evan/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: evan:master
Branches Tags
evan:master evan:snowfall
..
compare: evan:88431c9d5c53b472bfb2e12cd21dd9f7cf409142
Branches Tags
evan:master evan:snowfall

1 Commits
master ... 88431c9d5c

Author SHA1 Message Date
Evan Reichard
88431c9d5c wip2 2025-01-26 22:10:24 -05:00
246 changed files with 1946 additions and 14353 deletions
Expand all files Collapse all files

137
.agents/skills/update-package-hashes/SKILL.md
View File

@@ -1,137 +0,0 @@
---
name: update-package-hashes
description: Update a package in packages/ to a new version and refresh its hashes (src, vendorHash, npmDepsHash, cargoHash, etc.) WITHOUT compiling the package. Use when the user asks to bump, update, or upgrade a specific package under packages/. If version is provided, proceed directly. If not, look up the latest version and ask the user before proceeding.
---
# Update Package Hashes (Without Building)
If the user provides a **package name** and **target version/rev/tag**, proceed directly.
If the user provides only a **package name** (no version), look up the latest version and **ask the user** if they want to proceed before updating.
## Hard Rules — Read First
1. **Never run `nix build .#<pkg>`** or `.#packages.<system>.<pkg>`. That compiles the package. Only realise **FOD sub-attributes** (`.src`, `.goModules`, `.npmDeps`, `.cargoDeps`) — those are pure downloads, not builds.
2. **Never** use `nix-prefetch-git`, `nix-prefetch-github`, `nix-prefetch-url`, `nix hash path`, `nix hash file` (on a raw patch/tarball), `git clone` + manual hashing, `builtins.fetchGit`, or any other ad-hoc method to compute hashes. They produce hashes in formats that don't match what `fetchgit`/`fetchFromGitHub`/`fetchpatch` expect (notably: `fetchFromGitHub { leaveDotGit = true; }` is non-deterministic across machines, and `fetchpatch` normalizes patches — strips `index abc..def`, `From <sha>`, signatures — so its hash ≠ `nix hash file` of the raw `.patch`).
3. There are exactly **two** correct ways to get a hash, both listed below. If neither fits, stop and ask the user — don't improvise.
## The Only Two Methods
### Method A — `nurl` via helper script (preferred for `src` on any git forge)
Use the co-located helper script. It wraps `nurl` and works for any git URL.
```bash
./update-package-hashes.sh hash <git-url> <rev-or-tag>
```
Copy the `hash = "sha256-..."` line from the output into the package's `src` block.
### Method B — FOD mismatch trick (for everything else)
For `vendorHash`, `npmDepsHash`, `cargoHash`, `cargoLock.outputHashes.<crate>`, `fetchpatch` hashes, or any `src` using a custom fetcher (`leaveDotGit`, `postFetch`, `fetchSubmodules`, etc. — applies to `llama-cpp` and `llama-swap`), realise the **specific FOD sub-attribute** and read the `got:` line from the error.
```bash
nix build .#<name>.src --no-link 2>&1 | tee /tmp/hash.log # for src
nix build .#<name>.goModules --no-link 2>&1 | tee /tmp/hash.log # for vendorHash
nix build .#<name>.npmDeps --no-link 2>&1 | tee /tmp/hash.log # for npmDepsHash
nix build .#<name>.cargoDeps --no-link 2>&1 | tee /tmp/hash.log # for cargoHash
nix build .#<name> --no-link 2>&1 | tee /tmp/hash.log # for fetchpatch / other input FODs (see note)
grep -E '^[[:space:]]*got:' /tmp/hash.log | tail -1 | awk '{print $2}'
```
**`fetchpatch` note:** patches don't have a dedicated sub-attribute, so you must target the package itself. This is safe *only* when the patch hash is wrong (e.g. `lib.fakeHash`) — Nix realizes the patch FOD before compilation starts, so a hash mismatch aborts with `0 built (1 failed)` and zero compile work. If you accidentally fix all FODs correctly, `nix build .#<name>` will start compiling. To guard against this: always start patch hashes as `lib.fakeHash`, run the build, copy `got:`, paste, and only then re-verify with `.src` / sub-attribute builds (never re-run `.#<name>` to confirm).
**GitHub PR patches — `.patch` vs `.diff`:** When fetching a patch from a GitHub pull request, prefer the `.diff` endpoint over `.patch`.
- `https://github.com/<owner>/<repo>/pull/<N>.patch` — a `git format-patch` **mbox** containing each commit in the PR separately. `git apply` (which `fetchpatch` and the Nix `patchPhase` use) does **not** replay commit history; it applies hunks against the working tree. PRs that create a file in one commit and delete/rename it in a later commit will fail with errors like `The next patch would delete the file X, which does not exist`.
- `https://github.com/<owner>/<repo>/pull/<N>.diff` — a **squashed** unified diff of the PR's net change. Applies cleanly against any base the PR is mergeable against.
Default to `.diff`. Only fall back to `.patch` if you specifically need authorship metadata (rare for Nix patching). If a previously-working `.patch` URL suddenly fails to apply, switching to `.diff` is the first thing to try.
Always use `lib.fakeHash` (or `pkgs.lib.fakeHash` if only `pkgs` is in scope). This is the only reliable way to set a bogus hash — never write a literal `sha256-...` placeholder string. The build will fail at the FOD with `got: sha256-...` which is the correct value.
**Note:** `.src`, `.goModules`, etc. are sub-attributes of the derivation. They download but do not compile. `nix build .#<name>` (without the `.src` suffix) compiles — never do that.
### Example — Package With `src`, `npmDepsHash`, and `vendorHash`
Use the same pattern for packages that combine a custom `src` fetcher, Go dependencies, and a nested npm UI derivation. `llama-swap` is a concrete example because it uses `leaveDotGit` + `postFetch`, `vendorHash`, and a UI package exposed under `passthru.ui`.
1. Set stale hashes to `lib.fakeHash` where possible:
```nix
src.hash = lib.fakeHash;
vendorHash = lib.fakeHash;
passthru.npmDepsHash = lib.fakeHash;
```
2. Resolve the custom `src` hash first; downstream FODs depend on it:
```bash
nix build .#llama-swap.src --no-link 2>&1 | tee /tmp/llama-swap-src.log
grep -E '^[[:space:]]*got:' /tmp/llama-swap-src.log | tail -1 | awk '{print $2}'
```
Put the `got:` value into `src.hash` before resolving dependency hashes.
3. Resolve the UI npm dependency hash from the nested UI derivation:
```bash
nix build .#llama-swap.passthru.ui.npmDeps --no-link 2>&1 | tee /tmp/llama-swap-npm.log
grep -E '^[[:space:]]*got:' /tmp/llama-swap-npm.log | tail -1 | awk '{print $2}'
```
Put the `got:` value into `passthru.npmDepsHash`.
4. Resolve the Go `vendorHash`:
```bash
nix build .#llama-swap.goModules --no-link 2>&1 | tee /tmp/llama-swap-go.log
grep -E '^[[:space:]]*got:' /tmp/llama-swap-go.log | tail -1 | awk '{print $2}'
```
Put the `got:` value into `vendorHash`.
For other packages, adapt the flake attribute path to where the FOD is exposed (for example, `.#<name>.npmDeps`, `.#<name>.passthru.ui.npmDeps`, or `.#<name>.goModules`).
5. Re-run the FOD sub-attribute builds to confirm they realise successfully:
```bash
nix build .#llama-swap.src --no-link
nix build .#llama-swap.passthru.ui.npmDeps --no-link
nix build .#llama-swap.goModules --no-link
```
If a dependency FOD fails before a hash mismatch (for example, `go.mod requires go >= ...`), fix the package inputs minimally (for example, switch to the matching `buildGo126Module`) and re-run the same FOD sub-attribute. Do not build `.#llama-swap`.
## Lookup Latest Version
When the user asks to update a package but doesn't specify a version:
1. Read `packages/<name>/default.nix` to find the git URL and current version/tag.
2. Determine the tag pattern from the `tag` field (e.g. `"b${version}"` → `'b*'`, `"v${version}"` → `'v*'`).
3. Run the helper script:
```bash
./update-package-hashes.sh releases <git-url> '<pattern>'
```
Shows main HEAD + 5 newest matching tags with commit hashes.
4. **Ask the user** before proceeding (`Current: b8815 → Latest: b8914 — proceed?`).
## Flow
1. **If no version was provided**, look up the latest version (see section above) and ask the user to confirm.
2. Edit `packages/<name>/default.nix` — bump `version` / `rev` / `tag`. Check for sibling `.nix` files (e.g. `ui.nix`) that may also need bumping.
3. Get the new `src` hash with **Method A** (`nurl`). If the package uses a custom fetcher, use **Method B** on `.src` instead.
4. For each dependency hash (`vendorHash` / `npmDepsHash` / `cargoHash` / etc.), use **Method B** on the matching sub-attribute.
5. **Opaque `outputHash` FODs** (e.g. opencode's `node_modules` which runs `bun install`) — do NOT attempt locally. Leave as-is and flag for CI in the summary.
6. Show `git diff -- packages/<name>/` and list any hashes left for CI.
## Don't Touch What Didn't Change
Skip pinned sub-dependencies whose inputs didn't change — e.g. `slack-cli`'s `python-snappy` / `zstd-python` PyPI tarballs are pinned by the upstream `dfindexeddb`, not by the slack-cli rev.
## Optional Shortcut
`nix-update --flake <name> --version <v>` sometimes handles everything for simple packages. Try it first; fall back to the methods above if it fails.

206
.agents/skills/update-package-hashes/update-package-hashes.sh
View File

@@ -1,206 +0,0 @@
#!/usr/bin/env bash
#
# update-package-hashes.sh — Helper for the update-package-hashes skill.
# Co-located in .agents/skills/update-package-hashes/
#
# Usage:
# ./update-package-hashes.sh releases <git-url> [pattern]
# ./update-package-hashes.sh hash <git-url> <rev-or-tag>
# ./update-package-hashes.sh hash <git-url> <rev-or-tag> <fetcher>
# ./update-package-hashes.sh all <git-url> <rev-or-tag> [fetcher]
#
# Examples:
# ./update-package-hashes.sh releases https://github.com/ggml-org/llama.cpp
# ./update-package-hashes.sh releases https://github.com/ggml-org/llama.cpp b*
# ./update-package-hashes.sh hash https://github.com/owner/repo v1.2.3
# ./update-package-hashes.sh hash https://github.com/owner/repo abc1234 fetchFromGitLab
# ./update-package-hashes.sh all https://github.com/owner/repo v1.2.3
set -euo pipefail
usage() {
cat <<'EOF'
Usage:
$0 releases <git-url> [tag-pattern]
Show main branch HEAD + 5 most recent matching releases/tags.
$0 hash <git-url> <rev-or-tag> [fetcher]
Fetch source and print the nix fetcher expression with hash (via nurl).
$0 all <git-url> <rev-or-tag> [fetcher]
Same as hash, but also shows main HEAD + recent releases for context.
Options:
tag-pattern Glob pattern for filtering tags (e.g. 'v*', 'b*').
If omitted, all tags are shown.
fetcher Override the auto-detected fetcher:
fetchFromGitHub (default)
fetchFromGitLab
fetchFromGitLab (e.g. gitea.va.reichard.io)
fetchFromSourceHut
fetchgit (fallback for non-standard forges)
Requires: nix (for nurl), git.
EOF
exit 1
}
# ── Helpers ──────────────────────────────────────────────────────────────────
detect_fetcher() {
local url="$1"
local host
host=$(echo "$url" | sed -E 's|^https?://||' | cut -d/ -f1)
case "$host" in
*github.com)
echo "fetchFromGitHub"
;;
*gitlab.com)
echo "fetchFromGitLab"
;;
*gitea*|*gitlab.reichard*|*gitlab.va.reichard*)
echo "fetchFromGitLab"
;;
*sourcehut*)
echo "fetchFromSourceHut"
;;
*)
echo "fetchgit"
;;
esac
}
normalise_url() {
echo "${1%.git}"
}
# ── Commands ─────────────────────────────────────────────────────────────────
# Show main/master branch HEAD.
show_main_head() {
local url="$1"
local clean_url
clean_url=$(normalise_url "$url")
for branch in main master; do
local line
line=$(git ls-remote "$url" "refs/heads/$branch" 2>/dev/null | head -1)
if [[ -n "$line" ]]; then
local full_rev="${line%% *}"
echo " main: $full_rev"
echo
return
fi
done
# Fallback: try to find any branch
echo " (no main/master branch found)"
echo
}
# List recent tags/releases for a repo.
cmd_releases() {
local url="$1"
local pattern="${2:-}"
local clean_url
clean_url=$(normalise_url "$url")
echo "Recent tags for: $clean_url"
echo "────────────────────────────────────────────────────────"
echo
# Always show main HEAD first
show_main_head "$url"
# Get tags sorted by date (newest first), limited to 5
local tags
if [[ -n "$pattern" ]]; then
tags=$(git ls-remote --tags "$url" "$pattern" 2>&1 \
| grep -v '\^{}' \
| sed -E 's/^[a-f0-9]+[[:space:]]+refs\/tags\/([^\/]+)[[:space:]]*$/\1/' \
| sort -V \
| tail -5 || true)
else
tags=$(git ls-remote --tags "$url" 2>&1 \
| grep -v '\^{}' \
| sed -E 's/^[a-f0-9]+[[:space:]]+refs\/tags\/([^\/]+)[[:space:]]*$/\1/' \
| sort -V \
| tail -5 || true)
fi
if [[ -z "$tags" ]]; then
echo " (no tags found)"
return
fi
printf " %-30s %s\n" "TAG" "COMMIT"
echo " $(printf '%.0s-' {1..72})"
echo "$tags" | tac | while IFS= read -r tag_name; do
local full_rev
full_rev=$(git ls-remote "$url" "refs/tags/$tag_name" 2>/dev/null | head -1 | cut -f1)
if [[ -n "$full_rev" ]]; then
printf " %-30s %s\n" "$tag_name" "$full_rev"
else
printf " %-30s %s\n" "$tag_name" "(not found)"
fi
done
}
# Get the nix fetcher expression with hash for a specific rev/tag.
cmd_hash() {
local url="$1"
local rev="$2"
local fetcher="${3:-}"
if [[ -z "$fetcher" ]]; then
fetcher=$(detect_fetcher "$url")
fi
local clean_url
clean_url=$(normalise_url "$url")
echo "Fetching hash for: $clean_url @ $rev"
echo "Fetcher: $fetcher"
echo "────────────────────────────────────────────────────────"
echo
nix run nixpkgs#nurl -- "$url" "$rev"
}
# Get hash + recent releases for context.
cmd_all() {
local url="$1"
local rev="$2"
local fetcher="${3:-}"
cmd_releases "$url"
echo
cmd_hash "$url" "$rev" "$fetcher"
}
# ── Main ─────────────────────────────────────────────────────────────────────
if [[ $# -lt 2 ]]; then
usage
fi
case "$1" in
releases)
[[ $# -lt 2 ]] && { echo "Error: missing <git-url>" >&2; usage; }
cmd_releases "$2" "${3:-}"
;;
hash)
[[ $# -lt 3 ]] && { echo "Error: missing <git-url> <rev-or-tag>" >&2; usage; }
cmd_hash "$2" "$3" "${4:-}"
;;
all)
[[ $# -lt 3 ]] && { echo "Error: missing <git-url> <rev-or-tag>" >&2; usage; }
cmd_all "$2" "$3" "${4:-}"
;;
*)
echo "Unknown command: $1" >&2
usage
;;
esac

71
.agents/skills/update-vllm-3090-configs/SKILL.md
View File

@@ -1,71 +0,0 @@
---
name: update-vllm-3090-configs
description: Update only the qwen3.6-27b vLLM 3090 llama-swap configs from club-3090 refs; compare diffs, present a plan, and require approval before editing.
---
# Update vLLM 3090 Configs
## Scope
Use only for Qwen3.6 27B vLLM 3090 configs in `modules/nixos/services/llama-swap/`.
Do not use this skill for other models, other Qwen sizes, non-vLLM configs, or package bumps.
Local files:
- `modules/nixos/services/llama-swap/config.nix`
- `modules/nixos/services/llama-swap/setup-qwen36-vllm.sh`
Local config keys:
- `vllm-qwen3.6-27b-tools-text`
- `vllm-qwen3.6-27b-long-text`
- `vllm-qwen3.6-27b-long-vision`
## Hash Tracking
Each config entry stores an upstream commit hash comment:
`# Upstream: club-3090 <hash> (<date>) - <compose-file>`
When comparing, first extract stored hashes. If a config's hash matches
upstream HEAD, skip it (report "already synced"). Only full-diff configs
whose hash differs. Update the hash comment when edits are applied.
## Upstream References
Compare against `club-3090` master:
- `models/qwen3.6-27b/vllm/compose/single/tools-text.yml`
- `models/qwen3.6-27b/vllm/compose/single/long-text.yml`
- `models/qwen3.6-27b/vllm/compose/single/long-vision.yml`
- `scripts/setup.sh` for the current `GENESIS_PIN="${GENESIS_PIN:-...}"`
Use raw URLs or a temp clone under `_scratch/club-3090`. Prefer a temp clone when checking broad changes:
```bash
mkdir -p _scratch
git clone https://github.com/noonghunna/club-3090 _scratch/club-3090 2>/dev/null || git -C _scratch/club-3090 pull --ff-only
```
## Required Workflow
1. Fetch/update upstream refs under `_scratch/club-3090` or fetch the raw files.
2. Extract stored upstream hashes from `# Upstream: club-3090 ...` comments in config.nix. Skip any config whose hash matches upstream HEAD (report "already synced").
3. Compare upstream compose files to the remaining local llama-swap entries. Translate docker-compose semantics into the existing `docker run`/llama-swap format.
4. Compare upstream `scripts/setup.sh` Genesis pin to local `GENESIS_PIN` in `setup-qwen36-vllm.sh`.
5. Check upstream compose volumes/entrypoint for sidecar patches. If patches are added, removed, renamed, or invoked differently, update both:
- runtime mounts and `python3 /patches/...` calls in `config.nix`
- download/install logic and summary in `setup-qwen36-vllm.sh`
6. Ignore these diffs unless the user explicitly asks otherwise:
- `shm_size` / shm-related compose settings
- local timing patch `patch_timings_07351e088.py` and its mount/invocation
- model served-name differences caused by llama-swap `${MODEL_ID}`
- `HUGGING_FACE_HUB_TOKEN`; keep local CUDA device/env choices
- upstream relative paths vs local `/mnt/ssd/vLLM/...` paths
- docker-compose format vs local llama-swap/Nix format
7. Before editing, present:
- upstream files/commit checked
- meaningful diffs found
- ignored diffs
- exact planned local changes
Then wait for explicit user approval.
8. After approval, edit minimally and update the `# Upstream: club-3090 ...` hash comments. Validate:
- `bash -n modules/nixos/services/llama-swap/setup-qwen36-vllm.sh`
- `nix-instantiate --parse modules/nixos/services/llama-swap/config.nix`
9. Summarize changed files and any remaining upstream differences.

