moritz/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/nixos' into nixos-work

Browse source
This commit is contained in:
Moritz Böhme 2023-10-09 09:10:36 +02:00
commit 89991861ed
40 changed files with 1149 additions and 768 deletions
Download patch file Download diff file Expand all files Collapse all files

9
.nixd.json Normal file
View file

@ -0,0 +1,9 @@
{
"options": {
"enable": true,
"target": {
"args": [],
"installable": ".#nixosConfigurations.nixos-desktop.options"
}
}
}

498
flake.lock generated
View file

@ -25,11 +25,11 @@
]
},
"locked": {
"lastModified": 1690228878,
"narHash": "sha256-9Xe7JV0krp4RJC9W9W9WutZVlw6BlHTFMiUP/k48LQY=",
"lastModified": 1695384796,
"narHash": "sha256-TYlE4B0ktPtlJJF9IFxTWrEeq+XKG8Ny0gc2FGEAdj0=",
"owner": "ryantm",
"repo": "agenix",
"rev": "d8c973fd228949736dedf61b7f8cc1ece3236792",
"rev": "1f677b3e161d3bdbfd08a939e8f25de2568e0ef4",
"type": "github"
},
"original": {
@ -41,11 +41,11 @@
"arkenfox-userjs": {
"flake": false,
"locked": {
"lastModified": 1693196107,
"narHash": "sha256-t6qvPFJIF+De2KqMfCI5DEA40BwWeu4AFRWOzKeEVE0=",
"lastModified": 1695299795,
"narHash": "sha256-rl6WSgyXTbSLXL3ItpbfToSPAS4+rftojSzFWxNuHU4=",
"owner": "arkenfox",
"repo": "user.js",
"rev": "ba173d49205ee927ed62e81e606569d98f531d38",
"rev": "56f51203bf4fea8aa778b792269205d275a62665",
"type": "github"
},
"original": {
@ -71,6 +71,29 @@
"type": "github"
}
},
"codeium-nvim": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1695327957,
"narHash": "sha256-UsofTHPG8K7UqO0rJGHS2Ecbv+oVOYQ23Zk6SnshfOs=",
"owner": "jcdickinson",
"repo": "codeium.nvim",
"rev": "b65443d114d3c3c9dcc59ecd8a7dbb3a35320607",
"type": "github"
},
"original": {
"owner": "jcdickinson",
"repo": "codeium.nvim",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@ -93,6 +116,43 @@
"type": "github"
}
},
"devshell": {
"inputs": {
"nixpkgs": "nixpkgs",
"systems": "systems"
},
"locked": {
"lastModified": 1695195896,
"narHash": "sha256-pq9q7YsGXnQzJFkR5284TmxrLNFc0wo4NQ/a5E93CQU=",
"owner": "numtide",
"repo": "devshell",
"rev": "05d40d17bf3459606316e3e9ec683b784ff28f16",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1695380190,
"narHash": "sha256-v1TwBU/mKroZZPWYXujAfOHfIaQw44swa50Jgdkr7OE=",
"owner": "nix-community",
"repo": "disko",
"rev": "98a6ab9b52f8b06db9c3116b1761bbeaf9484408",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
@ -142,6 +202,24 @@
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1693611461,
"narHash": "sha256-aPODl8vAgGQ0ZYFIRisxYG5MOGSkIczvu2Cd8Gb9+1Y=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "7f53fdb7bdc5bb237da7fefef12d099e4fd611ca",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"neovim-nightly-overlay",
@ -162,9 +240,9 @@
"type": "github"
}
},
"flake-parts_2": {
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1688466019,
@ -179,7 +257,7 @@
"type": "indirect"
}
},
"flake-parts_3": {
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": [
"neovim-nightly-overlay",
@ -203,15 +281,12 @@
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1692799911,
"narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=",
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
@ -295,9 +370,9 @@
},
"hercules-ci-agent": {
"inputs": {
"flake-parts": "flake-parts_3",
"flake-parts": "flake-parts_4",
"haskell-flake": "haskell-flake",
"nixpkgs": "nixpkgs_4"
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1688568579,
@ -314,7 +389,7 @@
},
"hercules-ci-effects": {
"inputs": {
"flake-parts": "flake-parts_2",
"flake-parts": "flake-parts_3",
"hercules-ci-agent": "hercules-ci-agent",
"nixpkgs": [
"neovim-nightly-overlay",
@ -379,11 +454,11 @@
]
},
"locked": {
"lastModified": 1693972774,
"narHash": "sha256-Dt9UZs0/DaIex598quYRYFuGabUbvFdNrHuvGc6HjBc=",
"lastModified": 1695550077,
"narHash": "sha256-xoxR/iY69/3lTnnZDP6gf3J46DUKPcf+Y1jH03tfZXE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "b22d7bab30076bbb73744867d6c5bf7d6380570c",
"rev": "a88df2fb101778bfd98a17556b3a2618c6c66091",
"type": "github"
},
"original": {
@ -394,14 +469,14 @@
},
"hypr-contrib": {
"inputs": {
"nixpkgs": "nixpkgs"
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1693839821,
"narHash": "sha256-ha9Cxqb81Yni217SoM/zFxE0nNz8IMtreTw4SlXw/D4=",
"lastModified": 1695455081,
"narHash": "sha256-AtAMze2J5Maol28OLQoCFgppRWEy06Mn9RhduXNmhiI=",
"owner": "hyprwm",
"repo": "contrib",
"rev": "74aa6b02ff4bd48aaee4da461a16c4cbaaa0ca7e",
"rev": "33663f663e07b4ca52c9165f74e3d793f08b15e7",
"type": "github"
},
"original": {
@ -413,17 +488,17 @@
"hyprland": {
"inputs": {
"hyprland-protocols": "hyprland-protocols",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs_4",
"systems": "systems_2",
"wlroots": "wlroots",
"xdph": "xdph"
},
"locked": {
"lastModified": 1693944974,
"narHash": "sha256-kWa86ahIQvQIgo3GYFJShlBuKTXfggVbrZjkbdjct7U=",
"lastModified": 1695558936,
"narHash": "sha256-KcSkwSDlrt3Xwtit+NTu2aToiRm5Aho9joj2r6nb19w=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "c3a83daa1e61285a418c39a1d9f29427c2c9a2c3",
"rev": "352ceb1117b79cd0bc3fa86ebe435b6909512ddb",
"type": "github"
},
"original": {
@ -459,14 +534,14 @@
},
"hyprpaper": {
"inputs": {
"nixpkgs": "nixpkgs_3"
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1692480535,
"narHash": "sha256-3Q0Uz/JPW9USHyAmrzRl6KhZLqMYTWkmtL3RA+oAeVY=",
"lastModified": 1694600309,
"narHash": "sha256-d9LcB+D0bfMu+8UhnUVJ/DX5OVTX6o5dIntdVqEeQDA=",
"owner": "hyprwm",
"repo": "hyprpaper",
"rev": "5e73eb60552d48d55541c60f9a8da2b666003fe6",
"rev": "e5a18a171d5d6e7c6b9ffdfb9e86fb09055964a1",
"type": "github"
},
"original": {
@ -475,6 +550,21 @@
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1694622745,
"narHash": "sha256-z397+eDhKx9c2qNafL1xv75lC0Q4nOaFlhaU1TINqb8=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "e9643d08d0d193a2e074a19d4d90c67a874d932e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"lowdown-src": {
"flake": false,
"locked": {
@ -493,11 +583,11 @@
},
"master": {
"locked": {
"lastModified": 1693980916,
"narHash": "sha256-J7JJCpNiHbXb3D7pb1JkeOTUEpJJXiGI6BngfbnhiIM=",
"lastModified": 1695566498,
"narHash": "sha256-pitC2KSFFQr0VVWTWrhOYM3JkHMTGJ+n2f3swZNRjq8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6485865ec300c7baf9e51ad5d64c30355ee511e7",
"rev": "46338210c41bbb92502517cccbb2223973a17a62",
"type": "github"
},
"original": {
@ -538,11 +628,11 @@
},
"locked": {
"dir": "contrib",
"lastModified": 1693954768,
"narHash": "sha256-DIyHgdfhmftTN2aHVEmJ1q/W2o0Slild0McAf4sEa8U=",
"lastModified": 1695509205,
"narHash": "sha256-nV3opNLzLMfzL0yI+xnIeNIOnvOI467CiABxHTQUrwY=",
"owner": "neovim",
"repo": "neovim",
"rev": "2ef7b6a433c61837bcef0fca297a665551835423",
"rev": "bc0bf9d030bbcb01db69c44cf88b95ca41dd3065",
"type": "github"
},
"original": {
@ -555,17 +645,17 @@
"neovim-nightly-overlay": {
"inputs": {
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"flake-parts": "flake-parts_2",
"hercules-ci-effects": "hercules-ci-effects",
"neovim-flake": "neovim-flake",
"nixpkgs": "nixpkgs_5"
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1693958686,
"narHash": "sha256-UgdB+EXYbi90vm2fam4tYgY9hYGwxSk0sxG96jIyeg4=",
"lastModified": 1695513850,
"narHash": "sha256-tzhm05TH22eI+ePzuPHrMgq2sjLkEW1q1E515+VRVuw=",
"owner": "nix-community",
"repo": "neovim-nightly-overlay",
"rev": "14defe836200c45acf14f3616d7ba20959028cf8",
"rev": "07c3b00574cb6645d92786c5a5531cb20426785d",
"type": "github"
},
"original": {
@ -574,30 +664,6 @@
"type": "github"
}
},
"nil": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1693724255,
"narHash": "sha256-+Ucv/aBN9wwRE62sUJEBocI+9no7PV4KRDNuFQgygzU=",
"owner": "oxalica",
"repo": "nil",
"rev": "4bdcfcfe38cfcb386142e043392afbfa542665dd",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "nil",
"type": "github"
}
},
"nix-lazy-nvim": {
"locked": {
"lastModified": 1694868321,
@ -623,11 +689,11 @@
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1692913762,
"narHash": "sha256-WIz/rGYBUdRtkZx5BPbE9DXHfUCKlYuKkPzDsP4u77w=",
"lastModified": 1695405275,
"narHash": "sha256-R4TX73TAzrW03Rdsa4HNz5ASKx5S1AKa/3SAntUHglg=",
"owner": "privatevoid-net",
"repo": "nix-super",
"rev": "0007178284d0247631af40931b7039d42bfc0da5",
"rev": "cae2c834f2a19db35cd46d233f5b59086b24a6f1",
"type": "github"
},
"original": {
@ -638,21 +704,39 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1658161305,
"narHash": "sha256-X/nhnMCa1Wx4YapsspyAs6QYz6T/85FofrI6NpdPDHg=",
"lastModified": 1677383253,
"narHash": "sha256-UfpzWfSxkfXHnb4boXZNaKsAcUrZT9Hw+tao1oZxd08=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e4d49de45a3b5dbcb881656b4e3986e666141ea9",
"rev": "9952d6bc395f5841262b006fbace8dd7e143b634",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1693471703,
"narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"nixpkgs-lib_2": {
"locked": {
"dir": "lib",
"lastModified": 1688049487,
@ -702,13 +786,45 @@
"type": "github"
}
},
"nixpkgs_2": {
"nixpkgs_10": {
"locked": {
"lastModified": 1693158576,
