diff --git a/ada/boot/initrd.nix b/ada/boot/initrd.nix index a6b9a83..6924fac 100644 --- a/ada/boot/initrd.nix +++ b/ada/boot/initrd.nix @@ -9,6 +9,7 @@ _: { "usb_storage" "sd_mod" "btrfs" + "amneziawg" "cryptd" ]; @@ -21,7 +22,7 @@ _: { kernelModules = [ "amdgpu" "zenpower" - "i2c-dev" + "amneziawg" ]; luks = { diff --git a/ada/boot/kernel.nix b/ada/boot/kernel.nix index 1f4c0cb..c3a04ac 100644 --- a/ada/boot/kernel.nix +++ b/ada/boot/kernel.nix @@ -20,13 +20,14 @@ extraModulePackages = with config.boot.kernelPackages; [ zenpower v4l2loopback + amneziawg ]; kernelModules = [ "amdgpu" "zenpower" "v4l2loopback" - "i2c_dev" + "amneziawg" ]; kernelParams = [ diff --git a/ada/default.nix b/ada/default.nix index 38a0838..483d476 100644 --- a/ada/default.nix +++ b/ada/default.nix @@ -1,7 +1,5 @@ {self, ...}: { imports = [ - "${self}/ada/age/rekey.nix" - "${self}/ada/boot/initrd.nix" "${self}/ada/boot/kernel.nix" "${self}/ada/boot/lanzaboote.nix" @@ -41,6 +39,7 @@ "${self}/ada/nix/package.nix" "${self}/ada/nix/settings/allowed-users.nix" "${self}/ada/nix/settings/experimental-features.nix" + "${self}/ada/nix/settings/substituters.nix" "${self}/ada/nix/settings/trusted-public-keys.nix" "${self}/ada/nix/settings/trusted-substituters.nix" "${self}/ada/nix/settings/trusted-users.nix" @@ -71,14 +70,12 @@ "${self}/ada/services/qmk.nix" "${self}/ada/services/scx.nix" "${self}/ada/services/xserver.nix" - "${self}/ada/services/yggdrasil.nix" "${self}/ada/services/sunshine.nix" "${self}/ada/services/usbmuxd.nix" "${self}/ada/services/irqbalance.nix" "${self}/ada/services/yubikey-agent.nix" "${self}/ada/services/resolved.nix" "${self}/ada/services/firewalld.nix" - "${self}/ada/services/zerotier.nix" "${self}/ada/sops/defaults.nix" "${self}/ada/sops/secrets.nix" diff --git a/ada/disko/disk.nix b/ada/disko/disk.nix index a26aa05..3152264 100644 --- a/ada/disko/disk.nix +++ b/ada/disko/disk.nix @@ -2,7 +2,7 @@ disko = { devices = { disk = { - "main" = { + main = { device = "/dev/disk/by-id/nvme-KINGSTON_SKC3000S_1024G_AA000000000000000013"; type = "disk"; content = { diff --git a/ada/environment/variables.nix b/ada/environment/variables.nix index e6cf3b1..9c47685 100644 --- a/ada/environment/variables.nix +++ b/ada/environment/variables.nix @@ -1,20 +1,16 @@ -{ - config, - lib, - ... -}: { +{config, ...}: { environment = { variables = { + AMD_VULKAN_ICD = "AMDVLK"; HOSTNAME = config.networking.hostName; - QT_QPA_PLATFORMTHEME = lib.mkForce "xdgdesktopportal"; - TDESKTOP_USE_GTK_FILE_DIALOG = 1; + QT_QPA_PLATFORM = "wayland"; SDL_VIDEODRIVER = "wayland"; CLUTTER_BACKEND = "wayland"; GDK_BACKEND = "wayland"; - NIXPKGS_ALLOW_UNFREE = 1; - NIXPKGS_ALLOW_INSECURE = 1; - NIXOS_OZONE_WL = 1; - GRIMBLAST_HIDE_CURSOR = 1; + NIXPKGS_ALLOW_UNFREE = "1"; + NIXPKGS_ALLOW_INSECURE = "1"; + NIXOS_OZONE_WL = "1"; + GRIMBLAST_HIDE_CURSOR = "0"; TERM = "xterm-256color"; }; }; diff --git a/ada/home-manager/users.nix b/ada/home-manager/users.nix index 0a5f3e3..6590188 100644 --- a/ada/home-manager/users.nix +++ b/ada/home-manager/users.nix @@ -4,10 +4,12 @@ "hand7s" = { imports = [ "${self}/hand7s/" + self.inputs.agenix.homeManagerModules.default self.inputs.spicetify-nix.homeManagerModules.default self.inputs.hyprland.homeManagerModules.default self.inputs.chaotic.homeManagerModules.default self.inputs.sops-nix.homeManagerModules.sops + self.inputs.nix-index-database.homeModules.nix-index self.inputs.noctalia.homeModules.default ]; diff --git a/ada/networking/hosts.nix b/ada/networking/hosts.nix new file mode 100644 index 0000000..e42e2b1 --- /dev/null +++ b/ada/networking/hosts.nix @@ -0,0 +1,7 @@ +_: { + networking = { + hosts = { + # nope + }; + }; +} diff --git a/ada/networking/timeServers.nix b/ada/networking/timeServers.nix index c1257cd..9289ea6 100644 --- a/ada/networking/timeServers.nix +++ b/ada/networking/timeServers.nix @@ -1,9 +1,10 @@ _: { networking = { timeServers = [ - "time.cloudflare.com" - "time.google.com" - "ru.pool.ntp.org" + "0.nixos.pool.ntp.org" + "1.nixos.pool.ntp.org" + "2.nixos.pool.ntp.org" + "3.nixos.pool.ntp.org" ]; }; } diff --git a/ada/nix/settings/substituters.nix b/ada/nix/settings/substituters.nix new file mode 100644 index 0000000..da0035f --- /dev/null +++ b/ada/nix/settings/substituters.nix @@ -0,0 +1,19 @@ +_: { + nix = { + settings = { + substituters = [ + # cache.nixos.org + "https://cache.nixos.org" + # cache.garnix.org + "https://cache.garnix.io" + # cachix + "https://nix-community.cachix.org/" + "https://chaotic-nyx.cachix.org/" + "https://hyprland.cachix.org" + "https://chaotic-nyx.cachix.org/" + # nix-community + "https://hydra.nix-community.org/" + ]; + }; + }; +} diff --git a/ada/nix/settings/trusted-public-keys.nix b/ada/nix/settings/trusted-public-keys.nix index 87843e2..4a128cb 100644 --- a/ada/nix/settings/trusted-public-keys.nix +++ b/ada/nix/settings/trusted-public-keys.nix @@ -7,11 +7,12 @@ _: { # cache.garnix.io "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" # cachix.org - "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8=" + "ags.cachix.org-1:naAvMrz0CuYqeyGNyLgE010iUiuf/qx6kYrUv3NwAJ8=" "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8=" + "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" ]; }; }; diff --git a/ada/security/pam/yubico.nix b/ada/security/pam/yubico.nix index c172958..cd8a4a1 100644 --- a/ada/security/pam/yubico.nix +++ b/ada/security/pam/yubico.nix @@ -7,7 +7,7 @@ _: { mode = "challenge-response"; control = "sufficient"; id = [ - "funnyID" + "1873055870" ]; }; }; diff --git a/ada/services/firewalld.nix b/ada/services/firewalld.nix index 0602c8d..7cd83ae 100644 --- a/ada/services/firewalld.nix +++ b/ada/services/firewalld.nix @@ -1,18 +1,14 @@ -_: { +{...}: { services = { firewalld = { enable = true; - zones = { - "eno1" = { - interfaces = [ - "ens1" - ]; + settings = { + # nope + }; - services = [ - "sunshine" - ]; - }; + zones = { + # nope }; }; }; diff --git a/ada/services/openssh.nix b/ada/services/openssh.nix index e136f96..71ee4c2 100644 --- a/ada/services/openssh.nix +++ b/ada/services/openssh.nix @@ -5,7 +5,7 @@ allowSFTP = true; openFirewall = true; ports = [ - 6969 + 53864 ]; settings = { diff --git a/ada/services/yggdrasil.nix b/ada/services/yggdrasil.nix new file mode 100644 index 0000000..c24275b --- /dev/null +++ b/ada/services/yggdrasil.nix @@ -0,0 +1,11 @@ +_: { + services = { + yggdrasil = { + enable = false; + persistentKeys = false; + settings = { + # nope + }; + }; + }; +} diff --git a/ada/services/zerotier.nix b/ada/services/zerotier.nix new file mode 100644 index 0000000..b864ebf --- /dev/null +++ b/ada/services/zerotier.nix @@ -0,0 +1,10 @@ +_: { + services = { + zerotierone = { + enable = true; + joinNetworks = [ + # nope + ]; + }; + }; +} diff --git a/ada/time/timeZone.nix b/ada/time/timeZone.nix index cf8c6a1..cef1656 100644 --- a/ada/time/timeZone.nix +++ b/ada/time/timeZone.nix @@ -1,6 +1,6 @@ _: { time = { timeZone = "Europe/Moscow"; - hardwareClockInLocalTime = false; + hardwareClockInLocalTime = true; }; } diff --git a/ada/users/users/hand7s.nix b/ada/users/users/hand7s.nix index 866be86..39aed35 100644 --- a/ada/users/users/hand7s.nix +++ b/ada/users/users/hand7s.nix @@ -5,18 +5,10 @@ _: { description = "me"; isSystemUser = false; isNormalUser = true; - initialHashedPassword = lib.hashString "sha512" "hand7s"; + initialHashedPassword = "$6$ckgRhNWmJgSwOUpJ$kfeAdokd5fa76HWbTmWN2YXx4M/PQVOTJku1ODbqbBhEkUFiLftdaJFRnNXfIM3Jtz0ShoRMSVCB7mDkxDrdi/"; extraGroups = [ "wheel" ]; - - openssh = { - authorizedKeys = { - keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDp2IIdR5jV1HyG4aiRX7SfTNrXDhCx5rTiFU40qkOKq litvinovb0@gmail.com" - ]; - }; - }; }; }; }; diff --git a/ada/users/users/root.nix b/ada/users/users/root.nix index 2039a85..faa89b7 100644 --- a/ada/users/users/root.nix +++ b/ada/users/users/root.nix @@ -1,8 +1,8 @@ -{lib, ...}: { +_: { users = { users = { "root" = { - initialHashedPassword = lib.hashString "sha512" "root"; + initialHashedPassword = "$6$n4OLMvYHHStHvtmr$6OL0NV1dEM2b6oJRewkhuoFxM80lI67tfbJ6QkCg8WAA1gbeKrcwDAuJjm8zvpY4zcDR3Z5Zbo8uebfOi6XXF0"; }; }; }; diff --git a/doc/flake-tree.canvas b/doc/flake-tree.canvas new file mode 100644 index 0000000..96f90c9 --- /dev/null +++ b/doc/flake-tree.canvas @@ -0,0 +1,104 @@ +{ + "nodes":[ + {"id":"2e0f697730e2619e","type":"text","text":"nixpkgs","x":-380,"y":240,"width":250,"height":60}, + {"id":"d23c9d730a76b4da","type":"text","text":"nixos-harware","x":-380,"y":300,"width":250,"height":60}, + {"id":"0387e0bebaecd2c1","type":"text","text":"nixgl","x":-380,"y":360,"width":250,"height":60}, + {"id":"8d542b4f6da1a433","type":"text","text":"nur","x":-380,"y":420,"width":250,"height":60}, + {"id":"0fa8d015874c9fd6","type":"text","text":"nixos-generator","x":-380,"y":480,"width":250,"height":60}, + {"id":"1d22c5b5fc58c6aa","type":"text","text":"nixos-anywhere","x":-380,"y":540,"width":250,"height":60}, + {"id":"5057c539e6b7bafd","type":"text","text":"impermanence ","x":-380,"y":600,"width":250,"height":60}, + {"id":"2183745b1c5ce269","type":"text","text":"home-manager","x":-380,"y":660,"width":250,"height":60}, + {"id":"93fb370c180eaeb4","type":"text","text":"disko","x":-380,"y":720,"width":250,"height":60}, + {"id":"8ebb54f97002b2ff","type":"text","text":"lanzaboote","x":-380,"y":780,"width":250,"height":60}, + {"id":"cfa0732596d24a19","type":"text","text":"vscodeserver","x":-380,"y":840,"width":250,"height":60}, + {"id":"71e717dc368710cb","type":"text","text":"nix-on-droid","x":-380,"y":900,"width":250,"height":60}, + {"id":"bb6dd845b1c0b50d","type":"text","text":"freesm","x":-380,"y":960,"width":250,"height":60}, + {"id":"6d6c9faee88a194d","type":"text","text":"agenix","x":-380,"y":1020,"width":250,"height":60}, + {"id":"5023b8a10dfa74f3","type":"text","text":"chaotic","x":-380,"y":1080,"width":250,"height":60}, + {"id":"0e41786babac8426","type":"text","text":"nix-homebrew","x":-380,"y":1140,"width":250,"height":60}, + {"id":"7fa86bf455f32e1e","type":"text","text":"homebrew-cask","x":-320,"y":1280,"width":250,"height":60}, + {"id":"412593ea3f394221","type":"text","text":"homebrew-bundle","x":-320,"y":1340,"width":250,"height":60}, + {"id":"f7b5a940a04300d9","type":"text","text":"homebrew-core","x":-320,"y":1220,"width":250,"height":60}, + {"id":"ddf0875c03bc6a7d","type":"text","text":"sops-nix","x":-380,"y":1420,"width":250,"height":60}, + {"id":"db2cc385a2d4fe4a","type":"text","text":"stylix","x":-380,"y":1480,"width":250,"height":60}, + {"id":"8ce9b94fa9c3dbc3","type":"text","text":"ayugram-desktop","x":-380,"y":1540,"width":250,"height":60}, + {"id":"7804c9935f33249b","type":"text","text":"hyprland","x":-380,"y":1600,"width":250,"height":60}, + {"id":"417b94b46101411d","type":"text","text":"hyprland-plugins","x":-380,"y":1660,"width":250,"height":60}, + {"id":"b63e2557fb721db2","type":"text","text":"hyprpanel","x":-380,"y":1720,"width":250,"height":60}, + {"id":"f2939ae2d4065467","type":"text","text":"spicetify-nix","x":-380,"y":1780,"width":250,"height":60}, + {"id":"5bcee2b96bd8f463","type":"text","text":"zen-browser","x":-380,"y":1840,"width":250,"height":60}, + {"id":"5c2f0aa731fa3834","type":"text","text":"inputs","x":-980,"y":1025,"width":125,"height":50}, + {"id":"e57fb6514f7cfacb","type":"text","text":"outputs","x":160,"y":1020,"width":140,"height":60}, + {"id":"0f7dafd0f244f528","type":"text","text":"self","x":160,"y":1140,"width":140,"height":60}, + {"id":"fd45c7cb969458c8","type":"text","text":"[[s0mePC-tree.canvas|s0mePC]]","x":835,"y":1080,"width":250,"height":60}, + {"id":"78627bb71578ceae","type":"text","text":"nixosConfigurations","x":480,"y":1160,"width":250,"height":60}, + {"id":"cf45cc727edde7ce","type":"text","text":"homeConfigurations","x":500,"y":900,"width":250,"height":60}, + {"id":"f3f3f84c33e79188","type":"text","text":"[[hand7s-tree.canvas|hand7s-tree]]","x":840,"y":900,"width":245,"height":60}, + {"id":"cbf70b360b7cfced","type":"text","text":"[[s0melapt0p-tree.canvas|s0melapt0p-nix]]","x":835,"y":1240,"width":250,"height":60} + ], + "edges":[ + {"id":"70e70085e4d2b6c5","fromNode":"0fa8d015874c9fd6","fromSide":"right","toNode":"2e0f697730e2619e","toSide":"right"}, + {"id":"92b387632167e8cd","fromNode":"2183745b1c5ce269","fromSide":"right","toNode":"2e0f697730e2619e","toSide":"right"}, + {"id":"9276e3b627e969cd","fromNode":"93fb370c180eaeb4","fromSide":"right","toNode":"2e0f697730e2619e","toSide":"right"}, + {"id":"04a6a301b61f0669","fromNode":"8ebb54f97002b2ff","fromSide":"right","toNode":"2e0f697730e2619e","toSide":"right"}, + {"id":"fa5adda740f95804","fromNode":"71e717dc368710cb","fromSide":"right","toNode":"2e0f697730e2619e","toSide":"right"}, + {"id":"79638d1638fc055b","fromNode":"71e717dc368710cb","fromSide":"right","toNode":"2183745b1c5ce269","toSide":"right"}, + {"id":"409a221869f5eae6","fromNode":"0e41786babac8426","fromSide":"bottom","toNode":"f7b5a940a04300d9","toSide":"top"}, + {"id":"d9815f6c2e5f060b","fromNode":"7804c9935f33249b","fromSide":"right","toNode":"2e0f697730e2619e","toSide":"right"}, + {"id":"f59d921bc2efc072","fromNode":"417b94b46101411d","fromSide":"right","toNode":"7804c9935f33249b","toSide":"right"}, + {"id":"a12a057beed06fe6","fromNode":"b63e2557fb721db2","fromSide":"right","toNode":"2e0f697730e2619e","toSide":"right"}, + {"id":"94a006ae6b3eb631","fromNode":"f2939ae2d4065467","fromSide":"right","toNode":"2e0f697730e2619e","toSide":"right"}, + {"id":"1e083e4b0e867f6c","fromNode":"5bcee2b96bd8f463","fromSide":"right","toNode":"2e0f697730e2619e","toSide":"right"}, + {"id":"f7c96f262dc3c46c","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"2e0f697730e2619e","toSide":"left"}, + {"id":"034d59b5311aa3fc","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"d23c9d730a76b4da","toSide":"left"}, + {"id":"4daefbc4ba7eed3e","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"0387e0bebaecd2c1","toSide":"left"}, + {"id":"73efdb690d8324be","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"8d542b4f6da1a433","toSide":"left"}, + {"id":"4aa419e5129ae060","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"0fa8d015874c9fd6","toSide":"left"}, + {"id":"43458f9da955f5fd","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"1d22c5b5fc58c6aa","toSide":"left"}, + {"id":"a59d76d319843936","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"5057c539e6b7bafd","toSide":"left"}, + {"id":"52b2670e5609a721","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"2183745b1c5ce269","toSide":"left"}, + {"id":"1e8a37dc0f373531","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"93fb370c180eaeb4","toSide":"left"}, + {"id":"27ca008c53c7b578","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"8ebb54f97002b2ff","toSide":"left"}, + {"id":"fcba43865282441f","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"cfa0732596d24a19","toSide":"left"}, + {"id":"dbca5ce1ea606beb","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"71e717dc368710cb","toSide":"left"}, + {"id":"4c74ed1ca6f5fdb8","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"bb6dd845b1c0b50d","toSide":"left"}, + {"id":"d7ace2b8b3726213","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"6d6c9faee88a194d","toSide":"left"}, + {"id":"0d35286e9f54e677","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"5023b8a10dfa74f3","toSide":"left"}, + {"id":"fbd45a9f59479acf","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"0e41786babac8426","toSide":"left"}, + {"id":"e2ffea1413ce0dff","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"f7b5a940a04300d9","toSide":"left"}, + {"id":"1ab265aa41091996","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"7fa86bf455f32e1e","toSide":"left","label":"flake \n= false;"}, + {"id":"ddfbcf4e635221a3","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"412593ea3f394221","toSide":"left"}, + {"id":"e4fcb6496fe6f2cb","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"db2cc385a2d4fe4a","toSide":"left"}, + {"id":"19b40c794af7a4c0","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"ddf0875c03bc6a7d","toSide":"left"}, + {"id":"32bbb751f7a82ac9","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"8ce9b94fa9c3dbc3","toSide":"left"}, + {"id":"ccc70845fe2798b4","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"7804c9935f33249b","toSide":"left"}, + {"id":"abc24ddd45469787","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"417b94b46101411d","toSide":"left"}, + {"id":"6a06cd4c618afc28","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"b63e2557fb721db2","toSide":"left"}, + {"id":"8ae4a543eca051b1","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"f2939ae2d4065467","toSide":"left"}, + {"id":"c0665ac7bd526cdf","fromNode":"5c2f0aa731fa3834","fromSide":"right","toNode":"5bcee2b96bd8f463","toSide":"left"}, + {"id":"d02633d09736a559","fromNode":"2e0f697730e2619e","fromSide":"right","toNode":"e57fb6514f7cfacb","toSide":"top"}, + {"id":"dfea38e0ab142ef6","fromNode":"2183745b1c5ce269","fromSide":"right","toNode":"e57fb6514f7cfacb","toSide":"top"}, + {"id":"70b641d576f5dcfc","fromNode":"e57fb6514f7cfacb","fromSide":"bottom","toNode":"0f7dafd0f244f528","toSide":"top","fromEnd":"arrow"}, + {"id":"fe4b65ad9fdb0f45","fromNode":"e57fb6514f7cfacb","fromSide":"right","toNode":"cf45cc727edde7ce","toSide":"left"}, + {"id":"331f59d890ef043a","fromNode":"e57fb6514f7cfacb","fromSide":"right","toNode":"78627bb71578ceae","toSide":"left"}, + {"id":"e6a5ddd80fc9d413","fromNode":"cf45cc727edde7ce","fromSide":"right","toNode":"f3f3f84c33e79188","toSide":"left"}, + {"id":"846ba90021efc1c9","fromNode":"db2cc385a2d4fe4a","fromSide":"right","toNode":"f3f3f84c33e79188","toSide":"left"}, + {"id":"25b976815340aac3","fromNode":"5023b8a10dfa74f3","fromSide":"right","toNode":"f3f3f84c33e79188","toSide":"left"}, + {"id":"91e162c9594490f6","fromNode":"ddf0875c03bc6a7d","fromSide":"right","toNode":"f3f3f84c33e79188","toSide":"left"}, + {"id":"3b5256b2162968ed","fromNode":"93fb370c180eaeb4","fromSide":"right","toNode":"78627bb71578ceae","toSide":"left"}, + {"id":"66793eecb03a70a4","fromNode":"b63e2557fb721db2","fromSide":"right","toNode":"f3f3f84c33e79188","toSide":"left"}, + {"id":"3fc2d4bbae15d101","fromNode":"f2939ae2d4065467","fromSide":"right","toNode":"f3f3f84c33e79188","toSide":"left","label":"homeManagerModules"}, + {"id":"12e833368aafd1e9","fromNode":"7804c9935f33249b","fromSide":"right","toNode":"f3f3f84c33e79188","toSide":"left"}, + {"id":"b18c4c642a0ca6e4","fromNode":"78627bb71578ceae","fromSide":"right","toNode":"fd45c7cb969458c8","toSide":"left"}, + {"id":"93a7f7adabe88748","fromNode":"78627bb71578ceae","fromSide":"right","toNode":"cbf70b360b7cfced","toSide":"left"}, + {"id":"fafb3515ba73a919","fromNode":"5023b8a10dfa74f3","fromSide":"right","toNode":"fd45c7cb969458c8","toSide":"left","label":"nixosModules"}, + {"id":"97ae652bb18ef96d","fromNode":"db2cc385a2d4fe4a","fromSide":"right","toNode":"fd45c7cb969458c8","toSide":"left"}, + {"id":"91c1a91b4ee3e106","fromNode":"ddf0875c03bc6a7d","fromSide":"right","toNode":"fd45c7cb969458c8","toSide":"left"}, + {"id":"7a059c4eb7b1872f","fromNode":"2183745b1c5ce269","fromSide":"right","toNode":"fd45c7cb969458c8","toSide":"left"}, + {"id":"c96faa14fa94236c","fromNode":"db2cc385a2d4fe4a","fromSide":"right","toNode":"cbf70b360b7cfced","toSide":"left"}, + {"id":"0d12efecb603dbb3","fromNode":"ddf0875c03bc6a7d","fromSide":"right","toNode":"cbf70b360b7cfced","toSide":"left"}, + {"id":"a05f4e5560f31997","fromNode":"5023b8a10dfa74f3","fromSide":"right","toNode":"cbf70b360b7cfced","toSide":"left"}, + {"id":"26e844af79b11d3b","fromNode":"93fb370c180eaeb4","fromSide":"right","toNode":"cbf70b360b7cfced","toSide":"left"}, + {"id":"f91126b555e1427c","fromNode":"2183745b1c5ce269","fromSide":"right","toNode":"cbf70b360b7cfced","toSide":"left"} + ] +} \ No newline at end of file diff --git a/doc/hand7s-tree.canvas b/doc/hand7s-tree.canvas new file mode 100644 index 0000000..5ffc5af --- /dev/null +++ b/doc/hand7s-tree.canvas @@ -0,0 +1,52 @@ +{ + "nodes":[ + {"id":"8b913a2d080b9765","type":"text","text":"default.nix","x":-622,"y":-140,"width":250,"height":60}, + {"id":"9c241fea3014bc1b","type":"text","text":"standalone.nix","x":-622,"y":-240,"width":250,"height":60}, + {"id":"2207049065e4fe70","type":"text","text":"options/","x":-120,"y":-240,"width":250,"height":60}, + {"id":"3e0c3f65bfc654f7","type":"text","text":"programs/","x":-120,"y":-140,"width":250,"height":60}, + {"id":"b52312243341f867","type":"text","text":"nixpkgs/","x":-120,"y":-340,"width":250,"height":60}, + {"id":"5f9292a9f706b6e2","type":"text","text":"qt/","x":-120,"y":-40,"width":250,"height":60}, + {"id":"70d6c502448f74e4","type":"text","text":"nix/","x":-120,"y":-440,"width":250,"height":60}, + {"id":"773f4b0553cf1bfc","type":"text","text":"services/","x":-120,"y":60,"width":250,"height":60}, + {"id":"8d6914af7faf9540","type":"text","text":"home/","x":-120,"y":-540,"width":250,"height":60}, + {"id":"310abb33ae703607","type":"text","text":"stylix/","x":-120,"y":160,"width":250,"height":60}, + {"id":"c1282eb91194e07b","type":"text","text":"systemd/","x":-120,"y":260,"width":250,"height":60}, + {"id":"d4009703e71bcde9","type":"text","text":"gtk/","x":-120,"y":-640,"width":250,"height":60}, + {"id":"3429bb37044f88e1","type":"text","text":"wayland/","x":-120,"y":360,"width":250,"height":60}, + {"id":"564cf2e6e156599d","type":"text","text":"fonts/","x":-120,"y":-740,"width":250,"height":60}, + {"id":"99d6d895a3fef9bd","type":"text","text":"[[flake-tree.canvas|flake.nix]]/hand7s","x":-834,"y":-439,"width":212,"height":59}, + {"id":"4b51874d4cb8c512","type":"text","text":"[[s0mePC-tree.canvas|s0mePC-nix]]","x":-834,"y":0,"width":212,"height":60}, + {"id":"b2840e8af6e98e99","type":"text","text":"[[s0melapt0p-tree.canvas|s0melapt0p-nix]]","x":-834,"y":120,"width":212,"height":60} + ], + "edges":[ + {"id":"d804153a40eca89a","fromNode":"4b51874d4cb8c512","fromSide":"right","toNode":"8b913a2d080b9765","toSide":"bottom"}, + {"id":"f314999f47e16026","fromNode":"99d6d895a3fef9bd","fromSide":"right","toNode":"9c241fea3014bc1b","toSide":"top"}, + {"id":"4eb2e7db8cc19c80","fromNode":"b2840e8af6e98e99","fromSide":"right","toNode":"8b913a2d080b9765","toSide":"bottom"}, + {"id":"cf5246390b75b266","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"564cf2e6e156599d","toSide":"left"}, + {"id":"592f487af0b6f7dd","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"d4009703e71bcde9","toSide":"left"}, + {"id":"99d2c67366e5225e","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"8d6914af7faf9540","toSide":"left"}, + {"id":"e4a1c79669d1133e","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"70d6c502448f74e4","toSide":"left"}, + {"id":"6efcabccdae1baf1","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"b52312243341f867","toSide":"left"}, + {"id":"f1934806d61119b6","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"2207049065e4fe70","toSide":"left"}, + {"id":"ef398e7ac4815af8","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"3e0c3f65bfc654f7","toSide":"left"}, + {"id":"cc58b91953b6c766","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"5f9292a9f706b6e2","toSide":"left"}, + {"id":"902272466e9d843d","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"773f4b0553cf1bfc","toSide":"left"}, + {"id":"041fae76354acdd9","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"310abb33ae703607","toSide":"left"}, + {"id":"95796dedf0456a0c","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"c1282eb91194e07b","toSide":"left"}, + {"id":"42ac954ade28a370","fromNode":"9c241fea3014bc1b","fromSide":"right","toNode":"3429bb37044f88e1","toSide":"left"}, + {"id":"e8b8cacf3d4c37be","fromNode":"8b913a2d080b9765","fromSide":"right","toNode":"564cf2e6e156599d","toSide":"left"}, + {"id":"cb737fc0d7af5b18","fromNode":"8b913a2d080b9765","fromSide":"right","toNode":"d4009703e71bcde9","toSide":"left"}, + {"id":"35708988ff820190","fromNode":"8b913a2d080b9765","fromSide":"right","toNode":"8d6914af7faf9540","toSide":"left"}, + {"id":"3cdf6601cc95f6c8","fromNode":"8b913a2d080b9765","fromSide":"right","toNode":"2207049065e4fe70","toSide":"left"}, + {"id":"e0830b61ade3375d","fromNode":"8b913a2d080b9765","fromSide":"right","toNode":"3e0c3f65bfc654f7","toSide":"left"}, + {"id":"d820a59fd2e3552e","fromNode":"8b913a2d080b9765","fromSide":"right","toNode":"5f9292a9f706b6e2","toSide":"left"}, + {"id":"b551b9e00abaf7af","fromNode":"8b913a2d080b9765","fromSide":"right","toNode":"2207049065e4fe70","toSide":"left"}, + {"id":"453617935378d7db","fromNode":"8b913a2d080b9765","fromSide":"right","toNode":"773f4b0553cf1bfc","toSide":"left"}, + {"id":"9ff520f23512db9e","fromNode":"8b913a2d080b9765","fromSide":"right","toNode":"c1282eb91194e07b","toSide":"left"}, + {"id":"d70cbf4741c01ad2","fromNode":"8b913a2d080b9765","fromSide":"right","toNode":"3429bb37044f88e1","toSide":"left"}, + {"id":"66fbefd742e9482a","fromNode":"99d6d895a3fef9bd","fromSide":"right","toNode":"2207049065e4fe70","toSide":"left"}, + {"id":"9e0eccd752c4120a","fromNode":"99d6d895a3fef9bd","fromSide":"bottom","toNode":"2207049065e4fe70","toSide":"left"}, + {"id":"8c18cf6c6fde94b0","fromNode":"99d6d895a3fef9bd","fromSide":"bottom","toNode":"3e0c3f65bfc654f7","toSide":"left"}, + {"id":"724e4419030882c9","fromNode":"99d6d895a3fef9bd","fromSide":"bottom","toNode":"310abb33ae703607","toSide":"left","label":"inputs"} + ] +} \ No newline at end of file diff --git a/doc/s0mePC-tree.canvas b/doc/s0mePC-tree.canvas new file mode 100644 index 0000000..c8fd7bc --- /dev/null +++ b/doc/s0mePC-tree.canvas @@ -0,0 +1,51 @@ +{ + "nodes":[ + {"id":"52477f25cd9313f9","type":"text","text":"[[flake-tree.canvas|flake.nix]]/s0melapt0p-nix","x":-500,"y":-320,"width":273,"height":60}, + {"id":"656ae4fe3c2ecd24","type":"text","text":"security","x":140,"y":-120,"width":250,"height":60}, + {"id":"89219c2aca202139","type":"text","text":"progams","x":140,"y":-200,"width":250,"height":60}, + {"id":"09050a2729925990","type":"text","text":"services/","x":140,"y":-40,"width":250,"height":60}, + {"id":"9c54796e439b0f5b","type":"text","text":"~~sops/~~ (not included)","x":140,"y":40,"width":250,"height":60}, + {"id":"e8779b73e199bcf6","type":"text","text":"stylix/","x":140,"y":120,"width":250,"height":60}, + {"id":"c820b80f2803db97","type":"text","text":"system/","x":140,"y":200,"width":250,"height":60}, + {"id":"ff454e151245e473","type":"text","text":"time/","x":140,"y":280,"width":250,"height":60}, + {"id":"a12b9d85a8d9aaf0","type":"text","text":"users/","x":140,"y":360,"width":250,"height":60}, + {"id":"b682f26e0c5772ab","type":"text","text":"virtualisation/","x":140,"y":440,"width":250,"height":60}, + {"id":"39a33c5c1b57cfbc","type":"text","text":"nix/","x":140,"y":-290,"width":250,"height":60}, + {"id":"91dd5508b7be6a58","type":"text","text":"networking/","x":140,"y":-380,"width":250,"height":60}, + {"id":"aa258b60522c12a1","type":"text","text":"i18n/","x":140,"y":-460,"width":250,"height":60}, + {"id":"d1607fb2e7e67782","type":"text","text":"home-manager/","x":140,"y":-540,"width":250,"height":60}, + {"id":"7a3e84bfb5bf0a77","type":"text","text":"hardware","x":140,"y":-620,"width":250,"height":60}, + {"id":"3a525cf3bb5749d2","type":"text","text":"environment","x":140,"y":-700,"width":250,"height":60}, + {"id":"299e10060c92dc79","type":"text","text":"xdg/","x":140,"y":520,"width":250,"height":60}, + {"id":"31d735f24354a46a","type":"text","text":"console/","x":140,"y":-780,"width":250,"height":60}, + {"id":"ff41445ee9f66727","type":"text","text":"boot/","x":140,"y":-860,"width":250,"height":60}, + {"id":"89667c76b1cff4b4","type":"text","text":"[[hand7s-tree.canvas|hand7s]]/default.nix","x":540,"y":-540,"width":250,"height":60}, + {"id":"b5a77770636904fe","type":"text","text":"default.nix","x":-160,"y":-200,"width":147,"height":60} + ], + "edges":[ + {"id":"8ae81d676613fbb3","fromNode":"52477f25cd9313f9","fromSide":"right","toNode":"b5a77770636904fe","toSide":"top"}, + {"id":"b8a089af90c22ce5","fromNode":"d1607fb2e7e67782","fromSide":"right","toNode":"89667c76b1cff4b4","toSide":"top"}, + {"id":"cb12e6d7f284d814","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"ff41445ee9f66727","toSide":"left"}, + {"id":"d9025f0c300d7c11","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"31d735f24354a46a","toSide":"left"}, + {"id":"3b3973e125f1f46a","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"3a525cf3bb5749d2","toSide":"left"}, + {"id":"b6ec7e0d7f09c72e","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"7a3e84bfb5bf0a77","toSide":"left"}, + {"id":"ae4c58dbacb97aa6","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"d1607fb2e7e67782","toSide":"left"}, + {"id":"d4a26cb113cbd3d7","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"aa258b60522c12a1","toSide":"left"}, + {"id":"dc06709d01cc417d","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"91dd5508b7be6a58","toSide":"left"}, + {"id":"96ff134a2746065d","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"39a33c5c1b57cfbc","toSide":"left"}, + {"id":"4e76a33396965cc2","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"89219c2aca202139","toSide":"left"}, + {"id":"5a90c383825629af","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"656ae4fe3c2ecd24","toSide":"left"}, + {"id":"758f54d1607c0fb6","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"09050a2729925990","toSide":"left"}, + {"id":"9166a494ff2ad45c","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"9c54796e439b0f5b","toSide":"left"}, + {"id":"f1257707e5801b96","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"e8779b73e199bcf6","toSide":"left"}, + {"id":"e5db44e099326823","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"c820b80f2803db97","toSide":"left"}, + {"id":"d11c62f447ee4733","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"ff454e151245e473","toSide":"left"}, + {"id":"927b694304548bee","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"a12b9d85a8d9aaf0","toSide":"left"}, + {"id":"83b838f79175c4be","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"b682f26e0c5772ab","toSide":"left"}, + {"id":"29ea4d67235b5bcd","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"299e10060c92dc79","toSide":"left"}, + {"id":"165c9098d8f8595a","fromNode":"52477f25cd9313f9","fromSide":"top","toNode":"ff41445ee9f66727","toSide":"left","label":"inputs"}, + {"id":"b27ff33fb53c9675","fromNode":"52477f25cd9313f9","fromSide":"top","toNode":"d1607fb2e7e67782","toSide":"left"}, + {"id":"c9dab9a88e555ac4","fromNode":"52477f25cd9313f9","fromSide":"bottom","toNode":"9c54796e439b0f5b","toSide":"left"}, + {"id":"8368dfdcfc2ecafd","fromNode":"52477f25cd9313f9","fromSide":"bottom","toNode":"e8779b73e199bcf6","toSide":"left"} + ] +} \ No newline at end of file diff --git a/doc/s0melapt0p-tree.canvas b/doc/s0melapt0p-tree.canvas new file mode 100644 index 0000000..871fc13 --- /dev/null +++ b/doc/s0melapt0p-tree.canvas @@ -0,0 +1,51 @@ +{ + "nodes":[ + {"id":"52477f25cd9313f9","type":"text","text":"[[flake-tree.canvas|flake.nix]]/s0mePC-nix","x":-477,"y":-320,"width":250,"height":60}, + {"id":"656ae4fe3c2ecd24","type":"text","text":"security","x":140,"y":-120,"width":250,"height":60}, + {"id":"89219c2aca202139","type":"text","text":"progams","x":140,"y":-200,"width":250,"height":60}, + {"id":"09050a2729925990","type":"text","text":"services/","x":140,"y":-40,"width":250,"height":60}, + {"id":"9c54796e439b0f5b","type":"text","text":"~~sops/~~ (not included)","x":140,"y":40,"width":250,"height":60}, + {"id":"e8779b73e199bcf6","type":"text","text":"stylix/","x":140,"y":120,"width":250,"height":60}, + {"id":"c820b80f2803db97","type":"text","text":"system/","x":140,"y":200,"width":250,"height":60}, + {"id":"ff454e151245e473","type":"text","text":"time/","x":140,"y":280,"width":250,"height":60}, + {"id":"a12b9d85a8d9aaf0","type":"text","text":"users/","x":140,"y":360,"width":250,"height":60}, + {"id":"b682f26e0c5772ab","type":"text","text":"virtualisation/","x":140,"y":440,"width":250,"height":60}, + {"id":"39a33c5c1b57cfbc","type":"text","text":"nix/","x":140,"y":-290,"width":250,"height":60}, + {"id":"91dd5508b7be6a58","type":"text","text":"networking/","x":140,"y":-380,"width":250,"height":60}, + {"id":"aa258b60522c12a1","type":"text","text":"i18n/","x":140,"y":-460,"width":250,"height":60}, + {"id":"d1607fb2e7e67782","type":"text","text":"home-manager/","x":140,"y":-540,"width":250,"height":60}, + {"id":"7a3e84bfb5bf0a77","type":"text","text":"hardware","x":140,"y":-620,"width":250,"height":60}, + {"id":"3a525cf3bb5749d2","type":"text","text":"environment","x":140,"y":-700,"width":250,"height":60}, + {"id":"299e10060c92dc79","type":"text","text":"xdg/","x":140,"y":520,"width":250,"height":60}, + {"id":"31d735f24354a46a","type":"text","text":"console/","x":140,"y":-780,"width":250,"height":60}, + {"id":"ff41445ee9f66727","type":"text","text":"boot/","x":140,"y":-860,"width":250,"height":60}, + {"id":"89667c76b1cff4b4","type":"text","text":"[[hand7s-tree.canvas|hand7s]]/default.nix","x":540,"y":-540,"width":250,"height":60}, + {"id":"b5a77770636904fe","type":"text","text":"default.nix","x":-160,"y":-200,"width":147,"height":60} + ], + "edges":[ + {"id":"8ae81d676613fbb3","fromNode":"52477f25cd9313f9","fromSide":"right","toNode":"b5a77770636904fe","toSide":"top"}, + {"id":"b8a089af90c22ce5","fromNode":"d1607fb2e7e67782","fromSide":"right","toNode":"89667c76b1cff4b4","toSide":"top"}, + {"id":"cb12e6d7f284d814","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"ff41445ee9f66727","toSide":"left"}, + {"id":"d9025f0c300d7c11","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"31d735f24354a46a","toSide":"left"}, + {"id":"3b3973e125f1f46a","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"3a525cf3bb5749d2","toSide":"left"}, + {"id":"b6ec7e0d7f09c72e","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"7a3e84bfb5bf0a77","toSide":"left"}, + {"id":"ae4c58dbacb97aa6","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"d1607fb2e7e67782","toSide":"left"}, + {"id":"d4a26cb113cbd3d7","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"aa258b60522c12a1","toSide":"left"}, + {"id":"dc06709d01cc417d","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"91dd5508b7be6a58","toSide":"left"}, + {"id":"96ff134a2746065d","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"39a33c5c1b57cfbc","toSide":"left"}, + {"id":"4e76a33396965cc2","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"89219c2aca202139","toSide":"left"}, + {"id":"5a90c383825629af","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"656ae4fe3c2ecd24","toSide":"left"}, + {"id":"758f54d1607c0fb6","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"09050a2729925990","toSide":"left"}, + {"id":"9166a494ff2ad45c","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"9c54796e439b0f5b","toSide":"left"}, + {"id":"f1257707e5801b96","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"e8779b73e199bcf6","toSide":"left"}, + {"id":"e5db44e099326823","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"c820b80f2803db97","toSide":"left"}, + {"id":"d11c62f447ee4733","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"ff454e151245e473","toSide":"left"}, + {"id":"927b694304548bee","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"a12b9d85a8d9aaf0","toSide":"left"}, + {"id":"83b838f79175c4be","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"b682f26e0c5772ab","toSide":"left"}, + {"id":"29ea4d67235b5bcd","fromNode":"b5a77770636904fe","fromSide":"right","toNode":"299e10060c92dc79","toSide":"left"}, + {"id":"165c9098d8f8595a","fromNode":"52477f25cd9313f9","fromSide":"top","toNode":"ff41445ee9f66727","toSide":"left","label":"inputs"}, + {"id":"b27ff33fb53c9675","fromNode":"52477f25cd9313f9","fromSide":"top","toNode":"d1607fb2e7e67782","toSide":"left"}, + {"id":"c9dab9a88e555ac4","fromNode":"52477f25cd9313f9","fromSide":"bottom","toNode":"9c54796e439b0f5b","toSide":"left"}, + {"id":"8368dfdcfc2ecafd","fromNode":"52477f25cd9313f9","fromSide":"bottom","toNode":"e8779b73e199bcf6","toSide":"left"} + ] +} \ No newline at end of file diff --git a/doc/screen.png b/doc/screen.png new file mode 100644 index 0000000..9cdbd23 Binary files /dev/null and b/doc/screen.png differ diff --git a/flake.lock b/flake.lock index c7317d3..15fe6de 100644 --- a/flake.lock +++ b/flake.lock @@ -208,64 +208,6 @@ } }, "cachix": { - "inputs": { - "devenv": "devenv", - "flake-compat": "flake-compat_2", - "git-hooks": "git-hooks", - "nixpkgs": "nixpkgs_3" - }, - "locked": { - "lastModified": 1774017633, - "narHash": "sha256-CWhnwL2M83/ItapPVeJqCevRoQttesYxJ1h0Mo6ZCXs=", - "owner": "cachix", - "repo": "cachix", - "rev": "e8be573b417f3daa3dd4cb9052178f848e0c9d1d", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "cachix", - "type": "github" - } - }, - "cachix_2": { - "inputs": { - "devenv": [ - "cachix", - "devenv" - ], - "flake-compat": [ - "cachix", - "devenv", - "flake-compat" - ], - "git-hooks": [ - "cachix", - "devenv", - "git-hooks" - ], - "nixpkgs": [ - "cachix", - "devenv", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1760971495, - "narHash": "sha256-IwnNtbNVrlZIHh7h4Wz6VP0Furxg9Hh0ycighvL5cZc=", - "owner": "cachix", - "repo": "cachix", - "rev": "c5bfd933d1033672f51a863c47303fc0e093c2d2", - "type": "github" - }, - "original": { - "owner": "cachix", - "ref": "latest", - "repo": "cachix", - "type": "github" - } - }, - "cachix_3": { "inputs": { "devenv": [ "devenv" @@ -335,7 +277,7 @@ "flake-schemas": "flake-schemas", "home-manager": "home-manager_2", "jovian": "jovian", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_3", "rust-overlay": "rust-overlay_2" }, "locked": { @@ -408,8 +350,8 @@ }, "deploy-rs": { "inputs": { - "flake-compat": "flake-compat_3", - "nixpkgs": "nixpkgs_5", + "flake-compat": "flake-compat_2", + "nixpkgs": "nixpkgs_4", "utils": "utils" }, "locked": { @@ -428,46 +370,13 @@ }, "devenv": { "inputs": { - "cachix": "cachix_2", - "flake-compat": [ - "cachix", - "flake-compat" - ], + "cachix": "cachix", + "flake-compat": "flake-compat_3", "flake-parts": "flake-parts_3", - "git-hooks": [ - "cachix", - "git-hooks" - ], + "git-hooks": "git-hooks", "nix": "nix", "nixd": "nixd", - "nixpkgs": [ - "cachix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1772738982, - "narHash": "sha256-9MN0FV0XeYJV7kFtUxY6uQMxbZmlrPQLUm3yLbEEJ7Q=", - "owner": "cachix", - "repo": "devenv", - "rev": "22ec127af85396b04af045ec20d004d11a0675af", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "devenv", - "type": "github" - } - }, - "devenv_2": { - "inputs": { - "cachix": "cachix_3", - "flake-compat": "flake-compat_4", - "flake-parts": "flake-parts_4", - "git-hooks": "git-hooks_2", - "nix": "nix_2", - "nixd": "nixd_2", - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1771066302, @@ -504,6 +413,24 @@ "type": "github" } }, + "devshell_2": { + "inputs": { + "nixpkgs": "nixpkgs_6" + }, + "locked": { + "lastModified": 1768818222, + "narHash": "sha256-460jc0+CZfyaO8+w8JNtlClB2n4ui1RbHfPTLkpwhU8=", + "owner": "numtide", + "repo": "devshell", + "rev": "255a2b1725a20d060f566e4755dbf571bbbb5f76", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, "disko": { "inputs": { "nixpkgs": [ @@ -546,25 +473,6 @@ "type": "github" } }, - "fenix": { - "inputs": { - "nixpkgs": "nixpkgs_7", - "rust-analyzer-src": "rust-analyzer-src" - }, - "locked": { - "lastModified": 1774423251, - "narHash": "sha256-g/PP8G9WcP4vtZVOBNYwfGxLnwLQoTERHnef8irAMeQ=", - "owner": "nix-community", - "repo": "fenix", - "rev": "b70d7535088cd8a9e4322c372a475f66ffa18adf", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "fenix", - "type": "github" - } - }, "firefox-gnome-theme": { "flake": false, "locked": { @@ -598,20 +506,6 @@ } }, "flake-compat_10": { - "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", - "revCount": 69, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz?rev=ff81ac966bb2cae68946d5ed5fc4994f96d0ffec&revCount=69" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" - } - }, - "flake-compat_11": { "flake": false, "locked": { "lastModified": 1767039857, @@ -627,7 +521,7 @@ "type": "github" } }, - "flake-compat_12": { + "flake-compat_11": { "flake": false, "locked": { "lastModified": 1747046372, @@ -643,6 +537,22 @@ "type": "github" } }, + "flake-compat_12": { + "flake": false, + "locked": { + "lastModified": 1767039857, + "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-compat_13": { "flake": false, "locked": { @@ -659,39 +569,7 @@ "type": "github" } }, - "flake-compat_14": { - "flake": false, - "locked": { - "lastModified": 1767039857, - "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1767039857, - "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_3": { "flake": false, "locked": { "lastModified": 1733328505, @@ -707,7 +585,7 @@ "type": "github" } }, - "flake-compat_4": { + "flake-compat_3": { "flake": false, "locked": { "lastModified": 1761588595, @@ -723,7 +601,7 @@ "type": "github" } }, - "flake-compat_5": { + "flake-compat_4": { "flake": false, "locked": { "lastModified": 1767039857, @@ -739,6 +617,22 @@ "type": "github" } }, + "flake-compat_5": { + "flake": false, + "locked": { + "lastModified": 1767039857, + "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", + "owner": "NixOS", + "repo": "flake-compat", + "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "flake-compat", + "type": "github" + } + }, "flake-compat_6": { "flake": false, "locked": { @@ -756,22 +650,6 @@ } }, "flake-compat_7": { - "flake": false, - "locked": { - "lastModified": 1767039857, - "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", - "owner": "NixOS", - "repo": "flake-compat", - "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_8": { "flake": false, "locked": { "lastModified": 1696426674, @@ -787,7 +665,7 @@ "type": "github" } }, - "flake-compat_9": { + "flake-compat_8": { "flake": false, "locked": { "lastModified": 1767039857, @@ -803,6 +681,20 @@ "type": "github" } }, + "flake-compat_9": { + "locked": { + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "revCount": 69, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz?rev=ff81ac966bb2cae68946d5ed5fc4994f96d0ffec&revCount=69" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -825,27 +717,6 @@ } }, "flake-parts_10": { - "inputs": { - "nixpkgs-lib": [ - "nixos-anywhere", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1768135262, - "narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_11": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_6" }, @@ -863,7 +734,7 @@ "type": "github" } }, - "flake-parts_12": { + "flake-parts_11": { "inputs": { "nixpkgs-lib": [ "stylix", @@ -884,7 +755,7 @@ "type": "github" } }, - "flake-parts_13": { + "flake-parts_12": { "inputs": { "nixpkgs-lib": [ "system-manager", @@ -927,7 +798,6 @@ "flake-parts_3": { "inputs": { "nixpkgs-lib": [ - "cachix", "devenv", "nixpkgs" ] @@ -947,27 +817,6 @@ } }, "flake-parts_4": { - "inputs": { - "nixpkgs-lib": [ - "devenv", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1760948891, - "narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_5": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_2" }, @@ -985,7 +834,7 @@ "type": "github" } }, - "flake-parts_6": { + "flake-parts_5": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_3" }, @@ -1002,7 +851,7 @@ "url": "https://flakehub.com/f/hercules-ci/flake-parts/0.1" } }, - "flake-parts_7": { + "flake-parts_6": { "inputs": { "nixpkgs-lib": [ "lanzaboote", @@ -1023,7 +872,7 @@ "type": "github" } }, - "flake-parts_8": { + "flake-parts_7": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_4" }, @@ -1041,7 +890,7 @@ "type": "github" } }, - "flake-parts_9": { + "flake-parts_8": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_5" }, @@ -1059,22 +908,28 @@ "type": "github" } }, - "flake-root": { + "flake-parts_9": { + "inputs": { + "nixpkgs-lib": [ + "nixos-anywhere", + "nixpkgs" + ] + }, "locked": { - "lastModified": 1723604017, - "narHash": "sha256-rBtQ8gg+Dn4Sx/s+pvjdq3CB2wQNzx9XGFq/JVGCB6k=", - "owner": "srid", - "repo": "flake-root", - "rev": "b759a56851e10cb13f6b8e5698af7b59c44be26e", + "lastModified": 1768135262, + "narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac", "type": "github" }, "original": { - "owner": "srid", - "repo": "flake-root", + "owner": "hercules-ci", + "repo": "flake-parts", "type": "github" } }, - "flake-root_2": { + "flake-root": { "locked": { "lastModified": 1723604017, "narHash": "sha256-rBtQ8gg+Dn4Sx/s+pvjdq3CB2wQNzx9XGFq/JVGCB6k=", @@ -1159,10 +1014,10 @@ }, "freesm": { "inputs": { - "flake-compat": "flake-compat_5", + "flake-compat": "flake-compat_4", "libnbtplusplus": "libnbtplusplus", "nix-filter": "nix-filter", - "nixpkgs": "nixpkgs_8" + "nixpkgs": "nixpkgs_7" }, "locked": { "lastModified": 1770541033, @@ -1195,58 +1050,12 @@ } }, "git-hooks": { - "inputs": { - "flake-compat": [ - "cachix", - "flake-compat" - ], - "gitignore": "gitignore_2", - "nixpkgs": [ - "cachix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1772665116, - "narHash": "sha256-XmjUDG/J8Z8lY5DVNVUf5aoZGc400FxcjsNCqHKiKtc=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "39f53203a8458c330f61cc0759fe243f0ac0d198", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "git-hooks-nix": { - "inputs": { - "flake-compat": "flake-compat_6", - "gitignore": "gitignore_4", - "nixpkgs": "nixpkgs_9" - }, - "locked": { - "lastModified": 1770726378, - "narHash": "sha256-kck+vIbGOaM/dHea7aTBxdFYpeUl/jHOy5W3eyRvVx8=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "5eaaedde414f6eb1aea8b8525c466dc37bba95ae", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "git-hooks_2": { "inputs": { "flake-compat": [ "devenv", "flake-compat" ], - "gitignore": "gitignore_3", + "gitignore": "gitignore_2", "nixpkgs": [ "devenv", "nixpkgs" @@ -1266,10 +1075,30 @@ "type": "github" } }, + "git-hooks-nix": { + "inputs": { + "flake-compat": "flake-compat_5", + "gitignore": "gitignore_3", + "nixpkgs": "nixpkgs_8" + }, + "locked": { + "lastModified": 1770726378, + "narHash": "sha256-kck+vIbGOaM/dHea7aTBxdFYpeUl/jHOy5W3eyRvVx8=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "5eaaedde414f6eb1aea8b8525c466dc37bba95ae", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "github-actions-nix": { "inputs": { - "flake-parts": "flake-parts_6", - "nixpkgs": "nixpkgs_10" + "flake-parts": "flake-parts_5", + "nixpkgs": "nixpkgs_9" }, "locked": { "lastModified": 1770427665, @@ -1310,7 +1139,7 @@ "gitignore_2": { "inputs": { "nixpkgs": [ - "cachix", + "devenv", "git-hooks", "nixpkgs" ] @@ -1330,28 +1159,6 @@ } }, "gitignore_3": { - "inputs": { - "nixpkgs": [ - "devenv", - "git-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "gitignore_4": { "inputs": { "nixpkgs": [ "git-hooks-nix", @@ -1372,7 +1179,7 @@ "type": "github" } }, - "gitignore_5": { + "gitignore_4": { "inputs": { "nixpkgs": [ "hyprland", @@ -1394,7 +1201,7 @@ "type": "github" } }, - "gitignore_6": { + "gitignore_5": { "inputs": { "nixpkgs": [ "lanzaboote", @@ -1416,7 +1223,7 @@ "type": "github" } }, - "gitignore_7": { + "gitignore_6": { "inputs": { "nixpkgs": [ "system-manager", @@ -1638,7 +1445,7 @@ "hyprutils": "hyprutils", "hyprwayland-scanner": "hyprwayland-scanner", "hyprwire": "hyprwire", - "nixpkgs": "nixpkgs_11", + "nixpkgs": "nixpkgs_10", "pre-commit-hooks": "pre-commit-hooks_2", "systems": "systems_4", "xdph": "xdph" @@ -1941,8 +1748,8 @@ "lanzaboote": { "inputs": { "crane": "crane_2", - "flake-compat": "flake-compat_8", - "flake-parts": "flake-parts_7", + "flake-compat": "flake-compat_7", + "flake-parts": "flake-parts_6", "nixpkgs": [ "nixpkgs" ], @@ -1982,7 +1789,7 @@ }, "ndg": { "inputs": { - "nixpkgs": "nixpkgs_17" + "nixpkgs": "nixpkgs_16" }, "locked": { "lastModified": 1768214250, @@ -2001,7 +1808,7 @@ }, "nekoflake": { "inputs": { - "nixpkgs": "nixpkgs_12" + "nixpkgs": "nixpkgs_11" }, "locked": { "lastModified": 1744631782, @@ -2020,40 +1827,34 @@ "nix": { "inputs": { "flake-compat": [ - "cachix", "devenv", "flake-compat" ], "flake-parts": [ - "cachix", "devenv", "flake-parts" ], "git-hooks-nix": [ - "cachix", "devenv", "git-hooks" ], "nixpkgs": [ - "cachix", "devenv", "nixpkgs" ], "nixpkgs-23-11": [ - "cachix", "devenv" ], "nixpkgs-regression": [ - "cachix", "devenv" ] }, "locked": { - "lastModified": 1771532737, - "narHash": "sha256-H26FQmOyvIGnedfAioparJQD8Oe+/byD6OpUpnI/hkE=", + "lastModified": 1770395975, + "narHash": "sha256-zg0AEZn8d4rqIIsw5XrkVL5p1y6fBj2L57awfUg+gNA=", "owner": "cachix", "repo": "nix", - "rev": "7eb6c427c7a86fdc3ebf9e6cbf2a84e80e8974fd", + "rev": "ccb6019ce2bd11f5de5fe4617c0079d8cb1ed057", "type": "github" }, "original": { @@ -2065,9 +1866,9 @@ }, "nix-bwrapper": { "inputs": { - "nixpkgs": "nixpkgs_13", + "nixpkgs": "nixpkgs_12", "nuschtosSearch": "nuschtosSearch", - "treefmt-nix": "treefmt-nix_4" + "treefmt-nix": "treefmt-nix_3" }, "locked": { "lastModified": 1770308099, @@ -2087,9 +1888,9 @@ "inputs": { "cachyos-kernel": "cachyos-kernel", "cachyos-kernel-patches": "cachyos-kernel-patches", - "flake-compat": "flake-compat_9", - "flake-parts": "flake-parts_8", - "nixpkgs": "nixpkgs_16" + "flake-compat": "flake-compat_8", + "flake-parts": "flake-parts_7", + "nixpkgs": "nixpkgs_15" }, "locked": { "lastModified": 1771091677, @@ -2230,10 +2031,10 @@ }, "nix-mineral": { "inputs": { - "flake-compat": "flake-compat_10", - "flake-parts": "flake-parts_9", + "flake-compat": "flake-compat_9", + "flake-parts": "flake-parts_8", "ndg": "ndg", - "nixpkgs": "nixpkgs_18" + "nixpkgs": "nixpkgs_17" }, "locked": { "lastModified": 1771115839, @@ -2298,56 +2099,14 @@ "type": "github" } }, - "nix_2": { - "inputs": { - "flake-compat": [ - "devenv", - "flake-compat" - ], - "flake-parts": [ - "devenv", - "flake-parts" - ], - "git-hooks-nix": [ - "devenv", - "git-hooks" - ], - "nixpkgs": [ - "devenv", - "nixpkgs" - ], - "nixpkgs-23-11": [ - "devenv" - ], - "nixpkgs-regression": [ - "devenv" - ] - }, - "locked": { - "lastModified": 1770395975, - "narHash": "sha256-zg0AEZn8d4rqIIsw5XrkVL5p1y6fBj2L57awfUg+gNA=", - "owner": "cachix", - "repo": "nix", - "rev": "ccb6019ce2bd11f5de5fe4617c0079d8cb1ed057", - "type": "github" - }, - "original": { - "owner": "cachix", - "ref": "devenv-2.32", - "repo": "nix", - "type": "github" - } - }, "nixd": { "inputs": { "flake-parts": [ - "cachix", "devenv", "flake-parts" ], "flake-root": "flake-root", "nixpkgs": [ - "cachix", "devenv", "nixpkgs" ], @@ -2367,33 +2126,6 @@ "type": "github" } }, - "nixd_2": { - "inputs": { - "flake-parts": [ - "devenv", - "flake-parts" - ], - "flake-root": "flake-root_2", - "nixpkgs": [ - "devenv", - "nixpkgs" - ], - "treefmt-nix": "treefmt-nix_3" - }, - "locked": { - "lastModified": 1763964548, - "narHash": "sha256-JTRoaEWvPsVIMFJWeS4G2isPo15wqXY/otsiHPN0zww=", - "owner": "nix-community", - "repo": "nixd", - "rev": "d4bf15e56540422e2acc7bc26b20b0a0934e3f5e", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixd", - "type": "github" - } - }, "nixlib": { "locked": { "lastModified": 1736643958, @@ -2412,12 +2144,12 @@ "nixos-anywhere": { "inputs": { "disko": "disko_2", - "flake-parts": "flake-parts_10", + "flake-parts": "flake-parts_9", "nix-vm-test": "nix-vm-test", "nixos-images": "nixos-images", "nixos-stable": "nixos-stable", - "nixpkgs": "nixpkgs_19", - "treefmt-nix": "treefmt-nix_5" + "nixpkgs": "nixpkgs_18", + "treefmt-nix": "treefmt-nix_4" }, "locked": { "lastModified": 1769956140, @@ -2435,9 +2167,9 @@ }, "nixos-cli": { "inputs": { - "flake-compat": "flake-compat_11", - "flake-parts": "flake-parts_11", - "nixpkgs": "nixpkgs_20", + "flake-compat": "flake-compat_10", + "flake-parts": "flake-parts_10", + "nixpkgs": "nixpkgs_19", "optnix": "optnix" }, "locked": { @@ -2518,8 +2250,8 @@ }, "nixos-wsl": { "inputs": { - "flake-compat": "flake-compat_13", - "nixpkgs": "nixpkgs_22" + "flake-compat": "flake-compat_12", + "nixpkgs": "nixpkgs_21" }, "locked": { "lastModified": 1770657009, @@ -2691,20 +2423,6 @@ } }, "nixpkgs_10": { - "locked": { - "lastModified": 1770197578, - "narHash": "sha256-AYqlWrX09+HvGs8zM6ebZ1pwUqjkfpnv8mewYwAo+iM=", - "rev": "00c21e4c93d963c50d4c0c89bfa84ed6e0694df2", - "revCount": 940249, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.940249%2Brev-00c21e4c93d963c50d4c0c89bfa84ed6e0694df2/019c2c37-21f9-727c-86c5-0523e601d163/source.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/NixOS/nixpkgs/0.1" - } - }, - "nixpkgs_11": { "locked": { "lastModified": 1770841267, "narHash": "sha256-9xejG0KoqsoKEGp2kVbXRlEYtFFcDTHjidiuX8hGO44=", @@ -2720,7 +2438,7 @@ "type": "github" } }, - "nixpkgs_12": { + "nixpkgs_11": { "locked": { "lastModified": 1742283249, "narHash": "sha256-hYz59vIFHjPt3l4iaXwCGUPu85EVRomzZRONksMVmgY=", @@ -2735,7 +2453,7 @@ "type": "github" } }, - "nixpkgs_13": { + "nixpkgs_12": { "locked": { "lastModified": 1770197578, "narHash": "sha256-AYqlWrX09+HvGs8zM6ebZ1pwUqjkfpnv8mewYwAo+iM=", @@ -2751,7 +2469,7 @@ "type": "github" } }, - "nixpkgs_14": { + "nixpkgs_13": { "locked": { "lastModified": 1767892417, "narHash": "sha256-dhhvQY67aboBk8b0/u0XB6vwHdgbROZT3fJAjyNh5Ww=", @@ -2767,7 +2485,7 @@ "type": "github" } }, - "nixpkgs_15": { + "nixpkgs_14": { "locked": { "lastModified": 1770107345, "narHash": "sha256-tbS0Ebx2PiA1FRW8mt8oejR0qMXmziJmPaU1d4kYY9g=", @@ -2783,7 +2501,7 @@ "type": "github" } }, - "nixpkgs_16": { + "nixpkgs_15": { "locked": { "lastModified": 1771045105, "narHash": "sha256-6/VriPJZPqQfOyujd1AEjSYzgP/In4dtmQAbvhkkhyI=", @@ -2799,7 +2517,7 @@ "type": "github" } }, - "nixpkgs_17": { + "nixpkgs_16": { "locked": { "lastModified": 1766070988, "narHash": "sha256-G/WVghka6c4bAzMhTwT2vjLccg/awmHkdKSd2JrycLc=", @@ -2815,7 +2533,7 @@ "type": "github" } }, - "nixpkgs_18": { + "nixpkgs_17": { "locked": { "lastModified": 1755593991, "narHash": "sha256-BA9MuPjBDx/WnpTJ0EGhStyfE7hug8g85Y3Ju9oTsM4=", @@ -2831,7 +2549,7 @@ "type": "github" } }, - "nixpkgs_19": { + "nixpkgs_18": { "locked": { "lastModified": 1769900851, "narHash": "sha256-RgCgXS3WiG9c/1wxFM6OXmmv39dSaLLON9VeAbTTAIM=", @@ -2847,6 +2565,22 @@ "type": "github" } }, + "nixpkgs_19": { + "locked": { + "lastModified": 1767151656, + "narHash": "sha256-ujL2AoYBnJBN262HD95yer7QYUmYp5kFZGYbyCCKxq8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "f665af0cdb70ed27e1bd8f9fdfecaf451260fc55", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1770197578, @@ -2864,22 +2598,6 @@ } }, "nixpkgs_20": { - "locked": { - "lastModified": 1767151656, - "narHash": "sha256-ujL2AoYBnJBN262HD95yer7QYUmYp5kFZGYbyCCKxq8=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "f665af0cdb70ed27e1bd8f9fdfecaf451260fc55", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_21": { "locked": { "lastModified": 1759070547, "narHash": "sha256-JVZl8NaVRYb0+381nl7LvPE+A774/dRpif01FKLrYFQ=", @@ -2895,7 +2613,7 @@ "type": "github" } }, - "nixpkgs_22": { + "nixpkgs_21": { "locked": { "lastModified": 1770019141, "narHash": "sha256-VKS4ZLNx4PNrABoB0L8KUpc1fE7CLpQXQs985tGfaCU=", @@ -2911,7 +2629,7 @@ "type": "github" } }, - "nixpkgs_23": { + "nixpkgs_22": { "locked": { "lastModified": 1771008912, "narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=", @@ -2927,7 +2645,7 @@ "type": "github" } }, - "nixpkgs_24": { + "nixpkgs_23": { "locked": { "lastModified": 1770380644, "narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=", @@ -2943,7 +2661,7 @@ "type": "github" } }, - "nixpkgs_25": { + "nixpkgs_24": { "locked": { "lastModified": 1767767207, "narHash": "sha256-Mj3d3PfwltLmukFal5i3fFt27L6NiKXdBezC1EBuZs4=", @@ -2959,7 +2677,7 @@ "type": "github" } }, - "nixpkgs_26": { + "nixpkgs_25": { "locked": { "lastModified": 1770107345, "narHash": "sha256-tbS0Ebx2PiA1FRW8mt8oejR0qMXmziJmPaU1d4kYY9g=", @@ -2975,7 +2693,7 @@ "type": "github" } }, - "nixpkgs_27": { + "nixpkgs_26": { "locked": { "lastModified": 1682134069, "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=", @@ -2990,22 +2708,6 @@ } }, "nixpkgs_3": { - "locked": { - "lastModified": 1772624091, - "narHash": "sha256-QKyJ0QGWBn6r0invrMAK8dmJoBYWoOWy7lN+UHzW1jc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "80bdc1e5ce51f56b19791b52b2901187931f5353", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { "locked": { "lastModified": 1764950072, "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", @@ -3021,7 +2723,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { "lastModified": 1743014863, "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=", @@ -3037,7 +2739,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1761313199, "narHash": "sha256-wCIACXbNtXAlwvQUo1Ed++loFALPjYUA3dpcUJiXO44=", @@ -3053,23 +2755,23 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { - "lastModified": 1774106199, - "narHash": "sha256-US5Tda2sKmjrg2lNHQL3jRQ6p96cgfWh3J1QBliQ8Ws=", - "owner": "nixos", + "lastModified": 1762156382, + "narHash": "sha256-Yg7Ag7ov5+36jEFC1DaZh/12SEXo6OO3/8rqADRxiqs=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "6c9a78c09ff4d6c21d0319114873508a6ec01655", + "rev": "7241bcbb4f099a66aafca120d37c65e8dda32717", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-unstable", + "owner": "NixOS", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs_8": { + "nixpkgs_7": { "locked": { "lastModified": 1770197578, "narHash": "sha256-AYqlWrX09+HvGs8zM6ebZ1pwUqjkfpnv8mewYwAo+iM=", @@ -3085,7 +2787,7 @@ "type": "github" } }, - "nixpkgs_9": { + "nixpkgs_8": { "locked": { "lastModified": 1770073757, "narHash": "sha256-Vy+G+F+3E/Tl+GMNgiHl9Pah2DgShmIUBJXmbiQPHbI=", @@ -3101,6 +2803,20 @@ "type": "github" } }, + "nixpkgs_9": { + "locked": { + "lastModified": 1770197578, + "narHash": "sha256-AYqlWrX09+HvGs8zM6ebZ1pwUqjkfpnv8mewYwAo+iM=", + "rev": "00c21e4c93d963c50d4c0c89bfa84ed6e0694df2", + "revCount": 940249, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.940249%2Brev-00c21e4c93d963c50d4c0c89bfa84ed6e0694df2/019c2c37-21f9-727c-86c5-0523e601d163/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/NixOS/nixpkgs/0.1" + } + }, "nmd": { "inputs": { "nixpkgs": [ @@ -3188,7 +2904,7 @@ "inputs": { "flake-utils": "flake-utils_2", "ixx": "ixx", - "nixpkgs": "nixpkgs_14" + "nixpkgs": "nixpkgs_13" }, "locked": { "lastModified": 1768249818, @@ -3206,8 +2922,8 @@ }, "optnix": { "inputs": { - "flake-compat": "flake-compat_12", - "nixpkgs": "nixpkgs_21" + "flake-compat": "flake-compat_11", + "nixpkgs": "nixpkgs_20" }, "locked": { "lastModified": 1765418479, @@ -3252,7 +2968,7 @@ "lanzaboote", "flake-compat" ], - "gitignore": "gitignore_6", + "gitignore": "gitignore_5", "nixpkgs": [ "lanzaboote", "nixpkgs" @@ -3280,7 +2996,7 @@ "userborn", "flake-compat" ], - "gitignore": "gitignore_7", + "gitignore": "gitignore_6", "nixpkgs": [ "system-manager", "userborn", @@ -3303,8 +3019,8 @@ }, "pre-commit-hooks_2": { "inputs": { - "flake-compat": "flake-compat_7", - "gitignore": "gitignore_5", + "flake-compat": "flake-compat_6", + "gitignore": "gitignore_4", "nixpkgs": [ "hyprland", "nixpkgs" @@ -3349,13 +3065,12 @@ "agenix": "agenix", "agenix-rekey": "agenix-rekey", "ayugram-desktop": "ayugram-desktop", - "cachix": "cachix", "chaotic": "chaotic", "deploy-rs": "deploy-rs", - "devenv": "devenv_2", + "devenv": "devenv", + "devshell": "devshell_2", "disko": "disko", - "fenix": "fenix", - "flake-parts": "flake-parts_5", + "flake-parts": "flake-parts_4", "freesm": "freesm", "git-hooks-nix": "git-hooks-nix", "github-actions-nix": "github-actions-nix", @@ -3377,34 +3092,17 @@ "nixos-cli": "nixos-cli", "nixos-generators": "nixos-generators", "nixos-wsl": "nixos-wsl", - "nixpkgs": "nixpkgs_23", + "nixpkgs": "nixpkgs_22", "noctalia": "noctalia", "quickshell": "quickshell", "sops-nix": "sops-nix", "spicetify-nix": "spicetify-nix", "stylix": "stylix", "system-manager": "system-manager", - "treefmt-nix": "treefmt-nix_6", + "treefmt-nix": "treefmt-nix_5", "vscserver": "vscserver" } }, - "rust-analyzer-src": { - "flake": false, - "locked": { - "lastModified": 1774376228, - "narHash": "sha256-7oA0u4aghFjjIcIDKZ26NUpXH7hVXGPC0sI1OfK7NUk=", - "owner": "rust-lang", - "repo": "rust-analyzer", - "rev": "eabb84b771420b8396ab4bb4747694302d9be277", - "type": "github" - }, - "original": { - "owner": "rust-lang", - "ref": "nightly", - "repo": "rust-analyzer", - "type": "github" - } - }, "rust-overlay": { "inputs": { "nixpkgs": [ @@ -3486,7 +3184,7 @@ }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_24" + "nixpkgs": "nixpkgs_23" }, "locked": { "lastModified": 1770683991, @@ -3530,9 +3228,9 @@ "base16-helix": "base16-helix", "base16-vim": "base16-vim", "firefox-gnome-theme": "firefox-gnome-theme", - "flake-parts": "flake-parts_12", + "flake-parts": "flake-parts_11", "gnome-shell": "gnome-shell", - "nixpkgs": "nixpkgs_25", + "nixpkgs": "nixpkgs_24", "nur": "nur", "systems": "systems_7", "tinted-foot": "tinted-foot", @@ -3816,7 +3514,6 @@ "treefmt-nix_2": { "inputs": { "nixpkgs": [ - "cachix", "devenv", "nixd", "nixpkgs" @@ -3838,29 +3535,7 @@ }, "treefmt-nix_3": { "inputs": { - "nixpkgs": [ - "devenv", - "nixd", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1734704479, - "narHash": "sha256-MMi74+WckoyEWBRcg/oaGRvXC9BVVxDZNRMpL+72wBI=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "65712f5af67234dad91a5a4baee986a8b62dbf8f", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, - "treefmt-nix_4": { - "inputs": { - "nixpkgs": "nixpkgs_15" + "nixpkgs": "nixpkgs_14" }, "locked": { "lastModified": 1770228511, @@ -3876,7 +3551,7 @@ "type": "github" } }, - "treefmt-nix_5": { + "treefmt-nix_4": { "inputs": { "nixpkgs": [ "nixos-anywhere", @@ -3897,9 +3572,9 @@ "type": "github" } }, - "treefmt-nix_6": { + "treefmt-nix_5": { "inputs": { - "nixpkgs": "nixpkgs_26" + "nixpkgs": "nixpkgs_25" }, "locked": { "lastModified": 1770228511, @@ -3917,8 +3592,8 @@ }, "userborn": { "inputs": { - "flake-compat": "flake-compat_14", - "flake-parts": "flake-parts_13", + "flake-compat": "flake-compat_13", + "flake-parts": "flake-parts_12", "nixpkgs": [ "system-manager", "nixpkgs" @@ -3962,7 +3637,7 @@ "vscserver": { "inputs": { "flake-utils": "flake-utils_3", - "nixpkgs": "nixpkgs_27" + "nixpkgs": "nixpkgs_26" }, "locked": { "lastModified": 1770124655, diff --git a/flake.nix b/flake.nix index aa0b97a..af37367 100644 --- a/flake.nix +++ b/flake.nix @@ -29,13 +29,6 @@ repo = "ayugram-desktop"; }; - "cachix" = { - flake = true; - type = "github"; - owner = "cachix"; - repo = "cachix"; - }; - "chaotic" = { flake = true; type = "github"; @@ -58,6 +51,13 @@ repo = "devenv"; }; + "devshell" = { + flake = true; + type = "github"; + owner = "numtide"; + repo = "devshell"; + }; + "disko" = { flake = true; type = "github"; @@ -85,13 +85,6 @@ repo = "freesmlauncher"; }; - "fenix" = { - flake = true; - type = "github"; - owner = "nix-community"; - repo = "fenix"; - }; - "github-actions-nix" = { flake = true; type = "github"; @@ -374,7 +367,7 @@ self ; } { - debug = true; + debug = false; systems = [ "x86_64-linux" @@ -383,201 +376,20 @@ imports = [ # modules + inputs.agenix-rekey.flakeModule inputs.disko.flakeModules.default + inputs.devshell.flakeModule inputs.treefmt-nix.flakeModule inputs.home-manager.flakeModules.home-manager inputs.git-hooks-nix.flakeModule inputs.devenv.flakeModule + # i can't really deside between devenv, devshells and devShells they are equally good for me + # for now, at least, i'm using numtide/devshells inputs.github-actions-nix.flakeModule ]; - flake = let - inherit - (inputs."nixpkgs".lib) - nixosSystem - filesystem - genAttrs - map - ; - - defaultModules = []; - - defaultPath = filesystem.listFilesRecursive "${self}/kyra/"; - - inputedModules = - map ( - { - input, - opt ? "default", - }: - inputs.${input}.nixosModules.${opt} - ) [ - { - opt = "disko"; - input = "disko"; - } - - { - input = "home-manager"; - } - - { - opt = "sops"; - input = "sops-nix"; - } - - { - opt = "nix-index"; - input = "nix-index-database"; - } - - { - opt = "nix-mineral"; - input = "nix-mineral"; - } - ]; - - kyraHost = name: - nixosSystem { - system = "x86_64-linux"; - modules = defaultModules ++ defaultPath ++ inputedModules; - specialArgs = { - inherit - inputs - name - self - ; - }; - }; - - kyraStack = - genAttrs [ - "hazel" - "lynn" - "yara" - "ivy" - "mel" - ] - kyraHost; - in { - # Main PC - nixosConfigurations = - { - "ada" = inputs.nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - inherit - inputs - self - ; - }; - - modules = [ - "${self}/ada/" - inputs.chaotic.nixosModules.default - inputs.stylix.nixosModules.stylix - inputs.sops-nix.nixosModules.sops - inputs.disko.nixosModules.disko - inputs.lanzaboote.nixosModules.lanzaboote - inputs.home-manager.nixosModules.default - inputs.nix-index-database.nixosModules.nix-index - inputs.nix-bwrapper.nixosModules.default - inputs.nix-mineral.nixosModules.nix-mineral - ]; - }; - - # Main Laptop - "isla" = inputs.nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - inherit - inputs - self - ; - }; - - modules = [ - "${self}/isla/" - inputs.chaotic.nixosModules.default - inputs.stylix.nixosModules.stylix - inputs.sops-nix.nixosModules.sops - inputs.disko.nixosModules.disko - inputs.home-manager.nixosModules.home-manager - inputs.lanzaboote.nixosModules.lanzaboote - inputs.nix-index-database.nixosModules.nix-index - inputs.nix-bwrapper.nixosModules.default - inputs.nix-mineral.nixosModules.nix-mineral - ]; - }; - - # homelab - "viola" = inputs.nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - inherit - inputs - self - ; - }; - - modules = [ - "${self}/viola" - inputs.chaotic.nixosModules.default - inputs.stylix.nixosModules.stylix - inputs.sops-nix.nixosModules.sops - inputs.disko.nixosModules.disko - inputs.lanzaboote.nixosModules.lanzaboote - inputs.home-manager.nixosModules.default - inputs.nix-index-database.nixosModules.nix-index - inputs.nix-mineral.nixosModules.nix-mineral - ]; - }; - - # WSL2 - "wanda" = inputs.nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - inherit - inputs - self - ; - }; - - modules = [ - "${self}/wanda/" - inputs.nixos-wsl.nixosModules.default - inputs.stylix.nixosModules.stylix - inputs.home-manager.nixosModules.default - inputs.sops-nix.nixosModules.sops - inputs.nix-index-database.nixosModules.nix-index - inputs.nix-bwrapper.nixosModules.default - inputs.nix-mineral.nixosModules.nix-mineral - ]; - }; - - # custom ISO - "florence" = inputs.nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { - inherit - inputs - self - ; - }; - - modules = [ - "${self}/florence/" - ]; - }; - } - // kyraStack; - # few words about kyraStack: - # it's my little fleet, 5 identical VPSes - # really nice that all of them are 2 vCPU 2GB - # tho ssd/nvme/hdd memory is nothing important - # and being KVM VPS / pure VPS too - - # home-manager + flake = { + # home-manager, sorta broken when standalone homeConfigurations = { "hand7s" = inputs.home-manager.lib.homeManagerConfiguration { pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux; @@ -595,12 +407,216 @@ inputs.hyprland.homeManagerModules.default inputs.chaotic.homeManagerModules.default inputs.sops-nix.homeManagerModules.sops + inputs.nix-index-database.homeModules.nix-index inputs.noctalia.homeModules.default inputs.stylix.homeModules.stylix ]; }; }; + + # nixos hosts + + # my PC + nixosConfigurations = { + "ada" = inputs.nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + inherit + inputs + self + ; + }; + + modules = [ + "${self}/ada/" + inputs.agenix.nixosModules.default + inputs.chaotic.nixosModules.default + inputs.stylix.nixosModules.stylix + inputs.sops-nix.nixosModules.sops + inputs.disko.nixosModules.disko + inputs.lanzaboote.nixosModules.lanzaboote + inputs.home-manager.nixosModules.default + inputs.nix-index-database.nixosModules.nix-index + inputs.nix-bwrapper.nixosModules.default + inputs.nix-mineral.nixosModules.nix-mineral + ]; + }; + + # my laptop + "isla" = inputs.nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + inherit + inputs + self + ; + }; + + modules = [ + "${self}/isla/" + inputs.agenix.nixosModules.default + inputs.chaotic.nixosModules.default + inputs.stylix.nixosModules.stylix + inputs.sops-nix.nixosModules.sops + inputs.disko.nixosModules.disko + inputs.home-manager.nixosModules.home-manager + inputs.lanzaboote.nixosModules.lanzaboote + inputs.nix-index-database.nixosModules.nix-index + inputs.nix-bwrapper.nixosModules.default + inputs.nix-mineral.nixosModules.nix-mineral + ]; + }; + + # my VPSes: + + # VPS 1 + "hazel" = inputs.nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + inherit + inputs + self + ; + }; + + modules = [ + { + networking.hostName = inputs.nixpkgs.lib.mkDefault "hazel"; + } + + "${self}/kyra/" + inputs.agenix.nixosModules.default + inputs.disko.nixosModules.disko + inputs.home-manager.nixosModules.default + inputs.sops-nix.nixosModules.sops + inputs.nix-index-database.nixosModules.nix-index + inputs.nix-mineral.nixosModules.nix-mineral + ]; + }; + + # VPS 2 + "lynn" = inputs.nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + inherit + inputs + self + ; + }; + + modules = [ + { + networking.hostName = inputs.nixpkgs.lib.mkDefault "lynn"; + } + + "${self}/kyra/" + inputs.agenix.nixosModules.default + inputs.disko.nixosModules.disko + inputs.home-manager.nixosModules.default + inputs.sops-nix.nixosModules.sops + inputs.nix-index-database.nixosModules.nix-index + inputs.nix-mineral.nixosModules.nix-mineral + ]; + }; + + # VPS 3 + "ivy" = inputs.nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + inherit + inputs + self + ; + }; + + modules = [ + { + networking.hostName = inputs.nixpkgs.lib.mkDefault "ivy"; + } + + "${self}/kyra/" + inputs.agenix.nixosModules.default + inputs.disko.nixosModules.disko + inputs.home-manager.nixosModules.default + inputs.sops-nix.nixosModules.sops + inputs.nix-index-database.nixosModules.nix-index + inputs.nix-mineral.nixosModules.nix-mineral + ]; + }; + + # VPS 4 + "mel" = inputs.nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + inherit + inputs + self + ; + }; + + modules = [ + { + networking.hostName = inputs.nixpkgs.lib.mkDefault "mel"; + } + + "${self}/kyra/" + inputs.agenix.nixosModules.default + inputs.disko.nixosModules.disko + inputs.home-manager.nixosModules.default + inputs.sops-nix.nixosModules.sops + inputs.nix-index-database.nixosModules.nix-index + inputs.nix-mineral.nixosModules.nix-mineral + ]; + }; + + # homelab + "viola" = inputs.nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + inherit + inputs + self + ; + }; + + modules = [ + "${self}/viola" + inputs.agenix.nixosModules.default + inputs.chaotic.nixosModules.default + inputs.stylix.nixosModules.stylix + inputs.sops-nix.nixosModules.sops + inputs.disko.nixosModules.disko + inputs.lanzaboote.nixosModules.lanzaboote + inputs.home-manager.nixosModules.default + inputs.nix-index-database.nixosModules.nix-index + inputs.nix-mineral.nixosModules.nix-mineral + ]; + }; + + # WSL2 + "wanda" = inputs.nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + inherit + inputs + self + ; + }; + + modules = [ + "${self}/wanda/" + inputs.agenix.nixosModules.default + inputs.nixos-wsl.nixosModules.default + inputs.stylix.nixosModules.stylix + inputs.home-manager.nixosModules.default + inputs.sops-nix.nixosModules.sops + inputs.nix-index-database.nixosModules.nix-index + inputs.nix-bwrapper.nixosModules.default + inputs.nix-mineral.nixosModules.nix-mineral + ]; + }; + }; }; perSystem = { @@ -614,7 +630,7 @@ flakeCheck = true; programs = { - "alejandra" = { + alejandra = { enable = true; priority = 1; includes = [ @@ -622,7 +638,7 @@ ]; }; - "statix" = { + statix = { enable = true; priority = 1; includes = [ @@ -634,7 +650,7 @@ ]; }; - "deadnix" = { + deadnix = { enable = true; priority = 1; includes = [ @@ -667,45 +683,72 @@ gitPackage = pkgs.git; hooks = { - "alejandra" = { + alejandra = { enable = true; settings = { - verbosity = "quiet"; check = true; }; }; - "deadnix" = { + deadnix = { enable = true; settings = { edit = false; }; }; - "statix" = { + statix = { enable = true; + settings = { + config = "${pkgs.writeText ''statix.toml'' '' + disabled = [ + "empty_pattern" + ] + ''}"; + }; }; }; }; }; - # cachix/devenv, basically a devShells, even better than numtide/devshells - devenv = { - shells = { - "default" = { - enterShell = config.pre-commit.shellHook; + # numtide/devshells, basically a devShells but better + devshells = { + "default" = { + name = "default"; - devenv = { - root = toString /home/hand7s/Projects/flake; + commands = [ + { + name = "pre"; + category = "[tools]"; + command = "prek run -a"; + help = '' + pre-commit-hook is a tool to execute linters / formatters before `git commit` to verify that code is meeting standarts of code setted up in projects; + ''; + } + + { + name = "fmt"; + category = "[formatters]"; + command = "nix fmt"; + help = '' + nix fmt is built-in formatting solution for nix pacakage manager; + ''; + } + ]; + + devshell = { + startup = { + "git-hooks-nix" = { + text = config.pre-commit.shellHook; + }; }; - - packages = - [ - pkgs.just - config.treefmt.build.wrapper - ] - ++ config.pre-commit.settings.enabledPackages; }; + + packages = with pkgs; + [ + just + ] + ++ config.pre-commit.settings.enabledPackages; }; }; diff --git a/florence/default.nix b/florence/default.nix deleted file mode 100644 index aaeeeaa..0000000 --- a/florence/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{inputs, ...