1
.envrc
View File

@@ -1 +0,0 @@
use flake

6
.gitignore vendored Executable file → Normal file
View File

@@ -1,6 +1,2 @@
.codexis
.DS_Store .DS_Store
_scratch rke2-token
result
._*
.direnv

50
.sops.yaml
View File

@@ -1,50 +0,0 @@
keys:
# Global Admin
- &admin_reichard age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w
# User SSH Derived
- &user_lin-va-desktop age15hdlen5dgjvdfgg2j0uzvchs5vs3xuptkhsw9xeuatcuk6uwrvcsz7hcsg
- &user_lin-va-mbp-personal age17ayje4uv2mhwehhp9jr3u9l0ds07396kt7ef40sufx89vm7cgfjq6d5d4y
- &user_lin-va-mbp-work-vm age1mar507c9mxmwalg486chs5kfh0mya38rv5w64ypfwnwlawewrpnswerpg8
- &user_lin-va-terminal age1w6avj7gd4f5frk90lsyh4e2k5am6z92hzlr0vpgrm767muyj59qsnuah62
- &user_lin-va-thinkpad age1avlhszrryt4gf4ya536jhzm7qwt9xfttm8x4sns6h9w2tahzqp8sspz9y5
- &user_mac-va-mbp-personal age1dccte7xtwswgef089nd80dutp96xnezx5lrqnneh9cusegsnda8sj3dj6c
- &user_mac-va-mbp-work age1ped3hpugq06908ex8kgama33qckqe03rmac5pa6th87vks5d249qhshvqu
# System SSH Derived
- &system_lin-va-desktop age1mxjrvjxkn69kfn2np3wpd73g44fuhsgykw7l5ss9rx30em5jfp2scnrq32
- &system_lin-va-thinkpad age13gymlygyac9z2slecl53jp8spq7e8n4zkan86n0gmnm3nrj4muxqa5ullm
- &system_lin-va-terminal age1rfgh40p6wmaam4ttwgv9xfukgxjruskhfvm0q3ud6lvxtlqc2y8snhwjft
creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *admin_reichard
- path_regex: secrets/common/systems.yaml
key_groups:
- age:
- *admin_reichard
- *system_lin-va-desktop
- *system_lin-va-thinkpad
- *system_lin-va-terminal
- path_regex: secrets/common/llama-swap.yaml
key_groups:
- age:
- *admin_reichard
- *system_lin-va-desktop
- *user_lin-va-mbp-personal
- *user_lin-va-mbp-work-vm
- *user_lin-va-terminal
- *user_lin-va-thinkpad
- *user_mac-va-mbp-personal
- *user_mac-va-mbp-work
- path_regex: secrets/common/evanreichard.yaml
key_groups:
- age:
- *admin_reichard
- *user_lin-va-mbp-personal
- *user_lin-va-mbp-work-vm
- *user_lin-va-terminal
- *user_lin-va-thinkpad
- *user_mac-va-mbp-personal
- *user_mac-va-mbp-work

119
AGENTS.md
View File

@@ -1,119 +0,0 @@
# NixOS Configuration — Agent Guide
This is a multi-host NixOS/nix-darwin configuration managed with [Snowfall Lib](https://github.com/snowfallorg/lib). It declaratively configures NixOS (Linux), nix-darwin (macOS), and Home Manager across many machines from a single flake.
## Snowfall Lib Conventions
Snowfall Lib auto-discovers everything by directory convention — there is no manual wiring. The namespace is `reichard`, so all custom options live under `reichard.*` (e.g. `reichard.services.tailscale`, `reichard.programs.terminal.nvim`). Modules use `lib.reichard.enabled` / `lib.reichard.disabled` helpers from `lib/module/default.nix`.
**Important:** Files must be tracked by git (`git add`) for the flake to see them.
## Layout
### `flake.nix`
Entrypoint. Defines inputs (nixpkgs, home-manager, sops-nix, disko, apple-silicon, snowfall-lib, etc.) and calls `snowfall-lib.mkFlake`. All system and home modules are auto-discovered from the directory structure below.
### `systems/`
System-level NixOS and nix-darwin configurations, organized by architecture:
- `systems/aarch64-linux/` — ARM Linux hosts (e.g. Asahi MacBook, Oracle Cloud nodes, headscale)
- `systems/x86_64-linux/` — x86 Linux hosts (desktop, thinkpad, utility servers, Kubernetes nodes)
- `systems/aarch64-darwin/` — macOS hosts (work and personal MacBooks)
- `systems/aarch64-raw-efi/` — Raw EFI image builds (terminal image via nixos-generators)
- `systems/x86_64-vmware/` — VMware images (RKE2 node)
Each host is a directory with a `default.nix` that composes modules via the `reichard.*` option namespace (e.g. `reichard.services.tailscale = enabled;`). Some hosts include `hardware-configuration.nix` or firmware directories.
### `homes/`
Home Manager configurations, organized by `<arch>/<user>@<host>/default.nix`. Each home config enables per-host programs and services (e.g. Neovim, Firefox, Hyprland, git, tmux) via the `reichard.*` namespace, same as system modules.
### `modules/`
Reusable NixOS, Home Manager, and Darwin modules. This is where most of the configuration logic lives.
- **`modules/nixos/`** — NixOS system modules:
- `common/` — Packages applied to all NixOS systems
- `home/` — Home Manager integration (useGlobalPkgs, useUserPackages)
- `nix/` — Nix daemon settings, registries, binary caches, distributed builds
- `user/` — User account creation
- `security/sops/` — sops-nix secret decryption (age-based)
- `system/` — Boot, networking, NetworkManager, disko disk partitioning
- `services/` — Headscale, Tailscale, llama-swap (LLM model server), OpenSSH, RKE2, printing, Avahi, cloud-init, Sunshine, etc.
- `hardware/` — OpenGL, Asahi (Apple Silicon), battery/UPower
- `programs/graphical/wms/hyprland/` — System-level Hyprland WM setup
- `display-managers/sddm/` — SDDM display manager
- `virtualisation/` — Podman, libvirtd
- **`modules/home/`** — Home Manager modules:
- `common/` — Packages applied to all home configs (sqlite, jq, ripgrep, ncdu, jnv)
- `user/` — Home Manager user identity
- `security/sops/` — Per-user secret decryption
- `services/` — Fusuma (touchpad gestures), swww (wallpaper), SSH agent, poweralertd
- `programs/terminal/` — CLI tools: bash, tmux, btop, git, k9s, zk, aws, Neovim, opencode, claude-code, pi
- `programs/graphical/` — GUI apps: Firefox (with extensions overlay), Ghostty, Hyprland (home-level), Remmina, GIMP, Wireshark, Ghidra, Strawberry
- **`modules/darwin/`** — nix-darwin modules: user, OpenSSH, sops
### `modules/home/programs/terminal/nvim/` — Neovim Configuration
This is the full Neovim setup, frequently modified. The `default.nix` declares:
- All plugins (via nixpkgs vimPlugins + custom `buildVimPlugin` for codecompanion.nvim, none-ls-extras, llama.vim)
- LSP servers and formatters as `extraPackages`
- A generated `nix-vars.lua` that injects Nix store paths for LSP binaries
The actual Neovim Lua configuration lives in `config/lua/`:
- `init.lua` — Main loader
- `base.lua` — Core Vim settings and keymaps
- `lsp-config.lua` — LSP server setup (uses paths from `nix-vars.lua`)
- `cmp-config.lua` — nvim-cmp completion
- `llm-config.lua` — LLM integration (codecompanion, llama.vim)
- `snacks-config.lua` — Snacks.nvim dashboard/picker
- `dap-config.lua` — Debug Adapter Protocol (Go, etc.)
- `diagnostics-config.lua`, `ts-config.lua`, `lualine-config.lua`, `noice-config.lua`, `git-config.lua`, `which-key-config.lua`, etc.
When editing the Neovim config, note that **plugin declarations** happen in `default.nix` (Nix), while **plugin configuration** happens in the Lua files under `config/lua/`. LSP binary paths are bridged via the auto-generated `nix-vars.lua`.
### `packages/`
Custom package derivations, auto-discovered by Snowfall Lib and available as `pkgs.reichard.<name>`:
- `codexis/` — Go: code indexer using tree-sitter (built from gitea via `fetchgit`)
- `llama-cpp/` — LLaMA C++ inference engine
- `llama-swap/` — Go: LLM model swap proxy (with UI sub-derivation)
- `opencode/` — Go: terminal coding tool
- `pi-coding-agent/` — Node.js: coding agent CLI
- `qwen-code/` — Qwen code assistant
- `stable-diffusion-cpp/` — Stable Diffusion C++ inference
### `overlays/`
Nixpkgs overlays. Currently just `firefox-addons/` which imports the rycee Firefox addons repository.
### `secrets/`
sops-encrypted secrets (age keys). Managed via `.sops.yaml` which defines per-host and per-user key groups:
- `keys.yaml` — Master key definitions
- `common/evanreichard.yaml` — User-level secrets (shared across personal machines)
- `common/systems.yaml` — System-level secrets (e.g. builder SSH keys)
### `shells/`
Dev shell definitions. `shells/default/` provides the default `nix develop` environment for working on this repo.
### `lib/`
Shared library helpers. `lib/module/default.nix` exports `mkOpt`, `mkBoolOpt`, `enabled`, and `disabled` — used throughout all modules for consistent option declarations.
## Common Tasks
- **Adding a new system:** Create `systems/<arch>/<hostname>/default.nix` and optionally `homes/<arch>/<user>@<hostname>/default.nix`. Compose existing modules via `reichard.*` options.
- **Adding a new module:** Create `modules/{nixos,home,darwin}/<category>/<name>/default.nix` with an `enable` option under the `reichard` namespace. It will be auto-discovered.
- **Adding a new package:** Create `packages/<name>/default.nix`. Run `git add` so the flake sees it. Reference it in modules as `pkgs.reichard.<name>`.
- **Editing Neovim plugins:** Modify `modules/home/programs/terminal/nvim/default.nix` (plugin list, extraPackages, nix-vars).
- **Editing Neovim config (Lua):** Modify files under `modules/home/programs/terminal/nvim/config/lua/`.
- **Managing secrets:** Edit `.sops.yaml` for key groups, use `sops` CLI to encrypt/decrypt files in `secrets/`.
- **Building/testing:** `nix build .#packages.<arch>.<name>` for packages, `nix build .#nixosConfigurations.<host>.config.system.build.toplevel` for full system builds.
- **Bumping a package version / refreshing hashes:** Use the `update-package-hashes` skill at `.pi/skills/update-package-hashes/`.

107
README.md Executable file → Normal file
View File

@@ -1,102 +1,61 @@
# Description # Deploy NixOS
This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager). ## Copy Config
```bash ```bash
# Install NixOS scp -r * root@10.10.10.10:/etc/nixos
./bootstrap.sh install --name lin-va-nix-builder
# Remote Image Build (NixOS Builder)
./bootstrap.sh image --name lin-va-rke2 --remote
# Home Manager Install
home-manager switch --flake .#evanreichard@mac-va-mbp-personal
# Update Flake
nix flake update
``` ```
## Manual ## Partition Drives
```bash ```bash
# Install NixOS # Validate Disk
sudo nixos-rebuild switch --flake .#lin-va-mbp-personal ls -l /dev/disk/by-id
# Install NixOS (Remote) # Partition Disk
nix run github:nix-community/nixos-anywhere -- --flake .#lin-cloud-kube1 --target-host \<USER\>@\<IP\> sudo nix \
--experimental-features "nix-command flakes" \
# Build Image run github:nix-community/disko -- \
nix build .#vmwareConfigurations.lin-va-rke2 --mode disko \
--flake /etc/nixos#lin-va-rke1
``` ```
## Nix Darwin ## Install NixOS
```bash ```bash
# Install Nix Without Determinate # Install
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install sudo nixos-install --flake /etc/nixos#lin-va-rke1
# Switch Nix Darwin # Reboot
sudo nix run nix-darwin#darwin-rebuild -- switch --flake .#mac-va-mbp-personal sudo reboot
sudo darwin-rebuild switch --flake .#mac-va-mbp-personal
``` ```
## Clean Garbage ## Copy Config Back to Host
NOTE: This will remove previous generations
```bash ```bash
sudo nix-collect-garbage --delete-old scp -r * nixos@10.10.10.10:/etc/nixos
nix-collect-garbage --delete-old
``` ```
## Home Manager ## Rebuild NixOS
```bash ```bash
# Update System Channels sudo nixos-rebuild switch
sudo nix-channel --add https://nixos.org/channels/nixpkgs-25.11-darwin nixpkgs
sudo nix-channel --update
# Update Home Manager
nix-channel --add https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz home-manager
nix-channel --update
# Link Repo
ln -s /Users/evanreichard/Development/git/personal/nix/home-manager ~/.config/home-manager
# Build Home Manager
home-manager switch
``` ```
### OS Update # Install Kubernetes (RKE2)
`/etc/bashrc` may get overridden. To properly load Nix, prepend the following: ```
# Deploy First Node
sudo nixos-install --flake /etc/nixos#lin-va-rke1
```bash # Reboot & Get Token
# Nix cat /var/lib/rancher/rke2/server/node-token
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' # Deploy Following Nodes
fi echo "<TOKEN>" > ./k8s/rke2-token
# End Nix sudo nixos-install --flake /etc/nixos#lin-va-rke2
``` ```
#### SOPS ## TODO
1. Convert your SSH key to an age key OpenEBS DiskPool Configuration not being applied. Likely need to consolidate RKE2 config, generate DiskPool config in complete, then apply.
2. Get age public key
3. Update `.sops.yaml` with rules
4. Edit file
```bash
# Convert SSH to Age
mkdir -p ~/.config/sops/age
ssh-to-age -private-key -i $HOME/.ssh/id_ed25519 -o ~/.config/sops/age/keys.txt
# Get Public Key
age-keygen -y ~/.config/sops/age/keys.txt
ssh-to-age -private-key -i ~/.ssh/id_ed25519 | age-keygen -y
SOPS_AGE_KEY_FILE=<ADMIN_KEY> sops -d --extract '["lin-va-desktop"]["host"]' ./secrets/keys.yaml | ssh-to-age -private-key | age-keygen -y
# Edit File
# NOTE: You can specify key with - `SOPS_AGE_KEY_FILE=~/.config/sops/age/other.txt`
sops secrets/lin-va-thinkpad/evanreichard/default.yaml
```

187
bootstrap.sh
View File

@@ -1,187 +0,0 @@
#!/bin/sh
export NIX_CONFIG="experimental-features = nix-command flakes"
function cmd_image() {
local usage="Usage: $0 image --name <image-name> [--remote]"
local name=""
local remote=false
while [[ $# -gt 0 ]]; do
case "$1" in
--name)
name="$2"
shift 2
;;
--remote)
remote=true
shift
;;
*)
echo "$usage"
exit 1
;;
esac
done
if [ -z "$name" ]; then
echo "$usage"
exit 1
fi
# Validate Config Exists
if ! nix eval --json --impure \
".#vmwareConfigurations" \
--apply "s: builtins.hasAttr \"$name\" s" 2>/dev/null | grep -q "true"; then
echo "Error: NixOS Generator Config '$name' not found"
exit 1
fi
build_args=(".#vmwareConfigurations.$name")
if [ "$remote" = true ]; then
build_args+=("-j0")
fi
if ! nix build "${build_args[@]}"; then
echo "Error: Image build failed"
exit 1
fi
echo "Successfully built image: $name"
}
function cmd_install() {
local usage="Usage: $0 install --name <system-name> [--remote <user@remote-host>]"
local name=""
local remote=""
while [[ $# -gt 0 ]]; do
case "$1" in
--name)
name="$2"
shift 2
;;
--remote)
remote="$2"
shift 2
;;
*)
echo "$usage"
exit 1
;;
esac
done
if [ -z "$name" ]; then
echo "$usage"
exit 1
fi
# Validate Config Exists
if ! nix eval --json --impure \
".#nixosConfigurations" \
--apply "s: builtins.hasAttr \"$name\" s" 2>/dev/null | grep -q "true"; then
echo "Error: NixOS configuration '$name' not found"
exit 1
fi
# Validate mainDiskID Exists
if ! disk_id=$(nix eval --raw --impure \
".#nixosConfigurations.$name.config.disko.devices.disk.main.device" 2>/dev/null); then
echo "Error: mainDiskID not defined for configuration '$name'"
exit 1
fi
# Remote or Local
if [ -n "$remote" ]; then
cmd_install_remote "$name" "$remote"
else
cmd_install_local "$name" "$disk_id"
fi
}
function cmd_install_local(){
local name="$1"
local disk_id="$2"
# Validate Disk Exists
if [ ! -e "$disk_id" ]; then
echo "Error: Disk $disk_id not found on system"
exit 1
fi
# Prompt Format
read -p "This will format disk $disk_id. Continue? (y/n) " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
echo "Operation Cancelled"
exit 1
fi
echo "Formatting disk: $disk_id"
# Format Disk
if ! sudo nix \
--experimental-features "nix-command flakes" \
run github:nix-community/disko -- \
--mode disko \
--flake "/etc/nixos#$name"; then
echo "Error: Disk formatting failed"
exit 1
fi
# Install NixOS
echo "Installing $name to disk: $disk_id"
if ! sudo nixos-install --flake "/etc/nixos#$name"; then
echo "Error: NixOS installation failed"
exit 1
fi
echo "Successfully installed $name to disk: $disk_id"
# Prompt Reboot
read -p "Reboot? (y/n) " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
echo "Operation Complete - Not Rebooting"
exit 0
fi
# Reboot
echo "Operation Complete - Rebooting"
sudo reboot
}
function cmd_install_remote(){
local name="$1"
local remote="$2"
# Prompt Install
read -p "This will completely wipe and install NixOS on $remote with configuration $name. Continue? (y/n) " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
echo "Operation Cancelled"
exit 1
fi
# Install NixOS
echo "Installing $name to remote host: $remote"
if ! nix run github:nix-community/nixos-anywhere -- --flake ".#$name" --target-host "$remote"; then
echo "Error: Remote NixOS installation failed"
exit 1
fi
echo "Successfully installed $name to remote host: $remote"
}
case "$1" in
image)
shift
cmd_image "$@"
;;
install)
shift
cmd_install "$@"
;;
*)
echo "Usage: $0 {image|install} --name <name>"
exit 1
;;
esac

535
flake.lock generated
View File

@@ -1,535 +0,0 @@
{
"nodes": {
"apple-silicon": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1778234684,
"narHash": "sha256-usIHfvSt7aXvMvRGtcbsue3rA13Z+9TW/7I3WBzLqFY=",
"owner": "nix-community",
"repo": "nixos-apple-silicon",
"rev": "3d7fe422ef6162154830209b9e50bf69e150cff7",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-apple-silicon",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1779036909,
"narHash": "sha256-zXcwYQGCT6pzinK+1dBB2ekTVtfxGZAapb3Evdcu4fY=",
"owner": "nix-darwin",
"repo": "nix-darwin",
"rev": "56c666e108467d87d13508936aade6d567f2a501",
"type": "github"
},
"original": {
"owner": "nix-darwin",
"ref": "nix-darwin-26.05",
"repo": "nix-darwin",
"type": "github"
}
},
"determinate": {
"inputs": {
"determinate-nixd-aarch64-darwin": "determinate-nixd-aarch64-darwin",
"determinate-nixd-aarch64-linux": "determinate-nixd-aarch64-linux",
"determinate-nixd-x86_64-linux": "determinate-nixd-x86_64-linux",
"nix": "nix",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1778179392,
"narHash": "sha256-W6zorvjBYbzMNvqKIqCdpDF4rq3gj50Xximl56YM9/I=",
"owner": "determinatesystems",
"repo": "determinate",
"rev": "efd54faa68be8cd777b5c28cab11e638998a0853",
"type": "github"
},
"original": {
"owner": "determinatesystems",
"repo": "determinate",
"type": "github"
}
},
"determinate-nixd-aarch64-darwin": {
"flake": false,
"locked": {
"narHash": "sha256-z4mCqKI3Qd6weuHrlfzGccJG0giym/VJhKv20ijRSs0=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.20.0/macOS"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.20.0/macOS"
}
},
"determinate-nixd-aarch64-linux": {
"flake": false,
"locked": {
"narHash": "sha256-yW+VNepSRytzfanSssPMJPvwioCcmlZYaBX8++UFkAk=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.20.0/aarch64-linux"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.20.0/aarch64-linux"
}
},
"determinate-nixd-x86_64-linux": {
"flake": false,
"locked": {
"narHash": "sha256-+L102C3Hhkd1GlXmRm2eLTLsZKBxEvooiQZFqQRlBf0=",
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.20.0/x86_64-linux"
},
"original": {
"type": "file",
"url": "https://install.determinate.systems/determinate-nixd/tag/v3.20.0/x86_64-linux"
}
},
"disko": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1777713215,
"narHash": "sha256-8GzXDOXckDWwST8TY5DbwYFjdvQLlP7K9CLSVx6iTTo=",
"owner": "nix-community",
"repo": "disko",
"rev": "63b4e7e6cf75307c1d26ac3762b886b5b0247267",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"firefox-addons": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1778385775,
"narHash": "sha256-n0MUvWA2SML/qBB4hpShQ7i+i961MX4oPtaQfYo0+uU=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "268324916742a48cd03b94fd63f2822d6b66d519",
"type": "gitlab"
},
"original": {
"dir": "pkgs/firefox-addons",
"owner": "rycee",
"repo": "nur-expressions",
"type": "gitlab"
}
},
"flake-compat": {
"locked": {
"lastModified": 1761640442,
"narHash": "sha256-AtrEP6Jmdvrqiv4x2xa5mrtaIp3OEe8uBYCDZDS+hu8=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "4a56054d8ffc173222d09dad23adf4ba946c8884",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1650374568,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"determinate",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1748821116,
"narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=",
"rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1",
"revCount": 377,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/hercules-ci/flake-parts/0.1.377%2Brev-49f0870db23e8c1ca0b5259734a02cd9e1e371a1/01972f28-554a-73f8-91f4-d488cc502f08/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/hercules-ci/flake-parts/0.1"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils-plus": {
"inputs": {
"flake-utils": "flake-utils"
},
"locked": {
"lastModified": 1715533576,
"narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
}
},
"git-hooks-nix": {
"inputs": {
"flake-compat": "flake-compat_2",
"gitignore": [
"determinate",
"nix"
],
"nixpkgs": [
"determinate",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1747372754,
"narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
"rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
"revCount": 1026,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/cachix/git-hooks.nix/0.1.1026%2Brev-80479b6ec16fefd9c1db3ea13aeb038c60530f46/0196d79a-1b35-7b8e-a021-c894fb62163d/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/cachix/git-hooks.nix/0.1.941"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1780361225,
"narHash": "sha256-wnV9ttf4fPWNonBIQmvlrSlNpQYgx5HgWWd007mwIFA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e28654b71096e08c019d4861ca26acb646f583d8",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-26.05",
"repo": "home-manager",
"type": "github"
}
},
"nix": {
"inputs": {
"flake-parts": "flake-parts",
"git-hooks-nix": "git-hooks-nix",
"nixpkgs": "nixpkgs",
"nixpkgs-23-11": "nixpkgs-23-11",
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1778177425,
"narHash": "sha256-oyHvP5HDRe59opmjTrq2ED9lh+R9FrHyaCGPPNfBqWM=",
"rev": "f0ccb960d3ad5bff28acd9cabf8bdef885b5d52f",
"revCount": 25858,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.20.0/019e03bc-3f83-7833-aba3-b691ef4956c7/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/DeterminateSystems/nix-src/%2A"
}
},
"nixlib": {
"locked": {
"lastModified": 1736643958,
"narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixos-generators": {
"inputs": {
"nixlib": "nixlib",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1769813415,
"narHash": "sha256-nnVmNNKBi1YiBNPhKclNYDORoHkuKipoz7EtVnXO50A=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "8946737ff703382fda7623b9fab071d037e897d5",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-generators",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1773222311,
"narHash": "sha256-BHoB/XpbqoZkVYZCfXJXfkR+GXFqwb/4zbWnOr2cRcU=",
"rev": "0590cd39f728e129122770c029970378a79d076a",
"revCount": 909248,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.2511.909248%2Brev-0590cd39f728e129122770c029970378a79d076a/019ce32b-8ace-7339-b129-cceaa8dd10c6/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/NixOS/nixpkgs/0.2511"
}
},
"nixpkgs-23-11": {
"locked": {
"lastModified": 1717159533,
"narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
"type": "github"
}
},
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1777954456,
"narHash": "sha256-hGdgeU2Nk87RAuZyYjyDjFL6LK7dAZN5RE9+hrDTkDU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "549bd84d6279f9852cae6225e372cc67fb91a4c1",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1777826146,
"narHash": "sha256-wQ/iN5Zp5VIa3ebBibijPnLyKhor+xEbDy4d0goa9Zs=",
"rev": "73c703c22422b8951895a960959dbbaca7296492",
"revCount": 991389,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.991389%2Brev-73c703c22422b8951895a960959dbbaca7296492/019df6c8-934b-7d40-b402-027bb5def30f/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/DeterminateSystems/nixpkgs-weekly/0.1"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1773628058,
"narHash": "sha256-hpXH0z3K9xv0fHaje136KY872VT2T5uwxtezlAskQgY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f8573b9c935cfaa162dd62cc9e75ae2db86f85df",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1780203844,
"narHash": "sha256-K5sT4jTpGs15ADhviMKNBH38REpPf5Q6mM1+N6cArVE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b51242d7d43689db2f3be91bd05d5b24fbb469c4",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-26.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"apple-silicon": "apple-silicon",
"darwin": "darwin",
"determinate": "determinate",
"disko": "disko",
"firefox-addons": "firefox-addons",
"home-manager": "home-manager",
"nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_4",
"nixpkgs-unstable": "nixpkgs-unstable",
"snowfall-lib": "snowfall-lib",
"sops-nix": "sops-nix"
}
},
"snowfall-lib": {
"inputs": {
"flake-compat": "flake-compat_3",
"flake-utils-plus": "flake-utils-plus",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1765361626,
"narHash": "sha256-kX0Dp/kYSRbQ+yd9e3lmmUWdNbipufvKfL2IzbrSpnY=",
"owner": "snowfallorg",
"repo": "lib",
"rev": "c566ad8b7352c30ec3763435de7c8f1c46ebb357",
"type": "github"
},
"original": {
"owner": "snowfallorg",
"repo": "lib",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1777944972,
"narHash": "sha256-VfGRo1qTBKOe3s2gOv8LSoA6Fk19PvBlwQ1ECN0Evn8=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "c591bf665727040c6cc5cb409079acb22dcce33c",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