"narHash": "sha256-aRTTXkYvhXosGx535iAFUaoFboUrZSYb1Ooih/auGp0=",
"lastModified": 1692934111,
"narHash": "sha256-9EEE59v/esKNMR5zKbLRV9NoRPYvERw5jHQOnfr47bk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a999c1cc0c9eb2095729d5aa03e0d8f7ed256780",
"rev": "1e44a037bbf4fcaba041436e65e87be88f3f495b",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1694948089,
"narHash": "sha256-d2B282GmQ9o8klc22/Rbbbj6r99EnELQpOQjWMyv0rU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5148520bfab61f99fd25fb9ff7bfbb50dad3c9db",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1658161305,
"narHash": "sha256-X/nhnMCa1Wx4YapsspyAs6QYz6T/85FofrI6NpdPDHg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e4d49de45a3b5dbcb881656b4e3986e666141ea9",
"type": "github"
},
"original": {
@ -718,7 +834,23 @@
"type": "github"
}
},
"nixpkgs_3": {
"nixpkgs_4": {
"locked": {
"lastModified": 1694767346,
"narHash": "sha256-5uH27SiVFUwsTsqC5rs3kS7pBoNhtoy9QfTP9BmknGk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ace5093e36ab1e95cb9463863491bee90d5a4183",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1683014792,
"narHash": "sha256-6Va9iVtmmsw4raBc3QKvQT2KT/NGRWlvUlJj46zN8B8=",
@ -734,7 +866,7 @@
"type": "github"
}
},
"nixpkgs_4": {
"nixpkgs_6": {
"locked": {
"lastModified": 1688322751,
"narHash": "sha256-eW62dC5f33oKZL7VWlomttbUnOTHrAbte9yNUNW8rbk=",
@ -750,39 +882,39 @@
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1693844670,
"narHash": "sha256-t69F2nBB8DNQUWHD809oJZJVE+23XBrth4QZuVd6IE0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3c15feef7770eb5500a4b8792623e2d6f598c9c1",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1693844670,
"narHash": "sha256-t69F2nBB8DNQUWHD809oJZJVE+23XBrth4QZuVd6IE0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "3c15feef7770eb5500a4b8792623e2d6f598c9c1",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1695318763,
"narHash": "sha256-FHVPDRP2AfvsxAdc+AsgFJevMz5VBmnZglFUMlxBkcY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e12483116b3b51a185a33a272bf351e357ba9a99",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_8": {
"locked": {
"lastModified": 1695318763,
"narHash": "sha256-FHVPDRP2AfvsxAdc+AsgFJevMz5VBmnZglFUMlxBkcY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e12483116b3b51a185a33a272bf351e357ba9a99",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1689261696,
"narHash": "sha256-LzfUtFs9MQRvIoQ3MfgSuipBVMXslMPH/vZ+nM40LkA=",
@ -798,19 +930,51 @@
"type": "github"
}
},
"nixpkgs_8": {
"none-ls-nvim": {
"flake": false,
"locked": {
"lastModified": 1692934111,
"narHash": "sha256-9EEE59v/esKNMR5zKbLRV9NoRPYvERw5jHQOnfr47bk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1e44a037bbf4fcaba041436e65e87be88f3f495b",
"lastModified": 1696658105,
"narHash": "sha256-4+B2F4ZweWTqXlhSs0jiBaKSv52G4X7p37KHfYl6sPo=",
"owner": "nvimtools",
"repo": "none-ls.nvim",
"rev": "ae339f45590cc421a68de885fc5a3261cc247362",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"owner": "nvimtools",
"repo": "none-ls.nvim",
"type": "github"
}
},
"nvim-lspconfig": {
"flake": false,
"locked": {
"lastModified": 1695699913,
"narHash": "sha256-9uH3ZpZ7zk/84agbagNxUZL49h+P5j7gew+2h04psvg=",
"owner": "neovim",
"repo": "nvim-lspconfig",
"rev": "bfdf2e91e7297a54bcc09d3e092a12bff69a1cf4",
"type": "github"
},
"original": {
"owner": "neovim",
"repo": "nvim-lspconfig",
"type": "github"
}
},
"nvim-puppeteer": {
"flake": false,
"locked": {
"lastModified": 1695758417,
"narHash": "sha256-rkaQUOXxNfkib0kPv+z8ncZiwgSP26+jwNtN9ydcvLQ=",
"owner": "chrisgrieser",
"repo": "nvim-puppeteer",
"rev": "9cd2d2e2630db6377538f5f0dccdea3517db2ce1",
"type": "github"
},
"original": {
"owner": "chrisgrieser",
"repo": "nvim-puppeteer",
"type": "github"
}
},
@ -836,15 +1000,15 @@
"flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_3",
"gitignore": "gitignore",
"nixpkgs": "nixpkgs_7",
"nixpkgs": "nixpkgs_9",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1692274144,
"narHash": "sha256-BxTQuRUANQ81u8DJznQyPmRsg63t4Yc+0kcyq6OLz8s=",
"lastModified": 1694364351,
"narHash": "sha256-oadhSCqopYXxURwIA6/Anpe5IAG11q2LhvTJNP5zE6o=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "7e3517c03d46159fdbf8c0e5c97f82d5d4b0c8fa",
"rev": "4f883a76282bc28eb952570afc3d8a1bf6f481d7",
"type": "github"
},
"original": {
@ -856,11 +1020,11 @@
"rofi-wayland": {
"flake": false,
"locked": {
"lastModified": 1690115482,
"narHash": "sha256-fUneGsSWpi8zYrTbF14e/fuf0vaXF8ckOo4OhL1tInM=",
"lastModified": 1695513431,
"narHash": "sha256-WG1EyBYTbDsK4RsPgp8K/PlscvRSNthQSyN3cqxuXcc=",
"owner": "lbonn",
"repo": "rofi",
"rev": "ff2338c38fbf6e7049563acf55f9055bcf882a4e",
"rev": "b8dedc8836b552a0bba5f4702be63dd8521c6fbb",
"type": "github"
},
"original": {
@ -876,18 +1040,25 @@
"agenix": "agenix",
"arkenfox-userjs": "arkenfox-userjs",
"asus-touchpad-numpad-driver": "asus-touchpad-numpad-driver",
"codeium-nvim": "codeium-nvim",
"devshell": "devshell",
"disko": "disko",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"hmts-nvim": "hmts-nvim",
"home-manager": "home-manager_2",
"hypr-contrib": "hypr-contrib",
"hyprland": "hyprland",
"hyprpaper": "hyprpaper",
"impermanence": "impermanence",
"master": "master",
"neovim-nightly-overlay": "neovim-nightly-overlay",
"nil": "nil",
"nix-lazy-nvim": "nix-lazy-nvim",
"nix-super": "nix-super",
"nixpkgs": "nixpkgs_6",
"nixpkgs": "nixpkgs_8",
"none-ls-nvim": "none-ls-nvim",
"nvim-lspconfig": "nvim-lspconfig",
"nvim-puppeteer": "nvim-puppeteer",
"nvim-treesitter": "nvim-treesitter",
"pre-commit-hooks": "pre-commit-hooks",
"rofi-wayland": "rofi-wayland",
@ -898,39 +1069,14 @@
"timers": "timers"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": [
"nil",
"flake-utils"
],
"nixpkgs": [
"nil",
"nixpkgs"
]
},
"locked": {
"lastModified": 1688783586,
"narHash": "sha256-HHaM2hk2azslv1kH8zmQxXo2e7i5cKgzNIuK4yftzB0=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "7a29283cc242c2486fc67f60b431ef708046d176",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"smartcolumn-nvim": {
"flake": false,
"locked": {
"lastModified": 1693669522,
"narHash": "sha256-SfIbbrAFv/md9EgsJvO0RfDnc6oP5RYz8C5Icual1bU=",
"lastModified": 1694526430,
"narHash": "sha256-O9lPx4WVtiH8tCXVGtNHpcNDDIC+IdcZl8ielDD+rcY=",
"owner": "m4xshen",
"repo": "smartcolumn.nvim",
"rev": "d01b99355c7fab13233f48d0f28dc097e68a03f7",
"rev": "c6abf3917fcec487c7475e208ae37f5788af5b04",
"type": "github"
},
"original": {
@ -941,11 +1087,11 @@
},
"stable": {
"locked": {
"lastModified": 1693771906,
"narHash": "sha256-32EnPCaVjOiEERZ+o/2Ir7JH9pkfwJZJ27SKHNvt4yk=",
"lastModified": 1695416179,
"narHash": "sha256-610o1+pwbSu+QuF3GE0NU5xQdTHM3t9wyYhB9l94Cd8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "da5adce0ffaff10f6d0fee72a02a5ed9d01b52fc",
"rev": "715d72e967ec1dd5ecc71290ee072bcaf5181ed6",
"type": "github"
},
"original": {
@ -1033,11 +1179,11 @@
"telekasten-nvim": {
"flake": false,
"locked": {
"lastModified": 1691743763,
"narHash": "sha256-zYBMUzanFtjnsUrwxjHLvhRODLj1uwGi18wMUWnrqRA=",
"lastModified": 1694166243,
"narHash": "sha256-DblFcMlXsiHJCFojjpcwqZdnRqGuk79yoNBJTR8p5S4=",
"owner": "renerocksai",
"repo": "telekasten.nvim",
"rev": "584783fdbdd13bb691a435f86ed10a3717fa9e9a",
"rev": "bd5d323581f24ee124b33688287e6a22244c6f2a",
"type": "github"
},
"original": {
@ -1049,11 +1195,11 @@
"telescope-nvim": {
"flake": false,
"locked": {
"lastModified": 1693850759,
"narHash": "sha256-309GezR93SVOD7/B8dDJIEidYziepc1s46CIRkhND1k=",
"lastModified": 1695500955,
"narHash": "sha256-Sy4cDVL9HdIj8/UkCnusxACuzA6PKQiuf5Otwtlf8HA=",
"owner": "nvim-telescope",
"repo": "telescope.nvim",
"rev": "20a37e43bb43c74c6091f9fea6551af0964ad45a",
"rev": "ed9574dd6dde143d009b2528ea6d79bd34bbe6c8",
"type": "github"
},
"original": {
@ -1065,7 +1211,7 @@
"timers": {
"inputs": {
"naersk": "naersk",
"nixpkgs": "nixpkgs_8",
"nixpkgs": "nixpkgs_10",
"utils": "utils"
},
"locked": {
@ -1104,18 +1250,18 @@
"flake": false,
"locked": {
"host": "gitlab.freedesktop.org",
"lastModified": 1692976565,
"narHash": "sha256-eBKkG7tMxg92NskEn8dHRFY245JwjirWRoOZzW6DnUw=",
"lastModified": 1695277534,
"narHash": "sha256-LEIUGXvKR5DYFQUTavC3yifcObvG4XZUUHfxXmu8nEM=",
"owner": "wlroots",
"repo": "wlroots",
"rev": "717ded9bb0191ea31bf4368be32e7a15fe1b8294",
"rev": "98a745d926d8048bc30aef11b421df207a01c279",
"type": "gitlab"
},
"original": {
"host": "gitlab.freedesktop.org",
"owner": "wlroots",
"repo": "wlroots",
"rev": "717ded9bb0191ea31bf4368be32e7a15fe1b8294",
"rev": "98a745d926d8048bc30aef11b421df207a01c279",
"type": "gitlab"
}
},
@ -1135,11 +1281,11 @@
]
},
"locked": {
"lastModified": 1691841170,
"narHash": "sha256-RCTm1/MVWYPnReMgyp7tr2ogGYo/pvw38jZaFwemgPU=",
"lastModified": 1694628480,
"narHash": "sha256-Qg9hstRw0pvjGu5hStkr2UX1D73RYcQ9Ns/KnZMIm9w=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "57a3a41ba6b358109e4fc25c6a4706b5f7d93c6b",
"rev": "8f45a6435069b9e24ebd3160eda736d7a391cbf2",
"type": "github"
},
"original": {

