:47:10 -04:00
Evan Reichard
a6a9a97650 add pin hyprland bind 2025-04-22 07:46:05 -04:00
Evan Reichard
5455230930 add gimp 2025-04-20 21:16:56 -04:00
Evan Reichard
b632c0c3af sync system clipboard 2025-04-20 21:10:15 -04:00
Evan Reichard
cf0fa75058 Migrate to Snowfall (#1) 
Reviewed-on: #1
Co-authored-by: Evan Reichard <evan@reichard.io>
Co-committed-by: Evan Reichard <evan@reichard.io>
 2025-04-21 00:56:53 +00:00
104 changed files with 2972 additions and 1144 deletions
Expand all files Collapse all files

15
.sops.yaml
View File

@@ -1,7 +1,22 @@
keys: keys:
# Admin - Age Native
- &admin_reichard age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w - &admin_reichard age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w
# lin-va-mbp-personal@evanreichard - SSH Derived
- &user_lin-va-mbp-personal age17ayje4uv2mhwehhp9jr3u9l0ds07396kt7ef40sufx89vm7cgfjq6d5d4y
# mac-va-mbp-personal@evanreichard - SSH Derived
- &user_mac-va-mbp-personal age1dccte7xtwswgef089nd80dutp96xnezx5lrqnneh9cusegsnda8sj3dj6c
creation_rules: creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups: key_groups:
- age: - age:
- *admin_reichard - *admin_reichard
- path_regex: secrets/lin-va-mbp-personal/evanreichard/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *admin_reichard
- *user_lin-va-mbp-personal
- path_regex: secrets/mac-va-mbp-personal/evanreichard/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *admin_reichard
- *user_mac-va-mbp-personal

89
README.md
View File

@@ -1,67 +1,80 @@
# Description # Description
This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager). This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager).
It takes heavy inspiration from [khaneliman/khanelinix](https://github.com/khaneliman/khanelinix).
### NixOS
```bash ```bash
# Install NixOS
./bootstrap.sh install --name lin-va-nix-builder
# Remote Image Build (NixOS Builder)
./bootstrap.sh image --name lin-va-rke2 --remote
# Home Manager Install
home-manager switch --flake .#evanreichard@mac-va-mbp-personal
# Update Flake
nix flake update
``` ```
### NixOS Generators ## Manual
```bash ```bash
nix build .#vmwareConfigurations.rke2-node # Install NixOS
sudo nixos-rebuild switch --flake .#lin-va-mbp-personal
# Install NixOS (Remote)
nix run github:nix-community/nixos-anywhere -- --flake .#lin-cloud-kube1 --target-host \<USER\>@\<IP\>
# Build Image
nix build .#vmwareConfigurations.lin-va-rke2
``` ```
### Home Manager ## Nix Darwin
```bash ```bash
home-manager switch --flake .#evanreichard@MBP-Personal # Install Nix Without Determinate
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
# Switch Nix Darwin
sudo nix run nix-darwin#darwin-rebuild -- switch --flake .#mac-va-mbp-personal
sudo darwin-rebuild switch --flake .#mac-va-mbp-personal
``` ```
### NixOS Hosts ## Clean Garbage
#### Copy Config NOTE: This will remove previous generations
```bash ```bash
rsync -av --exclude='.git' . root@HOST:/etc/nixos sudo nix-collect-garbage --delete-old
nix-collect-garbage --delete-old
``` ```
#### Partition Drives ## Home Manager
```bash ```bash
# Validate Disk # Update System Channels
ls -l /dev/disk/by-id sudo nix-channel --add https://nixos.org/channels/nixpkgs-25.05-darwin nixpkgs
sudo nix-channel --update
# Partition Disk # Update Home Manager
# WARNING: This will destroy all data on the disk(s) nix-channel --add https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz home-manager
sudo nix \ nix-channel --update
--experimental-features "nix-command flakes" \
run github:nix-community/disko -- \ # Link Repo
--mode disko \ ln -s /Users/evanreichard/Development/git/personal/nix/home-manager ~/.config/home-manager
--flake /etc/nixos#HOST_CONFIG
# Build Home Manager
home-manager switch
``` ```
#### Install NixOS ### OS Update
`/etc/bashrc` may get overridden. To properly load Nix, prepend the following:
```bash ```bash
# Install # Nix
sudo nixos-install --flake /etc/nixos#HOST_CONFIG if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
# Reboot fi
sudo reboot # End Nix
```
#### Copy Config Back to Host
```bash
rsync -av --exclude='.git' . root@HOST:/etc/nixos
```
#### Rebuild NixOS
```bash
sudo nixos-rebuild switch
``` ```

8
TODO.md
View File

@@ -1,8 +0,0 @@
- Nix Builder
- Keys
- User
- Etc
- SSH
- Known Hosts

46
bootstrap.sh
View File

@@ -3,7 +3,7 @@
export NIX_CONFIG="experimental-features = nix-command flakes" export NIX_CONFIG="experimental-features = nix-command flakes"
function cmd_image() { function cmd_image() {
local usage="Usage: $0 image --name <image-name>" local usage="Usage: $0 image --name <image-name> [--remote]"
local name="" local name=""
local remote=false local remote=false
@@ -51,8 +51,9 @@ function cmd_image() {
} }
function cmd_install() { function cmd_install() {
local usage="Usage: $0 install --name <system-name>" local usage="Usage: $0 install --name <system-name> [--remote <user@remote-host>]"
local name="" local name=""
local remote=""
while [[ $# -gt 0 ]]; do while [[ $# -gt 0 ]]; do
case "$1" in case "$1" in
@@ -60,6 +61,10 @@ function cmd_install() {
name="$2" name="$2"
shift 2 shift 2
;; ;;
--remote)
remote="$2"
shift 2
;;
*) *)
echo "$usage" echo "$usage"
exit 1 exit 1
@@ -80,15 +85,25 @@ function cmd_install() {
exit 1 exit 1
fi fi
#$ TODO
#
# Validate mainDiskID Exists # Validate mainDiskID Exists
if ! disk_id=$(nix eval --raw --impure \ if ! disk_id=$(nix eval --raw --impure \
".#nixosConfigurations.$name.config.mainDiskID" 2>/dev/null); then ".#nixosConfigurations.$name.config.disko.devices.disk.main.device" 2>/dev/null); then
echo "Error: mainDiskID not defined for configuration '$name'" echo "Error: mainDiskID not defined for configuration '$name'"
exit 1 exit 1
fi fi
# Remote or Local
if [ -n "$remote" ]; then
cmd_install_remote "$name" "$remote"
else
cmd_install_local "$name" "$disk_id"
fi
}
function cmd_install_local(){
local name="$1"
local disk_id="$2"
# Validate Disk Exists # Validate Disk Exists
if [ ! -e "$disk_id" ]; then if [ ! -e "$disk_id" ]; then
echo "Error: Disk $disk_id not found on system" echo "Error: Disk $disk_id not found on system"
@@ -135,6 +150,27 @@ function cmd_install() {
sudo reboot sudo reboot
} }
function cmd_install_remote(){
local name="$1"
local remote="$2"
# Prompt Install
read -p "This will completely wipe and install NixOS on $remote with configuration $name. Continue? (y/n) " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
echo "Operation Cancelled"
exit 1
fi
# Install NixOS
echo "Installing $name to remote host: $remote"
if ! nix run github:nix-community/nixos-anywhere -- --flake ".#$name" --target-host "$remote"; then
echo "Error: Remote NixOS installation failed"
exit 1
fi
echo "Successfully installed $name to remote host: $remote"
}
case "$1" in case "$1" in
image) image)
shift shift

194
flake.lock generated
View File

@@ -6,33 +6,54 @@
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"rust-overlay": "rust-overlay" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1738646032, "lastModified": 1755115705,
"narHash": "sha256-57BdBE9anNpIpf48EiTVLGxg4mOQ04XjHCEP0gLTsFA=", "narHash": "sha256-CjWlI6c1pWu+X5Qz8B6K1httNpA4eDNxf/Ozfm6Mvlw=",
"owner": "tpwrules", "owner": "tpwrules",
"repo": "nixos-apple-silicon", "repo": "nixos-apple-silicon",
"rev": "e77031211944723a38bebc043e48847c36e43668", "rev": "78b5825968dc784dae2fe71b1c76f364efe107ae",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "tpwrules", "owner": "tpwrules",
"ref": "releasep2-2024-12-25", "ref": "release-25.05",
"repo": "nixos-apple-silicon", "repo": "nixos-apple-silicon",
"type": "github" "type": "github"
} }
}, },
"darwin": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1759509947,
"narHash": "sha256-4XifSIHfpJKcCf5bZZRhj8C4aCpjNBaE3kXr02s4rHU=",
"owner": "nix-darwin",
"repo": "nix-darwin",
"rev": "000eadb231812ad6ea6aebd7526974aaf4e79355",
"type": "github"
},
"original": {
"owner": "nix-darwin",
"ref": "nix-darwin-25.05",
"repo": "nix-darwin",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
}, },
"locked": { "locked": {
"lastModified": 1743598667, "lastModified": 1762276996,
"narHash": "sha256-ViE7NoFWytYO2uJONTAX35eGsvTYXNHjWALeHAg8OQY=", "narHash": "sha256-TtcPgPmp2f0FAnc+DMEw4ardEgv1SGNR3/WFGH0N19M=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "329d3d7e8bc63dd30c39e14e6076db590a6eabe6", "rev": "af087d076d3860760b3323f6b583f4d828c1ac17",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -43,18 +64,17 @@
}, },
"firefox-addons": { "firefox-addons": {
"inputs": { "inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"dir": "pkgs/firefox-addons", "dir": "pkgs/firefox-addons",
"lastModified": 1743861198, "lastModified": 1762747412,
"narHash": "sha256-PzbPHoSI5U1juWd01Spf3ST7ylR9mQ84v5p7NksBplY=", "narHash": "sha256-E9E30aYXUvRrsBG03cDnQnjGpFgfoct55BuPpAGzfEE=",
"owner": "rycee", "owner": "rycee",
"repo": "nur-expressions", "repo": "nur-expressions",
"rev": "7408ed5bbc9009741094f4dd4cc1abec79e79e7e", "rev": "09deac38ec607361200ed0d88e77b50b00426f0f",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
@@ -66,11 +86,11 @@
}, },
"flake-compat": { "flake-compat": {
"locked": { "locked": {
"lastModified": 1688025799, "lastModified": 1746162366,
"narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=", "narHash": "sha256-5SSSZ/oQkwfcAz/o/6TlejlVGqeK08wyREBQ5qFFPhM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c", "rev": "0f158086a2ecdbb138cd0429410e44994f1b7e4b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -96,40 +116,6 @@
} }
}, },
"flake-utils": { "flake-utils": {
"locked": {
"lastModified": 1629284811,
"narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils-plus": {
"inputs": {
"flake-utils": "flake-utils_2"
},
"locked": {
"lastModified": 1715533576,
"narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
}
},
"flake-utils_2": {
"inputs": { "inputs": {
"systems": "systems" "systems": "systems"
}, },
@@ -147,6 +133,25 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils-plus": {
"inputs": {
"flake-utils": "flake-utils"
},
"locked": {
"lastModified": 1715533576,
"narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -154,16 +159,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1743808813, "lastModified": 1758463745,
"narHash": "sha256-2lDQBOmlz9ggPxcS7/GvcVdzXMIiT+PpMao6FbLJSr0=", "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "a9f8b3db211b4609ddd83683f9db89796c7f6ac6", "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-24.11", "ref": "release-25.05",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
@@ -191,11 +196,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1742568034, "lastModified": 1751903740,
"narHash": "sha256-QaMEhcnscfF2MqB7flZr+sLJMMYZPnvqO4NYf9B4G38=", "narHash": "sha256-PeSkNMvkpEvts+9DjFiop1iT2JuBpyknmBUs0Un0a4I=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-generators", "repo": "nixos-generators",
"rev": "42ee229088490e3777ed7d1162cb9e9d8c3dbb11", "rev": "032decf9db65efed428afd2fa39d80f7089085eb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -206,11 +211,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1743259260, "lastModified": 1752596105,
"narHash": "sha256-ArWLUgRm1tKHiqlhnymyVqi5kLNCK5ghvm06mfCl4QY=", "narHash": "sha256-lFNVsu/mHLq3q11MuGkMhUUoSXEdQjCHvpReaGP1S2k=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "eb0e0f21f15c559d2ac7633dc81d079d1caf5f5f", "rev": "dab3a6e781554f965bde3def0aa2fda4eb8f1708",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -220,18 +225,34 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1743813633, "lastModified": 1762596750,
"narHash": "sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p+jElwxaM=", "narHash": "sha256-rXXuz51Bq7DHBlfIjN7jO8Bu3du5TV+3DSADBX7/9YQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7819a0d29d1dd2bc331bec4b327f0776359b1fa6", "rev": "b6a8526db03f735b89dd5ff348f53f752e7ddc8e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-24.11", "ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1762756533,
"narHash": "sha256-HiRDeUOD1VLklHeOmaKDzf+8Hb7vSWPVFcWwaTrpm+U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c2448301fb856e351aab33e64c33a3fc8bcf637d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@@ -239,31 +260,17 @@
"root": { "root": {
"inputs": { "inputs": {
"apple-silicon": "apple-silicon", "apple-silicon": "apple-silicon",
"darwin": "darwin",
"disko": "disko", "disko": "disko",
"firefox-addons": "firefox-addons", "firefox-addons": "firefox-addons",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"snowfall-lib": "snowfall-lib", "snowfall-lib": "snowfall-lib",
"sops-nix": "sops-nix" "sops-nix": "sops-nix"
} }
}, },
"rust-overlay": {
"flake": false,
"locked": {
"lastModified": 1686795910,
"narHash": "sha256-jDa40qRZ0GRQtP9EMZdf+uCbvzuLnJglTUI2JoHfWDc=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "5c2b97c0a9bc5217fc3dfb1555aae0fb756d99f9",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"snowfall-lib": { "snowfall-lib": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_2",
@@ -293,11 +300,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1743910657, "lastModified": 1762659808,
"narHash": "sha256-zr2jmWeWyhCD8WmO2aWov2g0WPPuZfcJDKzMJZYGq3Y=", "narHash": "sha256-2Kv2mANf+FRisqhpfeZ8j9firBxb23ZvEXwdcunbpGI=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "523f58a4faff6c67f5f685bed33a7721e984c304", "rev": "524312bc62e3f34bd9231a2f66622663d3355133",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -320,6 +327,27 @@
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"apple-silicon",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754492133,
"narHash": "sha256-B+3g9+76KlGe34Yk9za8AF3RL+lnbHXkLiVHLjYVOAc=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "1298185c05a56bff66383a20be0b41a307f52228",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

21
flake.nix
View File

@@ -2,18 +2,19 @@
description = "NixOS Hosts"; description = "NixOS Hosts";
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
disko.url = "github:nix-community/disko"; disko.url = "github:nix-community/disko";
snowfall-lib = { snowfall-lib = {
url = "github:snowfallorg/lib"; url = "github:snowfallorg/lib";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-24.11"; url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
apple-silicon = { apple-silicon = {
url = "github:tpwrules/nixos-apple-silicon/releasep2-2024-12-25"; url = "github:tpwrules/nixos-apple-silicon/release-25.05";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixos-generators = { nixos-generators = {
@@ -28,6 +29,10 @@
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
darwin = {
url = "github:nix-darwin/nix-darwin/nix-darwin-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = inputs: outputs = inputs:
@@ -50,6 +55,12 @@
]; ];
}; };
outputs-builder = channels: {
devShells = {
default = import ./shells/default/default.nix { pkgs = channels.nixpkgs; };
};
};
homes.modules = with inputs; [ homes.modules = with inputs; [
sops-nix.homeManagerModules.sops sops-nix.homeManagerModules.sops
]; ];
@@ -59,6 +70,10 @@
disko.nixosModules.disko disko.nixosModules.disko
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
]; ];
darwin = with inputs; [
home-manager.darwinModules.home-manager
sops-nix.darwinModules.sops
];
}; };
}; };
} }

40
homes/aarch64-darwin/evanreichard@MBP-Personal/README.md
View File

@@ -1,40 +0,0 @@
# Nix Home Manager Configuration
## Upgrade
```bash
# Update System Channels
sudo nix-channel --add https://nixos.org/channels/nixpkgs-24.11-darwin nixpkgs
sudo nix-channel --update
# Update Home Manager
nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz home-manager
nix-channel --update
# Link Repo
ln -s /Users/evanreichard/Development/git/personal/nix/home-manager ~/.config/home-manager
# Build Home Manager
home-manager switch
```
## Clean Garbage
NOTE: This will remove previous generations
```bash
sudo nix-collect-garbage --delete-old
nix-collect-garbage --delete-old
```
## OS Update
`/etc/bashrc` may get overridden. To properly load Nix, prepend the following:
```bash
# Nix
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# End Nix
```

59
homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/default.nix Executable file
View File

@@ -0,0 +1,59 @@
{ lib, pkgs, config, namespace, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "25.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
# TODO
# sops = {
# enable = true;
# defaultSopsFile = lib.snowfall.fs.get-file "secrets/mac-va-mbp-personal/evanreichard/default.yaml";
# sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
# };
};
programs = {
graphical = {
ghostty = enabled;
ghidra = enabled;
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
};
};
};
# Global Packages
# programs.jq = enabled;
# programs.pandoc = enabled;
# home.packages = with pkgs; [
# android-tools
# imagemagick
# mosh
# python311
# texliveSmall # Pandoc PDF Dep
# google-cloud-sdk
# tldr
# ];
home.packages = with pkgs; [ fastfetch ];
# SQLite Configuration
home.file.".sqliterc".text = ''
.headers on
.mode column
'';
}

13
homes/aarch64-darwin/evanreichard@MBP-Work/default.nix → homes/aarch64-darwin/evanreichard@mac-va-mbp-work/default.nix
View File

@@ -3,6 +3,8 @@ let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "25.05";
reichard = { reichard = {
user = { user = {
enable = true; enable = true;
@@ -10,7 +12,12 @@ in
}; };
services = { services = {
ssh-agent = enabled; # TODO
# sops = {
# enable = true;
# defaultSopsFile = lib.snowfall.fs.get-file "secrets/mac-va-mbp-work/evanreichard/default.yaml";
# sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
# };
}; };
programs = { programs = {
@@ -36,7 +43,7 @@ in
android-tools android-tools
imagemagick imagemagick
mosh mosh
python311 python312
texliveSmall # Pandoc PDF Dep texliveSmall # Pandoc PDF Dep
google-cloud-sdk google-cloud-sdk
tldr tldr
@@ -47,6 +54,4 @@ in
.headers on .headers on
.mode column .mode column
''; '';
home.stateVersion = "24.11";
} }

103
homes/aarch64-linux/evanreichard@lin-va-mbp-personal/default.nix Executable file
View File

@@ -0,0 +1,103 @@
{ pkgs, lib, config, namespace, osConfig, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "25.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
fusuma = enabled;
swww = enabled;
sops = {
enable = true;
defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
};
};
programs = {
graphical = {
wms.hyprland = {
enable = true;
monitors = [
",highres,auto,2" # Optional - 1.68
];
};
ghostty = enabled;
ghidra = enabled;
browsers.firefox = {
enable = true;
gpuAcceleration = true;
hardwareDecoding = true;
};
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
};
};
};
# home.packages = with pkgs; [
# catppuccin-gtk
# ];
dconf = {
settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
cursor-theme = "catppuccin-macchiato-mauve-cursors";
cursor-size = 24;
# enable-hot-corners = false;
# font-name = osConfig.${namespace}.system.fonts.default;
# gtk-theme = cfg.theme.name;
# icon-theme = cfg.icon.name;
};
};
};
home.pointerCursor = {
gtk.enable = true;
name = "catppuccin-macchiato-mauve-cursors";
package = pkgs.catppuccin-cursors.macchiatoMauve;
size = 24;
};
# Kubernetes Secrets
sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable {
rke2_kubeconfig = {
path = "${config.home.homeDirectory}/.kube/rke2";
};
};
# Global Packages
# programs.jq = enabled;
# programs.pandoc = enabled;
# home.packages = with pkgs; [
# android-tools
# imagemagick
# mosh
# python311
# texliveSmall # Pandoc PDF Dep
# google-cloud-sdk
# tldr
# ];
# SQLite Configuration
home.file.".sqliterc".text = ''
.headers on
.mode column
'';
}

