cry/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: cry:main
Branches Tags
cry:main
cry:laptop
cry:lolcathost-24.05
cry:myputer
cry:lolcathost
..
compare: cry:laptop
Branches Tags
cry:main
cry:laptop
cry:lolcathost-24.05
cry:myputer
cry:lolcathost

No commits in common. "main" and "laptop" have entirely different histories.
main ... laptop

38 changed files with 588 additions and 1568 deletions
Download patch file Download diff file Expand all files Collapse all files

11
SCREENSHARING
View file

@ -1,11 +0,0 @@
Excellent Resource
https://gist.github.com/brunoanc/2dea6ddf6974ba4e5d26c3139ffb7580#install-xdg-desktop-portal-and-friends
Hyprland official page on screensharing
https://wiki.hyprland.org/Useful-Utilities/Screen-Sharing/
Multiple sources seem to think that use xdg-desktop-portal-wlr works (but I can't stream individual applications)
but I suppose that's better than nothing?
Also check out xwaylandvideobridge

1
TODO.md → TODO
View file

@ -1,4 +1,5 @@
## Next Up ## Next Up
0. Rename TODO -> TODO.md
1. Rename user "ae" to "cry" or "vps" 1. Rename user "ae" to "cry" or "vps"
2. Add 404 page to nginx on hyrule 2. Add 404 page to nginx on hyrule
3. Add a user called "mirror" that stores important mirrors (inspiration: https://git.gay/mirror) 3. Add a user called "mirror" that stores important mirrors (inspiration: https://git.gay/mirror)

6
banner
View file

@ -1,6 +0,0 @@
.------------.
| oh my |
'------------'
^ (\_(\
'----- ( -.-)
o_(")(")

6
config.temp/hyprland.conf
View file

@ -25,9 +25,8 @@ monitor=eDP-1, highres@highrr, auto, 1.0
# Set programs that you use # Set programs that you use
$terminal = ghostty #rio $terminal = ghostty #rio
$fileManager = thunar $fileManager = thunar
# $menu = wofi --show drun #$menu = wofi --show drun
# $menu = ags -t "applauncher" $menu = ags -t "applauncher"
$menu = fuzzel
$colorpicker = hyprpicker | head -c 7 | wl-copy $colorpicker = hyprpicker | head -c 7 | wl-copy
################# #################
@ -41,7 +40,6 @@ $colorpicker = hyprpicker | head -c 7 | wl-copy
# exec-once = nm-applet & # exec-once = nm-applet &
# exec-once = waybar & hyprpaper & firefox # exec-once = waybar & hyprpaper & firefox
exec-once = swww-daemon & exec-once = swww-daemon &
exec-once = mako &
# TODO: or do I do `swww init` or `swww restore`? # TODO: or do I do `swww init` or `swww restore`?
# █▀▀ █▄░█ █░█   █░█ ▄▀█ █▀█ # █▀▀ █▄░█ █░█   █░█ ▄▀█ █▀█

27
deploy
View file

@ -9,7 +9,6 @@ Options:
-f, --fresh Remove old content in the nixstore (good for debugging) -f, --fresh Remove old content in the nixstore (good for debugging)
-b, --bootloader Reinstall the bootloader -b, --bootloader Reinstall the bootloader
-r, --remote Locally build and remotely deploy Colmena hive -r, --remote Locally build and remotely deploy Colmena hive
--show-trace Show nix stack trace on error
-h, --help Show this message (^_^)" -h, --help Show this message (^_^)"
# delete all cached entries # delete all cached entries
@ -20,8 +19,7 @@ collect_garbage () {
rebuild_flake () { rebuild_flake () {
# make sure all changes are visible to nixos # make sure all changes are visible to nixos
# (--intent-to-add tracks files but DOES NOT stage them) git add . --verbose
git add . --intent-to-add --verbose
local FLAGS= local FLAGS=
if [ "$1" = "reinstall-bootloader" ]; then if [ "$1" = "reinstall-bootloader" ]; then
FLAGS="--install-bootloader" FLAGS="--install-bootloader"
@ -32,7 +30,7 @@ rebuild_flake () {
# LOG="$(mktemp /tmp/rebuild-XXXXXXXX)" # LOG="$(mktemp /tmp/rebuild-XXXXXXXX)"
LOG="./rebuild.log" LOG="./rebuild.log"
echo "[*] Logging to $LOG" echo "[*] Logging to $LOG"
sudo nixos-rebuild switch --flake . $FLAGS $EXTRA_FLAGS 2>&1 | tee "$LOG" sudo nixos-rebuild switch --flake . $FLAGS 2>&1 | tee "$LOG"
#nixos-rebuild build --flake .# --cores 8 -j 1 #nixos-rebuild build --flake .# --cores 8 -j 1
} }
@ -43,22 +41,19 @@ deploy_hive () {
git add . --verbose git add . --verbose
# Deploy to all Colmena hives # Deploy to all Colmena hives
colmena build --experimental-flake-eval $EXTRA_FLAGS colmena build --experimental-flake-eval
colmena apply --experimental-flake-eval $EXTRA_FLAGS colmena apply --experimental-flake-eval
# colmena apply --on hyrule --experimental-flake-eval # colmena apply --on hyrule --experimental-flake-eval
} }
# check which flags were given # check which flags were given
flag_fresh=false flag_fresh=false
flag_bootloader=false flag_bootloader=false
flag_remote=false
flag_trace=false
for flag in "$@"; do for flag in "$@"; do
case "$flag" in case "$flag" in
-r|--remote) -r|--remote)
flag_remote=true ;; deploy_hive
--show-trace) exit 0 ;;
flag_trace=true ;;
-f|--fresh) -f|--fresh)
flag_fresh=true ;; flag_fresh=true ;;
-b|--bootloader) -b|--bootloader)
@ -72,16 +67,6 @@ for flag in "$@"; do
esac esac
done done
EXTRA_FLAGS=""
if [ "$flag_trace" = true ]; then
EXTRA_FLAGS="$EXTRA_FLAGS --show-trace"
fi
if [ "$flag_remote" = true ]; then
deploy_hive
exit 0
fi
# delete cached items in nixstore # delete cached items in nixstore
if [ "$flag_fresh" = true ]; then if [ "$flag_fresh" = true ]; then
collect_garbage collect_garbage

175
flake.lock generated
View file

@ -1,16 +1,31 @@
{ {
"nodes": { "nodes": {
"ags": {
"inputs": {
"nixpkgs": "nixpkgs",
"systems": "systems"
},
"locked": {
"lastModified": 1728326430,
"narHash": "sha256-tV1ABHuA1HItMdCTuNdA8fMB+qw7LpjvI945VwMSABI=",
"owner": "Aylur",
"repo": "ags",
"rev": "60180a184cfb32b61a1d871c058b31a3b9b0743d",
"type": "github"
},
"original": {
"owner": "Aylur",
"repo": "ags",
"type": "github"
}
},
"colmena": { "colmena": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"nix-github-actions": "nix-github-actions", "nix-github-actions": "nix-github-actions",
"nixpkgs": [ "nixpkgs": "nixpkgs_2",
"nixpkgs-unstable" "stable": "stable"
],
"stable": [
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1734374287, "lastModified": 1734374287,
@ -27,32 +42,6 @@
"type": "github" "type": "github"
} }
}, },
"dobutterfliescry-net": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-unstable": [
"nixpkgs-unstable"
],
"systems": [
"systems"
]
},
"locked": {
"lastModified": 1770121583,
"narHash": "sha256-BI9UgaWtIHqyV8L4Vfh5Vrakax65QOG6m0a28L05YzM=",
"ref": "refs/heads/main",
"rev": "d511138e76f03990da593d1d0129f58c1ec3f570",
"revCount": 100,
"type": "git",
"url": "https://forge.dobutterfliescry.net/cry/site"
},
"original": {
"type": "git",
"url": "https://forge.dobutterfliescry.net/cry/site"
}
},
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -70,32 +59,30 @@
} }
}, },
"flake-utils": { "flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1659877975,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github" "type": "github"
}, },
"original": { "original": {
"id": "flake-utils", "owner": "numtide",
"type": "indirect" "repo": "flake-utils",
"type": "github"
} }
}, },
"grub2-themes": { "grub2-themes": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1757136219, "lastModified": 1730004881,
"narHash": "sha256-tKU+vq34KHu/A2wD7WdgP5A4/RCmSD8hB0TyQAUlixA=", "narHash": "sha256-8xVIqIW25o2uCL0fxAmP4Sj9sdebarQXmd1+64yMe8o=",
"owner": "vinceliuice", "owner": "vinceliuice",
"repo": "grub2-themes", "repo": "grub2-themes",
"rev": "80dd04ddf3ba7b284a7b1a5df2b1e95ee2aad606", "rev": "42c232dfb46bf93c17506cbc1a574e5e89b5e09f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -127,27 +114,27 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1761269590, "lastModified": 1725634671,
"narHash": "sha256-yTr+PCi4wGbOEidrm8XyXBobLxLMqIBsbUyhwsN6wrc=", "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d792a6e0cd4ba35c90ea787b717d72410f56dc40", "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "master", "ref": "nixos-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1761114652, "lastModified": 1753939845,
"narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=", "narHash": "sha256-K2ViRJfdVGE8tpJejs8Qpvvejks1+A4GQej/lBk5y7I=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c", "rev": "94def634a20494ee057c76998843c015909d6311",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -159,11 +146,43 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1761016216, "lastModified": 1734119587,
"narHash": "sha256-G/iC4t/9j/52i/nm+0/4ybBmAF4hzR8CNHC75qEhjHo=", "narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1730808093,
"narHash": "sha256-oOenwoxpzQsBNi7KltgnXqq6e0+CxlfNXKn3k27w6cQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c1a390f74b2c93f69a6805142f11a215a689cec1",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1752620740,
"narHash": "sha256-f3pO+9lg66mV7IMmmIqG4PL3223TYMlnlw+pnpelbss=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "481cf557888e05d3128a76f14c76397b7d7cc869", "rev": "32a4e87942101f1c9f9865e04dc3ddb175f5f32e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -175,41 +194,41 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"ags": "ags",
"colmena": "colmena", "colmena": "colmena",
"dobutterfliescry-net": "dobutterfliescry-net",
"grub2-themes": "grub2-themes", "grub2-themes": "grub2-themes",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_4",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable"
"systems": "systems_2" }
},
"stable": {
"locked": {
"lastModified": 1730883749,
"narHash": "sha256-mwrFF0vElHJP8X3pFCByJR365Q2463ATp2qGIrDUdlE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dba414932936fde69f0606b4f1d87c5bc0003ede",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
} }
}, },
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1689347949,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default", "repo": "default-linux",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default", "repo": "default-linux",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github" "type": "github"
} }
} }

