evan/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: evan:cddaa01e9913b123f65c5dc8429ec8ad987c3276
Branches Tags
evan:master evan:snowfall
..
compare: evan:snowfall
Branches Tags
evan:master evan:snowfall

8 Commits
cddaa01e99 ... snowfall

Author SHA1 Message Date
Evan Reichard
559ef8c17d remove ff sponsored 2025-04-19 21:12:13 -04:00
Evan Reichard
036f162264 fix sops 2025-04-19 21:08:21 -04:00
Evan Reichard
00070837c2 fix bindings 2025-04-19 20:37:58 -04:00
Evan Reichard
e84f6e7cb4 again 2025-04-19 20:35:52 -04:00
Evan Reichard
914f8e8d30 more 2025-04-19 20:35:22 -04:00
Evan Reichard
fb1b69153b thinkpad conf 2025-04-19 20:09:49 -04:00
Evan Reichard
cf82afea4b utility 2025-04-10 20:01:05 -04:00
Evan Reichard
4d04f2600f snowfall migration 2025-04-10 17:40:56 -04:00
56 changed files with 1131 additions and 608 deletions
Expand all files Collapse all files

8
.sops.yaml
View File

@@ -1,7 +1,15 @@
keys: keys:
# Admin - Age Native
- &admin_reichard age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w - &admin_reichard age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w
# lin-va-mbp-personal@evanreichard - SSH Derived
- &user_lin-va-mbp-personal age17ayje4uv2mhwehhp9jr3u9l0ds07396kt7ef40sufx89vm7cgfjq6d5d4y
creation_rules: creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups: key_groups:
- age: - age:
- *admin_reichard - *admin_reichard
- path_regex: secrets/lin-va-mbp-personal/evanreichard/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *admin_reichard
- *user_lin-va-mbp-personal

3
README.md
View File

@@ -1,12 +1,11 @@
# Description # Description
This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager). This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager).
It takes heavy inspiration from [khaneliman/khanelinix](https://github.com/khaneliman/khanelinix).
### NixOS ### NixOS
```bash ```bash
sudo nixos-rebuild switch --flake .#lin-va-mbp-personal
``` ```
### NixOS Generators ### NixOS Generators

8
TODO.md
View File

@@ -1,8 +0,0 @@
- Nix Builder
- Keys
- User
- Etc
- SSH
- Known Hosts

10
bootstrap.sh
View File

@@ -3,7 +3,7 @@
export NIX_CONFIG="experimental-features = nix-command flakes" export NIX_CONFIG="experimental-features = nix-command flakes"
function cmd_image() { function cmd_image() {
local usage="Usage: $0 image --name <image-name>" local usage="Usage: $0 image --name <image-name> [--remote]"
local name="" local name=""
local remote=false local remote=false
@@ -31,13 +31,13 @@ function cmd_image() {
# Validate Config Exists # Validate Config Exists
if ! nix eval --json --impure \ if ! nix eval --json --impure \
".#vmwareConfigurations" \ ".#qcowConfigurations" \
--apply "s: builtins.hasAttr \"$name\" s" 2>/dev/null | grep -q "true"; then --apply "s: builtins.hasAttr \"$name\" s" 2>/dev/null | grep -q "true"; then
echo "Error: NixOS Generator Config '$name' not found" echo "Error: NixOS Generator Config '$name' not found"
exit 1 exit 1
fi fi
build_args=(".#vmwareConfigurations.$name") build_args=(".#qcowConfigurations.$name")
if [ "$remote" = true ]; then if [ "$remote" = true ]; then
build_args+=("-j0") build_args+=("-j0")
fi fi
@@ -80,11 +80,9 @@ function cmd_install() {
exit 1 exit 1
fi fi
#$ TODO
#
# Validate mainDiskID Exists # Validate mainDiskID Exists
if ! disk_id=$(nix eval --raw --impure \ if ! disk_id=$(nix eval --raw --impure \
".#nixosConfigurations.$name.config.mainDiskID" 2>/dev/null); then ".#nixosConfigurations.$name.config.disko.devices.disk.main.device" 2>/dev/null); then
echo "Error: mainDiskID not defined for configuration '$name'" echo "Error: mainDiskID not defined for configuration '$name'"
exit 1 exit 1
fi fi

17
flake.lock generated
View File

@@ -220,6 +220,22 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-unstable": {
"locked": {
"lastModified": 1744098102,
"narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1743813633, "lastModified": 1743813633,
@@ -244,6 +260,7 @@
"home-manager": "home-manager", "home-manager": "home-manager",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"snowfall-lib": "snowfall-lib", "snowfall-lib": "snowfall-lib",
"sops-nix": "sops-nix" "sops-nix": "sops-nix"
} }

1
flake.nix
View File

@@ -3,6 +3,7 @@
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
disko.url = "github:nix-community/disko"; disko.url = "github:nix-community/disko";
snowfall-lib = { snowfall-lib = {
url = "github:snowfallorg/lib"; url = "github:snowfallorg/lib";

40
homes/aarch64-darwin/evanreichard@MBP-Personal/README.md
View File

@@ -1,40 +0,0 @@
# Nix Home Manager Configuration
## Upgrade
```bash
# Update System Channels
sudo nix-channel --add https://nixos.org/channels/nixpkgs-24.11-darwin nixpkgs
sudo nix-channel --update
# Update Home Manager
nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz home-manager
nix-channel --update
# Link Repo
ln -s /Users/evanreichard/Development/git/personal/nix/home-manager ~/.config/home-manager
# Build Home Manager
home-manager switch
```
## Clean Garbage
NOTE: This will remove previous generations
```bash
sudo nix-collect-garbage --delete-old
nix-collect-garbage --delete-old
```
## OS Update
`/etc/bashrc` may get overridden. To properly load Nix, prepend the following:
```bash
# Nix
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# End Nix
```

36
homes/aarch64-darwin/evanreichard@MBP-Personal/default.nix → homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/default.nix
View File

@@ -1,8 +1,10 @@
{ pkgs, lib, config, namespace, ... }: { lib, config, namespace, ... }:
let let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "24.11";
reichard = { reichard = {
user = { user = {
enable = true; enable = true;
@@ -10,12 +12,18 @@ in
}; };
services = { services = {
ssh-agent = enabled; # TODO
# sops = {
# enable = true;
# defaultSopsFile = lib.snowfall.fs.get-file "secrets/mac-va-mbp-personal/evanreichard/default.yaml";
# sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
# };
}; };
programs = { programs = {
graphical = { graphical = {
ghostty = enabled; ghostty = enabled;
ghidra = enabled;
}; };
terminal = { terminal = {
@@ -29,23 +37,21 @@ in
}; };
# Global Packages # Global Packages
programs.jq = enabled; # programs.jq = enabled;
programs.pandoc = enabled; # programs.pandoc = enabled;
home.packages = with pkgs; [ # home.packages = with pkgs; [
android-tools # android-tools
imagemagick # imagemagick
mosh # mosh
python311 # python311
texliveSmall # Pandoc PDF Dep # texliveSmall # Pandoc PDF Dep
google-cloud-sdk # google-cloud-sdk
tldr # tldr
]; # ];
# SQLite Configuration # SQLite Configuration
home.file.".sqliterc".text = '' home.file.".sqliterc".text = ''
.headers on .headers on
.mode column .mode column
''; '';
home.stateVersion = "24.11";
} }

11
homes/aarch64-darwin/evanreichard@MBP-Work/default.nix → homes/aarch64-darwin/evanreichard@mac-va-mbp-work/default.nix
View File

@@ -3,6 +3,8 @@ let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "24.11";
reichard = { reichard = {
user = { user = {
enable = true; enable = true;
@@ -10,7 +12,12 @@ in
}; };
services = { services = {
ssh-agent = enabled; # TODO
# sops = {
# enable = true;
# defaultSopsFile = lib.snowfall.fs.get-file "secrets/mac-va-mbp-work/evanreichard/default.yaml";
# sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
# };
}; };
programs = { programs = {
@@ -47,6 +54,4 @@ in
.headers on .headers on
.mode column .mode column
''; '';
home.stateVersion = "24.11";
} }

103
homes/aarch64-linux/evanreichard@lin-va-mbp-personal/default.nix Executable file
View File

@@ -0,0 +1,103 @@
{ pkgs, lib, config, namespace, osConfig, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "24.11";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
fusuma = enabled;
swww = enabled;
sops = {
enable = true;
defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
};
};
programs = {
graphical = {
wms.hyprland = {
enable = true;
monitors = [
",highres,auto,2" # Optional - 1.68
];
};
ghostty = enabled;
ghidra = enabled;
browsers.firefox = {
enable = true;
gpuAcceleration = true;
hardwareDecoding = true;
};
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
};
};
};
# home.packages = with pkgs; [
# catppuccin-gtk
# ];
dconf = {
settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
cursor-theme = "catppuccin-macchiato-mauve-cursors";
cursor-size = 24;
# enable-hot-corners = false;
# font-name = osConfig.${namespace}.system.fonts.default;
# gtk-theme = cfg.theme.name;
# icon-theme = cfg.icon.name;
};
};
};
home.pointerCursor = {
gtk.enable = true;
name = "catppuccin-macchiato-mauve-cursors";
package = pkgs.catppuccin-cursors.macchiatoMauve;
size = 24;
};
# Kubernetes Secrets
sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable {
rke2_kubeconfig = {
path = "${config.home.homeDirectory}/.kube/rke2";
};
};
# Global Packages
# programs.jq = enabled;
# programs.pandoc = enabled;
# home.packages = with pkgs; [
# android-tools
# imagemagick
# mosh
# python311
# texliveSmall # Pandoc PDF Dep
# google-cloud-sdk
# tldr
# ];
# SQLite Configuration
home.file.".sqliterc".text = ''
.headers on
.mode column
'';
}