147
flake.nix Executable file → Normal file
View File

@@ -2,83 +2,86 @@
description = "NixOS Hosts"; description = "NixOS Hosts";
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-26.05"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
disko.url = "github:nix-community/disko"; disko.url = "github:nix-community/disko";
determinate.url = "github:determinatesystems/determinate";
snowfall-lib = {
url = "github:snowfallorg/lib";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager/release-26.05";
inputs.nixpkgs.follows = "nixpkgs";
};
apple-silicon = {
url = "github:nix-community/nixos-apple-silicon";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-generators = {
url = "github:nix-community/nixos-generators";
inputs.nixpkgs.follows = "nixpkgs";
};
firefox-addons = {
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
darwin = {
url = "github:nix-darwin/nix-darwin/nix-darwin-26.05";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = outputs = { self, nixpkgs, disko }:
inputs: let
inputs.snowfall-lib.mkFlake { mkSystem = { systemConfig, moduleConfig }: nixpkgs.lib.nixosSystem {
inherit inputs; system = "x86_64-linux";
src = ./.; modules = [
snowfall = {
namespace = "reichard";
meta = {
title = "Reichard";
name = "reichard";
};
};
channels-config = {
allowUnfree = true;
permittedInsecurePackages = [
"intel-ocl-5.0-63503"
];
};
outputs-builder = channels: {
devShells = {
default = import ./shells/default/default.nix { pkgs = channels.nixpkgs; };
};
};
homes.modules = with inputs; [
sops-nix.homeManagerModules.sops
./modules/home/common
];
systems.modules = {
nixos = with inputs; [
disko.nixosModules.disko disko.nixosModules.disko
sops-nix.nixosModules.sops ./lib/disk-config.nix
./modules/nixos/common ./lib/common-system.nix
]; systemConfig
darwin = with inputs; [ ({ ... }: moduleConfig)
determinate.darwinModules.default
home-manager.darwinModules.home-manager
sops-nix.darwinModules.sops
]; ];
}; };
in
{
nixosConfigurations = {
# LLaMA C++ Server
lin-va-llama1 = mkSystem {
systemConfig = ./hosts/llama-server.nix;
moduleConfig = {
hostName = "lin-va-llama1";
mainDiskID = "/dev/sda";
};
};
# RKE2 Primary Server
lin-va-rke1 = mkSystem {
systemConfig = ./hosts/rke2.nix;
moduleConfig = {
hostName = "lin-va-rke1";
mainDiskID = "/dev/disk/by-id/ata-VBOX_HARDDISK_VB0af7d668-04b70404";
dataDiskID = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBcd9425b8-d666f9b8";
networkConfig = {
interface = "enp0s3";
address = "10.0.20.201";
defaultGateway = "10.0.20.254";
nameservers = [ "10.0.20.254" ];
};
};
};
# RKE2 Second Server
lin-va-rke2 = mkSystem {
systemConfig = ./hosts/rke2.nix;
moduleConfig = {
hostName = "lin-va-rke2";
mainDiskID = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBf55aaccc-688cfd0d";
dataDiskID = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBfd391256-6e368424";
serverAddr = "https://10.0.20.201:9345";
networkConfig = {
interface = "enp0s3";
address = "10.0.20.202";
defaultGateway = "10.0.20.254";
nameservers = [ "10.0.20.254" ];
};
};
};
# RKE2 Third Server
lin-va-rke3 = mkSystem {
systemConfig = ./hosts/rke2.nix;
moduleConfig = {
hostName = "lin-va-rke3";
mainDiskID = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBe9edacd5-ac4ed4fa";
dataDiskID = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBa1fc46d0-19380495";
serverAddr = "https://10.0.20.201:9345";
networkConfig = {
interface = "enp0s3";
address = "10.0.20.203";
defaultGateway = "10.0.20.254";
nameservers = [ "10.0.20.254" ];
};
};
};
};
}; };
} }

40
home-manager/README.md Normal file
View File

@@ -0,0 +1,40 @@
# Nix Home Manager Configuration
## Upgrade
```bash
# Update System Channels
sudo nix-channel --add https://nixos.org/channels/nixpkgs-24.11-darwin nixpkgs
sudo nix-channel --update
# Update Home Manager
nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz home-manager
nix-channel --update
# Link Repo
ln -s /Users/evanreichard/Development/git/personal/nix/home-manager ~/.config/home-manager
# Build Home Manager
home-manager switch
```
## Clean Garbage
NOTE: This will remove previous generations
```bash
sudo nix-collect-garbage --delete-old
nix-collect-garbage --delete-old
```
## OS Update
`/etc/bashrc` may get overridden. To properly load Nix, prepend the following:
```bash
# Nix
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi
# End Nix
```

18
home-manager/bash/default.nix Normal file
View File

@@ -0,0 +1,18 @@
{
programs.bash = {
enable = true;
shellAliases = {
grep = "grep --color";
ssh = "TERM=xterm-256color ssh";
flush_dns = "sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder";
};
profileExtra = ''
SHELL="$BASH"
PATH=~/.bin:$PATH
eval "$(thefuck --alias)"
set -o vi
bind "set show-mode-in-prompt on"
fastfetch
'';
};
}

6
home-manager/direnv/default.nix Normal file
View File

@@ -0,0 +1,6 @@
{
programs.direnv = {
enable = true;
nix-direnv.enable = true;
};
}

93
home-manager/fastfetch/config/config.jsonc Normal file
View File

@@ -0,0 +1,93 @@
{
"modules": [
{
"type": "separator",
"string": "",
"length": 35,
},
{
"type": "title",
"format": "Hardware Information",
},
{
"type": "cpu",
"key": " ",
},
{
"type": "memory",
"key": " ",
},
{
"type": "display",
"key": "󰍹 ",
},
{
"type": "separator",
},
{
"type": "title",
"format": "Software Information",
},
{
"type": "os",
"key": " ",
},
{
"type": "kernel",
"key": " ",
},
{
"type": "terminal",
"key": " ",
},
{
"type": "packages",
"key": "󰏖 ",
},
{
"type": "terminalfont",
"key": " ",
},
{
"type": "separator",
},
{
"type": "title",
"format": "Network Information",
},
{
"type": "publicip",
"key": " ",
},
{
"type": "localip",
"key": " ",
},
{
"type": "separator",
},
{
"type": "custom",
"format": " {#white} {#red} {#green} {#yellow} {#blue} {#magenta} {#cyan} {#white}\n",
},
],
"display": {
"separator": "  ",
"key": {
"width": 7,
},
"color": {
"keys": "yellow",
"title": "blue",
},
},
"settings": {
"kernelFormat": "minimal",
"memoryUnit": "gib",
"temperatureUnit": "celsius",
"publicIpTimeout": 2000,
"publicIpHost": "http://ident.me",
"diskUnit": "gib",
"showDisks": ["/"],
},
}

7
home-manager/fastfetch/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{
xdg.configFile = {
"fastfetch/config.jsonc" = {
source = ./config/config.jsonc;
};
};
}

5
modules/home/programs/graphical/ghostty/config/ghostty-melange-dark.conf → home-manager/ghostty/config/ghostty.conf
View File

@@ -1,3 +1,8 @@
command = /Users/evanreichard/.nix-profile/bin/bash --login
macos-titlebar-style = tabs
auto-update = off
font-family = "MesloLGM Nerd Font Mono"
# Melange Dark - Adapted From: https://github.com/savq/melange-nvim/blob/master/term/kitty/melange_dark.conf # Melange Dark - Adapted From: https://github.com/savq/melange-nvim/blob/master/term/kitty/melange_dark.conf
palette = 0=#34302C palette = 0=#34302C
palette = 1=#BD8183 palette = 1=#BD8183

7
home-manager/ghostty/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{
xdg.configFile = {
"ghostty/config" = {
source = ./config/ghostty.conf;
};
};
}

0
modules/home/programs/terminal/bash/config/.gitignore → home-manager/git/config/.gitignore vendored Executable file → Normal file
View File

0
modules/home/programs/terminal/git/config/personal → home-manager/git/config/personal Executable file → Normal file
View File

2
modules/home/programs/terminal/git/config/work → home-manager/git/config/work Executable file → Normal file
View File

@@ -2,4 +2,4 @@
sshCommand = "ssh -i ~/Keys/work" sshCommand = "ssh -i ~/Keys/work"
[user] [user]
email = evan@prophetsecurity.ai email = evan@prophet.security

40
home-manager/git/default.nix Normal file
View File

@@ -0,0 +1,40 @@
{
programs.git = {
enable = true;
userName = "Evan Reichard";
aliases = {
lg = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all -n 15";
};
includes = [
{
path = "~/.config/git/work";
condition = "gitdir:~/Development/git/work/";
}
{
path = "~/.config/git/personal";
condition = "gitdir:~/Development/git/personal/";
}
];
extraConfig = {
core = {
autocrlf = "input";
safecrlf = "true";
excludesFile = "~/.config/git/.gitignore";
};
merge = {
conflictstyle = "zdiff3";
};
push = {
autoSetupRemote = true;
};
};
};
# Copy Configuration
xdg.configFile = {
git = {
source = ./config;
recursive = true;
};
};
}

113
home-manager/home.nix Normal file
View File

@@ -0,0 +1,113 @@
{ pkgs, ... }:
let
inherit (pkgs.lib) optionals;
inherit (pkgs.stdenv) isLinux isDarwin;
in
{
imports = [
./bash
./direnv
./ghostty
./git
./htop
./fastfetch
./nvim
./powerline
./readline
];
# Home Manager Config
home.username = "evanreichard";
home.homeDirectory = "/Users/evanreichard";
home.stateVersion = "24.11";
programs.home-manager.enable = true;
# Global Packages
home.packages = with pkgs; [
(nerdfonts.override { fonts = [ "Meslo" ]; })
# ghostty - Pending Darwin @ https://github.com/NixOS/nixpkgs/pull/369788
android-tools
awscli2
bashInteractive
cw
fastfetch
gitAndTools.gh
google-cloud-sdk
imagemagick
kubectl
kubernetes-helm
(llama-cpp.overrideAttrs {
version = "b4539";
src = pkgs.fetchFromGitHub {
owner = "ggerganov";
repo = "llama.cpp";
tag = "b4539";
hash = "sha256-zPWx8gdai8OfoBCr2X2oJYg45ipLselYZMrL+MbQ1AY=";
leaveDotGit = true;
};
})
mosh
pre-commit
python311
ssm-session-manager-plugin
texliveSmall # Pandoc PDF Dep
thefuck
tldr
]
++ optionals isDarwin [ ]
++ optionals isLinux [ ];
# GitHub CLI
programs.gh = {
enable = true;
settings = {
git_protocol = "ssh";
};
};
# Misc Programs
programs.htop.enable = true;
programs.jq.enable = true;
programs.k9s.enable = true;
programs.pandoc.enable = true;
# Enable Flakes & Commands
nix = {
package = pkgs.nix;
extraOptions = ''experimental-features = nix-command flakes'';
};
# SQLite Configuration
home.file.".sqliterc".text = ''
.headers on
.mode column
'';
# Darwin Spotlight Indexing Hack
# home.activation = mkIf isDarwin {
# copyApplications =
# let
# apps = pkgs.buildEnv {
# name = "home-manager-applications";
# paths = config.home.packages;
# pathsToLink = "/Applications";
# };
# in
# lib.hm.dag.entryAfter [ "writeBoundary" ] ''
# baseDir="$HOME/Applications/Home Manager Apps"
# if [ -d "$baseDir" ]; then
# rm -rf "$baseDir"
# fi
# mkdir -p "$baseDir"
# for appFile in ${apps}/Applications/*; do
# target="$baseDir/$(basename "$appFile")"
# $DRY_RUN_CMD cp ''${VERBOSE_ARG:+-v} -fHRL "$appFile" "$baseDir"
# $DRY_RUN_CMD chmod ''${VERBOSE_ARG:+-v} -R +w "$target"
# done
# '';
# };
# Darwin Spotlight Indexing Hack
disabledModules = [ "targets/darwin/linkapps.nix" ];
}

51
home-manager/htop/config/htoprc Normal file
View File

@@ -0,0 +1,51 @@
# Beware! This file is rewritten by htop when settings are changed in the interface.
# The parser is also very primitive, and not human-friendly.
htop_version=3.2.1
config_reader_min_version=3
fields=0 48 17 18 38 39 2 46 47 49 1
hide_kernel_threads=1
hide_userland_threads=0
shadow_other_users=0
show_thread_names=0
show_program_path=1
highlight_base_name=0
highlight_deleted_exe=1
highlight_megabytes=1
highlight_threads=1
highlight_changes=0
highlight_changes_delay_secs=5
find_comm_in_cmdline=1
strip_exe_from_cmdline=1
show_merged_command=0
header_margin=1
screen_tabs=1
detailed_cpu_time=0
cpu_count_from_one=0
show_cpu_usage=1
show_cpu_frequency=0
update_process_names=0
account_guest_in_cpu_meter=0
color_scheme=6
enable_mouse=1
delay=15
hide_function_bar=0
header_layout=two_50_50
column_meters_0=LeftCPUs Memory Swap
column_meter_modes_0=1 1 1
column_meters_1=RightCPUs Tasks LoadAverage Uptime
column_meter_modes_1=1 2 2 2
tree_view=0
sort_key=46
tree_sort_key=0
sort_direction=-1
tree_sort_direction=1
tree_view_always_by_pid=0
all_branches_collapsed=0
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT STATE PERCENT_CPU PERCENT_MEM TIME Command
.sort_key=PERCENT_CPU
.tree_sort_key=PID
.tree_view=0
.tree_view_always_by_pid=0
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0

5
home-manager/htop/default.nix Normal file
View File

@@ -0,0 +1,5 @@
{
xdg.configFile."htop/htoprc" = {
source = ./config/htoprc;
};
}

8
home-manager/nvim/config/lua/aerial-config.lua Normal file
View File

@@ -0,0 +1,8 @@
require('aerial').setup({
on_attach = function(bufnr)
vim.keymap.set('n', '{', '<cmd>AerialPrev<CR>', {buffer = bufnr})
vim.keymap.set('n', '}', '<cmd>AerialNext<CR>', {buffer = bufnr})
end
})
vim.keymap.set('n', '<leader>a', '<cmd>AerialToggle!<CR>')

0
modules/home/programs/terminal/nvim/config/lua/autopairs-config.lua → home-manager/nvim/config/lua/autopairs-config.lua Executable file → Normal file
View File

66
home-manager/nvim/config/lua/base.lua Normal file
View File

@@ -0,0 +1,66 @@
-- Set Theme
-- vim.g.nord_borders = true
-- vim.g.nord_contrast = true
-- vim.cmd('colorscheme nord')
vim.cmd('colorscheme melange')
-- Set Leader
vim.keymap.set("n", "<Space>", "<Nop>", {silent = true})
vim.g.mapleader = " "
-- Set Timeout
vim.opt.timeoutlen = 250
-- Disable NetRW
vim.g.loaded_netrw = 1
vim.g.loaded_netrwPlugin = 1
-- Set Term Colors
vim.opt.termguicolors = true
-- Synchronize with system clipboard
vim.opt.clipboard = "unnamed"
-- Always show the signcolumn
vim.opt.signcolumn = "yes"
-- Set nowrap, line numbers, hightlight search
vim.opt.wrap = false
vim.opt.nu = true
vim.opt.hlsearch = true
vim.opt.shiftwidth = 2
-- Set fold settings
vim.opt.foldmethod = "indent"
vim.opt.foldnestmax = 10
vim.opt.foldlevel = 2
-- Diagnostics Mappings
local diagnostics_active = true
local toggle_diagnostics = function()
diagnostics_active = not diagnostics_active
if diagnostics_active then
vim.diagnostic.enable()
else
vim.diagnostic.disable()
end
end
local diagnostics_loclist_active = false
local toggle_diagnostics_loclist = function()
diagnostics_loclist_active = not diagnostics_loclist_active
if diagnostics_loclist_active then
vim.diagnostic.setloclist()
else
vim.cmd('lclose')
end
end
local opts = {noremap = true, silent = true}
vim.keymap.set('n', '<leader>qt', toggle_diagnostics, opts)
vim.keymap.set('n', '<leader>qN',
function() vim.diagnostic.goto_prev({float = false}) end, opts)
vim.keymap.set('n', '<leader>qn',
function() vim.diagnostic.goto_next({float = false}) end, opts)
vim.keymap.set('n', '<leader>qq', toggle_diagnostics_loclist, opts)
vim.keymap.set('n', '<leader>qe', vim.diagnostic.open_float, opts)