38
flake.nix
View file

@ -2,30 +2,19 @@
description = "Emile's Nix Dotfiles"; description = "Emile's Nix Dotfiles";
inputs = { inputs = {
systems.url = "github:nix-systems/default";
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
colmena = { #home-manager = {
url = "github:zhaofengli/colmena/?rev=47b6414d800c8471e98ca072bc0835345741a56a"; # url = "github:nix-community/home-manager";
inputs = { # inputs.nixpkgs.follows = "nixpkgs";
nixpkgs.follows = "nixpkgs-unstable"; #};
stable.follows = "nixpkgs";
flake-utils.inputs.systems.follows = "systems";
};
};
grub2-themes.url = "github:vinceliuice/grub2-themes"; grub2-themes.url = "github:vinceliuice/grub2-themes";
dobutterfliescry-net = { ags.url = "github:Aylur/ags";
url = "git+https://forge.dobutterfliescry.net/cry/site";
inputs = { colmena.url = "github:zhaofengli/colmena/?rev=47b6414d800c8471e98ca072bc0835345741a56a";
nixpkgs.follows = "nixpkgs";
nixpkgs-unstable.follows = "nixpkgs-unstable";
systems.follows = "systems";
};
};
}; };
outputs = { outputs = {
@ -48,15 +37,12 @@
pkgs-unstable = import nixpkgs-unstable { pkgs-unstable = import nixpkgs-unstable {
inherit system; inherit system;
config = { config = {
# allowUnfree = true; # TODO: bandaid solution... (for minecraft-server) allowUnfree = true; # TODO: bandaid solution... (for minecraft-server)
allowUnfree = false;
}; };
}; };
# TODO: come back to this its really cool # TODO: come back to this its really cool
# this is just something I'm experimenting with # this is just something I'm experimenting with
# ROOT = ./.; # PROJECT_ROOT = builtins.toString ./.;
specialArgs = {inherit inputs pkgs-unstable;};
in { in {
devShells."x86_64-linux".default = pkgs.mkShell { devShells."x86_64-linux".default = pkgs.mkShell {
shell = "${pkgs.bash}/bin/bash"; shell = "${pkgs.bash}/bin/bash";
@ -71,7 +57,7 @@
# i be on my puter fr # i be on my puter fr
myputer = nixpkgs.lib.nixosSystem { myputer = nixpkgs.lib.nixosSystem {
# nix passes these to every single module # nix passes these to every single module
inherit specialArgs; specialArgs = {inherit inputs pkgs-unstable;};
modules = [ modules = [
./hosts/myputer ./hosts/myputer
@ -81,7 +67,7 @@
# my laptop 0w0 # my laptop 0w0
lolcathost = nixpkgs.lib.nixosSystem { lolcathost = nixpkgs.lib.nixosSystem {
inherit specialArgs; specialArgs = {inherit inputs pkgs-unstable;};
modules = [ modules = [
./hosts/lolcathost ./hosts/lolcathost
@ -94,7 +80,7 @@
colmenaHive = colmena.lib.makeHive { colmenaHive = colmena.lib.makeHive {
meta = { meta = {
nixpkgs = pkgs; nixpkgs = pkgs;
inherit specialArgs; specialArgs = {inherit pkgs-unstable;};
# set nixpkgs per server # set nixpkgs per server
nodeNixpkgs = { nodeNixpkgs = {

52
homes/me/default.nix
View file

@ -6,32 +6,26 @@
pkgs, pkgs,
pkgs-unstable, pkgs-unstable,
... ...
} @ args: { }: {
imports = [ imports = [
../modules/fish.nix
../modules/btop.nix
../modules/tmux.nix
../modules/term/foot.nix
../modules/git.nix ../modules/git.nix
../modules/bat.nix ../modules/bat.nix
../modules/fish.nix
../modules/editor/helix.nix ../modules/editor/helix.nix
(import ../modules/editor/vscode.nix args) # ../modules/editor/vscodium.nix
../modules/btop.nix
../modules/term/ghostty.nix
../modules/term/foot.nix
# ../modules/term/rio.nix
../modules/firefox.nix ../modules/firefox.nix
../modules/apps/thunderbird.nix
#../modules/wm/hypr/hypridle.nix #../modules/wm/hypr/hypridle.nix
../modules/wm/hypr/hyprlock.nix ../modules/wm/hypr/hyprlock.nix
../modules/kanshi.nix ../modules/kanshi.nix
../modules/mako.nix ../modules/ags
]; ];
nixpkgs.config.allowUnfreePredicate = pkg:
builtins.elem (lib.GetName pkg) [
"vscode-extension-ms-dotnettools-csharp"
];
home = { home = {
username = "me"; username = "me";
homeDirectory = "/home/me"; homeDirectory = "/home/me";
@ -41,10 +35,6 @@
man = "batman"; # bat + man man = "batman"; # bat + man
}; };
sessionVariables = {
NIX_SHELL_PRESERVE_PROMPT = 1;
};
pointerCursor = { pointerCursor = {
gtk.enable = true; gtk.enable = true;
# x11.enable = true # dont enable since im on hyprland # x11.enable = true # dont enable since im on hyprland
@ -52,18 +42,6 @@
name = "Bibata-Modern-Ice"; name = "Bibata-Modern-Ice";
size = 16; size = 16;
}; };
packages = with pkgs; [
# for services.gnome-keyring
pkgs.gcr # provides org.gnome.keyring.SystemPrompter
seahorse # gui
tor-browser
fuzzel
speedtest-cli
];
}; };
gtk = { gtk = {
@ -130,12 +108,6 @@
TERM = "linux"; TERM = "linux";
}; };
}; };
clocktown = {
hostname = "clocktown.dobutterfliescry.net";
user = "root";
port = 22;
identityFile = "~/.ssh/id_clocktown";
};
subspace = { subspace = {
hostname = "imbored.dev"; hostname = "imbored.dev";
user = "subspace"; user = "subspace";
@ -164,12 +136,8 @@
}; };
}; };
services = { # enable OpenSSH private key agent
# enable OpenSSH private key agent services.ssh-agent.enable = true;
ssh-agent.enable = true;
gnome-keyring.enable = true;
};
# the ssh-agent won't set this for itself... # the ssh-agent won't set this for itself...
systemd.user.sessionVariables.SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/ssh-agent"; systemd.user.sessionVariables.SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/ssh-agent";
# Nicely reload system units when changing configs # Nicely reload system units when changing configs

10
homes/modules/apps/thunderbird.nix
View file

@ -1,10 +0,0 @@
{...}: {
programs.thunderbird = {
enable = true;
profiles = {
"me" = {
isDefault = true;
};
};
};
}

140
homes/modules/editor/helix.nix
View file

@ -1,64 +1,5 @@
{ {pkgs, ...}: {
pkgs, # read https://docs.helix-editor.com/editor.html
pkgs-unstable,
...
}: let
lsps = {
bash-language-server = {
pkg = pkgs.bash-language-server;
cmd = "bash-language-server";
};
clangd = {
pkg = pkgs.clang-tools;
cmd = "clangd";
};
glsl_analyzer = {
pkg = pkgs.glsl_analyzer;
cmd = "glsl_analyzer";
};
haskell-language-server = {
pkg = pkgs.haskell-language-server;
cmd = "haskell-language-server-wrapper";
};
# TODO: once upgraded past Nix-24.07 this line won't be necessary (I think)
# helix will support nixd by default
# SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix
nixd = {
pkg = pkgs.nixd;
cmd = "nixd";
};
OmniSharp = {
pkg = pkgs.omnisharp-roslyn;
cmd = "OmniSharp";
};
rust-analyzer = {
pkg = pkgs.rust-analyzer;
cmd = "rust-analyzer";
};
ty = {
pkg = pkgs-unstable.ty;
cmd = "ty";
};
typescript-language-server = {
pkg = pkgs.typescript-language-server;
cmd = "typescript-language-server";
};
};
in {
home.packages =
lsps
|> builtins.attrValues
|> map (lsp: lsp.pkg);
# REF: https://docs.helix-editor.com/editor.html
programs.helix = { programs.helix = {
enable = true; enable = true;
settings = { settings = {
@ -187,79 +128,28 @@ in {
}; };
auto-format = false; # my python is beautiful ^_^ auto-format = false; # my python is beautiful ^_^
rulers = [80]; rulers = [80];
language-servers = ["ty"];
} }
{ {
name = "c"; name = "c";
file-types = ["c" "h"]; # use .hpp for C++ file-types = ["c" "h"]; # use .hpp for C++
auto-format = true; auto-format = false;
formatter.command = "${pkgs.clang-tools}/bin/clang-format"; formatter.command = "${pkgs.clang-tools}/bin/clang-format";
language-servers = ["clangd"]; language-servers = ["clangd"];
} }
{
name = "haskell";
auto-format = true;
formatter.command = "${pkgs.ormolu}/bin/ormolu";
language-servers = ["haskell-language-server"];
}
{
name = "rust";
indent = {
tab-width = 2;
unit = " ";
};
auto-format = true;
formatter.command = "${pkgs.rustfmt}/bin/rustfmt";
language-servers = ["rust-analyzer"];
}
{
name = "c-sharp";
file-types = ["cs"];
indent = {
tab-width = 4;
unit = " ";
};
block-comment-tokens = {
start = "/*";
end = "*/";
};
# auto-format = true;
# formatter.command = "${pkgs.omnisharp-roslyn}/bin/OmniSharp";
# language-servers = ["OmniSharp"];
}
{
name = "javascript";
file-types = ["js"];
indent = {
tab-width = 2;
unit = " ";
};
block-comment-tokens = {
start = "/*";
end = "*/";
};
auto-format = true;
language-servers = ["typescript-language-server"];
}
{
name = "glsl";
file-types = ["glsl"];
indent = {
tab-width = 2;
unit = " ";
};
block-comment-tokens = {
start = "/*";
end = "*/";
};
auto-format = false;
language-servers = ["glsl_analyzer"];
}
]; ];
language-server = language-server = {
lsps # use nixd as default nix lsp (I haven't tried nil yet)
|> builtins.mapAttrs (_: lsp: {command = "${lsp.pkg}/bin/${lsp.cmd}";}); # NOTE: nixd will be supported by default after nix 24.07
# SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix
nixd = {
command = "${pkgs.nixd}/bin/nixd";
};
# clangd for C
clangd = {
command = "${pkgs.clang-tools}/bin/clangd";
};
};
}; };
}; };
} }