40
homes/aarch64-linux/evanreichard@mbp-nixos/README.md
View File

@@ -1,40 +0,0 @@
# Nix Home Manager Configuration
## Upgrade
```bash
# Update System Channels
sudo nix-channel --add https://nixos.org/channels/nixpkgs-24.11-darwin nixpkgs
sudo nix-channel --update
# Update Home Manager
nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz home-manager
nix-channel --update
# Link Repo
ln -s /Users/evanreichard/Development/git/personal/nix/home-manager ~/.config/home-manager
# Build Home Manager
home-manager switch
```
## Clean Garbage
NOTE: This will remove previous generations
```bash
sudo nix-collect-garbage --delete-old
nix-collect-garbage --delete-old
```
## OS Update
`/etc/bashrc` may get overridden. To properly load Nix, prepend the following:
```bash
# Nix
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# End Nix
```

85
homes/x86_64-linux/evanreichard@lin-va-thinkpad/default.nix Executable file
View File

@@ -0,0 +1,85 @@
{ pkgs, lib, config, namespace, osConfig, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "24.11";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
fusuma = enabled;
swww = enabled;
sops = {
enable = true;
defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
};
};
programs = {
graphical = {
wms.hyprland = enabled;
ghostty = enabled;
ghidra = enabled;
browsers.firefox = {
enable = true;
gpuAcceleration = true;
hardwareDecoding = true;
};
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
};
};
};
# home.packages = with pkgs; [
# catppuccin-gtk
# ];
dconf = {
settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
cursor-theme = "catppuccin-macchiato-mauve-cursors";
cursor-size = 24;
# enable-hot-corners = false;
# font-name = osConfig.${namespace}.system.fonts.default;
# gtk-theme = cfg.theme.name;
# icon-theme = cfg.icon.name;
};
};
};
home.pointerCursor = {
gtk.enable = true;
name = "catppuccin-macchiato-mauve-cursors";
package = pkgs.catppuccin-cursors.macchiatoMauve;
size = 24;
};
# Kubernetes Secrets
sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable {
rke2_kubeconfig = {
path = "${config.home.homeDirectory}/.kube/rke2";
};
};
# SQLite Configuration
home.file.".sqliterc".text = ''
.headers on
.mode column
'';
}

34
homes/aarch64-linux/evanreichard@mbp-nixos/default.nix → homes/x86_64-linux/evanreichard@lin-va-utility/default.nix
View File

@@ -1,8 +1,10 @@
{ lib, config, namespace, osConfig, ... }: { pkgs, lib, config, namespace, osConfig, ... }:
let let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "24.11";
reichard = { reichard = {
user = { user = {
enable = true; enable = true;
@@ -11,6 +13,8 @@ in
services = { services = {
ssh-agent = enabled; ssh-agent = enabled;
fusuma = enabled;
swww = enabled;
sops = { sops = {
enable = true; enable = true;
defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml"; defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
@@ -40,6 +44,32 @@ in
}; };
}; };
# home.packages = with pkgs; [
# catppuccin-gtk
# ];
dconf = {
settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
cursor-theme = "catppuccin-macchiato-mauve-cursors";
cursor-size = 24;
# enable-hot-corners = false;
# font-name = osConfig.${namespace}.system.fonts.default;
# gtk-theme = cfg.theme.name;
# icon-theme = cfg.icon.name;
};
};
};
home.pointerCursor = {
gtk.enable = true;
name = "catppuccin-macchiato-mauve-cursors";
package = pkgs.catppuccin-cursors.macchiatoMauve;
size = 24;
};
# Kubernetes Secrets # Kubernetes Secrets
sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable { sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable {
rke2_kubeconfig = { rke2_kubeconfig = {
@@ -65,6 +95,4 @@ in
.headers on .headers on
.mode column .mode column
''; '';
home.stateVersion = "24.11";
} }

8
modules/home/programs/graphical/browsers/firefox/default.nix
View File

@@ -47,12 +47,6 @@ in
install_url = "https://gitflic.ru/project/magnolia1234/bpc_uploads/blob/raw?file=bypass_paywalls_clean-latest.xpi"; install_url = "https://gitflic.ru/project/magnolia1234/bpc_uploads/blob/raw?file=bypass_paywalls_clean-latest.xpi";
installation_mode = "force_installed"; installation_mode = "force_installed";
}; };
# Ctrl+Number Tabs
"{84601290-bec9-494a-b11c-1baa897a9683}" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ctrl-number-to-switch-tabs/latest.xpi";
installation_mode = "force_installed";
};
}; };
Preferences = { }; Preferences = { };
} "Policies to apply to firefox"; } "Policies to apply to firefox";
@@ -91,9 +85,11 @@ in
"browser.aboutConfig.showWarning" = false; "browser.aboutConfig.showWarning" = false;
"browser.aboutwelcome.enabled" = false; "browser.aboutwelcome.enabled" = false;
"browser.sessionstore.warnOnQuit" = true; "browser.sessionstore.warnOnQuit" = true;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.shell.checkDefaultBrowser" = false; "browser.shell.checkDefaultBrowser" = false;
"general.smoothScroll.msdPhysics.enabled" = true; "general.smoothScroll.msdPhysics.enabled" = true;
"intl.accept_languages" = "en-US,en"; "intl.accept_languages" = "en-US,en";
"ui.key.accelKey" = "224";
# "devtools.chrome.enabled" = true; # "devtools.chrome.enabled" = true;
# "xpinstall.signatures.required" = false; # "xpinstall.signatures.required" = false;

23
modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-macchiato.conf Normal file
View File

@@ -0,0 +1,23 @@
# https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-macchiato.conf
palette = 0=#494d64
palette = 1=#ed8796
palette = 2=#a6da95
palette = 3=#eed49f
palette = 4=#8aadf4
palette = 5=#f5bde6
palette = 6=#8bd5ca
palette = 7=#b8c0e0
palette = 8=#5b6078
palette = 9=#ed8796
palette = 10=#a6da95
palette = 11=#eed49f
palette = 12=#8aadf4
palette = 13=#f5bde6
palette = 14=#8bd5ca
palette = 15=#a5adcb
background = 24273a
foreground = cad3f5
cursor-color = f4dbd6
cursor-text = 24273a
selection-background = 3a3e53
selection-foreground = cad3f5

23
modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-mocha.conf Normal file
View File

@@ -0,0 +1,23 @@
# https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-mocha.conf
palette = 0=#45475a
palette = 1=#f38ba8
palette = 2=#a6e3a1
palette = 3=#f9e2af
palette = 4=#89b4fa
palette = 5=#f5c2e7
palette = 6=#94e2d5
palette = 7=#bac2de
palette = 8=#585b70
palette = 9=#f38ba8
palette = 10=#a6e3a1
palette = 11=#f9e2af
palette = 12=#89b4fa
palette = 13=#f5c2e7
palette = 14=#94e2d5
palette = 15=#a6adc8
background = 1e1e2e
foreground = cdd6f4
cursor-color = f5e0dc
cursor-text = 1e1e2e
selection-background = 353749
selection-foreground = cdd6f4

21
modules/home/programs/graphical/ghostty/config/ghostty-melange-dark.conf Normal file
View File

@@ -0,0 +1,21 @@
# Melange Dark - Adapted From: https://github.com/savq/melange-nvim/blob/master/term/kitty/melange_dark.conf
palette = 0=#34302C
palette = 1=#BD8183
palette = 2=#78997A
palette = 3=#E49B5D
palette = 4=#7F91B2
palette = 5=#B380B0
palette = 6=#7B9695
palette = 7=#C1A78E
palette = 8=#867462
palette = 9=#D47766
palette = 10=#85B695
palette = 11=#EBC06D
palette = 12=#A3A9CE
palette = 13=#CF9BC2
palette = 14=#89B3B6
palette = 15=#ECE1D7
background = 292522
foreground = ECE1D7
selection-background = 403A36
selection-foreground = ECE1D7

87
modules/home/programs/graphical/ghostty/config/ghostty.conf
View File

@@ -5,49 +5,54 @@ font-family = "MesloLGM Nerd Font Mono"
confirm-close-surface = true confirm-close-surface = true
# Keybindings - Tabs & Splits # Keybindings - Tabs & Splits
keybind = ctrl+t=new_tab keybind = cmd+t=new_tab
keybind = ctrl+w=close_surface keybind = cmd+w=close_surface
keybind = ctrl+d=new_split:right keybind = cmd+d=new_split:right
keybind = ctrl+shift+d=new_split:down keybind = cmd+shift+d=new_split:down
keybind = ctrl+enter=toggle_split_zoom keybind = cmd+shift+enter=toggle_split_zoom
# Keybindings - Navigation - Splits # Keybindings - Navigation - Splits
keybind = ctrl+left=goto_split:left keybind = cmd+left=goto_split:left
keybind = ctrl+right=goto_split:right keybind = cmd+right=goto_split:right
keybind = ctrl+up=goto_split:up keybind = cmd+up=goto_split:up
keybind = ctrl+down=goto_split:down keybind = cmd+down=goto_split:down
keybind = ctrl+]=next_tab keybind = cmd+]=goto_split:next
keybind = ctrl+[=previous_tab keybind = cmd+[=goto_split:previous
# Keybindings - Navigation - Tabs # Keybindings - Navigation - Tabs
keybind = ctrl+1=goto_tab:1 keybind = cmd+1=goto_tab:1
keybind = ctrl+2=goto_tab:2 keybind = cmd+2=goto_tab:2
keybind = ctrl+3=goto_tab:3 keybind = cmd+3=goto_tab:3
keybind = ctrl+4=goto_tab:4 keybind = cmd+4=goto_tab:4
keybind = ctrl+5=goto_tab:5 keybind = cmd+5=goto_tab:5
keybind = ctrl+6=goto_tab:6 keybind = cmd+6=goto_tab:6
keybind = ctrl+7=goto_tab:7 keybind = cmd+7=goto_tab:7
keybind = ctrl+8=goto_tab:8 keybind = cmd+8=goto_tab:8
keybind = ctrl+9=goto_tab:9 keybind = cmd+9=goto_tab:9
# Melange Dark - Adapted From: https://github.com/savq/melange-nvim/blob/master/term/kitty/melange_dark.conf keybind = performable:cmd+c=copy_to_clipboard
palette = 0=#34302C keybind = performable:cmd+v=paste_from_clipboard
palette = 1=#BD8183
palette = 2=#78997A # https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-mocha.conf
palette = 3=#E49B5D palette = 0=#45475a
palette = 4=#7F91B2 palette = 1=#f38ba8
palette = 5=#B380B0 palette = 2=#a6e3a1
palette = 6=#7B9695 palette = 3=#f9e2af
palette = 7=#C1A78E palette = 4=#89b4fa
palette = 8=#867462 palette = 5=#f5c2e7
palette = 9=#D47766 palette = 6=#94e2d5
palette = 10=#85B695 palette = 7=#bac2de
palette = 11=#EBC06D palette = 8=#585b70
palette = 12=#A3A9CE palette = 9=#f38ba8
palette = 13=#CF9BC2 palette = 10=#a6e3a1
palette = 14=#89B3B6 palette = 11=#f9e2af
palette = 15=#ECE1D7 palette = 12=#89b4fa
background = 292522 palette = 13=#f5c2e7
foreground = ECE1D7 palette = 14=#94e2d5
selection-background = 403A36 palette = 15=#a6adc8
selection-foreground = ECE1D7 background = 1e1e2e
foreground = cdd6f4
cursor-color = f5e0dc
cursor-text = 1e1e2e
selection-background = 353749
selection-foreground = cdd6f4

