diff --git a/flake.lock b/flake.lock index d8f53d5..912fdce 100644 --- a/flake.lock +++ b/flake.lock @@ -3,11 +3,11 @@ "actions-preview-nvim": { "flake": false, "locked": { - "lastModified": 1700487072, - "narHash": "sha256-gGUVWsaFLzrUEGK7wY05RtvorbG5oyqlR34PMPQEZ0U=", + "lastModified": 1701784064, + "narHash": "sha256-3VURlbunovftW2+wqRPGFDVwrx7bErbrc2Zjkd3MOUM=", "owner": "aznhe21", "repo": "actions-preview.nvim", - "rev": "b2c89c2937d527c22deb194d574d2a93246cd869", + "rev": "8f79029a36ab6807478f157538a91ccd4af5858f", "type": "github" }, "original": { @@ -122,11 +122,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1700815693, - "narHash": "sha256-JtKZEQUzosrCwDsLgm+g6aqbP1aseUl1334OShEAS3s=", + "lastModified": 1701787589, + "narHash": "sha256-ce+oQR4Zq9VOsLoh9bZT8Ip9PaMLcjjBUHVPzW5d7Cw=", "owner": "numtide", "repo": "devshell", - "rev": "7ad1c417c87e98e56dcef7ecd0e0a2f2e5669d51", + "rev": "44ddedcbcfc2d52a76b64fb6122f209881bd3e1e", "type": "github" }, "original": { @@ -140,11 +140,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1700927249, - "narHash": "sha256-iqmIWiEng890/ru7ZBf4nUezFPyRm2fjRTvuwwxqk2o=", + "lastModified": 1701905325, + "narHash": "sha256-lda63LmEIlDMeCgWfjr3/wb487XPllBByfrGRieyEk4=", "owner": "nix-community", "repo": "disko", - "rev": "3cb78c93e6a02f494aaf6aeb37481c27a2e2ee22", + "rev": "1144887c6f4d2dcbb2316a24364ef53e25b0fcfe", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1698882062, - "narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=", + "lastModified": 1701473968, + "narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "8c9fa2545007b49a5db5f650ae91f227672c3877", + "rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5", "type": "github" }, "original": { @@ -227,11 +227,11 @@ ] }, "locked": { - "lastModified": 1698882062, - "narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=", + "lastModified": 1696343447, + "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "8c9fa2545007b49a5db5f650ae91f227672c3877", + "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4", "type": "github" }, "original": { @@ -266,11 +266,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1694529238, - "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", "owner": "numtide", "repo": "flake-utils", - "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", "type": "github" }, "original": { @@ -315,6 +315,22 @@ "type": "github" } }, + "gen-nvim": { + "flake": false, + "locked": { + "lastModified": 1702112421, + "narHash": "sha256-oF6LT8Q6Dp4mKDNTcm/hx0F8a6iN/HvpZKgGRkctrI4=", + "owner": "David-Kunz", + "repo": "gen.nvim", + "rev": "1319b03357fd7017bbaf1d45cd6b72bd9e106226", + "type": "github" + }, + "original": { + "owner": "David-Kunz", + "repo": "gen.nvim", + "type": "github" + } + }, "gitignore": { "inputs": { "nixpkgs": [ @@ -345,11 +361,11 @@ ] }, "locked": { - "lastModified": 1701009247, - "narHash": "sha256-GuX16rzRze2y7CsewJLTV6qXkXWyEwp6VCZXi8HLruU=", + "lastModified": 1698165573, + "narHash": "sha256-cnMTgCDnZiQKsf+wVzigpexskqRCFTKgS58Wx2rNU1c=", "owner": "hercules-ci", "repo": "hercules-ci-effects", - "rev": "31b6cd7569191bfcd0a548575b0e2ef953ed7d09", + "rev": "300e0af24a1bbe32d115beb182efb01785582c45", "type": "github" }, "original": { @@ -402,11 +418,11 @@ ] }, "locked": { - "lastModified": 1701071203, - "narHash": "sha256-lQywA7QU/vzTdZ1apI0PfgCWNyQobXUYghVrR5zuIeM=", + "lastModified": 1701728041, + "narHash": "sha256-x0pyrI1vC8evVDxCxyO6olOyr4wlFg9+VS3C3p4xFYQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "db1878f013b52ba5e4034db7c1b63e8d04173a86", + "rev": "ac7216918cd65f3824ba7817dea8f22e61221eaf", "type": "github" }, "original": { @@ -442,11 +458,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1701344414, - "narHash": "sha256-ViW79jtyafW7Q0T+V83k8gk+a2y27Ua1lqFnDxSFCwA=", + "lastModified": 1701988578, + "narHash": "sha256-44jQ4XMNP5ql3fdXLN+SCEnKfZcK1aY34koIwFLWgYw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "29970228c5f71f417b0a3e1b4851d9430ed095dd", + "rev": "6fb1b89b982eea26ecae75b93f1742537c4f31ae", "type": "github" }, "original": { @@ -547,11 +563,11 @@ }, "master": { "locked": { - "lastModified": 