134
homes/modules/editor/vscode.nix
View file

@ -1,134 +0,0 @@
{
config,
lib,
pkgs,
vscodium ? false,
secret-service ? "gnome-libsecret",
vscode-argv ? ".vscode/argv.json",
...
}: {
nixpkgs.overlays = [
(
self: super: {
vscode-extensions = super.vscode-extensions.overrideAttrs (prev: let
mkVscMarketplaceExtension = {
publisher,
name,
version,
hash,
description ? "",
homepage ? null,
changelog ? null,
license ? null,
maintainers ? [lib.maintainers.emileclarkb],
}:
with pkgs.vscode-utils.buildVscodeMarketplaceExtension; {
${publisher}.${name} = buildVscodeMarketplaceExtension {
mktplcRef = {
inherit
publisher
name
version
hash
;
};
meta = {
inherit
(
if license != null
then {license = license;}
else {}
)
description
homepage
maintainers
;
downloadPage = "https://marketplace.visualstudio.com/items?itemName=${publisher}.${name}";
changelog =
if changelog != null
then changelog
else "https://marketplace.visualstudio.com/items/${publisher}.${name}/changelog";
};
};
};
in
lib.mergeAttrsList [
(mkVscMarketplaceExtension {
publisher = "ms-dotnettools";
name = "dotnet-maui";
version = "1.11.14";
hash = lib.fakeHash;
description = "Extend C# Dev Kit with tools for building .NET Multi-platform App UI (MAUI) apps";
homepage = "https://github.com/microsoft/vscode-dotnettools";
license = lib.licenses.unfree;
})
]);
}
)
];
# REF: https://home-manager-options.extranix.com/?query=vscode&release=release-25.05
programs.vscode = {
enable = true;
# TODO: clean up
package =
(
if vscodium
then pkgs.vscodium
else pkgs.vscode
).overrideAttrs (oldAttrs: {
# runtimeDependencies = oldAttrs.runtimeDependencies ++ []
});
mutableExtensionsDir = true;
profiles.default = {
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
# extension format: USER.PACKAGENAME
extensions = with pkgs.vscode-extensions; [
# .NET
ms-dotnettools.csharp
ms-dotnettools.csdevkit
ms-dotnettools.vscode-dotnet-runtime
# TODO: these extensions aren't packaged :(
# deitry.solution-syntax
# ms-dotnettools.vscode-dotnet-pack
# ms-dotnettools.dotnet-maui
# Python
ms-python.python
# GitLens by GitKraken
eamodio.gitlens
ms-azuretools.vscode-docker
github.copilot
github.copilot-chat
# Colors & Themes
dracula-theme.theme-dracula
catppuccin.catppuccin-vsc
catppuccin.catppuccin-vsc-icons
mvllow.rose-pine
];
userSettings = {
"workbench.colorTheme" = "Dracula Theme";
"github.copilot.nextEditSuggestions.enabled" = true;
};
};
};
# TODO: this is super ugly, make sure the JSON is formatted!!
home.file.${vscode-argv}.text = builtins.toJSON {
password-store = secret-service;
disable-hardware-acceleration = false;
disable-color-correct-rendering = false;
enable-crash-reporter = false;
# crash-report-id = ...;
};
}

34
homes/modules/editor/vscodium.nix
View file

@ -1,37 +1,9 @@
{ {pkgs, ...}: {
lib,
pkgs,
...
}: {
# REF: https://home-manager-options.extranix.com/?query=vscode&release=release-25.05
programs.vscode = { programs.vscode = {
enable = true; enable = true;
package = pkgs.vscodium; package = pkgs.vscodium;
mutableExtensionsDir = true; extensions = with pkgs.vscode-extensions; [
];
profiles.default = {
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
# extension format: USER.PACKAGENAME
extensions = with pkgs.vscode-extensions; [
# .NET
ms-dotnettools.csharp
ms-dotnettools.csdevkit
ms-dotnettools.vscode-dotnet-runtime
# ms-dotnettools.vscode-dotnet-pack
# ms-dotnettools.dotnet-maui
# Colors & Themes
dracula-theme.theme-dracula
catppuccin.catppuccin-vsc
catppuccin.catppuccin-vsc-icons
mvllow.rose-pine
];
userSettings = {
"workbench.colorTheme" = "Dracula Theme";
};
};
}; };
} }

17
homes/modules/fish.nix
View file

@ -12,14 +12,6 @@
config = { config = {
programs.fish = { programs.fish = {
enable = true; enable = true;
generateCompletions = true;
# vendor = {
# config.enable = true;
# functions.enable = true;
# completions.enable = true;
# };
interactiveShellInit = '' interactiveShellInit = ''
# add dotnet completions if it exists (ie we're in a virtual environment) # add dotnet completions if it exists (ie we're in a virtual environment)
if type -q dotnet if type -q dotnet
@ -35,15 +27,6 @@
echo -n $greetings[(random 1 (count $greetings))] echo -n $greetings[(random 1 (count $greetings))]
end end
function gitignore -a type
curl -sL "https://www.gitignore.io/api/$type"
end
# ripgrep on files
function rgf
rg --files | rg $args
end
set -g fish_greeting (rand_greet) set -g fish_greeting (rand_greet)

47
homes/modules/git.nix
View file

@ -5,19 +5,6 @@
}: { }: {
programs.git = { programs.git = {
enable = true; enable = true;
lfs.enable = true;
userName = "Emile Clark-Boman";
userEmail = "eclarkboman@gmail.com";
aliases = {
s = "status";
d = "diff";
l = "log";
c = "commit";
p = "push";
};
extraConfig = { extraConfig = {
color.ui = true; color.ui = true;
core.editor = "hx"; core.editor = "hx";
@ -27,44 +14,16 @@
defaultBranch = "main"; defaultBranch = "main";
}; };
url = { url = {
"git@github.com:" = { "https://github.com/" = {
insteadOf = [ insteadOf = [
"gh:" "gh:"
"github:" "github:"
]; ];
}; };
"https://gitlab.com/" = {
insteadOf = [
"gl:"
"gitlab:"
];
};
"git@github.com:/Agribit/" = {
insteadOf = [
"agri:"
"Agri:"
"agribit:"
"Agribit:"
];
};
"ssh://forgejo@forge.imbored.dev:2222/" = {
insteadOf = [
"forge"
];
};
"ssh://forgejo@forge.imbored.dev:2222/emileclarkb/" = {
insteadOf = [
"cry"
];
};
}; };
}; };
includes = [ userName = "Emile Clark-Boman";
{ userEmail = "eclarkboman@gmail.com";
path = "/home/me/agribit/.gitconfig";
condition = "gitdir:/home/me/agribit/**";
}
];
}; };
} }

54
homes/modules/mako.nix
View file

@ -1,54 +0,0 @@
{...}: let
dracula = rec {
background = "#282A36";
border = cyan;
cyan = "#8BE9FD";
yellow = "#F1FA8C";
red = "#FF5555";
};
theme = dracula;
in {
# notification daemon for Wayland
services.mako = {
enable = true;
settings = {
actions = true;
anchor = "top-right";
layer = "overlay";
sort = "-time";
height = 100;
width = 300;
margin = 50;
background-color = theme.background;
border-color = theme.border;
border-radius = 20;
border-size = 4;
font = "monospace 10";
markup = true;
icons = true;
max-icon-size = 64;
default-timeout = 5000;
ignore-timeout = false;
"actionable=true" = {
anchor = "top-left";
};
"urgency=low" = {
border-color = theme.border;
};
"urgency=normal" = {
border-color = theme.yellow;
};
"urgency=high" = {
default-timeout = 0;
border-color = theme.red;
};
};
};
}

5
homes/modules/tmux.nix
View file

@ -1,5 +0,0 @@
{...}: {
programs.tmux = {
enable = true;
};
}

41
homes/modules/wm/hypr/hyprland.nix
View file

@ -1,43 +1,2 @@
# NOTE: hyprland must be enabled in BOTH your host config (for running hyprland) # NOTE: hyprland must be enabled in BOTH your host config (for running hyprland)
# and your home-manager config (for managing hyprland's config files) # and your home-manager config (for managing hyprland's config files)
{
pkgs,
pkgs-unstable,
inputs,
config,
lib,
...
}: {
options.hyprland = {
enable = lib.mkEnableOption "Hyprland";
};
config = lib.mkIf config.hyprland.enable {
wayland.windowManager.hyprland = {
enable = true;
package = pkgs.hyprland; # pkgs-unstable.hyprland;
xwayland.enable = true;
systemd = {
enable = true;
# enable autostart of applications
# REF: `man 8 systemd-xdg-autostart-generator`
enableXdgAutostart = true;
};
plugins = with inputs; [
split-monitor-workspaces.packages.${pkgs.system}.split
];
};
xdg.portal = {
enable = true;
extraPortals = with pkgs; [
xdg-desktop-portal-gtk
];
};
# TODO: finish this
};
}