}: { - imports = [ - "${inputs.nixpkgs}/nixos/modules/installer/netboot/netboot-minimal.nix" - ]; - - services = { - openssh = { - enable = true; - settings = { - PermitRootLogin = "yes"; - }; - }; - - system = { - stateVersion = "25.05"; - }; - - users = { - users = { - "root" = { - openssh = { - authorizedKeys = { - keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDp2IIdR5jV1HyG4aiRX7SfTNrXDhCx5rTiFU40qkOKq litvinovb0@gmail.com" - ]; - }; - }; - }; - }; - }; - }; -} diff --git a/hand7s/default.nix b/hand7s/default.nix index 4dfb40a..8600f50 100644 --- a/hand7s/default.nix +++ b/hand7s/default.nix @@ -5,17 +5,11 @@ "${self}/hand7s/wayland/hyprland.nix" - "${self}/hand7s/gtk/gtk.nix" - "${self}/hand7s/gtk/gtk3.nix" - "${self}/hand7s/gtk/gtk4.nix" - "${self}/hand7s/home/defaults.nix" "${self}/hand7s/home/gui.nix" "${self}/hand7s/home/keyboard.nix" "${self}/hand7s/home/packages.nix" "${self}/hand7s/home/shellAliases.nix" - "${self}/hand7s/home/variables.nix" - "${self}/hand7s/home/shell.nix" "${self}/hand7s/nixpkgs/config.nix" "${self}/hand7s/nixpkgs/overlays.nix" @@ -46,15 +40,5 @@ "${self}/hand7s/programs/direnv.nix" "${self}/hand7s/programs/noctalia.nix" "${self}/hand7s/programs/iamb.nix" - "${self}/hand7s/programs/nushell.nix" - "${self}/hand7s/programs/carapace.nix" - "${self}/hand7s/programs/broot.nix" - "${self}/hand7s/programs/atuin.nix" - "${self}/hand7s/programs/gitui.nix" - - "${self}/hand7s/xdg/portal.nix" - "${self}/hand7s/xdg/mime.nix" - "${self}/hand7s/xdg/configFile.nix" - "${self}/hand7s/xdg/terminal.nix" ]; } diff --git a/hand7s/gtk/gtk.nix b/hand7s/gtk/gtk.nix index 6234463..95d197c 100644 --- a/hand7s/gtk/gtk.nix +++ b/hand7s/gtk/gtk.nix @@ -1,8 +1,5 @@ -{pkgs, ...}: { +_: { gtk = { - iconTheme = { - package = pkgs.morewaita-icon-theme; - name = "MoreWaita"; - }; + enable = true; }; } diff --git a/hand7s/gtk/gtk3.nix b/hand7s/gtk/gtk3.nix deleted file mode 100644 index ce810cb..0000000 --- a/hand7s/gtk/gtk3.nix +++ /dev/null @@ -1,42 +0,0 @@ -_: { - gtk = { - gtk3 = { - extraCss = '' - headerbar { - background-color: mix(@base0D, @base02, 0.08); - } - - headerbar title { - font-size: 14px; - font-weight: 500; - } - - popover contents, - .menu { - background-color: mix(@base0D, @base02, 0.11); - } - - tooltip { - background-color: mix(@base0D, @base02, 0.14); - } - - button label { - font-size: 12px; - font-weight: 500; - } - - button:hover { - background-color: alpha(@base0D, 0.08); - } - - button:focus { - background-color: alpha(@base0D, 0.12); - } - - button:active { - background-color: alpha(@base0D, 0.16); - } - ''; - }; - }; -} diff --git a/hand7s/gtk/gtk4.nix b/hand7s/gtk/gtk4.nix deleted file mode 100644 index f688b67..0000000 --- a/hand7s/gtk/gtk4.nix +++ /dev/null @@ -1,37 +0,0 @@ -_: { - gtk = { - gtk4 = { - extraCss = '' - headerbar { - background-color: mix(@base0D, @base02, 0.08); - } - - headerbar title { - font-size: 14px; - font-weight: 500; - } - - popover contents { - background-color: mix(@base0D, @base02, 0.11); - } - - button label { - font-size: 12px; - font-weight: 500; - } - - button:hover { - background-color: alpha(@base0D, 0.08); - } - - button:focus { - background-color: alpha(@base0D, 0.12); - } - - button:active { - background-color: alpha(@base0D, 0.16); - } - ''; - }; - }; -} diff --git a/hand7s/home/packages.nix b/hand7s/home/packages.nix index d0fd64d..9ccc0ea 100644 --- a/hand7s/home/packages.nix +++ b/hand7s/home/packages.nix @@ -7,17 +7,16 @@ xh dua nvd - tlrc dust sops rsync procs - sshfs sbctl gping comma trippy bottom + ragenix ripgrep kubectl gitoxide diff --git a/hand7s/home/shell.nix b/hand7s/home/shell.nix deleted file mode 100644 index 650e35f..0000000 --- a/hand7s/home/shell.nix +++ /dev/null @@ -1,7 +0,0 @@ -_: { - home = { - shell = { - enableShellIntegration = true; - }; - }; -} diff --git a/hand7s/home/variables.nix b/hand7s/home/variables.nix deleted file mode 100644 index 726737a..0000000 --- a/hand7s/home/variables.nix +++ /dev/null @@ -1,10 +0,0 @@ -_: { - home = { - sessionVariables = { - CARAPACE_BRIDGES = "fish"; - DIRENV_WARN_TIMEOUT = "5m"; - GTK_USE_PORTAL = "1"; - AQ_NO_MODIFIERS = "1"; - }; - }; -} diff --git a/hand7s/nix/settings/trusted-public-keys.nix b/hand7s/nix/settings/trusted-public-keys.nix index db02cd7..e5cc01b 100644 --- a/hand7s/nix/settings/trusted-public-keys.nix +++ b/hand7s/nix/settings/trusted-public-keys.nix @@ -9,6 +9,7 @@ _: { # cachix.org "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8=" + "ags.cachix.org-1:naAvMrz0CuYqeyGNyLgE010iUiuf/qx6kYrUv3NwAJ8=" "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8=" ]; diff --git a/hand7s/nixpkgs/overlays.nix b/hand7s/nixpkgs/overlays.nix new file mode 100644 index 0000000..8db0844 --- /dev/null +++ b/hand7s/nixpkgs/overlays.nix @@ -0,0 +1,6 @@ +_: { + nixpkgs = { + overlays = [ + ]; + }; +} diff --git a/hand7s/options/gui.nix b/hand7s/options/gui.nix index eefd593..c440f21 100644 --- a/hand7s/options/gui.nix +++ b/hand7s/options/gui.nix @@ -6,8 +6,8 @@ ... }: let cfg = config.home.gui; - ayugram = self.inputs.ayugram-desktop.packages.${pkgs.stdenv.hostPlatform.system}.ayugram-desktop; - freesm-launcher = self.inputs.freesm.packages.${pkgs.stdenv.hostPlatform.system}.freesmlauncher; + ayugram = self.inputs.ayugram-desktop.packages.${pkgs.system}.ayugram-desktop; + freesm-launcher = self.inputs.freesm.packages.${pkgs.system}.freesmlauncher; in { options.home.gui = { enable = lib.mkEnableOption '' @@ -45,6 +45,7 @@ in { vesktop ayugram anki-bin + obsidian mindustry lan-mouse monero-gui @@ -69,10 +70,10 @@ in { cfg.sessionType == "Hyprland" ) [ fum + timg dconf iwgtk tokei - gajim ifuse yt-dlp termusic @@ -85,21 +86,17 @@ in { yubico-piv-tool yubikey-manager libimobiledevice - ungoogled-chromium yubikey-touch-detector yubikey-personalization self.inputs.noctalia.packages.${system}.default ]; }; - gtk.enable = true; - programs = { chromium.enable = true; spicetify.enable = true; ghostty.enable = true; git.enable = true; - obsidian.enable = true; }; services = with lib.mkDefault; { diff --git a/hand7s/programs/atuin.nix b/hand7s/programs/atuin.nix deleted file mode 100644 index d974cd1..0000000 --- a/hand7s/programs/atuin.nix +++ /dev/null @@ -1,22 +0,0 @@ -_: { - programs = { - atuin = { - enable = true; - enableNushellIntegration = true; - enableFishIntegration = true; - - settings = { - keymap_mode = "vim-normal"; - }; - - flags = [ - "--disable-up-arrow" - ]; - - daemon = { - enable = true; - logLevel = "info"; - }; - }; - }; -} diff --git a/hand7s/programs/broot.nix b/hand7s/programs/broot.nix deleted file mode 100644 index b0fb242..0000000 --- a/hand7s/programs/broot.nix +++ /dev/null @@ -1,13 +0,0 @@ -_: { - programs = { - broot = { - enable = true; - enableNushellIntegration = true; - enableFishIntegration = true; - - settings = { - modal = true; - }; - }; - }; -} diff --git a/hand7s/programs/carapace.nix b/hand7s/programs/carapace.nix deleted file mode 100644 index 49a3a69..0000000 --- a/hand7s/programs/carapace.nix +++ /dev/null @@ -1,9 +0,0 @@ -_: { - programs = { - carapace = { - enable = true; - enableNushellIntegration = true; - enableFishIntegration = true; - }; - }; -} diff --git a/hand7s/programs/chrome.nix b/hand7s/programs/chrome.nix index b67b690..0259f9d 100644 --- a/hand7s/programs/chrome.nix +++ b/hand7s/programs/chrome.nix @@ -4,6 +4,7 @@ package = pkgs.google-chrome.override { commandLineArgs = [ "--enable-features=AcceleratedVideoEncoder,VaapiIgnoreDriverChecks,Vulkan,DefaultANGLEVulkan,VulkanFromANGLE,VaapiIgnoreDriverChecks,VaapiVideoDecoder,PlatformHEVCDecoderSupport,UseMultiPlaneFormatForHardwareVideo,SkiaGraphite" + "--enable-unsafe-webgpu" "--ignore-gpu-blocklist" "--enable-zero-copy" ]; diff --git a/hand7s/programs/direnv.nix b/hand7s/programs/direnv.nix index 20b7998..84af0d8 100644 --- a/hand7s/programs/direnv.nix +++ b/hand7s/programs/direnv.nix @@ -3,7 +3,6 @@ _: { direnv = { enable = true; silent = true; - enableNushellIntegration = true; nix-direnv = { enable = true; diff --git a/hand7s/programs/eza.nix b/hand7s/programs/eza.nix index ac804c7..2ac0ee4 100644 --- a/hand7s/programs/eza.nix +++ b/hand7s/programs/eza.nix @@ -3,7 +3,6 @@ _: { eza = { enable = true; enableFishIntegration = true; - enableNushellIntegration = true; git = true; icons = "always"; }; diff --git a/hand7s/programs/fzf.nix b/hand7s/programs/fzf.nix index 4c1c4ff..31960f5 100644 --- a/hand7s/programs/fzf.nix +++ b/hand7s/programs/fzf.nix @@ -3,7 +3,6 @@ _: { fzf = { enable = true; enableFishIntegration = true; - tmux = { enableShellIntegration = true; }; diff --git a/hand7s/programs/ghostty.nix b/hand7s/programs/ghostty.nix index 9f1dca0..c1e2e65 100644 --- a/hand7s/programs/ghostty.nix +++ b/hand7s/programs/ghostty.nix @@ -12,7 +12,7 @@ bell-features = "system"; - command = "${lib.getExe pkgs.nushell}"; + command = "${lib.getExe pkgs.fish}"; confirm-close-surface = false; diff --git a/hand7s/programs/gitui.nix b/hand7s/programs/gitui.nix deleted file mode 100644 index 23f9ddb..0000000 --- a/hand7s/programs/gitui.nix +++ /dev/null @@ -1,26 +0,0 @@ -_: { - programs = { - gitui = { - enable = true; - keyConfig = '' - ( - move_left: Some(( code: Char('h'), modifiers: "" )), - move_right: Some(( code: Char('l'), modifiers: "" )), - move_up: Some(( code: Char('k'), modifiers: "" )), - move_down: Some(( code: Char('j'), modifiers: "" )), - - popup_up: Some(( code: Char('k'), modifiers: "" )), - popup_down: Some(( code: Char('j'), modifiers: "" )), - page_up: Some(( code: Char('b'), modifiers: "CONTROL" )), - page_down: Some(( code: Char('f'), modifiers: "CONTROL" )), - - stage_hunk: Some(( code: Char('x'), modifiers: "" )), - status_reset_item: Some(( code: Char('U'), modifiers: "SHIFT" )), - - shift_up: Some(( code: Char('K'), modifiers: "SHIFT" )), - shift_down: Some(( code: Char('J'), modifiers: "SHIFT" )), - ) - ''; - }; - }; -} diff --git a/hand7s/programs/helix.nix b/hand7s/programs/helix.nix index c24e064..c8ae19c 100644 --- a/hand7s/programs/helix.nix +++ b/hand7s/programs/helix.nix @@ -2,15 +2,7 @@ pkgs, lib, ... -}: let - formatter = { - run = "treefmt"; - args = [ - "--stdin" - "$f" - ]; - }; -in { +}: { programs = { helix = { package = pkgs.helix; @@ -18,133 +10,52 @@ in { defaultEditor = true; extraPackages = with pkgs; [ nixd - ruff - vtsls - rust-analyzer ]; settings = { editor = { line-number = "relative"; cursorline = true; - auto-pairs = true; - auto-save = { - focus-lost = true; - after-delay = { - enable = true; - timeout = 3000; - }; - }; - - soft-wrap = { - enable = true; - }; - - inline-diagnostics = { - cursor-line = "hint"; - }; - lsp = { - enable = true; - display-progress-messages = true; - display-inlay-hints = true; - }; - - cursor-shape = { - normal = "underline"; - insert = "block"; - select = "underline"; + display-messages = true; }; }; }; languages = { language-servers = { - "nixd" = { + nixd = { command = "${lib.getExe pkgs.nixd}"; args = [ "--inlay-hints=true" ]; }; - - "ruff" = { - command = "${lib.getExe pkgs.ruff}"; - args = [ - "server" - ]; - }; - - "vtsls" = { - command = "${lib.getExe pkgs.vtsls}"; - args = [ - "--stdio" - ]; - }; - - "rust-lsp" = { - command = "${lib.getExe pkgs.rust-analyzer}"; - }; }; - languages = [ + language = [ { name = "nix"; - auto-format = true; + comment-token = "#"; + injection-regex = "nix"; + indent = { + tab-width = 4; + unit = " "; + }; + + formatter = { + command = "${lib.getExe pkgs.nix}"; + args = [ + "fmt" + ]; + }; + + file-types = [ + "nix" + ]; + language-servers = [ "nixd" ]; - - inherit - formatter - ; - } - - { - name = "python"; - auto-format = true; - language-servers = [ - "ruff" - ]; - - inherit - formatter - ; - } - - { - name = "rust"; - auto-format = true; - language-servers = [ - "rust-lsp" - ]; - - inherit - formatter - ; - } - - { - name = "javascript"; - auto-format = true; - language-servers = [ - "vtsls" - ]; - - inherit - formatter - ; - } - - { - name = "typescript"; - auto-format = true; - language-servers = [ - "vtsls" - ]; - - inherit - formatter - ; } ]; }; diff --git a/hand7s/programs/index.nix b/hand7s/programs/index.nix index dc16de9..d7475b9 100644 --- a/hand7s/programs/index.nix +++ b/hand7s/programs/index.nix @@ -3,7 +3,6 @@ _: { nix-index = { enable = true; enableFishIntegration = true; - enableNushellIntegration = true; }; }; } diff --git a/hand7s/programs/noctalia.nix b/hand7s/programs/noctalia.nix index ad629d3..662f6cc 100644 --- a/hand7s/programs/noctalia.nix +++ b/hand7s/programs/noctalia.nix @@ -19,10 +19,9 @@ forceBlackScreenCorners = true; showScreenCorners = true; screenRadiusRatio = 1; - radiusRatio = 1.5; - enableBlurBehind = true; + radiusRatio = 0.7; enableShadows = true; - shadowDirection = "bottom_right"; + shadowDirection = "center"; }; appLauncher = { @@ -41,12 +40,10 @@ }; bar = { - floating = true; - density = "comfortable"; + floating = false; + density = "default"; position = "right"; - showCapsule = true; - contentPadding = 8; - widgetSpacing = 10; + showCapsule = false; marginVertical = 1; marginHorizontal = 0.6; monitors = [ @@ -122,7 +119,7 @@ }; notifications = { - location = "top_right"; + location = "top_center"; }; controlCenter = { @@ -150,7 +147,6 @@ }; dock = { - dockType = "static"; displayMode = "auto_hide"; floatingRatio = 1; onlySameOutput = true; @@ -202,9 +198,9 @@ }; ui = { - fontDefault = lib.mkForce "Monaspace Aether Nerd Font"; + fontDefault = lib.mkForce "Nerd Fonts Hack"; fontDefaultScale = 1; - fontFixed = lib.mkForce "Roboto Mono Nerd Font"; + fontFixed = lib.mkForce "Nerd Fonts Hack"; fontFixedScale = 1; idleInhibitorEnabled = false; tooltipsEnabled = true; diff --git a/hand7s/programs/nushell.nix b/hand7s/programs/nushell.nix deleted file mode 100644 index 296a012..0000000 --- a/hand7s/programs/nushell.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - programs = { - nushell = { - enable = true; - extraEnv = '' - $env.EDITOR = "hx" - ''; - - extraConfig = '' - $env.config.show_banner = false - - $env.config.buffer_editor = "hx" - - def fish-run [cmd: string] { - ^${lib.getExe pkgs.fish} -c $cmd - } - ''; - }; - }; -} diff --git a/hand7s/programs/spicetify.nix b/hand7s/programs/spicetify.nix index 3f7be81..56ab174 100644 --- a/hand7s/programs/spicetify.nix +++ b/hand7s/programs/spicetify.nix @@ -6,13 +6,13 @@ }: { programs = { spicetify = { - enabledExtensions = with self.inputs.spicetify-nix.legacyPackages.${pkgs.stdenv.hostPlatform.system}.extensions; [ + enabledExtensions = with self.inputs.spicetify-nix.legacyPackages.${pkgs.system}.extensions; [ adblock hidePodcasts shuffle ]; - theme = lib.mkForce self.inputs.spicetify-nix.legacyPackages.${pkgs.stdenv.hostPlatform.system}.themes.text; + theme = lib.mkForce self.inputs.spicetify-nix.legacyPackages.${pkgs.system}.themes.text; colorScheme = lib.mkForce "TokyoNight"; }; }; diff --git a/hand7s/programs/starship.nix b/hand7s/programs/starship.nix index cd8615c..5228038 100644 --- a/hand7s/programs/starship.nix +++ b/hand7s/programs/starship.nix @@ -3,17 +3,15 @@ _: { starship = { enable = true; enableFishIntegration = true; - enableNushellIntegration = true; - settings = { add_newline = true; format = '' [╭──╼](bold blue) $username at $hostname on $os - [┆](bold blue) $directory$git_branch$git_commit$git_state$git_metrics$git_status$kubernetes$rust + [┆](bold blue) $directory$git_branch$git_commit$git_state$git_metrics$git_status [╰─>](bold blue) ''; - right_format = ''$cmd_duration ($status) at ❗$time''; + right_format = ''$cmd_duration ($character) at ❗$time''; os = { format = "[($name $codename$version$edition $symbol )]($style)"; @@ -35,18 +33,9 @@ _: { style_user = "bold green"; }; - status = { - disabled = false; - format = "[$symbol]($style)"; - symbol = "✗"; - success_symbol = "✓"; - not_executable_symbol = "⃠🚫"; - not_found_symbol = "🔍"; - sigint_symbol = "[🛑](bold red)"; - signal_symbol = "[⚡](bold yellow)"; - - pipestatus = true; - pipestatus_separator = "|"; + character = { + success_symbol = "[✓](bold green)"; + error_symbol = "[✗](bold red)"; }; time = { @@ -64,14 +53,6 @@ _: { show_notifications = false; format = "was [$duration](bold green)"; }; - - rust = { - format = "via [⚙️ $version](red bold)"; - }; - - kubernetes = { - disabled = false; - }; }; }; }; diff --git a/hand7s/programs/yazi.nix b/hand7s/programs/yazi.nix index 396e8d9..234c8e9 100644 --- a/hand7s/programs/yazi.nix +++ b/hand7s/programs/yazi.nix @@ -7,8 +7,6 @@ yazi = { enable = true; enableFishIntegration = true; - enableNushellIntegration = true; - shellWrapperName = "yz"; settings = { mgr = { @@ -44,63 +42,33 @@ }; opener = { - "play" = [ + play = [ { - run = ''${lib.getExe pkgs.mpv} --vo=tct "%s"''; + run = "${lib.getExe pkgs.mpv} ''$@''"; block = true; for = "unix"; } ]; - "view" = [ + view = [ { - run = ''${lib.getExe pkgs.viu} -t "%s"''; + run = "${lib.getExe pkgs.timg} ''-p k -C $@ | ${lib.getExe' pkgs.uutils-coreutils-noprefix "more"}''"; block = true; for = "unix"; } ]; - "edit" = [ + edit = [ { - run = ''${lib.getExe pkgs.helix} "%s"''; + run = "${lib.getExe pkgs.helix} ''$@''"; block = true; for = "unix"; } ]; - "doc" = [ + open = [ { - run = ''${lib.getExe pkgs.tdf} "%s"''; - block = true; - for = "unix"; - } - ]; - - "hex" = [ - { - run = ''${lib.getExe pkgs.hexyl} "$s"''; - } - ]; - - "exfil" = [ - { - run = ''${lib.getExe pkgs.ouch} de "%s"''; - block = true; - for = "unix"; - } - ]; - - "book" = [ - { - run = ''${lib.getExe pkgs.epr} "%s"''; - block = true; - for = "unix"; - } - ]; - - "open" = [ - { - run = ''${lib.getExe' pkgs.xdg-utils "xdg-open"} "%s"''; + run = "${lib.getExe' pkgs.xdg-utils "xdg-open"} ''$@''"; orphan = true; for = "unix"; } @@ -110,83 +78,23 @@ open = { rules = [ { - mime = "video/*"; - use = [ - "play" - "open" - ]; - } - - { - mime = "audio/*"; - use = [ - "play" - "open" - ]; - } - - { - mime = "application/epub+zip"; - use = [ - "book" - "edit" - ]; - } - - { - mime = "application/pdf"; - use = [ - "doc" - "open" - ]; - } - - { - mime = "application/{octet-stream,x-executable,x-sharedlib,x-pie-executable}"; - use = [ - "hex" - "open" - ]; - } - - { - mime = "application/vnd.