1701336116, - "narHash": "sha256-kEmpezCR/FpITc6yMbAh4WrOCiT2zg5pSjnKrq51h5Y=", + "lastModified": 1702047654, + "narHash": "sha256-GYTb8in0dHg7/iaFmCcle8A+Ab85HpX9L57dIDpZKiw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f5c27c6136db4d76c30e533c20517df6864c46ee", + "rev": "0e342e3226b7f25d82a413b09454e5bff8778e53", "type": "github" }, "original": { @@ -609,11 +625,11 @@ }, "locked": { "dir": "contrib", - "lastModified": 1701302207, - "narHash": "sha256-DQ7nF2k2dwQDHhh2ohTEmj6Gn2+ow2OFBwCgpBt0nn4=", + "lastModified": 1698359872, + "narHash": "sha256-/migmIszx7Kqa/x9I6hKYATeFSpZ7P+6NKRDA1nkZfk=", "owner": "neovim", "repo": "neovim", - "rev": "463b577afb78ad864cd09ac2c51f77653ab4ce48", + "rev": "9dc440400cdb470b317c4169ba916e1cd9a316e1", "type": "github" }, "original": { @@ -632,11 +648,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1701302639, - "narHash": "sha256-wvFGpQl39xgUikFAN99E2AcmdyYWNbSM8MUXCcdrnWo=", + "lastModified": 1701993865, + "narHash": "sha256-2BksxNhmUG+MFCejvXeIPivJ8273r6aS5sqC4W8pjw8=", "owner": "nix-community", "repo": "neovim-nightly-overlay", - "rev": "3d00c9fc954c278f0aa76d16faef983bf450af8e", + "rev": "3094e82f5b8b3ccf6ddd4917e881209faea35d90", "type": "github" }, "original": { @@ -652,11 +668,11 @@ ] }, "locked": { - "lastModified": 1700968077, - "narHash": "sha256-Lax+2g7G3Fe+ckMrHLYTl+97unbmNDmN1qS9MLBkxr4=", + "lastModified": 1701980277, + "narHash": "sha256-qSMnoUIZl3lyaAXgXGQ4qnA5jufnNrBAI0bYw7kJgtE=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "bd3aec0ecb0fdde863a7ed2c6caa220c47e22c07", + "rev": "ca1f1798f63ada20dffcb8b23039b00a597dafe9", "type": "github" }, "original": { @@ -722,11 +738,11 @@ "nixpkgs-lib": { "locked": { "dir": "lib", - "lastModified": 1698611440, - "narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=", + "lastModified": 1701253981, + "narHash": "sha256-ztaDIyZ7HrTAfEEUt9AtTDNoCYxUdSd6NrRHaYOIxtk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735", + "rev": "e92039b55bcd58469325ded85d4f58dd5a4eaf58", "type": "github" }, "original": { @@ -851,11 +867,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1701174899, - "narHash": "sha256-1W+FMe8mWsJKXoBc+QgKmEeRj33kTFnPq7XCjU+bfnA=", + "lastModified": 1698266953, + "narHash": "sha256-jf72t7pC8+8h8fUslUYbWTX5rKsRwOzRMX8jJsGqDXA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "010c7296f3b19a58b206fdf7d68d75a5b0a09e9e", + "rev": "75a52265bda7fd25e06e3a67dee3f0354e73243c", "type": "github" }, "original": { @@ -867,11 +883,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1701184375, - "narHash": "sha256-E8PLzcEMf/1VtRcu+SeJZHtlNrXveBhGoN4AGYxScRE=", + "lastModified": 1695283060, + "narHash": "sha256-CJz71xhCLlRkdFUSQEL0pIAAfcnWFXMzd9vXhPrnrEg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e922e146779e250fae512da343cfb798c758509d", + "rev": "31ed632c692e6a36cfc18083b88ece892f863ed4", "type": "github" }, "original": { @@ -883,11 +899,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1701237617, - "narHash": "sha256-Ryd8xpNDY9MJnBFDYhB37XSFIxCPVVVXAbInNPa95vs=", + "lastModified": 1701693815, + "narHash": "sha256-7BkrXykVWfkn6+c1EhFA3ko4MLi3gVG0p9G96PNnKTM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "85306ef2470ba705c97ce72741d56e42d0264015", + "rev": "09ec6a0881e1a36c29d67497693a67a16f4da573", "type": "github" }, "original": { @@ -916,11 +932,11 @@ "none-ls-nvim": { "flake": false, "locked": { - "lastModified": 1701287639, - "narHash": "sha256-JE+6Sl1YaVaJa5ccFqknyl1yfOQPXcoaeLWyMD6ylLk=", + "lastModified": 1701961425, + "narHash": "sha256-hLGai3rrA1tVWn4XdLO/z9dNo6X9tyhVbnnDPvJhuzw=", "owner": "nvimtools", "repo": "none-ls.nvim", - "rev": "3a4826687da4310af379515086d71faca4d21288", + "rev": "45d0e8fa9094dcc3fabad9065a5822af9cf099c7", "type": "github" }, "original": { @@ -931,11 +947,11 @@ }, "nur": { "locked": { - "lastModified": 1701333924, - "narHash": "sha256-w953OKiXjECq44lI+vA1YR0XW/Np/B4OrIIm/d/GntU=", + "lastModified": 1702043062, + "narHash": "sha256-Q4iifG2pgHJ09zrxHIeVbSPnhpGsP0ssRbA0x9rVM6s=", "owner": "nix-community", "repo": "NUR", - "rev": "f0d92d2737c97b37804ca485d10148ee9abccf69", + "rev": "4ca441c58bbfaa1728c4a5b4115f79569f6ff186", "type": "github" }, "original": { @@ -947,11 +963,11 @@ "nvim-lspconfig": { "flake": false, "locked": { - "lastModified": 1701322583, - "narHash": "sha256-nPXJPT3j5nEHoJ8VzOtqcWszzZKcrFBsXmo7RU63CY4=", + "lastModified": 1702007833, + "narHash": "sha256-4Ogx+58962qoph8iMyHBGEqoRARK5KQAYEaa1wsgdsw=", "owner": "neovim", "repo": "nvim-lspconfig", - "rev": "fcf153fbbf1facd16a71d46b92be8be495123a9f", + "rev": "511609ae0311abfcfaed3c398429a147e895ce2c", "type": "github" }, "original": { @@ -963,11 +979,11 @@ "nvim-puppeteer": { "flake": false, "locked": { - "lastModified": 1699883336, - "narHash": "sha256-pvJasvdIwH2kmZNcKCviItnUZMVUvbtezI72/IMk9iU=", + "lastModified": 1702039678, + "narHash": "sha256-gapO2oSprw85a5BKFi+rhB11edGwB1JqATQUBudqKHU=", "owner": "chrisgrieser", "repo": "nvim-puppeteer", - "rev": "1a941a8684b937295632bc156d1b17e80de2d717", + "rev": "486502b9c8207b53459061783310bca5f476c48b", "type": "github" }, "original": { @@ -1018,11 +1034,11 @@ "rofi-wayland": { "flake": false, "locked": { - "lastModified": 1701337007, - "narHash": "sha256-1OpY13TDc809/o/HAxYNhZUf2MG8ZETDEojJ2QsNCUE=", + "lastModified": 1701359387, + "narHash": "sha256-AjZMjEKv3Ksp93KMJoPibgb/ibNlgt3WKez8WMsY4a0=", "owner": "lbonn", "repo": "rofi", - "rev": "78888dd80ddb49a5b3296e55e94aaa41c0f43298", + "rev": "36621af0e49e1272fcafb161e1dbf0c1345b394f", "type": "github" }, "original": { @@ -1043,6 +1059,7 @@ "disko": "disko", "flake-parts": "flake-parts", "flake-utils": "flake-utils", + "gen-nvim": "gen-nvim", "hmts-nvim": "hmts-nvim", "home-manager": "home-manager_2", "hypr-contrib": "hypr-contrib", @@ -1088,11 +1105,11 @@ }, "stable": { "locked": { - "lastModified": 1701053011, - "narHash": "sha256-8QQ7rFbKFqgKgLoaXVJRh7Ik5LtI3pyBBCfOnNOGkF0=", + "lastModified": 1701615100, + "narHash": "sha256-7VI84NGBvlCTduw2aHLVB62NvCiZUlALLqBe5v684Aw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5b528f99f73c4fad127118a8c1126b5e003b01a9", + "rev": "e9f06adb793d1cca5384907b3b8a4071d5d7cb19", "type": "github" }, "original": { @@ -1267,18 +1284,18 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1701291624, - "narHash": "sha256-SWmzxn3gTyZOGEHgSDUJjJdoEKtt/kV6uWrUDx4JCC4=", + "lastModified": 1701368958, + "narHash": "sha256-7kvyoA91etzVEl9mkA/EJfB6z/PltxX7Xc4gcr7/xlo=", "owner": "wlroots", "repo": "wlroots", - "rev": "d7ecdad4e082cb5817806348de198679a11b35df", + "rev": "5d639394f3e83b01596dcd166a44a9a1a2583350", "type": "gitlab" }, "original": { "host": "gitlab.freedesktop.org", "owner": "wlroots", "repo": "wlroots", - "rev": "d7ecdad4e082cb5817806348de198679a11b35df", + "rev": "5d639394f3e83b01596dcd166a44a9a1a2583350", "type": "gitlab" } }, diff --git a/flake.nix b/flake.nix index 43692cf..c1ced19 100644 --- a/flake.nix +++ b/flake.nix @@ -54,6 +54,8 @@ neotest-python.url = "github:MoritzBoehme/neotest-python/fix-runtimepath-search"; statuscol-nvim.flake = false; statuscol-nvim.url = "github:luukvbaal/statuscol.nvim/0.10"; # HACK: fix for neovim-nightly + gen-nvim.flake = false; + gen-nvim.url = "github:David-Kunz/gen.nvim"; # Hyprland hypr-contrib.url = "github:hyprwm/contrib"; diff --git a/hosts/nixos-desktop/default.nix b/hosts/nixos-desktop/default.nix index 2edef3d..60e71f4 100644 --- a/hosts/nixos-desktop/default.nix +++ b/hosts/nixos-desktop/default.nix @@ -9,6 +9,7 @@ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix + ./disko.nix ]; my = { @@ -16,6 +17,7 @@ desktop.enable = true; gaming.enable = true; personal.enable = true; + impermanence.enable = true; }; programs.hyprland = { nvidiaSupport = true; @@ -24,6 +26,7 @@ keyboardLayouts = [ "us" "de" ]; }; services.wallpaper.enable = true; + services.ollama.enable = true; programs.ledger.enable = true; }; @@ -51,18 +54,11 @@ kernelPackages = pkgs.linuxPackages_latest; # BOOT - - supportedFilesystems = [ "btrfs" "ntfs" ]; + supportedFilesystems = [ "zfs" "btrfs" "ntfs" ]; loader = { - grub = { - enable = true; - device = "nodev"; - efiSupport = true; - useOSProber = true; - }; + systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; - kernelModules = [ "lm92" "drivetemp" ]; }; diff --git a/hosts/nixos-desktop/disko.nix b/hosts/nixos-desktop/disko.nix new file mode 100644 index 0000000..d373c43 --- /dev/null +++ b/hosts/nixos-desktop/disko.nix @@ -0,0 +1,102 @@ +{ lib, ... }: + +{ + # needed for zfs pool + networking.hostId = "1f8b8073"; + disko.devices = { + disk = { + main = { + type = "disk"; + device = "/dev/disk/by-id/ata-Samsung_SSD_850_EVO_500GB_S2RBNX0J351943M"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + encryptedSwap = { + size = "8G"; + content = { + type = "swap"; + randomEncryption = true; + }; + }; + zfs = { + size = "100%"; + content = { + type = "zfs"; + pool = "zroot"; + }; + }; + }; + }; + }; + }; + zpool = { + zroot = { + type = "zpool"; + rootFsOptions = { + compression = "zstd"; + "com.sun:auto-snapshot" = "false"; + "acltype" = "posixacl"; # NOTE: needed for systemd https://github.com/NixOS/nixpkgs/issues/16954 + }; + mountpoint = null; + + datasets = { + encrypted = { + type = "zfs_fs"; + options = { + mountpoint = "none"; + encryption = "aes-256-gcm"; + keyformat = "passphrase"; + }; + # use this to read the key during boot + postCreateHook = '' + zfs set keylocation="prompt" "zroot/$name"; + ''; + }; + "encrypted/root" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/"; + postCreateHook = "zfs snapshot zroot/encrypted/root@blank"; + }; + "encrypted/nix" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/nix"; + }; + "encrypted/persist" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/persist"; + options."com.sun:auto-snapshot" = "true"; + }; + }; + }; + }; + }; + # rollback to blank + boot.initrd.postDeviceCommands = lib.mkAfter '' + zfs rollback -r zroot/encrypted/root@blank && echo "rollback complete" + ''; + fileSystems."/persist".neededForBoot = true; + # HACK: to fix issue of agenix running before impermanence + age.identityPaths = [ + "/etc/ssh/ssh_host_ed25519_key" + "/etc/ssh/ssh_host_rsa_key" + "/persist/etc/ssh/ssh_host_ed25519_key" + "/persist/etc/ssh/ssh_host_rsa_key" + ]; + services.zfs = { + autoScrub.enable = true; + trim.enable = true; + autoSnapshot.enable = true; + }; +} diff --git a/hosts/nixos-desktop/hardware-configuration.nix b/hosts/nixos-desktop/hardware-configuration.nix index 75c7ac5..2b77412 100644 --- a/hosts/nixos-desktop/hardware-configuration.nix +++ b/hosts/nixos-desktop/hardware-configuration.nix @@ -11,49 +11,10 @@ initrd = { availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; kernelModules = [ ]; - luks.devices."enc".device = "/dev/disk/by-uuid/30025a9f-44cf-4074-8ae2-d4925efd67dd"; }; kernelModules = [ "kvm-amd" ]; extraModulePackages = [ ]; }; - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1"; - fsType = "btrfs"; - options = [ "subvol=root" "compress=zstd" ]; - }; - - "/home" = { - device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1"; - fsType = "btrfs"; - options = [ "subvol=home" "compress=zstd" ]; - }; - - "/nix" = { - device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1"; - fsType = "btrfs"; - options = [ "subvol=nix" "compress=zstd" ]; - }; - - "/var/log" = { - device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1"; - fsType = "btrfs"; - options = [ "subvol=log" "compress=zstd" ]; - neededForBoot = true; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/297B-C04C"; - fsType = "vfat"; - }; - - "/media/games" = { - device = "/dev/disk/by-uuid/8f92ff36-a685-4a67-a3d4-55136dc5f286"; - fsType = "ext4"; - }; - }; - - swapDevices = [{ device = "/dev/disk/by-uuid/00ad6f74-f23e-4ac0-abfb-89bdfe5ab8ae"; }]; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/hosts/nixos-laptop/default.nix b/hosts/nixos-laptop/default.nix index 2709bcf..953f8cb 100644 --- a/hosts/nixos-laptop/default.nix +++ b/hosts/nixos-laptop/default.nix @@ -3,14 +3,12 @@ # and in the NixOS manual (accessible by running ‘nixos-help’). { pkgs , inputs -, lib , ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ./disko.nix - ./impermanence.nix ]; my = { @@ -20,25 +18,10 @@ desktop.enable = true; personal.enable = true; webis.enable = true; + impermanence.enable = true; }; }; - environment.systemPackages = [ - ( - pkgs.writeShellApplication { - name = "zfs-diff"; - runtimeInputs = with pkgs; [ zfs coreutils parallel tree ]; - text = '' - zfs diff -F zroot/encrypted/root@blank | awk '$2 == "F" && system("test -e /persist/"$3) != 0 { print $3 }' 2>/dev/null | tree --fromfile . "$@" - ''; - } - ) - ]; - - home-manager.users.moritz.home.packages = with pkgs; [ - # jetbrains.idea-ultimate - ]; - # BOOT boot = { supportedFilesystems = [ "zfs" ]; diff --git a/hosts/nixos-laptop/disko.nix b/hosts/nixos-laptop/disko.nix index 6540b2b..6efc317 100644 --- a/hosts/nixos-laptop/disko.nix +++ b/hosts/nixos-laptop/disko.nix @@ -12,7 +12,7 @@ type = "gpt"; partitions = { ESP = { - size = "64M"; + size = "512M"; type = "EF00"; content = { type = "filesystem"; diff --git a/modules/profiles/desktop.nix b/modules/profiles/desktop.nix index b5d865a..cce9eae 100644 --- a/modules/profiles/desktop.nix +++ b/modules/profiles/desktop.nix @@ -16,7 +16,7 @@ in yubikey = { enable = mkDefault true; luksSupport = { - enable = mkDefault true; + enable = mkDefault false; devices = mkDefault [ "enc" ]; }; }; diff --git a/modules/profiles/impermanence.nix b/modules/profiles/impermanence.nix new file mode 100644 index 0000000..89bfacd --- /dev/null +++ b/modules/profiles/impermanence.nix @@ -0,0 +1,95 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + cfg = config.my.profiles.impermanence; +in +{ + options.my.profiles.impermanence.enable = mkEnableOption "impermanence"; + + config = mkIf cfg.enable { + age.secrets = { + root-password.file = ../../secrets/root-password.age; + moritz-password.file = ../../secrets/moritz-password.age; + }; + users.users = { + root.hashedPasswordFile = config.age.secrets.root-password.path; + moritz.hashedPasswordFile = config.age.secrets.moritz-password.path; + }; + users.mutableUsers = false; + environment.persistence."/persist" = { + hideMounts = true; + directories = [ + "/etc/NetworkManager/system-connections" + "/var/db/dhcpcd/" + "/var/lib/NetworkManager/" + "/var/lib/bluetooth" + "/var/lib/nixos" + "/var/lib/systemd/coredump" + "/var/log" + ]; + files = [ + "/etc/machine-id" + "/etc/nix/id_rsa" + "/etc/ssh/ssh_host_ed25519_key" + "/etc/ssh/ssh_host_ed25519_key.pub" + "/etc/ssh/ssh_host_rsa_key" + "/etc/ssh/ssh_host_rsa_key.pub" + ]; + users.moritz = { + directories = [ + ".SynologyDrive/data" + ".SynologyDrive/log" + ".cache/keepassxc" + ".cache/nvim/luac" + ".config/Nextcloud" + ".config/keepassxc" + ".local/share/direnv" + ".local/share/nvim" + ".local/share/zoxide" + ".local/share/JetBrains" + ".config/JetBrains" + ".local/state/nvim" + ".config/kdeconnect" + ".cat_installer" # eduroam + ".mozilla" + "Documents" + "Downloads" + "Music" + "Pictures" + "Videos" + { directory = ".gnupg"; mode = "0700"; } + { directory = ".local/share/keyrings"; mode = "0700"; } + { directory = ".ssh"; mode = "0700"; } + ]; + files = [ + ".local/share/fish/fish_history" + ".local/share/nix/trusted-settings.json" + ".parallel/will-cite" + ]; + }; + users.root = { + home = "/root"; + directories = [ + { directory = ".gnupg"; mode = "0700"; } + { directory = ".ssh"; mode = "0700"; } + ]; + files = [ + ".local/share/nix/trusted-settings.json" + ]; + }; + }; + + environment.systemPackages = [ + ( + pkgs.writeShellApplication { + name = "zfs-diff"; + runtimeInputs = with pkgs; [ zfs coreutils parallel tree ]; + text = '' + zfs diff -F zroot/encrypted/root@blank | awk '$2 == "F" && system("test -e /persist/"$3) != 0 { print $3 }' 2>/dev/null | tree --fromfile . "$@" + ''; + } + ) + ]; + }; +} diff --git a/modules/profiles/personal.nix b/modules/profiles/personal.nix index bfea3e2..58c2485 100644 --- a/modules/profiles/personal.nix +++ b/modules/profiles/personal.nix @@ -30,8 +30,8 @@ in "browser.search.suggest.enabled" = true; "browser.urlbar.suggest.searches" = true; - # startup page - "browser.startup.page" = 0; + # Restore previous session on startup + "browser.startup.page" = 3; # drm "media.eme.enabled" = true; @@ -41,30 +41,6 @@ in # disable letterboxing "privacy.resistFingerprinting.letterboxing" = false; - - ## OTHER - # Dont show warning when accessing about:config - "browser.aboutConfig.showWarning" = false; - - # Hide bookmarks - "browser.toolbars.bookmarks.visibility" = "never"; - - # Smooth scrolling - "general.smoothScroll.lines.durationMaxMS" = 125; - "general.smoothScroll.lines.durationMinMS" = 125; - "general.smoothScroll.mouseWheel.durationMaxMS" = 200; - "general.smoothScroll.mouseWheel.durationMinMS" = 