333
flake.nix
View file

@ -1,59 +1,55 @@
{
description = "My awesome system config";
/*
Inputs
*/
inputs = {
# Nix
master.url = "github:nixos/nixpkgs";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
stable.url = "github:nixos/nixpkgs/nixos-23.05";
flake-utils.url = "github:numtide/flake-utils";
agenix.inputs.nixpkgs.follows = "nixpkgs";
agenix.url = "github:ryantm/agenix";
devshell.url = "github:numtide/devshell";
disko.url = "github:nix-community/disko";
flake-parts.url = "github:hercules-ci/flake-parts";
flake-utils.url = "github:numtide/flake-utils";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager";
nil.inputs.flake-utils.follows = "flake-utils";
nil.inputs.nixpkgs.follows = "nixpkgs";
nil.url = "github:oxalica/nil";
impermanence.url = "github:nix-community/impermanence";
master.url = "github:nixos/nixpkgs";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";
stable.url = "github:nixos/nixpkgs/nixos-23.05";
nix-super.url = "github:privatevoid-net/nix-super";
# Programs
nix-super.inputs.nixpkgs.follows = "stable";
rofi-wayland.url = "github:lbonn/rofi/wayland";
nix-super.url = "github:privatevoid-net/nix-super";
rofi-wayland.flake = false;
rofi-wayland.url = "github:lbonn/rofi/wayland";
timers.url = "git+https://gitea.moritzboeh.me/moritz/timers.git";
# Neovim
neovim-nightly-overlay.url = "github:nix-community/neovim-nightly-overlay";
smartcolumn-nvim.flake = false;
smartcolumn-nvim.url = "github:m4xshen/smartcolumn.nvim";
telekasten-nvim.flake = false;
telekasten-nvim.url = "github:renerocksai/telekasten.nvim";
telescope-nvim.flake = false;
telescope-nvim.url = "github:nvim-telescope/telescope.nvim";
nvim-treesitter.flake = false;
nvim-treesitter.url = "github:nvim-treesitter/nvim-treesitter/v0.9.1"; # NOTE: to fix weird latest issues
hmts-nvim.flake = false;
hmts-nvim.url = "github:calops/hmts.nvim";
actions-preview-nvim.flake = false;
actions-preview-nvim.url = "github:aznhe21/actions-preview.nvim";
codeium-nvim = {
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
url = "github:jcdickinson/codeium.nvim";
};
hmts-nvim.flake = false;
hmts-nvim.url = "github:calops/hmts.nvim";
neovim-nightly-overlay.url = "github:nix-community/neovim-nightly-overlay";
nix-lazy-nvim.url = "git+https://git.moritzboeh.me/moritz/NixLazy.nvim";
nvim-lspconfig.flake = false;
nvim-lspconfig.url = "github:neovim/nvim-lspconfig";
nvim-puppeteer.flake = false;
nvim-puppeteer.url = "github:chrisgrieser/nvim-puppeteer";
nvim-treesitter.flake = false;
nvim-treesitter.url = "github:nvim-treesitter/nvim-treesitter/v0.9.1"; # NOTE: to fix weird latest issues
smartcolumn-nvim.flake = false;
smartcolumn-nvim.url = "github:m4xshen/smartcolumn.nvim";
telekasten-nvim.flake = false;
telekasten-nvim.url = "github:renerocksai/telekasten.nvim";
telescope-nvim.flake = false;
telescope-nvim.url = "github:nvim-telescope/telescope.nvim";
none-ls-nvim.flake = false;
none-ls-nvim.url = "github:nvimtools/none-ls.nvim";
# Hyprland
hypr-contrib.url = "github:hyprwm/contrib";
@ -67,148 +63,153 @@
# Firefox user.js
arkenfox-userjs.url = "github:arkenfox/user.js";
arkenfox-userjs.flake = false;
timers.url = "git+https://gitea.moritzboeh.me/moritz/timers.git";
};
/*
Outputs
*/
outputs = inputs@{ self, nixpkgs, ... }:
outputs = inputs@{ self, flake-parts, ... }:
let
systems = [ "x86_64-linux" "aarch64-linux" ];
forEachSystem = lib.genAttrs systems;
lib = nixpkgs.lib.extend
(self: _: { my = import ./lib { lib = self; }; });
overlay = import ./overlays {
inherit inputs;
inherit (self) lib;
};
config.allowUnfree = true;
overlays = [
defaultOverlays = [
inputs.hypr-contrib.overlays.default
inputs.neovim-nightly-overlay.overlay
overlay
self.overlays.default
];
pkgsFor = system: import nixpkgs {
inherit system config;
overlays = overlays ++ [
(
_: prev: {
master = import inputs.master {
inherit (prev) system;
inherit overlays config;
};
stable = import inputs.stable {
inherit (prev) system;
inherit overlays config;
};
finalOverlays = defaultOverlays ++ [
(
_: prev: {
master = import inputs.master {
inherit (prev) system;
overlays = defaultOverlays;
};
stable = import inputs.stable {
inherit (prev) system;
overlays = defaultOverlays;
};
}
)
];
in
flake-parts.lib.mkFlake { inherit inputs; } {
imports = [
inputs.pre-commit-hooks.flakeModule
inputs.devshell.flakeModule
];
systems = [ "x86_64-linux" ];
perSystem = { config, self', inputs', pkgs, system, ... }: {
_module.args.pkgs =
import inputs.nixpkgs {
inherit system;
overlays = finalOverlays;
};
devshells.default = {
devshell.startup.pre-commit-hook.text = config.pre-commit.installationScript;
commands = [
{
name = "agenix";
help = "wrapper around agenix";
command = ''
sudo EDITOR="${pkgs.lib.getExe pkgs.vim}" ${pkgs.lib.getExe' inputs'.agenix.packages.default "agenix"} --identity /etc/ssh/ssh_host_ed25519_key "$@"
'';
}
)
overlay
];
{
name = "nixos-build";
help = "use nom to build system";
command =
''
nom build --no-link ".#nixosConfigurations.$(hostname).config.system.build.toplevel" $@
'';
}
{
name = "nixos-switch";
help = "wrapper for nixos-rebuild switch";
command = "sudo nixos-rebuild switch --flake . $@";
}
{
name = "nixos-test";
help = "wrapper for nixos-rebuild switch";
command = "sudo nixos-rebuild test --flake . $@";
}
{
name = "nixos-boot";
help = "wrapper for nixos-rebuild switch";
command = "sudo nixos-rebuild boot --flake . $@";
}
];
};
pre-commit = {
check.enable = true;
settings = {
hooks = {
nixpkgs-fmt.enable = true;
statix.enable = true;
shellcheck.enable = true;
stylua.enable = true;
};
};
};
legacyPackages = pkgs;
packages =
self.lib.filterAttrs (_: self.lib.isDerivation)
(self.overlays.default pkgs pkgs);
};
defaultModules = [
{ nixpkgs = { inherit config; }; }
./modules
inputs.home-manager.nixosModule
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = { inherit inputs self; };
sharedModules = [ inputs.nix-lazy-nvim.homeManagerModules.default ];
};
}
inputs.agenix.nixosModules.age
];
flake = {
lib = inputs.nixpkgs.lib.extend
(self: _: { my = import ./lib { lib = self; }; });
hosts = self.lib.my.mapModules
(path:
let
system = import "${path}/system.nix";
pkgs = pkgsFor system;
in
lib.nixosSystem {
inherit pkgs system lib;
overlays.default = import ./overlays {
inherit inputs;
inherit (self) lib;
};
nixosConfigurations = self.lib.my.mapModules
(path: self.lib.nixosSystem {
inherit (self) lib;
specialArgs = {
inherit inputs self;
};
modules = defaultModules ++ [ path ];
})
./hosts;
pre-commit-check = system: inputs.pre-commit-hooks.lib."${system}".run {
src = ./.;
hooks = {
nixpkgs-fmt.enable = true;
statix.enable = true;
shellcheck.enable = true;
stylua.enable = true;
};
};
in
with lib; {
inherit lib;
# ╔══════════════════════════════════════════════════════════╗
# ║ NixOS Configurations ║
# ╚══════════════════════════════════════════════════════════╝
nixosConfigurations = hosts;
# ╔══════════════════════════════════════════════════════════╗
# ║ Other Outputs ║
# ╚══════════════════════════════════════════════════════════╝
devShells = forEachSystem (system:
let
pkgs = pkgsFor system;
in
{
default = pkgs.mkShell
{
inherit (pre-commit-check system) shellHook;
name = "dotfiles";
packages = with pkgs; [
# Secrets
agenix
# cachix
cachix
modules =
[
./modules
{
nixpkgs = {
overlays = finalOverlays;
config.allowUnfree = true;
};
}
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = { inherit inputs self; };
sharedModules = [ inputs.nix-lazy-nvim.homeManagerModules.default ];
};
}
inputs.agenix.nixosModules.age
inputs.disko.nixosModules.default
inputs.home-manager.nixosModule
inputs.impermanence.nixosModules.impermanence
path
];
};
});
checks = forEachSystem (system: {
pre-commit-check = pre-commit-check system;
});
legacyPackages = forEachSystem pkgsFor;
packages = forEachSystem (system:
let
pkgs = pkgsFor system;
in
filterAttrs (_: isDerivation)
(overlay pkgs pkgs)
);
overlays =
let
overlayNames = attrNames (overlay null null);
mkOverlay = name: final: prev: (overlay final prev).${name};
in
(genAttrs overlayNames mkOverlay) // {
default = overlay;
};
})
./hosts;
};
};
nixConfig = {
extra-substituters = [
"https://hyprland.cachix.org"
"https://nix-community.cachix.org"
"https://pre-commit-hooks.cachix.org"
];
extra-trusted-public-keys = [
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"pre-commit-hooks.cachix.org-1:Pkk3Panw5AW24TOv6kz3PvLhlH8puAsJTBbOPmBo7Rc="
];
};
}