*"; - use = [ - "open" - "edit" - ]; - } - - { - mime = "font/*"; - use = [ - "open" - "edit" - ]; - } - - { - mime = "application/{zip,rar,7z*,tar*,x-tar,x-bzip*,x-gzip,x-xz}"; - use = [ - "exfil" - "open" - ]; + mime = "image/*"; + use = "view"; } { mime = "text/*"; - use = [ - "edit" - "open" - ]; + use = "edit"; } { - mime = "*"; - use = [ - "edit" - "open" - ]; + mime = "audio/*"; + use = "play"; + } + + { + mime = "video/*"; + use = "play"; } ]; }; diff --git a/hand7s/programs/zellij.nix b/hand7s/programs/zellij.nix index a910b23..907eca4 100644 --- a/hand7s/programs/zellij.nix +++ b/hand7s/programs/zellij.nix @@ -6,32 +6,8 @@ programs = { zellij = { enable = true; - settings = { - options = { - copy_on_select = false; - }; - - keybinds = { - unbind = [ - "Alt n" - "Alt i" - "Alt o" - "Alt h" - "Alt j" - "Alt k" - "Alt l" - "Alt f" - "Alt Up" - "Alt Down" - "Alt Right" - "Alt Left" - "Alt +" - "Alt -" - ]; - }; - - default_shell = "${lib.getExe pkgs.nushell}"; + default_shell = "${lib.getExe pkgs.fish}"; show_startup_tips = false; show_release_notes = false; simplified_ui = true; diff --git a/hand7s/programs/zoxide.nix b/hand7s/programs/zoxide.nix index 0527806..0739e21 100644 --- a/hand7s/programs/zoxide.nix +++ b/hand7s/programs/zoxide.nix @@ -3,7 +3,6 @@ _: { zoxide = { enable = true; enableFishIntegration = true; - enableNushellIntegration = true; }; }; } diff --git a/hand7s/stylix/base16Scheme.nix b/hand7s/stylix/base16Scheme.nix index 169ffc6..6cea17f 100644 --- a/hand7s/stylix/base16Scheme.nix +++ b/hand7s/stylix/base16Scheme.nix @@ -1,22 +1,22 @@ _: { stylix = { base16Scheme = { - scheme = "Tokyo-Night-Storm-MD3e"; - name = "TokyoNightStormMD3e"; + scheme = "Tokyonight by Folke Lemaitre (https://github.com/folke)"; + name = "Tokyonight"; base00 = "#24283b"; base01 = "#1f2335"; base02 = "#292e42"; base03 = "#565f89"; base04 = "#a9b1d6"; base05 = "#c0caf5"; - base06 = "#cdd6f4"; - base07 = "#d5d6db"; + base06 = "#c0caf5"; + base07 = "#c0caf5"; base08 = "#f7768e"; base09 = "#ff9e64"; base0A = "#e0af68"; base0B = "#9ece6a"; - base0C = "#7dcfff"; - base0D = "#7aa2f7"; + base0C = "#1abc9c"; + base0D = "#41a6b5"; base0E = "#bb9af7"; base0F = "#ff007c"; }; diff --git a/hand7s/stylix/fonts.nix b/hand7s/stylix/fonts.nix index 6b67bb6..1cea8c4 100644 --- a/hand7s/stylix/fonts.nix +++ b/hand7s/stylix/fonts.nix @@ -2,30 +2,30 @@ stylix = { fonts = { sizes = { - applications = 12; - desktop = 11; - popups = 11; - terminal = 12; + applications = 10; + desktop = 8; + popups = 10; + terminal = 10; }; monospace = { - package = pkgs.nerd-fonts.monaspace; - name = "Monospace Aether Nerd Font"; + package = pkgs.nerd-fonts.roboto-mono; + name = "Roboto-Mono Nerd Font"; }; emoji = { - package = pkgs.noto-fonts-color-emoji; - name = "Noto Color Emoji"; + package = pkgs.nerd-fonts.symbols-only; + name = "Symbols Only Nerd Font"; }; sansSerif = { - package = pkgs.nerd-fonts.iosevka-term-slab; - name = "Iosevka Term Slab Nerd Font"; + package = pkgs.nerd-fonts.aurulent-sans-mono; + name = "Aurulent Sans Mono Nerd Font"; }; serif = { - package = pkgs.nerd-fonts.noto; - name = "Noto Serif Nerd Font"; + package = pkgs.nerd-fonts.hack; + name = "Hack Nerd Font"; }; }; }; diff --git a/hand7s/stylix/red_ish.nix b/hand7s/stylix/red_ish.nix new file mode 100644 index 0000000..6c5ae1e --- /dev/null +++ b/hand7s/stylix/red_ish.nix @@ -0,0 +1,32 @@ +_: { + stylix = { + base16Scheme = { + base00 = "2a1617"; + base01 = "5d3f3f"; + base02 = "7a5bab"; + base03 = "bb9499"; + base04 = "eea1cf"; + base05 = "f5dddd"; + base06 = "ffebff"; + base07 = "ffede9"; + base08 = "e36b70"; + base09 = "ac878e"; + base0A = "db7356"; + base0B = "a78897"; + base0C = "ca7a79"; + base0D = "b28776"; + base0E = "d8708b"; + base0F = "ec6653"; + base10 = "2a1617"; + base11 = "2a1617"; + base12 = "e36b70"; + base13 = "ac878e"; + base14 = "a78897"; + base15 = "ca7a79"; + base16 = "b28776"; + base17 = "d8708b"; + scheme = "hand7s"; + name = "red_ish"; + }; + }; +} diff --git a/hand7s/stylix/wallpaper3.png b/hand7s/stylix/wallpaper3.png index fdda3fb..97a0dae 100644 Binary files a/hand7s/stylix/wallpaper3.png and b/hand7s/stylix/wallpaper3.png differ diff --git a/hand7s/wayland/hyprland.nix b/hand7s/wayland/hyprland.nix index b5122ee..907ee9f 100644 --- a/hand7s/wayland/hyprland.nix +++ b/hand7s/wayland/hyprland.nix @@ -1,6 +1,6 @@ { - config, self, + config, pkgs, lib, ... @@ -14,22 +14,22 @@ ) true; - package = self.inputs.nixpkgs.legacyPackages.${pkgs.stdenv.hostPlatform.system}.hyprland; - portalPackage = self.inputs.nixpkgs.legacyPackages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland; + package = self.inputs.hyprland.packages.${pkgs.system}.hyprland; + portalPackage = self.inputs.hyprland.packages.${pkgs.system}.xdg-desktop-portal-hyprland; settings = { monitor = ", 2560x1440@165.00Hz, 0x0, 1"; general = { - gaps_in = 8; - gaps_out = 20; - border_size = 0; + gaps_in = "5"; + gaps_out = "20"; + border_size = "2"; layout = "dwindle"; snap = { enabled = false; - window_gap = 10; - monitor_gap = 10; + window_gap = "5"; + monitor_gap = "5"; border_overlap = false; }; }; @@ -39,9 +39,9 @@ kb_options = "grp:caps_toggle"; numlock_by_default = true; - follow_mouse = 1; + follow_mouse = "1"; left_handed = false; - sensitivity = 0; + sensitivity = "0"; special_fallthrough = true; focus_on_close = 1; @@ -64,29 +64,27 @@ }; decoration = { - active_opacity = "0.92"; - inactive_opacity = "0.88"; + active_opacity = "0.85"; + inactive_opacity = "0.65"; fullscreen_opacity = "1.0"; + rounding = "10"; - rounding = 24; - rounding_power = "2"; - - dim_inactive = false; + dim_inactive = true; + dim_strength = "0.15"; + dim_special = "0.0"; + dim_around = "0.05"; shadow = { enabled = true; - render_power = 3; - range = 20; + render_power = "4"; + range = "4"; ignore_window = false; - offset = "0 4"; - scale = "1.0"; }; blur = { enabled = true; - size = 8; - passes = 3; - vibrancy = 0.2; + size = "10"; + passes = "5"; }; }; @@ -94,7 +92,7 @@ "${lib.getExe' pkgs.systemd "systemctl"} --user start hyprpaper.service" "${lib.getExe' pkgs.systemd "systemctl"} --user start hypridle.service" "${lib.getExe' pkgs.systemd "systemctl"} --user start hyprpolkitagent.service" - "${lib.getExe self.inputs.noctalia.packages.${pkgs.stdenv.hostPlatform.system}.default}" + "${lib.getExe self.inputs.noctalia.packages.${pkgs.system}.default}" "${lib.getExe' pkgs.hyprland "hyprctl"} setcursor material_light_cursors 20" ]; @@ -102,12 +100,12 @@ bind = [ "ALT, return, exec, ${lib.getExe pkgs.ghostty}" "ALT, Q, killactive," - "ALT, S, exec, ${lib.getExe self.inputs.noctalia.packages.${pkgs.stdenv.hostPlatform.system}.default} ipc call launcher toggle" + "ALT, S, exec, ${lib.getExe self.inputs.noctalia.packages.${pkgs.system}.default} ipc call launcher toggle" "ALT, F, fullscreen, 0" "ALT, L, exec, ${lib.getExe pkgs.hyprlock}" "ALT SHIFT, space, togglefloating, active" - "ALT SHIFT, S, exec, ${lib.getExe pkgs.grimblast} --notify --freeze copysave area /home/hand7s/Pictures/Screenshots/$(date '+%y%m%d_%H-%M-%s').png || , killall -9 hyprpicker" + "ALT SHIFT, S, exec, ${lib.getExe pkgs.grimblast} --notify --freeze copysave area /home/hand7s/Pictures/Screenshots/$(date '+%y%m%d_%H-%M-%s').png | , killall -9 hyprpicker" "ALT, left, movefocus, l" "ALT, right, movefocus, r" @@ -165,34 +163,18 @@ ]; animation = [ - "workspace_wraparound = true" "enabled = true" - "bezier = md3_standard, 0.2, 0.0, 0.0, 1.0" - "bezier = md3_decel, 0.05, 0.7, 0.1, 1.0" - "bezier = md3_accel, 0.3, 0.0, 0.8, 0.15" + "animation = windows, 1, 7, popin" + "animation = windowsOut, 1, 7, popin" - "bezier = menu_decel, 0.1, 1.0, 0.1, 1.0" - "bezier = menu_accel, 0.38, 0.04, 1.0, 0.07" + "animation = layers, 1, 7, fade" - "animation = windows, 1, 4, md3_decel, slide" - "animation = windowsIn, 1, 4, md3_decel, slide" - "animation = windowsOut, 1, 2, md3_accel, slide" - "animation = fade, 1, 2, md3_standard" - "animation = layers, 1, 2, md3_decel, slide" - "animation = layersIn, 1, 3, md3_decel, slide" - "animation = layersOut, 1, 2, md3_accel, slide" - "animation = fadeLayersIn, 1, 3, menu_decel" - "animation = fadeLayersOut, 1, 2, menu_accel" - "animation = workspaces, 1, 4, md3_standard, slidefade 20%" - "animation = specialWorkspace, 1, 3, md3_decel, slidevert" - ]; + "animation = border, 1, 10" + "animation = borderangle, 1, 10" - windowrulev2 = [ - "float, class:^(yazi-picker)$" - "center, class:^(yazi-picker)$" - "size 1000 600, class:^(yazi-picker)$" - "stayfocused, class:^(yazi-picker)$" + "animation = workspaces, 1, 7, slidevert" + "animation = specialWorkspace, 1, 7, slidevert" ]; misc = { @@ -203,12 +185,11 @@ animate_mouse_windowdragging = true; focus_on_activate = true; close_special_on_empty = true; - vrr = "3"; + initial_workspace_tracking = "2"; }; render = { cm_auto_hdr = 0; - direct_scanout = "2"; }; binds = { @@ -283,7 +264,8 @@ plugins = with pkgs.hyprlandPlugins; [ hypr-dynamic-cursors - hyprspace + hyprscrolling + hyprexpo ]; }; }; diff --git a/hand7s/xdg/configFile.nix b/hand7s/xdg/configFile.nix deleted file mode 100644 index 64cb8e6..0000000 --- a/hand7s/xdg/configFile.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - lib, - pkgs, - ... -}: { - xdg = { - configFile = { - "xdg-desktop-portal-termfilechooser/config" = { - enable = true; - force = true; - text = '' - [filechooser] - cmd="${pkgs.xdg-desktop-portal-termfilechooser}/share/xdg-desktop-portal-termfilechooser/yazi-wrapper.sh" - default_dir=$HOME - env=TERMCMD="${lib.getExe pkgs.ghostty} --title='yazi-picker' -e" - open_mode=suggested - save_mode=last - ''; - }; - }; - }; -} diff --git a/hand7s/xdg/mime.nix b/hand7s/xdg/mime.nix deleted file mode 100644 index 1c1102b..0000000 --- a/hand7s/xdg/mime.nix +++ /dev/null @@ -1,11 +0,0 @@ -_: { - xdg = { - mime = { - enable = true; - }; - - mimeApps = { - enable = true; - }; - }; -} diff --git a/hand7s/xdg/portal.nix b/hand7s/xdg/portal.nix deleted file mode 100644 index c56d593..0000000 --- a/hand7s/xdg/portal.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: { - xdg = { - portal = { - enable = lib.mkIf config.home.gui.enable true; - extraPortals = with pkgs; [ - xdg-desktop-portal-gtk - xdg-desktop-portal-termfilechooser - ]; - - config = { - common = { - default = [ - "gtk" - ]; - }; - - hyprland = { - default = [ - "gtk" - "hyprland" - ]; - - "org.freedesktop.impl.portal.FileChooser" = [ - "termfilechooser" - ]; - }; - }; - }; - }; -} diff --git a/hand7s/xdg/terminal.nix b/hand7s/xdg/terminal.nix deleted file mode 100644 index 64d9c95..0000000 --- a/hand7s/xdg/terminal.nix +++ /dev/null @@ -1,12 +0,0 @@ -_: { - xdg = { - terminal-exec = { - enable = true; - settings = { - default = [ - "com.mitchellh.ghostty.desktop" - ]; - }; - }; - }; -} diff --git a/isla/boot/initrd.nix b/isla/boot/initrd.nix index 8169876..4f1ef31 100644 --- a/isla/boot/initrd.nix +++ b/isla/boot/initrd.nix @@ -1,4 +1,4 @@ -_: { +{lib, ...}: { boot = { initrd = { availableKernelModules = [ @@ -17,8 +17,13 @@ _: { supportedFilesystems = { vfat = true; btrfs = true; + zfs = lib.mkForce false; }; + kernelModules = [ + "i915" + ]; + luks = { devices = { cryptroot = { diff --git a/isla/boot/kernel.nix b/isla/boot/kernel.nix index 0a0fe19..0931dbc 100644 --- a/isla/boot/kernel.nix +++ b/isla/boot/kernel.nix @@ -1,4 +1,8 @@ -{pkgs, ...}: { +{ + pkgs, + lib, + ... +}: { boot = { kernel = { sysctl = { @@ -12,9 +16,13 @@ }; }; - kernelPackages = pkgs.linuxPackages_latest; + kernelPackages = pkgs.linuxPackages_zen; + extraModprobeConfig = '' + options thinkpad_acpi fan_control=1 + ''; kernelParams = [ + "i915.enable_rc6=7" "udev.log_priority=3" "quiet" "splash" @@ -27,12 +35,15 @@ "page_alloc.shuffle=1" "page_poison=1" "slab_nomerge" - "zswap.enabled=0" "kernel.watchdog=0" "oops=panic" ]; + kernelModules = [ + "tp_smapi" + ]; + blacklistedKernelModules = [ "k10temp" "ax25" @@ -66,6 +77,9 @@ supportedFilesystems = { vfat = true; btrfs = true; + zfs = lib.mkForce false; }; + + # consoleLogLevel = 0; }; } diff --git a/isla/boot/lanzaboote.nix b/isla/boot/lanzaboote.nix index 8036b8a..08d07df 100644 --- a/isla/boot/lanzaboote.nix +++ b/isla/boot/lanzaboote.nix @@ -1,4 +1,4 @@ -_: { +{...}: { boot = { lanzaboote = { enable = true; diff --git a/isla/boot/tmp.nix b/isla/boot/tmp.nix index 904e141..ac46b34 100644 --- a/isla/boot/tmp.nix +++ b/isla/boot/tmp.nix @@ -1,4 +1,4 @@ -_: { +{...}: { boot = { tmp = { useTmpfs = true; diff --git a/isla/console/console.nix b/isla/console/console.nix index e3a24c9..1e60d13 100644 --- a/isla/console/console.nix +++ b/isla/console/console.nix @@ -1,4 +1,4 @@ -_: { +{...}: { console = { useXkbConfig = true; }; diff --git a/isla/default.nix b/isla/default.nix index df175fb..08bdc02 100644 --- a/isla/default.nix +++ b/isla/default.nix @@ -3,7 +3,7 @@ "${self}/isla/disko/disk.nix" "${self}/isla/disko/lvm_vg.nix" - "${self}/isla/boot/loader/systemd-boot.nix" + "${self}/isla/boot/loader/system-boot.nix" "${self}/isla/boot/lanzaboote.nix" "${self}/isla/boot/initrd.nix" "${self}/isla/boot/kernel.nix" diff --git a/isla/disko/disk.nix b/isla/disko/disk.nix index 630fe89..221caa2 100644 --- a/isla/disko/disk.nix +++ b/isla/disko/disk.nix @@ -1,8 +1,8 @@ -_: { +{...}: { disko = { devices = { disk = { - "main" = { + main = { device = "/dev/disk/by-id/ata-ST92503010AS_5YH0CJFL"; type = "disk"; content = { diff --git a/isla/disko/lvm_vg.nix b/isla/disko/lvm_vg.nix index 1c255d5..8e108be 100644 --- a/isla/disko/lvm_vg.nix +++ b/isla/disko/lvm_vg.nix @@ -1,4 +1,4 @@ -_: { +{...}: { disko = { devices = { lvm_vg = { diff --git a/isla/hardware/cpu.nix b/isla/hardware/cpu.nix index 441946f..e5746c6 100644 --- a/isla/hardware/cpu.nix +++ b/isla/hardware/cpu.nix @@ -1,4 +1,4 @@ -_: { +{...}: { hardware = { enableRedistributableFirmware = true; cpu = { diff --git a/isla/hardware/qmk.nix b/isla/hardware/qmk.nix index 8742a19..543ece2 100644 --- a/isla/hardware/qmk.nix +++ b/isla/hardware/qmk.nix @@ -1,4 +1,4 @@ -_: { +{...}: { hardware = { keyboard = { qmk = { diff --git a/isla/hardware/zram.nix b/isla/hardware/zram.nix index 0d77537..b973787 100644 --- a/isla/hardware/zram.nix +++ b/isla/hardware/zram.nix @@ -1,4 +1,4 @@ -_: { +{...}: { zramSwap = { enable = true; algorithm = "zstd"; diff --git a/isla/home-manager/users.nix b/isla/home-manager/users.nix index 0a5f3e3..04c47d9 100644 --- a/isla/home-manager/users.nix +++ b/isla/home-manager/users.nix @@ -1,15 +1,19 @@ -{self, ...}: { +{ + inputs, + self, + ... +}: { home-manager = { users = { - "hand7s" = { + hand7s = { imports = [ "${self}/hand7s/" - self.inputs.spicetify-nix.homeManagerModules.default - self.inputs.hyprland.homeManagerModules.default - self.inputs.chaotic.homeManagerModules.default - self.inputs.sops-nix.homeManagerModules.sops - self.inputs.nix-index-database.homeModules.nix-index - self.inputs.noctalia.homeModules.default + inputs.spicetify-nix.homeManagerModules.default + inputs.hyprland.homeManagerModules.default + inputs.chaotic.homeManagerModules.default + inputs.sops-nix.homeManagerModules.sops + + inputs.nix-index-database.homeModules.nix-index ]; }; }; @@ -18,6 +22,7 @@ extraSpecialArgs = { inherit + inputs self ; }; diff --git a/isla/i18n/locales.nix b/isla/i18n/locales.nix index f456740..09234a5 100644 --- a/isla/i18n/locales.nix +++ b/isla/i18n/locales.nix @@ -1,4 +1,4 @@ -_: { +{...}: { i18n = { defaultLocale = "en_US.UTF-8"; supportedLocales = [ diff --git a/isla/networking/firewall.nix b/isla/networking/firewall.nix index 4ec736e..c1d1150 100644 --- a/isla/networking/firewall.nix +++ b/isla/networking/firewall.nix @@ -1,4 +1,4 @@ -_: { +{...}: { networking = { firewall = { allowPing = true; diff --git a/isla/networking/hostId.nix b/isla/networking/hostId.nix index 5267b08..4e2bb58 100644 --- a/isla/networking/hostId.nix +++ b/isla/networking/hostId.nix @@ -1,4 +1,4 @@ -_: { +{...}: { networking = { hostId = "3c4734c8"; }; diff --git a/isla/networking/hostname.nix b/isla/networking/hostname.nix index 99feb11..ef6faab 100644 --- a/isla/networking/hostname.nix +++ b/isla/networking/hostname.nix @@ -1,5 +1,5 @@ -_: { +{...}: { networking = { - hostName = "isla"; + hostName = "s0melapt0p-nix"; }; } diff --git a/isla/networking/hosts.nix b/isla/networking/hosts.nix new file mode 100644 index 0000000..10e63c8 --- /dev/null +++ b/isla/networking/hosts.nix @@ -0,0 +1,64 @@ +{...}: { + networking = { + hosts = { + # EVA00 + "100.109.169.141" = [ + "eva00-nix.netbird.cloud" + "eva00-nix" + ]; + + "90.156.226.152" = [ + "eva00-nix.lan" + "eva00-nix" + ]; + + "200:deb2:ed25:a9e5:e30:4900:f88f:cb87" = [ + "eva00-nix.ygg" + "eva00-nix" + ]; + + # EVA01 + "100.109.107.176" = [ + "eva01-nix.netbird.cloud" + "eva01-nix" + ]; + + "37.114.50.235" = [ + "eva01-nix.lan" + "eva01-nix" + ]; + + "200:6ef:a61f:2f01:71d4:196:ab70:2103" = [ + "eva01-nix.ygg" + "eva01-nix" + ]; + + # EVA02 + "100.109.178.135" = [ + "eva02-nix.netbird.cloud" + "eva02-nix" + ]; + + "51.195.222.85" = [ + "eva02-nix.lan" + "eva02-nix" + ]; + + "201:52d6:c753:c1fd:f8b6:5897:cc6a:e1be" = [ + "eva02-nix.ygg" + "eva02-nix" + ]; + + # nerv-nix + "100.109.7.114" = [ + "nerv-nix.netbird.cloud" + "nerv-nix" + ]; + + "200:7abc:53c9:be8a:9941:96d:221b:cc76" = [ + "nerv-nix.ygg" + "nerv-nix" + ]; + }; + }; +} diff --git a/isla/networking/nameservers.nix b/isla/networking/nameservers.nix index 31726b9..a4d22c1 100644 --- a/isla/networking/nameservers.nix +++ b/isla/networking/nameservers.nix @@ -1,4 +1,4 @@ -_: { +{...}: { networking = { nameservers = [ # cf dns diff --git a/isla/networking/networkmanager.nix b/isla/networking/networkmanager.nix index cce7f65..278a693 100644 --- a/isla/networking/networkmanager.nix +++ b/isla/networking/networkmanager.nix @@ -1,4 +1,4 @@ -_: { +{...}: { networking = { networkmanager = { enable = true; diff --git a/isla/networking/timeServers.nix b/isla/networking/timeServers.nix index 9289ea6..88e14c4 100644 --- a/isla/networking/timeServers.nix +++ b/isla/networking/timeServers.nix @@ -1,4 +1,4 @@ -_: { +{...}: { networking = { timeServers = [ "0.nixos.pool.ntp.org" diff --git a/isla/networking/wireguard.nix b/isla/networking/wireguard.nix index bd2336c..2ee5c02 100644 --- a/isla/networking/wireguard.nix +++ b/isla/networking/wireguard.nix @@ -1,4 +1,4 @@ -_: { +{...}: { networking = { wireguard = { enable = true; diff --git a/isla/nix/settings/allowed-users.nix b/isla/nix/settings/allowed-users.nix index 0239519..d483d0c 100644 --- a/isla/nix/settings/allowed-users.nix +++ b/isla/nix/settings/allowed-users.nix @@ -1,4 +1,4 @@ -_: { +{...}: { nix = { settings = { sandbox = true; diff --git a/isla/nix/settings/auto-optimise-store.nix b/isla/nix/settings/auto-optimise-store.nix index cb7a22a..14f13c5 100644 --- a/isla/nix/settings/auto-optimise-store.nix +++ b/isla/nix/settings/auto-optimise-store.nix @@ -1,4 +1,4 @@ -_: { +{...}: { nix = { settings = { auto-optimise-store = true; diff --git a/isla/nix/settings/experimental-features.nix b/isla/nix/settings/experimental-features.nix index 9c45bc4..7ce7e89 100644 --- a/isla/nix/settings/experimental-features.nix +++ b/isla/nix/settings/experimental-features.nix @@ -1,4 +1,4 @@ -_: { +{...}: { nix = { settings = { experimental-features = [ diff --git a/isla/nix/settings/substituters.nix b/isla/nix/settings/substituters.nix index da0035f..762ec5c 100644 --- a/isla/nix/settings/substituters.nix +++ b/isla/nix/settings/substituters.nix @@ -1,4 +1,4 @@ -_: { +{...}: { nix = { settings = { substituters = [ @@ -9,10 +9,10 @@ _: { # cachix "https://nix-community.cachix.org/" "https://chaotic-nyx.cachix.org/" + "https://ags.cachix.org" "https://hyprland.cachix.org" "https://chaotic-nyx.cachix.org/" - # nix-community - "https://hydra.nix-community.org/" + "https://colmena.cachix.org" ]; }; }; diff --git a/isla/nix/settings/trusted-public-keys.nix b/isla/nix/settings/trusted-public-keys.nix index 4a128cb..e8710cb 100644 --- a/isla/nix/settings/trusted-public-keys.nix +++ b/isla/nix/settings/trusted-public-keys.nix @@ -1,4 +1,4 @@ -_: { +{...}: { nix = { settings = { trusted-public-keys = [ diff --git a/isla/nix/settings/trusted-users.nix b/isla/nix/settings/trusted-users.nix index 4eee825..e4a9dae 100644 --- a/isla/nix/settings/trusted-users.nix +++ b/isla/nix/settings/trusted-users.nix @@ -1,4 +1,4 @@ -_: { +{...}: { nix = { settings = { trusted-users = [ diff --git a/isla/nixpkgs/config.nix b/isla/nixpkgs/config.nix index b93e4ef..27b79b0 100644 --- a/isla/nixpkgs/config.nix +++ b/isla/nixpkgs/config.nix @@ -1,4 +1,4 @@ -_: { +{...}: { nixpkgs = { config = { allowUnfree = true; diff --git a/isla/nixpkgs/overlays.nix b/isla/nixpkgs/overlays.nix index 8db0844..2881eba 100644 --- a/isla/nixpkgs/overlays.nix +++ b/isla/nixpkgs/overlays.nix @@ -1,4 +1,4 @@ -_: { +{...}: { nixpkgs = { overlays = [ ]; diff --git a/isla/nixpkgs/system.nix b/isla/nixpkgs/system.nix index 3cbe59a..63fda3b 100644 --- a/isla/nixpkgs/system.nix +++ b/isla/nixpkgs/system.nix @@ -1,4 +1,4 @@ -_: { +{...}: { nixpkgs = { system = "x86_64-linux"; hostPlatform = "x86_64-linux"; diff --git a/isla/programs/gamemode.nix b/isla/programs/gamemode.nix index c8f046e..5fd437b 100644 --- a/isla/programs/gamemode.nix +++ b/isla/programs/gamemode.nix @@ -1,4 +1,4 @@ -_: { +{...}: { programs = { gamemode = { enable = true; diff --git a/isla/programs/nh.nix b/isla/programs/nh.nix index 6d9937d..f43fb06 100644 --- a/isla/programs/nh.nix +++ b/isla/programs/nh.nix @@ -1,4 +1,4 @@ -_: { +{...}: { programs = { nh = { enable = true; diff --git a/isla/programs/ssh.nix b/isla/programs/ssh.nix index 5028eaf..b7b9d20 100644 --- a/isla/programs/ssh.nix +++ b/isla/programs/ssh.nix @@ -1,4 +1,4 @@ -_: { +{...}: { programs = { ssh = { startAgent = true; diff --git a/isla/programs/yubikey-touch-detector.nix b/isla/programs/yubikey-touch-detector.nix index 92fe31f..c9815c5 100644 --- a/isla/programs/yubikey-touch-detector.nix +++ b/isla/programs/yubikey-touch-detector.nix @@ -1,4 +1,4 @@ -_: { +{...}: { programs = { yubikey-touch-detector = { enable = true; diff --git a/isla/security/pam/services.nix b/isla/security/pam/services.nix index f4d42e5..565ef37 100644 --- a/isla/security/pam/services.nix +++ b/isla/security/pam/services.nix @@ -1,4 +1,4 @@ -_: { +{...}: { security = { pam = { services = { diff --git a/isla/security/polkit.nix b/isla/security/polkit.nix index 77e04d1..7604e82 100644 --- a/isla/security/polkit.nix +++ b/isla/security/polkit.nix @@ -1,4 +1,4 @@ -_: { +{...}: { security = { polkit = { enable = true; diff --git a/isla/security/rtkit.nix b/isla/security/rtkit.nix index dd40f89..d3604df 100644 --- a/isla/security/rtkit.nix +++ b/isla/security/rtkit.nix @@ -1,4 +1,4 @@ -_: { +{...}: { security = { rtkit = { enable = true; diff --git a/isla/security/sudo-rs.nix b/isla/security/sudo-rs.nix index 4f270c9..772460d 100644 --- a/isla/security/sudo-rs.nix +++ b/isla/security/sudo-rs.nix @@ -1,4 +1,4 @@ -_: { +{...}: { security = { sudo-rs = { enable = true; diff --git a/isla/services/fprintd.nix b/isla/services/fprintd.nix index 172b999..47c72bc 100644 --- a/isla/services/fprintd.nix +++ b/isla/services/fprintd.nix @@ -1,4 +1,4 @@ -_: { +{...}: { services = { fprintd = { enable = true; diff --git a/isla/services/libinput.nix b/isla/services/libinput.nix index 4eac635..111040e 100644 --- a/isla/services/libinput.nix +++ b/isla/services/libinput.nix @@ -1,4 +1,4 @@ -_: { +{...}: { services = { libinput = { enable = true; diff --git a/isla/services/netbird.nix b/isla/services/netbird.nix index f375f14..071330a 100644 --- a/isla/services/netbird.nix +++ b/isla/services/netbird.nix @@ -1,4 +1,4 @@ -_: { +{...}: { services = { netbird = { enable = true; diff --git a/isla/services/pipewire.nix b/isla/services/pipewire.nix index 37c7c5f..c4bad1e 100644 --- a/isla/services/pipewire.nix +++ b/isla/services/pipewire.nix @@ -1,4 +1,4 @@ -_: { +{...}: { services = { pipewire = { enable = true; diff --git a/isla/services/thinkfan.nix b/isla/services/thinkfan.nix index c53ddef..78a42e4 100644 --- a/isla/services/thinkfan.nix +++ b/isla/services/thinkfan.nix @@ -1,4 +1,4 @@ -_: { +{...}: { services = { thinkfan = { enable = true; diff --git a/isla/services/yggdrasil.nix b/isla/services/yggdrasil.nix new file mode 100644 index 0000000..faf7afb --- /dev/null +++ b/isla/services/yggdrasil.nix @@ -0,0 +1,46 @@ +{config, ...}: { + services = { + yggdrasil = { + enable = true; + persistentKeys = false; + settings = { + PrivateKey = config.sops.secrets.yggKeyLT.path; + + Peers = [ + # only 1W+ peers (some exeptions are possible) + + # Russia + "tls://yggno.de:18227" + "tcp://yggno.de:18226" + + "tcp://kzn1.neonxp.ru:7991" + "tls://kzn1.neonxp.ru:7992" + "ws://kzn1.neonxp.ru:7993" + "quic://kzn1.neonxp.ru:7994" + ]; + + Listen = [ + # + ]; + + MulticastInterfaces = [ + { + Regex = ".*"; + Beacon = true; + Listen = false; + Password = ""; + } + ]; + + AllowedPublicKeys = [ + # + ]; + + IfName = "auto"; + + IfMTU = 65535; + NodeInfoPrivacy = false; + }; + }; + }; +} diff --git a/isla/services/zapret.nix b/isla/services/zapret.nix new file mode 100644 index 0000000..ad671e1 --- /dev/null +++ b/isla/services/zapret.nix @@ -0,0 +1,145 @@ +{...