100; - "general.smoothScroll.msdPhysics.enabled" = true; - "general.smoothScroll.other.durationMaxMS" = 125; - "general.smoothScroll.other.durationMinMS" = 125; - "general.smoothScroll.pages.durationMaxMS" = 125; - "general.smoothScroll.pages.durationMinMS" = 125; - "mousewheel.min_line_scroll_amount" = 40; - "mousewheel.system_scroll_override_on_root_content.enabled" = true; - "mousewheel.system_scroll_override_on_root_content.horizontal.factor" = 175; - "mousewheel.system_scroll_override_on_root_content.vertical.factor" = 175; - "toolkit.scrollbox.horizontalScrollDistance" = 6; - "toolkit.scrollbox.verticalScrollDistance" = 2; }; }; }; diff --git a/modules/programs/firefox.nix b/modules/programs/firefox.nix index f1f57e3..ffdd778 100644 --- a/modules/programs/firefox.nix +++ b/modules/programs/firefox.nix @@ -29,11 +29,21 @@ in ); }; }; + setSearchEngines = mkEnableOption "firefox search engines" // { + default = true; + }; }; config = mkIf cfg.enable { home-manager.users.moritz.programs.firefox = { enable = true; + policies = mkIf cfg.setSearchEngines { + SearchEngines = { + Default = "Kagi"; + Remove = [ "Google" "Amazon.de" "Bing" ]; + }; + }; + package = if cfg.setSearchEngines then pkgs.firefox-esr else pkgs.firefox; profiles."default" = { extraConfig = mkIf cfg.arkenfox.enable '' // Arkenfox user.js @@ -50,10 +60,106 @@ in keepassxc-browser languagetool multi-account-containers + sponsorblock + temporary-containers ublock-origin - wikiwand-wikipedia-modernized vimium ]; + settings = { + # Disable Pocket + "extensions.pocket.enabled" = false; + + # Disable Activity Stream + # https://wiki.mozilla.org/Firefox/Activity_Stream + "browser.newtabpage.activity-stream.enabled" = false; + "browser.newtabpage.activity-stream.telemetry" = false; + "browser.newtabpage.activity-stream.feeds.discoverystreamfeed" = false; + "browser.newtabpage.activity-stream.feeds.section.topstories" = false; + "browser.newtabpage.activity-stream.section.highlights.includePocket" = false; + "browser.newtabpage.activity-stream.showSponsored" = false; + "browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned" = ""; + "browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines" = ""; + "browser.newtabpage.pinned" = "[]"; + + # Disable new tab tile ads & preload + # http://www.thewindowsclub.com/disable-remove-ad-tiles-from-firefox + # http://forums.mozillazine.org/viewtopic.php?p=13876331#p13876331 + # https://wiki.mozilla.org/Tiles/Technical_Documentation#Ping + # https://gecko.readthedocs.org/en/latest/browser/browser/DirectoryLinksProvider.html#browser-newtabpage-directory-source + # https://gecko.readthedocs.org/en/latest/browser/browser/DirectoryLinksProvider.html#browser-newtabpage-directory-ping + "browser.newtabpage.enhanced" = false; + "browser.newtabpage.introShown" = true; + "browser.newtab.preload" = false; + "browser.newtabpage.directory.ping" = ""; + "browser.newtabpage.directory.source" = "data:text/plain,{}"; + + # Disable some not so useful functionality. + "browser.disableResetPrompt" = true; # "Looks like you haven't started Firefox in a while." + "browser.onboarding.enabled" = false; # "New to Firefox? Let's get started!" tour + "browser.aboutConfig.showWarning" = false; # Warning when opening about:config + "extensions.shield-recipe-client.enabled" = false; + + # do not offer to save passwords = nor allow the user to enable the feature + "signon.rememberSignons" = false; + "signon.rememberSignons.visibilityToggle" = false; + + # send do not track header + "privacy.donottrackheader.enabled" = true; + + # Hide bookmarks + "browser.toolbars.bookmarks.visibility" = "never"; + + # Smooth scrolling + "general.smoothScroll.lines.durationMaxMS" = 125; + "general.smoothScroll.lines.durationMinMS" = 125; + "general.smoothScroll.mouseWheel.durationMaxMS" = 200; + "general.smoothScroll.mouseWheel.durationMinMS" = 100; + "general.smoothScroll.msdPhysics.enabled" = true; + "general.smoothScroll.other.durationMaxMS" = 125; + "general.smoothScroll.other.durationMinMS" = 125; + "general.smoothScroll.pages.durationMaxMS" = 125; + "general.smoothScroll.pages.durationMinMS" = 125; + "mousewheel.min_line_scroll_amount" = 