363
hosts/hyrule/default.nix
View file

@ -1,24 +1,24 @@
{ {
pkgs, pkgs,
pkgs-unstable, pkgs-unstable,
inputs,
lib,
... ...
}: let }: let
home-manager = builtins.fetchTarball { home-manager = builtins.fetchTarball {
url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz";
sha256 = "07pk5m6mxi666dclaxdwf7xrinifv01vvgxn49bjr8rsbh31syaq"; sha256 = "026rvynmzmpigax9f8gy9z67lsl6dhzv2p6s8wz4w06v3gjvspm1";
}; };
in { in {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
(import "${home-manager}/nixos") (import "${home-manager}/nixos")
./services/forgejo.nix ./mailserver.nix # TEMP: location
./services/vaultwarden.nix ./minecraft-server.nix # TEMP: location
./services/nginx.nix #../modules/server/nginx.nix
# ./mailserver.nix # TEMP: location #../modules/server/ssh.nix
# ./minecraft-server.nix # TEMP: location #../modules/server/fail2ban.nix
../modules/bashistrans.nix
]; ];
nix.settings = { nix.settings = {
@ -32,6 +32,15 @@ in {
]; ];
}; };
# nixpkgs.config.allowUnfreePredicate = let
# whitelist = map lib.getName [
# "minecraft-server"
# pkgs.minecraft-server
# pkgs-unstable.minecraft-server
# ];
# in
# pkg: builtins.elem (lib.getName pkg) whitelist;
time.timeZone = "Australia/Brisbane"; time.timeZone = "Australia/Brisbane";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
@ -77,32 +86,6 @@ in {
# 8222 (INTERNAL) vaultwarden # 8222 (INTERNAL) vaultwarden
45000 # minecaft server 45000 # minecaft server
]; ];
allowedUDPPorts = [
54231 # Wireguard
];
};
wg-quick.interfaces = {
wg0 = {
address = [
"10.10.10.4/24"
];
dns = ["10.10.10.1"];
privateKeyFile = "/root/wg_agrivpn_hyrule";
peers = [
{
# peer's public key
publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY=";
# choose which traffic to forward
allowedIPs = [
"10.0.51.0/24"
"10.10.10.0/24"
];
endpoint = "150.242.34.33:54231";
}
];
};
}; };
}; };
@ -116,7 +99,7 @@ in {
extraGroups = ["wheel"]; extraGroups = ["wheel"];
shell = pkgs.bash; shell = pkgs.bash;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@imbored.dev"
]; ];
}; };
@ -142,6 +125,70 @@ in {
}; };
services = { services = {
# simple nginx instance to host static construction page
# TODO: I want sshd and forgejo's ssh server to both be bound to port 22
# So change sshd to listen on a different address/port (ie 2222 or 127.0.0.3:22, etc)
# and change forgejo to use 127.0.0.2:22 (use port 22, ONLY change loopback address)
nginx = {
enable = true;
# in wake of CVE-2022-3602/CVE-2022-3786
package = pkgs.nginxStable.override {openssl = pkgs.libressl;};
recommendedGzipSettings = true;
recommendedZstdSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
# streamConfig = ''
# server {
# listen 127.0.0.1:53 udp reuseport;
# proxy_timeout 20s;
# proxy_pass 192.168.0.1:53535;
# }
# '';
virtualHosts = let
localhost = "http://127.0.0.1";
std = {
# TODO: should I run over QUIC+HTTP3? (experimental)
# quic = true;
# http3 = true;
enableACME = true;
# kTLS = true; # offload TLS to the linux kernel
};
in {
"imbored.dev" =
{
default = true;
addSSL = true; # not strictly enforced <3
root = "/var/www/imbored";
# extraConfig = ''
# error_page 404 /custom_404.html;
# '';
}
// std;
# Route "vault" subdomain to vaultwarden
"vault.imbored.dev" =
{
forceSSL = true;
locations."/".proxyPass = "${localhost}:8222";
}
// std;
# Route "forge" subdomain to forgejo
# TODO: use `forgejo.settings.server.ENABLE_ACME` instead?
"forge.imbored.dev" =
{
forceSSL = true;
extraConfig = ''
client_max_body_size 512M;
'';
locations."/".proxyPass = "${localhost}:3000";
}
// std;
};
};
openssh = { openssh = {
enable = true; enable = true;
ports = [22]; ports = [22];
@ -153,8 +200,235 @@ in {
X11Forwarding = false; X11Forwarding = false;
}; };
}; };
};
vaultwarden = {
enable = true;
dbBackend = "sqlite";
# backupDir = "/var/backup/vaultwarden"; # disable with null
# https://mynixos.com/nixpkgs/option/services.vaultwarden.config
config = {
# internal address and port to listen on
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;
# hostname to listen for
DOMAIN = "https://vault.imbored.dev";
# signup policy
SIGNUPS_ALLOWED = false;
SIGNUPS_VERIFY = true;
INVITATIONS_ALLOWED = true;
};
# https://mynixos.com/nixpkgs/option/services.vaultwarden.environmentFile
environmentFile = "/var/lib/vaultwarden/vaultwarden.env";
};
# stalwart-mail = let
# domain = "imbored.dev";
# in {
# enable = false; # true;
# # openFirewall = true; # im doing this manually rn
# settings = {
# certificate."${domain}" = {
# cert = "file://${certs.${domain}.cert}";
# private-key = "file://${certs.${domain}.key}";
# };
# server = {
# hostname = domain;
# tls = {
# certificate = "${domain}";
# enable = true;
# implicit = false;
# };
# listener = {
# "smtp-submission" = {
# bind = ["127.0.0.1:587"];
# protocol = "smtp";
# };
# "imap" = {
# bind = ["127.0.0.1:143"];
# protocol = "imap";
# };
# };
# };
# session = {
# rcpt.directory = "in-memory";
# auth = {
# mechanisms = ["PLAIN"];
# directory = "in-memory";
# };
# };
# jmap.directory = "in-memory";
# queue.outbound.next-hop = ["local"];
# directory."in-memory" = {
# type = "memory";
# users = [
# {
# name = "me";
# secret = "foobar";
# email = ["me@${domain}"];
# }
# {
# name = "Emile";
# secret = "foobar";
# email = ["emile@${domain}"];
# }
# ];
# };
# };
# };
# more options here: https://mynixos.com/nixpkgs/options/services.forgejo
# TODO: set a favicon https://forgejo.org/docs/next/contributor/customization/#changing-the-logo
# (might need me to override settings in the nixpkg)
# TODO: create a custom theme for forgejo (modify the source files most likely)
forgejo = {
enable = true;
# enable support for Git Large File Storage
lfs.enable = true;
database = {
type = "sqlite3"; # postgres
host = "127.0.0.1";
port = "3306"; # 5432 if postgres
};
# settings are written directly to the `app.ini` config file
# refer to: https://forgejo.org/docs/latest/admin/config-cheat-sheet/
settings = {
server = {
# ENABLE_ACME = true;
# ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev"
DOMAIN = "forge.imbored.dev"; # should this be "imbored.dev"?
ROOT_URL = "https://forge.imbored.dev"; # full public URL of the Forgejo server
# address and port to listen on
HTTP_ADDR = "127.0.0.1";
HTTP_PORT = 3000;
PROTOCOL = "http"; # http internally, reverse proxy uses https externally
START_SSH_SERVER = true;
DISABLE_SSH = false;
SSH_PORT = 2222;
};
DEFAULT = {
APP_NAME = "tearforge";
APP_SLOGIN = "but cozy";
APP_DISPLAY_NAME_FORMAT = "{APP_NAME} ::{APP_SLOGAN}::";
};
repository = {
DEFAULT_PRIVATE = "private"; # last, private, public
# repo/org created on push to non-existent
ENABLE_PUSH_CREATE_USER = true;
ENABLE_PUSH_CREATE_ORG = false;
DEFAULT_PUSH_CREATE_PRIVATE = true;
MAX_CREATION_LIMIT = -1;
};
"repository.upload" = {
# max per-file size in MB
FILE_MAX_SIZE = 50;
# max number of files per upload
MAX_FILES = 5;
};
badges = let
# flat, flat-square, plastic, for-the-badge, social
style = "for-the-badge";
in {
ENABLED = true;
GENERATOR_URL_TEMPLATE = "https://img.shields.io/badge/{{.label}}-{{.text}}-{{.color}}?style=${style}";
};
ui = {
DEFAULT_THEME = "forgejo-dark";
THEMES = "forgejo-auto,forgejo-light,forgejo-dark";
};
"ui.meta" = {
AUTHOR = "Emile Clark-Boman - emileclarkb";
DESCRIPTION = "This is my personal self-hosted git forge, where I keep and maintain personal projects! PS do butterflies cry when they're sad?";
KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies";
};
markdown = {
ENABLE_HARD_LINE_BREAK_IN_COMMENTS = true;
ENABLE_MATH = true;
};
admin = {
DEFAULT_EMAIL_NOTIFICATIONS = "enabled";
SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true;
};
security = {
# Controls access to the installation page.
# When set to “true”, the installation page is not accessible.
#INSTALL_LOCK = false;
PASSWORD_HASH_ALGO = "argon2"; # ARGON2 BEST ALGO FR!! (default: argon2$2$65536$8$50)
MIN_PASSWORD_LENGTH = 12;
PASSWORD_COMPLEXITY = "lower,upper,digit,spec";
PASSWORD_CHECK_PWN = true;
};
service = {
DISABLE_REGISTRATION = true; # toggle for new users
#DEFAULT_USER_IS_RESTRICTED = true;
# Forbid login with third-party services (ie github)
ALLOW_ONLY_INTERNAL_REGISTRATION = true;
ENABLE_CAPTCHA = true;
REQUIRE_CAPTCHA_FOR_LOGIN = true;
REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA = true;
LOGIN_REMEMBER_DAYS = 365;
ENABLE_NOTIFY_MAIL = true;
};
"service.explore" = {
REQUIRE_SIGNIN_VIEW = false;
DISABLE_USERS_PAGE = false;
DISABLE_ORGANIZATIONS_PAGE = false;
DISABLE_CODE_PAGE = false;
};
cache = {
ADAPTER = "twoqueue";
HOST = "{\"size\":100, \"recent_ratio\":0.25, \"ghost_ratio\":0.5}";
ITEM_TTL = "16h";
};
# TODO: fill this in once my mail server is configured
# email.incoming = { ... };
# optional
# TODO: fill this in once my mail server is configured
mailer = {
ENABLED = false;
SMTP_ADDR = "mail.imbored.dev";
FROM = "noreply@imbored.dev";
USER = "noreply@imbored.dev";
};
log = {
MODE = "file";
LEVEL = "Info"; # "Trace", "Debug", "Info", "Warn", "Error", "Critical"
ENABLE_SSH_LOG = true;
};
cron = {
ENABLED = true;
RUN_AT_START = false;
};
other = {
SHOW_FOOTER_VERSION = true;
SHOW_FOOTER_TEMPLATE_LOAD_TIME = true;
SHOW_FOOTER_POWERED_BY = true;
ENABLE_SITEMAP = true;
ENABLE_FEED = true;
};
};
};
};
security = { security = {
# accept Lets Encrypt's security policy (for nginx) # accept Lets Encrypt's security policy (for nginx)
acme = { acme = {
@ -176,11 +450,26 @@ in {
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
eza
git git
vim vim
helix helix
]; ];
programs = {
fish.enable = true;
bash = {
completion.enable = true;
interactiveShellInit = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
};
system.stateVersion = "24.11"; # DO NOT MODIFY system.stateVersion = "24.11"; # DO NOT MODIFY
} }