}: { + services = { + zapret = { + enable = true; + configureFirewall = true; + qnum = 350; + params = [ + "--wssize 1:6" + + "--filter-tcp=80" + "--dpi-desync=multisplit" + "--dpi-desync-split-pos=10" + "--dpi-desync-repeats=6" + "--new" + + "--filter-tcp=443" + "--dpi-desync=multidisorder" + "--dpi-desync-split-pos=1,midsld" + "--new" + + "--filter-tcp=443" + "--dpi-desync=syndata" + "--dpi-desync-fake-syndata=0x00000000" + "--dpi-desync-ttl=10" + "--new" + + "--filter-udp=443" + "--dpi-desync=fake" + "--dpi-desync-repeats=6" + "--dpi-desync-fake-quic=0x00000000" + "--new" + + "--filter-udp=443" + "--dpi-desync=fake,udplen" + "--dpi-desync-udplen-increment=5" + "--dpi-desync-fake-tls=0x00000000" + "--dpi-desync-cutoff=n3" + "--dpi-desync-repeats=2" + "--new" + + "--filter-tcp=443" + "--dpi-desync=split" + "--dpi-desync-fooling=md5sig,badseq" + "--dpi-desync-fake-tls=0x00000000" + "--dpi-desync-split-pos=1" + "--dpi-desync-repeats=10" + "--new" + + "--filter-tcp=443" + "--dpi-desync=fake,split2" + "--dpi-desync-fooling=md5sig" + "--dpi-desync-fake-tls=0x00000000" + "--dpi-desync-split-seqovl=2" + "--dpi-desync-split-pos=2" + + "--dpi-desync-autottl" + "--new" + "--filter-tcp=443" + "--dpi-desync=fake,split2" + "--dpi-desync-fooling=md5sig" + "--dpi-desync-fake-tls=0x00000000" + "--dpi-desync-split-seqovl=2" + "--dpi-desync-split-pos=2" + "--dpi-desync-autottl" + "--new" + + "--filter-tcp=80" + "--dpi-desync=fake,split2" + "--dpi-desync-fooling=md5sig" + "--dpi-desync-fake-tls=0x00000000" + "--dpi-desync-autottl" + "--new" + + "--filter-tcp=80" + "--dpi-desync-ttl=1" + "--dpi-desync-autottl=2" + "--dpi-desync-fake-tls=0x00000000" + "--dpi-desync-split-pos=1" + "--dpi-desync=fake,split2" + "--dpi-desync-repeats=6" + "--dpi-desync-fooling=md5sig" + "--new" + ]; + + whitelist = [ + "googlevideo.com" + "youtu.be" + "youtube.com" + "youtubei.googleapis.com" + "googlevideo.com" + "youtu.be" + "youtube.com" + "youtubei.googleapis.com" + "youtubeembeddedplayer.googleapis.com" + "ytimg.l.google.com" + "ytimg.com" + "jnn-pa.googleapis.com" + "youtube-nocookie.com" + "youtube-ui.l.google.com" + "yt-video-upload.l.google.com" + "wide-youtube.l.google.com" + "youtubekids.com" + "ggpht.com" + "music.youtube.com" + "test.googlevideo.com" + "discord.com" + "gateway.discord.gg" + "cdn.discordapp.com" + "discordapp.net" + "discordapp.com" + "discord.gg" + "media.discordapp.net" + "images-ext-1.discordapp.net" + "discord.app" + "discord.media" + "discordcdn.com" + "discord.dev" + "discord.new" + "discord.gift" + "discordstatus.com" + "dis.gd" + "discord.co" + "discord-attachments-uploads-prd.storage.googleapis.com" + "7tv.app" + "7tv.io" + "10tv.app" + "x.com" + "t.co" + "ads-twitter.com" + "twimg.com" + "twitter.com" + "pscp.tv" + "twtrdns.net" + "twttr.com" + "periscope.tv" + "tweetdeck.com" + "twitpic.com" + "twitter.co" + "twitterinc.com" + "twitteroauth.com" + "twitterstat.us" + ]; + }; + }; +} diff --git a/isla/services/zerotier.nix b/isla/services/zerotier.nix new file mode 100644 index 0000000..f58210f --- /dev/null +++ b/isla/services/zerotier.nix @@ -0,0 +1,10 @@ +{...}: { + services = { + zerotierone = { + enable = true; + joinNetworks = [ + # nope + ]; + }; + }; +} diff --git a/isla/systemd/oomd.nix b/isla/systemd/oomd.nix index bb9a200..cbd28f2 100644 --- a/isla/systemd/oomd.nix +++ b/isla/systemd/oomd.nix @@ -1,4 +1,4 @@ -_: { +{...}: { systemd = { oomd = { enable = true; diff --git a/isla/time/timeZone.nix b/isla/time/timeZone.nix index 0bd1f2a..57bca35 100644 --- a/isla/time/timeZone.nix +++ b/isla/time/timeZone.nix @@ -1,5 +1,6 @@ -_: { +{...}: { time = { timeZone = "Europe/Moscow"; + hardwareClockInLocalTime = true; }; } diff --git a/isla/users/mutableUsers.nix b/isla/users/mutableUsers.nix index 9bb56d0..54415f1 100644 --- a/isla/users/mutableUsers.nix +++ b/isla/users/mutableUsers.nix @@ -1,4 +1,4 @@ -_: { +{...}: { users = { mutableUsers = false; }; diff --git a/isla/users/users/hand7s.nix b/isla/users/users/hand7s.nix index e31caf3..8c0df47 100644 --- a/isla/users/users/hand7s.nix +++ b/isla/users/users/hand7s.nix @@ -1,22 +1,16 @@ -{lib, ...}: { +{...}: { users = { users = { - "hand7s" = { + hand7s = { description = "me"; isSystemUser = false; isNormalUser = true; - initialHashedPassword = lib.hashString "sha512" "hand7s"; + initialHashedPassword = "$6$ckgRhNWmJgSwOUpJ$kfeAdokd5fa76HWbTmWN2YXx4M/PQVOTJku1ODbqbBhEkUFiLftdaJFRnNXfIM3Jtz0ShoRMSVCB7mDkxDrdi/"; extraGroups = [ "wheel" + "networkmanager" + "docker" ]; - - openssh = { - authorizedKeys = { - keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDp2IIdR5jV1HyG4aiRX7SfTNrXDhCx5rTiFU40qkOKq litvinovb0@gmail.com" - ]; - }; - }; }; }; }; diff --git a/isla/users/users/root.nix b/isla/users/users/root.nix index f85caae..595a6f6 100644 --- a/isla/users/users/root.nix +++ b/isla/users/users/root.nix @@ -1,8 +1,8 @@ -_: { +{...}: { users = { users = { - "root" = { - initialHashedPassword = lib.hashString "sha512" "root"; + root = { + initialHashedPassword = "$6$n4OLMvYHHStHvtmr$6OL0NV1dEM2b6oJRewkhuoFxM80lI67tfbJ6QkCg8WAA1gbeKrcwDAuJjm8zvpY4zcDR3Z5Zbo8uebfOi6XXF0"; }; }; }; diff --git a/isla/virtualisation/docker.nix b/isla/virtualisation/docker.nix new file mode 100644 index 0000000..1edae88 --- /dev/null +++ b/isla/virtualisation/docker.nix @@ -0,0 +1,10 @@ +{...}: { + virtualisation = { + docker = { + enable = true; + rootless = { + enable = true; + }; + }; + }; +} diff --git a/isla/xdg/icons.nix b/isla/xdg/icons.nix index 7c75adf..53ccd0b 100644 --- a/isla/xdg/icons.nix +++ b/isla/xdg/icons.nix @@ -1,4 +1,4 @@ -_: { +{...}: { xdg = { icons = { enable = true; diff --git a/isla/xdg/mime.nix b/isla/xdg/mime.nix index 9197f59..4b6af20 100644 --- a/isla/xdg/mime.nix +++ b/isla/xdg/mime.nix @@ -1,4 +1,4 @@ -_: { +{...}: { xdg = { mime = { enable = true; diff --git a/isla/xdg/portal.nix b/isla/xdg/portal.nix index 7744d29..80146ce 100644 --- a/isla/xdg/portal.nix +++ b/isla/xdg/portal.nix @@ -20,10 +20,8 @@ }; extraPortals = with pkgs; [ - xdg-desktop-portal xdg-desktop-portal-gtk xdg-desktop-portal-wlr - xdg-desktop-portal-termfilechooser ]; }; }; diff --git a/kyra/default.nix b/kyra/default.nix new file mode 100644 index 0000000..7624558 --- /dev/null +++ b/kyra/default.nix @@ -0,0 +1,57 @@ +{self, ...}: { + imports = [ + "${self}/kyra/disko/disk.nix" + "${self}/kyra/disko/lvm_vg.nix" + + "${self}/kyra/boot/initrd/availableKernelModules.nix" + "${self}/kyra/boot/initrd/kernelModules.nix" + "${self}/kyra/boot/loader/grub.nix" + "${self}/kyra/boot/kernel.nix" + "${self}/kyra/boot/tmp.nix" + + "${self}/kyra/environment/systemPackages.nix" + + "${self}/kyra/hardware/zram.nix" + + "${self}/kyra/home-manager/users.nix" + + "${self}/kyra/networking/interfaces/ens3.nix" + "${self}/kyra/networking/firewall/ens3.nix" + "${self}/kyra/networking/firewall.nix" + "${self}/kyra/networking/dns.nix" + "${self}/kyra/networking/wireguard.nix" + "${self}/kyra/networking/defaultGateway.nix" + + "${self}/kyra/nix/settings/allowed-users.nix" + "${self}/kyra/nix/settings/experimental-features.nix" + "${self}/kyra/nix/settings/substituters.nix" + "${self}/kyra/nix/settings/trusted-public-keys.nix" + "${self}/kyra/nix/settings/trusted-users.nix" + "${self}/kyra/nix/settings/auto-optimise-store.nix" + + "${self}/kyra/nixpkgs/config.nix" + "${self}/kyra/nixpkgs/platform.nix" + + "${self}/kyra/programs/nh.nix" + + "${self}/kyra/services/openssh.nix" + "${self}/kyra/services/fail2ban.nix" + "${self}/kyra/services/netbird.nix" + "${self}/kyra/services/qemuGuest.nix" + "${self}/kyra/services/caddy.nix" + "${self}/kyra/services/sing-box.nix" + + "${self}/kyra/sops/age.nix" + "${self}/kyra/sops/defaults.nix" + "${self}/kyra/sops/secrets.nix" + + "${self}/kyra/system/stateVersion.nix" + + "${self}/kyra/users/users.nix" + "${self}/kyra/users/users/alep0u.nix" + "${self}/kyra/users/users/hand7s.nix" + "${self}/kyra/users/users/root.nix" + + "${self}/kyra/virtualisation/docker.nix" + ]; +} diff --git a/kyra/disko/disk.nix b/kyra/disko/disk.nix index 231e00e..c0c6cc7 100644 --- a/kyra/disko/disk.nix +++ b/kyra/disko/disk.nix @@ -1,14 +1,9 @@ -{name, ...}: { +{ disko = { devices = { disk = { - "virt_main" = { - device = - { - "yara" = "/dev/vda"; - }.${ - name - } or "/dev/sda"; + virt_main = { + device = "/dev/sda"; type = "disk"; content = { type = "gpt"; diff --git a/kyra/home-manager/users.nix b/kyra/home-manager/users.nix index 0a5f3e3..6590188 100644 --- a/kyra/home-manager/users.nix +++ b/kyra/home-manager/users.nix @@ -4,10 +4,12 @@ "hand7s" = { imports = [ "${self}/hand7s/" + self.inputs.agenix.homeManagerModules.default self.inputs.spicetify-nix.homeManagerModules.default self.inputs.hyprland.homeManagerModules.default self.inputs.chaotic.homeManagerModules.default self.inputs.sops-nix.homeManagerModules.sops + self.inputs.nix-index-database.homeModules.nix-index self.inputs.noctalia.homeModules.default ]; diff --git a/kyra/networking/defaultGateway.nix b/kyra/networking/defaultGateway.nix new file mode 100644 index 0000000..dd70ea4 --- /dev/null +++ b/kyra/networking/defaultGateway.nix @@ -0,0 +1,17 @@ +{ + lib, + config, + ... +}: { + networking = { + defaultGateway = lib.mkIf (config.networking.hostName == "mel") { + address = "45.11.229.1"; + interface = "ens3"; + }; + + defaultGateway6 = lib.mkIf (config.networking.hostName == "mel") { + address = "2a0e:97c0:3e3:2Oa::1"; + interface = "ens3"; + }; + }; +} diff --git a/kyra/networking/firewall.nix b/kyra/networking/firewall.nix index e7dcb71..a9a2c40 100644 --- a/kyra/networking/firewall.nix +++ b/kyra/networking/firewall.nix @@ -1,8 +1,11 @@ _: { networking = { firewall = { - enable = false; + enable = true; + allowPing = true; + checkReversePath = false; }; + useNetworkd = true; }; } diff --git a/kyra/networking/firewall/ens3.nix b/kyra/networking/firewall/ens3.nix new file mode 100644 index 0000000..7df7284 --- /dev/null +++ b/kyra/networking/firewall/ens3.nix @@ -0,0 +1,57 @@ +{ + config, + lib, + ... +}: { + networking = { + firewall = { + interfaces = { + ens3 = { + allowedUDPPorts = + [ + 53580 + 53590 + ] + ++ lib.optionals (config.networking.hostName == "hazel") [ + 443 + + 25565 + + 24 + 25 + 110 + 143 + 465 + 587 + 993 + 995 + 4190 + 53570 + ]; + + allowedTCPPorts = + [ + 53580 + 53590 + ] + ++ lib.optionals (config.networking.hostName == "hazel") [ + 443 + + 25565 + + 24 + 25 + 110 + 143 + 465 + 587 + 993 + 995 + 4190 + 53570 + ]; + }; + }; + }; + }; +} diff --git a/kyra/networking/hostname.nix b/kyra/networking/hostname.nix index bbd139a..7371866 100644 --- a/kyra/networking/hostname.nix +++ b/kyra/networking/hostname.nix @@ -1,5 +1,5 @@ -{name, ...}: { +_: { networking = { - hostName = name; + hostName = "kyra"; }; } diff --git a/kyra/networking/interfaces/ens3.nix b/kyra/networking/interfaces/ens3.nix new file mode 100644 index 0000000..3820e1f --- /dev/null +++ b/kyra/networking/interfaces/ens3.nix @@ -0,0 +1,36 @@ +{ + config, + lib, + ... +}: { + networking = { + interfaces = { + ens3 = { + ipv4 = { + addresses = lib.optionals (config.networking.hostName == "mel") [ + { + address = "45.11.229.254"; + prefixLength = 24; + } + ]; + }; + + ipv6 = { + addresses = + lib.optionals (config.networking.hostName == "hazel") [ + { + address = "2a03:6f01:1:2::cb1e"; + prefixLength = 64; + } + ] + ++ lib.optionals (config.networking.hostName == "mel") [ + { + address = "2a0e:97c0:3e3:2Oa::1"; + prefixLength = 64; + } + ]; + }; + }; + }; + }; +} diff --git a/kyra/networking/nftables.nix b/kyra/networking/nftables.nix deleted file mode 100644 index 71bfec3..0000000 --- a/kyra/networking/nftables.nix +++ /dev/null @@ -1,7 +0,0 @@ -_: { - networking = { - nftables = { - enable = true; - }; - }; -} diff --git a/kyra/security/acme.nix b/kyra/security/acme.nix deleted file mode 100644 index 00eb68d..0000000 --- a/kyra/security/acme.nix +++ /dev/null @@ -1,18 +0,0 @@ -{config, ...}: { - security = { - acme = { - acceptTerms = true; - defaults = { - email = "litvinovb0@gmail.com"; - }; - - certs = { - "hand7s.org" = { - dnsProvider = "cloudflare"; - credentialsFile = config.sops.templates."acme.env".path; - group = "sing-box"; - }; - }; - }; - }; -} diff --git a/kyra/services/alloy.nix b/kyra/services/alloy.nix deleted file mode 100644 index d863d04..0000000 --- a/kyra/services/alloy.nix +++ /dev/null @@ -1,99 +0,0 @@ -{ - config, - pkgs, - ... -}: { - services = { - alloy = { - enable = true; - - configPath = pkgs.writeText "alloy-config.alloy" '' - loki.source.journal "system" { - max_age = "24h" - forward_to = [loki.process.production.receiver] - - labels = { - host = "${config.networking.hostName}", - job = "journalctl", - } - } - - loki.process "production" { - forward_to = [loki.write.viola.receiver] - - stage.labels { - values = { - unit = "__journal_systemd_unit__", - } - } - - stage.label_keep { - values = ["unit"] - } - - stage.match { - selector = `{unit=~"(traefik|sing-box|crowdsec|alloy|netbird).*\\.service"}` - action = "drop" - } - } - - prometheus.exporter.unix "node" { - enable_collectors = [ - "cpu", "diskstats", "filesystem", - "loadavg", "meminfo", "netdev", - "time", "uname", - ] - } - - prometheus.scrape "node" { - targets = prometheus.exporter.unix.node.targets - forward_to = [prometheus.remote_write.viola.receiver] - scrape_interval = "30s" - job_name = "node" - } - - prometheus.scrape "alloy" { - targets = [{"__address__" = "127.0.0.1:12345"}] - - forward_to = [prometheus.remote_write.viola.receiver] - job_name = "alloy" - } - - loki.write "viola" { - endpoint { - url = "http://100.109.123.164:3100/loki/api/v1/push" - } - } - - prometheus.remote_write "viola" { - endpoint { - url = "http://100.109.123.164:9009/api/v1/push" - } - } - - otelcol.receiver.otlp "default" { - grpc { - endpoint = "0.0.0.0:4317" - } - - http { - endpoint = "0.0.0.0:4318" - } - - output { - traces = [otelcol.exporter.otlp.tempo.input] - } - } - - otelcol.exporter.otlp "tempo" { - client { - endpoint = "http://100.109.123.164:4317" - tls { - insecure = true - } - } - } - ''; - }; - }; -} diff --git a/kyra/services/caddy.nix b/kyra/services/caddy.nix new file mode 100644 index 0000000..fe3ad02 --- /dev/null +++ b/kyra/services/caddy.nix @@ -0,0 +1,60 @@ +{ + config, + pkgs, + lib, + ... +}: { + services = { + caddy = { + enable = + lib.mkIf ( + config.networking.hostName == "hazel" + ) + true; + + package = pkgs.caddy.withPlugins { + plugins = [ + "github.com/mholt/caddy-l4@v0.0.0-20250902102621-4a517a98d7fa" + "github.com/caddy-dns/cloudflare@v0.2.1" + ]; + hash = "sha256-1/jRWotKCvx7QncjVSVGYXb2gAmIiokC/ZbCUelG5Rc="; + }; + + globalConfig = '' + debug + email me@hand7s.org + + acme_ca https://acme-v02.api.letsencrypt.org/directory + + ''; + + # acme_ca https://api.zerossl.com/directory + + virtualHosts = { + "hand7s.org" = { + extraConfig = '' + respond "hi! :D WIP btw" + ''; + }; + + "git.hand7s.org" = { + extraConfig = '' + reverse_proxy ${homeIP}:53350 + ''; + }; + + "bin.hand7s.org" = { + extraConfig = '' + reverse_proxy ${homeIP}:80 + ''; + }; + + "zitadel.hand7s.org" = { + extraConfig = '' + reverse_proxy ${homeIP}:8443 + ''; + }; + }; + }; + }; +} diff --git a/kyra/services/firewalld.nix b/kyra/services/firewalld.nix deleted file mode 100644 index 8502323..0000000 --- a/kyra/services/firewalld.nix +++ /dev/null @@ -1,144 +0,0 @@ -{ - name, - lib, - ... -}: { - services = { - firewalld = { - enable = true; - - services = { - "stalwart" = { - short = "Stalwart-mail"; - ports = - lib.forEach [ - 25 - 110 - 143 - 465 - 993 - 995 - 4190 - ] ( - port: { - protocol = "tcp"; - inherit - port - ; - } - ); - }; - - "consul" = { - short = "Consul"; - ports = - lib.forEach [ - 8300 - 8301 - 8302 - 8500 - 8600 - ] ( - port: { - protocol = "tcp"; - inherit - port - ; - } - ) - ++ lib.forEach [ - 8301 - 8302 - 8600 - ] ( - port: { - protocol = "udp"; - inherit - port - ; - } - ); - }; - }; - - zones = { - "trusted" = { - services = [ - "consul" - ]; - }; - - "wan" = { - ports = [ - { - port = 2053; - protocol = "udp"; - } - - { - port = 8443; - protocol = "tcp"; - } - - { - port = 51820; - protocol = "udp"; - } - ]; - - icmpBlockInversion = true; - icmpBlocks = [ - "echo-request" - "destination-unreachable" - "parameter-problem" - "time-exceeded" - ]; - - interfaces = lib.concatLists [ - ( - lib.optionals ( - lib.elem name [ - "hazel" - "lynn" - "yara" - "ivy" - ] - ) [ - "ens3" - ] - ) - - ( - lib.optionals ( - name == "mel" - ) [ - "eth0" - ] - ) - ]; - - services = lib.concatLists [ - [ - "ssh" - "http" - "https" - ] - - ( - lib.optionals ( - lib.elem name [ - "hazel" - "lynn" - "mel" - ] - ) [ - "minecraft" - "stalwart" - ] - ) - ]; - }; - }; - }; - }; -} diff --git a/kyra/services/netbird.nix b/kyra/services/netbird.nix index 3f2a353..071330a 100644 --- a/kyra/services/netbird.nix +++ b/kyra/services/netbird.nix @@ -1,17 +1,7 @@ -{config, ...}: { +{...}: { services = { netbird = { enable = true; - - clients = { - "wt0" = { - port = 51820; - login = { - enable = true; - setupKeyFile = config.sops.secrets."nbKey".path; - }; - }; - }; }; }; } diff --git a/kyra/services/openssh.nix b/kyra/services/openssh.nix index fdc6e7b..6d54477 100644 --- a/kyra/services/openssh.nix +++ b/kyra/services/openssh.nix @@ -2,12 +2,8 @@ _: { services = { openssh = { enable = true; - - hostKeys = [ - { - path = "/etc/ssh/ssh_host_ed25519_key"; - type = "ed25519"; - } + ports = [ + 58693 ]; settings = { diff --git a/kyra/services/resolved.nix b/kyra/services/resolved.nix deleted file mode 100644 index ad91e2a..0000000 --- a/kyra/services/resolved.nix +++ /dev/null @@ -1,39 +0,0 @@ -_: { - services = { - resolved = { - enable = true; - dnsovertls = toString true; - dnssec = toString true; - llmnr = toString true; - domains = [ - "~." - ]; - - fallbackDns = [ - # cf dns - "1.1.1.1" - "1.0.0.1" - "2606:4700:4700::1111" - "2606:4700:4700::1001" - - # google dns - "8.8.8.8" - "8.8.4.4" - "2001:4860:4860::8888" - "2001:4860:4860::8844" - - # q9 dns - "9.9.9.9" - "149.112.112.112" - "2620:fe::fe" - "2620:fe::9" - - # open dns - "208.67.222.222" - "208.67.220.220" - "2620:119:35::35" - "2620:119:53::53" - ]; - }; - }; -} diff --git a/kyra/services/sing-box.nix b/kyra/services/sing-box.nix index d4b5656..f29526c 100644 --- a/kyra/services/sing-box.nix +++ b/kyra/services/sing-box.nix @@ -1,33 +1,26 @@ -{lib, ...}: { +{...}: { services = { sing-box = { enable = true; settings = { log = { - level = "error"; + level = "debug"; }; dns = { servers = [ { - tag = "cloudflare"; - type = "quic"; - server = "1.1.1.1"; - } - - { - tag = "local"; type = "local"; + tag = "local"; } ]; - final = "cloudflare"; - strategy = "prefer_ipv4"; + final = "local"; + strategy = "prefer_ipv6"; }; route = { final = "direct-out"; - default_domain_resolver = "cloudflare"; auto_detect_interface = true; }; @@ -39,69 +32,54 @@ ]; inbounds = [ - { - type = "hysteria2"; - tag = "hy2-in"; - listen = "::"; - listen_port = 2053; - masquerade = "https://hand7s.org"; - up_mbps = 100; - down_mbps = 100; - obfs = { - type = "salamander"; - password = lib.hashString "sha512" "randomstring"; # not a real string - }; - - users = [ - { - name = "hand7s"; - password = lib.hashString "sha512" "userstring"; # not a real string - } - ]; - - tls = { - enabled = true; - server_name = "hand7s.org"; - certificate_path = "/var/lib/acme/hand7s.org/cert.pem"; - key_path = "/var/lib/acme/hand7s.org/key.pem"; - }; - } - { type = "vless"; tag = "vless-inbound"; listen = "::"; - listen_port = 8443; - - sniff = true; + listen_port = 53570; users = [ { - name = "hand7s"; - uuid = lib.hashString "sha512" "uuidstring"; # not a real string + name = "hand7s_1"; + uuid = "${singboxUUID2}"; + flow = "xtls-rprx-vision"; + } + + { + name = "hand7s_2"; + uuid = "${singboxUUID2}"; flow = "xtls-rprx-vision"; } ]; - tls = { + tls = rec { enabled = true; - server_name = "hand7s.org"; + server_name = "vk.com"; reality = { enabled = true; max_time_difference = "5m"; handshake = { - server = "127.0.0.1"; + server = server_name; server_port = 443; }; - private_key = lib.hashString "sha512" "uuidstring"; # not a real string + private_key = "${singboxKey}"; short_id = [ - "shortie" + "${singboxId}" ]; }; }; + + transport = { + type = "httpupgrade"; + }; + + multiplex = { + enabled = true; + padding = false; + }; } ]; }; diff --git a/kyra/services/traefik.nix b/kyra/services/traefik.nix deleted file mode 100644 index fb60af9..0000000 --- a/kyra/services/traefik.nix +++ /dev/null @@ -1,459 +0,0 @@ -{config, ...