9
modules/home/programs/graphical/ghostty/default.nix
View File

@@ -20,12 +20,14 @@ in
profileExtra = '' profileExtra = ''
SHELL="$BASH" SHELL="$BASH"
PATH=~/.bin:$PATH PATH=~/.bin:$PATH
bind "set show-mode-in-prompt on"
set -o vi || true
VISUAL=vim VISUAL=vim
EDITOR="$VISUAL" EDITOR="$VISUAL"
eval "$(thefuck --alias)"
set -o vi || true
bind "set show-mode-in-prompt on"
fastfetch fastfetch
eval "$(thefuck --alias)"
''; '';
}; };
@@ -72,6 +74,5 @@ in
[ "@BASH_PATH@" ] [ "@BASH_PATH@" ]
[ bashPath ] [ bashPath ]
(builtins.readFile ./config/ghostty.conf); (builtins.readFile ./config/ghostty.conf);
}; };
} }

143
modules/home/programs/graphical/wms/hyprland/config/hyprland.conf
View File

@@ -1,52 +1,7 @@
################ exec-once = uwsm app -- waybar
### MONITORS ### exec-once = uwsm app -- $terminal
################ exec-once = uwsm app -- firefox
# See https://wiki.hyprland.org/Configuring/Monitors/
monitor=,highres,auto,1.68 # 2
debug:disable_scale_checks = true
###################
### MY PROGRAMS ###
###################
# See https://wiki.hyprland.org/Configuring/Keywords/
# Set programs that you use
$terminal = ghostty
$fileManager = dolphin
$menu = wofi --show drun
#################
### AUTOSTART ###
#################
# Autostart necessary processes (like notifications daemons, status bars, etc.)
# Or execute your favorite apps at launch like this:
# exec-once = $terminal
# exec-once = nm-applet &
exec-once = waybar & $terminal & firefox
#############################
### ENVIRONMENT VARIABLES ###
#############################
# See https://wiki.hyprland.org/Configuring/Environment-variables/
env = XCURSOR_SIZE,24
env = HYPRCURSOR_SIZE,24
#####################
### LOOK AND FEEL ###
#####################
# Refer to https://wiki.hyprland.org/Configuring/Variables/
# https://wiki.hyprland.org/Configuring/Variables/#general
general { general {
gaps_in = 5 gaps_in = 5
gaps_out = 12 gaps_out = 12
@@ -160,13 +115,14 @@ input {
follow_mouse = 1 follow_mouse = 1
sensitivity = 0 # -1.0 - 1.0, 0 means no modification. sensitivity = 0.0 # -1.0 - 1.0, 0 means no modification.
touchpad { touchpad {
scroll_factor = 0.2 scroll_factor = 0.5
disable_while_typing = true disable_while_typing = true
natural_scroll = true natural_scroll = true
clickfinger_behavior = true clickfinger_behavior = true
tap-to-click = false
} }
} }
@@ -177,86 +133,11 @@ gestures {
workspace_swipe_invert = true workspace_swipe_invert = true
} }
# Example per-device config # Thinkpad Trackpoint
# See https://wiki.hyprland.org/Configuring/Keywords/#per-device-input-configs for more device {
# device { name = tpps/2-elan-trackpoint
# name = epic-mouse-v1 sensitivity = -0.3
# sensitivity = -0.5 }
# }
###################
### KEYBINDINGS ###
###################
# See https://wiki.hyprland.org/Configuring/Keywords/
$mainMod = SUPER # Sets "Windows" key as main modifier
# Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more
bind = $mainMod, Q, exec, $terminal
bind = $mainMod, W, killactive,
bind = $mainMod, M, exit,
bind = $mainMod, E, exec, $fileManager
bind = $mainMod, V, togglefloating,
bind = $mainMod, SPACE, exec, $menu
bind = $mainMod, P, pseudo, # dwindle
bind = $mainMod, J, togglesplit, # dwindle
# Move focus with mainMod + arrow keys
bind = $mainMod, left, movefocus, l
bind = $mainMod, right, movefocus, r
bind = $mainMod, up, movefocus, u
bind = $mainMod, down, movefocus, d
# Switch workspaces with mainMod + [0-9]
bind = $mainMod, 1, workspace, 1
bind = $mainMod, 2, workspace, 2
bind = $mainMod, 3, workspace, 3
bind = $mainMod, 4, workspace, 4
bind = $mainMod, 5, workspace, 5
bind = $mainMod, 6, workspace, 6
bind = $mainMod, 7, workspace, 7
bind = $mainMod, 8, workspace, 8
bind = $mainMod, 9, workspace, 9
bind = $mainMod, 0, workspace, 10
# Move active window to a workspace with mainMod + SHIFT + [0-9]
bind = $mainMod SHIFT, 1, movetoworkspace, 1
bind = $mainMod SHIFT, 2, movetoworkspace, 2
bind = $mainMod SHIFT, 3, movetoworkspace, 3
bind = $mainMod SHIFT, 4, movetoworkspace, 4
bind = $mainMod SHIFT, 5, movetoworkspace, 5
bind = $mainMod SHIFT, 6, movetoworkspace, 6
bind = $mainMod SHIFT, 7, movetoworkspace, 7
bind = $mainMod SHIFT, 8, movetoworkspace, 8
bind = $mainMod SHIFT, 9, movetoworkspace, 9
bind = $mainMod SHIFT, 0, movetoworkspace, 10
# Example special workspace (scratchpad)
bind = $mainMod, S, togglespecialworkspace, magic
bind = $mainMod SHIFT, S, movetoworkspace, special:magic
# Scroll through existing workspaces with mainMod + scroll
bind = $mainMod, mouse_down, workspace, e+1
bind = $mainMod, mouse_up, workspace, e-1
# Move/resize windows with mainMod + LMB/RMB and dragging
bindm = $mainMod, mouse:272, movewindow
bindm = $mainMod, mouse:273, resizewindow
# Laptop multimedia keys for volume and LCD brightness
bindel = ,XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+
bindel = ,XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-
bindel = ,XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle
bindel = ,XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle
bindel = ,XF86MonBrightnessUp, exec, brightnessctl s 10%+
bindel = ,XF86MonBrightnessDown, exec, brightnessctl s 10%-
# Requires playerctl
bindl = , XF86AudioNext, exec, playerctl next
bindl = , XF86AudioPause, exec, playerctl play-pause
bindl = , XF86AudioPlay, exec, playerctl play-pause
bindl = , XF86AudioPrev, exec, playerctl previous
############################## ##############################
### WINDOWS AND WORKSPACES ### ### WINDOWS AND WORKSPACES ###

23
modules/home/programs/graphical/wms/hyprland/config/waybar-style.css
View File

@@ -48,6 +48,7 @@
/* Node Styles */ /* Node Styles */
#workspaces, #workspaces,
#window, #window,
#tray,
#cpu, #cpu,
#memory, #memory,
#pulseaudio, #pulseaudio,
@@ -60,11 +61,6 @@
background-color: @surface0; background-color: @surface0;
} }
#workspaces {
padding: 0px;
margin-left: 1rem;
}
#workspaces button { #workspaces button {
color: @lavender; color: @lavender;
border-radius: 1rem; border-radius: 1rem;
@@ -117,15 +113,11 @@
color: @red; color: @red;
} }
#clock {
color: @blue;
margin-right: 1rem;
}
/* Left Border Radius */ /* Left Border Radius */
#clock, #clock,
#network, #network,
#cpu, #cpu,
#tray,
#workspaces { #workspaces {
margin-left: 0.5rem; margin-left: 0.5rem;
border-top-left-radius: 1rem; border-top-left-radius: 1rem;
@@ -135,9 +127,20 @@
/* Right Border Radius */ /* Right Border Radius */
#pulseaudio, #pulseaudio,
#clock, #clock,
#tray,
#battery, #battery,
#workspaces { #workspaces {
margin-right: 0.5rem; margin-right: 0.5rem;
border-top-right-radius: 1rem; border-top-right-radius: 1rem;
border-bottom-right-radius: 1rem; border-bottom-right-radius: 1rem;
} }
#workspaces {
padding: 0px;
margin-left: 1rem;
}
#clock {
color: @blue;
margin-right: 1rem;
}