66
hosts/nixos-desktop/default.nix
View file

@ -17,23 +17,41 @@
gaming.enable = true;
personal.enable = true;
};
programs.hyprland.nvidiaSupport = true;
programs.hyprland.keyboardLayouts = [ "us" "de" ];
programs.hyprland = {
nvidiaSupport = true;
monitors = [ "HDMI-A-1,3840x2160,auto,1.2" ",preferred,auto,1" ];
extraConfig = "exec=hyprctl keyword monitor HDMI-A-1,3840x2160@120,auto,1.2";
keyboardLayouts = [ "us" "de" ];
};
services.mullvad.enable = true;
services.wallpaper.enable = true;
programs.ledger.enable = true;
};
home-manager.users.moritz.home.packages = with pkgs; [
jetbrains.idea-community
];
hardware = {
keyboard.qmk.enable = true;
nvidia.modesetting.enable = true;
opengl = {
enable = true;
driSupport32Bit = true;
driSupport = true;
};
hardware.keyboard.qmk.enable = true;
# sensors
enableAllFirmware = true;
# KERNEL
boot.kernelPackages = pkgs.linuxPackages_latest;
bluetooth.enable = true;
};
# BOOT
boot = {
# KERNEL
kernelPackages = pkgs.linuxPackages_latest;
# BOOT
supportedFilesystems = [ "btrfs" "ntfs" ];
loader = {
grub = {
@ -44,6 +62,8 @@
};
efi.canTouchEfiVariables = true;
};
kernelModules = [ "lm92" "drivetemp" ];
};
# NETWORKING
@ -68,33 +88,23 @@
};
networkmanager.enable = true;
};
hardware.nvidia.modesetting.enable = true;
services.xserver.videoDrivers = [ "nvidia" ];
hardware.opengl = {
enable = true;
driSupport32Bit = true;
driSupport = true;
services = {
xserver.videoDrivers = [ "nvidia" ];
xserver.xrandrHeads = [
{ output = "HDMI-1"; }
{
output = "HDMI-0";
primary = true;
}
];
# Powersaving
tlp.enable = true;
};
services.xserver.xrandrHeads = [
{ output = "HDMI-1"; }
{
output = "HDMI-0";
primary = true;
}
];
console.keyMap = "de";
# Powersaving
services.tlp.enable = true;
powerManagement.enable = true;
# sensors
hardware.enableAllFirmware = true;
environment.systemPackages = with pkgs; [ lm_sensors ];
boot.kernelModules = [ "lm92" "drivetemp" ];
hardware.bluetooth.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions

75
hosts/nixos-desktop/hardware-configuration.nix
View file

@ -7,51 +7,56 @@
, ...
}: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" ];
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
kernelModules = [ ];
luks.devices."enc".device = "/dev/disk/by-uuid/30025a9f-44cf-4074-8ae2-d4925efd67dd";
};
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" ];
};
boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/30025a9f-44cf-4074-8ae2-d4925efd67dd";
"/home" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" ];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" ];
};
"/nix" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" ];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" ];
};
"/var/log" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" ];
neededForBoot = true;
};
fileSystems."/var/log" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" ];
neededForBoot = true;
};
"/boot" = {
device = "/dev/disk/by-uuid/297B-C04C";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/297B-C04C";
fsType = "vfat";
};
fileSystems."/media/games" = {
device = "/dev/disk/by-uuid/8f92ff36-a685-4a67-a3d4-55136dc5f286";
fsType = "ext4";
"/media/games" = {
device = "/dev/disk/by-uuid/8f92ff36-a685-4a67-a3d4-55136dc5f286";
fsType = "ext4";
};
};
swapDevices = [{ device = "/dev/disk/by-uuid/00ad6f74-f23e-4ac0-abfb-89bdfe5ab8ae"; }];
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

1
hosts/nixos-desktop/system.nix
View file

@ -1 +0,0 @@
"x86_64-linux"