40; + "mousewheel.system_scroll_override_on_root_content.enabled" = true; + "mousewheel.system_scroll_override_on_root_content.horizontal.factor" = 175; + "mousewheel.system_scroll_override_on_root_content.vertical.factor" = 175; + "toolkit.scrollbox.horizontalScrollDistance" = 6; + "toolkit.scrollbox.verticalScrollDistance" = 2; + + # Do not check if Firefox is the default browser + "browser.shell.checkDefaultBrowser" = false; + + # Reduce search engine noise in the urlbar's completion window. The + # shortcuts and suggestions will still work, but Firefox won't clutter + # its UI with reminders that they exist. + "browser.urlbar.suggest.searches" = false; + "browser.urlbar.shortcuts.bookmarks" = false; + "browser.urlbar.shortcuts.history" = false; + "browser.urlbar.shortcuts.tabs" = false; + "browser.urlbar.showSearchSuggestionsFirst" = false; + "browser.urlbar.speculativeConnect.enabled" = false; + + # https://bugzilla.mozilla.org/1642623 + "browser.urlbar.dnsResolveSingleWordsAfterSearch" = 0; + # https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ + "browser.urlbar.suggest.quicksuggest.nonsponsored" = false; + "browser.urlbar.suggest.quicksuggest.sponsored" = false; + + # Show whole URL in address bar + "browser.urlbar.trimURLs" = false; + + # auto enable addons + "extensions.autoDisableScopes" = 0; + + # Disable Form autofill + # https://wiki.mozilla.org/Firefox/Features/Form_Autofill + "browser.formfill.enable" = false; + "extensions.formautofill.addresses.enabled" = false; + "extensions.formautofill.available" = "off"; + "extensions.formautofill.creditCards.available" = false; + "extensions.formautofill.creditCards.enabled" = false; + "extensions.formautofill.heuristics.enabled" = false; + }; }; }; }; diff --git a/modules/programs/hyprland/_config.nix b/modules/programs/hyprland/_config.nix index cbeabbf..4ea8616 100644 --- a/modules/programs/hyprland/_config.nix +++ b/modules/programs/hyprland/_config.nix @@ -111,7 +111,7 @@ in } misc { - vrr = 1 + vrr = 0 mouse_move_enables_dpms = true key_press_enables_dpms = true force_default_wallpaper = 0 diff --git a/modules/programs/hyprland/default.nix b/modules/programs/hyprland/default.nix index 3a323e4..9deeb57 100644 --- a/modules/programs/hyprland/default.nix +++ b/modules/programs/hyprland/default.nix @@ -60,14 +60,12 @@ in programs.hyprland = { enable = true; - enableNvidiaPatches = cfg.nvidiaSupport; }; home-manager.users.moritz = { # enable home-manager module wayland.windowManager.hyprland = { enable = true; - enableNvidiaPatches = cfg.nvidiaSupport; extraConfig = import ./_config.nix args; systemd.extraCommands = [ "systemctl --user stop hyprland-session.target" diff --git a/modules/programs/nvim/plugins/coding.nix b/modules/programs/nvim/plugins/coding.nix index 293f467..4b2526c 100644 --- a/modules/programs/nvim/plugins/coding.nix +++ b/modules/programs/nvim/plugins/coding.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, lib, ... }: with builtins; { @@ -55,7 +55,6 @@ with builtins; ]; opts = { }; dependencies = [ - { plugin = which-key-nvim; } { plugin = nvim-web-devicons; } ]; } @@ -333,5 +332,25 @@ with builtins; }; cmd = [ "Neogen" ]; } + { + plugin = gen-nvim; + init = /* lua */ '' + require("gen").setup({ + model = "zephyr:7b-beta", -- The default model to use. + display_mode = "float", -- The display mode. Can be "float" or "split". + show_prompt = false, -- Shows the Prompt submitted to Ollama. + show_model = false, -- Displays which model you are using at the beginning of your chat session. + no_auto_close = false, -- Never closes the window automatically. + init = function(options) end, + -- Function to initialize Ollama + command = "${lib.getExe pkgs.curl} --silent --no-buffer -X POST http://localhost:11434/api/generate -d $body", + -- The command for the Ollama service. You can use placeholders $prompt, $model and $body (shellescaped). + -- This can also be a lua function returning a command string, with options as the input parameter. + -- The executed command must return a JSON object with { response, context } + -- (context property is optional). + debug = false -- Prints errors and the command which is run. + }) + ''; + } ]; } diff --git