71
home-manager/nvim/config/lua/cmp-config.lua Normal file
View File

@@ -0,0 +1,71 @@
local cmp = require('cmp')
require("luasnip.loaders.from_vscode").lazy_load()
-- Check Tab Completion
local has_words_before = function()
local line, col = unpack(vim.api.nvim_win_get_cursor(0))
return col ~= 0 and
vim.api.nvim_buf_get_lines(0, line - 1, line, true)[1]:sub(col,
col)
:match("%s") == nil
end
cmp.setup({
snippet = {
expand = function(args) require'luasnip'.lsp_expand(args.body) end
},
mapping = cmp.mapping.preset.insert({
-- Tab Completion
["<Tab>"] = cmp.mapping(function(fallback)
if cmp.visible() then
cmp.select_next_item()
elseif has_words_before() then
cmp.complete()
else
fallback()
end
end, {"i", "s"}),
-- Reverse Tab Completion
["<S-Tab>"] = cmp.mapping(function(fallback)
if cmp.visible() then
cmp.select_prev_item()
else
fallback()
end
end, {"i", "s"}),
-- Misc Mappings
['<C-b>'] = cmp.mapping.scroll_docs(-4),
['<C-f>'] = cmp.mapping.scroll_docs(4),
['<C-Space>'] = cmp.mapping.complete(),
['<C-e>'] = cmp.mapping.abort(),
['<CR>'] = cmp.mapping.confirm({select = true})
}),
-- Default Sources
sources = cmp.config.sources({
{name = 'nvim_lsp'}, {name = 'luasnip'}, {name = 'path'},
{name = 'buffer'}
})
})
-- Completion - `/` and `?`
cmp.setup.cmdline({'/', '?'}, {
mapping = cmp.mapping.preset.cmdline(),
sources = {{name = 'buffer'}}
})
-- Completion = `:`
cmp.setup.cmdline(':', {
mapping = cmp.mapping.preset.cmdline(),
sources = cmp.config.sources({{name = 'path'}, {name = 'cmdline'}})
})
-- Autopairs
local cmp_autopairs = require('nvim-autopairs.completion.cmp')
cmp.event:on('confirm_done', cmp_autopairs.on_confirm_done())

0
modules/home/programs/terminal/nvim/config/lua/comment-config.lua → home-manager/nvim/config/lua/comment-config.lua Executable file → Normal file
View File

70
home-manager/nvim/config/lua/dap-config.lua Normal file
View File

@@ -0,0 +1,70 @@
local dap = require("dap")
local dapui = require("dapui")
local dapgo = require("dap-go")
dapui.setup({
controls = {
element = "repl",
enabled = true,
icons = {
disconnect = "",
pause = "",
play = "",
run_last = "",
step_back = "",
step_into = "",
step_out = "",
step_over = "",
terminate = ""
}
},
element_mappings = {},
expand_lines = false,
floating = {border = "single", mappings = {close = {"q", "<Esc>"}}},
force_buffers = true,
icons = {collapsed = "", current_frame = "", expanded = ""},
layouts = {
{
elements = {{id = "repl", size = 0.5}, {id = "scopes", size = 0.5}},
position = "bottom",
size = 10
}, {
elements = {
{id = "breakpoints", size = 0.5}, {id = "stacks", size = 0.5}
},
position = "left",
size = 40
}
},
mappings = {
edit = "e",
expand = {"<CR>", "<2-LeftMouse>"},
open = "o",
remove = "d",
repl = "r",
toggle = "t"
},
render = {indent = 1, max_value_lines = 100}
})
dapgo.setup()
-- Auto Open UI
dap.listeners.before.attach.dapui_config = function() dapui.open() end
dap.listeners.before.launch.dapui_config = function() dapui.open() end
-- Continue Hotkey ("c")
vim.api.nvim_create_autocmd("FileType", {
pattern = "dap-repl",
callback = function()
vim.api.nvim_buf_set_keymap(0, 'n', 'c',
"<cmd>lua require'dap'.continue()<CR>",
{noremap = true, silent = true})
end
})
-- Leader Keys
local opts = {noremap = true, silent = true}
vim.keymap.set('n', '<leader>db', dap.toggle_breakpoint, opts)
vim.keymap.set('n', '<leader>du', dapui.toggle, opts)
vim.keymap.set('n', '<leader>dc', dap.continue, opts)
vim.keymap.set('n', '<leader>dt', dapgo.debug_test, opts)

6
home-manager/nvim/config/lua/diffview-config.lua Normal file
View File

@@ -0,0 +1,6 @@
vim.keymap.set('n', '<leader>go', '<cmd>DiffviewOpen<CR>')
vim.keymap.set('n', '<leader>gO', '<cmd>DiffviewOpen origin/main...HEAD<CR>')
vim.keymap.set('n', '<leader>gh', '<cmd>DiffviewFileHistory<CR>')
vim.keymap.set('n', '<leader>gH',
'<cmd>DiffviewFileHistory --range=origin..HEAD<CR>')
vim.keymap.set('n', '<leader>gc', '<cmd>DiffviewClose<CR>')

41
home-manager/nvim/config/lua/git-ref.lua Normal file
View File

@@ -0,0 +1,41 @@
function get_git_info()
local abs_path = vim.fn.expand("%:p")
local git_root = vim.fn.systemlist(
"git -C " .. vim.fn.escape(vim.fn.fnamemodify(abs_path, ":h"), " ") .. " rev-parse --show-toplevel"
)[1]
if vim.v.shell_error ~= 0 then
return
end
local git_repo = vim.fn.system("git remote get-url origin"):match("([^/:]+/[^/.]+)%.?[^/]*$"):gsub("\n", "")
local git_branch = vim.fn.system("git rev-parse --abbrev-ref HEAD"):gsub("\n", "")
return {
file = vim.fn.fnamemodify(abs_path, ":s?" .. git_root .. "/??"),
branch = git_branch,
repo = git_repo,
}
end
vim.keymap.set("v", "<Leader>gy", function()
local git_info = get_git_info()
if git_info == nil then
vim.notify("Failed to get git info", vim.log.levels.ERROR)
return
end
local start_line = vim.fn.line("v")
local end_line = vim.fn.line(".")
local message = string.format(
"https://github.com/%s/blob/%s/%s#L%d-L%d",
git_info.repo,
git_info.branch,
git_info.file,
start_line,
end_line
)
vim.fn.setreg("+", message)
vim.notify("Copied:\n\t" .. message, vim.log.levels.INFO)
end, { noremap = true, silent = true, desc = "Copy GitHub Link" })

16
home-manager/nvim/config/lua/git-signs.lua Normal file
View File

@@ -0,0 +1,16 @@
require('gitsigns').setup {
on_attach = function(bufnr)
local gitsigns = require('gitsigns')
local function map(mode, l, r, opts)
opts = opts or {}
opts.buffer = bufnr
vim.keymap.set(mode, l, r, opts)
end
map('n', '<leader>gb', gitsigns.toggle_current_line_blame)
map('n', '<leader>gB', function()
gitsigns.blame_line {full = true}
end)
end
}

15
modules/home/programs/terminal/nvim/config/lua/init.lua → home-manager/nvim/config/lua/init.lua Executable file → Normal file
View File

@@ -1,19 +1,22 @@
require("base") require("base")
require("aerial-config")
require("autopairs-config") require("autopairs-config")
require("cmp-config") require("cmp-config")
require("comment-config") require("comment-config")
require("dap-config") require("dap-config")
require("diagnostics-config") require("diffview-config")
require("git-config") require("git-ref")
require("git-signs")
require("llm")
require("leap-config") require("leap-config")
require("llm-config")
require("lsp-config") require("lsp-config")
require("lsp-lines-config")
require("lualine-config") require("lualine-config")
require("neotree-config")
require("noice-config") require("noice-config")
require("numb-config") require("numb-config")
require("octo-config") require("silicon-config")
require("snacks-config") require("telescope-config")
require("toggleterm-config") require("toggleterm-config")
require("ts-config") require("ts-config")
require("weird-chars")
require("which-key-config") require("which-key-config")

0
modules/home/programs/terminal/nvim/config/lua/leap-config.lua → home-manager/nvim/config/lua/leap-config.lua Executable file → Normal file
View File

20
home-manager/nvim/config/lua/llm.lua Normal file
View File

@@ -0,0 +1,20 @@
-- Configure LLama LLM
vim.g.llama_config = {
endpoint = "http://10.0.20.158:8080/infill",
api_key = "",
n_prefix = 256,
n_suffix = 64,
n_predict = 256,
t_max_prompt_ms = 500,
t_max_predict_ms = 500,
show_info = 2,
auto_fim = true,
max_line_suffix = 8,
max_cache_keys = 256,
ring_n_chunks = 8,
ring_chunk_size = 32,
ring_scope = 512,
ring_update_ms = 1000,
}
-- require("gen").setup({ model = "codegemma" })

237
home-manager/nvim/config/lua/lsp-config.lua Normal file
View File

@@ -0,0 +1,237 @@
------------------------------------------------------
------------------- Custom Settings ------------------
------------------------------------------------------
vim.api.nvim_create_autocmd("FileType", {
pattern = "go",
callback = function()
vim.bo.textwidth = 120
end,
})
vim.filetype.add({
extension = {
templ = "templ",
},
})
------------------------------------------------------
-------------------- Built-in LSP --------------------
------------------------------------------------------
local nix_vars = require("nix-vars")
local nvim_lsp = require("lspconfig")
local on_attach = function(client, bufnr)
local bufopts = { noremap = true, silent = true, buffer = bufnr }
if client.supports_method("textDocument/formatting") then
vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
vim.api.nvim_create_autocmd("BufWritePre", {
group = augroup,
buffer = bufnr,
callback = function()
vim.lsp.buf.format({ async = false, timeout_ms = 2000 })
end,
})
end
vim.keymap.set("n", "K", vim.lsp.buf.hover, bufopts)
vim.keymap.set("n", "<C-k>", vim.lsp.buf.signature_help, bufopts)
vim.keymap.set("n", "<leader>lD", vim.lsp.buf.declaration, bufopts)
vim.keymap.set("n", "<leader>ld", vim.lsp.buf.definition, bufopts)
vim.keymap.set("n", "<leader>li", vim.lsp.buf.implementation, bufopts)
vim.keymap.set("n", "<leader>ln", vim.lsp.buf.rename, bufopts)
vim.keymap.set("n", "<leader>lr", vim.lsp.buf.references, bufopts)
vim.keymap.set("n", "<leader>lt", vim.lsp.buf.type_definition, bufopts)
vim.keymap.set("n", "<leader>lf", function()
vim.lsp.buf.format({ async = true, timeout_ms = 2000 })
end, bufopts)
end
local on_attach_no_formatting = function(client, bufnr)
-- Disable Formatting
client.server_capabilities.documentFormattingProvider = false
client.server_capabilities.documentRangeFormattingProvider = false
on_attach(client, bufnr)
end
local organize_go_imports = function()
local encoding = vim.lsp.util._get_offset_encoding()
local params = vim.lsp.util.make_range_params(nil, encoding)
params.context = { only = { "source.organizeImports" } }
local result = vim.lsp.buf_request_sync(0, "textDocument/codeAction", params, 3000)
for _, res in pairs(result or {}) do
for _, r in pairs(res.result or {}) do
if r.edit then
vim.lsp.util.apply_workspace_edit(r.edit, encoding)
else
vim.lsp.buf.execute_command(r.command)
end
end
end
end
-- Define LSP Flags & Capabilities
local lsp_flags = { debounce_text_changes = 150 }
local capabilities = require("cmp_nvim_lsp").default_capabilities()
-- Python LSP Configuration
nvim_lsp.pyright.setup({
on_attach = on_attach,
flags = lsp_flags,
capabilities = capabilities,
})
-- HTML LSP Configuration
nvim_lsp.html.setup({
on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.vscls .. "/bin/vscode-html-language-server", "--stdio" },
})
-- JSON LSP Configuration
nvim_lsp.jsonls.setup({
on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.vscls .. "/bin/vscode-html-language-server", "--stdio" },
})
-- CSS LSP Configuration
nvim_lsp.cssls.setup({
on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.vscls .. "/bin/vscode-html-language-server", "--stdio" },
})
-- Typescript / Javascript LSP Configuration
nvim_lsp.ts_ls.setup({
on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.tsls, "--stdio" },
})
-- Svelte LSP Configuration
nvim_lsp.svelte.setup({
on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.sveltels, "--stdio" },
})
-- Lua LSP Configuration
nvim_lsp.lua_ls.setup({
on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.luals },
})
-- Templ LSP Configuration
nvim_lsp.templ.setup({
on_attach = on_attach,
flags = lsp_flags,
capabilities = capabilities,
})
-- Nix LSP Configuration
nvim_lsp.nil_ls.setup({
on_attach = on_attach,
flags = lsp_flags,
capabilities = capabilities,
})
-- Go LSP Configuration
nvim_lsp.gopls.setup({
on_attach = function(client, bufnr)
on_attach(client, bufnr)
vim.api.nvim_create_autocmd("BufWritePre", {
group = augroup,
buffer = bufnr,
callback = organize_go_imports,
})
end,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.gopls },
settings = {
gopls = {
buildFlags = { "-tags=e2e" },
},
},
})
-- Go LSP Linting
nvim_lsp.golangci_lint_ls.setup({
on_attach = on_attach_no_formatting,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.golintls },
init_options = {
command = {
"golangci-lint",
"run",
"--out-format",
"json",
"--issues-exit-code=1",
},
},
})
------------------------------------------------------
--------------------- Null-LS LSP --------------------
------------------------------------------------------
local null_ls = require("null-ls")
local eslintFiles = {
".eslintrc",
".eslintrc.js",
".eslintrc.cjs",
".eslintrc.yaml",
".eslintrc.yml",
".eslintrc.json",
"eslint.config.js",
"eslint.config.mjs",
"eslint.config.cjs",
"eslint.config.ts",
"eslint.config.mts",
"eslint.config.cts",
}
has_eslint_in_parents = function(fname)
root_file = nvim_lsp.util.insert_package_json(eslintFiles, "eslintConfig", fname)
return nvim_lsp.util.root_pattern(unpack(root_file))(fname)
end
null_ls.setup({
sources = {
-- Prettier Formatting
null_ls.builtins.formatting.prettier,
null_ls.builtins.formatting.prettier.with({ filetypes = { "template" } }),
require("none-ls.diagnostics.eslint_d").with({
condition = function(utils)
return has_eslint_in_parents(vim.fn.getcwd())
end,
}),
null_ls.builtins.completion.spell,
null_ls.builtins.formatting.nixpkgs_fmt,
null_ls.builtins.formatting.stylua,
null_ls.builtins.diagnostics.sqlfluff,
null_ls.builtins.formatting.sqlfluff,
},
on_attach = function(client, bufnr)
if client.supports_method("textDocument/formatting") then
vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
vim.api.nvim_create_autocmd("BufWritePre", {
group = augroup,
buffer = bufnr,
callback = function()
vim.lsp.buf.format({ async = false, timeout_ms = 2000 })
end,
})
end
end,
})

2
home-manager/nvim/config/lua/lsp-lines-config.lua Normal file
View File

@@ -0,0 +1,2 @@
require("lsp_lines").setup()
vim.diagnostic.config({virtual_text = false})

49
home-manager/nvim/config/lua/lualine-config.lua Normal file
View File

@@ -0,0 +1,49 @@
-- Cached variable
local cached_pr_status = ""
-- Read process output
local function read_output(err, data)
if err then return end
if not data then return end
cached_pr_status = data
end
-- Spawn process
local function execute_command()
local stdout = vim.loop.new_pipe(false)
local spawn_opts = {
detached = true,
stdio = {nil, stdout, nil},
args = {"-c", "gh pr checks | awk -F'\t' '{ print $2 }'"}
}
vim.loop.spawn("bash", spawn_opts,
function() stdout:read_start(read_output) end)
end
-- Spawn & schedule process
execute_command()
vim.fn.timer_start(300000, execute_command)
-- Return status from cache
function pr_status()
--   
--    
--
-- PENDING COLOR - #d29922
-- PASS COLOR - #3fb950
-- FAIL COLOR - #f85149
return cached_pr_status:gsub("\n", ""):gsub("fail", ""):gsub("pass",
"")
:gsub("pending", ""):gsub("skipping", ""):sub(1, -2)
end
require('lualine').setup({
options = {
theme = "gruvbox_dark"
-- theme = "nord"
-- theme = "OceanicNext",
},
sections = {lualine_c = {{pr_status}}}
})

2
home-manager/nvim/config/lua/neotree-config.lua Normal file
View File

@@ -0,0 +1,2 @@
require("neo-tree").setup({ window = { mappings = { ["<space>"] = "none" } } })
vim.keymap.set("n", "<leader>t", ":Neotree toggle<CR>", { silent = true })

26
home-manager/nvim/config/lua/noice-config.lua Normal file
View File

@@ -0,0 +1,26 @@
-- Noice Doc Scrolling
vim.keymap.set("n", "<c-f>", function()
if not require("noice.lsp").scroll(4) then return "<c-f>" end
end, {silent = true, expr = true})
vim.keymap.set("n", "<c-b>", function()
if not require("noice.lsp").scroll(-4) then return "<c-b>" end
end, {silent = true, expr = true})
-- Noice Setup
require("noice").setup({
lsp = {
override = {
["vim.lsp.util.convert_input_to_markdown_lines"] = true,
["vim.lsp.util.stylize_markdown"] = true,
["cmp.entry.get_documentation"] = false
},
signature = {enabled = false}
},
presets = {
command_palette = true, -- position the cmdline and popupmenu together
long_message_to_split = true, -- long messages will be sent to a split
inc_rename = false, -- enables an input dialog for inc-rename.nvim
lsp_doc_border = false -- add a border to hover docs and signature help
}
})

0
modules/home/programs/terminal/nvim/config/lua/numb-config.lua → home-manager/nvim/config/lua/numb-config.lua Executable file → Normal file
View File

10
home-manager/nvim/config/lua/silicon-config.lua Normal file
View File

@@ -0,0 +1,10 @@
local silicon = require('silicon')
silicon.setup({})
vim.keymap.set('v', '<Leader>ss', function() silicon.visualise_api({}) end)
vim.keymap.set('v', '<Leader>sb',
function() silicon.visualise_api({show_buf = true}) end)
vim.keymap.set('n', '<Leader>sv',
function() silicon.visualise_api({visible = true}) end)
vim.keymap.set('n', '<Leader>sb',
function() silicon.visualise_api({show_buf = true}) end)

20
home-manager/nvim/config/lua/telescope-config.lua Normal file
View File

@@ -0,0 +1,20 @@
require('telescope').setup {
extensions = {
fzf = {
fuzzy = true,
override_generic_sorter = true,
override_file_sorter = true,
case_mode = "smart_case"
}
}
}
require('telescope').load_extension('fzf')
require("telescope").load_extension("ui-select")
local builtin = require('telescope.builtin')
vim.keymap.set('n', '<leader>ff', builtin.find_files, {})
vim.keymap.set('n', '<leader>fg', builtin.live_grep, {})
vim.keymap.set('n', '<leader>fb', builtin.buffers, {})
vim.keymap.set('n', '<leader>fh', builtin.help_tags, {})
vim.keymap.set('n', '<leader>fj', builtin.jumplist, {})

20
home-manager/nvim/config/lua/toggleterm-config.lua Normal file
View File

@@ -0,0 +1,20 @@
require("toggleterm").setup({open_mapping = [[<c-\>]]})
-- Get PR status on terminal load
-- require("toggleterm").setup({
-- open_mapping = [[<c-\>]],
-- on_create = function(term)
-- vim.cmd("startinsert")
-- term:send("gh pr checks")
-- end
-- })
-- Duplicate C-w & Esc Behavior
function _G.set_terminal_keymaps()
local opts = {buffer = 0}
vim.opt.signcolumn = "no"
vim.keymap.set('t', '<esc>', [[<C-\><C-n>]], opts)
vim.keymap.set('t', '<C-w>', [[<C-\><C-n><C-w>]], opts)
end
vim.cmd('autocmd! TermOpen term://* lua set_terminal_keymaps()')

3
home-manager/nvim/config/lua/ts-config.lua Normal file
View File

@@ -0,0 +1,3 @@
require'nvim-treesitter.configs'.setup {
highlight = {enable = true, additional_vim_regex_highlighting = false}
}

47
home-manager/nvim/config/lua/which-key-config.lua Normal file
View File

@@ -0,0 +1,47 @@
local wk = require("which-key")
wk.setup({})
wk.add({
{ "<C-k>", desc = "Signature Help" },
{ "<leader>a", desc = "Aerial" },
{ "<leader>d", group = "Debug" },
{ "<leader>db", desc = "Toggle Breakpoint" },
{ "<leader>dc", desc = "Continue" },
{ "<leader>dt", desc = "Run Test" },
{ "<leader>du", desc = "Toggle UI" },
{ "<leader>f", group = "Find - Telescope" },
{ "<leader>fb", "<cmd>Telescope buffers<cr>", desc = "Find Buffer" },
{ "<leader>ff", "<cmd>Telescope find_files<cr>", desc = "Find File" },
{ "<leader>fg", "<cmd>Telescope live_grep<cr>", desc = "Live Grep" },
{ "<leader>fh", "<cmd>Telescope help_tags<cr>", desc = "Help Tags" },
{ "<leader>fj", "<cmd>Telescope jumplist<cr>", desc = "Jump List" },
{ "<leader>g", group = "DiffView" },
{ "<leader>gB", desc = "Git Blame Full" },
{ "<leader>gH", "<cmd>DiffviewFileHistory --range=origin..HEAD<cr>", desc = "Diff History - Main" },
{ "<leader>gO", "<cmd>DiffviewOpen origin/main...HEAD<cr>", desc = "Open Diff - Main" },
{ "<leader>gb", desc = "Git Blame Line" },
{ "<leader>gc", "<cmd>DiffviewClose<cr>", desc = "Close Diff" },
{ "<leader>gh", "<cmd>DiffviewFileHistory<cr>", desc = "Diff History" },
{ "<leader>go", "<cmd>DiffviewOpen<cr>", desc = "Open Diff - Current" },
{ "<leader>l", group = "LSP" },
{ "<leader>lD", desc = "Declaration" },
{ "<leader>ld", desc = "Definition" },
{ "<leader>lf", desc = "Format" },
{ "<leader>li", desc = "Implementation" },
{ "<leader>ln", desc = "Rename" },
{ "<leader>lr", desc = "References" },
{ "<leader>lt", desc = "Type Definition" },
{ "<leader>q", group = "Diagnostics" },
{ "<leader>qN", desc = "Previous Diagnostic" },
{ "<leader>qe", desc = "Open Diagnostic Float" },
{ "<leader>qn", desc = "Next Diagnostic" },
{ "<leader>qq", desc = "Toggle Diagnostic List" },
{ "<leader>qt", desc = "Toggle Inline Diagnostics" },
{ "<leader>sv", desc = "Visual Screenshot" },
{ "<leader>t", desc = "NeoTree" },
{ "K", desc = "Definition Hover" },
{ "<leader>ss", desc = "Selected Screenshot", mode = "v" },
{ "<leader>s", group = "Screenshot", mode = { "n", "v" } },
{ "<leader>sb", desc = "Buffer Screenshot", mode = { "n", "v" } },
})