103
modules/home/programs/graphical/wms/hyprland/default.nix
View File

@@ -1,17 +1,107 @@
{ lib, pkgs, config, namespace, ... }: { lib, pkgs, config, namespace, ... }:
let let
inherit (lib) mkIf; inherit (lib) types mkIf;
inherit (lib.${namespace}) mkOpt enabled;
cfg = config.${namespace}.programs.graphical.wms.hyprland; cfg = config.${namespace}.programs.graphical.wms.hyprland;
in in
{ {
options.${namespace}.programs.graphical.wms.hyprland = { options.${namespace}.programs.graphical.wms.hyprland = {
enable = lib.mkEnableOption "Hyprland"; enable = lib.mkEnableOption "Hyprland";
mainMod = mkOpt types.str "SUPER" "Hyprland main modifier key";
monitors = mkOpt (with types; listOf str) [
", preferred, auto, 1"
] "Hyprland monitor configuration";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.swaync = enabled;
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
enable = true; enable = true;
extraConfig = builtins.readFile ./config/hyprland.conf; extraConfig = builtins.readFile ./config/hyprland.conf;
settings = {
"$mainMod" = cfg.mainMod;
"$terminal" = "ghostty";
"$menu" = "wofi --show drun";
monitor = cfg.monitors;
bind = [
# Super Bindings (macOS Transition)
"ALT_SHIFT, 1, exec, hyprshot -m output"
"ALT_SHIFT, 2, exec, hyprshot -m window"
"ALT_SHIFT, 3, exec, hyprshot -m region"
# Primary Bindings
"$mainMod, SPACE, exec, $menu"
"$mainMod, RETURN, exec, $terminal"
"$mainMod, Q, killactive"
"$mainMod, M, exit"
"$mainMod, V, togglefloating"
"$mainMod, P, pseudo" # dwindle
"$mainMod, J, togglesplit" # dwindle
"$mainMod, S, togglespecialworkspace, magic"
"$mainMod SHIFT, S, movetoworkspace, special:magic"
# Window Focus
"$mainMod, left, movefocus, l"
"$mainMod, right, movefocus, r"
"$mainMod, up, movefocus, u"
"$mainMod, down, movefocus, d"
# Workspace Switch
"$mainMod, 1, workspace, 1"
"$mainMod, 2, workspace, 2"
"$mainMod, 3, workspace, 3"
"$mainMod, 4, workspace, 4"
"$mainMod, 5, workspace, 5"
"$mainMod, 6, workspace, 6"
"$mainMod, 7, workspace, 7"
"$mainMod, 8, workspace, 8"
"$mainMod, 9, workspace, 9"
"$mainMod, 0, workspace, 10"
# Window Workspace Move
"$mainMod SHIFT, 1, movetoworkspace, 1"
"$mainMod SHIFT, 2, movetoworkspace, 2"
"$mainMod SHIFT, 3, movetoworkspace, 3"
"$mainMod SHIFT, 4, movetoworkspace, 4"
"$mainMod SHIFT, 5, movetoworkspace, 5"
"$mainMod SHIFT, 6, movetoworkspace, 6"
"$mainMod SHIFT, 7, movetoworkspace, 7"
"$mainMod SHIFT, 8, movetoworkspace, 8"
"$mainMod SHIFT, 9, movetoworkspace, 9"
"$mainMod SHIFT, 0, movetoworkspace, 10"
"$mainMod SHIFT, right, workspace, +1"
"$mainMod SHIFT, left, workspace, -1"
];
bindm = [
# Window Resizing
"$mainMod, mouse:272, movewindow"
"$mainMod, mouse:273, resizewindow"
];
bindel = [
# Multimedia & Brightness Keys
",XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+"
",XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-"
",XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
",XF86AudioMicMute, exec, wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"
",XF86MonBrightnessUp, exec, brightnessctl s 10%+"
",XF86MonBrightnessDown, exec, brightnessctl s 10%-"
# macOS Keyboard Brightness
"ALT, XF86MonBrightnessUp, exec, brightnessctl -d kbd_backlight s 10%+"
"ALT, XF86MonBrightnessDown, exec, brightnessctl -d kbd_backlight s 10%-"
];
bindl = [
# Player Controls
", XF86AudioNext, exec, playerctl next"
", XF86AudioPause, exec, playerctl play-pause"
", XF86AudioPlay, exec, playerctl play-pause"
", XF86AudioPrev, exec, playerctl previous"
];
};
}; };
programs.waybar = { programs.waybar = {
@@ -31,9 +121,9 @@ in
]; ];
# modules-center = [ "hyprland/window" ]; # modules-center = [ "hyprland/window" ];
modules-right = [ modules-right = [
"tray"
"cpu" "cpu"
"memory" "memory"
"tray"
"pulseaudio" "pulseaudio"
"network" "network"
"backlight" "backlight"
@@ -83,10 +173,6 @@ in
format-alt = " {used:0.1f}G"; format-alt = " {used:0.1f}G";
max-length = 10; max-length = 10;
}; };
# backlight = {
# format = "󰖨 {}%";
# device = "acpi_video0";
# };
backlight = { backlight = {
format = "{icon}"; format = "{icon}";
@@ -171,15 +257,18 @@ in
}; };
home.packages = with pkgs; [ home.packages = with pkgs; [
brightnessctl
hyprshot hyprshot
wofi wofi
wofi-emoji wofi-emoji
brightnessctl
]; ];
xdg.configFile = { xdg.configFile = {
"wofi/config".source = ./config/wofi.conf; "wofi/config".source = ./config/wofi.conf;
"wofi/style.css".source = ./config/wofi-style.css; "wofi/style.css".source = ./config/wofi-style.css;
"uwsp/env".text = ''
export XCURSOR_SIZE=64
'';
}; };
}; };
} }

47
modules/home/programs/terminal/nvim/config/lua/base.lua
View File

@@ -2,10 +2,11 @@
-- vim.g.nord_borders = true -- vim.g.nord_borders = true
-- vim.g.nord_contrast = true -- vim.g.nord_contrast = true
-- vim.cmd('colorscheme nord') -- vim.cmd('colorscheme nord')
vim.cmd('colorscheme melange') -- vim.cmd('colorscheme melange')
vim.cmd("colorscheme catppuccin-mocha")
-- Set Leader -- Set Leader
vim.keymap.set("n", "<Space>", "<Nop>", {silent = true}) vim.keymap.set("n", "<Space>", "<Nop>", { silent = true })
vim.g.mapleader = " " vim.g.mapleader = " "
-- Set Timeout -- Set Timeout
@@ -38,29 +39,31 @@ vim.opt.foldlevel = 2
-- Diagnostics Mappings -- Diagnostics Mappings
local diagnostics_active = true local diagnostics_active = true
local toggle_diagnostics = function() local toggle_diagnostics = function()
diagnostics_active = not diagnostics_active diagnostics_active = not diagnostics_active
if diagnostics_active then if diagnostics_active then
vim.diagnostic.enable() vim.diagnostic.enable()
else else
vim.diagnostic.disable() vim.diagnostic.disable()
end end
end end
local diagnostics_loclist_active = false local diagnostics_loclist_active = false
local toggle_diagnostics_loclist = function() local toggle_diagnostics_loclist = function()
diagnostics_loclist_active = not diagnostics_loclist_active diagnostics_loclist_active = not diagnostics_loclist_active
if diagnostics_loclist_active then if diagnostics_loclist_active then
vim.diagnostic.setloclist() vim.diagnostic.setloclist()
else else
vim.cmd('lclose') vim.cmd("lclose")
end end
end end
local opts = {noremap = true, silent = true} local opts = { noremap = true, silent = true }
vim.keymap.set('n', '<leader>qt', toggle_diagnostics, opts) vim.keymap.set("n", "<leader>qt", toggle_diagnostics, opts)
vim.keymap.set('n', '<leader>qN', vim.keymap.set("n", "<leader>qN", function()
function() vim.diagnostic.goto_prev({float = false}) end, opts) vim.diagnostic.goto_prev({ float = false })
vim.keymap.set('n', '<leader>qn', end, opts)
function() vim.diagnostic.goto_next({float = false}) end, opts) vim.keymap.set("n", "<leader>qn", function()
vim.keymap.set('n', '<leader>qq', toggle_diagnostics_loclist, opts) vim.diagnostic.goto_next({ float = false })
vim.keymap.set('n', '<leader>qe', vim.diagnostic.open_float, opts) end, opts)
vim.keymap.set("n", "<leader>qq", toggle_diagnostics_loclist, opts)
vim.keymap.set("n", "<leader>qe", vim.diagnostic.open_float, opts)

5
modules/home/programs/terminal/nvim/config/lua/lsp-config.lua
View File

@@ -174,8 +174,9 @@ nvim_lsp.golangci_lint_ls.setup({
command = { command = {
"golangci-lint", "golangci-lint",
"run", "run",
"--out-format", "--output.json.path",
"json", "stdout",
"--show-stats=false",
"--issues-exit-code=1", "--issues-exit-code=1",
}, },
}, },

3
modules/home/programs/terminal/nvim/default.nix
View File

@@ -57,7 +57,8 @@ in
lualine-nvim # Bottom Line lualine-nvim # Bottom Line
noice-nvim # UI Tweaks noice-nvim # UI Tweaks
# nord-nvim # Theme # nord-nvim # Theme
melange-nvim # Theme # melange-nvim # Theme
catppuccin-nvim # Theme
nvim-notify # Noice Dependency nvim-notify # Noice Dependency
nvim-web-devicons # Dev Icons nvim-web-devicons # Dev Icons

35
modules/home/services/fusuma/default.nix Normal file
View File

@@ -0,0 +1,35 @@
{ config, pkgs, lib, namespace, ... }:
let
cfg = config.${namespace}.services.fusuma;
in
{
options.${namespace}.services.fusuma = {
enable = lib.mkEnableOption "Fusuma";
};
config = lib.mkIf cfg.enable {
services.fusuma = {
enable = true;
extraPackages = with pkgs; [ ydotool deterministic-uname uutils-coreutils-noprefix ];
settings = {
swipe = {
"3" = {
begin = {
command = "ydotool click 40";
interval = 0.00;
};
update = {
command = "ydotool mousemove -- $move_x, $move_y";
interval = 0.01;
accel = 1.00;
# accel = 1.70;
};
end = {
command = "ydotool click 80";
};
};
};
};
};
};
}