1
hosts/hyrule/services/mailserver.nix → hosts/hyrule/mailserver.nix
View file

@ -28,7 +28,6 @@
aliases = ["emile@imbored.dev"]; aliases = ["emile@imbored.dev"];
hashedPasswordFile = let hashedPasswordFile = let
CWD = builtins.getEnv "PWD"; CWD = builtins.getEnv "PWD";
# XXX: TODO: use a secrets manager!
in "${CWD}/secrets/passwd/me"; in "${CWD}/secrets/passwd/me";
}; };
}; };

0
hosts/hyrule/services/minecraft-server.nix → hosts/hyrule/minecraft-server.nix
View file

150
hosts/hyrule/services/forgejo.nix
View file

@ -1,150 +0,0 @@
{...}: {
# more options here: https://mynixos.com/nixpkgs/options/services.forgejo
# TODO: set a favicon https://forgejo.org/docs/next/contributor/customization/#changing-the-logo
# (might need me to override settings in the nixpkg)
# TODO: create a custom theme for forgejo (modify the source files most likely)
services.forgejo = {
enable = true;
# enable support for Git Large File Storage
lfs.enable = true;
database = {
type = "sqlite3"; # postgres
host = "127.0.0.1";
port = "3306"; # 5432 if postgres
};
# settings are written directly to the `app.ini` config file
# refer to: https://forgejo.org/docs/latest/admin/config-cheat-sheet/
settings = {
server = {
# ENABLE_ACME = true;
# ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev"
DOMAIN = "forge.imbored.dev"; # should this be "imbored.dev"?
ROOT_URL = "https://forge.imbored.dev"; # full public URL of the Forgejo server
# address and port to listen on
HTTP_ADDR = "127.0.0.1";
HTTP_PORT = 3000;
PROTOCOL = "http"; # http internally, reverse proxy uses https externally
START_SSH_SERVER = true;
DISABLE_SSH = false;
SSH_PORT = 2222;
};
DEFAULT = {
APP_NAME = "tearforge";
APP_SLOGIN = "but cozy";
APP_DISPLAY_NAME_FORMAT = "{APP_NAME} ::{APP_SLOGAN}::";
};
repository = {
DEFAULT_PRIVATE = "private"; # last, private, public
# repo/org created on push to non-existent
ENABLE_PUSH_CREATE_USER = true;
ENABLE_PUSH_CREATE_ORG = false;
DEFAULT_PUSH_CREATE_PRIVATE = true;
MAX_CREATION_LIMIT = -1;
};
"repository.upload" = {
# max per-file size in MB
FILE_MAX_SIZE = 50;
# max number of files per upload
MAX_FILES = 5;
};
badges = let
# flat, flat-square, plastic, for-the-badge, social
style = "for-the-badge";
in {
ENABLED = true;
GENERATOR_URL_TEMPLATE = "https://img.shields.io/badge/{{.label}}-{{.text}}-{{.color}}?style=${style}";
};
ui = {
DEFAULT_THEME = "forgejo-dark";
THEMES = "forgejo-auto,forgejo-light,forgejo-dark";
};
"ui.meta" = {
AUTHOR = "Emile Clark-Boman - emileclarkb";
DESCRIPTION = "This is my personal self-hosted git forge, where I keep and maintain personal projects! PS do butterflies cry when they're sad?";
KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies";
};
markdown = {
ENABLE_HARD_LINE_BREAK_IN_COMMENTS = true;
ENABLE_MATH = true;
};
admin = {
DEFAULT_EMAIL_NOTIFICATIONS = "enabled";
SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true;
};
security = {
# Controls access to the installation page.
# When set to “true”, the installation page is not accessible.
#INSTALL_LOCK = false;
PASSWORD_HASH_ALGO = "argon2"; # ARGON2 BEST ALGO FR!! (default: argon2$2$65536$8$50)
MIN_PASSWORD_LENGTH = 12;
PASSWORD_COMPLEXITY = "lower,upper,digit,spec";
PASSWORD_CHECK_PWN = true;
};
service = {
DISABLE_REGISTRATION = true; # toggle for new users
#DEFAULT_USER_IS_RESTRICTED = true;
# Forbid login with third-party services (ie github)
ALLOW_ONLY_INTERNAL_REGISTRATION = true;
ENABLE_CAPTCHA = true;
REQUIRE_CAPTCHA_FOR_LOGIN = true;
REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA = true;
LOGIN_REMEMBER_DAYS = 365;
ENABLE_NOTIFY_MAIL = true;
};
"service.explore" = {
REQUIRE_SIGNIN_VIEW = false;
DISABLE_USERS_PAGE = false;
DISABLE_ORGANIZATIONS_PAGE = false;
DISABLE_CODE_PAGE = false;
};
cache = {
ADAPTER = "twoqueue";
HOST = "{\"size\":100, \"recent_ratio\":0.25, \"ghost_ratio\":0.5}";
ITEM_TTL = "16h";
};
# TODO: fill this in once my mail server is configured
# email.incoming = { ... };
# optional
# TODO: fill this in once my mail server is configured
mailer = {
ENABLED = false;
SMTP_ADDR = "mail.dobutterfliescry.net";
FROM = "iforgor@dobutterfliescry.net";
USER = "iforgor@dobutterfliescry.net";
};
log = {
MODE = "file";
LEVEL = "Info"; # "Trace", "Debug", "Info", "Warn", "Error", "Critical"
ENABLE_SSH_LOG = true;
};
cron = {
ENABLED = true;
RUN_AT_START = false;
};
other = {
SHOW_FOOTER_VERSION = true;
SHOW_FOOTER_TEMPLATE_LOAD_TIME = true;
SHOW_FOOTER_POWERED_BY = true;
ENABLE_SITEMAP = true;
ENABLE_FEED = true;
};
};
};
}

82
hosts/hyrule/services/nginx.nix
View file

@ -1,82 +0,0 @@
{
inputs,
pkgs,
...
}: {
nixpkgs.overlays = [
(self: super: {
# in wake of CVE-2022-3602/CVE-2022-3786
nginxStable = super.nginxStable.override {openssl = pkgs.libressl;};
})
inputs.dobutterfliescry-net.overlays.default
];
# simple nginx instance to host static construction page
# TODO: I want sshd and forgejo's ssh server to both be bound to port 22
# So change sshd to listen on a different address/port (ie 2222 or 127.0.0.3:22, etc)
# and change forgejo to use 127.0.0.2:22 (use port 22, ONLY change loopback address)
services.nginx = {
enable = true;
# XXX: TODO: this should auto use the nginxStable overlay no?
# in wake of CVE-2022-3602/CVE-2022-3786
# package = pkgs.nginxStable.override {openssl = pkgs.libressl;};
recommendedGzipSettings = true;
recommendedZstdSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
# streamConfig = ''
# server {
# listen 127.0.0.1:53 udp reuseport;
# proxy_timeout 20s;
# proxy_pass 192.168.0.1:53535;
# }
# '';
virtualHosts = let
localhost = "http://127.0.0.1";
std = {
# TODO: should I run over QUIC+HTTP3? (experimental)
# quic = true;
# http3 = true;
enableACME = true;
# kTLS = true; # offload TLS to the linux kernel
};
vault =
{
forceSSL = true;
locations."/".proxyPass = "${localhost}:8222";
}
// std;
forge =
{
forceSSL = true;
extraConfig = ''
client_max_body_size 512M;
'';
locations."/".proxyPass = "${localhost}:3000";
}
// std;
in {
"dobutterfliescry.net" =
{
default = true;
addSSL = true; # not strictly enforced <3
# root = "/var/www/cry";
root = "${pkgs.dobutterfliescry-net}/www";
# extraConfig = ''
# error_page 404 /custom_404.html;
# '';
}
// std;
# Route "vault" subdomain to vaultwarden
"vault.imbored.dev" = vault;
# Route "forge" subdomain to forgejo
# TODO: use `forgejo.settings.server.ENABLE_ACME` instead?
"forge.dobutterfliescry.net" = forge;
};
};
}