117
hosts/nixos-laptop/default.nix
View file

@ -3,37 +3,46 @@
# and in the NixOS manual (accessible by running nixos-help).
{ pkgs
, inputs
, lib
, ...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
./disko.nix
./impermanence.nix
];
my = {
virtualisation.libvirtd.enable = true;
yubikey.luksSupport.enable = false;
profiles = {
desktop.enable = true;
personal.enable = true;
webis.enable = true;
# webis.enable = true;
};
};
environment.systemPackages = [
(
pkgs.writeShellApplication {
name = "zfs-diff";
runtimeInputs = with pkgs; [ zfs coreutils parallel tree ];
text = ''
zfs diff -F zroot/encrypted/root@blank | awk '$2 == "F" && system("test -e /persist/"$3) != 0 { print $3 }' 2>/dev/null | tree --fromfile . "$@"
'';
}
)
];
home-manager.users.moritz.home.packages = with pkgs; [
jetbrains.idea-ultimate
# jetbrains.idea-ultimate
];
# BOOT
boot = {
supportedFilesystems = [ "btrfs" ];
loader = {
grub = {
enable = true;
device = "nodev";
efiSupport = true;
};
efi.canTouchEfiVariables = true;
};
supportedFilesystems = [ "zfs" ];
loader.systemd-boot.enable = true;
};
# SERVICES
@ -65,54 +74,56 @@
services.tlp.enable = true;
powerManagement.enable = true;
# Hibernare on low battery
systemd.timers.hibernate-on-low-battery = {
wantedBy = [ "multi-user.target" ];
timerConfig = {
OnUnitActiveSec = "120";
OnBootSec = "120";
systemd = {
# Hibernare on low battery
timers.hibernate-on-low-battery = {
wantedBy = [ "multi-user.target" ];
timerConfig = {
OnUnitActiveSec = "120";
OnBootSec = "120";
};
};
services.hibernate-on-low-battery =
let
batteryLevelSufficient =
let
batteryPath = "/sys/class/power_supply/BATT";
in
pkgs.writeShellScriptBin "battery-level-sufficient" ''
test "$(cat ${batteryPath}/status)" != Discharging \
|| test "$(cat ${batteryPath}/capacity)" -ge 5
'';
in
{
serviceConfig.Type = "oneshot";
onFailure = [ "hibernate.target" ];
script = "${batteryLevelSufficient}/bin/battery-level-sufficient";
};
services.asus-touchpad-numpad = {
description = "Activate Numpad inside the touchpad with top right corner switch";
documentation = [ "https://github.com/mohamed-badaoui/asus-touchpad-numpad-driver" ];
path = [ pkgs.i2c-tools ];
script = ''
cd ${inputs.asus-touchpad-numpad-driver}
# In the last argument here you choose your layout.
${
pkgs.python3.withPackages (ps: [ps.libevdev])
}/bin/python asus_touchpad.py m433ia
'';
# Probably needed because it fails on boot seemingly because the driver
# is not ready yet. Alternativly, you can use `sleep 3` or similar in the
# `script`.
serviceConfig = {
RestartSec = "1s";
Restart = "on-failure";
};
wantedBy = [ "multi-user.target" ];
};
};
systemd.services.hibernate-on-low-battery =
let
batteryLevelSufficient =
let
batteryPath = "/sys/class/power_supply/BATT";
in
pkgs.writeShellScriptBin "battery-level-sufficient" ''
test "$(cat ${batteryPath}/status)" != Discharging \
|| test "$(cat ${batteryPath}/capacity)" -ge 5
'';
in
{
serviceConfig.Type = "oneshot";
onFailure = [ "hibernate.target" ];
script = "${batteryLevelSufficient}/bin/battery-level-sufficient";
};
# Trackpad
# i2c for https://github.com/mohamed-badaoui/asus-touchpad-numpad-driver
hardware.i2c.enable = true;
systemd.services.asus-touchpad-numpad = {
description = "Activate Numpad inside the touchpad with top right corner switch";
documentation = [ "https://github.com/mohamed-badaoui/asus-touchpad-numpad-driver" ];
path = [ pkgs.i2c-tools ];
script = ''
cd ${inputs.asus-touchpad-numpad-driver}
# In the last argument here you choose your layout.
${
pkgs.python3.withPackages (ps: [ps.libevdev])
}/bin/python asus_touchpad.py m433ia
'';
# Probably needed because it fails on boot seemingly because the driver
# is not ready yet. Alternativly, you can use `sleep 3` or similar in the
# `script`.
serviceConfig = {
RestartSec = "1s";
Restart = "on-failure";
};
wantedBy = [ "multi-user.target" ];
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions

94
hosts/nixos-laptop/disko.nix Normal file
View file

@ -0,0 +1,94 @@
{ lib, ... }:
{
# needed for zfs pool
networking.hostId = "9c85d185";
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "64M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "false";
};
mountpoint = null;
datasets = {
encrypted = {
type = "zfs_fs";
options = {
mountpoint = "none";
encryption = "aes-256-gcm";
keyformat = "passphrase";
};
# use this to read the key during boot
postCreateHook = ''
zfs set keylocation="prompt" "zroot/$name";
'';
};
"encrypted/root" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/";
postCreateHook = "zfs snapshot zroot/encrypted/root@blank";
};
"encrypted/nix" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/nix";
};
"encrypted/persist" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/persist";
options."com.sun:auto-snapshot" = "true";
};
};
};
};
};
# rollback to blank
boot.initrd.postDeviceCommands = lib.mkAfter ''
zfs rollback -r zroot/encrypted/root@blank
'';
fileSystems."/persist".neededForBoot = true;
# HACK: to fix issue of agenix running before impermanence
age.identityPaths = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_rsa_key"
"/persist/etc/ssh/ssh_host_ed25519_key"
"/persist/etc/ssh/ssh_host_rsa_key"
];
services.zfs = {
autoScrub.enable = true;
trim.enable = true;
autoSnapshot.enable = true;
};
}

51
hosts/nixos-laptop/hardware-configuration.nix
View file

@ -2,53 +2,16 @@
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ modulesPath
, lib
, ...
}: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" ];
boot = {
initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "rtsx_pci_sdmmc" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/078b81ba-238e-471d-9951-b743588532b8";
fileSystems."/log" = {
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" ];
neededForBoot = true;
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" ];
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/938D-F813";
fsType = "vfat";
};
fileSystems."/persist" = {
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
fsType = "btrfs";
options = [ "subvol=persist" "compress=zstd" ];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" ];
};
swapDevices = [{ device = "/dev/disk/by-uuid/29ebf65f-e6ca-4625-9f72-a9321152be1b"; }];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

71
hosts/nixos-laptop/impermanence.nix Normal file
View file

@ -0,0 +1,71 @@
{ config, ... }:
{
age.secrets = {
root-password.file = ../../secrets/root-password.age;
moritz-password.file = ../../secrets/moritz-password.age;
};
users.users = {
root.hashedPasswordFile = config.age.secrets.root-password.path;
moritz.hashedPasswordFile = config.age.secrets.moritz-password.path;
};
users.mutableUsers = false;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/etc/NetworkManager/system-connections"
"/var/db/dhcpcd/"
"/var/lib/NetworkManager/"
"/var/lib/bluetooth"
"/var/lib/nixos"
"/var/lib/systemd/coredump"
"/var/log"
];
files = [
"/etc/machine-id"
"/etc/nix/id_rsa"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
users.moritz = {
directories = [
".SynologyDrive/data"
".SynologyDrive/log"
".cache/keepassxc"
".cache/nvim/luac"
".config/Nextcloud"
".config/keepassxc"
".local/share/direnv"
".local/share/nvim"
".local/share/zoxide"
".local/state/nvim"
".mozilla"
"Documents"
"Downloads"
"Music"
"Pictures"
"Videos"
{ directory = ".gnupg"; mode = "0700"; }
{ directory = ".local/share/keyrings"; mode = "0700"; }
{ directory = ".ssh"; mode = "0700"; }
];
files = [
".local/share/fish/fish_history"
".local/share/nix/trusted-settings.json"
".parallel/will-cite"
];
};
users.root = {
home = "/root";
directories = [
{ directory = ".gnupg"; mode = "0700"; }
{ directory = ".ssh"; mode = "0700"; }
];
files = [
".local/share/nix/trusted-settings.json"
];
};
};
}

1
hosts/nixos-laptop/system.nix
View file

@ -1 +0,0 @@
"x86_64-linux"

17
hosts/scadspc25/default.nix
View file

@ -21,12 +21,18 @@
services.synology-drive.enable = true;
programs.hyprland.keyboardLayouts = [ "us" "de" ];
};
boot = {
loader = {
grub = {
# Use the systemd-boot EFI boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "nodev";
boot.loader.grub.efiSupport = true;
boot.loader.efi.canTouchEfiVariables = true;
# Use the systemd-boot EFI boot loader.
enable = true;
device = "nodev";
efiSupport = true;
};
efi.canTouchEfiVariables = true;
};
};
networking.hostName = "scadspc25"; # Define your hostname.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
@ -53,4 +59,3 @@
system.stateVersion = "23.05"; # Did you read the comment?
}

83
hosts/scadspc25/hardware-configuration.nix
View file

@ -8,52 +8,55 @@
[
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
};
fileSystems = {
"/" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
};
fileSystems."/" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
};
"/home" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" "noatime" ];
};
fileSystems."/home" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" "noatime" ];
};
"/nix" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
};
fileSystems."/nix" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
};
"/var/log" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
};
fileSystems."/var/log" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
};
"/snapshots" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=snapshots" "compress=zstd" "noatime" ];
};
fileSystems."/snapshots" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=snapshots" "compress=zstd" "noatime" ];
};
fileSystems."/boot" =
{
device = "/dev/disk/by-uuid/3B2B-63DB";
fsType = "vfat";
};
"/boot" =
{
device = "/dev/disk/by-uuid/3B2B-63DB";
fsType = "vfat";
};
};
swapDevices =
[{ device = "/dev/disk/by-uuid/c08ff6b6-d6e2-4620-95fc-6c20b04c7363"; }];

1
hosts/scadspc25/system.nix
View file

@ -1 +0,0 @@
"x86_64-linux"