73
modules/home/services/swww/default.nix Normal file
View File

@@ -0,0 +1,73 @@
{ config, lib, pkgs, namespace, ... }:
let
cfg = config.${namespace}.services.swww;
in
{
options.${namespace}.services.swww = {
enable = lib.mkEnableOption "swww wallpaper service";
};
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [
swww
];
systemd.user = {
services = {
swww-daemon = {
Unit = {
Description = "SWWW Wallpaper Daemon";
After = [ "graphical-session.target" ];
};
Install = {
WantedBy = [ "graphical-session.target" ];
};
Service = {
Type = "simple";
ExecStart = "${pkgs.swww}/bin/swww-daemon";
Restart = "on-failure";
RestartSec = 5;
};
};
change-wallpaper = {
Unit = {
Description = "SWWW Wallpaper Changer";
After = [ "swww-daemon.service" ];
Requires = [ "swww-daemon.service" ];
};
Install = {
WantedBy = [ "swww-daemon.service" ];
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.writeShellScript "change-wallpaper-script" ''
WALLPAPER=$(${pkgs.findutils}/bin/find $HOME/Wallpapers -type f | ${pkgs.coreutils}/bin/shuf -n 1)
${pkgs.swww}/bin/swww img "$WALLPAPER" --transition-type random
''}";
};
};
};
timers.swww-schedule = {
Unit = {
Description = "SWWW Wallpaper Schedule";
};
Install = {
WantedBy = [ "timers.target" ];
};
Timer = {
OnBootSec = "1min";
OnUnitActiveSec = "1h";
Unit = "change-wallpaper.service";
};
};
};
};
}

3
modules/home/user/default.nix
View File

@@ -5,6 +5,7 @@ let
mkIf mkIf
mkDefault mkDefault
mkMerge mkMerge
mkEnableOption
; ;
inherit (lib.${namespace}) mkOpt; inherit (lib.${namespace}) mkOpt;
@@ -20,7 +21,7 @@ let
in in
{ {
options.${namespace}.user = { options.${namespace}.user = {
enable = mkOpt types.bool false "Whether to configure the user account."; enable = mkEnableOption "Whether to configure the user account.";
email = mkOpt types.str "evan@reichard.io" "The email of the user."; email = mkOpt types.str "evan@reichard.io" "The email of the user.";
fullName = mkOpt types.str "Evan Reichard" "The full name of the user."; fullName = mkOpt types.str "Evan Reichard" "The full name of the user.";
home = mkOpt (types.nullOr types.str) home-directory "The user's home directory."; home = mkOpt (types.nullOr types.str) home-directory "The user's home directory.";

21
modules/nixos/display-managers/sddm/default.nix
View File

@@ -1,24 +1,17 @@
{ config, lib, pkgs, namespace, ... }: { config, lib, pkgs, namespace, ... }:
let let
inherit (lib) mkIf; inherit (lib) mkIf types;
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.display-managers.sddm; cfg = config.${namespace}.display-managers.sddm;
in in
{ {
options.${namespace}.display-managers.sddm = { options.${namespace}.display-managers.sddm = {
enable = lib.mkEnableOption "sddm"; enable = lib.mkEnableOption "sddm";
scale = mkOpt types.str "1.75" "Scale";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
catppuccin-sddm
];
environment.sessionVariables = {
QT_SCREEN_SCALE_FACTORS = "2";
QT_FONT_DPI = "192";
};
services = { services = {
displayManager = { displayManager = {
sddm = { sddm = {
@@ -29,5 +22,13 @@ in
}; };
}; };
}; };
environment.systemPackages = with pkgs; [
catppuccin-sddm
];
environment.sessionVariables = {
QT_SCREEN_SCALE_FACTORS = cfg.scale;
};
}; };
} }

2
modules/nixos/hardware/opengl/default.nix
View File

@@ -24,7 +24,7 @@ in
]; ];
# Add Intel Arc / Nvidia Drivers # Add Intel Arc / Nvidia Drivers
hardware.enableRedistributableFirmware = cfg.enableIntel; hardware.enableRedistributableFirmware = mkIf cfg.enableIntel (mkForce true);
hardware.graphics = { hardware.graphics = {
enable = true; enable = true;
enable32Bit = cfg.enable32Bit; enable32Bit = cfg.enable32Bit;

8
modules/nixos/home/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{
config = {
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
};
};
}

36
modules/nixos/nix/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, pkgs, namespace, host, ... }: { config, lib, pkgs, inputs, namespace, host, ... }:
let let
inherit (lib) types mkIf; inherit (lib) types mkIf;
inherit (lib.${namespace}) mkBoolOpt mkOpt; inherit (lib.${namespace}) mkBoolOpt mkOpt;
@@ -14,6 +14,14 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
nix = nix =
let let
mappedRegistry = lib.pipe inputs [
(lib.filterAttrs (_: lib.isType "flake"))
(lib.mapAttrs (_: flake: { inherit flake; }))
(x: x // {
nixpkgs.flake = if pkgs.stdenv.hostPlatform.isLinux then inputs.nixpkgs else inputs.nixpkgs-unstable;
})
(x: if pkgs.stdenv.hostPlatform.isDarwin then lib.removeAttrs x [ "nixpkgs-unstable" ] else x)
];
users = [ users = [
"root" "root"
"@wheel" "@wheel"
@@ -40,16 +48,18 @@ in
checkConfig = true; checkConfig = true;
distributedBuilds = true; distributedBuilds = true;
optimise.automatic = true;
registry = mappedRegistry;
gc = { gc = {
automatic = true; automatic = true;
options = "--delete-older-than 7d"; options = "--delete-older-than 7d";
}; };
optimise.automatic = true;
settings = { settings = {
connect-timeout = 5;
allowed-users = users; allowed-users = users;
max-jobs = "auto";
auto-optimise-store = pkgs.stdenv.hostPlatform.isLinux; auto-optimise-store = pkgs.stdenv.hostPlatform.isLinux;
builders-use-substitutes = true; builders-use-substitutes = true;
experimental-features = [ experimental-features = [
@@ -66,6 +76,26 @@ in
trusted-users = users; trusted-users = users;
warn-dirty = false; warn-dirty = false;
use-xdg-base-directories = true; use-xdg-base-directories = true;
substituters = [
"https://anyrun.cachix.org"
"https://cache.nixos.org"
"https://hyprland.cachix.org"
"https://nix-community.cachix.org"
"https://nixpkgs-unfree.cachix.org"
"https://nixpkgs-wayland.cachix.org"
"https://numtide.cachix.org"
];
trusted-public-keys = [
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
"numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
];
}; };
}; };
}; };

33
modules/nixos/services/avahi/default.nix Normal file
View File

@@ -0,0 +1,33 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.services.avahi;
in
{
options.${namespace}.services.avahi = {
enable = lib.mkEnableOption "Avahi";
};
config = mkIf cfg.enable {
services.avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
publish = {
enable = true;
addresses = true;
domain = true;
hinfo = true;
userServices = true;
workstation = true;
};
};
# Cloud Init
systemd.services.avahi-daemon = mkIf config.${namespace}.services.cloud-init.enable {
after = [ "cloud-final.service" ];
requires = [ "cloud-final.service" ];
};
};
}

1
modules/nixos/services/cloud-init/default.nix
View File

@@ -22,5 +22,6 @@ in
}; };
}; };
}; };
networking.hostName = lib.mkForce "";
}; };
} }

27
modules/nixos/services/openiscsi/default.nix
View File

@@ -1,15 +1,16 @@
{ config, pkgs, lib, namespace, host, ... }: { config, pkgs, lib, namespace, host, ... }:
let let
inherit (lib) types mkIf; inherit (lib) types mkIf;
inherit (lib.${namespace}) mkOpt; inherit (lib.${namespace}) mkOpt mkBoolOpt;
cfg = config.${namespace}.services.openiscsi; cfg = config.${namespace}.services.openiscsi;
cloudInitEnabled = config.${namespace}.services.cloud-init.enable;
in in
{ {
options.${namespace}.services.openiscsi = { options.${namespace}.services.openiscsi = {
enable = lib.mkEnableOption "Open iSCSI support"; enable = lib.mkEnableOption "Open iSCSI support";
name = mkOpt types.str "iqn.2025.reichard.io:${host}" "iSCSI name"; name = mkOpt types.str "iqn.2025.reichard.io:${host}" "iSCSI name";
symlink = mkOpt types.bool false "Create a symlink to the iSCSI binaries"; symlink = mkBoolOpt false "Create a symlink to the iSCSI binaries";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@@ -30,5 +31,27 @@ in
ln -sf ${pkgs.openiscsi}/bin/iscsiadm /usr/bin/iscsiadm ln -sf ${pkgs.openiscsi}/bin/iscsiadm /usr/bin/iscsiadm
ln -sf ${pkgs.openiscsi}/bin/iscsid /usr/bin/iscsid ln -sf ${pkgs.openiscsi}/bin/iscsid /usr/bin/iscsid
''; '';
# Cloud Init Compatibility
environment.etc."iscsi/initiatorname.iscsi".enable = mkIf cloudInitEnabled false;
systemd.services.iscsi-initiator-setup = mkIf cloudInitEnabled {
description = "Setup iSCSI Initiator Name";
requires = [ "cloud-final.service" ];
before = [ "iscsid.service" ];
after = [ "cloud-final.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
path = [ pkgs.hostname pkgs.util-linux ];
script = ''
mkdir -p /run/iscsi
echo "InitiatorName=iqn.2025.org.nixos:$(hostname)" > /run/iscsi/initiatorname.iscsi
mount --bind /run/iscsi/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi
'';
};
}; };
} }

4
modules/nixos/services/openssh/default.nix
View File

@@ -10,8 +10,10 @@ let
cfg = config.${namespace}.services.openssh; cfg = config.${namespace}.services.openssh;
authorizedKeys = [ authorizedKeys = [
# MBP-Personal NixOS # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
]; ];
in in
{ {