25
hosts/hyrule/services/vaultwarden.nix
View file

@ -1,25 +0,0 @@
{...}: {
services.vaultwarden = {
enable = true;
dbBackend = "sqlite";
# backupDir = "/var/backup/vaultwarden"; # disable with null
# https://mynixos.com/nixpkgs/option/services.vaultwarden.config
config = {
# internal address and port to listen on
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;
# hostname to listen for
DOMAIN = "https://vault.imbored.dev";
# signup policy
SIGNUPS_ALLOWED = false;
SIGNUPS_VERIFY = true;
INVITATIONS_ALLOWED = true;
};
# https://mynixos.com/nixpkgs/option/services.vaultwarden.environmentFile
environmentFile = "/var/lib/vaultwarden/vaultwarden.env";
};
}

165
hosts/lolcathost/default.nix
View file

@ -8,15 +8,13 @@
}: let }: let
home-manager = builtins.fetchTarball { home-manager = builtins.fetchTarball {
url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz";
sha256 = "07pk5m6mxi666dclaxdwf7xrinifv01vvgxn49bjr8rsbh31syaq"; sha256 = "1y919cqrlmq0k44rgnacaq4zq37jj4rdh6f2swp6y2jiz28xb0iq";
}; };
in { in {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
(import "${home-manager}/nixos") (import "${home-manager}/nixos")
../modules/bashistrans.nix
../modules/wm/hyprland.nix ../modules/wm/hyprland.nix
# ../modules/wm/river.nix # ../modules/wm/river.nix
../modules/wm/crywl.nix ../modules/wm/crywl.nix
@ -25,42 +23,24 @@ in {
../modules/obsidian.nix ../modules/obsidian.nix
../modules/angryoxide.nix ../modules/angryoxide.nix
# ../modules/flipperzero.nix ../modules/flipperzero.nix
# ../modules/chameleonultragui.nix ../modules/chameleonultragui.nix
]; ];
nix.settings.experimental-features = [ nix.settings.experimental-features = [
"nix-command" "nix-command"
"flakes" "flakes"
"pipe-operators"
]; ];
nixpkgs.config.allowUnfreePredicate = let nixpkgs.config.allowUnfreePredicate = let
vscext = pkgs.vscode-extensions; whitelist = map lib.getName [
whitelist = with pkgs; pkgs.obsidian
map lib.getName [ pkgs.gitkraken
discord pkgs.steam
steam pkgs.steamcmd
steamcmd pkgs.steam-unwrapped
steam-unwrapped pkgs.dwarf-fortress
];
winbox
obsidian
gitkraken
vscode
vscext.ms-dotnettools.csharp
vscext.ms-dotnettools.csdevkit
vscext.github.copilot
vscext.github.copilot-chat
# XXX: DEBUG
# rider-override
# XXX: DEBUG
# jetbrains.rider
];
in in
pkg: builtins.elem (lib.getName pkg) whitelist; pkg: builtins.elem (lib.getName pkg) whitelist;
@ -120,30 +100,10 @@ in {
networkmanager.enable = true; networkmanager.enable = true;
firewall.enable = false; firewall.enable = false;
# Use CloudFlare's WARP+ 1.1.1.1 DNS service
nameservers = [
"1.1.1.1#one.one.one.one"
"1.0.0.1#one.one.one.one"
];
}; };
# ----- SERVICES ----- # ----- SERVICES -----
services = { services = {
# systemd-resolved provides network name resolution
# to local processes via a D-Bus interface.
resolved = {
enable = true;
dnssec = "true";
domains = ["~."];
# Use CloudFlare's WARP+ 1.1.1.1 DNS service
fallbackDns = [
"1.1.1.1#one.one.one.one"
"1.0.0.1#one.one.one.one"
];
dnsovertls = "true";
};
# Set display manager (login screen) # Set display manager (login screen)
displayManager = { displayManager = {
# sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects # sddm relies on pkgs.libsForQt5.qt5.qtgraphicaleffects
@ -161,17 +121,16 @@ in {
); );
}; };
# dbus = { dbus = {
# # NOTE: programs.uwsm.enable sets implementation to dbus-broker, # NOTE: programs.uwsm.enable sets implementation to dbus-broker,
# # NOTE: however this seems to break dbus # NOTE: however this seems to break dbus
# implementation = lib.mkForce "dbus"; implementation = lib.mkForce "dbus";
# }; };
# Multimedia Framework # Multimedia Framework
# With backwards compatability for alsa/pulseaudio/jack # With backwards compatability for alsa/pulseaudio/jack
pipewire = { pipewire = {
enable = true; enable = true;
audio.enable = true;
wireplumber.enable = true; wireplumber.enable = true;
alsa.enable = true; alsa.enable = true;
@ -233,21 +192,18 @@ in {
home-manager = { home-manager = {
users.me = import ../../homes/me; users.me = import ../../homes/me;
extraSpecialArgs = {inherit inputs pkgs pkgs-unstable;}; extraSpecialArgs = {inherit inputs pkgs pkgs-unstable;};
sharedModules = []; sharedModules = [
inputs.ags.homeManagerModules.default
];
}; };
# ---- ENVIRONMENT VARIABLES ---- # ---- ENVIRONMENT VARIABLES ----
environment = { environment.sessionVariables = {
# always install "dev" derivation outputs # folder names with capitalisation look awful!
extraOutputsToInstall = ["dev" "man"]; XDG_DOWNLOAD_DIR = "$HOME/downloads";
sessionVariables = { # Hint Electrons apps to use Wayland
# folder names with capitalisation look awful! NIXOS_OZONE_WL = "1";
XDG_DOWNLOAD_DIR = "$HOME/downloads";
# Hint Electrons apps to use Wayland
NIXOS_OZONE_WL = "1";
};
}; };
# ---- SYSTEM PACKAGES ----- # ---- SYSTEM PACKAGES -----
@ -261,12 +217,8 @@ in {
ani-cli ani-cli
bluetui bluetui
wl-clipboard # clipboard for wayland wl-clipboard # clipboard for wayland
hyprpicker # color picker
hyprshot # screenshot utility
wl-screenrec # screen recording utility
qbittorrent # torrenting qbittorrent # torrenting
signal-desktop signal-desktop
video-trimmer
(callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners
# dependencies for my sddm theme: # dependencies for my sddm theme:
@ -275,50 +227,25 @@ in {
# Shell # Shell
bash bash
fish fish
elvish # reference for crysh development
shellcheck shellcheck
grc # colorise command outputs grc # colorise command outputs
moreutils
# Systems Emulation # Systems Emulation
qemu # Fellice Bellard's Quick Emulator qemu # Fellice Bellard's Quick Emulator
# Binaries # GNU Utils
gnumake
binutils binutils
strace
ltrace
perf-tools # ftrace + perf
radare2
gdb
hexyl
# ASM
nasm
(callPackage ../packages/x86-manpages {})
# C Family # C Family
gcc gcc
clang clang
clang-tools clang-tools
gnumake
cmake
# Rust # Rust
cargo cargo
rustc rustc
rustfmt
# Go
go
# Nim # Nim
nim nim
nimble # Go
# Haskell go
ghc
ghcid
ormolu
# Nix
nix-prefetch-git
nix-index
nix-unit
deploy-rs
# Python # Python
python312 # I use 3.12 since it's in a pretty stable state now python312 # I use 3.12 since it's in a pretty stable state now
@ -327,11 +254,6 @@ in {
# Sage # Sage
sageWithDoc # SageMath + HTML Documentation sageWithDoc # SageMath + HTML Documentation
# .NET
dotnetCorePackages.dotnet_9.sdk
dotnetCorePackages.dotnet_9.aspnetcore
dotnetCorePackages.dotnet_9.runtime
openvpn openvpn
inetutils inetutils
@ -348,18 +270,23 @@ in {
zoxide zoxide
doggo doggo
tldr tldr
btop # btop
eza eza
yazi yazi
lazygit lazygit
ripgrep ripgrep
viddy # modern `watch` command viddy # modern `watch` command
thefuck thefuck
timg # terminal image (sixel) viewer
# TODO: once upgraded past Nix-24.07 this line won't be necessary (I think)
# helix will support nixd by default
# SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix
nixd # lsp for nix
# Pretty necessary # Pretty necessary
git git
git-filter-repo git-filter-repo
nix-prefetch-git
brightnessctl brightnessctl
acpi acpi
# upower # upower
@ -371,10 +298,8 @@ in {
file file
wget wget
tree tree
pstree
unzip unzip
unrar-free unrar-free
lz4
man-pages man-pages
man-pages-posix man-pages-posix
@ -384,9 +309,9 @@ in {
libargon2 libargon2
# Games # Games
mindustry
dwarf-fortress
prismlauncher # minecraft prismlauncher # minecraft
pkgs-unstable.olympus # celeste
discord
]; ];
programs = { programs = {
@ -401,6 +326,22 @@ in {
nix-ld.enable = true; nix-ld.enable = true;
# I want to use fish as my login shell but it always goes terrible
# cause it isn't POSIX compliant, so instead Bash is my login and
# will just exec fish (^-^)
bash = {
blesh.enable = false; # ble.sh replacement for GNU readline
completion.enable = true;
interactiveShellInit = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
# Thunar also uses: `services.tumbler` & `services.gvfs` # Thunar also uses: `services.tumbler` & `services.gvfs`
thunar = { thunar = {
enable = true; enable = true;