63
modules/profiles/base.nix
View file

@ -6,21 +6,6 @@
with lib;
let
nom-system = pkgs.writeFishApplication {
name = "nom-system";
runtimeInputs = with pkgs; [ nix-output-monitor ];
text = /* fish */ ''
nom build --no-link "/home/moritz/.dotfiles#nixosConfigurations.$(hostname).config.system.build.toplevel" $argv
'';
};
nom-system-command = name: command: pkgs.writeFishApplication {
inherit name;
runtimeInputs = with pkgs; [ nom-system nix ];
text = /* fish */ ''
nom-system $argv && ${command}
'';
};
f = pkgs.writeFishApplication {
name = "f";
runtimeInputs = with pkgs; [ fzf bat ];
@ -46,7 +31,7 @@ let
recurse (readlink $path)
end
end
for arg in $argv
recurse (which $arg)
end
@ -84,6 +69,9 @@ let
};
in
{
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGoAqa2m7hIzZ2LS96Z+RCIlRvhBM/j7h27tMBCwMT+a" # Moritz
];
users.users.moritz = {
isNormalUser = true;
home = "/home/moritz";
@ -105,17 +93,17 @@ in
abbreviations = {
us = "systemctl --user";
rs = "sudo systemctl";
uj = "journalctl --user";
rj = "sudo journalctl";
};
aliases = {
ls = "exa -lh --icons --git";
ls = "${getExe pkgs.eza} -lh --icons --git";
cat = "bat";
rm = "rm -i";
mv = "mv -i";
cd = "__zoxide_z";
nixos-update = "pushd ~/.dotfiles && nix flake update && popd";
latexwatch = ''find -type f -name "*.tex" | entr -c latexmk -pdf -silent'';
};
variables = { EDITOR = "vim"; };
};
@ -135,6 +123,8 @@ in
"|" = "split-window -h";
"C-l" = "send-keys C-l";
"R" = "source-file $XDG_CONFIG_HOME/tmux/tmux.conf \\; display-message 'Reloaded tmux.conf'";
"f" = "new-window ts";
"a" = "new-window ta";
};
copy-mode-vi = {
"v" = "send -X begin-selection";
@ -151,48 +141,35 @@ in
# archives
ouch
# file management
trash-cli
# monitoring
htop
bottom
# nix
(nom-system-command "nixos-boot" "sudo nixos-rebuild boot --flake ~/.dotfiles")
(nom-system-command "nixos-switch" "sudo nixos-rebuild switch --flake ~/.dotfiles")
(nom-system-command "nixos-test" "sudo nixos-rebuild test --flake ~/.dotfiles")
manix
nix-index
nix-output-monitor
nixpkgs-fmt
statix
which-nix
# other
# utils
bat
cht-sh
du-dust
duf
entr
exa
f
fd
gi
gparted
neofetch
reptyr
parallel
ripgrep
up
vim
viu
wget
];
fonts.packages = with pkgs; [
(nerdfonts.override {
fonts = [ "FiraCode" ];
})
];
fonts = {
enableDefaultPackages = true;
packages = with pkgs; [
(nerdfonts.override {
fonts = [ "FiraCode" ];
})
];
};
programs = {
mtr.enable = true;

4
modules/profiles/desktop.nix
View file

@ -84,11 +84,7 @@ in
};
environment.systemPackages = with pkgs; [
anki
calibre
fd
keepassxc
nixpkgs-review
pavucontrol
stable.libreoffice # NOTE breaks often
stable.signal-desktop # NOTE breaks often

19
modules/profiles/personal.nix
View file

@ -69,24 +69,5 @@ in
};
};
};
nix.buildMachines = [{
hostName = "builder";
systems = [ "aarch64-linux" "x86_64-linux" ];
protocol = "ssh-ng";
maxJobs = 1;
speedFactor = 1;
supportedFeatures = [ "nixos-test" "benchmark" "kvm" ];
mandatoryFeatures = [ ];
}];
nix.distributedBuilds = true;
# optional, useful when the builder has a faster internet connection than yours
nix.extraOptions = ''
builders-use-substitutes = true
'';
age.secrets."ssh-builder" = {
file = ../../secrets/ssh-builder.age;
owner = "0";
path = "/root/.ssh/config";
};
};
}

34
modules/programs/fish.nix
View file

@ -46,14 +46,46 @@ in
# visual mode, but due to fish_cursor_default, is redundant here
set fish_cursor_visual block
# Complex abbreviations
function last_history_item
echo $history[1]
end
abbr -a !! --position anywhere --function last_history_item
function sed_history_item
echo $history[1] | perl -p -e (string trim -l --chars=! $argv)
end
abbr -a sed_history --position command --regex '^!s/.+/.*/g?' --function sed_history_item
function multicd
echo cd (string repeat -n (math (string length -- $argv[1]) - 1) ../)
end
abbr --add dotdot --regex '^\.\.+$' --function multicd
abbr -a P --position anywhere --set-cursor "% | $PAGER"
function editor_edit
echo $EDITOR $argv
end
abbr -a editor_edit_files --position command --regex ".+\.(txt|md|org)" --function editor_edit
function editor
echo $EDITOR
end
abbr -a e --function editor
# Completions
complete -c c -kfa '(zoxide query -l | sed "s|$HOME|~|")'
${optionalString config.virtualisation.podman.dockerCompat /* fish */ "complete -c docker -w podman"}
complete -c nom -fn "not __fish_seen_subcommand_from build shell develop" -a "build shell develop"
complete -c nom -fn "__fish_seen_subcommand_from build" -w "nix build"
complete -c nom -fn "__fish_seen_subcommand_from shell" -w "nix shell"
complete -c nom -fn "__fish_seen_subcommand_from develop" -w "nix develop"
complete -c timers \
-n "__fish_seen_subcommand_from toggle" \
-fa '(timers --json l | ${getExe pkgs.jq} -r .[][].name)'
complete -c timers \
-n "__fish_seen_subcommand_from remove" \
-fa '(timers --json l | ${getExe pkgs.jq} -r .[][].name)'

15
modules/programs/hyprland/_config.nix
View file

@ -17,7 +17,7 @@ in
#
# See https://wiki.hyprland.org/Configuring/Monitors/
monitor=,preferred,auto,1
${concatLines (map (x: "monitor=${x}") cfg.monitors)}
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
@ -110,6 +110,13 @@ in
workspace_swipe = on
}
misc {
# disable_hypr_chan = true
vrr = 1
mouse_move_enables_dpms = true
key_press_enables_dpms = true
}
# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
# Firefox Sharing Indicator
${mkRules ["float" "move 49% 40" "noborder" "nofullscreenrequest"] ["title:^(.*Sharing Indicator.*)$"]}
@ -207,5 +214,9 @@ in
bindm = $mainMod, mouse:272, movewindow
bindm = $mainMod, mouse:273, resizewindow
exec-once=${getExe config.my.programs.wallpaper.package} -r
# Toggle waybar
bindr = $mainMod, SUPER_L, exec, pkill -USR1 waybar
# Extra Config
${cfg.extraConfig}
''

70
modules/programs/hyprland/default.nix
View file

@ -31,6 +31,15 @@ in
description = "list of keyboard layouts";
default = [ "de" "us" ];
};
monitors = mkOption {
type = types.listOf types.str;
description = "monitor settings";
default = [ ",preferred,auto,1" ];
};
extraConfig = mkOption {
type = types.str;
default = "";
};
};
config = mkIf cfg.enable {
@ -42,46 +51,52 @@ in
};
wallpapers.enable = true;
services.dunst.enable = true;
services.wallpaper.enable = true;
};
# enable home-manager module
home-manager.users.moritz = {
# import home-manager module
imports = [ inputs.hyprland.homeManagerModules.default ];
# enable home-manager module
wayland.windowManager.hyprland = {
enable = true;
package = hyprland;
recommendedEnvironment = true;
extraConfig = import ./_config.nix args;
};
};
# add waybar as a status bar
home-manager.users.moritz.programs.waybar = {
enable = true;
# start using systemd service
systemd = {
# add waybar as a status bar
programs.waybar = {
enable = true;
target = "graphical-session.target";
};
settings = {
mainBar = {
layer = "top";
position = "top";
height = 20;
modules-left = [ "hyprland/workspaces" ];
modules-center = [ "hyprland/window" ];
modules-right = [ "hyprland/language" "network" "memory" "cpu" "battery" "clock" ];
# start using systemd service
systemd = {
enable = true;
target = "graphical-session.target";
};
settings = {
mainBar = {
start_hidden = true;
layer = "top";
position = "top";
height = 20;
modules-left = [ "hyprland/workspaces" ];
modules-center = [ "hyprland/window" ];
modules-right = [ "hyprland/language" "network" "memory" "cpu" "battery" "clock" ];
};
};
};
};
# lock screen after timeout
home-manager.users.moritz = {
# lock screen after timeout
programs.swaylock = {
enable = true;
settings = {
color = "000000";
};
};
services.swayidle = {
enable = true;
events = [
@ -120,8 +135,14 @@ in
};
systemdTarget = "hyprland-session.target";
};
systemd.user.services.nextcloud-client.Service = {
RestartSec = "500ms";
Restart = "on-failure";
};
};
# adds pam module for swaylock
security.pam.services.swaylock = { };
@ -137,11 +158,6 @@ in
requiredBy = [ "xdg-desktop-portal.service" ];
};
home-manager.users.moritz.systemd.user.services.nextcloud-client.Service = {
RestartSec = "500ms";
Restart = "on-failure";
};
# add user packages for wayland and hyprland in particular
users.users.moritz.packages = with pkgs; [
brightnessctl # control brightness

8
modules/programs/nix.nix
View file

@ -57,17 +57,9 @@ in
settings = {
substituters = [
"https://cache.nixos.org/"
"https://jupyterwith.cachix.org"
"https://nix-community.cachix.org"
"https://pre-commit-hooks.cachix.org"
"https://hyprland.cachix.org"
];
trusted-public-keys = [
"jupyterwith.cachix.org-1:/kDy2B6YEhXGJuNguG1qyqIodMyO4w8KwWH4/vAc7CI="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"pre-commit-hooks.cachix.org-1:Pkk3Panw5AW24TOv6kz3PvLhlH8puAsJTBbOPmBo7Rc="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
trusted-users = [ "root" "@wheel" ];

8
modules/programs/nvim/default.nix
View file

@ -30,12 +30,17 @@ in
[
alejandra
black
checkmake
deadnix
dotenv-linter
fish
isort
jq
nil
nixd
nixpkgs-fmt
nodePackages.bash-language-server
nodePackages.jsonlint
ruff-lsp
rustfmt
shellcheck
shfmt
@ -46,6 +51,7 @@ in
typst
typst-lsp
yamlfmt
yamllint
];
extraLuaConfig = readFile ./options.lua;
lazy.enable = true;