197
home-manager/nvim/default.nix Normal file
View File

@@ -0,0 +1,197 @@
{ pkgs, ... }:
let
unstable = import <nixpkgs-unstable> { };
in
{
programs.neovim = {
enable = true;
viAlias = true;
vimAlias = true;
withNodeJs = true;
withPython3 = true;
plugins = with pkgs.vimPlugins; [
# ------------------
# --- Completion ---
# ------------------
cmp-buffer # Buffer Word Completion
cmp-cmdline # Command Line Completion
cmp-nvim-lsp # Main LSP
cmp-path # Path Completion
cmp_luasnip # Snippets Completion
friendly-snippets # Snippets
lsp_lines-nvim # Inline Diagnostics
luasnip # Snippets
nvim-cmp # Completions
nvim-lspconfig # LSP Config
# -------------------
# ----- Helpers -----
# -------------------
aerial-nvim # Code Outline
comment-nvim # Code Comments
diffview-nvim # Diff View
gitsigns-nvim # Git Blame
leap-nvim # Quick Movement
markdown-preview-nvim # Markdown Preview
neo-tree-nvim # File Explorer
none-ls-nvim # Formatters
numb-nvim # Peek / Jump to Lines
nvim-autopairs # Automatically Close Pairs (),[],{}
telescope-fzf-native-nvim # Faster Telescope
telescope-nvim # Fuzzy Finder
telescope-ui-select-nvim # UI
toggleterm-nvim # Terminal Helper
vim-nix # Nix Helpers
which-key-nvim # Shortcut Helper
# ------------------
# --- Theme / UI ---
# ------------------
lualine-nvim # Bottom Line
noice-nvim # UI Tweaks
# nord-nvim # Theme
melange-nvim # Theme
nvim-notify # Noice Dependency
nvim-web-devicons # Dev Icons
# ------------------
# --- Treesitter ---
# ------------------
nvim-treesitter-context
nvim-treesitter.withAllGrammars
# -------------------
# ------- DAP -------
# -------------------
nvim-dap
nvim-dap-go
nvim-dap-ui
# --------------------
# -- NONE-LS EXTRAS --
# --------------------
(
pkgs.vimUtils.buildVimPlugin {
pname = "none-ls-extras.nvim";
version = "2024-06-11";
src = pkgs.fetchFromGitHub {
owner = "nvimtools";
repo = "none-ls-extras.nvim";
rev = "336e84b9e43c0effb735b08798ffac382920053b";
sha256 = "sha256-UtU4oWSRTKdEoMz3w8Pk95sROuo3LEwxSDAm169wxwk=";
};
meta.homepage = "https://github.com/nvimtools/none-ls-extras.nvim/";
}
)
# -------------------
# ----- Silicon -----
# -------------------
(
pkgs.vimUtils.buildVimPlugin {
pname = "silicon.lua";
version = "2022-12-03";
src = pkgs.fetchFromGitHub {
owner = "mhanberg";
repo = "silicon.lua";
rev = "5ca462bee0a39b058786bc7fbeb5d16ea49f3a23";
sha256 = "0vlp645d5mmii513v72jca931miyrhkvhwb9bfzhix1199zx7vi2";
};
meta.homepage = "https://github.com/mhanberg/silicon.lua/";
}
)
# -------------------
# ------- LLM -------
# -------------------
(
pkgs.vimUtils.buildVimPlugin {
pname = "llm.nvim";
version = "2024-05-25";
src = pkgs.fetchFromGitHub {
owner = "David-Kunz";
repo = "gen.nvim";
rev = "bd19cf584b5b82123de977b44105e855e61e5f39";
sha256 = "sha256-0AEB6im8Jz5foYzmL6KEGSAYo48g1bkFpjlCSWT6JeE=";
};
meta.homepage = "https://github.com/David-Kunz/gen.nvim/";
}
)
# -------------------
# ---- LLAMA.VIM ----
# -------------------
(
pkgs.vimUtils.buildVimPlugin {
pname = "llama.vim";
version = "2025-01-23";
src = pkgs.fetchFromGitHub {
owner = "ggml-org";
repo = "llama.vim";
rev = "143fe910b8d47a054ed464c38d8b7c17d5354468";
sha256 = "sha256-PW0HKzhSxcZiWzpDOuy98rl/X0o2nE7tMjZjwwh0qLE=";
};
meta.homepage = "https://github.com/ggml-org/llama.vim/";
}
)
];
extraPackages = with pkgs; [
# Telescope Dependencies
fd
ripgrep
tree-sitter
# LSP Dependencies
go
golangci-lint
golangci-lint-langserver
gopls
lua-language-server
nil
nodePackages.eslint
nodePackages.svelte-language-server
nodePackages.typescript
nodePackages.typescript-language-server
nodePackages.vscode-langservers-extracted
pyright
unstable.eslint_d
# Formatters
luaformatter
nixpkgs-fmt
nodePackages.prettier
sqlfluff
stylua
# Silicon
silicon
];
extraConfig = ":luafile ~/.config/nvim/lua/init.lua";
};
xdg.configFile = {
# Copy Configuration
nvim = {
source = ./config;
recursive = true;
};
# Generate Nix Vars
"nvim/lua/nix-vars.lua".text = ''
local nix_vars = {
gopls = "${pkgs.gopls}/bin/gopls",
luals = "${pkgs.lua-language-server}/bin/lua-language-server",
sveltels = "${pkgs.nodePackages.svelte-language-server}/bin/svelteserver",
tsls = "${pkgs.nodePackages.typescript-language-server}/bin/typescript-language-server",
golintls = "${pkgs.golangci-lint-langserver}/bin/golangci-lint-langserver",
vscls = "${pkgs.nodePackages.vscode-langservers-extracted}",
}
return nix_vars
'';
};
}

16
home-manager/powerline/default.nix Normal file
View File

@@ -0,0 +1,16 @@
{
programs.powerline-go = {
enable = true;
settings = {
git-mode = "compact";
theme = "gruvbox";
};
modules = [
"host"
"cwd"
"git"
"docker"
"venv"
];
};
}

10
home-manager/readline/default.nix Normal file
View File

@@ -0,0 +1,10 @@
{
programs.readline = {
enable = true;
extraConfig = ''
# Approximate VIM Dracula Colors
set vi-ins-mode-string \1\e[01;38;5;23;48;5;231m\2 I \1\e[38;5;231;48;5;238m\2\1\e[0m\2
set vi-cmd-mode-string \1\e[01;38;5;22;48;5;148m\2 C \1\e[38;5;148;48;5;238m\2\1\e[0m\2
'';
};
}

38
homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/default.nix
View File

@@ -1,38 +0,0 @@
{ lib
, config
, namespace
, ...
}:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "26.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
programs = {
graphical = {
ghostty = enabled;
ghidra = enabled;
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
opencode = enabled;
};
};
security = {
sops = enabled;
};
};
}

60
homes/aarch64-darwin/evanreichard@mac-va-mbp-work/default.nix
View File

@@ -1,60 +0,0 @@
{ pkgs
, lib
, config
, namespace
, ...
}:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "26.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
programs = {
graphical = {
ghostty = enabled;
};
terminal = {
bash = {
enable = true;
customProfile = builtins.readFile ./vm-init.sh;
customFastFetchLogo = ./prophet.txt;
};
aws = enabled;
btop = enabled;
claude-code = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
pi = enabled;
zk = enabled;
};
};
services = {
sketchybar = enabled;
open-proxy.server = enabled;
};
security = {
sops = enabled;
};
};
# Global Packages
programs.jq = enabled;
programs.pandoc = enabled;
home.packages = with pkgs; [
keycastr
reichard.slack-cli
_1password-cli
];
}

19
homes/aarch64-darwin/evanreichard@mac-va-mbp-work/prophet.txt
View File

@@ -1,19 +0,0 @@
                :+++++++=.        
                 =++++++++:       
                  -++++++++:      
                   -++++++++-     
                    :++++++++-    
          .-=======. :++++++++=   
         :********+   .++++++++=  
        -********=     .=+++++++=.
       -********-        =++++++++
      =********-          =++++++:
     =********:            -++++. 
    +********.              -+=.  
  .+*******+.                     
 .+*******+. :%#%%%%%%%%%%#%-     
:********=    +%%%%%%%%%%%%*      
********=      =%%%%%%%%%%+       
.+*****-        -%%%%%%%%=        
  +***-           ......          
   =*:                            

49
homes/aarch64-darwin/evanreichard@mac-va-mbp-work/vm-init.sh
View File

@@ -1,49 +0,0 @@
echo "
██████╗██████╗ ██████╗ ██╗ ██╗██████╗ ███████╗████████╗██████╗ ██╗██╗ ██╗███████╗
██╔════╝██╔══██╗██╔═══██╗██║ ██║██╔══██╗██╔════╝╚══██╔══╝██╔══██╗██║██║ ██╔╝██╔════╝
██║ ██████╔╝██║ ██║██║ █╗ ██║██║ ██║███████╗ ██║ ██████╔╝██║█████╔╝ █████╗
██║ ██╔══██╗██║ ██║██║███╗██║██║ ██║╚════██║ ██║ ██╔══██╗██║██╔═██╗ ██╔══╝
╚██████╗██║ ██║╚██████╔╝╚███╔███╔╝██████╔╝███████║ ██║ ██║ ██║██║██║ ██╗███████╗
╚═════╝╚═╝ ╚═╝ ╚═════╝ ╚══╝╚══╝ ╚═════╝ ╚══════╝ ╚═╝ ╚═╝ ╚═╝╚═╝╚═╝ ╚═╝╚══════╝
EVASION SYSTEM - Because IT can't handle Nix 
"
# Start VM
utmctl=/Applications/UTM.app/Contents/MacOS/utmctl
vm="lin-va-mbp-work-vm"
if ! "$utmctl" status "$vm" | grep -q "started"; then
echo " [*] CrowdStrike Evasion VM Starting..."
"$utmctl" start "$vm"
fi
# Wait for VM & Start Tunnel
if ! pgrep -f "ssh -N -D 1080 adios-cs" > /dev/null; then
echo " [*] VM Starting..."
until nc -z -w 2 192.168.64.3 22 &> /dev/null; do
sleep 2
done
echo " [✓] VM Started"
echo " [*] VM SOCKS Proxy Starting..."
ssh -N -D 1080 adios-cs &> /dev/null &
disown
echo " [✓] VM SOCKS Proxy Started"
else
echo " [✓] VM SOCKS Proxy Already Running"
fi
# Reverse tunnel so the VM's `open`/`xdg-open` reach open-proxy serve on this host.
if ! pgrep -f "ssh -N -R 7777:127.0.0.1:7777 adios-cs" > /dev/null; then
echo " [*] VM Open Proxy Starting..."
ssh -N -R 7777:127.0.0.1:7777 adios-cs &> /dev/null &
disown
echo " [✓] VM Open Proxy Started"
else
echo " [✓] VM Open Proxy Already Running"
fi
echo -e " [*] Connecting..."
# Connect to VM
mosh --ssh="ssh -q" adios-cs -- tmux new-session -A -s main

87
homes/aarch64-linux/evanreichard@lin-va-mbp-personal/default.nix
View File

@@ -1,87 +0,0 @@
{ pkgs
, lib
, config
, namespace
, osConfig
, ...
}:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "26.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
fusuma = enabled;
awww = enabled;
};
security = {
sops = enabled;
};
programs = {
graphical = {
wms.hyprland = {
enable = true;
mainMod = "ALT";
monitors = [ ",highres,auto,2" ]; # Alternatively - 1.68
};
ghostty = enabled;
ghidra = enabled;
gimp = enabled;
browsers.firefox = {
enable = true;
gpuAcceleration = true;
hardwareDecoding = true;
};
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
opencode = enabled;
pi = enabled;
};
};
};
home.packages = with pkgs; [
orca-slicer
reichard.tuxguitar
];
dconf = {
settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
cursor-theme = "catppuccin-macchiato-mauve-cursors";
cursor-size = 24;
};
};
};
home.pointerCursor = {
gtk.enable = true;
name = "catppuccin-macchiato-mauve-cursors";
package = pkgs.catppuccin-cursors.macchiatoMauve;
size = 24;
};
# Kubernetes Secrets
sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable {
rke2_kubeconfig = {
path = "${config.home.homeDirectory}/.kube/lin-va-kube";
};
};
}

46
homes/aarch64-linux/evanreichard@lin-va-mbp-work-vm/default.nix
View File

@@ -1,46 +0,0 @@
{ lib
, config
, namespace
, ...
}:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "26.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
open-proxy.client = enabled;
};
security = {
pass-keyring = enabled;
sops = enabled;
};
programs = {
terminal = {
bash = {
enable = true;
customFastFetchLogo = ./prophet.txt;
};
conduit = enabled;
btop = enabled;
claude-code = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
pi = enabled;
tmux = enabled;
};
};
};
}

19
homes/aarch64-linux/evanreichard@lin-va-mbp-work-vm/prophet.txt
View File

@@ -1,19 +0,0 @@
                :+++++++=.        
                 =++++++++:       
                  -++++++++:      
                   -++++++++-     
                    :++++++++-    
          .-=======. :++++++++=   
         :********+   .++++++++=  
        -********=     .=+++++++=.
       -********-        =++++++++
      =********-          =++++++:
     =********:            -++++. 
    +********.              -+=.  
  .+*******+.                     
 .+*******+. :%#%%%%%%%%%%#%-     
:********=    +%%%%%%%%%%%%*      
********=      =%%%%%%%%%%+       
.+*****-        -%%%%%%%%=        
  +***-           ......          
   =*:                            

29
homes/aarch64-raw-efi/evanreichard@lin-terminal-image/default.nix
View File

@@ -1,29 +0,0 @@
{ lib
, config
, namespace
, ...
}:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "26.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
programs = {
terminal = {
btop = enabled;
direnv = enabled;
nvim = enabled;
tmux = enabled;
};
};
};
programs.jq = enabled;
}

32
homes/x86_64-linux/evanreichard@lin-va-desktop/default.nix
View File

@@ -1,32 +0,0 @@
{ lib
, config
, namespace
, ...
}:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "26.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
};
programs = {
terminal = {
bash = enabled;
btop = enabled;
direnv = enabled;
tmux = enabled;
git = enabled;
};
};
};
}

49
homes/x86_64-linux/evanreichard@lin-va-terminal/default.nix
View File

@@ -1,49 +0,0 @@
{ lib
, config
, namespace
, osConfig
, ...
}:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "26.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
};
security = {
sops = enabled;
};
programs = {
terminal = {
bash = enabled;
btop = enabled;
conduit = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
opencode = enabled;
pi = enabled;
tmux = enabled;
};
};
};
# Kubernetes Secrets
sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable {
rke2_kubeconfig = {
path = "${config.home.homeDirectory}/.kube/lin-va-kube";
};
};
}

90
homes/x86_64-linux/evanreichard@lin-va-thinkpad/default.nix
View File

@@ -1,90 +0,0 @@
{ pkgs
, lib
, config
, namespace
, osConfig
, ...
}:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "26.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
fusuma = enabled;
awww = enabled;
poweralertd = enabled;
};
security = {
sops = enabled;
};
programs = {
graphical = {
wms.hyprland = {
enable = true;
menuMod = "ALT";
};
ghostty = enabled;
strawberry = enabled;
gimp = enabled;
wireshark = enabled;
ghidra = enabled;
remmina = enabled;
browsers.firefox = {
enable = true;
gpuAcceleration = true;
hardwareDecoding = true;
};
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
pi = enabled;
scripts.plan-disk-burns = enabled;
};
};
};
dconf = {
settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
cursor-theme = "catppuccin-macchiato-mauve-cursors";
cursor-size = 24;
};
};
};
home.packages = with pkgs; [
orca-slicer
blender
];
home.pointerCursor = {
gtk.enable = true;
name = "catppuccin-macchiato-mauve-cursors";
package = pkgs.catppuccin-cursors.macchiatoMauve;
size = 24;
};
# Kubernetes Secrets
sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable {
rke2_kubeconfig = {
path = "${config.home.homeDirectory}/.kube/lin-va-kube";
};
};
}

75
homes/x86_64-linux/evanreichard@lin-va-utility/default.nix
View File

@@ -1,75 +0,0 @@
{ pkgs
, lib
, config
, namespace
, osConfig
, ...
}:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "25.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
fusuma = enabled;
awww = enabled;
};
security = {
sops = enabled;
};
programs = {
graphical = {
wms.hyprland = enabled;
ghostty = enabled;
ghidra = enabled;
browsers.firefox = {
enable = true;
gpuAcceleration = true;
hardwareDecoding = true;
};
};
terminal = {
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
};
};
};
dconf = {
settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
cursor-theme = "catppuccin-macchiato-mauve-cursors";
cursor-size = 24;
};
};
};
home.pointerCursor = {
gtk.enable = true;
name = "catppuccin-macchiato-mauve-cursors";
package = pkgs.catppuccin-cursors.macchiatoMauve;
size = 24;
};
# Kubernetes Secrets
sops.secrets = lib.mkIf osConfig.${namespace}.security.sops.enable {
rke2_kubeconfig = {
path = "${config.home.homeDirectory}/.kube/lin-va-kube";
};
};
}

125
hosts/llama-server.nix Normal file
View File

@@ -0,0 +1,125 @@
{ config, pkgs, ... }:
let
cuda-llama = (pkgs.llama-cpp.override {
cudaSupport = true;
}).overrideAttrs (oldAttrs: {
cmakeFlags = oldAttrs.cmakeFlags ++ [
"-DGGML_CUDA_ENABLE_UNIFIED_MEMORY=ON"
# Disable CPU Instructions - Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
"-DLLAMA_FMA=OFF"
"-DLLAMA_AVX2=OFF"
"-DLLAMA_AVX512=OFF"
"-DGGML_FMA=OFF"
"-DGGML_AVX2=OFF"
"-DGGML_AVX512=OFF"
];
});
# Define Model Vars
modelDir = "/models";
modelName = "qwen2.5-coder-7b-q8_0.gguf";
modelPath = "${modelDir}/${modelName}";
modelUrl = "https://huggingface.co/ggml-org/Qwen2.5-Coder-7B-Q8_0-GGUF/resolve/main/${modelName}?download=true";
in
{
# Allow Nvidia & CUDA
nixpkgs.config.allowUnfree = true;
# Enable Graphics
hardware.graphics = {
enable = true;
enable32Bit = true;
extraPackages = [ pkgs.cudatoolkit ];
};
# Load Nvidia Driver Module
services.xserver.videoDrivers = [ "nvidia" ];
# Nvidia Package Configuration
hardware.nvidia = {
package = config.boot.kernelPackages.nvidiaPackages.stable;
modesetting.enable = true;
powerManagement.enable = true;
open = false;
nvidiaSettings = true;
};
# Network Configuration
networking.networkmanager.enable = true;
# Download Model
systemd.services.download-model = {
description = "Download Model";
wantedBy = [ "multi-user.target" ];
before = [ "llama-cpp.service" ];
path = [ pkgs.curl pkgs.coreutils ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "root";
Group = "root";
};
script = ''
set -euo pipefail
if [ ! -f "${modelPath}" ]; then
mkdir -p "${modelDir}"
# Add -f flag to follow redirects and -L for location
# Add --fail flag to exit with error on HTTP errors
# Add -C - to resume interrupted downloads
curl -f -L -C - \
-H "Accept: application/octet-stream" \
--retry 3 \
--retry-delay 5 \
--max-time 1800 \
"${modelUrl}" \
-o "${modelPath}.tmp" && \
mv "${modelPath}.tmp" "${modelPath}"
fi
'';
};
# Setup LLama API Service
systemd.services.llama-cpp = {
after = [ "download-model.service" ];
requires = [ "download-model.service" ];
};
# Enable LLama API
services.llama-cpp = {
enable = true;
host = "0.0.0.0";
package = cuda-llama;
model = modelPath;
port = 8080;
openFirewall = true;
extraFlags = [
"-ngl"
"99"
"-fa"
"-ub"
"512"
"-b"
"512"
"-dt"
"0.1"
"--ctx-size"
"4096"
"--cache-reuse"
"256"
];
};
# System Packages
environment.systemPackages = with pkgs; [
htop
nvtop
tmux
vim
wget
];
}