40
homes/aarch64-linux/evanreichard@mbp-nixos/README.md
View File

@@ -1,40 +0,0 @@
# Nix Home Manager Configuration
## Upgrade
```bash
# Update System Channels
sudo nix-channel --add https://nixos.org/channels/nixpkgs-24.11-darwin nixpkgs
sudo nix-channel --update
# Update Home Manager
nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz home-manager
nix-channel --update
# Link Repo
ln -s /Users/evanreichard/Development/git/personal/nix/home-manager ~/.config/home-manager
# Build Home Manager
home-manager switch
```
## Clean Garbage
NOTE: This will remove previous generations
```bash
sudo nix-collect-garbage --delete-old
nix-collect-garbage --delete-old
```
## OS Update
`/etc/bashrc` may get overridden. To properly load Nix, prepend the following:
```bash
# Nix
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# End Nix
```

25
homes/aarch64-darwin/evanreichard@MBP-Personal/default.nix → homes/x86_64-linux/evanreichard@lin-va-terminal/default.nix
View File

@@ -1,8 +1,10 @@
{ pkgs, lib, config, namespace, ... }: { lib, config, namespace, ... }:
let let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "25.05";
reichard = { reichard = {
user = { user = {
enable = true; enable = true;
@@ -14,11 +16,9 @@ in
}; };
programs = { programs = {
graphical = {
ghostty = enabled;
};
terminal = { terminal = {
bash = enabled;
tmux = enabled;
btop = enabled; btop = enabled;
direnv = enabled; direnv = enabled;
git = enabled; git = enabled;
@@ -28,24 +28,9 @@ in
}; };
}; };
# Global Packages
programs.jq = enabled;
programs.pandoc = enabled;
home.packages = with pkgs; [
android-tools
imagemagick
mosh
python311
texliveSmall # Pandoc PDF Dep
google-cloud-sdk
tldr
];
# SQLite Configuration # SQLite Configuration
home.file.".sqliterc".text = '' home.file.".sqliterc".text = ''
.headers on .headers on
.mode column .mode column
''; '';
home.stateVersion = "24.11";
} }

90
homes/x86_64-linux/evanreichard@lin-va-thinkpad/default.nix Executable file
View File

@@ -0,0 +1,90 @@
{ pkgs, lib, config, namespace, osConfig, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "25.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
fusuma = enabled;
swww = enabled;
poweralertd = enabled;
sops = {
enable = true;
defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
};
};
programs = {
graphical = {
wms.hyprland = enabled;
ghostty = enabled;
strawberry = enabled;
gimp = enabled;
wireshark = enabled;
ghidra = enabled;
remmina = enabled;
browsers.firefox = {
enable = true;
gpuAcceleration = true;
hardwareDecoding = true;
};
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
};
};
};
home.packages = with pkgs; [
jellyfin-media-player
];
dconf = {
settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
cursor-theme = "catppuccin-macchiato-mauve-cursors";
cursor-size = 24;
# enable-hot-corners = false;
# font-name = osConfig.${namespace}.system.fonts.default;
# gtk-theme = cfg.theme.name;
# icon-theme = cfg.icon.name;
};
};
};
home.pointerCursor = {
gtk.enable = true;
name = "catppuccin-macchiato-mauve-cursors";
package = pkgs.catppuccin-cursors.macchiatoMauve;
size = 24;
};
# Kubernetes Secrets
sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable {
rke2_kubeconfig = {
path = "${config.home.homeDirectory}/.kube/rke2";
};
};
# SQLite Configuration
home.file.".sqliterc".text = ''
.headers on
.mode column
'';
}

34
homes/aarch64-linux/evanreichard@mbp-nixos/default.nix → homes/x86_64-linux/evanreichard@lin-va-utility/default.nix
View File

@@ -1,8 +1,10 @@
{ lib, config, namespace, osConfig, ... }: { pkgs, lib, config, namespace, osConfig, ... }:
let let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "24.11";
reichard = { reichard = {
user = { user = {
enable = true; enable = true;
@@ -11,6 +13,8 @@ in
services = { services = {
ssh-agent = enabled; ssh-agent = enabled;
fusuma = enabled;
swww = enabled;
sops = { sops = {
enable = true; enable = true;
defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml"; defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
@@ -40,6 +44,32 @@ in
}; };
}; };
# home.packages = with pkgs; [
# catppuccin-gtk
# ];
dconf = {
settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
cursor-theme = "catppuccin-macchiato-mauve-cursors";
cursor-size = 24;
# enable-hot-corners = false;
# font-name = osConfig.${namespace}.system.fonts.default;
# gtk-theme = cfg.theme.name;
# icon-theme = cfg.icon.name;
};
};
};
home.pointerCursor = {
gtk.enable = true;
name = "catppuccin-macchiato-mauve-cursors";
package = pkgs.catppuccin-cursors.macchiatoMauve;
size = 24;
};
# Kubernetes Secrets # Kubernetes Secrets
sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable { sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable {
rke2_kubeconfig = { rke2_kubeconfig = {
@@ -65,6 +95,4 @@ in
.headers on .headers on
.mode column .mode column
''; '';
home.stateVersion = "24.11";
} }

8
modules/darwin/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{
config = {
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
};
};
}

103
modules/darwin/nix/default.nix Normal file
View File

@@ -0,0 +1,103 @@
{ config, lib, pkgs, inputs, namespace, host, ... }:
let
inherit (lib) types mkIf;
inherit (lib.${namespace}) mkBoolOpt mkOpt;
cfg = config.${namespace}.nix;
in
{
options.${namespace}.nix = {
enable = mkBoolOpt true "Whether or not to manage nix configuration.";
usingDeterminate = mkBoolOpt false "Whether we're using determinate nix";
package = mkOpt types.package pkgs.nixVersions.latest "Which nix package to use.";
};
config = mkIf cfg.enable {
nix =
let
mappedRegistry = lib.pipe inputs [
(lib.filterAttrs (_: lib.isType "flake"))
(lib.mapAttrs (_: flake: { inherit flake; }))
(x: x // {
nixpkgs.flake = if pkgs.stdenv.hostPlatform.isLinux then inputs.nixpkgs else inputs.nixpkgs-unstable;
})
(x: if pkgs.stdenv.hostPlatform.isDarwin then lib.removeAttrs x [ "nixpkgs-unstable" ] else x)
];
users = [
"root"
"@wheel"
"nix-builder"
"evanreichard"
];
in
{
inherit (cfg) package;
buildMachines = lib.optional (config.${namespace}.security.sops.enable && host != "nixos-builder") {
hostName = "10.0.50.130";
systems = [ "x86_64-linux" ];
sshUser = "evanreichard";
protocol = "ssh";
sshKey = config.sops.secrets.builder_ssh_key.path;
supportedFeatures = [
"benchmark"
"big-parallel"
"nixos-test"
"kvm"
];
};
checkConfig = true;
distributedBuilds = true;
optimise.automatic = !cfg.usingDeterminate;
registry = lib.mkForce mappedRegistry;
gc = {
automatic = !cfg.usingDeterminate;
options = "--delete-older-than 7d";
};
settings = {
connect-timeout = 5;
allowed-users = users;
max-jobs = "auto";
auto-optimise-store = pkgs.stdenv.hostPlatform.isLinux;
builders-use-substitutes = true;
experimental-features = [
"nix-command"
"flakes "
];
flake-registry = "/etc/nix/registry.json";
http-connections = 50;
keep-derivations = true;
keep-going = true;
keep-outputs = true;
log-lines = 50;
sandbox = true;
trusted-users = users;
warn-dirty = false;
use-xdg-base-directories = true;
substituters = [
"https://anyrun.cachix.org"
"https://cache.nixos.org"
"https://hyprland.cachix.org"
"https://nix-community.cachix.org"
"https://nixpkgs-unfree.cachix.org"
"https://nixpkgs-wayland.cachix.org"
"https://numtide.cachix.org"
];
trusted-public-keys = [
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
"numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
];
};
};
};
}

31
modules/darwin/security/sops/default.nix Normal file
View File

@@ -0,0 +1,31 @@
{ config, lib, namespace, ... }:
let
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.security.sops;
in
{
options.${namespace}.security.sops = {
enable = lib.mkEnableOption "sops";
defaultSopsFile = mkOpt lib.types.path null "Default sops file.";
sshKeyPaths = mkOpt (with lib.types; listOf path) [
"/etc/ssh/ssh_host_ed25519_key"
] "SSH Key paths to use.";
};
config = lib.mkIf cfg.enable {
sops = {
inherit (cfg) defaultSopsFile;
age = {
inherit (cfg) sshKeyPaths;
keyFile = "${config.users.users.${config.${namespace}.user.name}.home}/.config/sops/age/keys.txt";
};
};
sops.secrets.builder_ssh_key = {
sopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
};
};
}

20
modules/darwin/services/openssh/default.nix Normal file
View File

@@ -0,0 +1,20 @@
{ config, namespace, lib, ... }:
let
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.security.sops;
in
{
options.${namespace}.services.openssh = with lib.types; {
enable = lib.mkEnableOption "OpenSSH support";
authorizedKeys = mkOpt (listOf str) [ ] "The public keys to apply.";
extraConfig = mkOpt str "" "Extra configuration to apply.";
port = mkOpt port 2222 "The port to listen on (in addition to 22).";
};
config = lib.mkIf cfg.enable {
services.openssh = {
enable = true;
};
};
}

23
modules/darwin/user/default.nix Normal file
View File

@@ -0,0 +1,23 @@
{ config, lib, namespace, pkgs, ... }:
let
inherit (lib) types mkIf;
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.user;
in
{
options.${namespace}.user = with types; {
name = mkOpt str "evanreichard" "The name to use for the user account.";
email = mkOpt str "evan@reichard.io" "The email of the user.";
fullName = mkOpt str "Evan Reichard" "The full name of the user.";
uid = mkOpt (types.nullOr types.int) 501 "The uid for the user account.";
};
config = {
users.users.${cfg.name} = {
uid = mkIf (cfg.uid != null) cfg.uid;
shell = pkgs.bashInteractive;
home = "/Users/${cfg.name}";
};
};
}

16
modules/home/programs/graphical/browsers/firefox/default.nix
View File

@@ -38,6 +38,12 @@ in
ExtensionRecommendations = false; ExtensionRecommendations = false;
SkipOnboarding = true; SkipOnboarding = true;
}; };
GenerativeAI = {
Chatbot = false;
LinkPreviews = false;
TabGroups = false;
Locked = false;
};
ExtensionSettings = { ExtensionSettings = {
# Block All # Block All
# "*".installation_mode = "blocked"; # "*".installation_mode = "blocked";
@@ -47,19 +53,13 @@ in
install_url = "https://gitflic.ru/project/magnolia1234/bpc_uploads/blob/raw?file=bypass_paywalls_clean-latest.xpi"; install_url = "https://gitflic.ru/project/magnolia1234/bpc_uploads/blob/raw?file=bypass_paywalls_clean-latest.xpi";
installation_mode = "force_installed"; installation_mode = "force_installed";
}; };
# Ctrl+Number Tabs
"{84601290-bec9-494a-b11c-1baa897a9683}" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ctrl-number-to-switch-tabs/latest.xpi";
installation_mode = "force_installed";
};
}; };
Preferences = { }; Preferences = { };
} "Policies to apply to firefox"; } "Policies to apply to firefox";
settings = mkOpt attrs { } "Settings to apply to the profile."; settings = mkOpt attrs { } "Settings to apply to the profile.";
extensions = mkOpt (with lib.types; listOf package) extensions.packages = mkOpt (with lib.types; listOf package)
(with pkgs.firefox-addons; [ (with pkgs.firefox-addons; [
bitwarden bitwarden
darkreader darkreader
@@ -91,9 +91,11 @@ in
"browser.aboutConfig.showWarning" = false; "browser.aboutConfig.showWarning" = false;
"browser.aboutwelcome.enabled" = false; "browser.aboutwelcome.enabled" = false;
"browser.sessionstore.warnOnQuit" = true; "browser.sessionstore.warnOnQuit" = true;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.shell.checkDefaultBrowser" = false; "browser.shell.checkDefaultBrowser" = false;
"general.smoothScroll.msdPhysics.enabled" = true; "general.smoothScroll.msdPhysics.enabled" = true;
"intl.accept_languages" = "en-US,en"; "intl.accept_languages" = "en-US,en";
"ui.key.accelKey" = "224";
# "devtools.chrome.enabled" = true; # "devtools.chrome.enabled" = true;
# "xpinstall.signatures.required" = false; # "xpinstall.signatures.required" = false;

23
modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-macchiato.conf Normal file
View File

@@ -0,0 +1,23 @@
# https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-macchiato.conf
palette = 0=#494d64
palette = 1=#ed8796
palette = 2=#a6da95
palette = 3=#eed49f
palette = 4=#8aadf4
palette = 5=#f5bde6
palette = 6=#8bd5ca
palette = 7=#b8c0e0
palette = 8=#5b6078
palette = 9=#ed8796
palette = 10=#a6da95
palette = 11=#eed49f
palette = 12=#8aadf4
palette = 13=#f5bde6
palette = 14=#8bd5ca
palette = 15=#a5adcb
background = 24273a
foreground = cad3f5
cursor-color = f4dbd6
cursor-text = 24273a
selection-background = 3a3e53
selection-foreground = cad3f5

23
modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-mocha.conf Normal file
View File

@@ -0,0 +1,23 @@
# https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-mocha.conf
palette = 0=#45475a
palette = 1=#f38ba8
palette = 2=#a6e3a1
palette = 3=#f9e2af
palette = 4=#89b4fa
palette = 5=#f5c2e7
palette = 6=#94e2d5
palette = 7=#bac2de
palette = 8=#585b70
palette = 9=#f38ba8
palette = 10=#a6e3a1
palette = 11=#f9e2af
palette = 12=#89b4fa
palette = 13=#f5c2e7
palette = 14=#94e2d5
palette = 15=#a6adc8
background = 1e1e2e
foreground = cdd6f4
cursor-color = f5e0dc
cursor-text = 1e1e2e
selection-background = 353749
selection-foreground = cdd6f4

21
modules/home/programs/graphical/ghostty/config/ghostty-melange-dark.conf Normal file
View File

@@ -0,0 +1,21 @@
# Melange Dark - Adapted From: https://github.com/savq/melange-nvim/blob/master/term/kitty/melange_dark.conf
palette = 0=#34302C
palette = 1=#BD8183
palette = 2=#78997A
palette = 3=#E49B5D
palette = 4=#7F91B2
palette = 5=#B380B0
palette = 6=#7B9695
palette = 7=#C1A78E
palette = 8=#867462
palette = 9=#D47766
palette = 10=#85B695
palette = 11=#EBC06D
palette = 12=#A3A9CE
palette = 13=#CF9BC2
palette = 14=#89B3B6
palette = 15=#ECE1D7
background = 292522
foreground = ECE1D7
selection-background = 403A36
selection-foreground = ECE1D7

87
modules/home/programs/graphical/ghostty/config/ghostty.conf
View File

@@ -5,49 +5,54 @@ font-family = "MesloLGM Nerd Font Mono"
confirm-close-surface = true confirm-close-surface = true
# Keybindings - Tabs & Splits # Keybindings - Tabs & Splits
keybind = ctrl+t=new_tab keybind = cmd+t=new_tab
keybind = ctrl+w=close_surface keybind = cmd+w=close_surface
keybind = ctrl+d=new_split:right keybind = cmd+d=new_split:right
keybind = ctrl+shift+d=new_split:down keybind = cmd+shift+d=new_split:down
keybind = ctrl+enter=toggle_split_zoom keybind = cmd+shift+enter=toggle_split_zoom
# Keybindings - Navigation - Splits # Keybindings - Navigation - Splits
keybind = ctrl+left=goto_split:left keybind = cmd+left=goto_split:left
keybind = ctrl+right=goto_split:right keybind = cmd+right=goto_split:right
keybind = ctrl+up=goto_split:up keybind = cmd+up=goto_split:up
keybind = ctrl+down=goto_split:down keybind = cmd+down=goto_split:down
keybind = ctrl+]=next_tab keybind = cmd+]=goto_split:next
keybind = ctrl+[=previous_tab keybind = cmd+[=goto_split:previous
# Keybindings - Navigation - Tabs # Keybindings - Navigation - Tabs
keybind = ctrl+1=goto_tab:1 keybind = cmd+1=goto_tab:1
keybind = ctrl+2=goto_tab:2 keybind = cmd+2=goto_tab:2
keybind = ctrl+3=goto_tab:3 keybind = cmd+3=goto_tab:3
keybind = ctrl+4=goto_tab:4 keybind = cmd+4=goto_tab:4
keybind = ctrl+5=goto_tab:5 keybind = cmd+5=goto_tab:5
keybind = ctrl+6=goto_tab:6 keybind = cmd+6=goto_tab:6
keybind = ctrl+7=goto_tab:7 keybind = cmd+7=goto_tab:7
keybind = ctrl+8=goto_tab:8 keybind = cmd+8=goto_tab:8
keybind = ctrl+9=goto_tab:9 keybind = cmd+9=goto_tab:9
# Melange Dark - Adapted From: https://github.com/savq/melange-nvim/blob/master/term/kitty/melange_dark.conf keybind = performable:cmd+c=copy_to_clipboard
palette = 0=#34302C keybind = performable:cmd+v=paste_from_clipboard
palette = 1=#BD8183
palette = 2=#78997A # https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-mocha.conf
palette = 3=#E49B5D palette = 0=#45475a
palette = 4=#7F91B2 palette = 1=#f38ba8
palette = 5=#B380B0 palette = 2=#a6e3a1
palette = 6=#7B9695 palette = 3=#f9e2af
palette = 7=#C1A78E palette = 4=#89b4fa
palette = 8=#867462 palette = 5=#f5c2e7
palette = 9=#D47766 palette = 6=#94e2d5
palette = 10=#85B695 palette = 7=#bac2de
palette = 11=#EBC06D palette = 8=#585b70
palette = 12=#A3A9CE palette = 9=#f38ba8
palette = 13=#CF9BC2 palette = 10=#a6e3a1
palette = 14=#89B3B6 palette = 11=#f9e2af
palette = 15=#ECE1D7 palette = 12=#89b4fa
background = 292522 palette = 13=#f5c2e7
foreground = ECE1D7 palette = 14=#94e2d5
selection-background = 403A36 palette = 15=#a6adc8
selection-foreground = ECE1D7 background = 1e1e2e
foreground = cdd6f4
cursor-color = f5e0dc
cursor-text = 1e1e2e
selection-background = 353749
selection-foreground = cdd6f4