8
modules/programs/nvim/options.lua
View file

@ -1,14 +1,8 @@
vim.g.mapleader = " "
vim.g.maplocalleader = ","
-- FIX to create spell dir if not existent
local spelldir = vim.fn.stdpath("config") .. "/spell"
if not vim.loop.fs_stat(spelldir) then
vim.fn.mkdir(spelldir, "p")
end
vim.opt.autoindent = true
vim.opt.backupdir = { vim.fn.stdpath("state") .. "/nvim/backup/" } -- don't store backup in files dir
vim.opt.backupdir = { vim.fn.stdpath("state") .. "/backup/" } -- don't store backup in files dir
vim.opt.clipboard = "unnamedplus" -- sync with system clipboard
vim.opt.conceallevel = 2
vim.opt.expandtab = true -- spaces instead of tabs

26
modules/programs/nvim/plugins/coding.nix
View file

@ -86,26 +86,13 @@ with builtins;
{ plugin = cmp-cmdline; }
{ plugin = cmp-nvim-lsp; }
{ plugin = cmp_luasnip; }
{
plugin = codeium-nvim;
opts = { };
}
{ plugin = friendly-snippets; }
{ plugin = lspkind-nvim; }
{ plugin = luasnip; }
{
plugin = copilot-cmp;
opts = { };
dependencies = [
{
plugin = copilot-lua;
opts = {
suggestion = { enabled = false; };
panel = { enabled = false; };
};
conf = /* lua */ ''
require("copilot").setup(opts)
vim.cmd("Copilot disable")
'';
}
];
}
];
}
{
@ -117,7 +104,6 @@ with builtins;
event = [ "BufRead" "BufNewFile" ];
conf = readFile ./lua/nvim-lspconfig.lua;
dependencies = [
{ plugin = lsp_signature-nvim; }
{
plugin = null-ls-nvim;
conf = readFile ./lua/null-ls-nvim.lua;
@ -313,5 +299,9 @@ with builtins;
];
opts = { };
}
{
plugin = nvim-puppeteer;
lazy = false; # NOTE: plugin lazy-loads itself.
}
];
}

6
modules/programs/nvim/plugins/lua/null-ls-nvim.lua
View file

@ -8,9 +8,15 @@ null_ls.setup({
-- Completion
null_ls.builtins.completion.spell,
-- Diagnostics
null_ls.builtins.diagnostics.checkmake,
null_ls.builtins.diagnostics.deadnix,
null_ls.builtins.diagnostics.dotenv_linter,
null_ls.builtins.diagnostics.fish,
null_ls.builtins.diagnostics.jsonlint,
null_ls.builtins.diagnostics.shellcheck,
null_ls.builtins.diagnostics.statix,
null_ls.builtins.diagnostics.trail_space,
null_ls.builtins.diagnostics.yamllint,
},
})

6
modules/programs/nvim/plugins/lua/nvim-cmp.lua
View file

@ -17,7 +17,7 @@ cmp.setup({
maxwidth = 50, -- prevent the popup from showing more than provided characters
ellipsis_char = "...", -- when popup menu exceed maxwidth, the truncated part would show ellipsis_char instead
symbol_map = {
Copilot = "",
Codeium = "",
},
}),
},
@ -56,8 +56,8 @@ cmp.setup({
{ name = "async_path", priority = 1 },
{ name = "buffer", priority = 1 },
{ name = "luasnip", priority = 2 },
{ name = "copilot", group_index = 3 },
{ name = "nvim_lsp", priority = 4 },
{ name = "codeium", priority = 3 },
{ name = "nvim_lsp", priority = 3 },
},
})

2
modules/programs/nvim/plugins/lua/nvim-lspconfig.lua
View file

@ -134,7 +134,7 @@ end
local servers = {
"bashls",
"nil_ls",
"nixd",
"pylsp",
"ruff_lsp",
"typst_lsp",

6
modules/programs/tmux/default.nix
View file

@ -19,14 +19,14 @@ let
tmux-sessionizer = pkgs.writeFishApplication {
name = "ts";
runtimeInputs = with pkgs; [ tmux findutils coreutils procps fd fzf1 tmux-switch ];
runtimeInputs = with pkgs; [ tmux findutils coreutils procps fd tmux-switch gawk ];
text = readFile ./tmux-sessionizer/script.fish;
completions = readFile ./tmux-sessionizer/completions.fish;
};
tmux-attach = pkgs.writeFishApplication {
name = "ta";
runtimeInputs = with pkgs; [ tmux fzf1 tmux-switch ];
runtimeInputs = with pkgs; [ tmux tmux-switch ];
text = readFile ./tmux-attach/script.fish;
completions = readFile ./tmux-attach/completions.fish;
};
@ -97,7 +97,7 @@ in
if ! fish_is_root_user && test "$TERM_PROGRAM" != 'vscode' && ${insideVariableMissing}
if test -z $tmux_autostarted
set -x tmux_autostarted true
ts
tmux new -A -s home
end
end
'';

2
modules/programs/tmux/tmux-attach/script.fish
View file

@ -1,4 +1,4 @@
set selected (tmux list-sessions -F '#{session_name}' 2>/dev/null | fzf1 $argv)
set selected (tmux list-sessions -F '#{session_name}' 2>/dev/null | fzf --query "$argv")
if not test -n "$selected"
exit 1
end

9
modules/programs/tmux/tmux-sessionizer/script.fish Normal file → Executable file
View file

@ -1,4 +1,11 @@
set selected (fd -HIg '.git' ~/ --min-depth 1 --max-depth 5 --type d --prune --exec dirname {} | fzf1 $argv)
#!/usr/bin/env fish
set pipe (mktemp --dry-run)
mkfifo $pipe
fd -HIg '.git' ~/ --min-depth 1 --max-depth 5 --type d --prune --exec-batch dirname {} | tee $pipe >/dev/null &
fd . ~/ --min-depth 1 --max-depth 3 --type d --exec-batch realpath {} | tee $pipe >/dev/null &
set selected (cat $pipe | awk '!seen[$0]++' | fzf --query "$argv")
rm -f "$pipe"
set selected_name (basename $selected 2>/dev/null | string replace "." "_")

11
modules/programs/wallpaper/wallpaper.sh
View file

@ -2,6 +2,7 @@
WALLPAPERS_PATH="$HOME/.config/wallpapers"
WALLPAPERS=$(find "$WALLPAPERS_PATH" -type f,l)
DEBUG=0
function help() {
echo "Usage:"
@ -22,7 +23,11 @@ function setWallpaperX {
}
function setWallpaperWayland {
swaybg --mode fill -i "$1" 2>/dev/null &
if [[ $DEBUG -eq 1 ]]; then
swaybg --mode fill -i "$1" &
else
swaybg --mode fill -i "$1" 2>/dev/null &
fi
}
function setWallpaper() {
@ -53,6 +58,10 @@ while [[ $# -gt 0 ]]; do
shift # past argument
shift # past value
;;
-v | --verbose)
DEBUG=1
shift # past argument
;;
*)
POSITIONAL+=("$1") # save it in an array for later
shift # past argument

102
modules/security/default.nix
View file

@ -5,62 +5,64 @@
## System security tweaks
# Prevent replacing the running kernel w/o reboot
# security.protectKernelImage = lib.mkDefault true; # NOTE disabled for now to enable hibernate
boot = {
# tmpfs = /tmp is mounted in ram. Doing so makes temp file management speedy
# on ssd systems, and volatile! Because it's wiped on reboot.
boot.tmp.useTmpfs = lib.mkDefault true;
# If not using tmpfs, which is naturally purged on reboot, we must clean it
# /tmp ourselves. /tmp should be volatile storage!
boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs);
# tmpfs = /tmp is mounted in ram. Doing so makes temp file management speedy
# on ssd systems, and volatile! Because it's wiped on reboot.
tmp.useTmpfs = lib.mkDefault true;
# If not using tmpfs, which is naturally purged on reboot, we must clean it
# /tmp ourselves. /tmp should be volatile storage!
tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs);
# Fix a security hole in place for backwards compatibility. See desc in
# nixpkgs/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix
boot.loader.systemd-boot.editor = false;
# Fix a security hole in place for backwards compatibility. See desc in
# nixpkgs/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix
loader.systemd-boot.editor = false;
boot.kernel.sysctl = {
# The Magic SysRq key is a key combo that allows users connected to the
# system console of a Linux kernel to perform some low-level commands.
# Disable it, since we don't need it, and is a potential security concern.
"kernel.sysrq" = 0;
kernel.sysctl = {
# The Magic SysRq key is a key combo that allows users connected to the
# system console of a Linux kernel to perform some low-level commands.
# Disable it, since we don't need it, and is a potential security concern.
"kernel.sysrq" = 0;
## TCP hardening
# Prevent bogus ICMP errors from filling up logs.
"net.ipv4.icmp_ignore_bogus_error_responses" = 1;
# Reverse path filtering causes the kernel to do source validation of
# packets received from all interfaces. This can mitigate IP spoofing.
"net.ipv4.conf.default.rp_filter" = 1;
"net.ipv4.conf.all.rp_filter" = 1;
# Do not accept IP source route packets (we're not a router)
"net.ipv4.conf.all.accept_source_route" = 0;
"net.ipv6.conf.all.accept_source_route" = 0;
# Don't send ICMP redirects (again, we're on a router)
"net.ipv4.conf.all.send_redirects" = 0;
"net.ipv4.conf.default.send_redirects" = 0;
# Refuse ICMP redirects (MITM mitigations)
"net.ipv4.conf.all.accept_redirects" = 0;
"net.ipv4.conf.default.accept_redirects" = 0;
"net.ipv4.conf.all.secure_redirects" = 0;
"net.ipv4.conf.default.secure_redirects" = 0;
"net.ipv6.conf.all.accept_redirects" = 0;
"net.ipv6.conf.default.accept_redirects" = 0;
# Protects against SYN flood attacks
"net.ipv4.tcp_syncookies" = 1;
# Incomplete protection again TIME-WAIT assassination
"net.ipv4.tcp_rfc1337" = 1;
# Log martian packages
"net.ipv4.conf.all.log_martians" = 1;
"net.ipv4.conf.default.log_martians" = 1;
## TCP hardening
# Prevent bogus ICMP errors from filling up logs.
"net.ipv4.icmp_ignore_bogus_error_responses" = 1;
# Reverse path filtering causes the kernel to do source validation of
# packets received from all interfaces. This can mitigate IP spoofing.
"net.ipv4.conf.default.rp_filter" = 1;
"net.ipv4.conf.all.rp_filter" = 1;
# Do not accept IP source route packets (we're not a router)
"net.ipv4.conf.all.accept_source_route" = 0;
"net.ipv6.conf.all.accept_source_route" = 0;
# Don't send ICMP redirects (again, we're on a router)
"net.ipv4.conf.all.send_redirects" = 0;
"net.ipv4.conf.default.send_redirects" = 0;
# Refuse ICMP redirects (MITM mitigations)
"net.ipv4.conf.all.accept_redirects" = 0;
"net.ipv4.conf.default.accept_redirects" = 0;
"net.ipv4.conf.all.secure_redirects" = 0;
"net.ipv4.conf.default.secure_redirects" = 0;
"net.ipv6.conf.all.accept_redirects" = 0;
"net.ipv6.conf.default.accept_redirects" = 0;
# Protects against SYN flood attacks
"net.ipv4.tcp_syncookies" = 1;
# Incomplete protection again TIME-WAIT assassination
"net.ipv4.tcp_rfc1337" = 1;
# Log martian packages
"net.ipv4.conf.all.log_martians" = 1;
"net.ipv4.conf.default.log_martians" = 1;
## TCP optimization
# TCP Fast Open is a TCP extension that reduces network latency by packing
# data in the senders initial TCP SYN. Setting 3 = enable TCP Fast Open for
# both incoming and outgoing connections:
"net.ipv4.tcp_fastopen" = 3;
# Bufferbloat mitigations + slight improvement in throughput & latency
"net.ipv4.tcp_congestion_control" = "bbr";
"net.core.default_qdisc" = "cake";
## TCP optimization
# TCP Fast Open is a TCP extension that reduces network latency by packing
# data in the senders initial TCP SYN. Setting 3 = enable TCP Fast Open for
# both incoming and outgoing connections:
"net.ipv4.tcp_fastopen" = 3;
# Bufferbloat mitigations + slight improvement in throughput & latency
"net.ipv4.tcp_congestion_control" = "bbr";
"net.core.default_qdisc" = "cake";
};
kernelModules = [ "tcp_bbr" ];
};
boot.kernelModules = [ "tcp_bbr" ];
# So we don't have to do this later...
security.acme.acceptTerms = true;