182
hosts/rke2.nix Normal file
View File

@@ -0,0 +1,182 @@
{ config, pkgs, lib, ... }:
{
# Node Nix Config
options = {
dataDiskID = lib.mkOption {
type = lib.types.str;
description = "The device ID for the data disk";
};
serverAddr = lib.mkOption {
type = lib.types.str;
description = "The server to join";
};
networkConfig = lib.mkOption {
type = lib.types.submodule {
options = {
interface = lib.mkOption {
type = lib.types.str;
description = "Network interface name";
example = "enp0s3";
};
address = lib.mkOption {
type = lib.types.str;
description = "Static IP address";
example = "10.0.20.200";
};
defaultGateway = lib.mkOption {
type = lib.types.str;
description = "Default gateway IP";
example = "10.0.20.254";
};
nameservers = lib.mkOption {
type = lib.types.listOf lib.types.str;
description = "List of DNS servers";
example = [ "10.0.20.254" "8.8.8.8" ];
default = [ "8.8.8.8" "8.8.4.4" ];
};
};
};
description = "Network configuration";
};
};
# ----------------------------------------
# ---------- Base Configuration ----------
# ----------------------------------------
# System Configuration
system.stateVersion = "24.11";
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Boot Configuration
boot.kernelModules = [ "nvme_tcp" ]; # OpenEBS Mayastor Requirement
boot.kernel.sysctl = {
"vm.nr_hugepages" = 1024;
};
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot";
# Network Configuration
networking = {
hostName = config.hostName;
networkmanager.enable = false;
# Interface Configuration
inherit (config.networkConfig) defaultGateway nameservers;
interfaces.${config.networkConfig.interface}.ipv4.addresses = [{
inherit (config.networkConfig) address;
prefixLength = 24;
}];
firewall = {
enable = true;
allowedTCPPorts = [
# RKE2 Ports - https://docs.rke2.io/install/requirements#networking
6443 # Kubernetes API
9345 # RKE2 supervisor API
2379 # etcd Client Port
2380 # etcd Peer Port
2381 # etcd Metrics Port
10250 # kubelet metrics
9099 # Canal CNI health checks
# OpenEBS Mayastor - https://openebs.io/docs/user-guides/replicated-storage-user-guide/replicated-pv-mayastor/rs-installation#network-requirements
10124 # REST API
8420 # NVMf
4421 # NVMf
];
allowedUDPPorts = [
# RKE2 Ports - https://docs.rke2.io/install/requirements#networking
8472 # Canal CNI with VXLAN
# 51820 # Canal CNI with WireGuard IPv4 (if using encryption)
# 51821 # Canal CNI with WireGuard IPv6 (if using encryption)
];
};
};
# User Configuration
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA8P84lWL/p13ZBFNwITm/dLWWL8s9pVmdOImM5gaJAiTLY+DheUvG6YsveB2/5STseiJ34g7Na9TW1mtTLL8zDqPvj3NbprQiYlLJKMbCk6dtfdD4nLMHl8B48e1h699XiZDp2/c+jJb0MkLOFrps+FbPqt7pFt1Pj29tFy8BCg0LGndu6KO+HqYS+aM5tp5hZESo1RReiJ8aHsu5X7wW46brN4gfyyu+8X4etSZAB9raWqlln9NKK7G6as6X+uPypvSjYGSTC8TSePV1iTPwOxPk2+1xBsK7EBLg3jNrrYaiXLnZvBOOhm11JmHzqEJ6386FfQO+0r4iDVxmvi+ojw== rsa-key-20141114"
];
hashedPassword = null; # Disable Password Login
};
# System Packages
environment.systemPackages = with pkgs; [
htop
k9s
kubectl
kubernetes-helm
nfs-utils
vim
];
# Enable SSH Server
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false; # Disable Password Login
PermitRootLogin = "prohibit-password"; # Disable Password Login
};
};
# ----------------------------------------
# ---------- RKE2 Configuration ----------
# ----------------------------------------
# RKE2 Join Token
environment.etc."rancher/rke2/node-token" = lib.mkIf (config.serverAddr != "") {
source = ../rke2-token;
mode = "0600";
user = "root";
group = "root";
};
# Enable RKE2
services.rke2 = {
enable = true;
disable = [
# Disable - Utilizing Traefik
"rke2-ingress-nginx"
# Distable - Utilizing OpenEBS's Snapshot Controller
"rke2-snapshot-controller"
"rke2-snapshot-controller-crd"
"rke2-snapshot-validation-webhook"
];
# OpenEBS Scheduleable
nodeLabel = [
"openebs.io/engine=mayastor"
];
role = "server";
serverAddr = config.serverAddr;
tokenFile = lib.mkIf (config.serverAddr != "") "/etc/rancher/rke2/node-token";
};
# Bootstrap Kubernetes Manifests
system.activationScripts.k8s-manifests = {
deps = [ ];
text = ''
mkdir -p /var/lib/rancher/rke2/server/manifests
# Base Configs
cp ${../k8s/openebs.yaml} /var/lib/rancher/rke2/server/manifests/openebs-base.yaml
cp ${../k8s/kasten.yaml} /var/lib/rancher/rke2/server/manifests/kasten-base.yaml
# OpenEBS Disk Pool
cp ${pkgs.substituteAll {
src = ../k8s/openebs-disk-pool.yaml;
hostName = config.hostName;
dataDiskID = config.dataDiskID;
}} /var/lib/rancher/rke2/server/manifests/openebs-disk-pool-${config.hostName}.yaml
'';
};
}

51
k8s/kasten.yaml Normal file
View File

@@ -0,0 +1,51 @@
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: va-unraid-backup-rw
spec:
capacity:
storage: 100Ti
accessModes:
- ReadWriteMany
storageClassName: "va-unraid-backup-rw"
persistentVolumeReclaimPolicy: "Retain"
mountOptions:
- "vers=4.2,proto=tcp,port=2049"
nfs:
server: 10.0.20.180
path: "/mnt/user/KubernetesBackup"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: va-unraid-backup-rw
namespace: kasten
spec:
accessModes:
- ReadWriteMany
storageClassName: "va-unraid-backup-rw"
resources:
requests:
storage: 100Ti
---
apiVersion: v1
kind: Namespace
metadata:
labels:
name: kasten
name: kasten
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: k10
namespace: kube-system
spec:
repo: https://charts.kasten.io/
chart: k10
targetNamespace: kasten
valuesContent: |-
global:
persistence:
storageClass: mayastor-r3

9
k8s/openebs-disk-pool.yaml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: "openebs.io/v1beta2"
kind: DiskPool
metadata:
name: pool-on-@hostName@
namespace: openebs
spec:
node: @hostName@
disks: ["aio://@dataDiskID@"]

52
k8s/openebs.yaml Normal file
View File

@@ -0,0 +1,52 @@
---
apiVersion: v1
kind: Namespace
metadata:
labels:
name: openebs
name: openebs
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: openebs
namespace: kube-system
spec:
repo: https://openebs.github.io/openebs
chart: openebs
targetNamespace: openebs
valuesContent: |-
mayastor:
etcd:
replicaCount: 1
engines:
local:
lvm:
enabled: false
zfs:
enabled: false
replicated:
mayastor:
enabled: true
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: cstor-r1
allowVolumeExpansion: true
parameters:
protocol: nvmf
repl: "1"
provisioner: io.openebs.csi-mayastor
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: mayastor-r3
annotations:
storageclass.kubernetes.io/is-default-class: "true"
allowVolumeExpansion: true
parameters:
protocol: nvmf
repl: "3"
provisioner: io.openebs.csi-mayastor

43
lib/common-system.nix Normal file
View File

@@ -0,0 +1,43 @@
{ config, lib, ... }:
{
# Node Nix Config
options = {
hostName = lib.mkOption {
type = lib.types.str;
description = "The node hostname";
};
};
config = {
# Basic System
system.stateVersion = "24.11";
nix.settings.experimental-features = [ "nix-command" "flakes" ];
networking.hostName = config.hostName;
# Boot Loader Options
boot.loader = {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
};
# Enable SSH
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = "prohibit-password";
};
};
# User Authorized Keys
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA8P84lWL/p13ZBFNwITm/dLWWL8s9pVmdOImM5gaJAiTLY+DheUvG6YsveB2/5STseiJ34g7Na9TW1mtTLL8zDqPvj3NbprQiYlLJKMbCk6dtfdD4nLMHl8B48e1h699XiZDp2/c+jJb0MkLOFrps+FbPqt7pFt1Pj29tFy8BCg0LGndu6KO+HqYS+aM5tp5hZESo1RReiJ8aHsu5X7wW46brN4gfyyu+8X4etSZAB9raWqlln9NKK7G6as6X+uPypvSjYGSTC8TSePV1iTPwOxPk2+1xBsK7EBLg3jNrrYaiXLnZvBOOhm11JmHzqEJ6386FfQO+0r4iDVxmvi+ojw== rsa-key-20141114"
];
hashedPassword = null;
};
};
}

43
lib/disk-config.nix Normal file
View File

@@ -0,0 +1,43 @@
{ config, lib, ... }: {
options = {
mainDiskID = lib.mkOption {
type = lib.types.str;
description = "Device path for the main disk";
example = "/dev/disk/by-id/ata-VBOX_HARDDISK_VBcd9425b8-d666f9b8";
};
};
config = {
disko.devices = {
disk = {
main = {
type = "disk";
device = config.mainDiskID;
content = {
type = "gpt";
partitions = {
boot = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
};
}

19
lib/module/default.nix
View File

@@ -1,19 +0,0 @@
{ lib, ... }:
let
inherit (lib) mkOption types;
in
rec {
mkOpt =
type: default: description:
mkOption { inherit type default description; };
mkBoolOpt = mkOpt types.bool;
enabled = {
enable = true;
};
disabled = {
enable = false;
};
}

9
modules/darwin/default.nix
View File

@@ -1,9 +0,0 @@
{
config = {
nix.enable = false;
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
};
};
}

35
modules/darwin/security/sops/default.nix
View File

@@ -1,35 +0,0 @@
{ config
, lib
, namespace
, ...
}:
let
inherit (lib) mkIf mkEnableOption types;
inherit (lib.${namespace}) mkOpt;
getFile = lib.snowfall.fs.get-file;
user = config.users.users.${config.${namespace}.user.name};
cfg = config.${namespace}.security.sops;
in
{
options.${namespace}.security.sops = with types; {
enable = mkEnableOption "Enable sops";
defaultSopsFile = mkOpt str "secrets/systems/${config.system.name}.yaml" "Default sops file.";
sshKeyPaths = mkOpt (listOf path) [ ] "Additional SSH key paths to use.";
};
config = mkIf cfg.enable {
sops = {
defaultSopsFile = getFile cfg.defaultSopsFile;
age = {
keyFile = "${user.home}/.config/sops/age/keys.txt";
sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ] ++ cfg.sshKeyPaths;
};
};
sops.secrets.builder_ssh_key = {
sopsFile = getFile "secrets/common/systems.yaml";
};
};
}

20
modules/darwin/services/openssh/default.nix
View File

@@ -1,20 +0,0 @@
{ config, namespace, lib, ... }:
let
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.security.sops;
in
{
options.${namespace}.services.openssh = with lib.types; {
enable = lib.mkEnableOption "OpenSSH support";
authorizedKeys = mkOpt (listOf str) [ ] "The public keys to apply.";
extraConfig = mkOpt str "" "Extra configuration to apply.";
port = mkOpt port 2222 "The port to listen on (in addition to 22).";
};
config = lib.mkIf cfg.enable {
services.openssh = {
enable = true;
};
};
}

23
modules/darwin/user/default.nix
View File

@@ -1,23 +0,0 @@
{ config, lib, namespace, pkgs, ... }:
let
inherit (lib) types mkIf;
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.user;
in
{
options.${namespace}.user = with types; {
name = mkOpt str "evanreichard" "The name to use for the user account.";
email = mkOpt str "evan@reichard.io" "The email of the user.";
fullName = mkOpt str "Evan Reichard" "The full name of the user.";
uid = mkOpt (types.nullOr types.int) 501 "The uid for the user account.";
};
config = {
users.users.${cfg.name} = {
uid = mkIf (cfg.uid != null) cfg.uid;
shell = pkgs.bashInteractive;
home = "/Users/${cfg.name}";
};
};
}

14
modules/home/common/default.nix
View File

@@ -1,14 +0,0 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
jnv
jq
mosh
ncdu
reichard.codexis
ripgrep
sqlite-interactive
unzip
];
}

133
modules/home/programs/graphical/browsers/firefox/default.nix
View File

@@ -1,133 +0,0 @@
{ config
, lib
, pkgs
, namespace
, ...
}:
let
inherit (lib)
types
mkIf
mkMerge
optionalAttrs
;
inherit (lib.${namespace}) mkBoolOpt mkOpt;
cfg = config.${namespace}.programs.graphical.browsers.firefox;
in
{
imports = lib.snowfall.fs.get-non-default-nix-files ./.;
options.${namespace}.programs.graphical.browsers.firefox = with types; {
enable = lib.mkEnableOption "Firefox";
extraConfig = mkOpt str "" "Extra configuration for the user profile JS file.";
gpuAcceleration = mkBoolOpt false "Enable GPU acceleration.";
hardwareDecoding = mkBoolOpt false "Enable hardware video decoding.";
policies = mkOpt attrs
{
CaptivePortal = false;
DisableFirefoxStudies = true;
DisableFormHistory = true;
DisablePocket = true;
DisableTelemetry = true;
DisplayBookmarksToolbar = false;
DontCheckDefaultBrowser = true;
FirefoxHome = {
Pocket = false;
Snippets = false;
};
PasswordManagerEnabled = false;
UserMessaging = {
ExtensionRecommendations = false;
SkipOnboarding = true;
};
GenerativeAI = {
Chatbot = false;
LinkPreviews = false;
TabGroups = false;
Locked = false;
};
ExtensionSettings = {
# Block All
# "*".installation_mode = "blocked";
# Bypass Paywalls
"magnolia@12.34" = {
install_url = "https://gitflic.ru/project/magnolia1234/bpc_uploads/blob/raw?file=bypass_paywalls_clean-latest.xpi";
installation_mode = "force_installed";
};
};
Preferences = { };
} "Policies to apply to firefox";
settings = mkOpt attrs { } "Settings to apply to the profile.";
extensions.packages = mkOpt (with lib.types; listOf package)
(with pkgs.firefox-addons; [
bitwarden
pkgs.firefox-addons."ctrl-number-to-switch-tabs"
darkreader
gruvbox-dark-theme
kagi-search
sponsorblock
ublock-origin
]) "Extensions to install";
};
config = mkIf cfg.enable {
programs.firefox = {
enable = true;
configPath = ".mozilla/firefox";
inherit (cfg) policies;
profiles = {
${config.${namespace}.user.name} = {
inherit (cfg) extraConfig;
inherit (config.${namespace}.user) name;
extensions = {
packages = cfg.extensions.packages;
force = true;
};
id = 0;
settings = mkMerge [
cfg.settings
{
"browser.aboutConfig.showWarning" = false;
"extensions.autoDisableScopes" = 0;
"extensions.activeThemeID" = "{eb8c4a94-e603-49ef-8e81-73d3c4cc04ff}";
"browser.aboutwelcome.enabled" = false;
"browser.sessionstore.warnOnQuit" = true;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.shell.checkDefaultBrowser" = false;
"general.smoothScroll.msdPhysics.enabled" = true;
"intl.accept_languages" = "en-US,en";
"ui.key.accelKey" = 91;
# "devtools.chrome.enabled" = true;
# "xpinstall.signatures.required" = false;
}
(optionalAttrs cfg.gpuAcceleration {
"dom.webgpu.enabled" = true;
"gfx.webrender.all" = true;
"layers.gpu-process.enabled" = true;
"layers.mlgpu.enabled" = true;
})
(optionalAttrs cfg.hardwareDecoding {
"media.ffmpeg.vaapi.enabled" = true;
"media.gpu-process-decoder" = true;
"media.hardware-video-decoding.enabled" = true;
})
];
# userChrome = ./chrome/userChrome.css;
};
};
};
};
}

14
modules/home/programs/graphical/ghidra/default.nix
View File

@@ -1,14 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.ghidra;
in
{
options.${namespace}.programs.graphical.ghidra = {
enable = mkEnableOption "Enable Ghidra";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [ ghidra ];
};
}

23
modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-macchiato.conf
View File

@@ -1,23 +0,0 @@
# https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-macchiato.conf
palette = 0=#494d64
palette = 1=#ed8796
palette = 2=#a6da95
palette = 3=#eed49f
palette = 4=#8aadf4
palette = 5=#f5bde6
palette = 6=#8bd5ca
palette = 7=#b8c0e0
palette = 8=#5b6078
palette = 9=#ed8796
palette = 10=#a6da95
palette = 11=#eed49f
palette = 12=#8aadf4
palette = 13=#f5bde6
palette = 14=#8bd5ca
palette = 15=#a5adcb
background = 24273a
foreground = cad3f5
cursor-color = f4dbd6
cursor-text = 24273a
selection-background = 3a3e53
selection-foreground = cad3f5

23
modules/home/programs/graphical/ghostty/config/ghostty-catppuccin-mocha.conf
View File

@@ -1,23 +0,0 @@
# https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-mocha.conf
palette = 0=#45475a
palette = 1=#f38ba8
palette = 2=#a6e3a1
palette = 3=#f9e2af
palette = 4=#89b4fa
palette = 5=#f5c2e7
palette = 6=#94e2d5
palette = 7=#bac2de
palette = 8=#585b70
palette = 9=#f38ba8
palette = 10=#a6e3a1
palette = 11=#f9e2af
palette = 12=#89b4fa
palette = 13=#f5c2e7
palette = 14=#94e2d5
palette = 15=#a6adc8
background = 1e1e2e
foreground = cdd6f4
cursor-color = f5e0dc
cursor-text = 1e1e2e
selection-background = 353749
selection-foreground = cdd6f4

58
modules/home/programs/graphical/ghostty/config/ghostty.conf
View File

@@ -1,58 +0,0 @@
command = @BASH_PATH@ --login
macos-titlebar-style = tabs
auto-update = off
font-family = "MesloLGM Nerd Font Mono"
confirm-close-surface = true
# Keybindings - Tabs & Splits
keybind = cmd+t=new_tab
keybind = cmd+w=close_surface
keybind = cmd+d=new_split:right
keybind = cmd+shift+d=new_split:down
keybind = cmd+shift+enter=toggle_split_zoom
# Keybindings - Navigation - Splits
keybind = cmd+left=goto_split:left
keybind = cmd+right=goto_split:right
keybind = cmd+up=goto_split:up
keybind = cmd+down=goto_split:down
keybind = cmd+]=goto_split:next
keybind = cmd+[=goto_split:previous
# Keybindings - Navigation - Tabs
keybind = cmd+1=goto_tab:1
keybind = cmd+2=goto_tab:2
keybind = cmd+3=goto_tab:3
keybind = cmd+4=goto_tab:4
keybind = cmd+5=goto_tab:5
keybind = cmd+6=goto_tab:6
keybind = cmd+7=goto_tab:7
keybind = cmd+8=goto_tab:8
keybind = cmd+9=goto_tab:9
keybind = performable:cmd+c=copy_to_clipboard
keybind = performable:cmd+v=paste_from_clipboard
# https://github.com/catppuccin/ghostty/blob/main/themes/catppuccin-mocha.conf
palette = 0=#45475a
palette = 1=#f38ba8
palette = 2=#a6e3a1
palette = 3=#f9e2af
palette = 4=#89b4fa
palette = 5=#f5c2e7
palette = 6=#94e2d5
palette = 7=#bac2de
palette = 8=#585b70
palette = 9=#f38ba8
palette = 10=#a6e3a1
palette = 11=#f9e2af
palette = 12=#89b4fa
palette = 13=#f5c2e7
palette = 14=#94e2d5
palette = 15=#a6adc8
background = 1e1e2e
foreground = cdd6f4
cursor-color = f5e0dc
cursor-text = 1e1e2e
selection-background = 353749
selection-foreground = cdd6f4