55
modules/home/programs/graphical/ghostty/default.nix
View File

@@ -10,60 +10,14 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.bash = { # Enable Bash
enable = true; ${namespace}.programs.terminal.bash.enable = true;
shellAliases = {
grep = "grep --color";
ssh = "TERM=xterm-256color ssh";
flush_dns = "sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder";
};
profileExtra = ''
SHELL="$BASH"
PATH=~/.bin:$PATH
VISUAL=vim
EDITOR="$VISUAL"
eval "$(thefuck --alias)"
set -o vi || true
bind "set show-mode-in-prompt on"
fastfetch
'';
};
programs.powerline-go = { # Pending Darwin @ https://github.com/NixOS/nixpkgs/pull/369788
enable = true; home.packages = with pkgs; optionals isLinux [
settings = {
git-mode = "compact";
theme = "gruvbox";
};
modules = [
"host"
"cwd"
"git"
"docker"
"venv"
];
};
programs.readline = {
enable = true;
extraConfig = ''
# Approximate VIM Dracula Colors
set vi-ins-mode-string \1\e[01;38;5;23;48;5;231m\2 I \1\e[38;5;231;48;5;238m\2\1\e[0m\2
set vi-cmd-mode-string \1\e[01;38;5;22;48;5;148m\2 C \1\e[38;5;148;48;5;238m\2\1\e[0m\2
'';
};
home.packages = with pkgs; [
thefuck
fastfetch
bashInteractive
(nerdfonts.override { fonts = [ "Meslo" ]; })
] ++ optionals isLinux [
# Pending Darwin @ https://github.com/NixOS/nixpkgs/pull/369788
ghostty ghostty
]; ];
home.file.".config/fastfetch/config.jsonc".text = builtins.readFile ./config/fastfetch.jsonc;
home.file.".config/ghostty/config".text = home.file.".config/ghostty/config".text =
let let
bashPath = "${pkgs.bashInteractive}/bin/bash"; bashPath = "${pkgs.bashInteractive}/bin/bash";
@@ -72,6 +26,5 @@ in
[ "@BASH_PATH@" ] [ "@BASH_PATH@" ]
[ bashPath ] [ bashPath ]
(builtins.readFile ./config/ghostty.conf); (builtins.readFile ./config/ghostty.conf);
}; };
} }

17
modules/home/programs/graphical/gimp/default.nix Executable file
View File

@@ -0,0 +1,17 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.gimp;
in
{
options.${namespace}.programs.graphical.gimp = {
enable = mkEnableOption "GIMP";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
gimp-with-plugins
];
};
}

17
modules/home/programs/graphical/remmina/default.nix Executable file
View File

@@ -0,0 +1,17 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.remmina;
in
{
options.${namespace}.programs.graphical.remmina = {
enable = mkEnableOption "Remmina";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
remmina
];
};
}

17
modules/home/programs/graphical/strawberry/default.nix Executable file
View File

@@ -0,0 +1,17 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.strawberry;
in
{
options.${namespace}.programs.graphical.strawberry = {
enable = mkEnableOption "Enable Strawberry";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
strawberry
libgpod
];
};
}

17
modules/home/programs/graphical/wireshark/default.nix Executable file
View File

@@ -0,0 +1,17 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.wireshark;
in
{
options.${namespace}.programs.graphical.wireshark = {
enable = mkEnableOption "Wireshark";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
wireshark
];
};
}

143
modules/home/programs/graphical/wms/hyprland/config/hyprland.conf
View File

@@ -1,52 +1,7 @@
################ exec-once = uwsm app -- waybar
### MONITORS ### exec-once = uwsm app -- $terminal
################ exec-once = uwsm app -- firefox
# See https://wiki.hyprland.org/Configuring/Monitors/
monitor=,highres,auto,1.68 # 2
debug:disable_scale_checks = true
###################
### MY PROGRAMS ###
###################
# See https://wiki.hyprland.org/Configuring/Keywords/
# Set programs that you use
$terminal = ghostty
$fileManager = dolphin
$menu = wofi --show drun
#################
### AUTOSTART ###
#################
# Autostart necessary processes (like notifications daemons, status bars, etc.)
# Or execute your favorite apps at launch like this:
# exec-once = $terminal
# exec-once = nm-applet &
exec-once = waybar & $terminal & firefox
#############################
### ENVIRONMENT VARIABLES ###
#############################
# See https://wiki.hyprland.org/Configuring/Environment-variables/
env = XCURSOR_SIZE,24
env = HYPRCURSOR_SIZE,24
#####################
### LOOK AND FEEL ###
#####################
# Refer to https://wiki.hyprland.org/Configuring/Variables/
# https://wiki.hyprland.org/Configuring/Variables/#general
general { general {
gaps_in = 5 gaps_in = 5
gaps_out = 12 gaps_out = 12
@@ -160,13 +115,14 @@ input {
follow_mouse = 1 follow_mouse = 1
sensitivity = 0 # -1.0 - 1.0, 0 means no modification. sensitivity = 0.0 # -1.0 - 1.0, 0 means no modification.
touchpad { touchpad {
scroll_factor = 0.2 scroll_factor = 0.5
disable_while_typing = true disable_while_typing = true
natural_scroll = true natural_scroll = true
clickfinger_behavior = true clickfinger_behavior = true
tap-to-click = false
} }
} }
@@ -177,86 +133,11 @@ gestures {
workspace_swipe_invert = true workspace_swipe_invert = true
} }
# Example per-device config # Thinkpad Trackpoint
# See https://wiki.hyprland.org/Configuring/Keywords/#per-device-input-configs for more device {
# device { name = tpps/2-elan-trackpoint
# name = epic-mouse-v1 sensitivity = -0.3
# sensitivity = -0.5 }
# }
###################
### KEYBINDINGS ###
###################
# See https://wiki.hyprland.org/Configuring/Keywords/
$mainMod = SUPER # Sets "Windows" key as main modifier
# Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more
bind = $mainMod, Q, exec, $terminal
bind = $mainMod, W, killactive,
bind = $mainMod, M, exit,
bind = $mainMod, E, exec, $fileManager
bind = $mainMod, V, togglefloating,
bind = $mainMod, SPACE, exec, $menu
bind = $mainMod, P, pseudo, # dwindle
bind = $mainMod, J, togglesplit, # dwindle
# Move focus with mainMod + arrow keys
bind = $mainMod, left, movefocus, l
bind = $mainMod, right, movefocus, r
bind = $mainMod, up, movefocus, u
bind = $mainMod, down, movefocus, d
# Switch workspaces with mainMod + [0-9]
bind = $mainMod, 1, workspace, 1
bind = $mainMod, 2, workspace, 2
bind = $mainMod, 3, workspace, 3
bind = $mainMod, 4, workspace, 4
bind = $mainMod, 5, workspace, 5
bind = $mainMod, 6, workspace, 6
bind = $mainMod, 7, workspace, 7
bind = $mainMod, 8, workspace, 8
bind = $mainMod, 9, workspace, 9
bind = $mainMod, 0, workspace, 10
# Move active window to a workspace with mainMod + SHIFT + [0-9]
bind = $mainMod SHIFT, 1, movetoworkspace, 1
bind = $mainMod SHIFT, 2, movetoworkspace, 2
bind = $mainMod SHIFT, 3, movetoworkspace, 3
bind = $mainMod SHIFT, 4, movetoworkspace, 4
bind = $mainMod SHIFT, 5, movetoworkspace, 5
bind = $mainMod SHIFT, 6, movetoworkspace, 6
bind = $mainMod SHIFT, 7, movetoworkspace, 7
bind = $mainMod SHIFT, 8, movetoworkspace, 8
bind = $mainMod SHIFT, 9, movetoworkspace, 9
bind = $mainMod SHIFT, 0, movetoworkspace, 10
# Example special workspace (scratchpad)
bind = $mainMod, S, togglespecialworkspace, magic
bind = $mainMod SHIFT, S, movetoworkspace, special:magic
# Scroll through existing workspaces with mainMod + scroll
bind = $mainMod, mouse_down, workspace, e+1
bind = $mainMod, mouse_up, workspace, e-1
# Move/resize windows with mainMod + LMB/RMB and dragging
bindm = $mainMod, mouse:272, movewindow
bindm = $mainMod, mouse:273, resizewindow
# Laptop multimedia keys for volume and LCD brightness
bindel = ,XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+
bindel = ,XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-
bindel = ,XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle
bindel = ,XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle
bindel = ,XF86MonBrightnessUp, exec, brightnessctl s 10%+
bindel = ,XF86MonBrightnessDown, exec, brightnessctl s 10%-
# Requires playerctl
bindl = , XF86AudioNext, exec, playerctl next
bindl = , XF86AudioPause, exec, playerctl play-pause
bindl = , XF86AudioPlay, exec, playerctl play-pause
bindl = , XF86AudioPrev, exec, playerctl previous
############################## ##############################
### WINDOWS AND WORKSPACES ### ### WINDOWS AND WORKSPACES ###

23
modules/home/programs/graphical/wms/hyprland/config/waybar-style.css
View File

@@ -48,6 +48,7 @@
/* Node Styles */ /* Node Styles */
#workspaces, #workspaces,
#window, #window,
#tray,
#cpu, #cpu,
#memory, #memory,
#pulseaudio, #pulseaudio,
@@ -60,11 +61,6 @@
background-color: @surface0; background-color: @surface0;
} }
#workspaces {
padding: 0px;
margin-left: 1rem;
}
#workspaces button { #workspaces button {
color: @lavender; color: @lavender;
border-radius: 1rem; border-radius: 1rem;
@@ -117,15 +113,11 @@
color: @red; color: @red;
} }
#clock {
color: @blue;
margin-right: 1rem;
}
/* Left Border Radius */ /* Left Border Radius */
#clock, #clock,
#network, #network,
#cpu, #cpu,
#tray,
#workspaces { #workspaces {
margin-left: 0.5rem; margin-left: 0.5rem;
border-top-left-radius: 1rem; border-top-left-radius: 1rem;
@@ -135,9 +127,20 @@
/* Right Border Radius */ /* Right Border Radius */
#pulseaudio, #pulseaudio,
#clock, #clock,
#tray,
#battery, #battery,
#workspaces { #workspaces {
margin-right: 0.5rem; margin-right: 0.5rem;
border-top-right-radius: 1rem; border-top-right-radius: 1rem;
border-bottom-right-radius: 1rem; border-bottom-right-radius: 1rem;
} }
#workspaces {
padding: 0px;
margin-left: 1rem;
}
#clock {
color: @blue;
margin-right: 1rem;
}

103
modules/home/programs/graphical/wms/hyprland/default.nix
View File

@@ -1,17 +1,107 @@
{ lib, pkgs, config, namespace, ... }: { lib, pkgs, config, namespace, ... }:
let let
inherit (lib) mkIf; inherit (lib) types mkIf;
inherit (lib.${namespace}) mkOpt enabled;
cfg = config.${namespace}.programs.graphical.wms.hyprland; cfg = config.${namespace}.programs.graphical.wms.hyprland;
in in
{ {
options.${namespace}.programs.graphical.wms.hyprland = { options.${namespace}.programs.graphical.wms.hyprland = {
enable = lib.mkEnableOption "Hyprland"; enable = lib.mkEnableOption "Hyprland";
mainMod = mkOpt types.str "SUPER" "Hyprland main modifier key";
monitors = mkOpt (with types; listOf str) [
", preferred, auto, 1"
] "Hyprland monitor configuration";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.swaync = enabled;
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
enable = true; enable = true;
extraConfig = builtins.readFile ./config/hyprland.conf; extraConfig = builtins.readFile ./config/hyprland.conf;
settings = {
"$mainMod" = cfg.mainMod;
"$terminal" = "ghostty";
"$menu" = "wofi --show drun";
monitor = cfg.monitors;
bind = [
# Super Bindings (macOS Transition)
"ALT_SHIFT, 1, exec, hyprshot -m output"
"ALT_SHIFT, 2, exec, hyprshot -m window"
"ALT_SHIFT, 3, exec, hyprshot -m region"
# Primary Bindings
"$mainMod, SPACE, exec, $menu"
"$mainMod, RETURN, exec, $terminal"
"$mainMod, Q, killactive"
"$mainMod, M, exit"
"$mainMod, V, togglefloating"
"$mainMod, P, pin"
"$mainMod, J, togglesplit"
"$mainMod, S, togglespecialworkspace, magic"
"$mainMod SHIFT, S, movetoworkspace, special:magic"
# Window Focus
"$mainMod, left, movefocus, l"
"$mainMod, right, movefocus, r"
"$mainMod, up, movefocus, u"
"$mainMod, down, movefocus, d"
# Workspace Switch
"$mainMod, 1, workspace, 1"
"$mainMod, 2, workspace, 2"
"$mainMod, 3, workspace, 3"
"$mainMod, 4, workspace, 4"
"$mainMod, 5, workspace, 5"
"$mainMod, 6, workspace, 6"
"$mainMod, 7, workspace, 7"
"$mainMod, 8, workspace, 8"
"$mainMod, 9, workspace, 9"
"$mainMod, 0, workspace, 10"
# Window Workspace Move
"$mainMod SHIFT, 1, movetoworkspace, 1"
"$mainMod SHIFT, 2, movetoworkspace, 2"
"$mainMod SHIFT, 3, movetoworkspace, 3"
"$mainMod SHIFT, 4, movetoworkspace, 4"
"$mainMod SHIFT, 5, movetoworkspace, 5"
"$mainMod SHIFT, 6, movetoworkspace, 6"
"$mainMod SHIFT, 7, movetoworkspace, 7"
"$mainMod SHIFT, 8, movetoworkspace, 8"
"$mainMod SHIFT, 9, movetoworkspace, 9"
"$mainMod SHIFT, 0, movetoworkspace, 10"
"$mainMod SHIFT, right, workspace, +1"
"$mainMod SHIFT, left, workspace, -1"
];
bindm = [
# Window Resizing
"$mainMod, mouse:272, movewindow"
"$mainMod, mouse:273, resizewindow"
];
bindel = [
# Multimedia & Brightness Keys
",XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+"
",XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-"
",XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
",XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"
",XF86MonBrightnessUp, exec, brightnessctl s 10%+"
",XF86MonBrightnessDown, exec, brightnessctl s 10%-"
# macOS Keyboard Brightness
"ALT, XF86MonBrightnessUp, exec, brightnessctl -d kbd_backlight s 10%+"
"ALT, XF86MonBrightnessDown, exec, brightnessctl -d kbd_backlight s 10%-"
];
bindl = [
# Player Controls
", XF86AudioNext, exec, playerctl next"
", XF86AudioPause, exec, playerctl play-pause"
", XF86AudioPlay, exec, playerctl play-pause"
", XF86AudioPrev, exec, playerctl previous"
];
};
}; };
programs.waybar = { programs.waybar = {
@@ -31,9 +121,9 @@ in
]; ];
# modules-center = [ "hyprland/window" ]; # modules-center = [ "hyprland/window" ];
modules-right = [ modules-right = [
"tray"
"cpu" "cpu"
"memory" "memory"
"tray"
"pulseaudio" "pulseaudio"
"network" "network"
"backlight" "backlight"
@@ -83,10 +173,6 @@ in
format-alt = " {used:0.1f}G"; format-alt = " {used:0.1f}G";
max-length = 10; max-length = 10;
}; };
# backlight = {
# format = "󰖨 {}%";
# device = "acpi_video0";
# };
backlight = { backlight = {
format = "{icon}"; format = "{icon}";
@@ -171,15 +257,18 @@ in
}; };
home.packages = with pkgs; [ home.packages = with pkgs; [
brightnessctl
hyprshot hyprshot
wofi wofi
wofi-emoji wofi-emoji
brightnessctl
]; ];
xdg.configFile = { xdg.configFile = {
"wofi/config".source = ./config/wofi.conf; "wofi/config".source = ./config/wofi.conf;
"wofi/style.css".source = ./config/wofi-style.css; "wofi/style.css".source = ./config/wofi-style.css;
"uwsp/env".text = ''
export XCURSOR_SIZE=64
'';
}; };
}; };
} }

3
modules/home/programs/terminal/aws/default.nix
View File

@@ -10,8 +10,9 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; [ home.packages = with pkgs; [
cw aws-sso-util
awscli2 awscli2
cw
ssm-session-manager-plugin ssm-session-manager-plugin
]; ];
}; };

3
modules/home/programs/terminal/bash/config/.gitignore vendored Executable file
View File

@@ -0,0 +1,3 @@
_scratch
.direnv
.envrc

0
modules/home/programs/graphical/ghostty/config/fastfetch.jsonc → modules/home/programs/terminal/bash/config/fastfetch.jsonc
View File

69
modules/home/programs/terminal/bash/default.nix Executable file
View File

@@ -0,0 +1,69 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf optionalAttrs;
inherit (pkgs.stdenv) isLinux;
cfg = config.${namespace}.programs.terminal.bash;
in
{
options.${namespace}.programs.terminal.bash = {
enable = lib.mkEnableOption "bash";
};
config = mkIf cfg.enable {
programs.bash = {
enable = true;
shellAliases = {
grep = "grep --color";
ssh = "TERM=xterm-256color ssh";
} // optionalAttrs isLinux {
sync-watch = "watch -d grep -e Dirty: -e Writeback: /proc/meminfo";
};
profileExtra = ''
export COLORTERM=truecolor
SHELL="$BASH"
PATH=~/.bin:$PATH
bind "set show-mode-in-prompt on"
set -o vi || true
VISUAL=vim
EDITOR="$VISUAL"
fastfetch
eval "$(thefuck --alias)"
'';
};
programs.powerline-go = {
enable = true;
settings = {
git-mode = "compact";
theme = "gruvbox";
};
modules = [
"host"
"cwd"
"git"
"docker"
"venv"
];
};
programs.readline = {
enable = true;
extraConfig = ''
# Approximate VIM Dracula Colors
set vi-ins-mode-string \1\e[01;38;5;23;48;5;231m\2 I \1\e[38;5;231;48;5;238m\2\1\e[0m\2
set vi-cmd-mode-string \1\e[01;38;5;22;48;5;148m\2 C \1\e[38;5;148;48;5;238m\2\1\e[0m\2
'';
};
home.packages = with pkgs; [
thefuck
fastfetch
bashInteractive
nerd-fonts.meslo-lg
];
home.file.".config/fastfetch/config.jsonc".text = builtins.readFile ./config/fastfetch.jsonc;
};
}

1
modules/home/programs/terminal/nvim/config/lua/avante-config.lua Executable file
View File

@@ -0,0 +1 @@
require("avante").setup()

52
modules/home/programs/terminal/nvim/config/lua/base.lua
View File

@@ -2,10 +2,14 @@
-- vim.g.nord_borders = true -- vim.g.nord_borders = true
-- vim.g.nord_contrast = true -- vim.g.nord_contrast = true
-- vim.cmd('colorscheme nord') -- vim.cmd('colorscheme nord')
vim.cmd('colorscheme melange') -- vim.cmd('colorscheme melange')
vim.cmd("colorscheme catppuccin-mocha")
-- Set User Shell
vim.o.shell = "/usr/bin/env bash"
-- Set Leader -- Set Leader
vim.keymap.set("n", "<Space>", "<Nop>", {silent = true}) vim.keymap.set("n", "<Space>", "<Nop>", { silent = true })
vim.g.mapleader = " " vim.g.mapleader = " "
-- Set Timeout -- Set Timeout
@@ -19,7 +23,7 @@ vim.g.loaded_netrwPlugin = 1
vim.opt.termguicolors = true vim.opt.termguicolors = true
-- Synchronize with system clipboard -- Synchronize with system clipboard
vim.opt.clipboard = "unnamed" vim.opt.clipboard:append("unnamedplus")
-- Always show the signcolumn -- Always show the signcolumn
vim.opt.signcolumn = "yes" vim.opt.signcolumn = "yes"
@@ -38,29 +42,31 @@ vim.opt.foldlevel = 2
-- Diagnostics Mappings -- Diagnostics Mappings
local diagnostics_active = true local diagnostics_active = true
local toggle_diagnostics = function() local toggle_diagnostics = function()
diagnostics_active = not diagnostics_active diagnostics_active = not diagnostics_active
if diagnostics_active then if diagnostics_active then
vim.diagnostic.enable() vim.diagnostic.enable()
else else
vim.diagnostic.disable() vim.diagnostic.disable()
end end
end end
local diagnostics_loclist_active = false local diagnostics_loclist_active = false
local toggle_diagnostics_loclist = function() local toggle_diagnostics_loclist = function()
diagnostics_loclist_active = not diagnostics_loclist_active diagnostics_loclist_active = not diagnostics_loclist_active
if diagnostics_loclist_active then if diagnostics_loclist_active then
vim.diagnostic.setloclist() vim.diagnostic.setloclist()
else else
vim.cmd('lclose') vim.cmd("lclose")
end end
end end
local opts = {noremap = true, silent = true} local opts = { noremap = true, silent = true }
vim.keymap.set('n', '<leader>qt', toggle_diagnostics, opts) vim.keymap.set("n", "<leader>qt", toggle_diagnostics, opts)
vim.keymap.set('n', '<leader>qN', vim.keymap.set("n", "<leader>qN", function()
function() vim.diagnostic.goto_prev({float = false}) end, opts) vim.diagnostic.goto_prev({ float = false })
vim.keymap.set('n', '<leader>qn', end, opts)
function() vim.diagnostic.goto_next({float = false}) end, opts) vim.keymap.set("n", "<leader>qn", function()
vim.keymap.set('n', '<leader>qq', toggle_diagnostics_loclist, opts) vim.diagnostic.goto_next({ float = false })
vim.keymap.set('n', '<leader>qe', vim.diagnostic.open_float, opts) end, opts)
vim.keymap.set("n", "<leader>qq", toggle_diagnostics_loclist, opts)
vim.keymap.set("n", "<leader>qe", vim.diagnostic.open_float, opts)