}: { - services = { - traefik = { - enable = true; - - environmentFiles = [ - config.sops.templates."traefik.env".path - ]; - - dynamicConfigOptions = { - http = { - routers = { - "site" = { - rule = "Host(`hand7s.org`)"; - service = "site-svc"; - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = "*.hand7s.org"; - } - ]; - }; - - entryPoints = [ - "websecure" - ]; - }; - - "git" = { - rule = "Host(`git.hand7s.org`)"; - service = "git-svc"; - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = [ - "*.hand7s.org" - ]; - } - ]; - }; - - entryPoints = [ - "websecure" - ]; - }; - - "cicd" = { - rule = "Host(`woodpecker.hand7s.org`)"; - service = "cicd-svc"; - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = [ - "*.hand7s.org" - ]; - } - ]; - }; - - entryPoints = [ - "websecure" - ]; - }; - - "oidc" = { - rule = "Host(`zitadel.hand7s.org`)"; - service = "oidc-svc"; - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = [ - "*.hand7s.org" - ]; - } - ]; - }; - - entryPoints = [ - "websecure" - ]; - }; - - "bin" = { - rule = "Host(`bin.hand7s.org`)"; - service = "bin-svc"; - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = [ - "*.hand7s.org" - ]; - } - ]; - }; - - entryPoints = [ - "websecure" - ]; - }; - - "lgtm" = { - rule = "Host(`grafana.hand7s.org`)"; - service = "lgtm-svc"; - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = [ - "*.hand7s.org" - ]; - } - ]; - }; - - entryPoints = [ - "websecure" - ]; - }; - }; - - services = { - "site-svc" = { - loadBalancer = { - servers = [ - { - url = "http://100.109.123.164:8180"; - } - ]; - }; - }; - - "git-svc" = { - loadBalancer = { - servers = [ - { - url = "http://100.109.123.164:53350"; - } - ]; - }; - }; - - "oidc-svc" = { - loadBalancer = { - servers = [ - { - url = "http://100.109.123.164:8443"; - } - ]; - }; - }; - - "bin-svc" = { - loadBalancer = { - servers = [ - { - url = "http://100.109.123.164:53352"; - } - ]; - }; - }; - - "cicd-svc" = { - loadBalancer = { - servers = [ - { - url = "http://100.109.123.164:53351"; - } - ]; - }; - }; - - "lgtm-svc" = { - loadBalancer = { - servers = [ - { - url = "http://100.109.123.164:3030"; - } - ]; - }; - }; - }; - }; - - tcp = { - routers = { - "minecraft" = { - rule = "HostSNI(`*`)"; - service = "mc-svc"; - entryPoints = [ - "minecraft" - ]; - }; - - "smtp" = { - rule = "HostSNI(`*`)"; - service = "smtp-svc"; - entryPoints = [ - "smtp" - ]; - }; - - "pop3" = { - rule = "HostSNI(`*`)"; - service = "pop-svc"; - entryPoints = [ - "pop3" - ]; - }; - - "submissions" = { - rule = "HostSNI(`mail.hand7s.org`)"; - service = "submissions-svc"; - entryPoints = [ - "submissions" - ]; - }; - - "submission" = { - rule = "HostSNI(`*`)"; - service = "submission-svc"; - entryPoints = [ - "submission" - ]; - }; - - "imaptls" = { - rule = "HostSNI(`mail.hand7s.org`)"; - service = "imaptls-svc"; - entryPoints = [ - "imaptls" - ]; - }; - - "pop3s" = { - rule = "HostSNI(`mail.hand7s.org`)"; - service = "pop3s-svc"; - entryPoints = [ - "pop3s" - ]; - }; - - "managesieve" = { - rule = "HostSNI(`*`)"; - service = "managesieve-svc"; - entryPoints = [ - "managesieve" - ]; - }; - }; - }; - - services = { - "mc-svc" = { - loadBalancer = { - servers = [ - { - address = "100.109.123.164:25565"; - } - ]; - }; - }; - - "smtp-svc" = { - loadBalancer = { - servers = [ - { - address = "100.109.123.164:25"; - } - ]; - }; - }; - - "pop3-svc" = { - loadBalancer = { - servers = [ - { - address = "100.109.123.164:110"; - } - ]; - }; - }; - - "imap-svc" = { - loadBalancer = { - servers = [ - { - address = "100.109.123.164:143"; - } - ]; - }; - }; - - "submissions-svc" = { - loadBalancer = { - servers = [ - { - address = "100.109.123.164:465"; - } - ]; - }; - }; - - "submission-svc" = { - loadBalancer = { - servers = [ - { - address = "100.109.123.164:587"; - } - ]; - }; - }; - - "imaptls-svc" = { - loadBalancer = { - servers = [ - { - address = "100.109.123.164:993"; - } - ]; - }; - }; - - "pop3s-svc" = { - loadBalancer = { - servers = [ - { - address = "100.109.123.164:995"; - } - ]; - }; - }; - - "managesieve-svc" = { - loadBalancer = { - servers = [ - { - address = "100.109.123.164:4190"; - } - ]; - }; - }; - }; - }; - - staticConfigOptions = { - api = { - dashboard = true; - }; - - tracing = { - otlp = { - grpc = { - endpoint = "127.0.0.1:4317"; - insecure = true; - }; - }; - }; - - certificatesResolvers = { - "cloudflare" = { - acme = { - email = "litvinovb0@gmail.com"; - storage = "${config.services.traefik.dataDir}/acme.json"; - dnsChallenge = { - provider = "cloudflare"; - resolvers = [ - "1.1.1.1:53" - "8.8.8.8:53" - ]; - }; - }; - }; - }; - - log = { - level = "DEBUG"; - }; - - entryPoints = { - "web" = { - address = ":80"; - http = { - redirections = { - entryPoint = { - to = "websecure"; - scheme = "https"; - }; - }; - }; - }; - - "websecure" = { - address = ":443"; - http = { - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = [ - "*.hand7s.org" - ]; - } - ]; - }; - }; - }; - - "minecraft" = { - address = ":25565"; - }; - - "smtp" = { - address = ":25"; - }; - - "pop3" = { - address = ":110"; - }; - - "imap" = { - address = ":143"; - }; - - "submissions" = { - address = ":465"; - }; - - "submission" = { - address = ":587"; - }; - - "imaptls" = { - address = ":993"; - }; - - "pop3s" = { - address = ":995"; - }; - - "managesieve" = { - address = ":4190"; - }; - }; - }; - }; - }; -} diff --git a/kyra/systemd/networkd.nix b/kyra/systemd/networkd.nix deleted file mode 100644 index 8982b55..0000000 --- a/kyra/systemd/networkd.nix +++ /dev/null @@ -1,120 +0,0 @@ -{ - name, - lib, - ... -}: { - systemd = { - network = { - enable = true; - networks = lib.mkMerge [ - ( - lib.mkIf ( - name == "mel" - ) - { - "10-eth0" = { - matchConfig.Name = "eth0"; - networkConfig = { - IPv6AcceptRA = false; - Address = [ - "45.11.229.245/24" - "2a0e:97c0:3e3:20a::1/64" - ]; - }; - - routes = [ - { - routeConfig = { - Gateway = "45.11.229.1"; - }; - } - - { - routeConfig = { - Gateway = "fe80::1"; - GatewayOnLink = true; - }; - } - ]; - }; - } - ) - - ( - lib.mkIf ( - name == "yara" - ) - { - "10-ens3" = { - matchConfig = { - Name = "ens3"; - }; - - networkConfig = { - IPv6AcceptRA = false; - Address = [ - "138.124.240.75/32" - "2a0d:d940:1a:1500::2/56" - ]; - }; - - routes = [ - { - routeConfig = { - Gateway = "10.0.0.1"; - GatewayOnLink = true; - }; - } - - { - routeConfig = { - Gateway = "2a0d:d940:1a:1500::1"; - GatewayOnLink = true; - }; - } - ]; - }; - } - ) - - ( - lib.mkIf ( - name == "hazel" - ) - { - "10-ens3" = { - matchConfig = { - Name = "ens3"; - }; - - networkConfig = { - Address = "90.156.226.152/24"; - Gateway = "90.156.226.1"; - IPv6AcceptRA = false; - }; - }; - } - ) - - ( - lib.mkIf ( - name == "lynn" - ) - { - "10-ens3" = { - matchConfig = { - Name = "ens3"; - }; - - networkConfig = { - Address = "138.124.72.244/24"; - Gateway = "138.124.72.1"; - IPv6AcceptRA = false; - }; - }; - } - ) - ]; - }; - }; -} diff --git a/kyra/users/users/alep0u.nix b/kyra/users/users/alep0u.nix index 78766ad..faf1630 100644 --- a/kyra/users/users/alep0u.nix +++ b/kyra/users/users/alep0u.nix @@ -4,6 +4,7 @@ _: { "alep0u" = { description = "alep0u"; isNormalUser = true; + password = "alep0u"; extraGroups = [ "wheel" "docker" diff --git a/kyra/users/users/hand7s.nix b/kyra/users/users/hand7s.nix index 11f593a..497573a 100644 --- a/kyra/users/users/hand7s.nix +++ b/kyra/users/users/hand7s.nix @@ -4,6 +4,7 @@ _: { "hand7s" = { description = "hands"; isNormalUser = true; + hashedPassword = "$y$j9T$eHfq328GBp7Ga8xsbOTV/0$kcihv7zWLqSkj2jKAhI1pdbTSwvaf2RY5Rokm69XTL/"; extraGroups = [ "wheel" "docker" diff --git a/kyra/virtualisation/docker.nix b/kyra/virtualisation/docker.nix new file mode 100644 index 0000000..59e76bf --- /dev/null +++ b/kyra/virtualisation/docker.nix @@ -0,0 +1,14 @@ +_: { + virtualisation = { + oci-containers = { + backend = "docker"; + }; + + docker = { + enable = true; + rootless = { + enable = true; + }; + }; + }; +} diff --git a/kyra/virtualisation/vmVariant.nix b/kyra/virtualisation/vmVariant.nix deleted file mode 100644 index c81ecc6..0000000 --- a/kyra/virtualisation/vmVariant.nix +++ /dev/null @@ -1,11 +0,0 @@ -_: { - virtualisation = { - vmVariant = { - virtualisation = { - cores = 2; - memorySize = 2048; - diskSize = 20480; - }; - }; - }; -} diff --git a/viola/boot/kernel.nix b/viola/boot/kernel.nix index ed7b745..275cc4c 100644 --- a/viola/boot/kernel.nix +++ b/viola/boot/kernel.nix @@ -9,14 +9,9 @@ "vm.dirty_writeback_centisecs" = 100; "vm.vfs_cache_pressure" = 50; "vm.max_map_count" = 1048576; - - "net.ipv6.conf.all.disable_ipv6" = 1; - "net.ipv6.conf.default.disable_ipv6" = 1; - "net.ipv6.conf.lo.disable_ipv6" = 1; }; }; - # kernelPackages = self.inputs.nix-cachyos-kernel.legacyPackages.x86_64-linux.linuxPackages-cachyos-server-lto; extraModulePackages = with config.boot.kernelPackages; [ rtl8821ce yt6801 @@ -39,8 +34,6 @@ "kernel.watchdog=0" "oops=panic" - - "ipv6.disable=1" ]; blacklistedKernelModules = [ @@ -78,6 +71,6 @@ btrfs = true; }; - consoleLogLevel = 7; + consoleLogLevel = 0; }; } diff --git a/viola/default.nix b/viola/default.nix index d5d0a08..535051b 100644 --- a/viola/default.nix +++ b/viola/default.nix @@ -23,6 +23,7 @@ "${self}/viola/i18n/locales.nix" + "${self}/viola/networking/dhcp.nix" "${self}/viola/networking/firewall.nix" "${self}/viola/networking/hostname.nix" "${self}/viola/networking/networkmanager.nix" @@ -63,26 +64,16 @@ "${self}/viola/services/forgejo.nix" "${self}/viola/services/postgresql.nix" "${self}/viola/services/vaultwarden.nix" + "${self}/viola/services/privatebin.nix" "${self}/viola/services/woodpecker.nix" "${self}/viola/services/stalwart.nix" "${self}/viola/services/homepage.nix" "${self}/viola/services/redis.nix" "${self}/viola/services/zitadel.nix" "${self}/viola/services/garage.nix" - "${self}/viola/services/traefik.nix" - "${self}/viola/services/resolved.nix" - "${self}/viola/services/alloy.nix" - "${self}/viola/services/grafana.nix" - "${self}/viola/services/loki.nix" - "${self}/viola/services/tempo.nix" - "${self}/viola/services/mimir.nix" - "${self}/viola/services/sws.nix" - "${self}/viola/services/alertmanager.nix" - "${self}/viola/sops/age.nix" "${self}/viola/sops/defaults.nix" "${self}/viola/sops/secrets.nix" - "${self}/viola/sops/templates.nix" "${self}/hand7s/stylix/base16Scheme.nix" "${self}/hand7s/stylix/cursor.nix" @@ -94,7 +85,6 @@ "${self}/viola/system/stateVersion.nix" "${self}/viola/systemd/oomd.nix" - "${self}/viola/systemd/tmpfiles/rules.nix" "${self}/viola/systemd/slices/system-slice.nix" "${self}/viola/systemd/slices/user-slice.nix" "${self}/viola/systemd/slices/root-slice.nix" diff --git a/viola/disko/disk.nix b/viola/disko/disk.nix index 78cb8cc..2eb4b2e 100644 --- a/viola/disko/disk.nix +++ b/viola/disko/disk.nix @@ -2,7 +2,7 @@ disko = { devices = { disk = { - "main" = { + main = { device = "/dev/disk/by-id/ata-EAGET_SSD_256GB_EAGET20250505V00003"; type = "disk"; content = { diff --git a/viola/environment/variables.nix b/viola/environment/variables.nix index 9fd91b8..2cd14c2 100644 --- a/viola/environment/variables.nix +++ b/viola/environment/variables.nix @@ -1,6 +1,7 @@ {config, ...}: { environment = { variables = { + AMD_VULKAN_ICD = "RADV"; HOSTNAME = config.networking.hostName; QT_QPA_PLATFORM = "wayland"; SDL_VIDEODRIVER = "wayland"; diff --git a/viola/home-manager/users.nix b/viola/home-manager/users.nix index 57bf966..9d92dc6 100644 --- a/viola/home-manager/users.nix +++ b/viola/home-manager/users.nix @@ -4,10 +4,12 @@ "hand7s" = { imports = [ "${self}/hand7s/" + self.inputs.agenix.homeManagerModules.default self.inputs.spicetify-nix.homeManagerModules.default self.inputs.hyprland.homeManagerModules.default self.inputs.chaotic.homeManagerModules.default self.inputs.sops-nix.homeManagerModules.sops + self.inputs.nix-index-database.homeModules.nix-index ]; }; diff --git a/viola/networking/dhcp.nix b/viola/networking/dhcp.nix new file mode 100644 index 0000000..0740ea3 --- /dev/null +++ b/viola/networking/dhcp.nix @@ -0,0 +1,10 @@ +{lib, ...}: { + networking = { + useDHCP = lib.mkDefault true; + dhcpcd = { + enable = true; + persistent = false; + wait = "any"; + }; + }; +} diff --git a/viola/networking/firewall.nix b/viola/networking/firewall.nix new file mode 100644 index 0000000..04c13fd --- /dev/null +++ b/viola/networking/firewall.nix @@ -0,0 +1,56 @@ +_: { + networking = { + firewall = { + allowPing = true; + enable = true; + checkReversePath = false; + allowedUDPPorts = [ + 80 + 8080 + 8443 + 8980 + 53350 + 53351 + 53353 + + # mc + 25565 + + # mail + 24 + 25 + 110 + 143 + 465 + 587 + 993 + 995 + 4190 + ]; + + allowedTCPPorts = [ + 80 + 8080 + 8443 + 8980 + 53350 + 53351 + 53353 + + # mc + 25565 + + # mail + 24 + 25 + 110 + 143 + 465 + 587 + 993 + 995 + 4190 + ]; + }; + }; +} diff --git a/viola/networking/hosts.nix b/viola/networking/hosts.nix new file mode 100644 index 0000000..e42e2b1 --- /dev/null +++ b/viola/networking/hosts.nix @@ -0,0 +1,7 @@ +_: { + networking = { + hosts = { + # nope + }; + }; +} diff --git a/viola/networking/interfaces.nix b/viola/networking/interfaces.nix new file mode 100644 index 0000000..03a3a3e --- /dev/null +++ b/viola/networking/interfaces.nix @@ -0,0 +1,31 @@ +_: { + networking = { + firewall = { + interfaces = { + wt0 = { + allowedUDPPorts = [ + 25 + 6969 + 8080 + 8443 + 8980 + 53350 + 53351 + 53352 + ]; + + allowedTCPPorts = [ + 25 + 6969 + 8080 + 8443 + 8980 + 53350 + 53351 + 53352 + ]; + }; + }; + }; + }; +} diff --git a/viola/services/alertmanager.nix b/viola/services/alertmanager.nix deleted file mode 100644 index 4026d99..0000000 --- a/viola/services/alertmanager.nix +++ /dev/null @@ -1,27 +0,0 @@ -_: { - services = { - prometheus = { - alertmanager = { - enable = true; - configuration = { - route = { - receiver = "null"; - group_by = [ - "alertname" - "job" - ]; - - group_wait = "30s"; - group_interval = "5m"; - repeat_interval = "12h"; - }; - receivers = [ - { - name = "null"; - } - ]; - }; - }; - }; - }; -} diff --git a/viola/services/alloy.nix b/viola/services/alloy.nix deleted file mode 100644 index f6b5c4d..0000000 --- a/viola/services/alloy.nix +++ /dev/null @@ -1,93 +0,0 @@ -{pkgs, ...}: { - services = { - alloy = { - enable = true; - configPath = pkgs.writeText "alloy-config.alloy" '' - loki.source.journal "system" { - forward_to = [loki.process.production.receiver] - relabel_rules = loki.relabel.journal.rules - labels = { - host = "viola", - job = "systemd", - } - } - - loki.relabel "journal" { - forward_to = [] - rule { - source_labels = ["__journal__systemd_unit"] - target_label = "unit" - } - } - - loki.write "local" { - endpoint { - url = "http://127.0.0.1:3100/loki/api/v1/push" - } - } - - loki.process "production" { - forward_to = [loki.write.local.receiver] - - stage.match { - selector = `{service_name=~"(alloy|forgejo|grafana|loki|microbin|mimir|stalwart|postgresql|redis|stalwart|static-web-server|tempo|traefik|vaultwarden|woodpecker|zitadel)\\.service"}` - action = "keep" - } - } - - prometheus.exporter.unix "node" { - enable_collectors = [ - "cpu", "diskstats", "filesystem", - "loadavg", "meminfo", "netdev", - "systemd", "time", "uname", - ] - } - - prometheus.scrape "node" { - targets = prometheus.exporter.unix.node.targets - forward_to = [prometheus.remote_write.mimir.receiver] - scrape_interval = "30s" - job_name = "node" - } - - prometheus.scrape "alloy" { - targets = [{"__address__" = "127.0.0.1:12345"}] - - forward_to = [prometheus.remote_write.mimir.receiver] - job_name = "alloy" - } - - prometheus.remote_write "mimir" { - endpoint { - url = "http://127.0.0.1:9009/api/v1/push" - } - } - - otelcol.receiver.otlp "default" { - grpc { - endpoint = "0.0.0.0:4317" - } - - http { - endpoint = "0.0.0.0:4318" - } - - output { - traces = [otelcol.exporter.otlp.tempo.input] - logs = [otelcol.exporter.loki.local.input] - } - } - - otelcol.exporter.otlp "tempo" { - client { - endpoint = "http://127.0.0.1:4317" - } - } - - otelcol.exporter.loki "local" { - forward_to = [loki.write.local.receiver] - } - ''; - }; - }; -} diff --git a/viola/services/firewalld.nix b/viola/services/firewalld.nix deleted file mode 100644 index e8eb510..0000000 --- a/viola/services/firewalld.nix +++ /dev/null @@ -1,19 +0,0 @@ -_: { - services = { - firewalld = { - enable = false; - - zones = { - "eno1" = { - interfaces = [ - "ens1" - ]; - - services = [ - "sunshine" - ]; - }; - }; - }; - }; -} diff --git a/viola/services/forgejo.nix b/viola/services/forgejo.nix index 075d0d3..84774ef 100644 --- a/viola/services/forgejo.nix +++ b/viola/services/forgejo.nix @@ -1,11 +1,11 @@ -_: { +{...}: { services = { forgejo = { enable = true; database = { type = "postgres"; - host = "localhost"; + port = "${dbport}"; }; settings = { @@ -19,9 +19,9 @@ _: { repository = { DEFAULT_PRIVATE = "last"; PREFERRED_LICENSES = "MIT"; - DISABLE_HTTP_GIT = false; + DISABLE_HTTP_GIT = true; USE_COMPAT_SSH_URI = true; - GO_GET_CLONE_URL_PROTOCOL = "http"; + GO_GET_CLONE_URL_PROTOCOL = "ssh"; DEFAULT_BRANCH = "master"; }; @@ -47,11 +47,6 @@ _: { MERGES = "always"; }; - opentelemetry = { - EXPORTER = "otlp"; - ENDPOINT = "http://127.0.0.1:4318"; - }; - badges = { ENABLED = false; }; @@ -95,13 +90,6 @@ _: { service = { DISABLE_REGISTRATION = true; - ALLOW_ONLY_EXTERNAL_REGISTRATION = true; - }; - - oauth2_client = { - ENABLE_AUTO_REGISTER = true; - ACCOUNT_LINKING = "auto"; - USERNAME = "preferred_username"; }; "service.explore" = { diff --git a/viola/services/garage.nix b/viola/services/garage.nix index aae0fd5..607f265 100644 --- a/viola/services/garage.nix +++ b/viola/services/garage.nix @@ -5,28 +5,7 @@ package = pkgs.garage; logLevel = "error"; settings = { - replication_factor = 1; - consistency_mode = "consistent"; - use_local_tz = true; - - rpc_bind_addr = "[::]:3901"; - rpc_public_addr = "127.0.0.1:3901"; - - "s3_api" = { - s3_region = "garage"; - api_bind_addr = "[::]:3900"; - root_domain = ".s3.garage.localhost"; - }; - - "s3_web" = { - bind_addr = "[::]:3902"; - root_domain = ".web.garage.localhost"; - index = "index.html"; - }; - - "k2v_api" = { - api_bind_addr = "[::]:3904"; - }; + # nope }; }; }; diff --git a/viola/services/grafana.nix b/viola/services/grafana.nix deleted file mode 100644 index 3b7d8c7..0000000 --- a/viola/services/grafana.nix +++ /dev/null @@ -1,137 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: { - services = { - grafana = { - enable = true; - declarativePlugins = with pkgs.grafanaPlugins; [ - grafana-lokiexplore-app - grafana-exploretraces-app - grafana-metricsdrilldown-app - grafana-pyroscope-app - - redis-datasource - redis-explorer-app - - volkovlabs-rss-datasource - ]; - - settings = { - log = { - level = "info"; - mode = "console"; - }; - - security = { - secret_key = config.sops.secrets."grafanaKey".path; - }; - - server = { - http_addr = "0.0.0.0"; - http_port = 3030; - domain = "grafana.hand7s.org"; - root_url = "https://grafana.hand7s.org"; - }; - - "auth.generic_oauth" = { - enabled = true; - name = "Zitadel"; - icon = "signin"; - scopes = "openid profile email offline_access urn:zitadel:iam:org:project:id:zitadel:aud"; - client_id = ""; - client_secret = ""; - auth_url = "https://zitadel.hand7s.org/oauth/v2/authorize"; - token_url = "http://zitadel.hand7s.org:8443/oauth/v2/token"; - api_url = "http://zitadel.hand7s.org:8443/oidc/v1/userinfo"; - tls_skip_verify_insecure = true; - allow_assign_grafana_admin = true; - role_attribute_strict = true; - skip_org_role_sync = false; - use_pkce = true; - - role_attribute_path = ''"urn:zitadel:iam:org:project:roles"."grafana-admin" && 'GrafanaAdmin' || 'Viewer' ''; - }; - - "auth" = { - disable_login_form = true; - signout_redirect_url = "https://zitadel.hand7s.org/oidc/v1/end_session"; - }; - }; - - provision = { - enable = true; - - datasources = { - settings = { - datasources = - [ - { - name = "Loki-LGTM"; - type = "loki"; - url = "http://127.0.0.1:3100"; - isDefault = false; - jsonData = { - derivedFields = [ - { - name = "traceID"; - matcherRegex = "traceID=(\\w+)"; - url = "http://127.0.0.1:3200"; - datasourceUid = "tempo"; - } - ]; - }; - } - - { - name = "Mimir-LGTM"; - type = "prometheus"; - url = "http://127.0.0.1:9009/prometheus"; - isDefault = true; - } - - { - name = "Tempo-LGTM"; - type = "tempo"; - uid = "tempo"; - url = "http://127.0.0.1:3200"; - jsonData = { - lokiSearch = { - datasourceUid = "loki"; - }; - - serviceMap = { - datasourceUid = "mimir"; - }; - - nodeGraph = { - enabled = true; - }; - }; - } - ] - ++ lib.forEach [ - "forgejo" - "loki" - "mimir" - "stalwart" - "traefik" - "zitadel" - ] ( - name: { - name = "Redis-${name}"; - type = "redis-datasource"; - url = "unix:/run/redis-${name}/redis.sock"; - secureJsonData = { - password = name; - }; - } - ); - }; - }; - }; - }; - }; -} diff --git a/viola/services/homepage.nix b/viola/services/homepage.nix index 322c070..2999560 100644 --- a/viola/services/homepage.nix +++ b/viola/services/homepage.nix @@ -1,8 +1,7 @@ -_: { +{...}: { services = { homepage-dashboard = { enable = true; - allowedHosts = "localhost:8080,127.0.0.1:8080,192.168.1.144:8080,100.109.71.194:8080,home.hand7s.org"; listenPort = 8080; settings = { @@ -12,83 +11,50 @@ _: { background = "https://w.wallhaven.cc/full/1q/wallhaven-1q87xv.png"; color = "violet"; headerStyle = "boxed"; + + layout = [ + { + Dev = { + iconsOnly = true; + }; + } + ]; }; bookmarks = [ + { + Dev = [ + { + GitHub = [ + { + abbr = "GH"; + href = "https://github.com/"; + } + ]; + } + + { + Forgejo = [ + { + abbr = "Forge"; + href = "https://git.hand7s.org/"; + } + ]; + } + + { + PivateBin = [ + { + abbr = "PB"; + href = "https://bin.hand7s.org/"; + } + ]; + } + ]; + } ]; services = [ - { - "Local-only" = [ - { - "Vaultwarden" = { - icon = "vaultwarden"; - href = "https://pass.hand7s.org"; - description = "vaultwarden"; - }; - } - - { - "Syncthing" = { - icon = "syncthing"; - href = "https://sync.hand7s.org"; - description = "syncing"; - }; - } - - { - "OpenWRT" = { - icon = "openwrt"; - href = "https://luci.hand7s.org"; - description = "router"; - }; - } - ]; - } - - { - "Local-host" = [ - { - "Grafana" = { - icon = "grafana"; - href = "https://grafana.hand7s.org"; - description = "observability"; - }; - } - - { - "Forgejo" = { - icon = "gitea"; - href = "https://git.hand7s.org"; - description = "git"; - }; - } - - { - "Woodpecker" = { - icon = "woodpecker-ci"; - href = "https://woodpecker.hand7s.org/"; - description = "cicd"; - }; - } - - { - "Stalwart" = { - icon = "stalwart"; - href = "https://mail.hand7s.org"; - description = "mail"; - }; - } - - { - "Zitadel" = { - icon = "zitadel"; - href = "https://zitadel.hand7s.org"; - description = "idp"; - }; - } - ]; - } ]; widgets = [ @@ -107,14 +73,6 @@ _: { }; } - { - search = { - provider = "perplexity"; - target = "_blank"; - focus = false; - }; - } - { resources = { cpu = true; diff --git a/viola/services/loki.nix b/viola/services/loki.nix deleted file mode 100644 index 5b2a6fb..0000000 --- a/viola/services/loki.nix +++ /dev/null @@ -1,127 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - services = { - loki = { - enable = true; - - configuration = { - auth_enabled = false; - server = { - http_listen_port = 3100; - grpc_listen_port = 9097; - }; - - common = { - replication_factor = 1; - path_prefix = "/var/lib/loki"; - ring = { - instance_addr = "127.0.0.1"; - kvstore = { - store = "inmemory"; - }; - }; - }; - - schema_config = { - configs = [ - { - from = "2025-01-01"; - store = "tsdb"; - object_store = "filesystem"; - schema = "v13"; - index = { - prefix = "index_"; - period = "24h"; - }; - } - ]; - }; - - storage_config = { - filesystem = { - directory = "/var/lib/loki/chunks"; - }; - }; - - chunk_store_config = { - chunk_cache_config = { - redis = { - endpoint = "127.0.0.1:6385"; - password = "loki"; - db = 0; - timeout = "500ms"; - expiration = "24h"; - }; - }; - }; - - compactor = { - working_directory = "/var/lib/loki/compactor"; - retention_enabled = true; - delete_request_store = "filesystem"; - }; - - limits_config = { - reject_old_samples = true; - reject_old_samples_max_age = "168h"; - retention_period = "720h"; - }; - - query_range = { - cache_results = true; - results_cache = { - cache = { - redis = { - endpoint = "127.0.0.1:6385"; - password = "loki"; - db = 0; - timeout = "500ms"; - expiration = "1h"; - }; - }; - }; - }; - - ruler = { - enable_api = true; - alertmanager_url = "http://127.0.0.1:9093"; - storage = { - type = "local"; - local = { - directory = "${pkgs.writeTextDir "fake/homelab.yaml" (lib.generators.toYAML {} { - groups = [ - { - name = "homelab"; - interval = "1m"; - rules = [ - { - alert = "HostDown"; - expr = ''absent_over_time({host="viola"}[10m])''; - for = "10m"; - labels = {severity = "critical";}; - annotations = { - summary = "Host viola not sending logs"; - }; - } - { - alert = "OOMKiller"; - expr = ''count_over_time({host="viola"} |= "Out of memory: Killed process" [5m]) > 0''; - labels = {severity = "warning";}; - annotations = { - summary = "OOM killer fired on viola"; - }; - } - ]; - } - ]; - })}"; - }; - }; - }; - }; - }; - }; -} diff --git a/viola/services/microbin.nix b/viola/services/microbin.nix deleted file mode 100644 index a79a074..0000000 --- a/viola/services/microbin.nix +++ /dev/null @@ -1,18 +0,0 @@ -{config, ...