30
modules/home/programs/graphical/ghostty/default.nix
View File

@@ -1,30 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (pkgs.stdenv) isLinux;
inherit (lib) mkIf mkEnableOption optionals;
cfg = config.${namespace}.programs.graphical.ghostty;
in
{
options.${namespace}.programs.graphical.ghostty = {
enable = mkEnableOption "Ghostty";
};
config = mkIf cfg.enable {
# Enable Bash
${namespace}.programs.terminal.bash.enable = true;
# Pending Darwin @ https://github.com/NixOS/nixpkgs/pull/369788
home.packages = with pkgs; optionals isLinux [
ghostty
];
home.file.".config/ghostty/config".text =
let
bashPath = "${pkgs.bashInteractive}/bin/bash";
in
builtins.replaceStrings
[ "@BASH_PATH@" ]
[ bashPath ]
(builtins.readFile ./config/ghostty.conf);
};
}

24
modules/home/programs/graphical/gimp/default.nix
View File

@@ -1,24 +0,0 @@
{ pkgs
, lib
, config
, namespace
, ...
}:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.gimp;
in
{
options.${namespace}.programs.graphical.gimp = {
enable = mkEnableOption "GIMP";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
darktable
gimp-with-plugins
gthumb
];
};
}

17
modules/home/programs/graphical/remmina/default.nix
View File

@@ -1,17 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.remmina;
in
{
options.${namespace}.programs.graphical.remmina = {
enable = mkEnableOption "Remmina";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
remmina
];
};
}

17
modules/home/programs/graphical/strawberry/default.nix
View File

@@ -1,17 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.strawberry;
in
{
options.${namespace}.programs.graphical.strawberry = {
enable = mkEnableOption "Enable Strawberry";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
strawberry
libgpod
];
};
}

17
modules/home/programs/graphical/wireshark/default.nix
View File

@@ -1,17 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.wireshark;
in
{
options.${namespace}.programs.graphical.wireshark = {
enable = mkEnableOption "Wireshark";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
wireshark
];
};
}

217
modules/home/programs/graphical/wms/hyprland/config/hyprland.lua
View File

@@ -1,217 +0,0 @@
-- Hyprland config (lua backend, Hyprland 0.55+).
-- `mainMod`, `menuMod`, and the monitor(s) are injected by Nix above this file.
-- See https://wiki.hypr.land/Configuring/Start/
local terminal = "ghostty"
local menu = "wofi --show drun"
-------------------
---- AUTOSTART ----
-------------------
hl.on("hyprland.start", function()
hl.exec_cmd("uwsm app -- waybar")
hl.exec_cmd("uwsm app -- " .. terminal)
hl.exec_cmd("uwsm app -- firefox")
end)
-----------------------
---- LOOK AND FEEL ----
-----------------------
hl.config({
general = {
gaps_in = 5,
gaps_out = 12,
border_size = 2,
col = {
active_border = { colors = { "rgba(33ccffee)", "rgba(00ff99ee)" }, angle = 45 },
inactive_border = "rgba(595959aa)",
},
resize_on_border = false,
allow_tearing = false,
layout = "dwindle",
},
decoration = {
rounding = 10,
active_opacity = 1.0,
inactive_opacity = 1.0,
shadow = {
enabled = true,
range = 4,
render_power = 3,
color = 0xee1a1a1a,
},
blur = {
enabled = true,
size = 3,
passes = 1,
vibrancy = 0.1696,
},
},
animations = {
enabled = true,
},
dwindle = {
preserve_split = true,
},
master = {
new_status = "master",
},
misc = {
force_default_wallpaper = -1,
disable_hyprland_logo = false,
},
})
----------------------
---- ANIMATIONS ------
----------------------
hl.curve("easeOutQuint", { type = "bezier", points = { { 0.23, 1 }, { 0.32, 1 } } })
hl.curve("easeInOutCubic", { type = "bezier", points = { { 0.65, 0.05 }, { 0.36, 1 } } })
hl.curve("linear", { type = "bezier", points = { { 0, 0 }, { 1, 1 } } })
hl.curve("almostLinear", { type = "bezier", points = { { 0.5, 0.5 }, { 0.75, 1 } } })
hl.curve("quick", { type = "bezier", points = { { 0.15, 0 }, { 0.1, 1 } } })
hl.animation({ leaf = "global", enabled = true, speed = 10, bezier = "default" })
hl.animation({ leaf = "border", enabled = true, speed = 5.39, bezier = "easeOutQuint" })
hl.animation({ leaf = "windows", enabled = true, speed = 4.79, bezier = "easeOutQuint" })
hl.animation({ leaf = "windowsIn", enabled = true, speed = 4.1, bezier = "easeOutQuint", style = "popin 87%" })
hl.animation({ leaf = "windowsOut", enabled = true, speed = 1.49, bezier = "linear", style = "popin 87%" })
hl.animation({ leaf = "fadeIn", enabled = true, speed = 1.73, bezier = "almostLinear" })
hl.animation({ leaf = "fadeOut", enabled = true, speed = 1.46, bezier = "almostLinear" })
hl.animation({ leaf = "fade", enabled = true, speed = 3.03, bezier = "quick" })
hl.animation({ leaf = "layers", enabled = true, speed = 3.81, bezier = "easeOutQuint" })
hl.animation({ leaf = "layersIn", enabled = true, speed = 4, bezier = "easeOutQuint", style = "fade" })
hl.animation({ leaf = "layersOut", enabled = true, speed = 1.5, bezier = "linear", style = "fade" })
hl.animation({ leaf = "fadeLayersIn", enabled = true, speed = 1.79, bezier = "almostLinear" })
hl.animation({ leaf = "fadeLayersOut", enabled = true, speed = 1.39, bezier = "almostLinear" })
hl.animation({ leaf = "workspaces", enabled = true, speed = 1.94, bezier = "almostLinear", style = "fade" })
hl.animation({ leaf = "workspacesIn", enabled = true, speed = 1.21, bezier = "almostLinear", style = "fade" })
hl.animation({ leaf = "workspacesOut", enabled = true, speed = 1.94, bezier = "almostLinear", style = "fade" })
---------------
---- INPUT ----
---------------
hl.config({
input = {
kb_layout = "us",
kb_variant = "",
kb_model = "",
kb_options = "",
kb_rules = "",
follow_mouse = 1,
sensitivity = 0.0,
touchpad = {
scroll_factor = 0.5,
disable_while_typing = true,
natural_scroll = true,
clickfinger_behavior = true,
tap_to_click = false,
},
},
})
-- 4-finger horizontal swipe to switch workspaces. The old `invert` modifier was
-- removed in the 0.51 gesture rework; flip the physical swipe direction if needed.
hl.gesture({ fingers = 4, direction = "horizontal", action = "workspace" })
-- Thinkpad Trackpoint
hl.device({ name = "tpps/2-elan-trackpoint", sensitivity = -0.3 })
---------------------
---- KEYBINDINGS ----
---------------------
-- Menu Mod Bindings (macOS Transition - Spotlight & Screenshots)
hl.bind(menuMod .. " + SPACE", hl.dsp.exec_cmd(menu))
hl.bind(menuMod .. " + SHIFT + 1", hl.dsp.exec_cmd("hyprshot -m output"))
hl.bind(menuMod .. " + SHIFT + 2", hl.dsp.exec_cmd("hyprshot -m window"))
hl.bind(menuMod .. " + SHIFT + 3", hl.dsp.exec_cmd("hyprshot -m region"))
hl.bind(menuMod .. " + Q", hl.dsp.window.close())
-- Primary Bindings
hl.bind(mainMod .. " + RETURN", hl.dsp.exec_cmd(terminal))
hl.bind(mainMod .. " + M", hl.dsp.exec_cmd("uwsm stop"))
hl.bind(mainMod .. " + V", hl.dsp.window.float({ action = "toggle" }))
hl.bind(mainMod .. " + P", hl.dsp.window.pin())
hl.bind(mainMod .. " + J", hl.dsp.layout("togglesplit"))
hl.bind(mainMod .. " + S", hl.dsp.workspace.toggle_special("magic"))
hl.bind(mainMod .. " + SHIFT + S", hl.dsp.window.move({ workspace = "special:magic" }))
-- Window Focus
hl.bind(mainMod .. " + left", hl.dsp.focus({ direction = "left" }))
hl.bind(mainMod .. " + right", hl.dsp.focus({ direction = "right" }))
hl.bind(mainMod .. " + up", hl.dsp.focus({ direction = "up" }))
hl.bind(mainMod .. " + down", hl.dsp.focus({ direction = "down" }))
-- Workspace switch + move active window to workspace (1-9, 0 -> 10)
for i = 1, 10 do
local key = i % 10
hl.bind(mainMod .. " + " .. key, hl.dsp.focus({ workspace = i }))
hl.bind(mainMod .. " + SHIFT + " .. key, hl.dsp.window.move({ workspace = i }))
end
hl.bind(mainMod .. " + SHIFT + right", hl.dsp.focus({ workspace = "+1" }))
hl.bind(mainMod .. " + SHIFT + left", hl.dsp.focus({ workspace = "-1" }))
-- Window move/resize with mouse
hl.bind(mainMod .. " + mouse:272", hl.dsp.window.drag(), { mouse = true })
hl.bind(mainMod .. " + mouse:273", hl.dsp.window.resize(), { mouse = true })
-- Multimedia & Brightness Keys
hl.bind("XF86AudioRaiseVolume", hl.dsp.exec_cmd("wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+"), { locked = true, repeating = true })
hl.bind("XF86AudioLowerVolume", hl.dsp.exec_cmd("wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-"), { locked = true, repeating = true })
hl.bind("XF86AudioMute", hl.dsp.exec_cmd("wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"), { locked = true, repeating = true })
hl.bind("XF86AudioMicMute", hl.dsp.exec_cmd("wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"), { locked = true, repeating = true })
hl.bind("XF86MonBrightnessUp", hl.dsp.exec_cmd("brightnessctl s 4%+"), { locked = true, repeating = true })
hl.bind("XF86MonBrightnessDown", hl.dsp.exec_cmd("brightnessctl s 5%-"), { locked = true, repeating = true })
-- macOS Keyboard Brightness
hl.bind(menuMod .. " + XF86MonBrightnessUp", hl.dsp.exec_cmd("brightnessctl -d kbd_backlight s 10%+"), { locked = true, repeating = true })
hl.bind(menuMod .. " + XF86MonBrightnessDown", hl.dsp.exec_cmd("brightnessctl -d kbd_backlight s 10%-"), { locked = true, repeating = true })
-- Player Controls
hl.bind("XF86AudioNext", hl.dsp.exec_cmd("playerctl next"), { locked = true })
hl.bind("XF86AudioPause", hl.dsp.exec_cmd("playerctl play-pause"), { locked = true })
hl.bind("XF86AudioPlay", hl.dsp.exec_cmd("playerctl play-pause"), { locked = true })
hl.bind("XF86AudioPrev", hl.dsp.exec_cmd("playerctl previous"), { locked = true })
--------------------------------
---- WINDOWS AND WORKSPACES ----
--------------------------------
hl.window_rule({
name = "suppress-maximize-events",
match = { class = ".*" },
suppress_event = "maximize",
})
hl.window_rule({
name = "fix-xwayland-drags",
match = {
class = "^$",
title = "^$",
xwayland = true,
float = true,
fullscreen = false,
pin = false,
},
no_focus = true,
})

146
modules/home/programs/graphical/wms/hyprland/config/waybar-style.css
View File

@@ -1,146 +0,0 @@
@define-color rosewater #f5e0dc;
@define-color flamingo #f2cdcd;
@define-color pink #f5c2e7;
@define-color mauve #cba6f7;
@define-color red #f38ba8;
@define-color maroon #eba0ac;
@define-color peach #fab387;
@define-color yellow #f9e2af;
@define-color green #a6e3a1;
@define-color teal #94e2d5;
@define-color sky #89dceb;
@define-color sapphire #74c7ec;
@define-color blue #89b4fa;
@define-color lavender #b4befe;
@define-color text #cdd6f4;
@define-color subtext1 #bac2de;
@define-color subtext0 #a6adc8;
@define-color overlay2 #9399b2;
@define-color overlay1 #7f849c;
@define-color overlay0 #6c7086;
@define-color surface2 #585b70;
@define-color surface1 #45475a;
@define-color surface0 #313244;
@define-color base #1e1e2e;
@define-color mantle #181825;
@define-color crust #11111b;
/* Common Styles */
* {
font-family: FantasqueSansMono Nerd Font;
font-size: 14px;
min-height: 0;
}
/* Primary Waybar */
#waybar {
background: transparent;
color: @text;
}
/* Icon Only Sizes */
#network,
#backlight,
#battery {
font-size: 18px;
}
/* Node Styles */
#workspaces,
#window,
#tray,
#cpu,
#memory,
#pulseaudio,
#network,
#backlight,
#battery,
#clock {
margin-top: 1rem;
padding: 0.2px 1rem;
background-color: @surface0;
}
#workspaces button {
color: @lavender;
border-radius: 1rem;
}
#workspaces button.active {
color: @sky;
background-color: @surface2;
}
#workspaces button:hover {
color: @sapphire;
}
#window {
background: transparent;
margin-left: 0.5rem;
margin-right: 8rem; /* Notch */
}
#memory {
color: @blue;
}
#pulseaudio {
color: @maroon;
}
#network {
color: @mauve;
}
#cpu {
color: @peach;
}
#backlight {
color: @yellow;
}
#battery {
color: @green;
}
#battery.charging {
color: @green;
}
#battery.warning:not(.charging) {
color: @red;
}
/* Left Border Radius */
#clock,
#network,
#cpu,
#tray,
#workspaces {
margin-left: 0.5rem;
border-top-left-radius: 1rem;
border-bottom-left-radius: 1rem;
}
/* Right Border Radius */
#pulseaudio,
#clock,
#tray,
#battery,
#workspaces {
margin-right: 0.5rem;
border-top-right-radius: 1rem;
border-bottom-right-radius: 1rem;
}
#workspaces {
padding: 0px;
margin-left: 1rem;
}
#clock {
color: @blue;
margin-right: 1rem;
}

127
modules/home/programs/graphical/wms/hyprland/config/wofi-style.css
View File

@@ -1,127 +0,0 @@
window {
font-family: "Hack Nerd Font";
background: transparent;
}
#outer-box {
padding: 10px;
border-radius: 8px;
background: #2e3440;
}
#scroll {
/* The Nordic gtk theme adds an outline to show scroll areas... */
outline-color: transparent;
}
#input {
color: #e5e9f0;
caret-color: #e5e9f0;
background: #3b4252;
border-top-color: #3b4252;
border-left-color: #3b4252;
border-right-color: #3b4252;
border-bottom-color: #3b4252;
box-shadow: 0 0 0 1px transparent inset;
outline-color: transparent !important;
}
#input:focus {
background: #3b4252;
border-color: #3b4252 !important;
box-shadow: 0 0 0 1px transparent inset;
border-top-color: #3b4252 !important;
border-left-color: #3b4252 !important;
border-right-color: #3b4252 !important;
border-bottom-color: #3b4252 !important;
box-shadow: none !important;
outline-color: transparent !important;
}
#input image.left {
color: #d8dee9;
}
#input:focus image.left {
color: #e5e9f0;
}
#input image.right {
color: #d8dee9;
}
#input:focus image.right {
color: #e5e9f0;
}
label {
/* We set backgrounds on the block level. */
background: transparent;
}
#scroll {
padding-top: 6px;
}
#entry {
color: #4c566a;
padding: 8px 8px;
border-radius: 4px;
background: transparent;
}
#entry:selected {
color: #eceff4;
background: #8fbcbb;
font-weight: bold;
}
expander arrow {
margin-right: 8px;
}
#entry #selected #text {
color: #eceff4;
}
expander list {
margin-top: 8px;
/* background: #8fbcbb; */
background: transparent;
padding-left: 16px;
}
expander list #entry {
transition: none;
background: transparent;
}
expander list #entry:hover,
expander list #entry:active {
/* color: #8fbcbb;
background: #e5e9f0; */
}
expander list #entry #selected {
background: #8fbcbb;
}
expander list #entry #selected label {
color: #eceff4;
font-weight: bold;
}
expander list #entry:hover,
expander list #entry:active {
background: #8fbcbb;
}
expander list #entry:hover label,
expander list #entry:active label {
color: #eceff4;
font-weight: bold;
}
expander list label {
color: #d8dee9;
}

3
modules/home/programs/graphical/wms/hyprland/config/wofi.conf
View File

@@ -1,3 +0,0 @@
stylesheet=./style.css
term=foot
insensitive=true

225
modules/home/programs/graphical/wms/hyprland/default.nix
View File

@@ -1,225 +0,0 @@
{
lib,
pkgs,
config,
namespace,
...
}:
let
inherit (lib) types mkIf;
inherit (lib.${namespace}) mkOpt enabled;
cfg = config.${namespace}.programs.graphical.wms.hyprland;
in
{
options.${namespace}.programs.graphical.wms.hyprland = {
enable = lib.mkEnableOption "Hyprland";
mainMod = mkOpt types.str "SUPER" "main modifier key";
menuMod = mkOpt types.str "SUPER" "menu modifier key (i.e. menuMod + space)";
monitors = mkOpt (with types; listOf str) [ ", preferred, auto, 1" ] "monitor configuration";
};
config = mkIf cfg.enable {
services.swaync = enabled;
wayland.windowManager.hyprland = {
enable = true;
# Lua Backend - Hyprland 0.55 deprecated hyprlang and home-manager 26.05 defaults configType to "lua".
configType = "lua";
extraConfig =
let
# Quote unless the value is numeric, so scale can be `2` or `"auto"`.
luaScalar = v: if builtins.match "[0-9]+(\\.[0-9]+)?" v != null then v else ''"${v}"'';
mkMonitor =
s:
let
parts = map lib.trim (lib.splitString "," s);
field = i: if builtins.length parts > i then builtins.elemAt parts i else "";
in
''hl.monitor({ output = "${field 0}", mode = "${field 1}", position = "${field 2}", scale = ${luaScalar (field 3)} })'';
in
''
local mainMod = "${cfg.mainMod}"
local menuMod = "${cfg.menuMod}"
${lib.concatMapStringsSep "\n" mkMonitor cfg.monitors}
''
+ builtins.readFile ./config/hyprland.lua;
};
programs.waybar = {
enable = true;
style = builtins.readFile ./config/waybar-style.css;
settings = [
{
layer = "top";
position = "top";
mode = "dock";
exclusive = true;
passthrough = false;
gtk-layer-shell = true;
height = 0;
modules-left = [
"hyprland/workspaces"
"hyprland/window"
];
# modules-center = [ "hyprland/window" ];
modules-right = [
"tray"
"cpu"
"memory"
"pulseaudio"
"network"
"backlight"
"battery"
"clock"
];
"hyprland/window" = {
format = "{}";
};
"wlr/workspaces" = {
on-scroll-up = "hyprctl dispatch workspace e+1";
on-scroll-down = "hyprctl dispatch workspace e-1";
all-outputs = true;
on-click = "activate";
};
battery = {
states = {
warning = 30;
critical = 15;
};
format = "{icon}";
format-charging = "󰂄";
format-plugged = "󰂄";
format-alt = "{icon}";
format-icons = [
"󰂃"
"󰁺"
"󰁻"
"󰁼"
"󰁽"
"󰁾"
"󰁾"
"󰁿"
"󰂀"
"󰂁"
"󰂂"
"󰁹"
];
};
cpu = {
interval = 10;
format = " {}%";
max-length = 10;
on-click = "";
};
memory = {
interval = 30;
format = " {}%";
format-alt = " {used:0.1f}G";
max-length = 10;
};
backlight = {
format = "{icon}";
format-icons = [
"󰋙"
"󰫃"
"󰫄"
"󰫅"
"󰫆"
"󰫇"
"󰫈"
];
on-scroll-up = "brightnessctl s 1%-";
on-scroll-down = "brightnessctl s +1%";
};
tray = {
icon-size = 13;
tooltip = false;
spacing = 10;
};
network = {
interval = 1;
format-wifi = "󰖩";
format-ethernet = "󰈀";
format-linked = "󰈁";
format-disconnected = "";
on-click-right = "${pkgs.networkmanagerapplet}/bin/nm-connection-editor";
# tooltip-format = ''
# <big>Network Details</big>
# <tt><small>Interface: {ifname}</small></tt>
# <tt><small>IP: {ipaddr}/{cidr}</small></tt>
# <tt><small>Gateway: {gwaddr}</small></tt>
# <tt><small>󰜷 {bandwidthUpBytes}\n󰜮 {bandwidthDownBytes}</small></tt>'';
tooltip-format = ''
<big>Network Details</big>
<small>
Interface: {ifname}
SSID: {essid}
IP Address: {ipaddr}/{cidr}
Gateway: {gwaddr}
󰜷 {bandwidthUpBytes} / 󰜮 {bandwidthDownBytes}
</small>'';
};
clock = {
format = " {:%Y-%m-%d %H:%M:%S}";
interval = 1;
tooltip-format = ''
<big>{:%Y %B}</big>
<tt><small>{calendar}</small></tt>'';
};
pulseaudio = {
format = "{icon} {volume}%";
tooltip = false;
format-muted = " Muted";
on-click = "pamixer -t";
on-scroll-up = "pamixer -i 5";
on-scroll-down = "pamixer -d 5";
scroll-step = 5;
format-icons = {
headphone = "";
hands-free = "";
headset = "";
phone = "";
portable = "";
car = "";
default = [
""
""
""
];
};
};
"pulseaudio#microphone" = {
format = "{format_source}";
tooltip = false;
format-source = " {volume}%";
format-source-muted = " Muted";
on-click = "pamixer --default-source -t";
on-scroll-up = "pamixer --default-source -i 5";
on-scroll-down = "pamixer --default-source -d 5";
scroll-step = 5;
};
}
];
};
home.packages = with pkgs; [
brightnessctl
hyprshot
wofi
wofi-emoji
];
xdg.configFile = {
"wofi/config".source = ./config/wofi.conf;
"wofi/style.css".source = ./config/wofi-style.css;
"uwsp/env".text = ''
export XCURSOR_SIZE=64
'';
};
};
}