2
modules/home/programs/terminal/nvim/config/lua/git-ref.lua
View File

@@ -1,4 +1,4 @@
function get_git_info() local function get_git_info()
local abs_path = vim.fn.expand("%:p") local abs_path = vim.fn.expand("%:p")
local git_root = vim.fn.systemlist( local git_root = vim.fn.systemlist(
"git -C " .. vim.fn.escape(vim.fn.fnamemodify(abs_path, ":h"), " ") .. " rev-parse --show-toplevel" "git -C " .. vim.fn.escape(vim.fn.fnamemodify(abs_path, ":h"), " ") .. " rev-parse --show-toplevel"

30
modules/home/programs/terminal/nvim/config/lua/git-signs.lua
View File

@@ -1,16 +1,18 @@
require('gitsigns').setup { require("gitsigns").setup({
on_attach = function(bufnr) current_line_blame = true,
local gitsigns = require('gitsigns') current_line_blame_opts = { delay = 0 },
on_attach = function(bufnr)
local gitsigns = require("gitsigns")
local function map(mode, l, r, opts) local function map(mode, l, r, opts)
opts = opts or {} opts = opts or {}
opts.buffer = bufnr opts.buffer = bufnr
vim.keymap.set(mode, l, r, opts) vim.keymap.set(mode, l, r, opts)
end end
map('n', '<leader>gb', gitsigns.toggle_current_line_blame) map("n", "<leader>gb", gitsigns.toggle_current_line_blame)
map('n', '<leader>gB', function() map("n", "<leader>gB", function()
gitsigns.blame_line {full = true} gitsigns.blame_line({ full = true })
end) end)
end end,
} })

6
modules/home/programs/terminal/nvim/config/lua/init.lua
View File

@@ -1,23 +1,25 @@
require("base") require("base")
require("aerial-config") require("aerial-config")
require("autopairs-config") require("autopairs-config")
require("avante-config")
require("cmp-config") require("cmp-config")
require("comment-config") require("comment-config")
require("dap-config") require("dap-config")
require("diffview-config") require("diffview-config")
require("git-ref") require("git-ref")
require("git-signs") require("git-signs")
require("llm")
require("leap-config") require("leap-config")
require("llm")
require("lsp-config") require("lsp-config")
require("lsp-lines-config") require("lsp-lines-config")
require("lualine-config") require("lualine-config")
require("neotree-config") require("neotree-config")
require("noice-config") require("noice-config")
require("numb-config") require("numb-config")
require("octo-config")
require("silicon-config") require("silicon-config")
require("telescope-config") require("telescope-config")
require("toggleterm-config") require("toggleterm-config")
require("ts-config") require("ts-config")
require("which-key-config")
require("weird-chars") require("weird-chars")
require("which-key-config")

2
modules/home/programs/terminal/nvim/config/lua/llm.lua
View File

@@ -1,6 +1,6 @@
-- Configure LLama LLM -- Configure LLama LLM
vim.g.llama_config = { vim.g.llama_config = {
endpoint = "http://10.0.50.120:8080/infill", endpoint = "http://10.0.50.120:8012/infill",
api_key = "", api_key = "",
n_prefix = 256, n_prefix = 256,
n_suffix = 64, n_suffix = 64,

135
modules/home/programs/terminal/nvim/config/lua/lsp-config.lua
View File

@@ -8,22 +8,16 @@ vim.api.nvim_create_autocmd("FileType", {
end, end,
}) })
vim.filetype.add({
extension = {
templ = "templ",
},
})
------------------------------------------------------ ------------------------------------------------------
-------------------- Built-in LSP -------------------- -------------------- Built-in LSP --------------------
------------------------------------------------------ ------------------------------------------------------
local nix_vars = require("nix-vars") local nix_vars = require("nix-vars")
local nvim_lsp = require("lspconfig")
local augroup = vim.api.nvim_create_augroup("LspFormatting", { clear = false })
local on_attach = function(client, bufnr) local on_attach = function(client, bufnr)
local bufopts = { noremap = true, silent = true, buffer = bufnr } local bufopts = { noremap = true, silent = true, buffer = bufnr }
if client.supports_method("textDocument/formatting") then if client:supports_method("textDocument/formatting") then
vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr }) vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
vim.api.nvim_create_autocmd("BufWritePre", { vim.api.nvim_create_autocmd("BufWritePre", {
group = augroup, group = augroup,
@@ -71,81 +65,80 @@ local organize_go_imports = function()
end end
end end
-- Define LSP Flags & Capabilities local default_config = {
local lsp_flags = { debounce_text_changes = 150 } flags = { debounce_text_changes = 150 },
local capabilities = require("cmp_nvim_lsp").default_capabilities() capabilities = require("cmp_nvim_lsp").default_capabilities(),
on_attach = on_attach,
}
local setup_lsp = function(name, config)
local final_config = vim.tbl_deep_extend("force", default_config, config or {})
vim.lsp.config(name, final_config)
vim.lsp.enable(name)
end
-- Python LSP Configuration -- Python LSP Configuration
nvim_lsp.pyright.setup({ setup_lsp("pyright", {
on_attach = on_attach, filetypes = { "starlark", "python" },
flags = lsp_flags,
capabilities = capabilities,
}) })
-- HTML LSP Configuration -- HTML LSP Configuration
nvim_lsp.html.setup({ setup_lsp("html", {
on_attach = on_attach_no_formatting, on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.vscls .. "/bin/vscode-html-language-server", "--stdio" }, cmd = { nix_vars.vscls .. "/bin/vscode-html-language-server", "--stdio" },
filetypes = { "htm", "html" },
}) })
-- JSON LSP Configuration -- JSON LSP Configuration
nvim_lsp.jsonls.setup({ setup_lsp("jsonls", {
on_attach = on_attach_no_formatting, on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.vscls .. "/bin/vscode-html-language-server", "--stdio" }, cmd = { nix_vars.vscls .. "/bin/vscode-html-language-server", "--stdio" },
filetypes = { "json", "jsonc", "jsonl" },
}) })
-- CSS LSP Configuration -- CSS LSP Configuration
nvim_lsp.cssls.setup({ setup_lsp("cssls", {
on_attach = on_attach_no_formatting, on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.vscls .. "/bin/vscode-html-language-server", "--stdio" }, cmd = { nix_vars.vscls .. "/bin/vscode-html-language-server", "--stdio" },
filetypes = { "css" },
}) })
-- Typescript / Javascript LSP Configuration -- Typescript / Javascript LSP Configuration
nvim_lsp.ts_ls.setup({ setup_lsp("ts_ls", {
on_attach = on_attach_no_formatting, on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.tsls, "--stdio" }, cmd = { nix_vars.tsls, "--stdio" },
filetypes = { "typescript", "typescriptreact" },
}) })
-- Svelte LSP Configuration -- C LSP Configuration
nvim_lsp.svelte.setup({ setup_lsp("clangd", {
on_attach = on_attach_no_formatting, cmd = { nix_vars.clangd },
flags = lsp_flags, filetypes = { "c", "cpp", "objc", "objcpp", "cuda" },
capabilities = capabilities,
cmd = { nix_vars.sveltels, "--stdio" },
}) })
-- Lua LSP Configuration -- Lua LSP Configuration
nvim_lsp.lua_ls.setup({ setup_lsp("lua_ls", {
on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.luals }, cmd = { nix_vars.luals },
}) filetypes = { "lua" },
-- Templ LSP Configuration
nvim_lsp.templ.setup({
on_attach = on_attach,
flags = lsp_flags,
capabilities = capabilities,
}) })
-- Nix LSP Configuration -- Nix LSP Configuration
nvim_lsp.nil_ls.setup({ setup_lsp("nil_ls", {
on_attach = on_attach, filetypes = { "nix" },
flags = lsp_flags, })
capabilities = capabilities,
-- Omnisharp LSP Configuration
setup_lsp("omnisharp", {
enable_roslyn_analyzers = true,
enable_import_completion = true,
organize_imports_on_format = true,
enable_decompilation_support = true,
filetypes = { "cs", "vb", "csproj", "sln", "slnx", "props", "csx", "targets", "tproj", "slngen", "fproj" },
cmd = { nix_vars.omnisharp, "--languageserver", "--hostPID", tostring(vim.fn.getpid()) },
}) })
-- Go LSP Configuration -- Go LSP Configuration
nvim_lsp.gopls.setup({ setup_lsp("gopls", {
on_attach = function(client, bufnr) on_attach = function(client, bufnr)
on_attach(client, bufnr) on_attach(client, bufnr)
vim.api.nvim_create_autocmd("BufWritePre", { vim.api.nvim_create_autocmd("BufWritePre", {
@@ -154,9 +147,8 @@ nvim_lsp.gopls.setup({
callback = organize_go_imports, callback = organize_go_imports,
}) })
end, end,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.gopls }, cmd = { nix_vars.gopls },
filetypes = { "go" },
settings = { settings = {
gopls = { gopls = {
buildFlags = { "-tags=e2e" }, buildFlags = { "-tags=e2e" },
@@ -165,26 +157,26 @@ nvim_lsp.gopls.setup({
}) })
-- Go LSP Linting -- Go LSP Linting
nvim_lsp.golangci_lint_ls.setup({ setup_lsp("golangci_lint_ls", {
on_attach = on_attach_no_formatting, on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.golintls }, cmd = { nix_vars.golintls },
filetypes = { "go" },
init_options = { init_options = {
command = { command = {
"golangci-lint", "golangci-lint",
"run", "run",
"--out-format", "--output.json.path",
"json", "stdout",
"--show-stats=false",
"--issues-exit-code=1", "--issues-exit-code=1",
}, },
}, },
}) })
------------------------------------------------------ ------------------------------------------------------
--------------------- Null-LS LSP -------------------- --------------------- None-LS LSP --------------------
------------------------------------------------------ ------------------------------------------------------
local null_ls = require("null-ls") local none_ls = require("null-ls")
local eslintFiles = { local eslintFiles = {
".eslintrc", ".eslintrc",
@@ -201,29 +193,32 @@ local eslintFiles = {
"eslint.config.cts", "eslint.config.cts",
} }
has_eslint_in_parents = function(fname) local has_eslint_in_parents = function(fname)
root_file = nvim_lsp.util.insert_package_json(eslintFiles, "eslintConfig", fname) local root_file = require("lspconfig").util.insert_package_json(eslintFiles, "eslintConfig", fname)
return nvim_lsp.util.root_pattern(unpack(root_file))(fname) return require("lspconfig").util.root_pattern(unpack(root_file))(fname)
end end
null_ls.setup({ none_ls.setup({
sources = { sources = {
-- Prettier Formatting -- Prettier Formatting
null_ls.builtins.formatting.prettier, none_ls.builtins.formatting.prettier,
null_ls.builtins.formatting.prettier.with({ filetypes = { "template" } }), none_ls.builtins.formatting.prettier.with({ filetypes = { "template" } }),
require("none-ls.diagnostics.eslint_d").with({ require("none-ls.diagnostics.eslint_d").with({
condition = function(utils) condition = function(utils)
return has_eslint_in_parents(vim.fn.getcwd()) return has_eslint_in_parents(vim.fn.getcwd())
end, end,
}), }),
null_ls.builtins.completion.spell, none_ls.builtins.completion.spell,
null_ls.builtins.formatting.nixpkgs_fmt, none_ls.builtins.formatting.nixpkgs_fmt, -- TODO: nixd native LSP?
null_ls.builtins.formatting.stylua, none_ls.builtins.diagnostics.sqlfluff,
null_ls.builtins.diagnostics.sqlfluff, none_ls.builtins.formatting.sqlfluff,
null_ls.builtins.formatting.sqlfluff, require("none-ls.formatting.autopep8").with({
filetypes = { "starlark", "python" },
extra_args = { "--max-line-length", "100" },
}),
}, },
on_attach = function(client, bufnr) on_attach = function(client, bufnr)
if client.supports_method("textDocument/formatting") then if client:supports_method("textDocument/formatting") then
vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr }) vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
vim.api.nvim_create_autocmd("BufWritePre", { vim.api.nvim_create_autocmd("BufWritePre", {
group = augroup, group = augroup,

5
modules/home/programs/terminal/nvim/config/lua/lsp-lines-config.lua
View File

@@ -1,2 +1,5 @@
require("lsp_lines").setup() require("lsp_lines").setup()
vim.diagnostic.config({virtual_text = false}) vim.diagnostic.config({
virtual_text = false,
virtual_lines = true,
})

63
modules/home/programs/terminal/nvim/config/lua/lualine-config.lua
View File

@@ -3,23 +3,28 @@ local cached_pr_status = ""
-- Read process output -- Read process output
local function read_output(err, data) local function read_output(err, data)
if err then return end if err then
if not data then return end return
cached_pr_status = data end
if not data then
return
end
cached_pr_status = data
end end
-- Spawn process -- Spawn process
local function execute_command() local function execute_command()
local stdout = vim.loop.new_pipe(false) local stdout = vim.loop.new_pipe(false)
local spawn_opts = { local spawn_opts = {
detached = true, detached = true,
stdio = {nil, stdout, nil}, stdio = { nil, stdout, nil },
args = {"-c", "gh pr checks | awk -F'\t' '{ print $2 }'"} args = { "-c", "gh pr checks | awk -F'\t' '{ print $2 }'" },
} }
vim.loop.spawn("bash", spawn_opts, vim.loop.spawn("bash", spawn_opts, function()
function() stdout:read_start(read_output) end) stdout:read_start(read_output)
end)
end end
-- Spawn & schedule process -- Spawn & schedule process
@@ -28,22 +33,26 @@ vim.fn.timer_start(300000, execute_command)
-- Return status from cache -- Return status from cache
function pr_status() function pr_status()
--    --   
--     --    
-- --
-- PENDING COLOR - #d29922 -- PENDING COLOR - #d29922
-- PASS COLOR - #3fb950 -- PASS COLOR - #3fb950
-- FAIL COLOR - #f85149 -- FAIL COLOR - #f85149
return cached_pr_status:gsub("\n", ""):gsub("fail", ""):gsub("pass", return cached_pr_status
"") :gsub("\n", "")
:gsub("pending", ""):gsub("skipping", " "):sub(1, -2) :gsub("fail", " ")
:gsub("pass", "")
:gsub("pending", "")
:gsub("skipping", "")
:sub(1, -2)
end end
require('lualine').setup({ require("lualine").setup({
options = { options = {
theme = "gruvbox_dark" theme = "catppuccin",
-- theme = "nord" -- theme = "nord"
-- theme = "OceanicNext", -- theme = "OceanicNext",
}, },
sections = {lualine_c = {{pr_status}}} sections = { lualine_c = { { pr_status } } },
}) })

30
modules/home/programs/terminal/nvim/config/lua/octo-config.lua Normal file
View File

@@ -0,0 +1,30 @@
require("octo").setup()
vim.keymap.set("n", "<leader>rs", "<cmd>Octo review start<cr>")
vim.keymap.set("n", "<leader>rd", "<cmd>Octo review discard<cr>")
vim.keymap.set("n", "<leader>rr", "<cmd>Octo review resume<cr>")
vim.keymap.set("n", "<leader>re", "<cmd>Octo review submit<cr>")
vim.keymap.set("n", "<leader>rca", "<cmd>Octo review comments<cr>")
vim.keymap.set("n", "<leader>rcs", "<cmd>Octo comment suggest<cr>")
vim.keymap.set("n", "<leader>rcc", "<cmd>Octo comment add<cr>")
vim.keymap.set("n", "<leader>rcr", "<cmd>Octo comment reply<cr>")
vim.keymap.set("n", "<leader>pd", "<cmd>Octo pr diff<cr>")
vim.keymap.set("n", "<leader>pc", "<cmd>Octo pr changes<cr>")
-- vim.api.nvim_create_autocmd("FileType", {
-- pattern = "octo",
-- callback = function()
-- vim.keymap.set("n", "<leader>rs", "<cmd>Octo review start<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rd", "<cmd>Octo review discard<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rr", "<cmd>Octo review resume<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>re", "<cmd>Octo review submit<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rca", "<cmd>Octo review comments<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rcs", "<cmd>Octo comment suggest<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rcc", "<cmd>Octo comment add<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rcr", "<cmd>Octo comment reply<cr>", { buffer = true })
--
-- vim.keymap.set("n", "<leader>pd", "<cmd>Octo pr diff<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>pc", "<cmd>Octo pr changes<cr>", { buffer = true })
-- end,
-- })

37
modules/home/programs/terminal/nvim/config/lua/telescope-config.lua
View File

@@ -1,20 +1,23 @@
require('telescope').setup { require("telescope").setup({
extensions = { extensions = {
fzf = { fzf = {
fuzzy = true, fuzzy = true,
override_generic_sorter = true, override_generic_sorter = true,
override_file_sorter = true, override_file_sorter = true,
case_mode = "smart_case" case_mode = "smart_case",
} },
} },
} })
require('telescope').load_extension('fzf') require("telescope").load_extension("fzf")
require("telescope").load_extension("ui-select") require("telescope").load_extension("ui-select")
require("telescope").load_extension("undo")
local builtin = require('telescope.builtin') local builtin = require("telescope.builtin")
vim.keymap.set('n', '<leader>ff', builtin.find_files, {}) vim.keymap.set("n", "<leader>ff", builtin.find_files)
vim.keymap.set('n', '<leader>fg', builtin.live_grep, {}) vim.keymap.set("n", "<leader>fg", builtin.live_grep)
vim.keymap.set('n', '<leader>fb', builtin.buffers, {}) vim.keymap.set("n", "<leader>fb", builtin.buffers)
vim.keymap.set('n', '<leader>fh', builtin.help_tags, {}) vim.keymap.set("n", "<leader>fh", builtin.help_tags)
vim.keymap.set('n', '<leader>fj', builtin.jumplist, {}) vim.keymap.set("n", "<leader>fj", builtin.jumplist)
vim.keymap.set("n", "<leader>fu", "<cmd>Telescope undo<cr>")
vim.keymap.set("n", "<leader>fp", "<cmd>Octo pr list<cr>")

7
modules/home/programs/terminal/nvim/config/lua/ts-config.lua
View File

@@ -1,3 +1,4 @@
require'nvim-treesitter.configs'.setup { require("nvim-treesitter.configs").setup({
highlight = {enable = true, additional_vim_regex_highlighting = false} highlight = { enable = true, additional_vim_regex_highlighting = false },
} })
vim.treesitter.language.register("markdown", "octo")