26
modules/services/wallpaper.nix Normal file
View file

@ -0,0 +1,26 @@
{ lib, config, ... }:
with lib;
let
cfg = config.my.services.wallpaper;
in
{
options.my.services.wallpaper = {
enable = mkEnableOption "wallpaper changer";
frequency = mkOption {
type = types.str;
default = "30m";
};
};
config = mkIf cfg.enable {
systemd.user.services.wallpaper = {
script = "${getExe config.my.programs.wallpaper.package} -r -v";
wantedBy = [ "graphical-session.target" ];
serviceConfig = {
Restart = "always";
RuntimeMaxSec = cfg.frequency;
ExitType = "cgroup";
};
};
};
}

16
overlays/fixes.nix Normal file
View file

@ -0,0 +1,16 @@
{ lib, ... }:
final: prev: {
# python-poetry/poetry#5929
poetry = final.symlinkJoin {
name = "poetry";
paths = [ prev.poetry ];
postBuild =
let
regex = "s/'([a-z]*[[:blank:]][a-z]*)''/\1'/g";
in
''
${lib.getExe final.gnused} -i -E "${regex}" "$out/share/fish/vendor_completions.d/poetry.fish"
'';
};
}

16
overlays/packages.nix
View file

@ -4,7 +4,6 @@ final: prev:
{
agenix = inputs.agenix.packages.${prev.system}.default;
hyprpaper = inputs.hyprpaper.packages.${prev.system}.default;
nil = inputs.nil.packages.${prev.system}.default;
nix-super = inputs.nix-super.packages.${prev.system}.default;
rofi-wayland = prev.rofi-wayland.overrideAttrs (_: {
src = inputs.rofi-wayland;
@ -12,19 +11,4 @@ final: prev:
});
timers = inputs.timers.packages.${prev.system}.default;
hyprland = inputs.hyprland.packages.${prev.system}.default;
fzf1 = final.writeShellApplication {
name = "fzf1";
runtimeInputs = with final; [ coreutils fzf fd ];
text = ''
#!/usr/bin/env bash
selected=$(fzf --query="$*" -1 < /dev/stdin)
if [[ -z $selected ]]; then
exit 0
fi
echo "$selected"
'';
};
}

19
overlays/vimPlugins.nix
View file

@ -4,6 +4,8 @@ _: prev:
with lib.my;
{
vimPlugins = prev.vimPlugins // {
inherit (inputs.codeium-nvim.packages.${prev.system}.vimPlugins) codeium-nvim;
smartcolumn-nvim = prev.vimUtils.buildVimPluginFrom2Nix {
pname = "smartcolumn-nvim";
version = mkVersionInput inputs.smartcolumn-nvim;
@ -37,5 +39,22 @@ with lib.my;
version = mkVersionInput inputs.nvim-treesitter;
src = inputs.nvim-treesitter;
});
# HACK: to fix error in nixpkgs version of nvim-lspconfig
nvim-lspconfig = prev.vimPlugins.nvim-lspconfig.overrideAttrs (_: {
version = mkVersionInput inputs.nvim-lspconfig;
src = inputs.nvim-lspconfig;
});
nvim-puppeteer = prev.vimUtils.buildVimPluginFrom2Nix {
pname = "nvim-puppeteer";
version = mkVersionInput inputs.nvim-puppeteer;
src = inputs.nvim-puppeteer;
};
null-ls-nvim = prev.vimPlugins.null-ls-nvim.overrideAttrs (a: {
version = mkVersionInput inputs.none-ls-nvim;
src = inputs.none-ls-nvim;
});
};
}

11
secrets/moritz-password.age Normal file
View file

@ -0,0 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 wG6LYg LK0u1kmnMlRkk3s1nqpHREr0pbtQwc+Or9XFGSk5Syo
HLc3gWskZTeWfMPgR+EBn3R3ycn+7rWKgheZuP4o9Tg
-> ssh-ed25519 ZYd7Zg w8wh8buUNQcPdihFgWVyZfCg74x01YTSbnj8Sw5dhBQ
i8/rwKnUn2QIuTpLayg1+SzUnHbpOu7CdhAnO3u3/VU
-> ssh-ed25519 CjuqfA FPR6pGls0nRXB7lFUagHCcY39iuoSBab+T40aMuD8hQ
pyrcWA0Knw0iZf8CpfvmP5hsJf0Gba9LBKSQO1yGfbQ
-> CQVJ}-grease pf }&%
7Q
--- Mn5qor9GWHRU52zTv+kCqQljCZYsG1tO6ekZSH/p1yc
ÖÉôJžåODša¸õ0Cµ¼c´ <72>X *ú…F\uãÄAÎFOƒ<4F> ÔsKùt<»ù(œ5¢JÛMTD¶<S-iÇ1ã7Ó9™<39>ä[Çhqr>ÕÌv²Rãõµ?Mþe

BIN
secrets/root-password.age Normal file
View file

Binary file not shown.

3
secrets/secrets.nix
View file

@ -18,10 +18,11 @@ in
{
"github.age".publicKeys = all;
"ssh-home.age".publicKeys = personal;
"ssh-builder.age".publicKeys = personal;
"uni-vpn.age".publicKeys = personal;
"wireguard-preshared-key.age".publicKeys = personal;
"wireguard-private-key.age".publicKeys = personal;
"webis.age".publicKeys = hosts-personal ++ [ scadspc25 moritz ];
"webis-ssh.age".publicKeys = hosts-personal ++ [ scadspc25 moritz ];
"root-password.age".publicKeys = hosts-personal ++ [ moritz ];
"moritz-password.age".publicKeys = hosts-personal ++ [ moritz ];
}

10
secrets/ssh-builder.age
View file

@ -1,10 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 wG6LYg 5umyOPP+KaUaQckEZYnh+nyX2RIMDp/KtJraFuATQBM
qsS9JiY0qxR7IMwpH2x1VWF5A5/wrAkbeOzuMcf1fS0
-> ssh-ed25519 ZYd7Zg L9EJulnOPk7fEcmrWU8mVRbEN80dHCji1n4bnwGJigk
KTnk+Ku96gJ7Tj2egXyqX6UIuytHTuMFM1ygDXoIDxg
-> XQ.ai[-grease a ) r]>2~U
7CDc3c+1EZaEB15RE8JMzmdbr2WmQeP2ivIh4qgYTnKImHxJaJEhgScd0EzyEXVP
NZxuP+0
--- CE/X6hjRUWT1ya1ySIjFBnLdmPkVbL4ugDwYv9XGYoo
Úô½çµß‰¦¥×3Ïÿ8ìež:Im…èúÔF?U¨~Ù83ÍÉÜóÝðµôìNC<4E>zAÅãõúû°õM]0¥²fšð´ku˜¯†<C2AF>FL§lš<åÀSXCÅÛhEh<45> Î¥GKF<15>È<+çÒoŒ_<C592>ÝÐIP´ùça<vJ<>SxzŸÇyà£_\ÿ<>8p‰¥æ0v