25
hosts/modules/apps/rider.nix
View file

@ -1,25 +0,0 @@
{
pkgs,
pkgs-unstable,
dotnetVersions ? [8 9 10],
...
}: {
imports = [
../langs/dotnet.nix
];
environment.systemPackages = with pkgs; [
# Ensure latest stable Rider version (not necessarily stable on NixOS)
pkgs-unstable.jetbrains.rider
# NOTE: Blazor requires a Chromium-based browser
chromium
];
programs.nix-ld = {
enable = true;
libraries = with pkgs; [
icu
];
};
}

6
hosts/modules/apps/winbox.nix
View file

@ -1,6 +0,0 @@
{...}: {
programs.winbox = {
enable = true;
openFirewall = false; # port: 5678
};
}

27
hosts/modules/bashistrans.nix
View file

@ -1,27 +0,0 @@
{pkgs, ...}: {
# I want to use fish as my login shell but it always goes terrible
# cause it isn't POSIX compliant, so instead Bash is my login and
# will just exec fish (^-^)
programs = {
fish.enable = true;
bash = {
blesh.enable = false; # ble.sh replacement for GNU readline
completion.enable = true;
interactiveShellInit = ''
# help bash transition into a beautiful fish!
if [[ -z $CRY_BASH_IS_TRANS ]]
then
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
fi
# bash is trans now! (no more transitioning required)
export CRY_BASH_IS_TRANS=true
'';
};
};
}

61
hosts/modules/langs/dotnet.nix
View file

@ -1,61 +0,0 @@
{
lib,
pkgs,
pkgs-unstable,
...
}: let
dotnetVersions = [8 9 10];
dotnetCombined =
pkgs.dotnetCorePackages.combinePackages
(builtins.concatMap
(v: let
# dotnet = pkgs.dotnetCorePackages."dotnet_${builtins.toString x}";
in [
# dotnet.sdk
# the runtime+aspnetcore packaged with the sdk
pkgs.dotnetCorePackages."sdk_${builtins.toString v}_0"
])
dotnetVersions);
# Custom packaged tools
dotnetTools = with lib; {
uno-check = with pkgs.dotnetCorePackages;
buildDotnetGlobalTool {
pname = "Uno.Check";
version = "1.32.17";
nugetHash = "sha256-BfTVF5uHu9/nyLXqdDEOHCxq6BVQWhsnDBbARzdLDAE=";
executables = "uno-check";
dotnet-sdk = dotnet_9.sdk;
dotnet-runtime = dotnet_9.runtime;
meta = {
homepage = "https://github.com/unoplatform/uno.check";
license = licenses.mit;
maintainers = [maintainers.emileclarkb];
};
};
};
in {
environment.systemPackages = with pkgs; [
# .NET
dotnetCombined
# .NET Tools
dotnetTools.uno-check
# Mono
mono
# NOTE: nixpkgs-unstable uses .NET8 SDK
# WARNING: nixpkgs-25.05 uses .NET6 SDK (now marked insecure)
pkgs-unstable.msbuild
# .NET Framework Tools/Services
omnisharp-roslyn
netcoredbg
];
}

39
hosts/modules/steam.nix
View file

@ -3,38 +3,22 @@
lib, lib,
... ...
}: { }: {
# nixpkgs.config.allowUnfreePredicate = pkg: nixpkgs.config.allowUnfreePredicate = pkg:
# builtins.elem (lib.getName pkg) [ builtins.elem (lib.getName pkg) [
# "steam" "steam"
# "steam-original" "steam-original"
# "steam-unwrapped" "steam-unwrapped"
# "steam-run" "steam-run"
# ]; ];
nixpkgs.overlays = [
(self: super: {
lutris = super.lutris.overrideAttrs (final: prev: {
# WARNING: pkgs.mbedtls_2 is marked insecure!
# Replace pkgs.mbedtls_2 (v2.28.10) with pkgs.mbedtls (v3.6.4)
targetPkgs = pkgs: (
(builtins.filter (p: p != pkgs.mbedtls_2) (prev.targetPkgs pkgs))
++ [pkgs.mbedtls]
);
});
})
];
programs = { programs = {
steam = { steam = {
enable = true; enable = true;
gamescopeSession.enable = false; # .desktop entry for gamescope gamescopeSession.enable = true;
remotePlay.openFirewall = true; remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true; dedicatedServer.openFirewall = true;
localNetworkGameTransfers.openFirewall = true; localNetworkGameTransfers.openFirewall = true;
extraCompatPackages = with pkgs; [
proton-ge-bin
];
}; };
gamemode.enable = true; gamemode.enable = true;
@ -45,12 +29,7 @@
mangohud mangohud
protonup-qt protonup-qt
lutris
# XXX: DEBUG: disable lutris
# XXX: NOTE: pkgs.lutris depends on pkgs.mbedtls_2 which is marked insecure!
# XXX: NOTE: Use the provided overlay to patch pkgs.mbedtls_2 -> pkgs.mbedtls
# lutris
bottles bottles
heroic heroic
]; ];

5
hosts/modules/wm/crywl.nix
View file

@ -37,8 +37,8 @@ in {
]; ];
nixpkgs.overlays = [ nixpkgs.overlays = [
(final: prev: { (self: super: {
crywl = prev.dwl.overrideAttrs (oldAttrs: rec { crywl = super.dwl.overrideAttrs (oldAttrs: rec {
pname = "crywl"; pname = "crywl";
version = "0.1-unstable"; version = "0.1-unstable";
@ -101,7 +101,6 @@ in {
command = "crywl -v 2>&1; return 0"; command = "crywl -v 2>&1; return 0";
}; };
}; };
meta = { meta = {
homepage = "https://forge.imbored.dev/emileclarkb/crywl"; homepage = "https://forge.imbored.dev/emileclarkb/crywl";
description = "Personal fork of DWL"; description = "Personal fork of DWL";

6
hosts/modules/wm/hyprland.nix
View file

@ -1,8 +1,4 @@
{pkgs, ...}: { {...}: {
environment.defaultPackages = with pkgs; [
hyprsunset
];
programs = { programs = {
hyprland = { hyprland = {
enable = true; enable = true;