1
modules/home/programs/terminal/nvim/config/lua/which-key-config.lua
View File

@@ -16,6 +16,7 @@ wk.add({
{ "<leader>fg", "<cmd>Telescope live_grep<cr>", desc = "Live Grep" }, { "<leader>fg", "<cmd>Telescope live_grep<cr>", desc = "Live Grep" },
{ "<leader>fh", "<cmd>Telescope help_tags<cr>", desc = "Help Tags" }, { "<leader>fh", "<cmd>Telescope help_tags<cr>", desc = "Help Tags" },
{ "<leader>fj", "<cmd>Telescope jumplist<cr>", desc = "Jump List" }, { "<leader>fj", "<cmd>Telescope jumplist<cr>", desc = "Jump List" },
{ "<leader>fp", "<cmd>Octo pr list<cr>", desc = "PR List" },
{ "<leader>g", group = "DiffView" }, { "<leader>g", group = "DiffView" },
{ "<leader>gB", desc = "Git Blame Full" }, { "<leader>gB", desc = "Git Blame Full" },
{ "<leader>gH", "<cmd>DiffviewFileHistory --range=origin..HEAD<cr>", desc = "Diff History - Main" }, { "<leader>gH", "<cmd>DiffviewFileHistory --range=origin..HEAD<cr>", desc = "Diff History - Main" },

51
modules/home/programs/terminal/nvim/default.nix
View File

@@ -34,6 +34,7 @@ in
# ------------------- # -------------------
# ----- Helpers ----- # ----- Helpers -----
# ------------------- # -------------------
avante-nvim # Avante
aerial-nvim # Code Outline aerial-nvim # Code Outline
comment-nvim # Code Comments comment-nvim # Code Comments
diffview-nvim # Diff View diffview-nvim # Diff View
@@ -47,9 +48,11 @@ in
telescope-fzf-native-nvim # Faster Telescope telescope-fzf-native-nvim # Faster Telescope
telescope-nvim # Fuzzy Finder telescope-nvim # Fuzzy Finder
telescope-ui-select-nvim # UI telescope-ui-select-nvim # UI
telescope-undo-nvim # Undo Tree
toggleterm-nvim # Terminal Helper toggleterm-nvim # Terminal Helper
vim-nix # Nix Helpers vim-nix # Nix Helpers
which-key-nvim # Shortcut Helper which-key-nvim # Shortcut Helper
octo-nvim # Git Octo
# ------------------ # ------------------
# --- Theme / UI --- # --- Theme / UI ---
@@ -57,7 +60,8 @@ in
lualine-nvim # Bottom Line lualine-nvim # Bottom Line
noice-nvim # UI Tweaks noice-nvim # UI Tweaks
# nord-nvim # Theme # nord-nvim # Theme
melange-nvim # Theme # melange-nvim # Theme
catppuccin-nvim # Theme
nvim-notify # Noice Dependency nvim-notify # Noice Dependency
nvim-web-devicons # Dev Icons nvim-web-devicons # Dev Icons
@@ -80,13 +84,14 @@ in
( (
pkgs.vimUtils.buildVimPlugin { pkgs.vimUtils.buildVimPlugin {
pname = "none-ls-extras.nvim"; pname = "none-ls-extras.nvim";
version = "2024-06-11"; version = "2025-10-28";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "nvimtools"; owner = "nvimtools";
repo = "none-ls-extras.nvim"; repo = "none-ls-extras.nvim";
rev = "336e84b9e43c0effb735b08798ffac382920053b"; rev = "402c6b5c29f0ab57fac924b863709f37f55dc298";
sha256 = "sha256-UtU4oWSRTKdEoMz3w8Pk95sROuo3LEwxSDAm169wxwk="; sha256 = "sha256-4s/xQNWNA4dgb5gZR4Xqn6zDDWrSJNtmHOmmjmYnN/8=";
}; };
doCheck = false;
meta.homepage = "https://github.com/nvimtools/none-ls-extras.nvim/"; meta.homepage = "https://github.com/nvimtools/none-ls-extras.nvim/";
} }
) )
@@ -97,31 +102,15 @@ in
( (
pkgs.vimUtils.buildVimPlugin { pkgs.vimUtils.buildVimPlugin {
pname = "silicon.lua"; pname = "silicon.lua";
version = "2022-12-03"; version = "2025-10-28";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "mhanberg"; owner = "0oAstro";
repo = "silicon.lua"; repo = "silicon.lua";
rev = "5ca462bee0a39b058786bc7fbeb5d16ea49f3a23"; rev = "54682647a7c1c773dc4c9ab2bc309114a3b9e96f";
sha256 = "0vlp645d5mmii513v72jca931miyrhkvhwb9bfzhix1199zx7vi2"; sha256 = "sha256-lM7ALmYHGN5SKftfD7YBPh1gGKORbS6EMXS/ZQXDMSI=";
}; };
meta.homepage = "https://github.com/mhanberg/silicon.lua/"; doCheck = false;
} meta.homepage = "https://github.com/0oAstro/silicon.lua";
)
# -------------------
# ------- LLM -------
# -------------------
(
pkgs.vimUtils.buildVimPlugin {
pname = "llm.nvim";
version = "2024-05-25";
src = pkgs.fetchFromGitHub {
owner = "David-Kunz";
repo = "gen.nvim";
rev = "bd19cf584b5b82123de977b44105e855e61e5f39";
sha256 = "sha256-0AEB6im8Jz5foYzmL6KEGSAYo48g1bkFpjlCSWT6JeE=";
};
meta.homepage = "https://github.com/David-Kunz/gen.nvim/";
} }
) )
@@ -131,17 +120,16 @@ in
( (
pkgs.vimUtils.buildVimPlugin { pkgs.vimUtils.buildVimPlugin {
pname = "llama.vim"; pname = "llama.vim";
version = "2025-01-23"; version = "2025-10-28";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "ggml-org"; owner = "ggml-org";
repo = "llama.vim"; repo = "llama.vim";
rev = "143fe910b8d47a054ed464c38d8b7c17d5354468"; rev = "ade8966eff57dcbe4a359dd26fb1ea97378ea03c";
sha256 = "sha256-PW0HKzhSxcZiWzpDOuy98rl/X0o2nE7tMjZjwwh0qLE="; sha256 = "sha256-uPqOZLWKVMimhc9eG7yM5OmhJy3mTRgKsiqKhstWs4Y=";
}; };
meta.homepage = "https://github.com/ggml-org/llama.vim/"; meta.homepage = "https://github.com/ggml-org/llama.vim/";
} }
) )
]; ];
extraPackages = with pkgs; [ extraPackages = with pkgs; [
@@ -164,6 +152,7 @@ in
nodePackages.vscode-langservers-extracted nodePackages.vscode-langservers-extracted
pyright pyright
eslint_d eslint_d
python312Packages.autopep8
# Formatters # Formatters
luaformatter luaformatter
@@ -195,6 +184,8 @@ in
tsls = "${pkgs.nodePackages.typescript-language-server}/bin/typescript-language-server", tsls = "${pkgs.nodePackages.typescript-language-server}/bin/typescript-language-server",
golintls = "${pkgs.golangci-lint-langserver}/bin/golangci-lint-langserver", golintls = "${pkgs.golangci-lint-langserver}/bin/golangci-lint-langserver",
vscls = "${pkgs.nodePackages.vscode-langservers-extracted}", vscls = "${pkgs.nodePackages.vscode-langservers-extracted}",
clangd = "${pkgs.clang-tools}/bin/clangd",
omnisharp = "${pkgs.omnisharp-roslyn}/bin/OmniSharp",
} }
return nix_vars return nix_vars
''; '';

62
modules/home/programs/terminal/tmux/default.nix Executable file
View File

@@ -0,0 +1,62 @@
{ lib, pkgs, config, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.programs.terminal.tmux;
in
{
options.${namespace}.programs.terminal.tmux = {
enable = lib.mkEnableOption "tmux";
};
config = mkIf cfg.enable {
programs.tmux = {
enable = true;
clock24 = true;
plugins = with pkgs.tmuxPlugins; [
{
plugin = catppuccin;
extraConfig = ''
set -g @catppuccin_flavor "mocha"
set -g @catppuccin_status_background "none"
# Style & Separators
set -g @catppuccin_window_status_style "basic"
set -g @catppuccin_status_left_separator ""
set -g @catppuccin_status_middle_separator ""
set -g @catppuccin_status_right_separator ""
# Window Titles
set -g @catppuccin_window_text " #W"
set -g @catppuccin_window_current_text " #W"
'';
}
cpu
yank
];
extraConfig = ''
# Misc Settings
set -g status-position top
set -g mouse on
setw -g mode-keys vi
set -ag terminal-overrides ",xterm-256color:Tc:Ms=\\E]52;c%p1%.0s;%p2%s\\7"
# Start Index 1
set -g base-index 1
setw -g pane-base-index 1
set -g renumber-windows on
# Maintain Directory
bind '"' split-window -c "#{pane_current_path}"
bind % split-window -h -c "#{pane_current_path}"
bind c new-window -c "#{pane_current_path}"
# Theme
set -g status-left ""
set -g status-right ""
set -ag status-right "#{E:@catppuccin_status_host}"
'';
};
};
}

35
modules/home/services/fusuma/default.nix Normal file
View File

@@ -0,0 +1,35 @@
{ config, pkgs, lib, namespace, ... }:
let
cfg = config.${namespace}.services.fusuma;
in
{
options.${namespace}.services.fusuma = {
enable = lib.mkEnableOption "Fusuma";
};
config = lib.mkIf cfg.enable {
services.fusuma = {
enable = true;
extraPackages = with pkgs; [ ydotool deterministic-uname uutils-coreutils-noprefix ];
settings = {
swipe = {
"3" = {
begin = {
command = "ydotool click 40";
interval = 0.00;
};
update = {
command = "ydotool mousemove -- $move_x, $move_y";
interval = 0.01;
accel = 1.00;
# accel = 1.70;
};
end = {
command = "ydotool click 80";
};
};
};
};
};
};
}

17
modules/home/services/poweralertd/default.nix Normal file
View File

@@ -0,0 +1,17 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.services.poweralertd;
in
{
options.${namespace}.services.poweralertd = {
enable = lib.mkEnableOption "poweralertd";
};
config = mkIf cfg.enable {
services.poweralertd = {
enable = true;
};
};
}

8
modules/home/services/sops/default.nix
View File

@@ -28,14 +28,6 @@ in
keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt"; keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt";
sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ] ++ cfg.sshKeyPaths; sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ] ++ cfg.sshKeyPaths;
}; };
# TODO
# secrets = {
# nix = {
# sopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
# path = "${config.home.homeDirectory}/.config/nix/nix.conf";
# };
# };
}; };
}; };
} }

73
modules/home/services/swww/default.nix Normal file
View File

@@ -0,0 +1,73 @@
{ config, lib, pkgs, namespace, ... }:
let
cfg = config.${namespace}.services.swww;
in
{
options.${namespace}.services.swww = {
enable = lib.mkEnableOption "swww wallpaper service";
};
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [
swww
];
systemd.user = {
services = {
swww-daemon = {
Unit = {
Description = "SWWW Wallpaper Daemon";
After = [ "graphical-session.target" ];
};
Install = {
WantedBy = [ "graphical-session.target" ];
};
Service = {
Type = "simple";
ExecStart = "${pkgs.swww}/bin/swww-daemon";
Restart = "on-failure";
RestartSec = 5;
};
};
change-wallpaper = {
Unit = {
Description = "SWWW Wallpaper Changer";
After = [ "swww-daemon.service" ];
Requires = [ "swww-daemon.service" ];
};
Install = {
WantedBy = [ "swww-daemon.service" ];
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.writeShellScript "change-wallpaper-script" ''
WALLPAPER=$(${pkgs.findutils}/bin/find $HOME/Wallpapers -type f | ${pkgs.coreutils}/bin/shuf -n 1)
${pkgs.swww}/bin/swww img "$WALLPAPER" --transition-type random
''}";
};
};
};
timers.swww-schedule = {
Unit = {
Description = "SWWW Wallpaper Schedule";
};
Install = {
WantedBy = [ "timers.target" ];
};
Timer = {
OnBootSec = "1min";
OnUnitActiveSec = "1h";
Unit = "change-wallpaper.service";
};
};
};
};
}

3
modules/home/user/default.nix
View File

@@ -5,6 +5,7 @@ let
mkIf mkIf
mkDefault mkDefault
mkMerge mkMerge
mkEnableOption
; ;
inherit (lib.${namespace}) mkOpt; inherit (lib.${namespace}) mkOpt;
@@ -20,7 +21,7 @@ let
in in
{ {
options.${namespace}.user = { options.${namespace}.user = {
enable = mkOpt types.bool false "Whether to configure the user account."; enable = mkEnableOption "Whether to configure the user account.";
email = mkOpt types.str "evan@reichard.io" "The email of the user."; email = mkOpt types.str "evan@reichard.io" "The email of the user.";
fullName = mkOpt types.str "Evan Reichard" "The full name of the user."; fullName = mkOpt types.str "Evan Reichard" "The full name of the user.";
home = mkOpt (types.nullOr types.str) home-directory "The user's home directory."; home = mkOpt (types.nullOr types.str) home-directory "The user's home directory.";

21
modules/nixos/display-managers/sddm/default.nix
View File

@@ -1,24 +1,17 @@
{ config, lib, pkgs, namespace, ... }: { config, lib, pkgs, namespace, ... }:
let let
inherit (lib) mkIf; inherit (lib) mkIf types;
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.display-managers.sddm; cfg = config.${namespace}.display-managers.sddm;
in in
{ {
options.${namespace}.display-managers.sddm = { options.${namespace}.display-managers.sddm = {
enable = lib.mkEnableOption "sddm"; enable = lib.mkEnableOption "sddm";
scale = mkOpt types.str "1.75" "Scale";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
catppuccin-sddm
];
environment.sessionVariables = {
QT_SCREEN_SCALE_FACTORS = "2";
QT_FONT_DPI = "192";
};
services = { services = {
displayManager = { displayManager = {
sddm = { sddm = {
@@ -29,5 +22,13 @@ in
}; };
}; };
}; };
environment.systemPackages = with pkgs; [
catppuccin-sddm
];
environment.sessionVariables = {
QT_SCREEN_SCALE_FACTORS = cfg.scale;
};
}; };
} }

15
modules/nixos/hardware/battery/upower/default.nix Normal file
View File

@@ -0,0 +1,15 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.hardware.battery.upower;
in
{
options.${namespace}.hardware.battery.upower = {
enable = lib.mkEnableOption "enable upower";
};
config = mkIf cfg.enable {
services.upower.enable = true;
};
}

13
modules/nixos/hardware/opengl/default.nix
View File

@@ -14,6 +14,8 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.xserver.videoDrivers = mkIf cfg.enableNvidia [ "nvidia" ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
libva-utils libva-utils
vdpauinfo vdpauinfo
@@ -23,8 +25,17 @@ in
intel-gpu-tools intel-gpu-tools
]; ];
# Enable Nvidia Hardware
hardware.nvidia = mkIf cfg.enableNvidia {
package = config.boot.kernelPackages.nvidiaPackages.stable;
modesetting.enable = true;
powerManagement.enable = true;
open = false;
nvidiaSettings = true;
};
# Add Intel Arc / Nvidia Drivers # Add Intel Arc / Nvidia Drivers
hardware.enableRedistributableFirmware = cfg.enableIntel; hardware.enableRedistributableFirmware = mkIf cfg.enableIntel (mkForce true);
hardware.graphics = { hardware.graphics = {
enable = true; enable = true;
enable32Bit = cfg.enable32Bit; enable32Bit = cfg.enable32Bit;

8
modules/nixos/home/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{
config = {
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
};
};
}

36
modules/nixos/nix/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, pkgs, namespace, host, ... }: { config, lib, pkgs, inputs, namespace, host, ... }:
let let
inherit (lib) types mkIf; inherit (lib) types mkIf;
inherit (lib.${namespace}) mkBoolOpt mkOpt; inherit (lib.${namespace}) mkBoolOpt mkOpt;
@@ -14,6 +14,14 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
nix = nix =
let let
mappedRegistry = lib.pipe inputs [
(lib.filterAttrs (_: lib.isType "flake"))
(lib.mapAttrs (_: flake: { inherit flake; }))
(x: x // {
nixpkgs.flake = if pkgs.stdenv.hostPlatform.isLinux then inputs.nixpkgs else inputs.nixpkgs-unstable;
})
(x: if pkgs.stdenv.hostPlatform.isDarwin then lib.removeAttrs x [ "nixpkgs-unstable" ] else x)
];
users = [ users = [
"root" "root"
"@wheel" "@wheel"
@@ -40,16 +48,18 @@ in
checkConfig = true; checkConfig = true;
distributedBuilds = true; distributedBuilds = true;
optimise.automatic = true;
registry = mappedRegistry;
gc = { gc = {
automatic = true; automatic = true;
options = "--delete-older-than 7d"; options = "--delete-older-than 7d";
}; };
optimise.automatic = true;
settings = { settings = {
connect-timeout = 5;
allowed-users = users; allowed-users = users;
max-jobs = "auto";
auto-optimise-store = pkgs.stdenv.hostPlatform.isLinux; auto-optimise-store = pkgs.stdenv.hostPlatform.isLinux;
builders-use-substitutes = true; builders-use-substitutes = true;
experimental-features = [ experimental-features = [
@@ -66,6 +76,26 @@ in
trusted-users = users; trusted-users = users;
warn-dirty = false; warn-dirty = false;
use-xdg-base-directories = true; use-xdg-base-directories = true;
substituters = [
"https://anyrun.cachix.org"
"https://cache.nixos.org"
"https://hyprland.cachix.org"
"https://nix-community.cachix.org"
"https://nixpkgs-unfree.cachix.org"
"https://nixpkgs-wayland.cachix.org"
"https://numtide.cachix.org"
];
trusted-public-keys = [
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
"numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
];
}; };
}; };
}; };

6
modules/nixos/programs/graphical/wms/hyprland/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, namespace, ... }: { config, pkgs, lib, namespace, ... }:
let let
inherit (lib) mkIf; inherit (lib) mkIf;
@@ -17,6 +17,10 @@ in
}; };
}; };
environment.systemPackages = with pkgs; [
wl-clipboard
];
reichard = { reichard = {
display-managers = { display-managers = {
sddm = { sddm = {

33
modules/nixos/services/avahi/default.nix Normal file
View File

@@ -0,0 +1,33 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.services.avahi;
in
{
options.${namespace}.services.avahi = {
enable = lib.mkEnableOption "Avahi";
};
config = mkIf cfg.enable {
services.avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
publish = {
enable = true;
addresses = true;
domain = true;
hinfo = true;
userServices = true;
workstation = true;
};
};
# Cloud Init
systemd.services.avahi-daemon = mkIf config.${namespace}.services.cloud-init.enable {
after = [ "cloud-final.service" ];
requires = [ "cloud-final.service" ];
};
};
}

1
modules/nixos/services/cloud-init/default.nix
View File

@@ -22,5 +22,6 @@ in
}; };
}; };
}; };
networking.hostName = lib.mkForce "";
}; };
} }

51
modules/nixos/services/headscale/default.nix Normal file
View File

@@ -0,0 +1,51 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.services.headscale;
inherit (lib.${namespace}) mkBoolOpt;
in
{
options.${namespace}.services.headscale = {
enable = mkEnableOption "enable headscale service";
openFirewall = mkBoolOpt false "Open firewall";
};
options.services.headscale.settings.dns.nameservers.split = lib.mkOption {
type = lib.types.attrsOf (lib.types.listOf lib.types.str);
default = { };
description = ''
Split DNS configuration mapping domains to specific nameservers.
Each key is a domain suffix, and the value is a list of nameservers
to use for that domain.
'';
example = {
"internal.company.com" = [ "10.0.0.1" "10.0.0.2" ];
"dev.local" = [ "192.168.1.1" ];
};
};
config = mkIf cfg.enable {
services.headscale = {
enable = true;
address = "0.0.0.0";
settings = {
server_url = "https://headscale.reichard.io";
dns = {
base_domain = "reichard.dev";
nameservers = {
global = [
"9.9.9.9"
];
split = {
"va.reichard.io" = [ "10.0.20.20" ];
};
};
};
};
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ 8080 ];
};
};
}