37
modules/nixos/services/rke2/default.nix
View File

@@ -1,7 +1,7 @@
{ config, lib, namespace, ... }: { config, pkgs, lib, namespace, ... }:
let let
inherit (lib) types mkIf; inherit (lib) types mkIf;
inherit (lib.${namespace}) mkOpt; inherit (lib.${namespace}) mkOpt mkBoolOpt;
cfg = config.${namespace}.services.rke2; cfg = config.${namespace}.services.rke2;
in in
@@ -9,6 +9,7 @@ in
options.${namespace}.services.rke2 = with types; { options.${namespace}.services.rke2 = with types; {
enable = lib.mkEnableOption "Enable RKE2"; enable = lib.mkEnableOption "Enable RKE2";
disable = mkOpt (listOf str) [ ] "Disable services"; disable = mkOpt (listOf str) [ ] "Disable services";
openFirewall = mkBoolOpt true "Open firewall";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@@ -16,5 +17,37 @@ in
enable = true; enable = true;
disable = cfg.disable; disable = cfg.disable;
}; };
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [
# RKE2 Ports - https://docs.rke2.io/install/requirements#networking
6443 # Kubernetes API
9345 # RKE2 supervisor API
2379 # etcd Client Port
2380 # etcd Peer Port
2381 # etcd Metrics Port
10250 # kubelet metrics
9099 # Canal CNI health checks
# MetalLB
7946 # memberlist
];
environment.systemPackages = with pkgs; [ nfs-utils ];
networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [
# RKE2 Ports - https://docs.rke2.io/install/requirements#networking
8472 # Canal CNI with VXLAN
# 51820 # Canal CNI with WireGuard IPv4 (if using encryption)
# 51821 # Canal CNI with WireGuard IPv6 (if using encryption)
# MetalLB
7946 # memberlist
];
# Cloud Init
systemd.services.rke2-server = mkIf config.${namespace}.services.cloud-init.enable {
after = [ "cloud-final.service" ];
requires = [ "cloud-final.service" ];
};
}; };
} }

19
modules/nixos/services/ydotool/default.nix Normal file
View File

@@ -0,0 +1,19 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.services.ydotool;
in
{
options.${namespace}.services.ydotool = {
enable = lib.mkEnableOption "ydotool";
};
config = mkIf cfg.enable {
reichard.user.extraGroups = [ "input" ];
programs.ydotool = {
enable = true;
group = "input";
};
};
}

4
modules/nixos/system/boot/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, namespace, ... }: { config, lib, namespace, ... }:
let let
inherit (lib) mkIf; inherit (lib) mkIf mkDefault;
cfg = config.${namespace}.system.boot; cfg = config.${namespace}.system.boot;
in in
@@ -39,7 +39,7 @@ in
editor = false; editor = false;
}; };
timeout = 1; timeout = mkDefault 1;
}; };
initrd = mkIf cfg.xenGuest { initrd = mkIf cfg.xenGuest {

65
modules/nixos/system/networking/default.nix
View File

@@ -1,14 +1,45 @@
{ config, lib, pkgs, namespace, ... }: { config, lib, pkgs, namespace, ... }:
let let
inherit (lib) mkIf mkForce; inherit (lib) types mkIf mkForce mkOption mkEnableOption;
inherit (lib.${namespace}) mkBoolOpt; inherit (lib.${namespace}) mkBoolOpt enabled;
cfg = config.${namespace}.system.networking; cfg = config.${namespace}.system.networking;
in in
{ {
options.${namespace}.system.networking = { options.${namespace}.system.networking = {
enable = lib.mkEnableOption "networking support"; enable = mkEnableOption "Enable Networking";
enableIWD = mkBoolOpt false "enable iwd"; enableIWD = mkEnableOption "Enable IWD";
useDHCP = mkBoolOpt true "Use DHCP";
useNetworkd = mkBoolOpt false "Use networkd";
useStatic = mkOption {
type = types.nullOr (types.submodule {
options = {
interface = mkOption {
type = lib.types.str;
description = "Network interface name";
example = "enp0s3";
};
address = mkOption {
type = types.str;
description = "Static IP address";
example = "10.0.20.200";
};
defaultGateway = mkOption {
type = types.str;
description = "Default gateway IP";
example = "10.0.20.254";
};
nameservers = mkOption {
type = types.listOf types.str;
description = "List of DNS servers";
example = [ "10.0.20.254" "8.8.8.8" ];
default = [ "8.8.8.8" "8.8.4.4" ];
};
};
});
default = null;
description = "Static Network Configuration";
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@@ -21,24 +52,20 @@ in
reichard.user.extraGroups = [ "network" ]; reichard.user.extraGroups = [ "network" ];
networking = { networking = {
firewall.enable = true; firewall = enabled;
usePredictableInterfaceNames = mkForce true; useDHCP = mkForce (cfg.useDHCP && cfg.useStatic == null);
} // (lib.optionalAttrs cfg.enableIWD) { useNetworkd = cfg.useNetworkd;
} // (lib.optionalAttrs (cfg.enableIWD) {
wireless.iwd = { wireless.iwd = {
enable = true; enable = true;
settings.General.EnableNetworkConfiguration = true; settings.General.EnableNetworkConfiguration = true;
}; };
}; }) // (lib.optionalAttrs (cfg.useStatic != null) {
inherit (cfg.useStatic) defaultGateway nameservers;
# TODO - Network Configuration interfaces.${cfg.useStatic.interface}.ipv4.addresses = [{
# (lib.mkIf (config.network != null) { inherit (cfg.useStatic) address;
# networking = { prefixLength = 24;
# inherit (config.network) defaultGateway nameservers; }];
# interfaces.${config.network.interface}.ipv4.addresses = [{ });
# inherit (config.network) address;
# prefixLength = 24;
# }];
# };
# })
}; };
} }

1
modules/nixos/system/networking/networkmanager/default.nix
View File

@@ -10,6 +10,7 @@ in
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
wifi.backend = mkIf cfg.enableIWD "iwd";
connectionConfig = { connectionConfig = {
"connection.mdns" = "2"; "connection.mdns" = "2";

9
modules/nixos/user/default.nix
View File

@@ -11,9 +11,7 @@ in
extraGroups = mkOpt (listOf str) [ ] "Groups for the user to be assigned."; extraGroups = mkOpt (listOf str) [ ] "Groups for the user to be assigned.";
extraOptions = mkOpt attrs { } "Extra options passed to <option>users.users.<name></option>."; extraOptions = mkOpt attrs { } "Extra options passed to <option>users.users.<name></option>.";
fullName = mkOpt str "Evan Reichard" "The full name of the user."; fullName = mkOpt str "Evan Reichard" "The full name of the user.";
initialPassword = initialPassword = mkOpt str "changeMe2025!" "The initial password to use when the user is first created.";
mkOpt str "password"
"The initial password to use when the user is first created.";
name = mkOpt str "evanreichard" "The name to use for the user account."; name = mkOpt str "evanreichard" "The name to use for the user account.";
}; };
@@ -21,12 +19,9 @@ in
users.users.${cfg.name} = { users.users.${cfg.name} = {
inherit (cfg) name initialPassword; inherit (cfg) name initialPassword;
extraGroups = [
"wheel"
] ++ cfg.extraGroups;
group = "users"; group = "users";
home = "/home/${cfg.name}"; home = "/home/${cfg.name}";
extraGroups = [ "wheel" ] ++ cfg.extraGroups;
isNormalUser = true; isNormalUser = true;
shell = pkgs.bashInteractive; shell = pkgs.bashInteractive;
uid = 1000; uid = 1000;

43
modules/nixos/virtualisation/podman/default.nix Normal file
View File

@@ -0,0 +1,43 @@
{ config, lib, pkgs, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.virtualisation.podman;
in
{
options.${namespace}.virtualisation.podman = {
enable = lib.mkEnableOption "podman";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
podman-compose
podman-desktop
];
reichard = {
user = {
extraGroups = [
"docker"
"podman"
];
};
};
virtualisation = {
podman = {
inherit (cfg) enable;
autoPrune = {
enable = true;
flags = [ "--all" ];
dates = "weekly";
};
defaultNetwork.settings.dns_enabled = true;
dockerCompat = true;
dockerSocket.enable = true;
};
};
};
}

4
secrets/default.yaml
View File

@@ -15,8 +15,8 @@ sops:
SC91WFNocEN2K1NFK2dBUHYwZTQrVFkKKb3AlaRX96vJwEmxNNAThTlO9ZwtD1tv SC91WFNocEN2K1NFK2dBUHYwZTQrVFkKKb3AlaRX96vJwEmxNNAThTlO9ZwtD1tv
c6aBELEbmJFdHOcIJITzmS3YOssDOgTL2TbcSFu8mdAQYsRvxC96HA== c6aBELEbmJFdHOcIJITzmS3YOssDOgTL2TbcSFu8mdAQYsRvxC96HA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-05T02:29:22Z" lastmodified: "2025-04-09T00:53:28Z"
mac: ENC[AES256_GCM,data:2rI+pEYmQIPmtcnDTuyroAbfIvLIZKvsyAMEbQM2y9xYXhLyK8Vt7IzmdHy//hQRBSWdBV7/HfCMWJcg9i1B/P9fXrKx+OxaIb654SkthWhkORq32Sr1Gee3Yj195MffIUrEZ4rVauCeprzdEXqN6oTVXjHvnqV2/VXuTkkbztE=,iv:gCgo+8uLH6H9R3OQvzf2K9SgXb3tXG7Lvu6lxL0P2xo=,tag:ev+vMOn6UAfKexfyUnMP5Q==,type:str] mac: ENC[AES256_GCM,data:NKv91i8Ms4TfbU0t9td4QoGD+9d9KYGQ9Mu1QlFdCc4AjMfRCcUCrvb9SVMF5JbYa8oZAH4Qp9FEJ5fFmgoTNrewspLUMpyjUYRgARYQWiHYhZjE/uTNhFo2FxXYLWsAlQjEJ8abbwUyr2y6NsK2tcQcOBDIWUssb4XqajNcylE=,iv:gvwQZB20JR4bKfMMR6sYjTnf3CNiOjcd8T30s2drKwY=,tag:mF9etyVyPVw5YblI8VdtTw==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.4 version: 3.9.4