}: { - services = { - microbin = { - enable = true; - passwordFile = toString config.sops.secrets.microbinPass; - settings = { - MICROBIN_PORT = 8080; - MICROBIN_BIND = "[::]"; - MICROBIN_PUBLIC_PATH = "bin.hand7s.org"; - MICROBIN_READONLY = true; - MICROBIN_ENABLE_BURN_AFTER = true; - MICROBIN_DEFAULT_BURN_AFTER = 100; - MICROBIN_DEFAULT_EXPIRY = "1week"; - MICROBIN_QR = true; - }; - }; - }; -} diff --git a/viola/services/mimir.nix b/viola/services/mimir.nix deleted file mode 100644 index 0e93a63..0000000 --- a/viola/services/mimir.nix +++ /dev/null @@ -1,124 +0,0 @@ -{ - lib, - pkgs, - ... -}: { - services = { - mimir = { - enable = true; - - configuration = { - multitenancy_enabled = false; - - target = "all"; - server = { - http_listen_port = 9009; - }; - - common = { - storage = { - backend = "filesystem"; - filesystem = { - dir = "/var/lib/mimir"; - }; - }; - }; - - blocks_storage = { - backend = "filesystem"; - filesystem = { - dir = "/var/lib/mimir/blocks"; - }; - - tsdb = { - dir = "/var/lib/mimir/tsdb"; - }; - }; - - compactor = { - data_dir = "/var/lib/mimir/compactor"; - }; - - ingester = { - ring = { - instance_addr = "127.0.0.1"; - replication_factor = 1; - kvstore = { - store = "memberlist"; - }; - }; - }; - - store_gateway = { - sharding_ring = { - replication_factor = 1; - }; - }; - - ruler = { - alertmanager_url = "http://127.0.0.1:9093"; - }; - - ruler_storage = { - backend = "local"; - local = { - directory = "${pkgs.writeTextDir "anonymous/homelab.yml" (lib.generators.toYAML {} { - groups = [ - { - name = "homelab"; - interval = "1m"; - rules = [ - { - alert = "HighDiskUsage"; - expr = '' - (1 - node_btrfs_device_unused_bytes / node_btrfs_device_size_bytes) * 100 > 85 - ''; - for = "5m"; - labels = {severity = "warning";}; - annotations = { - summary = "High disk usage on {{ $labels.instance }}"; - }; - } - { - alert = "HighMemoryUsage"; - expr = '' - (1 - node_memory_MemAvailable_bytes / node_memory_MemTotal_bytes) * 100 > 90 - ''; - for = "5m"; - labels = {severity = "warning";}; - annotations = { - summary = "High memory usage on {{ $labels.instance }}"; - }; - } - { - alert = "HighCpuUsage"; - expr = '' - 100 - (avg by (instance) (rate(node_cpu_seconds_total{mode="idle"}[5m])) * 100) > 80 - ''; - for = "5m"; - labels = {severity = "warning";}; - annotations = { - summary = "High CPU usage on {{ $labels.instance }}"; - }; - } - { - alert = "ServiceDown"; - expr = '' - node_systemd_unit_state{state="active"} == 0 - ''; - for = "2m"; - labels = {severity = "critical";}; - annotations = { - summary = "Service {{ $labels.name }} is down on {{ $labels.instance }}"; - }; - } - ]; - } - ]; - })}"; - }; - }; - }; - }; - }; -} diff --git a/viola/services/openssh.nix b/viola/services/openssh.nix index e136f96..0abb7bf 100644 --- a/viola/services/openssh.nix +++ b/viola/services/openssh.nix @@ -5,7 +5,7 @@ allowSFTP = true; openFirewall = true; ports = [ - 6969 + 47345 ]; settings = { diff --git a/viola/services/postgresql.nix b/viola/services/postgresql.nix index c9e502b..62c57bb 100644 --- a/viola/services/postgresql.nix +++ b/viola/services/postgresql.nix @@ -1,4 +1,4 @@ -_: { +{...}: { services = { postgresql = { enable = true; @@ -44,8 +44,12 @@ _: { "zitadel" ]; + initialScript = ""; # nope + + authentication = ""; #nope + settings = { - port = "????"; + port = "${dbport}"; }; }; }; diff --git a/viola/services/privatebin.nix b/viola/services/privatebin.nix new file mode 100644 index 0000000..0db50ad --- /dev/null +++ b/viola/services/privatebin.nix @@ -0,0 +1,43 @@ +{...}: { + services = { + privatebin = { + enable = true; + enableNginx = true; + virtualHost = "bin.hand7s.org"; + settings = { + main = { + name = "hand7s bin"; + discussion = false; + qrcode = false; + compression = "none"; + defaultformatter = "plaintext"; + fileupload = false; + languageselection = false; + password = true; + sizelimit = 10 * 1000 * 1000; + template = "bootstrap5"; + }; + + expire = { + default = "1week"; + clone = false; + }; + + formatter_options = { + markdown = "Markdown"; + plaintext = "Plain Text"; + syntaxhighlighting = "Source Code"; + }; + + traffic = { + limit = 5; + }; + + purge = { + limit = 0; + batchsize = 10; + }; + }; + }; + }; +} diff --git a/viola/services/redis.nix b/viola/services/redis.nix index c0ce477..75fdfed 100644 --- a/viola/services/redis.nix +++ b/viola/services/redis.nix @@ -5,11 +5,47 @@ servers = { "forgejo" = { enable = true; - port = 6381; + port = "${cacheport1}"; logLevel = "warning"; databases = 16; maxclients = 10000; - requirePass = "forgejo"; + requirePass = "${cachepass1}"; + + settings = { + stop-writes-on-bgsave-error = "yes"; + rdbcompression = "yes"; + rdbchecksum = "yes"; + + maxmemory = "1GB"; + maxmemory-policy = "volatile-lru"; + maxmemory-samples = 3; + }; + + save = [ + [ + 900 + 1 + ] + + [ + 300 + 10 + ] + + [ + 60 + 1000 + ] + ]; + }; + + "woodpecker" = { + enable = false; + port = "${cacheport2}"; + logLevel = "warning"; + databases = 16; + maxclients = 10000; + requirePass = "${cachepass2}"; settings = { stop-writes-on-bgsave-error = "yes"; @@ -41,11 +77,11 @@ "stalwart" = { enable = true; - port = 6382; + port = "${cacheport3}"; logLevel = "warning"; databases = 16; maxclients = 10000; - requirePass = lib.hashString "md5" "stalwart"; + requirePass = "${cachepass3}"; settings = { stop-writes-on-bgsave-error = "yes"; @@ -77,11 +113,11 @@ "zitadel" = { enable = true; - port = 6383; + port = "${cacheport4}"; logLevel = "warning"; databases = 16; maxclients = 10000; - requirePass = lib.hashString "md5" "zitadel"; + requirePass = "${cachepass4}"; settings = { stop-writes-on-bgsave-error = "yes"; @@ -110,114 +146,6 @@ ] ]; }; - - "traefik" = { - enable = true; - port = 6384; - logLevel = "warning"; - databases = 16; - maxclients = 10000; - requirePass = lib.hashString "md5" "traefik"; - - settings = { - stop-writes-on-bgsave-error = "yes"; - rdbcompression = "yes"; - rdbchecksum = "yes"; - - maxmemory = "1GB"; - maxmemory-policy = "volatile-lru"; - maxmemory-samples = 3; - }; - - save = [ - [ - 900 - 1 - ] - - [ - 300 - 10 - ] - - [ - 60 - 1000 - ] - ]; - }; - - "loki" = { - enable = true; - port = 6385; - logLevel = "warning"; - databases = 16; - maxclients = 10000; - requirePass = lib.hashString "md5" "loki"; - - settings = { - stop-writes-on-bgsave-error = "yes"; - rdbcompression = "yes"; - rdbchecksum = "yes"; - - maxmemory = "1GB"; - maxmemory-policy = "allkeys-lru"; - maxmemory-samples = 3; - }; - - save = [ - [ - 900 - 1 - ] - - [ - 300 - 10 - ] - - [ - 60 - 1000 - ] - ]; - }; - - "mimir" = { - enable = true; - port = 6386; - logLevel = "warning"; - databases = 16; - maxclients = 10000; - requirePass = lib.hashString "md5" "mimir"; - - settings = { - stop-writes-on-bgsave-error = "yes"; - rdbcompression = "yes"; - rdbchecksum = "yes"; - - maxmemory = "1GB"; - maxmemory-policy = "allkeys-lru"; - maxmemory-samples = 3; - }; - - save = [ - [ - 900 - 1 - ] - - [ - 300 - 10 - ] - - [ - 60 - 1000 - ] - ]; - }; }; }; }; diff --git a/viola/services/resolved.nix b/viola/services/resolved.nix deleted file mode 100644 index 8c268e8..0000000 --- a/viola/services/resolved.nix +++ /dev/null @@ -1,39 +0,0 @@ -_: { - services = { - resolved = { - enable = true; - dnsovertls = "true"; - dnssec = "true"; - llmnr = "true"; - domains = [ - "~." - ]; - - fallbackDns = [ - # cf dns - "1.1.1.1" - "1.0.0.1" - "2606:4700:4700::1111" - "2606:4700:4700::1001" - - # google dns - "8.8.8.8" - "8.8.4.4" - "2001:4860:4860::8888" - "2001:4860:4860::8844" - - # q9 dns - "9.9.9.9" - "149.112.112.112" - "2620:fe::fe" - "2620:fe::9" - - # open dns - "208.67.222.222" - "208.67.220.220" - "2620:119:35::35" - "2620:119:53::53" - ]; - }; - }; -} diff --git a/viola/services/stalwart.nix b/viola/services/stalwart.nix index 4ef544f..9523498 100644 --- a/viola/services/stalwart.nix +++ b/viola/services/stalwart.nix @@ -1,118 +1,87 @@ -{config, ...}: { +_: { services = { - stalwart = { + stalwart-mail = { enable = true; settings = { - server = { - allowed-ip = [ - "127.0.0.1" - "100.109.201.146" - "192.168.1.0/24" - ]; + acme = { + "cloudflare" = { + default = true; + challenge = "dns-01"; + provider = "cloudflare"; + origin = "hand7s.org"; + secret = "${mail_secret}"; + contact = [ + "me@hand7s.org" + ]; - auto-ban = { - enable = false; - unban-after = "1h"; + email = "me@hand7s.org"; + directory = "https://acme-staging-v02.api.letsencrypt.org/directory"; + domains = [ + "mail.hand7s.org" + ]; }; + }; + + server = { + hostname = "mail.hand7s.org"; proxy = { trusted-networks = [ - "127.0.0.0/8" "::1" - "100.109.201.146" + "100.109.213.170/16" ]; }; - hostname = "mail.hand7s.org"; - - proxy-networks = [ - "127.0.0.1/32" - "100.109.201.146" - ]; - listener = { "lmtp" = { - bind = "0.0.0.0:24"; + bind = "[::]:24"; protocol = "lmtp"; }; "smtp" = { - bind = "0.0.0.0:25"; + bind = "[::]:25"; protocol = "smtp"; - proxy-protocol = true; }; "pop3" = { - bind = "0.0.0.0:110"; + bind = "[::]:110"; protocol = "pop3"; - proxy-protocol = true; }; "imap" = { - bind = "0.0.0.0:143"; + bind = "[::]:143"; protocol = "imap"; - proxy-protocol = true; - tls = { - enable = true; - implicit = false; - certificate = "default"; - }; }; "submissions" = { - bind = "0.0.0.0:465"; + bind = "[::]:465"; protocol = "smtp"; - proxy-protocol = true; - tls = { - certificate = "default"; - implicit = true; - enable = true; - }; }; "submission" = { - bind = "0.0.0.0:587"; + bind = "[::]:587"; protocol = "smtp"; - proxy-protocol = true; - tls = { - enable = true; - implicit = false; - certificate = "default"; - }; }; "imaptls" = { - bind = "0.0.0.0:993"; - protocol = "imap"; - proxy-protocol = true; - tls = { - certificate = "default"; - implicit = true; - enable = true; - }; + bind = "[::]:993"; + protocol = "smtp"; }; "pop3s" = { - bind = "0.0.0.0:995"; + bind = "[::]:995"; protocol = "pop3"; - proxy-protocol = true; - tls = { - certificate = "default"; - implicit = true; - enable = true; - }; }; "sieve" = { - bind = "0.0.0.0:4190"; - proxy-protocol = true; + bind = "[::]:4190"; protocol = "managesieve"; }; "management" = { protocol = "http"; bind = [ - "0.0.0.0:8980" + "127.0.0.1:8980" ]; }; }; @@ -133,54 +102,18 @@ }; store = { - "postgresql" = { - type = "postgresql"; - host = "localhost"; - timeout = "15s"; - - tls = { - enable = false; - allow-invalid-certs = false; - }; - - pool = { - max-connections = 10; - }; - }; - - "redis" = { - type = "redis"; - redis-type = "single"; - urls = ''redis+unix:///run/redis-stalwart/redis.sock?password=${config.services."stalwart".settings.requirePass}''; - timeout = "180s"; - }; - }; - - oauth = { - "zitadel" = { - type = "oidc"; - issuer = "http://zitadel.hand7s.org:8443/.well-known/openid-configuration"; - tls-allow-invalid-certs = true; - }; - }; - - directory = { - "zitadel" = { - type = "oidc"; - timeout = "1s"; - issuer = "http://zitadel.hand7s.org:8443/.well-known/openid-configuration"; - tls-allow-invalid-certs = true; - }; + # nope + # i'm not redacting my main config + # here to show it here + # refer to stalwart mail + # ty }; authentication = { - directories = [ - "zitadel" - ]; - - oauth = [ - "zitadel" - ]; + fallback-admin = { + user = "admin"; + secret = "admin"; + }; }; tracer = { @@ -190,14 +123,6 @@ level = "debug"; }; - otlp = { - enable = true; - type = "open-telemetry"; - endpoint = "http://127.0.0.1:4317"; - transport = "grpc"; - level = "info"; - }; - console = { enable = true; type = "console"; diff --git a/viola/services/sws.nix b/viola/services/sws.nix deleted file mode 100644 index 99d75cd..0000000 --- a/viola/services/sws.nix +++ /dev/null @@ -1,9 +0,0 @@ -_: { - services = { - static-web-server = { - enable = true; - listen = "0.0.0.0:8180"; - root = "/home/hand7s/site"; - }; - }; -} diff --git a/viola/services/tempo.nix b/viola/services/tempo.nix deleted file mode 100644 index 6ebd89b..0000000 --- a/viola/services/tempo.nix +++ /dev/null @@ -1,90 +0,0 @@ -_: { - services = { - tempo = { - enable = true; - - settings = { - server = { - http_listen_port = 3200; - grpc_listen_port = 9096; - }; - - distributor = { - receivers = { - otlp = { - protocols = { - grpc = { - endpoint = "0.0.0.0:4317"; - }; - - http = { - endpoint = "0.0.0.0:4318"; - }; - }; - }; - }; - }; - - ingester = { - lifecycler = { - ring = { - replication_factor = 1; - }; - }; - }; - - storage = { - trace = { - backend = "local"; - local = { - path = "/var/lib/tempo/blocks"; - }; - - block = { - version = "vParquet4"; - }; - - wal = { - path = "/var/lib/tempo/wal"; - }; - }; - }; - - compactor = { - compaction = { - block_retention = "720h"; - }; - }; - - metrics_generator = { - registry = { - external_labels = { - source = "tempo"; - }; - }; - - storage = { - path = "/var/lib/tempo/generator"; - remote_write = [ - { - url = "http://127.0.0.1:9009/api/v1/push"; - } - ]; - }; - }; - - overrides = { - defaults = { - metrics_generator = { - processors = [ - "service-graphs" - "span-metrics" - "local-blocks" - ]; - }; - }; - }; - }; - }; - }; -} diff --git a/viola/services/traefik.nix b/viola/services/traefik.nix deleted file mode 100644 index 0350407..0000000 --- a/viola/services/traefik.nix +++ /dev/null @@ -1,197 +0,0 @@ -{config, ...}: { - services = { - traefik = { - enable = true; - - environmentFiles = [ - config.sops.templates."traefik.env".path - ]; - - dynamicConfigOptions = { - http = { - routers = { - "home" = { - rule = "Host(`home.hand7s.org`)"; - service = "home-svc"; - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = "*.hand7s.org"; - } - ]; - }; - - entryPoints = [ - "websecure" - ]; - }; - - "pass" = { - rule = "Host(`pass.hand7s.org`)"; - service = "pass-svc"; - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = "*.hand7s.org"; - } - ]; - }; - - entryPoints = [ - "websecure" - ]; - }; - - "luci" = { - rule = "Host(`luci.hand7s.org`)"; - service = "luci-svc"; - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = "*.hand7s.org"; - } - ]; - }; - - entryPoints = [ - "websecure" - ]; - }; - - "sync" = { - rule = "Host(`sync.hand7s.org`)"; - service = "sync-svc"; - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = "*.hand7s.org"; - } - ]; - }; - }; - - entryPoints = [ - "websecure" - ]; - }; - - services = { - "home-svc" = { - loadBalancer = { - servers = [ - { - url = "http://127.0.0.1:8080"; - } - ]; - }; - }; - - "pass-svc" = { - loadBalancer = { - servers = [ - { - url = "http://127.0.0.1:53353"; - } - ]; - }; - }; - - "sync-svc" = { - loadBalancer = { - servers = [ - { - url = "http://127.0.0.1:80"; - } - ]; - }; - }; - - "luci-svc" = { - loadBalancer = { - servers = [ - { - url = "http://192.168.1.2"; - } - ]; - }; - }; - }; - }; - }; - - staticConfigOptions = { - api = { - dashboard = true; - }; - - tracing = { - otlp = { - grpc = { - endpoint = "127.0.0.1:4317"; - insecure = true; - }; - }; - }; - - certificatesResolvers = { - "cloudflare" = { - acme = { - email = "litvinovb0@gmail.com"; - storage = "${config.services.traefik.dataDir}/acme.json"; - dnsChallenge = { - provider = "cloudflare"; - resolvers = [ - "1.1.1.1:53" - "8.8.8.8:53" - ]; - }; - }; - }; - }; - - log = { - level = "INFO"; - }; - - entryPoints = { - "web" = { - address = ":80"; - http = { - redirections = { - entryPoint = { - to = "websecure"; - scheme = "https"; - }; - }; - }; - }; - - "websecure" = { - address = ":443"; - http = { - tls = { - certResolver = "cloudflare"; - domains = [ - { - main = "hand7s.org"; - sans = [ - "*.hand7s.org" - ]; - } - ]; - }; - }; - }; - }; - }; - }; - }; -} diff --git a/viola/services/vaultwarden.nix b/viola/services/vaultwarden.nix new file mode 100644 index 0000000..cddc3d6 --- /dev/null +++ b/viola/services/vaultwarden.nix @@ -0,0 +1,12 @@ +_: { + services = { + vaultwarden = { + enable = true; + dbBackend = "postgresql"; + config = { + # holy private thing + # im NOT sharing it here + }; + }; + }; +} diff --git a/viola/services/woodpecker.nix b/viola/services/woodpecker.nix index 2bfde39..c3fe436 100644 --- a/viola/services/woodpecker.nix +++ b/viola/services/woodpecker.nix @@ -1,40 +1,19 @@ -{lib, ...}: { +_: { services = { woodpecker-server = { - enable = true; + enable = false; environment = { - WOODPECKER_OPEN = toString true; - WOODPECKER_ADMINS = "s0me1newithhand7s"; + WOODPECKER_OPEN = "true"; WOODPECKER_DATABASE_DRIVER = "postgres"; - WOODPECKER_SERVER_ADDR = ":53351"; - WOODPECKER_GRPC_ADDR = ":53352"; - WOODPECKER_HOST = "https://woodpecker.hand7s.org"; + WOODPECKER_DATABASE_DATASOURCE = "${pqsql_socket}"; + WOODPECKER_SERVER_ADDR = "${ciport1}"; + WOODPECKER_GRPC_ADDR = "${ciport1}"; + WOODPECKER_HOST = "https://cicd.hand7s.org"; - WOODPECKER_AGENT_SECRET = lib.hashString "md5" "woodpeckerAgent"; - - WOODPECKER_FORGEJO = toString true; + WOODPECKER_FORGEJO = "true"; WOODPECKER_FORGEJO_URL = "https://git.hand7s.org"; - WOODPECKER_FORGEJO_CLIENT = lib.hashString "md5" "replaceme1"; - WOODPECKER_FORGEJO_SECRET = lib.hashString "md5" "replaceme2"; - }; - }; - - woodpecker-agents = { - agents = { - "podman" = { - enable = true; - extraGroups = [ - "podman" - ]; - - environment = { - WOODPECKER_AGENT_SECRET = lib.hashString "md5" "woodpeckerAgent"; - WOODPECKER_SERVER = "localhost:53352"; - WOODPECKER_MAX_WORKFLOWS = "4"; - WOODPECKER_BACKEND = "docker"; - DOCKER_HOST = "unix:///var/run/podman/podman.sock"; - }; - }; + WOODPECKER_FORGEJO_CLIENT = "${cisecret1}"; + FORGEJO_SECRET = "${cisecret2}"; }; }; }; diff --git a/viola/services/zitadel.nix b/viola/services/zitadel.nix index 1c7566d..9b1b65a 100644 --- a/viola/services/zitadel.nix +++ b/viola/services/zitadel.nix @@ -3,6 +3,7 @@ zitadel = { enable = true; tlsMode = "external"; + masterKeyFile = config.sops.secrets.zitadelMasterKey; steps = { FirstInstance = { @@ -23,7 +24,7 @@ PreferredLanguage = "en"; Email = { - Address = "admin@hand7s.org"; + Address = "me@hand7s.org"; Verified = true; }; }; @@ -37,17 +38,8 @@ ExternalDomain = "zitadel.hand7s.org"; ExternalSecure = true; - Machine = { - MachineID = { - Type = "static"; - Static = { - MachineID = 1; - }; - }; - }; - Log = { - Level = "info"; + Level = "debug"; }; Telemetry = { @@ -56,7 +48,15 @@ Database = { postgres = { - Host = "localhost"; + Host = "${dbhost}"; + Port = "${dbport}"; + Database = "zitadel"; + User = { + Username = "zitadel"; + SSL = { + Mode = "disable"; + }; + }; }; }; @@ -64,8 +64,8 @@ Connectors = { Redis = { Enabled = true; - Addr = "localhost:6383"; - Password = config.services.stalwart-mail.settings.requirePass; + Addr = "${cahceaddress}"; + Password = "${cahcepass}"; PoolSize = "900"; PoolTimeout = "1800s"; }; diff --git a/viola/systemd/tmpfiles/rules.nix b/viola/systemd/tmpfiles/rules.nix deleted file mode 100644 index a9a94f5..0000000 --- a/viola/systemd/tmpfiles/rules.nix +++ /dev/null @@ -1,9 +0,0 @@ -_: { - systemd = { - tmpfiles = { - rules = [ - # chaos - ]; - }; - }; -} diff --git a/viola/users/users/hand7s.nix b/viola/users/users/hand7s.nix index c80bf46..141b5a3 100644 --- a/viola/users/users/hand7s.nix +++ b/viola/users/users/hand7s.nix @@ -8,17 +8,8 @@ _: { initialHashedPassword = "$6$ckgRhNWmJgSwOUpJ$kfeAdokd5fa76HWbTmWN2YXx4M/PQVOTJku1ODbqbBhEkUFiLftdaJFRnNXfIM3Jtz0ShoRMSVCB7mDkxDrdi/"; extraGroups = [ "wheel" - "networkmanager" "docker" ]; - - openssh = { - authorizedKeys = { - keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDp2IIdR5jV1HyG4aiRX7SfTNrXDhCx5rTiFU40qkOKq litvinovb0@gmail.com" - ]; - }; - }; }; }; }; diff --git a/viola/virtualisation/docker.nix b/viola/virtualisation/docker.nix index b5b81d7..805ac30 100644 --- a/viola/virtualisation/docker.nix +++ b/viola/virtualisation/docker.nix @@ -1,11 +1,9 @@ _: { virtualisation = { - podman = { + docker = { enable = true; - defaultNetwork = { - settings = { - dns_enabled = true; - }; + rootless = { + enable = true; }; }; }; diff --git a/wanda/environment/variables.nix b/wanda/environment/variables.nix index 9fd91b8..9c47685 100644 --- a/wanda/environment/variables.nix +++ b/wanda/environment/variables.nix @@ -1,6 +1,7 @@ {config, ...}: { environment = { variables = { + AMD_VULKAN_ICD = "AMDVLK"; HOSTNAME = config.networking.hostName; QT_QPA_PLATFORM = "wayland"; SDL_VIDEODRIVER = "wayland"; diff --git a/wanda/home-manager/users.nix b/wanda/home-manager/users.nix index 0a5f3e3..ac58a26 100644 --- a/wanda/home-manager/users.nix +++ b/wanda/home-manager/users.nix @@ -4,10 +4,13 @@ "hand7s" = { imports = [ "${self}/hand7s/" + self.inputs.agenix.homeManagerModules.default + self.inputs.agenix.homeManagerModules.default self.inputs.spicetify-nix.homeManagerModules.default self.inputs.hyprland.homeManagerModules.default self.inputs.chaotic.homeManagerModules.default self.inputs.sops-nix.homeManagerModules.sops + self.inputs.nix-index-database.homeModules.nix-index self.inputs.noctalia.homeModules.default ]; diff --git a/wanda/networking/firewall.nix b/wanda/networking/firewall.nix index 6659b35..1287f81 100644 --- a/wanda/networking/firewall.nix +++ b/wanda/networking/firewall.nix @@ -3,28 +3,6 @@ _: { firewall = { allowPing = true; enable = true; - checkReversePath = false; - - interfaces = { - eno1 = rec { - allowedTCPPortRanges = [ - { - from = 1714; - to = 1764; - } - ]; - - allowedUDPPortRanges = allowedTCPPortRanges; - }; - - salt-hand7s-pc = rec { - allowedTCPPorts = [ - 6567 - ]; - - allowedUDPPorts = allowedTCPPorts; - }; - }; }; }; } diff --git a/wanda/networking/hostname.nix b/wanda/networking/hostname.nix index 6fa24b6..c91aef8 100644 --- a/wanda/networking/hostname.nix +++ b/wanda/networking/hostname.nix @@ -1,5 +1,5 @@ _: { networking = { - hostName = "wand"; + hostName = "wanda"; }; } diff --git a/wanda/networking/hosts.nix b/wanda/networking/hosts.nix new file mode 100644 index 0000000..2ebdee6 --- /dev/null +++ b/wanda/networking/hosts.nix @@ -0,0 +1,7 @@ +_: { + networking = { + hosts = { + # nope. + }; + }; +} diff --git a/wanda/security/pam/yubico.nix b/wanda/security/pam/yubico.nix index c172958..cd8a4a1 100644 --- a/wanda/security/pam/yubico.nix +++ b/wanda/security/pam/yubico.nix @@ -7,7 +7,7 @@ _: { mode = "challenge-response"; control = "sufficient"; id = [ - "funnyID" + "1873055870" ]; }; }; diff --git a/wanda/services/openssh.nix b/wanda/services/openssh.nix index e136f96..989beca 100644 --- a/wanda/services/openssh.nix +++ b/wanda/services/openssh.nix @@ -5,7 +5,7 @@ allowSFTP = true; openFirewall = true; ports = [ - 6969 + 48630 ]; settings = { diff --git a/wanda/services/zerotier.nix b/wanda/services/zerotier.nix new file mode 100644 index 0000000..42e91a8 --- /dev/null +++ b/wanda/services/zerotier.nix @@ -0,0 +1,10 @@ +_: { + services = { + zerotierone = { + enable = true; + joinNetworks = [ + # + ]; + }; + }; +} diff --git a/wanda/time/timeZone.nix b/wanda/time/timeZone.nix index 0bd1f2a..cef1656 100644 --- a/wanda/time/timeZone.nix +++ b/wanda/time/timeZone.nix @@ -1,5 +1,6 @@ _: { time = { timeZone = "Europe/Moscow"; + hardwareClockInLocalTime = true; }; } diff --git a/wanda/users/users/hand7s.nix b/wanda/users/users/hand7s.nix index 866be86..39aed35 100644 --- a/wanda/users/users/hand7s.nix +++ b/wanda/users/users/hand7s.nix @@ -5,18 +5,10 @@ _: { description = "me"; isSystemUser = false; isNormalUser = true; - initialHashedPassword = lib.hashString "sha512" "hand7s"; + initialHashedPassword = "$6$ckgRhNWmJgSwOUpJ$kfeAdokd5fa76HWbTmWN2YXx4M/PQVOTJku1ODbqbBhEkUFiLftdaJFRnNXfIM3Jtz0ShoRMSVCB7mDkxDrdi/"; extraGroups = [ "wheel" ]; - - openssh = { - authorizedKeys = { - keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDp2IIdR5jV1HyG4aiRX7SfTNrXDhCx5rTiFU40qkOKq litvinovb0@gmail.com" - ]; - }; - }; }; }; }; diff --git a/wanda/users/users/root.nix b/wanda/users/users/root.nix index 2039a85..faa89b7 100644 --- a/wanda/users/users/root.nix +++ b/wanda/users/users/root.nix @@ -1,8 +1,8 @@ -{lib, ...}: { +_: { users = { users = { "root" = { - initialHashedPassword = lib.hashString "sha512" "root"; + initialHashedPassword = "$6$n4OLMvYHHStHvtmr$6OL0NV1dEM2b6oJRewkhuoFxM80lI67tfbJ6QkCg8WAA1gbeKrcwDAuJjm8zvpY4zcDR3Z5Zbo8uebfOi6XXF0"; }; }; };