108
modules/nixos/services/llama-cpp/default.nix Normal file
View File

@@ -0,0 +1,108 @@
{ config, pkgs, lib, namespace, ... }:
let
inherit (lib) types mkIf mkEnableOption;
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.services.llama-cpp;
modelDir = "/models";
availableModels = {
"qwen2.5-coder-7b-q8_0.gguf" = {
url = "https://huggingface.co/ggml-org/Qwen2.5-Coder-7B-Q8_0-GGUF/resolve/main/qwen2.5-coder-7b-q8_0.gguf?download=true";
flag = "--fim-qwen-7b-default";
};
"qwen2.5-coder-3b-q8_0.gguf" = {
url = "https://huggingface.co/ggml-org/Qwen2.5-Coder-3B-Q8_0-GGUF/resolve/main/qwen2.5-coder-3b-q8_0.gguf?download=true";
flag = "--fim-qwen-3b-default";
};
};
in
{
options.${namespace}.services.llama-cpp = with types; {
enable = mkEnableOption "llama-cpp support";
modelName = mkOpt str "qwen2.5-coder-3b-q8_0.gguf" "model to use";
};
config =
let
modelPath = "${modelDir}/${cfg.modelName}";
in
mkIf cfg.enable {
assertions = [
{
assertion = availableModels ? ${cfg.modelName};
message = "Invalid model '${cfg.modelName}'. Available models: ${lib.concatStringsSep ", " (lib.attrNames availableModels)}";
}
];
systemd.services = {
# LLama Download Model
download-model = {
description = "Download Model";
wantedBy = [ "multi-user.target" ];
before = [ "llama-cpp.service" ];
path = [ pkgs.curl pkgs.coreutils ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "root";
Group = "root";
};
script =
let
modelURL = availableModels.${cfg.modelName}.url;
in
''
set -euo pipefail
if [ ! -f "${modelPath}" ]; then
mkdir -p "${modelDir}"
# Add -f flag to follow redirects and -L for location
# Add --fail flag to exit with error on HTTP errors
# Add -C - to resume interrupted downloads
curl -f -L -C - \
-H "Accept: application/octet-stream" \
--retry 3 \
--retry-delay 5 \
--max-time 1800 \
"${modelURL}" \
-o "${modelPath}.tmp" && \
mv "${modelPath}.tmp" "${modelPath}"
fi
'';
};
# Setup LLama API Service
llama-cpp = {
after = [ "download-model.service" ];
requires = [ "download-model.service" ];
};
};
services.llama-cpp = {
enable = true;
host = "0.0.0.0";
port = 8012;
openFirewall = true;
model = "${modelPath}";
package = (pkgs.llama-cpp.override {
cudaSupport = true;
}).overrideAttrs (oldAttrs: {
cmakeFlags = oldAttrs.cmakeFlags ++ [
"-DGGML_CUDA_ENABLE_UNIFIED_MEMORY=1"
"-DCMAKE_CUDA_ARCHITECTURES=61" # GTX-1070
# Disable CPU Instructions - Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
"-DLLAMA_FMA=OFF"
"-DLLAMA_AVX2=OFF"
"-DLLAMA_AVX512=OFF"
"-DGGML_FMA=OFF"
"-DGGML_AVX2=OFF"
"-DGGML_AVX512=OFF"
];
});
extraFlags = [ availableModels.${cfg.modelName}.flag ];
};
};
}

18
modules/nixos/services/mosh/default.nix Normal file
View File

@@ -0,0 +1,18 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.services.mosh;
in
{
options.${namespace}.services.mosh = {
enable = lib.mkEnableOption "mosh support";
};
config = mkIf cfg.enable {
programs.mosh = {
enable = true;
openFirewall = true;
};
};
}

27
modules/nixos/services/openiscsi/default.nix
View File

@@ -1,15 +1,16 @@
{ config, pkgs, lib, namespace, host, ... }: { config, pkgs, lib, namespace, host, ... }:
let let
inherit (lib) types mkIf; inherit (lib) types mkIf;
inherit (lib.${namespace}) mkOpt; inherit (lib.${namespace}) mkOpt mkBoolOpt;
cfg = config.${namespace}.services.openiscsi; cfg = config.${namespace}.services.openiscsi;
cloudInitEnabled = config.${namespace}.services.cloud-init.enable;
in in
{ {
options.${namespace}.services.openiscsi = { options.${namespace}.services.openiscsi = {
enable = lib.mkEnableOption "Open iSCSI support"; enable = lib.mkEnableOption "Open iSCSI support";
name = mkOpt types.str "iqn.2025.reichard.io:${host}" "iSCSI name"; name = mkOpt types.str "iqn.2025.reichard.io:${host}" "iSCSI name";
symlink = mkOpt types.bool false "Create a symlink to the iSCSI binaries"; symlink = mkBoolOpt false "Create a symlink to the iSCSI binaries";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@@ -30,5 +31,27 @@ in
ln -sf ${pkgs.openiscsi}/bin/iscsiadm /usr/bin/iscsiadm ln -sf ${pkgs.openiscsi}/bin/iscsiadm /usr/bin/iscsiadm
ln -sf ${pkgs.openiscsi}/bin/iscsid /usr/bin/iscsid ln -sf ${pkgs.openiscsi}/bin/iscsid /usr/bin/iscsid
''; '';
# Cloud Init Compatibility
environment.etc."iscsi/initiatorname.iscsi".enable = mkIf cloudInitEnabled false;
systemd.services.iscsi-initiator-setup = mkIf cloudInitEnabled {
description = "Setup iSCSI Initiator Name";
requires = [ "cloud-final.service" ];
before = [ "iscsid.service" ];
after = [ "cloud-final.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
path = [ pkgs.hostname pkgs.util-linux ];
script = ''
mkdir -p /run/iscsi
echo "InitiatorName=iqn.2025.org.nixos:$(hostname)" > /run/iscsi/initiatorname.iscsi
mount --bind /run/iscsi/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi
'';
};
}; };
} }

10
modules/nixos/services/openssh/default.nix
View File

@@ -10,8 +10,16 @@ let
cfg = config.${namespace}.services.openssh; cfg = config.${namespace}.services.openssh;
authorizedKeys = [ authorizedKeys = [
# MBP-Personal NixOS # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
# evanreichard@mobile
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIARTNbl4lgQsp7SJEng7vprL0+ChC9e6iR7o/PiC4Jme"
# evanreichard@lin-va-terminal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM5e6Cty+7rX5BjIEHBTU6GnzfOxPJiHpSqin/BnsypO"
]; ];
in in
{ {

45
modules/nixos/services/rke2/default.nix
View File

@@ -1,7 +1,7 @@
{ config, lib, namespace, ... }: { config, pkgs, lib, namespace, ... }:
let let
inherit (lib) types mkIf; inherit (lib) types mkIf;
inherit (lib.${namespace}) mkOpt; inherit (lib.${namespace}) mkOpt mkBoolOpt;
cfg = config.${namespace}.services.rke2; cfg = config.${namespace}.services.rke2;
in in
@@ -9,6 +9,7 @@ in
options.${namespace}.services.rke2 = with types; { options.${namespace}.services.rke2 = with types; {
enable = lib.mkEnableOption "Enable RKE2"; enable = lib.mkEnableOption "Enable RKE2";
disable = mkOpt (listOf str) [ ] "Disable services"; disable = mkOpt (listOf str) [ ] "Disable services";
openFirewall = mkBoolOpt false "Open firewall";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@@ -16,5 +17,45 @@ in
enable = true; enable = true;
disable = cfg.disable; disable = cfg.disable;
}; };
# NOTE: Tailscale & K8s Calico conflict due to FWMask. You need to update the DaemonSet Env with:
# - name: FELIX_IPTABLESMARKMASK
# value: "0xff00ff00"
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [
# RKE2 Ports - https://docs.rke2.io/install/requirements#networking
6443 # Kubernetes API
9345 # RKE2 supervisor API
2379 # etcd Client Port
2380 # etcd Peer Port
2381 # etcd Metrics Port
10250 # kubelet metrics
9099 # Canal CNI health checks
# MetalLB
7946 # memberlist
];
networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [
# RKE2 Ports - https://docs.rke2.io/install/requirements#networking
8472 # Canal CNI with VXLAN
# 51820 # Canal CNI with WireGuard IPv4 (if using encryption)
# 51821 # Canal CNI with WireGuard IPv6 (if using encryption)
# MetalLB
7946 # memberlist
];
# Cloud Init
systemd.services.rke2-server = mkIf config.${namespace}.services.cloud-init.enable {
after = [ "cloud-final.service" ];
requires = [ "cloud-final.service" ];
};
environment.systemPackages = with pkgs; [
k9s
kubectl
nfs-utils
];
}; };
} }

32
modules/nixos/services/rtl-tcp/default.nix Normal file
View File

@@ -0,0 +1,32 @@
{ config, pkgs, lib, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
inherit (lib.${namespace}) mkBoolOpt;
cfg = config.${namespace}.services.rtl-tcp;
in
{
options.${namespace}.services.rtl-tcp = {
enable = mkEnableOption "RTL-TCP support";
openFirewall = mkBoolOpt true "Open firewall";
};
config = mkIf cfg.enable {
hardware.rtl-sdr.enable = true;
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ 1234 ];
# RTL-SDR TCP Server Service
systemd.services.rtl-tcp = {
description = "RTL-SDR TCP Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.rtl-sdr}/bin/rtl_tcp -a 0.0.0.0 -f 1090000000 -s 2400000";
Restart = "on-failure";
RestartSec = "10s";
User = "root";
Group = "root";
};
};
};
}

20
modules/nixos/services/sunshine/default.nix Normal file
View File

@@ -0,0 +1,20 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
inherit (lib.${namespace}) mkBoolOpt;
cfg = config.${namespace}.services.sunshine;
in
{
options.${namespace}.services.sunshine = {
enable = mkEnableOption "enable sunshine service";
openFirewall = mkBoolOpt true "open firewall";
};
config = mkIf cfg.enable {
services.sunshine = {
enable = true;
openFirewall = cfg.openFirewall;
};
};
}

27
modules/nixos/services/tailscale/default.nix Normal file
View File

@@ -0,0 +1,27 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.services.tailscale;
in
{
options.${namespace}.services.tailscale = {
enable = mkEnableOption "enable tailscale service";
enableRouting = mkEnableOption "enable tailscale routing";
};
config = mkIf cfg.enable {
services.tailscale = {
enable = true;
useRoutingFeatures = if cfg.enableRouting then "server" else "client";
};
boot.kernel.sysctl = mkIf cfg.enableRouting {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
# NOTE: Tailscale & K8s Calico conflict due to FWMask. You need to update the DaemonSet Env with:
# - name: FELIX_IPTABLESMARKMASK
# value: "0xff00ff00"
};
}

19
modules/nixos/services/ydotool/default.nix Normal file
View File

@@ -0,0 +1,19 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.services.ydotool;
in
{
options.${namespace}.services.ydotool = {
enable = lib.mkEnableOption "ydotool";
};
config = mkIf cfg.enable {
reichard.user.extraGroups = [ "input" ];
programs.ydotool = {
enable = true;
group = "input";
};
};
}

25
modules/nixos/system/boot/default.nix
View File

@@ -1,18 +1,29 @@
{ config, lib, namespace, ... }: { config, lib, namespace, ... }:
let let
inherit (lib) mkIf; inherit (lib) mkIf mkDefault;
inherit (lib.${namespace}) mkBoolOpt;
cfg = config.${namespace}.system.boot; cfg = config.${namespace}.system.boot;
in in
{ {
options.${namespace}.system.boot = { options.${namespace}.system.boot = {
enable = lib.mkEnableOption "Enable Boot"; enable = lib.mkEnableOption "Enable Boot";
xenGuest = lib.mkEnableOption "Enable Xen Guest"; enableGrub = mkBoolOpt true "Enable GRUB";
enableSystemd = mkBoolOpt false "Enable systemd";
xenGuest = lib.mkEnableOption "Xen guest support";
showNotch = lib.mkEnableOption "Show macOS Notch"; showNotch = lib.mkEnableOption "Show macOS Notch";
silentBoot = lib.mkEnableOption "Silent Boot"; silentBoot = lib.mkEnableOption "Silent Boot";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
assertions = [
{
assertion = !(cfg.enableGrub && cfg.enableSystemd);
message = "Cannot enable both GRUB and systemd-boot";
}
];
services.xe-guest-utilities.enable = mkIf cfg.xenGuest true; services.xe-guest-utilities.enable = mkIf cfg.xenGuest true;
boot = { boot = {
@@ -33,13 +44,19 @@ in
canTouchEfiVariables = false; canTouchEfiVariables = false;
}; };
systemd-boot = { systemd-boot = mkIf cfg.enableSystemd {
enable = true; enable = true;
configurationLimit = 20; configurationLimit = 20;
editor = false; editor = false;
}; };
timeout = 1; grub = mkIf cfg.enableGrub {
enable = true;
efiSupport = true;
efiInstallAsRemovable = true;
};
timeout = mkDefault 1;
}; };
initrd = mkIf cfg.xenGuest { initrd = mkIf cfg.xenGuest {

44
modules/nixos/system/disk/default.nix
View File

@@ -20,22 +20,19 @@ in
content = { content = {
type = "gpt"; type = "gpt";
partitions = { partitions = {
bios-boot = {
name = "bios-boot";
size = "1M";
type = "EF02";
};
boot = { boot = {
size = "512M"; name = "boot";
size = "500M";
type = "EF00"; type = "EF00";
content = { content = {
type = "filesystem"; type = "filesystem";
format = "vfat"; format = "vfat";
mountpoint = "/boot"; mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
}; };
}; };
swap = { swap = {
@@ -46,6 +43,33 @@ in
resumeDevice = true; resumeDevice = true;
}; };
}; };
root = {
name = "root";
size = "100%";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";
lvs = {
root = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [
"defaults"
];
};
}; };
}; };
}; };

65
modules/nixos/system/networking/default.nix
View File

@@ -1,14 +1,45 @@
{ config, lib, pkgs, namespace, ... }: { config, lib, pkgs, namespace, ... }:
let let
inherit (lib) mkIf mkForce; inherit (lib) types mkIf mkForce mkOption mkEnableOption;
inherit (lib.${namespace}) mkBoolOpt; inherit (lib.${namespace}) mkBoolOpt enabled;
cfg = config.${namespace}.system.networking; cfg = config.${namespace}.system.networking;
in in
{ {
options.${namespace}.system.networking = { options.${namespace}.system.networking = {
enable = lib.mkEnableOption "networking support"; enable = mkEnableOption "Enable Networking";
enableIWD = mkBoolOpt false "enable iwd"; enableIWD = mkEnableOption "Enable IWD";
useDHCP = mkBoolOpt true "Use DHCP";
useNetworkd = mkBoolOpt false "Use networkd";
useStatic = mkOption {
type = types.nullOr (types.submodule {
options = {
interface = mkOption {
type = lib.types.str;
description = "Network interface name";
example = "enp0s3";
};
address = mkOption {
type = types.str;
description = "Static IP address";
example = "10.0.20.200";
};
defaultGateway = mkOption {
type = types.str;
description = "Default gateway IP";
example = "10.0.20.254";
};
nameservers = mkOption {
type = types.listOf types.str;
description = "List of DNS servers";
example = [ "10.0.20.254" "8.8.8.8" ];
default = [ "8.8.8.8" "8.8.4.4" ];
};
};
});
default = null;
description = "Static Network Configuration";
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@@ -21,24 +52,20 @@ in
reichard.user.extraGroups = [ "network" ]; reichard.user.extraGroups = [ "network" ];
networking = { networking = {
firewall.enable = true; firewall = enabled;
usePredictableInterfaceNames = mkForce true; useDHCP = mkForce (cfg.useDHCP && cfg.useStatic == null);
} // (lib.optionalAttrs cfg.enableIWD) { useNetworkd = cfg.useNetworkd;
} // (lib.optionalAttrs (cfg.enableIWD) {
wireless.iwd = { wireless.iwd = {
enable = true; enable = true;
settings.General.EnableNetworkConfiguration = true; settings.General.EnableNetworkConfiguration = true;
}; };
}; }) // (lib.optionalAttrs (cfg.useStatic != null) {
inherit (cfg.useStatic) defaultGateway nameservers;
# TODO - Network Configuration interfaces.${cfg.useStatic.interface}.ipv4.addresses = [{
# (lib.mkIf (config.network != null) { inherit (cfg.useStatic) address;
# networking = { prefixLength = 24;
# inherit (config.network) defaultGateway nameservers; }];
# interfaces.${config.network.interface}.ipv4.addresses = [{ });
# inherit (config.network) address;
# prefixLength = 24;
# }];
# };
# })
}; };
} }

1
modules/nixos/system/networking/networkmanager/default.nix
View File

@@ -10,6 +10,7 @@ in
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
wifi.backend = mkIf cfg.enableIWD "iwd";
connectionConfig = { connectionConfig = {
"connection.mdns" = "2"; "connection.mdns" = "2";

9
modules/nixos/user/default.nix
View File

@@ -11,9 +11,7 @@ in
extraGroups = mkOpt (listOf str) [ ] "Groups for the user to be assigned."; extraGroups = mkOpt (listOf str) [ ] "Groups for the user to be assigned.";
extraOptions = mkOpt attrs { } "Extra options passed to <option>users.users.<name></option>."; extraOptions = mkOpt attrs { } "Extra options passed to <option>users.users.<name></option>.";
fullName = mkOpt str "Evan Reichard" "The full name of the user."; fullName = mkOpt str "Evan Reichard" "The full name of the user.";
initialPassword = initialPassword = mkOpt str "changeMe2025!" "The initial password to use when the user is first created.";
mkOpt str "password"
"The initial password to use when the user is first created.";
name = mkOpt str "evanreichard" "The name to use for the user account."; name = mkOpt str "evanreichard" "The name to use for the user account.";
}; };
@@ -21,12 +19,9 @@ in
users.users.${cfg.name} = { users.users.${cfg.name} = {
inherit (cfg) name initialPassword; inherit (cfg) name initialPassword;
extraGroups = [
"wheel"
] ++ cfg.extraGroups;
group = "users"; group = "users";
home = "/home/${cfg.name}"; home = "/home/${cfg.name}";
extraGroups = [ "wheel" ] ++ cfg.extraGroups;
isNormalUser = true; isNormalUser = true;
shell = pkgs.bashInteractive; shell = pkgs.bashInteractive;
uid = 1000; uid = 1000;

59
modules/nixos/virtualisation/libvirtd/default.nix Normal file
View File

@@ -0,0 +1,59 @@
{ config, lib, pkgs, namespace, ... }:
let
inherit (lib) mkIf;
inherit (lib.${namespace}) mkBoolOpt;
cfg = config.${namespace}.virtualisation.libvirtd;
in
{
options.${namespace}.virtualisation.libvirtd = {
enable = lib.mkEnableOption "enable libvirtd";
withVirtManager = mkBoolOpt false "add virt-manager";
enableIntelIOMMU = mkBoolOpt false "enable Intel IOMMU for better device passthrough";
enableAMDIOMMU = mkBoolOpt false "enable AMD IOMMU for better device passthrough";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
win-virtio
virtiofsd
libvirt
qemu_kvm
] ++ lib.optionals cfg.withVirtManager [
virt-manager
virt-viewer
spice-gtk
];
reichard = {
user = {
extraGroups = [
"libvirtd"
];
};
};
virtualisation = {
libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_kvm;
runAsRoot = false;
swtpm.enable = true;
ovmf = {
enable = true;
packages = [ pkgs.OVMFFull.fd ];
};
};
};
spiceUSBRedirection.enable = true;
};
boot.kernelParams = lib.optionals cfg.enableIntelIOMMU [
"intel_iommu=on"
] ++ lib.optionals cfg.enableAMDIOMMU [
"amd_iommu=on"
];
};
}