a/modules/programs/nvim/plugins/lua/mini-nvim.lua b/modules/programs/nvim/plugins/lua/mini-nvim.lua index f2c42d3..2a33821 100644 --- a/modules/programs/nvim/plugins/lua/mini-nvim.lua +++ b/modules/programs/nvim/plugins/lua/mini-nvim.lua @@ -1,6 +1,5 @@ require("mini.align").setup() require("mini.move").setup() -require("mini.starter").setup() require("mini.statusline").setup({ content = { @@ -46,15 +45,3 @@ for _, mode_hl in ipairs(MiniStatuslineModes) do hl_table.bg = fg vim.api.nvim_set_hl(0, mode_hl .. "Inverse", hl_table) end - -local animate = require("mini.animate") -local animation = { - timing = animate.gen_timing.quadratic({ duration = 100, unit = "total" }), -} -animate.setup({ - cursor = animation, - scroll = { enable = false }, - resize = animation, - open = animation, - close = animation, -}) diff --git a/modules/programs/nvim/plugins/lua/nvim-treesitter.lua b/modules/programs/nvim/plugins/lua/nvim-treesitter.lua index 78f9613..4adea21 100644 --- a/modules/programs/nvim/plugins/lua/nvim-treesitter.lua +++ b/modules/programs/nvim/plugins/lua/nvim-treesitter.lua @@ -1,7 +1 @@ -require("nvim-treesitter.configs").setup({ - sync_install = false, - auto_install = false, - highlight = { - enable = true, - }, -}) +require("nvim-treesitter.configs").setup() diff --git a/modules/programs/nvim/plugins/treesitter.nix b/modules/programs/nvim/plugins/treesitter.nix index dfa88cb..f030944 100644 --- a/modules/programs/nvim/plugins/treesitter.nix +++ b/modules/programs/nvim/plugins/treesitter.nix @@ -6,21 +6,58 @@ with builtins; { plugin = nvim-treesitter; event = [ "BufReadPost" "BufNewFile" ]; + opts = { + sync_install = false; + auto_install = false; + highlight = { + enable = true; + }; + textobjects = + { + select = + { + enable = true; + + # Automatically jump forward to textobj, similar to targets.vim + lookahead = false; + + keymaps = { + # You can use the capture groups defined in textobjects.scm + "af" = { + query = "@function.outer"; + desc = "Select outer part of a function region"; + }; + "if" = { + query = "@function.inner"; + desc = "Select inner part of a function region"; + }; + "ac" = { + query = "@class.outer"; + desc = "Select outer part of a class region"; + }; + "ic" = { + query = "@class.inner"; + desc = "Select inner part of a class region"; + }; + }; + }; + }; + }; conf = let - parserDir = pkgs.symlinkJoin { - name = "tresitter-grammars-all"; - paths = lib.attrValues (lib.filterAttrs (_: builtins.isAttrs) nvim-treesitter-parsers); - }; + parserDir = pkgs.symlinkJoin + { + name = "tresitter-grammars-all"; + paths = lib.attrValues (lib.filterAttrs (_: builtins.isAttrs) nvim-treesitter-parsers); + }; in - readFile ./lua/nvim-treesitter.lua + '' + '' vim.opt.runtimepath:append("${parserDir}") - - require'nvim-treesitter.configs'.setup { - parser_install_dir = "${parserDir}", - } + local final_opts = vim.tbl_deep_extend("keep", opts, { parser_install_dir = "${parserDir}" }) + require('nvim-treesitter.configs').setup(final_opts) ''; dependencies = [ + { plugin = nvim-treesitter-textobjects; } { plugin = nvim-ts-context-commentstring; opts = { }; } ]; } diff --git a/modules/services/ollama.nix b/modules/services/ollama.nix new file mode 100644 index 0000000..275d2c4 --- /dev/null +++ b/modules/services/ollama.nix @@ -0,0 +1,27 @@ +{ lib, config, pkgs, ... }: + +with lib; +let + cfg = config.my.services.ollama; +in +{ + options.my.services.ollama = { + enable = mkEnableOption "ollama"; + package = mkOption { + type = types.package; + default = pkgs.ollama; + }; + }; + + config = mkIf cfg.enable { + systemd.user.services.ollama = { + after = [ "network.target" ]; + serviceConfig = { + Type = "simple"; + Restart = "on-failure"; + RestartSec = "1s"; + ExecStart = "${getExe cfg.package} serve"; + }; + }; + }; +} diff --git a/overlays/vimPlugins.nix b/overlays/vimPlugins.nix index fc07f32..1a4f6c8 100644 --- a/overlays/vimPlugins.nix +++ b/overlays/vimPlugins.nix @@ -61,5 +61,11 @@ with lib.my; version = mkVersionInput inputs.neotest-python; src = inputs.neotest-python; }); + + gen-nvim = prev.vimUtils.buildVimPlugin { + pname = "gen-nvim"; + version = mkVersionInput inputs.gen-nvim; + src = inputs.gen-nvim; + }; }; }