21
secrets/lin-va-mbp-personal/evanreichard/default.yaml Normal file
View File

@@ -0,0 +1,21 @@
rke2_kubeconfig: ENC[AES256_GCM,data:ZfqWAsIcx2h/cyrfkcyQXrO+dzYF7JRkplj3Y9mm4oEiQKeG7xeYdtNAE112PdFfLcI00HQRaKbzrcNBbG1M+kUQZROUk47sr7AqpeRxJIob1ZoTgwN98gQ1W0ikPFYBUw4HIVxmY9wuNyqDk54LNwu47A3hMUmCLEv8sPkk8r7lhA9Vf3HTtTbQBK8VBa5059YJyEIpZjMMaXPZReIR6Gka9qsZ4d1F1B8VYu+fBH2ZIKtG1HMCXzl/RvjaCqtlrk5AptooSQ/upOMq6omHWfBf8oty/0o6yasxYldMawetUW55TOm12QlgdmbDkXqeMAai03N3tj8zMESOVEHVxRzjosVTq4u5DzPAMmLFAk5NYaPpd5c6jlM2Gk7pT9v+X+n+GGYW9xfYLURe1sSy/yWmLXhEhOzLXkyc1T3M1bHWqnXDXfU1bhXWVLKwNDmuS96YWHb1o+Qr+3HTUCPQa70M9Va18O+pERD0Yj/Jz1HxwyAHKClRs06Lo73gl3eY7lOGhnafRSyxR91oMXs+ijSfFk8CNEA/PxKPaXUoKpDLpM6+iPnEmnsAT/kV9IrqnevsIABtzWMR6XHQbRodPowsx2zlSgzJfLkVZ37dsZawALv1FN/XOtrW53Zt8BGK3dIwIM1tRy6nR+UKoN8mQ4KI43MNZ7A7CagCAkWbs3AserDqU+4VYIF/biLVA9q+tZZory7lLraLpByVa2Mi1/JFUW23PyW6fa9nVvBDonzs5M4N7p4/Yw9rdWBWC/1ZQIvSKbTIla+mtDKX6GTlEAsaoJOFc+F8fX8FxGEZtxoXENshoyAvsQSihUbdsKkjDQAIcZ0lHAUKLJyJZSWFRkQsl64MkvBJwGedsMq/zzU8K96iBojYLQspPq8Yp612nxQahRyxAXWFvYAfMmxMqhSbEYuJA62DSUA1KwILZx7yPfKZWXLQzGDnpGyFRuORP+ZjANGXo1eqAED4cHqwZCHTo6q6Zh9zN4Y4jrO/z4G16PwheAi/WTJswzdI83J9FAR3TrKAGyf3a5hR03BNVHBbO+I6dX/Rhwp0eIdR0MPVXJE+CshcTixQNKWK7SRmpDQemAQq3g6c4i5DWB9PUlipkry+pcQzsz1omPLGjf/2Mz2CAdvPnjCYfeTeFxz42s6VJHBBd5Sgg/7ONQTj6QpvFhpP2u8aWmgbPnV3n0phejq9Bpj1lEEEN5JZlU2Swj6t6rtFD5fAZUu3L5FRPg5xZhCV0zu4VXuaEflPdidK35b0jIiz22qpAkw+/0vh36u+kkUOabgpnt+I3CqeCilRuq6tIvtIx2AHFZ4Y9WdfXpjd/BEl2GY8VrxSWzpXS0YYWiNwypJx/J1zzmZZO6G7QcKSpIuoULM4uneBlaZurjXdVT8QzupUmX+CVyXHZUTXX3tM0rFnuDG3uGjOUM+67kS/zd3LJk8fnY1awU08gTOrs7qIDIzqEaEVxvK60XcBqc4dDYG+FTKEOEOi88WGIZH12gFy49epciPaTQMxcKbRftE9R1fZNdze1PwX2lrm891KTBD7YwFJkUin88Ype7bQNI4Djyca0TumZjYKok1AoSzjLTJGYOmiZg9wYyN+6m/FrdM0krgUQzvErtfSFryX4XaLbpPJnpRcdzoiNzwwuVYMLn5mBhj4m08gjiiHQlVlSMSJxpXi6GdXqrMCDudDHyPX5LHh21e2wajZ59p1Y42Gew1dOOP+M/5/0PrwDvqKhUWgAp2q8PzQuQ+ZyCq63jVpTI0/BskiD1iQBwQFDN2A32V9xymnkuS1pKn9xnosNMWVR3R9l6sLQDxH6vJcCEqWvCmxg8n5nfPtgx0E+clmmFFHVQ/xmXbe1lKS1o/M5dLHDG3CdrUpSEf8IC7/qkhaG8d3EmKGFskwJcbpPSzCJfMLS1JuYGJL/m7jqSI5JJ+KzTlPQCjubW74+EEvScTIaQP7e+RtE60LbgkwLprIEfCao3I+P0W4YgqLfE/xF4NQ3qVy3vrXOVGJSR4e0R3rI9RiuHmYoduldqtLr8rhqVqbU33q9s1ifL/62Rh2ZnXcnP4w75eH1EtunucZ2ml9QwHbpG0liKrthvPlmUNVsOhWdwlUfHrCUs8sgLNwW98mgG+7Kva4edejNmaEq/43TtN/RBmrNanB0Dp2SIeEbYRFfLqWGCtIRJpeJF227ggJXxt3fZnCW1eiEihDLKfc3hz+7zo/QlkBkbbj9D1BRURieH7DCr8cvymKa1QL9nRl0aJzWvMg//Q8/nMA23qBays34s4EUrcDin6AnUZIu63eAvxtcesPDTVq31+NatLmty21VG3mk7s7yw1dDwJncCXQ6zYp+SOC90xMFUR++FYcpX6qFiRGk7qNln9hnllwu1SqQYgV/w9MmD6GYLk+/xCUWK3kbCjWZ0Nhxkk+A3snUealYeeK75fZfL8TlAkgKqpRL1KlY3jrDe2rgzQyrHb7AoLukf2RJcXwu3GBP9PLQjJSSJw3vEHltCDnt7YR2KRA5NvJw429brs/4RvkBlX2a593swY63YthWinhCs6I3kgiDVaycpiQit4HCwMATAnhkzD590QLgf/am+7vcQlxl1MCtG6V+mBSIDQw17kxfrq/P18MyKixtREI/TW2lT127JvMlH3Te3f5KDQNyWc5oUP8bsfvxpZ6nO6xrUY1pZ+1eCsapkNalLH5x4yk3viGHiWS7ow44jjaCDraL/YCvGN+7SHjDBIWRpt+/ncrjezxWJa2yN29y+JrJgRxHYmfmZVMHxPGZ9aexCRHxnTVgwlT577VTDltqYi9CC0kQmTPt3CZzSiOP8ht4gwHNuNjNus8qGT9w7nYd81ViCYV/VpMRKmq9cR3rY75U6BU8QO74hFTfDigmGBPxXwGuhWZEWMbmK1Xl867xybVj9UTHhdbgnhta0J9RXm29A9YL3RMdL/DDZNQGq2eMK4CDq2l9X7UdPqbJphXfCv1AmCdufdvzEAq8kVEw5+RQxEOVV0g84G8bH5dOKfOwr7b9Bogtg37+j5pLPJzcoRKl3NynlWMGZVcnkEgRqmzFreXAYIyScE16rIzeEHdL5ngvm9EcPQfAWz6CvylrK7Bl91pJonNYprSqHUO0F4K4/kscm4j90kD5wpGOcrwke2+OI3oqez7QPmfzKnYoSrtcXqbt9lnluqobdYsCHY6mUjn4utROUD+g7gW5yYkxC7R1ySvvt5t63rOX6QH4UP9Uz7dCpo831vMHQ8Am+VFNbLXirq6/2P4TKTnScSQh/OnJ8Sx0/zxbPAb3jwzmx/eFAd+eazL0hCGTnh/D0WxcqfxTItOllsKUGX+md2VAoJQLra07gMJlh1tuDk2+ZXjvOsoGOMAzswpKPLf6TVe5Yi4eEosDM8ZFkVSngF3qx4TB2NcuKl739qUvLf0eL461y7+doJcdC+sl19scJjlEBFmEU9YNoJ8T0m9nT5UIi7l0tuek2i9SpzQRjHym1Y12JsiYoTR83mTBMR33hChE9aMc0FBkNesVJ9SBWOtLsd1i/UxUyZIk/C8shVGPmYplT9QOO/RqwJtvTeOkhrEWQq9zRoGqKQJs+j6VatHOdqVweX4/0icBN5QamXwgH61c7RbT79MDCZHvHSKkAe+eNVw7y6+0ZgCxtiIbo3RJwdRGqy6XHGnRfzRbzjO9H26gBmWX+Z7ZfeHLghen/tOW/qEh+uT1TR+O71GnhOgd1QQh84vyE2U+lAzneHI2gVG8EzA8Ho/UGiXJALQPElkJzR3GXDXVAHAw8Q6wCjLnxpmpkJZEJiJ9uDktKkNdF5uM6oEfQbxpP8uWJQnK4sCaZOTBsqEzyBm+KUXOpt0PbGFmb+gfPHIpO6rNGdWJ/C9F63ZbWhMXfONuLCjMis86lLJimwYH9G0PQWrmh7ENuZB3/giYbVqUjD3yP44axfw,iv:zfbeDFKb3hHQFi9wEuDj8XRqTLhc+2AnJU1roGJVZkU=,tag:mwNz9UCO6lCDK5hMWNLfNw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0SnA3M2F0cXZjOGlFSTJw
aE9BNGJsQ1JzelFoQk4yMGlpN2dkVUR4ZUNvCmljSDhsVU4rUnowV2dIdlhZYnMy
aXo2OGZRd21PYk81ZE9pV05XSmpVOEEKLS0tIGhGNkVmTnVYRENEYlBxZXJTaExt
SC91WFNocEN2K1NFK2dBUHYwZTQrVFkKKb3AlaRX96vJwEmxNNAThTlO9ZwtD1tv
c6aBELEbmJFdHOcIJITzmS3YOssDOgTL2TbcSFu8mdAQYsRvxC96HA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-07T18:09:21Z"
mac: ENC[AES256_GCM,data:RxVXYkx4JD2l6zIcx051DSyw4yYMWdK23ssaw94jkxlICvDyeZy9aO9kC0bAYqn0iB2BDEdh/0rzNZeJHlkjKQx9+et82iwFdwC9GSTVl/FV39fr9YbsqFQGqMAEo/JqElul9Sjd5vgdC1xQOF+Jceo11F9LhDteOiFn2a3Sv5I=,iv:sb9ah+Tk39FUIDpq4g5YGScIku3w5tVlDDNyxuHS4OY=,tag:nC+yLdj/moS2+nMIzNAOdw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.4