43
modules/nixos/virtualisation/podman/default.nix Normal file
View File

@@ -0,0 +1,43 @@
{ config, lib, pkgs, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.virtualisation.podman;
in
{
options.${namespace}.virtualisation.podman = {
enable = lib.mkEnableOption "podman";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
podman-compose
podman-desktop
];
reichard = {
user = {
extraGroups = [
"docker"
"podman"
];
};
};
virtualisation = {
podman = {
inherit (cfg) enable;
autoPrune = {
enable = true;
flags = [ "--all" ];
dates = "weekly";
};
defaultNetwork.settings.dns_enabled = true;
dockerCompat = true;
dockerSocket.enable = true;
};
};
};
}

4
secrets/default.yaml
View File

@@ -15,8 +15,8 @@ sops:
SC91WFNocEN2K1NFK2dBUHYwZTQrVFkKKb3AlaRX96vJwEmxNNAThTlO9ZwtD1tv SC91WFNocEN2K1NFK2dBUHYwZTQrVFkKKb3AlaRX96vJwEmxNNAThTlO9ZwtD1tv
c6aBELEbmJFdHOcIJITzmS3YOssDOgTL2TbcSFu8mdAQYsRvxC96HA== c6aBELEbmJFdHOcIJITzmS3YOssDOgTL2TbcSFu8mdAQYsRvxC96HA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-05T02:29:22Z" lastmodified: "2025-04-09T00:53:28Z"
mac: ENC[AES256_GCM,data:2rI+pEYmQIPmtcnDTuyroAbfIvLIZKvsyAMEbQM2y9xYXhLyK8Vt7IzmdHy//hQRBSWdBV7/HfCMWJcg9i1B/P9fXrKx+OxaIb654SkthWhkORq32Sr1Gee3Yj195MffIUrEZ4rVauCeprzdEXqN6oTVXjHvnqV2/VXuTkkbztE=,iv:gCgo+8uLH6H9R3OQvzf2K9SgXb3tXG7Lvu6lxL0P2xo=,tag:ev+vMOn6UAfKexfyUnMP5Q==,type:str] mac: ENC[AES256_GCM,data:NKv91i8Ms4TfbU0t9td4QoGD+9d9KYGQ9Mu1QlFdCc4AjMfRCcUCrvb9SVMF5JbYa8oZAH4Qp9FEJ5fFmgoTNrewspLUMpyjUYRgARYQWiHYhZjE/uTNhFo2FxXYLWsAlQjEJ8abbwUyr2y6NsK2tcQcOBDIWUssb4XqajNcylE=,iv:gvwQZB20JR4bKfMMR6sYjTnf3CNiOjcd8T30s2drKwY=,tag:mF9etyVyPVw5YblI8VdtTw==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.4 version: 3.9.4

21
secrets/lin-va-mbp-personal/evanreichard/default.yaml Normal file
View File

@@ -0,0 +1,21 @@
rke2_kubeconfig: ENC[AES256_GCM,data:ZfqWAsIcx2h/cyrfkcyQXrO+dzYF7JRkplj3Y9mm4oEiQKeG7xeYdtNAE112PdFfLcI00HQRaKbzrcNBbG1M+kUQZROUk47sr7AqpeRxJIob1ZoTgwN98gQ1W0ikPFYBUw4HIVxmY9wuNyqDk54LNwu47A3hMUmCLEv8sPkk8r7lhA9Vf3HTtTbQBK8VBa5059YJyEIpZjMMaXPZReIR6Gka9qsZ4d1F1B8VYu+fBH2ZIKtG1HMCXzl/RvjaCqtlrk5AptooSQ/upOMq6omHWfBf8oty/0o6yasxYldMawetUW55TOm12QlgdmbDkXqeMAai03N3tj8zMESOVEHVxRzjosVTq4u5DzPAMmLFAk5NYaPpd5c6jlM2Gk7pT9v+X+n+GGYW9xfYLURe1sSy/yWmLXhEhOzLXkyc1T3M1bHWqnXDXfU1bhXWVLKwNDmuS96YWHb1o+Qr+3HTUCPQa70M9Va18O+pERD0Yj/Jz1HxwyAHKClRs06Lo73gl3eY7lOGhnafRSyxR91oMXs+ijSfFk8CNEA/PxKPaXUoKpDLpM6+iPnEmnsAT/kV9IrqnevsIABtzWMR6XHQbRodPowsx2zlSgzJfLkVZ37dsZawALv1FN/XOtrW53Zt8BGK3dIwIM1tRy6nR+UKoN8mQ4KI43MNZ7A7CagCAkWbs3AserDqU+4VYIF/biLVA9q+tZZory7lLraLpByVa2Mi1/JFUW23PyW6fa9nVvBDonzs5M4N7p4/Yw9rdWBWC/1ZQIvSKbTIla+mtDKX6GTlEAsaoJOFc+F8fX8FxGEZtxoXENshoyAvsQSihUbdsKkjDQAIcZ0lHAUKLJyJZSWFRkQsl64MkvBJwGedsMq/zzU8K96iBojYLQspPq8Yp612nxQahRyxAXWFvYAfMmxMqhSbEYuJA62DSUA1KwILZx7yPfKZWXLQzGDnpGyFRuORP+ZjANGXo1eqAED4cHqwZCHTo6q6Zh9zN4Y4jrO/z4G16PwheAi/WTJswzdI83J9FAR3TrKAGyf3a5hR03BNVHBbO+I6dX/Rhwp0eIdR0MPVXJE+CshcTixQNKWK7SRmpDQemAQq3g6c4i5DWB9PUlipkry+pcQzsz1omPLGjf/2Mz2CAdvPnjCYfeTeFxz42s6VJHBBd5Sgg/7ONQTj6QpvFhpP2u8aWmgbPnV3n0phejq9Bpj1lEEEN5JZlU2Swj6t6rtFD5fAZUu3L5FRPg5xZhCV0zu4VXuaEflPdidK35b0jIiz22qpAkw+/0vh36u+kkUOabgpnt+I3CqeCilRuq6tIvtIx2AHFZ4Y9WdfXpjd/BEl2GY8VrxSWzpXS0YYWiNwypJx/J1zzmZZO6G7QcKSpIuoULM4uneBlaZurjXdVT8QzupUmX+CVyXHZUTXX3tM0rFnuDG3uGjOUM+67kS/zd3LJk8fnY1awU08gTOrs7qIDIzqEaEVxvK60XcBqc4dDYG+FTKEOEOi88WGIZH12gFy49epciPaTQMxcKbRftE9R1fZNdze1PwX2lrm891KTBD7YwFJkUin88Ype7bQNI4Djyca0TumZjYKok1AoSzjLTJGYOmiZg9wYyN+6m/FrdM0krgUQzvErtfSFryX4XaLbpPJnpRcdzoiNzwwuVYMLn5mBhj4m08gjiiHQlVlSMSJxpXi6GdXqrMCDudDHyPX5LHh21e2wajZ59p1Y42Gew1dOOP+M/5/0PrwDvqKhUWgAp2q8PzQuQ+ZyCq63jVpTI0/BskiD1iQBwQFDN2A32V9xymnkuS1pKn9xnosNMWVR3R9l6sLQDxH6vJcCEqWvCmxg8n5nfPtgx0E+clmmFFHVQ/xmXbe1lKS1o/M5dLHDG3CdrUpSEf8IC7/qkhaG8d3EmKGFskwJcbpPSzCJfMLS1JuYGJL/m7jqSI5JJ+KzTlPQCjubW74+EEvScTIaQP7e+RtE60LbgkwLprIEfCao3I+P0W4YgqLfE/xF4NQ3qVy3vrXOVGJSR4e0R3rI9RiuHmYoduldqtLr8rhqVqbU33q9s1ifL/62Rh2ZnXcnP4w75eH1EtunucZ2ml9QwHbpG0liKrthvPlmUNVsOhWdwlUfHrCUs8sgLNwW98mgG+7Kva4edejNmaEq/43TtN/RBmrNanB0Dp2SIeEbYRFfLqWGCtIRJpeJF227ggJXxt3fZnCW1eiEihDLKfc3hz+7zo/QlkBkbbj9D1BRURieH7DCr8cvymKa1QL9nRl0aJzWvMg//Q8/nMA23qBays34s4EUrcDin6AnUZIu63eAvxtcesPDTVq31+NatLmty21VG3mk7s7yw1dDwJncCXQ6zYp+SOC90xMFUR++FYcpX6qFiRGk7qNln9hnllwu1SqQYgV/w9MmD6GYLk+/xCUWK3kbCjWZ0Nhxkk+A3snUealYeeK75fZfL8TlAkgKqpRL1KlY3jrDe2rgzQyrHb7AoLukf2RJcXwu3GBP9PLQjJSSJw3vEHltCDnt7YR2KRA5NvJw429brs/4RvkBlX2a593swY63YthWinhCs6I3kgiDVaycpiQit4HCwMATAnhkzD590QLgf/am+7vcQlxl1MCtG6V+mBSIDQw17kxfrq/P18MyKixtREI/TW2lT127JvMlH3Te3f5KDQNyWc5oUP8bsfvxpZ6nO6xrUY1pZ+1eCsapkNalLH5x4yk3viGHiWS7ow44jjaCDraL/YCvGN+7SHjDBIWRpt+/ncrjezxWJa2yN29y+JrJgRxHYmfmZVMHxPGZ9aexCRHxnTVgwlT577VTDltqYi9CC0kQmTPt3CZzSiOP8ht4gwHNuNjNus8qGT9w7nYd81ViCYV/VpMRKmq9cR3rY75U6BU8QO74hFTfDigmGBPxXwGuhWZEWMbmK1Xl867xybVj9UTHhdbgnhta0J9RXm29A9YL3RMdL/DDZNQGq2eMK4CDq2l9X7UdPqbJphXfCv1AmCdufdvzEAq8kVEw5+RQxEOVV0g84G8bH5dOKfOwr7b9Bogtg37+j5pLPJzcoRKl3NynlWMGZVcnkEgRqmzFreXAYIyScE16rIzeEHdL5ngvm9EcPQfAWz6CvylrK7Bl91pJonNYprSqHUO0F4K4/kscm4j90kD5wpGOcrwke2+OI3oqez7QPmfzKnYoSrtcXqbt9lnluqobdYsCHY6mUjn4utROUD+g7gW5yYkxC7R1ySvvt5t63rOX6QH4UP9Uz7dCpo831vMHQ8Am+VFNbLXirq6/2P4TKTnScSQh/OnJ8Sx0/zxbPAb3jwzmx/eFAd+eazL0hCGTnh/D0WxcqfxTItOllsKUGX+md2VAoJQLra07gMJlh1tuDk2+ZXjvOsoGOMAzswpKPLf6TVe5Yi4eEosDM8ZFkVSngF3qx4TB2NcuKl739qUvLf0eL461y7+doJcdC+sl19scJjlEBFmEU9YNoJ8T0m9nT5UIi7l0tuek2i9SpzQRjHym1Y12JsiYoTR83mTBMR33hChE9aMc0FBkNesVJ9SBWOtLsd1i/UxUyZIk/C8shVGPmYplT9QOO/RqwJtvTeOkhrEWQq9zRoGqKQJs+j6VatHOdqVweX4/0icBN5QamXwgH61c7RbT79MDCZHvHSKkAe+eNVw7y6+0ZgCxtiIbo3RJwdRGqy6XHGnRfzRbzjO9H26gBmWX+Z7ZfeHLghen/tOW/qEh+uT1TR+O71GnhOgd1QQh84vyE2U+lAzneHI2gVG8EzA8Ho/UGiXJALQPElkJzR3GXDXVAHAw8Q6wCjLnxpmpkJZEJiJ9uDktKkNdF5uM6oEfQbxpP8uWJQnK4sCaZOTBsqEzyBm+KUXOpt0PbGFmb+gfPHIpO6rNGdWJ/C9F63ZbWhMXfONuLCjMis86lLJimwYH9G0PQWrmh7ENuZB3/giYbVqUjD3yP44axfw,iv:zfbeDFKb3hHQFi9wEuDj8XRqTLhc+2AnJU1roGJVZkU=,tag:mwNz9UCO6lCDK5hMWNLfNw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0SnA3M2F0cXZjOGlFSTJw
aE9BNGJsQ1JzelFoQk4yMGlpN2dkVUR4ZUNvCmljSDhsVU4rUnowV2dIdlhZYnMy
aXo2OGZRd21PYk81ZE9pV05XSmpVOEEKLS0tIGhGNkVmTnVYRENEYlBxZXJTaExt
SC91WFNocEN2K1NFK2dBUHYwZTQrVFkKKb3AlaRX96vJwEmxNNAThTlO9ZwtD1tv
c6aBELEbmJFdHOcIJITzmS3YOssDOgTL2TbcSFu8mdAQYsRvxC96HA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-07T18:09:21Z"
mac: ENC[AES256_GCM,data:RxVXYkx4JD2l6zIcx051DSyw4yYMWdK23ssaw94jkxlICvDyeZy9aO9kC0bAYqn0iB2BDEdh/0rzNZeJHlkjKQx9+et82iwFdwC9GSTVl/FV39fr9YbsqFQGqMAEo/JqElul9Sjd5vgdC1xQOF+Jceo11F9LhDteOiFn2a3Sv5I=,iv:sb9ah+Tk39FUIDpq4g5YGScIku3w5tVlDDNyxuHS4OY=,tag:nC+yLdj/moS2+nMIzNAOdw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.4