19
modules/home/programs/terminal/aws/default.nix
View File

@@ -1,19 +0,0 @@
{ lib, pkgs, config, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.programs.terminal.aws;
in
{
options.${namespace}.programs.terminal.aws = {
enable = lib.mkEnableOption "AWS";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
aws-sso-util
awscli2
cw
ssm-session-manager-plugin
];
};
}

2
modules/home/programs/terminal/bash/config/.sqliterc
View File

@@ -1,2 +0,0 @@
.headers on
.mode column

99
modules/home/programs/terminal/bash/config/fastfetch.nix
View File

@@ -1,99 +0,0 @@
{ cfg }:
builtins.toJSON (
{
modules = [
{
type = "separator";
string = "";
length = 35;
}
{
type = "title";
format = "Hardware Information";
}
{
type = "cpu";
key = " ";
}
{
type = "memory";
key = " ";
}
{
type = "display";
key = "󰍹 ";
}
{ type = "separator"; }
{
type = "title";
format = "Software Information";
}
{
type = "os";
key = " ";
}
{
type = "kernel";
key = " ";
}
{
type = "terminal";
key = " ";
}
{
type = "packages";
key = "󰏖 ";
}
{
type = "terminalfont";
key = " ";
}
{ type = "separator"; }
{
type = "title";
format = "Network Information";
}
{
type = "publicip";
key = " ";
}
{
type = "localip";
key = " ";
}
{ type = "separator"; }
{
type = "custom";
format = " {#white} {#red} {#green} {#yellow} {#blue} {#magenta} {#cyan} {#white}\n";
}
];
display = {
separator = " ";
key.width = 7;
color = {
keys = "yellow";
title = "blue";
};
};
settings = {
kernelFormat = "minimal";
memoryUnit = "gib";
temperatureUnit = "celsius";
publicIpTimeout = 2000;
publicIpHost = "http://ident.me";
diskUnit = "gib";
showDisks = [ "/" ];
};
}
// (
if cfg.customFastFetchLogo != null then
{
logo = {
source = cfg.customFastFetchLogo;
type = "file";
};
}
else
{ }
)
)

75
modules/home/programs/terminal/bash/config/hey-intern.sh
View File

@@ -1,75 +0,0 @@
#!/usr/bin/env bash
MODEL="qwen3.6-27b-vllm-180k-cuda0"
SYSTEM_PROMPT="You are a shell command expert. Given a natural language query, generate a single shell command that accomplishes the task."
# Colors
CYAN='\033[0;36m'
YELLOW='\033[1;33m'
GREEN='\033[0;32m'
RESET='\033[0m'
hey-intern() {
local query="$*"
# Help
if [ -z "$query" ]; then
echo "Usage: hey-intern \"your query here\"" >&2
return 1
fi
# Execute LLM Request
response=$(curl -s -X POST "https://llm-api.va.reichard.io/v1/chat/completions" \
-H "Content-Type: application/json" \
-d "$(jq -n \
--arg model "$MODEL" \
--arg system "$SYSTEM_PROMPT" \
--arg user "$query" \
'{
model: $model,
temperature: 0.2,
messages: [
{role: "system", content: $system},
{role: "user", content: $user}
],
tools: [{
type: "function",
function: {
name: "generate_shell_command",
description: "Generate a shell command to answer a query",
parameters: {
type: "object",
properties: {
command: {type: "string", description: "The shell command to execute"}
},
required: ["command"]
}
}
}]
}')" | jq -r '.choices[0].message.tool_calls[0].function.arguments // empty')
# Extract Command
local command=$(echo "$response" | jq -r '.command // empty')
if [ -n "$command" ]; then
echo -e "\n ${CYAN}${command}${RESET}\n"
read -p "$(echo -e "${YELLOW}Would you like to run this command? [y/N]${RESET} ")" -n 1 -r
echo ""
if [[ $REPLY =~ ^[Yy]$ ]]; then
echo -e "${GREEN}Running...${RESET}\n"
history -s "$command"
eval "$command"
fi
else
echo "Failed to generate a valid command from the response." >&2
echo "Raw response: $response" >&2
return 1
fi
}
# Export Script
if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
hey-intern "$@"
fi

93
modules/home/programs/terminal/bash/default.nix
View File

@@ -1,93 +0,0 @@
{ pkgs
, lib
, config
, namespace
, ...
}:
let
inherit (lib.${namespace}) mkOpt;
inherit (lib) mkEnableOption mkIf optionalAttrs;
inherit (pkgs.stdenv) isLinux isDarwin;
cfg = config.${namespace}.programs.terminal.bash;
in
{
options.${namespace}.programs.terminal.bash = with lib.types; {
enable = mkEnableOption "bash";
customProfile = mkOpt str "" "custom profile";
customFastFetchLogo = mkOpt (nullOr path) null "custom fast fetch logo path";
};
config = mkIf cfg.enable {
programs.bash = {
enable = true;
shellAliases = {
grep = "grep --color";
ssh = "TERM=xterm-256color ssh";
}
// optionalAttrs isLinux {
sync-watch = "watch -d grep -e Dirty: -e Writeback: /proc/meminfo";
}
// optionalAttrs isDarwin {
mosh = "mosh --ssh=\"/usr/bin/ssh\"";
};
profileExtra = ''
export COLORTERM=truecolor
SHELL="$BASH"
PATH=~/.local/bin:$PATH
bind "set show-mode-in-prompt on"
set -o vi || true
source <(fzf --bash)
VISUAL=vim
EDITOR="$VISUAL"
if [ -z "$CLAUDE_CODE_ENTRYPOINT" ]; then
fastfetch
fi
[[ -f ~/.bash_custom ]] && . ~/.bash_custom
source ${./config/hey-intern.sh}
''
+ cfg.customProfile;
};
programs.powerline-go = {
enable = true;
settings = {
git-mode = "compact";
theme = "gruvbox";
};
modules = [
"host"
"cwd"
"git"
"docker"
"venv"
];
};
programs.readline = {
enable = true;
extraConfig = ''
# Approximate VIM Dracula Colors
set vi-ins-mode-string \1\e[01;38;5;23;48;5;231m\2 I \1\e[38;5;231;48;5;238m\2\1\e[0m\2
set vi-cmd-mode-string \1\e[01;38;5;22;48;5;148m\2 C \1\e[38;5;148;48;5;238m\2\1\e[0m\2
'';
};
programs.fzf.enable = true;
home.packages = with pkgs; [
bashInteractive
fastfetch
mosh
nerd-fonts.meslo-lg
];
home.file.".config/fastfetch/config.jsonc".text = import ./config/fastfetch.nix { inherit cfg; };
home.file.".sqliterc".text = builtins.readFile ./config/.sqliterc;
};
}

218
modules/home/programs/terminal/btop/config/btop.conf
View File

@@ -1,218 +0,0 @@
#? Config file for btop v. 1.4.0
#* Name of a btop++/bpytop/bashtop formatted ".theme" file, "Default" and "TTY" for builtin themes.
#* Themes should be placed in "../share/btop/themes" relative to binary or "$HOME/.config/btop/themes"
color_theme = "catppuccin_mocha"
#* If the theme set background should be shown, set to False if you want terminal background transparency.
theme_background = True
#* Sets if 24-bit truecolor should be used, will convert 24-bit colors to 256 color (6x6x6 color cube) if false.
truecolor = True
#* Set to true to force tty mode regardless if a real tty has been detected or not.
#* Will force 16-color mode and TTY theme, set all graph symbols to "tty" and swap out other non tty friendly symbols.
force_tty = False
#* Define presets for the layout of the boxes. Preset 0 is always all boxes shown with default settings. Max 9 presets.
#* Format: "box_name:P:G,box_name:P:G" P=(0 or 1) for alternate positions, G=graph symbol to use for box.
#* Use whitespace " " as separator between different presets.
#* Example: "cpu:0:default,mem:0:tty,proc:1:default cpu:0:braille,proc:0:tty"
presets = "cpu:1:default,proc:0:default cpu:0:default,mem:0:default,net:0:default cpu:0:block,net:0:tty"
#* Set to True to enable "h,j,k,l,g,G" keys for directional control in lists.
#* Conflicting keys for h:"help" and k:"kill" is accessible while holding shift.
vim_keys = False
#* Rounded corners on boxes, is ignored if TTY mode is ON.
rounded_corners = True
#* Default symbols to use for graph creation, "braille", "block" or "tty".
#* "braille" offers the highest resolution but might not be included in all fonts.
#* "block" has half the resolution of braille but uses more common characters.
#* "tty" uses only 3 different symbols but will work with most fonts and should work in a real TTY.
#* Note that "tty" only has half the horizontal resolution of the other two, so will show a shorter historical view.
graph_symbol = "braille"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_cpu = "default"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_mem = "default"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_net = "default"
# Graph symbol to use for graphs in cpu box, "default", "braille", "block" or "tty".
graph_symbol_proc = "default"
#* Manually set which boxes to show. Available values are "cpu mem net proc" and "gpu0" through "gpu5", separate values with whitespace.
shown_boxes = "cpu mem net proc"
#* Update time in milliseconds, recommended 2000 ms or above for better sample times for graphs.
update_ms = 2000
#* Processes sorting, "pid" "program" "arguments" "threads" "user" "memory" "cpu lazy" "cpu direct",
#* "cpu lazy" sorts top process over time (easier to follow), "cpu direct" updates top process directly.
proc_sorting = "cpu lazy"
#* Reverse sorting order, True or False.
proc_reversed = False
#* Show processes as a tree.
proc_tree = False
#* Use the cpu graph colors in the process list.
proc_colors = True
#* Use a darkening gradient in the process list.
proc_gradient = True
#* If process cpu usage should be of the core it's running on or usage of the total available cpu power.
proc_per_core = False
#* Show process memory as bytes instead of percent.
proc_mem_bytes = True
#* Show cpu graph for each process.
proc_cpu_graphs = True
#* Use /proc/[pid]/smaps for memory information in the process info box (very slow but more accurate)
proc_info_smaps = False
#* Show proc box on left side of screen instead of right.
proc_left = False
#* (Linux) Filter processes tied to the Linux kernel(similar behavior to htop).
proc_filter_kernel = False
#* In tree-view, always accumulate child process resources in the parent process.
proc_aggregate = False
#* Sets the CPU stat shown in upper half of the CPU graph, "total" is always available.
#* Select from a list of detected attributes from the options menu.
cpu_graph_upper = "Auto"
#* Sets the CPU stat shown in lower half of the CPU graph, "total" is always available.
#* Select from a list of detected attributes from the options menu.
cpu_graph_lower = "Auto"
#* Toggles if the lower CPU graph should be inverted.
cpu_invert_lower = True
#* Set to True to completely disable the lower CPU graph.
cpu_single_graph = False
#* Show cpu box at bottom of screen instead of top.
cpu_bottom = False
#* Shows the system uptime in the CPU box.
show_uptime = True
#* Show cpu temperature.
check_temp = True
#* Which sensor to use for cpu temperature, use options menu to select from list of available sensors.
cpu_sensor = "Auto"
#* Show temperatures for cpu cores also if check_temp is True and sensors has been found.
show_coretemp = True
#* Set a custom mapping between core and coretemp, can be needed on certain cpus to get correct temperature for correct core.
#* Use lm-sensors or similar to see which cores are reporting temperatures on your machine.
#* Format "x:y" x=core with wrong temp, y=core with correct temp, use space as separator between multiple entries.
#* Example: "4:0 5:1 6:3"
cpu_core_map = ""
#* Which temperature scale to use, available values: "celsius", "fahrenheit", "kelvin" and "rankine".
temp_scale = "celsius"
#* Use base 10 for bits/bytes sizes, KB = 1000 instead of KiB = 1024.
base_10_sizes = False
#* Show CPU frequency.
show_cpu_freq = True
#* Draw a clock at top of screen, formatting according to strftime, empty string to disable.
#* Special formatting: /host = hostname | /user = username | /uptime = system uptime
clock_format = "%X"
#* Update main ui in background when menus are showing, set this to false if the menus is flickering too much for comfort.
background_update = True
#* Custom cpu model name, empty string to disable.
custom_cpu_name = ""
#* Optional filter for shown disks, should be full path of a mountpoint, separate multiple values with whitespace " ".
#* Begin line with "exclude=" to change to exclude filter, otherwise defaults to "most include" filter. Example: disks_filter="exclude=/boot /home/user".
disks_filter = ""
#* Show graphs instead of meters for memory values.
mem_graphs = True
#* Show mem box below net box instead of above.
mem_below_net = False
#* Count ZFS ARC in cached and available memory.
zfs_arc_cached = True
#* If swap memory should be shown in memory box.
show_swap = True
#* Show swap as a disk, ignores show_swap value above, inserts itself after first disk.
swap_disk = True
#* If mem box should be split to also show disks info.
show_disks = True
#* Filter out non physical disks. Set this to False to include network disks, RAM disks and similar.
only_physical = True
#* Read disks list from /etc/fstab. This also disables only_physical.
use_fstab = True
#* Setting this to True will hide all datasets, and only show ZFS pools. (IO stats will be calculated per-pool)
zfs_hide_datasets = False
#* Set to true to show available disk space for privileged users.
disk_free_priv = False
#* Toggles if io activity % (disk busy time) should be shown in regular disk usage view.
show_io_stat = True
#* Toggles io mode for disks, showing big graphs for disk read/write speeds.
io_mode = False
#* Set to True to show combined read/write io graphs in io mode.
io_graph_combined = False
#* Set the top speed for the io graphs in MiB/s (100 by default), use format "mountpoint:speed" separate disks with whitespace " ".
#* Example: "/mnt/media:100 /:20 /boot:1".
io_graph_speeds = ""
#* Set fixed values for network graphs in Mebibits. Is only used if net_auto is also set to False.
net_download = 100
net_upload = 100
#* Use network graphs auto rescaling mode, ignores any values set above and rescales down to 10 Kibibytes at the lowest.
net_auto = True
#* Sync the auto scaling for download and upload to whichever currently has the highest scale.
net_sync = True
#* Starts with the Network Interface specified here.
net_iface = ""
#* Show battery stats in top right if battery is present.
show_battery = True
#* Which battery to use if multiple are present. "Auto" for auto detection.
selected_battery = "Auto"
#* Show power stats of battery next to charge indicator.
show_battery_watts = True
#* Set loglevel for "~/.config/btop/btop.log" levels are: "ERROR" "WARNING" "INFO" "DEBUG".
#* The level set includes all lower levels, i.e. "DEBUG" will show all logging info.
log_level = "WARNING"

83
modules/home/programs/terminal/btop/config/catppuccin_mocha.theme
View File

@@ -1,83 +0,0 @@
# Main background, empty for terminal default, need to be empty if you want transparent background
theme[main_bg]="#1E1E2E"
# Main text color
theme[main_fg]="#CDD6F4"
# Title color for boxes
theme[title]="#CDD6F4"
# Highlight color for keyboard shortcuts
theme[hi_fg]="#89B4FA"
# Background color of selected item in processes box
theme[selected_bg]="#45475A"
# Foreground color of selected item in processes box
theme[selected_fg]="#89B4FA"
# Color of inactive/disabled text
theme[inactive_fg]="#7F849C"
# Color of text appearing on top of graphs, i.e uptime and current network graph scaling
theme[graph_text]="#F5E0DC"
# Background color of the percentage meters
theme[meter_bg]="#45475A"
# Misc colors for processes box including mini cpu graphs, details memory graph and details status text
theme[proc_misc]="#F5E0DC"
# CPU, Memory, Network, Proc box outline colors
theme[cpu_box]="#cba6f7" #Mauve
theme[mem_box]="#a6e3a1" #Green
theme[net_box]="#eba0ac" #Maroon
theme[proc_box]="#89b4fa" #Blue
# Box divider line and small boxes line color
theme[div_line]="#6C7086"
# Temperature graph color (Green -> Yellow -> Red)
theme[temp_start]="#a6e3a1"
theme[temp_mid]="#f9e2af"
theme[temp_end]="#f38ba8"
# CPU graph colors (Teal -> Lavender)
theme[cpu_start]="#94e2d5"
theme[cpu_mid]="#74c7ec"
theme[cpu_end]="#b4befe"
# Mem/Disk free meter (Mauve -> Lavender -> Blue)
theme[free_start]="#cba6f7"
theme[free_mid]="#b4befe"
theme[free_end]="#89b4fa"
# Mem/Disk cached meter (Sapphire -> Lavender)
theme[cached_start]="#74c7ec"
theme[cached_mid]="#89b4fa"
theme[cached_end]="#b4befe"
# Mem/Disk available meter (Peach -> Red)
theme[available_start]="#fab387"
theme[available_mid]="#eba0ac"
theme[available_end]="#f38ba8"
# Mem/Disk used meter (Green -> Sky)
theme[used_start]="#a6e3a1"
theme[used_mid]="#94e2d5"
theme[used_end]="#89dceb"
# Download graph colors (Peach -> Red)
theme[download_start]="#fab387"
theme[download_mid]="#eba0ac"
theme[download_end]="#f38ba8"
# Upload graph colors (Green -> Sky)
theme[upload_start]="#a6e3a1"
theme[upload_mid]="#94e2d5"
theme[upload_end]="#89dceb"
# Process box color gradient for threads, mem and cpu usage (Sapphire -> Mauve)
theme[process_start]="#74C7EC"
theme[process_mid]="#89DCEB"
theme[process_end]="#cba6f7"

26
modules/home/programs/terminal/btop/default.nix
View File

@@ -1,26 +0,0 @@
{ lib
, pkgs
, config
, namespace
, ...
}:
let
inherit (lib) mkIf;
cfg = config.${namespace}.programs.terminal.btop;
in
{
options.${namespace}.programs.terminal.btop = {
enable = lib.mkEnableOption "btop";
};
config = mkIf cfg.enable {
programs.btop = {
enable = true;
package = pkgs.btop-cuda;
};
home.file.".config/btop/btop.conf".text = builtins.readFile ./config/btop.conf;
home.file.".config/btop/themes/catppuccin_mocha.theme".text =
builtins.readFile ./config/catppuccin_mocha.theme;
};
}

89
modules/home/programs/terminal/claude-code/default.nix
View File

@@ -1,89 +0,0 @@
{ lib
, pkgs
, config
, namespace
, ...
}:
let
inherit (lib) mkIf;
cfg = config.${namespace}.programs.terminal.claude-code;
in
{
options.${namespace}.programs.terminal.claude-code = {
enable = lib.mkEnableOption "enable claude-code";
};
config = mkIf cfg.enable {
programs.claude-code = {
enable = true;
mcpServers = {
gopls = {
type = "stdio";
command = "gopls";
args = [ "mcp" ];
};
};
};
programs.bash = lib.mkIf config.programs.bash.enable {
shellAliases = {
claude-custom = "default_claude_custom";
};
initExtra =
let
baseUrl = "https://llm-api.va.reichard.io";
authToken = "placeholder";
in
''
default_claude_custom() {
local model_id=""
while [[ $# -gt 0 ]]; do
case $1 in
-m|--model)
model_id="$2"
shift 2
;;
*)
shift
;;
esac
done
if [ -z "$model_id" ]; then
echo "Error: Model ID is required. Usage: claude --model <model-id>"
return 1
fi
ANTHROPIC_BASE_URL="${baseUrl}" \
ANTHROPIC_AUTH_TOKEN="${authToken}" \
ANTHROPIC_MODEL="$model_id" \
ANTHROPIC_SMALL_FAST_MODEL="$model_id" \
${lib.getExe pkgs.claude-code}
}
# Completion Function
_complete_claude_custom() {
local cur=''${COMP_WORDS[COMP_CWORD]}
local prev=''${COMP_WORDS[COMP_CWORD-1]}
if [[ "$prev" == "-m" || "$prev" == "--model" ]]; then
local models=( $(${pkgs.curl}/bin/curl -s -H "Authorization: Bearer ${authToken}" "${baseUrl}/v1/models" | ${pkgs.jq}/bin/jq -r '
.data[] |
select(
(try (.meta.llamaswap.type[] | contains("coding")) catch false) or
(.name | startswith("synthetic:"))
) |
.id
' 2>/dev/null) )
COMPREPLY=( $(compgen -W "''${models[*]}" -- "$cur") )
fi
}
# Register Completion
complete -F _complete_claude_custom claude-custom
'';
};
};
}

Some files were not shown because too many files have changed in this diff Show More