25
systems/aarch64-linux/mbp-nixos/default.nix → systems/aarch64-linux/lin-va-mbp-personal/default.nix
View File

@@ -7,6 +7,9 @@ in
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
system.stateVersion = "24.11";
time.timeZone = "America/New_York";
# System Config # System Config
reichard = { reichard = {
nix = enabled; nix = enabled;
@@ -15,6 +18,7 @@ in
boot = { boot = {
enable = true; enable = true;
showNotch = true; showNotch = true;
silentBoot = true;
}; };
networking = { networking = {
enable = true; enable = true;
@@ -31,27 +35,26 @@ in
}; };
}; };
services = {
avahi = enabled;
ydotool = enabled;
};
security = { security = {
sops = { sops = {
enable = true; enable = true;
# sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; defaultSopsFile = lib.snowfall.fs.get-file "secrets/lin-va-mbp-personal/default.yaml";
defaultSopsFile = lib.snowfall.fs.get-file "secrets/lin-mbp-personal/default.yaml";
}; };
}; };
virtualisation = {
podman = enabled;
};
programs = { programs = {
graphical = { graphical = {
wms.hyprland = enabled; wms.hyprland = enabled;
}; };
}; };
}; };
# Hardware Config
hardware = {
bluetooth.enable = true;
bluetooth.powerOnBoot = true;
};
time.timeZone = "America/New_York";
system.stateVersion = "24.11";
} }

0
systems/aarch64-linux/mbp-nixos/firmware/all_firmware.tar.gz → systems/aarch64-linux/lin-va-mbp-personal/firmware/all_firmware.tar.gz
View File

0
systems/aarch64-linux/mbp-nixos/firmware/kernelcache.release.mac14j → systems/aarch64-linux/lin-va-mbp-personal/firmware/kernelcache.release.mac14j
View File

0
systems/aarch64-linux/mbp-nixos/hardware-configuration.nix → systems/aarch64-linux/lin-va-mbp-personal/hardware-configuration.nix
View File

42
systems/x86_64-linux/nixos-builder/default.nix → systems/x86_64-linux/lin-va-nix-builder/default.nix
View File

@@ -1,10 +1,11 @@
{ namespace, config, pkgs, lib, ... }: { namespace, config, pkgs, ... }:
let let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user; cfg = config.${namespace}.user;
in in
{ {
time.timeZone = "America/New_York";
system.stateVersion = "24.11";
reichard = { reichard = {
system = { system = {
boot = { boot = {
@@ -15,15 +16,25 @@ in
enable = true; enable = true;
diskPath = "/dev/xvda"; diskPath = "/dev/xvda";
}; };
networking = enabled; # TODO - Network Config networking = {
enable = true;
useStatic = {
interface = "enX0";
address = "10.0.50.130";
defaultGateway = "10.0.50.254";
nameservers = [ "10.0.50.254" ];
};
};
}; };
services = { services = {
openssh = { openssh = {
enable = true; enable = true;
authorizedKeys = [ authorizedKeys = [
# MBP-Personal NixOS # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
# NixOS Builder # NixOS Builder
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN"
]; ];
@@ -34,32 +45,21 @@ in
users.users.${cfg.name} = { users.users.${cfg.name} = {
openssh = { openssh = {
authorizedKeys.keys = [ authorizedKeys.keys = [
# MBP-Personal NixOS # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
# NixOS Builder # NixOS Builder
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDF8QjeN8lpT+Mc70zwEJQqN9W/GKvTOTd32VgfNhVdN"
]; ];
}; };
}; };
networking = {
defaultGateway = {
address = "10.0.50.254";
interface = "enX0";
};
interfaces.enX0.ipv4.addresses = [{
address = "10.0.50.130";
prefixLength = 24;
}];
};
# System Packages # System Packages
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
htop btop
git
tmux tmux
vim vim
]; ];
time.timeZone = "America/New_York";
system.stateVersion = "24.11";
} }

0
systems/x86_64-linux/office-server/default.nix → systems/x86_64-linux/lin-va-office/default.nix
View File

55
systems/x86_64-linux/lin-va-thinkpad/default.nix Executable file
View File

@@ -0,0 +1,55 @@
{ namespace, lib, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
system.stateVersion = "24.11";
time.timeZone = "America/New_York";
hardware.enableRedistributableFirmware = true;
# System Config
reichard = {
nix = enabled;
system = {
boot = {
enable = true;
silentBoot = true;
};
disk = {
enable = true;
diskPath = "/dev/nvme0n1";
};
networking = {
enable = true;
enableIWD = true;
};
};
hardware = {
opengl = enabled;
};
services = {
avahi = enabled;
ydotool = enabled;
};
virtualisation = {
podman = enabled;
};
programs = {
graphical = {
wms.hyprland = enabled;
};
};
security = {
sops = {
enable = true;
defaultSopsFile = lib.snowfall.fs.get-file "secrets/lin-va-thinkpad/default.yaml";
};
};
};
}

43
systems/x86_64-linux/lin-va-utility/default.nix Executable file
View File

@@ -0,0 +1,43 @@
{ namespace, lib, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
system.stateVersion = "24.11";
time.timeZone = "America/New_York";
reichard = {
nix = enabled;
system = {
boot = {
enable = true;
silentBoot = true;
};
networking = enabled;
};
hardware = {
opengl = {
enable = true;
enable32Bit = true; # Necessary?
enableIntel = true;
};
};
services = {
avahi = enabled;
ydotool = enabled;
};
virtualisation = {
podman = enabled;
};
programs = {
graphical = {
wms.hyprland = enabled;
};
};
};
}

57
systems/x86_64-linux/utility-desktop/default.nix
View File

@@ -1,57 +0,0 @@
{ pkgs, ... }:
let
home-manager = builtins.fetchTarball {
url = "https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz";
sha256 = "156hc11bb6xiypj65q6gzkhw1gw31dwv6dfh6rnv20hgig1sbfld";
};
in
{
imports = [
"${home-manager}/nixos"
];
# Enable Graphics
hardware.graphics = {
enable = true;
enable32Bit = true;
extraPackages = with pkgs; [ vaapiIntel intel-media-driver ];
};
# User Configuration
users.users.evanreichard = {
isNormalUser = true;
home = "/home/evanreichard";
group = "evanreichard";
extraGroups = [ "wheel" "networkmanager" "video" ];
shell = pkgs.bash;
};
users.groups.evanreichard = { };
# Home Manager
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users.evanreichard = import ../home-manager/home.nix;
};
# Enable HyprLand
programs.hyprland = {
enable = true;
withUWSM = true;
};
# Networking Configuration
networking.firewall = {
enable = true;
};
# System Packages
environment.systemPackages = with pkgs; [
ghostty
htop
tmux
vim
wget
];
}

52
systems/x86_64-qcow/lin-va-rke2/default.nix Executable file
View File

@@ -0,0 +1,52 @@
{ namespace, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
config = {
# Basic System
system.stateVersion = "24.11";
time.timeZone = "UTC";
reichard = {
nix = enabled;
system = {
boot = {
enable = true;
xenGuest = true;
};
networking = {
enable = true;
useDHCP = false;
useNetworkd = true;
};
};
services = {
avahi = enabled;
openssh = enabled;
cloud-init = enabled;
rke2 = {
enable = true;
disable = [ "rke2-ingress-nginx" ];
};
openiscsi = {
enable = true;
symlink = true;
};
};
hardware = {
opengl = {
enable = true;
enableIntel = true;
};
};
};
};
}

128
systems/x86_64-vmware/rke2-node/default.nix
View File

@@ -1,128 +0,0 @@
{ pkgs, namespace, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
config = {
reichard = {
nix = enabled;
system = {
boot = {
enable = true;
xenGuest = true;
};
};
services = {
openssh = enabled;
cloud-init = enabled;
rke2 = {
enable = true;
disable = [ "rke2-ingress-nginx" ];
};
openiscsi = {
enable = true;
symlink = true;
};
};
hardware = {
opengl = {
enable = true;
enableIntel = true;
};
};
};
# Basic System
system.stateVersion = "24.11";
time.timeZone = "UTC";
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
autoResize = true;
};
# Network Configuration
networking = {
hostName = lib.mkForce "";
useNetworkd = true;
useDHCP = false;
firewall = {
enable = true;
allowedTCPPorts = [
# RKE2 Ports - https://docs.rke2.io/install/requirements#networking
6443 # Kubernetes API
9345 # RKE2 supervisor API
2379 # etcd Client Port
2380 # etcd Peer Port
2381 # etcd Metrics Port
10250 # kubelet metrics
9099 # Canal CNI health checks
];
allowedUDPPorts = [
# RKE2 Ports - https://docs.rke2.io/install/requirements#networking
8472 # Canal CNI with VXLAN
# 51820 # Canal CNI with WireGuard IPv4 (if using encryption)
# 51821 # Canal CNI with WireGuard IPv6 (if using encryption)
];
# Allow Multicast
extraCommands = ''
iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
'';
};
};
systemd.services = {
# RKE2 - Wait Cloud Init
rke2-server = {
after = [ "cloud-final.service" ];
requires = [ "cloud-final.service" ];
};
# Runtime iSCSI Initiator Setup
iscsi-initiator-setup = {
description = "Setup iSCSI Initiator Name";
requires = [ "cloud-final.service" ];
before = [ "iscsid.service" ];
after = [ "cloud-final.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
path = [ pkgs.hostname pkgs.util-linux ];
script = ''
mkdir -p /run/iscsi
echo "InitiatorName=iqn.2025.org.nixos:$(hostname)" > /run/iscsi/initiatorname.iscsi
mount --bind /run/iscsi/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi
'';
};
};
# System Packages
environment = {
systemPackages = with pkgs; [
htop
nfs-utils
tmux
vim
];
# Don't Manage - Runtime Generation
etc."iscsi/initiatorname.iscsi".enable = false;
};
};
}