167
hosts/myputer/default.nix
View file

@ -1,76 +1,42 @@
{ {
lib, lib,
pkgs, pkgs,
pkgs-unstable,
inputs, inputs,
config, config,
... ...
}: let }: let
home-manager = builtins.fetchTarball { home-manager = builtins.fetchTarball {
url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz";
sha256 = "0q3lv288xlzxczh6lc5lcw0zj9qskvjw3pzsrgvdh8rl8ibyq75s"; sha256 = "026rvynmzmpigax9f8gy9z67lsl6dhzv2p6s8wz4w06v3gjvspm1";
}; };
in { in {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
(import "${home-manager}/nixos") (import "${home-manager}/nixos")
../modules/bashistrans.nix
../modules/wm/hyprland.nix ../modules/wm/hyprland.nix
../modules/steam.nix ../modules/steam.nix
../modules/obsidian.nix ../modules/obsidian.nix
../modules/apps/rider.nix
../modules/apps/winbox.nix
#../modules/flipperzero.nix ../modules/flipperzero.nix
#../modules/chameleonultragui.nix ../modules/chameleonultragui.nix
]; ];
nix.settings = { nix.settings.experimental-features = [
experimental-features = [ "nix-command"
"flakes" "flakes"
"nix-command" ];
"pipe-operators"
];
download-buffer-size = 524288000; # 500 MiB
};
# nixpkgs.overlays = [
# (self: super: {
# jdk17 = super.jdk17.override (prev: {
# enableJavaFX = true;
# });
# })
# ];
nixpkgs.config.allowUnfreePredicate = let nixpkgs.config.allowUnfreePredicate = let
vscext = pkgs.vscode-extensions; whitelist = map lib.getName [
whitelist = with pkgs; pkgs.obsidian
map lib.getName [ pkgs.gitkraken
discord pkgs.steam
steam pkgs.steamcmd
steamcmd pkgs.steam-unwrapped
steam-unwrapped pkgs.dwarf-fortress
];
winbox
obsidian
gitkraken
vscode
vscext.ms-dotnettools.csharp
vscext.ms-dotnettools.csdevkit
vscext.github.copilot
vscext.github.copilot-chat
# XXX: DEBUG
# rider-override
# XXX: DEBUG
# jetbrains.rider
];
in in
pkg: builtins.elem (lib.getName pkg) whitelist; pkg: builtins.elem (lib.getName pkg) whitelist;
@ -130,16 +96,7 @@ in {
hostName = "myputer"; hostName = "myputer";
networkmanager.enable = true; networkmanager.enable = true;
firewall = { firewall.enable = true;
enable = true;
allowedTCPPorts = [
22 # SSH
80 # HTTP
443 # HTTPS
5678 # MikroTik WinBox
25565 # Minecraft LAN
];
};
}; };
# ----- SERVICES ----- # ----- SERVICES -----
@ -226,22 +183,18 @@ in {
home-manager = { home-manager = {
users.me = import ../../homes/me; users.me = import ../../homes/me;
extraSpecialArgs = {inherit inputs pkgs pkgs-unstable;}; sharedModules = [
sharedModules = []; inputs.ags.homeManagerModules.default
];
}; };
# ---- ENVIRONMENT VARIABLES ---- # ---- ENVIRONMENT VARIABLES ----
environment = { environment.sessionVariables = {
# always install "dev" derivation outputs # folder names with capitalisation look awful!
extraOutputsToInstall = ["dev" "man"]; XDG_DOWNLOAD_DIR = "$HOME/downloads";
sessionVariables = { # Hint Electrons apps to use Wayland
# folder names with capitalisation look awful! NIXOS_OZONE_WL = "1";
XDG_DOWNLOAD_DIR = "$HOME/downloads";
# Hint Electrons apps to use Wayland
NIXOS_OZONE_WL = "1";
};
}; };
# ---- SYSTEM PACKAGES ----- # ---- SYSTEM PACKAGES -----
@ -254,17 +207,9 @@ in {
ani-cli ani-cli
bluetui bluetui
wl-clipboard # clipboard for wayland wl-clipboard # clipboard for wayland
hyprpicker # color picker hyprpicker
hyprshot # screenshot utility
qbittorrent qbittorrent
signal-desktop signal-desktop
kdePackages.gwenview # image viewer
libreoffice
# TEST: WARNING
# ospd-openvas
# openvas-scanner
# openvas-smb
(callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners
# dependencies for my sddm theme: # dependencies for my sddm theme:
@ -275,42 +220,23 @@ in {
fish fish
shellcheck shellcheck
grc # colorise command outputs grc # colorise command outputs
moreutils
# Systems Programming & Compilation # Systems Emulation
qemu # Fellice Bellard's Quick Emulator qemu # Fellice Bellard's Quick Emulator
# GNU Utils # GNU Utils
gnumake gnumake
# Binaries
binutils binutils
strace
ltrace
perf-tools # ftrace + perf
radare2
gdb
# ASM
nasm
(callPackage ../packages/x86-manpages {})
# C Family # C Family
gcc gcc
clang clang
clang-tools clang-tools
# Rust # Rust
cargo cargo
rustc rustc
# Go
go
# Nim # Nim
nim nim
nimble # Go
# Haskell go
ghc
ghcid
ormolu
# Java
visualvm
# Python # Python
python312 # I use 3.12 since it's in a pretty stable state now python312 # I use 3.12 since it's in a pretty stable state now
@ -343,10 +269,13 @@ in {
viddy # modern `watch` command viddy # modern `watch` command
thefuck thefuck
deploy-rs
tesseract # for my work with Agribit tesseract # for my work with Agribit
# TODO: once upgraded past Nix-24.07 this line won't be necessary (I think)
# helix will support nixd by default
# SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix
# nixd # lsp for nix # DEBUG
# Pretty necessary # Pretty necessary
git git
git-filter-repo git-filter-repo
@ -361,10 +290,8 @@ in {
file file
wget wget
tree tree
pstree
unzip unzip
unrar-free unrar-free
lz4
man-pages man-pages
man-pages-posix man-pages-posix
@ -375,7 +302,6 @@ in {
# Games # Games
prismlauncher # minecraft prismlauncher # minecraft
pkgs-unstable.olympus
]; ];
# DEBUG: configuring xdg portal here instead? # DEBUG: configuring xdg portal here instead?
@ -414,6 +340,21 @@ in {
}; };
}; };
# I want to use fish as my login shell but it always goes terrible
# cause it isn't POSIX compliant, so instead Bash is my login and
# will just exec fish (^-^)
bash = {
completion.enable = true;
interactiveShellInit = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
# Thunar also (optionally) requires: `services.tumbler` & `services.gvfs` # Thunar also (optionally) requires: `services.tumbler` & `services.gvfs`
thunar = { thunar = {
enable = true; enable = true;
@ -426,18 +367,6 @@ in {
# mozilla's email client # mozilla's email client
thunderbird.enable = true; thunderbird.enable = true;
java = let
# XXX: WARNING: TEST :WARNING: XXX
# Test for CrazyCraft VoidLauncher
myjdk = pkgs.jdk17.override {
enableJavaFX = true;
# openjfx_jdk = pkgs.openjfx17.override {withWebKit = true;};
};
in {
enable = true;
package = myjdk;
};
}; };
# ----- FONTS ----- # ----- FONTS -----

35
hosts/packages/huggingface_hub/flake.nix
View file

@ -1,35 +0,0 @@
# Template: https://nixos-and-flakes.thiscute.world/development/intro
{
description = "Humanity's Last Exam - Devshell";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
};
outputs = {nixpkgs, ...}: let
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
};
python = pkgs.python312.override {
self = python;
packageOverrides = pyfinal: pyprev: {
huggingface-hub = pyfinal.callPackage ./huggingface_hub.nix {};
hf-xet = pyfinal.callPackage ./hf-xet.nix {};
};
};
in {
devShells."${system}".default = pkgs.mkShell {
packages = [
(python.withPackages (pypkgs: [
pypkgs.huggingface-hub
]))
];
shell = "${pkgs.bash}/bin/bash";
shellHook = ''
alias hf=huggingface-cli
'';
};
};
}

56
hosts/packages/huggingface_hub/hf-xet.nix
View file

@ -1,56 +0,0 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
pkg-config,
rustPlatform,
openssl,
}:
buildPythonPackage rec {
pname = "hf-xet";
version = "1.1.5";
pyproject = true;
src = fetchFromGitHub {
owner = "huggingface";
repo = "xet-core";
tag = "v${version}";
hash = "sha256-udjZcXTH+Mc4Gvj6bSPv1xi4MyXrLeCYav+7CzKWyhY=";
};
sourceRoot = "${src.name}/hf_xet";
cargoDeps = rustPlatform.fetchCargoVendor {
inherit
pname
version
src
sourceRoot
;
hash = "sha256-PTzYubJHFvhq6T3314R4aqBAJlwehOqF7SbpLu4Jo6E=";
};
nativeBuildInputs = [
pkg-config
rustPlatform.cargoSetupHook
rustPlatform.maturinBuildHook
];
buildInputs = [
openssl
];
env.OPENSSL_NO_VENDOR = 1;
pythonImportsCheck = ["hf_xet"];
# No tests (yet?)
doCheck = false;
meta = {
description = "Xet client tech, used in huggingface_hub";
homepage = "https://github.com/huggingface/xet-core/tree/main/hf_xet";
changelog = "https://github.com/huggingface/xet-core/releases/tag/v${version}";
license = lib.licenses.asl20;
};
}

62
hosts/packages/huggingface_hub/huggingface_hub.nix
View file

@ -1,62 +0,0 @@
/*
* WARNING: Just use `pkgs.python312Packages.huggingface-hub` (or change python version)
* WARNING: I didn't realise it existed when I packaged this.
*
* Nix Resources:
* 1. https://wiki.nixos.org/wiki/Python
* 2. https://nixos.org/manual/nixpkgs/unstable/#developing-with-python
*
* Hugging Face Resources:
* 1. https://github.com/huggingface/huggingface_hub
* 2. https://huggingface.co/docs/huggingface_hub/main/en/guides/cli
*/
{
lib,
buildPythonPackage,
fetchPypi,
# build time dependencies
setuptools,
# runtime dependencies
filelock,
fsspec,
hf-xet,
pyyaml,
requests,
tqdm,
typing-extensions,
}:
buildPythonPackage rec {
pname = "huggingface_hub";
version = "0.34.3";
src = fetchPypi {
inherit pname version;
hash = "sha256-1YEw/VqnQISAaBR1SRwKvX6DVEIIL7w+9NRbbDn4OFM=";
};
pyproject = true;
doCheck = false; # skip unit testing
pythonImportsCheck = ["huggingface_hub"];
# buildtime dependencies
build-system = [
setuptools
];
# runtime dependencies
dependencies = [
filelock
fsspec
hf-xet
pyyaml
requests
tqdm
typing-extensions
];
meta = rec {
description = "The official Python client for the Huggingface Hub.";
homepage = "https://github.com/huggingface/huggingface_hub";
changelog = "${homepage}/releases/tag/v${version}";
license = lib.licenses.asl20; # Apache License 2.0
};
}

32
hosts/packages/x86-manpages/default.nix
View file

@ -1,32 +0,0 @@
{pkgs, ...}:
pkgs.stdenv.mkDerivation {
pname = "x86-manpages";
version = "0.0.1";
src = pkgs.fetchFromGitHub {
owner = "ttmo-O";
repo = "x86-manpages";
## Recommended
# rev = "0e199a8b4d90be7eb715291c21cf41de8527beac";
# sha256 = "0im596j0pf90npg933gkq6wpw23c47fcwv0n64qfqn5mcy92qbcb";
rev = "94902f9c45de0efe803c32b6c3e88d6623881866";
sha256 = "0k6nsfabzqwnhjiyw2kyg0z49nzrsxn515f6dcjh1rn7bzih5562";
};
installPhase = ''
mkdir -p $out/man/man7
shopt -u nullglob
for m in man7/*.7; do
install -m 644 "$m" "$out/man/man7"
done
'';
meta = with pkgs.lib; {
description = "Manpages for x86 instructions";
homepage = "https://github.com/ttmo-O/x86-manpages";
license = licenses.mit;
platforms = platforms.all;
};
}

44
scripts/box
View file

@ -1,44 +0,0 @@
#!/usr/bin/env bash
USAGE="Usage: box [--enter]"
# ===== Configuration ===== #
DATA_DIR="$HOME/.data/box"
# ========================= #
function setup {
mkdir -p "$DATA_DIR" &>/dev/null
}
function box {
mktemp -d
# TODO: use a custom name instead
}
set -euo pipefail
ENTER=false
for arg in $@; do
case "$arg" in
-e|--enter)
ENTER=true
shift
;;
-h|--help)
echo "$USAGE"
;;
-*)
echo "[!] Unknown opt \"$arg\"" >&2
;;
*)
echo "[!] Unknown arg \"$arg\"" >&2
;;
esac
done
setup
BOX=$(box)
if [[ "$ENTER" == true ]]; then
cd "$BOX"
fi

7
scripts/lsyscalls
View file

@ -1,7 +0,0 @@
#!/usr/bin/env bash
# USAGE: lsyscalls | sort [-nk2]
echo -e '#include <sys/syscall.h>'\
| cpp -dM \
| grep "#define __NR_.*[0-9]$" \
| cut -d_ -f 4-