26
secrets/mac-va-mbp-personal/evanreichard/default.yaml Normal file
View File

@@ -0,0 +1,26 @@
builder_ssh_key: ENC[AES256_GCM,data:1cYuaFJke/8GyqxPKp2zH/uARvW6Bqx6AsB16U8f3WkDpnxO6kym19MpDyQUBEjJ9Bj3RiBkSSL96jBv4YZfq+1cN8D6E14faKoYF5FZy5o1C+aTl+4L9zbrQIl/QDFh42qcJ6cYsOSjbEJv8kvZQBV7l+LNo8ZX07f76Kld3boouJJMMZWa9oaZgEifTxN4yDOPXTXNjCO3blGnsm+V3FPkba+EUASL9WH6+XLU2oW1Bc/sydOTiKGRJcs5eyqYvKi3evtxUUyqgdPVtUHNTsh6/B5kDLWFavfEfchPHT0LHIuqGJwGBglTp/NJThAoo5vNFAFIAUw9QWlY4alHhsi2L5g49r3s6i+3fGeyGCTP61uffY9HgF7nOdkTVMsRXacKh9fwgdsZAepcU+kJ3LJSdOaa4hUtCsZpFHUe4jA0kTHI1/V+7ak+iw92gNZTLKsCjIOzWFvEBVSXLctPdxQ8ezvF9ekvw5mkAwO7QYonlrQ3MUY/8b1DDOdjmfSwEyrLruew2KajFhm8/NM/2BOwcO/y+DbX2MSe5x0sx4HN79E=,iv:V25Tc7bOxc4wl5lf6gZOstN1InaCb3sfpCHMl65iwn8=,tag:mBFZcX2G3vpAOMw7V12d6w==,type:str]
rke2_kubeconfig: ENC[AES256_GCM,data:oTOBktUE71QNJXqy8l5hhYKF3mSQlLxXE7rjsctyJi4nIk4bhKACGdYkB8B37Ws9QHm5h9tAn9J/ehbWyBwsOFQIhX7S0kov8/HPlatbY3aJ+PiHO5GWRkJjbq+GZrJgdGeOCSRlA5C4lOy9cYbCqbsgfp42cNxOPhOQUyqFNCmsWJvBiJDuQX3Sqk2QoDtfTayho/v5IiJ9Xjms6m1ng98uXmANHK2wFAv4IZ2+7j14jy5RRKylTtjooJxTalSzdODV4wufHOLqFRCeGs9U4A/SEbRWacssdTWOp/wkaumruEpbuRaX33EwFzAxnawD0T/PBA1w9MfrXoz7bYaQ8S0fpWQHTr7xj79yrlJslBvTp/SzC+7LlpdsOtJr/2LpbzwFowMFPOGg0XJUWlkevIIObBuEYyAnlytxlys+2UNx+szOuUsUDTdZlEtTyJT+Xp8WjFlXkHsi66s+rDxDvUcMG6oLy3IYiYA4D7Q65aDgiy87kDmdfItf5koEEpHU2wV20EtAP2mRZ8UNYnDHd3ZV1L2gLXHGMA/sa0Tn0l4fhfr+6K0niQ9RaZxrVfqyChCw4bSCyZZFajZXcEDXsQB5UKsnMmZ3p5ZtRe/mqKydAz/xQc8mZPYFWwXN3uWgOWLRraRib0thg/PQzsbGNrKxoqc0sY3JbUSBcyhtz2x7b0Sj+g8ibtySmSEM1DrcYFdLG/QHbg8MaSOIIlZDDan2SJ0vAd432hI9BBIxj3L0EOfVBkbzEdtuuW7SSCG650X2u4Rd0Kkjc7HoB6pafJTWx2QZ/CMKIZFiHfMJ1zRyxco7SwZzsTRZ1Y0W7qgnssKpqtRNwCfRTdDM/6aZ1HorNP2NombuyGmfvD/EZSt4xxsOZIgioqfghbcsTCFZQPUvfBSZvJ5KBXS8qacBmsUxMLRMyzSbq0mM/S9Rz8oUxN587K7pLTNNiwFsQ9mXlGgh//rzhdAfzQZF/uuMrjqYgxt3iOAT3Nd34RbZ8YK31SRf6lFy7b+hafS1FFVUnW8jnC57eo2wNpHFBNA1y60dokx9P1dzZUVVYK5iCK+QFkUweD9WSo0al09E3By2pQxZ1OS9UOcTxFbpP/WakD57/tkOvmGIirqrexVecDcODelGXhCVeXb8zJQDz2PdXz3M4G0zIV2JcgJDjJy91Rx56vxRQv0/mvPfjexm9gQcTWOpIeUOBGRCfMXMh0g0AANHxDheRa9WzYQ10uDE3DsyMT53+FGW73PyPBk5MzRY/RQXjTEVbhO/e8Km7KOuhRxpohcLHCugEFMqjsW/c5b6GU24s3n69XPxMWtdtMmnf1FaGGufuOXyYd2s1vQqi+542x41HYnXiT6OQwsFttnlbwfrosl9qgSSgsfwXNv7qHQUBDg1KczwlPBZ3cMA/rQUqHL2N4vEp00JoJFjBTbWrin2FCOBafQmpKPv9j/nqiJROr3I93bSaodk0rFOUDWV3Sp/YepeuYb6wY+lMgysg4jDuJxEYQytFfNI2SBd7g4Xh6vBW/GS1/JdaHhh/Ub5/Cqa0Pxl5fBjV1HQIaM8mXi+V90zRVqzKm9vl9wXjXzAk8QvWRiW5ruP3IsMl5myL1KBuFIgZNPkbv8Nap3XDgmO2IvM6gWI3LHW81cgS6dDcsuC2C9zr291MAlYQiaotqQ33u0ga/y8DTXB3mcLTPLpkWWRY+Cc+qVAuD3LwCvd2StUhxUNwDbwVaxtuSk+uWMx1PCPPwHDVB3sm93wbnKrvj0TMHdkh0im+KzSplaMAsCgKJj1YO3Yhjg+E9CwIaYEDKcCE8FNqioSzzaXABQgpa4zUWkWC+D4iD/kSS3Z+BgB0VCytB705SMbmHmAlWnNayFgQLx3xo/TkgF51jEghj2w2gPyTM8gLqq8kvpXnDx95nhfStRu3KZCuCZKadrv0V5mSCCSzw0STDKZjfwYHHMWOnf41UDG7M9+vWHdtZdnJjLvw8gIqmLl0fkw75jFXYXQaNj4vh6MNSp7ABA8wY5Ala/EckHjx9R88czgyvHTLfVOiFgIiOLvldSYmDlaMcyPTVH7JSTiSoZ7aUwNROQE0/C9GyvZH8MGN9Iy6YQAUQYf5jjesoe3dPJf66GmeCKKlAcO1aK91XXow+pWrYJBZilhXJgPNTKltP2ObDLeJ/30KYF7Gee9GvtJaKzBGjYFZZz9nj8ixIBymS+M7N65U8Sw+/37qCnkSDe6VgkMoXXijaPgfToR4yb6FdZOqRlvynbyC+lSO44l2S1CkKbUxrqzZX2pQ6iB1eJdaHmIBYawVg7tJOO3snPXYMiMAgmojrH1BUUpbQRRvG4BTrUOES4N+2etytiZ7N4GEDzshosVaf9NeFBWRGC58siec/BtKwo7HGcsc0zDvcq8MFJ6rEUDbuZuWn3+CvxC9fi4+CzDP3j3K9lOUiXJ6vxv+1eImFMVgQUiV4g2M/JMTv6+Ix8U9dHoaNVjQlnL1NZRo92C/T2WRx42V97hJOe81CXqRLY8mW30MXat7KK+n92bNsWTKZrNsKnzVb+i1YwMAiwG1bw0OCcmfVojozZ4wjUNkFJI2K0v0CCvwVIl9yUKMkCvo+I1m2ZInOXRme2HK82YFg6JxitlQvovdlUndN1Lo4PhaxbW3BNwJSn81FxJ4yh+d34eawZlsQ4l+er2CyWrXSOvQnK1F8UwDB5xgPb8TBj5FD4IZM+op2LPQiaPQZ7bShzpN20W413lBvauirbD8EaZqt2QExmDnYHs1EMcj10bvu7IyKwZTlBqOa/LpyUH/imY4DTB0aYHby+xnLX7760S0sJfKuJ7omQ4QBgz+NSZ/aFfPicugkPsCZI0lS9WCcczvHgbFRzB6YQ5uJEoK5o5SdVTpYWUBvuLbJ6IOKNKWxlBcrsj4aPm+AAsxRc9cHPbrCns6y01K2wCYCL5nzK7jnneQiR4edtfnwMlUoo3c6/vzwiof4EVVrN29QxVsIA/9yqk375mKlI/l7/eOf083Kbad215wvZ+0U7cgI0oaaVvapj3Ni3e3Es8XUIQCua5HRE6d4M6A7P+Ye1Wkt+8oTpKJzd9Hn/ITwCYVssdpMSwF2ARHgmTtq+sacvkR9gojG/LAJMUwA48Sc4M5rn+5vTCRTvuKXDFphLSUwNzqd58YENC/HJjZS8+co+BN7AaafrybfA0QQrXkY7f+elsAFmNfho+taMpkfQZCmmgfoHPVPYR0pxkV1czCymm5lTjgkC7e4ydngcyJSrUzrXrWREkEcEdXoSRt1/JHABKRbvRuTbuUlah1xS1pvffosnA7KJL+aTLErkWwww3WUPMRrvmhVlWZqHGqE8lCRyMUPny7li3I2IB+aHFXepYwZSMMQPIOIiE19Oz7MsaIrMknqfTtdc58McEPGUPKiVO8x+nfRQPY45jFF60XtiK+yemYDicUGMSkWdtVLXgDCD+KAJz5YzBl5YbnPD9L1X9pB8P0vEpnKC6X+GGiaPflVGiNAKRTUyVv8CJ+Yh+KEfJw8og/P6d/7dSKheBeAdaliigZ9qG8xfyY0jE++xedaxIcOBObBu6j70j+Tpp5bUPN25FyVR2GqG4xz5YbuhnrRjhA6lAh0nppPlP+Oz/j9pPvPaDGESLZ/WM6MWru7R8DrHePBtulRvhvwUsmrjosPXuCNGU4sd1MFh6kNyyJH3W1quy3IopUij0Amu40mmd8XEzsN2nmT2Eh3NCd/r/2yj/t+xwxNcQZ+bfxeMFOiEfX5RU2paKNrRIDUEbgR1rS8A3PEUPTxwTP10IuY+IMToCSgZkVIq7UjXg0Bx9QdwvXcN74ADwkD0Un5+jLf4mo43QacwnBLpm24XqDzO09vKOzA9XU5fdC6AJ4mqAJ5J/XU8bC1RWiSCul6NekoJAPVgMlpWTPCAdSrWeYoE0d7lVkl+g+nEIS4sb,iv:mC5XSWReVzjwheF1IzCzp34JRvL/vJipyaKhptkH+cU=,tag:SDoNiaWaPKzruj+HPv5jbw==,type:str]
sops:
age:
- recipient: age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuVWFObG51K2lTYlZidXBU
aW55RnpkVDExbVBkNDl4NkV3MFNkNThjbWdZCklhWkVSaWpPSE1VY09iWGlPVE9Q
bW1SY05jK3BwcDIwSHdMZjJHdWQyQkkKLS0tIHZYS2c2U2xtQ1QxajlKeWpmNXZW
bmdpcTl2NjRWM3F3Q2RHbk1rTEFvZEkKWag1nmqFZMRjwFtIo6oqs+9UI/Mer5bK
Ax7P7uwoZdiMN2g84W1pNTjj6GktFn3jrBaE+MxY6NUBr02apkRYZw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1dccte7xtwswgef089nd80dutp96xnezx5lrqnneh9cusegsnda8sj3dj6c
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5cURST1FTbVk4RGZTaitF
MEt3Z2U0a004Zmo0VG1BN29DUnBLNGxPMEJFCkcyL1JrMkZsSTM5WCtZSldSeGZw
SmdpV3AxRDJyVW1WMXBuclhBSDkvTXcKLS0tIDZsU2pBbEFHNkdqWW1CZW1hdVN3
eW9OdlJmS21IVDNVNk9OMjZBT21PUTAK+lpsdEp2uvg8nFWu/hPtK0+Ahi5J//5d
NB6JJ7lwRWKy2NppFf9sy20Y1Z0Z5Ui40nbnURRzYgtsqbKBveUDcA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-29T23:30:28Z"
mac: ENC[AES256_GCM,data:x3dnanNbIX0fippbbFqOSR9ptZGdAwWuyn7hf3z6i43rk8Nk9p9EVqmE4/Guz2QY2tG/cph/5/nwX4UCO4ixAdB7pAWZa6lI1JdFzMBfW1IGeXOLyprDt6xdFnCVXjy64HgNWiVOPUS4+olxNZ0LPmCof7odqn+Axj+icFK3N34=,iv:OyFac4TxnKXwJ0l7LcJTqVyl11gIpw8fvEAEQTrEBc0=,tag:zMOGwIwAZmel+4EIqy9/tQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

29
shells/default/default.nix Normal file
View File

@@ -0,0 +1,29 @@
{ pkgs, ... }:
let
sync-repo = pkgs.writeShellScriptBin "sync-repo" ''
if [ -z "$1" ]; then
echo "Usage: sync-repo <ip-address>"
echo "Example: sync-repo 23.29.118.42"
exit 1
fi
rsync -av \
--exclude='.git' \
--exclude='.direnv' \
--exclude='_scratch' \
. evanreichard@$1:/etc/nixos
'';
in
pkgs.mkShell {
name = "reichard-dev";
buildInputs = with pkgs; [
rsync
sync-repo
];
shellHook = ''
echo "Use: sync-repo <ip-address> to sync repository"
'';
}

21
systems/aarch64-darwin/mac-va-mbp-personal/default.nix Normal file
View File

@@ -0,0 +1,21 @@
{ lib, ... }:
{
system.stateVersion = 6;
nix.enable = false;
# System Config
reichard = {
nix = {
enable = true;
usingDeterminate = true;
};
security = {
sops = {
enable = true;
sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
defaultSopsFile = lib.snowfall.fs.get-file "secrets/mac-va-mbp-personal/default.yaml";
};
};
};
}

62
systems/aarch64-linux/lin-o1-headscale/default.nix Executable file
View File

@@ -0,0 +1,62 @@
{ namespace, config, pkgs, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
system.stateVersion = "25.05";
time.timeZone = "UTC";
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
reichard = {
nix = enabled;
system = {
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = enabled;
};
services = {
openssh = enabled;
headscale = {
enable = true;
openFirewall = true;
};
tailscale = {
enable = true;
enableRouting = true;
};
};
};
users.users.${cfg.name} = {
openssh = {
authorizedKeys.keys = [
# evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
];
};
};
environment.systemPackages = with pkgs; [
btop
tmux
vim
];
}

60
systems/aarch64-linux/lin-o1-node/default.nix Executable file
View File

@@ -0,0 +1,60 @@
{ namespace, config, pkgs, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
system.stateVersion = "25.05";
time.timeZone = "UTC";
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
reichard = {
nix = enabled;
system = {
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = {
enable = true;
};
};
services = {
openssh = enabled;
tailscale = {
enable = true;
enableRouting = true;
};
};
};
users.users.${cfg.name} = {
openssh = {
authorizedKeys.keys = [
# evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
];
};
};
environment.systemPackages = with pkgs; [
btop
tmux
vim
];
}

25
systems/aarch64-linux/mbp-nixos/default.nix → systems/aarch64-linux/lin-va-mbp-personal/default.nix
View File

@@ -7,6 +7,9 @@ in
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
system.stateVersion = "25.05";
time.timeZone = "America/New_York";
# System Config # System Config
reichard = { reichard = {
nix = enabled; nix = enabled;
@@ -15,6 +18,7 @@ in
boot = { boot = {
enable = true; enable = true;
showNotch = true; showNotch = true;
silentBoot = true;
}; };
networking = { networking = {
enable = true; enable = true;
@@ -31,27 +35,26 @@ in
}; };
}; };
services = {
avahi = enabled;
ydotool = enabled;
};
security = { security = {
sops = { sops = {
enable = true; enable = true;
# sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; defaultSopsFile = lib.snowfall.fs.get-file "secrets/lin-va-mbp-personal/default.yaml";
defaultSopsFile = lib.snowfall.fs.get-file "secrets/lin-mbp-personal/default.yaml";
}; };
}; };
virtualisation = {
podman = enabled;
};
programs = { programs = {
graphical = { graphical = {
wms.hyprland = enabled; wms.hyprland = enabled;
}; };
}; };
}; };
# Hardware Config
hardware = {
bluetooth.enable = true;
bluetooth.powerOnBoot = true;
};
time.timeZone = "America/New_York";
system.stateVersion = "24.11";
} }

0
systems/aarch64-linux/mbp-nixos/firmware/all_firmware.tar.gz → systems/aarch64-linux/lin-va-mbp-personal/firmware/all_firmware.tar.gz
View File

0
systems/aarch64-linux/mbp-nixos/firmware/kernelcache.release.mac14j → systems/aarch64-linux/lin-va-mbp-personal/firmware/kernelcache.release.mac14j
View File

0
systems/aarch64-linux/mbp-nixos/hardware-configuration.nix → systems/aarch64-linux/lin-va-mbp-personal/hardware-configuration.nix
View File

60
systems/x86_64-linux/lin-o1-x86-node/default.nix Executable file
View File

@@ -0,0 +1,60 @@
{ namespace, config, pkgs, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
system.stateVersion = "25.05";
time.timeZone = "UTC";
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
reichard = {
nix = enabled;
system = {
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = {
enable = true;
};
};
services = {
openssh = enabled;
tailscale = {
enable = true;
enableRouting = true;
};
};
};
users.users.${cfg.name} = {
openssh = {
authorizedKeys.keys = [
# evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
];
};
};
environment.systemPackages = with pkgs; [
btop
tmux
vim
];
}

65
systems/x86_64-linux/lin-ovh-kube1/default.nix Executable file
View File

@@ -0,0 +1,65 @@
{ namespace, config, pkgs, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
system.stateVersion = "25.05";
time.timeZone = "UTC";
networking.firewall.allowedTCPPorts = [ 443 ];
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
reichard = {
nix = enabled;
system = {
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = enabled;
};
services = {
openssh = enabled;
tailscale = {
enable = true;
enableRouting = true;
};
rke2 = {
enable = true;
openFirewall = false;
disable = [ "rke2-ingress-nginx" ];
};
};
};
users.users.${cfg.name} = {
openssh = {
authorizedKeys.keys = [
# evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
];
};
};
environment.systemPackages = with pkgs; [
btop
tmux
vim
];
}

73
systems/x86_64-linux/lin-ssd-kube1/default.nix Executable file
View File

@@ -0,0 +1,73 @@
{ namespace, config, pkgs, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
system.stateVersion = "25.05";
time.timeZone = "UTC";
networking.firewall.allowedTCPPorts = [ 443 ];
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
reichard = {
nix = enabled;
system = {
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = {
enable = true;
useStatic = {
interface = "enp3s0";
address = "23.29.118.42";
defaultGateway = "23.29.118.1";
nameservers = [ "1.1.1.1" ];
};
};
};
services = {
openssh = enabled;
tailscale = {
enable = true;
enableRouting = true;
};
rke2 = {
enable = true;
openFirewall = false;
disable = [ "rke2-ingress-nginx" ];
};
};
};
# users.users.${cfg.name} = {
# openssh = {
# authorizedKeys.keys = [
# # evanreichard@lin-va-mbp-personal
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# # evanreichard@mac-va-mbp-personal
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# # evanreichard@lin-va-thinkpad
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
# ];
# };
# };
environment.systemPackages = with pkgs; [
btop
tmux
vim
];
}

46
systems/x86_64-linux/nixos-builder/default.nix → systems/x86_64-linux/lin-va-nix-builder/default.nix
View File

@@ -1,10 +1,11 @@
{ namespace, config, pkgs, lib, ... }: { namespace, config, pkgs, ... }:
let let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user; cfg = config.${namespace}.user;
in in
{ {
time.timeZone = "America/New_York";
system.stateVersion = "25.05";
reichard = { reichard = {
system = { system = {
boot = { boot = {
@@ -15,15 +16,27 @@ in
enable = true; enable = true;
diskPath = "/dev/xvda"; diskPath = "/dev/xvda";
}; };
networking = enabled; # TODO - Network Config networking = {
enable = true;
useStatic = {
interface = "enX0";
address = "10.0.50.130";
defaultGateway = "10.0.50.254";
nameservers = [ "10.0.50.254" ];
};
};
}; };
services = { services = {
openssh = { openssh = {
enable = true; enable = true;
authorizedKeys = [ authorizedKeys = [
# MBP-Personal NixOS # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
# NixOS Builder # NixOS Builder
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN"
]; ];
@@ -34,32 +47,23 @@ in
users.users.${cfg.name} = { users.users.${cfg.name} = {
openssh = { openssh = {
authorizedKeys.keys = [ authorizedKeys.keys = [
# MBP-Personal NixOS # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
# NixOS Builder # NixOS Builder
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN"
]; ];
}; };
}; };
networking = {
defaultGateway = {
address = "10.0.50.254";
interface = "enX0";
};
interfaces.enX0.ipv4.addresses = [{
address = "10.0.50.130";
prefixLength = 24;
}];
};
# System Packages # System Packages
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
htop btop
git
tmux tmux
vim vim
]; ];
time.timeZone = "America/New_York";
system.stateVersion = "24.11";
} }

70
systems/x86_64-linux/lin-va-office/default.nix Executable file
View File

@@ -0,0 +1,70 @@
{ namespace, pkgs, config, lib, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
system.stateVersion = "25.05";
time.timeZone = "America/New_York";
nixpkgs.config.allowUnfree = true;
# System Config
reichard = {
nix = enabled;
system = {
boot = {
enable = true;
silentBoot = true;
};
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = {
enable = true;
useStatic = {
interface = "enp5s0";
address = "10.0.50.120";
defaultGateway = "10.0.50.254";
nameservers = [ "10.0.20.20" ];
};
};
};
hardware = {
opengl = {
enable = true;
enableNvidia = true;
};
};
services = {
openssh = enabled;
llama-cpp = enabled;
rtl-tcp = enabled;
};
};
users.users.${cfg.name} = {
openssh = {
authorizedKeys.keys = [
# evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
];
};
};
# System Packages
environment.systemPackages = with pkgs; [
btop
git
tmux
vim
];
}

48
systems/x86_64-linux/lin-va-terminal/default.nix Executable file
View File

@@ -0,0 +1,48 @@
{ namespace, lib, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
system.stateVersion = "25.05";
time.timeZone = "America/New_York";
boot.supportedFilesystems = [ "nfs" ];
reichard = {
nix = enabled;
system = {
boot = {
enable = true;
enableGrub = false;
enableSystemd = true;
xenGuest = true;
};
disk = {
enable = true;
diskPath = "/dev/xvda";
};
networking = {
enable = true;
useStatic = {
interface = "enX0";
address = "10.0.50.30";
defaultGateway = "10.0.50.254";
nameservers = [ "10.0.20.20" ];
};
};
};
services = {
avahi = enabled;
mosh = enabled;
openssh = enabled;
tailscale = enabled;
};
virtualisation = {
podman = enabled;
};
};
}

95
systems/x86_64-linux/lin-va-thinkpad/default.nix Executable file
View File

@@ -0,0 +1,95 @@
{ namespace, pkgs, lib, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
system.stateVersion = "25.05";
time.timeZone = "America/New_York";
boot = {
supportedFilesystems = [ "nfs" ];
kernelParams = [
# Mask GPE03 (EC wakeup events) to allow hibernation without spurious CPU wakeups
"acpi_mask_gpe=0x03"
];
};
hardware = {
enableRedistributableFirmware = true;
bluetooth.enable = true;
amdgpu.initrd.enable = lib.mkDefault true;
};
services = {
xserver.videoDrivers = [ "modesetting" ];
fwupd.enable = true;
};
# System Config
reichard = {
nix = enabled;
system = {
boot = {
enable = true;
enableGrub = false;
enableSystemd = true;
silentBoot = true;
};
disk = {
enable = true;
diskPath = "/dev/nvme0n1";
};
networking = {
enable = true;
enableIWD = true;
};
};
hardware = {
opengl = enabled;
battery = {
upower = enabled;
};
};
services = {
tailscale = enabled;
avahi = enabled;
ydotool = enabled;
};
virtualisation = {
podman = enabled;
libvirtd = {
enable = true;
withVirtManager = true;
enableAMDIOMMU = true;
};
};
programs = {
graphical = {
wms.hyprland = enabled;
};
};
security = {
sops = {
enable = true;
defaultSopsFile = lib.snowfall.fs.get-file "secrets/lin-va-thinkpad/default.yaml";
};
};
};
# Additional System Packages
environment.systemPackages = with pkgs; [
dool
jq
mosh
rclone
sqlite-interactive
unzip
];
}

43
systems/x86_64-linux/lin-va-utility/default.nix Executable file
View File

@@ -0,0 +1,43 @@
{ namespace, lib, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
system.stateVersion = "24.11";
time.timeZone = "America/New_York";
reichard = {
nix = enabled;
system = {
boot = {
enable = true;
silentBoot = true;
};
networking = enabled;
};
hardware = {
opengl = {
enable = true;
enable32Bit = true; # Necessary?
enableIntel = true;
};
};
services = {
avahi = enabled;
ydotool = enabled;
};
virtualisation = {
podman = enabled;
};
programs = {
graphical = {
wms.hyprland = enabled;
};
};
};
}

Some files were not shown because too many files have changed in this diff Show More